mirror of
https://github.com/rocky-linux/peridot.git
synced 2025-01-12 11:58:56 +00:00
110 lines
2.4 KiB
Protocol Buffer
110 lines
2.4 KiB
Protocol Buffer
|
syntax = "proto3";
|
||
|
|
||
|
package resf.obsidian.v1;
|
||
|
|
||
|
import "google/api/annotations.proto";
|
||
|
import "validate/validate.proto";
|
||
|
|
||
|
option go_package = "peridot.resf.org/obsidian/pb;obsidianpb";
|
||
|
|
||
|
// ObsidianService is a Hydra-based authentication and authorization service.
|
||
|
// todo(mustafa): Currently only supports Social/OAuth2 sign-in
|
||
|
service ObsidianService {
|
||
|
rpc SessionStatus (SessionStatusRequest) returns (SessionStatusResponse) {
|
||
|
option (google.api.http) = {
|
||
|
post: "/v1/users/sessions:status"
|
||
|
body: "*"
|
||
|
};
|
||
|
}
|
||
|
|
||
|
rpc ConsentDecision (ConsentDecisionRequest) returns (ConsentDecisionResponse) {
|
||
|
option (google.api.http) = {
|
||
|
post: "/v1/users:consent"
|
||
|
body: "*"
|
||
|
};
|
||
|
}
|
||
|
|
||
|
rpc GetOAuth2Providers (GetOAuth2ProvidersRequest) returns (GetOAuth2ProvidersResponse) {
|
||
|
option (google.api.http) = {
|
||
|
get: "/v1/oauth2/providers"
|
||
|
};
|
||
|
}
|
||
|
|
||
|
rpc InitiateOAuth2Session (InitiateOAuth2SessionRequest) returns (InitiateOAuth2SessionResponse) {
|
||
|
option (google.api.http) = {
|
||
|
get: "/v1/oauth2/initiate_session"
|
||
|
};
|
||
|
}
|
||
|
|
||
|
rpc ConfirmOAuth2Session (ConfirmOAuth2SessionRequest) returns (ConfirmOAuth2SessionResponse) {
|
||
|
option (google.api.http) = {
|
||
|
get: "/v1/oauth2/providers/{provider_id=*}/callback"
|
||
|
};
|
||
|
}
|
||
|
|
||
|
rpc LogoutDecision (LogoutDecisionRequest) returns (LogoutDecisionResponse) {
|
||
|
option (google.api.http) = {
|
||
|
post: "/v1/users:logout"
|
||
|
body: "*"
|
||
|
};
|
||
|
}
|
||
|
}
|
||
|
|
||
|
message OAuth2Provider {
|
||
|
string id = 1;
|
||
|
string name = 2;
|
||
|
string provider = 3;
|
||
|
}
|
||
|
|
||
|
message ConsentDecisionRequest {
|
||
|
string challenge = 1;
|
||
|
bool allow = 2;
|
||
|
}
|
||
|
|
||
|
message ConsentDecisionResponse {
|
||
|
string redirect_url = 1;
|
||
|
}
|
||
|
|
||
|
message GetOAuth2ProvidersRequest {}
|
||
|
|
||
|
message GetOAuth2ProvidersResponse {
|
||
|
repeated OAuth2Provider providers = 1;
|
||
|
}
|
||
|
|
||
|
message InitiateOAuth2SessionRequest {
|
||
|
string challenge = 1;
|
||
|
string provider_id = 2;
|
||
|
}
|
||
|
|
||
|
message InitiateOAuth2SessionResponse {}
|
||
|
|
||
|
message ConfirmOAuth2SessionRequest {
|
||
|
string provider_id = 1;
|
||
|
string code = 2;
|
||
|
string scope = 3;
|
||
|
string state = 4;
|
||
|
}
|
||
|
|
||
|
message ConfirmOAuth2SessionResponse {}
|
||
|
|
||
|
message SessionStatusRequest {
|
||
|
string challenge = 1;
|
||
|
string check_type = 2;
|
||
|
}
|
||
|
|
||
|
message SessionStatusResponse {
|
||
|
bool valid = 1;
|
||
|
string redirect_url = 2;
|
||
|
string client_name = 3;
|
||
|
repeated string scopes = 4;
|
||
|
}
|
||
|
|
||
|
message LogoutDecisionRequest {
|
||
|
string challenge = 1;
|
||
|
bool accept = 2;
|
||
|
}
|
||
|
|
||
|
message LogoutDecisionResponse {
|
||
|
string redirect_url = 1;
|
||
|
}
|