opensource/magistrala
1
0
Fork 0
mirror of https://github.com/absmach/magistrala.git synced 2026-06-23 04:10:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
e29b54c54dc9cf75e81a8ee7ef6e02c54e5463d1
magistrala/auth.proto
T
JeffMboya d9f3bca478 MG-2533 - Fix Linting Issues in Proto Files (#2534) 
Signed-off-by: JeffMboya <jangina.mboya@gmail.com>
2024-11-18 08:52:30 +01:00

99 lines
2.4 KiB
Protocol Buffer
Raw Blame History

// Copyright (c) Abstract Machines
// SPDX-License-Identifier: Apache-2.0
syntax = "proto3";
package magistrala;
option go_package = "./magistrala";
// ThingsService is a service that provides things authorization functionalities
// for magistrala services.
service ThingsService {
// Authorize checks if the thing is authorized to perform
// the action on the channel.
rpc Authorize(ThingsAuthzReq) returns (ThingsAuthzRes) {}
}
service TokenService {
rpc Issue(IssueReq) returns (Token) {}
rpc Refresh(RefreshReq) returns (Token) {}
}
// AuthService is a service that provides authentication and authorization
// functionalities for magistrala services.
service AuthService {
rpc Authorize(AuthZReq) returns (AuthZRes) {}
rpc Authenticate(AuthNReq) returns (AuthNRes) {}
}
// DomainsService is a service that provides access to domains
// functionalities for magistrala services.
service DomainsService {
rpc DeleteUserFromDomains(DeleteUserReq) returns (DeleteUserRes) {}
}
// If a token is not carrying any information itself, the type
// field can be used to determine how to validate the token.
// Also, different tokens can be encoded in different ways.
message Token {
string access_token = 1;
optional string refresh_token = 2;
string access_type = 3;
}
message AuthNReq {
string token = 1;
}
message AuthNRes {
string id = 1; // change "id" to "subject", sub in jwt = user + domain id
string user_id = 2; // user id
string domain_id = 3; // domain id
}
message IssueReq {
string user_id = 1;
uint32 type = 2;
}
message RefreshReq {
string refresh_token = 1;
}
message AuthZReq {
string domain = 1; // Domain
string subject_type = 2; // Thing or User
string subject_kind = 3; // ID or Token
string subject_relation = 4; // Subject relation
string subject = 5; // Subject value (id or token, depending on kind)
string relation = 6; // Relation to filter
string permission = 7; // Action
string object = 8; // Object ID
string object_type = 9; // Thing, User, Group
}
message AuthZRes {
bool authorized = 1;
string id = 2;
}
message DeleteUserRes {
bool deleted = 1;
}
message DeleteUserReq {
string id = 1;
}
message ThingsAuthzReq {
string channel_id = 1;
string thing_id = 2;
string thing_key = 3;
string permission = 4;
}
message ThingsAuthzRes {
bool authorized = 1;
string id = 2;
}
Reference in New Issue View Git Blame Copy Permalink