syntax = "proto3"; package service; option go_package = "github.com/nspcc-dev/neofs-api-go/service"; option csharp_namespace = "NeoFS.API.Service"; import "refs/types.proto"; import "github.com/gogo/protobuf/gogoproto/gogo.proto"; option (gogoproto.stable_marshaler_all) = true; // RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request // (should be embedded into message). message RequestVerificationHeader { message Signature { // Sign is signature of the request or session key. bytes Sign = 1; // Peer is compressed public key used for signature. bytes Peer = 2; } // Signatures is a set of signatures of every passed NeoFS Node repeated Signature Signatures = 1; // Token is a token of the session within which the request is sent Token Token = 2; // Bearer is a Bearer token of the request BearerTokenMsg Bearer = 3; } // User token granting rights for object manipulation message Token { message Info { // ID is a token identifier. valid UUIDv4 represented in bytes bytes ID = 1 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false]; // OwnerID is an owner of manipulation object bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false]; // Verb is an enumeration of session request types enum Verb { // Put refers to object.Put RPC call Put = 0; // Get refers to object.Get RPC call Get = 1; // Head refers to object.Head RPC call Head = 2; // Search refers to object.Search RPC call Search = 3; // Delete refers to object.Delete RPC call Delete = 4; // Range refers to object.GetRange RPC call Range = 5; // RangeHash refers to object.GetRangeHash RPC call RangeHash = 6; } // Verb is a type of request for which the token is issued Verb verb = 3 [(gogoproto.customname) = "Verb"]; // Address is an object address for which token is issued refs.Address Address = 4 [(gogoproto.nullable) = false, (gogoproto.customtype) = "Address"]; // Lifetime is a lifetime of the session TokenLifetime Lifetime = 5 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; // SessionKey is a public key of session key bytes SessionKey = 6; // OwnerKey is a public key of the token owner bytes OwnerKey = 7; } // TokenInfo is a grouped information about token Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; // Signature is a signature of session token information bytes Signature = 8; } // TokenLifetime carries a group of lifetime parameters of the token message TokenLifetime { // Created carries an initial epoch of token lifetime uint64 Created = 1; // ValidUntil carries a last epoch of token lifetime uint64 ValidUntil = 2; } // TODO: for variable token types and version redefine message // Example: // message Token { // TokenType TokenType = 1; // uint32 Version = 2; // bytes Data = 3; // } // BearerTokenMsg carries information about request ACL rules with limited lifetime message BearerTokenMsg { message Info { // ACLRules carries a binary representation of the table of extended ACL rules bytes ACLRules = 1; // OwnerID is an owner of token bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false]; // ValidUntil carries a last epoch of token lifetime uint64 ValidUntil = 3; } // TokenInfo is a grouped information about token Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false]; // OwnerKey is a public key of the token owner bytes OwnerKey = 2; // Signature is a signature of token information bytes Signature = 3; }