/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. * */ syntax = "proto3"; option java_multiple_files = true; package org.apache.custos.identity.management.service; option go_package = "./pb"; import "google/api/annotations.proto"; import "IdentityService.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/any.proto"; import "CredentialStoreService.proto"; message AuthorizationRequest { int64 tenant_id = 1; string client_id = 2; string client_secret = 3; string redirect_uri = 4; string response_type = 5; string scope = 6; string state = 7; } message AuthorizationResponse { string loginURI = 1; } message GetCredentialsRequest { string client_id = 1; org.apache.custos.credential.store.service.Credentials credentials = 2; } message GetAgentTokenRequest { int64 tenant_id = 1; string agent_client_id = 2; string agent_client_secret = 3; string agentId = 4; string agentPassword = 5; string client_id = 6; string grant_type = 7; string refresh_token = 8; } message EndSessionRequest { string client_id = 1; org.apache.custos.identity.service.EndSessionRequest body = 2; } service IdentityManagementService { rpc authenticate (org.apache.custos.identity.service.AuthenticationRequest) returns (org.apache.custos.identity.service.AuthToken) { option (google.api.http) = { post: "/identity-management/v1.0.0/authenticate" }; } rpc isAuthenticated (org.apache.custos.identity.service.AuthToken) returns (org.apache.custos.identity.service.IsAuthenticatedResponse) { option (google.api.http) = { post: "/identity-management/v1.0.0/authenticate/status" }; } rpc getUser (org.apache.custos.identity.service.AuthToken) returns (org.apache.custos.identity.service.User) { option (google.api.http) = { get: "/identity-management/v1.0.0/user" }; } rpc getUserManagementServiceAccountAccessToken (org.apache.custos.identity.service.GetUserManagementSATokenRequest) returns (org.apache.custos.identity.service.AuthToken) { option (google.api.http) = { get: "/identity-management/v1.0.0/account/token" }; } rpc endUserSession(EndSessionRequest) returns (org.apache.custos.identity.service.OperationStatus) { option (google.api.http) = { post: "/identity-management/v1.0.0/user/logout" body: "body" }; } rpc authorize (AuthorizationRequest) returns (AuthorizationResponse) { option (google.api.http) = { get: "/identity-management/v1.0.0/authorize" }; } rpc token (org.apache.custos.identity.service.GetTokenRequest) returns (google.protobuf.Struct) { option (google.api.http) = { post: "/identity-management/v1.0.0/token" }; } rpc getCredentials (GetCredentialsRequest) returns (org.apache.custos.credential.store.service.Credentials) { option (google.api.http) = { get: "/identity-management/v1.0.0/credentials" }; } rpc getOIDCConfiguration(org.apache.custos.identity.service.GetOIDCConfiguration) returns (google.protobuf.Struct) { option (google.api.http) = { get: "/identity-management/v1.0.0/.well-known/openid-configuration" }; } rpc getAgentToken(GetAgentTokenRequest) returns (google.protobuf.Struct) { option (google.api.http) = { post: "/identity-management/v1.0.0/agent/token/{client_id}" }; } rpc endAgentSession(EndSessionRequest) returns (org.apache.custos.identity.service.OperationStatus) { option (google.api.http) = { post: "/identity-management/v1.0.0/agent/logout/{client_id}" body: "body" }; } rpc isAgentAuthenticated(org.apache.custos.identity.service.AuthToken) returns (org.apache.custos.identity.service.IsAuthenticatedResponse) { option (google.api.http) = { post: "/identity-management/v1.0.0/agent/authentication/status" }; } }