RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(commands): storage import/export commands (#4545) 

This adds commands to export and import TOTP configurations and Webauthn devices as YAML.
pull/4632/head
James Elliott 2022-12-23 15:00:23 +11:00 committed by GitHub
parent 0130edb870
commit d7ab3bb633
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
73 changed files with 1762 additions and 673 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
docs/content/en/configuration/second-factor/time-based-one-time-password.md
View File

@ -169,23 +169,8 @@ This may be inconvenient for some users who wish to export TOTP keys from Authel
a command specifically for exporting TOTP configurations from the database. These commands require the configuration or
at least a minimal configuration that has the storage backend connection details and the encryption key.
Export in [Key URI Format](https://github.com/google/google-authenticator/wiki/Key-Uri-Format):
```bash
authelia storage user totp export --format uri
```
Export as CSV:
```bash
authelia storage user totp export --format csv
```
Help:
```bash
authelia storage user totp export --help
```
See the [CLI Documentation](../../reference/cli/authelia/authelia_storage_user_totp_export.md) for methods to perform
exports.
[RFC4226]: https://www.rfc-editor.org/rfc/rfc4226.html
[RFC6238]: https://www.rfc-editor.org/rfc/rfc6238.html

4
docs/content/en/reference/cli/authelia/authelia.md
View File

@ -42,8 +42,8 @@ authelia --config /etc/authelia/config/
### Options
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
-h, --help help for authelia
```

4
docs/content/en/reference/cli/authelia/authelia_access-control.md
View File

@ -35,8 +35,8 @@ authelia access-control --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_access-control_check-policy.md
View File

@ -65,8 +65,8 @@ authelia access-control check-policy --config config.yml --url https://example.c
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_build-info.md
View File

@ -48,8 +48,8 @@ authelia build-info
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto.md
View File

@ -37,8 +37,8 @@ authelia crypto --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate.md
View File

@ -37,8 +37,8 @@ authelia crypto certificate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_ecdsa.md
View File

@ -37,8 +37,8 @@ authelia crypto certificate ecdsa --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_ecdsa_generate.md
View File

@ -62,8 +62,8 @@ authelia crypto certificate ecdsa generate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_ecdsa_request.md
View File

@ -57,8 +57,8 @@ authelia crypto certificate ecdsa request --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_ed25519.md
View File

@ -37,8 +37,8 @@ authelia crypto certificate ed25519 --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_ed25519_generate.md
View File

@ -61,8 +61,8 @@ authelia crypto certificate ed25519 request --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_ed25519_request.md
View File

@ -56,8 +56,8 @@ authelia crypto certificate ed25519 request --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_rsa.md
View File

@ -37,8 +37,8 @@ authelia crypto certificate rsa --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_rsa_generate.md
View File

@ -62,8 +62,8 @@ authelia crypto certificate rsa generate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_certificate_rsa_request.md
View File

@ -57,8 +57,8 @@ authelia crypto certificate rsa request --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash.md
View File

@ -37,8 +37,8 @@ authelia crypto hash --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_generate.md
View File

@ -49,8 +49,8 @@ authelia crypto hash generate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_generate_argon2.md
View File

@ -48,8 +48,8 @@ authelia crypto hash generate argon2 --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_generate_bcrypt.md
View File

@ -43,8 +43,8 @@ authelia crypto hash generate bcrypt --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_generate_pbkdf2.md
View File

@ -44,8 +44,8 @@ authelia crypto hash generate pbkdf2 --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_generate_scrypt.md
View File

@ -46,8 +46,8 @@ authelia crypto hash generate scrypt --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_generate_sha2crypt.md
View File

@ -44,8 +44,8 @@ authelia crypto hash generate sha2crypt --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--no-confirm skip the password confirmation prompt
--password string manually supply the password rather than using the terminal prompt
--random uses a randomly generated password

4
docs/content/en/reference/cli/authelia/authelia_crypto_hash_validate.md
View File

@ -43,8 +43,8 @@ authelia crypto hash validate '$5$rounds=500000$WFjMpdCQxIkbNl0k$M0qZaZoK8Gwdh8C
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair.md
View File

@ -37,8 +37,8 @@ authelia crypto pair --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair_ecdsa.md
View File

@ -41,8 +41,8 @@ authelia crypto pair ecdsa --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair_ecdsa_generate.md
View File

@ -46,8 +46,8 @@ authelia crypto pair ecdsa generate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair_ed25519.md
View File

@ -41,8 +41,8 @@ authelia crypto pair ed25519 --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair_ed25519_generate.md
View File

@ -45,8 +45,8 @@ authelia crypto pair ed25519 generate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair_rsa.md
View File

@ -41,8 +41,8 @@ authelia crypto pair rsa --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_pair_rsa_generate.md
View File

@ -46,8 +46,8 @@ authelia crypto pair rsa generate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_crypto_rand.md
View File

@ -52,8 +52,8 @@ authelia crypto rand --characters 0123456789ABCDEF
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_storage.md
View File

@ -56,8 +56,8 @@ authelia storage --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

4
docs/content/en/reference/cli/authelia/authelia_storage_encryption.md
View File

@ -37,8 +37,8 @@ authelia storage encryption --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_encryption_change-key.md
View File

@ -43,8 +43,8 @@ authelia storage encryption change-key --encryption-key b3453fde-ecc2-4a1f-9422-
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_encryption_check.md
View File

@ -45,8 +45,8 @@ authelia storage encryption check --verbose --encryption-key b3453fde-ecc2-4a1f-
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_migrate.md
View File

@ -37,8 +37,8 @@ authelia storage migrate --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_migrate_down.md
View File

@ -46,8 +46,8 @@ authelia storage migrate down --target 20 --encryption-key b3453fde-ecc2-4a1f-94
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_migrate_history.md
View File

@ -43,8 +43,8 @@ authelia storage migrate history --encryption-key b3453fde-ecc2-4a1f-9422-2707dd
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_migrate_list-down.md
View File

@ -44,8 +44,8 @@ authelia storage migrate list-down --encryption-key b3453fde-ecc2-4a1f-9422-2707
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_migrate_list-up.md
View File

@ -44,8 +44,8 @@ authelia storage migrate list-up --encryption-key b3453fde-ecc2-4a1f-9422-2707dd
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_migrate_up.md
View File

@ -46,8 +46,8 @@ authelia storage migrate up --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed49
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_schema-info.md
View File

@ -43,8 +43,8 @@ authelia storage schema-info --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed4
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_user.md
View File

@ -37,8 +37,8 @@ authelia storage user --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_user_identifiers.md
View File

@ -37,8 +37,8 @@ authelia storage user identifiers --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_user_identifiers_add.md
View File

@ -46,8 +46,8 @@ authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

6
docs/content/en/reference/cli/authelia/authelia_storage_user_identifiers_export.md
View File

@ -38,15 +38,15 @@ authelia storage user identifiers export --file export.yaml --encryption-key b34
### Options
```
-f, --file string The file name for the YAML export (default "user-opaque-identifiers.yml")
-f, --file string The file name for the YAML export (default "authelia.export.opaque-identifiers.yml")
-h, --help help for export
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_storage_user_identifiers_generate.md
View File

@ -48,8 +48,8 @@ authelia storage user identifiers generate --users john,mary --services openid -
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

13
docs/content/en/reference/cli/authelia/authelia_storage_user_identifiers_import.md
View File

@ -26,30 +26,29 @@ The YAML file can either be automatically generated using the authelia storage u
manually provided the file is in the same format.
```
authelia storage user identifiers import [flags]
authelia storage user identifiers import <filename> [flags]
```
### Examples
```
authelia storage user identifiers import
authelia storage user identifiers import --file export.yaml
authelia storage user identifiers import --file export.yaml --config config.yml
authelia storage user identifiers import --file export.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user identifiers import authelia.export.opaque-identifiers.yaml
authelia storage user identifiers import --config config.yml export.yaml
authelia storage user identifiers import --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw export.yaml
```
### Options
```
-f, --file string The file name for the YAML import (default "user-opaque-identifiers.yml")
-h, --help help for import
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

5
docs/content/en/reference/cli/authelia/authelia_storage_user_totp.md
View File

@ -37,8 +37,8 @@ authelia storage user totp --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
@ -64,4 +64,5 @@ authelia storage user totp --help
* [authelia storage user totp delete](authelia_storage_user_totp_delete.md) - Delete a TOTP configuration for a user
* [authelia storage user totp export](authelia_storage_user_totp_export.md) - Perform exports of the TOTP configurations
* [authelia storage user totp generate](authelia_storage_user_totp_generate.md) - Generate a TOTP configuration for a user
* [authelia storage user totp import](authelia_storage_user_totp_import.md) - Perform imports of the TOTP configurations

4
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_delete.md
View File

@ -43,8 +43,8 @@ authelia storage user totp delete john --encryption-key b3453fde-ecc2-4a1f-9422-
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

19
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_export.md
View File

@ -20,7 +20,7 @@ Perform exports of the TOTP configurations
Perform exports of the TOTP configurations.
This subcommand allows exporting TOTP configurations to various formats.
This subcommand allows exporting TOTP configurations to importable YAML files, or use the subcommands to export them to other non-importable formats.
```
authelia storage user totp export [flags]
@ -29,25 +29,23 @@ authelia storage user totp export [flags]
### Examples
```
authelia storage user totp export --format csv
authelia storage user totp export --format png --dir ./totp-qr
authelia storage user totp export --format png --dir ./totp-qr --config config.yml
authelia storage user totp export --format png --dir ./totp-qr --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user totp export --file example.yaml
authelia storage user totp export --config config.yml
authelia storage user totp export --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
```
### Options
```
--dir string used with the png output format to specify which new directory to save the files in
--format string sets the output format, valid values are: csv, uri, png (default "uri")
-f, --file string The file name for the YAML export (default "authelia.export.totp.yaml")
-h, --help help for export
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
@ -70,4 +68,7 @@ authelia storage user totp export --format png --dir ./totp-qr --encryption-key
### SEE ALSO
* [authelia storage user totp](authelia_storage_user_totp.md) - Manage TOTP configurations
* [authelia storage user totp export csv](authelia_storage_user_totp_export_csv.md) - Perform exports of the TOTP configurations to a CSV
* [authelia storage user totp export png](authelia_storage_user_totp_export_png.md) - Perform exports of the TOTP configurations to QR code PNG images
* [authelia storage user totp export uri](authelia_storage_user_totp_export_uri.md) - Perform exports of the TOTP configurations to URIs

71
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_export_csv.md 100644
View File

@ -0,0 +1,71 @@
---
title: "authelia storage user totp export csv"
description: "Reference for the authelia storage user totp export csv command."
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
reference:
parent: "cli-authelia"
weight: 905
toc: true
---
## authelia storage user totp export csv
Perform exports of the TOTP configurations to a CSV
### Synopsis
Perform exports of the TOTP configurations to a CSV.
This subcommand allows exporting TOTP configurations to a CSV.
```
authelia storage user totp export csv [flags]
```
### Examples
```
authelia storage user totp export csv --file users.csv
authelia storage user totp export csv --config config.yml
authelia storage user totp export csv --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
```
### Options
```
-f, --file string The file name for the CSV export (default "authelia.export.totp.csv")
-h, --help help for csv
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
--mysql.password string the MySQL password
--mysql.port int the MySQL port (default 3306)
--mysql.username string the MySQL username (default "authelia")
--postgres.database string the PostgreSQL database name (default "authelia")
--postgres.host string the PostgreSQL hostname
--postgres.password string the PostgreSQL password
--postgres.port int the PostgreSQL port (default 5432)
--postgres.schema string the PostgreSQL schema name (default "public")
--postgres.ssl.certificate string the PostgreSQL ssl certificate file location
--postgres.ssl.key string the PostgreSQL ssl key file location
--postgres.ssl.mode string the PostgreSQL ssl mode (default "disable")
--postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location
--postgres.username string the PostgreSQL username (default "authelia")
--sqlite.path string the SQLite database path
```
### SEE ALSO
* [authelia storage user totp export](authelia_storage_user_totp_export.md) - Perform exports of the TOTP configurations

72
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_export_png.md 100644
View File

@ -0,0 +1,72 @@
---
title: "authelia storage user totp export png"
description: "Reference for the authelia storage user totp export png command."
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
reference:
parent: "cli-authelia"
weight: 905
toc: true
---
## authelia storage user totp export png
Perform exports of the TOTP configurations to QR code PNG images
### Synopsis
Perform exports of the TOTP configurations to QR code PNG images.
This subcommand allows exporting TOTP configurations to PNG images with QR codes which represent the appropriate URI so they can be scanned.
```
authelia storage user totp export png [flags]
```
### Examples
```
authelia storage user totp export png
authelia storage user totp export png --directory example/dir
authelia storage user totp export png --config config.yml
authelia storage user totp export png --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
```
### Options
```
--directory string The directory where all exported png files will be saved to
-h, --help help for png
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
--mysql.password string the MySQL password
--mysql.port int the MySQL port (default 3306)
--mysql.username string the MySQL username (default "authelia")
--postgres.database string the PostgreSQL database name (default "authelia")
--postgres.host string the PostgreSQL hostname
--postgres.password string the PostgreSQL password
--postgres.port int the PostgreSQL port (default 5432)
--postgres.schema string the PostgreSQL schema name (default "public")
--postgres.ssl.certificate string the PostgreSQL ssl certificate file location
--postgres.ssl.key string the PostgreSQL ssl key file location
--postgres.ssl.mode string the PostgreSQL ssl mode (default "disable")
--postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location
--postgres.username string the PostgreSQL username (default "authelia")
--sqlite.path string the SQLite database path
```
### SEE ALSO
* [authelia storage user totp export](authelia_storage_user_totp_export.md) - Perform exports of the TOTP configurations

70
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_export_uri.md 100644
View File

@ -0,0 +1,70 @@
---
title: "authelia storage user totp export uri"
description: "Reference for the authelia storage user totp export uri command."
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
reference:
parent: "cli-authelia"
weight: 905
toc: true
---
## authelia storage user totp export uri
Perform exports of the TOTP configurations to URIs
### Synopsis
Perform exports of the TOTP configurations to URIs.
This subcommand allows exporting TOTP configurations to TOTP URIs.
```
authelia storage user totp export uri [flags]
```
### Examples
```
authelia storage user totp export uri
authelia storage user totp export uri --config config.yml
authelia storage user totp export uri --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
```
### Options
```
-h, --help help for uri
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
--mysql.password string the MySQL password
--mysql.port int the MySQL port (default 3306)
--mysql.username string the MySQL username (default "authelia")
--postgres.database string the PostgreSQL database name (default "authelia")
--postgres.host string the PostgreSQL hostname
--postgres.password string the PostgreSQL password
--postgres.port int the PostgreSQL port (default 5432)
--postgres.schema string the PostgreSQL schema name (default "public")
--postgres.ssl.certificate string the PostgreSQL ssl certificate file location
--postgres.ssl.key string the PostgreSQL ssl key file location
--postgres.ssl.mode string the PostgreSQL ssl mode (default "disable")
--postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location
--postgres.username string the PostgreSQL username (default "authelia")
--sqlite.path string the SQLite database path
```
### SEE ALSO
* [authelia storage user totp export](authelia_storage_user_totp_export.md) - Perform exports of the TOTP configurations

4
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_generate.md
View File

@ -55,8 +55,8 @@ authelia storage user totp generate john --algorithm SHA512 --config config.yml
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

70
docs/content/en/reference/cli/authelia/authelia_storage_user_totp_import.md 100644
View File

@ -0,0 +1,70 @@
---
title: "authelia storage user totp import"
description: "Reference for the authelia storage user totp import command."
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
reference:
parent: "cli-authelia"
weight: 905
toc: true
---
## authelia storage user totp import
Perform imports of the TOTP configurations
### Synopsis
Perform imports of the TOTP configurations.
This subcommand allows importing TOTP configurations from various formats.
```
authelia storage user totp import <filename> [flags]
```
### Examples
```
authelia storage user totp import authelia.export.totp.yaml
authelia storage user totp import --config config.yml authelia.export.totp.yaml
authelia storage user totp import --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw authelia.export.totp.yaml
```
### Options
```
-h, --help help for import
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
--mysql.password string the MySQL password
--mysql.port int the MySQL port (default 3306)
--mysql.username string the MySQL username (default "authelia")
--postgres.database string the PostgreSQL database name (default "authelia")
--postgres.host string the PostgreSQL hostname
--postgres.password string the PostgreSQL password
--postgres.port int the PostgreSQL port (default 5432)
--postgres.schema string the PostgreSQL schema name (default "public")
--postgres.ssl.certificate string the PostgreSQL ssl certificate file location
--postgres.ssl.key string the PostgreSQL ssl key file location
--postgres.ssl.mode string the PostgreSQL ssl mode (default "disable")
--postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location
--postgres.username string the PostgreSQL username (default "authelia")
--sqlite.path string the SQLite database path
```
### SEE ALSO
* [authelia storage user totp](authelia_storage_user_totp.md) - Manage TOTP configurations

10
docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn.md
View File

@ -37,8 +37,8 @@ authelia storage user webauthn --help
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
@ -61,6 +61,8 @@ authelia storage user webauthn --help
### SEE ALSO
* [authelia storage user](authelia_storage_user.md) - Manages user settings
* [authelia storage user webauthn delete](authelia_storage_user_webauthn_delete.md) - Delete a WebAuthn device
* [authelia storage user webauthn list](authelia_storage_user_webauthn_list.md) - List WebAuthn devices
* [authelia storage user webauthn delete](authelia_storage_user_webauthn_delete.md) - Delete a Webauthn device
* [authelia storage user webauthn export](authelia_storage_user_webauthn_export.md) - Perform exports of the Webauthn devices
* [authelia storage user webauthn import](authelia_storage_user_webauthn_import.md) - Perform imports of the Webauthn devices
* [authelia storage user webauthn list](authelia_storage_user_webauthn_list.md) - List Webauthn devices

10
docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_delete.md
View File

@ -14,13 +14,13 @@ toc: true
## authelia storage user webauthn delete
Delete a WebAuthn device
Delete a Webauthn device
### Synopsis
Delete a WebAuthn device.
Delete a Webauthn device.
This subcommand allows deleting a WebAuthn device directly from the database.
This subcommand allows deleting a Webauthn device directly from the database.
```
authelia storage user webauthn delete [username] [flags]
@ -52,8 +52,8 @@ authelia storage user webauthn delete --kid abc123 --encryption-key b3453fde-ecc
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

72
docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_export.md 100644
View File

@ -0,0 +1,72 @@
---
title: "authelia storage user webauthn export"
description: "Reference for the authelia storage user webauthn export command."
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
reference:
parent: "cli-authelia"
weight: 905
toc: true
---
## authelia storage user webauthn export
Perform exports of the Webauthn devices
### Synopsis
Perform exports of the Webauthn devices.
This subcommand allows exporting Webauthn devices to various formats.
```
authelia storage user webauthn export [flags]
```
### Examples
```
authelia storage user webauthn export
authelia storage user webauthn export --file authelia.export.webauthn.yaml
authelia storage user webauthn export --config config.yml
authelia storage user webauthn export--encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
```
### Options
```
-f, --file string The file name for the YAML export (default "authelia.export.webauthn.yaml")
-h, --help help for export
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
--mysql.password string the MySQL password
--mysql.port int the MySQL port (default 3306)
--mysql.username string the MySQL username (default "authelia")
--postgres.database string the PostgreSQL database name (default "authelia")
--postgres.host string the PostgreSQL hostname
--postgres.password string the PostgreSQL password
--postgres.port int the PostgreSQL port (default 5432)
--postgres.schema string the PostgreSQL schema name (default "public")
--postgres.ssl.certificate string the PostgreSQL ssl certificate file location
--postgres.ssl.key string the PostgreSQL ssl key file location
--postgres.ssl.mode string the PostgreSQL ssl mode (default "disable")
--postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location
--postgres.username string the PostgreSQL username (default "authelia")
--sqlite.path string the SQLite database path
```
### SEE ALSO
* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices

71
docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_import.md 100644
View File

@ -0,0 +1,71 @@
---
title: "authelia storage user webauthn import"
description: "Reference for the authelia storage user webauthn import command."
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
reference:
parent: "cli-authelia"
weight: 905
toc: true
---
## authelia storage user webauthn import
Perform imports of the Webauthn devices
### Synopsis
Perform imports of the Webauthn devices.
This subcommand allows importing Webauthn devices from various formats.
```
authelia storage user webauthn import <filename> [flags]
```
### Examples
```
authelia storage user webauthn export
authelia storage user webauthn import --file authelia.export.webauthn.yaml
authelia storage user webauthn import --file authelia.export.webauthn.yaml --config config.yml
authelia storage user webauthn import --file authelia.export.webauthn.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
```
### Options
```
-h, --help help for import
```
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname
--mysql.password string the MySQL password
--mysql.port int the MySQL port (default 3306)
--mysql.username string the MySQL username (default "authelia")
--postgres.database string the PostgreSQL database name (default "authelia")
--postgres.host string the PostgreSQL hostname
--postgres.password string the PostgreSQL password
--postgres.port int the PostgreSQL port (default 5432)
--postgres.schema string the PostgreSQL schema name (default "public")
--postgres.ssl.certificate string the PostgreSQL ssl certificate file location
--postgres.ssl.key string the PostgreSQL ssl key file location
--postgres.ssl.mode string the PostgreSQL ssl mode (default "disable")
--postgres.ssl.root_certificate string the PostgreSQL ssl root certificate file location
--postgres.username string the PostgreSQL username (default "authelia")
--sqlite.path string the SQLite database path
```
### SEE ALSO
* [authelia storage user webauthn](authelia_storage_user_webauthn.md) - Manage Webauthn devices

10
docs/content/en/reference/cli/authelia/authelia_storage_user_webauthn_list.md
View File

@ -14,13 +14,13 @@ toc: true
## authelia storage user webauthn list
List WebAuthn devices
List Webauthn devices
### Synopsis
List WebAuthn devices.
List Webauthn devices.
This subcommand allows listing WebAuthn devices.
This subcommand allows listing Webauthn devices.
```
authelia storage user webauthn list [username] [flags]
@ -46,8 +46,8 @@ authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-942
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
--encryption-key string the storage encryption key to use
--mysql.database string the MySQL database name (default "authelia")
--mysql.host string the MySQL hostname

4
docs/content/en/reference/cli/authelia/authelia_validate-config.md
View File

@ -43,8 +43,8 @@ authelia validate-config --config config.yml
### Options inherited from parent commands
```
-c, --config strings configuration files or directories to load (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information: authelia --help authelia filters
-c, --config strings configuration files or directories to load, for more information run 'authelia -h authelia config' (default [configuration.yml])
--config.experimental.filters strings list of filters to apply to all configuration files, for more information run 'authelia -h authelia filters'
```
### SEE ALSO

114
internal/commands/const.go
View File

@ -151,9 +151,9 @@ The YAML file can either be automatically generated using the authelia storage u
manually provided the file is in the same format.`
cmdAutheliaStorageUserIdentifiersImportExample = `authelia storage user identifiers import
authelia storage user identifiers import --file export.yaml
authelia storage user identifiers import --file export.yaml --config config.yml
authelia storage user identifiers import --file export.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
authelia storage user identifiers import authelia.export.opaque-identifiers.yaml
authelia storage user identifiers import --config config.yml export.yaml
authelia storage user identifiers import --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw export.yaml`
cmdAutheliaStorageUserIdentifiersGenerateShort = "Generate opaque identifiers in bulk"
@ -177,34 +177,56 @@ This subcommand allows manually adding an opaque identifier for a user to the da
authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --config config.yml
authelia storage user identifiers add john --identifier f0919359-9d15-4e15-bcba-83b41620a073 --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserWebAuthnShort = "Manage Webauthn devices"
cmdAutheliaStorageUserWebauthnShort = "Manage Webauthn devices"
cmdAutheliaStorageUserWebAuthnLong = `Manage Webauthn devices.
cmdAutheliaStorageUserWebauthnLong = `Manage Webauthn devices.
This subcommand allows interacting with Webauthn devices.`
cmdAutheliaStorageUserWebAuthnExample = `authelia storage user webauthn --help`
cmdAutheliaStorageUserWebauthnExample = `authelia storage user webauthn --help`
cmdAutheliaStorageUserWebAuthnListShort = "List WebAuthn devices"
cmdAutheliaStorageUserWebauthnImportShort = "Perform imports of the Webauthn devices"
cmdAutheliaStorageUserWebAuthnListLong = `List WebAuthn devices.
cmdAutheliaStorageUserWebauthnImportLong = `Perform imports of the Webauthn devices.
This subcommand allows listing WebAuthn devices.`
This subcommand allows importing Webauthn devices from various formats.`
cmdAutheliaStorageUserWebAuthnListExample = `authelia storage user webauthn list
cmdAutheliaStorageUserWebauthnImportExample = `authelia storage user webauthn export
authelia storage user webauthn import --file authelia.export.webauthn.yaml
authelia storage user webauthn import --file authelia.export.webauthn.yaml --config config.yml
authelia storage user webauthn import --file authelia.export.webauthn.yaml --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserWebauthnExportShort = "Perform exports of the Webauthn devices"
cmdAutheliaStorageUserWebauthnExportLong = `Perform exports of the Webauthn devices.
This subcommand allows exporting Webauthn devices to various formats.`
cmdAutheliaStorageUserWebauthnExportExample = `authelia storage user webauthn export
authelia storage user webauthn export --file authelia.export.webauthn.yaml
authelia storage user webauthn export --config config.yml
authelia storage user webauthn export--encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserWebauthnListShort = "List Webauthn devices"
cmdAutheliaStorageUserWebauthnListLong = `List Webauthn devices.
This subcommand allows listing Webauthn devices.`
cmdAutheliaStorageUserWebauthnListExample = `authelia storage user webauthn list
authelia storage user webauthn list john
authelia storage user webauthn list --config config.yml
authelia storage user webauthn list john --config config.yml
authelia storage user webauthn list --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user webauthn list john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserWebAuthnDeleteShort = "Delete a WebAuthn device"
cmdAutheliaStorageUserWebauthnDeleteShort = "Delete a Webauthn device"
cmdAutheliaStorageUserWebAuthnDeleteLong = `Delete a WebAuthn device.
cmdAutheliaStorageUserWebauthnDeleteLong = `Delete a Webauthn device.
This subcommand allows deleting a WebAuthn device directly from the database.`
This subcommand allows deleting a Webauthn device directly from the database.`
cmdAutheliaStorageUserWebAuthnDeleteExample = `authelia storage user webauthn delete john --all
cmdAutheliaStorageUserWebauthnDeleteExample = `authelia storage user webauthn delete john --all
authelia storage user webauthn delete john --all --config config.yml
authelia storage user webauthn delete john --all --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw
authelia storage user webauthn delete john --description Primary
@ -246,16 +268,56 @@ This subcommand allows deleting a TOTP configuration directly from the database
authelia storage user totp delete john --config config.yml
authelia storage user totp delete john --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserTOTPImportShort = "Perform imports of the TOTP configurations"
cmdAutheliaStorageUserTOTPImportLong = `Perform imports of the TOTP configurations.
This subcommand allows importing TOTP configurations from various formats.`
cmdAutheliaStorageUserTOTPImportExample = `authelia storage user totp import authelia.export.totp.yaml
authelia storage user totp import --config config.yml authelia.export.totp.yaml
authelia storage user totp import --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw authelia.export.totp.yaml`
cmdAutheliaStorageUserTOTPExportShort = "Perform exports of the TOTP configurations"
cmdAutheliaStorageUserTOTPExportLong = `Perform exports of the TOTP configurations.
This subcommand allows exporting TOTP configurations to various formats.`
This subcommand allows exporting TOTP configurations to importable YAML files, or use the subcommands to export them to other non-importable formats.`
cmdAutheliaStorageUserTOTPExportExample = `authelia storage user totp export --format csv
authelia storage user totp export --format png --dir ./totp-qr
authelia storage user totp export --format png --dir ./totp-qr --config config.yml
authelia storage user totp export --format png --dir ./totp-qr --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserTOTPExportExample = `authelia storage user totp export --file example.yaml
authelia storage user totp export --config config.yml
authelia storage user totp export --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserTOTPExportCSVShort = "Perform exports of the TOTP configurations to a CSV"
cmdAutheliaStorageUserTOTPExportCSVLong = `Perform exports of the TOTP configurations to a CSV.
This subcommand allows exporting TOTP configurations to a CSV.`
cmdAutheliaStorageUserTOTPExportCSVExample = `authelia storage user totp export csv --file users.csv
authelia storage user totp export csv --config config.yml
authelia storage user totp export csv --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserTOTPExportURIShort = "Perform exports of the TOTP configurations to URIs"
cmdAutheliaStorageUserTOTPExportURILong = `Perform exports of the TOTP configurations to URIs.
This subcommand allows exporting TOTP configurations to TOTP URIs.`
cmdAutheliaStorageUserTOTPExportURIExample = `authelia storage user totp export uri
authelia storage user totp export uri --config config.yml
authelia storage user totp export uri --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageUserTOTPExportPNGShort = "Perform exports of the TOTP configurations to QR code PNG images"
cmdAutheliaStorageUserTOTPExportPNGLong = `Perform exports of the TOTP configurations to QR code PNG images.
This subcommand allows exporting TOTP configurations to PNG images with QR codes which represent the appropriate URI so they can be scanned.`
cmdAutheliaStorageUserTOTPExportPNGExample = `authelia storage user totp export png
authelia storage user totp export png --directory example/dir
authelia storage user totp export png --config config.yml
authelia storage user totp export png --encryption-key b3453fde-ecc2-4a1f-9422-2707ddbed495 --postgres.host postgres --postgres.password autheliapw`
cmdAutheliaStorageSchemaInfoShort = "Show the storage information"
@ -471,16 +533,6 @@ const (
storageMigrateDirectionDown = "down"
)
const (
storageTOTPExportFormatCSV = "csv"
storageTOTPExportFormatURI = "uri"
storageTOTPExportFormatPNG = "png"
)
var (
validStorageTOTPExportFormats = []string{storageTOTPExportFormatCSV, storageTOTPExportFormatURI, storageTOTPExportFormatPNG}
)
const (
timeLayoutCertificateNotBefore = "Jan 2 15:04:05 2006"
)
@ -571,7 +623,6 @@ const (
cmdFlagNameAlgorithm = "algorithm"
cmdFlagNameIssuer = "issuer"
cmdFlagNameForce = "force"
cmdFlagNameFormat = "format"
cmdFlagNamePath = "path"
cmdFlagNameTarget = "target"
cmdFlagNameDestroyData = "destroy-data"
@ -599,6 +650,9 @@ const (
cmdUseHashBCrypt = "bcrypt"
cmdUseHashSCrypt = "scrypt"
cmdUseExport = "export"
cmdUseImportFileName = "import <filename>"
cmdUseCrypto = "crypto"
cmdUseRand = "rand"
cmdUseCertificate = "certificate"

21
internal/commands/context.go
View File

@ -24,6 +24,7 @@ import (
"github.com/authelia/authelia/v4/internal/oidc"
"github.com/authelia/authelia/v4/internal/regulation"
"github.com/authelia/authelia/v4/internal/session"
"github.com/authelia/authelia/v4/internal/storage"
"github.com/authelia/authelia/v4/internal/templates"
"github.com/authelia/authelia/v4/internal/totp"
"github.com/authelia/authelia/v4/internal/utils"
@ -80,7 +81,6 @@ type CmdCtxConfig struct {
// CobraRunECmd describes a function that can be used as a *cobra.Command RunE, PreRunE, or PostRunE.
type CobraRunECmd func(cmd *cobra.Command, args []string) (err error)
// CheckSchemaVersion is a utility function which checks the schema version.
func (ctx *CmdCtx) CheckSchemaVersion() (err error) {
if ctx.providers.StorageProvider == nil {
return fmt.Errorf("storage not loaded")
@ -106,6 +106,25 @@ func (ctx *CmdCtx) CheckSchemaVersion() (err error) {
}
}
// CheckSchema is a utility function which checks the schema version and encryption key.
func (ctx *CmdCtx) CheckSchema() (err error) {
if err = ctx.CheckSchemaVersion(); err != nil {
return err
}
var result storage.EncryptionValidationResult
if result, err = ctx.providers.StorageProvider.SchemaEncryptionCheckKey(ctx, false); !result.Checked() || !result.Success() {
if err != nil {
return fmt.Errorf("failed to check the schema encryption key: %w", err)
}
return fmt.Errorf("failed to check the schema encryption key: the key is not valid for the schema")
}
return nil
}
// LoadTrustedCertificates loads the trusted certificates into the CmdCtx.
func (ctx *CmdCtx) LoadTrustedCertificates() (warns, errs []error) {
ctx.trusted, warns, errs = utils.NewX509CertPool(ctx.config.CertificatesDirectory)

8
internal/commands/crypto_hash.go
View File

@ -63,7 +63,7 @@ func newCryptoHashGenerateCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Example: cmdAutheliaCryptoHashGenerateExample,
PreRunE: ctx.ChainRunE(
ctx.ConfigSetDefaultsRunE(defaults),
ctx.CryptoHashGenerateMapFlagsPreRunE,
ctx.CryptoHashGenerateMapFlagsRunE,
ctx.ConfigLoadRunE,
ctx.ConfigValidateSectionPasswordRunE,
),
@ -116,7 +116,7 @@ func newCryptoHashGenerateSubCmd(ctx *CmdCtx, use string) (cmd *cobra.Command) {
Args: cobra.NoArgs,
PersistentPreRunE: ctx.ChainRunE(
ctx.ConfigSetDefaultsRunE(defaults),
ctx.CryptoHashGenerateMapFlagsPreRunE,
ctx.CryptoHashGenerateMapFlagsRunE,
ctx.ConfigLoadRunE,
ctx.ConfigValidateSectionPasswordRunE,
),
@ -207,9 +207,9 @@ func (ctx *CmdCtx) CryptoHashValidateRunE(cmd *cobra.Command, args []string) (er
return nil
}
// CryptoHashGenerateMapFlagsPreRunE is the RunE which configures the flags map configuration source for the
// CryptoHashGenerateMapFlagsRunE is the RunE which configures the flags map configuration source for the
// authelia crypto hash generate commands.
func (ctx *CmdCtx) CryptoHashGenerateMapFlagsPreRunE(cmd *cobra.Command, args []string) (err error) {
func (ctx *CmdCtx) CryptoHashGenerateMapFlagsRunE(cmd *cobra.Command, args []string) (err error) {
var flagsMap map[string]string
switch cmd.Use {

188
internal/commands/storage.go
View File

@ -15,13 +15,13 @@ func newStorageCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageShort,
Long: cmdAutheliaStorageLong,
Example: cmdAutheliaStorageExample,
Args: cobra.NoArgs,
PersistentPreRunE: ctx.ChainRunE(
ctx.ConfigStorageCommandLineConfigPersistentPreRunE,
ctx.ConfigStorageCommandLineConfigRunE,
ctx.ConfigLoadRunE,
ctx.ConfigValidateStoragePersistentPreRunE,
ctx.ConfigValidateStorageRunE,
ctx.LoadProvidersStorageRunE,
),
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -63,6 +63,7 @@ func newStorageEncryptionCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageEncryptionShort,
Long: cmdAutheliaStorageEncryptionLong,
Example: cmdAutheliaStorageEncryptionExample,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -82,6 +83,7 @@ func newStorageEncryptionCheckCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Long: cmdAutheliaStorageEncryptionCheckLong,
Example: cmdAutheliaStorageEncryptionCheckExample,
RunE: ctx.StorageSchemaEncryptionCheckRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -98,6 +100,7 @@ func newStorageEncryptionChangeKeyCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Long: cmdAutheliaStorageEncryptionChangeKeyLong,
Example: cmdAutheliaStorageEncryptionChangeKeyExample,
RunE: ctx.StorageSchemaEncryptionChangeKeyRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -113,6 +116,7 @@ func newStorageUserCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageUserShort,
Long: cmdAutheliaStorageUserLong,
Example: cmdAutheliaStorageUserExample,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -120,7 +124,7 @@ func newStorageUserCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd.AddCommand(
newStorageUserIdentifiersCmd(ctx),
newStorageUserTOTPCmd(ctx),
newStorageUserWebAuthnCmd(ctx),
newStorageUserWebauthnCmd(ctx),
)
return cmd
@ -132,6 +136,7 @@ func newStorageUserIdentifiersCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageUserIdentifiersShort,
Long: cmdAutheliaStorageUserIdentifiersLong,
Example: cmdAutheliaStorageUserIdentifiersExample,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -148,33 +153,33 @@ func newStorageUserIdentifiersCmd(ctx *CmdCtx) (cmd *cobra.Command) {
func newStorageUserIdentifiersExportCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "export",
Use: cmdUseExport,
Short: cmdAutheliaStorageUserIdentifiersExportShort,
Long: cmdAutheliaStorageUserIdentifiersExportLong,
Example: cmdAutheliaStorageUserIdentifiersExportExample,
RunE: ctx.StorageUserIdentifiersExportRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
cmd.Flags().StringP(cmdFlagNameFile, "f", "user-opaque-identifiers.yml", "The file name for the YAML export")
cmd.Flags().StringP(cmdFlagNameFile, "f", "authelia.export.opaque-identifiers.yml", "The file name for the YAML export")
return cmd
}
func newStorageUserIdentifiersImportCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "import",
Use: cmdUseImportFileName,
Short: cmdAutheliaStorageUserIdentifiersImportShort,
Long: cmdAutheliaStorageUserIdentifiersImportLong,
Example: cmdAutheliaStorageUserIdentifiersImportExample,
RunE: ctx.StorageUserIdentifiersImportRunE,
Args: cobra.ExactArgs(1),
DisableAutoGenTag: true,
}
cmd.Flags().StringP(cmdFlagNameFile, "f", "user-opaque-identifiers.yml", "The file name for the YAML import")
return cmd
}
@ -185,6 +190,7 @@ func newStorageUserIdentifiersGenerateCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Long: cmdAutheliaStorageUserIdentifiersGenerateLong,
Example: cmdAutheliaStorageUserIdentifiersGenerateExample,
RunE: ctx.StorageUserIdentifiersGenerateRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -202,8 +208,8 @@ func newStorageUserIdentifiersAddCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageUserIdentifiersAddShort,
Long: cmdAutheliaStorageUserIdentifiersAddLong,
Example: cmdAutheliaStorageUserIdentifiersAddExample,
Args: cobra.ExactArgs(1),
RunE: ctx.StorageUserIdentifiersAddRunE,
Args: cobra.ExactArgs(1),
DisableAutoGenTag: true,
}
@ -215,31 +221,66 @@ func newStorageUserIdentifiersAddCmd(ctx *CmdCtx) (cmd *cobra.Command) {
return cmd
}
func newStorageUserWebAuthnCmd(ctx *CmdCtx) (cmd *cobra.Command) {
func newStorageUserWebauthnCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "webauthn",
Short: cmdAutheliaStorageUserWebAuthnShort,
Long: cmdAutheliaStorageUserWebAuthnLong,
Example: cmdAutheliaStorageUserWebAuthnExample,
Short: cmdAutheliaStorageUserWebauthnShort,
Long: cmdAutheliaStorageUserWebauthnLong,
Example: cmdAutheliaStorageUserWebauthnExample,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
cmd.AddCommand(
newStorageUserWebAuthnListCmd(ctx),
newStorageUserWebAuthnDeleteCmd(ctx),
newStorageUserWebauthnListCmd(ctx),
newStorageUserWebauthnDeleteCmd(ctx),
newStorageUserWebauthnExportCmd(ctx),
newStorageUserWebauthnImportCmd(ctx),
)
return cmd
}
func newStorageUserWebAuthnListCmd(ctx *CmdCtx) (cmd *cobra.Command) {
func newStorageUserWebauthnImportCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: cmdUseImportFileName,
Short: cmdAutheliaStorageUserWebauthnImportShort,
Long: cmdAutheliaStorageUserWebauthnImportLong,
Example: cmdAutheliaStorageUserWebauthnImportExample,
RunE: ctx.StorageUserWebauthnImportRunE,
Args: cobra.ExactArgs(1),
DisableAutoGenTag: true,
}
return cmd
}
func newStorageUserWebauthnExportCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: cmdUseExport,
Short: cmdAutheliaStorageUserWebauthnExportShort,
Long: cmdAutheliaStorageUserWebauthnExportLong,
Example: cmdAutheliaStorageUserWebauthnExportExample,
RunE: ctx.StorageUserWebauthnExportRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
cmd.Flags().StringP(cmdFlagNameFile, "f", "authelia.export.webauthn.yaml", "The file name for the YAML export")
return cmd
}
func newStorageUserWebauthnListCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "list [username]",
Short: cmdAutheliaStorageUserWebAuthnListShort,
Long: cmdAutheliaStorageUserWebAuthnListLong,
Example: cmdAutheliaStorageUserWebAuthnListExample,
RunE: ctx.StorageWebauthnListRunE,
Short: cmdAutheliaStorageUserWebauthnListShort,
Long: cmdAutheliaStorageUserWebauthnListLong,
Example: cmdAutheliaStorageUserWebauthnListExample,
RunE: ctx.StorageUserWebauthnListRunE,
Args: cobra.MaximumNArgs(1),
DisableAutoGenTag: true,
@ -248,13 +289,13 @@ func newStorageUserWebAuthnListCmd(ctx *CmdCtx) (cmd *cobra.Command) {
return cmd
}
func newStorageUserWebAuthnDeleteCmd(ctx *CmdCtx) (cmd *cobra.Command) {
func newStorageUserWebauthnDeleteCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "delete [username]",
Short: cmdAutheliaStorageUserWebAuthnDeleteShort,
Long: cmdAutheliaStorageUserWebAuthnDeleteLong,
Example: cmdAutheliaStorageUserWebAuthnDeleteExample,
RunE: ctx.StorageWebauthnDeleteRunE,
Short: cmdAutheliaStorageUserWebauthnDeleteShort,
Long: cmdAutheliaStorageUserWebauthnDeleteLong,
Example: cmdAutheliaStorageUserWebauthnDeleteExample,
RunE: ctx.StorageUserWebauthnDeleteRunE,
Args: cobra.MaximumNArgs(1),
DisableAutoGenTag: true,
@ -273,6 +314,7 @@ func newStorageUserTOTPCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageUserTOTPShort,
Long: cmdAutheliaStorageUserTOTPLong,
Example: cmdAutheliaStorageUserTOTPExample,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -281,6 +323,7 @@ func newStorageUserTOTPCmd(ctx *CmdCtx) (cmd *cobra.Command) {
newStorageUserTOTPGenerateCmd(ctx),
newStorageUserTOTPDeleteCmd(ctx),
newStorageUserTOTPExportCmd(ctx),
newStorageUserTOTPImportCmd(ctx),
)
return cmd
@ -292,7 +335,7 @@ func newStorageUserTOTPGenerateCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageUserTOTPGenerateShort,
Long: cmdAutheliaStorageUserTOTPGenerateLong,
Example: cmdAutheliaStorageUserTOTPGenerateExample,
RunE: ctx.StorageTOTPGenerateRunE,
RunE: ctx.StorageUserTOTPGenerateRunE,
Args: cobra.ExactArgs(1),
DisableAutoGenTag: true,
@ -316,7 +359,22 @@ func newStorageUserTOTPDeleteCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageUserTOTPDeleteShort,
Long: cmdAutheliaStorageUserTOTPDeleteLong,
Example: cmdAutheliaStorageUserTOTPDeleteExample,
RunE: ctx.StorageTOTPDeleteRunE,
RunE: ctx.StorageUserTOTPDeleteRunE,
Args: cobra.ExactArgs(1),
DisableAutoGenTag: true,
}
return cmd
}
func newStorageUserTOTPImportCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: cmdUseImportFileName,
Short: cmdAutheliaStorageUserTOTPImportShort,
Long: cmdAutheliaStorageUserTOTPImportLong,
Example: cmdAutheliaStorageUserTOTPImportExample,
RunE: ctx.StorageUserTOTPImportRunE,
Args: cobra.ExactArgs(1),
DisableAutoGenTag: true,
@ -327,17 +385,72 @@ func newStorageUserTOTPDeleteCmd(ctx *CmdCtx) (cmd *cobra.Command) {
func newStorageUserTOTPExportCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "export",
Use: cmdUseExport,
Short: cmdAutheliaStorageUserTOTPExportShort,
Long: cmdAutheliaStorageUserTOTPExportLong,
Example: cmdAutheliaStorageUserTOTPExportExample,
RunE: ctx.StorageTOTPExportRunE,
RunE: ctx.StorageUserTOTPExportRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
cmd.Flags().String(cmdFlagNameFormat, storageTOTPExportFormatURI, fmt.Sprintf("sets the output format, valid values are: %s", strings.Join(validStorageTOTPExportFormats, ", ")))
cmd.Flags().String("dir", "", "used with the png output format to specify which new directory to save the files in")
cmd.AddCommand(
newStorageUserTOTPExportCSVCmd(ctx),
newStorageUserTOTPExportPNGCmd(ctx),
newStorageUserTOTPExportURICmd(ctx),
)
cmd.Flags().StringP(cmdFlagNameFile, "f", "authelia.export.totp.yaml", "The file name for the YAML export")
return cmd
}
func newStorageUserTOTPExportURICmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "uri",
Short: cmdAutheliaStorageUserTOTPExportURIShort,
Long: cmdAutheliaStorageUserTOTPExportURILong,
Example: cmdAutheliaStorageUserTOTPExportURIExample,
RunE: ctx.StorageUserTOTPExportURIRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
return cmd
}
func newStorageUserTOTPExportCSVCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "csv",
Short: cmdAutheliaStorageUserTOTPExportCSVShort,
Long: cmdAutheliaStorageUserTOTPExportCSVLong,
Example: cmdAutheliaStorageUserTOTPExportCSVExample,
RunE: ctx.StorageUserTOTPExportCSVRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
cmd.Flags().StringP(cmdFlagNameFile, "f", "authelia.export.totp.csv", "The file name for the CSV export")
return cmd
}
func newStorageUserTOTPExportPNGCmd(ctx *CmdCtx) (cmd *cobra.Command) {
cmd = &cobra.Command{
Use: "png",
Short: cmdAutheliaStorageUserTOTPExportPNGShort,
Long: cmdAutheliaStorageUserTOTPExportPNGLong,
Example: cmdAutheliaStorageUserTOTPExportPNGExample,
RunE: ctx.StorageUserTOTPExportPNGRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
cmd.Flags().String(cmdFlagNameDirectory, "", "The directory where all exported png files will be saved to")
return cmd
}
@ -349,6 +462,7 @@ func newStorageSchemaInfoCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Long: cmdAutheliaStorageSchemaInfoLong,
Example: cmdAutheliaStorageSchemaInfoExample,
RunE: ctx.StorageSchemaInfoRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -383,8 +497,8 @@ func newStorageMigrateHistoryCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageMigrateHistoryShort,
Long: cmdAutheliaStorageMigrateHistoryLong,
Example: cmdAutheliaStorageMigrateHistoryExample,
Args: cobra.NoArgs,
RunE: ctx.StorageMigrateHistoryRunE,
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -398,8 +512,8 @@ func newStorageMigrateListUpCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageMigrateListUpShort,
Long: cmdAutheliaStorageMigrateListUpLong,
Example: cmdAutheliaStorageMigrateListUpExample,
Args: cobra.NoArgs,
RunE: ctx.NewStorageMigrateListRunE(true),
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -413,8 +527,8 @@ func newStorageMigrateListDownCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageMigrateListDownShort,
Long: cmdAutheliaStorageMigrateListDownLong,
Example: cmdAutheliaStorageMigrateListDownExample,
Args: cobra.NoArgs,
RunE: ctx.NewStorageMigrateListRunE(false),
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -428,8 +542,8 @@ func newStorageMigrateUpCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageMigrateUpShort,
Long: cmdAutheliaStorageMigrateUpLong,
Example: cmdAutheliaStorageMigrateUpExample,
Args: cobra.NoArgs,
RunE: ctx.NewStorageMigrationRunE(true),
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}
@ -445,8 +559,8 @@ func newStorageMigrateDownCmd(ctx *CmdCtx) (cmd *cobra.Command) {
Short: cmdAutheliaStorageMigrateDownShort,
Long: cmdAutheliaStorageMigrateDownLong,
Example: cmdAutheliaStorageMigrateDownExample,
Args: cobra.NoArgs,
RunE: ctx.NewStorageMigrationRunE(false),
Args: cobra.NoArgs,
DisableAutoGenTag: true,
}

1116
internal/commands/storage_run.go
View File

File diff suppressed because it is too large Load Diff

31
internal/commands/util.go
View File

@ -46,37 +46,6 @@ func flagsGetUserIdentifiersGenerateOptions(flags *pflag.FlagSet) (users, servic
return users, services, sectors, nil
}
func flagsGetTOTPExportOptions(flags *pflag.FlagSet) (format, dir string, err error) {
if format, err = flags.GetString(cmdFlagNameFormat); err != nil {
return "", "", err
}
if dir, err = flags.GetString("dir"); err != nil {
return "", "", err
}
switch format {
case storageTOTPExportFormatCSV, storageTOTPExportFormatURI:
break
case storageTOTPExportFormatPNG:
if dir == "" {
dir = utils.RandomString(8, utils.CharSetAlphaNumeric, false)
}
if _, err = os.Stat(dir); !os.IsNotExist(err) {
return "", "", errors.New("output directory must not exist")
}
if err = os.MkdirAll(dir, 0700); err != nil {
return "", "", err
}
default:
return "", "", errors.New("format must be csv, uri, or png")
}
return format, dir, nil
}
//nolint:gocyclo
func flagsGetRandomCharacters(flags *pflag.FlagSet, flagNameLength, flagNameCharSet, flagNameCharacters string) (r string, err error) {
var (

61
internal/model/totp_configuration.go
View File

@ -2,12 +2,14 @@ package model
import (
"database/sql"
"encoding/base64"
"image"
"net/url"
"strconv"
"time"
"github.com/pquerna/otp"
"gopkg.in/yaml.v3"
)
// TOTPConfiguration represents a users TOTP configuration row in the database.
@ -70,3 +72,62 @@ func (c *TOTPConfiguration) Image(width, height int) (img image.Image, err error
return key.Image(width, height)
}
// MarshalYAML marshals this model into YAML.
func (c *TOTPConfiguration) MarshalYAML() (any, error) {
o := TOTPConfigurationData{
CreatedAt: c.CreatedAt,
LastUsedAt: c.LastUsed(),
Username: c.Username,
Issuer: c.Issuer,
Algorithm: c.Algorithm,
Digits: c.Digits,
Period: c.Period,
Secret: base64.StdEncoding.EncodeToString(c.Secret),
}
return yaml.Marshal(o)
}
// UnmarshalYAML unmarshalls YAML into this model.
func (c *TOTPConfiguration) UnmarshalYAML(value *yaml.Node) (err error) {
o := &TOTPConfigurationData{}
if err = value.Decode(o); err != nil {
return err
}
if c.Secret, err = base64.StdEncoding.DecodeString(o.Secret); err != nil {
return err
}
c.CreatedAt = o.CreatedAt
c.Username = o.Username
c.Issuer = o.Issuer
c.Algorithm = o.Algorithm
c.Digits = o.Digits
c.Period = o.Period
if o.LastUsedAt != nil {
c.LastUsedAt = sql.NullTime{Valid: true, Time: *o.LastUsedAt}
}
return nil
}
// TOTPConfigurationData is used for marshalling/unmarshalling tasks.
type TOTPConfigurationData struct {
CreatedAt time.Time `yaml:"created_at"`
LastUsedAt *time.Time `yaml:"last_used_at"`
Username string `yaml:"username"`
Issuer string `yaml:"issuer"`
Algorithm string `yaml:"algorithm"`
Digits uint `yaml:"digits"`
Period uint `yaml:"period"`
Secret string `yaml:"secret"`
}
// TOTPConfigurationExport represents a TOTPConfiguration export file.
type TOTPConfigurationExport struct {
TOTPConfigurations []TOTPConfiguration `yaml:"totp_configurations"`
}

2
internal/model/user_opaque_identifier.go
View File

@ -24,7 +24,7 @@ func NewUserOpaqueIdentifier(service, sectorID, username string) (id *UserOpaque
// UserOpaqueIdentifier represents an opaque identifier for a user. Commonly used with OAuth 2.0 and OpenID Connect.
type UserOpaqueIdentifier struct {
ID int `db:"id" yaml:"id"`
ID int `db:"id" yaml:"-"`
Service string `db:"service" yaml:"service"`
SectorID string `db:"sector_id" yaml:"sector_id"`
Username string `db:"username" yaml:"username"`

111
internal/model/webauthn.go
View File

@ -2,6 +2,7 @@ package model
import (
"database/sql"
"encoding/base64"
"encoding/hex"
"strings"
"time"
@ -9,6 +10,7 @@ import (
"github.com/go-webauthn/webauthn/protocol"
"github.com/go-webauthn/webauthn/webauthn"
"github.com/google/uuid"
"gopkg.in/yaml.v3"
)
const (
@ -153,19 +155,114 @@ type WebauthnDevice struct {
}
// UpdateSignInInfo adjusts the values of the WebauthnDevice after a sign in.
func (w *WebauthnDevice) UpdateSignInInfo(config *webauthn.Config, now time.Time, signCount uint32) {
w.LastUsedAt = sql.NullTime{Time: now, Valid: true}
func (d *WebauthnDevice) UpdateSignInInfo(config *webauthn.Config, now time.Time, signCount uint32) {
d.LastUsedAt = sql.NullTime{Time: now, Valid: true}
w.SignCount = signCount
d.SignCount = signCount
if w.RPID != "" {
if d.RPID != "" {
return
}
switch w.AttestationType {
switch d.AttestationType {
case attestationTypeFIDOU2F:
w.RPID = config.RPOrigin
d.RPID = config.RPOrigin
default:
w.RPID = config.RPID
d.RPID = config.RPID
}
}
func (d *WebauthnDevice) LastUsed() *time.Time {
if d.LastUsedAt.Valid {
return &d.LastUsedAt.Time
}
return nil
}
// MarshalYAML marshals this model into YAML.
func (d *WebauthnDevice) MarshalYAML() (any, error) {
o := WebauthnDeviceData{
CreatedAt: d.CreatedAt,
LastUsedAt: d.LastUsed(),
RPID: d.RPID,
Username: d.Username,
Description: d.Description,
KID: d.KID.String(),
PublicKey: base64.StdEncoding.EncodeToString(d.PublicKey),
AttestationType: d.AttestationType,
Transport: d.Transport,
AAGUID: d.AAGUID.UUID.String(),
SignCount: d.SignCount,
CloneWarning: d.CloneWarning,
}
return yaml.Marshal(o)
}
// UnmarshalYAML unmarshalls YAML into this model.
func (d *WebauthnDevice) UnmarshalYAML(value *yaml.Node) (err error) {
o := &WebauthnDeviceData{}
if err = value.Decode(o); err != nil {
return err
}
if d.PublicKey, err = base64.StdEncoding.DecodeString(o.PublicKey); err != nil {
return err
}
var aaguid uuid.UUID
if aaguid, err = uuid.Parse(o.AAGUID); err != nil {
return err
}
if aaguid.ID() != 0 {
d.AAGUID = uuid.NullUUID{Valid: true, UUID: aaguid}
}
var kid []byte
if kid, err = base64.StdEncoding.DecodeString(o.KID); err != nil {
return err
}
d.KID = NewBase64(kid)
d.CreatedAt = o.CreatedAt
d.RPID = o.RPID
d.Username = o.Username
d.Description = o.Description
d.AttestationType = o.AttestationType
d.Transport = o.Transport
d.SignCount = o.SignCount
d.CloneWarning = o.CloneWarning
if o.LastUsedAt != nil {
d.LastUsedAt = sql.NullTime{Valid: true, Time: *o.LastUsedAt}
}
return nil
}
// WebauthnDeviceData represents a Webauthn Device in the database storage.
type WebauthnDeviceData struct {
CreatedAt time.Time `yaml:"created_at"`
LastUsedAt *time.Time `yaml:"last_used_at"`
RPID string `yaml:"rpid"`
Username string `yaml:"username"`
Description string `yaml:"description"`
KID string `yaml:"kid"`
PublicKey string `yaml:"public_key"`
AttestationType string `yaml:"attestation_type"`
Transport string `yaml:"transport"`
AAGUID string `yaml:"aaguid"`
SignCount uint32 `yaml:"sign_count"`
CloneWarning bool `yaml:"clone_warning"`
}
// WebauthnDeviceExport represents a WebauthnDevice export file.
type WebauthnDeviceExport struct {
WebauthnDevices []WebauthnDevice `yaml:"webauthn_devices"`
}

65
internal/suites/suite_cli_test.go
View File

@ -5,6 +5,7 @@ import (
"context"
"fmt"
"os"
"path/filepath"
"regexp"
"strconv"
"testing"
@ -929,13 +930,17 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
fileInfo os.FileInfo
)
dir := s.T().TempDir()
qr := filepath.Join(dir, "qr.png")
for _, testCase := range testCases {
if testCase.png {
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", testCase.config.Username, "--period", strconv.Itoa(int(testCase.config.Period)), "--algorithm", testCase.config.Algorithm, "--digits", strconv.Itoa(int(testCase.config.Digits)), "--path=/tmp/qr.png", "--config=/config/configuration.storage.yml"})
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", testCase.config.Username, "--period", strconv.Itoa(int(testCase.config.Period)), "--algorithm", testCase.config.Algorithm, "--digits", strconv.Itoa(int(testCase.config.Digits)), "--path", qr, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
s.Assert().Contains(output, " and saved it as a PNG image at the path '/tmp/qr.png'")
s.Assert().Contains(output, fmt.Sprintf(" and saved it as a PNG image at the path '%s'", qr))
fileInfo, err = os.Stat("/tmp/qr.png")
fileInfo, err = os.Stat(qr)
s.Assert().NoError(err)
s.Require().NotNil(fileInfo)
s.Assert().False(fileInfo.IsDir())
@ -954,30 +959,41 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
expectedLines = append(expectedLines, config.URI())
}
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--format=uri", "--config=/config/configuration.storage.yml"})
yml := filepath.Join(dir, "authelia.export.totp.yaml")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--file", yml, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configurations as YAML to the '%s' file\n", len(expectedLines), yml))
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "uri", "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
for _, expectedLine := range expectedLines {
s.Assert().Contains(output, expectedLine)
}
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--format=csv", "--config=/config/configuration.storage.yml"})
csv := filepath.Join(dir, "authelia.export.totp.csv")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "csv", "--file", csv, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configurations as CSV to the '%s' file\n", len(expectedLines), csv))
var data []byte
data, err = os.ReadFile(csv)
s.Assert().NoError(err)
content := string(data)
for _, expectedLine := range expectedLinesCSV {
s.Assert().Contains(output, expectedLine)
s.Assert().Contains(content, expectedLine)
}
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--format=wrong", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: format must be csv, uri, or png")
pngs := filepath.Join(dir, "png-qr-codes")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "--format=png", "--dir=/tmp/qr", "--config=/config/configuration.storage.yml"})
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "export", "png", "--directory", pngs, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
s.Assert().Contains(output, "Exported TOTP QR codes in PNG format in the '/tmp/qr' directory")
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d TOTP configuration as QR codes in PNG format to the '%s' directory\n", len(expectedLines), pngs))
for _, testCase := range testCases {
fileInfo, err = os.Stat(fmt.Sprintf("/tmp/qr/%s.png", testCase.config.Username))
fileInfo, err = os.Stat(filepath.Join(pngs, fmt.Sprintf("%s.png", testCase.config.Username)))
s.Assert().NoError(err)
s.Require().NotNil(fileInfo)
@ -986,13 +1002,13 @@ func (s *CLISuite) TestStorage03ShouldExportTOTP() {
s.Assert().Greater(fileInfo.Size(), int64(1000))
}
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", "test", "--period=30", "--algorithm=SHA1", "--digits=6", "--path=/tmp/qr.png", "--config=/config/configuration.storage.yml"})
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "totp", "generate", "test", "--period=30", "--algorithm=SHA1", "--digits=6", "--path", qr, "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: image output filepath already exists")
}
func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
_ = os.Mkdir("/tmp/out", 0777)
dir := s.T().TempDir()
output, err := s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=out.yml", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1")
@ -1014,13 +1030,14 @@ func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: error occurred writing to file 'out.yml': open out.yml: permission denied")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=/tmp/out/1.yml", "--config=/config/configuration.storage.yml"})
out1 := filepath.Join(dir, "1.yml")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file", out1, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
s.Assert().Contains(output, "Exported 1 User Opaque Identifiers to /tmp/out/1.yml")
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d User Opaque Identifiers as YAML to the '%s' file\n", 1, out1))
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=/tmp/out/1.yml", "--config=/config/configuration.storage.yml"})
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file", out1, "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: must specify a file that doesn't exist but '/tmp/out/1.yml' exists")
s.Assert().Contains(output, fmt.Sprintf("Error: must specify a file that doesn't exist but '%s' exists", out1))
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "add", "john", "--service=openid", "--sector=''", "--identifier=1097c8f8-83f2-4506-8138-5f40e83a1285", "--config=/config/configuration.storage.yml"})
s.Assert().EqualError(err, "exit status 1")
@ -1046,7 +1063,7 @@ func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
s.Assert().EqualError(err, "exit status 1")
s.Assert().Contains(output, "Error: the identifier provided 'asdmklasdm' is invalid as it must be a version 4 UUID but parsing it had an error: invalid UUID length: 10")
data, err := os.ReadFile("/tmp/out/1.yml")
data, err := os.ReadFile(out1)
s.Assert().NoError(err)
var export model.UserOpaqueIdentifiersExport
@ -1055,32 +1072,30 @@ func (s *CLISuite) TestStorage04ShouldManageUniqueID() {
s.Require().Len(export.Identifiers, 1)
s.Assert().Equal(1, export.Identifiers[0].ID)
s.Assert().Equal("1097c8f8-83f2-4506-8138-5f40e83a1285", export.Identifiers[0].Identifier.String())
s.Assert().Equal("john", export.Identifiers[0].Username)
s.Assert().Equal("", export.Identifiers[0].SectorID)
s.Assert().Equal("openid", export.Identifiers[0].Service)
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file=/tmp/out/2.yml", "--config=/config/configuration.storage.yml"})
out2 := filepath.Join(dir, "2.yml")
output, err = s.Exec("authelia-backend", []string{"authelia", s.testArg, s.coverageArg, "storage", "user", "identifiers", "export", "--file", out2, "--config=/config/configuration.storage.yml"})
s.Assert().NoError(err)
s.Assert().Contains(output, "Exported 2 User Opaque Identifiers to /tmp/out/2.yml")
s.Assert().Contains(output, fmt.Sprintf("Successfully exported %d User Opaque Identifiers as YAML to the '%s' file\n", 2, out2))
export = model.UserOpaqueIdentifiersExport{}
data, err = os.ReadFile("/tmp/out/2.yml")
data, err = os.ReadFile(out2)
s.Assert().NoError(err)
s.Assert().NoError(yaml.Unmarshal(data, &export))
s.Require().Len(export.Identifiers, 2)
s.Assert().Equal(1, export.Identifiers[0].ID)
s.Assert().Equal("1097c8f8-83f2-4506-8138-5f40e83a1285", export.Identifiers[0].Identifier.String())
s.Assert().Equal("john", export.Identifiers[0].Username)
s.Assert().Equal("", export.Identifiers[0].SectorID)
s.Assert().Equal("openid", export.Identifiers[0].Service)
s.Assert().Equal(2, export.Identifiers[1].ID)
s.Assert().Equal("b0e17f48-933c-4cba-8509-ee9bfadf8ce5", export.Identifiers[1].Identifier.String())
s.Assert().Equal("john", export.Identifiers[1].Username)
s.Assert().Equal("openidconnect.net", export.Identifiers[1].SectorID)