Mainflux.mainflux/auth.proto

87 lines
1.7 KiB
Protocol Buffer

// Copyright (c) Mainflux
// SPDX-License-Identifier: Apache-2.0
syntax = "proto3";
package mainflux;
import "google/protobuf/empty.proto";
service ThingsService {
rpc CanAccessByKey(AccessByKeyReq) returns (ThingID) {}
rpc CanAccessByID(AccessByIDReq) returns (google.protobuf.Empty) {}
rpc Identify(Token) returns (ThingID) {}
}
service AuthService {
rpc Issue(IssueReq) returns (Token) {}
rpc Identify(Token) returns (UserIdentity) {}
rpc Authorize(AuthorizeReq) returns (AuthorizeRes) {}
rpc Assign(Assignment) returns(google.protobuf.Empty) {}
rpc Members(MembersReq) returns (MembersRes) {}
}
message AccessByKeyReq {
string token = 1;
string chanID = 2;
}
message ThingID {
string value = 1;
}
message AccessByIDReq {
string thingID = 1;
string chanID = 2;
}
// If a token is not carrying any information itself, the type
// field can be used to determine how to validate the token.
// Also, different tokens can be encoded in different ways.
message Token {
string value = 1;
}
message UserIdentity {
string id = 1;
string email = 2;
}
message IssueReq {
string id = 1;
string email = 2;
uint32 type = 3;
}
message AuthorizeReq {
string sub = 1;
string obj = 2;
string act = 3;
}
message AuthorizeRes {
bool authorized = 1;
}
message Assignment {
string token = 1;
string groupID = 2;
string memberID = 3;
}
message MembersReq {
string token = 1;
string groupID = 2;
uint64 offset = 3;
uint64 limit = 4;
string type = 5;
}
message MembersRes {
uint64 total = 1;
uint64 offset = 2;
uint64 limit = 3;
string type = 4;
repeated string members = 5;
}