// Copyright 2019 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. syntax = "proto3"; // Package v1 provides protocol buffer versions of Remembered Consents API for // listing and revoking Remembered consents. package consents.v1; import "google/api/annotations.proto"; import "google/protobuf/empty.proto"; import "google/protobuf/timestamp.proto"; option go_package = "github.com/GoogleCloudPlatform/healthcare-federated-access-services/proto/consents/v1"; /////////////////////////////////////////////////// // Remembered Consents service. service Consents { // Deletes the specified Remembered Consent. rpc DeleteConsent(DeleteConsentRequest) returns (google.protobuf.Empty) { option (google.api.http) = { delete: "/v1/{realm}/users/{user_id}/consents/{consent_id}" }; } // Lists the Remembered Consents. rpc ListConsents(ListConsentsRequest) returns (ListConsentsResponse) { option (google.api.http) = { get: "/v1/{realm}/users/{user_id}/consents" }; } } message DeleteConsentRequest { string realm = 1; string user_id = 2; string consent_id = 3; } message ListConsentsRequest { string realm = 1; string user_id = 2; string filter = 3; int32 page_size = 4; string page_token = 5; } message ListConsentsResponse { repeated Consent consents = 1; string next_page_token = 2; } // Consent contains the consent a user has given for release of visas to a // specific OAuth client. message Consent { // RequestMatchType defines what request is valid to use this consent. enum RequestMatchType { // NONE : do not remember. NONE = 0; // SUBSET : request resource and scopes are subset of resource and scopes in // this item. SUBSET = 1; // ANYTHING : request anything. ANYTHING = 2; } // ReleaseType defines what to release. enum ReleaseType { UNSPECIFIED = 0; // SELECTED : release selected visas of this item. SELECTED = 1; // ANYTHING_NEEDED: release anything request needed. ANYTHING_NEEDED = 2; } // Visa contains fields to match released visas user have. message Visa { string type = 1; string source = 2; string by = 3; string iss = 4; } // Client : remember the consent for this client. message Client { string client_id = 1; string name = 2; map<string, string> ui = 3; } // name iin format: /users/{user_id}/consents/{consent_id} string name = 1; Client client = 2; google.protobuf.Timestamp create_time = 3; google.protobuf.Timestamp expire_time = 4; RequestMatchType request_match_type = 5; repeated string requested_resources = 6; repeated string requested_scopes = 7; ReleaseType release_type = 8; repeated Visa selected_visas = 9; bool release_profile_name = 10; bool release_profile_email = 11; bool release_profile_other = 12; bool release_account_admin = 13; bool release_link = 14; bool release_identities = 15; }