mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity
certificates/linkedca/majordomo.proto
Mariano Cano 71afc413bf Rename majordomo to linkedca.
2021-05-24 12:36:01 -07:00

102 lines
3 KiB
Protocol Buffer
Raw Blame History

syntax = "proto3";
package majordomo;
option go_package = "github.com/smallstep/certificates/majordomo";
import "majordomo/provisioners.proto";
// Majordomo is the public service used to sync configurations to CA's and post
// certificates.
service Majordomo {
// Login creates signs a given CSR and returns the certificate that will be
// used for authentication.
rpc Login(LoginRequest) returns (LoginResponse);
// GetConfiguration returns the full configuration of an authority.
rpc GetConfiguration(ConfigurationRequest) returns (ConfigurationResponse);
// StreamConfiguration streams the full configuration of an authority. This
// method is not yet supported.
rpc StreamConfiguration(ConfigurationRequest) returns (stream ConfigurationResponse);
// CreateProvisioner adds a new provisioner to the majordomo authority and
// returns the proto representation.
rpc CreateProvisioner(CreateProvisionerRequest) returns (Provisioner);
// DeleteProvisioner deletes a previously created provisioner.
rpc DeleteProvisioner(DeleteProvisionerRequest) returns (Provisioner);
// CreateAdministrator adds a new admin user to the majordomo authority.
// Admin users can add or delete provisioners.
rpc CreateAdministrator(CreateAdministratorRequest) returns (Administrator);
// DeleteAdministrator deletes a previously created admin user.
rpc DeleteAdministrator(DeleteAdministratorRequest) returns (Administrator);
// PostCertificate sends a signed X.509 certificate to majordomo.
rpc PostCertificate(CertificateRequest) returns (CertificateResponse);
// PostSSHCertificate sends a signed SSH certificate to majordomo.
rpc PostSSHCertificate(SSHCertificateRequest) returns (SSHCertificateResponse);
// RevokeCertificate marks an X.509 certificate as revoked.
rpc RevokeCertificate(TODO) returns (TODO);
// RevokeSSHCertificate marks an SSH certificate as revoked.
rpc RevokeSSHCertificate(TODO) returns (TODO);
}
message TODO {}
message LoginRequest {
string authority_id = 1;
string username = 2;
string password = 3;
string pem_certificate_request = 4;
}
message LoginResponse {
string pem_certificate = 1;
string pem_certificate_chain = 2;
}
message ConfigurationRequest {
// todo
}
message ConfigurationResponse {
repeated Provisioner provisioners = 1;
repeated Administrator admins = 2;
}
message CreateProvisionerRequest {
Provisioner.Type type = 1;
string name = 2;
ProvisionerDetails details = 3;
Claims claims = 4;
}
message DeleteProvisionerRequest {
string id = 1;
}
message CreateAdministratorRequest {
string name = 1;
string provisioner_id = 2;
Administrator.Type type = 3;
}
message DeleteAdministratorRequest {
string id = 1;
}
message CertificateRequest {
string pem_certificate = 1;
string pem_certificate_chain = 2;
}
message CertificateResponse {
string id = 1;
}
message SSHCertificateRequest {
string certificate = 1;
}
message SSHCertificateResponse {
string id = 1;
}
View git blame Copy permalink