upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-28 04:10:44 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
vault/ui/app/forms/auth/method.ts
Vault Automation e30d937d03
Backport [UI] Ember Data Migration - Core Addon - Search Select into ce/main (#14952) 
* no-op commit

* backports 2a98c83

* fixes conflicts

---------

Co-authored-by: Jordan Reimer <zofskeez@gmail.com>
Co-authored-by: Jordan Reimer <jordan.reimer@hashicorp.com>
2026-05-22 09:58:00 -06:00

89 lines
3.3 KiB
TypeScript
Raw Permalink Blame History

/**
* Copyright IBM Corp. 2016, 2025
* SPDX-License-Identifier: BUSL-1.1
*/
import MountForm from 'vault/forms/mount';
import FormField from 'vault/utils/forms/field';
import FormFieldGroup from 'vault/utils/forms/field-group';
import { ALL_ENGINES } from 'core/utils/all-engines-metadata';
import type { AuthMethodFormData } from 'vault/auth/methods';
export default class AuthMethodForm extends MountForm<AuthMethodFormData> {
fieldProps = ['tuneFields', 'userLockoutConfigFields'];
userLockoutConfigFields = [
new FormField('user_lockout_config.lockout_threshold', 'string', {
label: 'Lockout threshold',
subText: 'Specifies the number of failed login attempts after which the user is locked out, e.g. 15.',
}),
new FormField('user_lockout_config.lockout_duration', undefined, {
label: 'Lockout duration',
helperTextEnabled: 'The duration for which a user will be locked out, e.g. "5s" or "30m".',
editType: 'ttl',
helperTextDisabled: 'No lockout duration configured.',
}),
new FormField('user_lockout_config.lockout_counter_reset', undefined, {
label: 'Lockout counter reset',
helperTextEnabled:
'The duration after which the lockout counter is reset with no failed login attempts, e.g. "5s" or "30m".',
editType: 'ttl',
helperTextDisabled: 'No reset duration configured.',
}),
new FormField('user_lockout_config.lockout_disable', 'boolean', {
label: 'Disable lockout for this mount',
subText: 'If checked, disables the user lockout feature for this mount.',
}),
];
get tuneFields() {
const readOnly = ['local', 'seal_wrap'];
// 'token_type' cannot be set for the 'token' auth method
if (this.normalizedType === 'token') {
readOnly.push('config.token_type');
}
return this.formFieldGroups[1]?.['Method Options']?.filter((field) => {
return !readOnly.includes(field.name);
});
}
get optionFields() {
const isWIF = !!ALL_ENGINES.find((engine) => engine.type === this.normalizedType && engine.isWIF);
const keyField = new FormField('config.identity_token_key', undefined, {
label: 'Identity token key',
subText: `A named key to sign tokens. If not provided, this will default to Vault's OIDC default key.`,
editType: 'yield',
});
return [
this.fields.description,
this.fields.listingVisibility,
this.fields.local,
this.fields.sealWrap,
this.fields.defaultLeaseTtl,
this.fields.maxLeaseTtl,
...(isWIF ? [keyField] : []),
new FormField('config.token_type', 'string', {
label: 'Token type',
helpText:
'The type of token that should be generated via this role. For `default-service` and `default-batch` service and batch tokens will be issued respectively, unless the auth method explicitly requests a different type.',
possibleValues: ['default-service', 'default-batch', 'batch', 'service'],
noDefault: true,
}),
this.fields.auditNonHmacRequestKeys,
this.fields.auditNonHmacResponseKeys,
this.fields.passthroughRequestHeaders,
this.fields.allowedResponseHeaders,
this.fields.pluginVersion,
];
}
get formFieldGroups() {
return [
new FormFieldGroup('default', [this.fields.path]),
new FormFieldGroup('Method Options', this.optionFields),
];
}
}
Reference in a new issue View git blame Copy permalink