mirror of
https://github.com/hashicorp/vault.git
synced 2026-02-10 18:31:20 +01:00
d8ecd066b8
* updates auth method options route to use form and api client * updates auth method config and section routes to use api client and open api form * updates display attrs for auth method configs * fixes plugin identity util fields tests * fixes js lint error * updates enable-tune-form tests * hides specific form field for jwt/oidc auth config types * Revert "updates display attrs for auth method configs" This reverts commit 5d382f79276f56b3fdbe64fcbc9c8365c5f4b421. * Revert "fixes plugin identity util fields tests" This reverts commit 6d4acbe3228c796745f2dea6279c1540bb053c62. * fixes config section test * bumps api client version * updates auth config form options component to use proper endpoint * fixes enable tune form tests * fixes auth config form options tests * fixes type errors in snapshot-manage component * updates recover_source_path arg to undefined so it is not included in the query params * fixes remaining test failures related to user_lockout_config --------- Co-authored-by: Vault Automation <github-team-secure-vault-core@hashicorp.com>
72 lines
2.7 KiB
TypeScript
72 lines
2.7 KiB
TypeScript
/**
|
|
* Copyright (c) HashiCorp, Inc.
|
|
* SPDX-License-Identifier: BUSL-1.1
|
|
*/
|
|
|
|
import MountForm from 'vault/forms/mount';
|
|
import FormField from 'vault/utils/forms/field';
|
|
import FormFieldGroup from 'vault/utils/forms/field-group';
|
|
|
|
import type { AuthMethodFormData } from 'vault/auth/methods';
|
|
|
|
export default class AuthMethodForm extends MountForm<AuthMethodFormData> {
|
|
fieldProps = ['tuneFields', 'userLockoutConfigFields'];
|
|
|
|
userLockoutConfigFields = [
|
|
new FormField('user_lockout_config.lockout_threshold', 'string', {
|
|
label: 'Lockout threshold',
|
|
subText: 'Specifies the number of failed login attempts after which the user is locked out, e.g. 15.',
|
|
}),
|
|
new FormField('user_lockout_config.lockout_duration', undefined, {
|
|
label: 'Lockout duration',
|
|
helperTextEnabled: 'The duration for which a user will be locked out, e.g. "5s" or "30m".',
|
|
editType: 'ttl',
|
|
helperTextDisabled: 'No lockout duration configured.',
|
|
}),
|
|
|
|
new FormField('user_lockout_config.lockout_counter_reset', undefined, {
|
|
label: 'Lockout counter reset',
|
|
helperTextEnabled:
|
|
'The duration after which the lockout counter is reset with no failed login attempts, e.g. "5s" or "30m".',
|
|
editType: 'ttl',
|
|
helperTextDisabled: 'No reset duration configured.',
|
|
}),
|
|
new FormField('user_lockout_config.lockout_disable', 'boolean', {
|
|
label: 'Disable lockout for this mount',
|
|
subText: 'If checked, disables the user lockout feature for this mount.',
|
|
}),
|
|
];
|
|
|
|
get tuneFields() {
|
|
const readOnly = ['local', 'seal_wrap'];
|
|
return this.formFieldGroups[1]?.['Method Options']?.filter((field) => {
|
|
const isTuneable = !readOnly.includes(field.name);
|
|
return isTuneable || (field.name === 'token_type' && this.normalizedType === 'token');
|
|
});
|
|
}
|
|
|
|
formFieldGroups = [
|
|
new FormFieldGroup('default', [this.fields.path]),
|
|
new FormFieldGroup('Method Options', [
|
|
this.fields.description,
|
|
this.fields.listingVisibility,
|
|
this.fields.local,
|
|
this.fields.sealWrap,
|
|
this.fields.defaultLeaseTtl,
|
|
this.fields.maxLeaseTtl,
|
|
new FormField('config.token_type', 'string', {
|
|
label: 'Token type',
|
|
helpText:
|
|
'The type of token that should be generated via this role. For `default-service` and `default-batch` service and batch tokens will be issued respectively, unless the auth method explicitly requests a different type.',
|
|
possibleValues: ['default-service', 'default-batch', 'batch', 'service'],
|
|
noDefault: true,
|
|
}),
|
|
this.fields.auditNonHmacRequestKeys,
|
|
this.fields.auditNonHmacResponseKeys,
|
|
this.fields.passthroughRequestHeaders,
|
|
this.fields.allowedResponseHeaders,
|
|
this.fields.pluginVersion,
|
|
]),
|
|
];
|
|
}
|