From 7f08bddfe1b063fa1b02713f349dc06fcf25baea Mon Sep 17 00:00:00 2001
From: Will Norris <will@tailscale.com>
Date: Tue, 10 Oct 2023 14:38:35 -0700
Subject: [PATCH] tailcfg: add type for web client auth response

This will be returned from the upcoming control endpoints for doing web
client session authentication.

Updates tailscale/corp#14335

Signed-off-by: Will Norris <will@tailscale.com>
---
 tailcfg/tailcfg.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/tailcfg/tailcfg.go b/tailcfg/tailcfg.go
index 999fabe3c..2dcf8ab88 100644
--- a/tailcfg/tailcfg.go
+++ b/tailcfg/tailcfg.go
@@ -2436,6 +2436,22 @@ type QueryFeatureResponse struct {
 	ShouldWait bool `json:",omitempty"`
 }
 
+// WebClientAuthResponse is the response to a web client authentication request
+// sent to "/machine/webclient/action" or "/machine/webclient/wait".
+// See client/web for usage.
+type WebClientAuthResponse struct {
+	// Message, if non-empty, provides a message for the user.
+	Message string `json:",omitempty"`
+
+	// Complete is true when the session authentication has been completed.
+	Complete bool `json:",omitempty"`
+
+	// URL is the link for the user to visit to authenticate the session.
+	//
+	// When empty, there is no action for the user to take.
+	URL string `json:",omitempty"`
+}
+
 // OverTLSPublicKeyResponse is the JSON response to /key?v=<n>
 // over HTTPS (regular TLS) to the Tailscale control plane server,
 // where the 'v' argument is the client's current capability version