From 26927d5b7bda7d2892e460fdb2867b6bcd55c8ad Mon Sep 17 00:00:00 2001
From: Russ Allbery <eagle@eyrie.org>
Date: Fri, 11 Jul 2014 17:19:59 -0700
Subject: Add new object type for Duo integrations

A new object type, duo (Wallet::Object::Duo), is now supported.  This
creates an integration with the Duo Security cloud multifactor
authentication service and allows retrieval of the integration key,
secret key, and admin hostname.  Currently, only UNIX integration
types are supported.  The Net::Duo Perl module is required to use this
object type.  New configuration settings are required as well; see
Wallet::Config for more information.  To enable this object type for
an existing wallet database, use wallet-admin to register the new
object.

Change-Id: I2c0dac75e81f526b34d6b509c4bdaecb43dd4a9d
Reviewed-on: https://gerrit.stanford.edu/1516
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
---
 perl/Wallet/Schema.pm | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'perl/Wallet/Schema.pm')

diff --git a/perl/Wallet/Schema.pm b/perl/Wallet/Schema.pm
index 2176cab..74b4c99 100644
--- a/perl/Wallet/Schema.pm
+++ b/perl/Wallet/Schema.pm
@@ -18,7 +18,7 @@ use base 'DBIx::Class::Schema';
 # This version should be increased on any code change to this module.  Always
 # use two digits for the minor version with a leading zero if necessary so
 # that it will sort properly.
-our $VERSION = '0.08';
+our $VERSION = '0.09';
 
 __PACKAGE__->load_namespaces;
 __PACKAGE__->load_components (qw/Schema::Versioned/);
@@ -272,6 +272,21 @@ oh_by stores the authenticated identity that made the change, oh_from
 stores the host from which they made the change, and oh_on stores the time
 the change was made.
 
+=head2 Duo Backend Data
+
+Duo integration objects store some additional metadata about the
+integration to aid in synchronization with Duo.
+
+  create table duo
+     (du_name             varchar(255)
+          not null references objects(ob_name),
+      du_key              varchar(255) not null);
+  create index du_key on duo (du_key);
+
+du_key holds the Duo integration key, which is the unique name of the
+integration within Duo.  Additional data may be added later to represent
+the other possible settings within Duo.
+
 =head2 Keytab Backend Data
 
 The keytab backend has stub support for synchronizing keys with an
-- 
cgit v1.2.3