frostfs-api-go/service/verify.proto

120 lines
3.9 KiB
Protocol Buffer
Raw Permalink Normal View History

2019-11-18 16:22:08 +00:00
syntax = "proto3";
package service;
2020-03-31 07:05:26 +00:00
option go_package = "github.com/nspcc-dev/neofs-api-go/service";
2020-02-05 13:58:06 +00:00
option csharp_namespace = "NeoFS.API.Service";
2019-11-18 16:22:08 +00:00
2020-04-28 09:50:52 +00:00
import "refs/types.proto";
2019-11-18 16:22:08 +00:00
import "github.com/gogo/protobuf/gogoproto/gogo.proto";
option (gogoproto.stable_marshaler_all) = true;
// RequestVerificationHeader is a set of signatures of every NeoFS Node that processed request
// (should be embedded into message).
2019-11-18 16:22:08 +00:00
message RequestVerificationHeader {
2020-04-28 09:50:52 +00:00
message Signature {
// Sign is signature of the request or session key.
2019-11-18 16:22:08 +00:00
bytes Sign = 1;
// Peer is compressed public key used for signature.
2019-11-18 16:22:08 +00:00
bytes Peer = 2;
}
// Signatures is a set of signatures of every passed NeoFS Node
2019-11-18 16:22:08 +00:00
repeated Signature Signatures = 1;
2020-04-28 09:50:52 +00:00
// Token is a token of the session within which the request is sent
Token Token = 2;
2020-06-18 12:01:25 +00:00
// Bearer is a Bearer token of the request
BearerTokenMsg Bearer = 3;
2020-04-28 09:50:52 +00:00
}
// User token granting rights for object manipulation
message Token {
message Info {
// ID is a token identifier. valid UUIDv4 represented in bytes
bytes ID = 1 [(gogoproto.customtype) = "TokenID", (gogoproto.nullable) = false];
// OwnerID is an owner of manipulation object
bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
// Verb is an enumeration of session request types
enum Verb {
// Put refers to object.Put RPC call
Put = 0;
// Get refers to object.Get RPC call
Get = 1;
// Head refers to object.Head RPC call
Head = 2;
// Search refers to object.Search RPC call
Search = 3;
// Delete refers to object.Delete RPC call
Delete = 4;
// Range refers to object.GetRange RPC call
Range = 5;
// RangeHash refers to object.GetRangeHash RPC call
RangeHash = 6;
}
// Verb is a type of request for which the token is issued
Verb verb = 3 [(gogoproto.customname) = "Verb"];
// Address is an object address for which token is issued
refs.Address Address = 4 [(gogoproto.nullable) = false, (gogoproto.customtype) = "Address"];
2020-05-08 07:49:23 +00:00
// Lifetime is a lifetime of the session
TokenLifetime Lifetime = 5 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
2020-04-28 09:50:52 +00:00
// SessionKey is a public key of session key
2020-05-08 07:49:23 +00:00
bytes SessionKey = 6;
2020-05-15 13:00:02 +00:00
// OwnerKey is a public key of the token owner
bytes OwnerKey = 7;
2020-04-28 09:50:52 +00:00
}
// TokenInfo is a grouped information about token
Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
// Signature is a signature of session token information
bytes Signature = 8;
2019-11-18 16:22:08 +00:00
}
2020-04-28 09:50:52 +00:00
2020-05-08 07:49:23 +00:00
// TokenLifetime carries a group of lifetime parameters of the token
message TokenLifetime {
// Created carries an initial epoch of token lifetime
uint64 Created = 1;
// ValidUntil carries a last epoch of token lifetime
uint64 ValidUntil = 2;
}
2020-04-28 09:50:52 +00:00
// TODO: for variable token types and version redefine message
// Example:
// message Token {
// TokenType TokenType = 1;
// uint32 Version = 2;
// bytes Data = 3;
// }
2020-06-18 12:01:25 +00:00
// BearerTokenMsg carries information about request ACL rules with limited lifetime
message BearerTokenMsg {
message Info {
// ACLRules carries a binary representation of the table of extended ACL rules
bytes ACLRules = 1;
// OwnerID is an owner of token
bytes OwnerID = 2 [(gogoproto.customtype) = "OwnerID", (gogoproto.nullable) = false];
// ValidUntil carries a last epoch of token lifetime
uint64 ValidUntil = 3;
}
// TokenInfo is a grouped information about token
Info TokenInfo = 1 [(gogoproto.embed) = true, (gogoproto.nullable) = false];
// OwnerKey is a public key of the token owner
bytes OwnerKey = 2;
// Signature is a signature of token information
bytes Signature = 3;
}