File
Index
Properties
|
|
|
Methods
|
|
|
Inputs
|
|
|
Accessors
|
|
|
|
preferredLoginOptionType
|
Type : TenantLoginOptionType
|
Default value : TenantLoginOptionType.BASIC
|
|
SMS_APP_NOT_SUBSCRIBED_POPOVER
|
Default value : gettext('SMS strategy requires messaging application to be subscribed.')
|
|
tenantLoginOptionTypeEnum
|
Default value : TenantLoginOptionType
|
|
TFA_IS_ENABLED_BY_ENFORCE_FOR_GROUP_POPOVER
|
Default value : gettext(
'The setting is enabled on the platform level because it is enforced for particular roles.'
)
|
|
TFA_IS_ENABLED_BY_SYSTEM_POPOVER
|
Default value : gettext('The setting is enabled on the platform level.')
|
|
TFA_IS_ENFORCED_BY_SYSTEM_POPOVER
|
Default value : gettext('The setting is enforced on the platform level.')
|
|
tfaStateEnum
|
Default value : TfaStateEnum
|
|
tfaStrategyEnum
|
Default value : TfaStrategy
|
|
TOKEN_VALIDITY_DETERMINED_BY_JWT_POPOVER
|
Default value : gettext(
"In OAI-Secure login mode, the token's validity limit is determined by the JWT token and cannot be edited here."
)
|
|
TOTP_REQUIRES_OAUTH_POPOVER
|
Default value : gettext('TOTP requires OAI-Secure login mode.')
|
Accessors
|
tenantTfaTokenValidity
|
gettenantTfaTokenValidity()
|
settenantTfaTokenValidity(value)
|
|
|
|
tenantTfaPinValidity
|
gettenantTfaPinValidity()
|
settenantTfaPinValidity(value)
|
|
|
|
tenantTfaEnabled
|
gettenantTfaEnabled()
|
settenantTfaEnabled(value)
|
|
|
|
tenantTfaEnforced
|
gettenantTfaEnforced()
|
settenantTfaEnforced(value)
|
|
|
|
tenantTfaStrategy
|
gettenantTfaStrategy()
|
settenantTfaStrategy(value)
|
|
|
|
systemTfaEnforcedGroup
|
getsystemTfaEnforcedGroup()
|
|
systemTfaTenantScopeSettingEnabled
|
getsystemTfaTenantScopeSettingEnabled()
|
|
systemTfaEnabled
|
getsystemTfaEnabled()
|
|
systemTfaEnforced
|
getsystemTfaEnforced()
|
|
tfaBySmsCanBeSet
|
gettfaBySmsCanBeSet()
|
|
tfaByTotpCanBeSet
|
gettfaByTotpCanBeSet()
|
<div
class="card-block separator-top"
*ngIf="preferredLoginOptionType !== tenantLoginOptionTypeEnum.OAUTH2"
>
<div class="col-sm-2">
<h4 class="text-right">{{ 'Two-factor authentication' | translate }}</h4>
</div>
<div class="col-sm-9">
<c8y-form-group>
<label
class="c8y-switch"
title="{{ 'Enable two-factor authentication' | translate }}"
*ngIf="
tfaState === tfaStateEnum.TFA_UNDEFINED_BY_SYSTEM;
else enabledOrEnforcedOnSystemLevelTemplate
"
>
<input type="checkbox" [(ngModel)]="tenantTfaEnabled" name="tenantTfaEnabled" />
<span></span>
<span>{{ 'Enable' | translate }}</span>
</label>
<ng-template #enabledOrEnforcedOnSystemLevelTemplate>
<div [ngSwitch]="tfaState">
<span *ngSwitchCase="tfaStateEnum.TFA_ENABLED_BY_SYSTEM">
{{ 'Two-factor authentication is enabled on all users' | translate }}
<button
class="btn btn-clean"
popover="{{ TFA_IS_ENABLED_BY_SYSTEM_POPOVER | translate }}"
[outsideClick]="true"
placement="bottom"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
</span>
<div *ngSwitchCase="tfaStateEnum.TFA_ENFORCED_BY_SYSTEM">
<span>
{{ 'Two-factor authentication is enforced on all users' | translate }}
<button
class="btn btn-clean"
popover="{{ TFA_IS_ENFORCED_BY_SYSTEM_POPOVER | translate }}"
placement="bottom"
[outsideClick]="true"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
</span>
</div>
<div *ngSwitchCase="tfaStateEnum.TFA_ENFORCED_FOR_GROUP">
<span>
<span translate [translateParams]="{ role: systemTfaEnforcedGroup }" ngNonBindable>
Two-factor authentication is enabled on all users and enforced on users with role
{{ role }}.
</span>
<button
class="btn btn-clean"
popover="{{ TFA_IS_ENABLED_BY_ENFORCE_FOR_GROUP_POPOVER | translate }}"
[outsideClick]="true"
placement="bottom"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
</span>
</div>
</div>
</ng-template>
</c8y-form-group>
<fieldset *ngIf="tfaBySmsCanBeSet || tfaByTotpCanBeSet">
<div class="row">
<c8y-form-group class="col-sm-6">
<label title="{{ 'TFA strategy' | translate }}">
{{ 'TFA strategy' | translate }}
<button
class="btn btn-clean"
popover="{{ SMS_APP_NOT_SUBSCRIBED_POPOVER | translate }}"
placement="bottom"
[outsideClick]="true"
*ngIf="!tfaBySmsCanBeSet"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
<button
class="btn btn-clean"
popover="{{ TOTP_REQUIRES_OAUTH_POPOVER | translate }}"
placement="bottom"
[outsideClick]="true"
*ngIf="!tfaByTotpCanBeSet"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
</label>
<div class="c8y-select-wrapper">
<select class="form-control" [(ngModel)]="tenantTfaStrategy" name="tenantTfaStrategy">
<option value="{{ tfaStrategyEnum.SMS }}" translate [disabled]="!tfaBySmsCanBeSet">
SMS based
</option>
<option value="{{ tfaStrategyEnum.TOTP }}" translate [disabled]="!tfaByTotpCanBeSet">
Google Authenticator (TOTP)
</option>
</select>
<span></span>
</div>
</c8y-form-group>
</div>
<div
class="row"
*ngIf="
tenantTfaStrategy === tfaStrategyEnum.TOTP &&
tfaState !== tfaStateEnum.TFA_ENFORCED_BY_SYSTEM
"
>
<label title="{{ 'Enforcement' | translate }}">{{ 'Enforcement' | translate }}</label>
<div class="form-control-static">
<label
title="{{ 'Enforce two-factor authentication on all users' | translate }}"
class="c8y-switch"
>
<input type="checkbox" name="tenantTfaEnforced" [(ngModel)]="tenantTfaEnforced" />
<span></span>
<span>{{ 'Enforce two-factor authentication on all users' | translate }}</span>
</label>
</div>
</div>
<div class="row" *ngIf="tenantTfaStrategy === tfaStrategyEnum.SMS">
<div class="col-sm-6">
<c8y-form-group>
<label title="{{ 'Token validity limit' | translate }}"
>{{ 'Token validity limit' | translate }}
<button
class="btn btn-clean"
popover="{{ TFA_IS_ENFORCED_BY_SYSTEM_POPOVER | translate }}"
placement="right"
[outsideClick]="true"
*ngIf="!systemTfaTenantScopeSettingEnabled"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
<button
class="btn btn-clean"
popover="{{ TOKEN_VALIDITY_DETERMINED_BY_JWT_POPOVER | translate }}"
placement="right"
[outsideClick]="true"
*ngIf="
systemTfaTenantScopeSettingEnabled &&
preferredLoginOptionType === tenantLoginOptionTypeEnum.OAUTH2_INTERNAL
"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
</label>
<div class="input-group">
<input
type="number"
class="form-control text-right"
name="tenantTfaTokenValidity"
[(ngModel)]="tenantTfaTokenValidity"
[disabled]="
!systemTfaTenantScopeSettingEnabled ||
preferredLoginOptionType === tenantLoginOptionTypeEnum.OAUTH2_INTERNAL
"
[required]="systemTfaTenantScopeSettingEnabled"
[max]="999999"
[min]="0"
/>
<span class="input-group-addon" translate>minutes</span>
</div>
</c8y-form-group>
</div>
<div class="col-sm-6">
<c8y-form-group>
<label title="{{ 'Verification code validity limit' | translate }}">
{{ 'Verification code validity limit' | translate }}
<button
class="btn btn-clean"
popover="{{ TFA_IS_ENFORCED_BY_SYSTEM_POPOVER | translate }}"
[outsideClick]="true"
placement="right"
*ngIf="!systemTfaTenantScopeSettingEnabled"
>
<i [c8yIcon]="'question-circle-o'" class="text-info"></i>
</button>
</label>
<div class="input-group">
<input
type="number"
class="form-control text-right"
name="tenantTfaPinValidity"
[(ngModel)]="tenantTfaPinValidity"
[disabled]="!systemTfaTenantScopeSettingEnabled"
[required]="systemTfaTenantScopeSettingEnabled"
[max]="999999"
[min]="0"
/>
<span class="input-group-addon" translate>minutes</span>
</div>
</c8y-form-group>
</div>
</div>
</fieldset>
<div
*ngIf="
preferredLoginOptionType !== tenantLoginOptionTypeEnum.OAUTH2_INTERNAL &&
!smsGatewayAvailable
"
>
<div class="alert alert-warning">
<strong>{{ 'None of TFA strategy can be set.' | translate }}</strong><br />
{{ SMS_APP_NOT_SUBSCRIBED_POPOVER | translate }}<br />
{{ TOTP_REQUIRES_OAUTH_POPOVER | translate }}
</div>
</div>
</div>
</div>