POST `/mfa/push/deny`

用户通过设备拒绝Push MFA挑战。参考：NIST SP 800-63B §5.1.7 (Verifier Impersonation Resistance)、OWASP ASVS V2.8。

MFA `bearerAuth` application/json

Request Body

Schema: dto.PushDenyRequest

Field	Type	Required	Example	Constraints	Description
`challenge_id`	`string`	Yes	`chal-abc123`
`number_matching`	`string`	Yes	`42`
`device_key`	`string`	No	`hmac-sig`

Responses

Status	Description	Schema
200	拒绝成功	`dto.ValidDetailResponse`
400	参数错误或挑战已过期	`gitee_com_linmes_authms_base_dto.SimpleResponse`
401	未认证	`gitee_com_linmes_authms_base_dto.SimpleResponse`
404	挑战未找到	`gitee_com_linmes_authms_base_dto.SimpleResponse`
500	服务器内部错误	`gitee_com_linmes_authms_base_dto.SimpleResponse`

Referenced Schemas

dto.ValidDetailResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`data`	`dto.ValidResponse`	No
`message`	`string`	No
`timestamp`	`string`	No

dto.ValidResponse

Field	Type	Required	Example	Constraints	Description
`valid`	`boolean`	No	`True`

gitee_com_linmes_authms_base_dto.SimpleResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`message`	`string`	No
`timestamp`	`string`	No

Try this API in Scalar → Download OpenAPI spec (JSON) ↓

↑