mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-15 12:27:59 +00:00
f939eab133
* fix: logs * Update Dockerfile * Fallback to old Docker file * fix: for loop * fix: for loop * fix: for loop * fix: remove logs * fix: remove logs Co-authored-by: Florian Forster <florian@caos.ch>
850 lines
22 KiB
Protocol Buffer
850 lines
22 KiB
Protocol Buffer
|
|
syntax = "proto3";
|
|
|
|
import "google/api/annotations.proto";
|
|
import "google/protobuf/empty.proto";
|
|
import "google/protobuf/timestamp.proto";
|
|
import "google/protobuf/struct.proto";
|
|
import "validate/validate.proto";
|
|
import "protoc-gen-swagger/options/annotations.proto";
|
|
import "authoption/options.proto";
|
|
|
|
package caos.zitadel.admin.api.v1;
|
|
|
|
option go_package ="github.com/caos/zitadel/pkg/grpc/admin";
|
|
|
|
option (grpc.gateway.protoc_gen_swagger.options.openapiv2_swagger) = {
|
|
info: {
|
|
title: "admin service";
|
|
version: "0.1";
|
|
contact:{
|
|
url: "https://github.com/caos/zitadel/pkg/admin"
|
|
};
|
|
};
|
|
|
|
schemes: HTTPS;
|
|
|
|
consumes: "application/json";
|
|
consumes: "application/grpc";
|
|
|
|
produces: "application/json";
|
|
produces: "application/grpc";
|
|
};
|
|
|
|
service AdminService {
|
|
// ---------
|
|
// Probes
|
|
// ---------
|
|
|
|
// Healthz returns status OK as soon as the service started
|
|
rpc Healthz(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
get: "/healthz"
|
|
};
|
|
}
|
|
|
|
// Ready returns status OK as soon as all dependent services are available
|
|
rpc Ready(google.protobuf.Empty) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
get: "/ready"
|
|
};
|
|
}
|
|
|
|
rpc Validate(google.protobuf.Empty) returns (google.protobuf.Struct) {
|
|
option (google.api.http) = {
|
|
get: "/validate"
|
|
};
|
|
}
|
|
|
|
//ORG
|
|
rpc IsOrgUnique(UniqueOrgRequest) returns (UniqueOrgResponse) {
|
|
option (google.api.http) = {
|
|
get: "/orgs/_isunique"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.read"
|
|
};
|
|
}
|
|
|
|
rpc GetOrgByID(OrgID) returns (Org) {
|
|
option (google.api.http) = {
|
|
get: "/orgs/{id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.read"
|
|
};
|
|
}
|
|
|
|
rpc SearchOrgs(OrgSearchRequest) returns (OrgSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/orgs/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.read"
|
|
};
|
|
}
|
|
|
|
rpc SetUpOrg(OrgSetUpRequest) returns (OrgSetUpResponse) {
|
|
option (google.api.http) = {
|
|
post: "/orgs/_setup"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.write"
|
|
};
|
|
}
|
|
|
|
//ORG_IAM_POLICY
|
|
rpc GetOrgIamPolicy(OrgIamPolicyID) returns (OrgIamPolicy) {
|
|
option (google.api.http) = {
|
|
get: "/orgs/{org_id}/iampolicy"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.read"
|
|
};
|
|
}
|
|
|
|
rpc CreateOrgIamPolicy(OrgIamPolicyRequest) returns (OrgIamPolicy) {
|
|
option (google.api.http) = {
|
|
post: "/orgs/{org_id}/iampolicy"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.write"
|
|
};
|
|
}
|
|
|
|
rpc UpdateOrgIamPolicy(OrgIamPolicyRequest) returns (OrgIamPolicy) {
|
|
option (google.api.http) = {
|
|
put: "/orgs/{org_id}/iampolicy"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.write"
|
|
};
|
|
}
|
|
|
|
rpc DeleteOrgIamPolicy(OrgIamPolicyID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/orgs/{org_id}/iampolicy"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.delete"
|
|
};
|
|
}
|
|
|
|
rpc GetIamMemberRoles(google.protobuf.Empty) returns (IamMemberRoles) {
|
|
option (google.api.http) = {
|
|
get: "/members/roles"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.member.read"
|
|
};
|
|
}
|
|
|
|
rpc AddIamMember(AddIamMemberRequest) returns (IamMember) {
|
|
option (google.api.http) = {
|
|
post: "/members"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.member.write"
|
|
};
|
|
}
|
|
|
|
rpc ChangeIamMember(ChangeIamMemberRequest) returns (IamMember) {
|
|
option (google.api.http) = {
|
|
put: "/members/{user_id}"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.member.write"
|
|
};
|
|
}
|
|
|
|
rpc RemoveIamMember(RemoveIamMemberRequest) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/members/{user_id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.member.delete"
|
|
};
|
|
}
|
|
|
|
rpc SearchIamMembers(IamMemberSearchRequest) returns (IamMemberSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/members/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.member.read"
|
|
};
|
|
}
|
|
|
|
rpc GetViews(google.protobuf.Empty) returns (Views) {
|
|
option (google.api.http) = {
|
|
get: "/views"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.read"
|
|
};
|
|
}
|
|
|
|
rpc ClearView(ViewID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
post: "/views/{database}/{view_name}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.write"
|
|
};
|
|
}
|
|
|
|
rpc GetFailedEvents(google.protobuf.Empty) returns (FailedEvents) {
|
|
option (google.api.http) = {
|
|
get: "/failedevents"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.read"
|
|
};
|
|
}
|
|
|
|
rpc RemoveFailedEvent(FailedEventID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/failedevents/{database}/{view_name}/{failed_sequence}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.write"
|
|
};
|
|
}
|
|
|
|
rpc IdpByID(IdpID) returns (IdpView) {
|
|
option (google.api.http) = {
|
|
get: "/idps/{id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.read"
|
|
};
|
|
}
|
|
|
|
rpc CreateOidcIdp(OidcIdpConfigCreate) returns (Idp) {
|
|
option (google.api.http) = {
|
|
post: "/idps/oidc"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.write"
|
|
};
|
|
}
|
|
|
|
rpc UpdateIdpConfig(IdpUpdate) returns (Idp) {
|
|
option (google.api.http) = {
|
|
put: "/idps/{id}"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.write"
|
|
};
|
|
}
|
|
|
|
rpc DeactivateIdpConfig(IdpID) returns (Idp) {
|
|
option (google.api.http) = {
|
|
put: "/idps/{id}/_deactivate"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.write"
|
|
};
|
|
}
|
|
|
|
rpc ReactivateIdpConfig(IdpID) returns (Idp) {
|
|
option (google.api.http) = {
|
|
put: "/idps/{id}/_reactivate"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.write"
|
|
};
|
|
}
|
|
|
|
rpc RemoveIdpConfig(IdpID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/idps/{id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.write"
|
|
};
|
|
}
|
|
|
|
rpc UpdateOidcIdpConfig(OidcIdpConfigUpdate) returns (OidcIdpConfig) {
|
|
option (google.api.http) = {
|
|
put: "/idps/{idp_id}/oidcconfig"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.write"
|
|
};
|
|
}
|
|
|
|
rpc SearchIdps(IdpSearchRequest) returns (IdpSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/idps/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.idp.read"
|
|
};
|
|
}
|
|
|
|
rpc GetDefaultLoginPolicy(google.protobuf.Empty) returns (DefaultLoginPolicyView) {
|
|
option (google.api.http) = {
|
|
get: "/policies/login"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.read"
|
|
};
|
|
}
|
|
|
|
rpc UpdateDefaultLoginPolicy(DefaultLoginPolicy) returns (DefaultLoginPolicy) {
|
|
option (google.api.http) = {
|
|
put: "/policies/login"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.write"
|
|
};
|
|
}
|
|
|
|
rpc GetDefaultLoginPolicyIdpProviders(IdpProviderSearchRequest) returns (IdpProviderSearchResponse) {
|
|
option (google.api.http) = {
|
|
post: "/policies/login/idpproviders/_search"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.read"
|
|
};
|
|
}
|
|
|
|
rpc AddIdpProviderToDefaultLoginPolicy(IdpProviderID) returns (IdpProviderID) {
|
|
option (google.api.http) = {
|
|
post: "/policies/login/idpproviders"
|
|
body: "*"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.write"
|
|
};
|
|
}
|
|
|
|
rpc RemoveIdpProviderFromDefaultLoginPolicy(IdpProviderID) returns (google.protobuf.Empty) {
|
|
option (google.api.http) = {
|
|
delete: "/policies/login/idpproviders/{idp_config_id}"
|
|
};
|
|
|
|
option (caos.zitadel.utils.v1.auth_option) = {
|
|
permission: "iam.policy.write"
|
|
};
|
|
}
|
|
}
|
|
|
|
message OrgID {
|
|
string id = 1 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message UniqueOrgRequest {
|
|
string name = 1 [(validate.rules).string.min_len = 1];
|
|
string domain = 2 [(validate.rules).string.min_len = 1];
|
|
}
|
|
|
|
message UniqueOrgResponse {
|
|
bool is_unique = 1;
|
|
}
|
|
|
|
message Org {
|
|
string id = 1;
|
|
OrgState state = 2;
|
|
google.protobuf.Timestamp creation_date = 3;
|
|
google.protobuf.Timestamp change_date = 4;
|
|
string name = 5;
|
|
string domain = 6;
|
|
}
|
|
|
|
enum OrgState {
|
|
ORGSTATE_UNSPECIFIED = 0;
|
|
ORGSTATE_ACTIVE = 1;
|
|
ORGSTATE_INACTIVE = 2;
|
|
}
|
|
|
|
message OrgSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
OrgSearchKey sorting_column = 3 [(validate.rules).enum = {not_in: [0]}];;
|
|
bool asc = 4;
|
|
repeated OrgSearchQuery queries = 5;
|
|
}
|
|
|
|
message OrgSearchQuery {
|
|
OrgSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];;
|
|
OrgSearchMethod method = 2;
|
|
string value = 3;
|
|
}
|
|
|
|
enum OrgSearchKey {
|
|
ORGSEARCHKEY_UNSPECIFIED = 0;
|
|
ORGSEARCHKEY_NAME = 1;
|
|
ORGSEARCHKEY_DOMAIN = 2;
|
|
ORGSEARCHKEY_STATE = 3;
|
|
}
|
|
|
|
message OrgSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated Org result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
enum OrgSearchMethod {
|
|
ORGSEARCHMETHOD_EQUALS = 0;
|
|
ORGSEARCHMETHOD_STARTS_WITH = 1;
|
|
ORGSEARCHMETHOD_CONTAINS = 2;
|
|
}
|
|
|
|
message OrgSetUpRequest {
|
|
CreateOrgRequest org = 1 [(validate.rules).message.required = true];
|
|
CreateUserRequest user = 2 [(validate.rules).message.required = true];
|
|
}
|
|
|
|
message OrgSetUpResponse {
|
|
Org org = 1;
|
|
UserResponse user = 2;
|
|
}
|
|
|
|
message CreateUserRequest {
|
|
string user_name = 1 [(validate.rules).string.pattern = "^[^[:space:]]{1,200}$"];
|
|
|
|
oneof user {
|
|
option (validate.required) = true;
|
|
|
|
CreateHumanRequest human = 2;
|
|
CreateMachineRequest machine = 3;
|
|
}
|
|
}
|
|
|
|
message CreateHumanRequest {
|
|
string first_name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string last_name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string nick_name = 3 [(validate.rules).string = {max_len: 200}];
|
|
string preferred_language = 4 [(validate.rules).string = {max_len: 200}];
|
|
Gender gender = 5;
|
|
string email = 6 [(validate.rules).string = {min_len: 1, max_len: 200, email: true}];
|
|
bool is_email_verified = 7;
|
|
string phone = 8 [(validate.rules).string = {max_len: 20}];
|
|
bool is_phone_verified = 9;
|
|
string country = 10 [(validate.rules).string = {max_len: 200}];
|
|
string locality = 11 [(validate.rules).string = {max_len: 200}];
|
|
string postal_code = 12 [(validate.rules).string = {max_len: 200}];
|
|
string region = 13 [(validate.rules).string = {max_len: 200}];
|
|
string street_address = 14 [(validate.rules).string = {max_len: 200}];
|
|
string password = 15 [(validate.rules).string = {max_len: 72}];
|
|
}
|
|
|
|
message CreateMachineRequest {
|
|
string name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string description = 2 [(validate.rules).string = {max_len: 500}];
|
|
}
|
|
|
|
message UserResponse {
|
|
string id = 1;
|
|
UserState state = 2;
|
|
google.protobuf.Timestamp creation_date = 3;
|
|
google.protobuf.Timestamp change_date = 4;
|
|
uint64 sequence = 5;
|
|
string user_name = 6;
|
|
|
|
oneof user {
|
|
option (validate.required) = true;
|
|
|
|
HumanResponse human = 7;
|
|
MachineResponse machine = 8;
|
|
}
|
|
}
|
|
|
|
enum UserState {
|
|
USERSTATE_UNSPECIFIED = 0;
|
|
USERSTATE_ACTIVE = 1;
|
|
USERSTATE_INACTIVE = 2;
|
|
USERSTATE_DELETED = 3;
|
|
USERSTATE_LOCKED = 4;
|
|
USERSTATE_SUSPEND = 5;
|
|
USERSTATE_INITIAL= 6;
|
|
}
|
|
|
|
enum Gender {
|
|
GENDER_UNSPECIFIED = 0;
|
|
GENDER_FEMALE = 1;
|
|
GENDER_MALE = 2;
|
|
GENDER_DIVERSE = 3;
|
|
}
|
|
|
|
message HumanResponse {
|
|
string first_name = 1;
|
|
string last_name = 2;
|
|
string display_name = 3;
|
|
string nick_name = 4;
|
|
string preferred_language = 5;
|
|
Gender gender = 6;
|
|
string email = 7;
|
|
bool is_email_verified = 8;
|
|
string phone = 9;
|
|
bool is_phone_verified = 10;
|
|
string country = 11;
|
|
string locality = 12;
|
|
string postal_code = 13;
|
|
string region = 14;
|
|
string street_address = 15;
|
|
}
|
|
|
|
message MachineResponse {
|
|
string name = 1;
|
|
string description = 2;
|
|
repeated MachineKeyResponse keys = 3;
|
|
}
|
|
|
|
message MachineKeyResponse {
|
|
string id = 1;
|
|
MachineKeyType type = 2;
|
|
uint64 sequence = 3;
|
|
|
|
google.protobuf.Timestamp creation_date = 4;
|
|
google.protobuf.Timestamp expiration_date = 5;
|
|
}
|
|
|
|
enum MachineKeyType {
|
|
MACHINEKEY_UNSPECIFIED = 0;
|
|
MACHINEKEY_JSON = 1;
|
|
}
|
|
|
|
message CreateOrgRequest {
|
|
string name = 1 [(validate.rules).string.min_len = 1];
|
|
string domain = 2;
|
|
}
|
|
|
|
message OrgIamPolicy {
|
|
string org_id = 1;
|
|
string description = 2;
|
|
bool user_login_must_be_domain = 3;
|
|
bool default = 4;
|
|
uint64 sequence = 5;
|
|
google.protobuf.Timestamp creation_date = 6;
|
|
google.protobuf.Timestamp change_date = 7;
|
|
}
|
|
|
|
message OrgIamPolicyRequest {
|
|
string org_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
string description = 2;
|
|
bool user_login_must_be_domain = 3;
|
|
}
|
|
|
|
message OrgIamPolicyID {
|
|
string org_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message IamMemberRoles {
|
|
repeated string roles = 1;
|
|
}
|
|
|
|
message IamMember {
|
|
string user_id = 1;
|
|
repeated string roles = 2;
|
|
google.protobuf.Timestamp change_date = 3;
|
|
google.protobuf.Timestamp creation_date = 4;
|
|
uint64 sequence = 5;
|
|
}
|
|
|
|
message AddIamMemberRequest {
|
|
string user_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
repeated string roles = 2;
|
|
}
|
|
|
|
message ChangeIamMemberRequest {
|
|
string user_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
repeated string roles = 2;
|
|
}
|
|
|
|
message RemoveIamMemberRequest {
|
|
string user_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message IamMemberSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated IamMemberView result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
message IamMemberView {
|
|
string user_id = 1;
|
|
repeated string roles = 2;
|
|
google.protobuf.Timestamp change_date = 3;
|
|
google.protobuf.Timestamp creation_date = 4;
|
|
uint64 sequence = 5;
|
|
string user_name = 6;
|
|
string email = 7;
|
|
string first_name = 8;
|
|
string last_name = 9;
|
|
string display_name = 10;
|
|
}
|
|
|
|
message IamMemberSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
repeated IamMemberSearchQuery queries = 3;
|
|
}
|
|
|
|
message IamMemberSearchQuery {
|
|
IamMemberSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
|
|
SearchMethod method = 2;
|
|
string value = 3;
|
|
}
|
|
|
|
enum IamMemberSearchKey {
|
|
IAMMEMBERSEARCHKEY_UNSPECIFIED = 0;
|
|
IAMMEMBERSEARCHKEY_FIRST_NAME = 1;
|
|
IAMMEMBERSEARCHKEY_LAST_NAME = 2;
|
|
IAMMEMBERSEARCHKEY_EMAIL = 3;
|
|
IAMMEMBERSEARCHKEY_USER_ID = 4;
|
|
}
|
|
|
|
enum SearchMethod {
|
|
SEARCHMETHOD_EQUALS = 0;
|
|
SEARCHMETHOD_STARTS_WITH = 1;
|
|
SEARCHMETHOD_CONTAINS = 2;
|
|
SEARCHMETHOD_EQUALS_IGNORE_CASE = 3;
|
|
SEARCHMETHOD_STARTS_WITH_IGNORE_CASE = 4;
|
|
SEARCHMETHOD_CONTAINS_IGNORE_CASE = 5;
|
|
SEARCHMETHOD_NOT_EQUALS = 6;
|
|
SEARCHMETHOD_GREATER_THAN = 7;
|
|
SEARCHMETHOD_LESS_THAN = 8;
|
|
SEARCHMETHOD_IS_ONE_OF = 9;
|
|
SEARCHMETHOD_LIST_CONTAINS = 10;
|
|
}
|
|
|
|
message FailedEventID {
|
|
string database = 1 [(validate.rules).string = {min_len: 1}];
|
|
string view_name = 2 [(validate.rules).string = {min_len: 1}];
|
|
uint64 failed_sequence = 3;
|
|
}
|
|
|
|
message FailedEvents {
|
|
repeated FailedEvent failed_events = 1;
|
|
}
|
|
|
|
message FailedEvent {
|
|
string database = 1;
|
|
string view_name = 2;
|
|
uint64 failed_sequence = 3;
|
|
uint64 failure_count = 4;
|
|
string error_message = 5;
|
|
}
|
|
|
|
message ViewID {
|
|
string database = 1 [(validate.rules).string = {min_len: 1}];
|
|
string view_name = 2 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message Views {
|
|
repeated View views = 1;
|
|
}
|
|
|
|
message View {
|
|
string database = 1;
|
|
string view_name = 2;
|
|
uint64 processed_sequence = 3;
|
|
google.protobuf.Timestamp view_timestamp = 4;
|
|
}
|
|
|
|
message IdpID {
|
|
string id = 1 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message Idp {
|
|
string id = 1;
|
|
IdpState state = 2;
|
|
google.protobuf.Timestamp creation_date = 3;
|
|
google.protobuf.Timestamp change_date = 4;
|
|
string name = 5;
|
|
bytes logo_src = 6;
|
|
oneof idp_config {
|
|
OidcIdpConfig oidc_config = 7;
|
|
}
|
|
uint64 sequence = 8;
|
|
}
|
|
|
|
message IdpUpdate {
|
|
string id = 1 [(validate.rules).string = {min_len: 1}];
|
|
string name = 2;
|
|
bytes logo_src = 3;
|
|
}
|
|
|
|
message OidcIdpConfig {
|
|
string client_id = 1;
|
|
string client_secret = 2;
|
|
string issuer = 3;
|
|
repeated string scopes = 4;
|
|
}
|
|
|
|
enum IdpState {
|
|
IDPCONFIGSTATE_UNSPECIFIED = 0;
|
|
IDPCONFIGSTATE_ACTIVE = 1;
|
|
IDPCONFIGSTATE_INACTIVE = 2;
|
|
}
|
|
|
|
enum OIDCMappingField {
|
|
OIDCMAPPINGFIELD_UNSPECIFIED = 0;
|
|
OIDCMAPPINGFIELD_PREFERRED_USERNAME = 1;
|
|
OIDCMAPPINGFIELD_EMAIL = 2;
|
|
}
|
|
|
|
message OidcIdpConfigCreate {
|
|
string name = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
bytes logo_src = 2;
|
|
string client_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string client_secret = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string issuer = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
repeated string scopes = 6;
|
|
OIDCMappingField idp_display_name_mapping = 7;
|
|
OIDCMappingField username_mapping = 8;
|
|
}
|
|
|
|
message OidcIdpConfigUpdate {
|
|
string idp_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
string client_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
string client_secret = 3;
|
|
string issuer = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
|
repeated string scopes = 5;
|
|
OIDCMappingField idp_display_name_mapping = 6;
|
|
OIDCMappingField username_mapping = 7;
|
|
}
|
|
|
|
message IdpSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated IdpView result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
message IdpView {
|
|
string id = 1;
|
|
IdpState state = 2;
|
|
google.protobuf.Timestamp creation_date = 3;
|
|
google.protobuf.Timestamp change_date = 4;
|
|
string name = 5;
|
|
bytes logo_src = 6;
|
|
oneof idp_config_view {
|
|
OidcIdpConfigView oidc_config = 7;
|
|
}
|
|
uint64 sequence = 8;
|
|
}
|
|
|
|
message OidcIdpConfigView {
|
|
string client_id = 1;
|
|
string issuer = 2;
|
|
repeated string scopes = 3;
|
|
OIDCMappingField idp_display_name_mapping = 4;
|
|
OIDCMappingField username_mapping = 5;
|
|
}
|
|
|
|
message IdpSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
repeated IdpSearchQuery queries = 3;
|
|
}
|
|
|
|
message IdpSearchQuery {
|
|
IdpSearchKey key = 1 [(validate.rules).enum = {not_in: [0]}];
|
|
SearchMethod method = 2;
|
|
string value = 3;
|
|
}
|
|
|
|
enum IdpSearchKey {
|
|
IDPSEARCHKEY_UNSPECIFIED = 0;
|
|
IDPSEARCHKEY_IDP_CONFIG_ID = 1;
|
|
IDPSEARCHKEY_NAME = 2;
|
|
}
|
|
|
|
message DefaultLoginPolicy {
|
|
bool allow_username_password = 1;
|
|
bool allow_register = 2;
|
|
bool allow_external_idp = 3;
|
|
}
|
|
|
|
message IdpProviderID {
|
|
string idp_config_id = 1 [(validate.rules).string = {min_len: 1}];
|
|
}
|
|
|
|
message DefaultLoginPolicyView {
|
|
bool allow_username_password = 1;
|
|
bool allow_register = 2;
|
|
bool allow_external_idp = 3;
|
|
}
|
|
|
|
message IdpProviderView {
|
|
string idp_config_id = 1;
|
|
string name = 2;
|
|
IdpType type = 3;
|
|
}
|
|
|
|
enum IdpType {
|
|
IDPTYPE_UNSPECIFIED = 0;
|
|
IDPTYPE_OIDC = 1;
|
|
IDPTYPE_SAML = 2;
|
|
}
|
|
|
|
message IdpProviderSearchResponse {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
uint64 total_result = 3;
|
|
repeated IdpProviderView result = 4;
|
|
uint64 processed_sequence = 5;
|
|
google.protobuf.Timestamp view_timestamp = 6;
|
|
}
|
|
|
|
message IdpProviderSearchRequest {
|
|
uint64 offset = 1;
|
|
uint64 limit = 2;
|
|
}
|