diff --git a/api/sessionrecordings/password_credential_attributes.gen.go b/api/sessionrecordings/password_credential_attributes.gen.go new file mode 100644 index 0000000000..32a0834db7 --- /dev/null +++ b/api/sessionrecordings/password_credential_attributes.gen.go @@ -0,0 +1,40 @@ +// Code generated by "make api"; DO NOT EDIT. +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package sessionrecordings + +import ( + "fmt" + + "github.com/mitchellh/mapstructure" +) + +type PasswordCredentialAttributes struct { + PasswordHmac string `json:"password_hmac,omitempty"` +} + +func AttributesMapToPasswordCredentialAttributes(in map[string]any) (*PasswordCredentialAttributes, error) { + if in == nil { + return nil, fmt.Errorf("nil input map") + } + var out PasswordCredentialAttributes + dec, err := mapstructure.NewDecoder(&mapstructure.DecoderConfig{ + Result: &out, + TagName: "json", + }) + if err != nil { + return nil, fmt.Errorf("error creating mapstructure decoder: %w", err) + } + if err := dec.Decode(in); err != nil { + return nil, fmt.Errorf("error decoding: %w", err) + } + return &out, nil +} + +func (pt *Credential) GetPasswordCredentialAttributes() (*PasswordCredentialAttributes, error) { + if pt.Type != "password" { + return nil, fmt.Errorf("asked to fetch %s-type attributes but credential is of type %s", "password", pt.Type) + } + return AttributesMapToPasswordCredentialAttributes(pt.Attributes) +} diff --git a/internal/api/genapi/input.go b/internal/api/genapi/input.go index 08d374f2a2..ec639c8613 100644 --- a/internal/api/genapi/input.go +++ b/internal/api/genapi/input.go @@ -692,6 +692,22 @@ var inputStructs = []*structInfo{ versionEnabled: true, createResponseTypes: []string{CreateResponseType, ReadResponseType, UpdateResponseType, DeleteResponseType, ListResponseType}, }, + { + inProto: &credentials.PasswordAttributes{}, + outFile: "credentials/password_attributes.gen.go", + subtypeName: "PasswordCredential", + subtype: "password", + fieldOverrides: []fieldInfo{ + { + Name: "Password", + SkipDefault: true, + }, + }, + parentTypeName: "Credential", + templates: []*template.Template{ + mapstructureConversionTemplate, + }, + }, { inProto: &credentials.UsernamePasswordAttributes{}, outFile: "credentials/username_password_attributes.gen.go", @@ -1294,6 +1310,15 @@ var inputStructs = []*structInfo{ inProto: &session_recordings.Credential{}, outFile: "sessionrecordings/credential.gen.go", }, + { + inProto: &session_recordings.PasswordCredentialAttributes{}, + outFile: "sessionrecordings/password_credential_attributes.gen.go", + subtype: "password", + parentTypeName: "Credential", + templates: []*template.Template{ + mapstructureConversionTemplate, + }, + }, { inProto: &session_recordings.UsernamePasswordCredentialAttributes{}, outFile: "sessionrecordings/username_password_credential_attributes.gen.go", diff --git a/internal/cmd/commands.go b/internal/cmd/commands.go index bbd7cc37c0..66fda0f1c8 100644 --- a/internal/cmd/commands.go +++ b/internal/cmd/commands.go @@ -621,6 +621,12 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) { Func: "create", } }), + "credentials create password": wrapper.Wrap(func() wrapper.WrappableCommand { + return &credentialscmd.PasswordCommand{ + Command: base.NewCommand(ui, opts...), + Func: "create", + } + }), "credentials create username-password": wrapper.Wrap(func() wrapper.WrappableCommand { return &credentialscmd.UsernamePasswordCommand{ Command: base.NewCommand(ui, opts...), @@ -651,6 +657,12 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) { Func: "update", } }), + "credentials update password": wrapper.Wrap(func() wrapper.WrappableCommand { + return &credentialscmd.PasswordCommand{ + Command: base.NewCommand(ui, opts...), + Func: "update", + } + }), "credentials update username-password": wrapper.Wrap(func() wrapper.WrappableCommand { return &credentialscmd.UsernamePasswordCommand{ Command: base.NewCommand(ui, opts...), diff --git a/internal/cmd/commands/credentialscmd/password_credentials.gen.go b/internal/cmd/commands/credentialscmd/password_credentials.gen.go new file mode 100644 index 0000000000..97b912e304 --- /dev/null +++ b/internal/cmd/commands/credentialscmd/password_credentials.gen.go @@ -0,0 +1,278 @@ +// Code generated by "make cli"; DO NOT EDIT. +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package credentialscmd + +import ( + "errors" + "fmt" + + "github.com/hashicorp/boundary/api" + "github.com/hashicorp/boundary/api/credentials" + "github.com/hashicorp/boundary/internal/cmd/base" + "github.com/hashicorp/boundary/internal/cmd/common" + "github.com/hashicorp/go-secure-stdlib/strutil" + "github.com/mitchellh/cli" + "github.com/posener/complete" +) + +func initPasswordFlags() { + flagsOnce.Do(func() { + extraFlags := extraPasswordActionsFlagsMapFunc() + for k, v := range extraFlags { + flagsPasswordMap[k] = append(flagsPasswordMap[k], v...) + } + }) +} + +var ( + _ cli.Command = (*PasswordCommand)(nil) + _ cli.CommandAutocomplete = (*PasswordCommand)(nil) +) + +type PasswordCommand struct { + *base.Command + + Func string + + plural string + + extraPasswordCmdVars +} + +func (c *PasswordCommand) AutocompleteArgs() complete.Predictor { + initPasswordFlags() + return complete.PredictAnything +} + +func (c *PasswordCommand) AutocompleteFlags() complete.Flags { + initPasswordFlags() + return c.Flags().Completions() +} + +func (c *PasswordCommand) Synopsis() string { + if extra := extraPasswordSynopsisFunc(c); extra != "" { + return extra + } + + synopsisStr := "credential" + + synopsisStr = fmt.Sprintf("%s %s", "password-type", synopsisStr) + + return common.SynopsisFunc(c.Func, synopsisStr) +} + +func (c *PasswordCommand) Help() string { + initPasswordFlags() + + var helpStr string + helpMap := common.HelpMap("credential") + + switch c.Func { + + default: + + helpStr = c.extraPasswordHelpFunc(helpMap) + + } + + // Keep linter from complaining if we don't actually generate code using it + _ = helpMap + return helpStr +} + +var flagsPasswordMap = map[string][]string{ + + "create": {"credential-store-id", "name", "description"}, + + "update": {"id", "name", "description", "version"}, +} + +func (c *PasswordCommand) Flags() *base.FlagSets { + if len(flagsPasswordMap[c.Func]) == 0 { + return c.FlagSet(base.FlagSetNone) + } + + set := c.FlagSet(base.FlagSetHTTP | base.FlagSetClient | base.FlagSetOutputFormat) + f := set.NewFlagSet("Command Options") + common.PopulateCommonFlags(c.Command, f, "password-type credential", flagsPasswordMap, c.Func) + + extraPasswordFlagsFunc(c, set, f) + + return set +} + +func (c *PasswordCommand) Run(args []string) int { + initPasswordFlags() + + switch c.Func { + case "": + return cli.RunResultHelp + + } + + c.plural = "password-type credential" + switch c.Func { + case "list": + c.plural = "password-type credentials" + } + + f := c.Flags() + + if err := f.Parse(args); err != nil { + c.PrintCliError(err) + return base.CommandUserError + } + + if strutil.StrListContains(flagsPasswordMap[c.Func], "id") && c.FlagId == "" { + c.PrintCliError(errors.New("ID is required but not passed in via -id")) + return base.CommandUserError + } + + var opts []credentials.Option + + if strutil.StrListContains(flagsPasswordMap[c.Func], "credential-store-id") { + switch c.Func { + + case "create": + if c.FlagCredentialStoreId == "" { + c.PrintCliError(errors.New("CredentialStore ID must be passed in via -credential-store-id or BOUNDARY_CREDENTIAL_STORE_ID")) + return base.CommandUserError + } + + } + } + + client, err := c.Client() + if c.WrapperCleanupFunc != nil { + defer func() { + if err := c.WrapperCleanupFunc(); err != nil { + c.PrintCliError(fmt.Errorf("Error cleaning kms wrapper: %w", err)) + } + }() + } + if err != nil { + c.PrintCliError(fmt.Errorf("Error creating API client: %w", err)) + return base.CommandCliError + } + credentialsClient := credentials.NewClient(client) + + switch c.FlagName { + case "": + case "null": + opts = append(opts, credentials.DefaultName()) + default: + opts = append(opts, credentials.WithName(c.FlagName)) + } + + switch c.FlagDescription { + case "": + case "null": + opts = append(opts, credentials.DefaultDescription()) + default: + opts = append(opts, credentials.WithDescription(c.FlagDescription)) + } + + if c.FlagFilter != "" { + opts = append(opts, credentials.WithFilter(c.FlagFilter)) + } + + var version uint32 + + switch c.Func { + + case "update": + switch c.FlagVersion { + case 0: + opts = append(opts, credentials.WithAutomaticVersioning(true)) + default: + version = uint32(c.FlagVersion) + } + + } + + if ok := extraPasswordFlagsHandlingFunc(c, f, &opts); !ok { + return base.CommandUserError + } + + var resp *api.Response + var item *credentials.Credential + + var createResult *credentials.CredentialCreateResult + + var updateResult *credentials.CredentialUpdateResult + + switch c.Func { + + case "create": + createResult, err = credentialsClient.Create(c.Context, "password", c.FlagCredentialStoreId, opts...) + if exitCode := c.checkFuncError(err); exitCode > 0 { + return exitCode + } + resp = createResult.GetResponse() + item = createResult.GetItem() + + case "update": + updateResult, err = credentialsClient.Update(c.Context, c.FlagId, version, opts...) + if exitCode := c.checkFuncError(err); exitCode > 0 { + return exitCode + } + resp = updateResult.GetResponse() + item = updateResult.GetItem() + + } + + resp, item, err = executeExtraPasswordActions(c, resp, item, err, credentialsClient, version, opts) + if exitCode := c.checkFuncError(err); exitCode > 0 { + return exitCode + } + + output, err := printCustomPasswordActionOutput(c) + if err != nil { + c.PrintCliError(err) + return base.CommandUserError + } + if output { + return base.CommandSuccess + } + + switch c.Func { + + } + + switch base.Format(c.UI) { + case "table": + c.UI.Output(printItemTable(item, resp)) + + case "json": + if ok := c.PrintJsonItem(resp); !ok { + return base.CommandCliError + } + } + + return base.CommandSuccess +} + +func (c *PasswordCommand) checkFuncError(err error) int { + if err == nil { + return 0 + } + if apiErr := api.AsServerError(err); apiErr != nil { + c.PrintApiError(apiErr, fmt.Sprintf("Error from controller when performing %s on %s", c.Func, c.plural)) + return base.CommandApiError + } + c.PrintCliError(fmt.Errorf("Error trying to %s %s: %s", c.Func, c.plural, err.Error())) + return base.CommandCliError +} + +var ( + extraPasswordActionsFlagsMapFunc = func() map[string][]string { return nil } + extraPasswordSynopsisFunc = func(*PasswordCommand) string { return "" } + extraPasswordFlagsFunc = func(*PasswordCommand, *base.FlagSets, *base.FlagSet) {} + extraPasswordFlagsHandlingFunc = func(*PasswordCommand, *base.FlagSets, *[]credentials.Option) bool { return true } + executeExtraPasswordActions = func(_ *PasswordCommand, inResp *api.Response, inItem *credentials.Credential, inErr error, _ *credentials.Client, _ uint32, _ []credentials.Option) (*api.Response, *credentials.Credential, error) { + return inResp, inItem, inErr + } + printCustomPasswordActionOutput = func(*PasswordCommand) (bool, error) { return false, nil } +) diff --git a/internal/cmd/commands/credentialscmd/password_funcs.go b/internal/cmd/commands/credentialscmd/password_funcs.go new file mode 100644 index 0000000000..4697ee31a9 --- /dev/null +++ b/internal/cmd/commands/credentialscmd/password_funcs.go @@ -0,0 +1,96 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package credentialscmd + +import ( + "errors" + "fmt" + + "github.com/hashicorp/boundary/api/credentials" + "github.com/hashicorp/boundary/internal/cmd/base" + "github.com/hashicorp/go-secure-stdlib/parseutil" +) + +func init() { + extraPasswordFlagsFunc = extraPasswordFlagsFuncImpl + extraPasswordActionsFlagsMapFunc = extraPasswordActionsFlagsMapFuncImpl + extraPasswordFlagsHandlingFunc = extraPasswordFlagHandlingFuncImpl +} + +type extraPasswordCmdVars struct { + flagPassword string +} + +func extraPasswordActionsFlagsMapFuncImpl() map[string][]string { + flags := map[string][]string{ + "create": { + passwordFlagName, + }, + } + flags["update"] = flags["create"] + return flags +} + +func extraPasswordFlagsFuncImpl(c *PasswordCommand, set *base.FlagSets, _ *base.FlagSet) { + f := set.NewFlagSet("Password Credential Options") + + for _, name := range flagsPasswordMap[c.Func] { + switch name { + case passwordFlagName: + f.StringVar(&base.StringVar{ + Name: passwordFlagName, + Target: &c.flagPassword, + Usage: "The password associated with the credential. This can be a file on disk (file://) from which the value will be read, or an env var (env://) from which the value will be read.", + }) + } + } +} + +func extraPasswordFlagHandlingFuncImpl(c *PasswordCommand, _ *base.FlagSets, opts *[]credentials.Option) bool { + switch c.flagPassword { + case "": + default: + password, err := parseutil.MustParsePath(c.flagPassword) + switch { + case err == nil: + case errors.Is(err, parseutil.ErrNotParsed): + c.UI.Error("Password flag must be used with env:// or file:// syntax") + return false + default: + c.UI.Error(fmt.Sprintf("Error parsing password flag: %v", err)) + return false + } + *opts = append(*opts, credentials.WithPasswordCredentialPassword(password)) + } + + return true +} + +func (c *PasswordCommand) extraPasswordHelpFunc(_ map[string]func() string) string { + var helpStr string + switch c.Func { + case "create": + helpStr = base.WrapForHelpText([]string{ + "Usage: boundary credentials create password -credential-store-id [options] [args]", + "", + " Create a password credential. Example:", + "", + ` $ boundary credentials create password -credential-store-id csvlt_1234567890 -password pass`, + "", + "", + }) + + case "update": + helpStr = base.WrapForHelpText([]string{ + "Usage: boundary credentials update password [options] [args]", + "", + " Update a password credential given its ID. Example:", + "", + ` $ boundary credentials update password -id clvlt_1234567890 -name devops -description "For DevOps usage"`, + "", + "", + }) + } + return helpStr + c.Flags().Help() +} diff --git a/internal/cmd/gencli/input.go b/internal/cmd/gencli/input.go index b5c1b68a0f..94ad8f1687 100644 --- a/internal/cmd/gencli/input.go +++ b/internal/cmd/gencli/input.go @@ -383,6 +383,22 @@ var inputStructs = map[string][]*cmdInfo{ Container: "CredentialStore", HasId: true, }, + { + ResourceType: resource.Credential.String(), + Pkg: "credentials", + StdActions: []string{"create", "update"}, + SubActionPrefix: "password", + HasExtraCommandVars: true, + SkipNormalHelp: true, + HasExtraHelpFunc: true, + HasId: true, + HasName: true, + HasDescription: true, + Container: "CredentialStore", + VersionedActions: []string{"update"}, + NeedsSubtypeInCreate: true, + PrefixAttributeFieldErrorsWithSubactionPrefix: true, + }, { ResourceType: resource.Credential.String(), Pkg: "credentials", diff --git a/internal/daemon/controller/handlers/credentials/credential_service.go b/internal/daemon/controller/handlers/credentials/credential_service.go index cffe7e0d41..d8e6e07cfd 100644 --- a/internal/daemon/controller/handlers/credentials/credential_service.go +++ b/internal/daemon/controller/handlers/credentials/credential_service.go @@ -599,7 +599,6 @@ func (s Service) updateInRepo( return nil, handlers.NotFoundErrorf("Credential %q doesn't exist or incorrect version provided.", id) } return out, nil - case credential.SshPrivateKeySubtype: dbMasks = append(dbMasks, spkMaskManager.Translate(masks)...) if len(dbMasks) == 0 { @@ -633,7 +632,6 @@ func (s Service) updateInRepo( return nil, handlers.NotFoundErrorf("Credential %q doesn't exist or incorrect version provided.", id) } return out, nil - case credential.JsonSubtype: dbMasks = append(dbMasks, jsonMaskManager.Translate(masks, "attributes", "object")...) if len(dbMasks) == 0 { @@ -657,7 +655,6 @@ func (s Service) updateInRepo( return nil, handlers.NotFoundErrorf("Credential %q doesn't exist or incorrect version provided.", id) } return out, nil - default: return nil, handlers.ApiErrorWithCodeAndMessage(codes.Internal, fmt.Sprintf("Unsupported credential type %q", item.GetType())) @@ -1062,7 +1059,6 @@ func validateCreateRequest(req *pbs.CreateCredentialRequest) error { } } } - case credential.JsonSubtype.String(): object := req.GetItem().GetJsonAttributes().GetObject() if object == nil || len(object.AsMap()) <= 0 { @@ -1070,7 +1066,6 @@ func validateCreateRequest(req *pbs.CreateCredentialRequest) error { } else if _, err := json.Marshal(object); err != nil { badFields[objectField] = "Unable to parse given json value" } - default: badFields[globals.TypeField] = fmt.Sprintf("Unsupported credential type %q", req.Item.GetType()) } @@ -1139,7 +1134,6 @@ func validateUpdateRequest(req *pbs.UpdateCredentialRequest) error { } } } - case credential.JsonSubtype: if handlers.MaskContainsPrefix(req.GetUpdateMask().GetPaths(), objectField) { object := req.GetItem().GetJsonAttributes().GetObject() @@ -1149,7 +1143,6 @@ func validateUpdateRequest(req *pbs.UpdateCredentialRequest) error { badFields[objectField] = "Unable to parse given json value" } } - default: badFields[globals.IdField] = "Unknown credential type." } diff --git a/internal/proto/controller/api/resources/sessionrecordings/v1/session_recording.proto b/internal/proto/controller/api/resources/sessionrecordings/v1/session_recording.proto index 90866e07d6..0e8f88201a 100644 --- a/internal/proto/controller/api/resources/sessionrecordings/v1/session_recording.proto +++ b/internal/proto/controller/api/resources/sessionrecordings/v1/session_recording.proto @@ -308,6 +308,10 @@ message Credential { (google.api.field_visibility).restriction = "INTERNAL", (custom_options.v1.subtype) = "json" ]; + PasswordCredentialAttributes password_attributes = 11 [ + (google.api.field_visibility).restriction = "INTERNAL", + (custom_options.v1.subtype) = "password" + ]; } } @@ -338,6 +342,12 @@ message JsonCredentialAttributes { string object_hmac = 1; // @gotags: class:"public" } +// The attributes of a Password Credential. +message PasswordCredentialAttributes { + // The hmac value of the password. + string password_hmac = 1; // @gotags: class:"public" +} + // CredentialLibrary contains all fields related to an Credential Library resource message CredentialLibrary { // The ID of the Credential Library. diff --git a/internal/tests/cli/boundary/_credentials.bash b/internal/tests/cli/boundary/_credentials.bash index d29b6910aa..23148168e8 100644 --- a/internal/tests/cli/boundary/_credentials.bash +++ b/internal/tests/cli/boundary/_credentials.bash @@ -63,6 +63,19 @@ function create_json_credential() { $args } +function create_password_credential() { + local name=$1 + local sid=$2 + local pass=$3 + + export BP="${pass}" + boundary credentials create password \ + -name $name \ + -description 'test password credential' \ + -credential-store-id $sid \ + -password env://BP +} + function read_credential() { boundary credentials read -id $1 -format json } diff --git a/internal/tests/cli/boundary/credentials.bats b/internal/tests/cli/boundary/credentials.bats index 5d7f3ffbb2..075564f2f7 100644 --- a/internal/tests/cli/boundary/credentials.bats +++ b/internal/tests/cli/boundary/credentials.bats @@ -12,6 +12,7 @@ export NEW_UPD_AT_CREDENTIAL='test-at-user-domain-pass' export NEW_UPD_SLASH_CREDENTIAL='test-slash-domain-user-pass' export NEW_UPD_CREDENTIAL_DOMAIN='test-domain-user-plus-domain' export NEW_JSON_CREDENTIAL='test-json' +export NEW_PASSWORD_CREDENTIAL='test-pass' @test "boundary/login: can login as default user" { run login $DEFAULT_LOGIN @@ -68,6 +69,20 @@ export NEW_JSON_CREDENTIAL='test-json' } +@test "boundary/credentials: can create $NEW_PASSWORD_CREDENTIAL credential in $NEW_STORE store" { + local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) + run create_password_credential $NEW_PASSWORD_CREDENTIAL $csid 'password' + echo "$output" + [ "$status" -eq 0 ] +} + +@test "boundary/credentials: can not create already created $NEW_PASSWORD_CREDENTIAL credential" { + local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) + run create_password_credential $NEW_PASSWORD_CREDENTIAL $csid 'password' + echo "$output" + [ "$status" -eq 1 ] +} + @test "boundary/credentials: can create $NEW_JSON_CREDENTIAL credential in $NEW_STORE store" { local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) run create_json_credential $NEW_JSON_CREDENTIAL $csid '-string-kv username=admin -string-kv password=pass' @@ -142,6 +157,14 @@ export NEW_JSON_CREDENTIAL='test-json' [ "$status" -eq 0 ] } +@test "boundary/credentials: can read $NEW_PASSWORD_CREDENTIAL credential" { + local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) + local cid=$(credential_id $NEW_PASSWORD_CREDENTIAL $csid) + run read_credential $cid + echo "$output" + [ "$status" -eq 0 ] +} + @test "boundary/credentials: can read $NEW_JSON_CREDENTIAL credential" { local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) local cid=$(credential_id $NEW_JSON_CREDENTIAL $csid) @@ -186,6 +209,15 @@ export NEW_JSON_CREDENTIAL='test-json' [ "$status" -eq 0 ] } +@test "boundary/credentials: can delete $NEW_PASSWORD_CREDENTIAL credential" { + local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) + local cid=$(credential_id $NEW_PASSWORD_CREDENTIAL $csid) + run delete_credential $cid + echo "$output" + run has_status_code "$output" "204" + [ "$status" -eq 0 ] +} + @test "boundary/credentials: can delete $NEW_JSON_CREDENTIAL credential" { local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) local cid=$(credential_id $NEW_JSON_CREDENTIAL $csid) @@ -255,6 +287,14 @@ export NEW_JSON_CREDENTIAL='test-json' [ "$status" -eq 1 ] } +@test "boundary/credential-stores: can not read deleted $NEW_PASSWORD_CREDENTIAL credential" { + local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) + local cid=$(credential_id $NEW_PASSWORD_CREDENTIAL $csid) + run read_credential $cid + echo "$output" + [ "$status" -eq 1 ] +} + @test "boundary/credential-stores: can delete $NEW_STORE static store" { local csid=$(credential_store_id $NEW_STORE $DEFAULT_P_ID) run delete_credential_store $csid diff --git a/sdk/pbs/controller/api/resources/session_recordings/session_recording.pb.go b/sdk/pbs/controller/api/resources/session_recordings/session_recording.pb.go index 0c1448e884..ad06de68a8 100644 --- a/sdk/pbs/controller/api/resources/session_recordings/session_recording.pb.go +++ b/sdk/pbs/controller/api/resources/session_recordings/session_recording.pb.go @@ -1132,6 +1132,7 @@ type Credential struct { // *Credential_UsernamePasswordAttributes // *Credential_SshPrivateKeyAttributes // *Credential_JsonAttributes + // *Credential_PasswordAttributes Attrs isCredential_Attrs `protobuf_oneof:"attrs"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache @@ -1252,6 +1253,15 @@ func (x *Credential) GetJsonAttributes() *JsonCredentialAttributes { return nil } +func (x *Credential) GetPasswordAttributes() *PasswordCredentialAttributes { + if x != nil { + if x, ok := x.Attrs.(*Credential_PasswordAttributes); ok { + return x.PasswordAttributes + } + } + return nil +} + type isCredential_Attrs interface { isCredential_Attrs() } @@ -1273,6 +1283,10 @@ type Credential_JsonAttributes struct { JsonAttributes *JsonCredentialAttributes `protobuf:"bytes,10,opt,name=json_attributes,json=jsonAttributes,proto3,oneof"` } +type Credential_PasswordAttributes struct { + PasswordAttributes *PasswordCredentialAttributes `protobuf:"bytes,11,opt,name=password_attributes,json=passwordAttributes,proto3,oneof"` +} + func (*Credential_Attributes) isCredential_Attrs() {} func (*Credential_UsernamePasswordAttributes) isCredential_Attrs() {} @@ -1281,6 +1295,8 @@ func (*Credential_SshPrivateKeyAttributes) isCredential_Attrs() {} func (*Credential_JsonAttributes) isCredential_Attrs() {} +func (*Credential_PasswordAttributes) isCredential_Attrs() {} + // The attributes of a UsernamePassword Credential. type UsernamePasswordCredentialAttributes struct { state protoimpl.MessageState `protogen:"open.v1"` @@ -1446,6 +1462,52 @@ func (x *JsonCredentialAttributes) GetObjectHmac() string { return "" } +// The attributes of a Password Credential. +type PasswordCredentialAttributes struct { + state protoimpl.MessageState `protogen:"open.v1"` + // The hmac value of the password. + PasswordHmac string `protobuf:"bytes,1,opt,name=password_hmac,json=passwordHmac,proto3" json:"password_hmac,omitempty" class:"public"` // @gotags: class:"public" + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *PasswordCredentialAttributes) Reset() { + *x = PasswordCredentialAttributes{} + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PasswordCredentialAttributes) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PasswordCredentialAttributes) ProtoMessage() {} + +func (x *PasswordCredentialAttributes) ProtoReflect() protoreflect.Message { + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[14] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PasswordCredentialAttributes.ProtoReflect.Descriptor instead. +func (*PasswordCredentialAttributes) Descriptor() ([]byte, []int) { + return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{14} +} + +func (x *PasswordCredentialAttributes) GetPasswordHmac() string { + if x != nil { + return x.PasswordHmac + } + return "" +} + // CredentialLibrary contains all fields related to an Credential Library resource type CredentialLibrary struct { state protoimpl.MessageState `protogen:"open.v1"` @@ -1474,7 +1536,7 @@ type CredentialLibrary struct { func (x *CredentialLibrary) Reset() { *x = CredentialLibrary{} - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[14] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1486,7 +1548,7 @@ func (x *CredentialLibrary) String() string { func (*CredentialLibrary) ProtoMessage() {} func (x *CredentialLibrary) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[14] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[15] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1499,7 +1561,7 @@ func (x *CredentialLibrary) ProtoReflect() protoreflect.Message { // Deprecated: Use CredentialLibrary.ProtoReflect.Descriptor instead. func (*CredentialLibrary) Descriptor() ([]byte, []int) { - return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{14} + return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{15} } func (x *CredentialLibrary) GetId() string { @@ -1632,7 +1694,7 @@ type VaultCredentialLibraryAttributes struct { func (x *VaultCredentialLibraryAttributes) Reset() { *x = VaultCredentialLibraryAttributes{} - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[15] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1644,7 +1706,7 @@ func (x *VaultCredentialLibraryAttributes) String() string { func (*VaultCredentialLibraryAttributes) ProtoMessage() {} func (x *VaultCredentialLibraryAttributes) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[15] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1657,7 +1719,7 @@ func (x *VaultCredentialLibraryAttributes) ProtoReflect() protoreflect.Message { // Deprecated: Use VaultCredentialLibraryAttributes.ProtoReflect.Descriptor instead. func (*VaultCredentialLibraryAttributes) Descriptor() ([]byte, []int) { - return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{15} + return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{16} } func (x *VaultCredentialLibraryAttributes) GetPath() string { @@ -1706,7 +1768,7 @@ type VaultSSHCertificateCredentialLibraryAttributes struct { func (x *VaultSSHCertificateCredentialLibraryAttributes) Reset() { *x = VaultSSHCertificateCredentialLibraryAttributes{} - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[16] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1718,7 +1780,7 @@ func (x *VaultSSHCertificateCredentialLibraryAttributes) String() string { func (*VaultSSHCertificateCredentialLibraryAttributes) ProtoMessage() {} func (x *VaultSSHCertificateCredentialLibraryAttributes) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[16] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[17] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1731,7 +1793,7 @@ func (x *VaultSSHCertificateCredentialLibraryAttributes) ProtoReflect() protoref // Deprecated: Use VaultSSHCertificateCredentialLibraryAttributes.ProtoReflect.Descriptor instead. func (*VaultSSHCertificateCredentialLibraryAttributes) Descriptor() ([]byte, []int) { - return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{16} + return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{17} } func (x *VaultSSHCertificateCredentialLibraryAttributes) GetPath() string { @@ -1810,7 +1872,7 @@ type ValuesAtTime struct { func (x *ValuesAtTime) Reset() { *x = ValuesAtTime{} - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[17] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1822,7 +1884,7 @@ func (x *ValuesAtTime) String() string { func (*ValuesAtTime) ProtoMessage() {} func (x *ValuesAtTime) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[17] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1835,7 +1897,7 @@ func (x *ValuesAtTime) ProtoReflect() protoreflect.Message { // Deprecated: Use ValuesAtTime.ProtoReflect.Descriptor instead. func (*ValuesAtTime) Descriptor() ([]byte, []int) { - return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{17} + return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{18} } func (x *ValuesAtTime) GetUser() *User { @@ -1936,7 +1998,7 @@ type SessionRecording struct { func (x *SessionRecording) Reset() { *x = SessionRecording{} - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[18] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1948,7 +2010,7 @@ func (x *SessionRecording) String() string { func (*SessionRecording) ProtoMessage() {} func (x *SessionRecording) ProtoReflect() protoreflect.Message { - mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[18] + mi := &file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1961,7 +2023,7 @@ func (x *SessionRecording) ProtoReflect() protoreflect.Message { // Deprecated: Use SessionRecording.ProtoReflect.Descriptor instead. func (*SessionRecording) Descriptor() ([]byte, []int) { - return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{18} + return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescGZIP(), []int{19} } func (x *SessionRecording) GetId() string { @@ -2220,7 +2282,7 @@ const file_controller_api_resources_sessionrecordings_v1_session_recording_proto "\tnamespace\x18\x02 \x01(\tR\tnamespace\x12(\n" + "\x0ftls_server_name\x18\x03 \x01(\tR\x0ftls_server_name\x12(\n" + "\x0ftls_skip_verify\x18\x04 \x01(\bR\x0ftls_skip_verify\x12$\n" + - "\rworker_filter\x18\x05 \x01(\tR\rworker_filter\"\xc6\x06\n" + + "\rworker_filter\x18\x05 \x01(\tR\rworker_filter\"\xe5\a\n" + "\n" + "Credential\x12\x0e\n" + "\x02id\x18\x01 \x01(\tR\x02id\x12j\n" + @@ -2238,7 +2300,9 @@ const file_controller_api_resources_sessionrecordings_v1_session_recording_proto "\x12\bINTERNALH\x00R\x17sshPrivateKeyAttributes\x12\x8c\x01\n" + "\x0fjson_attributes\x18\n" + " \x01(\v2G.controller.api.resources.sessionrecordings.v1.JsonCredentialAttributesB\x18\x9a\xe3)\x04json\xfa\xd2\xe4\x93\x02\n" + - "\x12\bINTERNALH\x00R\x0ejsonAttributesB\a\n" + + "\x12\bINTERNALH\x00R\x0ejsonAttributes\x12\x9c\x01\n" + + "\x13password_attributes\x18\v \x01(\v2K.controller.api.resources.sessionrecordings.v1.PasswordCredentialAttributesB\x1c\x9a\xe3)\bpassword\xfa\xd2\xe4\x93\x02\n" + + "\x12\bINTERNALH\x00R\x12passwordAttributesB\a\n" + "\x05attrs\"g\n" + "$UsernamePasswordCredentialAttributes\x12\x1a\n" + "\busername\x18\x01 \x01(\tR\busername\x12#\n" + @@ -2249,7 +2313,9 @@ const file_controller_api_resources_sessionrecordings_v1_session_recording_proto "\x1bprivate_key_passphrase_hmac\x18\x03 \x01(\tR\x18privateKeyPassphraseHmac\";\n" + "\x18JsonCredentialAttributes\x12\x1f\n" + "\vobject_hmac\x18\x01 \x01(\tR\n" + - "objectHmac\"\xd3\a\n" + + "objectHmac\"C\n" + + "\x1cPasswordCredentialAttributes\x12#\n" + + "\rpassword_hmac\x18\x01 \x01(\tR\fpasswordHmac\"\xd3\a\n" + "\x11CredentialLibrary\x12\x0e\n" + "\x02id\x18\x01 \x01(\tR\x02id\x12j\n" + "\x10credential_store\x18\x02 \x01(\v2>.controller.api.resources.sessionrecordings.v1.CredentialStoreR\x10credential_store\x12\x12\n" + @@ -2340,7 +2406,7 @@ func file_controller_api_resources_sessionrecordings_v1_session_recording_proto_ return file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDescData } -var file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes = make([]protoimpl.MessageInfo, 21) +var file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes = make([]protoimpl.MessageInfo, 22) var file_controller_api_resources_sessionrecordings_v1_session_recording_proto_goTypes = []any{ (*ChannelRecording)(nil), // 0: controller.api.resources.sessionrecordings.v1.ChannelRecording (*ConnectionRecording)(nil), // 1: controller.api.resources.sessionrecordings.v1.ConnectionRecording @@ -2356,73 +2422,75 @@ var file_controller_api_resources_sessionrecordings_v1_session_recording_proto_g (*UsernamePasswordCredentialAttributes)(nil), // 11: controller.api.resources.sessionrecordings.v1.UsernamePasswordCredentialAttributes (*SshPrivateKeyCredentialAttributes)(nil), // 12: controller.api.resources.sessionrecordings.v1.SshPrivateKeyCredentialAttributes (*JsonCredentialAttributes)(nil), // 13: controller.api.resources.sessionrecordings.v1.JsonCredentialAttributes - (*CredentialLibrary)(nil), // 14: controller.api.resources.sessionrecordings.v1.CredentialLibrary - (*VaultCredentialLibraryAttributes)(nil), // 15: controller.api.resources.sessionrecordings.v1.VaultCredentialLibraryAttributes - (*VaultSSHCertificateCredentialLibraryAttributes)(nil), // 16: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes - (*ValuesAtTime)(nil), // 17: controller.api.resources.sessionrecordings.v1.ValuesAtTime - (*SessionRecording)(nil), // 18: controller.api.resources.sessionrecordings.v1.SessionRecording - nil, // 19: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.CriticalOptionsEntry - nil, // 20: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.ExtensionsEntry - (*timestamppb.Timestamp)(nil), // 21: google.protobuf.Timestamp - (*durationpb.Duration)(nil), // 22: google.protobuf.Duration - (*scopes.ScopeInfo)(nil), // 23: controller.api.resources.scopes.v1.ScopeInfo - (*structpb.Struct)(nil), // 24: google.protobuf.Struct + (*PasswordCredentialAttributes)(nil), // 14: controller.api.resources.sessionrecordings.v1.PasswordCredentialAttributes + (*CredentialLibrary)(nil), // 15: controller.api.resources.sessionrecordings.v1.CredentialLibrary + (*VaultCredentialLibraryAttributes)(nil), // 16: controller.api.resources.sessionrecordings.v1.VaultCredentialLibraryAttributes + (*VaultSSHCertificateCredentialLibraryAttributes)(nil), // 17: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes + (*ValuesAtTime)(nil), // 18: controller.api.resources.sessionrecordings.v1.ValuesAtTime + (*SessionRecording)(nil), // 19: controller.api.resources.sessionrecordings.v1.SessionRecording + nil, // 20: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.CriticalOptionsEntry + nil, // 21: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.ExtensionsEntry + (*timestamppb.Timestamp)(nil), // 22: google.protobuf.Timestamp + (*durationpb.Duration)(nil), // 23: google.protobuf.Duration + (*scopes.ScopeInfo)(nil), // 24: controller.api.resources.scopes.v1.ScopeInfo + (*structpb.Struct)(nil), // 25: google.protobuf.Struct } var file_controller_api_resources_sessionrecordings_v1_session_recording_proto_depIdxs = []int32{ - 21, // 0: controller.api.resources.sessionrecordings.v1.ChannelRecording.created_time:type_name -> google.protobuf.Timestamp - 21, // 1: controller.api.resources.sessionrecordings.v1.ChannelRecording.updated_time:type_name -> google.protobuf.Timestamp - 21, // 2: controller.api.resources.sessionrecordings.v1.ChannelRecording.start_time:type_name -> google.protobuf.Timestamp - 21, // 3: controller.api.resources.sessionrecordings.v1.ChannelRecording.end_time:type_name -> google.protobuf.Timestamp - 22, // 4: controller.api.resources.sessionrecordings.v1.ChannelRecording.duration:type_name -> google.protobuf.Duration - 21, // 5: controller.api.resources.sessionrecordings.v1.ConnectionRecording.created_time:type_name -> google.protobuf.Timestamp - 21, // 6: controller.api.resources.sessionrecordings.v1.ConnectionRecording.updated_time:type_name -> google.protobuf.Timestamp - 21, // 7: controller.api.resources.sessionrecordings.v1.ConnectionRecording.start_time:type_name -> google.protobuf.Timestamp - 21, // 8: controller.api.resources.sessionrecordings.v1.ConnectionRecording.end_time:type_name -> google.protobuf.Timestamp - 22, // 9: controller.api.resources.sessionrecordings.v1.ConnectionRecording.duration:type_name -> google.protobuf.Duration + 22, // 0: controller.api.resources.sessionrecordings.v1.ChannelRecording.created_time:type_name -> google.protobuf.Timestamp + 22, // 1: controller.api.resources.sessionrecordings.v1.ChannelRecording.updated_time:type_name -> google.protobuf.Timestamp + 22, // 2: controller.api.resources.sessionrecordings.v1.ChannelRecording.start_time:type_name -> google.protobuf.Timestamp + 22, // 3: controller.api.resources.sessionrecordings.v1.ChannelRecording.end_time:type_name -> google.protobuf.Timestamp + 23, // 4: controller.api.resources.sessionrecordings.v1.ChannelRecording.duration:type_name -> google.protobuf.Duration + 22, // 5: controller.api.resources.sessionrecordings.v1.ConnectionRecording.created_time:type_name -> google.protobuf.Timestamp + 22, // 6: controller.api.resources.sessionrecordings.v1.ConnectionRecording.updated_time:type_name -> google.protobuf.Timestamp + 22, // 7: controller.api.resources.sessionrecordings.v1.ConnectionRecording.start_time:type_name -> google.protobuf.Timestamp + 22, // 8: controller.api.resources.sessionrecordings.v1.ConnectionRecording.end_time:type_name -> google.protobuf.Timestamp + 23, // 9: controller.api.resources.sessionrecordings.v1.ConnectionRecording.duration:type_name -> google.protobuf.Duration 0, // 10: controller.api.resources.sessionrecordings.v1.ConnectionRecording.channel_recordings:type_name -> controller.api.resources.sessionrecordings.v1.ChannelRecording - 23, // 11: controller.api.resources.sessionrecordings.v1.User.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo - 23, // 12: controller.api.resources.sessionrecordings.v1.HostCatalog.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo - 24, // 13: controller.api.resources.sessionrecordings.v1.HostCatalog.attributes:type_name -> google.protobuf.Struct + 24, // 11: controller.api.resources.sessionrecordings.v1.User.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo + 24, // 12: controller.api.resources.sessionrecordings.v1.HostCatalog.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo + 25, // 13: controller.api.resources.sessionrecordings.v1.HostCatalog.attributes:type_name -> google.protobuf.Struct 3, // 14: controller.api.resources.sessionrecordings.v1.Host.host_catalog:type_name -> controller.api.resources.sessionrecordings.v1.HostCatalog - 24, // 15: controller.api.resources.sessionrecordings.v1.Host.attributes:type_name -> google.protobuf.Struct + 25, // 15: controller.api.resources.sessionrecordings.v1.Host.attributes:type_name -> google.protobuf.Struct 5, // 16: controller.api.resources.sessionrecordings.v1.Host.static_host_attributes:type_name -> controller.api.resources.sessionrecordings.v1.StaticHostAttributes - 23, // 17: controller.api.resources.sessionrecordings.v1.Target.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo - 24, // 18: controller.api.resources.sessionrecordings.v1.Target.attributes:type_name -> google.protobuf.Struct + 24, // 17: controller.api.resources.sessionrecordings.v1.Target.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo + 25, // 18: controller.api.resources.sessionrecordings.v1.Target.attributes:type_name -> google.protobuf.Struct 7, // 19: controller.api.resources.sessionrecordings.v1.Target.ssh_target_attributes:type_name -> controller.api.resources.sessionrecordings.v1.SshTargetAttributes - 24, // 20: controller.api.resources.sessionrecordings.v1.CredentialStore.attributes:type_name -> google.protobuf.Struct + 25, // 20: controller.api.resources.sessionrecordings.v1.CredentialStore.attributes:type_name -> google.protobuf.Struct 9, // 21: controller.api.resources.sessionrecordings.v1.CredentialStore.vault_credential_store_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultCredentialStoreAttributes 8, // 22: controller.api.resources.sessionrecordings.v1.Credential.credential_store:type_name -> controller.api.resources.sessionrecordings.v1.CredentialStore - 24, // 23: controller.api.resources.sessionrecordings.v1.Credential.attributes:type_name -> google.protobuf.Struct + 25, // 23: controller.api.resources.sessionrecordings.v1.Credential.attributes:type_name -> google.protobuf.Struct 11, // 24: controller.api.resources.sessionrecordings.v1.Credential.username_password_attributes:type_name -> controller.api.resources.sessionrecordings.v1.UsernamePasswordCredentialAttributes 12, // 25: controller.api.resources.sessionrecordings.v1.Credential.ssh_private_key_attributes:type_name -> controller.api.resources.sessionrecordings.v1.SshPrivateKeyCredentialAttributes 13, // 26: controller.api.resources.sessionrecordings.v1.Credential.json_attributes:type_name -> controller.api.resources.sessionrecordings.v1.JsonCredentialAttributes - 8, // 27: controller.api.resources.sessionrecordings.v1.CredentialLibrary.credential_store:type_name -> controller.api.resources.sessionrecordings.v1.CredentialStore - 24, // 28: controller.api.resources.sessionrecordings.v1.CredentialLibrary.attributes:type_name -> google.protobuf.Struct - 15, // 29: controller.api.resources.sessionrecordings.v1.CredentialLibrary.vault_credential_library_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultCredentialLibraryAttributes - 15, // 30: controller.api.resources.sessionrecordings.v1.CredentialLibrary.vault_generic_credential_library_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultCredentialLibraryAttributes - 16, // 31: controller.api.resources.sessionrecordings.v1.CredentialLibrary.vault_ssh_certificate_credential_library_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes - 19, // 32: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.critical_options:type_name -> controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.CriticalOptionsEntry - 20, // 33: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.extensions:type_name -> controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.ExtensionsEntry - 2, // 34: controller.api.resources.sessionrecordings.v1.ValuesAtTime.user:type_name -> controller.api.resources.sessionrecordings.v1.User - 6, // 35: controller.api.resources.sessionrecordings.v1.ValuesAtTime.target:type_name -> controller.api.resources.sessionrecordings.v1.Target - 4, // 36: controller.api.resources.sessionrecordings.v1.ValuesAtTime.host:type_name -> controller.api.resources.sessionrecordings.v1.Host - 10, // 37: controller.api.resources.sessionrecordings.v1.ValuesAtTime.credentials:type_name -> controller.api.resources.sessionrecordings.v1.Credential - 14, // 38: controller.api.resources.sessionrecordings.v1.ValuesAtTime.credential_libraries:type_name -> controller.api.resources.sessionrecordings.v1.CredentialLibrary - 23, // 39: controller.api.resources.sessionrecordings.v1.SessionRecording.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo - 21, // 40: controller.api.resources.sessionrecordings.v1.SessionRecording.created_time:type_name -> google.protobuf.Timestamp - 21, // 41: controller.api.resources.sessionrecordings.v1.SessionRecording.updated_time:type_name -> google.protobuf.Timestamp - 21, // 42: controller.api.resources.sessionrecordings.v1.SessionRecording.start_time:type_name -> google.protobuf.Timestamp - 21, // 43: controller.api.resources.sessionrecordings.v1.SessionRecording.end_time:type_name -> google.protobuf.Timestamp - 22, // 44: controller.api.resources.sessionrecordings.v1.SessionRecording.duration:type_name -> google.protobuf.Duration - 1, // 45: controller.api.resources.sessionrecordings.v1.SessionRecording.connection_recordings:type_name -> controller.api.resources.sessionrecordings.v1.ConnectionRecording - 17, // 46: controller.api.resources.sessionrecordings.v1.SessionRecording.create_time_values:type_name -> controller.api.resources.sessionrecordings.v1.ValuesAtTime - 21, // 47: controller.api.resources.sessionrecordings.v1.SessionRecording.retain_until:type_name -> google.protobuf.Timestamp - 21, // 48: controller.api.resources.sessionrecordings.v1.SessionRecording.delete_after:type_name -> google.protobuf.Timestamp - 49, // [49:49] is the sub-list for method output_type - 49, // [49:49] is the sub-list for method input_type - 49, // [49:49] is the sub-list for extension type_name - 49, // [49:49] is the sub-list for extension extendee - 0, // [0:49] is the sub-list for field type_name + 14, // 27: controller.api.resources.sessionrecordings.v1.Credential.password_attributes:type_name -> controller.api.resources.sessionrecordings.v1.PasswordCredentialAttributes + 8, // 28: controller.api.resources.sessionrecordings.v1.CredentialLibrary.credential_store:type_name -> controller.api.resources.sessionrecordings.v1.CredentialStore + 25, // 29: controller.api.resources.sessionrecordings.v1.CredentialLibrary.attributes:type_name -> google.protobuf.Struct + 16, // 30: controller.api.resources.sessionrecordings.v1.CredentialLibrary.vault_credential_library_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultCredentialLibraryAttributes + 16, // 31: controller.api.resources.sessionrecordings.v1.CredentialLibrary.vault_generic_credential_library_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultCredentialLibraryAttributes + 17, // 32: controller.api.resources.sessionrecordings.v1.CredentialLibrary.vault_ssh_certificate_credential_library_attributes:type_name -> controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes + 20, // 33: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.critical_options:type_name -> controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.CriticalOptionsEntry + 21, // 34: controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.extensions:type_name -> controller.api.resources.sessionrecordings.v1.VaultSSHCertificateCredentialLibraryAttributes.ExtensionsEntry + 2, // 35: controller.api.resources.sessionrecordings.v1.ValuesAtTime.user:type_name -> controller.api.resources.sessionrecordings.v1.User + 6, // 36: controller.api.resources.sessionrecordings.v1.ValuesAtTime.target:type_name -> controller.api.resources.sessionrecordings.v1.Target + 4, // 37: controller.api.resources.sessionrecordings.v1.ValuesAtTime.host:type_name -> controller.api.resources.sessionrecordings.v1.Host + 10, // 38: controller.api.resources.sessionrecordings.v1.ValuesAtTime.credentials:type_name -> controller.api.resources.sessionrecordings.v1.Credential + 15, // 39: controller.api.resources.sessionrecordings.v1.ValuesAtTime.credential_libraries:type_name -> controller.api.resources.sessionrecordings.v1.CredentialLibrary + 24, // 40: controller.api.resources.sessionrecordings.v1.SessionRecording.scope:type_name -> controller.api.resources.scopes.v1.ScopeInfo + 22, // 41: controller.api.resources.sessionrecordings.v1.SessionRecording.created_time:type_name -> google.protobuf.Timestamp + 22, // 42: controller.api.resources.sessionrecordings.v1.SessionRecording.updated_time:type_name -> google.protobuf.Timestamp + 22, // 43: controller.api.resources.sessionrecordings.v1.SessionRecording.start_time:type_name -> google.protobuf.Timestamp + 22, // 44: controller.api.resources.sessionrecordings.v1.SessionRecording.end_time:type_name -> google.protobuf.Timestamp + 23, // 45: controller.api.resources.sessionrecordings.v1.SessionRecording.duration:type_name -> google.protobuf.Duration + 1, // 46: controller.api.resources.sessionrecordings.v1.SessionRecording.connection_recordings:type_name -> controller.api.resources.sessionrecordings.v1.ConnectionRecording + 18, // 47: controller.api.resources.sessionrecordings.v1.SessionRecording.create_time_values:type_name -> controller.api.resources.sessionrecordings.v1.ValuesAtTime + 22, // 48: controller.api.resources.sessionrecordings.v1.SessionRecording.retain_until:type_name -> google.protobuf.Timestamp + 22, // 49: controller.api.resources.sessionrecordings.v1.SessionRecording.delete_after:type_name -> google.protobuf.Timestamp + 50, // [50:50] is the sub-list for method output_type + 50, // [50:50] is the sub-list for method input_type + 50, // [50:50] is the sub-list for extension type_name + 50, // [50:50] is the sub-list for extension extendee + 0, // [0:50] is the sub-list for field type_name } func init() { file_controller_api_resources_sessionrecordings_v1_session_recording_proto_init() } @@ -2450,8 +2518,9 @@ func file_controller_api_resources_sessionrecordings_v1_session_recording_proto_ (*Credential_UsernamePasswordAttributes)(nil), (*Credential_SshPrivateKeyAttributes)(nil), (*Credential_JsonAttributes)(nil), + (*Credential_PasswordAttributes)(nil), } - file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[14].OneofWrappers = []any{ + file_controller_api_resources_sessionrecordings_v1_session_recording_proto_msgTypes[15].OneofWrappers = []any{ (*CredentialLibrary_Attributes)(nil), (*CredentialLibrary_VaultCredentialLibraryAttributes)(nil), (*CredentialLibrary_VaultGenericCredentialLibraryAttributes)(nil), @@ -2463,7 +2532,7 @@ func file_controller_api_resources_sessionrecordings_v1_session_recording_proto_ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDesc), len(file_controller_api_resources_sessionrecordings_v1_session_recording_proto_rawDesc)), NumEnums: 0, - NumMessages: 21, + NumMessages: 22, NumExtensions: 0, NumServices: 0, },