aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'malnick-err-cli-update'
${ noResults }
boundary/internal/proto/local/controller/api/services/v1/authenticate_service.proto

52 lines
2.0 KiB
Raw Permalink Blame History

syntax = "proto3";
package controller.api.services.v1;
option go_package = "github.com/hashicorp/boundary/internal/gen/controller/api/services;services";
import "protoc-gen-openapiv2/options/annotations.proto";
import "google/api/annotations.proto";
import "google/protobuf/struct.proto";
import "controller/api/resources/authtokens/v1/authtoken.proto";
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_swagger) = {
info: {
title: "Controller API"
}
schemes: HTTPS
schemes: HTTP
};
service AuthenticationService {
// Authenticate validates credentials provided and returns an Auth Token.
rpc Authenticate(AuthenticateRequest) returns (AuthenticateResponse) {
option (google.api.http) = {
post: "/v1/auth-methods/{auth_method_id}:authenticate"
body: "*"
response_body: "item"
};
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
summary: "Authenticate a user to an scope and retrieve an authentication token."
};
}
}
// The layout of the struct for "credentials" field in AuthenticateRequest. This message isn't directly referenced anywhere but is used here to define the expected field names and types.
message PasswordCredentials {
string login_name = 1 [json_name="login_name"];
string password = 2;
}
message AuthenticateRequest {
// The ID of the Auth Method in the system that should be used for authentication.
string auth_method_id = 1 [json_name="auth_method_id"];
// This can be "cookie" or "token". If not provided, "token" will be used. "cookie" activates a split-cookie method where the token is split partially between http-only and regular cookies in order to keep it safe from rogue JS in the browser.
string token_type = 2 [json_name="token_type"];
// Credentials are passed to the Auth Method; the valid keys and values depend on the type of Auth Method.
google.protobuf.Struct credentials = 3;
}
message AuthenticateResponse {
resources.authtokens.v1.AuthToken item = 1;
string token_type = 2 [json_name="token_type"];
}
Reference in new issue View Git Blame Copy Permalink