[pmg-devel] [PATCH pve-common v6 1/12] add Schema package with auth module that contains realm sync options

Markus Frank m.frank at proxmox.com
Tue Feb 25 14:36:08 CET 2025 

This is because these standard options & formats are used by both PVE
and PMG. Schema-definitions are based on:
pve-access-control/src/PVE/Auth/Plugin.pm

Signed-off-by: Markus Frank <m.frank at proxmox.com>
---
v6: removed schema-definitions only used by PVE

 src/Makefile           |  2 ++
 src/PVE/Schema/Auth.pm | 46 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 src/PVE/Schema/Auth.pm

diff --git a/src/Makefile b/src/Makefile
index 2d8bdc4..833bbc1 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -29,6 +29,7 @@ LIB_SOURCES = \
 	RESTEnvironment.pm \
 	RESTHandler.pm \
 	SafeSyslog.pm \
+	Schema/Auth.pm \
 	SectionConfig.pm \
 	SysFSTools.pm \
 	Syscall.pm \
@@ -41,6 +42,7 @@ all:
 install: $(addprefix PVE/,${LIB_SOURCES})
 	install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE
 	install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/Job
+	install -d -m 0755 ${DESTDIR}${PERLDIR}/PVE/Schema
 	for i in ${LIB_SOURCES}; do install -D -m 0644 PVE/$$i ${DESTDIR}${PERLDIR}/PVE/$$i; done
 
 
diff --git a/src/PVE/Schema/Auth.pm b/src/PVE/Schema/Auth.pm
new file mode 100644
index 0000000..031301e
--- /dev/null
+++ b/src/PVE/Schema/Auth.pm
@@ -0,0 +1,46 @@
+package PVE::Schema::Auth;
+
+use strict;
+use warnings;
+
+use PVE::JSONSchema qw(parse_property_string);
+
+my $tfa_format = {
+    type => {
+	description => "The type of 2nd factor authentication.",
+	format_description => 'TFATYPE',
+	type => 'string',
+	enum => [qw(oath)],
+    },
+    digits => {
+	description => "TOTP digits.",
+	format_description => 'COUNT',
+	type => 'integer',
+	minimum => 6, maximum => 8,
+	default => 6,
+	optional => 1,
+    },
+    step => {
+	description => "TOTP time period.",
+	format_description => 'SECONDS',
+	type => 'integer',
+	minimum => 10,
+	default => 30,
+	optional => 1,
+    },
+};
+
+PVE::JSONSchema::register_format('pve-tfa-config', $tfa_format);
+
+PVE::JSONSchema::register_standard_option('tfa', {
+    description => "Use Two-factor authentication.",
+    type => 'string', format => 'pve-tfa-config',
+    optional => 1,
+    maxLength => 128,
+});
+
+sub parse_tfa_config {
+    my ($data) = @_;
+
+    return parse_property_string($tfa_format, $data);
+}
-- 
2.39.5

More information about the pmg-devel mailing list