diff --git a/internal/gen/controller/api/services/auth_method_service.pb.go b/internal/gen/controller/api/services/auth_method_service.pb.go index 06d1dc86b5..5648ba6753 100644 --- a/internal/gen/controller/api/services/auth_method_service.pb.go +++ b/internal/gen/controller/api/services/auth_method_service.pb.go @@ -9,6 +9,7 @@ package services import ( _ "github.com/grpc-ecosystem/grpc-gateway/v2/protoc-gen-openapiv2/options" authmethods "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authmethods" + authtokens "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authtokens" _ "github.com/hashicorp/boundary/sdk/pbs/controller/protooptions" _ "google.golang.org/genproto/googleapis/api/annotations" _ "google.golang.org/genproto/googleapis/api/visibility" @@ -850,58 +851,6 @@ func (x *OidcStartAttributes) GetCachedRoundtripPayload() string { return "" } -// The layout of the struct for "attributes" field in AuthenticateRequest for a -// oidc type's token command. This message isn't directly referenced anywhere -// but is used here to define the expected field names and types. -type OidcTokenAttributes struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // The token id for the request. This is the token id that was returned from - // the oidc type's start command - TokenId string `protobuf:"bytes,1,opt,name=token_id,json=tokenId,proto3" json:"token_id,omitempty"` -} - -func (x *OidcTokenAttributes) Reset() { - *x = OidcTokenAttributes{} - if protoimpl.UnsafeEnabled { - mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[15] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *OidcTokenAttributes) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*OidcTokenAttributes) ProtoMessage() {} - -func (x *OidcTokenAttributes) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[15] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use OidcTokenAttributes.ProtoReflect.Descriptor instead. -func (*OidcTokenAttributes) Descriptor() ([]byte, []int) { - return file_controller_api_services_v1_auth_method_service_proto_rawDescGZIP(), []int{15} -} - -func (x *OidcTokenAttributes) GetTokenId() string { - if x != nil { - return x.TokenId - } - return "" -} - type AuthenticateRequest struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -917,8 +866,13 @@ type AuthenticateRequest struct { // This can be "cookie" or "token". If not provided, "token" will be used. "cookie" activates a split-cookie method where the token is split partially between http-only and regular cookies in order // to keep it safe from rogue JS in the browser. Type string `protobuf:"bytes,6,opt,name=type,proto3" json:"type,omitempty" class:"public"` // @gotags: `class:"public"` - // Attributes are passed to the Auth Method; the valid keys and values depend on the type of Auth Method as well as the command. - Attributes *structpb.Struct `protobuf:"bytes,4,opt,name=attributes,proto3" json:"attributes,omitempty"` + // Types that are assignable to Attrs: + // *AuthenticateRequest_Attributes + // *AuthenticateRequest_PasswordLoginAttributes + // *AuthenticateRequest_OidcStartAttributes + // *AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest + // *AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest + Attrs isAuthenticateRequest_Attrs `protobuf_oneof:"attrs"` // The command to perform. Command string `protobuf:"bytes,5,opt,name=command,proto3" json:"command,omitempty" class:"public"` // @gotags: `class:"public"` } @@ -926,7 +880,7 @@ type AuthenticateRequest struct { func (x *AuthenticateRequest) Reset() { *x = AuthenticateRequest{} if protoimpl.UnsafeEnabled { - mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[16] + mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -939,7 +893,7 @@ func (x *AuthenticateRequest) String() string { func (*AuthenticateRequest) ProtoMessage() {} func (x *AuthenticateRequest) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[16] + mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[15] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -952,7 +906,7 @@ func (x *AuthenticateRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use AuthenticateRequest.ProtoReflect.Descriptor instead. func (*AuthenticateRequest) Descriptor() ([]byte, []int) { - return file_controller_api_services_v1_auth_method_service_proto_rawDescGZIP(), []int{16} + return file_controller_api_services_v1_auth_method_service_proto_rawDescGZIP(), []int{15} } func (x *AuthenticateRequest) GetAuthMethodId() string { @@ -977,13 +931,48 @@ func (x *AuthenticateRequest) GetType() string { return "" } +func (m *AuthenticateRequest) GetAttrs() isAuthenticateRequest_Attrs { + if m != nil { + return m.Attrs + } + return nil +} + func (x *AuthenticateRequest) GetAttributes() *structpb.Struct { - if x != nil { + if x, ok := x.GetAttrs().(*AuthenticateRequest_Attributes); ok { return x.Attributes } return nil } +func (x *AuthenticateRequest) GetPasswordLoginAttributes() *PasswordLoginAttributes { + if x, ok := x.GetAttrs().(*AuthenticateRequest_PasswordLoginAttributes); ok { + return x.PasswordLoginAttributes + } + return nil +} + +func (x *AuthenticateRequest) GetOidcStartAttributes() *OidcStartAttributes { + if x, ok := x.GetAttrs().(*AuthenticateRequest_OidcStartAttributes); ok { + return x.OidcStartAttributes + } + return nil +} + +func (x *AuthenticateRequest) GetOidcAuthMethodAuthenticateCallbackRequest() *authmethods.OidcAuthMethodAuthenticateCallbackRequest { + if x, ok := x.GetAttrs().(*AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest); ok { + return x.OidcAuthMethodAuthenticateCallbackRequest + } + return nil +} + +func (x *AuthenticateRequest) GetOidcAuthMethodAuthenticateTokenRequest() *authmethods.OidcAuthMethodAuthenticateTokenRequest { + if x, ok := x.GetAttrs().(*AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest); ok { + return x.OidcAuthMethodAuthenticateTokenRequest + } + return nil +} + func (x *AuthenticateRequest) GetCommand() string { if x != nil { return x.Command @@ -991,6 +980,43 @@ func (x *AuthenticateRequest) GetCommand() string { return "" } +type isAuthenticateRequest_Attrs interface { + isAuthenticateRequest_Attrs() +} + +type AuthenticateRequest_Attributes struct { + // Attributes are passed to the Auth Method; the valid keys and values depend on the type of Auth Method as well as the command. + Attributes *structpb.Struct `protobuf:"bytes,4,opt,name=attributes,proto3,oneof"` +} + +type AuthenticateRequest_PasswordLoginAttributes struct { + // Note: these fields have a custom mapping function for transforming to and from the generic attributes, + // they do not use the standard attribute transformation. + PasswordLoginAttributes *PasswordLoginAttributes `protobuf:"bytes,7,opt,name=password_login_attributes,json=passwordLoginAttributes,proto3,oneof"` +} + +type AuthenticateRequest_OidcStartAttributes struct { + OidcStartAttributes *OidcStartAttributes `protobuf:"bytes,8,opt,name=oidc_start_attributes,json=oidcStartAttributes,proto3,oneof"` +} + +type AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest struct { + OidcAuthMethodAuthenticateCallbackRequest *authmethods.OidcAuthMethodAuthenticateCallbackRequest `protobuf:"bytes,9,opt,name=oidc_auth_method_authenticate_callback_request,json=oidcAuthMethodAuthenticateCallbackRequest,proto3,oneof"` +} + +type AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest struct { + OidcAuthMethodAuthenticateTokenRequest *authmethods.OidcAuthMethodAuthenticateTokenRequest `protobuf:"bytes,10,opt,name=oidc_auth_method_authenticate_token_request,json=oidcAuthMethodAuthenticateTokenRequest,proto3,oneof"` +} + +func (*AuthenticateRequest_Attributes) isAuthenticateRequest_Attrs() {} + +func (*AuthenticateRequest_PasswordLoginAttributes) isAuthenticateRequest_Attrs() {} + +func (*AuthenticateRequest_OidcStartAttributes) isAuthenticateRequest_Attrs() {} + +func (*AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest) isAuthenticateRequest_Attrs() {} + +func (*AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest) isAuthenticateRequest_Attrs() {} + type AuthenticateResponse struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -998,8 +1024,13 @@ type AuthenticateResponse struct { // The type of the token returned. Either "cookie" or "token". Type string `protobuf:"bytes,3,opt,name=type,proto3" json:"type,omitempty" class:"public"` // @gotags: `class:"public"` - // Valid keys and values depend on the type of Auth Method as well as the command. - Attributes *structpb.Struct `protobuf:"bytes,4,opt,name=attributes,proto3" json:"attributes,omitempty"` + // Types that are assignable to Attrs: + // *AuthenticateResponse_Attributes + // *AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse + // *AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse + // *AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse + // *AuthenticateResponse_AuthTokenResponse + Attrs isAuthenticateResponse_Attrs `protobuf_oneof:"attrs"` // The command that was performed. Command string `protobuf:"bytes,5,opt,name=command,proto3" json:"command,omitempty" class:"public"` // @gotags: `class:"public"` } @@ -1007,7 +1038,7 @@ type AuthenticateResponse struct { func (x *AuthenticateResponse) Reset() { *x = AuthenticateResponse{} if protoimpl.UnsafeEnabled { - mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[17] + mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1020,7 +1051,7 @@ func (x *AuthenticateResponse) String() string { func (*AuthenticateResponse) ProtoMessage() {} func (x *AuthenticateResponse) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[17] + mi := &file_controller_api_services_v1_auth_method_service_proto_msgTypes[16] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1033,7 +1064,7 @@ func (x *AuthenticateResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use AuthenticateResponse.ProtoReflect.Descriptor instead. func (*AuthenticateResponse) Descriptor() ([]byte, []int) { - return file_controller_api_services_v1_auth_method_service_proto_rawDescGZIP(), []int{17} + return file_controller_api_services_v1_auth_method_service_proto_rawDescGZIP(), []int{16} } func (x *AuthenticateResponse) GetType() string { @@ -1043,13 +1074,48 @@ func (x *AuthenticateResponse) GetType() string { return "" } +func (m *AuthenticateResponse) GetAttrs() isAuthenticateResponse_Attrs { + if m != nil { + return m.Attrs + } + return nil +} + func (x *AuthenticateResponse) GetAttributes() *structpb.Struct { - if x != nil { + if x, ok := x.GetAttrs().(*AuthenticateResponse_Attributes); ok { return x.Attributes } return nil } +func (x *AuthenticateResponse) GetOidcAuthMethodAuthenticateStartResponse() *authmethods.OidcAuthMethodAuthenticateStartResponse { + if x, ok := x.GetAttrs().(*AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse); ok { + return x.OidcAuthMethodAuthenticateStartResponse + } + return nil +} + +func (x *AuthenticateResponse) GetOidcAuthMethodAuthenticateCallbackResponse() *authmethods.OidcAuthMethodAuthenticateCallbackResponse { + if x, ok := x.GetAttrs().(*AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse); ok { + return x.OidcAuthMethodAuthenticateCallbackResponse + } + return nil +} + +func (x *AuthenticateResponse) GetOidcAuthMethodAuthenticateTokenResponse() *authmethods.OidcAuthMethodAuthenticateTokenResponse { + if x, ok := x.GetAttrs().(*AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse); ok { + return x.OidcAuthMethodAuthenticateTokenResponse + } + return nil +} + +func (x *AuthenticateResponse) GetAuthTokenResponse() *authtokens.AuthToken { + if x, ok := x.GetAttrs().(*AuthenticateResponse_AuthTokenResponse); ok { + return x.AuthTokenResponse + } + return nil +} + func (x *AuthenticateResponse) GetCommand() string { if x != nil { return x.Command @@ -1057,6 +1123,44 @@ func (x *AuthenticateResponse) GetCommand() string { return "" } +type isAuthenticateResponse_Attrs interface { + isAuthenticateResponse_Attrs() +} + +type AuthenticateResponse_Attributes struct { + // Valid keys and values depend on the type of Auth Method as well as the command. + Attributes *structpb.Struct `protobuf:"bytes,4,opt,name=attributes,proto3,oneof"` +} + +type AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse struct { + // Note: these fields have a custom mapping function for transforming to and from the generic attributes, + // they do not use the standard attribute transformation. + OidcAuthMethodAuthenticateStartResponse *authmethods.OidcAuthMethodAuthenticateStartResponse `protobuf:"bytes,6,opt,name=oidc_auth_method_authenticate_start_response,json=oidcAuthMethodAuthenticateStartResponse,proto3,oneof"` +} + +type AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse struct { + OidcAuthMethodAuthenticateCallbackResponse *authmethods.OidcAuthMethodAuthenticateCallbackResponse `protobuf:"bytes,7,opt,name=oidc_auth_method_authenticate_callback_response,json=oidcAuthMethodAuthenticateCallbackResponse,proto3,oneof"` +} + +type AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse struct { + OidcAuthMethodAuthenticateTokenResponse *authmethods.OidcAuthMethodAuthenticateTokenResponse `protobuf:"bytes,8,opt,name=oidc_auth_method_authenticate_token_response,json=oidcAuthMethodAuthenticateTokenResponse,proto3,oneof"` +} + +type AuthenticateResponse_AuthTokenResponse struct { + AuthTokenResponse *authtokens.AuthToken `protobuf:"bytes,9,opt,name=auth_token_response,json=authTokenResponse,proto3,oneof"` +} + +func (*AuthenticateResponse_Attributes) isAuthenticateResponse_Attrs() {} + +func (*AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse) isAuthenticateResponse_Attrs() {} + +func (*AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse) isAuthenticateResponse_Attrs() { +} + +func (*AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse) isAuthenticateResponse_Attrs() {} + +func (*AuthenticateResponse_AuthTokenResponse) isAuthenticateResponse_Attrs() {} + var File_controller_api_services_v1_auth_method_service_proto protoreflect.FileDescriptor var file_controller_api_services_v1_auth_method_service_proto_rawDesc = []byte{ @@ -1079,237 +1183,325 @@ var file_controller_api_services_v1_auth_method_service_proto_rawDesc = []byte{ 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x2a, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, - 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x63, 0x75, 0x73, 0x74, 0x6f, 0x6d, 0x5f, 0x6f, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x26, 0x0a, 0x14, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, - 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, - 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x60, 0x0a, 0x15, - 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, - 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, - 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x22, 0x6a, - 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x63, 0x6f, 0x70, - 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x63, 0x6f, 0x70, - 0x65, 0x5f, 0x69, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x65, 0x63, 0x75, 0x72, 0x73, 0x69, 0x76, - 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x72, 0x65, 0x63, 0x75, 0x72, 0x73, 0x69, - 0x76, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x1e, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x22, 0x64, 0x0a, 0x17, 0x4c, 0x69, - 0x73, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x49, 0x0a, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18, 0x01, - 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, - 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, - 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, - 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, - 0x22, 0x62, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, - 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x47, 0x0a, 0x04, 0x69, - 0x74, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, - 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, - 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, - 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, - 0x69, 0x74, 0x65, 0x6d, 0x22, 0x75, 0x0a, 0x18, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, - 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x69, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, - 0x72, 0x69, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, + 0x6f, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x36, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, + 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x73, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x2f, 0x76, 0x31, + 0x2f, 0x61, 0x75, 0x74, 0x68, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x1a, 0x2a, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x63, 0x75, 0x73, + 0x74, 0x6f, 0x6d, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x6f, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x26, 0x0a, 0x14, + 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x02, 0x69, 0x64, 0x22, 0x60, 0x0a, 0x15, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a, + 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, + 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, + 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x22, 0x6a, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x75, + 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x5f, 0x69, 0x64, 0x12, 0x1c, 0x0a, 0x09, + 0x72, 0x65, 0x63, 0x75, 0x72, 0x73, 0x69, 0x76, 0x65, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x09, 0x72, 0x65, 0x63, 0x75, 0x72, 0x73, 0x69, 0x76, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x66, 0x69, + 0x6c, 0x74, 0x65, 0x72, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, + 0x65, 0x72, 0x22, 0x64, 0x0a, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x49, 0x0a, + 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, + 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x52, 0x05, 0x69, 0x74, 0x65, 0x6d, 0x73, 0x22, 0x62, 0x0a, 0x17, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, + 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x22, 0x75, 0x0a, 0x18, + 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x75, 0x72, 0x69, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x75, 0x72, 0x69, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, + 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, + 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, + 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, + 0x74, 0x65, 0x6d, 0x22, 0xb0, 0x01, 0x0a, 0x17, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, + 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, + 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, + 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, + 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, + 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x12, 0x3c, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, + 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, + 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x73, 0x6b, 0x52, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x22, 0x63, 0x0a, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, - 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x22, 0xb0, 0x01, 0x0a, 0x17, - 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x22, 0x29, 0x0a, 0x17, 0x44, + 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x1a, 0x0a, 0x18, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x85, 0x01, 0x0a, 0x19, 0x4f, 0x69, 0x64, 0x63, 0x43, 0x68, 0x61, 0x6e, 0x67, + 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, + 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x52, 0x0a, 0x24, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, + 0x65, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x24, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x64, 0x69, + 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, + 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xa4, 0x02, 0x0a, 0x12, 0x43, + 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, + 0x64, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x0d, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x0a, 0x61, + 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x42, 0x0b, 0x9a, 0xe3, 0x29, 0x07, 0x64, 0x65, + 0x66, 0x61, 0x75, 0x6c, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, + 0x74, 0x65, 0x73, 0x12, 0x92, 0x01, 0x0a, 0x1c, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x63, 0x68, 0x61, + 0x6e, 0x67, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, + 0x75, 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x63, 0x6f, 0x6e, + 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x69, 0x64, 0x63, 0x43, 0x68, 0x61, 0x6e, + 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, + 0x73, 0x42, 0x18, 0x9a, 0xe3, 0x29, 0x04, 0x6f, 0x69, 0x64, 0x63, 0xfa, 0xd2, 0xe4, 0x93, 0x02, + 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, 0x19, 0x6f, + 0x69, 0x64, 0x63, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x41, 0x74, + 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x42, 0x07, 0x0a, 0x05, 0x61, 0x74, 0x74, 0x72, + 0x73, 0x22, 0x5e, 0x0a, 0x13, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, + 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, + 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, + 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, + 0x6d, 0x22, 0x55, 0x0a, 0x17, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x4c, 0x6f, 0x67, + 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x0a, 0x0a, + 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0a, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x22, 0x96, 0x01, 0x0a, 0x13, 0x4f, 0x69, 0x64, + 0x63, 0x53, 0x74, 0x61, 0x72, 0x74, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, + 0x12, 0x45, 0x0a, 0x11, 0x72, 0x6f, 0x75, 0x6e, 0x64, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x70, 0x61, + 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, + 0x72, 0x75, 0x63, 0x74, 0x52, 0x11, 0x72, 0x6f, 0x75, 0x6e, 0x64, 0x74, 0x72, 0x69, 0x70, 0x5f, + 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x38, 0x0a, 0x18, 0x63, 0x61, 0x63, 0x68, 0x65, + 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x6e, 0x64, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x70, 0x61, 0x79, 0x6c, + 0x6f, 0x61, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x63, 0x61, 0x63, 0x68, 0x65, + 0x64, 0x52, 0x6f, 0x75, 0x6e, 0x64, 0x74, 0x72, 0x69, 0x70, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, + 0x64, 0x22, 0xf4, 0x06, 0x0a, 0x13, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, + 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x75, 0x74, + 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0e, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x69, + 0x64, 0x12, 0x22, 0x0a, 0x0a, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0a, 0x74, 0x6f, 0x6b, 0x65, 0x6e, + 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x61, 0x74, 0x74, + 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, + 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, + 0x75, 0x74, 0x65, 0x73, 0x12, 0x83, 0x01, 0x0a, 0x19, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, + 0x64, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, + 0x65, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, + 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x4c, 0x6f, + 0x67, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x42, 0x10, 0xfa, + 0xd2, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, + 0x00, 0x52, 0x17, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x4c, 0x6f, 0x67, 0x69, 0x6e, + 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x77, 0x0a, 0x15, 0x6f, 0x69, + 0x64, 0x63, 0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, + 0x74, 0x65, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x63, 0x6f, 0x6e, 0x74, + 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x69, 0x64, 0x63, 0x53, 0x74, 0x61, 0x72, 0x74, + 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x42, 0x10, 0xfa, 0xd2, 0xe4, 0x93, + 0x02, 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, 0x13, + 0x6f, 0x69, 0x64, 0x63, 0x53, 0x74, 0x61, 0x72, 0x74, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, + 0x74, 0x65, 0x73, 0x12, 0xc9, 0x01, 0x0a, 0x2e, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x61, 0x75, 0x74, + 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, + 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x5f, 0x72, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x52, 0x2e, 0x63, + 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, + 0x65, 0x43, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x42, 0x10, 0xfa, 0xd2, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, + 0x41, 0x4c, 0x48, 0x00, 0x52, 0x29, 0x6f, 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, + 0x43, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0xc0, 0x01, 0x0a, 0x2b, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, + 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, + 0x0a, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x4f, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, - 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, - 0x12, 0x3c, 0x0a, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4d, 0x61, 0x73, - 0x6b, 0x52, 0x0b, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6d, 0x61, 0x73, 0x6b, 0x22, 0x63, - 0x0a, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, - 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, + 0x4f, 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, + 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x42, 0x10, 0xfa, 0xd2, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, + 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, 0x26, 0x6f, 0x69, 0x64, 0x63, + 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, + 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x42, 0x07, 0x0a, 0x05, + 0x61, 0x74, 0x74, 0x72, 0x73, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x0b, 0x63, 0x72, 0x65, + 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x22, 0xf8, 0x06, 0x0a, 0x14, 0x41, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x39, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, + 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, + 0x63, 0x74, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, + 0x12, 0xc3, 0x01, 0x0a, 0x2c, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, + 0x74, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x72, 0x74, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x50, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, + 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, + 0x31, 0x2e, 0x4f, 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, + 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, 0x72, + 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x10, 0xfa, 0xd2, 0xe4, 0x93, 0x02, + 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, 0x27, 0x6f, + 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x74, 0x61, 0x72, 0x74, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0xcc, 0x01, 0x0a, 0x2f, 0x6f, 0x69, 0x64, 0x63, 0x5f, + 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, + 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x63, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, + 0x6b, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x53, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x69, 0x64, 0x63, 0x41, + 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, + 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x10, 0xfa, 0xd2, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, 0x49, + 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, 0x2a, 0x6f, 0x69, 0x64, 0x63, 0x41, + 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, + 0x69, 0x63, 0x61, 0x74, 0x65, 0x43, 0x61, 0x6c, 0x6c, 0x62, 0x61, 0x63, 0x6b, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0xc3, 0x01, 0x0a, 0x2c, 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x61, + 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, + 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x72, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x50, 0x2e, 0x63, + 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, + 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x10, + 0xfa, 0xd2, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, + 0x48, 0x00, 0x52, 0x27, 0x6f, 0x69, 0x64, 0x63, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x54, 0x6f, + 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x75, 0x0a, 0x13, 0x61, + 0x75, 0x74, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, - 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, - 0x74, 0x65, 0x6d, 0x22, 0x29, 0x0a, 0x17, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, - 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, - 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x22, 0x1a, - 0x0a, 0x18, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x85, 0x01, 0x0a, 0x19, 0x4f, - 0x69, 0x64, 0x63, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x41, 0x74, - 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, - 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x52, - 0x0a, 0x24, 0x64, 0x69, 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, - 0x65, 0x72, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x69, - 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x24, 0x64, 0x69, - 0x73, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x64, 0x69, 0x73, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x65, 0x64, - 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x22, 0xa4, 0x02, 0x0a, 0x12, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, - 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, - 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, - 0x42, 0x0b, 0x9a, 0xe3, 0x29, 0x07, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x48, 0x00, 0x52, - 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x92, 0x01, 0x0a, 0x1c, - 0x6f, 0x69, 0x64, 0x63, 0x5f, 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x5f, 0x73, 0x74, 0x61, 0x74, - 0x65, 0x5f, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x05, 0x20, 0x01, - 0x28, 0x0b, 0x32, 0x35, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, - 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, - 0x4f, 0x69, 0x64, 0x63, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x41, - 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x42, 0x18, 0x9a, 0xe3, 0x29, 0x04, 0x6f, - 0x69, 0x64, 0x63, 0xfa, 0xd2, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, - 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, 0x19, 0x6f, 0x69, 0x64, 0x63, 0x43, 0x68, 0x61, 0x6e, 0x67, - 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, - 0x42, 0x07, 0x0a, 0x05, 0x61, 0x74, 0x74, 0x72, 0x73, 0x22, 0x5e, 0x0a, 0x13, 0x43, 0x68, 0x61, - 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x47, 0x0a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x33, - 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, - 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6d, 0x65, - 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, - 0x68, 0x6f, 0x64, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x22, 0x55, 0x0a, 0x17, 0x50, 0x61, 0x73, - 0x73, 0x77, 0x6f, 0x72, 0x64, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, - 0x75, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x6e, 0x61, - 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, - 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, - 0x22, 0x96, 0x01, 0x0a, 0x13, 0x4f, 0x69, 0x64, 0x63, 0x53, 0x74, 0x61, 0x72, 0x74, 0x41, 0x74, - 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x45, 0x0a, 0x11, 0x72, 0x6f, 0x75, 0x6e, - 0x64, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x11, 0x72, 0x6f, - 0x75, 0x6e, 0x64, 0x74, 0x72, 0x69, 0x70, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, - 0x38, 0x0a, 0x18, 0x63, 0x61, 0x63, 0x68, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x75, 0x6e, 0x64, 0x74, - 0x72, 0x69, 0x70, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x16, 0x63, 0x61, 0x63, 0x68, 0x65, 0x64, 0x52, 0x6f, 0x75, 0x6e, 0x64, 0x74, 0x72, - 0x69, 0x70, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x22, 0x30, 0x0a, 0x13, 0x4f, 0x69, 0x64, - 0x63, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, - 0x12, 0x19, 0x0a, 0x08, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x07, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x49, 0x64, 0x22, 0xdb, 0x01, 0x0a, 0x13, - 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x75, 0x74, - 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x69, 0x64, 0x12, 0x22, 0x0a, 0x0a, 0x74, - 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, - 0x02, 0x18, 0x01, 0x52, 0x0a, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, - 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, - 0x79, 0x70, 0x65, 0x12, 0x37, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, - 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, - 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, 0x18, 0x0a, 0x07, - 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x63, - 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x52, 0x0b, 0x63, 0x72, - 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x22, 0x9b, 0x01, 0x0a, 0x14, 0x41, 0x75, - 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x37, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, - 0x75, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, - 0x75, 0x63, 0x74, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x12, - 0x18, 0x0a, 0x07, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x07, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, - 0x04, 0x08, 0x02, 0x10, 0x03, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x52, 0x0a, 0x74, 0x6f, 0x6b, - 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x32, 0x95, 0x0b, 0x0a, 0x11, 0x41, 0x75, 0x74, 0x68, - 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0xb8, 0x01, - 0x0a, 0x0d, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, - 0x30, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, - 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, - 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, - 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, - 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x42, 0x92, 0x41, 0x1c, 0x12, 0x1a, 0x47, 0x65, 0x74, 0x73, 0x20, - 0x61, 0x20, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, - 0x74, 0x68, 0x6f, 0x64, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x12, 0x15, 0x2f, 0x76, 0x31, - 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, - 0x64, 0x7d, 0x62, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x12, 0xb0, 0x01, 0x0a, 0x0f, 0x4c, 0x69, 0x73, - 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x12, 0x32, 0x2e, 0x63, + 0x63, 0x65, 0x73, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x73, 0x2e, 0x76, + 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0x10, 0xfa, 0xd2, 0xe4, + 0x93, 0x02, 0x0a, 0x12, 0x08, 0x49, 0x4e, 0x54, 0x45, 0x52, 0x4e, 0x41, 0x4c, 0x48, 0x00, 0x52, + 0x11, 0x61, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x42, 0x07, 0x0a, 0x05, + 0x61, 0x74, 0x74, 0x72, 0x73, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x02, 0x10, + 0x03, 0x52, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x52, 0x0a, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, + 0x79, 0x70, 0x65, 0x32, 0x95, 0x0b, 0x0a, 0x11, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0xb8, 0x01, 0x0a, 0x0d, 0x47, 0x65, + 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x30, 0x2e, 0x63, 0x6f, + 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x75, 0x74, 0x68, + 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e, + 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x41, 0x75, + 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x22, 0x42, 0x92, 0x41, 0x1c, 0x12, 0x1a, 0x47, 0x65, 0x74, 0x73, 0x20, 0x61, 0x20, 0x73, 0x69, + 0x6e, 0x67, 0x6c, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, + 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x12, 0x15, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, + 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x7d, 0x62, 0x04, + 0x69, 0x74, 0x65, 0x6d, 0x12, 0xb0, 0x01, 0x0a, 0x0f, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x75, 0x74, + 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x12, 0x32, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, + 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x41, 0x75, - 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, - 0x73, 0x74, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x73, - 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x34, 0x92, 0x41, 0x19, 0x12, 0x17, 0x4c, 0x69, 0x73, 0x74, - 0x73, 0x20, 0x61, 0x6c, 0x6c, 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, - 0x64, 0x73, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x12, 0x12, 0x10, 0x2f, 0x76, 0x31, 0x2f, 0x61, - 0x75, 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x12, 0xc5, 0x01, 0x0a, 0x10, - 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x12, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, - 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, - 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, - 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, - 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, - 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, - 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x46, 0x92, 0x41, 0x1f, - 0x12, 0x1d, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x73, 0x20, 0x61, 0x20, 0x73, 0x69, 0x6e, 0x67, - 0x6c, 0x65, 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x2e, 0x82, - 0xd3, 0xe4, 0x93, 0x02, 0x1e, 0x22, 0x10, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, - 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x3a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x62, 0x04, 0x69, - 0x74, 0x65, 0x6d, 0x12, 0xc4, 0x01, 0x0a, 0x10, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, - 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, - 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, - 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, - 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, - 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, - 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x22, 0x45, 0x92, 0x41, 0x19, 0x12, 0x17, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, - 0x73, 0x20, 0x61, 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x23, 0x32, 0x15, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, - 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x7d, 0x3a, 0x04, - 0x69, 0x74, 0x65, 0x6d, 0x62, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x12, 0xb6, 0x01, 0x0a, 0x10, 0x44, - 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, - 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, - 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, - 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, + 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x22, 0x34, 0x92, 0x41, 0x19, 0x12, 0x17, 0x4c, 0x69, 0x73, 0x74, 0x73, 0x20, 0x61, 0x6c, + 0x6c, 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2e, 0x82, + 0xd3, 0xe4, 0x93, 0x02, 0x12, 0x12, 0x10, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, + 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x12, 0xc5, 0x01, 0x0a, 0x10, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x33, 0x2e, 0x63, + 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, + 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, + 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x34, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, + 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x43, + 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x46, 0x92, 0x41, 0x1f, 0x12, 0x1d, 0x43, 0x72, + 0x65, 0x61, 0x74, 0x65, 0x73, 0x20, 0x61, 0x20, 0x73, 0x69, 0x6e, 0x67, 0x6c, 0x65, 0x20, 0x41, + 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, + 0x1e, 0x22, 0x10, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x73, 0x3a, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x62, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x12, + 0xc4, 0x01, 0x0a, 0x10, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x12, 0x33, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, - 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x37, 0x92, 0x41, 0x17, 0x12, - 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x73, 0x20, 0x61, 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, - 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x2a, 0x15, 0x2f, 0x76, - 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, - 0x69, 0x64, 0x7d, 0x12, 0xcf, 0x01, 0x0a, 0x0b, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, - 0x61, 0x74, 0x65, 0x12, 0x2e, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, - 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, - 0x2e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, - 0x65, 0x73, 0x74, 0x1a, 0x2f, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, + 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x63, 0x6f, 0x6e, 0x74, + 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, + 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x45, 0x92, 0x41, 0x19, 0x12, 0x17, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x73, 0x20, 0x61, 0x6e, + 0x20, 0x41, 0x75, 0x74, 0x68, 0x20, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x2e, 0x82, 0xd3, 0xe4, + 0x93, 0x02, 0x23, 0x32, 0x15, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, 0x6d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x7d, 0x3a, 0x04, 0x69, 0x74, 0x65, 0x6d, + 0x62, 0x04, 0x69, 0x74, 0x65, 0x6d, 0x12, 0xb6, 0x01, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, 0x74, + 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x33, 0x2e, 0x63, 0x6f, + 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x41, + 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x34, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, + 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x37, 0x92, 0x41, 0x17, 0x12, 0x15, 0x44, 0x65, 0x6c, + 0x65, 0x74, 0x65, 0x73, 0x20, 0x61, 0x6e, 0x20, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x2a, 0x15, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, + 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x7d, 0x12, + 0xcf, 0x01, 0x0a, 0x0b, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x12, + 0x2e, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x61, + 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x2f, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, + 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x61, + 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x22, 0x5f, 0x92, 0x41, 0x29, 0x12, 0x27, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x73, 0x20, 0x74, + 0x68, 0x65, 0x20, 0x73, 0x74, 0x61, 0x74, 0x65, 0x20, 0x6f, 0x66, 0x20, 0x61, 0x6e, 0x20, 0x4f, + 0x49, 0x44, 0x43, 0x20, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x2d, 0x22, 0x22, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, 0x6d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x7d, 0x3a, 0x63, 0x68, 0x61, 0x6e, + 0x67, 0x65, 0x2d, 0x73, 0x74, 0x61, 0x74, 0x65, 0x3a, 0x01, 0x2a, 0x62, 0x04, 0x69, 0x74, 0x65, + 0x6d, 0x12, 0xf7, 0x01, 0x0a, 0x0c, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, + 0x74, 0x65, 0x12, 0x2f, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, + 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, 0x2e, + 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x30, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2e, 0x76, 0x31, - 0x2e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x53, 0x74, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x5f, 0x92, 0x41, 0x29, 0x12, 0x27, 0x43, 0x68, 0x61, 0x6e, 0x67, - 0x65, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 0x73, 0x74, 0x61, 0x74, 0x65, 0x20, 0x6f, 0x66, 0x20, - 0x61, 0x6e, 0x20, 0x4f, 0x49, 0x44, 0x43, 0x20, 0x41, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, - 0x6f, 0x64, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2d, 0x22, 0x22, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, - 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x7d, 0x3a, - 0x63, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x2d, 0x73, 0x74, 0x61, 0x74, 0x65, 0x3a, 0x01, 0x2a, 0x62, - 0x04, 0x69, 0x74, 0x65, 0x6d, 0x12, 0xf7, 0x01, 0x0a, 0x0c, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, - 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x2f, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, - 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, - 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x30, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, - 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, - 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x83, 0x01, 0x92, 0x41, 0x47, 0x12, - 0x45, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x61, 0x20, - 0x75, 0x73, 0x65, 0x72, 0x20, 0x74, 0x6f, 0x20, 0x61, 0x6e, 0x20, 0x73, 0x63, 0x6f, 0x70, 0x65, - 0x20, 0x61, 0x6e, 0x64, 0x20, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x20, 0x61, 0x6e, - 0x20, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, - 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x33, 0x22, 0x2e, 0x2f, 0x76, - 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, - 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x69, 0x64, 0x7d, 0x3a, - 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x3a, 0x01, 0x2a, 0x42, - 0x55, 0x5a, 0x4b, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x61, 0x72, 0x79, - 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x63, 0x6f, - 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x73, 0x3b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0xa2, 0xe3, - 0x29, 0x04, 0x61, 0x75, 0x74, 0x68, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x2e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x83, 0x01, 0x92, 0x41, 0x47, 0x12, 0x45, 0x41, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x20, 0x61, 0x20, 0x75, 0x73, 0x65, 0x72, + 0x20, 0x74, 0x6f, 0x20, 0x61, 0x6e, 0x20, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x20, 0x61, 0x6e, 0x64, + 0x20, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x20, 0x61, 0x6e, 0x20, 0x61, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x20, 0x74, 0x6f, 0x6b, 0x65, + 0x6e, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x33, 0x22, 0x2e, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, + 0x74, 0x68, 0x2d, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x2f, 0x7b, 0x61, 0x75, 0x74, 0x68, + 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x69, 0x64, 0x7d, 0x3a, 0x61, 0x75, 0x74, 0x68, + 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x65, 0x3a, 0x01, 0x2a, 0x42, 0x55, 0x5a, 0x4b, 0x67, + 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, + 0x6f, 0x72, 0x70, 0x2f, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x61, 0x72, 0x79, 0x2f, 0x69, 0x6e, 0x74, + 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, + 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, + 0x73, 0x3b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0xa2, 0xe3, 0x29, 0x04, 0x61, 0x75, + 0x74, 0x68, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1324,63 +1516,76 @@ func file_controller_api_services_v1_auth_method_service_proto_rawDescGZIP() []b return file_controller_api_services_v1_auth_method_service_proto_rawDescData } -var file_controller_api_services_v1_auth_method_service_proto_msgTypes = make([]protoimpl.MessageInfo, 18) +var file_controller_api_services_v1_auth_method_service_proto_msgTypes = make([]protoimpl.MessageInfo, 17) var file_controller_api_services_v1_auth_method_service_proto_goTypes = []interface{}{ - (*GetAuthMethodRequest)(nil), // 0: controller.api.services.v1.GetAuthMethodRequest - (*GetAuthMethodResponse)(nil), // 1: controller.api.services.v1.GetAuthMethodResponse - (*ListAuthMethodsRequest)(nil), // 2: controller.api.services.v1.ListAuthMethodsRequest - (*ListAuthMethodsResponse)(nil), // 3: controller.api.services.v1.ListAuthMethodsResponse - (*CreateAuthMethodRequest)(nil), // 4: controller.api.services.v1.CreateAuthMethodRequest - (*CreateAuthMethodResponse)(nil), // 5: controller.api.services.v1.CreateAuthMethodResponse - (*UpdateAuthMethodRequest)(nil), // 6: controller.api.services.v1.UpdateAuthMethodRequest - (*UpdateAuthMethodResponse)(nil), // 7: controller.api.services.v1.UpdateAuthMethodResponse - (*DeleteAuthMethodRequest)(nil), // 8: controller.api.services.v1.DeleteAuthMethodRequest - (*DeleteAuthMethodResponse)(nil), // 9: controller.api.services.v1.DeleteAuthMethodResponse - (*OidcChangeStateAttributes)(nil), // 10: controller.api.services.v1.OidcChangeStateAttributes - (*ChangeStateRequest)(nil), // 11: controller.api.services.v1.ChangeStateRequest - (*ChangeStateResponse)(nil), // 12: controller.api.services.v1.ChangeStateResponse - (*PasswordLoginAttributes)(nil), // 13: controller.api.services.v1.PasswordLoginAttributes - (*OidcStartAttributes)(nil), // 14: controller.api.services.v1.OidcStartAttributes - (*OidcTokenAttributes)(nil), // 15: controller.api.services.v1.OidcTokenAttributes - (*AuthenticateRequest)(nil), // 16: controller.api.services.v1.AuthenticateRequest - (*AuthenticateResponse)(nil), // 17: controller.api.services.v1.AuthenticateResponse - (*authmethods.AuthMethod)(nil), // 18: controller.api.resources.authmethods.v1.AuthMethod - (*fieldmaskpb.FieldMask)(nil), // 19: google.protobuf.FieldMask - (*structpb.Struct)(nil), // 20: google.protobuf.Struct + (*GetAuthMethodRequest)(nil), // 0: controller.api.services.v1.GetAuthMethodRequest + (*GetAuthMethodResponse)(nil), // 1: controller.api.services.v1.GetAuthMethodResponse + (*ListAuthMethodsRequest)(nil), // 2: controller.api.services.v1.ListAuthMethodsRequest + (*ListAuthMethodsResponse)(nil), // 3: controller.api.services.v1.ListAuthMethodsResponse + (*CreateAuthMethodRequest)(nil), // 4: controller.api.services.v1.CreateAuthMethodRequest + (*CreateAuthMethodResponse)(nil), // 5: controller.api.services.v1.CreateAuthMethodResponse + (*UpdateAuthMethodRequest)(nil), // 6: controller.api.services.v1.UpdateAuthMethodRequest + (*UpdateAuthMethodResponse)(nil), // 7: controller.api.services.v1.UpdateAuthMethodResponse + (*DeleteAuthMethodRequest)(nil), // 8: controller.api.services.v1.DeleteAuthMethodRequest + (*DeleteAuthMethodResponse)(nil), // 9: controller.api.services.v1.DeleteAuthMethodResponse + (*OidcChangeStateAttributes)(nil), // 10: controller.api.services.v1.OidcChangeStateAttributes + (*ChangeStateRequest)(nil), // 11: controller.api.services.v1.ChangeStateRequest + (*ChangeStateResponse)(nil), // 12: controller.api.services.v1.ChangeStateResponse + (*PasswordLoginAttributes)(nil), // 13: controller.api.services.v1.PasswordLoginAttributes + (*OidcStartAttributes)(nil), // 14: controller.api.services.v1.OidcStartAttributes + (*AuthenticateRequest)(nil), // 15: controller.api.services.v1.AuthenticateRequest + (*AuthenticateResponse)(nil), // 16: controller.api.services.v1.AuthenticateResponse + (*authmethods.AuthMethod)(nil), // 17: controller.api.resources.authmethods.v1.AuthMethod + (*fieldmaskpb.FieldMask)(nil), // 18: google.protobuf.FieldMask + (*structpb.Struct)(nil), // 19: google.protobuf.Struct + (*authmethods.OidcAuthMethodAuthenticateCallbackRequest)(nil), // 20: controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateCallbackRequest + (*authmethods.OidcAuthMethodAuthenticateTokenRequest)(nil), // 21: controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateTokenRequest + (*authmethods.OidcAuthMethodAuthenticateStartResponse)(nil), // 22: controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateStartResponse + (*authmethods.OidcAuthMethodAuthenticateCallbackResponse)(nil), // 23: controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateCallbackResponse + (*authmethods.OidcAuthMethodAuthenticateTokenResponse)(nil), // 24: controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateTokenResponse + (*authtokens.AuthToken)(nil), // 25: controller.api.resources.authtokens.v1.AuthToken } var file_controller_api_services_v1_auth_method_service_proto_depIdxs = []int32{ - 18, // 0: controller.api.services.v1.GetAuthMethodResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 18, // 1: controller.api.services.v1.ListAuthMethodsResponse.items:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 18, // 2: controller.api.services.v1.CreateAuthMethodRequest.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 18, // 3: controller.api.services.v1.CreateAuthMethodResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 18, // 4: controller.api.services.v1.UpdateAuthMethodRequest.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 19, // 5: controller.api.services.v1.UpdateAuthMethodRequest.update_mask:type_name -> google.protobuf.FieldMask - 18, // 6: controller.api.services.v1.UpdateAuthMethodResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 20, // 7: controller.api.services.v1.ChangeStateRequest.attributes:type_name -> google.protobuf.Struct + 17, // 0: controller.api.services.v1.GetAuthMethodResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 17, // 1: controller.api.services.v1.ListAuthMethodsResponse.items:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 17, // 2: controller.api.services.v1.CreateAuthMethodRequest.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 17, // 3: controller.api.services.v1.CreateAuthMethodResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 17, // 4: controller.api.services.v1.UpdateAuthMethodRequest.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 18, // 5: controller.api.services.v1.UpdateAuthMethodRequest.update_mask:type_name -> google.protobuf.FieldMask + 17, // 6: controller.api.services.v1.UpdateAuthMethodResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 19, // 7: controller.api.services.v1.ChangeStateRequest.attributes:type_name -> google.protobuf.Struct 10, // 8: controller.api.services.v1.ChangeStateRequest.oidc_change_state_attributes:type_name -> controller.api.services.v1.OidcChangeStateAttributes - 18, // 9: controller.api.services.v1.ChangeStateResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod - 20, // 10: controller.api.services.v1.OidcStartAttributes.roundtrip_payload:type_name -> google.protobuf.Struct - 20, // 11: controller.api.services.v1.AuthenticateRequest.attributes:type_name -> google.protobuf.Struct - 20, // 12: controller.api.services.v1.AuthenticateResponse.attributes:type_name -> google.protobuf.Struct - 0, // 13: controller.api.services.v1.AuthMethodService.GetAuthMethod:input_type -> controller.api.services.v1.GetAuthMethodRequest - 2, // 14: controller.api.services.v1.AuthMethodService.ListAuthMethods:input_type -> controller.api.services.v1.ListAuthMethodsRequest - 4, // 15: controller.api.services.v1.AuthMethodService.CreateAuthMethod:input_type -> controller.api.services.v1.CreateAuthMethodRequest - 6, // 16: controller.api.services.v1.AuthMethodService.UpdateAuthMethod:input_type -> controller.api.services.v1.UpdateAuthMethodRequest - 8, // 17: controller.api.services.v1.AuthMethodService.DeleteAuthMethod:input_type -> controller.api.services.v1.DeleteAuthMethodRequest - 11, // 18: controller.api.services.v1.AuthMethodService.ChangeState:input_type -> controller.api.services.v1.ChangeStateRequest - 16, // 19: controller.api.services.v1.AuthMethodService.Authenticate:input_type -> controller.api.services.v1.AuthenticateRequest - 1, // 20: controller.api.services.v1.AuthMethodService.GetAuthMethod:output_type -> controller.api.services.v1.GetAuthMethodResponse - 3, // 21: controller.api.services.v1.AuthMethodService.ListAuthMethods:output_type -> controller.api.services.v1.ListAuthMethodsResponse - 5, // 22: controller.api.services.v1.AuthMethodService.CreateAuthMethod:output_type -> controller.api.services.v1.CreateAuthMethodResponse - 7, // 23: controller.api.services.v1.AuthMethodService.UpdateAuthMethod:output_type -> controller.api.services.v1.UpdateAuthMethodResponse - 9, // 24: controller.api.services.v1.AuthMethodService.DeleteAuthMethod:output_type -> controller.api.services.v1.DeleteAuthMethodResponse - 12, // 25: controller.api.services.v1.AuthMethodService.ChangeState:output_type -> controller.api.services.v1.ChangeStateResponse - 17, // 26: controller.api.services.v1.AuthMethodService.Authenticate:output_type -> controller.api.services.v1.AuthenticateResponse - 20, // [20:27] is the sub-list for method output_type - 13, // [13:20] is the sub-list for method input_type - 13, // [13:13] is the sub-list for extension type_name - 13, // [13:13] is the sub-list for extension extendee - 0, // [0:13] is the sub-list for field type_name + 17, // 9: controller.api.services.v1.ChangeStateResponse.item:type_name -> controller.api.resources.authmethods.v1.AuthMethod + 19, // 10: controller.api.services.v1.OidcStartAttributes.roundtrip_payload:type_name -> google.protobuf.Struct + 19, // 11: controller.api.services.v1.AuthenticateRequest.attributes:type_name -> google.protobuf.Struct + 13, // 12: controller.api.services.v1.AuthenticateRequest.password_login_attributes:type_name -> controller.api.services.v1.PasswordLoginAttributes + 14, // 13: controller.api.services.v1.AuthenticateRequest.oidc_start_attributes:type_name -> controller.api.services.v1.OidcStartAttributes + 20, // 14: controller.api.services.v1.AuthenticateRequest.oidc_auth_method_authenticate_callback_request:type_name -> controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateCallbackRequest + 21, // 15: controller.api.services.v1.AuthenticateRequest.oidc_auth_method_authenticate_token_request:type_name -> controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateTokenRequest + 19, // 16: controller.api.services.v1.AuthenticateResponse.attributes:type_name -> google.protobuf.Struct + 22, // 17: controller.api.services.v1.AuthenticateResponse.oidc_auth_method_authenticate_start_response:type_name -> controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateStartResponse + 23, // 18: controller.api.services.v1.AuthenticateResponse.oidc_auth_method_authenticate_callback_response:type_name -> controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateCallbackResponse + 24, // 19: controller.api.services.v1.AuthenticateResponse.oidc_auth_method_authenticate_token_response:type_name -> controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateTokenResponse + 25, // 20: controller.api.services.v1.AuthenticateResponse.auth_token_response:type_name -> controller.api.resources.authtokens.v1.AuthToken + 0, // 21: controller.api.services.v1.AuthMethodService.GetAuthMethod:input_type -> controller.api.services.v1.GetAuthMethodRequest + 2, // 22: controller.api.services.v1.AuthMethodService.ListAuthMethods:input_type -> controller.api.services.v1.ListAuthMethodsRequest + 4, // 23: controller.api.services.v1.AuthMethodService.CreateAuthMethod:input_type -> controller.api.services.v1.CreateAuthMethodRequest + 6, // 24: controller.api.services.v1.AuthMethodService.UpdateAuthMethod:input_type -> controller.api.services.v1.UpdateAuthMethodRequest + 8, // 25: controller.api.services.v1.AuthMethodService.DeleteAuthMethod:input_type -> controller.api.services.v1.DeleteAuthMethodRequest + 11, // 26: controller.api.services.v1.AuthMethodService.ChangeState:input_type -> controller.api.services.v1.ChangeStateRequest + 15, // 27: controller.api.services.v1.AuthMethodService.Authenticate:input_type -> controller.api.services.v1.AuthenticateRequest + 1, // 28: controller.api.services.v1.AuthMethodService.GetAuthMethod:output_type -> controller.api.services.v1.GetAuthMethodResponse + 3, // 29: controller.api.services.v1.AuthMethodService.ListAuthMethods:output_type -> controller.api.services.v1.ListAuthMethodsResponse + 5, // 30: controller.api.services.v1.AuthMethodService.CreateAuthMethod:output_type -> controller.api.services.v1.CreateAuthMethodResponse + 7, // 31: controller.api.services.v1.AuthMethodService.UpdateAuthMethod:output_type -> controller.api.services.v1.UpdateAuthMethodResponse + 9, // 32: controller.api.services.v1.AuthMethodService.DeleteAuthMethod:output_type -> controller.api.services.v1.DeleteAuthMethodResponse + 12, // 33: controller.api.services.v1.AuthMethodService.ChangeState:output_type -> controller.api.services.v1.ChangeStateResponse + 16, // 34: controller.api.services.v1.AuthMethodService.Authenticate:output_type -> controller.api.services.v1.AuthenticateResponse + 28, // [28:35] is the sub-list for method output_type + 21, // [21:28] is the sub-list for method input_type + 21, // [21:21] is the sub-list for extension type_name + 21, // [21:21] is the sub-list for extension extendee + 0, // [0:21] is the sub-list for field type_name } func init() { file_controller_api_services_v1_auth_method_service_proto_init() } @@ -1570,18 +1775,6 @@ func file_controller_api_services_v1_auth_method_service_proto_init() { } } file_controller_api_services_v1_auth_method_service_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*OidcTokenAttributes); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_controller_api_services_v1_auth_method_service_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*AuthenticateRequest); i { case 0: return &v.state @@ -1593,7 +1786,7 @@ func file_controller_api_services_v1_auth_method_service_proto_init() { return nil } } - file_controller_api_services_v1_auth_method_service_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} { + file_controller_api_services_v1_auth_method_service_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*AuthenticateResponse); i { case 0: return &v.state @@ -1610,13 +1803,27 @@ func file_controller_api_services_v1_auth_method_service_proto_init() { (*ChangeStateRequest_Attributes)(nil), (*ChangeStateRequest_OidcChangeStateAttributes)(nil), } + file_controller_api_services_v1_auth_method_service_proto_msgTypes[15].OneofWrappers = []interface{}{ + (*AuthenticateRequest_Attributes)(nil), + (*AuthenticateRequest_PasswordLoginAttributes)(nil), + (*AuthenticateRequest_OidcStartAttributes)(nil), + (*AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest)(nil), + (*AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest)(nil), + } + file_controller_api_services_v1_auth_method_service_proto_msgTypes[16].OneofWrappers = []interface{}{ + (*AuthenticateResponse_Attributes)(nil), + (*AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse)(nil), + (*AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse)(nil), + (*AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse)(nil), + (*AuthenticateResponse_AuthTokenResponse)(nil), + } type x struct{} out := protoimpl.TypeBuilder{ File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_controller_api_services_v1_auth_method_service_proto_rawDesc, NumEnums: 0, - NumMessages: 18, + NumMessages: 17, NumExtensions: 0, NumServices: 1, }, diff --git a/internal/proto/controller/api/resources/authtokens/v1/authtoken.proto b/internal/proto/controller/api/resources/authtokens/v1/authtoken.proto index b66427529d..f4b6e75a91 100644 --- a/internal/proto/controller/api/resources/authtokens/v1/authtoken.proto +++ b/internal/proto/controller/api/resources/authtokens/v1/authtoken.proto @@ -42,9 +42,6 @@ message AuthToken { // Output only. The time this Auth Token expires. google.protobuf.Timestamp expiration_time = 110 [json_name="expiration_time"]; - // Output only. The type of this auth token. Either "cookie" or "token". - string token_type = 120 [json_name="token_type"]; - // Output only. The available actions on this resource for this user. repeated string authorized_actions = 300 [json_name="authorized_actions"]; } diff --git a/internal/proto/controller/api/services/v1/auth_method_service.proto b/internal/proto/controller/api/services/v1/auth_method_service.proto index 1e6be74fd8..9be8afb27d 100644 --- a/internal/proto/controller/api/services/v1/auth_method_service.proto +++ b/internal/proto/controller/api/services/v1/auth_method_service.proto @@ -10,6 +10,7 @@ import "google/api/visibility.proto"; import "google/protobuf/field_mask.proto"; import "google/protobuf/struct.proto"; import "controller/api/resources/authmethods/v1/auth_method.proto"; +import "controller/api/resources/authtokens/v1/authtoken.proto"; import "controller/custom_options/v1/options.proto"; option (custom_options.v1.domain) = "auth"; @@ -196,15 +197,6 @@ message OidcStartAttributes { string cached_roundtrip_payload = 2; } -// The layout of the struct for "attributes" field in AuthenticateRequest for a -// oidc type's token command. This message isn't directly referenced anywhere -// but is used here to define the expected field names and types. -message OidcTokenAttributes { - // The token id for the request. This is the token id that was returned from - // the oidc type's start command - string token_id = 1; -} - message AuthenticateRequest { // The ID of the Auth Method in the system that should be used for authentication. string auth_method_id = 1 [json_name = "auth_method_id"]; // @gotags: `class:"public"` @@ -214,8 +206,16 @@ message AuthenticateRequest { // This can be "cookie" or "token". If not provided, "token" will be used. "cookie" activates a split-cookie method where the token is split partially between http-only and regular cookies in order // to keep it safe from rogue JS in the browser. string type = 6 [json_name = "type"]; // @gotags: `class:"public"` - // Attributes are passed to the Auth Method; the valid keys and values depend on the type of Auth Method as well as the command. - google.protobuf.Struct attributes = 4 [json_name = "attributes"]; + oneof attrs { + // Attributes are passed to the Auth Method; the valid keys and values depend on the type of Auth Method as well as the command. + google.protobuf.Struct attributes = 4; + // Note: these fields have a custom mapping function for transforming to and from the generic attributes, + // they do not use the standard attribute transformation. + PasswordLoginAttributes password_login_attributes = 7 [(google.api.field_visibility).restriction = "INTERNAL"]; + OidcStartAttributes oidc_start_attributes = 8 [(google.api.field_visibility).restriction = "INTERNAL"]; + controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateCallbackRequest oidc_auth_method_authenticate_callback_request = 9 [(google.api.field_visibility).restriction = "INTERNAL"]; + controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateTokenRequest oidc_auth_method_authenticate_token_request = 10 [(google.api.field_visibility).restriction = "INTERNAL"]; + } // The command to perform. string command = 5 [json_name = "command"]; // @gotags: `class:"public"` @@ -229,8 +229,16 @@ message AuthenticateResponse { reserved "item", "token_type"; // The type of the token returned. Either "cookie" or "token". string type = 3; // @gotags: `class:"public"` - // Valid keys and values depend on the type of Auth Method as well as the command. - google.protobuf.Struct attributes = 4 [json_name = "attributes"]; + oneof attrs { + // Valid keys and values depend on the type of Auth Method as well as the command. + google.protobuf.Struct attributes = 4 [json_name = "attributes"]; + // Note: these fields have a custom mapping function for transforming to and from the generic attributes, + // they do not use the standard attribute transformation. + controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateStartResponse oidc_auth_method_authenticate_start_response = 6 [(google.api.field_visibility).restriction = "INTERNAL"]; + controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateCallbackResponse oidc_auth_method_authenticate_callback_response = 7 [(google.api.field_visibility).restriction = "INTERNAL"]; + controller.api.resources.authmethods.v1.OidcAuthMethodAuthenticateTokenResponse oidc_auth_method_authenticate_token_response = 8 [(google.api.field_visibility).restriction = "INTERNAL"]; + controller.api.resources.authtokens.v1.AuthToken auth_token_response = 9 [(google.api.field_visibility).restriction = "INTERNAL"]; + } // The command that was performed. string command = 5 [json_name = "command"]; // @gotags: `class:"public"` } diff --git a/internal/servers/controller/handlers/authmethods/authmethod_service.go b/internal/servers/controller/handlers/authmethods/authmethod_service.go index ec9cbca0a4..1349818960 100644 --- a/internal/servers/controller/handlers/authmethods/authmethod_service.go +++ b/internal/servers/controller/handlers/authmethods/authmethod_service.go @@ -32,9 +32,16 @@ import ( "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/scopes" "github.com/hashicorp/go-secure-stdlib/strutil" "google.golang.org/grpc/codes" + "google.golang.org/protobuf/proto" + "google.golang.org/protobuf/types/known/structpb" "google.golang.org/protobuf/types/known/wrapperspb" ) +func init() { + subtypes.RegisterRequestTransformationFunc(&pbs.AuthenticateRequest{}, transformAuthenticateRequestAttributes) + subtypes.RegisterResponseTransformationFunc(&pbs.AuthenticateResponse{}, transformAuthenticateResponseAttributes) +} + const ( // general auth method field names commandField = "command" @@ -792,7 +799,6 @@ func toAuthMethodProto(ctx context.Context, in auth.AuthMethod, opt ...handlers. OidcAuthMethodsAttributes: attrs, } } - fmt.Println("attrs", out.Attrs) return &out, nil } @@ -1194,20 +1200,117 @@ func (s Service) convertToAuthenticateResponse(ctx context.Context, req *pbs.Aut ScopeId: authResults.Scope.Id, Type: resource.AuthToken, } - tok.AuthorizedActions = authResults.FetchActionSetForId(ctx, tok.Id, authtokens.IdActions, requestauth.WithResource(res)).Strings() - retAttrs, err := handlers.ProtoToStruct(tok) - if err != nil { - return nil, err - } tokenType := req.GetType() if tokenType == "" { // Fall back to deprecated field if type is not set tokenType = req.GetTokenType() } + tok.AuthorizedActions = authResults.FetchActionSetForId(ctx, tok.Id, authtokens.IdActions, requestauth.WithResource(res)).Strings() return &pbs.AuthenticateResponse{ - Command: req.GetCommand(), - Attributes: retAttrs, - Type: tokenType, + Command: req.GetCommand(), + Attrs: &pbs.AuthenticateResponse_AuthTokenResponse{ + AuthTokenResponse: tok, + }, + Type: tokenType, }, nil } + +func transformAuthenticateRequestAttributes(msg proto.Message) error { + const op = "authmethod.transformAuthenticateRequestAttributes" + authRequest, ok := msg.(*pbs.AuthenticateRequest) + if !ok { + return fmt.Errorf("%s: message is not an AuthenticateRequest", op) + } + attrs := authRequest.GetAttributes() + if attrs == nil { + return nil + } + switch subtypes.SubtypeFromId(domain, authRequest.GetAuthMethodId()) { + case password.Subtype: + newAttrs := &pbs.PasswordLoginAttributes{} + if err := handlers.StructToProto(attrs, newAttrs); err != nil { + return err + } + authRequest.Attrs = &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: newAttrs, + } + case oidc.Subtype: + switch authRequest.GetCommand() { + case startCommand: + newAttrs := &pbs.OidcStartAttributes{} + if err := handlers.StructToProto(attrs, newAttrs); err != nil { + return err + } + authRequest.Attrs = &pbs.AuthenticateRequest_OidcStartAttributes{ + OidcStartAttributes: newAttrs, + } + case callbackCommand: + newAttrs := &pb.OidcAuthMethodAuthenticateCallbackRequest{} + if err := handlers.StructToProto(attrs, newAttrs, handlers.WithDiscardUnknownFields(true)); err != nil { + return err + } + authRequest.Attrs = &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: newAttrs, + } + case tokenCommand: + newAttrs := &pb.OidcAuthMethodAuthenticateTokenRequest{} + if err := handlers.StructToProto(attrs, newAttrs); err != nil { + return err + } + authRequest.Attrs = &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: newAttrs, + } + default: + return fmt.Errorf("%s: unknown command %q", op, authRequest.GetCommand()) + } + default: + return fmt.Errorf("%s: unknown auth method subtype in ID %q", op, authRequest.GetAuthMethodId()) + } + return nil +} + +func transformAuthenticateResponseAttributes(msg proto.Message) error { + const op = "authmethod.transformAuthenticateResponseAttributes" + authResponse, ok := msg.(*pbs.AuthenticateResponse) + if !ok { + return fmt.Errorf("%s: message is not an AuthenticateResponse", op) + } + attrs := authResponse.GetAttrs() + if attrs == nil { + return nil + } + var newAttrs *structpb.Struct + var err error + switch attrs := attrs.(type) { + case *pbs.AuthenticateResponse_Attributes: + // No transformation necessary + newAttrs = attrs.Attributes + case *pbs.AuthenticateResponse_AuthTokenResponse: + newAttrs, err = handlers.ProtoToStruct(attrs.AuthTokenResponse) + if err != nil { + return err + } + case *pbs.AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse: + newAttrs, err = handlers.ProtoToStruct(attrs.OidcAuthMethodAuthenticateStartResponse) + if err != nil { + return err + } + case *pbs.AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse: + newAttrs, err = handlers.ProtoToStruct(attrs.OidcAuthMethodAuthenticateCallbackResponse) + if err != nil { + return err + } + case *pbs.AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse: + newAttrs, err = handlers.ProtoToStruct(attrs.OidcAuthMethodAuthenticateTokenResponse) + if err != nil { + return err + } + default: + return fmt.Errorf("%s: unknown attributes type %T", op, attrs) + } + authResponse.Attrs = &pbs.AuthenticateResponse_Attributes{ + Attributes: newAttrs, + } + return nil +} diff --git a/internal/servers/controller/handlers/authmethods/authmethod_test.go b/internal/servers/controller/handlers/authmethods/authmethod_test.go new file mode 100644 index 0000000000..4975da374b --- /dev/null +++ b/internal/servers/controller/handlers/authmethods/authmethod_test.go @@ -0,0 +1,396 @@ +package authmethods + +import ( + "testing" + + "github.com/google/go-cmp/cmp" + pbs "github.com/hashicorp/boundary/internal/gen/controller/api/services" + pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authmethods" + pba "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authtokens" + "github.com/stretchr/testify/require" + "google.golang.org/protobuf/proto" + "google.golang.org/protobuf/testing/protocmp" + "google.golang.org/protobuf/types/known/structpb" +) + +func TestTransformAuthenticateRequestAttributes(t *testing.T) { + t.Parallel() + cases := []struct { + name string + input *pbs.AuthenticateRequest + expected *pbs.AuthenticateRequest + }{ + { + name: "empty-request", + input: &pbs.AuthenticateRequest{}, + expected: &pbs.AuthenticateRequest{}, + }, + { + name: "password-attributes", + input: &pbs.AuthenticateRequest{ + AuthMethodId: "apw_test", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "login_name": structpb.NewStringValue("login-name"), + "password": structpb.NewStringValue("password"), + }, + }, + }, + }, + expected: &pbs.AuthenticateRequest{ + AuthMethodId: "apw_test", + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: "login-name", + Password: "password", + }, + }, + }, + }, + { + name: "oidc-start-attributes", + input: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "start", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "roundtrip_payload": structpb.NewStructValue(&structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }), + "cached_roundtrip_payload": structpb.NewStringValue("cached-roundtrip-payload"), + }, + }, + }, + }, + expected: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "start", + Attrs: &pbs.AuthenticateRequest_OidcStartAttributes{ + OidcStartAttributes: &pbs.OidcStartAttributes{ + RoundtripPayload: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }, + CachedRoundtripPayload: "cached-roundtrip-payload", + }, + }, + }, + }, + { + name: "oidc-callback-attributes", + input: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "callback", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "code": structpb.NewStringValue("code"), + "state": structpb.NewStringValue("state"), + "error": structpb.NewStringValue("error"), + "error_description": structpb.NewStringValue("error-description"), + "error_uri": structpb.NewStringValue("error-uri"), + }, + }, + }, + }, + expected: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "callback", + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: &pb.OidcAuthMethodAuthenticateCallbackRequest{ + Code: "code", + State: "state", + Error: "error", + ErrorDescription: "error-description", + ErrorUri: "error-uri", + }, + }, + }, + }, + { + name: "oidc-callback-attributes-with-extra-fields", + input: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "callback", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "code": structpb.NewStringValue("code"), + "state": structpb.NewStringValue("state"), + "non-callback-field": structpb.NewBoolValue(true), + }, + }, + }, + }, + expected: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "callback", + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: &pb.OidcAuthMethodAuthenticateCallbackRequest{ + Code: "code", + State: "state", + }, + }, + }, + }, + { + name: "oidc-token-attributes", + input: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "token", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "token_id": structpb.NewStringValue("token-id"), + }, + }, + }, + }, + expected: &pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "token", + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: &pb.OidcAuthMethodAuthenticateTokenRequest{ + TokenId: "token-id", + }, + }, + }, + }, + } + + for _, c := range cases { + c := c + t.Run(c.name, func(t *testing.T) { + t.Parallel() + in := proto.Clone(c.input) + require.NoError(t, transformAuthenticateRequestAttributes(in)) + require.Empty(t, cmp.Diff(c.expected, in, protocmp.Transform())) + }) + } +} + +func TestTransformAuthenticateRequestAttributesErrors(t *testing.T) { + t.Parallel() + t.Run("not-an-authenticate-request", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateRequestAttributes(&pb.AuthMethod{})) + }) + t.Run("invalid-auth-method-id", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateRequestAttributes(&pbs.AuthenticateRequest{ + AuthMethodId: "invalid", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{}, + }, + })) + }) + t.Run("invalid-oidc-command", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateRequestAttributes(&pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "invalid", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{}, + }, + })) + }) + t.Run("invalid-password-attributes", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateRequestAttributes(&pbs.AuthenticateRequest{ + AuthMethodId: "apw_test", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }, + }, + })) + }) + t.Run("invalid-oidc-start-attributes", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateRequestAttributes(&pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "start", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }, + }, + })) + }) + t.Run("invalid-oidc-token-attributes", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateRequestAttributes(&pbs.AuthenticateRequest{ + AuthMethodId: "amoidc_test", + Command: "token", + Attrs: &pbs.AuthenticateRequest_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }, + }, + })) + }) +} + +func TestTransformAuthenticateResponseAttributes(t *testing.T) { + t.Parallel() + cases := []struct { + name string + input *pbs.AuthenticateResponse + expected *pbs.AuthenticateResponse + }{ + { + name: "empty-attributes", + input: &pbs.AuthenticateResponse{ + Command: "testcommand", + }, + expected: &pbs.AuthenticateResponse{ + Command: "testcommand", + }, + }, + { + name: "unstructured-attributes", + input: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }, + }, + }, + expected: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "field1": structpb.NewBoolValue(true), + "field2": structpb.NewStringValue("value2"), + }, + }, + }, + }, + }, + { + name: "authtoken-attributes", + input: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_AuthTokenResponse{ + AuthTokenResponse: &pba.AuthToken{ + Id: "token-id", + }, + }, + }, + expected: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "id": structpb.NewStringValue("token-id"), + }, + }, + }, + }, + }, + { + name: "oidc-start-attributes", + input: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse{ + OidcAuthMethodAuthenticateStartResponse: &pb.OidcAuthMethodAuthenticateStartResponse{ + AuthUrl: "auth-url", + TokenId: "token-id", + }, + }, + }, + expected: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "auth_url": structpb.NewStringValue("auth-url"), + "token_id": structpb.NewStringValue("token-id"), + }, + }, + }, + }, + }, + { + name: "oidc-callback-attributes", + input: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse{ + OidcAuthMethodAuthenticateCallbackResponse: &pb.OidcAuthMethodAuthenticateCallbackResponse{ + FinalRedirectUrl: "final-redirect-url", + }, + }, + }, + expected: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "final_redirect_url": structpb.NewStringValue("final-redirect-url"), + }, + }, + }, + }, + }, + { + name: "oidc-token-attributes", + input: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse{ + OidcAuthMethodAuthenticateTokenResponse: &pb.OidcAuthMethodAuthenticateTokenResponse{ + Status: "status", + }, + }, + }, + expected: &pbs.AuthenticateResponse{ + Command: "testcommand", + Attrs: &pbs.AuthenticateResponse_Attributes{ + Attributes: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "status": structpb.NewStringValue("status"), + }, + }, + }, + }, + }, + } + + for _, c := range cases { + c := c + t.Run(c.name, func(t *testing.T) { + t.Parallel() + in := proto.Clone(c.input) + require.NoError(t, transformAuthenticateResponseAttributes(in)) + require.Empty(t, cmp.Diff(c.expected, in, protocmp.Transform())) + }) + } +} + +func TestTransformAuthenticateResponseAttributesErrors(t *testing.T) { + t.Parallel() + t.Run("not-an-authenticate-response", func(t *testing.T) { + t.Parallel() + require.Error(t, transformAuthenticateResponseAttributes(&pb.AuthMethod{})) + }) +} diff --git a/internal/servers/controller/handlers/authmethods/oidc.go b/internal/servers/controller/handlers/authmethods/oidc.go index 4aeabbd172..9ff63efd7e 100644 --- a/internal/servers/controller/handlers/authmethods/oidc.go +++ b/internal/servers/controller/handlers/authmethods/oidc.go @@ -17,7 +17,6 @@ import ( "github.com/hashicorp/boundary/internal/types/action" pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authmethods" "google.golang.org/grpc/codes" - "google.golang.org/protobuf/types/known/structpb" ) const ( @@ -159,7 +158,7 @@ func (s Service) authenticateOidc(ctx context.Context, req *pbs.AuthenticateRequ return s.authenticateOidcToken(ctx, req, authResults) } - return &pbs.AuthenticateResponse{Command: req.GetCommand(), Attributes: nil}, nil + return &pbs.AuthenticateResponse{Command: req.GetCommand()}, nil } func (s Service) authenticateOidcStart(ctx context.Context, req *pbs.AuthenticateRequest) (*pbs.AuthenticateResponse, error) { @@ -169,10 +168,7 @@ func (s Service) authenticateOidcStart(ctx context.Context, req *pbs.Authenticat } var opts []oidc.Option - attrs := new(pbs.OidcStartAttributes) - if err := handlers.StructToProto(req.GetAttributes(), attrs); err != nil { - return nil, errors.New(ctx, errors.InvalidParameter, op, "Error parsing request attributes.", errors.WithWrap(err)) - } + attrs := req.GetOidcStartAttributes() if attrs.GetCachedRoundtripPayload() != "" { opts = append(opts, oidc.WithRoundtripPayload(attrs.GetCachedRoundtripPayload())) } @@ -185,15 +181,15 @@ func (s Service) authenticateOidcStart(ctx context.Context, req *pbs.Authenticat return nil, errors.New(ctx, errors.Internal, op, "Error generating parameters for starting the OIDC flow. See the controller's log for more information.") } - respAttrs := &pb.OidcAuthMethodAuthenticateStartResponse{ - AuthUrl: authUrl.String(), - TokenId: tokenId, - } - resp := &pbs.AuthenticateResponse{Command: req.GetCommand()} - if resp.Attributes, err = handlers.ProtoToStruct(respAttrs); err != nil { - return nil, errors.New(ctx, errors.Internal, op, "Error marshaling parameters.", errors.WithWrap(err)) - } - return resp, nil + return &pbs.AuthenticateResponse{ + Command: req.GetCommand(), + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateStartResponse{ + OidcAuthMethodAuthenticateStartResponse: &pb.OidcAuthMethodAuthenticateStartResponse{ + AuthUrl: authUrl.String(), + TokenId: tokenId, + }, + }, + }, nil } // authenticateOidcCallback behaves differently than other service methods. @@ -236,20 +232,17 @@ func (s Service) authenticateOidcCallback(ctx context.Context, req *pbs.Authenti } u.Add("error", string(out)) errRedirect := fmt.Sprintf("%s?%s", errRedirectBase, u.Encode()) - respAttrs, err := handlers.ProtoToStruct(&pb.OidcAuthMethodAuthenticateCallbackResponse{ - FinalRedirectUrl: errRedirect, - }) - if err != nil { - return nil, errors.Wrap(ctx, err, op, errors.WithMsg("failed creating error redirect response")) - } - return &pbs.AuthenticateResponse{Command: callbackCommand, Attributes: respAttrs}, nil + return &pbs.AuthenticateResponse{ + Command: callbackCommand, + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse{ + OidcAuthMethodAuthenticateCallbackResponse: &pb.OidcAuthMethodAuthenticateCallbackResponse{ + FinalRedirectUrl: errRedirect, + }, + }, + }, nil } - attrs := new(pb.OidcAuthMethodAuthenticateCallbackRequest) - // Note that this conversion has already happened in the validate call so we don't expect errors here. - if err := handlers.StructToProto(req.GetAttributes(), attrs, handlers.WithDiscardUnknownFields(true)); err != nil { - return errResponse(err) - } + attrs := req.GetOidcAuthMethodAuthenticateCallbackRequest() var finalRedirectUrl string if attrs.GetError() != "" { @@ -268,14 +261,14 @@ func (s Service) authenticateOidcCallback(ctx context.Context, req *pbs.Authenti return errResponse(errors.New(ctx, errors.InvalidParameter, op, "Callback validation failed.", errors.WithWrap(err))) } - respAttrs, err := handlers.ProtoToStruct(&pb.OidcAuthMethodAuthenticateCallbackResponse{ - FinalRedirectUrl: finalRedirectUrl, - }) - if err != nil { - return errResponse(errors.New(ctx, errors.Internal, op, "Error marshaling parameters after successful callback", errors.WithWrap(err))) - } - - return &pbs.AuthenticateResponse{Command: req.GetCommand(), Attributes: respAttrs}, nil + return &pbs.AuthenticateResponse{ + Command: req.GetCommand(), + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateCallbackResponse{ + OidcAuthMethodAuthenticateCallbackResponse: &pb.OidcAuthMethodAuthenticateCallbackResponse{ + FinalRedirectUrl: finalRedirectUrl, + }, + }, + }, nil } func (s Service) authenticateOidcToken(ctx context.Context, req *pbs.AuthenticateRequest, authResults *auth.VerifyResults) (*pbs.AuthenticateResponse, error) { @@ -286,14 +279,11 @@ func (s Service) authenticateOidcToken(ctx context.Context, req *pbs.Authenticat if authResults == nil { return nil, errors.New(ctx, errors.InvalidParameter, op, "Nil auth results.") } - if req.GetAttributes() == nil { + if req.GetOidcAuthMethodAuthenticateTokenRequest() == nil { return nil, errors.New(ctx, errors.InvalidParameter, op, "Nil request attributes.") } - attrs := new(pb.OidcAuthMethodAuthenticateTokenRequest) - if err := handlers.StructToProto(req.GetAttributes(), attrs); err != nil { - return nil, errors.New(ctx, errors.InvalidParameter, op, "Error parsing request attributes.", errors.WithWrap(err)) - } + attrs := req.GetOidcAuthMethodAuthenticateTokenRequest() if attrs.TokenId == "" { return nil, errors.New(ctx, errors.InvalidParameter, op, "Empty token ID in request attributes.") } @@ -313,15 +303,16 @@ func (s Service) authenticateOidcToken(ctx context.Context, req *pbs.Authenticat } } if token == nil { - attrs, err := structpb.NewStruct(map[string]interface{}{ - statusField: "unknown", - }) if err != nil { return nil, errors.New(ctx, errors.Internal, op, "Error generating response attributes.", errors.WithWrap(err)) } return &pbs.AuthenticateResponse{ - Command: req.Command, - Attributes: attrs, + Command: req.Command, + Attrs: &pbs.AuthenticateResponse_OidcAuthMethodAuthenticateTokenResponse{ + OidcAuthMethodAuthenticateTokenResponse: &pb.OidcAuthMethodAuthenticateTokenResponse{ + Status: "unknown", + }, + }, }, nil } @@ -340,12 +331,8 @@ func validateAuthenticateOidcRequest(req *pbs.AuthenticateRequest) error { switch req.GetCommand() { case startCommand: - if req.GetAttributes() != nil { - attrs := new(pbs.OidcStartAttributes) - if err := handlers.StructToProto(req.GetAttributes(), attrs); err != nil { - badFields[attributesField] = "Could not be parsed, or contains invalid fields." - break - } + if req.GetOidcStartAttributes() != nil { + attrs := req.GetOidcStartAttributes() // Ensure we pay no attention to cache information provided by the client attrs.CachedRoundtripPayload = "" @@ -362,23 +349,10 @@ func validateAuthenticateOidcRequest(req *pbs.AuthenticateRequest) error { } else { // Cache for later attrs.CachedRoundtripPayload = string(m) - req.Attributes, err = handlers.ProtoToStruct(attrs) - if err != nil { - return fmt.Errorf("unable to convert map back to proto") - } } } case callbackCommand: - if req.GetAttributes() == nil { - badFields[attributesField] = "No callback attributes provided." - break - } - - attrs := new(pb.OidcAuthMethodAuthenticateCallbackRequest) - if err := handlers.StructToProto(req.GetAttributes(), attrs, handlers.WithDiscardUnknownFields(true)); err != nil { - badFields[attributesField] = "Unable to parse callback request attributes." - break - } + attrs := req.GetOidcAuthMethodAuthenticateCallbackRequest() if attrs.GetCode() == "" && attrs.GetError() == "" { badFields[codeField] = "Code field not supplied in callback request." diff --git a/internal/servers/controller/handlers/authmethods/oidc_test.go b/internal/servers/controller/handlers/authmethods/oidc_test.go index c067a0fd70..142d0a5ae1 100644 --- a/internal/servers/controller/handlers/authmethods/oidc_test.go +++ b/internal/servers/controller/handlers/authmethods/oidc_test.go @@ -1404,12 +1404,13 @@ func TestChangeState_OIDC(t *testing.T) { }, { name: "Make Complete Private", - req: &pbs.ChangeStateRequest{Id: oidcam.GetPublicId(), Version: oidcam.GetVersion(), Attrs: &pbs.ChangeStateRequest_OidcChangeStateAttributes{ - OidcChangeStateAttributes: &pbs.OidcChangeStateAttributes{ - State: "active-private", + req: &pbs.ChangeStateRequest{ + Id: oidcam.GetPublicId(), Version: oidcam.GetVersion(), Attrs: &pbs.ChangeStateRequest_OidcChangeStateAttributes{ + OidcChangeStateAttributes: &pbs.OidcChangeStateAttributes{ + State: "active-private", + }, }, }, - }, res: &pbs.ChangeStateResponse{Item: func() *pb.AuthMethod { am := proto.Clone(wantTemplate).(*pb.AuthMethod) am.GetOidcAuthMethodsAttributes().State = "active-private" @@ -1419,12 +1420,13 @@ func TestChangeState_OIDC(t *testing.T) { }, { name: "Make Complete Public", - req: &pbs.ChangeStateRequest{Id: oidcam.GetPublicId(), Version: 2, Attrs: &pbs.ChangeStateRequest_OidcChangeStateAttributes{ - OidcChangeStateAttributes: &pbs.OidcChangeStateAttributes{ - State: "active-public", + req: &pbs.ChangeStateRequest{ + Id: oidcam.GetPublicId(), Version: 2, Attrs: &pbs.ChangeStateRequest_OidcChangeStateAttributes{ + OidcChangeStateAttributes: &pbs.OidcChangeStateAttributes{ + State: "active-public", + }, }, }, - }, res: &pbs.ChangeStateResponse{Item: func() *pb.AuthMethod { am := proto.Clone(wantTemplate).(*pb.AuthMethod) am.GetOidcAuthMethodsAttributes().State = "active-public" @@ -1434,12 +1436,13 @@ func TestChangeState_OIDC(t *testing.T) { }, { name: "Make Complete Inactive", - req: &pbs.ChangeStateRequest{Id: oidcam.GetPublicId(), Version: 3, Attrs: &pbs.ChangeStateRequest_OidcChangeStateAttributes{ - OidcChangeStateAttributes: &pbs.OidcChangeStateAttributes{ - State: "inactive", + req: &pbs.ChangeStateRequest{ + Id: oidcam.GetPublicId(), Version: 3, Attrs: &pbs.ChangeStateRequest_OidcChangeStateAttributes{ + OidcChangeStateAttributes: &pbs.OidcChangeStateAttributes{ + State: "inactive", + }, }, }, - }, res: &pbs.ChangeStateResponse{Item: func() *pb.AuthMethod { am := proto.Clone(wantTemplate).(*pb.AuthMethod) am.GetOidcAuthMethodsAttributes().State = "inactive" @@ -1529,16 +1532,18 @@ func TestAuthenticate_OIDC_Start(t *testing.T) { request: &pbs.AuthenticateRequest{ Command: "start", AuthMethodId: s.authMethod.GetPublicId(), - Attributes: func() *structpb.Struct { - ret, err := structpb.NewStruct(map[string]interface{}{ - "roundtrip_payload": map[string]interface{}{ - "foo": "bar", - "baz": true, - }, - }) - require.NoError(t, err) - return ret - }(), + Attrs: &pbs.AuthenticateRequest_OidcStartAttributes{ + OidcStartAttributes: &pbs.OidcStartAttributes{ + RoundtripPayload: func() *structpb.Struct { + ret, err := structpb.NewStruct(map[string]interface{}{ + "foo": "bar", + "baz": true, + }) + require.NoError(t, err) + return ret + }(), + }, + }, }, }, } @@ -1556,13 +1561,10 @@ func TestAuthenticate_OIDC_Start(t *testing.T) { require.Equal(got.GetCommand(), "start") // We can't really compare directly as a lot of the values contain // random data, so just verify existence - require.NotNil(got.GetAttributes()) - m := got.GetAttributes().AsMap() - require.NotNil(m) - require.Contains(m, "auth_url") - require.NotEmpty(m["auth_url"]) - require.Contains(m, "token_id") - require.NotEmpty(m["token_id"]) + got.GetAuthTokenResponse() + require.NotNil(got.GetOidcAuthMethodAuthenticateStartResponse()) + require.NotEmpty(got.GetOidcAuthMethodAuthenticateStartResponse().GetAuthUrl()) + require.NotEmpty(got.GetOidcAuthMethodAuthenticateStartResponse().GetTokenId()) }) } } @@ -1623,18 +1625,16 @@ func TestAuthenticate_OIDC_Token(t *testing.T) { request: &pbs.AuthenticateRequest{ Command: "token", AuthMethodId: s.authMethod.GetPublicId(), - Attributes: func() *structpb.Struct { - ret, err := structpb.NewStruct(map[string]interface{}{ - "token_id": func() string { + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: &pb.OidcAuthMethodAuthenticateTokenRequest{ + TokenId: func() string { tokenPublicId, err := authtoken.NewAuthTokenId() require.NoError(t, err) oidc.TestPendingToken(t, testAtRepo, testUser, testAcct, tokenPublicId) return oidc.TestTokenRequestId(t, s.authMethod, s.kmsCache, 200*time.Second, tokenPublicId) }(), - }) - require.NoError(t, err) - return ret - }(), + }, + }, }, }, { @@ -1642,18 +1642,16 @@ func TestAuthenticate_OIDC_Token(t *testing.T) { request: &pbs.AuthenticateRequest{ Command: "token", AuthMethodId: s.authMethod.GetPublicId(), - Attributes: func() *structpb.Struct { - ret, err := structpb.NewStruct(map[string]interface{}{ - "token_id": func() string { + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: &pb.OidcAuthMethodAuthenticateTokenRequest{ + TokenId: func() string { tokenPublicId, err := authtoken.NewAuthTokenId() require.NoError(t, err) oidc.TestPendingToken(t, testAtRepo, testUser, testAcct, tokenPublicId) return oidc.TestTokenRequestId(t, s.authMethod, s.kmsCache, -20*time.Second, tokenPublicId) }(), - }) - require.NoError(t, err) - return ret - }(), + }, + }, }, wantErrMatch: errors.T(errors.AuthAttemptExpired), }, @@ -1662,13 +1660,11 @@ func TestAuthenticate_OIDC_Token(t *testing.T) { request: &pbs.AuthenticateRequest{ Command: "token", AuthMethodId: s.authMethod.GetPublicId(), - Attributes: func() *structpb.Struct { - ret, err := structpb.NewStruct(map[string]interface{}{ - "token_id": "bad-token-id", - }) - require.NoError(t, err) - return ret - }(), + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: &pb.OidcAuthMethodAuthenticateTokenRequest{ + TokenId: "bad-token-id", + }, + }, }, wantErrMatch: errors.T(errors.Unknown), }, @@ -1689,11 +1685,8 @@ func TestAuthenticate_OIDC_Token(t *testing.T) { } require.NoError(err) require.Equal(got.GetCommand(), "token") - require.NotNil(got.GetAttributes()) - m := got.GetAttributes().AsMap() - require.NotNil(m) - require.Contains(m, "token") - require.NotEmpty(m["token"]) + require.NotNil(got.GetAuthTokenResponse()) + require.NotEmpty(got.GetAuthTokenResponse().GetToken()) }) } } @@ -1710,27 +1703,23 @@ func TestAuthenticate_OIDC_Callback_ErrorRedirect(t *testing.T) { req: &pbs.AuthenticateRequest{ AuthMethodId: s.authMethod.GetPublicId(), Command: "callback", - Attributes: func() *structpb.Struct { - st, err := handlers.ProtoToStruct(&pb.OidcAuthMethodAuthenticateCallbackRequest{ + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: &pb.OidcAuthMethodAuthenticateCallbackRequest{ State: "anything", - }) - require.NoError(t, err) - return st - }(), + }, + }, }, }, { name: "No Auth Method Id", req: &pbs.AuthenticateRequest{ Command: "callback", - Attributes: func() *structpb.Struct { - st, err := handlers.ProtoToStruct(&pb.OidcAuthMethodAuthenticateCallbackRequest{ + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: &pb.OidcAuthMethodAuthenticateCallbackRequest{ Code: "anythingworks", State: "anything", - }) - require.NoError(t, err) - return st - }(), + }, + }, }, }, { @@ -1738,13 +1727,11 @@ func TestAuthenticate_OIDC_Callback_ErrorRedirect(t *testing.T) { req: &pbs.AuthenticateRequest{ AuthMethodId: s.authMethod.GetPublicId(), Command: "callback", - Attributes: func() *structpb.Struct { - st, err := handlers.ProtoToStruct(&pb.OidcAuthMethodAuthenticateCallbackRequest{ + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: &pb.OidcAuthMethodAuthenticateCallbackRequest{ Code: "anythingworks", - }) - require.NoError(t, err) - return st - }(), + }, + }, }, }, } @@ -1784,16 +1771,13 @@ func TestAuthenticate_OIDC_Callback_ErrorRedirect(t *testing.T) { &pbs.AuthenticateRequest{ AuthMethodId: s.authMethod.GetPublicId(), Command: "callback", - Attributes: func() *structpb.Struct { - st, err := handlers.ProtoToStruct(tc.attrs) - require.NoError(t, err) - return st - }(), + Attrs: &pbs.AuthenticateRequest_OidcAuthMethodAuthenticateCallbackRequest{ + OidcAuthMethodAuthenticateCallbackRequest: tc.attrs, + }, }) require.NoError(t, err) - respAttrs := &pb.OidcAuthMethodAuthenticateCallbackResponse{} - require.NoError(t, handlers.StructToProto(got.GetAttributes(), respAttrs)) + respAttrs := got.GetOidcAuthMethodAuthenticateCallbackResponse() assert.Contains(t, respAttrs.FinalRedirectUrl, fmt.Sprintf("%s/authentication-error?", s.authMethod.GetApiUrl())) u, err := url.Parse(respAttrs.GetFinalRedirectUrl()) require.NoError(t, err) diff --git a/internal/servers/controller/handlers/authmethods/password.go b/internal/servers/controller/handlers/authmethods/password.go index fc68241138..98914c3b0a 100644 --- a/internal/servers/controller/handlers/authmethods/password.go +++ b/internal/servers/controller/handlers/authmethods/password.go @@ -88,8 +88,8 @@ func (s Service) updatePwInRepo(ctx context.Context, scopeId, id string, mask [] } func (s Service) authenticatePassword(ctx context.Context, req *pbs.AuthenticateRequest, authResults *auth.VerifyResults) (*pbs.AuthenticateResponse, error) { - reqAttrs := req.GetAttributes().GetFields() - tok, err := s.authenticateWithPwRepo(ctx, authResults.Scope.GetId(), req.GetAuthMethodId(), reqAttrs[loginNameField].GetStringValue(), reqAttrs[passwordField].GetStringValue()) + reqAttrs := req.GetPasswordLoginAttributes() + tok, err := s.authenticateWithPwRepo(ctx, authResults.Scope.GetId(), req.GetAuthMethodId(), reqAttrs.LoginName, reqAttrs.Password) if err != nil { return nil, err } @@ -136,17 +136,11 @@ func (s Service) authenticateWithPwRepo(ctx context.Context, scopeId, authMethod func validateAuthenticatePasswordRequest(req *pbs.AuthenticateRequest) error { badFields := make(map[string]string) - if req.GetAttributes() == nil || req.GetAttributes().GetFields() == nil { - badFields["attributes"] = "This is a required field." - // Return early because we need non-nil values in the rest of the check. - return handlers.InvalidArgumentErrorf("Invalid fields provided in request.", badFields) - } - - attrs := req.GetAttributes().GetFields() - if _, ok := attrs[loginNameField]; !ok { + attrs := req.GetPasswordLoginAttributes() + if attrs.LoginName == "" { badFields["attributes.login_name"] = "This is a required field." } - if _, ok := attrs[passwordField]; !ok { + if attrs.Password == "" { badFields["attributes.password"] = "This is a required field." } if req.GetCommand() == "" { diff --git a/internal/servers/controller/handlers/authmethods/password_test.go b/internal/servers/controller/handlers/authmethods/password_test.go index 4321ed2258..9ee65aee20 100644 --- a/internal/servers/controller/handlers/authmethods/password_test.go +++ b/internal/servers/controller/handlers/authmethods/password_test.go @@ -19,14 +19,12 @@ import ( "github.com/hashicorp/boundary/internal/servers/controller/handlers/authmethods" "github.com/hashicorp/boundary/internal/types/scope" pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authmethods" - authtokenpb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authtokens" scopepb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/scopes" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "google.golang.org/genproto/protobuf/field_mask" "google.golang.org/grpc/codes" "google.golang.org/protobuf/testing/protocmp" - "google.golang.org/protobuf/types/known/structpb" "google.golang.org/protobuf/types/known/timestamppb" "google.golang.org/protobuf/types/known/wrapperspb" ) @@ -510,13 +508,12 @@ func TestAuthenticate_Password(t *testing.T) { request: &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), TokenType: "token", - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: testPassword, + }, + }, }, wantType: "token", }, @@ -525,13 +522,12 @@ func TestAuthenticate_Password(t *testing.T) { request: &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), TokenType: "cookie", - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: testPassword, + }, + }, }, wantType: "cookie", }, @@ -539,13 +535,12 @@ func TestAuthenticate_Password(t *testing.T) { name: "no-token-type", request: &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: testPassword, + }, + }, }, }, { @@ -553,26 +548,24 @@ func TestAuthenticate_Password(t *testing.T) { request: &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), TokenType: "email", - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: testPassword, + }, + }, }, wantErr: handlers.ApiErrorWithCode(codes.InvalidArgument), }, { name: "no-authmethod", request: &pbs.AuthenticateRequest{ - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: testPassword, + }, + }, }, wantErr: handlers.ApiErrorWithCode(codes.InvalidArgument), }, @@ -581,13 +574,12 @@ func TestAuthenticate_Password(t *testing.T) { request: &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), TokenType: "token", - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: "wrong"}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: "wrong", + }, + }, }, wantErr: handlers.ApiErrorWithCode(codes.Unauthenticated), }, @@ -596,13 +588,12 @@ func TestAuthenticate_Password(t *testing.T) { request: &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), TokenType: "token", - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: "wrong"}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: "wrong", + Password: testPassword, + }, + }, }, wantErr: handlers.ApiErrorWithCode(codes.Unauthenticated), }, @@ -621,8 +612,8 @@ func TestAuthenticate_Password(t *testing.T) { return } require.NoError(err) - aToken := &authtokenpb.AuthToken{} - require.NoError(handlers.StructToProto(resp.GetAttributes(), aToken, handlers.WithDiscardUnknownFields(true))) + + aToken := resp.GetAuthTokenResponse() assert.NotEmpty(aToken.GetId()) assert.NotEmpty(aToken.GetToken()) assert.True(strings.HasPrefix(aToken.GetToken(), aToken.GetId())) @@ -678,18 +669,16 @@ func TestAuthenticate_AuthAccountConnectedToIamUser_Password(t *testing.T) { require.NoError(err) resp, err := s.Authenticate(auth.DisabledAuthTestContext(iamRepoFn, o.GetPublicId()), &pbs.AuthenticateRequest{ AuthMethodId: am.GetPublicId(), - Attributes: func() *structpb.Struct { - creds := map[string]*structpb.Value{ - "login_name": {Kind: &structpb.Value_StringValue{StringValue: testLoginName}}, - "password": {Kind: &structpb.Value_StringValue{StringValue: testPassword}}, - } - return &structpb.Struct{Fields: creds} - }(), + Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ + PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ + LoginName: testLoginName, + Password: testPassword, + }, + }, }) require.NoError(err) - aToken := &authtokenpb.AuthToken{} - require.NoError(handlers.StructToProto(resp.GetAttributes(), aToken, handlers.WithDiscardUnknownFields(true))) + aToken := resp.GetAuthTokenResponse() assert.Equal(iamUser.GetPublicId(), aToken.GetUserId()) assert.Equal(am.GetPublicId(), aToken.GetAuthMethodId()) assert.Equal(acct.GetPublicId(), aToken.GetAccountId()) diff --git a/internal/servers/controller/handlers/outgoing_response_filter_test.go b/internal/servers/controller/handlers/outgoing_response_filter_test.go index 478c1c4529..e6fbff2698 100644 --- a/internal/servers/controller/handlers/outgoing_response_filter_test.go +++ b/internal/servers/controller/handlers/outgoing_response_filter_test.go @@ -10,7 +10,7 @@ import ( "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" pbs "github.com/hashicorp/boundary/internal/gen/controller/api/services" - pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authtokens" + pba "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authtokens" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "google.golang.org/grpc/metadata" @@ -19,9 +19,9 @@ import ( func TestOutgoingSplitCookie(t *testing.T) { rec := httptest.NewRecorder() - attrs, err := ProtoToStruct(&pb.AuthToken{Token: "t_abc_1234567890"}) + attrs, err := ProtoToStruct(&pba.AuthToken{Token: "t_abc_1234567890"}) require.NoError(t, err) - require.NoError(t, OutgoingResponseFilter(context.Background(), rec, &pbs.AuthenticateResponse{Attributes: attrs, Type: "cookie"})) + require.NoError(t, OutgoingResponseFilter(context.Background(), rec, &pbs.AuthenticateResponse{Attrs: &pbs.AuthenticateResponse_Attributes{Attributes: attrs}, Type: "cookie"})) assert.ElementsMatch(t, rec.Result().Cookies(), []*http.Cookie{ {Name: HttpOnlyCookieName, Value: "34567890", HttpOnly: true, Raw: "wt-http-token-cookie=34567890; HttpOnly"}, {Name: JsVisibleCookieName, Value: "t_abc_12", Raw: "wt-js-token-cookie=t_abc_12"}, diff --git a/internal/tests/api/authmethods/authenticate_test.go b/internal/tests/api/authmethods/authenticate_test.go index 85323a1be6..4e84761a81 100644 --- a/internal/tests/api/authmethods/authenticate_test.go +++ b/internal/tests/api/authmethods/authenticate_test.go @@ -84,11 +84,13 @@ func TestAuthenticate(t *testing.T) { // TODO(johanbrandhorst): revert this when classification is done for auth methods reqDetails := tests_api.GetEventDetails(t, got, "request") tests_api.AssertRedactedValues(t, reqDetails) - tests_api.AssertRedactedValues(t, reqDetails["attributes"], "password", "login_name") + tests_api.AssertRedactedValues(t, reqDetails["Attrs"]) + tests_api.AssertRedactedValues(t, reqDetails["Attrs"].(map[string]interface{})["PasswordLoginAttributes"], "password", "login_name") respDetails := tests_api.GetEventDetails(t, got, "response") tests_api.AssertRedactedValues(t, respDetails) - tests_api.AssertRedactedValues(t, respDetails["attributes"], "token", "approximate_last_used_time", "expiration_time", "token_type", "updated_time", "user_id", "account_id", "auth_method_id", "authorized_actions", "created_time", "id") + tests_api.AssertRedactedValues(t, respDetails["Attrs"]) + tests_api.AssertRedactedValues(t, respDetails["Attrs"].(map[string]interface{})["AuthTokenResponse"], "token", "token_type", "user_id", "account_id", "auth_method_id", "authorized_actions", "id", "scope_id") _ = os.WriteFile(eventConfig.AuditEvents.Name(), nil, 0o666) // clean out audit events from previous calls tok, err = methods.Authenticate(tc.Context(), tc.Server().DevPasswordAuthMethodId, "login", map[string]interface{}{"login_name": "user", "password": "bad-pass"}) @@ -98,5 +100,6 @@ func TestAuthenticate(t *testing.T) { reqDetails = tests_api.GetEventDetails(t, got, "request") tests_api.AssertRedactedValues(t, reqDetails) - tests_api.AssertRedactedValues(t, reqDetails["attributes"], "password", "login_name") + tests_api.AssertRedactedValues(t, reqDetails["Attrs"]) + tests_api.AssertRedactedValues(t, reqDetails["Attrs"].(map[string]interface{})["PasswordLoginAttributes"], "password", "login_name") } diff --git a/internal/tests/api/authmethods/authmethod_test.go b/internal/tests/api/authmethods/authmethod_test.go index 1c409141ac..0e5f73e994 100644 --- a/internal/tests/api/authmethods/authmethod_test.go +++ b/internal/tests/api/authmethods/authmethod_test.go @@ -187,9 +187,16 @@ func TestList(t *testing.T) { result, err = amClient.List(tc.Context(), global) require.NoError(err) require.Len(result.Items, 3) - assert.Empty(cmp.Diff(genOIDCAM, result.Items[0], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) - assert.Empty(cmp.Diff(genPWAM, result.Items[1], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) - assert.Empty(cmp.Diff(pwAM.Item, result.Items[2], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) + assert.Empty( + cmp.Diff( + result.Items, + []*authmethods.AuthMethod{genOIDCAM, genPWAM, pwAM.Item}, + cmpopts.IgnoreUnexported(authmethods.AuthMethod{}), + cmpopts.SortSlices(func(a, b *authmethods.AuthMethod) bool { + return a.Name < b.Name + }), + ), + ) oidcAM, err := amClient.Create(tc.Context(), "oidc", global, authmethods.WithName("foo"), @@ -206,10 +213,16 @@ func TestList(t *testing.T) { result, err = amClient.List(tc.Context(), global) require.NoError(err) require.Len(result.Items, 4) - assert.Empty(cmp.Diff(genOIDCAM, result.Items[0], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) - assert.Empty(cmp.Diff(oidcAM.Item, result.Items[1], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) - assert.Empty(cmp.Diff(genPWAM, result.Items[2], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) - assert.Empty(cmp.Diff(pwAM.Item, result.Items[3], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) + assert.Empty( + cmp.Diff( + result.Items, + []*authmethods.AuthMethod{genOIDCAM, genPWAM, pwAM.Item, oidcAM.Item}, + cmpopts.IgnoreUnexported(authmethods.AuthMethod{}), + cmpopts.SortSlices(func(a, b *authmethods.AuthMethod) bool { + return a.Name < b.Name + }), + ), + ) result, err = amClient.List(tc.Context(), global, authmethods.WithFilter(`"/item/attributes/client_id"=="client-id"`)) @@ -221,8 +234,16 @@ func TestList(t *testing.T) { authmethods.WithFilter(`"/item/attributes/min_login_name_length"==3`)) require.NoError(err) require.Len(result.Items, 2) - assert.Empty(cmp.Diff(genPWAM, result.Items[0], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) - assert.Empty(cmp.Diff(pwAM.Item, result.Items[1], cmpopts.IgnoreUnexported(authmethods.AuthMethod{}))) + assert.Empty( + cmp.Diff( + result.Items, + []*authmethods.AuthMethod{genPWAM, pwAM.Item}, + cmpopts.IgnoreUnexported(authmethods.AuthMethod{}), + cmpopts.SortSlices(func(a, b *authmethods.AuthMethod) bool { + return a.Name < b.Name + }), + ), + ) result, err = amClient.List(tc.Context(), global, authmethods.WithFilter(`"/item/attributes/min_password_length"==10`)) diff --git a/internal/tests/api/authmethods/service_classification_test.go b/internal/tests/api/authmethods/service_classification_test.go index 87b2d2253b..dd00a3c6cd 100644 --- a/internal/tests/api/authmethods/service_classification_test.go +++ b/internal/tests/api/authmethods/service_classification_test.go @@ -8,12 +8,15 @@ import ( "github.com/hashicorp/boundary/internal/gen/controller/api/services" "github.com/hashicorp/boundary/sdk/pbs/controller/api" + "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authmethods" + "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/authtokens" + "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/scopes" "github.com/hashicorp/boundary/sdk/wrapper" "github.com/hashicorp/eventlogger" "github.com/hashicorp/eventlogger/filters/encrypt" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - structpb "google.golang.org/protobuf/types/known/structpb" + "google.golang.org/protobuf/types/known/timestamppb" ) // TestAuthenticate_Tags will test that the response filtering aligns with the @@ -38,26 +41,31 @@ func TestAuthenticate_Tags(t *testing.T) { CreatedAt: now, Payload: &services.AuthenticateResponse{ Command: "public-command", - Attributes: &structpb.Struct{ - Fields: map[string]*structpb.Value{ - "account_id": structpb.NewStringValue("public-account_id"), - "approximate_last_used_time": structpb.NewStringValue("public-approximate_last_used_time"), - "auth_method_id": structpb.NewStringValue("public-auth_method_id"), - "authorized_actions": structpb.NewStringValue("public-authorized_actions"), - "created_time": structpb.NewStringValue("public-created_time"), - "expiration_time": structpb.NewStringValue("public-expiration_time"), - "id": structpb.NewStringValue("public-id"), - "scope": structpb.NewStringValue("public-scope"), - "type": structpb.NewStringValue("public-type"), - "updated_time": structpb.NewStringValue("public-updated_time"), - "user_id": structpb.NewStringValue("public-user_id"), - "status": structpb.NewStringValue("public-status"), - "auth_url": structpb.NewStringValue("public-auth_url"), - "token_id": structpb.NewStringValue("public-token_id"), - "final_redirect_url": structpb.NewStringValue("public-final_redirect_url"), - "token": structpb.NewStringValue("secret-token"), + Attrs: &services.AuthenticateResponse_AuthTokenResponse{ + AuthTokenResponse: &authtokens.AuthToken{ + AccountId: "public-account_id", + ApproximateLastUsedTime: timestamppb.New(now), + AuthMethodId: "public-auth_method_id", + AuthorizedActions: []string{ + "public-authorized_actions", + }, + CreatedTime: timestamppb.New(now), + ExpirationTime: timestamppb.New(now), + Id: "public-id", + ScopeId: "public-scope_id", + Scope: &scopes.ScopeInfo{ + Id: "public-scope_id", + Type: "public-scope_type", + Name: "public-scope_name", + Description: "public-scope_description", + ParentScopeId: "public-parent_scope_id", + }, + UpdatedTime: timestamppb.New(now), + UserId: "public-user_id", + Token: "secret-type", }, }, + Type: "public-type", }, }, wantEvent: &eventlogger.Event{ @@ -66,26 +74,31 @@ func TestAuthenticate_Tags(t *testing.T) { Payload: &services.AuthenticateResponse{ Command: "public-command", // TODO(johanbrandhorst): update redaction once typed attributes are available - Attributes: &structpb.Struct{ - Fields: map[string]*structpb.Value{ - "account_id": structpb.NewStringValue(encrypt.RedactedData), - "approximate_last_used_time": structpb.NewStringValue(encrypt.RedactedData), - "auth_method_id": structpb.NewStringValue(encrypt.RedactedData), - "authorized_actions": structpb.NewStringValue(encrypt.RedactedData), - "created_time": structpb.NewStringValue(encrypt.RedactedData), - "expiration_time": structpb.NewStringValue(encrypt.RedactedData), - "id": structpb.NewStringValue(encrypt.RedactedData), - "scope": structpb.NewStringValue(encrypt.RedactedData), - "type": structpb.NewStringValue(encrypt.RedactedData), - "updated_time": structpb.NewStringValue(encrypt.RedactedData), - "user_id": structpb.NewStringValue(encrypt.RedactedData), - "status": structpb.NewStringValue(encrypt.RedactedData), - "auth_url": structpb.NewStringValue(encrypt.RedactedData), - "token_id": structpb.NewStringValue(encrypt.RedactedData), - "final_redirect_url": structpb.NewStringValue(encrypt.RedactedData), - "token": structpb.NewStringValue(encrypt.RedactedData), + Attrs: &services.AuthenticateResponse_AuthTokenResponse{ + AuthTokenResponse: &authtokens.AuthToken{ + AccountId: encrypt.RedactedData, + ApproximateLastUsedTime: timestamppb.New(now), + AuthMethodId: encrypt.RedactedData, + AuthorizedActions: []string{ + encrypt.RedactedData, + }, + CreatedTime: timestamppb.New(now), + ExpirationTime: timestamppb.New(now), + Id: encrypt.RedactedData, + ScopeId: encrypt.RedactedData, + Scope: &scopes.ScopeInfo{ + Id: "public-scope_id", + Type: "public-scope_type", + Name: "public-scope_name", + Description: "public-scope_description", + ParentScopeId: "public-parent_scope_id", + }, + UpdatedTime: timestamppb.New(now), + UserId: encrypt.RedactedData, + Token: encrypt.RedactedData, }, }, + Type: "public-type", }, }, }, @@ -98,14 +111,9 @@ func TestAuthenticate_Tags(t *testing.T) { AuthMethodId: "public-auth-method-id", TokenType: "public-token-type", Command: "public-command", - Attributes: &structpb.Struct{ - Fields: map[string]*structpb.Value{ - "login_name": structpb.NewStringValue("public-login_name"), - "auth_url": structpb.NewStringValue("public-auth_url"), - "token_id": structpb.NewStringValue("public-token_id"), - "state": structpb.NewStringValue("public-state"), - "password": structpb.NewStringValue("secret-password"), - "code": structpb.NewStringValue("secret-code"), + Attrs: &services.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: &authmethods.OidcAuthMethodAuthenticateTokenRequest{ + TokenId: "public-token-id", }, }, }, @@ -118,14 +126,9 @@ func TestAuthenticate_Tags(t *testing.T) { TokenType: "public-token-type", Command: "public-command", // TODO(johanbrandhorst): update redaction once typed attributes are available - Attributes: &structpb.Struct{ - Fields: map[string]*structpb.Value{ - "login_name": structpb.NewStringValue(encrypt.RedactedData), - "auth_url": structpb.NewStringValue(encrypt.RedactedData), - "token_id": structpb.NewStringValue(encrypt.RedactedData), - "state": structpb.NewStringValue(encrypt.RedactedData), - "password": structpb.NewStringValue(encrypt.RedactedData), - "code": structpb.NewStringValue(encrypt.RedactedData), + Attrs: &services.AuthenticateRequest_OidcAuthMethodAuthenticateTokenRequest{ + OidcAuthMethodAuthenticateTokenRequest: &authmethods.OidcAuthMethodAuthenticateTokenRequest{ + TokenId: encrypt.RedactedData, }, }, }, diff --git a/sdk/pbs/controller/api/resources/authtokens/authtoken.pb.go b/sdk/pbs/controller/api/resources/authtokens/authtoken.pb.go index 4a4251f106..34a4903ee8 100644 --- a/sdk/pbs/controller/api/resources/authtokens/authtoken.pb.go +++ b/sdk/pbs/controller/api/resources/authtokens/authtoken.pb.go @@ -50,8 +50,6 @@ type AuthToken struct { ApproximateLastUsedTime *timestamppb.Timestamp `protobuf:"bytes,100,opt,name=approximate_last_used_time,proto3" json:"approximate_last_used_time,omitempty"` // Output only. The time this Auth Token expires. ExpirationTime *timestamppb.Timestamp `protobuf:"bytes,110,opt,name=expiration_time,proto3" json:"expiration_time,omitempty"` - // Output only. The type of this auth token. Either "cookie" or "token". - TokenType string `protobuf:"bytes,120,opt,name=token_type,proto3" json:"token_type,omitempty"` // Output only. The available actions on this resource for this user. AuthorizedActions []string `protobuf:"bytes,300,rep,name=authorized_actions,proto3" json:"authorized_actions,omitempty"` } @@ -165,13 +163,6 @@ func (x *AuthToken) GetExpirationTime() *timestamppb.Timestamp { return nil } -func (x *AuthToken) GetTokenType() string { - if x != nil { - return x.TokenType - } - return "" -} - func (x *AuthToken) GetAuthorizedActions() []string { if x != nil { return x.AuthorizedActions @@ -193,7 +184,7 @@ var file_controller_api_resources_authtokens_v1_authtoken_proto_rawDesc = []byte 0x6f, 0x1a, 0x2e, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x2f, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x22, 0xe7, 0x04, 0x0a, 0x09, 0x41, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, + 0x6f, 0x22, 0xc7, 0x04, 0x0a, 0x09, 0x41, 0x75, 0x74, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x14, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x5f, 0x69, 0x64, 0x12, 0x43, 0x0a, 0x05, 0x73, @@ -226,9 +217,7 @@ var file_controller_api_resources_authtokens_v1_authtoken_proto_rawDesc = []byte 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18, 0x6e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x0f, 0x65, 0x78, 0x70, 0x69, 0x72, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x74, 0x6f, - 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x78, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, - 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x12, 0x2f, 0x0a, 0x12, 0x61, 0x75, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x12, 0x2f, 0x0a, 0x12, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xac, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x12, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x64, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x56, 0x5a, 0x54, 0x67,