implemented api for mfa configuration

2026-04-25 03:36:41 +00:00 · 2026-04-16 14:53:40 +02:00
parent 77b65d9475
commit 59abdc2363
10 changed files with 135 additions and 21 deletions
--- a/combined/cmd/config.go
+++ b/combined/cmd/config.go
@@ -135,8 +135,9 @@ type ManagementConfig struct {
 type AuthConfig struct {
 	Issuer                          string            `yaml:"issuer"`
 	LocalAuthDisabled               bool              `yaml:"localAuthDisabled"`
-	EnableLocalMFA                  bool              `yaml:"enableLocalMFA"`
 	SignKeyRefreshEnabled           bool              `yaml:"signKeyRefreshEnabled"`
+	MfaSessionMaxLifetime           string            `yaml:"mfaSessionMaxLifetime"`
+	MfaSessionIdleTimeout           string            `yaml:"mfaSessionIdleTimeout"`
 	Storage                         AuthStorageConfig `yaml:"storage"`
 	DashboardRedirectURIs           []string          `yaml:"dashboardRedirectURIs"`
 	CLIRedirectURIs                 []string          `yaml:"cliRedirectURIs"`
@@ -584,10 +585,11 @@ func (c *CombinedConfig) buildEmbeddedIdPConfig(mgmt ManagementConfig) (*idp.Emb

 	cfg := &idp.EmbeddedIdPConfig{
 		Enabled:               true,
-		EnableMFA:             mgmt.Auth.EnableLocalMFA,
 		Issuer:                mgmt.Auth.Issuer,
 		LocalAuthDisabled:     mgmt.Auth.LocalAuthDisabled,
 		SignKeyRefreshEnabled: mgmt.Auth.SignKeyRefreshEnabled,
+		MfaSessionMaxLifetime: mgmt.Auth.MfaSessionMaxLifetime,
+		MfaSessionIdleTimeout: mgmt.Auth.MfaSessionIdleTimeout,
 		Storage: idp.EmbeddedStorageConfig{
 			Type: authStorageType,
 			Config: idp.EmbeddedStorageTypeConfig{