forked from TheThingsNetwork/lorawan-stack
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathidentityserver.proto
More file actions
55 lines (49 loc) · 2.2 KB
/
identityserver.proto
File metadata and controls
55 lines (49 loc) · 2.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
// Copyright © 2019 The Things Network Foundation, The Things Industries B.V.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
import "github.com/envoyproxy/protoc-gen-validate/validate/validate.proto";
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
import "google/api/annotations.proto";
import "google/protobuf/empty.proto";
import "lorawan-stack/api/identifiers.proto";
import "lorawan-stack/api/user.proto";
import "lorawan-stack/api/oauth.proto";
import "lorawan-stack/api/rights.proto";
package ttn.lorawan.v3;
option go_package = "go.thethings.network/lorawan-stack/v3/pkg/ttnpb";
message AuthInfoResponse {
message APIKeyAccess {
APIKey api_key = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false, (validate.rules).message.required = true];
EntityIdentifiers entity_ids = 2 [(gogoproto.customname) = "EntityIDs", (gogoproto.nullable) = false, (validate.rules).message.required = true];
}
oneof access_method {
AuthInfoResponse.APIKeyAccess api_key = 1 [(gogoproto.customname) = "APIKey"];
OAuthAccessToken oauth_access_token = 2 [(gogoproto.customname) = "OAuthAccessToken"];
// Warning: A user authorized by session cookie will be granted all
// current and future rights. When using this auth type, the respective
// handlers need to ensure thorough CSRF and CORS protection using
// appropriate middleware.
UserSession user_session = 5;
}
Rights universal_rights = 3;
bool is_admin = 4;
}
service EntityAccess {
// AuthInfo returns information about the authentication that is used on the request.
rpc AuthInfo(google.protobuf.Empty) returns (AuthInfoResponse) {
option (google.api.http) = {
get: "/auth_info"
};
};
}