// Copyright (c) Mainflux // SPDX-License-Identifier: Apache-2.0 syntax = "proto3"; package mainflux; import "google/protobuf/empty.proto"; service ThingsService { rpc CanAccessByKey(AccessByKeyReq) returns (ThingID) {} rpc IsChannelOwner(ChannelOwnerReq) returns (google.protobuf.Empty) {} rpc CanAccessByID(AccessByIDReq) returns (google.protobuf.Empty) {} rpc Identify(Token) returns (ThingID) {} } service AuthService { rpc Issue(IssueReq) returns (Token) {} rpc Identify(Token) returns (UserIdentity) {} rpc Authorize(AuthorizeReq) returns (AuthorizeRes) {} rpc AddPolicy(AddPolicyReq) returns (AddPolicyRes) {} rpc DeletePolicy(DeletePolicyReq) returns (DeletePolicyRes) {} rpc ListPolicies(ListPoliciesReq) returns (ListPoliciesRes) {} rpc Assign(Assignment) returns(google.protobuf.Empty) {} rpc Members(MembersReq) returns (MembersRes) {} } message AccessByKeyReq { string token = 1; string chanID = 2; } message ChannelOwnerReq { string owner = 1; string chanID = 2; } message ThingID { string value = 1; } message ChannelID { string value = 1; } message AccessByIDReq { string thingID = 1; string chanID = 2; } // If a token is not carrying any information itself, the type // field can be used to determine how to validate the token. // Also, different tokens can be encoded in different ways. message Token { string value = 1; } message UserIdentity { string id = 1; string email = 2; } message IssueReq { string id = 1; string email = 2; uint32 type = 3; } message AuthorizeReq { string sub = 1; string obj = 2; string act = 3; } message AuthorizeRes { bool authorized = 1; } message AddPolicyReq { string sub = 1; string obj = 2; string act = 3; } message AddPolicyRes { bool authorized = 1; } message DeletePolicyReq { string sub = 1; string obj = 2; string act = 3; } message DeletePolicyRes { bool deleted = 1; } message ListPoliciesReq { string sub = 1; string obj = 2; string act = 3; } message ListPoliciesRes { repeated string policies = 1; } message Assignment { string token = 1; string groupID = 2; string memberID = 3; } message MembersReq { string token = 1; string groupID = 2; uint64 offset = 3; uint64 limit = 4; string type = 5; } message MembersRes { uint64 total = 1; uint64 offset = 2; uint64 limit = 3; string type = 4; repeated string members = 5; }