diff options
81 files changed, 11072 insertions, 95 deletions
@@ -182,6 +182,27 @@ dependencies = [ ] [[package]] +name = "async-stream" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dad5c83079eae9969be7fadefe640a1c566901f05ff91ab221de4b6f68d9507e" +dependencies = [ + "async-stream-impl", + "futures-core", +] + +[[package]] +name = "async-stream-impl" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10f203db73a71dfa2fb6dd22763990fa26f3d2625a6da2da900d23b87d26be27" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] name = "async-task" version = "4.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -335,7 +356,7 @@ version = "4.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0177313f9f02afc995627906bbd8967e2be069f5261954222dac78290c2b9014" dependencies = [ - "heck", + "heck 0.4.0", "proc-macro-error", "proc-macro2", "quote", @@ -679,6 +700,12 @@ dependencies = [ ] [[package]] +name = "fixedbitset" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" + +[[package]] name = "flume" version = "0.10.14" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -841,6 +868,12 @@ dependencies = [ ] [[package]] +name = "glob" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" + +[[package]] name = "gloo-timers" version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -867,7 +900,7 @@ dependencies = [ "indexmap", "slab", "tokio", - "tokio-util", + "tokio-util 0.7.4", "tracing", ] @@ -891,6 +924,15 @@ dependencies = [ [[package]] name = "heck" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d621efb26863f0e9924c6ac577e8275e5e6b77455db64ffa6c65c904e9e132c" +dependencies = [ + "unicode-segmentation", +] + +[[package]] +name = "heck" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9" @@ -1025,6 +1067,18 @@ dependencies = [ ] [[package]] +name = "hyper-timeout" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbb958482e8c7be4bc3cf272a766a2b0bf1a6755e7a6ae777f017a31d11b13b1" +dependencies = [ + "hyper", + "pin-project-lite", + "tokio", + "tokio-io-timeout", +] + +[[package]] name = "hyper-tls" version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1328,6 +1382,12 @@ dependencies = [ ] [[package]] +name = "multimap" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" + +[[package]] name = "native-tls" version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1508,6 +1568,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] +name = "petgraph" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e6d5014253a1331579ce62aa67443b4a658c5e7dd03d4bc6d302b94474888143" +dependencies = [ + "fixedbitset", + "indexmap", +] + +[[package]] name = "pin-project" version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1599,6 +1669,59 @@ dependencies = [ ] [[package]] +name = "prost" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "444879275cb4fd84958b1a1d5420d15e6fcf7c235fe47f053c9c2a80aceb6001" +dependencies = [ + "bytes", + "prost-derive", +] + +[[package]] +name = "prost-build" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62941722fb675d463659e49c4f3fe1fe792ff24fe5bbaa9c08cd3b98a1c354f5" +dependencies = [ + "bytes", + "heck 0.3.3", + "itertools", + "lazy_static", + "log", + "multimap", + "petgraph", + "prost", + "prost-types", + "regex", + "tempfile", + "which", +] + +[[package]] +name = "prost-derive" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f9cc1a3263e07e0bf68e96268f37665207b49560d98739662cdfaae215c720fe" +dependencies = [ + "anyhow", + "itertools", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "prost-types" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "534b7a0e836e3c482d2693070f982e39e7611da9695d4d1f5a4b186b51faef0a" +dependencies = [ + "bytes", + "prost", +] + +[[package]] name = "quote" version = "1.0.21" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1793,11 +1916,14 @@ dependencies = [ "clap", "derive_more", "email_address", + "glob", "hex", "lazy_static", "lettre", "log", "openssl", + "prost", + "prost-types", "rand", "reqwest", "serde", @@ -1810,6 +1936,8 @@ dependencies = [ "thiserror", "time", "tokio", + "tonic", + "tonic-build", "url", "uuid", ] @@ -2066,7 +2194,7 @@ version = "0.6.2" dependencies = [ "dotenvy", "either", - "heck", + "heck 0.4.0", "once_cell", "proc-macro2", "quote", @@ -2114,7 +2242,7 @@ version = "0.24.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e385be0d24f186b4ce2f9982191e7101bb737312ad61c1f2f984f34bcf85d59" dependencies = [ - "heck", + "heck 0.4.0", "proc-macro2", "quote", "rustversion", @@ -2256,6 +2384,16 @@ dependencies = [ ] [[package]] +name = "tokio-io-timeout" +version = "1.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30b74022ada614a1b4834de765f9bb43877f910cc8ce4be40e89042c9223a8bf" +dependencies = [ + "pin-project-lite", + "tokio", +] + +[[package]] name = "tokio-macros" version = "1.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2277,6 +2415,31 @@ dependencies = [ ] [[package]] +name = "tokio-stream" +version = "0.1.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d660770404473ccd7bc9f8b28494a811bc18542b915c0855c51e8f419d5223ce" +dependencies = [ + "futures-core", + "pin-project-lite", + "tokio", +] + +[[package]] +name = "tokio-util" +version = "0.6.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "36943ee01a6d67977dd3f84a5a1d2efeb4ada3a1ae771cadfaa535d9d9fc6507" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "log", + "pin-project-lite", + "tokio", +] + +[[package]] name = "tokio-util" version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2300,6 +2463,75 @@ dependencies = [ ] [[package]] +name = "tonic" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff08f4649d10a70ffa3522ca559031285d8e421d727ac85c60825761818f5d0a" +dependencies = [ + "async-stream", + "async-trait", + "base64", + "bytes", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-timeout", + "percent-encoding", + "pin-project", + "prost", + "prost-derive", + "tokio", + "tokio-stream", + "tokio-util 0.6.10", + "tower", + "tower-layer", + "tower-service", + "tracing", + "tracing-futures", +] + +[[package]] +name = "tonic-build" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9403f1bafde247186684b230dc6f38b5cd514584e8bec1dd32514be4745fa757" +dependencies = [ + "proc-macro2", + "prost-build", + "quote", + "syn", +] + +[[package]] +name = "tower" +version = "0.4.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +dependencies = [ + "futures-core", + "futures-util", + "indexmap", + "pin-project", + "pin-project-lite", + "rand", + "slab", + "tokio", + "tokio-util 0.7.4", + "tower-layer", + "tower-service", + "tracing", +] + +[[package]] +name = "tower-layer" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c20c8dbed6283a09604c3e69b4b7eeb54e298b8a600d4d5ecb5ad39de609f1d0" + +[[package]] name = "tower-service" version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2312,11 +2544,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" dependencies = [ "cfg-if", + "log", "pin-project-lite", + "tracing-attributes", "tracing-core", ] [[package]] +name = "tracing-attributes" +version = "0.1.23" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4017f8f45139870ca7e672686113917c71c7a6e02d4924eda67186083c03081a" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] name = "tracing-core" version = "0.1.30" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2326,6 +2571,16 @@ dependencies = [ ] [[package]] +name = "tracing-futures" +version = "0.2.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "97d095ae15e245a057c8e8451bab9b3ee1e1f68e9ba2b4fbc18d0ac5237835f2" +dependencies = [ + "pin-project", + "tracing", +] + +[[package]] name = "try-lock" version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2533,6 +2788,17 @@ dependencies = [ ] [[package]] +name = "which" +version = "4.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c831fbbee9e129a8cf93e7747a82da9d95ba8e16621cae60ec2cdc849bacb7b" +dependencies = [ + "either", + "libc", + "once_cell", +] + +[[package]] name = "whoami" version = "1.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" diff --git a/crates/iam/src/main.rs b/crates/iam/src/main.rs index ce72072..c2ab5a3 100644 --- a/crates/iam/src/main.rs +++ b/crates/iam/src/main.rs @@ -4,14 +4,13 @@ mod util; use anyhow::bail; use api::{ - AdminAction, AdminObject, Args, CliError, Command, CreateObject, DevObject, GetObject, - LinkObject, ListObject, Validation, + AdminAction, Args, CliError, Command, CreateObject, DevObject, GetObject, LinkObject, + ListObject, }; use clap::Parser; use command::dev_oauth2_listen; use env_logger::Env; -use secd::{Secd, SecdError, ENV_AUTH_STORE_CONN_STRING}; -use std::str::FromStr; +use secd::{auth::z, Secd, ENV_AUTH_STORE_CONN_STRING, ENV_SPICE_SECRET, ENV_SPICE_SERVER}; use util::{error_detail, Result}; use uuid::Uuid; @@ -53,12 +52,50 @@ async fn exec() -> Result<Option<String>> { // let cfg = util::read_config(args.profile).map_err(|_| CliError::InvalidProfile)?; std::env::set_var( ENV_AUTH_STORE_CONN_STRING, - "sqlite:///tmp/store.db?mode=rwc", - // "postgresql://secduser:p4ssw0rd@localhost:5412/secd", + "postgresql://secduser:p4ssw0rd@localhost:5412/secd", ); - let secd = Secd::init() + std::env::set_var(ENV_SPICE_SECRET, "sup3rs3cr3tk3y"); + std::env::set_var(ENV_SPICE_SERVER, "http://[::1]:50051"); + + let secd = Secd::init(Some( + "definition user {}\ndefinition organization {\n relation member: user \n }\n", + )) + .await + .map_err(|e| CliError::SecdInitializationFailure(e.to_string()))?; + + secd.write(&vec![z::Relationship { + subject: z::Subject::User(( + "user".into(), + Uuid::parse_str("cd1e74de-6107-4191-a7b2-a142c549a9af").unwrap(), + )), + object: ( + "organization".into(), + Uuid::parse_str("862f38b5-7f88-4b55-800f-af8da059e3a7").unwrap(), + ), + relation: "member".into(), + }]) + .await + .unwrap(); + + let y = match secd + .check(&z::Relationship { + subject: z::Subject::User(( + "user".into(), + Uuid::parse_str("cd1e74de-6107-4191-a7b2-a142c549a9af").unwrap(), + )), + object: ( + "organization".into(), + Uuid::parse_str("862f38b5-7f88-4b55-800f-af8da059e3a7").unwrap(), + ), + relation: "memb".into(), + }) .await - .map_err(|e| CliError::SecdInitializationFailure(e.to_string()))?; + { + Ok(v) => v, + Err(e) => panic!("fooooooooooooooooooooooooooooooooooooooooooooooo"), + }; + + println!("DID I HAZ IT? {:#?}", y); match rest { Command::Admin { action } => admin(&secd, action).await?, diff --git a/crates/secd/Cargo.toml b/crates/secd/Cargo.toml index 350cfd1..1eb30b1 100644 --- a/crates/secd/Cargo.toml +++ b/crates/secd/Cargo.toml @@ -15,6 +15,8 @@ lazy_static = "1.4" lettre = "0.10.1" log = "0.4" openssl = "0.10.42" +prost = "0.9" +prost-types = "0.9.0" rand = "0.8" reqwest = { version = "0.11.13", features = ["json"] } serde = "1" @@ -27,5 +29,10 @@ sqlx = { path = "../../../sqlx", features = [ "runtime-async-std-native-tls", "p time = { version = "0.3", features = [ "serde" ] } thiserror = "1.0" tokio = { version = "1.23.0", feautres = ["rt", "macros"] } +tonic = "0.6.2" url = "2.3.1" -uuid = { version = "1.2", features = ["v4", "serde"]}
\ No newline at end of file +uuid = { version = "1.2", features = ["v4", "serde"]} + +[build-dependencies] +glob = "0.3.0" +tonic-build = { version = "0.6.2", features = ["prost"] } diff --git a/crates/secd/build.rs b/crates/secd/build.rs index 3a8149e..8471105 100644 --- a/crates/secd/build.rs +++ b/crates/secd/build.rs @@ -1,3 +1,28 @@ +use std::env; +use std::path::PathBuf; + +use glob::glob; + fn main() { println!("cargo:rerun-if-changed=migrations"); + + let proto_files: Vec<PathBuf> = glob("proto/**/*.proto") + .unwrap() + .into_iter() + .filter_map(Result::ok) + .collect(); + + // Tell cargo to recompile if any of these proto files are changed + for proto_file in &proto_files { + println!("cargo:rerun-if-changed={}", proto_file.display()); + } + + let descriptor_path = PathBuf::from(env::var("OUT_DIR").unwrap()).join("proto_descriptor.bin"); + + tonic_build::configure() + .server_mod_attribute("attrs", "#[cfg(feature = \"server\")]") + .client_mod_attribute("attrs", "#[cfg(feature = \"client\")]") + .file_descriptor_set_path(&descriptor_path) + .compile(&proto_files, &["proto"]) + .unwrap(); } diff --git a/crates/secd/proto/authzed/api/v0/core.proto b/crates/secd/proto/authzed/api/v0/core.proto new file mode 100644 index 0000000..d42eb04 --- /dev/null +++ b/crates/secd/proto/authzed/api/v0/core.proto @@ -0,0 +1,58 @@ +syntax = "proto3"; +package authzed.api.v0; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v0"; +option java_package = "com.authzed.api.v0"; + +import "validate/validate.proto"; + +message RelationTuple { + // Each tupleset specifies keys of a set of relation tuples. The set can + // include a single tuple key, or all tuples with a given object ID or + // userset in a namespace, optionally constrained by a relation name. + // + // examples: + // doc:readme#viewer@group:eng#member (fully specified) + // doc:*#*#group:eng#member (all tuples that this userset relates to) + // doc:12345#*#* (all tuples with a direct relationship to a document) + // doc:12345#writer#* (all tuples with direct write relationship with the + // document) doc:#writer#group:eng#member (all tuples that eng group has write + // relationship) + ObjectAndRelation object_and_relation = 1 + [ (validate.rules).message.required = true ]; + User user = 2 [ (validate.rules).message.required = true ]; +} + +message ObjectAndRelation { + string namespace = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + string object_id = 2 [ (validate.rules).string = { + pattern : "^(([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})|\\*)$", + max_bytes : 128, + } ]; + string relation = 3 [ (validate.rules).string = { + pattern : "^(\\.\\.\\.|[a-z][a-z0-9_]{1,62}[a-z0-9])$", + max_bytes : 64, + } ]; +} + +message RelationReference { + string namespace = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + string relation = 3 [ (validate.rules).string = { + pattern : "^(\\.\\.\\.|[a-z][a-z0-9_]{1,62}[a-z0-9])$", + max_bytes : 64, + } ]; +} + +message User { + oneof user_oneof { + option (validate.required) = true; + + ObjectAndRelation userset = 2 [ (validate.rules).message.required = true ]; + } +} diff --git a/crates/secd/proto/authzed/api/v0/developer.proto b/crates/secd/proto/authzed/api/v0/developer.proto new file mode 100644 index 0000000..9a4b97d --- /dev/null +++ b/crates/secd/proto/authzed/api/v0/developer.proto @@ -0,0 +1,135 @@ +syntax = "proto3"; +package authzed.api.v0; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v0"; +option java_package = "com.authzed.api.v0"; + +import "authzed/api/v0/core.proto"; + +service DeveloperService { + rpc EditCheck(EditCheckRequest) returns (EditCheckResponse) {} + rpc Validate(ValidateRequest) returns (ValidateResponse) {} + rpc Share(ShareRequest) returns (ShareResponse) {} + rpc LookupShared(LookupShareRequest) returns (LookupShareResponse) {} + rpc UpgradeSchema(UpgradeSchemaRequest) returns (UpgradeSchemaResponse) {} + rpc FormatSchema(FormatSchemaRequest) returns (FormatSchemaResponse) {} +} + +message FormatSchemaRequest { + string schema = 1; +} + +message FormatSchemaResponse { + DeveloperError error = 1; + string formatted_schema = 2; +} + +message UpgradeSchemaRequest { + repeated string namespace_configs = 1; +} + +message UpgradeSchemaResponse { + DeveloperError error = 1; + string upgraded_schema = 2; +} + +message ShareRequest { + string schema = 1; + string relationships_yaml = 2; + string validation_yaml = 3; + string assertions_yaml = 4; +} + +message ShareResponse { + string share_reference = 1; +} + +message LookupShareRequest { + string share_reference = 1; +} + +message LookupShareResponse { + enum LookupStatus { + UNKNOWN_REFERENCE = 0; + FAILED_TO_LOOKUP = 1; + VALID_REFERENCE = 2; + UPGRADED_REFERENCE = 3; + } + + LookupStatus status = 1; + string schema = 2; + string relationships_yaml = 3; + string validation_yaml = 4; + string assertions_yaml = 5; +} + +message RequestContext { + string schema = 1; + repeated RelationTuple relationships = 2; + reserved 3; // Was legacy_ns_configs +} + +message EditCheckRequest { + RequestContext context = 1; + repeated RelationTuple check_relationships = 2; +} + +message EditCheckResult { + RelationTuple relationship = 1; + bool is_member = 2; + DeveloperError error = 3; +} + +message EditCheckResponse { + repeated DeveloperError request_errors = 1; + repeated EditCheckResult check_results = 2; +} + +message ValidateRequest { + RequestContext context = 1; + string validation_yaml = 3; + bool update_validation_yaml = 4; + string assertions_yaml = 5; +} + +message ValidateResponse { + repeated DeveloperError request_errors = 1; + repeated DeveloperError validation_errors = 2; + string updated_validation_yaml = 3; +} + +message DeveloperError { + enum Source { + UNKNOWN_SOURCE = 0; + SCHEMA = 1; + RELATIONSHIP = 2; + VALIDATION_YAML = 3; + CHECK_WATCH = 4; + ASSERTION = 5; + } + + enum ErrorKind { + UNKNOWN_KIND = 0; + PARSE_ERROR = 1; + SCHEMA_ISSUE = 2; + DUPLICATE_RELATIONSHIP = 3; + MISSING_EXPECTED_RELATIONSHIP = 4; + EXTRA_RELATIONSHIP_FOUND = 5; + UNKNOWN_OBJECT_TYPE = 6; + UNKNOWN_RELATION = 7; + MAXIMUM_RECURSION = 8; + ASSERTION_FAILED = 9; + } + + string message = 1; + uint32 line = 2; + uint32 column = 3; + Source source = 4; + ErrorKind kind = 5; + + repeated string path = 6; + + // context holds the context for the error. For schema issues, this will be the + // name of the object type. For relationship issues, the full relationship string. + string context = 7; +} diff --git a/crates/secd/proto/authzed/api/v1/core.proto b/crates/secd/proto/authzed/api/v1/core.proto new file mode 100644 index 0000000..25bf78b --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/core.proto @@ -0,0 +1,145 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +import "google/protobuf/struct.proto"; +import "validate/validate.proto"; + +// Relationship specifies how a resource relates to a subject. Relationships +// form the data for the graph over which all permissions questions are +// answered. +message Relationship { + // resource is the resource to which the subject is related, in some manner + ObjectReference resource = 1 [ (validate.rules).message.required = true ]; + + // relation is how the resource and subject are related. + string relation = 2 [ (validate.rules).string = { + pattern : "^[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 64, + } ]; + + // subject is the subject to which the resource is related, in some manner. + SubjectReference subject = 3 [ (validate.rules).message.required = true ]; + + // optional_caveat is a reference to a the caveat that must be enforced over the relationship + ContextualizedCaveat optional_caveat = 4 [ (validate.rules).message.required = false ]; +} + +/** + * ContextualizedCaveat represents a reference to a caveat to be used by caveated relationships. + * The context consists of key-value pairs that will be injected at evaluation time. + * The keys must match the arguments defined on the caveat in the schema. + */ +message ContextualizedCaveat { + /** caveat_name is the name of the caveat expression to use, as defined in the schema **/ + string caveat_name = 1 [ (validate.rules).string = { + pattern : "^([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})$", + max_bytes : 128, + } ]; + + /** context consists of any named values that are defined at write time for the caveat expression **/ + google.protobuf.Struct context = 2 [ (validate.rules).message.required = false ]; +} + +// SubjectReference is used for referring to the subject portion of a +// Relationship. The relation component is optional and is used for defining a +// sub-relation on the subject, e.g. group:123#members +message SubjectReference { + ObjectReference object = 1 [ (validate.rules).message.required = true ]; + string optional_relation = 2 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; +} + +// ObjectReference is used to refer to a specific object in the system. +message ObjectReference { + string object_type = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + string object_id = 2 [ (validate.rules).string = { + pattern : "^(([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})|\\*)$", + max_bytes : 128, + } ]; +} + +// ZedToken is used to provide causality metadata between Write and Check +// requests. +// +// See the authzed.api.v1.Consistency message for more information. +message ZedToken { + string token = 1 [ (validate.rules).string = { + min_bytes : 1, + } ]; +} + +// RelationshipUpdate is used for mutating a single relationship within the +// service. +// +// CREATE will create the relationship only if it doesn't exist, and error +// otherwise. +// +// TOUCH will upsert the relationship, and will not error if it +// already exists. +// +// DELETE will delete the relationship and error if it doesn't +// exist. +message RelationshipUpdate { + enum Operation { + OPERATION_UNSPECIFIED = 0; + OPERATION_CREATE = 1; + OPERATION_TOUCH = 2; + OPERATION_DELETE = 3; + } + Operation operation = 1 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + Relationship relationship = 2 [ (validate.rules).message.required = true ]; +} + +// PermissionRelationshipTree is used for representing a tree of a resource and +// its permission relationships with other objects. +message PermissionRelationshipTree { + oneof tree_type { + option (validate.required) = true; + + AlgebraicSubjectSet intermediate = 1; + DirectSubjectSet leaf = 2; + } + ObjectReference expanded_object = 3; + string expanded_relation = 4; +} + +// AlgebraicSubjectSet is a subject set which is computed based on applying the +// specified operation to the operands according to the algebra of sets. +// +// UNION is a logical set containing the subject members from all operands. +// +// INTERSECTION is a logical set containing only the subject members which are +// present in all operands. +// +// EXCLUSION is a logical set containing only the subject members which are +// present in the first operand, and none of the other operands. +message AlgebraicSubjectSet { + enum Operation { + OPERATION_UNSPECIFIED = 0; + OPERATION_UNION = 1; + OPERATION_INTERSECTION = 2; + OPERATION_EXCLUSION = 3; + } + + Operation operation = 1 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + repeated PermissionRelationshipTree children = 2 [ (validate.rules).repeated.items.message.required = true ]; +} + +// DirectSubjectSet is a subject set which is simply a collection of subjects. +message DirectSubjectSet { repeated SubjectReference subjects = 1; } + +// PartialCaveatInfo carries information necessary for the client to take action +// in the event a response contains a partially evaluated caveat +message PartialCaveatInfo { + // missing_required_context is a list of one or more fields that were missing and prevented caveats + // from being fully evaluated + repeated string missing_required_context = 1 [(validate.rules).repeated.min_items = 1]; +} diff --git a/crates/secd/proto/authzed/api/v1/debug.proto b/crates/secd/proto/authzed/api/v1/debug.proto new file mode 100644 index 0000000..f02fa82 --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/debug.proto @@ -0,0 +1,103 @@ +syntax = "proto3"; +package authzed.api.v1; + +import "authzed/api/v1/core.proto"; +import "validate/validate.proto"; +import "google/protobuf/struct.proto"; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +// DebugInformation defines debug information returned by an API call in a footer when +// requested with a specific debugging header. +// +// The specific debug information returned will depend on the type of the API call made. +// +// See the github.com/authzed/authzed-go project for the specific header and footer names. +message DebugInformation { + // check holds debug information about a check request. + CheckDebugTrace check = 1; + + // schema_used holds the schema used for the request. + string schema_used = 2; +} + +// CheckDebugTrace is a recursive trace of the requests made for resolving a CheckPermission +// API call. +message CheckDebugTrace { + enum PermissionType { + PERMISSION_TYPE_UNSPECIFIED = 0; + PERMISSION_TYPE_RELATION = 1; + PERMISSION_TYPE_PERMISSION = 2; + } + + enum Permissionship { + PERMISSIONSHIP_UNSPECIFIED = 0; + PERMISSIONSHIP_NO_PERMISSION = 1; + PERMISSIONSHIP_HAS_PERMISSION = 2; + PERMISSIONSHIP_CONDITIONAL_PERMISSION = 3; + } + + message SubProblems { + repeated CheckDebugTrace traces = 1; + } + + // resource holds the resource on which the Check was performed. + ObjectReference resource = 1 [ (validate.rules).message.required = true ]; + + // permission holds the name of the permission or relation on which the Check was performed. + string permission = 2; + + // permission_type holds information indicating whether it was a permission or relation. + PermissionType permission_type = 3 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + + // subject holds the subject on which the Check was performed. This will be static across all calls within + // the same Check tree. + SubjectReference subject = 4 [ (validate.rules).message.required = true ]; + + // result holds the result of the Check call. + Permissionship result = 5 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + + // caveat_evaluation_info holds information about the caveat evaluated for this step of the trace. + CaveatEvalInfo caveat_evaluation_info = 8; + + // resolution holds information about how the problem was resolved. + oneof resolution { + option (validate.required) = true; + + // was_cached_result, if true, indicates that the result was found in the cache and returned directly. + bool was_cached_result = 6; + + // sub_problems holds the sub problems that were executed to resolve the answer to this Check. An empty list + // and a permissionship of PERMISSIONSHIP_HAS_PERMISSION indicates the subject was found within this relation. + SubProblems sub_problems = 7; + } +} + +// CaveatEvalInfo holds information about a caveat expression that was evaluated. +message CaveatEvalInfo { + enum Result { + RESULT_UNSPECIFIED = 0; + + RESULT_UNEVALUATED = 1; + + RESULT_FALSE = 2; + RESULT_TRUE = 3; + RESULT_MISSING_SOME_CONTEXT = 4; + } + + // expression is the expression that was evaluated. + string expression = 1; + + // result is the result of the evaluation. + Result result = 2; + + // context consists of any named values that were used for evaluating the caveat expression. + google.protobuf.Struct context = 3; + + // partial_caveat_info holds information of a partially-evaluated caveated response, if applicable. + PartialCaveatInfo partial_caveat_info = 4; + + // caveat_name is the name of the caveat that was executed, if applicable. + string caveat_name = 5; +}
\ No newline at end of file diff --git a/crates/secd/proto/authzed/api/v1/error_reason.proto b/crates/secd/proto/authzed/api/v1/error_reason.proto new file mode 100644 index 0000000..401a3d0 --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/error_reason.proto @@ -0,0 +1,197 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +// Defines the supported values for `google.rpc.ErrorInfo.reason` for the +// `authzed.com` error domain. +enum ErrorReason { + // Do not use this default value. + ERROR_REASON_UNSPECIFIED = 0; + + // The request gave a schema that could not be parsed. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_SCHEMA_PARSE_ERROR", + // "domain": "authzed.com", + // "metadata": { + // "start_line_number": "1", + // "start_column_position": "19", + // "end_line_number": "1", + // "end_column_position": "19", + // "source_code": "somedefinition", + // } + // } + // + // The line numbers and column positions are 0-indexed and may not be present. + ERROR_REASON_SCHEMA_PARSE_ERROR = 1; + + // The request contains a schema with a type error. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_SCHEMA_TYPE_ERROR", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // ... additional keys based on the kind of type error ... + // } + // } + ERROR_REASON_SCHEMA_TYPE_ERROR = 2; + + // The request referenced an unknown object definition in the schema. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UNKNOWN_DEFINITION", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition" + // } + // } + ERROR_REASON_UNKNOWN_DEFINITION = 3; + + // The request referenced an unknown relation or permission under a definition in the schema. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relation_or_permission_name": "somepermission" + // } + // } + ERROR_REASON_UNKNOWN_RELATION_OR_PERMISSION = 4; + + // The WriteRelationships request contained more updates than the maximum configured. + // + // Example of an ErrorInfo: + // + // { "reason": "ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST", + // "domain": "authzed.com", + // "metadata": { + // "update_count": "525", + // "maximum_updates_allowed": "500", + // } + // } + ERROR_REASON_TOO_MANY_UPDATES_IN_REQUEST = 5; + + // The request contained more preconditions than the maximum configured. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST", + // "domain": "authzed.com", + // "metadata": { + // "precondition_count": "525", + // "maximum_preconditions_allowed": "500", + // } + // } + ERROR_REASON_TOO_MANY_PRECONDITIONS_IN_REQUEST = 6; + + // The request contained a precondition that failed. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE", + // "domain": "authzed.com", + // "metadata": { + // "precondition_resource_type": "document", + // ... other fields for the filter ... + // "precondition_operation": "MUST_EXIST", + // } + // } + ERROR_REASON_WRITE_OR_DELETE_PRECONDITION_FAILURE = 7; + + // A write or delete request was made to an instance that is deployed in read-only mode. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_SERVICE_READ_ONLY", + // "domain": "authzed.com" + // } + ERROR_REASON_SERVICE_READ_ONLY = 8; + + // The request referenced an unknown caveat in the schema. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UNKNOWN_CAVEAT", + // "domain": "authzed.com", + // "metadata": { + // "caveat_name": "somecaveat" + // } + // } + ERROR_REASON_UNKNOWN_CAVEAT = 9; + + // The request tries to use a subject type that was not valid for a relation. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_INVALID_SUBJECT_TYPE", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relation_name": "somerelation", + // "subject_type": "user:*" + // } + // } + ERROR_REASON_INVALID_SUBJECT_TYPE = 10; + + // The request tries to specify a caveat parameter value with the wrong type. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relation_name": "somerelation", + // "caveat_name": "somecaveat", + // "parameter_name": "someparameter", + // "expected_type": "int", + // } + // } + ERROR_REASON_CAVEAT_PARAMETER_TYPE_ERROR = 11; + + // The request tries to perform two or more updates on the same relationship in the same WriteRelationships call. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "relationship": "somerelationship", + // } + // } + ERROR_REASON_UPDATES_ON_SAME_RELATIONSHIP = 12; + + // The request tries to write a relationship on a permission instead of a relation. + // + // Example of an ErrorInfo: + // + // { + // "reason": "ERROR_REASON_CANNOT_UPDATE_PERMISSION", + // "domain": "authzed.com", + // "metadata": { + // "definition_name": "somedefinition", + // "permission_name": "somerelation", + // } + // } + ERROR_REASON_CANNOT_UPDATE_PERMISSION = 13; +}
\ No newline at end of file diff --git a/crates/secd/proto/authzed/api/v1/openapi.proto b/crates/secd/proto/authzed/api/v1/openapi.proto new file mode 100644 index 0000000..693f52a --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/openapi.proto @@ -0,0 +1,43 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +import "protoc-gen-openapiv2/options/annotations.proto"; + +option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { + info: { + title: "Authzed"; + version: "1.0"; + contact: { + name: "Authzed, Inc."; + url: "https://github.com/authzed/api"; + email: "support@authzed.com"; + }; + license: { + name: "Apache 2.0 License"; + url: "https://github.com/authzed/api/blob/main/LICENSE"; + }; + }; + external_docs: { + url: "https://docs.authzed.com/reference/api"; + description: "More about the Authzed API."; + } + schemes: HTTP; + schemes: HTTPS; + schemes: WSS; + consumes: "application/json"; + produces: "application/json"; + security_definitions: { + security: { + key: "ApiKeyAuth"; + value: { + type: TYPE_API_KEY; + in: IN_HEADER; + name: "Authorization"; + } + } + } +}; + diff --git a/crates/secd/proto/authzed/api/v1/permission_service.proto b/crates/secd/proto/authzed/api/v1/permission_service.proto new file mode 100644 index 0000000..859d0d0 --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/permission_service.proto @@ -0,0 +1,438 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +import "google/protobuf/struct.proto"; +import "google/api/annotations.proto"; +import "validate/validate.proto"; + +import "authzed/api/v1/core.proto"; + +// PermissionsService implements a set of RPCs that perform operations on +// relationships and permissions. +service PermissionsService { + // ReadRelationships reads a set of the relationships matching one or more + // filters. + rpc ReadRelationships(ReadRelationshipsRequest) + returns (stream ReadRelationshipsResponse) { + option (google.api.http) = { + post: "/v1/relationships/read" + body: "*" + }; + } + + // WriteRelationships atomically writes and/or deletes a set of specified + // relationships. An optional set of preconditions can be provided that must + // be satisfied for the operation to commit. + rpc WriteRelationships(WriteRelationshipsRequest) + returns (WriteRelationshipsResponse) { + option (google.api.http) = { + post: "/v1/relationships/write" + body: "*" + }; + } + + // DeleteRelationships atomically bulk deletes all relationships matching the + // provided filter. If no relationships match, none will be deleted and the + // operation will succeed. An optional set of preconditions can be provided that must + // be satisfied for the operation to commit. + rpc DeleteRelationships(DeleteRelationshipsRequest) + returns (DeleteRelationshipsResponse) { + option (google.api.http) = { + post: "/v1/relationships/delete" + body: "*" + }; + } + + // CheckPermission determines for a given resource whether a subject computes + // to having a permission or is a direct member of a particular relation. + rpc CheckPermission(CheckPermissionRequest) + returns (CheckPermissionResponse) { + option (google.api.http) = { + post: "/v1/permissions/check" + body: "*" + }; + } + + // ExpandPermissionTree reveals the graph structure for a resource's + // permission or relation. This RPC does not recurse infinitely deep and may + // require multiple calls to fully unnest a deeply nested graph. + rpc ExpandPermissionTree(ExpandPermissionTreeRequest) + returns (ExpandPermissionTreeResponse) { + option (google.api.http) = { + post: "/v1/permissions/expand" + body: "*" + }; + } + + // LookupResources returns all the resources of a given type that a subject + // can access whether via a computed permission or relation membership. + rpc LookupResources(LookupResourcesRequest) + returns (stream LookupResourcesResponse) { + option (google.api.http) = { + post: "/v1/permissions/resources" + body: "*" + }; + } + + // LookupSubjects returns all the subjects of a given type that + // have access whether via a computed permission or relation membership. + rpc LookupSubjects(LookupSubjectsRequest) + returns (stream LookupSubjectsResponse) { + option (google.api.http) = { + post: "/v1/permissions/subjects" + body: "*" + }; + } +} + +// Consistency will define how a request is handled by the backend. +// By defining a consistency requirement, and a token at which those +// requirements should be applied, where applicable. +message Consistency { + oneof requirement { + option (validate.required) = true; + + // minimize_latency indicates that the latency for the call should be + // minimized by having the system select the fastest snapshot available. + bool minimize_latency = 1 [ (validate.rules).bool.const = true ]; + + // at_least_as_fresh indicates that all data used in the API call must be + // *at least as fresh* as that found in the ZedToken; more recent data might + // be used if available or faster. + ZedToken at_least_as_fresh = 2; + + // at_exact_snapshot indicates that all data used in the API call must be + // *at the given* snapshot in time; if the snapshot is no longer available, + // an error will be returned to the caller. + ZedToken at_exact_snapshot = 3; + + // fully_consistent indicates that all data used in the API call *must* be + // at the most recent snapshot found. + // + // NOTE: using this method can be *quite slow*, so unless there is a need to + // do so, it is recommended to use `at_least_as_fresh` with a stored + // ZedToken. + bool fully_consistent = 4 [ (validate.rules).bool.const = true ]; + } +} + +// RelationshipFilter is a collection of filters which when applied to a +// relationship will return relationships that have exactly matching fields. +// +// resource_type is required. All other fields are optional and if left +// unspecified will not filter relationships. +message RelationshipFilter { + string resource_type = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + + string optional_resource_id = 2 [ (validate.rules).string = { + pattern : "^([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})?$", + max_bytes : 128, + } ]; + + string optional_relation = 3 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; + + SubjectFilter optional_subject_filter = 4; +} + +// SubjectFilter specifies a filter on the subject of a relationship. +// +// subject_type is required and all other fields are optional, and will not +// impose any additional requirements if left unspecified. +message SubjectFilter { + message RelationFilter { + string relation = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; + } + + string subject_type = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + + string optional_subject_id = 2 [ (validate.rules).string = { + pattern : "^(([a-zA-Z0-9_][a-zA-Z0-9/_|-]{0,127})|\\*)?$", + max_bytes : 128, + } ]; + + RelationFilter optional_relation = 3; +} + +// ReadRelationshipsRequest specifies one or more filters used to read matching +// relationships within the system. +message ReadRelationshipsRequest { + Consistency consistency = 1; + RelationshipFilter relationship_filter = 2 + [ (validate.rules).message.required = true ]; +} + +// ReadRelationshipsResponse contains a Relationship found that matches the +// specified relationship filter(s). A instance of this response message will +// be streamed to the client for each relationship found. +message ReadRelationshipsResponse { + ZedToken read_at = 1 [ (validate.rules).message.required = true ]; + Relationship relationship = 2 [ (validate.rules).message.required = true ]; +} + +// Precondition specifies how and the existence or absence of certain +// relationships as expressed through the accompanying filter should affect +// whether or not the operation proceeds. +// +// MUST_NOT_MATCH will fail the parent request if any relationships match the +// relationships filter. +// MUST_MATCH will fail the parent request if there are no +// relationships that match the filter. +message Precondition { + enum Operation { + OPERATION_UNSPECIFIED = 0; + OPERATION_MUST_NOT_MATCH = 1; + OPERATION_MUST_MATCH = 2; + } + + Operation operation = 1 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + RelationshipFilter filter = 2 [ (validate.rules).message.required = true ]; +} + +// WriteRelationshipsRequest contains a list of Relationship mutations that +// should be applied to the service. If the optional_preconditions parameter +// is included, all of the specified preconditions must also be satisfied before +// the write will be committed. +message WriteRelationshipsRequest { + repeated RelationshipUpdate updates = 1 + [ (validate.rules).repeated .items.message.required = true ]; + + repeated Precondition optional_preconditions = 2 + [ (validate.rules).repeated .items.message.required = + true ]; // To be bounded by configuration +} + +message WriteRelationshipsResponse { ZedToken written_at = 1; } + +// DeleteRelationshipsRequest specifies which Relationships should be deleted, +// requesting the delete of *ALL* relationships that match the specified +// filters. If the optional_preconditions parameter is included, all of the +// specified preconditions must also be satisfied before the delete will be +// executed. +message DeleteRelationshipsRequest { + RelationshipFilter relationship_filter = 1 + [ (validate.rules).message.required = true ]; + + repeated Precondition optional_preconditions = 2 + [ (validate.rules).repeated .items.message.required = + true ]; // To be bounded by configuration +} + +message DeleteRelationshipsResponse { ZedToken deleted_at = 1; } + +// CheckPermissionRequest issues a check on whether a subject has a permission +// or is a member of a relation, on a specific resource. +message CheckPermissionRequest { + Consistency consistency = 1; + + // resource is the resource on which to check the permission or relation. + ObjectReference resource = 2 [ (validate.rules).message.required = true ]; + + // permission is the name of the permission (or relation) on which to execute + // the check. + string permission = 3 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; + + // subject is the subject that will be checked for the permission or relation. + SubjectReference subject = 4 [ (validate.rules).message.required = true ]; + + /** context consists of named values that are injected into the caveat evaluation context **/ + google.protobuf.Struct context = 5 [ (validate.rules).message.required = false ]; +} + +message CheckPermissionResponse { + enum Permissionship { + PERMISSIONSHIP_UNSPECIFIED = 0; + PERMISSIONSHIP_NO_PERMISSION = 1; + PERMISSIONSHIP_HAS_PERMISSION = 2; + PERMISSIONSHIP_CONDITIONAL_PERMISSION = 3; + } + + ZedToken checked_at = 1 [ (validate.rules).message.required = false ]; + + // Permissionship communicates whether or not the subject has the requested + // permission or has a relationship with the given resource, over the given + // relation. + // + // This value will be authzed.api.v1.PERMISSIONSHIP_HAS_PERMISSION if the + // requested subject is a member of the computed permission set or there + // exists a relationship with the requested relation from the given resource + // to the given subject. + Permissionship permissionship = 2 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + + // partial_caveat_info holds information of a partially-evaluated caveated response + PartialCaveatInfo partial_caveat_info = 3 [ (validate.rules).message.required = false ]; +} + +// ExpandPermissionTreeRequest returns a tree representing the expansion of all +// relationships found accessible from a permission or relation on a particular +// resource. +// +// ExpandPermissionTreeRequest is typically used to determine the full set of +// subjects with a permission, along with the relationships that grant said +// access. +message ExpandPermissionTreeRequest { + Consistency consistency = 1; + + // resource is the resource over which to run the expansion. + ObjectReference resource = 2 [ (validate.rules).message.required = true ]; + + // permission is the name of the permission or relation over which to run the + // expansion for the resource. + string permission = 3 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; +} + +message ExpandPermissionTreeResponse { + ZedToken expanded_at = 1; + + // tree_root is a tree structure whose leaf nodes are subjects, and + // intermediate nodes represent the various operations (union, intersection, + // exclusion) to reach those subjects. + PermissionRelationshipTree tree_root = 2; +} + +// LookupResourcesRequest performs a lookup of all resources of a particular +// kind on which the subject has the specified permission or the relation in +// which the subject exists, streaming back the IDs of those resources. +message LookupResourcesRequest { + Consistency consistency = 1; + + // resource_object_type is the type of resource object for which the IDs will + // be returned. + string resource_object_type = 2 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + + // permission is the name of the permission or relation for which the subject + // must Check. + string permission = 3 [ (validate.rules).string = { + pattern : "^[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 64, + } ]; + + // subject is the subject with access to the resources. + SubjectReference subject = 4 [ (validate.rules).message.required = true ]; + + /** context consists of named values that are injected into the caveat evaluation context **/ + google.protobuf.Struct context = 5 [ (validate.rules).message.required = false ]; +} + +// LookupPermissionship represents whether a Lookup response was partially evaluated or not +enum LookupPermissionship { + LOOKUP_PERMISSIONSHIP_UNSPECIFIED = 0; + LOOKUP_PERMISSIONSHIP_HAS_PERMISSION = 1; + LOOKUP_PERMISSIONSHIP_CONDITIONAL_PERMISSION = 2; +} + +// LookupResourcesResponse contains a single matching resource object ID for the +// requested object type, permission, and subject. +message LookupResourcesResponse { + ZedToken looked_up_at = 1; + string resource_object_id = 2; + + // permissionship indicates whether the response was partially evaluated or not + LookupPermissionship permissionship = 3 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + + // partial_caveat_info holds information of a partially-evaluated caveated response + PartialCaveatInfo partial_caveat_info = 4 [ (validate.rules).message.required = false ]; +} + +// LookupSubjectsRequest performs a lookup of all subjects of a particular +// kind for which the subject has the specified permission or the relation in +// which the subject exists, streaming back the IDs of those subjects. +message LookupSubjectsRequest { + Consistency consistency = 1; + + // resource is the resource for which all matching subjects for the permission + // or relation will be returned. + ObjectReference resource = 2 [ (validate.rules).message.required = true ]; + + // permission is the name of the permission (or relation) for which to find + // the subjects. + string permission = 3 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; + + // subject_object_type is the type of subject object for which the IDs will + // be returned. + string subject_object_type = 4 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + + // optional_subject_relation is the optional relation for the subject. + string optional_subject_relation = 5 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9])?$", + max_bytes : 64, + } ]; + + /** context consists of named values that are injected into the caveat evaluation context **/ + google.protobuf.Struct context = 6 [ (validate.rules).message.required = false ]; +} + +// LookupSubjectsResponse contains a single matching subject object ID for the +// requested subject object type on the permission or relation. +message LookupSubjectsResponse { + ZedToken looked_up_at = 1; + + // subject_object_id is the Object ID of the subject found. May be a `*` if + // a wildcard was found. + // deprecated: use `subject` + string subject_object_id = 2 [deprecated = true]; + + // excluded_subject_ids are the Object IDs of the subjects excluded. This list + // will only contain object IDs if `subject_object_id` is a wildcard (`*`) and + // will only be populated if exclusions exist from the wildcard. + // deprecated: use `excluded_subjects` + repeated string excluded_subject_ids = 3 [deprecated = true]; + + // permissionship indicates whether the response was partially evaluated or not + // deprecated: use `subject.permissionship` + LookupPermissionship permissionship = 4 [ deprecated = true, (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + + // partial_caveat_info holds information of a partially-evaluated caveated response + // deprecated: use `subject.partial_caveat_info` + PartialCaveatInfo partial_caveat_info = 5 [ deprecated = true, (validate.rules).message.required = false ]; + + // subject is the subject found, along with its permissionship. + ResolvedSubject subject = 6; + + // excluded_subjects are the subjects excluded. This list + // will only contain subjects if `subject.subject_object_id` is a wildcard (`*`) and + // will only be populated if exclusions exist from the wildcard. + repeated ResolvedSubject excluded_subjects = 7; +} + +// ResolvedSubject is a single subject resolved within LookupSubjects. +message ResolvedSubject { + // subject_object_id is the Object ID of the subject found. May be a `*` if + // a wildcard was found. + string subject_object_id = 1; + + // permissionship indicates whether the response was partially evaluated or not + LookupPermissionship permissionship = 2 [ (validate.rules).enum = {defined_only: true, not_in: [0]} ]; + + // partial_caveat_info holds information of a partially-evaluated caveated response + PartialCaveatInfo partial_caveat_info = 3 [ (validate.rules).message.required = false ]; +}
\ No newline at end of file diff --git a/crates/secd/proto/authzed/api/v1/schema_service.proto b/crates/secd/proto/authzed/api/v1/schema_service.proto new file mode 100644 index 0000000..ed60a0d --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/schema_service.proto @@ -0,0 +1,53 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +import "google/api/annotations.proto"; +import "validate/validate.proto"; + +// SchemaService implements operations on a Permissions System's Schema. +service SchemaService { + // Read returns the current Object Definitions for a Permissions System. + // + // Errors include: + // - INVALID_ARGUMENT: a provided value has failed to semantically validate + // - NOT_FOUND: no schema has been defined + rpc ReadSchema(ReadSchemaRequest) returns (ReadSchemaResponse) { + option (google.api.http) = { + post: "/v1/schema/read" + body: "*" + }; + } + + // Write overwrites the current Object Definitions for a Permissions System. + rpc WriteSchema(WriteSchemaRequest) returns (WriteSchemaResponse) { + option (google.api.http) = { + post: "/v1/schema/write" + body: "*" + }; + } +} + +// ReadSchemaRequest returns the schema from the database. +message ReadSchemaRequest {} + +// ReadSchemaResponse is the resulting data after having read the Object +// Definitions from a Schema. +message ReadSchemaResponse { + // schema_text is the textual form of the current schema in the system + string schema_text = 1; +} + +// WriteSchemaRequest is the required data used to "upsert" the Schema of a +// Permissions System. +message WriteSchemaRequest { + // The Schema containing one or more Object Definitions that will be written + // to the Permissions System. + string schema = 1 [ (validate.rules).string.max_bytes = 262144 ]; // 256KiB +} + +// WriteSchemaResponse is the resulting data after having written a Schema to +// a Permissions System. +message WriteSchemaResponse {} diff --git a/crates/secd/proto/authzed/api/v1/watch_service.proto b/crates/secd/proto/authzed/api/v1/watch_service.proto new file mode 100644 index 0000000..21aaccd --- /dev/null +++ b/crates/secd/proto/authzed/api/v1/watch_service.proto @@ -0,0 +1,44 @@ +syntax = "proto3"; +package authzed.api.v1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1"; +option java_package = "com.authzed.api.v1"; + +import "google/api/annotations.proto"; +import "validate/validate.proto"; + +import "authzed/api/v1/core.proto"; + +service WatchService { + rpc Watch(WatchRequest) returns (stream WatchResponse) { + option (google.api.http) = { + post: "/v1/watch" + body: "*" + }; + } +} + +// WatchRequest specifies the object definitions for which we want to start +// watching mutations, and an optional start snapshot for when to start +// watching. +message WatchRequest { + repeated string optional_object_types = 1 [ + (validate.rules).repeated .min_items = 0, + (validate.rules).repeated .items.string = { + pattern : "^([a-z][a-z0-9_]{1,62}[a-z0-9]/" + ")?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } + ]; + + ZedToken optional_start_cursor = 2; +} + +// WatchResponse contains all tuple modification events in ascending +// timestamp order, from the requested start snapshot to a snapshot +// encoded in the watch response. The client can use the snapshot to resume +// watching where the previous watch response left off. +message WatchResponse { + repeated RelationshipUpdate updates = 1; + ZedToken changes_through = 2; +} diff --git a/crates/secd/proto/authzed/api/v1alpha1/schema.proto b/crates/secd/proto/authzed/api/v1alpha1/schema.proto new file mode 100644 index 0000000..969ecdb --- /dev/null +++ b/crates/secd/proto/authzed/api/v1alpha1/schema.proto @@ -0,0 +1,68 @@ +syntax = "proto3"; +package authzed.api.v1alpha1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1alpha1"; +option java_package = "com.authzed.api.v1alpha1"; + +import "validate/validate.proto"; + +// SchemaService implements operations on a Permissions System's Schema. +service SchemaService { + // Read returns the current Object Definitions for a Permissions System. + // + // Errors include: + // - INVALID_ARGUMENT: a provided value has failed to semantically validate + // - NOT_FOUND: one of the Object Definitions being requested does not exist + rpc ReadSchema(ReadSchemaRequest) returns (ReadSchemaResponse) {} + + // Write overwrites the current Object Definitions for a Permissions System. + // + // Any Object Definitions that exist, but are not included will be deleted. + rpc WriteSchema(WriteSchemaRequest) returns (WriteSchemaResponse) {} +} + +// ReadSchemaRequest is the required data to read Object Definitions from +// a Schema. +message ReadSchemaRequest { + // The list of names of the Object Definitions that are being requested. + // + // These names must be fully qualified with their namespace (e.g. + // myblog/post). + repeated string object_definitions_names = 1 [ (validate.rules).repeated .items.string = { + pattern: "^([a-z][a-z0-9_]{1,62}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes: 128, + } ]; +} + +// ReadSchemaResponse is the resulting data after having read the Object +// Definitions from a Schema. +message ReadSchemaResponse { + // The Object Definitions that were requested. + repeated string object_definitions = 1; + + // The computed revision of the returned object definitions. + string computed_definitions_revision = 2; +} + +// WriteSchemaRequest is the required data used to "upsert" the Schema of a +// Permissions System. +message WriteSchemaRequest { + // The Schema containing one or more Object Definitions that will be written + // to the Permissions System. + string schema = 1 [ (validate.rules).string.max_bytes = 262144 ]; // 256KiB + + // If specified, the existing revision of object definitions in the schema that must be present for + // the write to succeed. If the revision specified differs (i.e. the underlying schema has changed), + // the write call will fail with a FAILED_PRECONDITION error. + string optional_definitions_revision_precondition = 2; +} + +// WriteSchemaResponse is the resulting data after having written a Schema to +// a Permissions System. +message WriteSchemaResponse { + // The names of the Object Definitions that were written. + repeated string object_definitions_names = 1; + + // The computed revision of the written object definitions. + string computed_definitions_revision = 2; +} diff --git a/crates/secd/proto/authzed/api/v1alpha1/watchresources_service.proto b/crates/secd/proto/authzed/api/v1alpha1/watchresources_service.proto new file mode 100644 index 0000000..27c028a --- /dev/null +++ b/crates/secd/proto/authzed/api/v1alpha1/watchresources_service.proto @@ -0,0 +1,83 @@ +syntax = "proto3"; +package authzed.api.v1alpha1; + +option go_package = "github.com/authzed/authzed-go/proto/authzed/api/v1alpha1"; +option java_package = "com.authzed.api.v1alpha1"; + +import "google/api/annotations.proto"; +import "validate/validate.proto"; + +import "authzed/api/v1/core.proto"; + +// WatchResourcesService is used to receive a stream of updates for resources of a +// specific (resource type, permission, subject) combination. +service WatchResourcesService { + + // WatchResources initiates a watch for permission changes for the provided + // (resource type, permission, subject) pair. + rpc WatchResources(WatchResourcesRequest) + returns (stream WatchResourcesResponse) { + option (google.api.http) = { + post: "/v1alpha1/lookupwatch" + body: "*" + }; + } +} + +// WatchResourcesRequest starts a watch for specific permission updates +// for the given resource and subject types. +message WatchResourcesRequest { + + // resource_object_type is the type of resource object for which we will + // watch for changes. + string resource_object_type = 1 [ (validate.rules).string = { + pattern : "^([a-z][a-z0-9_]{1,61}[a-z0-9]/)?[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 128, + } ]; + + // permission is the name of the permission or relation for which we will + // watch for changes. + string permission = 2 [ (validate.rules).string = { + pattern : "^[a-z][a-z0-9_]{1,62}[a-z0-9]$", + max_bytes : 64, + } ]; + + // subject_object_type is the type of the subject resource for which we will + // watch for changes. + string subject_object_type = 3; + + // optional_subject_relation allows you to specify a group of subjects to watch + // for a given subject type. + string optional_subject_relation = 4; + + authzed.api.v1.ZedToken optional_start_cursor = 5; +} + +// PermissionUpdate represents a single permission update for a specific +// subject's permissions. +message PermissionUpdate { + + // todo: work this into the v1 core API at some point since it's used + // across services. + enum Permissionship { + PERMISSIONSHIP_UNSPECIFIED = 0; + PERMISSIONSHIP_NO_PERMISSION = 1; + PERMISSIONSHIP_HAS_PERMISSION = 2; + } + + // subject defines the subject resource whose permissions have changed. + authzed.api.v1.SubjectReference subject = 1; + + // resource defines the specific object in the system. + authzed.api.v1.ObjectReference resource = 2; + + string relation = 3; + Permissionship updated_permission = 4; +} + +// WatchResourcesResponse enumerates the list of permission updates that have +// occurred as a result of one or more relationship updates. +message WatchResourcesResponse { + repeated PermissionUpdate updates = 1; + authzed.api.v1.ZedToken changes_through = 2; +}
\ No newline at end of file diff --git a/crates/secd/proto/google/api/annotations.proto b/crates/secd/proto/google/api/annotations.proto new file mode 100644 index 0000000..85c361b --- /dev/null +++ b/crates/secd/proto/google/api/annotations.proto @@ -0,0 +1,31 @@ +// Copyright (c) 2015, Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/http.proto"; +import "google/protobuf/descriptor.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "AnnotationsProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +extend google.protobuf.MethodOptions { + // See `HttpRule`. + HttpRule http = 72295728; +} diff --git a/crates/secd/proto/google/api/auth.proto b/crates/secd/proto/google/api/auth.proto new file mode 100644 index 0000000..cdbc1ef --- /dev/null +++ b/crates/secd/proto/google/api/auth.proto @@ -0,0 +1,181 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "AuthProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Authentication` defines the authentication configuration for an API. +// +// Example for an API targeted for external use: +// +// name: calendar.googleapis.com +// authentication: +// providers: +// - id: google_calendar_auth +// jwks_uri: https://www.googleapis.com/oauth2/v1/certs +// issuer: https://securetoken.google.com +// rules: +// - selector: "*" +// requirements: +// provider_id: google_calendar_auth +message Authentication { + // A list of authentication rules that apply to individual API methods. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated AuthenticationRule rules = 3; + + // Defines a set of authentication providers that a service supports. + repeated AuthProvider providers = 4; +} + +// Authentication rules for the service. +// +// By default, if a method has any authentication requirements, every request +// must include a valid credential matching one of the requirements. +// It's an error to include more than one kind of credential in a single +// request. +// +// If a method doesn't have any auth requirements, request credentials will be +// ignored. +message AuthenticationRule { + // Selects the methods to which this rule applies. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // The requirements for OAuth credentials. + OAuthRequirements oauth = 2; + + // If true, the service accepts API keys without any other credential. + bool allow_without_credential = 5; + + // Requirements for additional authentication providers. + repeated AuthRequirement requirements = 7; +} + +// Configuration for an anthentication provider, including support for +// [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). +message AuthProvider { + // The unique identifier of the auth provider. It will be referred to by + // `AuthRequirement.provider_id`. + // + // Example: "bookstore_auth". + string id = 1; + + // Identifies the principal that issued the JWT. See + // https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 + // Usually a URL or an email address. + // + // Example: https://securetoken.google.com + // Example: 1234567-compute@developer.gserviceaccount.com + string issuer = 2; + + // URL of the provider's public key set to validate signature of the JWT. See + // [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). + // Optional if the key set document: + // - can be retrieved from + // [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html + // of the issuer. + // - can be inferred from the email domain of the issuer (e.g. a Google service account). + // + // Example: https://www.googleapis.com/oauth2/v1/certs + string jwks_uri = 3; + + // The list of JWT + // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + // that are allowed to access. A JWT containing any of these audiences will + // be accepted. When this setting is absent, only JWTs with audience + // "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]" + // will be accepted. For example, if no audiences are in the setting, + // LibraryService API will only accept JWTs with the following audience + // "https://library-example.googleapis.com/google.example.library.v1.LibraryService". + // + // Example: + // + // audiences: bookstore_android.apps.googleusercontent.com, + // bookstore_web.apps.googleusercontent.com + string audiences = 4; + + // Redirect URL if JWT token is required but no present or is expired. + // Implement authorizationUrl of securityDefinitions in OpenAPI spec. + string authorization_url = 5; +} + +// OAuth scopes are a way to define data and permissions on data. For example, +// there are scopes defined for "Read-only access to Google Calendar" and +// "Access to Cloud Platform". Users can consent to a scope for an application, +// giving it permission to access that data on their behalf. +// +// OAuth scope specifications should be fairly coarse grained; a user will need +// to see and understand the text description of what your scope means. +// +// In most cases: use one or at most two OAuth scopes for an entire family of +// products. If your product has multiple APIs, you should probably be sharing +// the OAuth scope across all of those APIs. +// +// When you need finer grained OAuth consent screens: talk with your product +// management about how developers will use them in practice. +// +// Please note that even though each of the canonical scopes is enough for a +// request to be accepted and passed to the backend, a request can still fail +// due to the backend requiring additional scopes or permissions. +message OAuthRequirements { + // The list of publicly documented OAuth scopes that are allowed access. An + // OAuth token containing any of these scopes will be accepted. + // + // Example: + // + // canonical_scopes: https://www.googleapis.com/auth/calendar, + // https://www.googleapis.com/auth/calendar.read + string canonical_scopes = 1; +} + +// User-defined authentication requirements, including support for +// [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). +message AuthRequirement { + // [id][google.api.AuthProvider.id] from authentication provider. + // + // Example: + // + // provider_id: bookstore_auth + string provider_id = 1; + + // NOTE: This will be deprecated soon, once AuthProvider.audiences is + // implemented and accepted in all the runtime components. + // + // The list of JWT + // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). + // that are allowed to access. A JWT containing any of these audiences will + // be accepted. When this setting is absent, only JWTs with audience + // "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]" + // will be accepted. For example, if no audiences are in the setting, + // LibraryService API will only accept JWTs with the following audience + // "https://library-example.googleapis.com/google.example.library.v1.LibraryService". + // + // Example: + // + // audiences: bookstore_android.apps.googleusercontent.com, + // bookstore_web.apps.googleusercontent.com + string audiences = 2; +} diff --git a/crates/secd/proto/google/api/backend.proto b/crates/secd/proto/google/api/backend.proto new file mode 100644 index 0000000..dd22919 --- /dev/null +++ b/crates/secd/proto/google/api/backend.proto @@ -0,0 +1,51 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "BackendProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Backend` defines the backend configuration for a service. +message Backend { + // A list of API backend rules that apply to individual API methods. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated BackendRule rules = 1; +} + +// A backend rule provides configuration for an individual API element. +message BackendRule { + // Selects the methods to which this rule applies. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // The address of the API backend. + string address = 2; + + // The number of seconds to wait for a response from a request. The default + // deadline for gRPC is infinite (no deadline) and HTTP requests is 5 seconds. + double deadline = 3; + + // Minimum deadline in seconds needed for this method. Calls having deadline + // value lower than this will be rejected. + double min_deadline = 4; +} diff --git a/crates/secd/proto/google/api/billing.proto b/crates/secd/proto/google/api/billing.proto new file mode 100644 index 0000000..54c6cca --- /dev/null +++ b/crates/secd/proto/google/api/billing.proto @@ -0,0 +1,67 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "BillingProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Billing related configuration of the service. +// +// The following example shows how to configure monitored resources and metrics +// for billing: +// +// monitored_resources: +// - type: library.googleapis.com/branch +// labels: +// - key: /city +// description: The city where the library branch is located in. +// - key: /name +// description: The name of the branch. +// metrics: +// - name: library.googleapis.com/book/borrowed_count +// metric_kind: DELTA +// value_type: INT64 +// billing: +// consumer_destinations: +// - monitored_resource: library.googleapis.com/branch +// metrics: +// - library.googleapis.com/book/borrowed_count +message Billing { + // Configuration of a specific billing destination (Currently only support + // bill against consumer project). + message BillingDestination { + // The monitored resource type. The type must be defined in + // [Service.monitored_resources][google.api.Service.monitored_resources] section. + string monitored_resource = 1; + + // Names of the metrics to report to this billing destination. + // Each name must be defined in [Service.metrics][google.api.Service.metrics] section. + repeated string metrics = 2; + } + + // Billing configurations for sending metrics to the consumer project. + // There can be multiple consumer destinations per service, each one must have + // a different monitored resource type. A metric can be used in at most + // one consumer destination. + repeated BillingDestination consumer_destinations = 8; +} diff --git a/crates/secd/proto/google/api/client.proto b/crates/secd/proto/google/api/client.proto new file mode 100644 index 0000000..2102623 --- /dev/null +++ b/crates/secd/proto/google/api/client.proto @@ -0,0 +1,99 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/descriptor.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "ClientProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +extend google.protobuf.MethodOptions { + // A definition of a client library method signature. + // + // In client libraries, each proto RPC corresponds to one or more methods + // which the end user is able to call, and calls the underlying RPC. + // Normally, this method receives a single argument (a struct or instance + // corresponding to the RPC request object). Defining this field will + // add one or more overloads providing flattened or simpler method signatures + // in some languages. + // + // The fields on the method signature are provided as a comma-separated + // string. + // + // For example, the proto RPC and annotation: + // + // rpc CreateSubscription(CreateSubscriptionRequest) + // returns (Subscription) { + // option (google.api.method_signature) = "name,topic"; + // } + // + // Would add the following Java overload (in addition to the method accepting + // the request object): + // + // public final Subscription createSubscription(String name, String topic) + // + // The following backwards-compatibility guidelines apply: + // + // * Adding this annotation to an unannotated method is backwards + // compatible. + // * Adding this annotation to a method which already has existing + // method signature annotations is backwards compatible if and only if + // the new method signature annotation is last in the sequence. + // * Modifying or removing an existing method signature annotation is + // a breaking change. + // * Re-ordering existing method signature annotations is a breaking + // change. + repeated string method_signature = 1051; +} + +extend google.protobuf.ServiceOptions { + // The hostname for this service. + // This should be specified with no prefix or protocol. + // + // Example: + // + // service Foo { + // option (google.api.default_host) = "foo.googleapi.com"; + // ... + // } + string default_host = 1049; + + // OAuth scopes needed for the client. + // + // Example: + // + // service Foo { + // option (google.api.oauth_scopes) = \ + // "https://www.googleapis.com/auth/cloud-platform"; + // ... + // } + // + // If there is more than one scope, use a comma-separated string: + // + // Example: + // + // service Foo { + // option (google.api.oauth_scopes) = \ + // "https://www.googleapis.com/auth/cloud-platform," + // "https://www.googleapis.com/auth/monitoring"; + // ... + // } + string oauth_scopes = 1050; +} diff --git a/crates/secd/proto/google/api/config_change.proto b/crates/secd/proto/google/api/config_change.proto new file mode 100644 index 0000000..1e78793 --- /dev/null +++ b/crates/secd/proto/google/api/config_change.proto @@ -0,0 +1,85 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/configchange;configchange"; +option java_multiple_files = true; +option java_outer_classname = "ConfigChangeProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Output generated from semantically comparing two versions of a service +// configuration. +// +// Includes detailed information about a field that have changed with +// applicable advice about potential consequences for the change, such as +// backwards-incompatibility. +message ConfigChange { + // Object hierarchy path to the change, with levels separated by a '.' + // character. For repeated fields, an applicable unique identifier field is + // used for the index (usually selector, name, or id). For maps, the term + // 'key' is used. If the field has no unique identifier, the numeric index + // is used. + // Examples: + // - visibility.rules[selector=="google.LibraryService.CreateBook"].restriction + // - quota.metric_rules[selector=="google"].metric_costs[key=="reads"].value + // - logging.producer_destinations[0] + string element = 1; + + // Value of the changed object in the old Service configuration, + // in JSON format. This field will not be populated if ChangeType == ADDED. + string old_value = 2; + + // Value of the changed object in the new Service configuration, + // in JSON format. This field will not be populated if ChangeType == REMOVED. + string new_value = 3; + + // The type for this change, either ADDED, REMOVED, or MODIFIED. + ChangeType change_type = 4; + + // Collection of advice provided for this change, useful for determining the + // possible impact of this change. + repeated Advice advices = 5; +} + +// Generated advice about this change, used for providing more +// information about how a change will affect the existing service. +message Advice { + // Useful description for why this advice was applied and what actions should + // be taken to mitigate any implied risks. + string description = 2; +} + +// Classifies set of possible modifications to an object in the service +// configuration. +enum ChangeType { + // No value was provided. + CHANGE_TYPE_UNSPECIFIED = 0; + + // The changed object exists in the 'new' service configuration, but not + // in the 'old' service configuration. + ADDED = 1; + + // The changed object exists in the 'old' service configuration, but not + // in the 'new' service configuration. + REMOVED = 2; + + // The changed object exists in both service configurations, but its value + // is different. + MODIFIED = 3; +} diff --git a/crates/secd/proto/google/api/consumer.proto b/crates/secd/proto/google/api/consumer.proto new file mode 100644 index 0000000..4e96316 --- /dev/null +++ b/crates/secd/proto/google/api/consumer.proto @@ -0,0 +1,83 @@ +// Copyright 2016 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "ConsumerProto"; +option java_package = "com.google.api"; + + +// A descriptor for defining project properties for a service. One service may +// have many consumer projects, and the service may want to behave differently +// depending on some properties on the project. For example, a project may be +// associated with a school, or a business, or a government agency, a business +// type property on the project may affect how a service responds to the client. +// This descriptor defines which properties are allowed to be set on a project. +// +// Example: +// +// project_properties: +// properties: +// - name: NO_WATERMARK +// type: BOOL +// description: Allows usage of the API without watermarks. +// - name: EXTENDED_TILE_CACHE_PERIOD +// type: INT64 +message ProjectProperties { + // List of per consumer project-specific properties. + repeated Property properties = 1; +} + +// Defines project properties. +// +// API services can define properties that can be assigned to consumer projects +// so that backends can perform response customization without having to make +// additional calls or maintain additional storage. For example, Maps API +// defines properties that controls map tile cache period, or whether to embed a +// watermark in a result. +// +// These values can be set via API producer console. Only API providers can +// define and set these properties. +message Property { + // Supported data type of the property values + enum PropertyType { + // The type is unspecified, and will result in an error. + UNSPECIFIED = 0; + + // The type is `int64`. + INT64 = 1; + + // The type is `bool`. + BOOL = 2; + + // The type is `string`. + STRING = 3; + + // The type is 'double'. + DOUBLE = 4; + } + + // The name of the property (a.k.a key). + string name = 1; + + // The type of this property. + PropertyType type = 2; + + // The description of the property + string description = 3; +} diff --git a/crates/secd/proto/google/api/context.proto b/crates/secd/proto/google/api/context.proto new file mode 100644 index 0000000..fd03fca --- /dev/null +++ b/crates/secd/proto/google/api/context.proto @@ -0,0 +1,63 @@ +// Copyright 2017 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "ContextProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Context` defines which contexts an API requests. +// +// Example: +// +// context: +// rules: +// - selector: "*" +// requested: +// - google.rpc.context.ProjectContext +// - google.rpc.context.OriginContext +// +// The above specifies that all methods in the API request +// `google.rpc.context.ProjectContext` and +// `google.rpc.context.OriginContext`. +// +// Available context types are defined in package +// `google.rpc.context`. +message Context { + // A list of RPC context rules that apply to individual API methods. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated ContextRule rules = 1; +} + +// A context rule provides information about the context for an individual API +// element. +message ContextRule { + // Selects the methods to which this rule applies. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // A list of full type names of requested contexts. + repeated string requested = 2; + + // A list of full type names of provided contexts. + repeated string provided = 3; +} diff --git a/crates/secd/proto/google/api/control.proto b/crates/secd/proto/google/api/control.proto new file mode 100644 index 0000000..772d611 --- /dev/null +++ b/crates/secd/proto/google/api/control.proto @@ -0,0 +1,33 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "ControlProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Selects and configures the service controller used by the service. The +// service controller handles features like abuse, quota, billing, logging, +// monitoring, etc. +message Control { + // The service control environment to use. If empty, no control plane + // feature (like quota and billing) will be enabled. + string environment = 1; +} diff --git a/crates/secd/proto/google/api/distribution.proto b/crates/secd/proto/google/api/distribution.proto new file mode 100644 index 0000000..f8bb252 --- /dev/null +++ b/crates/secd/proto/google/api/distribution.proto @@ -0,0 +1,213 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/any.proto"; +import "google/protobuf/timestamp.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/distribution;distribution"; +option java_multiple_files = true; +option java_outer_classname = "DistributionProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Distribution` contains summary statistics for a population of values. It +// optionally contains a histogram representing the distribution of those values +// across a set of buckets. +// +// The summary statistics are the count, mean, sum of the squared deviation from +// the mean, the minimum, and the maximum of the set of population of values. +// The histogram is based on a sequence of buckets and gives a count of values +// that fall into each bucket. The boundaries of the buckets are given either +// explicitly or by formulas for buckets of fixed or exponentially increasing +// widths. +// +// Although it is not forbidden, it is generally a bad idea to include +// non-finite values (infinities or NaNs) in the population of values, as this +// will render the `mean` and `sum_of_squared_deviation` fields meaningless. +message Distribution { + // The range of the population values. + message Range { + // The minimum of the population values. + double min = 1; + + // The maximum of the population values. + double max = 2; + } + + // `BucketOptions` describes the bucket boundaries used to create a histogram + // for the distribution. The buckets can be in a linear sequence, an + // exponential sequence, or each bucket can be specified explicitly. + // `BucketOptions` does not include the number of values in each bucket. + // + // A bucket has an inclusive lower bound and exclusive upper bound for the + // values that are counted for that bucket. The upper bound of a bucket must + // be strictly greater than the lower bound. The sequence of N buckets for a + // distribution consists of an underflow bucket (number 0), zero or more + // finite buckets (number 1 through N - 2) and an overflow bucket (number N - + // 1). The buckets are contiguous: the lower bound of bucket i (i > 0) is the + // same as the upper bound of bucket i - 1. The buckets span the whole range + // of finite values: lower bound of the underflow bucket is -infinity and the + // upper bound of the overflow bucket is +infinity. The finite buckets are + // so-called because both bounds are finite. + message BucketOptions { + // Specifies a linear sequence of buckets that all have the same width + // (except overflow and underflow). Each bucket represents a constant + // absolute uncertainty on the specific value in the bucket. + // + // There are `num_finite_buckets + 2` (= N) buckets. Bucket `i` has the + // following boundaries: + // + // Upper bound (0 <= i < N-1): offset + (width * i). + // Lower bound (1 <= i < N): offset + (width * (i - 1)). + message Linear { + // Must be greater than 0. + int32 num_finite_buckets = 1; + + // Must be greater than 0. + double width = 2; + + // Lower bound of the first bucket. + double offset = 3; + } + + // Specifies an exponential sequence of buckets that have a width that is + // proportional to the value of the lower bound. Each bucket represents a + // constant relative uncertainty on a specific value in the bucket. + // + // There are `num_finite_buckets + 2` (= N) buckets. Bucket `i` has the + // following boundaries: + // + // Upper bound (0 <= i < N-1): scale * (growth_factor ^ i). + // Lower bound (1 <= i < N): scale * (growth_factor ^ (i - 1)). + message Exponential { + // Must be greater than 0. + int32 num_finite_buckets = 1; + + // Must be greater than 1. + double growth_factor = 2; + + // Must be greater than 0. + double scale = 3; + } + + // Specifies a set of buckets with arbitrary widths. + // + // There are `size(bounds) + 1` (= N) buckets. Bucket `i` has the following + // boundaries: + // + // Upper bound (0 <= i < N-1): bounds[i] + // Lower bound (1 <= i < N); bounds[i - 1] + // + // The `bounds` field must contain at least one element. If `bounds` has + // only one element, then there are no finite buckets, and that single + // element is the common boundary of the overflow and underflow buckets. + message Explicit { + // The values must be monotonically increasing. + repeated double bounds = 1; + } + + // Exactly one of these three fields must be set. + oneof options { + // The linear bucket. + Linear linear_buckets = 1; + + // The exponential buckets. + Exponential exponential_buckets = 2; + + // The explicit buckets. + Explicit explicit_buckets = 3; + } + } + + // Exemplars are example points that may be used to annotate aggregated + // distribution values. They are metadata that gives information about a + // particular value added to a Distribution bucket, such as a trace ID that + // was active when a value was added. They may contain further information, + // such as a example values and timestamps, origin, etc. + message Exemplar { + // Value of the exemplar point. This value determines to which bucket the + // exemplar belongs. + double value = 1; + + // The observation (sampling) time of the above value. + google.protobuf.Timestamp timestamp = 2; + + // Contextual information about the example value. Examples are: + // + // Trace ID: type.googleapis.com/google.devtools.cloudtrace.v1.Trace + // + // Literal string: type.googleapis.com/google.protobuf.StringValue + // + // Labels dropped during aggregation: + // type.googleapis.com/google.monitoring.v3.DroppedLabels + // + // There may be only a single attachment of any given message type in a + // single exemplar, and this is enforced by the system. + repeated google.protobuf.Any attachments = 3; + } + + // The number of values in the population. Must be non-negative. This value + // must equal the sum of the values in `bucket_counts` if a histogram is + // provided. + int64 count = 1; + + // The arithmetic mean of the values in the population. If `count` is zero + // then this field must be zero. + double mean = 2; + + // The sum of squared deviations from the mean of the values in the + // population. For values x_i this is: + // + // Sum[i=1..n]((x_i - mean)^2) + // + // Knuth, "The Art of Computer Programming", Vol. 2, page 323, 3rd edition + // describes Welford's method for accumulating this sum in one pass. + // + // If `count` is zero then this field must be zero. + double sum_of_squared_deviation = 3; + + // If specified, contains the range of the population values. The field + // must not be present if the `count` is zero. + Range range = 4; + + // Defines the histogram bucket boundaries. If the distribution does not + // contain a histogram, then omit this field. + BucketOptions bucket_options = 6; + + // The number of values in each bucket of the histogram, as described in + // `bucket_options`. If the distribution does not have a histogram, then omit + // this field. If there is a histogram, then the sum of the values in + // `bucket_counts` must equal the value in the `count` field of the + // distribution. + // + // If present, `bucket_counts` should contain N values, where N is the number + // of buckets specified in `bucket_options`. If you supply fewer than N + // values, the remaining values are assumed to be 0. + // + // The order of the values in `bucket_counts` follows the bucket numbering + // schemes described for the three bucket types. The first value must be the + // count for the underflow bucket (number 0). The next N-2 values are the + // counts for the finite buckets (number 1 through N-2). The N'th value in + // `bucket_counts` is the count for the overflow bucket (number N-1). + repeated int64 bucket_counts = 7; + + // Must be in increasing order of `value` field. + repeated Exemplar exemplars = 10; +} diff --git a/crates/secd/proto/google/api/documentation.proto b/crates/secd/proto/google/api/documentation.proto new file mode 100644 index 0000000..03cd731 --- /dev/null +++ b/crates/secd/proto/google/api/documentation.proto @@ -0,0 +1,157 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "DocumentationProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Documentation` provides the information for describing a service. +// +// Example: +// <pre><code>documentation: +// summary: > +// The Google Calendar API gives access +// to most calendar features. +// pages: +// - name: Overview +// content: (== include google/foo/overview.md ==) +// - name: Tutorial +// content: (== include google/foo/tutorial.md ==) +// subpages; +// - name: Java +// content: (== include google/foo/tutorial_java.md ==) +// rules: +// - selector: google.calendar.Calendar.Get +// description: > +// ... +// - selector: google.calendar.Calendar.Put +// description: > +// ... +// </code></pre> +// Documentation is provided in markdown syntax. In addition to +// standard markdown features, definition lists, tables and fenced +// code blocks are supported. Section headers can be provided and are +// interpreted relative to the section nesting of the context where +// a documentation fragment is embedded. +// +// Documentation from the IDL is merged with documentation defined +// via the config at normalization time, where documentation provided +// by config rules overrides IDL provided. +// +// A number of constructs specific to the API platform are supported +// in documentation text. +// +// In order to reference a proto element, the following +// notation can be used: +// <pre><code>[fully.qualified.proto.name][]</code></pre> +// To override the display text used for the link, this can be used: +// <pre><code>[display text][fully.qualified.proto.name]</code></pre> +// Text can be excluded from doc using the following notation: +// <pre><code>(-- internal comment --)</code></pre> +// +// A few directives are available in documentation. Note that +// directives must appear on a single line to be properly +// identified. The `include` directive includes a markdown file from +// an external source: +// <pre><code>(== include path/to/file ==)</code></pre> +// The `resource_for` directive marks a message to be the resource of +// a collection in REST view. If it is not specified, tools attempt +// to infer the resource from the operations in a collection: +// <pre><code>(== resource_for v1.shelves.books ==)</code></pre> +// The directive `suppress_warning` does not directly affect documentation +// and is documented together with service config validation. +message Documentation { + // A short summary of what the service does. Can only be provided by + // plain text. + string summary = 1; + + // The top level pages for the documentation set. + repeated Page pages = 5; + + // A list of documentation rules that apply to individual API elements. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated DocumentationRule rules = 3; + + // The URL to the root of documentation. + string documentation_root_url = 4; + + // Declares a single overview page. For example: + // <pre><code>documentation: + // summary: ... + // overview: (== include overview.md ==) + // </code></pre> + // This is a shortcut for the following declaration (using pages style): + // <pre><code>documentation: + // summary: ... + // pages: + // - name: Overview + // content: (== include overview.md ==) + // </code></pre> + // Note: you cannot specify both `overview` field and `pages` field. + string overview = 2; +} + +// A documentation rule provides information about individual API elements. +message DocumentationRule { + // The selector is a comma-separated list of patterns. Each pattern is a + // qualified name of the element which may end in "*", indicating a wildcard. + // Wildcards are only allowed at the end and for a whole component of the + // qualified name, i.e. "foo.*" is ok, but not "foo.b*" or "foo.*.bar". To + // specify a default for all applicable elements, the whole pattern "*" + // is used. + string selector = 1; + + // Description of the selected API(s). + string description = 2; + + // Deprecation description of the selected element(s). It can be provided if an + // element is marked as `deprecated`. + string deprecation_description = 3; +} + +// Represents a documentation page. A page can contain subpages to represent +// nested documentation set structure. +message Page { + // The name of the page. It will be used as an identity of the page to + // generate URI of the page, text of the link to this page in navigation, + // etc. The full page name (start from the root page name to this page + // concatenated with `.`) can be used as reference to the page in your + // documentation. For example: + // <pre><code>pages: + // - name: Tutorial + // content: (== include tutorial.md ==) + // subpages: + // - name: Java + // content: (== include tutorial_java.md ==) + // </code></pre> + // You can reference `Java` page using Markdown reference link syntax: + // `[Java][Tutorial.Java]`. + string name = 1; + + // The Markdown content of the page. You can use <code>(== include {path} ==)</code> + // to include content from a Markdown file. + string content = 2; + + // Subpages of this page. The order of subpages specified here will be + // honored in the generated docset. + repeated Page subpages = 3; +} diff --git a/crates/secd/proto/google/api/endpoint.proto b/crates/secd/proto/google/api/endpoint.proto new file mode 100644 index 0000000..c7bb13b --- /dev/null +++ b/crates/secd/proto/google/api/endpoint.proto @@ -0,0 +1,71 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "EndpointProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Endpoint` describes a network endpoint that serves a set of APIs. +// A service may expose any number of endpoints, and all endpoints share the +// same service configuration, such as quota configuration and monitoring +// configuration. +// +// Example service configuration: +// +// name: library-example.googleapis.com +// endpoints: +// # Below entry makes 'google.example.library.v1.Library' +// # API be served from endpoint address library-example.googleapis.com. +// # It also allows HTTP OPTIONS calls to be passed to the backend, for +// # it to decide whether the subsequent cross-origin request is +// # allowed to proceed. +// - name: library-example.googleapis.com +// allow_cors: true +message Endpoint { + // The canonical name of this endpoint. + string name = 1; + + // DEPRECATED: This field is no longer supported. Instead of using aliases, + // please specify multiple [google.api.Endpoint][google.api.Endpoint] for each of the intended + // aliases. + // + // Additional names that this endpoint will be hosted on. + repeated string aliases = 2; + + // The list of features enabled on this endpoint. + repeated string features = 4; + + // The specification of an Internet routable address of API frontend that will + // handle requests to this [API Endpoint](https://cloud.google.com/apis/design/glossary). + // It should be either a valid IPv4 address or a fully-qualified domain name. + // For example, "8.8.8.8" or "myservice.appspot.com". + string target = 101; + + // Allowing + // [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), aka + // cross-domain traffic, would allow the backends served from this endpoint to + // receive and respond to HTTP OPTIONS requests. The response will be used by + // the browser to determine whether the subsequent cross-origin request is + // allowed to proceed. + bool allow_cors = 5; +} diff --git a/crates/secd/proto/google/api/field_behavior.proto b/crates/secd/proto/google/api/field_behavior.proto new file mode 100644 index 0000000..6866679 --- /dev/null +++ b/crates/secd/proto/google/api/field_behavior.proto @@ -0,0 +1,84 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/descriptor.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "FieldBehaviorProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +extend google.protobuf.FieldOptions { + // A designation of a specific field behavior (required, output only, etc.) + // in protobuf messages. + // + // Examples: + // + // string name = 1 [(google.api.field_behavior) = REQUIRED]; + // State state = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; + // google.protobuf.Duration ttl = 1 + // [(google.api.field_behavior) = INPUT_ONLY]; + // google.protobuf.Timestamp expire_time = 1 + // [(google.api.field_behavior) = OUTPUT_ONLY, + // (google.api.field_behavior) = IMMUTABLE]; + repeated google.api.FieldBehavior field_behavior = 1052; +} + +// An indicator of the behavior of a given field (for example, that a field +// is required in requests, or given as output but ignored as input). +// This **does not** change the behavior in protocol buffers itself; it only +// denotes the behavior and may affect how API tooling handles the field. +// +// Note: This enum **may** receive new values in the future. +enum FieldBehavior { + // Conventional default for enums. Do not use this. + FIELD_BEHAVIOR_UNSPECIFIED = 0; + + // Specifically denotes a field as optional. + // While all fields in protocol buffers are optional, this may be specified + // for emphasis if appropriate. + OPTIONAL = 1; + + // Denotes a field as required. + // This indicates that the field **must** be provided as part of the request, + // and failure to do so will cause an error (usually `INVALID_ARGUMENT`). + REQUIRED = 2; + + // Denotes a field as output only. + // This indicates that the field is provided in responses, but including the + // field in a request does nothing (the server *must* ignore it and + // *must not* throw an error as a result of the field's presence). + OUTPUT_ONLY = 3; + + // Denotes a field as input only. + // This indicates that the field is provided in requests, and the + // corresponding field is not included in output. + INPUT_ONLY = 4; + + // Denotes a field as immutable. + // This indicates that the field may be set once in a request to create a + // resource, but may not be changed thereafter. + IMMUTABLE = 5; + + // Denotes that a (repeated) field is an unordered list. + // This indicates that the service may provide the elements of the list + // in any arbitrary order, rather than the order the user originally + // provided. Additionally, the list's order may or may not be stable. + UNORDERED_LIST = 6; +} diff --git a/crates/secd/proto/google/api/http.proto b/crates/secd/proto/google/api/http.proto new file mode 100644 index 0000000..2bd3a19 --- /dev/null +++ b/crates/secd/proto/google/api/http.proto @@ -0,0 +1,318 @@ +// Copyright 2018 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "HttpProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Defines the HTTP configuration for an API service. It contains a list of +// [HttpRule][google.api.HttpRule], each specifying the mapping of an RPC method +// to one or more HTTP REST API methods. +message Http { + // A list of HTTP configuration rules that apply to individual API methods. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated HttpRule rules = 1; + + // When set to true, URL path parmeters will be fully URI-decoded except in + // cases of single segment matches in reserved expansion, where "%2F" will be + // left encoded. + // + // The default behavior is to not decode RFC 6570 reserved characters in multi + // segment matches. + bool fully_decode_reserved_expansion = 2; +} + +// `HttpRule` defines the mapping of an RPC method to one or more HTTP +// REST API methods. The mapping specifies how different portions of the RPC +// request message are mapped to URL path, URL query parameters, and +// HTTP request body. The mapping is typically specified as an +// `google.api.http` annotation on the RPC method, +// see "google/api/annotations.proto" for details. +// +// The mapping consists of a field specifying the path template and +// method kind. The path template can refer to fields in the request +// message, as in the example below which describes a REST GET +// operation on a resource collection of messages: +// +// +// service Messaging { +// rpc GetMessage(GetMessageRequest) returns (Message) { +// option (google.api.http).get = "/v1/messages/{message_id}/{sub.subfield}"; +// } +// } +// message GetMessageRequest { +// message SubMessage { +// string subfield = 1; +// } +// string message_id = 1; // mapped to the URL +// SubMessage sub = 2; // `sub.subfield` is url-mapped +// } +// message Message { +// string text = 1; // content of the resource +// } +// +// The same http annotation can alternatively be expressed inside the +// `GRPC API Configuration` YAML file. +// +// http: +// rules: +// - selector: <proto_package_name>.Messaging.GetMessage +// get: /v1/messages/{message_id}/{sub.subfield} +// +// This definition enables an automatic, bidrectional mapping of HTTP +// JSON to RPC. Example: +// +// HTTP | RPC +// -----|----- +// `GET /v1/messages/123456/foo` | `GetMessage(message_id: "123456" sub: SubMessage(subfield: "foo"))` +// +// In general, not only fields but also field paths can be referenced +// from a path pattern. Fields mapped to the path pattern cannot be +// repeated and must have a primitive (non-message) type. +// +// Any fields in the request message which are not bound by the path +// pattern automatically become (optional) HTTP query +// parameters. Assume the following definition of the request message: +// +// +// service Messaging { +// rpc GetMessage(GetMessageRequest) returns (Message) { +// option (google.api.http).get = "/v1/messages/{message_id}"; +// } +// } +// message GetMessageRequest { +// message SubMessage { +// string subfield = 1; +// } +// string message_id = 1; // mapped to the URL +// int64 revision = 2; // becomes a parameter +// SubMessage sub = 3; // `sub.subfield` becomes a parameter +// } +// +// +// This enables a HTTP JSON to RPC mapping as below: +// +// HTTP | RPC +// -----|----- +// `GET /v1/messages/123456?revision=2&sub.subfield=foo` | `GetMessage(message_id: "123456" revision: 2 sub: SubMessage(subfield: "foo"))` +// +// Note that fields which are mapped to HTTP parameters must have a +// primitive type or a repeated primitive type. Message types are not +// allowed. In the case of a repeated type, the parameter can be +// repeated in the URL, as in `...?param=A¶m=B`. +// +// For HTTP method kinds which allow a request body, the `body` field +// specifies the mapping. Consider a REST update method on the +// message resource collection: +// +// +// service Messaging { +// rpc UpdateMessage(UpdateMessageRequest) returns (Message) { +// option (google.api.http) = { +// put: "/v1/messages/{message_id}" +// body: "message" +// }; +// } +// } +// message UpdateMessageRequest { +// string message_id = 1; // mapped to the URL +// Message message = 2; // mapped to the body +// } +// +// +// The following HTTP JSON to RPC mapping is enabled, where the +// representation of the JSON in the request body is determined by +// protos JSON encoding: +// +// HTTP | RPC +// -----|----- +// `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" message { text: "Hi!" })` +// +// The special name `*` can be used in the body mapping to define that +// every field not bound by the path template should be mapped to the +// request body. This enables the following alternative definition of +// the update method: +// +// service Messaging { +// rpc UpdateMessage(Message) returns (Message) { +// option (google.api.http) = { +// put: "/v1/messages/{message_id}" +// body: "*" +// }; +// } +// } +// message Message { +// string message_id = 1; +// string text = 2; +// } +// +// +// The following HTTP JSON to RPC mapping is enabled: +// +// HTTP | RPC +// -----|----- +// `PUT /v1/messages/123456 { "text": "Hi!" }` | `UpdateMessage(message_id: "123456" text: "Hi!")` +// +// Note that when using `*` in the body mapping, it is not possible to +// have HTTP parameters, as all fields not bound by the path end in +// the body. This makes this option more rarely used in practice of +// defining REST APIs. The common usage of `*` is in custom methods +// which don't use the URL at all for transferring data. +// +// It is possible to define multiple HTTP methods for one RPC by using +// the `additional_bindings` option. Example: +// +// service Messaging { +// rpc GetMessage(GetMessageRequest) returns (Message) { +// option (google.api.http) = { +// get: "/v1/messages/{message_id}" +// additional_bindings { +// get: "/v1/users/{user_id}/messages/{message_id}" +// } +// }; +// } +// } +// message GetMessageRequest { +// string message_id = 1; +// string user_id = 2; +// } +// +// +// This enables the following two alternative HTTP JSON to RPC +// mappings: +// +// HTTP | RPC +// -----|----- +// `GET /v1/messages/123456` | `GetMessage(message_id: "123456")` +// `GET /v1/users/me/messages/123456` | `GetMessage(user_id: "me" message_id: "123456")` +// +// # Rules for HTTP mapping +// +// The rules for mapping HTTP path, query parameters, and body fields +// to the request message are as follows: +// +// 1. The `body` field specifies either `*` or a field path, or is +// omitted. If omitted, it indicates there is no HTTP request body. +// 2. Leaf fields (recursive expansion of nested messages in the +// request) can be classified into three types: +// (a) Matched in the URL template. +// (b) Covered by body (if body is `*`, everything except (a) fields; +// else everything under the body field) +// (c) All other fields. +// 3. URL query parameters found in the HTTP request are mapped to (c) fields. +// 4. Any body sent with an HTTP request can contain only (b) fields. +// +// The syntax of the path template is as follows: +// +// Template = "/" Segments [ Verb ] ; +// Segments = Segment { "/" Segment } ; +// Segment = "*" | "**" | LITERAL | Variable ; +// Variable = "{" FieldPath [ "=" Segments ] "}" ; +// FieldPath = IDENT { "." IDENT } ; +// Verb = ":" LITERAL ; +// +// The syntax `*` matches a single path segment. The syntax `**` matches zero +// or more path segments, which must be the last part of the path except the +// `Verb`. The syntax `LITERAL` matches literal text in the path. +// +// The syntax `Variable` matches part of the URL path as specified by its +// template. A variable template must not contain other variables. If a variable +// matches a single path segment, its template may be omitted, e.g. `{var}` +// is equivalent to `{var=*}`. +// +// If a variable contains exactly one path segment, such as `"{var}"` or +// `"{var=*}"`, when such a variable is expanded into a URL path, all characters +// except `[-_.~0-9a-zA-Z]` are percent-encoded. Such variables show up in the +// Discovery Document as `{var}`. +// +// If a variable contains one or more path segments, such as `"{var=foo/*}"` +// or `"{var=**}"`, when such a variable is expanded into a URL path, all +// characters except `[-_.~/0-9a-zA-Z]` are percent-encoded. Such variables +// show up in the Discovery Document as `{+var}`. +// +// NOTE: While the single segment variable matches the semantics of +// [RFC 6570](https://tools.ietf.org/html/rfc6570) Section 3.2.2 +// Simple String Expansion, the multi segment variable **does not** match +// RFC 6570 Reserved Expansion. The reason is that the Reserved Expansion +// does not expand special characters like `?` and `#`, which would lead +// to invalid URLs. +// +// NOTE: the field paths in variables and in the `body` must not refer to +// repeated fields or map fields. +message HttpRule { + // Selects methods to which this rule applies. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // Determines the URL pattern is matched by this rules. This pattern can be + // used with any of the {get|put|post|delete|patch} methods. A custom method + // can be defined using the 'custom' field. + oneof pattern { + // Used for listing and getting information about resources. + string get = 2; + + // Used for updating a resource. + string put = 3; + + // Used for creating a resource. + string post = 4; + + // Used for deleting a resource. + string delete = 5; + + // Used for updating a resource. + string patch = 6; + + // The custom pattern is used for specifying an HTTP method that is not + // included in the `pattern` field, such as HEAD, or "*" to leave the + // HTTP method unspecified for this rule. The wild-card rule is useful + // for services that provide content to Web (HTML) clients. + CustomHttpPattern custom = 8; + } + + // The name of the request field whose value is mapped to the HTTP body, or + // `*` for mapping all fields not captured by the path pattern to the HTTP + // body. NOTE: the referred field must not be a repeated field and must be + // present at the top-level of request message type. + string body = 7; + + // Optional. The name of the response field whose value is mapped to the HTTP + // body of response. Other response fields are ignored. When + // not set, the response message will be used as HTTP body of response. + string response_body = 12; + + // Additional HTTP bindings for the selector. Nested bindings must + // not contain an `additional_bindings` field themselves (that is, + // the nesting may only be one level deep). + repeated HttpRule additional_bindings = 11; +} + +// A custom pattern is used for defining custom HTTP verb. +message CustomHttpPattern { + // The name of this custom HTTP verb. + string kind = 1; + + // The path matched by this custom verb. + string path = 2; +} diff --git a/crates/secd/proto/google/api/httpbody.proto b/crates/secd/proto/google/api/httpbody.proto new file mode 100644 index 0000000..0e86e26 --- /dev/null +++ b/crates/secd/proto/google/api/httpbody.proto @@ -0,0 +1,76 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/any.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/httpbody;httpbody"; +option java_multiple_files = true; +option java_outer_classname = "HttpBodyProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Message that represents an arbitrary HTTP body. It should only be used for +// payload formats that can't be represented as JSON, such as raw binary or +// an HTML page. +// +// +// This message can be used both in streaming and non-streaming API methods in +// the request as well as the response. +// +// It can be used as a top-level request field, which is convenient if one +// wants to extract parameters from either the URL or HTTP template into the +// request fields and also want access to the raw HTTP body. +// +// Example: +// +// message GetResourceRequest { +// // A unique request id. +// string request_id = 1; +// +// // The raw HTTP body is bound to this field. +// google.api.HttpBody http_body = 2; +// } +// +// service ResourceService { +// rpc GetResource(GetResourceRequest) returns (google.api.HttpBody); +// rpc UpdateResource(google.api.HttpBody) returns (google.protobuf.Empty); +// } +// +// Example with streaming methods: +// +// service CaldavService { +// rpc GetCalendar(stream google.api.HttpBody) +// returns (stream google.api.HttpBody); +// rpc UpdateCalendar(stream google.api.HttpBody) +// returns (stream google.api.HttpBody); +// } +// +// Use of this type only changes how the request and response bodies are +// handled, all other features will continue to work unchanged. +message HttpBody { + // The HTTP Content-Type string representing the content type of the body. + string content_type = 1; + + // HTTP body binary data. + bytes data = 2; + + // Application specific response metadata. Must be set in the first response + // for streaming APIs. + repeated google.protobuf.Any extensions = 3; +} diff --git a/crates/secd/proto/google/api/label.proto b/crates/secd/proto/google/api/label.proto new file mode 100644 index 0000000..3c20752 --- /dev/null +++ b/crates/secd/proto/google/api/label.proto @@ -0,0 +1,49 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/api/label;label"; +option java_multiple_files = true; +option java_outer_classname = "LabelProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// A description of a label. +message LabelDescriptor { + // Value types that can be used as label values. + enum ValueType { + // A variable-length string. This is the default. + STRING = 0; + + // Boolean; true or false. + BOOL = 1; + + // A 64-bit signed integer. + INT64 = 2; + } + + // The label key. + string key = 1; + + // The type of data that can be assigned to the label. + ValueType value_type = 2; + + // A human-readable description for the label. + string description = 3; +} diff --git a/crates/secd/proto/google/api/launch_stage.proto b/crates/secd/proto/google/api/launch_stage.proto new file mode 100644 index 0000000..55fd914 --- /dev/null +++ b/crates/secd/proto/google/api/launch_stage.proto @@ -0,0 +1,67 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api;api"; +option java_multiple_files = true; +option java_outer_classname = "LaunchStageProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +// The launch stage as defined by [Google Cloud Platform +// Launch Stages](http://cloud.google.com/terms/launch-stages). +enum LaunchStage { + // Do not use this default value. + LAUNCH_STAGE_UNSPECIFIED = 0; + + // Early Access features are limited to a closed group of testers. To use + // these features, you must sign up in advance and sign a Trusted Tester + // agreement (which includes confidentiality provisions). These features may + // be unstable, changed in backward-incompatible ways, and are not + // guaranteed to be released. + EARLY_ACCESS = 1; + + // Alpha is a limited availability test for releases before they are cleared + // for widespread use. By Alpha, all significant design issues are resolved + // and we are in the process of verifying functionality. Alpha customers + // need to apply for access, agree to applicable terms, and have their + // projects whitelisted. Alpha releases don’t have to be feature complete, + // no SLAs are provided, and there are no technical support obligations, but + // they will be far enough along that customers can actually use them in + // test environments or for limited-use tests -- just like they would in + // normal production cases. + ALPHA = 2; + + // Beta is the point at which we are ready to open a release for any + // customer to use. There are no SLA or technical support obligations in a + // Beta release. Products will be complete from a feature perspective, but + // may have some open outstanding issues. Beta releases are suitable for + // limited production use cases. + BETA = 3; + + // GA features are open to all developers and are considered stable and + // fully qualified for production use. + GA = 4; + + // Deprecated features are scheduled to be shut down and removed. For more + // information, see the “Deprecation Policy” section of our [Terms of + // Service](https://cloud.google.com/terms/) + // and the [Google Cloud Platform Subject to the Deprecation + // Policy](https://cloud.google.com/terms/deprecation) documentation. + DEPRECATED = 5; +} diff --git a/crates/secd/proto/google/api/log.proto b/crates/secd/proto/google/api/log.proto new file mode 100644 index 0000000..673b524 --- /dev/null +++ b/crates/secd/proto/google/api/log.proto @@ -0,0 +1,55 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/label.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "LogProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// A description of a log type. Example in YAML format: +// +// - name: library.googleapis.com/activity_history +// description: The history of borrowing and returning library items. +// display_name: Activity +// labels: +// - key: /customer_id +// description: Identifier of a library customer +message LogDescriptor { + // The name of the log. It must be less than 512 characters long and can + // include the following characters: upper- and lower-case alphanumeric + // characters [A-Za-z0-9], and punctuation characters including + // slash, underscore, hyphen, period [/_-.]. + string name = 1; + + // The set of labels that are available to describe a specific log entry. + // Runtime requests that contain labels not specified here are + // considered invalid. + repeated LabelDescriptor labels = 2; + + // A human-readable description of this log. This information appears in + // the documentation and can contain details. + string description = 3; + + // The human-readable name for this log. This information appears on + // the user interface and should be concise. + string display_name = 4; +} diff --git a/crates/secd/proto/google/api/logging.proto b/crates/secd/proto/google/api/logging.proto new file mode 100644 index 0000000..ee7c196 --- /dev/null +++ b/crates/secd/proto/google/api/logging.proto @@ -0,0 +1,83 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "LoggingProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Logging configuration of the service. +// +// The following example shows how to configure logs to be sent to the +// producer and consumer projects. In the example, the `activity_history` +// log is sent to both the producer and consumer projects, whereas the +// `purchase_history` log is only sent to the producer project. +// +// monitored_resources: +// - type: library.googleapis.com/branch +// labels: +// - key: /city +// description: The city where the library branch is located in. +// - key: /name +// description: The name of the branch. +// logs: +// - name: activity_history +// labels: +// - key: /customer_id +// - name: purchase_history +// logging: +// producer_destinations: +// - monitored_resource: library.googleapis.com/branch +// logs: +// - activity_history +// - purchase_history +// consumer_destinations: +// - monitored_resource: library.googleapis.com/branch +// logs: +// - activity_history +message Logging { + // Configuration of a specific logging destination (the producer project + // or the consumer project). + message LoggingDestination { + // The monitored resource type. The type must be defined in the + // [Service.monitored_resources][google.api.Service.monitored_resources] section. + string monitored_resource = 3; + + // Names of the logs to be sent to this destination. Each name must + // be defined in the [Service.logs][google.api.Service.logs] section. If the log name is + // not a domain scoped name, it will be automatically prefixed with + // the service name followed by "/". + repeated string logs = 1; + } + + // Logging configurations for sending logs to the producer project. + // There can be multiple producer destinations, each one must have a + // different monitored resource type. A log can be used in at most + // one producer destination. + repeated LoggingDestination producer_destinations = 1; + + // Logging configurations for sending logs to the consumer project. + // There can be multiple consumer destinations, each one must have a + // different monitored resource type. A log can be used in at most + // one consumer destination. + repeated LoggingDestination consumer_destinations = 2; +} diff --git a/crates/secd/proto/google/api/metric.proto b/crates/secd/proto/google/api/metric.proto new file mode 100644 index 0000000..5473ce5 --- /dev/null +++ b/crates/secd/proto/google/api/metric.proto @@ -0,0 +1,192 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/label.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/metric;metric"; +option java_multiple_files = true; +option java_outer_classname = "MetricProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Defines a metric type and its schema. Once a metric descriptor is created, +// deleting or altering it stops data collection and makes the metric type's +// existing data unusable. +message MetricDescriptor { + // The kind of measurement. It describes how the data is reported. + enum MetricKind { + // Do not use this default value. + METRIC_KIND_UNSPECIFIED = 0; + + // An instantaneous measurement of a value. + GAUGE = 1; + + // The change in a value during a time interval. + DELTA = 2; + + // A value accumulated over a time interval. Cumulative + // measurements in a time series should have the same start time + // and increasing end times, until an event resets the cumulative + // value to zero and sets a new start time for the following + // points. + CUMULATIVE = 3; + } + + // The value type of a metric. + enum ValueType { + // Do not use this default value. + VALUE_TYPE_UNSPECIFIED = 0; + + // The value is a boolean. + // This value type can be used only if the metric kind is `GAUGE`. + BOOL = 1; + + // The value is a signed 64-bit integer. + INT64 = 2; + + // The value is a double precision floating point number. + DOUBLE = 3; + + // The value is a text string. + // This value type can be used only if the metric kind is `GAUGE`. + STRING = 4; + + // The value is a [`Distribution`][google.api.Distribution]. + DISTRIBUTION = 5; + + // The value is money. + MONEY = 6; + } + + // The resource name of the metric descriptor. + string name = 1; + + // The metric type, including its DNS name prefix. The type is not + // URL-encoded. All user-defined custom metric types have the DNS name + // `custom.googleapis.com`. Metric types should use a natural hierarchical + // grouping. For example: + // + // "custom.googleapis.com/invoice/paid/amount" + // "appengine.googleapis.com/http/server/response_latencies" + string type = 8; + + // The set of labels that can be used to describe a specific + // instance of this metric type. For example, the + // `appengine.googleapis.com/http/server/response_latencies` metric + // type has a label for the HTTP response code, `response_code`, so + // you can look at latencies for successful responses or just + // for responses that failed. + repeated LabelDescriptor labels = 2; + + // Whether the metric records instantaneous values, changes to a value, etc. + // Some combinations of `metric_kind` and `value_type` might not be supported. + MetricKind metric_kind = 3; + + // Whether the measurement is an integer, a floating-point number, etc. + // Some combinations of `metric_kind` and `value_type` might not be supported. + ValueType value_type = 4; + + // The unit in which the metric value is reported. It is only applicable + // if the `value_type` is `INT64`, `DOUBLE`, or `DISTRIBUTION`. The + // supported units are a subset of [The Unified Code for Units of + // Measure](http://unitsofmeasure.org/ucum.html) standard: + // + // **Basic units (UNIT)** + // + // * `bit` bit + // * `By` byte + // * `s` second + // * `min` minute + // * `h` hour + // * `d` day + // + // **Prefixes (PREFIX)** + // + // * `k` kilo (10**3) + // * `M` mega (10**6) + // * `G` giga (10**9) + // * `T` tera (10**12) + // * `P` peta (10**15) + // * `E` exa (10**18) + // * `Z` zetta (10**21) + // * `Y` yotta (10**24) + // * `m` milli (10**-3) + // * `u` micro (10**-6) + // * `n` nano (10**-9) + // * `p` pico (10**-12) + // * `f` femto (10**-15) + // * `a` atto (10**-18) + // * `z` zepto (10**-21) + // * `y` yocto (10**-24) + // * `Ki` kibi (2**10) + // * `Mi` mebi (2**20) + // * `Gi` gibi (2**30) + // * `Ti` tebi (2**40) + // + // **Grammar** + // + // The grammar also includes these connectors: + // + // * `/` division (as an infix operator, e.g. `1/s`). + // * `.` multiplication (as an infix operator, e.g. `GBy.d`) + // + // The grammar for a unit is as follows: + // + // Expression = Component { "." Component } { "/" Component } ; + // + // Component = ( [ PREFIX ] UNIT | "%" ) [ Annotation ] + // | Annotation + // | "1" + // ; + // + // Annotation = "{" NAME "}" ; + // + // Notes: + // + // * `Annotation` is just a comment if it follows a `UNIT` and is + // equivalent to `1` if it is used alone. For examples, + // `{requests}/s == 1/s`, `By{transmitted}/s == By/s`. + // * `NAME` is a sequence of non-blank printable ASCII characters not + // containing '{' or '}'. + // * `1` represents dimensionless value 1, such as in `1/s`. + // * `%` represents dimensionless value 1/100, and annotates values giving + // a percentage. + string unit = 5; + + // A detailed description of the metric, which can be used in documentation. + string description = 6; + + // A concise name for the metric, which can be displayed in user interfaces. + // Use sentence case without an ending period, for example "Request count". + // This field is optional but it is recommended to be set for any metrics + // associated with user-visible concepts, such as Quota. + string display_name = 7; +} + +// A specific metric, identified by specifying values for all of the +// labels of a [`MetricDescriptor`][google.api.MetricDescriptor]. +message Metric { + // An existing metric type, see [google.api.MetricDescriptor][google.api.MetricDescriptor]. + // For example, `custom.googleapis.com/invoice/paid/amount`. + string type = 3; + + // The set of label values that uniquely identify this metric. All + // labels listed in the `MetricDescriptor` must be assigned values. + map<string, string> labels = 2; +} diff --git a/crates/secd/proto/google/api/monitored_resource.proto b/crates/secd/proto/google/api/monitored_resource.proto new file mode 100644 index 0000000..189ccd4 --- /dev/null +++ b/crates/secd/proto/google/api/monitored_resource.proto @@ -0,0 +1,116 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/label.proto"; +import "google/protobuf/struct.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/api/monitoredres;monitoredres"; +option java_multiple_files = true; +option java_outer_classname = "MonitoredResourceProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// An object that describes the schema of a [MonitoredResource][google.api.MonitoredResource] object using a +// type name and a set of labels. For example, the monitored resource +// descriptor for Google Compute Engine VM instances has a type of +// `"gce_instance"` and specifies the use of the labels `"instance_id"` and +// `"zone"` to identify particular VM instances. +// +// Different APIs can support different monitored resource types. APIs generally +// provide a `list` method that returns the monitored resource descriptors used +// by the API. +message MonitoredResourceDescriptor { + // Optional. The resource name of the monitored resource descriptor: + // `"projects/{project_id}/monitoredResourceDescriptors/{type}"` where + // {type} is the value of the `type` field in this object and + // {project_id} is a project ID that provides API-specific context for + // accessing the type. APIs that do not use project information can use the + // resource name format `"monitoredResourceDescriptors/{type}"`. + string name = 5; + + // Required. The monitored resource type. For example, the type + // `"cloudsql_database"` represents databases in Google Cloud SQL. + // The maximum length of this value is 256 characters. + string type = 1; + + // Optional. A concise name for the monitored resource type that might be + // displayed in user interfaces. It should be a Title Cased Noun Phrase, + // without any article or other determiners. For example, + // `"Google Cloud SQL Database"`. + string display_name = 2; + + // Optional. A detailed description of the monitored resource type that might + // be used in documentation. + string description = 3; + + // Required. A set of labels used to describe instances of this monitored + // resource type. For example, an individual Google Cloud SQL database is + // identified by values for the labels `"database_id"` and `"zone"`. + repeated LabelDescriptor labels = 4; +} + +// An object representing a resource that can be used for monitoring, logging, +// billing, or other purposes. Examples include virtual machine instances, +// databases, and storage devices such as disks. The `type` field identifies a +// [MonitoredResourceDescriptor][google.api.MonitoredResourceDescriptor] object that describes the resource's +// schema. Information in the `labels` field identifies the actual resource and +// its attributes according to the schema. For example, a particular Compute +// Engine VM instance could be represented by the following object, because the +// [MonitoredResourceDescriptor][google.api.MonitoredResourceDescriptor] for `"gce_instance"` has labels +// `"instance_id"` and `"zone"`: +// +// { "type": "gce_instance", +// "labels": { "instance_id": "12345678901234", +// "zone": "us-central1-a" }} +message MonitoredResource { + // Required. The monitored resource type. This field must match + // the `type` field of a [MonitoredResourceDescriptor][google.api.MonitoredResourceDescriptor] object. For + // example, the type of a Compute Engine VM instance is `gce_instance`. + string type = 1; + + // Required. Values for all of the labels listed in the associated monitored + // resource descriptor. For example, Compute Engine VM instances use the + // labels `"project_id"`, `"instance_id"`, and `"zone"`. + map<string, string> labels = 2; +} + +// Auxiliary metadata for a [MonitoredResource][google.api.MonitoredResource] object. +// [MonitoredResource][google.api.MonitoredResource] objects contain the minimum set of information to +// uniquely identify a monitored resource instance. There is some other useful +// auxiliary metadata. Google Stackdriver Monitoring & Logging uses an ingestion +// pipeline to extract metadata for cloud resources of all types , and stores +// the metadata in this message. +message MonitoredResourceMetadata { + // Output only. Values for predefined system metadata labels. + // System labels are a kind of metadata extracted by Google Stackdriver. + // Stackdriver determines what system labels are useful and how to obtain + // their values. Some examples: "machine_image", "vpc", "subnet_id", + // "security_group", "name", etc. + // System label values can be only strings, Boolean values, or a list of + // strings. For example: + // + // { "name": "my-test-instance", + // "security_group": ["a", "b", "c"], + // "spot_instance": false } + google.protobuf.Struct system_labels = 1; + + // Output only. A map of user-defined metadata labels. + map<string, string> user_labels = 2; +} diff --git a/crates/secd/proto/google/api/monitoring.proto b/crates/secd/proto/google/api/monitoring.proto new file mode 100644 index 0000000..3057214 --- /dev/null +++ b/crates/secd/proto/google/api/monitoring.proto @@ -0,0 +1,89 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "MonitoringProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Monitoring configuration of the service. +// +// The example below shows how to configure monitored resources and metrics +// for monitoring. In the example, a monitored resource and two metrics are +// defined. The `library.googleapis.com/book/returned_count` metric is sent +// to both producer and consumer projects, whereas the +// `library.googleapis.com/book/overdue_count` metric is only sent to the +// consumer project. +// +// monitored_resources: +// - type: library.googleapis.com/branch +// labels: +// - key: /city +// description: The city where the library branch is located in. +// - key: /name +// description: The name of the branch. +// metrics: +// - name: library.googleapis.com/book/returned_count +// metric_kind: DELTA +// value_type: INT64 +// labels: +// - key: /customer_id +// - name: library.googleapis.com/book/overdue_count +// metric_kind: GAUGE +// value_type: INT64 +// labels: +// - key: /customer_id +// monitoring: +// producer_destinations: +// - monitored_resource: library.googleapis.com/branch +// metrics: +// - library.googleapis.com/book/returned_count +// consumer_destinations: +// - monitored_resource: library.googleapis.com/branch +// metrics: +// - library.googleapis.com/book/returned_count +// - library.googleapis.com/book/overdue_count +message Monitoring { + // Configuration of a specific monitoring destination (the producer project + // or the consumer project). + message MonitoringDestination { + // The monitored resource type. The type must be defined in + // [Service.monitored_resources][google.api.Service.monitored_resources] section. + string monitored_resource = 1; + + // Names of the metrics to report to this monitoring destination. + // Each name must be defined in [Service.metrics][google.api.Service.metrics] section. + repeated string metrics = 2; + } + + // Monitoring configurations for sending metrics to the producer project. + // There can be multiple producer destinations, each one must have a + // different monitored resource type. A metric can be used in at most + // one producer destination. + repeated MonitoringDestination producer_destinations = 1; + + // Monitoring configurations for sending metrics to the consumer project. + // There can be multiple consumer destinations, each one must have a + // different monitored resource type. A metric can be used in at most + // one consumer destination. + repeated MonitoringDestination consumer_destinations = 2; +} diff --git a/crates/secd/proto/google/api/quota.proto b/crates/secd/proto/google/api/quota.proto new file mode 100644 index 0000000..aa327a1 --- /dev/null +++ b/crates/secd/proto/google/api/quota.proto @@ -0,0 +1,259 @@ +// Copyright 2017 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "QuotaProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Quota configuration helps to achieve fairness and budgeting in service +// usage. +// +// The quota configuration works this way: +// - The service configuration defines a set of metrics. +// - For API calls, the quota.metric_rules maps methods to metrics with +// corresponding costs. +// - The quota.limits defines limits on the metrics, which will be used for +// quota checks at runtime. +// +// An example quota configuration in yaml format: +// +// quota: +// limits: +// +// - name: apiWriteQpsPerProject +// metric: library.googleapis.com/write_calls +// unit: "1/min/{project}" # rate limit for consumer projects +// values: +// STANDARD: 10000 +// +// # The metric rules bind all methods to the read_calls metric, +// # except for the UpdateBook and DeleteBook methods. These two methods +// # are mapped to the write_calls metric, with the UpdateBook method +// # consuming at twice rate as the DeleteBook method. +// metric_rules: +// - selector: "*" +// metric_costs: +// library.googleapis.com/read_calls: 1 +// - selector: google.example.library.v1.LibraryService.UpdateBook +// metric_costs: +// library.googleapis.com/write_calls: 2 +// - selector: google.example.library.v1.LibraryService.DeleteBook +// metric_costs: +// library.googleapis.com/write_calls: 1 +// +// Corresponding Metric definition: +// +// metrics: +// - name: library.googleapis.com/read_calls +// display_name: Read requests +// metric_kind: DELTA +// value_type: INT64 +// +// - name: library.googleapis.com/write_calls +// display_name: Write requests +// metric_kind: DELTA +// value_type: INT64 +// +message Quota { + // List of `QuotaLimit` definitions for the service. + // + // Used by metric-based quotas only. + repeated QuotaLimit limits = 3; + + // List of `MetricRule` definitions, each one mapping a selected method to one + // or more metrics. + // + // Used by metric-based quotas only. + repeated MetricRule metric_rules = 4; +} + +// Bind API methods to metrics. Binding a method to a metric causes that +// metric's configured quota, billing, and monitoring behaviors to apply to the +// method call. +// +// Used by metric-based quotas only. +message MetricRule { + // Selects the methods to which this rule applies. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // Metrics to update when the selected methods are called, and the associated + // cost applied to each metric. + // + // The key of the map is the metric name, and the values are the amount + // increased for the metric against which the quota limits are defined. + // The value must not be negative. + map<string, int64> metric_costs = 2; +} + +// `QuotaLimit` defines a specific limit that applies over a specified duration +// for a limit type. There can be at most one limit for a duration and limit +// type combination defined within a `QuotaGroup`. +message QuotaLimit { + // Name of the quota limit. The name is used to refer to the limit when + // overriding the default limit on per-consumer basis. + // + // For group-based quota limits, the name must be unique within the quota + // group. If a name is not provided, it will be generated from the limit_by + // and duration fields. + // + // For metric-based quota limits, the name must be provided, and it must be + // unique within the service. The name can only include alphanumeric + // characters as well as '-'. + // + // The maximum length of the limit name is 64 characters. + // + // The name of a limit is used as a unique identifier for this limit. + // Therefore, once a limit has been put into use, its name should be + // immutable. You can use the display_name field to provide a user-friendly + // name for the limit. The display name can be evolved over time without + // affecting the identity of the limit. + string name = 6; + + // Optional. User-visible, extended description for this quota limit. + // Should be used only when more context is needed to understand this limit + // than provided by the limit's display name (see: `display_name`). + string description = 2; + + // Default number of tokens that can be consumed during the specified + // duration. This is the number of tokens assigned when a client + // application developer activates the service for his/her project. + // + // Specifying a value of 0 will block all requests. This can be used if you + // are provisioning quota to selected consumers and blocking others. + // Similarly, a value of -1 will indicate an unlimited quota. No other + // negative values are allowed. + // + // Used by group-based quotas only. + int64 default_limit = 3; + + // Maximum number of tokens that can be consumed during the specified + // duration. Client application developers can override the default limit up + // to this maximum. If specified, this value cannot be set to a value less + // than the default limit. If not specified, it is set to the default limit. + // + // To allow clients to apply overrides with no upper bound, set this to -1, + // indicating unlimited maximum quota. + // + // Used by group-based quotas only. + int64 max_limit = 4; + + // Free tier value displayed in the Developers Console for this limit. + // The free tier is the number of tokens that will be subtracted from the + // billed amount when billing is enabled. + // This field can only be set on a limit with duration "1d", in a billable + // group; it is invalid on any other limit. If this field is not set, it + // defaults to 0, indicating that there is no free tier for this service. + // + // Used by group-based quotas only. + int64 free_tier = 7; + + // Duration of this limit in textual notation. Example: "100s", "24h", "1d". + // For duration longer than a day, only multiple of days is supported. We + // support only "100s" and "1d" for now. Additional support will be added in + // the future. "0" indicates indefinite duration. + // + // Used by group-based quotas only. + string duration = 5; + + // The name of the metric this quota limit applies to. The quota limits with + // the same metric will be checked together during runtime. The metric must be + // defined within the service config. + // + // Used by metric-based quotas only. + string metric = 8; + + // Specify the unit of the quota limit. It uses the same syntax as + // [Metric.unit][]. The supported unit kinds are determined by the quota + // backend system. + // + // The [Google Service Control](https://cloud.google.com/service-control) + // supports the following unit components: + // * One of the time intevals: + // * "/min" for quota every minute. + // * "/d" for quota every 24 hours, starting 00:00 US Pacific Time. + // * Otherwise the quota won't be reset by time, such as storage limit. + // * One and only one of the granted containers: + // * "/{organization}" quota for an organization. + // * "/{project}" quota for a project. + // * "/{folder}" quota for a folder. + // * "/{resource}" quota for a universal resource. + // * Zero or more quota segmentation dimension. Not all combos are valid. + // * "/{region}" quota for every region. Not to be used with time intervals. + // * Otherwise the resources granted on the target is not segmented. + // * "/{zone}" quota for every zone. Not to be used with time intervals. + // * Otherwise the resources granted on the target is not segmented. + // * "/{resource}" quota for a resource associated with a project or org. + // + // Here are some examples: + // * "1/min/{project}" for quota per minute per project. + // * "1/min/{user}" for quota per minute per user. + // * "1/min/{organization}" for quota per minute per organization. + // + // Note: the order of unit components is insignificant. + // The "1" at the beginning is required to follow the metric unit syntax. + // + // Used by metric-based quotas only. + string unit = 9; + + // Tiered limit values. Also allows for regional or zone overrides for these + // values if "/{region}" or "/{zone}" is specified in the unit field. + // + // Currently supported tiers from low to high: + // VERY_LOW, LOW, STANDARD, HIGH, VERY_HIGH + // + // To apply different limit values for users according to their tiers, specify + // the values for the tiers you want to differentiate. For example: + // {LOW:100, STANDARD:500, HIGH:1000, VERY_HIGH:5000} + // + // The limit value for each tier is optional except for the tier STANDARD. + // The limit value for an unspecified tier falls to the value of its next + // tier towards tier STANDARD. For the above example, the limit value for tier + // STANDARD is 500. + // + // To apply the same limit value for all users, just specify limit value for + // tier STANDARD. For example: {STANDARD:500}. + // + // To apply a regional overide for a tier, add a map entry with key + // "<TIER>/<region>", where <region> is a region name. Similarly, for a zone + // override, add a map entry with key "<TIER>/{zone}". + // Further, a wildcard can be used at the end of a zone name in order to + // specify zone level overrides. For example: + // LOW: 10, STANDARD: 50, HIGH: 100, + // LOW/us-central1: 20, STANDARD/us-central1: 60, HIGH/us-central1: 200, + // LOW/us-central1-*: 10, STANDARD/us-central1-*: 20, HIGH/us-central1-*: 80 + // + // The regional overrides tier set for each region must be the same as + // the tier set for default limit values. Same rule applies for zone overrides + // tier as well. + // + // Used by metric-based quotas only. + map<string, int64> values = 10; + + // User-visible display name for this limit. + // Optional. If not set, the UI will provide a default display name based on + // the quota configuration. This field can be used to override the default + // display name generated from the configuration. + string display_name = 12; +} diff --git a/crates/secd/proto/google/api/resource.proto b/crates/secd/proto/google/api/resource.proto new file mode 100644 index 0000000..fd9ee66 --- /dev/null +++ b/crates/secd/proto/google/api/resource.proto @@ -0,0 +1,299 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/descriptor.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "ResourceProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +extend google.protobuf.FieldOptions { + // An annotation that describes a resource reference, see + // [ResourceReference][]. + google.api.ResourceReference resource_reference = 1055; +} + +extend google.protobuf.FileOptions { + // An annotation that describes a resource definition without a corresponding + // message; see [ResourceDescriptor][]. + repeated google.api.ResourceDescriptor resource_definition = 1053; +} + +extend google.protobuf.MessageOptions { + // An annotation that describes a resource definition, see + // [ResourceDescriptor][]. + google.api.ResourceDescriptor resource = 1053; +} + +// A simple descriptor of a resource type. +// +// ResourceDescriptor annotates a resource message (either by means of a +// protobuf annotation or use in the service config), and associates the +// resource's schema, the resource type, and the pattern of the resource name. +// +// Example: +// +// message Topic { +// // Indicates this message defines a resource schema. +// // Declares the resource type in the format of {service}/{kind}. +// // For Kubernetes resources, the format is {api group}/{kind}. +// option (google.api.resource) = { +// type: "pubsub.googleapis.com/Topic" +// name_descriptor: { +// pattern: "projects/{project}/topics/{topic}" +// parent_type: "cloudresourcemanager.googleapis.com/Project" +// parent_name_extractor: "projects/{project}" +// } +// }; +// } +// +// The ResourceDescriptor Yaml config will look like: +// +// resources: +// - type: "pubsub.googleapis.com/Topic" +// name_descriptor: +// - pattern: "projects/{project}/topics/{topic}" +// parent_type: "cloudresourcemanager.googleapis.com/Project" +// parent_name_extractor: "projects/{project}" +// +// Sometimes, resources have multiple patterns, typically because they can +// live under multiple parents. +// +// Example: +// +// message LogEntry { +// option (google.api.resource) = { +// type: "logging.googleapis.com/LogEntry" +// name_descriptor: { +// pattern: "projects/{project}/logs/{log}" +// parent_type: "cloudresourcemanager.googleapis.com/Project" +// parent_name_extractor: "projects/{project}" +// } +// name_descriptor: { +// pattern: "folders/{folder}/logs/{log}" +// parent_type: "cloudresourcemanager.googleapis.com/Folder" +// parent_name_extractor: "folders/{folder}" +// } +// name_descriptor: { +// pattern: "organizations/{organization}/logs/{log}" +// parent_type: "cloudresourcemanager.googleapis.com/Organization" +// parent_name_extractor: "organizations/{organization}" +// } +// name_descriptor: { +// pattern: "billingAccounts/{billing_account}/logs/{log}" +// parent_type: "billing.googleapis.com/BillingAccount" +// parent_name_extractor: "billingAccounts/{billing_account}" +// } +// }; +// } +// +// The ResourceDescriptor Yaml config will look like: +// +// resources: +// - type: 'logging.googleapis.com/LogEntry' +// name_descriptor: +// - pattern: "projects/{project}/logs/{log}" +// parent_type: "cloudresourcemanager.googleapis.com/Project" +// parent_name_extractor: "projects/{project}" +// - pattern: "folders/{folder}/logs/{log}" +// parent_type: "cloudresourcemanager.googleapis.com/Folder" +// parent_name_extractor: "folders/{folder}" +// - pattern: "organizations/{organization}/logs/{log}" +// parent_type: "cloudresourcemanager.googleapis.com/Organization" +// parent_name_extractor: "organizations/{organization}" +// - pattern: "billingAccounts/{billing_account}/logs/{log}" +// parent_type: "billing.googleapis.com/BillingAccount" +// parent_name_extractor: "billingAccounts/{billing_account}" +// +// For flexible resources, the resource name doesn't contain parent names, but +// the resource itself has parents for policy evaluation. +// +// Example: +// +// message Shelf { +// option (google.api.resource) = { +// type: "library.googleapis.com/Shelf" +// name_descriptor: { +// pattern: "shelves/{shelf}" +// parent_type: "cloudresourcemanager.googleapis.com/Project" +// } +// name_descriptor: { +// pattern: "shelves/{shelf}" +// parent_type: "cloudresourcemanager.googleapis.com/Folder" +// } +// }; +// } +// +// The ResourceDescriptor Yaml config will look like: +// +// resources: +// - type: 'library.googleapis.com/Shelf' +// name_descriptor: +// - pattern: "shelves/{shelf}" +// parent_type: "cloudresourcemanager.googleapis.com/Project" +// - pattern: "shelves/{shelf}" +// parent_type: "cloudresourcemanager.googleapis.com/Folder" +message ResourceDescriptor { + // A description of the historical or future-looking state of the + // resource pattern. + enum History { + // The "unset" value. + HISTORY_UNSPECIFIED = 0; + + // The resource originally had one pattern and launched as such, and + // additional patterns were added later. + ORIGINALLY_SINGLE_PATTERN = 1; + + // The resource has one pattern, but the API owner expects to add more + // later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents + // that from being necessary once there are multiple patterns.) + FUTURE_MULTI_PATTERN = 2; + } + + // A flag representing a specific style that a resource claims to conform to. + enum Style { + // The unspecified value. Do not use. + STYLE_UNSPECIFIED = 0; + + // This resource is intended to be "declarative-friendly". + // + // Declarative-friendly resources must be more strictly consistent, and + // setting this to true communicates to tools that this resource should + // adhere to declarative-friendly expectations. + // + // Note: This is used by the API linter (linter.aip.dev) to enable + // additional checks. + DECLARATIVE_FRIENDLY = 1; + } + + // The resource type. It must be in the format of + // {service_name}/{resource_type_kind}. The `resource_type_kind` must be + // singular and must not include version numbers. + // + // Example: `storage.googleapis.com/Bucket` + // + // The value of the resource_type_kind must follow the regular expression + // /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and + // should use PascalCase (UpperCamelCase). The maximum number of + // characters allowed for the `resource_type_kind` is 100. + string type = 1; + + // Optional. The relative resource name pattern associated with this resource + // type. The DNS prefix of the full resource name shouldn't be specified here. + // + // The path pattern must follow the syntax, which aligns with HTTP binding + // syntax: + // + // Template = Segment { "/" Segment } ; + // Segment = LITERAL | Variable ; + // Variable = "{" LITERAL "}" ; + // + // Examples: + // + // - "projects/{project}/topics/{topic}" + // - "projects/{project}/knowledgeBases/{knowledge_base}" + // + // The components in braces correspond to the IDs for each resource in the + // hierarchy. It is expected that, if multiple patterns are provided, + // the same component name (e.g. "project") refers to IDs of the same + // type of resource. + repeated string pattern = 2; + + // Optional. The field on the resource that designates the resource name + // field. If omitted, this is assumed to be "name". + string name_field = 3; + + // Optional. The historical or future-looking state of the resource pattern. + // + // Example: + // + // // The InspectTemplate message originally only supported resource + // // names with organization, and project was added later. + // message InspectTemplate { + // option (google.api.resource) = { + // type: "dlp.googleapis.com/InspectTemplate" + // pattern: + // "organizations/{organization}/inspectTemplates/{inspect_template}" + // pattern: "projects/{project}/inspectTemplates/{inspect_template}" + // history: ORIGINALLY_SINGLE_PATTERN + // }; + // } + History history = 4; + + // The plural name used in the resource name and permission names, such as + // 'projects' for the resource name of 'projects/{project}' and the permission + // name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same + // concept of the `plural` field in k8s CRD spec + // https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/ + // + // Note: The plural form is required even for singleton resources. See + // https://aip.dev/156 + string plural = 5; + + // The same concept of the `singular` field in k8s CRD spec + // https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/ + // Such as "project" for the `resourcemanager.googleapis.com/Project` type. + string singular = 6; + + // Style flag(s) for this resource. + // These indicate that a resource is expected to conform to a given + // style. See the specific style flags for additional information. + repeated Style style = 10; +} + +// Defines a proto annotation that describes a string field that refers to +// an API resource. +message ResourceReference { + // The resource type that the annotated field references. + // + // Example: + // + // message Subscription { + // string topic = 2 [(google.api.resource_reference) = { + // type: "pubsub.googleapis.com/Topic" + // }]; + // } + // + // Occasionally, a field may reference an arbitrary resource. In this case, + // APIs use the special value * in their resource reference. + // + // Example: + // + // message GetIamPolicyRequest { + // string resource = 2 [(google.api.resource_reference) = { + // type: "*" + // }]; + // } + string type = 1; + + // The resource type of a child collection that the annotated field + // references. This is useful for annotating the `parent` field that + // doesn't have a fixed resource type. + // + // Example: + // + // message ListLogEntriesRequest { + // string parent = 1 [(google.api.resource_reference) = { + // child_type: "logging.googleapis.com/LogEntry" + // }; + // } + string child_type = 2; +} diff --git a/crates/secd/proto/google/api/routing.proto b/crates/secd/proto/google/api/routing.proto new file mode 100644 index 0000000..0138283 --- /dev/null +++ b/crates/secd/proto/google/api/routing.proto @@ -0,0 +1,461 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/descriptor.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations"; +option java_multiple_files = true; +option java_outer_classname = "RoutingProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + +extend google.protobuf.MethodOptions { + // See RoutingRule. + google.api.RoutingRule routing = 72295729; +} + +// Specifies the routing information that should be sent along with the request +// in the form of routing header. +// **NOTE:** All service configuration rules follow the "last one wins" order. +// +// The examples below will apply to an RPC which has the following request type: +// +// Message Definition: +// +// message Request { +// // The name of the Table +// // Values can be of the following formats: +// // - `projects/<project>/tables/<table>` +// // - `projects/<project>/instances/<instance>/tables/<table>` +// // - `region/<region>/zones/<zone>/tables/<table>` +// string table_name = 1; +// +// // This value specifies routing for replication. +// // It can be in the following formats: +// // - `profiles/<profile_id>` +// // - a legacy `profile_id` that can be any string +// string app_profile_id = 2; +// } +// +// Example message: +// +// { +// table_name: projects/proj_foo/instances/instance_bar/table/table_baz, +// app_profile_id: profiles/prof_qux +// } +// +// The routing header consists of one or multiple key-value pairs. Every key +// and value must be percent-encoded, and joined together in the format of +// `key1=value1&key2=value2`. +// In the examples below I am skipping the percent-encoding for readablity. +// +// Example 1 +// +// Extracting a field from the request to put into the routing header +// unchanged, with the key equal to the field name. +// +// annotation: +// +// option (google.api.routing) = { +// // Take the `app_profile_id`. +// routing_parameters { +// field: "app_profile_id" +// } +// }; +// +// result: +// +// x-goog-request-params: app_profile_id=profiles/prof_qux +// +// Example 2 +// +// Extracting a field from the request to put into the routing header +// unchanged, with the key different from the field name. +// +// annotation: +// +// option (google.api.routing) = { +// // Take the `app_profile_id`, but name it `routing_id` in the header. +// routing_parameters { +// field: "app_profile_id" +// path_template: "{routing_id=**}" +// } +// }; +// +// result: +// +// x-goog-request-params: routing_id=profiles/prof_qux +// +// Example 3 +// +// Extracting a field from the request to put into the routing +// header, while matching a path template syntax on the field's value. +// +// NB: it is more useful to send nothing than to send garbage for the purpose +// of dynamic routing, since garbage pollutes cache. Thus the matching. +// +// Sub-example 3a +// +// The field matches the template. +// +// annotation: +// +// option (google.api.routing) = { +// // Take the `table_name`, if it's well-formed (with project-based +// // syntax). +// routing_parameters { +// field: "table_name" +// path_template: "{table_name=projects/*/instances/*/**}" +// } +// }; +// +// result: +// +// x-goog-request-params: +// table_name=projects/proj_foo/instances/instance_bar/table/table_baz +// +// Sub-example 3b +// +// The field does not match the template. +// +// annotation: +// +// option (google.api.routing) = { +// // Take the `table_name`, if it's well-formed (with region-based +// // syntax). +// routing_parameters { +// field: "table_name" +// path_template: "{table_name=regions/*/zones/*/**}" +// } +// }; +// +// result: +// +// <no routing header will be sent> +// +// Sub-example 3c +// +// Multiple alternative conflictingly named path templates are +// specified. The one that matches is used to construct the header. +// +// annotation: +// +// option (google.api.routing) = { +// // Take the `table_name`, if it's well-formed, whether +// // using the region- or projects-based syntax. +// +// routing_parameters { +// field: "table_name" +// path_template: "{table_name=regions/*/zones/*/**}" +// } +// routing_parameters { +// field: "table_name" +// path_template: "{table_name=projects/*/instances/*/**}" +// } +// }; +// +// result: +// +// x-goog-request-params: +// table_name=projects/proj_foo/instances/instance_bar/table/table_baz +// +// Example 4 +// +// Extracting a single routing header key-value pair by matching a +// template syntax on (a part of) a single request field. +// +// annotation: +// +// option (google.api.routing) = { +// // Take just the project id from the `table_name` field. +// routing_parameters { +// field: "table_name" +// path_template: "{routing_id=projects/*}/**" +// } +// }; +// +// result: +// +// x-goog-request-params: routing_id=projects/proj_foo +// +// Example 5 +// +// Extracting a single routing header key-value pair by matching +// several conflictingly named path templates on (parts of) a single request +// field. The last template to match "wins" the conflict. +// +// annotation: +// +// option (google.api.routing) = { +// // If the `table_name` does not have instances information, +// // take just the project id for routing. +// // Otherwise take project + instance. +// +// routing_parameters { +// field: "table_name" +// path_template: "{routing_id=projects/*}/**" +// } +// routing_parameters { +// field: "table_name" +// path_template: "{routing_id=projects/*/instances/*}/**" +// } +// }; +// +// result: +// +// x-goog-request-params: +// routing_id=projects/proj_foo/instances/instance_bar +// +// Example 6 +// +// Extracting multiple routing header key-value pairs by matching +// several non-conflicting path templates on (parts of) a single request field. +// +// Sub-example 6a +// +// Make the templates strict, so that if the `table_name` does not +// have an instance information, nothing is sent. +// +// annotation: +// +// option (google.api.routing) = { +// // The routing code needs two keys instead of one composite +// // but works only for the tables with the "project-instance" name +// // syntax. +// +// routing_parameters { +// field: "table_name" +// path_template: "{project_id=projects/*}/instances/*/**" +// } +// routing_parameters { +// field: "table_name" +// path_template: "projects/*/{instance_id=instances/*}/**" +// } +// }; +// +// result: +// +// x-goog-request-params: +// project_id=projects/proj_foo&instance_id=instances/instance_bar +// +// Sub-example 6b +// +// Make the templates loose, so that if the `table_name` does not +// have an instance information, just the project id part is sent. +// +// annotation: +// +// option (google.api.routing) = { +// // The routing code wants two keys instead of one composite +// // but will work with just the `project_id` for tables without +// // an instance in the `table_name`. +// +// routing_parameters { +// field: "table_name" +// path_template: "{project_id=projects/*}/**" +// } +// routing_parameters { +// field: "table_name" +// path_template: "projects/*/{instance_id=instances/*}/**" +// } +// }; +// +// result (is the same as 6a for our example message because it has the instance +// information): +// +// x-goog-request-params: +// project_id=projects/proj_foo&instance_id=instances/instance_bar +// +// Example 7 +// +// Extracting multiple routing header key-value pairs by matching +// several path templates on multiple request fields. +// +// NB: note that here there is no way to specify sending nothing if one of the +// fields does not match its template. E.g. if the `table_name` is in the wrong +// format, the `project_id` will not be sent, but the `routing_id` will be. +// The backend routing code has to be aware of that and be prepared to not +// receive a full complement of keys if it expects multiple. +// +// annotation: +// +// option (google.api.routing) = { +// // The routing needs both `project_id` and `routing_id` +// // (from the `app_profile_id` field) for routing. +// +// routing_parameters { +// field: "table_name" +// path_template: "{project_id=projects/*}/**" +// } +// routing_parameters { +// field: "app_profile_id" +// path_template: "{routing_id=**}" +// } +// }; +// +// result: +// +// x-goog-request-params: +// project_id=projects/proj_foo&routing_id=profiles/prof_qux +// +// Example 8 +// +// Extracting a single routing header key-value pair by matching +// several conflictingly named path templates on several request fields. The +// last template to match "wins" the conflict. +// +// annotation: +// +// option (google.api.routing) = { +// // The `routing_id` can be a project id or a region id depending on +// // the table name format, but only if the `app_profile_id` is not set. +// // If `app_profile_id` is set it should be used instead. +// +// routing_parameters { +// field: "table_name" +// path_template: "{routing_id=projects/*}/**" +// } +// routing_parameters { +// field: "table_name" +// path_template: "{routing_id=regions/*}/**" +// } +// routing_parameters { +// field: "app_profile_id" +// path_template: "{routing_id=**}" +// } +// }; +// +// result: +// +// x-goog-request-params: routing_id=profiles/prof_qux +// +// Example 9 +// +// Bringing it all together. +// +// annotation: +// +// option (google.api.routing) = { +// // For routing both `table_location` and a `routing_id` are needed. +// // +// // table_location can be either an instance id or a region+zone id. +// // +// // For `routing_id`, take the value of `app_profile_id` +// // - If it's in the format `profiles/<profile_id>`, send +// // just the `<profile_id>` part. +// // - If it's any other literal, send it as is. +// // If the `app_profile_id` is empty, and the `table_name` starts with +// // the project_id, send that instead. +// +// routing_parameters { +// field: "table_name" +// path_template: "projects/*/{table_location=instances/*}/tables/*" +// } +// routing_parameters { +// field: "table_name" +// path_template: "{table_location=regions/*/zones/*}/tables/*" +// } +// routing_parameters { +// field: "table_name" +// path_template: "{routing_id=projects/*}/**" +// } +// routing_parameters { +// field: "app_profile_id" +// path_template: "{routing_id=**}" +// } +// routing_parameters { +// field: "app_profile_id" +// path_template: "profiles/{routing_id=*}" +// } +// }; +// +// result: +// +// x-goog-request-params: +// table_location=instances/instance_bar&routing_id=prof_qux +message RoutingRule { + // A collection of Routing Parameter specifications. + // **NOTE:** If multiple Routing Parameters describe the same key + // (via the `path_template` field or via the `field` field when + // `path_template` is not provided), "last one wins" rule + // determines which Parameter gets used. + // See the examples for more details. + repeated RoutingParameter routing_parameters = 2; +} + +// A projection from an input message to the GRPC or REST header. +message RoutingParameter { + // A request field to extract the header key-value pair from. + string field = 1; + + // A pattern matching the key-value field. Optional. + // If not specified, the whole field specified in the `field` field will be + // taken as value, and its name used as key. If specified, it MUST contain + // exactly one named segment (along with any number of unnamed segments) The + // pattern will be matched over the field specified in the `field` field, then + // if the match is successful: + // - the name of the single named segment will be used as a header name, + // - the match value of the segment will be used as a header value; + // if the match is NOT successful, nothing will be sent. + // + // Example: + // + // -- This is a field in the request message + // | that the header value will be extracted from. + // | + // | -- This is the key name in the + // | | routing header. + // V | + // field: "table_name" v + // path_template: "projects/*/{table_location=instances/*}/tables/*" + // ^ ^ + // | | + // In the {} brackets is the pattern that -- | + // specifies what to extract from the | + // field as a value to be sent. | + // | + // The string in the field must match the whole pattern -- + // before brackets, inside brackets, after brackets. + // + // When looking at this specific example, we can see that: + // - A key-value pair with the key `table_location` + // and the value matching `instances/*` should be added + // to the x-goog-request-params routing header. + // - The value is extracted from the request message's `table_name` field + // if it matches the full pattern specified: + // `projects/*/instances/*/tables/*`. + // + // **NB:** If the `path_template` field is not provided, the key name is + // equal to the field name, and the whole field should be sent as a value. + // This makes the pattern for the field and the value functionally equivalent + // to `**`, and the configuration + // + // { + // field: "table_name" + // } + // + // is a functionally equivalent shorthand to: + // + // { + // field: "table_name" + // path_template: "{table_name=**}" + // } + // + // See Example 1 for more details. + string path_template = 2; +} diff --git a/crates/secd/proto/google/api/service.proto b/crates/secd/proto/google/api/service.proto new file mode 100644 index 0000000..951c7ac --- /dev/null +++ b/crates/secd/proto/google/api/service.proto @@ -0,0 +1,175 @@ +// Copyright 2017 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; +import "google/api/auth.proto"; +import "google/api/backend.proto"; +import "google/api/billing.proto"; +import "google/api/context.proto"; +import "google/api/control.proto"; +import "google/api/documentation.proto"; +import "google/api/endpoint.proto"; +import "google/api/http.proto"; +import "google/api/log.proto"; +import "google/api/logging.proto"; +import "google/api/metric.proto"; +import "google/api/monitored_resource.proto"; +import "google/api/monitoring.proto"; +import "google/api/quota.proto"; +import "google/api/source_info.proto"; +import "google/api/system_parameter.proto"; +import "google/api/usage.proto"; +import "google/protobuf/api.proto"; +import "google/protobuf/type.proto"; +import "google/protobuf/wrappers.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "ServiceProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// `Service` is the root object of Google service configuration schema. It +// describes basic information about a service, such as the name and the +// title, and delegates other aspects to sub-sections. Each sub-section is +// either a proto message or a repeated proto message that configures a +// specific aspect, such as auth. See each proto message definition for details. +// +// Example: +// +// type: google.api.Service +// config_version: 3 +// name: calendar.googleapis.com +// title: Google Calendar API +// apis: +// - name: google.calendar.v3.Calendar +// authentication: +// providers: +// - id: google_calendar_auth +// jwks_uri: https://www.googleapis.com/oauth2/v1/certs +// issuer: https://securetoken.google.com +// rules: +// - selector: "*" +// requirements: +// provider_id: google_calendar_auth +message Service { + // The semantic version of the service configuration. The config version + // affects the interpretation of the service configuration. For example, + // certain features are enabled by default for certain config versions. + // The latest config version is `3`. + google.protobuf.UInt32Value config_version = 20; + + // The DNS address at which this service is available, + // e.g. `calendar.googleapis.com`. + string name = 1; + + // A unique ID for a specific instance of this message, typically assigned + // by the client for tracking purpose. If empty, the server may choose to + // generate one instead. + string id = 33; + + // The product title for this service. + string title = 2; + + // The Google project that owns this service. + string producer_project_id = 22; + + // A list of API interfaces exported by this service. Only the `name` field + // of the [google.protobuf.Api][google.protobuf.Api] needs to be provided by the configuration + // author, as the remaining fields will be derived from the IDL during the + // normalization process. It is an error to specify an API interface here + // which cannot be resolved against the associated IDL files. + repeated google.protobuf.Api apis = 3; + + // A list of all proto message types included in this API service. + // Types referenced directly or indirectly by the `apis` are + // automatically included. Messages which are not referenced but + // shall be included, such as types used by the `google.protobuf.Any` type, + // should be listed here by name. Example: + // + // types: + // - name: google.protobuf.Int32 + repeated google.protobuf.Type types = 4; + + // A list of all enum types included in this API service. Enums + // referenced directly or indirectly by the `apis` are automatically + // included. Enums which are not referenced but shall be included + // should be listed here by name. Example: + // + // enums: + // - name: google.someapi.v1.SomeEnum + repeated google.protobuf.Enum enums = 5; + + // Additional API documentation. + Documentation documentation = 6; + + // API backend configuration. + Backend backend = 8; + + // HTTP configuration. + Http http = 9; + + // Quota configuration. + Quota quota = 10; + + // Auth configuration. + Authentication authentication = 11; + + // Context configuration. + Context context = 12; + + // Configuration controlling usage of this service. + Usage usage = 15; + + // Configuration for network endpoints. If this is empty, then an endpoint + // with the same name as the service is automatically generated to service all + // defined APIs. + repeated Endpoint endpoints = 18; + + // Configuration for the service control plane. + Control control = 21; + + // Defines the logs used by this service. + repeated LogDescriptor logs = 23; + + // Defines the metrics used by this service. + repeated MetricDescriptor metrics = 24; + + // Defines the monitored resources used by this service. This is required + // by the [Service.monitoring][google.api.Service.monitoring] and [Service.logging][google.api.Service.logging] configurations. + repeated MonitoredResourceDescriptor monitored_resources = 25; + + // Billing configuration. + Billing billing = 26; + + // Logging configuration. + Logging logging = 27; + + // Monitoring configuration. + Monitoring monitoring = 28; + + // System parameter configuration. + SystemParameters system_parameters = 29; + + // Output only. The source information for this configuration if available. + SourceInfo source_info = 37; + + // Experimental configuration. + reserved 101; +} diff --git a/crates/secd/proto/google/api/source_info.proto b/crates/secd/proto/google/api/source_info.proto new file mode 100644 index 0000000..5877785 --- /dev/null +++ b/crates/secd/proto/google/api/source_info.proto @@ -0,0 +1,32 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/protobuf/any.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "SourceInfoProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Source information used to create a Service Config +message SourceInfo { + // All files used during config generation. + repeated google.protobuf.Any source_files = 1; +} diff --git a/crates/secd/proto/google/api/system_parameter.proto b/crates/secd/proto/google/api/system_parameter.proto new file mode 100644 index 0000000..a55212f --- /dev/null +++ b/crates/secd/proto/google/api/system_parameter.proto @@ -0,0 +1,96 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "SystemParameterProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// ### System parameter configuration +// +// A system parameter is a special kind of parameter defined by the API +// system, not by an individual API. It is typically mapped to an HTTP header +// and/or a URL query parameter. This configuration specifies which methods +// change the names of the system parameters. +message SystemParameters { + // Define system parameters. + // + // The parameters defined here will override the default parameters + // implemented by the system. If this field is missing from the service + // config, default system parameters will be used. Default system parameters + // and names is implementation-dependent. + // + // Example: define api key for all methods + // + // system_parameters + // rules: + // - selector: "*" + // parameters: + // - name: api_key + // url_query_parameter: api_key + // + // + // Example: define 2 api key names for a specific method. + // + // system_parameters + // rules: + // - selector: "/ListShelves" + // parameters: + // - name: api_key + // http_header: Api-Key1 + // - name: api_key + // http_header: Api-Key2 + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated SystemParameterRule rules = 1; +} + +// Define a system parameter rule mapping system parameter definitions to +// methods. +message SystemParameterRule { + // Selects the methods to which this rule applies. Use '*' to indicate all + // methods in all APIs. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // Define parameters. Multiple names may be defined for a parameter. + // For a given method call, only one of them should be used. If multiple + // names are used the behavior is implementation-dependent. + // If none of the specified names are present the behavior is + // parameter-dependent. + repeated SystemParameter parameters = 2; +} + +// Define a parameter's name and location. The parameter may be passed as either +// an HTTP header or a URL query parameter, and if both are passed the behavior +// is implementation-dependent. +message SystemParameter { + // Define the name of the parameter, such as "api_key" . It is case sensitive. + string name = 1; + + // Define the HTTP header name to use for the parameter. It is case + // insensitive. + string http_header = 2; + + // Define the URL query parameter name to use for the parameter. It is case + // sensitive. + string url_query_parameter = 3; +} diff --git a/crates/secd/proto/google/api/usage.proto b/crates/secd/proto/google/api/usage.proto new file mode 100644 index 0000000..63299b5 --- /dev/null +++ b/crates/secd/proto/google/api/usage.proto @@ -0,0 +1,92 @@ +// Copyright 2018 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.api; + +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig"; +option java_multiple_files = true; +option java_outer_classname = "UsageProto"; +option java_package = "com.google.api"; +option objc_class_prefix = "GAPI"; + + +// Configuration controlling usage of a service. +message Usage { + // Requirements that must be satisfied before a consumer project can use the + // service. Each requirement is of the form <service.name>/<requirement-id>; + // for example 'serviceusage.googleapis.com/billing-enabled'. + repeated string requirements = 1; + + // A list of usage rules that apply to individual API methods. + // + // **NOTE:** All service configuration rules follow "last one wins" order. + repeated UsageRule rules = 6; + + // The full resource name of a channel used for sending notifications to the + // service producer. + // + // Google Service Management currently only supports + // [Google Cloud Pub/Sub](https://cloud.google.com/pubsub) as a notification + // channel. To use Google Cloud Pub/Sub as the channel, this must be the name + // of a Cloud Pub/Sub topic that uses the Cloud Pub/Sub topic name format + // documented in https://cloud.google.com/pubsub/docs/overview. + string producer_notification_channel = 7; +} + +// Usage configuration rules for the service. +// +// NOTE: Under development. +// +// +// Use this rule to configure unregistered calls for the service. Unregistered +// calls are calls that do not contain consumer project identity. +// (Example: calls that do not contain an API key). +// By default, API methods do not allow unregistered calls, and each method call +// must be identified by a consumer project identity. Use this rule to +// allow/disallow unregistered calls. +// +// Example of an API that wants to allow unregistered calls for entire service. +// +// usage: +// rules: +// - selector: "*" +// allow_unregistered_calls: true +// +// Example of a method that wants to allow unregistered calls. +// +// usage: +// rules: +// - selector: "google.example.library.v1.LibraryService.CreateBook" +// allow_unregistered_calls: true +message UsageRule { + // Selects the methods to which this rule applies. Use '*' to indicate all + // methods in all APIs. + // + // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. + string selector = 1; + + // If true, the selected method allows unregistered calls, e.g. calls + // that don't identify any user or application. + bool allow_unregistered_calls = 2; + + // If true, the selected method should skip service control and the control + // plane features, such as quota and billing, will not be available. + // This flag is used by Google Cloud Endpoints to bypass checks for internal + // methods, such as service health check methods. + bool skip_service_control = 3; +} diff --git a/crates/secd/proto/google/cloud/extended_operations.proto b/crates/secd/proto/google/cloud/extended_operations.proto new file mode 100644 index 0000000..1477d2d --- /dev/null +++ b/crates/secd/proto/google/cloud/extended_operations.proto @@ -0,0 +1,150 @@ +// Copyright 2021 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// This file contains custom annotations that are used by GAPIC generators to +// handle Long Running Operation methods (LRO) that are NOT compliant with +// https://google.aip.dev/151. These annotations are public for technical +// reasons only. Please DO NOT USE them in your protos. +syntax = "proto3"; + +package google.cloud; + +import "google/protobuf/descriptor.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/extendedops;extendedops"; +option java_multiple_files = true; +option java_outer_classname = "ExtendedOperationsProto"; +option java_package = "com.google.cloud"; +option objc_class_prefix = "GAPI"; + +// FieldOptions to match corresponding fields in the initial request, +// polling request and operation response messages. +// +// Example: +// +// In an API-specific operation message: +// +// message MyOperation { +// string http_error_message = 1 [(operation_field) = ERROR_MESSAGE]; +// int32 http_error_status_code = 2 [(operation_field) = ERROR_CODE]; +// string id = 3 [(operation_field) = NAME]; +// Status status = 4 [(operation_field) = STATUS]; +// } +// +// In a polling request message (the one which is used to poll for an LRO +// status): +// +// message MyPollingRequest { +// string operation = 1 [(operation_response_field) = "id"]; +// string project = 2; +// string region = 3; +// } +// +// In an initial request message (the one which starts an LRO): +// +// message MyInitialRequest { +// string my_project = 2 [(operation_request_field) = "project"]; +// string my_region = 3 [(operation_request_field) = "region"]; +// } +// +extend google.protobuf.FieldOptions { + // A field annotation that maps fields in an API-specific Operation object to + // their standard counterparts in google.longrunning.Operation. See + // OperationResponseMapping enum definition. + OperationResponseMapping operation_field = 1149; + + // A field annotation that maps fields in the initial request message + // (the one which started the LRO) to their counterparts in the polling + // request message. For non-standard LRO, the polling response may be missing + // some of the information needed to make a subsequent polling request. The + // missing information (for example, project or region ID) is contained in the + // fields of the initial request message that this annotation must be applied + // to. The string value of the annotation corresponds to the name of the + // counterpart field in the polling request message that the annotated field's + // value will be copied to. + string operation_request_field = 1150; + + // A field annotation that maps fields in the polling request message to their + // counterparts in the initial and/or polling response message. The initial + // and the polling methods return an API-specific Operation object. Some of + // the fields from that response object must be reused in the subsequent + // request (like operation name/ID) to fully identify the polled operation. + // This annotation must be applied to the fields in the polling request + // message, the string value of the annotation must correspond to the name of + // the counterpart field in the Operation response object whose value will be + // copied to the annotated field. + string operation_response_field = 1151; +} + +// MethodOptions to identify the actual service and method used for operation +// status polling. +// +// Example: +// +// In a method, which starts an LRO: +// +// service MyService { +// rpc Foo(MyInitialRequest) returns (MyOperation) { +// option (operation_service) = "MyPollingService"; +// } +// } +// +// In a polling method: +// +// service MyPollingService { +// rpc Get(MyPollingRequest) returns (MyOperation) { +// option (operation_polling_method) = true; +// } +// } +extend google.protobuf.MethodOptions { + // A method annotation that maps an LRO method (the one which starts an LRO) + // to the service, which will be used to poll for the operation status. The + // annotation must be applied to the method which starts an LRO, the string + // value of the annotation must correspond to the name of the service used to + // poll for the operation status. + string operation_service = 1249; + + // A method annotation that marks methods that can be used for polling + // operation status (e.g. the MyPollingService.Get(MyPollingRequest) method). + bool operation_polling_method = 1250; +} + +// An enum to be used to mark the essential (for polling) fields in an +// API-specific Operation object. A custom Operation object may contain many +// different fields, but only few of them are essential to conduct a successful +// polling process. +enum OperationResponseMapping { + // Do not use. + UNDEFINED = 0; + + // A field in an API-specific (custom) Operation object which carries the same + // meaning as google.longrunning.Operation.name. + NAME = 1; + + // A field in an API-specific (custom) Operation object which carries the same + // meaning as google.longrunning.Operation.done. If the annotated field is of + // an enum type, `annotated_field_name == EnumType.DONE` semantics should be + // equivalent to `Operation.done == true`. If the annotated field is of type + // boolean, then it should follow the same semantics as Operation.done. + // Otherwise, a non-empty value should be treated as `Operation.done == true`. + STATUS = 2; + + // A field in an API-specific (custom) Operation object which carries the same + // meaning as google.longrunning.Operation.error.code. + ERROR_CODE = 3; + + // A field in an API-specific (custom) Operation object which carries the same + // meaning as google.longrunning.Operation.error.message. + ERROR_MESSAGE = 4; +}
\ No newline at end of file diff --git a/crates/secd/proto/google/iam/admin/v1/iam.proto b/crates/secd/proto/google/iam/admin/v1/iam.proto new file mode 100644 index 0000000..804162a --- /dev/null +++ b/crates/secd/proto/google/iam/admin/v1/iam.proto @@ -0,0 +1,1087 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.iam.admin.v1; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/iam/v1/iam_policy.proto"; +import "google/iam/v1/policy.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/timestamp.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/iam/admin/v1;admin"; +option java_multiple_files = true; +option java_outer_classname = "IamProto"; +option java_package = "com.google.iam.admin.v1"; + +// Creates and manages service account objects. +// +// Service account is an account that belongs to your project instead +// of to an individual end user. It is used to authenticate calls +// to a Google API. +// +// To create a service account, specify the `project_id` and `account_id` +// for the account. The `account_id` is unique within the project, and used +// to generate the service account email address and a stable +// `unique_id`. +// +// All other methods can identify accounts using the format +// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. +// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from +// the account. The `ACCOUNT` value can be the `email` address or the +// `unique_id` of the service account. +service IAM { + option (google.api.default_host) = "iam.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + + // Lists [ServiceAccounts][google.iam.admin.v1.ServiceAccount] for a project. + rpc ListServiceAccounts(ListServiceAccountsRequest) returns (ListServiceAccountsResponse) { + option (google.api.http) = { + get: "/v1/{name=projects/*}/serviceAccounts" + }; + option (google.api.method_signature) = "name"; + } + + // Gets a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + rpc GetServiceAccount(GetServiceAccountRequest) returns (ServiceAccount) { + option (google.api.http) = { + get: "/v1/{name=projects/*/serviceAccounts/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Creates a [ServiceAccount][google.iam.admin.v1.ServiceAccount] + // and returns it. + rpc CreateServiceAccount(CreateServiceAccountRequest) returns (ServiceAccount) { + option (google.api.http) = { + post: "/v1/{name=projects/*}/serviceAccounts" + body: "*" + }; + option (google.api.method_signature) = "name,account_id,service_account"; + } + + // Updates a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + // + // Currently, only the following fields are updatable: + // `display_name` and `description`. + rpc UpdateServiceAccount(ServiceAccount) returns (ServiceAccount) { + option (google.api.http) = { + put: "/v1/{name=projects/*/serviceAccounts/*}" + body: "*" + }; + } + + // Deletes a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + rpc DeleteServiceAccount(DeleteServiceAccountRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/serviceAccounts/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Lists [ServiceAccountKeys][google.iam.admin.v1.ServiceAccountKey]. + rpc ListServiceAccountKeys(ListServiceAccountKeysRequest) returns (ListServiceAccountKeysResponse) { + option (google.api.http) = { + get: "/v1/{name=projects/*/serviceAccounts/*}/keys" + }; + option (google.api.method_signature) = "name,key_types"; + } + + // Gets the [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] + // by key id. + rpc GetServiceAccountKey(GetServiceAccountKeyRequest) returns (ServiceAccountKey) { + option (google.api.http) = { + get: "/v1/{name=projects/*/serviceAccounts/*/keys/*}" + }; + option (google.api.method_signature) = "name,public_key_type"; + } + + // Creates a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey] + // and returns it. + rpc CreateServiceAccountKey(CreateServiceAccountKeyRequest) returns (ServiceAccountKey) { + option (google.api.http) = { + post: "/v1/{name=projects/*/serviceAccounts/*}/keys" + body: "*" + }; + option (google.api.method_signature) = "name,private_key_type,key_algorithm"; + } + + // Deletes a [ServiceAccountKey][google.iam.admin.v1.ServiceAccountKey]. + rpc DeleteServiceAccountKey(DeleteServiceAccountKeyRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=projects/*/serviceAccounts/*/keys/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Signs a blob using a service account's system-managed private key. + rpc SignBlob(SignBlobRequest) returns (SignBlobResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/serviceAccounts/*}:signBlob" + body: "*" + }; + option (google.api.method_signature) = "name,bytes_to_sign"; + } + + // Signs a JWT using a service account's system-managed private key. + // + // If no expiry time (`exp`) is provided in the `SignJwtRequest`, IAM sets an + // an expiry time of one hour by default. If you request an expiry time of + // more than one hour, the request will fail. + rpc SignJwt(SignJwtRequest) returns (SignJwtResponse) { + option (google.api.http) = { + post: "/v1/{name=projects/*/serviceAccounts/*}:signJwt" + body: "*" + }; + option (google.api.method_signature) = "name,payload"; + } + + // Returns the Cloud IAM access control policy for a + // [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + // + // Note: Service accounts are both + // [resources and + // identities](/iam/docs/service-accounts#service_account_permissions). This + // method treats the service account as a resource. It returns the Cloud IAM + // policy that reflects what members have access to the service account. + // + // This method does not return what resources the service account has access + // to. To see if a service account has access to a resource, call the + // `getIamPolicy` method on the target resource. For example, to view grants + // for a project, call the + // [projects.getIamPolicy](/resource-manager/reference/rest/v1/projects/getIamPolicy) + // method. + rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) { + option (google.api.http) = { + post: "/v1/{resource=projects/*/serviceAccounts/*}:getIamPolicy" + }; + option (google.api.method_signature) = "resource"; + } + + // Sets the Cloud IAM access control policy for a + // [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + // + // Note: Service accounts are both + // [resources and + // identities](/iam/docs/service-accounts#service_account_permissions). This + // method treats the service account as a resource. Use it to grant members + // access to the service account, such as when they need to impersonate it. + // + // This method does not grant the service account access to other resources, + // such as projects. To grant a service account access to resources, include + // the service account in the Cloud IAM policy for the desired resource, then + // call the appropriate `setIamPolicy` method on the target resource. For + // example, to grant a service account access to a project, call the + // [projects.setIamPolicy](/resource-manager/reference/rest/v1/projects/setIamPolicy) + // method. + rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) { + option (google.api.http) = { + post: "/v1/{resource=projects/*/serviceAccounts/*}:setIamPolicy" + body: "*" + }; + option (google.api.method_signature) = "resource,policy"; + } + + // Tests the specified permissions against the IAM access control policy + // for a [ServiceAccount][google.iam.admin.v1.ServiceAccount]. + rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) { + option (google.api.http) = { + post: "/v1/{resource=projects/*/serviceAccounts/*}:testIamPermissions" + body: "*" + }; + option (google.api.method_signature) = "resource,permissions"; + } + + // Queries roles that can be granted on a particular resource. + // A role is grantable if it can be used as the role in a binding for a policy + // for that resource. + rpc QueryGrantableRoles(QueryGrantableRolesRequest) returns (QueryGrantableRolesResponse) { + option (google.api.http) = { + post: "/v1/roles:queryGrantableRoles" + body: "*" + }; + option (google.api.method_signature) = "full_resource_name"; + } + + // Lists the Roles defined on a resource. + rpc ListRoles(ListRolesRequest) returns (ListRolesResponse) { + option (google.api.http) = { + get: "/v1/roles" + additional_bindings { + get: "/v1/{parent=organizations/*}/roles" + } + additional_bindings { + get: "/v1/{parent=projects/*}/roles" + } + }; + } + + // Gets a Role definition. + rpc GetRole(GetRoleRequest) returns (Role) { + option (google.api.http) = { + get: "/v1/{name=roles/*}" + additional_bindings { + get: "/v1/{name=organizations/*/roles/*}" + } + additional_bindings { + get: "/v1/{name=projects/*/roles/*}" + } + }; + } + + // Creates a new Role. + rpc CreateRole(CreateRoleRequest) returns (Role) { + option (google.api.http) = { + post: "/v1/{parent=organizations/*}/roles" + body: "*" + additional_bindings { + post: "/v1/{parent=projects/*}/roles" + body: "*" + } + }; + } + + // Updates a Role definition. + rpc UpdateRole(UpdateRoleRequest) returns (Role) { + option (google.api.http) = { + patch: "/v1/{name=organizations/*/roles/*}" + body: "role" + additional_bindings { + patch: "/v1/{name=projects/*/roles/*}" + body: "role" + } + }; + } + + // Soft deletes a role. The role is suspended and cannot be used to create new + // IAM Policy Bindings. + // The Role will not be included in `ListRoles()` unless `show_deleted` is set + // in the `ListRolesRequest`. The Role contains the deleted boolean set. + // Existing Bindings remains, but are inactive. The Role can be undeleted + // within 7 days. After 7 days the Role is deleted and all Bindings associated + // with the role are removed. + rpc DeleteRole(DeleteRoleRequest) returns (Role) { + option (google.api.http) = { + delete: "/v1/{name=organizations/*/roles/*}" + additional_bindings { + delete: "/v1/{name=projects/*/roles/*}" + } + }; + } + + // Undelete a Role, bringing it back in its previous state. + rpc UndeleteRole(UndeleteRoleRequest) returns (Role) { + option (google.api.http) = { + post: "/v1/{name=organizations/*/roles/*}:undelete" + body: "*" + additional_bindings { + post: "/v1/{name=projects/*/roles/*}:undelete" + body: "*" + } + }; + } + + // Lists the permissions testable on a resource. + // A permission is testable if it can be tested for an identity on a resource. + rpc QueryTestablePermissions(QueryTestablePermissionsRequest) returns (QueryTestablePermissionsResponse) { + option (google.api.http) = { + post: "/v1/permissions:queryTestablePermissions" + body: "*" + }; + } +} + +// A service account in the Identity and Access Management API. +// +// To create a service account, specify the `project_id` and the `account_id` +// for the account. The `account_id` is unique within the project, and is used +// to generate the service account email address and a stable +// `unique_id`. +// +// If the account already exists, the account's resource name is returned +// in the format of projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}. The caller +// can use the name in other methods to access the account. +// +// All other methods can identify the service account using the format +// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. +// Using `-` as a wildcard for the `PROJECT_ID` will infer the project from +// the account. The `ACCOUNT` value can be the `email` address or the +// `unique_id` of the service account. +message ServiceAccount { + option (google.api.resource) = { + type: "iam.googleapis.com/ServiceAccount" + pattern: "projects/{project}/serviceAccounts/{service_account}" + }; + + // The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // + // Requests using `-` as a wildcard for the `PROJECT_ID` will infer the + // project from the `account` and the `ACCOUNT` value can be the `email` + // address or the `unique_id` of the service account. + // + // In responses the resource name will always be in the format + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + string name = 1; + + // @OutputOnly The id of the project that owns the service account. + string project_id = 2; + + // @OutputOnly The unique and stable id of the service account. + string unique_id = 4; + + // @OutputOnly The email address of the service account. + string email = 5; + + // Optional. A user-specified name for the service account. + // Must be less than or equal to 100 UTF-8 bytes. + string display_name = 6; + + // Optional. Note: `etag` is an inoperable legacy field that is only returned + // for backwards compatibility. + bytes etag = 7; + + // @OutputOnly. The OAuth2 client id for the service account. + // This is used in conjunction with the OAuth2 clientconfig API to make + // three legged OAuth2 (3LO) flows to access the data of Google users. + string oauth2_client_id = 9; +} + +// The service account create request. +message CreateServiceAccountRequest { + // Required. The resource name of the project associated with the service + // accounts, such as `projects/my-project-123`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Required. The account id that is used to generate the service account + // email address and a stable unique id. It is unique within a project, + // must be 6-30 characters long, and match the regular expression + // `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035. + string account_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // The [ServiceAccount][google.iam.admin.v1.ServiceAccount] resource to + // create. Currently, only the following values are user assignable: + // `display_name` and `description`. + ServiceAccount service_account = 3; +} + +// The service account list request. +message ListServiceAccountsRequest { + // Required. The resource name of the project associated with the service + // accounts, such as `projects/my-project-123`. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Project" + } + ]; + + // Optional limit on the number of service accounts to include in the + // response. Further accounts can subsequently be obtained by including the + // [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token] + // in a subsequent request. + int32 page_size = 2; + + // Optional pagination token returned in an earlier + // [ListServiceAccountsResponse.next_page_token][google.iam.admin.v1.ListServiceAccountsResponse.next_page_token]. + string page_token = 3; +} + +// The service account list response. +message ListServiceAccountsResponse { + // The list of matching service accounts. + repeated ServiceAccount accounts = 1; + + // To retrieve the next page of results, set + // [ListServiceAccountsRequest.page_token][google.iam.admin.v1.ListServiceAccountsRequest.page_token] + // to this value. + string next_page_token = 2; +} + +// The service account get request. +message GetServiceAccountRequest { + // Required. The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/ServiceAccount" + } + ]; +} + +// The service account delete request. +message DeleteServiceAccountRequest { + // Required. The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/ServiceAccount" + } + ]; +} + +// The service account keys list request. +message ListServiceAccountKeysRequest { + // `KeyType` filters to selectively retrieve certain varieties + // of keys. + enum KeyType { + // Unspecified key type. The presence of this in the + // message will immediately result in an error. + KEY_TYPE_UNSPECIFIED = 0; + + // User-managed keys (managed and rotated by the user). + USER_MANAGED = 1; + + // System-managed keys (managed and rotated by Google). + SYSTEM_MANAGED = 2; + } + + // Required. The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // + // Using `-` as a wildcard for the `PROJECT_ID`, will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/ServiceAccount" + } + ]; + + // Filters the types of keys the user wants to include in the list + // response. Duplicate key types are not allowed. If no key type + // is provided, all keys are returned. + repeated KeyType key_types = 2; +} + +// The service account keys list response. +message ListServiceAccountKeysResponse { + // The public keys for the service account. + repeated ServiceAccountKey keys = 1; +} + +// The service account key get by id request. +message GetServiceAccountKeyRequest { + // Required. The resource name of the service account key in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + // + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/Key" + } + ]; + + // The output format of the public key requested. + // X509_PEM is the default output format. + ServiceAccountPublicKeyType public_key_type = 2; +} + +// Represents a service account key. +// +// A service account has two sets of key-pairs: user-managed, and +// system-managed. +// +// User-managed key-pairs can be created and deleted by users. Users are +// responsible for rotating these keys periodically to ensure security of +// their service accounts. Users retain the private key of these key-pairs, +// and Google retains ONLY the public key. +// +// System-managed keys are automatically rotated by Google, and are used for +// signing for a maximum of two weeks. The rotation process is probabilistic, +// and usage of the new key will gradually ramp up and down over the key's +// lifetime. We recommend caching the public key set for a service account for +// no more than 24 hours to ensure you have access to the latest keys. +// +// Public keys for all service accounts are also published at the OAuth2 +// Service Account API. +message ServiceAccountKey { + option (google.api.resource) = { + type: "iam.googleapis.com/Key" + pattern: "projects/{project}/serviceAccounts/{service_account}/keys/{key}" + }; + + // The resource name of the service account key in the following format + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + string name = 1; + + // The output format for the private key. + // Only provided in `CreateServiceAccountKey` responses, not + // in `GetServiceAccountKey` or `ListServiceAccountKey` responses. + // + // Google never exposes system-managed private keys, and never retains + // user-managed private keys. + ServiceAccountPrivateKeyType private_key_type = 2; + + // Specifies the algorithm (and possibly key size) for the key. + ServiceAccountKeyAlgorithm key_algorithm = 8; + + // The private key data. Only provided in `CreateServiceAccountKey` + // responses. Make sure to keep the private key data secure because it + // allows for the assertion of the service account identity. + // When base64 decoded, the private key data can be used to authenticate with + // Google API client libraries and with + // <a href="/sdk/gcloud/reference/auth/activate-service-account">gcloud + // auth activate-service-account</a>. + bytes private_key_data = 3; + + // The public key data. Only provided in `GetServiceAccountKey` responses. + bytes public_key_data = 7; + + // The key can be used after this timestamp. + google.protobuf.Timestamp valid_after_time = 4; + + // The key can be used before this timestamp. + // For system-managed key pairs, this timestamp is the end time for the + // private key signing operation. The public key could still be used + // for verification for a few hours after this time. + google.protobuf.Timestamp valid_before_time = 5; +} + +// The service account key create request. +message CreateServiceAccountKeyRequest { + // Required. The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/ServiceAccount" + } + ]; + + // The output format of the private key. The default value is + // `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File + // format. + ServiceAccountPrivateKeyType private_key_type = 2; + + // Which type of key and algorithm to use for the key. + // The default is currently a 2K RSA key. However this may change in the + // future. + ServiceAccountKeyAlgorithm key_algorithm = 3; +} + +// The service account key delete request. +message DeleteServiceAccountKeyRequest { + // Required. The resource name of the service account key in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`. + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/Key" + } + ]; +} + +// The service account sign blob request. +message SignBlobRequest { + // Required. The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/ServiceAccount" + } + ]; + + // Required. The bytes to sign. + bytes bytes_to_sign = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// The service account sign blob response. +message SignBlobResponse { + // The id of the key used to sign the blob. + string key_id = 1; + + // The signed blob. + bytes signature = 2; +} + +// The service account sign JWT request. +message SignJwtRequest { + // Required. The resource name of the service account in the following format: + // `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}`. + // Using `-` as a wildcard for the `PROJECT_ID` will infer the project from + // the account. The `ACCOUNT` value can be the `email` address or the + // `unique_id` of the service account. + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "iam.googleapis.com/ServiceAccount" + } + ]; + + // Required. The JWT payload to sign, a JSON JWT Claim set. + string payload = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// The service account sign JWT response. +message SignJwtResponse { + // The id of the key used to sign the JWT. + string key_id = 1; + + // The signed JWT. + string signed_jwt = 2; +} + +// A role in the Identity and Access Management API. +message Role { + // A stage representing a role's lifecycle phase. + enum RoleLaunchStage { + // The user has indicated this role is currently in an Alpha phase. If this + // launch stage is selected, the `stage` field will not be included when + // requesting the definition for a given role. + ALPHA = 0; + + // The user has indicated this role is currently in a Beta phase. + BETA = 1; + + // The user has indicated this role is generally available. + GA = 2; + + // The user has indicated this role is being deprecated. + DEPRECATED = 4; + + // This role is disabled and will not contribute permissions to any members + // it is granted to in policies. + DISABLED = 5; + + // The user has indicated this role is currently in an EAP phase. + EAP = 6; + } + + // The name of the role. + // + // When Role is used in CreateRole, the role name must not be set. + // + // When Role is used in output and other input such as UpdateRole, the role + // name is the complete path, e.g., roles/logging.viewer for predefined roles + // and organizations/{ORGANIZATION_ID}/roles/logging.viewer for custom roles. + string name = 1; + + // Optional. A human-readable title for the role. Typically this + // is limited to 100 UTF-8 bytes. + string title = 2; + + // Optional. A human-readable description for the role. + string description = 3; + + // The names of the permissions this role grants when bound in an IAM policy. + repeated string included_permissions = 7; + + // The current launch stage of the role. If the `ALPHA` launch stage has been + // selected for a role, the `stage` field will not be included in the + // returned definition for the role. + RoleLaunchStage stage = 8; + + // Used to perform a consistent read-modify-write. + bytes etag = 9; + + // The current deleted state of the role. This field is read only. + // It will be ignored in calls to CreateRole and UpdateRole. + bool deleted = 11; +} + +// The grantable role query request. +message QueryGrantableRolesRequest { + // Required. The full resource name to query from the list of grantable roles. + // + // The name follows the Google Cloud Platform resource format. + // For example, a Cloud Platform project with id `my-project` will be named + // `//cloudresourcemanager.googleapis.com/projects/my-project`. + string full_resource_name = 1 [(google.api.field_behavior) = REQUIRED]; + + RoleView view = 2; + + // Optional limit on the number of roles to include in the response. + int32 page_size = 3; + + // Optional pagination token returned in an earlier + // QueryGrantableRolesResponse. + string page_token = 4; +} + +// The grantable role query response. +message QueryGrantableRolesResponse { + // The list of matching roles. + repeated Role roles = 1; + + // To retrieve the next page of results, set + // `QueryGrantableRolesRequest.page_token` to this value. + string next_page_token = 2; +} + +// The request to get all roles defined under a resource. +message ListRolesRequest { + // The `parent` parameter's value depends on the target resource for the + // request, namely + // [`roles`](/iam/reference/rest/v1/roles), + // [`projects`](/iam/reference/rest/v1/projects.roles), or + // [`organizations`](/iam/reference/rest/v1/organizations.roles). Each + // resource type's `parent` value format is described below: + // + // * [`roles.list()`](/iam/reference/rest/v1/roles/list): An empty string. + // This method doesn't require a resource; it simply returns all + // [predefined roles](/iam/docs/understanding-roles#predefined_roles) in + // Cloud IAM. Example request URL: + // `https://iam.googleapis.com/v1/roles` + // + // * [`projects.roles.list()`](/iam/reference/rest/v1/projects.roles/list): + // `projects/{PROJECT_ID}`. This method lists all project-level + // [custom roles](/iam/docs/understanding-custom-roles). + // Example request URL: + // `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` + // + // * [`organizations.roles.list()`](/iam/reference/rest/v1/organizations.roles/list): + // `organizations/{ORGANIZATION_ID}`. This method lists all + // organization-level [custom roles](/iam/docs/understanding-custom-roles). + // Example request URL: + // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` + // + // Note: Wildcard (*) values are invalid; you must specify a complete project + // ID or organization ID. + string parent = 1 [(google.api.resource_reference).type = "*"]; + + // Optional limit on the number of roles to include in the response. + int32 page_size = 2; + + // Optional pagination token returned in an earlier ListRolesResponse. + string page_token = 3; + + // Optional view for the returned Role objects. When `FULL` is specified, + // the `includedPermissions` field is returned, which includes a list of all + // permissions in the role. The default value is `BASIC`, which does not + // return the `includedPermissions` field. + RoleView view = 4; + + // Include Roles that have been deleted. + bool show_deleted = 6; +} + +// The response containing the roles defined under a resource. +message ListRolesResponse { + // The Roles defined on this resource. + repeated Role roles = 1; + + // To retrieve the next page of results, set + // `ListRolesRequest.page_token` to this value. + string next_page_token = 2; +} + +// The request to get the definition of an existing role. +message GetRoleRequest { + // The `name` parameter's value depends on the target resource for the + // request, namely + // [`roles`](/iam/reference/rest/v1/roles), + // [`projects`](/iam/reference/rest/v1/projects.roles), or + // [`organizations`](/iam/reference/rest/v1/organizations.roles). Each + // resource type's `name` value format is described below: + // + // * [`roles.get()`](/iam/reference/rest/v1/roles/get): `roles/{ROLE_NAME}`. + // This method returns results from all + // [predefined roles](/iam/docs/understanding-roles#predefined_roles) in + // Cloud IAM. Example request URL: + // `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` + // + // * [`projects.roles.get()`](/iam/reference/rest/v1/projects.roles/get): + // `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only + // [custom roles](/iam/docs/understanding-custom-roles) that have been + // created at the project level. Example request URL: + // `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + // + // * [`organizations.roles.get()`](/iam/reference/rest/v1/organizations.roles/get): + // `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + // returns only [custom roles](/iam/docs/understanding-custom-roles) that + // have been created at the organization level. Example request URL: + // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + // + // Note: Wildcard (*) values are invalid; you must specify a complete project + // ID or organization ID. + string name = 1 [(google.api.resource_reference).type = "*"]; +} + +// The request to create a new role. +message CreateRoleRequest { + // The `parent` parameter's value depends on the target resource for the + // request, namely + // [`projects`](/iam/reference/rest/v1/projects.roles) or + // [`organizations`](/iam/reference/rest/v1/organizations.roles). Each + // resource type's `parent` value format is described below: + // + // * [`projects.roles.create()`](/iam/reference/rest/v1/projects.roles/create): + // `projects/{PROJECT_ID}`. This method creates project-level + // [custom roles](/iam/docs/understanding-custom-roles). + // Example request URL: + // `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` + // + // * [`organizations.roles.create()`](/iam/reference/rest/v1/organizations.roles/create): + // `organizations/{ORGANIZATION_ID}`. This method creates organization-level + // [custom roles](/iam/docs/understanding-custom-roles). Example request + // URL: + // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` + // + // Note: Wildcard (*) values are invalid; you must specify a complete project + // ID or organization ID. + string parent = 1 [(google.api.resource_reference).type = "*"]; + + // The role ID to use for this role. + string role_id = 2; + + // The Role resource to create. + Role role = 3; +} + +// The request to update a role. +message UpdateRoleRequest { + // The `name` parameter's value depends on the target resource for the + // request, namely + // [`projects`](/iam/reference/rest/v1/projects.roles) or + // [`organizations`](/iam/reference/rest/v1/organizations.roles). Each + // resource type's `name` value format is described below: + // + // * [`projects.roles.patch()`](/iam/reference/rest/v1/projects.roles/patch): + // `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only + // [custom roles](/iam/docs/understanding-custom-roles) that have been + // created at the project level. Example request URL: + // `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + // + // * [`organizations.roles.patch()`](/iam/reference/rest/v1/organizations.roles/patch): + // `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + // updates only [custom roles](/iam/docs/understanding-custom-roles) that + // have been created at the organization level. Example request URL: + // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + // + // Note: Wildcard (*) values are invalid; you must specify a complete project + // ID or organization ID. + string name = 1 [(google.api.resource_reference).type = "*"]; + + // The updated role. + Role role = 2; + + // A mask describing which fields in the Role have changed. + google.protobuf.FieldMask update_mask = 3; +} + +// The request to delete an existing role. +message DeleteRoleRequest { + // The `name` parameter's value depends on the target resource for the + // request, namely + // [`projects`](/iam/reference/rest/v1/projects.roles) or + // [`organizations`](/iam/reference/rest/v1/organizations.roles). Each + // resource type's `name` value format is described below: + // + // * [`projects.roles.delete()`](/iam/reference/rest/v1/projects.roles/delete): + // `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only + // [custom roles](/iam/docs/understanding-custom-roles) that have been + // created at the project level. Example request URL: + // `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + // + // * [`organizations.roles.delete()`](/iam/reference/rest/v1/organizations.roles/delete): + // `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + // deletes only [custom roles](/iam/docs/understanding-custom-roles) that + // have been created at the organization level. Example request URL: + // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + // + // Note: Wildcard (*) values are invalid; you must specify a complete project + // ID or organization ID. + string name = 1 [(google.api.resource_reference).type = "*"]; + + // Used to perform a consistent read-modify-write. + bytes etag = 2; +} + +// The request to undelete an existing role. +message UndeleteRoleRequest { + // The `name` parameter's value depends on the target resource for the + // request, namely + // [`projects`](/iam/reference/rest/v1/projects.roles) or + // [`organizations`](/iam/reference/rest/v1/organizations.roles). Each + // resource type's `name` value format is described below: + // + // * [`projects.roles.undelete()`](/iam/reference/rest/v1/projects.roles/undelete): + // `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes + // only [custom roles](/iam/docs/understanding-custom-roles) that have been + // created at the project level. Example request URL: + // `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}` + // + // * [`organizations.roles.undelete()`](/iam/reference/rest/v1/organizations.roles/undelete): + // `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method + // undeletes only [custom roles](/iam/docs/understanding-custom-roles) that + // have been created at the organization level. Example request URL: + // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}` + // + // Note: Wildcard (*) values are invalid; you must specify a complete project + // ID or organization ID. + string name = 1 [(google.api.resource_reference).type = "*"]; + + // Used to perform a consistent read-modify-write. + bytes etag = 2; +} + +// A permission which can be included by a role. +message Permission { + // A stage representing a permission's lifecycle phase. + enum PermissionLaunchStage { + // The permission is currently in an alpha phase. + ALPHA = 0; + + // The permission is currently in a beta phase. + BETA = 1; + + // The permission is generally available. + GA = 2; + + // The permission is being deprecated. + DEPRECATED = 3; + } + + // The state of the permission with regards to custom roles. + enum CustomRolesSupportLevel { + // Permission is fully supported for custom role use. + SUPPORTED = 0; + + // Permission is being tested to check custom role compatibility. + TESTING = 1; + + // Permission is not supported for custom role use. + NOT_SUPPORTED = 2; + } + + // The name of this Permission. + string name = 1; + + // The title of this Permission. + string title = 2; + + // A brief description of what this Permission is used for. + // This permission can ONLY be used in predefined roles. + string description = 3; + + // This permission can ONLY be used in predefined roles. + bool only_in_predefined_roles = 4; + + // The current launch stage of the permission. + PermissionLaunchStage stage = 5; + + // The current custom role support level. + CustomRolesSupportLevel custom_roles_support_level = 6; +} + +// A request to get permissions which can be tested on a resource. +message QueryTestablePermissionsRequest { + // Required. The full resource name to query from the list of testable + // permissions. + // + // The name follows the Google Cloud Platform resource format. + // For example, a Cloud Platform project with id `my-project` will be named + // `//cloudresourcemanager.googleapis.com/projects/my-project`. + string full_resource_name = 1; + + // Optional limit on the number of permissions to include in the response. + int32 page_size = 2; + + // Optional pagination token returned in an earlier + // QueryTestablePermissionsRequest. + string page_token = 3; +} + +// The response containing permissions which can be tested on a resource. +message QueryTestablePermissionsResponse { + // The Permissions testable on the requested resource. + repeated Permission permissions = 1; + + // To retrieve the next page of results, set + // `QueryTestableRolesRequest.page_token` to this value. + string next_page_token = 2; +} + +// Supported key algorithms. +enum ServiceAccountKeyAlgorithm { + // An unspecified key algorithm. + KEY_ALG_UNSPECIFIED = 0; + + // 1k RSA Key. + KEY_ALG_RSA_1024 = 1; + + // 2k RSA Key. + KEY_ALG_RSA_2048 = 2; +} + +// Supported private key output formats. +enum ServiceAccountPrivateKeyType { + // Unspecified. Equivalent to `TYPE_GOOGLE_CREDENTIALS_FILE`. + TYPE_UNSPECIFIED = 0; + + // PKCS12 format. + // The password for the PKCS12 file is `notasecret`. + // For more information, see https://tools.ietf.org/html/rfc7292. + TYPE_PKCS12_FILE = 1; + + // Google Credentials File format. + TYPE_GOOGLE_CREDENTIALS_FILE = 2; +} + +// Supported public key output formats. +enum ServiceAccountPublicKeyType { + // Unspecified. Returns nothing here. + TYPE_NONE = 0; + + // X509 PEM format. + TYPE_X509_PEM_FILE = 1; + + // Raw public key. + TYPE_RAW_PUBLIC_KEY = 2; +} + +// A view for Role objects. +enum RoleView { + // Omits the `included_permissions` field. + // This is the default value. + BASIC = 0; + + // Returns all fields. + FULL = 1; +} diff --git a/crates/secd/proto/google/iam/v1/iam_policy.proto b/crates/secd/proto/google/iam/v1/iam_policy.proto new file mode 100644 index 0000000..7072854 --- /dev/null +++ b/crates/secd/proto/google/iam/v1/iam_policy.proto @@ -0,0 +1,145 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.iam.v1; + +import "google/iam/v1/options.proto"; +import "google/iam/v1/policy.proto"; +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.Iam.V1"; +option go_package = "google.golang.org/genproto/googleapis/iam/v1;iam"; +option java_multiple_files = true; +option java_outer_classname = "IamPolicyProto"; +option java_package = "com.google.iam.v1"; +option php_namespace = "Google\\Cloud\\Iam\\V1"; + +// ## API Overview +// +// Manages Identity and Access Management (IAM) policies. +// +// Any implementation of an API that offers access control features +// implements the google.iam.v1.IAMPolicy interface. +// +// ## Data model +// +// Access control is applied when a principal (user or service account), takes +// some action on a resource exposed by a service. Resources, identified by +// URI-like names, are the unit of access control specification. Service +// implementations can choose the granularity of access control and the +// supported permissions for their resources. +// For example one database service may allow access control to be +// specified only at the Table level, whereas another might allow access control +// to also be specified at the Column level. +// +// ## Policy Structure +// +// See google.iam.v1.Policy +// +// This is intentionally not a CRUD style API because access control policies +// are created and deleted implicitly with the resources to which they are +// attached. +service IAMPolicy { + option (google.api.default_host) = "iam-meta-api.googleapis.com"; + + // Sets the access control policy on the specified resource. Replaces any + // existing policy. + rpc SetIamPolicy(SetIamPolicyRequest) returns (Policy) { + option (google.api.http) = { + post: "/v1/{resource=**}:setIamPolicy" + body: "*" + }; + } + + // Gets the access control policy for a resource. + // Returns an empty policy if the resource exists and does not have a policy + // set. + rpc GetIamPolicy(GetIamPolicyRequest) returns (Policy) { + option (google.api.http) = { + post: "/v1/{resource=**}:getIamPolicy" + body: "*" + }; + } + + // Returns permissions that a caller has on the specified resource. + // If the resource does not exist, this will return an empty set of + // permissions, not a NOT_FOUND error. + // + // Note: This operation is designed to be used for building permission-aware + // UIs and command-line tools, not for authorization checking. This operation + // may "fail open" without warning. + rpc TestIamPermissions(TestIamPermissionsRequest) returns (TestIamPermissionsResponse) { + option (google.api.http) = { + post: "/v1/{resource=**}:testIamPermissions" + body: "*" + }; + } +} + +// Request message for `SetIamPolicy` method. +message SetIamPolicyRequest { + // REQUIRED: The resource for which the policy is being specified. + // See the operation documentation for the appropriate value for this field. + string resource = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "*"]; + + // REQUIRED: The complete policy to be applied to the `resource`. The size of + // the policy is limited to a few 10s of KB. An empty policy is a + // valid policy but certain Cloud Platform services (such as Projects) + // might reject them. + Policy policy = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for `GetIamPolicy` method. +message GetIamPolicyRequest { + // REQUIRED: The resource for which the policy is being requested. + // See the operation documentation for the appropriate value for this field. + string resource = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "*"]; + + // OPTIONAL: A `GetPolicyOptions` object for specifying options to + // `GetIamPolicy`. This field is only used by Cloud IAM. + GetPolicyOptions options = 2; +} + +// Request message for `TestIamPermissions` method. +message TestIamPermissionsRequest { + // REQUIRED: The resource for which the policy detail is being requested. + // See the operation documentation for the appropriate value for this field. + string resource = 1[ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference).type = "*"]; + + // The set of permissions to check for the `resource`. Permissions with + // wildcards (such as '*' or 'storage.*') are not allowed. For more + // information see + // [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). + repeated string permissions = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Response message for `TestIamPermissions` method. +message TestIamPermissionsResponse { + // A subset of `TestPermissionsRequest.permissions` that the caller is + // allowed. + repeated string permissions = 1; +} diff --git a/crates/secd/proto/google/iam/v1/logging/audit_data.proto b/crates/secd/proto/google/iam/v1/logging/audit_data.proto new file mode 100644 index 0000000..dfe441b --- /dev/null +++ b/crates/secd/proto/google/iam/v1/logging/audit_data.proto @@ -0,0 +1,34 @@ +// Copyright 2017 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.iam.v1.logging; + +import "google/api/annotations.proto"; +import "google/iam/v1/policy.proto"; + +option csharp_namespace = "Google.Cloud.Iam.V1.Logging"; +option go_package = "google.golang.org/genproto/googleapis/iam/v1/logging;logging"; +option java_multiple_files = true; +option java_outer_classname = "AuditDataProto"; +option java_package = "com.google.iam.v1.logging"; + +// Audit log information specific to Cloud IAM. This message is serialized +// as an `Any` type in the `ServiceData` message of an +// `AuditLog` message. +message AuditData { + // Policy delta between the original policy and the newly set policy. + google.iam.v1.PolicyDelta policy_delta = 2; +} diff --git a/crates/secd/proto/google/iam/v1/options.proto b/crates/secd/proto/google/iam/v1/options.proto new file mode 100644 index 0000000..a4e17e5 --- /dev/null +++ b/crates/secd/proto/google/iam/v1/options.proto @@ -0,0 +1,41 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.iam.v1; + +import "google/api/annotations.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.Iam.V1"; +option go_package = "google.golang.org/genproto/googleapis/iam/v1;iam"; +option java_multiple_files = true; +option java_outer_classname = "OptionsProto"; +option java_package = "com.google.iam.v1"; +option php_namespace = "Google\\Cloud\\Iam\\V1"; + +// Encapsulates settings provided to GetIamPolicy. +message GetPolicyOptions { + // Optional. The policy format version to be returned. + // + // Valid values are 0, 1, and 3. Requests specifying an invalid value will be + // rejected. + // + // Requests for policies with any conditional bindings must specify version 3. + // Policies without any conditional bindings may specify any valid value or + // leave the field unset. + int32 requested_policy_version = 1; +} diff --git a/crates/secd/proto/google/iam/v1/policy.proto b/crates/secd/proto/google/iam/v1/policy.proto new file mode 100644 index 0000000..e3aba47 --- /dev/null +++ b/crates/secd/proto/google/iam/v1/policy.proto @@ -0,0 +1,240 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.iam.v1; + +import "google/type/expr.proto"; +import "google/api/annotations.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.Cloud.Iam.V1"; +option go_package = "google.golang.org/genproto/googleapis/iam/v1;iam"; +option java_multiple_files = true; +option java_outer_classname = "PolicyProto"; +option java_package = "com.google.iam.v1"; +option php_namespace = "Google\\Cloud\\Iam\\V1"; + +// Defines an Identity and Access Management (IAM) policy. It is used to +// specify access control policies for Cloud Platform resources. +// +// +// A `Policy` is a collection of `bindings`. A `binding` binds one or more +// `members` to a single `role`. Members can be user accounts, service accounts, +// Google groups, and domains (such as G Suite). A `role` is a named list of +// permissions (defined by IAM or configured by users). A `binding` can +// optionally specify a `condition`, which is a logic expression that further +// constrains the role binding based on attributes about the request and/or +// target resource. +// +// **JSON Example** +// +// { +// "bindings": [ +// { +// "role": "roles/resourcemanager.organizationAdmin", +// "members": [ +// "user:mike@example.com", +// "group:admins@example.com", +// "domain:google.com", +// "serviceAccount:my-project-id@appspot.gserviceaccount.com" +// ] +// }, +// { +// "role": "roles/resourcemanager.organizationViewer", +// "members": ["user:eve@example.com"], +// "condition": { +// "title": "expirable access", +// "description": "Does not grant access after Sep 2020", +// "expression": "request.time < +// timestamp('2020-10-01T00:00:00.000Z')", +// } +// } +// ] +// } +// +// **YAML Example** +// +// bindings: +// - members: +// - user:mike@example.com +// - group:admins@example.com +// - domain:google.com +// - serviceAccount:my-project-id@appspot.gserviceaccount.com +// role: roles/resourcemanager.organizationAdmin +// - members: +// - user:eve@example.com +// role: roles/resourcemanager.organizationViewer +// condition: +// title: expirable access +// description: Does not grant access after Sep 2020 +// expression: request.time < timestamp('2020-10-01T00:00:00.000Z') +// +// For a description of IAM and its features, see the +// [IAM developer's guide](https://cloud.google.com/iam/docs). +message Policy { + // Specifies the format of the policy. + // + // Valid values are 0, 1, and 3. Requests specifying an invalid value will be + // rejected. + // + // Operations affecting conditional bindings must specify version 3. This can + // be either setting a conditional policy, modifying a conditional binding, + // or removing a binding (conditional or unconditional) from the stored + // conditional policy. + // Operations on non-conditional policies may specify any valid value or + // leave the field unset. + // + // If no etag is provided in the call to `setIamPolicy`, version compliance + // checks against the stored policy is skipped. + int32 version = 1; + + // Associates a list of `members` to a `role`. Optionally may specify a + // `condition` that determines when binding is in effect. + // `bindings` with no members will result in an error. + repeated Binding bindings = 4; + + // `etag` is used for optimistic concurrency control as a way to help + // prevent simultaneous updates of a policy from overwriting each other. + // It is strongly suggested that systems make use of the `etag` in the + // read-modify-write cycle to perform policy updates in order to avoid race + // conditions: An `etag` is returned in the response to `getIamPolicy`, and + // systems are expected to put that etag in the request to `setIamPolicy` to + // ensure that their change will be applied to the same version of the policy. + // + // If no `etag` is provided in the call to `setIamPolicy`, then the existing + // policy is overwritten. Due to blind-set semantics of an etag-less policy, + // 'setIamPolicy' will not fail even if the incoming policy version does not + // meet the requirements for modifying the stored policy. + bytes etag = 3; +} + +// Associates `members` with a `role`. +message Binding { + // Role that is assigned to `members`. + // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. + string role = 1; + + // Specifies the identities requesting access for a Cloud Platform resource. + // `members` can have the following values: + // + // * `allUsers`: A special identifier that represents anyone who is + // on the internet; with or without a Google account. + // + // * `allAuthenticatedUsers`: A special identifier that represents anyone + // who is authenticated with a Google account or a service account. + // + // * `user:{emailid}`: An email address that represents a specific Google + // account. For example, `alice@example.com` . + // + // + // * `serviceAccount:{emailid}`: An email address that represents a service + // account. For example, `my-other-app@appspot.gserviceaccount.com`. + // + // * `group:{emailid}`: An email address that represents a Google group. + // For example, `admins@example.com`. + // + // + // * `domain:{domain}`: The G Suite domain (primary) that represents all the + // users of that domain. For example, `google.com` or `example.com`. + // + // + repeated string members = 2; + + // The condition that is associated with this binding. + // NOTE: An unsatisfied condition will not allow user access via current + // binding. Different bindings, including their conditions, are examined + // independently. + google.type.Expr condition = 3; +} + +// The difference delta between two policies. +message PolicyDelta { + // The delta for Bindings between two policies. + repeated BindingDelta binding_deltas = 1; + + // The delta for AuditConfigs between two policies. + repeated AuditConfigDelta audit_config_deltas = 2; +} + +// One delta entry for Binding. Each individual change (only one member in each +// entry) to a binding will be a separate entry. +message BindingDelta { + // The type of action performed on a Binding in a policy. + enum Action { + // Unspecified. + ACTION_UNSPECIFIED = 0; + + // Addition of a Binding. + ADD = 1; + + // Removal of a Binding. + REMOVE = 2; + } + + // The action that was performed on a Binding. + // Required + Action action = 1; + + // Role that is assigned to `members`. + // For example, `roles/viewer`, `roles/editor`, or `roles/owner`. + // Required + string role = 2; + + // A single identity requesting access for a Cloud Platform resource. + // Follows the same format of Binding.members. + // Required + string member = 3; + + // The condition that is associated with this binding. + google.type.Expr condition = 4; +} + +// One delta entry for AuditConfig. Each individual change (only one +// exempted_member in each entry) to a AuditConfig will be a separate entry. +message AuditConfigDelta { + // The type of action performed on an audit configuration in a policy. + enum Action { + // Unspecified. + ACTION_UNSPECIFIED = 0; + + // Addition of an audit configuration. + ADD = 1; + + // Removal of an audit configuration. + REMOVE = 2; + } + + // The action that was performed on an audit configuration in a policy. + // Required + Action action = 1; + + // Specifies a service that was configured for Cloud Audit Logging. + // For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. + // `allServices` is a special value that covers all services. + // Required + string service = 2; + + // A single identity that is exempted from "data access" audit + // logging for the `service` specified above. + // Follows the same format of Binding.members. + string exempted_member = 3; + + // Specifies the log_type that was be enabled. ADMIN_ACTIVITY is always + // enabled, and cannot be configured. + // Required + string log_type = 4; +} diff --git a/crates/secd/proto/google/logging/type/http_request.proto b/crates/secd/proto/google/logging/type/http_request.proto new file mode 100644 index 0000000..8b9301f --- /dev/null +++ b/crates/secd/proto/google/logging/type/http_request.proto @@ -0,0 +1,92 @@ +// Copyright 2017 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.logging.type; + +import "google/api/annotations.proto"; +import "google/protobuf/duration.proto"; + +option csharp_namespace = "Google.Cloud.Logging.Type"; +option go_package = "google.golang.org/genproto/googleapis/logging/type;ltype"; +option java_multiple_files = true; +option java_outer_classname = "HttpRequestProto"; +option java_package = "com.google.logging.type"; +option php_namespace = "Google\\Cloud\\Logging\\Type"; + + +// A common proto for logging HTTP requests. Only contains semantics +// defined by the HTTP specification. Product-specific logging +// information MUST be defined in a separate message. +message HttpRequest { + // The request method. Examples: `"GET"`, `"HEAD"`, `"PUT"`, `"POST"`. + string request_method = 1; + + // The scheme (http, https), the host name, the path and the query + // portion of the URL that was requested. + // Example: `"http://example.com/some/info?color=red"`. + string request_url = 2; + + // The size of the HTTP request message in bytes, including the request + // headers and the request body. + int64 request_size = 3; + + // The response code indicating the status of response. + // Examples: 200, 404. + int32 status = 4; + + // The size of the HTTP response message sent back to the client, in bytes, + // including the response headers and the response body. + int64 response_size = 5; + + // The user agent sent by the client. Example: + // `"Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Q312461; .NET CLR 1.0.3705)"`. + string user_agent = 6; + + // The IP address (IPv4 or IPv6) of the client that issued the HTTP + // request. Examples: `"192.168.1.1"`, `"FE80::0202:B3FF:FE1E:8329"`. + string remote_ip = 7; + + // The IP address (IPv4 or IPv6) of the origin server that the request was + // sent to. + string server_ip = 13; + + // The referer URL of the request, as defined in + // [HTTP/1.1 Header Field Definitions](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html). + string referer = 8; + + // The request processing latency on the server, from the time the request was + // received until the response was sent. + google.protobuf.Duration latency = 14; + + // Whether or not a cache lookup was attempted. + bool cache_lookup = 11; + + // Whether or not an entity was served from cache + // (with or without validation). + bool cache_hit = 9; + + // Whether or not the response was validated with the origin server before + // being served from cache. This field is only meaningful if `cache_hit` is + // True. + bool cache_validated_with_origin_server = 10; + + // The number of HTTP response bytes inserted into cache. Set only when a + // cache fill was attempted. + int64 cache_fill_bytes = 12; + + // Protocol used for the request. Examples: "HTTP/1.1", "HTTP/2", "websocket" + string protocol = 15; +} diff --git a/crates/secd/proto/google/logging/type/log_severity.proto b/crates/secd/proto/google/logging/type/log_severity.proto new file mode 100644 index 0000000..41351c6 --- /dev/null +++ b/crates/secd/proto/google/logging/type/log_severity.proto @@ -0,0 +1,72 @@ +// Copyright 2017 Google Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.logging.type; + +import "google/api/annotations.proto"; + +option csharp_namespace = "Google.Cloud.Logging.Type"; +option go_package = "google.golang.org/genproto/googleapis/logging/type;ltype"; +option java_multiple_files = true; +option java_outer_classname = "LogSeverityProto"; +option java_package = "com.google.logging.type"; +option php_namespace = "Google\\Cloud\\Logging\\Type"; + + +// The severity of the event described in a log entry, expressed as one of the +// standard severity levels listed below. For your reference, the levels are +// assigned the listed numeric values. The effect of using numeric values other +// than those listed is undefined. +// +// You can filter for log entries by severity. For example, the following +// filter expression will match log entries with severities `INFO`, `NOTICE`, +// and `WARNING`: +// +// severity > DEBUG AND severity <= WARNING +// +// If you are writing log entries, you should map other severity encodings to +// one of these standard levels. For example, you might map all of Java's FINE, +// FINER, and FINEST levels to `LogSeverity.DEBUG`. You can preserve the +// original severity level in the log entry payload if you wish. +enum LogSeverity { + // (0) The log entry has no assigned severity level. + DEFAULT = 0; + + // (100) Debug or trace information. + DEBUG = 100; + + // (200) Routine information, such as ongoing status or performance. + INFO = 200; + + // (300) Normal but significant events, such as start up, shut down, or + // a configuration change. + NOTICE = 300; + + // (400) Warning events might cause problems. + WARNING = 400; + + // (500) Error events are likely to cause problems. + ERROR = 500; + + // (600) Critical events cause more severe problems or outages. + CRITICAL = 600; + + // (700) A person must take an action immediately. + ALERT = 700; + + // (800) One or more systems are unusable. + EMERGENCY = 800; +} diff --git a/crates/secd/proto/google/longrunning/operations.proto b/crates/secd/proto/google/longrunning/operations.proto new file mode 100644 index 0000000..299eefb --- /dev/null +++ b/crates/secd/proto/google/longrunning/operations.proto @@ -0,0 +1,247 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.longrunning; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/protobuf/any.proto"; +import "google/protobuf/duration.proto"; +import "google/protobuf/empty.proto"; +import "google/rpc/status.proto"; +import "google/protobuf/descriptor.proto"; + +option cc_enable_arenas = true; +option csharp_namespace = "Google.LongRunning"; +option go_package = "google.golang.org/genproto/googleapis/longrunning;longrunning"; +option java_multiple_files = true; +option java_outer_classname = "OperationsProto"; +option java_package = "com.google.longrunning"; +option php_namespace = "Google\\LongRunning"; + +extend google.protobuf.MethodOptions { + // Additional information regarding long-running operations. + // In particular, this specifies the types that are returned from + // long-running operations. + // + // Required for methods that return `google.longrunning.Operation`; invalid + // otherwise. + google.longrunning.OperationInfo operation_info = 1049; +} + +// Manages long-running operations with an API service. +// +// When an API method normally takes long time to complete, it can be designed +// to return [Operation][google.longrunning.Operation] to the client, and the client can use this +// interface to receive the real response asynchronously by polling the +// operation resource, or pass the operation resource to another API (such as +// Google Cloud Pub/Sub API) to receive the response. Any API service that +// returns long-running operations should implement the `Operations` interface +// so developers can have a consistent client experience. +service Operations { + option (google.api.default_host) = "longrunning.googleapis.com"; + + // Lists operations that match the specified filter in the request. If the + // server doesn't support this method, it returns `UNIMPLEMENTED`. + // + // NOTE: the `name` binding allows API services to override the binding + // to use different resource name schemes, such as `users/*/operations`. To + // override the binding, API services can add a binding such as + // `"/v1/{name=users/*}/operations"` to their service configuration. + // For backwards compatibility, the default name includes the operations + // collection id, however overriding users must ensure the name binding + // is the parent resource, without the operations collection id. + rpc ListOperations(ListOperationsRequest) returns (ListOperationsResponse) { + option (google.api.http) = { + get: "/v1/{name=operations}" + }; + option (google.api.method_signature) = "name,filter"; + } + + // Gets the latest state of a long-running operation. Clients can use this + // method to poll the operation result at intervals as recommended by the API + // service. + rpc GetOperation(GetOperationRequest) returns (Operation) { + option (google.api.http) = { + get: "/v1/{name=operations/**}" + }; + option (google.api.method_signature) = "name"; + } + + // Deletes a long-running operation. This method indicates that the client is + // no longer interested in the operation result. It does not cancel the + // operation. If the server doesn't support this method, it returns + // `google.rpc.Code.UNIMPLEMENTED`. + rpc DeleteOperation(DeleteOperationRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1/{name=operations/**}" + }; + option (google.api.method_signature) = "name"; + } + + // Starts asynchronous cancellation on a long-running operation. The server + // makes a best effort to cancel the operation, but success is not + // guaranteed. If the server doesn't support this method, it returns + // `google.rpc.Code.UNIMPLEMENTED`. Clients can use + // [Operations.GetOperation][google.longrunning.Operations.GetOperation] or + // other methods to check whether the cancellation succeeded or whether the + // operation completed despite cancellation. On successful cancellation, + // the operation is not deleted; instead, it becomes an operation with + // an [Operation.error][google.longrunning.Operation.error] value with a [google.rpc.Status.code][google.rpc.Status.code] of 1, + // corresponding to `Code.CANCELLED`. + rpc CancelOperation(CancelOperationRequest) returns (google.protobuf.Empty) { + option (google.api.http) = { + post: "/v1/{name=operations/**}:cancel" + body: "*" + }; + option (google.api.method_signature) = "name"; + } + + // Waits for the specified long-running operation until it is done or reaches + // at most a specified timeout, returning the latest state. If the operation + // is already done, the latest state is immediately returned. If the timeout + // specified is greater than the default HTTP/RPC timeout, the HTTP/RPC + // timeout is used. If the server does not support this method, it returns + // `google.rpc.Code.UNIMPLEMENTED`. + // Note that this method is on a best-effort basis. It may return the latest + // state before the specified timeout (including immediately), meaning even an + // immediate response is no guarantee that the operation is done. + rpc WaitOperation(WaitOperationRequest) returns (Operation) { + } +} + +// This resource represents a long-running operation that is the result of a +// network API call. +message Operation { + // The server-assigned name, which is only unique within the same service that + // originally returns it. If you use the default HTTP mapping, the + // `name` should be a resource name ending with `operations/{unique_id}`. + string name = 1; + + // Service-specific metadata associated with the operation. It typically + // contains progress information and common metadata such as create time. + // Some services might not provide such metadata. Any method that returns a + // long-running operation should document the metadata type, if any. + google.protobuf.Any metadata = 2; + + // If the value is `false`, it means the operation is still in progress. + // If `true`, the operation is completed, and either `error` or `response` is + // available. + bool done = 3; + + // The operation result, which can be either an `error` or a valid `response`. + // If `done` == `false`, neither `error` nor `response` is set. + // If `done` == `true`, exactly one of `error` or `response` is set. + oneof result { + // The error result of the operation in case of failure or cancellation. + google.rpc.Status error = 4; + + // The normal response of the operation in case of success. If the original + // method returns no data on success, such as `Delete`, the response is + // `google.protobuf.Empty`. If the original method is standard + // `Get`/`Create`/`Update`, the response should be the resource. For other + // methods, the response should have the type `XxxResponse`, where `Xxx` + // is the original method name. For example, if the original method name + // is `TakeSnapshot()`, the inferred response type is + // `TakeSnapshotResponse`. + google.protobuf.Any response = 5; + } +} + +// The request message for [Operations.GetOperation][google.longrunning.Operations.GetOperation]. +message GetOperationRequest { + // The name of the operation resource. + string name = 1; +} + +// The request message for [Operations.ListOperations][google.longrunning.Operations.ListOperations]. +message ListOperationsRequest { + // The name of the operation's parent resource. + string name = 4; + + // The standard list filter. + string filter = 1; + + // The standard list page size. + int32 page_size = 2; + + // The standard list page token. + string page_token = 3; +} + +// The response message for [Operations.ListOperations][google.longrunning.Operations.ListOperations]. +message ListOperationsResponse { + // A list of operations that matches the specified filter in the request. + repeated Operation operations = 1; + + // The standard List next-page token. + string next_page_token = 2; +} + +// The request message for [Operations.CancelOperation][google.longrunning.Operations.CancelOperation]. +message CancelOperationRequest { + // The name of the operation resource to be cancelled. + string name = 1; +} + +// The request message for [Operations.DeleteOperation][google.longrunning.Operations.DeleteOperation]. +message DeleteOperationRequest { + // The name of the operation resource to be deleted. + string name = 1; +} + +// The request message for [Operations.WaitOperation][google.longrunning.Operations.WaitOperation]. +message WaitOperationRequest { + // The name of the operation resource to wait on. + string name = 1; + + // The maximum duration to wait before timing out. If left blank, the wait + // will be at most the time permitted by the underlying HTTP/RPC protocol. + // If RPC context deadline is also specified, the shorter one will be used. + google.protobuf.Duration timeout = 2; +} + +// A message representing the message types used by a long-running operation. +// +// Example: +// +// rpc LongRunningRecognize(LongRunningRecognizeRequest) +// returns (google.longrunning.Operation) { +// option (google.longrunning.operation_info) = { +// response_type: "LongRunningRecognizeResponse" +// metadata_type: "LongRunningRecognizeMetadata" +// }; +// } +message OperationInfo { + // Required. The message name of the primary return type for this + // long-running operation. + // This type will be used to deserialize the LRO's response. + // + // If the response is in a different package from the rpc, a fully-qualified + // message name must be used (e.g. `google.protobuf.Struct`). + // + // Note: Altering this value constitutes a breaking change. + string response_type = 1; + + // Required. The message name of the metadata type for this long-running + // operation. + // + // If the response is in a different package from the rpc, a fully-qualified + // message name must be used (e.g. `google.protobuf.Struct`). + // + // Note: Altering this value constitutes a breaking change. + string metadata_type = 2; +} diff --git a/crates/secd/proto/google/rpc/code.proto b/crates/secd/proto/google/rpc/code.proto new file mode 100644 index 0000000..98ae0ac --- /dev/null +++ b/crates/secd/proto/google/rpc/code.proto @@ -0,0 +1,186 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.rpc; + +option go_package = "google.golang.org/genproto/googleapis/rpc/code;code"; +option java_multiple_files = true; +option java_outer_classname = "CodeProto"; +option java_package = "com.google.rpc"; +option objc_class_prefix = "RPC"; + +// The canonical error codes for gRPC APIs. +// +// +// Sometimes multiple error codes may apply. Services should return +// the most specific error code that applies. For example, prefer +// `OUT_OF_RANGE` over `FAILED_PRECONDITION` if both codes apply. +// Similarly prefer `NOT_FOUND` or `ALREADY_EXISTS` over `FAILED_PRECONDITION`. +enum Code { + // Not an error; returned on success + // + // HTTP Mapping: 200 OK + OK = 0; + + // The operation was cancelled, typically by the caller. + // + // HTTP Mapping: 499 Client Closed Request + CANCELLED = 1; + + // Unknown error. For example, this error may be returned when + // a `Status` value received from another address space belongs to + // an error space that is not known in this address space. Also + // errors raised by APIs that do not return enough error information + // may be converted to this error. + // + // HTTP Mapping: 500 Internal Server Error + UNKNOWN = 2; + + // The client specified an invalid argument. Note that this differs + // from `FAILED_PRECONDITION`. `INVALID_ARGUMENT` indicates arguments + // that are problematic regardless of the state of the system + // (e.g., a malformed file name). + // + // HTTP Mapping: 400 Bad Request + INVALID_ARGUMENT = 3; + + // The deadline expired before the operation could complete. For operations + // that change the state of the system, this error may be returned + // even if the operation has completed successfully. For example, a + // successful response from a server could have been delayed long + // enough for the deadline to expire. + // + // HTTP Mapping: 504 Gateway Timeout + DEADLINE_EXCEEDED = 4; + + // Some requested entity (e.g., file or directory) was not found. + // + // Note to server developers: if a request is denied for an entire class + // of users, such as gradual feature rollout or undocumented whitelist, + // `NOT_FOUND` may be used. If a request is denied for some users within + // a class of users, such as user-based access control, `PERMISSION_DENIED` + // must be used. + // + // HTTP Mapping: 404 Not Found + NOT_FOUND = 5; + + // The entity that a client attempted to create (e.g., file or directory) + // already exists. + // + // HTTP Mapping: 409 Conflict + ALREADY_EXISTS = 6; + + // The caller does not have permission to execute the specified + // operation. `PERMISSION_DENIED` must not be used for rejections + // caused by exhausting some resource (use `RESOURCE_EXHAUSTED` + // instead for those errors). `PERMISSION_DENIED` must not be + // used if the caller can not be identified (use `UNAUTHENTICATED` + // instead for those errors). This error code does not imply the + // request is valid or the requested entity exists or satisfies + // other pre-conditions. + // + // HTTP Mapping: 403 Forbidden + PERMISSION_DENIED = 7; + + // The request does not have valid authentication credentials for the + // operation. + // + // HTTP Mapping: 401 Unauthorized + UNAUTHENTICATED = 16; + + // Some resource has been exhausted, perhaps a per-user quota, or + // perhaps the entire file system is out of space. + // + // HTTP Mapping: 429 Too Many Requests + RESOURCE_EXHAUSTED = 8; + + // The operation was rejected because the system is not in a state + // required for the operation's execution. For example, the directory + // to be deleted is non-empty, an rmdir operation is applied to + // a non-directory, etc. + // + // Service implementors can use the following guidelines to decide + // between `FAILED_PRECONDITION`, `ABORTED`, and `UNAVAILABLE`: + // (a) Use `UNAVAILABLE` if the client can retry just the failing call. + // (b) Use `ABORTED` if the client should retry at a higher level + // (e.g., when a client-specified test-and-set fails, indicating the + // client should restart a read-modify-write sequence). + // (c) Use `FAILED_PRECONDITION` if the client should not retry until + // the system state has been explicitly fixed. E.g., if an "rmdir" + // fails because the directory is non-empty, `FAILED_PRECONDITION` + // should be returned since the client should not retry unless + // the files are deleted from the directory. + // + // HTTP Mapping: 400 Bad Request + FAILED_PRECONDITION = 9; + + // The operation was aborted, typically due to a concurrency issue such as + // a sequencer check failure or transaction abort. + // + // See the guidelines above for deciding between `FAILED_PRECONDITION`, + // `ABORTED`, and `UNAVAILABLE`. + // + // HTTP Mapping: 409 Conflict + ABORTED = 10; + + // The operation was attempted past the valid range. E.g., seeking or + // reading past end-of-file. + // + // Unlike `INVALID_ARGUMENT`, this error indicates a problem that may + // be fixed if the system state changes. For example, a 32-bit file + // system will generate `INVALID_ARGUMENT` if asked to read at an + // offset that is not in the range [0,2^32-1], but it will generate + // `OUT_OF_RANGE` if asked to read from an offset past the current + // file size. + // + // There is a fair bit of overlap between `FAILED_PRECONDITION` and + // `OUT_OF_RANGE`. We recommend using `OUT_OF_RANGE` (the more specific + // error) when it applies so that callers who are iterating through + // a space can easily look for an `OUT_OF_RANGE` error to detect when + // they are done. + // + // HTTP Mapping: 400 Bad Request + OUT_OF_RANGE = 11; + + // The operation is not implemented or is not supported/enabled in this + // service. + // + // HTTP Mapping: 501 Not Implemented + UNIMPLEMENTED = 12; + + // Internal errors. This means that some invariants expected by the + // underlying system have been broken. This error code is reserved + // for serious errors. + // + // HTTP Mapping: 500 Internal Server Error + INTERNAL = 13; + + // The service is currently unavailable. This is most likely a + // transient condition, which can be corrected by retrying with + // a backoff. Note that it is not always safe to retry + // non-idempotent operations. + // + // See the guidelines above for deciding between `FAILED_PRECONDITION`, + // `ABORTED`, and `UNAVAILABLE`. + // + // HTTP Mapping: 503 Service Unavailable + UNAVAILABLE = 14; + + // Unrecoverable data loss or corruption. + // + // HTTP Mapping: 500 Internal Server Error + DATA_LOSS = 15; +} diff --git a/crates/secd/proto/google/rpc/context/attribute_context.proto b/crates/secd/proto/google/rpc/context/attribute_context.proto new file mode 100644 index 0000000..e60a5ae --- /dev/null +++ b/crates/secd/proto/google/rpc/context/attribute_context.proto @@ -0,0 +1,287 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.rpc.context; + +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/rpc/context/attribute_context;attribute_context"; +option java_multiple_files = true; +option java_outer_classname = "AttributeContextProto"; +option java_package = "com.google.rpc.context"; + +// This message defines the standard attribute vocabulary for Google APIs. +// +// An attribute is a piece of metadata that describes an activity on a network +// service. For example, the size of an HTTP request, or the status code of +// an HTTP response. +// +// Each attribute has a type and a name, which is logically defined as +// a proto message field in `AttributeContext`. The field type becomes the +// attribute type, and the field path becomes the attribute name. For example, +// the attribute `source.ip` maps to field `AttributeContext.source.ip`. +// +// This message definition is guaranteed not to have any wire breaking change. +// So you can use it directly for passing attributes across different systems. +// +// NOTE: Different system may generate different subset of attributes. Please +// verify the system specification before relying on an attribute generated +// a system. +message AttributeContext { + // This message defines attributes for a node that handles a network request. + // The node can be either a service or an application that sends, forwards, + // or receives the request. Service peers should fill in + // `principal` and `labels` as appropriate. + message Peer { + // The IP address of the peer. + string ip = 1; + + // The network port of the peer. + int64 port = 2; + + // The labels associated with the peer. + map<string, string> labels = 6; + + // The identity of this peer. Similar to `Request.auth.principal`, but + // relative to the peer instead of the request. For example, the + // idenity associated with a load balancer that forwared the request. + string principal = 7; + + // The CLDR country/region code associated with the above IP address. + // If the IP address is private, the `region_code` should reflect the + // physical location where this peer is running. + string region_code = 8; + } + + // This message defines attributes associated with API operations, such as + // a network API request. The terminology is based on the conventions used + // by Google APIs, Istio, and OpenAPI. + message Api { + // The API service name. It is a logical identifier for a networked API, + // such as "pubsub.googleapis.com". The naming syntax depends on the + // API management system being used for handling the request. + string service = 1; + + // The API operation name. For gRPC requests, it is the fully qualified API + // method name, such as "google.pubsub.v1.Publisher.Publish". For OpenAPI + // requests, it is the `operationId`, such as "getPet". + string operation = 2; + + // The API protocol used for sending the request, such as "http", "https", + // "grpc", or "internal". + string protocol = 3; + + // The API version associated with the API operation above, such as "v1" or + // "v1alpha1". + string version = 4; + } + + // This message defines request authentication attributes. Terminology is + // based on the JSON Web Token (JWT) standard, but the terms also + // correlate to concepts in other standards. + message Auth { + // The authenticated principal. Reflects the issuer (`iss`) and subject + // (`sub`) claims within a JWT. The issuer and subject should be `/` + // delimited, with `/` percent-encoded within the subject fragment. For + // Google accounts, the principal format is: + // "https://accounts.google.com/{id}" + string principal = 1; + + // The intended audience(s) for this authentication information. Reflects + // the audience (`aud`) claim within a JWT. The audience + // value(s) depends on the `issuer`, but typically include one or more of + // the following pieces of information: + // + // * The services intended to receive the credential such as + // ["pubsub.googleapis.com", "storage.googleapis.com"] + // * A set of service-based scopes. For example, + // ["https://www.googleapis.com/auth/cloud-platform"] + // * The client id of an app, such as the Firebase project id for JWTs + // from Firebase Auth. + // + // Consult the documentation for the credential issuer to determine the + // information provided. + repeated string audiences = 2; + + // The authorized presenter of the credential. Reflects the optional + // Authorized Presenter (`azp`) claim within a JWT or the + // OAuth client id. For example, a Google Cloud Platform client id looks + // as follows: "123456789012.apps.googleusercontent.com". + string presenter = 3; + + // Structured claims presented with the credential. JWTs include + // `{key: value}` pairs for standard and private claims. The following + // is a subset of the standard required and optional claims that would + // typically be presented for a Google-based JWT: + // + // {'iss': 'accounts.google.com', + // 'sub': '113289723416554971153', + // 'aud': ['123456789012', 'pubsub.googleapis.com'], + // 'azp': '123456789012.apps.googleusercontent.com', + // 'email': 'jsmith@example.com', + // 'iat': 1353601026, + // 'exp': 1353604926} + // + // SAML assertions are similarly specified, but with an identity provider + // dependent structure. + google.protobuf.Struct claims = 4; + + // A list of access level resource names that allow resources to be + // accessed by authenticated requester. It is part of Secure GCP processing + // for the incoming request. An access level string has the format: + // "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" + // + // Example: + // "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL" + repeated string access_levels = 5; + } + + // This message defines attributes for an HTTP request. If the actual + // request is not an HTTP request, the runtime system should try to map + // the actual request to an equivalent HTTP request. + message Request { + // The unique ID for a request, which can be propagated to downstream + // systems. The ID should have low probability of collision + // within a single day for a specific service. + string id = 1; + + // The HTTP request method, such as `GET`, `POST`. + string method = 2; + + // The HTTP request headers. If multiple headers share the same key, they + // must be merged according to the HTTP spec. All header keys must be + // lowercased, because HTTP header keys are case-insensitive. + map<string, string> headers = 3; + + // The HTTP URL path. + string path = 4; + + // The HTTP request `Host` header value. + string host = 5; + + // The HTTP URL scheme, such as `http` and `https`. + string scheme = 6; + + // The HTTP URL query in the format of `name1=value1&name2=value2`, as it + // appears in the first line of the HTTP request. No decoding is performed. + string query = 7; + + // The timestamp when the `destination` service receives the first byte of + // the request. + google.protobuf.Timestamp time = 9; + + // The HTTP request size in bytes. If unknown, it must be -1. + int64 size = 10; + + // The network protocol used with the request, such as "http/1.1", + // "spdy/3", "h2", "h2c", "webrtc", "tcp", "udp", "quic". See + // https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids + // for details. + string protocol = 11; + + // A special parameter for request reason. It is used by security systems + // to associate auditing information with a request. + string reason = 12; + + // The request authentication. May be absent for unauthenticated requests. + // Derived from the HTTP request `Authorization` header or equivalent. + Auth auth = 13; + } + + // This message defines attributes for a typical network response. It + // generally models semantics of an HTTP response. + message Response { + // The HTTP response status code, such as `200` and `404`. + int64 code = 1; + + // The HTTP response size in bytes. If unknown, it must be -1. + int64 size = 2; + + // The HTTP response headers. If multiple headers share the same key, they + // must be merged according to HTTP spec. All header keys must be + // lowercased, because HTTP header keys are case-insensitive. + map<string, string> headers = 3; + + // The timestamp when the `destination` service generates the first byte of + // the response. + google.protobuf.Timestamp time = 4; + } + + // This message defines core attributes for a resource. A resource is an + // addressable (named) entity provided by the destination service. For + // example, a file stored on a network storage service. + message Resource { + // The name of the service that this resource belongs to, such as + // `pubsub.googleapis.com`. The service may be different from the DNS + // hostname that actually serves the request. + string service = 1; + + // The stable identifier (name) of a resource on the `service`. A resource + // can be logically identified as "//{resource.service}/{resource.name}". + // The differences between a resource name and a URI are: + // + // * Resource name is a logical identifier, independent of network + // protocol and API version. For example, + // `//pubsub.googleapis.com/projects/123/topics/news-feed`. + // * URI often includes protocol and version information, so it can + // be used directly by applications. For example, + // `https://pubsub.googleapis.com/v1/projects/123/topics/news-feed`. + // + // See https://cloud.google.com/apis/design/resource_names for details. + string name = 2; + + // The type of the resource. The syntax is platform-specific because + // different platforms define their resources differently. + // + // For Google APIs, the type format must be "{service}/{kind}". + string type = 3; + + // The labels or tags on the resource, such as AWS resource tags and + // Kubernetes resource labels. + map<string, string> labels = 4; + } + + // The origin of a network activity. In a multi hop network activity, + // the origin represents the sender of the first hop. For the first hop, + // the `source` and the `origin` must have the same content. + Peer origin = 7; + + // The source of a network activity, such as starting a TCP connection. + // In a multi hop network activity, the source represents the sender of the + // last hop. + Peer source = 1; + + // The destination of a network activity, such as accepting a TCP connection. + // In a multi hop network activity, the destination represents the receiver of + // the last hop. + Peer destination = 2; + + // Represents a network request, such as an HTTP request. + Request request = 3; + + // Represents a network response, such as an HTTP response. + Response response = 4; + + // Represents a target resource that is involved with a network activity. + // If multiple resources are involved with an activity, this must be the + // primary one. + Resource resource = 5; + + // Represents an API operation that is involved to a network activity. + Api api = 6; +} diff --git a/crates/secd/proto/google/rpc/error_details.proto b/crates/secd/proto/google/rpc/error_details.proto new file mode 100644 index 0000000..4862ebf --- /dev/null +++ b/crates/secd/proto/google/rpc/error_details.proto @@ -0,0 +1,246 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.rpc; + +import "google/protobuf/duration.proto"; + +option go_package = "google.golang.org/genproto/googleapis/rpc/errdetails;errdetails"; +option java_multiple_files = true; +option java_outer_classname = "ErrorDetailsProto"; +option java_package = "com.google.rpc"; +option objc_class_prefix = "RPC"; + +// Describes when the clients can retry a failed request. Clients could ignore +// the recommendation here or retry when this information is missing from error +// responses. +// +// It's always recommended that clients should use exponential backoff when +// retrying. +// +// Clients should wait until `retry_delay` amount of time has passed since +// receiving the error response before retrying. If retrying requests also +// fail, clients should use an exponential backoff scheme to gradually increase +// the delay between retries based on `retry_delay`, until either a maximum +// number of retries have been reached or a maximum retry delay cap has been +// reached. +message RetryInfo { + // Clients should wait at least this long between retrying the same request. + google.protobuf.Duration retry_delay = 1; +} + +// Describes additional debugging info. +message DebugInfo { + // The stack trace entries indicating where the error occurred. + repeated string stack_entries = 1; + + // Additional debugging information provided by the server. + string detail = 2; +} + +// Describes how a quota check failed. +// +// For example if a daily limit was exceeded for the calling project, +// a service could respond with a QuotaFailure detail containing the project +// id and the description of the quota limit that was exceeded. If the +// calling project hasn't enabled the service in the developer console, then +// a service could respond with the project id and set `service_disabled` +// to true. +// +// Also see RetryInfo and Help types for other details about handling a +// quota failure. +message QuotaFailure { + // A message type used to describe a single quota violation. For example, a + // daily quota or a custom quota that was exceeded. + message Violation { + // The subject on which the quota check failed. + // For example, "clientip:<ip address of client>" or "project:<Google + // developer project id>". + string subject = 1; + + // A description of how the quota check failed. Clients can use this + // description to find more about the quota configuration in the service's + // public documentation, or find the relevant quota limit to adjust through + // developer console. + // + // For example: "Service disabled" or "Daily Limit for read operations + // exceeded". + string description = 2; + } + + // Describes all quota violations. + repeated Violation violations = 1; +} + +// Describes the cause of the error with structured details. +// +// Example of an error when contacting the "pubsub.googleapis.com" API when it +// is not enabled: +// { "reason": "API_DISABLED" +// "domain": "googleapis.com" +// "metadata": { +// "resource": "projects/123", +// "service": "pubsub.googleapis.com" +// } +// } +// This response indicates that the pubsub.googleapis.com API is not enabled. +// +// Example of an error that is returned when attempting to create a Spanner +// instance in a region that is out of stock: +// { "reason": "STOCKOUT" +// "domain": "spanner.googleapis.com", +// "metadata": { +// "availableRegions": "us-central1,us-east2" +// } +// } +// +message ErrorInfo { + // The reason of the error. This is a constant value that identifies the + // proximate cause of the error. Error reasons are unique within a particular + // domain of errors. This should be at most 63 characters and match + // /[A-Z0-9_]+/. + string reason = 1; + + // The logical grouping to which the "reason" belongs. Often "domain" will + // contain the registered service name of the tool or product that is the + // source of the error. Example: "pubsub.googleapis.com". If the error is + // common across many APIs, the first segment of the example above will be + // omitted. The value will be, "googleapis.com". + string domain = 2; + + // Additional structured details about this error. + // + // Keys should match /[a-zA-Z0-9-_]/ and be limited to 64 characters in + // length. When identifying the current value of an exceeded limit, the units + // should be contained in the key, not the value. For example, rather than + // {"instanceLimit": "100/request"}, should be returned as, + // {"instanceLimitPerRequest": "100"}, if the client exceeds the number of + // instances that can be created in a single (batch) request. + map<string, string> metadata = 3; +} + +// Describes what preconditions have failed. +// +// For example, if an RPC failed because it required the Terms of Service to be +// acknowledged, it could list the terms of service violation in the +// PreconditionFailure message. +message PreconditionFailure { + // A message type used to describe a single precondition failure. + message Violation { + // The type of PreconditionFailure. We recommend using a service-specific + // enum type to define the supported precondition violation subjects. For + // example, "TOS" for "Terms of Service violation". + string type = 1; + + // The subject, relative to the type, that failed. + // For example, "google.com/cloud" relative to the "TOS" type would indicate + // which terms of service is being referenced. + string subject = 2; + + // A description of how the precondition failed. Developers can use this + // description to understand how to fix the failure. + // + // For example: "Terms of service not accepted". + string description = 3; + } + + // Describes all precondition violations. + repeated Violation violations = 1; +} + +// Describes violations in a client request. This error type focuses on the +// syntactic aspects of the request. +message BadRequest { + // A message type used to describe a single bad request field. + message FieldViolation { + // A path leading to a field in the request body. The value will be a + // sequence of dot-separated identifiers that identify a protocol buffer + // field. E.g., "field_violations.field" would identify this field. + string field = 1; + + // A description of why the request element is bad. + string description = 2; + } + + // Describes all violations in a client request. + repeated FieldViolation field_violations = 1; +} + +// Contains metadata about the request that clients can attach when filing a bug +// or providing other forms of feedback. +message RequestInfo { + // An opaque string that should only be interpreted by the service generating + // it. For example, it can be used to identify requests in the service's logs. + string request_id = 1; + + // Any data that was used to serve this request. For example, an encrypted + // stack trace that can be sent back to the service provider for debugging. + string serving_data = 2; +} + +// Describes the resource that is being accessed. +message ResourceInfo { + // A name for the type of resource being accessed, e.g. "sql table", + // "cloud storage bucket", "file", "Google calendar"; or the type URL + // of the resource: e.g. "type.googleapis.com/google.pubsub.v1.Topic". + string resource_type = 1; + + // The name of the resource being accessed. For example, a shared calendar + // name: "example.com_4fghdhgsrgh@group.calendar.google.com", if the current + // error is [google.rpc.Code.PERMISSION_DENIED][google.rpc.Code.PERMISSION_DENIED]. + string resource_name = 2; + + // The owner of the resource (optional). + // For example, "user:<owner email>" or "project:<Google developer project + // id>". + string owner = 3; + + // Describes what error is encountered when accessing this resource. + // For example, updating a cloud project may require the `writer` permission + // on the developer console project. + string description = 4; +} + +// Provides links to documentation or for performing an out of band action. +// +// For example, if a quota check failed with an error indicating the calling +// project hasn't enabled the accessed service, this can contain a URL pointing +// directly to the right place in the developer console to flip the bit. +message Help { + // Describes a URL link. + message Link { + // Describes what the link offers. + string description = 1; + + // The URL of the link. + string url = 2; + } + + // URL(s) pointing to additional information on handling the current error. + repeated Link links = 1; +} + +// Provides a localized error message that is safe to return to the user +// which can be attached to an RPC error. +message LocalizedMessage { + // The locale used following the specification defined at + // http://www.rfc-editor.org/rfc/bcp/bcp47.txt. + // Examples are: "en-US", "fr-CH", "es-MX" + string locale = 1; + + // The localized error message in the above locale. + string message = 2; +} diff --git a/crates/secd/proto/google/rpc/status.proto b/crates/secd/proto/google/rpc/status.proto new file mode 100644 index 0000000..3b1f7a9 --- /dev/null +++ b/crates/secd/proto/google/rpc/status.proto @@ -0,0 +1,47 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.rpc; + +import "google/protobuf/any.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/rpc/status;status"; +option java_multiple_files = true; +option java_outer_classname = "StatusProto"; +option java_package = "com.google.rpc"; +option objc_class_prefix = "RPC"; + +// The `Status` type defines a logical error model that is suitable for +// different programming environments, including REST APIs and RPC APIs. It is +// used by [gRPC](https://github.com/grpc). Each `Status` message contains +// three pieces of data: error code, error message, and error details. +// +// You can find out more about this error model and how to work with it in the +// [API Design Guide](https://cloud.google.com/apis/design/errors). +message Status { + // The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code]. + int32 code = 1; + + // A developer-facing error message, which should be in English. Any + // user-facing error message should be localized and sent in the + // [google.rpc.Status.details][google.rpc.Status.details] field, or localized by the client. + string message = 2; + + // A list of messages that carry the error details. There is a common set of + // message types for APIs to use. + repeated google.protobuf.Any details = 3; +} diff --git a/crates/secd/proto/google/type/calendar_period.proto b/crates/secd/proto/google/type/calendar_period.proto new file mode 100644 index 0000000..a91d0c3 --- /dev/null +++ b/crates/secd/proto/google/type/calendar_period.proto @@ -0,0 +1,57 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option go_package = "google.golang.org/genproto/googleapis/type/calendarperiod;calendarperiod"; +option java_multiple_files = true; +option java_outer_classname = "CalendarPeriodProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// A `CalendarPeriod` represents the abstract concept of a time period that has +// a canonical start. Grammatically, "the start of the current +// `CalendarPeriod`." All calendar times begin at midnight UTC. +enum CalendarPeriod { + // Undefined period, raises an error. + CALENDAR_PERIOD_UNSPECIFIED = 0; + + // A day. + DAY = 1; + + // A week. Weeks begin on Monday, following + // [ISO 8601](https://en.wikipedia.org/wiki/ISO_week_date). + WEEK = 2; + + // A fortnight. The first calendar fortnight of the year begins at the start + // of week 1 according to + // [ISO 8601](https://en.wikipedia.org/wiki/ISO_week_date). + FORTNIGHT = 3; + + // A month. + MONTH = 4; + + // A quarter. Quarters start on dates 1-Jan, 1-Apr, 1-Jul, and 1-Oct of each + // year. + QUARTER = 5; + + // A half-year. Half-years start on dates 1-Jan and 1-Jul. + HALF = 6; + + // A year. + YEAR = 7; +} diff --git a/crates/secd/proto/google/type/color.proto b/crates/secd/proto/google/type/color.proto new file mode 100644 index 0000000..417f1c4 --- /dev/null +++ b/crates/secd/proto/google/type/color.proto @@ -0,0 +1,170 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +import "google/protobuf/wrappers.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/color;color"; +option java_multiple_files = true; +option java_outer_classname = "ColorProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a color in the RGBA color space. This representation is designed +// for simplicity of conversion to/from color representations in various +// languages over compactness; for example, the fields of this representation +// can be trivially provided to the constructor of "java.awt.Color" in Java; it +// can also be trivially provided to UIColor's "+colorWithRed:green:blue:alpha" +// method in iOS; and, with just a little work, it can be easily formatted into +// a CSS "rgba()" string in JavaScript, as well. +// +// Note: this proto does not carry information about the absolute color space +// that should be used to interpret the RGB value (e.g. sRGB, Adobe RGB, +// DCI-P3, BT.2020, etc.). By default, applications SHOULD assume the sRGB color +// space. +// +// Example (Java): +// +// import com.google.type.Color; +// +// // ... +// public static java.awt.Color fromProto(Color protocolor) { +// float alpha = protocolor.hasAlpha() +// ? protocolor.getAlpha().getValue() +// : 1.0; +// +// return new java.awt.Color( +// protocolor.getRed(), +// protocolor.getGreen(), +// protocolor.getBlue(), +// alpha); +// } +// +// public static Color toProto(java.awt.Color color) { +// float red = (float) color.getRed(); +// float green = (float) color.getGreen(); +// float blue = (float) color.getBlue(); +// float denominator = 255.0; +// Color.Builder resultBuilder = +// Color +// .newBuilder() +// .setRed(red / denominator) +// .setGreen(green / denominator) +// .setBlue(blue / denominator); +// int alpha = color.getAlpha(); +// if (alpha != 255) { +// result.setAlpha( +// FloatValue +// .newBuilder() +// .setValue(((float) alpha) / denominator) +// .build()); +// } +// return resultBuilder.build(); +// } +// // ... +// +// Example (iOS / Obj-C): +// +// // ... +// static UIColor* fromProto(Color* protocolor) { +// float red = [protocolor red]; +// float green = [protocolor green]; +// float blue = [protocolor blue]; +// FloatValue* alpha_wrapper = [protocolor alpha]; +// float alpha = 1.0; +// if (alpha_wrapper != nil) { +// alpha = [alpha_wrapper value]; +// } +// return [UIColor colorWithRed:red green:green blue:blue alpha:alpha]; +// } +// +// static Color* toProto(UIColor* color) { +// CGFloat red, green, blue, alpha; +// if (![color getRed:&red green:&green blue:&blue alpha:&alpha]) { +// return nil; +// } +// Color* result = [[Color alloc] init]; +// [result setRed:red]; +// [result setGreen:green]; +// [result setBlue:blue]; +// if (alpha <= 0.9999) { +// [result setAlpha:floatWrapperWithValue(alpha)]; +// } +// [result autorelease]; +// return result; +// } +// // ... +// +// Example (JavaScript): +// +// // ... +// +// var protoToCssColor = function(rgb_color) { +// var redFrac = rgb_color.red || 0.0; +// var greenFrac = rgb_color.green || 0.0; +// var blueFrac = rgb_color.blue || 0.0; +// var red = Math.floor(redFrac * 255); +// var green = Math.floor(greenFrac * 255); +// var blue = Math.floor(blueFrac * 255); +// +// if (!('alpha' in rgb_color)) { +// return rgbToCssColor_(red, green, blue); +// } +// +// var alphaFrac = rgb_color.alpha.value || 0.0; +// var rgbParams = [red, green, blue].join(','); +// return ['rgba(', rgbParams, ',', alphaFrac, ')'].join(''); +// }; +// +// var rgbToCssColor_ = function(red, green, blue) { +// var rgbNumber = new Number((red << 16) | (green << 8) | blue); +// var hexString = rgbNumber.toString(16); +// var missingZeros = 6 - hexString.length; +// var resultBuilder = ['#']; +// for (var i = 0; i < missingZeros; i++) { +// resultBuilder.push('0'); +// } +// resultBuilder.push(hexString); +// return resultBuilder.join(''); +// }; +// +// // ... +message Color { + // The amount of red in the color as a value in the interval [0, 1]. + float red = 1; + + // The amount of green in the color as a value in the interval [0, 1]. + float green = 2; + + // The amount of blue in the color as a value in the interval [0, 1]. + float blue = 3; + + // The fraction of this color that should be applied to the pixel. That is, + // the final pixel color is defined by the equation: + // + // pixel color = alpha * (this color) + (1.0 - alpha) * (background color) + // + // This means that a value of 1.0 corresponds to a solid color, whereas + // a value of 0.0 corresponds to a completely transparent color. This + // uses a wrapper message rather than a simple float scalar so that it is + // possible to distinguish between a default value and the value being unset. + // If omitted, this color object is to be rendered as a solid color + // (as if the alpha value had been explicitly given with a value of 1.0). + google.protobuf.FloatValue alpha = 4; +} diff --git a/crates/secd/proto/google/type/date.proto b/crates/secd/proto/google/type/date.proto new file mode 100644 index 0000000..b958fee --- /dev/null +++ b/crates/secd/proto/google/type/date.proto @@ -0,0 +1,50 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/date;date"; +option java_multiple_files = true; +option java_outer_classname = "DateProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a whole or partial calendar date, e.g. a birthday. The time of day +// and time zone are either specified elsewhere or are not significant. The date +// is relative to the Proleptic Gregorian Calendar. This can represent: +// +// * A full date, with non-zero year, month and day values +// * A month and day value, with a zero year, e.g. an anniversary +// * A year on its own, with zero month and day values +// * A year and month value, with a zero day, e.g. a credit card expiration date +// +// Related types are [google.type.TimeOfDay][google.type.TimeOfDay] and `google.protobuf.Timestamp`. +message Date { + // Year of date. Must be from 1 to 9999, or 0 if specifying a date without + // a year. + int32 year = 1; + + // Month of year. Must be from 1 to 12, or 0 if specifying a year without a + // month and day. + int32 month = 2; + + // Day of month. Must be from 1 to 31 and valid for the year and month, or 0 + // if specifying a year by itself or a year and month where the day is not + // significant. + int32 day = 3; +} diff --git a/crates/secd/proto/google/type/datetime.proto b/crates/secd/proto/google/type/datetime.proto new file mode 100644 index 0000000..5aebc4b --- /dev/null +++ b/crates/secd/proto/google/type/datetime.proto @@ -0,0 +1,97 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +import "google/protobuf/duration.proto"; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/datetime;datetime"; +option java_multiple_files = true; +option java_outer_classname = "DateTimeProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents civil time in one of a few possible ways: +// +// * When utc_offset is set and time_zone is unset: a civil time on a calendar +// day with a particular offset from UTC. +// * When time_zone is set and utc_offset is unset: a civil time on a calendar +// day in a particular time zone. +// * When neither time_zone nor utc_offset is set: a civil time on a calendar +// day in local time. +// +// The date is relative to the Proleptic Gregorian Calendar. +// +// If year is 0, the DateTime is considered not to have a specific year. month +// and day must have valid, non-zero values. +// +// This type is more flexible than some applications may want. Make sure to +// document and validate your application's limitations. +message DateTime { + // Optional. Year of date. Must be from 1 to 9999, or 0 if specifying a + // datetime without a year. + int32 year = 1; + + // Required. Month of year. Must be from 1 to 12. + int32 month = 2; + + // Required. Day of month. Must be from 1 to 31 and valid for the year and + // month. + int32 day = 3; + + // Required. Hours of day in 24 hour format. Should be from 0 to 23. An API + // may choose to allow the value "24:00:00" for scenarios like business + // closing time. + int32 hours = 4; + + // Required. Minutes of hour of day. Must be from 0 to 59. + int32 minutes = 5; + + // Required. Seconds of minutes of the time. Must normally be from 0 to 59. An + // API may allow the value 60 if it allows leap-seconds. + int32 seconds = 6; + + // Required. Fractions of seconds in nanoseconds. Must be from 0 to + // 999,999,999. + int32 nanos = 7; + + // Optional. Specifies either the UTC offset or the time zone of the DateTime. + // Choose carefully between them, considering that time zone data may change + // in the future (for example, a country modifies their DST start/end dates, + // and future DateTimes in the affected range had already been stored). + // If omitted, the DateTime is considered to be in local time. + oneof time_offset { + // UTC offset. Must be whole seconds, between -18 hours and +18 hours. + // For example, a UTC offset of -4:00 would be represented as + // { seconds: -14400 }. + google.protobuf.Duration utc_offset = 8; + + // Time zone. + TimeZone time_zone = 9; + } +} + +// Represents a time zone from the +// [IANA Time Zone Database](https://www.iana.org/time-zones). +message TimeZone { + // IANA Time Zone Database time zone, e.g. "America/New_York". + string id = 1; + + // Optional. IANA Time Zone Database version number, e.g. "2019a". + string version = 2; +} diff --git a/crates/secd/proto/google/type/dayofweek.proto b/crates/secd/proto/google/type/dayofweek.proto new file mode 100644 index 0000000..7544e15 --- /dev/null +++ b/crates/secd/proto/google/type/dayofweek.proto @@ -0,0 +1,51 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option go_package = "google.golang.org/genproto/googleapis/type/dayofweek;dayofweek"; +option java_multiple_files = true; +option java_outer_classname = "DayOfWeekProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a day of week. +enum DayOfWeek { + // The unspecified day-of-week. + DAY_OF_WEEK_UNSPECIFIED = 0; + + // The day-of-week of Monday. + MONDAY = 1; + + // The day-of-week of Tuesday. + TUESDAY = 2; + + // The day-of-week of Wednesday. + WEDNESDAY = 3; + + // The day-of-week of Thursday. + THURSDAY = 4; + + // The day-of-week of Friday. + FRIDAY = 5; + + // The day-of-week of Saturday. + SATURDAY = 6; + + // The day-of-week of Sunday. + SUNDAY = 7; +} diff --git a/crates/secd/proto/google/type/expr.proto b/crates/secd/proto/google/type/expr.proto new file mode 100644 index 0000000..5d4f2f7 --- /dev/null +++ b/crates/secd/proto/google/type/expr.proto @@ -0,0 +1,51 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option go_package = "google.golang.org/genproto/googleapis/type/expr;expr"; +option java_multiple_files = true; +option java_outer_classname = "ExprProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents an expression text. Example: +// +// title: "User account presence" +// description: "Determines whether the request has a user account" +// expression: "size(request.user) > 0" +message Expr { + // Textual representation of an expression in + // Common Expression Language syntax. + // + // The application context of the containing message determines which + // well-known feature set of CEL is supported. + string expression = 1; + + // An optional title for the expression, i.e. a short string describing + // its purpose. This can be used e.g. in UIs which allow to enter the + // expression. + string title = 2; + + // An optional description of the expression. This is a longer text which + // describes the expression, e.g. when hovered over it in a UI. + string description = 3; + + // An optional string indicating the location of the expression for error + // reporting, e.g. a file name and a position in the file. + string location = 4; +} diff --git a/crates/secd/proto/google/type/fraction.proto b/crates/secd/proto/google/type/fraction.proto new file mode 100644 index 0000000..8ad008d --- /dev/null +++ b/crates/secd/proto/google/type/fraction.proto @@ -0,0 +1,34 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option go_package = "google.golang.org/genproto/googleapis/type/fraction;fraction"; +option java_multiple_files = true; +option java_outer_classname = "FractionProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a fraction in terms of a numerator divided by a denominator. +message Fraction { + // The portion of the denominator in the faction, e.g. 2 in 2/3. + int64 numerator = 1; + + // The value by which the numerator is divided, e.g. 3 in 2/3. Must be + // positive. + int64 denominator = 2; +} diff --git a/crates/secd/proto/google/type/latlng.proto b/crates/secd/proto/google/type/latlng.proto new file mode 100644 index 0000000..a90b7c2 --- /dev/null +++ b/crates/secd/proto/google/type/latlng.proto @@ -0,0 +1,37 @@ +// Copyright 2020 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.type; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/latlng;latlng"; +option java_multiple_files = true; +option java_outer_classname = "LatLngProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// An object that represents a latitude/longitude pair. This is expressed as a +// pair of doubles to represent degrees latitude and degrees longitude. Unless +// specified otherwise, this must conform to the +// <a href="http://www.unoosa.org/pdf/icg/2012/template/WGS_84.pdf">WGS84 +// standard</a>. Values must be within normalized ranges. +message LatLng { + // The latitude in degrees. It must be in the range [-90.0, +90.0]. + double latitude = 1; + + // The longitude in degrees. It must be in the range [-180.0, +180.0]. + double longitude = 2; +} diff --git a/crates/secd/proto/google/type/money.proto b/crates/secd/proto/google/type/money.proto new file mode 100644 index 0000000..ef41f10 --- /dev/null +++ b/crates/secd/proto/google/type/money.proto @@ -0,0 +1,43 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/money;money"; +option java_multiple_files = true; +option java_outer_classname = "MoneyProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents an amount of money with its currency type. +message Money { + // The 3-letter currency code defined in ISO 4217. + string currency_code = 1; + + // The whole units of the amount. + // For example if `currencyCode` is `"USD"`, then 1 unit is one US dollar. + int64 units = 2; + + // Number of nano (10^-9) units of the amount. + // The value must be between -999,999,999 and +999,999,999 inclusive. + // If `units` is positive, `nanos` must be positive or zero. + // If `units` is zero, `nanos` can be positive, zero, or negative. + // If `units` is negative, `nanos` must be negative or zero. + // For example $-1.75 is represented as `units`=-1 and `nanos`=-750,000,000. + int32 nanos = 3; +} diff --git a/crates/secd/proto/google/type/month.proto b/crates/secd/proto/google/type/month.proto new file mode 100644 index 0000000..54b7865 --- /dev/null +++ b/crates/secd/proto/google/type/month.proto @@ -0,0 +1,66 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option go_package = "google.golang.org/genproto/googleapis/type/month;month"; +option java_multiple_files = true; +option java_outer_classname = "MonthProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a month in the Gregorian calendar. +enum Month { + // The unspecifed month. + MONTH_UNSPECIFIED = 0; + + // The month of January. + JANUARY = 1; + + // The month of February. + FEBRUARY = 2; + + // The month of March. + MARCH = 3; + + // The month of April. + APRIL = 4; + + // The month of May. + MAY = 5; + + // The month of June. + JUNE = 6; + + // The month of July. + JULY = 7; + + // The month of August. + AUGUST = 8; + + // The month of September. + SEPTEMBER = 9; + + // The month of October. + OCTOBER = 10; + + // The month of November. + NOVEMBER = 11; + + // The month of December. + DECEMBER = 12; +} diff --git a/crates/secd/proto/google/type/postal_address.proto b/crates/secd/proto/google/type/postal_address.proto new file mode 100644 index 0000000..688af8a --- /dev/null +++ b/crates/secd/proto/google/type/postal_address.proto @@ -0,0 +1,135 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/postaladdress;postaladdress"; +option java_multiple_files = true; +option java_outer_classname = "PostalAddressProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a postal address, e.g. for postal delivery or payments addresses. +// Given a postal address, a postal service can deliver items to a premise, P.O. +// Box or similar. +// It is not intended to model geographical locations (roads, towns, +// mountains). +// +// In typical usage an address would be created via user input or from importing +// existing data, depending on the type of process. +// +// Advice on address input / editing: +// - Use an i18n-ready address widget such as +// https://github.com/google/libaddressinput) +// - Users should not be presented with UI elements for input or editing of +// fields outside countries where that field is used. +// +// For more guidance on how to use this schema, please see: +// https://support.google.com/business/answer/6397478 +message PostalAddress { + // The schema revision of the `PostalAddress`. This must be set to 0, which is + // the latest revision. + // + // All new revisions **must** be backward compatible with old revisions. + int32 revision = 1; + + // Required. CLDR region code of the country/region of the address. This + // is never inferred and it is up to the user to ensure the value is + // correct. See http://cldr.unicode.org/ and + // http://www.unicode.org/cldr/charts/30/supplemental/territory_information.html + // for details. Example: "CH" for Switzerland. + string region_code = 2; + + // Optional. BCP-47 language code of the contents of this address (if + // known). This is often the UI language of the input form or is expected + // to match one of the languages used in the address' country/region, or their + // transliterated equivalents. + // This can affect formatting in certain countries, but is not critical + // to the correctness of the data and will never affect any validation or + // other non-formatting related operations. + // + // If this value is not known, it should be omitted (rather than specifying a + // possibly incorrect default). + // + // Examples: "zh-Hant", "ja", "ja-Latn", "en". + string language_code = 3; + + // Optional. Postal code of the address. Not all countries use or require + // postal codes to be present, but where they are used, they may trigger + // additional validation with other parts of the address (e.g. state/zip + // validation in the U.S.A.). + string postal_code = 4; + + // Optional. Additional, country-specific, sorting code. This is not used + // in most regions. Where it is used, the value is either a string like + // "CEDEX", optionally followed by a number (e.g. "CEDEX 7"), or just a number + // alone, representing the "sector code" (Jamaica), "delivery area indicator" + // (Malawi) or "post office indicator" (e.g. Côte d'Ivoire). + string sorting_code = 5; + + // Optional. Highest administrative subdivision which is used for postal + // addresses of a country or region. + // For example, this can be a state, a province, an oblast, or a prefecture. + // Specifically, for Spain this is the province and not the autonomous + // community (e.g. "Barcelona" and not "Catalonia"). + // Many countries don't use an administrative area in postal addresses. E.g. + // in Switzerland this should be left unpopulated. + string administrative_area = 6; + + // Optional. Generally refers to the city/town portion of the address. + // Examples: US city, IT comune, UK post town. + // In regions of the world where localities are not well defined or do not fit + // into this structure well, leave locality empty and use address_lines. + string locality = 7; + + // Optional. Sublocality of the address. + // For example, this can be neighborhoods, boroughs, districts. + string sublocality = 8; + + // Unstructured address lines describing the lower levels of an address. + // + // Because values in address_lines do not have type information and may + // sometimes contain multiple values in a single field (e.g. + // "Austin, TX"), it is important that the line order is clear. The order of + // address lines should be "envelope order" for the country/region of the + // address. In places where this can vary (e.g. Japan), address_language is + // used to make it explicit (e.g. "ja" for large-to-small ordering and + // "ja-Latn" or "en" for small-to-large). This way, the most specific line of + // an address can be selected based on the language. + // + // The minimum permitted structural representation of an address consists + // of a region_code with all remaining information placed in the + // address_lines. It would be possible to format such an address very + // approximately without geocoding, but no semantic reasoning could be + // made about any of the address components until it was at least + // partially resolved. + // + // Creating an address only containing a region_code and address_lines, and + // then geocoding is the recommended way to handle completely unstructured + // addresses (as opposed to guessing which parts of the address should be + // localities or administrative areas). + repeated string address_lines = 9; + + // Optional. The recipient at the address. + // This field may, under certain circumstances, contain multiline information. + // For example, it might contain "care of" information. + repeated string recipients = 10; + + // Optional. The name of the organization at the address. + string organization = 11; +} diff --git a/crates/secd/proto/google/type/quaternion.proto b/crates/secd/proto/google/type/quaternion.proto new file mode 100644 index 0000000..7ab5dc7 --- /dev/null +++ b/crates/secd/proto/google/type/quaternion.proto @@ -0,0 +1,95 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/quaternion;quaternion"; +option java_multiple_files = true; +option java_outer_classname = "QuaternionProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// A quaternion is defined as the quotient of two directed lines in a +// three-dimensional space or equivalently as the quotient of two Euclidean +// vectors (https://en.wikipedia.org/wiki/Quaternion). +// +// Quaternions are often used in calculations involving three-dimensional +// rotations (https://en.wikipedia.org/wiki/Quaternions_and_spatial_rotation), +// as they provide greater mathematical robustness by avoiding the gimbal lock +// problems that can be encountered when using Euler angles +// (https://en.wikipedia.org/wiki/Gimbal_lock). +// +// Quaternions are generally represented in this form: +// +// w + xi + yj + zk +// +// where x, y, z, and w are real numbers, and i, j, and k are three imaginary +// numbers. +// +// Our naming choice `(x, y, z, w)` comes from the desire to avoid confusion for +// those interested in the geometric properties of the quaternion in the 3D +// Cartesian space. Other texts often use alternative names or subscripts, such +// as `(a, b, c, d)`, `(1, i, j, k)`, or `(0, 1, 2, 3)`, which are perhaps +// better suited for mathematical interpretations. +// +// To avoid any confusion, as well as to maintain compatibility with a large +// number of software libraries, the quaternions represented using the protocol +// buffer below *must* follow the Hamilton convention, which defines `ij = k` +// (i.e. a right-handed algebra), and therefore: +// +// i^2 = j^2 = k^2 = ijk = −1 +// ij = −ji = k +// jk = −kj = i +// ki = −ik = j +// +// Please DO NOT use this to represent quaternions that follow the JPL +// convention, or any of the other quaternion flavors out there. +// +// Definitions: +// +// - Quaternion norm (or magnitude): `sqrt(x^2 + y^2 + z^2 + w^2)`. +// - Unit (or normalized) quaternion: a quaternion whose norm is 1. +// - Pure quaternion: a quaternion whose scalar component (`w`) is 0. +// - Rotation quaternion: a unit quaternion used to represent rotation. +// - Orientation quaternion: a unit quaternion used to represent orientation. +// +// A quaternion can be normalized by dividing it by its norm. The resulting +// quaternion maintains the same direction, but has a norm of 1, i.e. it moves +// on the unit sphere. This is generally necessary for rotation and orientation +// quaternions, to avoid rounding errors: +// https://en.wikipedia.org/wiki/Rotation_formalisms_in_three_dimensions +// +// Note that `(x, y, z, w)` and `(-x, -y, -z, -w)` represent the same rotation, +// but normalization would be even more useful, e.g. for comparison purposes, if +// it would produce a unique representation. It is thus recommended that `w` be +// kept positive, which can be achieved by changing all the signs when `w` is +// negative. +// +message Quaternion { + // The x component. + double x = 1; + + // The y component. + double y = 2; + + // The z component. + double z = 3; + + // The scalar component. + double w = 4; +} diff --git a/crates/secd/proto/google/type/timeofday.proto b/crates/secd/proto/google/type/timeofday.proto new file mode 100644 index 0000000..b609a48 --- /dev/null +++ b/crates/secd/proto/google/type/timeofday.proto @@ -0,0 +1,44 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.type; + +option cc_enable_arenas = true; +option go_package = "google.golang.org/genproto/googleapis/type/timeofday;timeofday"; +option java_multiple_files = true; +option java_outer_classname = "TimeOfDayProto"; +option java_package = "com.google.type"; +option objc_class_prefix = "GTP"; + +// Represents a time of day. The date and time zone are either not significant +// or are specified elsewhere. An API may choose to allow leap seconds. Related +// types are [google.type.Date][google.type.Date] and `google.protobuf.Timestamp`. +message TimeOfDay { + // Hours of day in 24 hour format. Should be from 0 to 23. An API may choose + // to allow the value "24:00:00" for scenarios like business closing time. + int32 hours = 1; + + // Minutes of hour of day. Must be from 0 to 59. + int32 minutes = 2; + + // Seconds of minutes of the time. Must normally be from 0 to 59. An API may + // allow the value 60 if it allows leap-seconds. + int32 seconds = 3; + + // Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999. + int32 nanos = 4; +} diff --git a/crates/secd/proto/protoc-gen-openapiv2/options/annotations.proto b/crates/secd/proto/protoc-gen-openapiv2/options/annotations.proto new file mode 100644 index 0000000..1c189e2 --- /dev/null +++ b/crates/secd/proto/protoc-gen-openapiv2/options/annotations.proto @@ -0,0 +1,44 @@ +syntax = "proto3"; + +package grpc.gateway.protoc_gen_openapiv2.options; + +option go_package = "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options"; + +import "google/protobuf/descriptor.proto"; +import "protoc-gen-openapiv2/options/openapiv2.proto"; + +extend google.protobuf.FileOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Swagger openapiv2_swagger = 1042; +} +extend google.protobuf.MethodOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Operation openapiv2_operation = 1042; +} +extend google.protobuf.MessageOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Schema openapiv2_schema = 1042; +} +extend google.protobuf.ServiceOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + Tag openapiv2_tag = 1042; +} +extend google.protobuf.FieldOptions { + // ID assigned by protobuf-global-extension-registry@google.com for gRPC-Gateway project. + // + // All IDs are the same, as assigned. It is okay that they are the same, as they extend + // different descriptor messages. + JSONSchema openapiv2_field = 1042; +} diff --git a/crates/secd/proto/protoc-gen-openapiv2/options/openapiv2.proto b/crates/secd/proto/protoc-gen-openapiv2/options/openapiv2.proto new file mode 100644 index 0000000..1a4a184 --- /dev/null +++ b/crates/secd/proto/protoc-gen-openapiv2/options/openapiv2.proto @@ -0,0 +1,645 @@ +syntax = "proto3"; + +package grpc.gateway.protoc_gen_openapiv2.options; + +option go_package = "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options"; + +import "google/protobuf/struct.proto"; + +// Scheme describes the schemes supported by the OpenAPI Swagger +// and Operation objects. +enum Scheme { + UNKNOWN = 0; + HTTP = 1; + HTTPS = 2; + WS = 3; + WSS = 4; +} + +// `Swagger` is a representation of OpenAPI v2 specification's Swagger object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#swaggerObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// title: "Echo API"; +// version: "1.0"; +// description: "; +// contact: { +// name: "gRPC-Gateway project"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// email: "none@example.com"; +// }; +// license: { +// name: "BSD 3-Clause License"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway/blob/master/LICENSE.txt"; +// }; +// }; +// schemes: HTTPS; +// consumes: "application/json"; +// produces: "application/json"; +// }; +// +message Swagger { + // Specifies the OpenAPI Specification version being used. It can be + // used by the OpenAPI UI and other clients to interpret the API listing. The + // value MUST be "2.0". + string swagger = 1; + // Provides metadata about the API. The metadata can be used by the + // clients if needed. + Info info = 2; + // The host (name or ip) serving the API. This MUST be the host only and does + // not include the scheme nor sub-paths. It MAY include a port. If the host is + // not included, the host serving the documentation is to be used (including + // the port). The host does not support path templating. + string host = 3; + // The base path on which the API is served, which is relative to the host. If + // it is not included, the API is served directly under the host. The value + // MUST start with a leading slash (/). The basePath does not support path + // templating. + // Note that using `base_path` does not change the endpoint paths that are + // generated in the resulting OpenAPI file. If you wish to use `base_path` + // with relatively generated OpenAPI paths, the `base_path` prefix must be + // manually removed from your `google.api.http` paths and your code changed to + // serve the API from the `base_path`. + string base_path = 4; + // The transfer protocol of the API. Values MUST be from the list: "http", + // "https", "ws", "wss". If the schemes is not included, the default scheme to + // be used is the one used to access the OpenAPI definition itself. + repeated Scheme schemes = 5; + // A list of MIME types the APIs can consume. This is global to all APIs but + // can be overridden on specific API calls. Value MUST be as described under + // Mime Types. + repeated string consumes = 6; + // A list of MIME types the APIs can produce. This is global to all APIs but + // can be overridden on specific API calls. Value MUST be as described under + // Mime Types. + repeated string produces = 7; + // field 8 is reserved for 'paths'. + reserved 8; + // field 9 is reserved for 'definitions', which at this time are already + // exposed as and customizable as proto messages. + reserved 9; + // An object to hold responses that can be used across operations. This + // property does not define global responses for all operations. + map<string, Response> responses = 10; + // Security scheme definitions that can be used across the specification. + SecurityDefinitions security_definitions = 11; + // A declaration of which security schemes are applied for the API as a whole. + // The list of values describes alternative security schemes that can be used + // (that is, there is a logical OR between the security requirements). + // Individual operations can override this definition. + repeated SecurityRequirement security = 12; + // field 13 is reserved for 'tags', which are supposed to be exposed as and + // customizable as proto services. TODO(ivucica): add processing of proto + // service objects into OpenAPI v2 Tag objects. + reserved 13; + // Additional external documentation. + ExternalDocumentation external_docs = 14; + map<string, google.protobuf.Value> extensions = 15; +} + +// `Operation` is a representation of OpenAPI v2 specification's Operation object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#operationObject +// +// Example: +// +// service EchoService { +// rpc Echo(SimpleMessage) returns (SimpleMessage) { +// option (google.api.http) = { +// get: "/v1/example/echo/{id}" +// }; +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { +// summary: "Get a message."; +// operation_id: "getMessage"; +// tags: "echo"; +// responses: { +// key: "200" +// value: { +// description: "OK"; +// } +// } +// }; +// } +// } +message Operation { + // A list of tags for API documentation control. Tags can be used for logical + // grouping of operations by resources or any other qualifier. + repeated string tags = 1; + // A short summary of what the operation does. For maximum readability in the + // swagger-ui, this field SHOULD be less than 120 characters. + string summary = 2; + // A verbose explanation of the operation behavior. GFM syntax can be used for + // rich text representation. + string description = 3; + // Additional external documentation for this operation. + ExternalDocumentation external_docs = 4; + // Unique string used to identify the operation. The id MUST be unique among + // all operations described in the API. Tools and libraries MAY use the + // operationId to uniquely identify an operation, therefore, it is recommended + // to follow common programming naming conventions. + string operation_id = 5; + // A list of MIME types the operation can consume. This overrides the consumes + // definition at the OpenAPI Object. An empty value MAY be used to clear the + // global definition. Value MUST be as described under Mime Types. + repeated string consumes = 6; + // A list of MIME types the operation can produce. This overrides the produces + // definition at the OpenAPI Object. An empty value MAY be used to clear the + // global definition. Value MUST be as described under Mime Types. + repeated string produces = 7; + // field 8 is reserved for 'parameters'. + reserved 8; + // The list of possible responses as they are returned from executing this + // operation. + map<string, Response> responses = 9; + // The transfer protocol for the operation. Values MUST be from the list: + // "http", "https", "ws", "wss". The value overrides the OpenAPI Object + // schemes definition. + repeated Scheme schemes = 10; + // Declares this operation to be deprecated. Usage of the declared operation + // should be refrained. Default value is false. + bool deprecated = 11; + // A declaration of which security schemes are applied for this operation. The + // list of values describes alternative security schemes that can be used + // (that is, there is a logical OR between the security requirements). This + // definition overrides any declared top-level security. To remove a top-level + // security declaration, an empty array can be used. + repeated SecurityRequirement security = 12; + map<string, google.protobuf.Value> extensions = 13; +} + +// `Header` is a representation of OpenAPI v2 specification's Header object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#headerObject +// +message Header { + // `Description` is a short description of the header. + string description = 1; + // The type of the object. The value MUST be one of "string", "number", "integer", or "boolean". The "array" type is not supported. + string type = 2; + // `Format` The extending format for the previously mentioned type. + string format = 3; + // field 4 is reserved for 'items', but in OpenAPI-specific way. + reserved 4; + // field 5 is reserved `Collection Format` Determines the format of the array if type array is used. + reserved 5; + // `Default` Declares the value of the header that the server will use if none is provided. + // See: https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-6.2. + // Unlike JSON Schema this value MUST conform to the defined type for the header. + string default = 6; + // field 7 is reserved for 'maximum'. + reserved 7; + // field 8 is reserved for 'exclusiveMaximum'. + reserved 8; + // field 9 is reserved for 'minimum'. + reserved 9; + // field 10 is reserved for 'exclusiveMinimum'. + reserved 10; + // field 11 is reserved for 'maxLength'. + reserved 11; + // field 12 is reserved for 'minLength'. + reserved 12; + // 'Pattern' See https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.2.3. + string pattern = 13; + // field 14 is reserved for 'maxItems'. + reserved 14; + // field 15 is reserved for 'minItems'. + reserved 15; + // field 16 is reserved for 'uniqueItems'. + reserved 16; + // field 17 is reserved for 'enum'. + reserved 17; + // field 18 is reserved for 'multipleOf'. + reserved 18; +} + +// `Response` is a representation of OpenAPI v2 specification's Response object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#responseObject +// +message Response { + // `Description` is a short description of the response. + // GFM syntax can be used for rich text representation. + string description = 1; + // `Schema` optionally defines the structure of the response. + // If `Schema` is not provided, it means there is no content to the response. + Schema schema = 2; + // `Headers` A list of headers that are sent with the response. + // `Header` name is expected to be a string in the canonical format of the MIME header key + // See: https://golang.org/pkg/net/textproto/#CanonicalMIMEHeaderKey + map<string, Header> headers = 3; + // `Examples` gives per-mimetype response examples. + // See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#example-object + map<string, string> examples = 4; + map<string, google.protobuf.Value> extensions = 5; +} + +// `Info` is a representation of OpenAPI v2 specification's Info object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#infoObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// title: "Echo API"; +// version: "1.0"; +// description: "; +// contact: { +// name: "gRPC-Gateway project"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// email: "none@example.com"; +// }; +// license: { +// name: "BSD 3-Clause License"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway/blob/master/LICENSE.txt"; +// }; +// }; +// ... +// }; +// +message Info { + // The title of the application. + string title = 1; + // A short description of the application. GFM syntax can be used for rich + // text representation. + string description = 2; + // The Terms of Service for the API. + string terms_of_service = 3; + // The contact information for the exposed API. + Contact contact = 4; + // The license information for the exposed API. + License license = 5; + // Provides the version of the application API (not to be confused + // with the specification version). + string version = 6; + map<string, google.protobuf.Value> extensions = 7; +} + +// `Contact` is a representation of OpenAPI v2 specification's Contact object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#contactObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// ... +// contact: { +// name: "gRPC-Gateway project"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// email: "none@example.com"; +// }; +// ... +// }; +// ... +// }; +// +message Contact { + // The identifying name of the contact person/organization. + string name = 1; + // The URL pointing to the contact information. MUST be in the format of a + // URL. + string url = 2; + // The email address of the contact person/organization. MUST be in the format + // of an email address. + string email = 3; +} + +// `License` is a representation of OpenAPI v2 specification's License object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#licenseObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// info: { +// ... +// license: { +// name: "BSD 3-Clause License"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway/blob/master/LICENSE.txt"; +// }; +// ... +// }; +// ... +// }; +// +message License { + // The license name used for the API. + string name = 1; + // A URL to the license used for the API. MUST be in the format of a URL. + string url = 2; +} + +// `ExternalDocumentation` is a representation of OpenAPI v2 specification's +// ExternalDocumentation object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#externalDocumentationObject +// +// Example: +// +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = { +// ... +// external_docs: { +// description: "More about gRPC-Gateway"; +// url: "https://github.com/grpc-ecosystem/grpc-gateway"; +// } +// ... +// }; +// +message ExternalDocumentation { + // A short description of the target documentation. GFM syntax can be used for + // rich text representation. + string description = 1; + // The URL for the target documentation. Value MUST be in the format + // of a URL. + string url = 2; +} + +// `Schema` is a representation of OpenAPI v2 specification's Schema object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject +// +message Schema { + JSONSchema json_schema = 1; + // Adds support for polymorphism. The discriminator is the schema property + // name that is used to differentiate between other schema that inherit this + // schema. The property name used MUST be defined at this schema and it MUST + // be in the required property list. When used, the value MUST be the name of + // this schema or any schema that inherits it. + string discriminator = 2; + // Relevant only for Schema "properties" definitions. Declares the property as + // "read only". This means that it MAY be sent as part of a response but MUST + // NOT be sent as part of the request. Properties marked as readOnly being + // true SHOULD NOT be in the required list of the defined schema. Default + // value is false. + bool read_only = 3; + // field 4 is reserved for 'xml'. + reserved 4; + // Additional external documentation for this schema. + ExternalDocumentation external_docs = 5; + // A free-form property to include an example of an instance for this schema in JSON. + // This is copied verbatim to the output. + string example = 6; +} + +// `JSONSchema` represents properties from JSON Schema taken, and as used, in +// the OpenAPI v2 spec. +// +// This includes changes made by OpenAPI v2. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject +// +// See also: https://cswr.github.io/JsonSchema/spec/basic_types/, +// https://github.com/json-schema-org/json-schema-spec/blob/master/schema.json +// +// Example: +// +// message SimpleMessage { +// option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_schema) = { +// json_schema: { +// title: "SimpleMessage" +// description: "A simple message." +// required: ["id"] +// } +// }; +// +// // Id represents the message identifier. +// string id = 1; [ +// (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = { +// description: "The unique identifier of the simple message." +// }]; +// } +// +message JSONSchema { + // field 1 is reserved for '$id', omitted from OpenAPI v2. + reserved 1; + // field 2 is reserved for '$schema', omitted from OpenAPI v2. + reserved 2; + // Ref is used to define an external reference to include in the message. + // This could be a fully qualified proto message reference, and that type must + // be imported into the protofile. If no message is identified, the Ref will + // be used verbatim in the output. + // For example: + // `ref: ".google.protobuf.Timestamp"`. + string ref = 3; + // field 4 is reserved for '$comment', omitted from OpenAPI v2. + reserved 4; + // The title of the schema. + string title = 5; + // A short description of the schema. + string description = 6; + string default = 7; + bool read_only = 8; + // A free-form property to include a JSON example of this field. This is copied + // verbatim to the output swagger.json. Quotes must be escaped. + // This property is the same for 2.0 and 3.0.0 https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/3.0.0.md#schemaObject https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#schemaObject + string example = 9; + double multiple_of = 10; + // Maximum represents an inclusive upper limit for a numeric instance. The + // value of MUST be a number, + double maximum = 11; + bool exclusive_maximum = 12; + // minimum represents an inclusive lower limit for a numeric instance. The + // value of MUST be a number, + double minimum = 13; + bool exclusive_minimum = 14; + uint64 max_length = 15; + uint64 min_length = 16; + string pattern = 17; + // field 18 is reserved for 'additionalItems', omitted from OpenAPI v2. + reserved 18; + // field 19 is reserved for 'items', but in OpenAPI-specific way. + // TODO(ivucica): add 'items'? + reserved 19; + uint64 max_items = 20; + uint64 min_items = 21; + bool unique_items = 22; + // field 23 is reserved for 'contains', omitted from OpenAPI v2. + reserved 23; + uint64 max_properties = 24; + uint64 min_properties = 25; + repeated string required = 26; + // field 27 is reserved for 'additionalProperties', but in OpenAPI-specific + // way. TODO(ivucica): add 'additionalProperties'? + reserved 27; + // field 28 is reserved for 'definitions', omitted from OpenAPI v2. + reserved 28; + // field 29 is reserved for 'properties', but in OpenAPI-specific way. + // TODO(ivucica): add 'additionalProperties'? + reserved 29; + // following fields are reserved, as the properties have been omitted from + // OpenAPI v2: + // patternProperties, dependencies, propertyNames, const + reserved 30 to 33; + // Items in 'array' must be unique. + repeated string array = 34; + + enum JSONSchemaSimpleTypes { + UNKNOWN = 0; + ARRAY = 1; + BOOLEAN = 2; + INTEGER = 3; + NULL = 4; + NUMBER = 5; + OBJECT = 6; + STRING = 7; + } + + repeated JSONSchemaSimpleTypes type = 35; + // `Format` + string format = 36; + // following fields are reserved, as the properties have been omitted from + // OpenAPI v2: contentMediaType, contentEncoding, if, then, else + reserved 37 to 41; + // field 42 is reserved for 'allOf', but in OpenAPI-specific way. + // TODO(ivucica): add 'allOf'? + reserved 42; + // following fields are reserved, as the properties have been omitted from + // OpenAPI v2: + // anyOf, oneOf, not + reserved 43 to 45; + // Items in `enum` must be unique https://tools.ietf.org/html/draft-fge-json-schema-validation-00#section-5.5.1 + repeated string enum = 46; +} + +// `Tag` is a representation of OpenAPI v2 specification's Tag object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#tagObject +// +message Tag { + // field 1 is reserved for 'name'. In our generator, this is (to be) extracted + // from the name of proto service, and thus not exposed to the user, as + // changing tag object's name would break the link to the references to the + // tag in individual operation specifications. + // + // TODO(ivucica): Add 'name' property. Use it to allow override of the name of + // global Tag object, then use that name to reference the tag throughout the + // OpenAPI file. + reserved 1; + // A short description for the tag. GFM syntax can be used for rich text + // representation. + string description = 2; + // Additional external documentation for this tag. + ExternalDocumentation external_docs = 3; +} + +// `SecurityDefinitions` is a representation of OpenAPI v2 specification's +// Security Definitions object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#securityDefinitionsObject +// +// A declaration of the security schemes available to be used in the +// specification. This does not enforce the security schemes on the operations +// and only serves to provide the relevant details for each scheme. +message SecurityDefinitions { + // A single security scheme definition, mapping a "name" to the scheme it + // defines. + map<string, SecurityScheme> security = 1; +} + +// `SecurityScheme` is a representation of OpenAPI v2 specification's +// Security Scheme object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#securitySchemeObject +// +// Allows the definition of a security scheme that can be used by the +// operations. Supported schemes are basic authentication, an API key (either as +// a header or as a query parameter) and OAuth2's common flows (implicit, +// password, application and access code). +message SecurityScheme { + // The type of the security scheme. Valid values are "basic", + // "apiKey" or "oauth2". + enum Type { + TYPE_INVALID = 0; + TYPE_BASIC = 1; + TYPE_API_KEY = 2; + TYPE_OAUTH2 = 3; + } + + // The location of the API key. Valid values are "query" or "header". + enum In { + IN_INVALID = 0; + IN_QUERY = 1; + IN_HEADER = 2; + } + + // The flow used by the OAuth2 security scheme. Valid values are + // "implicit", "password", "application" or "accessCode". + enum Flow { + FLOW_INVALID = 0; + FLOW_IMPLICIT = 1; + FLOW_PASSWORD = 2; + FLOW_APPLICATION = 3; + FLOW_ACCESS_CODE = 4; + } + + // The type of the security scheme. Valid values are "basic", + // "apiKey" or "oauth2". + Type type = 1; + // A short description for security scheme. + string description = 2; + // The name of the header or query parameter to be used. + // Valid for apiKey. + string name = 3; + // The location of the API key. Valid values are "query" or + // "header". + // Valid for apiKey. + In in = 4; + // The flow used by the OAuth2 security scheme. Valid values are + // "implicit", "password", "application" or "accessCode". + // Valid for oauth2. + Flow flow = 5; + // The authorization URL to be used for this flow. This SHOULD be in + // the form of a URL. + // Valid for oauth2/implicit and oauth2/accessCode. + string authorization_url = 6; + // The token URL to be used for this flow. This SHOULD be in the + // form of a URL. + // Valid for oauth2/password, oauth2/application and oauth2/accessCode. + string token_url = 7; + // The available scopes for the OAuth2 security scheme. + // Valid for oauth2. + Scopes scopes = 8; + map<string, google.protobuf.Value> extensions = 9; +} + +// `SecurityRequirement` is a representation of OpenAPI v2 specification's +// Security Requirement object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#securityRequirementObject +// +// Lists the required security schemes to execute this operation. The object can +// have multiple security schemes declared in it which are all required (that +// is, there is a logical AND between the schemes). +// +// The name used for each property MUST correspond to a security scheme +// declared in the Security Definitions. +message SecurityRequirement { + // If the security scheme is of type "oauth2", then the value is a list of + // scope names required for the execution. For other security scheme types, + // the array MUST be empty. + message SecurityRequirementValue { + repeated string scope = 1; + } + // Each name must correspond to a security scheme which is declared in + // the Security Definitions. If the security scheme is of type "oauth2", + // then the value is a list of scope names required for the execution. + // For other security scheme types, the array MUST be empty. + map<string, SecurityRequirementValue> security_requirement = 1; +} + +// `Scopes` is a representation of OpenAPI v2 specification's Scopes object. +// +// See: https://github.com/OAI/OpenAPI-Specification/blob/3.0.0/versions/2.0.md#scopesObject +// +// Lists the available scopes for an OAuth2 security scheme. +message Scopes { + // Maps between a name of a scope to a short description of it (as the value + // of the property). + map<string, string> scope = 1; +} diff --git a/crates/secd/proto/validate/validate.proto b/crates/secd/proto/validate/validate.proto new file mode 100644 index 0000000..705d382 --- /dev/null +++ b/crates/secd/proto/validate/validate.proto @@ -0,0 +1,862 @@ +syntax = "proto2"; +package validate; + +option go_package = "github.com/envoyproxy/protoc-gen-validate/validate"; +option java_package = "io.envoyproxy.pgv.validate"; + +import "google/protobuf/descriptor.proto"; +import "google/protobuf/duration.proto"; +import "google/protobuf/timestamp.proto"; + +// Validation rules applied at the message level +extend google.protobuf.MessageOptions { + // Disabled nullifies any validation rules for this message, including any + // message fields associated with it that do support validation. + optional bool disabled = 1071; + // Ignore skips generation of validation methods for this message. + optional bool ignored = 1072; +} + +// Validation rules applied at the oneof level +extend google.protobuf.OneofOptions { + // Required ensures that exactly one the field options in a oneof is set; + // validation fails if no fields in the oneof are set. + optional bool required = 1071; +} + +// Validation rules applied at the field level +extend google.protobuf.FieldOptions { + // Rules specify the validations to be performed on this field. By default, + // no validation is performed against a field. + optional FieldRules rules = 1071; +} + +// FieldRules encapsulates the rules for each type of field. Depending on the +// field, the correct set should be used to ensure proper validations. +message FieldRules { + optional MessageRules message = 17; + oneof type { + // Scalar Field Types + FloatRules float = 1; + DoubleRules double = 2; + Int32Rules int32 = 3; + Int64Rules int64 = 4; + UInt32Rules uint32 = 5; + UInt64Rules uint64 = 6; + SInt32Rules sint32 = 7; + SInt64Rules sint64 = 8; + Fixed32Rules fixed32 = 9; + Fixed64Rules fixed64 = 10; + SFixed32Rules sfixed32 = 11; + SFixed64Rules sfixed64 = 12; + BoolRules bool = 13; + StringRules string = 14; + BytesRules bytes = 15; + + // Complex Field Types + EnumRules enum = 16; + RepeatedRules repeated = 18; + MapRules map = 19; + + // Well-Known Field Types + AnyRules any = 20; + DurationRules duration = 21; + TimestampRules timestamp = 22; + } +} + +// FloatRules describes the constraints applied to `float` values +message FloatRules { + // Const specifies that this field must be exactly the specified value + optional float const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional float lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional float lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional float gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional float gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated float in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated float not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// DoubleRules describes the constraints applied to `double` values +message DoubleRules { + // Const specifies that this field must be exactly the specified value + optional double const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional double lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional double lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional double gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional double gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated double in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated double not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Int32Rules describes the constraints applied to `int32` values +message Int32Rules { + // Const specifies that this field must be exactly the specified value + optional int32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional int32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional int32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional int32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional int32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated int32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated int32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Int64Rules describes the constraints applied to `int64` values +message Int64Rules { + // Const specifies that this field must be exactly the specified value + optional int64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional int64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional int64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional int64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional int64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated int64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated int64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// UInt32Rules describes the constraints applied to `uint32` values +message UInt32Rules { + // Const specifies that this field must be exactly the specified value + optional uint32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional uint32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional uint32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional uint32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional uint32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated uint32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated uint32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// UInt64Rules describes the constraints applied to `uint64` values +message UInt64Rules { + // Const specifies that this field must be exactly the specified value + optional uint64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional uint64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional uint64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional uint64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional uint64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated uint64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated uint64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SInt32Rules describes the constraints applied to `sint32` values +message SInt32Rules { + // Const specifies that this field must be exactly the specified value + optional sint32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sint32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sint32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sint32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sint32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sint32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sint32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SInt64Rules describes the constraints applied to `sint64` values +message SInt64Rules { + // Const specifies that this field must be exactly the specified value + optional sint64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sint64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sint64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sint64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sint64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sint64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sint64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Fixed32Rules describes the constraints applied to `fixed32` values +message Fixed32Rules { + // Const specifies that this field must be exactly the specified value + optional fixed32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional fixed32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional fixed32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional fixed32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional fixed32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated fixed32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated fixed32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// Fixed64Rules describes the constraints applied to `fixed64` values +message Fixed64Rules { + // Const specifies that this field must be exactly the specified value + optional fixed64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional fixed64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional fixed64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional fixed64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional fixed64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated fixed64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated fixed64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SFixed32Rules describes the constraints applied to `sfixed32` values +message SFixed32Rules { + // Const specifies that this field must be exactly the specified value + optional sfixed32 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sfixed32 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sfixed32 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sfixed32 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sfixed32 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sfixed32 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sfixed32 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// SFixed64Rules describes the constraints applied to `sfixed64` values +message SFixed64Rules { + // Const specifies that this field must be exactly the specified value + optional sfixed64 const = 1; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional sfixed64 lt = 2; + + // Lte specifies that this field must be less than or equal to the + // specified value, inclusive + optional sfixed64 lte = 3; + + // Gt specifies that this field must be greater than the specified value, + // exclusive. If the value of Gt is larger than a specified Lt or Lte, the + // range is reversed. + optional sfixed64 gt = 4; + + // Gte specifies that this field must be greater than or equal to the + // specified value, inclusive. If the value of Gte is larger than a + // specified Lt or Lte, the range is reversed. + optional sfixed64 gte = 5; + + // In specifies that this field must be equal to one of the specified + // values + repeated sfixed64 in = 6; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated sfixed64 not_in = 7; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 8; +} + +// BoolRules describes the constraints applied to `bool` values +message BoolRules { + // Const specifies that this field must be exactly the specified value + optional bool const = 1; +} + +// StringRules describe the constraints applied to `string` values +message StringRules { + // Const specifies that this field must be exactly the specified value + optional string const = 1; + + // Len specifies that this field must be the specified number of + // characters (Unicode code points). Note that the number of + // characters may differ from the number of bytes in the string. + optional uint64 len = 19; + + // MinLen specifies that this field must be the specified number of + // characters (Unicode code points) at a minimum. Note that the number of + // characters may differ from the number of bytes in the string. + optional uint64 min_len = 2; + + // MaxLen specifies that this field must be the specified number of + // characters (Unicode code points) at a maximum. Note that the number of + // characters may differ from the number of bytes in the string. + optional uint64 max_len = 3; + + // LenBytes specifies that this field must be the specified number of bytes + optional uint64 len_bytes = 20; + + // MinBytes specifies that this field must be the specified number of bytes + // at a minimum + optional uint64 min_bytes = 4; + + // MaxBytes specifies that this field must be the specified number of bytes + // at a maximum + optional uint64 max_bytes = 5; + + // Pattern specifes that this field must match against the specified + // regular expression (RE2 syntax). The included expression should elide + // any delimiters. + optional string pattern = 6; + + // Prefix specifies that this field must have the specified substring at + // the beginning of the string. + optional string prefix = 7; + + // Suffix specifies that this field must have the specified substring at + // the end of the string. + optional string suffix = 8; + + // Contains specifies that this field must have the specified substring + // anywhere in the string. + optional string contains = 9; + + // NotContains specifies that this field cannot have the specified substring + // anywhere in the string. + optional string not_contains = 23; + + // In specifies that this field must be equal to one of the specified + // values + repeated string in = 10; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated string not_in = 11; + + // WellKnown rules provide advanced constraints against common string + // patterns + oneof well_known { + // Email specifies that the field must be a valid email address as + // defined by RFC 5322 + bool email = 12; + + // Hostname specifies that the field must be a valid hostname as + // defined by RFC 1034. This constraint does not support + // internationalized domain names (IDNs). + bool hostname = 13; + + // Ip specifies that the field must be a valid IP (v4 or v6) address. + // Valid IPv6 addresses should not include surrounding square brackets. + bool ip = 14; + + // Ipv4 specifies that the field must be a valid IPv4 address. + bool ipv4 = 15; + + // Ipv6 specifies that the field must be a valid IPv6 address. Valid + // IPv6 addresses should not include surrounding square brackets. + bool ipv6 = 16; + + // Uri specifies that the field must be a valid, absolute URI as defined + // by RFC 3986 + bool uri = 17; + + // UriRef specifies that the field must be a valid URI as defined by RFC + // 3986 and may be relative or absolute. + bool uri_ref = 18; + + // Address specifies that the field must be either a valid hostname as + // defined by RFC 1034 (which does not support internationalized domain + // names or IDNs), or it can be a valid IP (v4 or v6). + bool address = 21; + + // Uuid specifies that the field must be a valid UUID as defined by + // RFC 4122 + bool uuid = 22; + + // WellKnownRegex specifies a common well known pattern defined as a regex. + KnownRegex well_known_regex = 24; + } + + // This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable + // strict header validation. + // By default, this is true, and HTTP header validations are RFC-compliant. + // Setting to false will enable a looser validations that only disallows + // \r\n\0 characters, which can be used to bypass header matching rules. + optional bool strict = 25 [default = true]; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 26; +} + +// WellKnownRegex contain some well-known patterns. +enum KnownRegex { + UNKNOWN = 0; + + // HTTP header name as defined by RFC 7230. + HTTP_HEADER_NAME = 1; + + // HTTP header value as defined by RFC 7230. + HTTP_HEADER_VALUE = 2; +} + +// BytesRules describe the constraints applied to `bytes` values +message BytesRules { + // Const specifies that this field must be exactly the specified value + optional bytes const = 1; + + // Len specifies that this field must be the specified number of bytes + optional uint64 len = 13; + + // MinLen specifies that this field must be the specified number of bytes + // at a minimum + optional uint64 min_len = 2; + + // MaxLen specifies that this field must be the specified number of bytes + // at a maximum + optional uint64 max_len = 3; + + // Pattern specifes that this field must match against the specified + // regular expression (RE2 syntax). The included expression should elide + // any delimiters. + optional string pattern = 4; + + // Prefix specifies that this field must have the specified bytes at the + // beginning of the string. + optional bytes prefix = 5; + + // Suffix specifies that this field must have the specified bytes at the + // end of the string. + optional bytes suffix = 6; + + // Contains specifies that this field must have the specified bytes + // anywhere in the string. + optional bytes contains = 7; + + // In specifies that this field must be equal to one of the specified + // values + repeated bytes in = 8; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated bytes not_in = 9; + + // WellKnown rules provide advanced constraints against common byte + // patterns + oneof well_known { + // Ip specifies that the field must be a valid IP (v4 or v6) address in + // byte format + bool ip = 10; + + // Ipv4 specifies that the field must be a valid IPv4 address in byte + // format + bool ipv4 = 11; + + // Ipv6 specifies that the field must be a valid IPv6 address in byte + // format + bool ipv6 = 12; + } + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 14; +} + +// EnumRules describe the constraints applied to enum values +message EnumRules { + // Const specifies that this field must be exactly the specified value + optional int32 const = 1; + + // DefinedOnly specifies that this field must be only one of the defined + // values for this enum, failing on any undefined value. + optional bool defined_only = 2; + + // In specifies that this field must be equal to one of the specified + // values + repeated int32 in = 3; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated int32 not_in = 4; +} + +// MessageRules describe the constraints applied to embedded message values. +// For message-type fields, validation is performed recursively. +message MessageRules { + // Skip specifies that the validation rules of this field should not be + // evaluated + optional bool skip = 1; + + // Required specifies that this field must be set + optional bool required = 2; +} + +// RepeatedRules describe the constraints applied to `repeated` values +message RepeatedRules { + // MinItems specifies that this field must have the specified number of + // items at a minimum + optional uint64 min_items = 1; + + // MaxItems specifies that this field must have the specified number of + // items at a maximum + optional uint64 max_items = 2; + + // Unique specifies that all elements in this field must be unique. This + // contraint is only applicable to scalar and enum types (messages are not + // supported). + optional bool unique = 3; + + // Items specifies the contraints to be applied to each item in the field. + // Repeated message fields will still execute validation against each item + // unless skip is specified here. + optional FieldRules items = 4; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 5; +} + +// MapRules describe the constraints applied to `map` values +message MapRules { + // MinPairs specifies that this field must have the specified number of + // KVs at a minimum + optional uint64 min_pairs = 1; + + // MaxPairs specifies that this field must have the specified number of + // KVs at a maximum + optional uint64 max_pairs = 2; + + // NoSparse specifies values in this field cannot be unset. This only + // applies to map's with message value types. + optional bool no_sparse = 3; + + // Keys specifies the constraints to be applied to each key in the field. + optional FieldRules keys = 4; + + // Values specifies the constraints to be applied to the value of each key + // in the field. Message values will still have their validations evaluated + // unless skip is specified here. + optional FieldRules values = 5; + + // IgnoreEmpty specifies that the validation rules of this field should be + // evaluated only if the field is not empty + optional bool ignore_empty = 6; +} + +// AnyRules describe constraints applied exclusively to the +// `google.protobuf.Any` well-known type +message AnyRules { + // Required specifies that this field must be set + optional bool required = 1; + + // In specifies that this field's `type_url` must be equal to one of the + // specified values. + repeated string in = 2; + + // NotIn specifies that this field's `type_url` must not be equal to any of + // the specified values. + repeated string not_in = 3; +} + +// DurationRules describe the constraints applied exclusively to the +// `google.protobuf.Duration` well-known type +message DurationRules { + // Required specifies that this field must be set + optional bool required = 1; + + // Const specifies that this field must be exactly the specified value + optional google.protobuf.Duration const = 2; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional google.protobuf.Duration lt = 3; + + // Lt specifies that this field must be less than the specified value, + // inclusive + optional google.protobuf.Duration lte = 4; + + // Gt specifies that this field must be greater than the specified value, + // exclusive + optional google.protobuf.Duration gt = 5; + + // Gte specifies that this field must be greater than the specified value, + // inclusive + optional google.protobuf.Duration gte = 6; + + // In specifies that this field must be equal to one of the specified + // values + repeated google.protobuf.Duration in = 7; + + // NotIn specifies that this field cannot be equal to one of the specified + // values + repeated google.protobuf.Duration not_in = 8; +} + +// TimestampRules describe the constraints applied exclusively to the +// `google.protobuf.Timestamp` well-known type +message TimestampRules { + // Required specifies that this field must be set + optional bool required = 1; + + // Const specifies that this field must be exactly the specified value + optional google.protobuf.Timestamp const = 2; + + // Lt specifies that this field must be less than the specified value, + // exclusive + optional google.protobuf.Timestamp lt = 3; + + // Lte specifies that this field must be less than the specified value, + // inclusive + optional google.protobuf.Timestamp lte = 4; + + // Gt specifies that this field must be greater than the specified value, + // exclusive + optional google.protobuf.Timestamp gt = 5; + + // Gte specifies that this field must be greater than the specified value, + // inclusive + optional google.protobuf.Timestamp gte = 6; + + // LtNow specifies that this must be less than the current time. LtNow + // can only be used with the Within rule. + optional bool lt_now = 7; + + // GtNow specifies that this must be greater than the current time. GtNow + // can only be used with the Within rule. + optional bool gt_now = 8; + + // Within specifies that this field must be within this duration of the + // current time. This constraint can be used alone or with the LtNow and + // GtNow rules. + optional google.protobuf.Duration within = 9; +} diff --git a/crates/secd/src/auth/mod.rs b/crates/secd/src/auth/mod.rs new file mode 100644 index 0000000..9275c79 --- /dev/null +++ b/crates/secd/src/auth/mod.rs @@ -0,0 +1,2 @@ +pub mod n; +pub mod z; diff --git a/crates/secd/src/command/authn.rs b/crates/secd/src/auth/n.rs index 1d3b2d5..1d3b2d5 100644 --- a/crates/secd/src/command/authn.rs +++ b/crates/secd/src/auth/n.rs diff --git a/crates/secd/src/auth/z.rs b/crates/secd/src/auth/z.rs new file mode 100644 index 0000000..81c3639 --- /dev/null +++ b/crates/secd/src/auth/z.rs @@ -0,0 +1,54 @@ +use uuid::Uuid; + +use crate::{client::spice::SpiceError, Secd}; + +#[derive(Debug, thiserror::Error, derive_more::Display)] +pub enum AuthZError { + SpiceClient(#[from] SpiceError), + Todo, +} + +pub type Namespace = String; +pub type Object = (Namespace, Uuid); +pub type Relation = String; + +pub struct Relationship { + pub subject: Subject, + pub object: Object, + pub relation: String, +} + +#[derive(Clone)] +pub enum Subject { + User(Object), + UserSet { user: Object, relation: Relation }, +} + +impl Secd { + pub async fn check(&self, r: &Relationship) -> Result<bool, AuthZError> { + let spice = self + .spice + .clone() + .expect("TODO: only supports postgres right now"); + + Ok(spice.check_permission(r).await?) + } + pub async fn expand(&self) -> Result<(), AuthZError> { + todo!() + } + pub async fn read(&self) -> Result<(), AuthZError> { + todo!() + } + pub async fn watch(&self) -> Result<(), AuthZError> { + unimplemented!() + } + pub async fn write(&self, ts: &[Relationship]) -> Result<(), AuthZError> { + let spice = self + .spice + .clone() + .expect("TODO: only supports postgres right now"); + + spice.write_relationship(ts).await?; + Ok(()) + } +} diff --git a/crates/secd/src/client/mod.rs b/crates/secd/src/client/mod.rs index e5272fd..709ecad 100644 --- a/crates/secd/src/client/mod.rs +++ b/crates/secd/src/client/mod.rs @@ -1,2 +1,3 @@ pub(crate) mod email; +pub(crate) mod spice; pub(crate) mod store; diff --git a/crates/secd/src/client/spice/mod.rs b/crates/secd/src/client/spice/mod.rs new file mode 100644 index 0000000..d3ca30d --- /dev/null +++ b/crates/secd/src/client/spice/mod.rs @@ -0,0 +1,154 @@ +// TODO: This whole thing depends on having spice server running...which I do not want +// in a public secd library (or really at all). We will eventually get rid of this in +// favor of a light weight solution that leverages the Zanzibar API but disregards the +// scaling part. + +pub mod spice { + tonic::include_proto!("authzed.api.v1"); +} + +use spice::permissions_service_client::PermissionsServiceClient; +use spice::schema_service_client::SchemaServiceClient; +use spice::WriteSchemaRequest; +use std::env::var; +use tonic::metadata::MetadataValue; +use tonic::transport::Channel; +use tonic::{Request, Status}; + +use crate::auth::z::{self, Subject}; +use crate::client::spice::spice::{ + relationship_update, ObjectReference, Relationship, RelationshipUpdate, SubjectReference, +}; +use crate::{ENV_SPICE_SECRET, ENV_SPICE_SERVER}; + +use self::spice::check_permission_response::Permissionship; +use self::spice::{consistency, CheckPermissionRequest, Consistency, WriteRelationshipsRequest}; + +#[derive(Debug, thiserror::Error, derive_more::Display)] +pub enum SpiceError { + TonicTransport(#[from] tonic::transport::Error), + TonicStatus(#[from] tonic::Status), +} + +pub(crate) struct Spice { + channel: Channel, + secret: String, +} + +impl Spice { + pub async fn new() -> Self { + let secret = + var(ENV_SPICE_SECRET).expect("initialization error: Failed to find SPICE_SECRET"); + let server = + var(ENV_SPICE_SERVER).expect("initialization error: Failed to find SPICE_SERVER"); + + let channel = Channel::from_shared(server) + .expect("invalid SPICE_SERVER uri") + .connect() + .await + .expect("initialization error: Spice failed to connect to DB."); + + Spice { channel, secret } + } + + pub async fn check_permission(&self, r: &z::Relationship) -> Result<bool, SpiceError> { + let mut client = + PermissionsServiceClient::with_interceptor(self.channel.clone(), |req: Request<()>| { + self.intercept(req) + }); + + let request = tonic::Request::new(CheckPermissionRequest { + consistency: Some(Consistency { + requirement: Some(consistency::Requirement::MinimizeLatency(true)), + }), + resource: Some(ObjectReference::from(&r.object)), + permission: r.relation.clone(), + subject: Some(SubjectReference::from(&r.subject)), + context: None, + }); + + let response = client.check_permission(request).await?.into_inner(); + + Ok(match Permissionship::from_i32(response.permissionship) { + Some(Permissionship::HasPermission) => true, + _ => false, + }) + } + + pub async fn write_relationship(&self, rs: &[z::Relationship]) -> Result<(), SpiceError> { + let mut client = + PermissionsServiceClient::with_interceptor(self.channel.clone(), |req: Request<()>| { + self.intercept(req) + }); + + let request = tonic::Request::new(WriteRelationshipsRequest { + updates: rs + .into_iter() + .map(|t| RelationshipUpdate { + operation: (relationship_update::Operation::Touch as i32), + relationship: Some(Relationship { + resource: Some(ObjectReference::from(&t.object)), + relation: t.relation.clone(), + subject: Some(SubjectReference::from(&t.subject)), + optional_caveat: None, + }), + }) + .collect(), + optional_preconditions: vec![], + }); + + client.write_relationships(request).await?; + + Ok(()) + } + + pub async fn write_schema(&self, schema: &str) -> Result<(), SpiceError> { + let mut client = + SchemaServiceClient::with_interceptor(self.channel.clone(), |req: Request<()>| { + self.intercept(req) + }); + let request = tonic::Request::new(WriteSchemaRequest { + schema: schema.into(), + }); + + client.write_schema(request).await?; + + Ok(()) + } + + fn intercept(&self, mut req: Request<()>) -> Result<Request<()>, Status> { + req.metadata_mut().insert( + "authorization", + MetadataValue::from_str(&format!("Bearer {}", self.secret)).unwrap(), + ); + Ok(req) + } +} + +impl From<&z::Subject> for SubjectReference { + fn from(s: &z::Subject) -> Self { + let tup = match s { + Subject::User(u) => (u.0.clone(), u.1.clone().to_string(), "".to_string()), + Subject::UserSet { user, relation } => { + (user.0.clone(), user.1.clone().to_string(), relation.clone()) + } + }; + + SubjectReference { + object: Some(ObjectReference { + object_type: tup.0, + object_id: tup.1, + }), + optional_relation: tup.2, + } + } +} + +impl From<&z::Object> for ObjectReference { + fn from(o: &z::Object) -> Self { + ObjectReference { + object_type: o.0.clone(), + object_id: o.1.clone().to_string(), + } + } +} diff --git a/crates/secd/src/command/mod.rs b/crates/secd/src/command/mod.rs deleted file mode 100644 index c14cf6c..0000000 --- a/crates/secd/src/command/mod.rs +++ /dev/null @@ -1,74 +0,0 @@ -pub mod authn; - -use super::{AuthEmailMessenger, AuthStore, Secd, SecdError}; -use crate::{ - client::{ - email, - store::sql_db::{PgClient, SqliteClient}, - }, - ENV_AUTH_STORE_CONN_STRING, ENV_EMAIL_MESSENGER, ENV_EMAIL_MESSENGER_CLIENT_ID, - ENV_EMAIL_MESSENGER_CLIENT_SECRET, -}; -use log::{error, info}; -use std::{env::var, str::FromStr, sync::Arc}; - -impl Secd { - /// init - /// - /// Initialize SecD with the specified configuration, established the necessary - /// constraints, persistance stores, and options. - pub async fn init() -> Result<Self, SecdError> { - let auth_store = AuthStore::from(var(ENV_AUTH_STORE_CONN_STRING).ok()); - let email_messenger = AuthEmailMessenger::from_str( - &var(ENV_EMAIL_MESSENGER).unwrap_or(AuthEmailMessenger::Local.to_string()), - ) - .expect("unreachable f4ad0f48-0812-427f-b477-0f9c67bb69c5"); - let email_messenger_client_id = var(ENV_EMAIL_MESSENGER_CLIENT_ID).ok(); - let email_messenger_client_secret = var(ENV_EMAIL_MESSENGER_CLIENT_SECRET).ok(); - - info!("starting client with auth_store: {:?}", auth_store); - info!("starting client with email_messenger: {:?}", auth_store); - - let store = match auth_store { - AuthStore::Sqlite { conn } => { - SqliteClient::new( - sqlx::sqlite::SqlitePoolOptions::new() - .connect(&conn) - .await - .map_err(|e| { - SecdError::StoreInitFailure(format!("failed to init sqlite: {}", e)) - })?, - ) - .await - } - AuthStore::Postgres { conn } => { - PgClient::new( - sqlx::postgres::PgPoolOptions::new() - .connect(&conn) - .await - .map_err(|e| { - SecdError::StoreInitFailure(format!("failed to init sqlite: {}", e)) - })?, - ) - .await - } - rest @ _ => { - error!( - "requested an AuthStore which has not yet been implemented: {:?}", - rest - ); - unimplemented!() - } - }; - - let email_sender = match email_messenger { - AuthEmailMessenger::Local => email::LocalMailer {}, - _ => unimplemented!(), - }; - - Ok(Secd { - store, - email_messenger: Arc::new(email_sender), - }) - } -} diff --git a/crates/secd/src/lib.rs b/crates/secd/src/lib.rs index c84f7cf..15a92a8 100644 --- a/crates/secd/src/lib.rs +++ b/crates/secd/src/lib.rs @@ -1,15 +1,20 @@ +pub mod auth; mod client; -mod command; mod util; use client::{ - email::{EmailMessenger, EmailMessengerError}, - store::{Store, StoreError}, + email::{EmailMessenger, EmailMessengerError, LocalMailer}, + spice::Spice, + store::{ + sql_db::{PgClient, SqliteClient}, + Store, StoreError, + }, }; use email_address::EmailAddress; +use log::{error, info}; use serde::{Deserialize, Serialize}; use serde_with::{serde_as, DisplayFromStr}; -use std::sync::Arc; +use std::{env::var, str::FromStr, sync::Arc}; use strum_macros::{Display, EnumString, EnumVariantNames}; use time::OffsetDateTime; use url::Url; @@ -19,6 +24,8 @@ pub const ENV_AUTH_STORE_CONN_STRING: &str = "SECD_AUTH_STORE_CONN_STRING"; pub const ENV_EMAIL_MESSENGER: &str = "SECD_EMAIL_MESSENGER"; pub const ENV_EMAIL_MESSENGER_CLIENT_ID: &str = "SECD_EMAIL_MESSENGER_CLIENT_ID"; pub const ENV_EMAIL_MESSENGER_CLIENT_SECRET: &str = "SECD_EMAIL_MESSENGER_CLIENT_SECRET"; +pub const ENV_SPICE_SECRET: &str = "SECD_SPICE_SECRET"; +pub const ENV_SPICE_SERVER: &str = "SECD_SPICE_SERVER"; const SESSION_SIZE_BYTES: usize = 32; const SESSION_DURATION: i64 = 60 /* seconds*/ * 60 /* minutes */ * 24 /* hours */ * 360 /* days */; @@ -55,12 +62,15 @@ pub enum SecdError { StoreInitFailure(String), FailedToDecodeInput(#[from] hex::FromHexError), + + AuthorizationNotSupported(String), Todo, } pub struct Secd { store: Arc<dyn Store + Send + Sync + 'static>, email_messenger: Arc<dyn EmailMessenger + Send + Sync + 'static>, + spice: Option<Arc<Spice>>, } #[derive(Display, Debug, Serialize, Deserialize, EnumString, EnumVariantNames)] @@ -184,3 +194,82 @@ pub struct Session { #[serde(with = "time::serde::timestamp::option")] pub revoked_at: Option<OffsetDateTime>, } + +impl Secd { + /// init + /// + /// Initialize SecD with the specified configuration, established the necessary + /// constraints, persistance stores, and options. + pub async fn init(z_schema: Option<&str>) -> Result<Self, SecdError> { + let auth_store = AuthStore::from(var(ENV_AUTH_STORE_CONN_STRING).ok()); + let email_messenger = AuthEmailMessenger::from_str( + &var(ENV_EMAIL_MESSENGER).unwrap_or(AuthEmailMessenger::Local.to_string()), + ) + .expect("unreachable f4ad0f48-0812-427f-b477-0f9c67bb69c5"); + let email_messenger_client_id = var(ENV_EMAIL_MESSENGER_CLIENT_ID).ok(); + let email_messenger_client_secret = var(ENV_EMAIL_MESSENGER_CLIENT_SECRET).ok(); + + info!("starting client with auth_store: {:?}", auth_store); + info!("starting client with email_messenger: {:?}", auth_store); + + let store = match auth_store { + AuthStore::Sqlite { conn } => { + if z_schema.is_some() { + return Err(SecdError::AuthorizationNotSupported( + "sqlite is currently unsupported".into(), + )); + } + + SqliteClient::new( + sqlx::sqlite::SqlitePoolOptions::new() + .connect(&conn) + .await + .map_err(|e| { + SecdError::StoreInitFailure(format!("failed to init sqlite: {}", e)) + })?, + ) + .await + } + AuthStore::Postgres { conn } => { + PgClient::new( + sqlx::postgres::PgPoolOptions::new() + .connect(&conn) + .await + .map_err(|e| { + SecdError::StoreInitFailure(format!("failed to init sqlite: {}", e)) + })?, + ) + .await + } + rest @ _ => { + error!( + "requested an AuthStore which has not yet been implemented: {:?}", + rest + ); + unimplemented!() + } + }; + + let email_sender = match email_messenger { + AuthEmailMessenger::Local => LocalMailer {}, + _ => unimplemented!(), + }; + + let spice = match z_schema { + Some(schema) => { + let c: Arc<Spice> = Arc::new(Spice::new().await); + c.write_schema(schema) + .await + .expect("failed to write authorization schema".into()); + Some(c) + } + None => None, + }; + + Ok(Secd { + store, + email_messenger: Arc::new(email_sender), + spice, + }) + } +} @@ -1,3 +1,9 @@ +PG_USER := "secduser" +PG_PASS := "p4ssw0rd" +PG_DB := "secd" +PG_PORT := "5412" +PG_URL := "postgres://" + PG_USER + ":" + PG_PASS + "@host.docker.internal:" + PG_PORT / PG_DB + run-debug: @RUST_BACKTRACE=1 cargo run $@ @@ -7,8 +13,19 @@ build: build-prod: @cargo build --release -start-postgres: - @docker start secd-db || docker run -d --name secd-db -e POSTGRES_PASSWORD=p4ssw0rd -e POSTGRES_USER=secduser -e POSTGRES_DB=secd -p 5412:5432 postgres:12 -c log_statement=all +@start-postgres: _start_postgres start-spice + +@migrate-spice: + docker run --rm --add-host host.docker.internal:host-gateway --name spice_migrator authzed/spicedb migrate head --datastore-engine postgres --datastore-conn-uri "{{PG_URL}}" + +@start-spice: migrate-spice + docker start spice || docker run -d --add-host host.docker.internal:host-gateway --name spice -p 50051:50051 -p 9090:9090 -p 8080:8080 -p 9443:8443 authzed/spicedb serve --grpc-preshared-key "sup3rs3cr3tk3y" --http-enabled --datastore-engine postgres --datastore-conn-uri "{{PG_URL}}" + +@_start_postgres: + docker start secddb || docker run -d --name secddb -e POSTGRES_PASSWORD={{PG_PASS}} -e POSTGRES_USER={{PG_USER}} -e POSTGRES_DB={{PG_DB}} -p {{PG_PORT}}:5432 postgres:13 -c log_statement=all + +@start-mailserver: + docker start mailhog || docker run -d --name mailhog -p 7180:8025 -p 25:1025 mailhog/mailhog:latest -start-mailserver: - @docker start mailhog || docker run -d --name mailhog -p 7180:8025 -p 25:1025 mailhog/mailhog:latest +@clean: + docker rm -f spice secddb |