Skip to main content

akeyless_api/models/
auth_method_create_cert.rs

1/*
2 * Akeyless API
3 *
4 * The purpose of this application is to provide access to Akeyless API.
5 *
6 * The version of the OpenAPI document: 3.0
7 * Contact: support@akeyless.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// AuthMethodCreateCert : authMethodCreateCert is a command that creates a new auth method that will be able to authenticate using a client certificate
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct AuthMethodCreateCert {
17    /// Access expiration date in Unix timestamp (select 0 for access without expiry date)
18    #[serde(rename = "access-expires", skip_serializing_if = "Option::is_none")]
19    pub access_expires: Option<i64>,
20    /// limit the auth method usage for specific client types [cli,ui,gateway-admin,sdk,mobile,extension]
21    #[serde(rename = "allowed-client-type", skip_serializing_if = "Option::is_none")]
22    pub allowed_client_type: Option<Vec<String>>,
23    /// Comma separated list of allowed CORS domains to be validated as part of the authentication flow.
24    #[serde(rename = "allowed-cors", skip_serializing_if = "Option::is_none")]
25    pub allowed_cors: Option<String>,
26    /// Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\"
27    #[serde(rename = "audit-logs-claims", skip_serializing_if = "Option::is_none")]
28    pub audit_logs_claims: Option<Vec<String>>,
29    /// A list of names. At least one must exist in the Common Name. Supports globbing.
30    #[serde(rename = "bound-common-names", skip_serializing_if = "Option::is_none")]
31    pub bound_common_names: Option<Vec<String>>,
32    /// A list of DNS names. At least one must exist in the SANs. Supports globbing.
33    #[serde(rename = "bound-dns-sans", skip_serializing_if = "Option::is_none")]
34    pub bound_dns_sans: Option<Vec<String>>,
35    /// A list of Email Addresses. At least one must exist in the SANs. Supports globbing.
36    #[serde(rename = "bound-email-sans", skip_serializing_if = "Option::is_none")]
37    pub bound_email_sans: Option<Vec<String>>,
38    /// A list of extensions formatted as \"oid:value\". Expects the extension value to be some type of ASN1 encoded string. All values much match. Supports globbing on \"value\".
39    #[serde(rename = "bound-extensions", skip_serializing_if = "Option::is_none")]
40    pub bound_extensions: Option<Vec<String>>,
41    /// A CIDR whitelist with the IPs that the access is restricted to
42    #[serde(rename = "bound-ips", skip_serializing_if = "Option::is_none")]
43    pub bound_ips: Option<Vec<String>>,
44    /// A list of Organizational Units names. At least one must exist in the OU field.
45    #[serde(rename = "bound-organizational-units", skip_serializing_if = "Option::is_none")]
46    pub bound_organizational_units: Option<Vec<String>>,
47    /// A list of URIs. At least one must exist in the SANs. Supports globbing.
48    #[serde(rename = "bound-uri-sans", skip_serializing_if = "Option::is_none")]
49    pub bound_uri_sans: Option<Vec<String>>,
50    /// The certificate data in base64, if no file was provided
51    #[serde(rename = "certificate-data", skip_serializing_if = "Option::is_none")]
52    pub certificate_data: Option<String>,
53    /// Protection from accidental deletion of this object [true/false]
54    #[serde(rename = "delete_protection", skip_serializing_if = "Option::is_none")]
55    pub delete_protection: Option<String>,
56    /// Auth Method description
57    #[serde(rename = "description", skip_serializing_if = "Option::is_none")]
58    pub description: Option<String>,
59    /// How many days before the expiration of the auth method would you like to be notified.
60    #[serde(rename = "expiration-event-in", skip_serializing_if = "Option::is_none")]
61    pub expiration_event_in: Option<Vec<String>>,
62    /// if true: enforce role-association must include sub claims
63    #[serde(rename = "force-sub-claims", skip_serializing_if = "Option::is_none")]
64    pub force_sub_claims: Option<bool>,
65    /// A CIDR whitelist with the GW IPs that the access is restricted to
66    #[serde(rename = "gw-bound-ips", skip_serializing_if = "Option::is_none")]
67    pub gw_bound_ips: Option<Vec<String>>,
68    /// Set output format to JSON
69    #[serde(rename = "json", skip_serializing_if = "Option::is_none")]
70    pub json: Option<bool>,
71    /// Jwt TTL
72    #[serde(rename = "jwt-ttl", skip_serializing_if = "Option::is_none")]
73    pub jwt_ttl: Option<i64>,
74    /// Auth Method name
75    #[serde(rename = "name")]
76    pub name: String,
77    /// Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]
78    #[serde(rename = "product-type", skip_serializing_if = "Option::is_none")]
79    pub product_type: Option<Vec<String>>,
80    /// Require certificate CRL distribution points (CDP) and enforce CRL validation during authentication.
81    #[serde(rename = "require-crl-dp", skip_serializing_if = "Option::is_none")]
82    pub require_crl_dp: Option<bool>,
83    /// A list of revoked cert ids
84    #[serde(rename = "revoked-cert-ids", skip_serializing_if = "Option::is_none")]
85    pub revoked_cert_ids: Option<Vec<String>>,
86    /// Authentication token (see `/auth` and `/configure`)
87    #[serde(rename = "token", skip_serializing_if = "Option::is_none")]
88    pub token: Option<String>,
89    /// The universal identity token, Required only for universal_identity authentication
90    #[serde(rename = "uid-token", skip_serializing_if = "Option::is_none")]
91    pub uid_token: Option<String>,
92    /// A unique identifier (ID) value should be configured, such as common_name or organizational_unit Whenever a user logs in with a token, these authentication types issue a \"sub claim\" that contains details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization.
93    #[serde(rename = "unique-identifier")]
94    pub unique_identifier: String,
95}
96
97impl AuthMethodCreateCert {
98    /// authMethodCreateCert is a command that creates a new auth method that will be able to authenticate using a client certificate
99    pub fn new(name: String, unique_identifier: String) -> AuthMethodCreateCert {
100        AuthMethodCreateCert {
101            access_expires: None,
102            allowed_client_type: None,
103            allowed_cors: None,
104            audit_logs_claims: None,
105            bound_common_names: None,
106            bound_dns_sans: None,
107            bound_email_sans: None,
108            bound_extensions: None,
109            bound_ips: None,
110            bound_organizational_units: None,
111            bound_uri_sans: None,
112            certificate_data: None,
113            delete_protection: None,
114            description: None,
115            expiration_event_in: None,
116            force_sub_claims: None,
117            gw_bound_ips: None,
118            json: None,
119            jwt_ttl: None,
120            name,
121            product_type: None,
122            require_crl_dp: None,
123            revoked_cert_ids: None,
124            token: None,
125            uid_token: None,
126            unique_identifier,
127        }
128    }
129}
130