mirror of https://github.com/hashicorp/boundary
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1296 lines
46 KiB
1296 lines
46 KiB
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
// Code generated by protoc-gen-go. DO NOT EDIT.
|
|
// versions:
|
|
// protoc-gen-go v1.36.10
|
|
// protoc (unknown)
|
|
// source: controller/storage/auth/oidc/store/v1/oidc.proto
|
|
|
|
// Package store provides protobufs for storing types in the password package.
|
|
|
|
package store
|
|
|
|
import (
|
|
timestamp "github.com/hashicorp/boundary/internal/db/timestamp"
|
|
_ "github.com/hashicorp/boundary/sdk/pbs/controller/protooptions"
|
|
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
|
|
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
|
|
reflect "reflect"
|
|
sync "sync"
|
|
unsafe "unsafe"
|
|
)
|
|
|
|
const (
|
|
// Verify that this generated code is sufficiently up-to-date.
|
|
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
|
|
// Verify that runtime/protoimpl is sufficiently up-to-date.
|
|
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
|
|
)
|
|
|
|
// AuthMethod represents an OIDC auth method.
|
|
type AuthMethod struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
PublicId string `protobuf:"bytes,10,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
// The update_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
UpdateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
|
|
// name is optional. If set, it must be unique within scope_id.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Name string `protobuf:"bytes,40,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"`
|
|
// description is optional.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Description string `protobuf:"bytes,50,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"`
|
|
// The scope_id of the owning scope. Must be set.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
ScopeId string `protobuf:"bytes,60,opt,name=scope_id,json=scopeId,proto3" json:"scope_id,omitempty" gorm:"not_null"`
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Version uint32 `protobuf:"varint,70,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"`
|
|
// is_primary_auth_method is a read-only output field which indicates if the
|
|
// auth method is set as the scope's primary auth method.
|
|
// @inject_tag: `gorm:"-"`
|
|
IsPrimaryAuthMethod bool `protobuf:"varint,75,opt,name=is_primary_auth_method,json=isPrimaryAuthMethod,proto3" json:"is_primary_auth_method,omitempty" gorm:"-"`
|
|
// operational_state is the current state of the auth_oidc_method (inactive,
|
|
// active-private, or active-public).
|
|
// @inject_tag: `gorm:"column:state;not_null"`
|
|
OperationalState string `protobuf:"bytes,80,opt,name=operational_state,json=operationalState,proto3" json:"operational_state,omitempty" gorm:"column:state;not_null"`
|
|
// disable_discovered_config_validation is a flag that when set to true
|
|
// indicates the AuthMethod config was not validated against the IdP's
|
|
// discovery info document when it was updated or its operational_state was
|
|
// changed.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
DisableDiscoveredConfigValidation bool `protobuf:"varint,89,opt,name=disable_discovered_config_validation,json=disableDiscoveredConfigValidation,proto3" json:"disable_discovered_config_validation,omitempty" gorm:"not_null"`
|
|
// issuer is the OIDC Discovery URL without any .well-known component
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Issuer string `protobuf:"bytes,90,opt,name=issuer,proto3" json:"issuer,omitempty" gorm:"default:null"`
|
|
// client_id is the OIDC client identifier
|
|
// @inject_tag: `gorm:"not_null"`
|
|
ClientId string `protobuf:"bytes,100,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty" gorm:"not_null"`
|
|
// ct_client_secret is the encrypted OIDC client secret which is stored in the db.
|
|
// @inject_tag: `gorm:"column:client_secret;not_null" wrapping:"ct,client_secret"`
|
|
CtClientSecret []byte `protobuf:"bytes,110,opt,name=ct_client_secret,json=ctClientSecret,proto3" json:"ct_client_secret,omitempty" gorm:"column:client_secret;not_null" wrapping:"ct,client_secret"`
|
|
// client_secret is the unencrypted OIDC client secret which is not stored in the database.
|
|
// @inject_tag: `gorm:"-" wrapping:"pt,client_secret"`
|
|
ClientSecret string `protobuf:"bytes,120,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty" gorm:"-" wrapping:"pt,client_secret"`
|
|
// client_secret_hmac is a sha256-hmac of the unencrypted client_secret that
|
|
// is returned from the API for read. It is recalculated everytime the raw
|
|
// client_secret is updated.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
ClientSecretHmac string `protobuf:"bytes,130,opt,name=client_secret_hmac,json=clientSecretHmac,proto3" json:"client_secret_hmac,omitempty" gorm:"not_null"`
|
|
// key_id is the key ID that was used for the encryption operation. It can be
|
|
// used to identify a specific version of the key needed to decrypt the value,
|
|
// which is useful for caching purposes.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
KeyId string `protobuf:"bytes,140,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty" gorm:"not_null"`
|
|
// max_age is the allowed elapsed time in seconds since the last time the user
|
|
// was actively authenticated by the OIDC provider. -1 indicates the user
|
|
// should be re-authenticated immediately and would represent the zero value
|
|
// for max age based on the oidc spec.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
MaxAge int32 `protobuf:"varint,150,opt,name=max_age,json=maxAge,proto3" json:"max_age,omitempty" gorm:"default:null"`
|
|
// api_url is the URLs prefix at which the Boundary api is reachable. This value
|
|
// is used by the auth method in the different steps of the auth flow.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
ApiUrl string `protobuf:"bytes,160,opt,name=api_url,json=apiUrl,proto3" json:"api_url,omitempty" gorm:"default:null"`
|
|
// signing_algs are the signing algorithms allowed for an oidc auth method.
|
|
// These are Value Objects that will be stored as SigningAlg messages, and are
|
|
// operated on as a complete set.
|
|
// @inject_tag: `gorm:"-"`
|
|
SigningAlgs []string `protobuf:"bytes,170,rep,name=signing_algs,json=signingAlgs,proto3" json:"signing_algs,omitempty" gorm:"-"`
|
|
// aud_claims are the audience claims for a specific oidc auth method. These
|
|
// are Value Objects that will be stored as AudClaim messages, and are
|
|
// operatated on as a complete set.
|
|
// @inject_tag: `gorm:"-"`
|
|
AudClaims []string `protobuf:"bytes,180,rep,name=aud_claims,json=audClaims,proto3" json:"aud_claims,omitempty" gorm:"-"`
|
|
// certificates are optional PEM encoded x509 certificates that can be
|
|
// used as trust anchors when connecting to an OIDC provider. These are Value
|
|
// Objects that will be stored as Certificate messages, and are operatated on
|
|
// as a complete set.
|
|
// @inject_tag: `gorm:"-"`
|
|
Certificates []string `protobuf:"bytes,190,rep,name=certificates,proto3" json:"certificates,omitempty" gorm:"-"`
|
|
// claims_scopes are the optional claims scopes a specific oidc auth method.
|
|
// These are Value Objects that will be stored as ClaimsScope messages, and
|
|
// are operatated on as a complete set.
|
|
// @inject_tag: `gorm:"-"`
|
|
ClaimsScopes []string `protobuf:"bytes,200,rep,name=claims_scopes,json=claimsScopes,proto3" json:"claims_scopes,omitempty" gorm:"-"`
|
|
// account_claim_maps are optional claim maps from custom claims to the
|
|
// standard claims of sub, name and email. These maps are represented as
|
|
// key=value where the key equals the from_claim and the value equals the
|
|
// to_claim. For example "oid=sub".
|
|
// @inject_tag: `gorm:"-"`
|
|
AccountClaimMaps []string `protobuf:"bytes,210,rep,name=account_claim_maps,json=accountClaimMaps,proto3" json:"account_claim_maps,omitempty" gorm:"-"`
|
|
// prompts are the optional prompts allowed for an oidc auth method.
|
|
// These value objects specify whether the authorization server prompts
|
|
// the end-user for reauthentication, account selection and consent.
|
|
// These are Value Objects that will be stored as Prompt messages,
|
|
// and are operatated on as a complete set.
|
|
// @inject_tag: `gorm:"-"`
|
|
Prompts []string `protobuf:"bytes,220,rep,name=prompts,proto3" json:"prompts,omitempty" gorm:"-"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *AuthMethod) Reset() {
|
|
*x = AuthMethod{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[0]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *AuthMethod) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*AuthMethod) ProtoMessage() {}
|
|
|
|
func (x *AuthMethod) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[0]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use AuthMethod.ProtoReflect.Descriptor instead.
|
|
func (*AuthMethod) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{0}
|
|
}
|
|
|
|
func (x *AuthMethod) GetPublicId() string {
|
|
if x != nil {
|
|
return x.PublicId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetUpdateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.UpdateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetName() string {
|
|
if x != nil {
|
|
return x.Name
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetDescription() string {
|
|
if x != nil {
|
|
return x.Description
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetScopeId() string {
|
|
if x != nil {
|
|
return x.ScopeId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetVersion() uint32 {
|
|
if x != nil {
|
|
return x.Version
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (x *AuthMethod) GetIsPrimaryAuthMethod() bool {
|
|
if x != nil {
|
|
return x.IsPrimaryAuthMethod
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *AuthMethod) GetOperationalState() string {
|
|
if x != nil {
|
|
return x.OperationalState
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetDisableDiscoveredConfigValidation() bool {
|
|
if x != nil {
|
|
return x.DisableDiscoveredConfigValidation
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (x *AuthMethod) GetIssuer() string {
|
|
if x != nil {
|
|
return x.Issuer
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetClientId() string {
|
|
if x != nil {
|
|
return x.ClientId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetCtClientSecret() []byte {
|
|
if x != nil {
|
|
return x.CtClientSecret
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetClientSecret() string {
|
|
if x != nil {
|
|
return x.ClientSecret
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetClientSecretHmac() string {
|
|
if x != nil {
|
|
return x.ClientSecretHmac
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetKeyId() string {
|
|
if x != nil {
|
|
return x.KeyId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetMaxAge() int32 {
|
|
if x != nil {
|
|
return x.MaxAge
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (x *AuthMethod) GetApiUrl() string {
|
|
if x != nil {
|
|
return x.ApiUrl
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AuthMethod) GetSigningAlgs() []string {
|
|
if x != nil {
|
|
return x.SigningAlgs
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetAudClaims() []string {
|
|
if x != nil {
|
|
return x.AudClaims
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetCertificates() []string {
|
|
if x != nil {
|
|
return x.Certificates
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetClaimsScopes() []string {
|
|
if x != nil {
|
|
return x.ClaimsScopes
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetAccountClaimMaps() []string {
|
|
if x != nil {
|
|
return x.AccountClaimMaps
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *AuthMethod) GetPrompts() []string {
|
|
if x != nil {
|
|
return x.Prompts
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Account represents an OIDC account
|
|
// the scope_id column is not included here as it is used only to ensure
|
|
// data integrity in the database between iam users and auth methods.
|
|
type Account struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
PublicId string `protobuf:"bytes,10,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
// The update_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
UpdateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
|
|
// name is optional. If set, it must be unique within scope_id.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Name string `protobuf:"bytes,40,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"`
|
|
// description is optional.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Description string `protobuf:"bytes,50,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"`
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Version uint32 `protobuf:"varint,60,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"`
|
|
// auth_method_id is the fk to the account's auth method.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
AuthMethodId string `protobuf:"bytes,70,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"not_null"`
|
|
// issuer is a case sensitive URL that maps to the OIDC iss claim
|
|
// @inject_tag: `gorm:"not_null"`
|
|
Issuer string `protobuf:"bytes,80,opt,name=issuer,proto3" json:"issuer,omitempty" gorm:"not_null"`
|
|
// subject is a case sensitive string that maps to the OIDC sub claim.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
Subject string `protobuf:"bytes,90,opt,name=subject,proto3" json:"subject,omitempty" gorm:"not_null"`
|
|
// full_name is a string that maps to the OIDC name claim
|
|
// @inject_tag: `gorm:"default:null"`
|
|
FullName string `protobuf:"bytes,100,opt,name=full_name,json=fullName,proto3" json:"full_name,omitempty" gorm:"default:null"`
|
|
// email is a string that maps to the OIDC email claim.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Email string `protobuf:"bytes,110,opt,name=email,proto3" json:"email,omitempty" gorm:"default:null"`
|
|
// token_claims are the marshaled claims from the token.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
TokenClaims string `protobuf:"bytes,120,opt,name=token_claims,json=tokenClaims,proto3" json:"token_claims,omitempty" gorm:"default:null"`
|
|
// userinfo_claims are the marshaled claims from userinfo.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
UserinfoClaims string `protobuf:"bytes,130,opt,name=userinfo_claims,json=userinfoClaims,proto3" json:"userinfo_claims,omitempty" gorm:"default:null"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *Account) Reset() {
|
|
*x = Account{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[1]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *Account) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*Account) ProtoMessage() {}
|
|
|
|
func (x *Account) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[1]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use Account.ProtoReflect.Descriptor instead.
|
|
func (*Account) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{1}
|
|
}
|
|
|
|
func (x *Account) GetPublicId() string {
|
|
if x != nil {
|
|
return x.PublicId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Account) GetUpdateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.UpdateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *Account) GetName() string {
|
|
if x != nil {
|
|
return x.Name
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetDescription() string {
|
|
if x != nil {
|
|
return x.Description
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetVersion() uint32 {
|
|
if x != nil {
|
|
return x.Version
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (x *Account) GetAuthMethodId() string {
|
|
if x != nil {
|
|
return x.AuthMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetIssuer() string {
|
|
if x != nil {
|
|
return x.Issuer
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetSubject() string {
|
|
if x != nil {
|
|
return x.Subject
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetFullName() string {
|
|
if x != nil {
|
|
return x.FullName
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetEmail() string {
|
|
if x != nil {
|
|
return x.Email
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetTokenClaims() string {
|
|
if x != nil {
|
|
return x.TokenClaims
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Account) GetUserinfoClaims() string {
|
|
if x != nil {
|
|
return x.UserinfoClaims
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// SigningAlg entries are the signing algorithms allowed for an oidc auth method.
|
|
type SigningAlg struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
|
|
// alg is an enum from the auth_oidc_signing_alg_enm table
|
|
// @inject_tag: `gorm:"primary_key;column:signing_alg_name"`
|
|
Alg string `protobuf:"bytes,20,opt,name=alg,proto3" json:"alg,omitempty" gorm:"primary_key;column:signing_alg_name"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *SigningAlg) Reset() {
|
|
*x = SigningAlg{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[2]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *SigningAlg) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*SigningAlg) ProtoMessage() {}
|
|
|
|
func (x *SigningAlg) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[2]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use SigningAlg.ProtoReflect.Descriptor instead.
|
|
func (*SigningAlg) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{2}
|
|
}
|
|
|
|
func (x *SigningAlg) GetOidcMethodId() string {
|
|
if x != nil {
|
|
return x.OidcMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *SigningAlg) GetAlg() string {
|
|
if x != nil {
|
|
return x.Alg
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *SigningAlg) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// AudClaim entries are the audience claims for a specific oidc auth method.
|
|
type AudClaim struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
|
|
// aud is an allowed audience claim for id_tokens
|
|
// @inject_tag: `gorm:"primary_key;column:aud_claim""`
|
|
Aud string `protobuf:"bytes,20,opt,name=aud,proto3" json:"aud,omitempty" gorm:"primary_key;column:aud_claim"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *AudClaim) Reset() {
|
|
*x = AudClaim{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[3]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *AudClaim) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*AudClaim) ProtoMessage() {}
|
|
|
|
func (x *AudClaim) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[3]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use AudClaim.ProtoReflect.Descriptor instead.
|
|
func (*AudClaim) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{3}
|
|
}
|
|
|
|
func (x *AudClaim) GetOidcMethodId() string {
|
|
if x != nil {
|
|
return x.OidcMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AudClaim) GetAud() string {
|
|
if x != nil {
|
|
return x.Aud
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AudClaim) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// Certificate entries are optional PEM encoded x509 certificates that can be
|
|
// used as trust anchors when connecting to an OIDC provider.
|
|
type Certificate struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
|
|
// certificate is a PEM encoded x509
|
|
// @inject_tag: `gorm:"column:certificate;primary_key"`
|
|
Cert string `protobuf:"bytes,20,opt,name=cert,proto3" json:"cert,omitempty" gorm:"column:certificate;primary_key"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *Certificate) Reset() {
|
|
*x = Certificate{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[4]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *Certificate) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*Certificate) ProtoMessage() {}
|
|
|
|
func (x *Certificate) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[4]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use Certificate.ProtoReflect.Descriptor instead.
|
|
func (*Certificate) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{4}
|
|
}
|
|
|
|
func (x *Certificate) GetOidcMethodId() string {
|
|
if x != nil {
|
|
return x.OidcMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Certificate) GetCert() string {
|
|
if x != nil {
|
|
return x.Cert
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Certificate) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ClaimsScope entries are optional OIDC scope values that are used to request
|
|
// claims, in addition to the default scope of "openid".
|
|
//
|
|
// see: https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims
|
|
type ClaimsScope struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
|
|
// scope is an OIDC scope
|
|
// @inject_tag: `gorm:"column:scope;primary_key"`
|
|
Scope string `protobuf:"bytes,20,opt,name=scope,proto3" json:"scope,omitempty" gorm:"column:scope;primary_key"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *ClaimsScope) Reset() {
|
|
*x = ClaimsScope{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[5]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *ClaimsScope) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*ClaimsScope) ProtoMessage() {}
|
|
|
|
func (x *ClaimsScope) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[5]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use ClaimsScope.ProtoReflect.Descriptor instead.
|
|
func (*ClaimsScope) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{5}
|
|
}
|
|
|
|
func (x *ClaimsScope) GetOidcMethodId() string {
|
|
if x != nil {
|
|
return x.OidcMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ClaimsScope) GetScope() string {
|
|
if x != nil {
|
|
return x.Scope
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ClaimsScope) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// AccountClaimMap entries are optional from/to account claim maps.
|
|
type AccountClaimMap struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
|
|
// from_claim is the claim from the id_token that you need to map to a
|
|
// standard account claim.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
FromClaim string `protobuf:"bytes,20,opt,name=from_claim,json=fromClaim,proto3" json:"from_claim,omitempty" gorm:"not_null"`
|
|
// to_claim is the standard account claim to map the from_claim to. Valid
|
|
// values are: sub, name, email
|
|
// @inject_tag: `gorm:"column:to_claim;primary_key"`
|
|
ToClaim string `protobuf:"bytes,30,opt,name=to_claim,json=toClaim,proto3" json:"to_claim,omitempty" gorm:"column:to_claim;primary_key"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,40,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *AccountClaimMap) Reset() {
|
|
*x = AccountClaimMap{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[6]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *AccountClaimMap) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*AccountClaimMap) ProtoMessage() {}
|
|
|
|
func (x *AccountClaimMap) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[6]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use AccountClaimMap.ProtoReflect.Descriptor instead.
|
|
func (*AccountClaimMap) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{6}
|
|
}
|
|
|
|
func (x *AccountClaimMap) GetOidcMethodId() string {
|
|
if x != nil {
|
|
return x.OidcMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AccountClaimMap) GetFromClaim() string {
|
|
if x != nil {
|
|
return x.FromClaim
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AccountClaimMap) GetToClaim() string {
|
|
if x != nil {
|
|
return x.ToClaim
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *AccountClaimMap) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ManagedGroup entries provide an OIDC auth method implementation of managed
|
|
// groups.
|
|
type ManagedGroup struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
PublicId string `protobuf:"bytes,10,opt,name=public_id,json=publicId,proto3" json:"public_id,omitempty" gorm:"primary_key"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
// The update_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
UpdateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=update_time,json=updateTime,proto3" json:"update_time,omitempty" gorm:"default:current_timestamp"`
|
|
// name is optional. If set, it must be unique within auth_method_id.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Name string `protobuf:"bytes,40,opt,name=name,proto3" json:"name,omitempty" gorm:"default:null"`
|
|
// description is optional.
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Description string `protobuf:"bytes,50,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"`
|
|
// @inject_tag: `gorm:"default:null"`
|
|
Version uint32 `protobuf:"varint,60,opt,name=version,proto3" json:"version,omitempty" gorm:"default:null"`
|
|
// auth_method_id is the fk to the account's auth method.
|
|
// @inject_tag: `gorm:"not_null"`
|
|
AuthMethodId string `protobuf:"bytes,70,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"not_null"`
|
|
// filter is a go-bexpr filter
|
|
// @inject_tag: `gorm:"not_null"`
|
|
Filter string `protobuf:"bytes,80,opt,name=filter,proto3" json:"filter,omitempty" gorm:"not_null"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *ManagedGroup) Reset() {
|
|
*x = ManagedGroup{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[7]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *ManagedGroup) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*ManagedGroup) ProtoMessage() {}
|
|
|
|
func (x *ManagedGroup) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[7]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use ManagedGroup.ProtoReflect.Descriptor instead.
|
|
func (*ManagedGroup) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{7}
|
|
}
|
|
|
|
func (x *ManagedGroup) GetPublicId() string {
|
|
if x != nil {
|
|
return x.PublicId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ManagedGroup) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *ManagedGroup) GetUpdateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.UpdateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *ManagedGroup) GetName() string {
|
|
if x != nil {
|
|
return x.Name
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ManagedGroup) GetDescription() string {
|
|
if x != nil {
|
|
return x.Description
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ManagedGroup) GetVersion() uint32 {
|
|
if x != nil {
|
|
return x.Version
|
|
}
|
|
return 0
|
|
}
|
|
|
|
func (x *ManagedGroup) GetAuthMethodId() string {
|
|
if x != nil {
|
|
return x.AuthMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ManagedGroup) GetFilter() string {
|
|
if x != nil {
|
|
return x.Filter
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// ManagedGroupMemberAccount contains a mapping between a managed group and a
|
|
// member account.
|
|
type ManagedGroupMemberAccount struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,10,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
// managed_group_id is the fk to the oidc managed group public id
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
ManagedGroupId string `protobuf:"bytes,20,opt,name=managed_group_id,json=managedGroupId,proto3" json:"managed_group_id,omitempty" gorm:"primary_key"`
|
|
// member_id is the fk to the oidc account public id
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
MemberId string `protobuf:"bytes,30,opt,name=member_id,json=memberId,proto3" json:"member_id,omitempty" gorm:"primary_key"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *ManagedGroupMemberAccount) Reset() {
|
|
*x = ManagedGroupMemberAccount{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[8]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *ManagedGroupMemberAccount) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*ManagedGroupMemberAccount) ProtoMessage() {}
|
|
|
|
func (x *ManagedGroupMemberAccount) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[8]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use ManagedGroupMemberAccount.ProtoReflect.Descriptor instead.
|
|
func (*ManagedGroupMemberAccount) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{8}
|
|
}
|
|
|
|
func (x *ManagedGroupMemberAccount) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (x *ManagedGroupMemberAccount) GetManagedGroupId() string {
|
|
if x != nil {
|
|
return x.ManagedGroupId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *ManagedGroupMemberAccount) GetMemberId() string {
|
|
if x != nil {
|
|
return x.MemberId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// Prompt entries are the prompts allowed for an oidc auth method.
|
|
type Prompt struct {
|
|
state protoimpl.MessageState `protogen:"open.v1"`
|
|
// @inject_tag: `gorm:"primary_key"`
|
|
OidcMethodId string `protobuf:"bytes,10,opt,name=oidc_method_id,json=oidcMethodId,proto3" json:"oidc_method_id,omitempty" gorm:"primary_key"`
|
|
// prompt_param is an enum from the auth_oidc_prompt_enm table
|
|
// @inject_tag: `gorm:"primary_key;column:prompt"`
|
|
PromptParam string `protobuf:"bytes,20,opt,name=prompt_param,json=promptParam,proto3" json:"prompt_param,omitempty" gorm:"primary_key;column:prompt"`
|
|
// The create_time is set by the database.
|
|
// @inject_tag: `gorm:"default:current_timestamp"`
|
|
CreateTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty" gorm:"default:current_timestamp"`
|
|
unknownFields protoimpl.UnknownFields
|
|
sizeCache protoimpl.SizeCache
|
|
}
|
|
|
|
func (x *Prompt) Reset() {
|
|
*x = Prompt{}
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[9]
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
|
|
func (x *Prompt) String() string {
|
|
return protoimpl.X.MessageStringOf(x)
|
|
}
|
|
|
|
func (*Prompt) ProtoMessage() {}
|
|
|
|
func (x *Prompt) ProtoReflect() protoreflect.Message {
|
|
mi := &file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes[9]
|
|
if x != nil {
|
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
|
if ms.LoadMessageInfo() == nil {
|
|
ms.StoreMessageInfo(mi)
|
|
}
|
|
return ms
|
|
}
|
|
return mi.MessageOf(x)
|
|
}
|
|
|
|
// Deprecated: Use Prompt.ProtoReflect.Descriptor instead.
|
|
func (*Prompt) Descriptor() ([]byte, []int) {
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP(), []int{9}
|
|
}
|
|
|
|
func (x *Prompt) GetOidcMethodId() string {
|
|
if x != nil {
|
|
return x.OidcMethodId
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Prompt) GetPromptParam() string {
|
|
if x != nil {
|
|
return x.PromptParam
|
|
}
|
|
return ""
|
|
}
|
|
|
|
func (x *Prompt) GetCreateTime() *timestamp.Timestamp {
|
|
if x != nil {
|
|
return x.CreateTime
|
|
}
|
|
return nil
|
|
}
|
|
|
|
var File_controller_storage_auth_oidc_store_v1_oidc_proto protoreflect.FileDescriptor
|
|
|
|
const file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDesc = "" +
|
|
"\n" +
|
|
"0controller/storage/auth/oidc/store/v1/oidc.proto\x12%controller.storage.auth.oidc.store.v1\x1a*controller/custom_options/v1/options.proto\x1a/controller/storage/timestamp/v1/timestamp.proto\"\xc1\v\n" +
|
|
"\n" +
|
|
"AuthMethod\x12\x1b\n" +
|
|
"\tpublic_id\x18\n" +
|
|
" \x01(\tR\bpublicId\x12K\n" +
|
|
"\vcreate_time\x18\x14 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\x12K\n" +
|
|
"\vupdate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"updateTime\x12$\n" +
|
|
"\x04name\x18( \x01(\tB\x10\xc2\xdd)\f\n" +
|
|
"\x04Name\x12\x04nameR\x04name\x12@\n" +
|
|
"\vdescription\x182 \x01(\tB\x1e\xc2\xdd)\x1a\n" +
|
|
"\vDescription\x12\vdescriptionR\vdescription\x12\x19\n" +
|
|
"\bscope_id\x18< \x01(\tR\ascopeId\x12\x18\n" +
|
|
"\aversion\x18F \x01(\rR\aversion\x123\n" +
|
|
"\x16is_primary_auth_method\x18K \x01(\bR\x13isPrimaryAuthMethod\x12+\n" +
|
|
"\x11operational_state\x18P \x01(\tR\x10operationalState\x12O\n" +
|
|
"$disable_discovered_config_validation\x18Y \x01(\bR!disableDiscoveredConfigValidation\x127\n" +
|
|
"\x06issuer\x18Z \x01(\tB\x1f\xc2\xdd)\x1b\n" +
|
|
"\x06Issuer\x12\x11attributes.issuerR\x06issuer\x12A\n" +
|
|
"\tclient_id\x18d \x01(\tB$\xc2\xdd) \n" +
|
|
"\bClientId\x12\x14attributes.client_idR\bclientId\x12(\n" +
|
|
"\x10ct_client_secret\x18n \x01(\fR\x0ectClientSecret\x12Q\n" +
|
|
"\rclient_secret\x18x \x01(\tB,\xc2\xdd)(\n" +
|
|
"\fClientSecret\x12\x18attributes.client_secretR\fclientSecret\x12-\n" +
|
|
"\x12client_secret_hmac\x18\x82\x01 \x01(\tR\x10clientSecretHmac\x12\x16\n" +
|
|
"\x06key_id\x18\x8c\x01 \x01(\tR\x05keyId\x12:\n" +
|
|
"\amax_age\x18\x96\x01 \x01(\x05B \xc2\xdd)\x1c\n" +
|
|
"\x06MaxAge\x12\x12attributes.max_ageR\x06maxAge\x12A\n" +
|
|
"\aapi_url\x18\xa0\x01 \x01(\tB'\xc2\xdd)#\n" +
|
|
"\x06ApiUrl\x12\x19attributes.api_url_prefixR\x06apiUrl\x12T\n" +
|
|
"\fsigning_algs\x18\xaa\x01 \x03(\tB0\xc2\xdd),\n" +
|
|
"\vSigningAlgs\x12\x1dattributes.signing_algorithmsR\vsigningAlgs\x12M\n" +
|
|
"\n" +
|
|
"aud_claims\x18\xb4\x01 \x03(\tB-\xc2\xdd))\n" +
|
|
"\tAudClaims\x12\x1cattributes.allowed_audiencesR\taudClaims\x12P\n" +
|
|
"\fcertificates\x18\xbe\x01 \x03(\tB+\xc2\xdd)'\n" +
|
|
"\fCertificates\x12\x17attributes.idp_ca_certsR\fcertificates\x12R\n" +
|
|
"\rclaims_scopes\x18\xc8\x01 \x03(\tB,\xc2\xdd)(\n" +
|
|
"\fClaimsScopes\x12\x18attributes.claims_scopesR\fclaimsScopes\x12d\n" +
|
|
"\x12account_claim_maps\x18\xd2\x01 \x03(\tB5\xc2\xdd)1\n" +
|
|
"\x10AccountClaimMaps\x12\x1dattributes.account_claim_mapsR\x10accountClaimMaps\x12<\n" +
|
|
"\aprompts\x18\xdc\x01 \x03(\tB!\xc2\xdd)\x1d\n" +
|
|
"\aPrompts\x12\x12attributes.promptsR\aprompts\"\x9a\x04\n" +
|
|
"\aAccount\x12\x1b\n" +
|
|
"\tpublic_id\x18\n" +
|
|
" \x01(\tR\bpublicId\x12K\n" +
|
|
"\vcreate_time\x18\x14 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\x12K\n" +
|
|
"\vupdate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"updateTime\x12$\n" +
|
|
"\x04name\x18( \x01(\tB\x10\xc2\xdd)\f\n" +
|
|
"\x04Name\x12\x04nameR\x04name\x12@\n" +
|
|
"\vdescription\x182 \x01(\tB\x1e\xc2\xdd)\x1a\n" +
|
|
"\vDescription\x12\vdescriptionR\vdescription\x12\x18\n" +
|
|
"\aversion\x18< \x01(\rR\aversion\x12$\n" +
|
|
"\x0eauth_method_id\x18F \x01(\tR\fauthMethodId\x12\x16\n" +
|
|
"\x06issuer\x18P \x01(\tR\x06issuer\x12\x18\n" +
|
|
"\asubject\x18Z \x01(\tR\asubject\x12\x1b\n" +
|
|
"\tfull_name\x18d \x01(\tR\bfullName\x12\x14\n" +
|
|
"\x05email\x18n \x01(\tR\x05email\x12!\n" +
|
|
"\ftoken_claims\x18x \x01(\tR\vtokenClaims\x12(\n" +
|
|
"\x0fuserinfo_claims\x18\x82\x01 \x01(\tR\x0euserinfoClaims\"\x91\x01\n" +
|
|
"\n" +
|
|
"SigningAlg\x12$\n" +
|
|
"\x0eoidc_method_id\x18\n" +
|
|
" \x01(\tR\foidcMethodId\x12\x10\n" +
|
|
"\x03alg\x18\x14 \x01(\tR\x03alg\x12K\n" +
|
|
"\vcreate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\"\x8f\x01\n" +
|
|
"\bAudClaim\x12$\n" +
|
|
"\x0eoidc_method_id\x18\n" +
|
|
" \x01(\tR\foidcMethodId\x12\x10\n" +
|
|
"\x03aud\x18\x14 \x01(\tR\x03aud\x12K\n" +
|
|
"\vcreate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\"\x94\x01\n" +
|
|
"\vCertificate\x12$\n" +
|
|
"\x0eoidc_method_id\x18\n" +
|
|
" \x01(\tR\foidcMethodId\x12\x12\n" +
|
|
"\x04cert\x18\x14 \x01(\tR\x04cert\x12K\n" +
|
|
"\vcreate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\"\x96\x01\n" +
|
|
"\vClaimsScope\x12$\n" +
|
|
"\x0eoidc_method_id\x18\n" +
|
|
" \x01(\tR\foidcMethodId\x12\x14\n" +
|
|
"\x05scope\x18\x14 \x01(\tR\x05scope\x12K\n" +
|
|
"\vcreate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\"\xbe\x01\n" +
|
|
"\x0fAccountClaimMap\x12$\n" +
|
|
"\x0eoidc_method_id\x18\n" +
|
|
" \x01(\tR\foidcMethodId\x12\x1d\n" +
|
|
"\n" +
|
|
"from_claim\x18\x14 \x01(\tR\tfromClaim\x12\x19\n" +
|
|
"\bto_claim\x18\x1e \x01(\tR\atoClaim\x12K\n" +
|
|
"\vcreate_time\x18( \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\"\xa6\x03\n" +
|
|
"\fManagedGroup\x12\x1b\n" +
|
|
"\tpublic_id\x18\n" +
|
|
" \x01(\tR\bpublicId\x12K\n" +
|
|
"\vcreate_time\x18\x14 \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\x12K\n" +
|
|
"\vupdate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"updateTime\x12$\n" +
|
|
"\x04name\x18( \x01(\tB\x10\xc2\xdd)\f\n" +
|
|
"\x04Name\x12\x04nameR\x04name\x12@\n" +
|
|
"\vdescription\x182 \x01(\tB\x1e\xc2\xdd)\x1a\n" +
|
|
"\vDescription\x12\vdescriptionR\vdescription\x12\x18\n" +
|
|
"\aversion\x18< \x01(\rR\aversion\x12$\n" +
|
|
"\x0eauth_method_id\x18F \x01(\tR\fauthMethodId\x127\n" +
|
|
"\x06filter\x18P \x01(\tB\x1f\xc2\xdd)\x1b\n" +
|
|
"\x06Filter\x12\x11attributes.filterR\x06filter\"\xaf\x01\n" +
|
|
"\x19ManagedGroupMemberAccount\x12K\n" +
|
|
"\vcreate_time\x18\n" +
|
|
" \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTime\x12(\n" +
|
|
"\x10managed_group_id\x18\x14 \x01(\tR\x0emanagedGroupId\x12\x1b\n" +
|
|
"\tmember_id\x18\x1e \x01(\tR\bmemberId\"\x9e\x01\n" +
|
|
"\x06Prompt\x12$\n" +
|
|
"\x0eoidc_method_id\x18\n" +
|
|
" \x01(\tR\foidcMethodId\x12!\n" +
|
|
"\fprompt_param\x18\x14 \x01(\tR\vpromptParam\x12K\n" +
|
|
"\vcreate_time\x18\x1e \x01(\v2*.controller.storage.timestamp.v1.TimestampR\n" +
|
|
"createTimeB>Z<github.com/hashicorp/boundary/internal/auth/oidc/store;storeb\x06proto3"
|
|
|
|
var (
|
|
file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescOnce sync.Once
|
|
file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescData []byte
|
|
)
|
|
|
|
func file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescGZIP() []byte {
|
|
file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescOnce.Do(func() {
|
|
file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDesc), len(file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDesc)))
|
|
})
|
|
return file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDescData
|
|
}
|
|
|
|
var file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes = make([]protoimpl.MessageInfo, 10)
|
|
var file_controller_storage_auth_oidc_store_v1_oidc_proto_goTypes = []any{
|
|
(*AuthMethod)(nil), // 0: controller.storage.auth.oidc.store.v1.AuthMethod
|
|
(*Account)(nil), // 1: controller.storage.auth.oidc.store.v1.Account
|
|
(*SigningAlg)(nil), // 2: controller.storage.auth.oidc.store.v1.SigningAlg
|
|
(*AudClaim)(nil), // 3: controller.storage.auth.oidc.store.v1.AudClaim
|
|
(*Certificate)(nil), // 4: controller.storage.auth.oidc.store.v1.Certificate
|
|
(*ClaimsScope)(nil), // 5: controller.storage.auth.oidc.store.v1.ClaimsScope
|
|
(*AccountClaimMap)(nil), // 6: controller.storage.auth.oidc.store.v1.AccountClaimMap
|
|
(*ManagedGroup)(nil), // 7: controller.storage.auth.oidc.store.v1.ManagedGroup
|
|
(*ManagedGroupMemberAccount)(nil), // 8: controller.storage.auth.oidc.store.v1.ManagedGroupMemberAccount
|
|
(*Prompt)(nil), // 9: controller.storage.auth.oidc.store.v1.Prompt
|
|
(*timestamp.Timestamp)(nil), // 10: controller.storage.timestamp.v1.Timestamp
|
|
}
|
|
var file_controller_storage_auth_oidc_store_v1_oidc_proto_depIdxs = []int32{
|
|
10, // 0: controller.storage.auth.oidc.store.v1.AuthMethod.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 1: controller.storage.auth.oidc.store.v1.AuthMethod.update_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 2: controller.storage.auth.oidc.store.v1.Account.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 3: controller.storage.auth.oidc.store.v1.Account.update_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 4: controller.storage.auth.oidc.store.v1.SigningAlg.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 5: controller.storage.auth.oidc.store.v1.AudClaim.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 6: controller.storage.auth.oidc.store.v1.Certificate.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 7: controller.storage.auth.oidc.store.v1.ClaimsScope.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 8: controller.storage.auth.oidc.store.v1.AccountClaimMap.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 9: controller.storage.auth.oidc.store.v1.ManagedGroup.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 10: controller.storage.auth.oidc.store.v1.ManagedGroup.update_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 11: controller.storage.auth.oidc.store.v1.ManagedGroupMemberAccount.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
10, // 12: controller.storage.auth.oidc.store.v1.Prompt.create_time:type_name -> controller.storage.timestamp.v1.Timestamp
|
|
13, // [13:13] is the sub-list for method output_type
|
|
13, // [13:13] is the sub-list for method input_type
|
|
13, // [13:13] is the sub-list for extension type_name
|
|
13, // [13:13] is the sub-list for extension extendee
|
|
0, // [0:13] is the sub-list for field type_name
|
|
}
|
|
|
|
func init() { file_controller_storage_auth_oidc_store_v1_oidc_proto_init() }
|
|
func file_controller_storage_auth_oidc_store_v1_oidc_proto_init() {
|
|
if File_controller_storage_auth_oidc_store_v1_oidc_proto != nil {
|
|
return
|
|
}
|
|
type x struct{}
|
|
out := protoimpl.TypeBuilder{
|
|
File: protoimpl.DescBuilder{
|
|
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
|
RawDescriptor: unsafe.Slice(unsafe.StringData(file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDesc), len(file_controller_storage_auth_oidc_store_v1_oidc_proto_rawDesc)),
|
|
NumEnums: 0,
|
|
NumMessages: 10,
|
|
NumExtensions: 0,
|
|
NumServices: 0,
|
|
},
|
|
GoTypes: file_controller_storage_auth_oidc_store_v1_oidc_proto_goTypes,
|
|
DependencyIndexes: file_controller_storage_auth_oidc_store_v1_oidc_proto_depIdxs,
|
|
MessageInfos: file_controller_storage_auth_oidc_store_v1_oidc_proto_msgTypes,
|
|
}.Build()
|
|
File_controller_storage_auth_oidc_store_v1_oidc_proto = out.File
|
|
file_controller_storage_auth_oidc_store_v1_oidc_proto_goTypes = nil
|
|
file_controller_storage_auth_oidc_store_v1_oidc_proto_depIdxs = nil
|
|
}
|