key-cape/src/internal/adapters/privacyidea/config.go

37 lines
1.1 KiB
Go
Raw Normal View History

// Package privacyidea implements the domain.MFAProvider interface by delegating
// all MFA decisions to a privacyIDEA server. KeyCape contains no MFA logic —
// every check and validation call is forwarded verbatim to privacyIDEA.
package privacyidea
import "net/http"
// Config holds all connection parameters for the privacyIDEA adapter.
type Config struct {
// BaseURL is the privacyIDEA server base URL, e.g. "https://privacyidea.local".
BaseURL string
// AdminToken is the service-account JWT used to authenticate requests to the
// privacyIDEA admin API.
AdminToken string
// Realm is the privacyIDEA realm to scope token and validate requests.
// Defaults to "netkingdom" when empty.
Realm string
}
// realm returns the effective realm, falling back to "netkingdom".
func (c Config) realm() string {
if c.Realm != "" {
return c.Realm
}
return "netkingdom"
}
// HTTPClient is a minimal interface over net/http.Client for test injection.
type HTTPClient interface {
Do(req *http.Request) (*http.Response, error)
}
// defaultHTTPClient is the production HTTP client used when none is injected.
var defaultHTTPClient HTTPClient = &http.Client{}