forked from TrueCloudLab/certificates
Add and generate majordomo protos.
This commit is contained in:
parent
9bfb1c2e7b
commit
64ce4e5c91
6 changed files with 3730 additions and 0 deletions
3
majordomo/doc.go
Normal file
3
majordomo/doc.go
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
package majordomo
|
||||||
|
|
||||||
|
//go:generate protoc --proto_path=.. --go_out=.. --go-grpc_out=.. --go_opt=paths=source_relative --go-grpc_opt=paths=source_relative majordomo/provisioners.proto majordomo/majordomo.proto
|
1094
majordomo/majordomo.pb.go
Normal file
1094
majordomo/majordomo.pb.go
Normal file
File diff suppressed because it is too large
Load diff
102
majordomo/majordomo.proto
Normal file
102
majordomo/majordomo.proto
Normal file
|
@ -0,0 +1,102 @@
|
||||||
|
syntax = "proto3";
|
||||||
|
|
||||||
|
package majordomo;
|
||||||
|
|
||||||
|
option go_package = "github.com/smallstep/certificates/majordomo";
|
||||||
|
|
||||||
|
import "majordomo/provisioners.proto";
|
||||||
|
|
||||||
|
// Majordomo is the public service used to sync configurations to CA's and post
|
||||||
|
// certificates.
|
||||||
|
service Majordomo {
|
||||||
|
// Login creates signs a given CSR and returns the certificate that will be
|
||||||
|
// used for authentication.
|
||||||
|
rpc Login(LoginRequest) returns (LoginResponse);
|
||||||
|
|
||||||
|
// GetConfiguration returns the full configuration of an authority.
|
||||||
|
rpc GetConfiguration(ConfigurationRequest) returns (ConfigurationResponse);
|
||||||
|
// StreamConfiguration streams the full configuration of an authority. This
|
||||||
|
// method is not yet supported.
|
||||||
|
rpc StreamConfiguration(ConfigurationRequest) returns (stream ConfigurationResponse);
|
||||||
|
|
||||||
|
// CreateProvisioner adds a new provisioner to the majordomo authority and
|
||||||
|
// returns the proto representation.
|
||||||
|
rpc CreateProvisioner(CreateProvisionerRequest) returns (Provisioner);
|
||||||
|
// DeleteProvisioner deletes a previously created provisioner.
|
||||||
|
rpc DeleteProvisioner(DeleteProvisionerRequest) returns (Provisioner);
|
||||||
|
|
||||||
|
// CreateAdministrator adds a new admin user to the majordomo authority.
|
||||||
|
// Admin users can add or delete provisioners.
|
||||||
|
rpc CreateAdministrator(CreateAdministratorRequest) returns (Administrator);
|
||||||
|
// DeleteAdministrator deletes a previously created admin user.
|
||||||
|
rpc DeleteAdministrator(DeleteAdministratorRequest) returns (Administrator);
|
||||||
|
|
||||||
|
// PostCertificate sends a signed X.509 certificate to majordomo.
|
||||||
|
rpc PostCertificate(CertificateRequest) returns (CertificateResponse);
|
||||||
|
// PostSSHCertificate sends a signed SSH certificate to majordomo.
|
||||||
|
rpc PostSSHCertificate(SSHCertificateRequest) returns (SSHCertificateResponse);
|
||||||
|
// RevokeCertificate marks an X.509 certificate as revoked.
|
||||||
|
rpc RevokeCertificate(TODO) returns (TODO);
|
||||||
|
// RevokeSSHCertificate marks an SSH certificate as revoked.
|
||||||
|
rpc RevokeSSHCertificate(TODO) returns (TODO);
|
||||||
|
}
|
||||||
|
|
||||||
|
message TODO {}
|
||||||
|
|
||||||
|
message LoginRequest {
|
||||||
|
string authority_id = 1;
|
||||||
|
string username = 2;
|
||||||
|
string password = 3;
|
||||||
|
string pem_certificate_request = 4;
|
||||||
|
}
|
||||||
|
|
||||||
|
message LoginResponse {
|
||||||
|
string pem_certificate = 1;
|
||||||
|
string pem_certificate_chain = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
message ConfigurationRequest {
|
||||||
|
// todo
|
||||||
|
}
|
||||||
|
|
||||||
|
message ConfigurationResponse {
|
||||||
|
repeated Provisioner provisioners = 1;
|
||||||
|
repeated Administrator admins = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
message CreateProvisionerRequest {
|
||||||
|
Provisioner.Type type = 1;
|
||||||
|
string name = 2;
|
||||||
|
ProvisionerDetails details = 3;
|
||||||
|
Claims claims = 4;
|
||||||
|
}
|
||||||
|
|
||||||
|
message DeleteProvisionerRequest {
|
||||||
|
string id = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message CreateAdministratorRequest {
|
||||||
|
string name = 1;
|
||||||
|
string provisioner_id = 2;
|
||||||
|
Administrator.Type type = 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
message DeleteAdministratorRequest {
|
||||||
|
string id = 1;
|
||||||
|
}
|
||||||
|
message CertificateRequest {
|
||||||
|
string pem_certificate = 1;
|
||||||
|
string pem_certificate_chain = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
message CertificateResponse {
|
||||||
|
string id = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message SSHCertificateRequest {
|
||||||
|
string certificate = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message SSHCertificateResponse {
|
||||||
|
string id = 1;
|
||||||
|
}
|
519
majordomo/majordomo_grpc.pb.go
Normal file
519
majordomo/majordomo_grpc.pb.go
Normal file
|
@ -0,0 +1,519 @@
|
||||||
|
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
|
||||||
|
|
||||||
|
package majordomo
|
||||||
|
|
||||||
|
import (
|
||||||
|
context "context"
|
||||||
|
grpc "google.golang.org/grpc"
|
||||||
|
codes "google.golang.org/grpc/codes"
|
||||||
|
status "google.golang.org/grpc/status"
|
||||||
|
)
|
||||||
|
|
||||||
|
// This is a compile-time assertion to ensure that this generated file
|
||||||
|
// is compatible with the grpc package it is being compiled against.
|
||||||
|
// Requires gRPC-Go v1.32.0 or later.
|
||||||
|
const _ = grpc.SupportPackageIsVersion7
|
||||||
|
|
||||||
|
// MajordomoClient is the client API for Majordomo service.
|
||||||
|
//
|
||||||
|
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
||||||
|
type MajordomoClient interface {
|
||||||
|
// Login creates signs a given CSR and returns the certificate that will be
|
||||||
|
// used for authentication.
|
||||||
|
Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error)
|
||||||
|
// GetConfiguration returns the full configuration of an authority.
|
||||||
|
GetConfiguration(ctx context.Context, in *ConfigurationRequest, opts ...grpc.CallOption) (*ConfigurationResponse, error)
|
||||||
|
// StreamConfiguration streams the full configuration of an authority. This
|
||||||
|
// method is not yet supported.
|
||||||
|
StreamConfiguration(ctx context.Context, in *ConfigurationRequest, opts ...grpc.CallOption) (Majordomo_StreamConfigurationClient, error)
|
||||||
|
// CreateProvisioner adds a new provisioner to the majordomo authority and
|
||||||
|
// returns the proto representation.
|
||||||
|
CreateProvisioner(ctx context.Context, in *CreateProvisionerRequest, opts ...grpc.CallOption) (*Provisioner, error)
|
||||||
|
// DeleteProvisioner deletes a previously created provisioner.
|
||||||
|
DeleteProvisioner(ctx context.Context, in *DeleteProvisionerRequest, opts ...grpc.CallOption) (*Provisioner, error)
|
||||||
|
// CreateAdministrator adds a new admin user to the majordomo authority.
|
||||||
|
// Admin users can add or delete provisioners.
|
||||||
|
CreateAdministrator(ctx context.Context, in *CreateAdministratorRequest, opts ...grpc.CallOption) (*Administrator, error)
|
||||||
|
// DeleteAdministrator deletes a previously created admin user.
|
||||||
|
DeleteAdministrator(ctx context.Context, in *DeleteAdministratorRequest, opts ...grpc.CallOption) (*Administrator, error)
|
||||||
|
// PostCertificate sends a signed X.509 certificate to majordomo.
|
||||||
|
PostCertificate(ctx context.Context, in *CertificateRequest, opts ...grpc.CallOption) (*CertificateResponse, error)
|
||||||
|
// PostSSHCertificate sends a signed SSH certificate to majordomo.
|
||||||
|
PostSSHCertificate(ctx context.Context, in *SSHCertificateRequest, opts ...grpc.CallOption) (*SSHCertificateResponse, error)
|
||||||
|
// RevokeCertificate marks an X.509 certificate as revoked.
|
||||||
|
RevokeCertificate(ctx context.Context, in *TODO, opts ...grpc.CallOption) (*TODO, error)
|
||||||
|
// RevokeSSHCertificate marks an SSH certificate as revoked.
|
||||||
|
RevokeSSHCertificate(ctx context.Context, in *TODO, opts ...grpc.CallOption) (*TODO, error)
|
||||||
|
}
|
||||||
|
|
||||||
|
type majordomoClient struct {
|
||||||
|
cc grpc.ClientConnInterface
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewMajordomoClient(cc grpc.ClientConnInterface) MajordomoClient {
|
||||||
|
return &majordomoClient{cc}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*LoginResponse, error) {
|
||||||
|
out := new(LoginResponse)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/Login", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) GetConfiguration(ctx context.Context, in *ConfigurationRequest, opts ...grpc.CallOption) (*ConfigurationResponse, error) {
|
||||||
|
out := new(ConfigurationResponse)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/GetConfiguration", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) StreamConfiguration(ctx context.Context, in *ConfigurationRequest, opts ...grpc.CallOption) (Majordomo_StreamConfigurationClient, error) {
|
||||||
|
stream, err := c.cc.NewStream(ctx, &Majordomo_ServiceDesc.Streams[0], "/majordomo.Majordomo/StreamConfiguration", opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
x := &majordomoStreamConfigurationClient{stream}
|
||||||
|
if err := x.ClientStream.SendMsg(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if err := x.ClientStream.CloseSend(); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return x, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
type Majordomo_StreamConfigurationClient interface {
|
||||||
|
Recv() (*ConfigurationResponse, error)
|
||||||
|
grpc.ClientStream
|
||||||
|
}
|
||||||
|
|
||||||
|
type majordomoStreamConfigurationClient struct {
|
||||||
|
grpc.ClientStream
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *majordomoStreamConfigurationClient) Recv() (*ConfigurationResponse, error) {
|
||||||
|
m := new(ConfigurationResponse)
|
||||||
|
if err := x.ClientStream.RecvMsg(m); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return m, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) CreateProvisioner(ctx context.Context, in *CreateProvisionerRequest, opts ...grpc.CallOption) (*Provisioner, error) {
|
||||||
|
out := new(Provisioner)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/CreateProvisioner", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) DeleteProvisioner(ctx context.Context, in *DeleteProvisionerRequest, opts ...grpc.CallOption) (*Provisioner, error) {
|
||||||
|
out := new(Provisioner)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/DeleteProvisioner", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) CreateAdministrator(ctx context.Context, in *CreateAdministratorRequest, opts ...grpc.CallOption) (*Administrator, error) {
|
||||||
|
out := new(Administrator)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/CreateAdministrator", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) DeleteAdministrator(ctx context.Context, in *DeleteAdministratorRequest, opts ...grpc.CallOption) (*Administrator, error) {
|
||||||
|
out := new(Administrator)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/DeleteAdministrator", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) PostCertificate(ctx context.Context, in *CertificateRequest, opts ...grpc.CallOption) (*CertificateResponse, error) {
|
||||||
|
out := new(CertificateResponse)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/PostCertificate", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) PostSSHCertificate(ctx context.Context, in *SSHCertificateRequest, opts ...grpc.CallOption) (*SSHCertificateResponse, error) {
|
||||||
|
out := new(SSHCertificateResponse)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/PostSSHCertificate", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) RevokeCertificate(ctx context.Context, in *TODO, opts ...grpc.CallOption) (*TODO, error) {
|
||||||
|
out := new(TODO)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/RevokeCertificate", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *majordomoClient) RevokeSSHCertificate(ctx context.Context, in *TODO, opts ...grpc.CallOption) (*TODO, error) {
|
||||||
|
out := new(TODO)
|
||||||
|
err := c.cc.Invoke(ctx, "/majordomo.Majordomo/RevokeSSHCertificate", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MajordomoServer is the server API for Majordomo service.
|
||||||
|
// All implementations must embed UnimplementedMajordomoServer
|
||||||
|
// for forward compatibility
|
||||||
|
type MajordomoServer interface {
|
||||||
|
// Login creates signs a given CSR and returns the certificate that will be
|
||||||
|
// used for authentication.
|
||||||
|
Login(context.Context, *LoginRequest) (*LoginResponse, error)
|
||||||
|
// GetConfiguration returns the full configuration of an authority.
|
||||||
|
GetConfiguration(context.Context, *ConfigurationRequest) (*ConfigurationResponse, error)
|
||||||
|
// StreamConfiguration streams the full configuration of an authority. This
|
||||||
|
// method is not yet supported.
|
||||||
|
StreamConfiguration(*ConfigurationRequest, Majordomo_StreamConfigurationServer) error
|
||||||
|
// CreateProvisioner adds a new provisioner to the majordomo authority and
|
||||||
|
// returns the proto representation.
|
||||||
|
CreateProvisioner(context.Context, *CreateProvisionerRequest) (*Provisioner, error)
|
||||||
|
// DeleteProvisioner deletes a previously created provisioner.
|
||||||
|
DeleteProvisioner(context.Context, *DeleteProvisionerRequest) (*Provisioner, error)
|
||||||
|
// CreateAdministrator adds a new admin user to the majordomo authority.
|
||||||
|
// Admin users can add or delete provisioners.
|
||||||
|
CreateAdministrator(context.Context, *CreateAdministratorRequest) (*Administrator, error)
|
||||||
|
// DeleteAdministrator deletes a previously created admin user.
|
||||||
|
DeleteAdministrator(context.Context, *DeleteAdministratorRequest) (*Administrator, error)
|
||||||
|
// PostCertificate sends a signed X.509 certificate to majordomo.
|
||||||
|
PostCertificate(context.Context, *CertificateRequest) (*CertificateResponse, error)
|
||||||
|
// PostSSHCertificate sends a signed SSH certificate to majordomo.
|
||||||
|
PostSSHCertificate(context.Context, *SSHCertificateRequest) (*SSHCertificateResponse, error)
|
||||||
|
// RevokeCertificate marks an X.509 certificate as revoked.
|
||||||
|
RevokeCertificate(context.Context, *TODO) (*TODO, error)
|
||||||
|
// RevokeSSHCertificate marks an SSH certificate as revoked.
|
||||||
|
RevokeSSHCertificate(context.Context, *TODO) (*TODO, error)
|
||||||
|
mustEmbedUnimplementedMajordomoServer()
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnimplementedMajordomoServer must be embedded to have forward compatible implementations.
|
||||||
|
type UnimplementedMajordomoServer struct {
|
||||||
|
}
|
||||||
|
|
||||||
|
func (UnimplementedMajordomoServer) Login(context.Context, *LoginRequest) (*LoginResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method Login not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) GetConfiguration(context.Context, *ConfigurationRequest) (*ConfigurationResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method GetConfiguration not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) StreamConfiguration(*ConfigurationRequest, Majordomo_StreamConfigurationServer) error {
|
||||||
|
return status.Errorf(codes.Unimplemented, "method StreamConfiguration not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) CreateProvisioner(context.Context, *CreateProvisionerRequest) (*Provisioner, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method CreateProvisioner not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) DeleteProvisioner(context.Context, *DeleteProvisionerRequest) (*Provisioner, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method DeleteProvisioner not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) CreateAdministrator(context.Context, *CreateAdministratorRequest) (*Administrator, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method CreateAdministrator not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) DeleteAdministrator(context.Context, *DeleteAdministratorRequest) (*Administrator, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method DeleteAdministrator not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) PostCertificate(context.Context, *CertificateRequest) (*CertificateResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method PostCertificate not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) PostSSHCertificate(context.Context, *SSHCertificateRequest) (*SSHCertificateResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method PostSSHCertificate not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) RevokeCertificate(context.Context, *TODO) (*TODO, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method RevokeCertificate not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) RevokeSSHCertificate(context.Context, *TODO) (*TODO, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method RevokeSSHCertificate not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedMajordomoServer) mustEmbedUnimplementedMajordomoServer() {}
|
||||||
|
|
||||||
|
// UnsafeMajordomoServer may be embedded to opt out of forward compatibility for this service.
|
||||||
|
// Use of this interface is not recommended, as added methods to MajordomoServer will
|
||||||
|
// result in compilation errors.
|
||||||
|
type UnsafeMajordomoServer interface {
|
||||||
|
mustEmbedUnimplementedMajordomoServer()
|
||||||
|
}
|
||||||
|
|
||||||
|
func RegisterMajordomoServer(s grpc.ServiceRegistrar, srv MajordomoServer) {
|
||||||
|
s.RegisterService(&Majordomo_ServiceDesc, srv)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_Login_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(LoginRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).Login(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/Login",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).Login(ctx, req.(*LoginRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_GetConfiguration_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(ConfigurationRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).GetConfiguration(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/GetConfiguration",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).GetConfiguration(ctx, req.(*ConfigurationRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_StreamConfiguration_Handler(srv interface{}, stream grpc.ServerStream) error {
|
||||||
|
m := new(ConfigurationRequest)
|
||||||
|
if err := stream.RecvMsg(m); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
return srv.(MajordomoServer).StreamConfiguration(m, &majordomoStreamConfigurationServer{stream})
|
||||||
|
}
|
||||||
|
|
||||||
|
type Majordomo_StreamConfigurationServer interface {
|
||||||
|
Send(*ConfigurationResponse) error
|
||||||
|
grpc.ServerStream
|
||||||
|
}
|
||||||
|
|
||||||
|
type majordomoStreamConfigurationServer struct {
|
||||||
|
grpc.ServerStream
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *majordomoStreamConfigurationServer) Send(m *ConfigurationResponse) error {
|
||||||
|
return x.ServerStream.SendMsg(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_CreateProvisioner_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(CreateProvisionerRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).CreateProvisioner(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/CreateProvisioner",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).CreateProvisioner(ctx, req.(*CreateProvisionerRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_DeleteProvisioner_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(DeleteProvisionerRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).DeleteProvisioner(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/DeleteProvisioner",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).DeleteProvisioner(ctx, req.(*DeleteProvisionerRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_CreateAdministrator_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(CreateAdministratorRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).CreateAdministrator(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/CreateAdministrator",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).CreateAdministrator(ctx, req.(*CreateAdministratorRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_DeleteAdministrator_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(DeleteAdministratorRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).DeleteAdministrator(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/DeleteAdministrator",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).DeleteAdministrator(ctx, req.(*DeleteAdministratorRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_PostCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(CertificateRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).PostCertificate(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/PostCertificate",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).PostCertificate(ctx, req.(*CertificateRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_PostSSHCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(SSHCertificateRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).PostSSHCertificate(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/PostSSHCertificate",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).PostSSHCertificate(ctx, req.(*SSHCertificateRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_RevokeCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(TODO)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).RevokeCertificate(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/RevokeCertificate",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).RevokeCertificate(ctx, req.(*TODO))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _Majordomo_RevokeSSHCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(TODO)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(MajordomoServer).RevokeSSHCertificate(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/majordomo.Majordomo/RevokeSSHCertificate",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(MajordomoServer).RevokeSSHCertificate(ctx, req.(*TODO))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Majordomo_ServiceDesc is the grpc.ServiceDesc for Majordomo service.
|
||||||
|
// It's only intended for direct use with grpc.RegisterService,
|
||||||
|
// and not to be introspected or modified (even as a copy)
|
||||||
|
var Majordomo_ServiceDesc = grpc.ServiceDesc{
|
||||||
|
ServiceName: "majordomo.Majordomo",
|
||||||
|
HandlerType: (*MajordomoServer)(nil),
|
||||||
|
Methods: []grpc.MethodDesc{
|
||||||
|
{
|
||||||
|
MethodName: "Login",
|
||||||
|
Handler: _Majordomo_Login_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "GetConfiguration",
|
||||||
|
Handler: _Majordomo_GetConfiguration_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "CreateProvisioner",
|
||||||
|
Handler: _Majordomo_CreateProvisioner_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "DeleteProvisioner",
|
||||||
|
Handler: _Majordomo_DeleteProvisioner_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "CreateAdministrator",
|
||||||
|
Handler: _Majordomo_CreateAdministrator_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "DeleteAdministrator",
|
||||||
|
Handler: _Majordomo_DeleteAdministrator_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "PostCertificate",
|
||||||
|
Handler: _Majordomo_PostCertificate_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "PostSSHCertificate",
|
||||||
|
Handler: _Majordomo_PostSSHCertificate_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "RevokeCertificate",
|
||||||
|
Handler: _Majordomo_RevokeCertificate_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "RevokeSSHCertificate",
|
||||||
|
Handler: _Majordomo_RevokeSSHCertificate_Handler,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Streams: []grpc.StreamDesc{
|
||||||
|
{
|
||||||
|
StreamName: "StreamConfiguration",
|
||||||
|
Handler: _Majordomo_StreamConfiguration_Handler,
|
||||||
|
ServerStreams: true,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Metadata: "majordomo/majordomo.proto",
|
||||||
|
}
|
1875
majordomo/provisioners.pb.go
Normal file
1875
majordomo/provisioners.pb.go
Normal file
File diff suppressed because it is too large
Load diff
137
majordomo/provisioners.proto
Normal file
137
majordomo/provisioners.proto
Normal file
|
@ -0,0 +1,137 @@
|
||||||
|
syntax = "proto3";
|
||||||
|
|
||||||
|
package majordomo;
|
||||||
|
|
||||||
|
option go_package = "github.com/smallstep/certificates/majordomo";
|
||||||
|
|
||||||
|
message Administrator {
|
||||||
|
enum Type {
|
||||||
|
UNKNOWN = 0;
|
||||||
|
ADMIN = 1;
|
||||||
|
SUPER_ADMIN = 2;
|
||||||
|
}
|
||||||
|
string id = 1;
|
||||||
|
string authority_id = 2;
|
||||||
|
string subject = 3;
|
||||||
|
string provisioner_id = 4;
|
||||||
|
Type type = 5;
|
||||||
|
}
|
||||||
|
|
||||||
|
message Provisioner {
|
||||||
|
enum Type {
|
||||||
|
NOOP = 0;
|
||||||
|
JWK = 1;
|
||||||
|
OIDC = 2;
|
||||||
|
GCP = 3;
|
||||||
|
AWS = 4;
|
||||||
|
AZURE = 5;
|
||||||
|
ACME = 6;
|
||||||
|
X5C = 7;
|
||||||
|
K8SSA = 8;
|
||||||
|
SSHPOP = 9;
|
||||||
|
}
|
||||||
|
string id = 1;
|
||||||
|
string authority_id = 2;
|
||||||
|
Type type = 3;
|
||||||
|
string name = 4;
|
||||||
|
ProvisionerDetails details = 5;
|
||||||
|
Claims claims = 6;
|
||||||
|
bytes x509_template = 7;
|
||||||
|
bytes x509_template_data = 8;
|
||||||
|
bytes ssh_template = 9;
|
||||||
|
bytes ssh_template_data = 10;
|
||||||
|
}
|
||||||
|
|
||||||
|
message ProvisionerDetails {
|
||||||
|
oneof data {
|
||||||
|
JWKProvisioner JWK = 20;
|
||||||
|
OIDCProvisioner OIDC = 21;
|
||||||
|
GCPProvisioner GCP = 22;
|
||||||
|
AWSProvisioner AWS = 23;
|
||||||
|
AzureProvisioner Azure = 24;
|
||||||
|
ACMEProvisioner ACME = 25;
|
||||||
|
X5CProvisioner X5C = 26;
|
||||||
|
K8sSAProvisioner K8sSA = 27;
|
||||||
|
SSHPOPProvisioner SSHPOP = 28;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
message ProvisionerList {
|
||||||
|
repeated Provisioner provisioners = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message Claims {
|
||||||
|
X509Claims x509 = 1;
|
||||||
|
SSHClaims ssh = 2;
|
||||||
|
bool disable_renewal = 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
message X509Claims {
|
||||||
|
bool enabled = 1;
|
||||||
|
Durations durations = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
message SSHClaims {
|
||||||
|
bool enabled = 1;
|
||||||
|
Durations user_durations = 2;
|
||||||
|
Durations host_durations = 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
message Durations {
|
||||||
|
string default = 1;
|
||||||
|
string min = 2;
|
||||||
|
string max = 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
message JWKProvisioner {
|
||||||
|
bytes public_key = 1;
|
||||||
|
bytes encrypted_private_key = 2;
|
||||||
|
}
|
||||||
|
|
||||||
|
message OIDCProvisioner {
|
||||||
|
string client_id = 1;
|
||||||
|
string client_secret = 2;
|
||||||
|
string configuration_endpoint = 3;
|
||||||
|
repeated string admins = 4;
|
||||||
|
repeated string domains = 5;
|
||||||
|
repeated string groups = 6;
|
||||||
|
string listen_address = 7;
|
||||||
|
string tenant_id = 8;
|
||||||
|
}
|
||||||
|
|
||||||
|
message GCPProvisioner {
|
||||||
|
repeated string service_accounts = 1;
|
||||||
|
repeated string project_ids = 2;
|
||||||
|
bool disable_custom_sans = 3;
|
||||||
|
bool disable_trust_on_first_use = 4;
|
||||||
|
string instance_age = 5;
|
||||||
|
}
|
||||||
|
|
||||||
|
message AWSProvisioner {
|
||||||
|
repeated string accounts = 1;
|
||||||
|
bool disable_custom_sans = 2;
|
||||||
|
bool disable_trust_on_first_use = 3;
|
||||||
|
string instance_age = 4;
|
||||||
|
}
|
||||||
|
|
||||||
|
message AzureProvisioner {
|
||||||
|
string tenant_id = 1;
|
||||||
|
repeated string resource_groups = 2;
|
||||||
|
string audience = 3;
|
||||||
|
bool disable_custom_sans = 4;
|
||||||
|
bool disable_trust_on_first_use = 5;
|
||||||
|
}
|
||||||
|
|
||||||
|
message ACMEProvisioner {
|
||||||
|
bool force_cn = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message X5CProvisioner {
|
||||||
|
repeated bytes roots = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message K8sSAProvisioner {
|
||||||
|
repeated bytes public_keys = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
message SSHPOPProvisioner {}
|
Loading…
Reference in a new issue