diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..014f340 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,37 @@ +name: Test + +on: + push: + branches: [main] + pull_request: + +jobs: + test: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: "1.25.5" + + - name: Build + run: go build ./... + + - name: Vet + run: go vet ./... + + - name: Check formatting + run: | + unformatted=$(gofmt -l . | grep -v '^internal/genpb/' || true) + if [ -n "$unformatted" ]; then + echo "These files need gofmt:"; echo "$unformatted"; exit 1 + fi + + # make test starts the quay.io/authorizer/authorizer:2.3.0 container + # (docker is preinstalled on ubuntu-latest), runs the integration suite + # across graphql/rest/grpc, then tears the container down. + - name: Integration tests + run: make test diff --git a/Makefile b/Makefile index d081637..84d216a 100644 --- a/Makefile +++ b/Makefile @@ -5,12 +5,13 @@ # 2. Run tests: make test # Docker image for authorizer server -AUTHORIZER_IMAGE := lakhansamani/authorizer:latest +AUTHORIZER_IMAGE := quay.io/authorizer/authorizer:2.3.0 AUTHORIZER_CONTAINER := authorizer-test .PHONY: docker-up docker-down test -# Start authorizer in Docker for integration testing +# Start authorizer in Docker for integration testing. gRPC listens on its own +# port (9091) and needs --grpc-insecure for plaintext local/CI testing. docker-up: @if docker ps -q -f name=^/$(AUTHORIZER_CONTAINER)$$ | grep -q .; then \ echo "Authorizer container already running"; \ @@ -19,6 +20,7 @@ docker-up: docker run -d --rm \ --name $(AUTHORIZER_CONTAINER) \ -p 8080:8080 \ + -p 9091:9091 \ $(AUTHORIZER_IMAGE) \ --database-type=sqlite \ --database-url=test.db \ @@ -26,10 +28,11 @@ docker-up: --jwt-secret=test \ --admin-secret=admin \ --client-id=123456 \ - --client-secret=secret; \ + --client-secret=secret \ + --grpc-insecure=true; \ echo "Waiting for authorizer to be ready..."; \ - sleep 3; \ - echo "Authorizer is running at http://localhost:8080"; \ + sleep 5; \ + echo "Authorizer is running at http://localhost:8080 (gRPC :9091)"; \ fi # Stop the authorizer container diff --git a/README.md b/README.md index 860d543..01f6af5 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,12 @@ if err != nil { } ``` +> **Note (Authorizer ≥ v2.3.0):** the server's CSRF guard requires an `Origin` +> header on state-changing requests. The client sends the Authorizer server's +> own origin by default, which always passes. If your instance restricts +> `ALLOWED_ORIGINS`, pass your app's origin instead via `extraHeaders`: +> `map[string]string{"Origin": "https://your-app.com"}`. + ### Step 3: Access all the SDK methods using authorizer client instance, initialized on step 2 **Example** @@ -98,6 +104,9 @@ for _, r := range res.Results { **2. List accessible objects** — `ListPermissions` returns the ids of every object of a type the caller holds a relation on (handy for filtering a list to what the user can see). +Both filters are optional: an empty request enumerates everything the caller holds, with +the `(Object, Relation)` detail in `Permissions` and `Truncated` set when the result was +capped at 1000 entries. ```go res, err := authorizerClient.ListPermissions(&authorizer.ListPermissionsRequest{ diff --git a/admin_client.go b/admin_client.go new file mode 100644 index 0000000..ac62c32 --- /dev/null +++ b/admin_client.go @@ -0,0 +1,180 @@ +package authorizer + +import ( + "context" + "encoding/json" + "fmt" + "strings" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" +) + +// adminSecretHeader is the header (and gRPC metadata key) carrying the admin +// secret on every admin call. +const adminSecretHeader = "x-authorizer-admin-secret" + +// AuthorizerAdminClient is the admin surface of the SDK. It mirrors the +// AuthorizerAdminService proto and carries the admin secret plus the selected +// wire protocol. The request/response types are the generated proto messages +// (authorizerv1.*), the canonical signatures shared across all three SDKs. +type AuthorizerAdminClient struct { + AuthorizerURL string + AdminSecret string + ExtraHeaders map[string]string + // Protocol selects the wire transport. Defaults to ProtocolGraphQL. + Protocol Protocol + // GRPCEndpoint overrides the host:port dialed when Protocol is grpc. When + // empty it is derived from AuthorizerURL using the gRPC default port. + GRPCEndpoint string +} + +// AdminClientOption customizes an AuthorizerAdminClient at construction time. +type AdminClientOption func(*AuthorizerAdminClient) + +// WithAdminProtocol sets the wire transport the admin client uses. +func WithAdminProtocol(p Protocol) AdminClientOption { + return func(c *AuthorizerAdminClient) { + c.Protocol = p + } +} + +// WithAdminGRPCEndpoint sets the host:port dialed for grpc calls. The authorizer +// server's gRPC listener runs on its own port (default 9091), separate from the +// HTTP port in AuthorizerURL. When unset, the endpoint is derived from +// AuthorizerURL's host with the default gRPC port (9091). +func WithAdminGRPCEndpoint(addr string) AdminClientOption { + return func(c *AuthorizerAdminClient) { + c.GRPCEndpoint = addr + } +} + +// WithAdminExtraHeaders sets default headers added to every admin HTTP request. +func WithAdminExtraHeaders(headers map[string]string) AdminClientOption { + return func(c *AuthorizerAdminClient) { + c.ExtraHeaders = headers + } +} + +// NewAuthorizerAdminClient creates an admin client instance authenticated with +// the admin secret. Default protocol is graphql; override with WithAdminProtocol. +func NewAuthorizerAdminClient(authorizerURL, adminSecret string, opts ...AdminClientOption) (*AuthorizerAdminClient, error) { + if strings.TrimSpace(authorizerURL) == "" { + return nil, fmt.Errorf("authorizerURL missing") + } + if strings.TrimSpace(adminSecret) == "" { + return nil, fmt.Errorf("adminSecret missing") + } + + c := &AuthorizerAdminClient{ + AuthorizerURL: strings.TrimSuffix(authorizerURL, "/"), + AdminSecret: adminSecret, + ExtraHeaders: map[string]string{}, + Protocol: ProtocolGraphQL, + } + for _, opt := range opts { + opt(c) + } + return c, nil +} + +// adminMethodSpec declares how one admin method is carried over each protocol. +// A protocol whose field is empty/nil is unsupported and yields a clear error. +type adminMethodSpec struct { + name string // human method name for error messages, e.g. "AdminMeta" + + // graphql is the prebuilt GraphQL request; nil means gql-unsupported. + graphql *GraphQLRequest + // graphqlField is the top-level response field to unwrap (the _-prefixed op). + graphqlField string + + // restMethod / restPath; empty restPath means rest-unsupported. + restMethod string + restPath string + restBody interface{} + + // grpcCall invokes the admin stub; nil means grpc-unsupported. + grpcCall func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) +} + +// adminAuthHeaders merges the admin-secret header onto the client defaults. +func (c *AuthorizerAdminClient) adminAuthHeaders() map[string]string { + h := mergeHeaders(c.ExtraHeaders, map[string]string{adminSecretHeader: c.AdminSecret}) + return h +} + +// supported reports which protocols a spec implements, for error messages. +func (s adminMethodSpec) supported() string { + var got []string + if s.graphql != nil { + got = append(got, "graphql") + } + if s.restPath != "" { + got = append(got, "rest") + } + if s.grpcCall != nil { + got = append(got, "grpc") + } + return strings.Join(got, " or ") +} + +// execute dispatches an admin method over the client's selected protocol and +// unmarshals the result into out (a pointer). Calling a method on a protocol it +// does not support returns a clear error before any network call. +func (c *AuthorizerAdminClient) execute(spec adminMethodSpec, out interface{}) error { + switch c.Protocol { + case ProtocolREST: + if spec.restPath == "" { + return unsupportedProtocol(spec.name, c.Protocol, spec.supported()) + } + return doREST(c.AuthorizerURL, spec.restMethod, spec.restPath, spec.restBody, c.ExtraHeaders, map[string]string{adminSecretHeader: c.AdminSecret}, out) + + case ProtocolGRPC: + if spec.grpcCall == nil { + return unsupportedProtocol(spec.name, c.Protocol, spec.supported()) + } + conn, err := grpcDial(c.AuthorizerURL, c.GRPCEndpoint) + if err != nil { + return err + } + defer conn.Close() + + ctx := outgoingContext(context.Background(), c.adminAuthHeaders()) + cli := authorizerv1.NewAuthorizerAdminServiceClient(conn) + resp, err := spec.grpcCall(ctx, cli) + if err != nil { + return err + } + return remarshal(resp, out) + + default: // ProtocolGraphQL + if spec.graphql == nil { + return unsupportedProtocol(spec.name, c.Protocol, spec.supported()) + } + bytesData, err := c.executeGraphQL(spec.graphql) + if err != nil { + return err + } + if out == nil { + return nil + } + var res map[string]json.RawMessage + if err := json.Unmarshal(bytesData, &res); err != nil { + return err + } + field, ok := res[spec.graphqlField] + if !ok { + return nil + } + return json.Unmarshal(field, out) + } +} + +// executeGraphQL runs an admin GraphQL request, attaching the admin-secret +// header and the CSRF Origin header (reusing the user client's transport). +func (c *AuthorizerAdminClient) executeGraphQL(req *GraphQLRequest) ([]byte, error) { + uc := &AuthorizerClient{ + AuthorizerURL: c.AuthorizerURL, + ExtraHeaders: c.ExtraHeaders, + } + return uc.ExecuteGraphQL(req, map[string]string{adminSecretHeader: c.AdminSecret}) +} diff --git a/admin_methods.go b/admin_methods.go new file mode 100644 index 0000000..8066e5b --- /dev/null +++ b/admin_methods.go @@ -0,0 +1,941 @@ +package authorizer + +import ( + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" +) + +// GraphQL selection-set fragments for the admin response types. Kept here so +// each method's query stays readable. Field names mirror the GraphQL schema. +const ( + adminUserFields = UserFragment + adminPaginationFields = `pagination { limit page offset total }` + adminWebhookFields = `id event_name event_description endpoint enabled headers created_at updated_at` + adminWebhookLogFields = `id http_status response request webhook_id created_at updated_at` + adminEmailTplFields = `id event_name template design subject created_at updated_at` + adminAuditLogFields = `id actor_id actor_type actor_email action resource_type resource_id ip_address user_agent metadata created_at` + adminVerifReqFields = `id identifier token email expires created_at updated_at nonce redirect_uri` + adminFgaModelFields = `id dsl` + adminFgaTupleFields = `user relation object` +) + +// --------------------------------------------------------------------------- +// 1. AdminLogin — establishes an admin session. grpc, rest, gql. +// --------------------------------------------------------------------------- + +// AdminLogin validates the admin secret and establishes an admin session. +func (c *AuthorizerAdminClient) AdminLogin(req *authorizerv1.AdminLoginRequest) (*Response, error) { + var res Response + err := c.execute(adminMethodSpec{ + name: "AdminLogin", + graphql: &GraphQLRequest{ + Query: `mutation adminLogin($data: AdminLoginRequest!) { _admin_login(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_admin_login", + restMethod: http.MethodPost, + restPath: "/v1/admin/login", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AdminLogin(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 2. AdminLogout — grpc, rest (no gql). +// --------------------------------------------------------------------------- + +// AdminLogout clears the admin session. +func (c *AuthorizerAdminClient) AdminLogout() (*authorizerv1.AdminLogoutResponse, error) { + var res authorizerv1.AdminLogoutResponse + err := c.execute(adminMethodSpec{ + name: "AdminLogout", + restMethod: http.MethodPost, + restPath: "/v1/admin/logout", + restBody: &authorizerv1.AdminLogoutRequest{}, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AdminLogout(ctx, &authorizerv1.AdminLogoutRequest{}) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 3. AdminSession — grpc, rest (no gql). +// --------------------------------------------------------------------------- + +// AdminSession refreshes the admin session. +func (c *AuthorizerAdminClient) AdminSession() (*authorizerv1.AdminSessionResponse, error) { + var res authorizerv1.AdminSessionResponse + err := c.execute(adminMethodSpec{ + name: "AdminSession", + restMethod: http.MethodGet, + restPath: "/v1/admin/session", + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AdminSession(ctx, &authorizerv1.AdminSessionRequest{}) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 4. AdminMeta — grpc, rest (no gql). +// --------------------------------------------------------------------------- + +// AdminMeta returns admin-only configuration metadata (roles, default roles, +// protected roles). +func (c *AuthorizerAdminClient) AdminMeta() (*authorizerv1.AdminMetaResponse, error) { + var res authorizerv1.AdminMetaResponse + err := c.execute(adminMethodSpec{ + name: "AdminMeta", + restMethod: http.MethodGet, + restPath: "/v1/admin/meta", + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AdminMeta(ctx, &authorizerv1.AdminMetaRequest{}) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 5. Users — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// Users returns a paginated list of users. +func (c *AuthorizerAdminClient) Users(req *authorizerv1.UsersRequest) (*authorizerv1.UsersResponse, error) { + var res authorizerv1.UsersResponse + err := c.execute(adminMethodSpec{ + name: "Users", + graphql: &GraphQLRequest{ + Query: "query users($data: PaginatedRequest) { _users(params: $data) { " + adminPaginationFields + " users { " + adminUserFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_users", + restMethod: http.MethodPost, + restPath: "/v1/admin/users", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.Users(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 6. User — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// User returns a single user by id or email. +func (c *AuthorizerAdminClient) User(req *authorizerv1.UserRequest) (*authorizerv1.UserResponse, error) { + var res authorizerv1.UserResponse + err := c.execute(adminMethodSpec{ + name: "User", + graphql: &GraphQLRequest{ + Query: "query user($data: GetUserRequest!) { _user(params: $data) { " + adminUserFields + " } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_user", + restMethod: http.MethodPost, + restPath: "/v1/admin/user", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.User(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 7. UpdateUser — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// UpdateUser updates an existing user. +func (c *AuthorizerAdminClient) UpdateUser(req *authorizerv1.UpdateUserRequest) (*authorizerv1.UpdateUserResponse, error) { + var res authorizerv1.UpdateUserResponse + err := c.execute(adminMethodSpec{ + name: "UpdateUser", + graphql: &GraphQLRequest{ + Query: "mutation updateUser($data: UpdateUserRequest!) { _update_user(params: $data) { " + adminUserFields + " } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_update_user", + restMethod: http.MethodPost, + restPath: "/v1/admin/update_user", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.UpdateUser(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 8. DeleteUser — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// DeleteUser deletes a user. DESTRUCTIVE: permanently removes the user account. +func (c *AuthorizerAdminClient) DeleteUser(req *authorizerv1.DeleteUserRequest) (*authorizerv1.DeleteUserResponse, error) { + var res authorizerv1.DeleteUserResponse + err := c.execute(adminMethodSpec{ + name: "DeleteUser", + graphql: &GraphQLRequest{ + Query: `mutation deleteUser($data: DeleteUserRequest!) { _delete_user(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_delete_user", + restMethod: http.MethodPost, + restPath: "/v1/admin/delete_user", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.DeleteUser(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 9. VerificationRequests — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// VerificationRequests returns a paginated list of pending verification requests. +func (c *AuthorizerAdminClient) VerificationRequests(req *authorizerv1.VerificationRequestsRequest) (*authorizerv1.VerificationRequestsResponse, error) { + var res authorizerv1.VerificationRequestsResponse + err := c.execute(adminMethodSpec{ + name: "VerificationRequests", + graphql: &GraphQLRequest{ + Query: "query verificationRequests($data: PaginatedRequest) { _verification_requests(params: $data) { " + adminPaginationFields + " verification_requests { " + adminVerifReqFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_verification_requests", + restMethod: http.MethodPost, + restPath: "/v1/admin/verification_requests", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.VerificationRequests(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 10. RevokeAccess — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// RevokeAccess revokes a user's access to the application. +func (c *AuthorizerAdminClient) RevokeAccess(req *authorizerv1.RevokeAccessRequest) (*authorizerv1.RevokeAccessResponse, error) { + var res authorizerv1.RevokeAccessResponse + err := c.execute(adminMethodSpec{ + name: "RevokeAccess", + graphql: &GraphQLRequest{ + Query: `mutation revokeAccess($data: UpdateAccessRequest!) { _revoke_access(param: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_revoke_access", + restMethod: http.MethodPost, + restPath: "/v1/admin/revoke_access", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.RevokeAccess(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 11. EnableAccess — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// EnableAccess re-enables a previously revoked user's access. +func (c *AuthorizerAdminClient) EnableAccess(req *authorizerv1.EnableAccessRequest) (*authorizerv1.EnableAccessResponse, error) { + var res authorizerv1.EnableAccessResponse + err := c.execute(adminMethodSpec{ + name: "EnableAccess", + graphql: &GraphQLRequest{ + Query: `mutation enableAccess($data: UpdateAccessRequest!) { _enable_access(param: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_enable_access", + restMethod: http.MethodPost, + restPath: "/v1/admin/enable_access", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.EnableAccess(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 12. InviteMembers — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// InviteMembers sends invitations to one or more email addresses. +func (c *AuthorizerAdminClient) InviteMembers(req *authorizerv1.InviteMembersRequest) (*authorizerv1.InviteMembersResponse, error) { + var res authorizerv1.InviteMembersResponse + err := c.execute(adminMethodSpec{ + name: "InviteMembers", + graphql: &GraphQLRequest{ + Query: "mutation inviteMembers($data: InviteMemberRequest!) { _invite_members(params: $data) { message Users { " + adminUserFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_invite_members", + restMethod: http.MethodPost, + restPath: "/v1/admin/invite_members", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.InviteMembers(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 13. AddWebhook — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// AddWebhook registers a new webhook endpoint. +func (c *AuthorizerAdminClient) AddWebhook(req *authorizerv1.AddWebhookRequest) (*authorizerv1.AddWebhookResponse, error) { + var res authorizerv1.AddWebhookResponse + err := c.execute(adminMethodSpec{ + name: "AddWebhook", + graphql: &GraphQLRequest{ + Query: `mutation addWebhook($data: AddWebhookRequest!) { _add_webhook(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_add_webhook", + restMethod: http.MethodPost, + restPath: "/v1/admin/add_webhook", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AddWebhook(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 14. UpdateWebhook — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// UpdateWebhook updates an existing webhook. +func (c *AuthorizerAdminClient) UpdateWebhook(req *authorizerv1.UpdateWebhookRequest) (*authorizerv1.UpdateWebhookResponse, error) { + var res authorizerv1.UpdateWebhookResponse + err := c.execute(adminMethodSpec{ + name: "UpdateWebhook", + graphql: &GraphQLRequest{ + Query: `mutation updateWebhook($data: UpdateWebhookRequest!) { _update_webhook(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_update_webhook", + restMethod: http.MethodPost, + restPath: "/v1/admin/update_webhook", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.UpdateWebhook(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 15. DeleteWebhook — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// DeleteWebhook deletes a webhook. DESTRUCTIVE: permanently removes the webhook +// and its logs. +func (c *AuthorizerAdminClient) DeleteWebhook(req *authorizerv1.DeleteWebhookRequest) (*authorizerv1.DeleteWebhookResponse, error) { + var res authorizerv1.DeleteWebhookResponse + err := c.execute(adminMethodSpec{ + name: "DeleteWebhook", + graphql: &GraphQLRequest{ + Query: `mutation deleteWebhook($data: WebhookRequest!) { _delete_webhook(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_delete_webhook", + restMethod: http.MethodPost, + restPath: "/v1/admin/delete_webhook", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.DeleteWebhook(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 16. GetWebhook — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// GetWebhook returns a single webhook by id. +func (c *AuthorizerAdminClient) GetWebhook(req *authorizerv1.GetWebhookRequest) (*authorizerv1.GetWebhookResponse, error) { + var res authorizerv1.GetWebhookResponse + err := c.execute(adminMethodSpec{ + name: "GetWebhook", + graphql: &GraphQLRequest{ + Query: "query webhook($data: WebhookRequest!) { _webhook(params: $data) { " + adminWebhookFields + " } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_webhook", + restMethod: http.MethodPost, + restPath: "/v1/admin/webhook", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.GetWebhook(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 17. Webhooks — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// Webhooks returns a paginated list of webhooks. +func (c *AuthorizerAdminClient) Webhooks(req *authorizerv1.WebhooksRequest) (*authorizerv1.WebhooksResponse, error) { + var res authorizerv1.WebhooksResponse + err := c.execute(adminMethodSpec{ + name: "Webhooks", + graphql: &GraphQLRequest{ + Query: "query webhooks($data: PaginatedRequest) { _webhooks(params: $data) { " + adminPaginationFields + " webhooks { " + adminWebhookFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_webhooks", + restMethod: http.MethodPost, + restPath: "/v1/admin/webhooks", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.Webhooks(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 18. WebhookLogs — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// WebhookLogs returns a paginated list of webhook delivery logs. +func (c *AuthorizerAdminClient) WebhookLogs(req *authorizerv1.WebhookLogsRequest) (*authorizerv1.WebhookLogsResponse, error) { + var res authorizerv1.WebhookLogsResponse + err := c.execute(adminMethodSpec{ + name: "WebhookLogs", + graphql: &GraphQLRequest{ + Query: "query webhookLogs($data: ListWebhookLogRequest) { _webhook_logs(params: $data) { " + adminPaginationFields + " webhook_logs { " + adminWebhookLogFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_webhook_logs", + restMethod: http.MethodPost, + restPath: "/v1/admin/webhook_logs", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.WebhookLogs(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 19. TestEndpoint — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// TestEndpoint sends a test event to a webhook endpoint. +func (c *AuthorizerAdminClient) TestEndpoint(req *authorizerv1.TestEndpointRequest) (*authorizerv1.TestEndpointResponse, error) { + var res authorizerv1.TestEndpointResponse + err := c.execute(adminMethodSpec{ + name: "TestEndpoint", + graphql: &GraphQLRequest{ + Query: `mutation testEndpoint($data: TestEndpointRequest!) { _test_endpoint(params: $data) { http_status response } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_test_endpoint", + restMethod: http.MethodPost, + restPath: "/v1/admin/test_endpoint", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.TestEndpoint(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 20. AddEmailTemplate — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// AddEmailTemplate creates a new email template. +func (c *AuthorizerAdminClient) AddEmailTemplate(req *authorizerv1.AddEmailTemplateRequest) (*authorizerv1.AddEmailTemplateResponse, error) { + var res authorizerv1.AddEmailTemplateResponse + err := c.execute(adminMethodSpec{ + name: "AddEmailTemplate", + graphql: &GraphQLRequest{ + Query: `mutation addEmailTemplate($data: AddEmailTemplateRequest!) { _add_email_template(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_add_email_template", + restMethod: http.MethodPost, + restPath: "/v1/admin/add_email_template", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AddEmailTemplate(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 21. UpdateEmailTemplate — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// UpdateEmailTemplate updates an existing email template. +func (c *AuthorizerAdminClient) UpdateEmailTemplate(req *authorizerv1.UpdateEmailTemplateRequest) (*authorizerv1.UpdateEmailTemplateResponse, error) { + var res authorizerv1.UpdateEmailTemplateResponse + err := c.execute(adminMethodSpec{ + name: "UpdateEmailTemplate", + graphql: &GraphQLRequest{ + Query: `mutation updateEmailTemplate($data: UpdateEmailTemplateRequest!) { _update_email_template(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_update_email_template", + restMethod: http.MethodPost, + restPath: "/v1/admin/update_email_template", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.UpdateEmailTemplate(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 22. DeleteEmailTemplate — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// DeleteEmailTemplate deletes an email template. DESTRUCTIVE: permanently +// removes the template. +func (c *AuthorizerAdminClient) DeleteEmailTemplate(req *authorizerv1.DeleteEmailTemplateRequest) (*authorizerv1.DeleteEmailTemplateResponse, error) { + var res authorizerv1.DeleteEmailTemplateResponse + err := c.execute(adminMethodSpec{ + name: "DeleteEmailTemplate", + graphql: &GraphQLRequest{ + Query: `mutation deleteEmailTemplate($data: DeleteEmailTemplateRequest!) { _delete_email_template(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_delete_email_template", + restMethod: http.MethodPost, + restPath: "/v1/admin/delete_email_template", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.DeleteEmailTemplate(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 23. EmailTemplates — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// EmailTemplates returns a paginated list of email templates. +func (c *AuthorizerAdminClient) EmailTemplates(req *authorizerv1.EmailTemplatesRequest) (*authorizerv1.EmailTemplatesResponse, error) { + var res authorizerv1.EmailTemplatesResponse + err := c.execute(adminMethodSpec{ + name: "EmailTemplates", + graphql: &GraphQLRequest{ + Query: "query emailTemplates($data: PaginatedRequest) { _email_templates(params: $data) { " + adminPaginationFields + " email_templates { " + adminEmailTplFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_email_templates", + restMethod: http.MethodPost, + restPath: "/v1/admin/email_templates", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.EmailTemplates(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 24. AuditLogs — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// AuditLogs returns a paginated list of audit log entries. +func (c *AuthorizerAdminClient) AuditLogs(req *authorizerv1.AuditLogsRequest) (*authorizerv1.AuditLogsResponse, error) { + var res authorizerv1.AuditLogsResponse + err := c.execute(adminMethodSpec{ + name: "AuditLogs", + graphql: &GraphQLRequest{ + Query: "query auditLogs($data: ListAuditLogRequest) { _audit_logs(params: $data) { " + adminPaginationFields + " audit_logs { " + adminAuditLogFields + " } } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_audit_logs", + restMethod: http.MethodPost, + restPath: "/v1/admin/audit_logs", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.AuditLogs(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 25. FgaGetModel — grpc, rest (no gql). +// --------------------------------------------------------------------------- + +// FgaGetModel returns the active fine-grained authorization model as DSL. +func (c *AuthorizerAdminClient) FgaGetModel() (*authorizerv1.FgaGetModelResponse, error) { + var res authorizerv1.FgaGetModelResponse + err := c.execute(adminMethodSpec{ + name: "FgaGetModel", + restMethod: http.MethodGet, + restPath: "/v1/admin/fga/model", + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaGetModel(ctx, &authorizerv1.FgaGetModelRequest{}) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 26. FgaWriteModel — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// FgaWriteModel replaces the fine-grained authorization model. DESTRUCTIVE: +// overwrites the existing authorization model. +func (c *AuthorizerAdminClient) FgaWriteModel(req *authorizerv1.FgaWriteModelRequest) (*authorizerv1.FgaWriteModelResponse, error) { + var res authorizerv1.FgaWriteModelResponse + err := c.execute(adminMethodSpec{ + name: "FgaWriteModel", + graphql: &GraphQLRequest{ + Query: "mutation fgaWriteModel($data: FgaWriteModelInput!) { _fga_write_model(params: $data) { " + adminFgaModelFields + " } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_fga_write_model", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/model", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaWriteModel(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 27. FgaWriteTuples — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// FgaWriteTuples writes relationship tuples to the authorization store. +func (c *AuthorizerAdminClient) FgaWriteTuples(req *authorizerv1.FgaWriteTuplesRequest) (*authorizerv1.FgaWriteTuplesResponse, error) { + var res authorizerv1.FgaWriteTuplesResponse + err := c.execute(adminMethodSpec{ + name: "FgaWriteTuples", + graphql: &GraphQLRequest{ + Query: `mutation fgaWriteTuples($data: FgaWriteTuplesInput!) { _fga_write_tuples(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_fga_write_tuples", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/tuples", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaWriteTuples(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 28. FgaDeleteTuples — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// FgaDeleteTuples deletes relationship tuples from the authorization store. +// DESTRUCTIVE: permanently removes the specified tuples. +func (c *AuthorizerAdminClient) FgaDeleteTuples(req *authorizerv1.FgaDeleteTuplesRequest) (*authorizerv1.FgaDeleteTuplesResponse, error) { + var res authorizerv1.FgaDeleteTuplesResponse + err := c.execute(adminMethodSpec{ + name: "FgaDeleteTuples", + graphql: &GraphQLRequest{ + Query: `mutation fgaDeleteTuples($data: FgaWriteTuplesInput!) { _fga_delete_tuples(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_fga_delete_tuples", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/tuples/delete", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaDeleteTuples(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 29. FgaReadTuples — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// FgaReadTuples reads relationship tuples from the authorization store. +func (c *AuthorizerAdminClient) FgaReadTuples(req *authorizerv1.FgaReadTuplesRequest) (*authorizerv1.FgaReadTuplesResponse, error) { + var res authorizerv1.FgaReadTuplesResponse + err := c.execute(adminMethodSpec{ + name: "FgaReadTuples", + graphql: &GraphQLRequest{ + Query: "query fgaReadTuples($data: FgaReadTuplesInput!) { _fga_read_tuples(params: $data) { tuples { " + adminFgaTupleFields + " } continuation_token } }", + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_fga_read_tuples", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/tuples/read", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaReadTuples(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 30. FgaListUsers — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// FgaListUsers lists users that have a given relation to an object. +func (c *AuthorizerAdminClient) FgaListUsers(req *authorizerv1.FgaListUsersRequest) (*authorizerv1.FgaListUsersResponse, error) { + var res authorizerv1.FgaListUsersResponse + err := c.execute(adminMethodSpec{ + name: "FgaListUsers", + graphql: &GraphQLRequest{ + Query: `query fgaListUsers($data: FgaListUsersInput!) { _fga_list_users(params: $data) { users } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_fga_list_users", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/list_users", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaListUsers(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 31. FgaExpand — grpc, rest, gql. +// --------------------------------------------------------------------------- + +// FgaExpand expands the relationship tree for a given object and relation. +func (c *AuthorizerAdminClient) FgaExpand(req *authorizerv1.FgaExpandRequest) (*authorizerv1.FgaExpandResponse, error) { + var res authorizerv1.FgaExpandResponse + err := c.execute(adminMethodSpec{ + name: "FgaExpand", + graphql: &GraphQLRequest{ + Query: `query fgaExpand($data: FgaExpandInput!) { _fga_expand(params: $data) { tree } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_fga_expand", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/expand", + restBody: req, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaExpand(ctx, req) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// 32. FgaReset — grpc, rest (no gql). +// --------------------------------------------------------------------------- + +// FgaReset deletes the entire fine-grained authorization store. DESTRUCTIVE: +// permanently removes the model and all relationship tuples. +func (c *AuthorizerAdminClient) FgaReset() (*authorizerv1.FgaResetResponse, error) { + var res authorizerv1.FgaResetResponse + err := c.execute(adminMethodSpec{ + name: "FgaReset", + restMethod: http.MethodPost, + restPath: "/v1/admin/fga/reset", + restBody: &authorizerv1.FgaResetRequest{}, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerAdminServiceClient) (interface{}, error) { + return cli.FgaReset(ctx, &authorizerv1.FgaResetRequest{}) + }, + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// --------------------------------------------------------------------------- +// GraphQL-only admin operations. These have no gRPC stub or REST endpoint, so +// only the graphql protocol is supported. The proto definitions do not include +// these operations, so local request/response types are declared here. +// --------------------------------------------------------------------------- + +// AdminSignupRequest is the request for AdminSignup. +type AdminSignupRequest struct { + AdminSecret string `json:"admin_secret"` +} + +// AdminSignup sets the admin secret for a fresh instance (gql only). +func (c *AuthorizerAdminClient) AdminSignup(req *AdminSignupRequest) (*Response, error) { + var res Response + err := c.execute(adminMethodSpec{ + name: "AdminSignup", + graphql: &GraphQLRequest{ + Query: `mutation adminSignup($data: AdminSignupRequest!) { _admin_signup(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_admin_signup", + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// UpdateEnvRequest is a flexible map of environment keys to update. +type UpdateEnvRequest map[string]interface{} + +// UpdateEnv updates the instance environment configuration (gql only). +func (c *AuthorizerAdminClient) UpdateEnv(req *UpdateEnvRequest) (*Response, error) { + var res Response + err := c.execute(adminMethodSpec{ + name: "UpdateEnv", + graphql: &GraphQLRequest{ + Query: `mutation updateEnv($data: UpdateEnvInput!) { _update_env(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_update_env", + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} + +// GenerateJWTKeysRequest is the request for GenerateJWTKeys. +type GenerateJWTKeysRequest struct { + Type string `json:"type"` +} + +// GenerateJWTKeysResponse is the response for GenerateJWTKeys. +type GenerateJWTKeysResponse struct { + Secret *string `json:"secret"` + PublicKey *string `json:"public_key"` + PrivateKey *string `json:"private_key"` +} + +// GenerateJWTKeys generates a new set of JWT signing keys (gql only). +func (c *AuthorizerAdminClient) GenerateJWTKeys(req *GenerateJWTKeysRequest) (*GenerateJWTKeysResponse, error) { + var res GenerateJWTKeysResponse + err := c.execute(adminMethodSpec{ + name: "GenerateJWTKeys", + graphql: &GraphQLRequest{ + Query: `query generateJwtKeys($data: GenerateJWTKeysRequest!) { _generate_jwt_keys(params: $data) { secret public_key private_key } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "_generate_jwt_keys", + }, &res) + if err != nil { + return nil, err + } + return &res, nil +} diff --git a/check_permissions.go b/check_permissions.go new file mode 100644 index 0000000..f64a156 --- /dev/null +++ b/check_permissions.go @@ -0,0 +1,74 @@ +package authorizer + +import ( + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" +) + +// PermissionCheckInput is one permission to evaluate: "does the subject have +// Relation on Object?". +type PermissionCheckInput struct { + Relation string `json:"relation"` + Object string `json:"object"` + // ContextualTuples are evaluated for this check only and not persisted. + ContextualTuples []*FgaTupleInput `json:"contextual_tuples,omitempty"` +} + +// CheckPermissionsRequest evaluates one or more permission checks in a single +// call. The subject defaults to the authenticated caller. +type CheckPermissionsRequest struct { + Checks []*PermissionCheckInput `json:"checks"` + // User optionally overrides the subject ("type:id" or bare id → "user:id"). + // Honored only for super-admin callers or when it equals the caller's own + // token subject; rejected otherwise. + User string `json:"user,omitempty"` +} + +// PermissionCheckResult is the outcome of one permission check, echoing the +// checked Relation/Object pair so batch results are self-describing (and +// positionally aligned with the request's Checks). +type PermissionCheckResult struct { + Relation string `json:"relation"` + Object string `json:"object"` + Allowed bool `json:"allowed"` +} + +// CheckPermissionsResponse carries one result per supplied check, in order. +type CheckPermissionsResponse struct { + Results []*PermissionCheckResult `json:"results"` +} + +// CheckPermissions performs the check_permissions query, evaluating one or +// more relation/object checks for the authenticated caller in a single round +// trip. Results come back in the same order as the supplied Checks, each +// echoing its relation/object pair. headers must carry the caller's bearer +// token or session cookie so the server can pin the subject. +func (c *AuthorizerClient) CheckPermissions(req *CheckPermissionsRequest, headers map[string]string) (*CheckPermissionsResponse, error) { + var res CheckPermissionsResponse + err := c.execute(methodSpec{ + name: "CheckPermissions", + graphql: &GraphQLRequest{ + Query: `query checkPermissions($data: CheckPermissionsInput!){check_permissions(params: $data) { results { relation object allowed } } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "check_permissions", + restMethod: http.MethodPost, + restPath: "/v1/check_permissions", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.CheckPermissionsResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.CheckPermissionsRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.CheckPermissions(ctx, &in) + }, + }, headers, &res) + if err != nil { + return nil, err + } + return &res, nil +} diff --git a/client.go b/client.go index 40a698f..7ccde85 100644 --- a/client.go +++ b/client.go @@ -13,11 +13,39 @@ type AuthorizerClient struct { AuthorizerURL string RedirectURL string ExtraHeaders map[string]string + // Protocol selects the wire transport (graphql, rest or grpc). Defaults to + // ProtocolGraphQL when unset, keeping the SDK backward compatible. + Protocol Protocol + // GRPCEndpoint overrides the host:port dialed when Protocol is grpc. When + // empty it is derived from AuthorizerURL using the gRPC default port. + GRPCEndpoint string +} + +// ClientOption customizes an AuthorizerClient at construction time. +type ClientOption func(*AuthorizerClient) + +// WithProtocol sets the wire transport the client uses (graphql, rest or grpc). +func WithProtocol(p Protocol) ClientOption { + return func(c *AuthorizerClient) { + c.Protocol = p + } +} + +// WithGRPCEndpoint sets the host:port dialed for grpc calls. The authorizer +// server's gRPC listener runs on its own port (default 9091), separate from the +// HTTP port in AuthorizerURL. When unset, the endpoint is derived from +// AuthorizerURL's host with the default gRPC port (9091). +func WithGRPCEndpoint(addr string) ClientOption { + return func(c *AuthorizerClient) { + c.GRPCEndpoint = addr + } } // NewAuthorizerClient creates an authorizer client instance. // It returns reference to authorizer client instance or error. -func NewAuthorizerClient(clientID, authorizerURL, redirectURL string, extraHeaders map[string]string) (*AuthorizerClient, error) { +// The optional functional options (e.g. WithProtocol) tweak behavior while +// keeping the original positional signature backward compatible. +func NewAuthorizerClient(clientID, authorizerURL, redirectURL string, extraHeaders map[string]string, opts ...ClientOption) (*AuthorizerClient, error) { if strings.TrimSpace(clientID) == "" { return nil, fmt.Errorf("clientID missing") } @@ -42,10 +70,15 @@ func NewAuthorizerClient(clientID, authorizerURL, redirectURL string, extraHeade // Add clientID to headers headers["x-authorizer-client-id"] = clientID - return &AuthorizerClient{ + c := &AuthorizerClient{ RedirectURL: strings.TrimSuffix(redirectURL, "/"), AuthorizerURL: strings.TrimSuffix(authorizerURL, "/"), ClientID: clientID, - ExtraHeaders: headers, - }, nil + ExtraHeaders: extraHeaders, + Protocol: ProtocolGraphQL, + } + for _, opt := range opts { + opt(c) + } + return c, nil } diff --git a/deactivate_account.go b/deactivate_account.go index 3cd024b..44a7b29 100644 --- a/deactivate_account.go +++ b/deactivate_account.go @@ -1,24 +1,37 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // DeactivateAccount is method attached to AuthorizerClient. -// It performs deactivate_account mutation on authorizer instance. +// It performs deactivate_account mutation on the authorizer instance over the +// client's selected protocol (graphql, rest or grpc). // It returns Response reference or error. // For implementation details check DeactivateAccountExample examples/deactivate_account.go func (c *AuthorizerClient) DeactivateAccount(headers map[string]string) (*Response, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation deactivateAccount { deactivate_account { message } }`, - Variables: nil, - }, headers) + var res Response + err := c.execute(methodSpec{ + name: "DeactivateAccount", + graphql: &GraphQLRequest{ + Query: `mutation deactivateAccount { deactivate_account { message } }`, + Variables: nil, + }, + graphqlField: "deactivate_account", + restMethod: http.MethodPost, + restPath: "/v1/deactivate_account", + restBody: nil, + restResp: func() proto.Message { return &authorizerv1.DeactivateAccountResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + return cli.DeactivateAccount(ctx, &authorizerv1.DeactivateAccountRequest{}) + }, + }, headers, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["deactivate_account"], nil + return &res, nil } diff --git a/examples/manual/main.go b/examples/manual/main.go new file mode 100644 index 0000000..0b4f888 --- /dev/null +++ b/examples/manual/main.go @@ -0,0 +1,164 @@ +// Manual end-to-end smoke test for the Authorizer Go SDK. +// +// Exercises the public client (meta/signup/login/profile) and the admin client +// (users/webhooks/FGA) over the protocol you pick. +// +// Run against a local server (defaults shown): +// +// AUTHORIZER_URL=http://localhost:8080 \ +// CLIENT_ID=test-client \ +// ADMIN_SECRET=admin \ +// PROTOCOL=graphql \ # graphql | rest | grpc +// go run ./examples/manual +// +// gRPC listens on its own port (default :9091). The SDK derives it from the +// HTTP host; override with GRPC_ENDPOINT=host:port if needed. For plaintext +// gRPC the server must run with --grpc-insecure=true. +package main + +import ( + "fmt" + "os" + "time" + + "github.com/authorizerdev/authorizer-go" + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" +) + +func env(k, def string) string { + if v := os.Getenv(k); v != "" { + return v + } + return def +} + +func protocol() authorizer.Protocol { + switch env("PROTOCOL", "graphql") { + case "rest": + return authorizer.ProtocolREST + case "grpc": + return authorizer.ProtocolGRPC + default: + return authorizer.ProtocolGraphQL + } +} + +// step prints a labelled result; it never aborts so the whole flow runs. +func step(label string, v any, err error) { + if err != nil { + fmt.Printf("✗ %-22s error: %v\n", label, err) + return + } + fmt.Printf("✓ %-22s %+v\n", label, v) +} + +func main() { + url := env("AUTHORIZER_URL", "http://localhost:8080") + clientID := env("CLIENT_ID", "test-client") + adminSecret := env("ADMIN_SECRET", "admin") + p := protocol() + fmt.Printf("== Authorizer Go SDK manual test ==\nurl=%s protocol=%s\n\n", url, p) + + userOpts := []authorizer.ClientOption{authorizer.WithProtocol(p)} + adminOpts := []authorizer.AdminClientOption{authorizer.WithAdminProtocol(p)} + if g := os.Getenv("GRPC_ENDPOINT"); g != "" { + userOpts = append(userOpts, authorizer.WithGRPCEndpoint(g)) + adminOpts = append(adminOpts, authorizer.WithAdminGRPCEndpoint(g)) + } + + // ---- Public client ---- + c, err := authorizer.NewAuthorizerClient(clientID, url, "", nil, userOpts...) + if err != nil { + fmt.Println("failed to build client:", err) + os.Exit(1) + } + + meta, err := c.GetMetaData() + step("GetMetaData", meta, err) + + email := fmt.Sprintf("go-manual-%d@example.com", time.Now().UnixNano()) + su, err := c.SignUp(&authorizer.SignUpRequest{ + Email: authorizer.NewStringRef(email), + Password: "Test@12345", + ConfirmPassword: "Test@12345", + }) + step("SignUp", su, err) + + li, err := c.Login(&authorizer.LoginRequest{ + Email: authorizer.NewStringRef(email), + Password: "Test@12345", + }) + step("Login", li, err) + + if li != nil && li.AccessToken != nil { + bearer := map[string]string{"Authorization": "Bearer " + *li.AccessToken} + prof, err := c.GetProfile(bearer) + step("GetProfile", prof, err) + } + + // ---- Admin client (auth via x-authorizer-admin-secret) ---- + fmt.Println("\n-- admin --") + admin, err := authorizer.NewAuthorizerAdminClient(url, adminSecret, adminOpts...) + if err != nil { + fmt.Println("failed to build admin client:", err) + return + } + + users, err := admin.Users(&authorizerv1.UsersRequest{}) + if err != nil { + step("Admin.Users", nil, err) + } else { + step("Admin.Users", fmt.Sprintf("%d user(s)", len(users.GetUsers())), nil) + } + + const webhookEndpoint = "https://example.com/webhook" + wh, err := admin.AddWebhook(&authorizerv1.AddWebhookRequest{ + EventName: "user.login", + Endpoint: webhookEndpoint, + Enabled: true, + }) + step("Admin.AddWebhook", wh, err) + + whs, err := admin.Webhooks(&authorizerv1.WebhooksRequest{}) + if err != nil { + step("Admin.Webhooks", nil, err) + } else { + step("Admin.Webhooks", fmt.Sprintf("%d webhook(s)", len(whs.GetWebhooks())), nil) + // Clean up by endpoint: the server appends a "-" suffix to + // event_name (so it is not a stable key), but endpoint is stored verbatim. + for _, w := range whs.GetWebhooks() { + if w.GetEndpoint() == webhookEndpoint { + _, derr := admin.DeleteWebhook(&authorizerv1.DeleteWebhookRequest{Id: w.GetId()}) + step("Admin.DeleteWebhook", w.GetId(), derr) + } + } + } + + // ---- FGA admin ---- + fmt.Println("\n-- fga admin --") + const model = `model + schema 1.1 +type user +type document + relations + define viewer: [user]` + fm, err := admin.FgaWriteModel(&authorizerv1.FgaWriteModelRequest{Dsl: model}) + step("Admin.FgaWriteModel", fm, err) + + object := fmt.Sprintf("document:%d", time.Now().UnixNano()) // unique so re-runs don't collide + wt, err := admin.FgaWriteTuples(&authorizerv1.FgaWriteTuplesRequest{ + Tuples: []*authorizerv1.FgaTupleInput{ + {User: "user:alice", Relation: "viewer", Object: object}, + }, + }) + step("Admin.FgaWriteTuples", wt, err) + + rt, err := admin.FgaReadTuples(&authorizerv1.FgaReadTuplesRequest{}) + if err != nil { + step("Admin.FgaReadTuples", nil, err) + } else { + step("Admin.FgaReadTuples", fmt.Sprintf("%d tuple(s)", len(rt.GetTuples())), nil) + } + + fmt.Println("\ndone.") +} diff --git a/execute.go b/execute.go new file mode 100644 index 0000000..3a6ed9c --- /dev/null +++ b/execute.go @@ -0,0 +1,170 @@ +package authorizer + +import ( + "context" + "encoding/json" + "fmt" + "strings" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/grpc" + "google.golang.org/protobuf/proto" +) + +// methodSpec declares how one public client method is carried over each +// protocol. A protocol whose field is empty/nil is unsupported and yields a +// clear " not available over ; use " error before +// any network call — mirroring the admin client's availability map. As of +// 2.3.0 every public RPC is implemented over graphql + rest + grpc. +// +// For grpc/rest the spec returns proto response messages. The response envelope +// is now flat (no per-RPC wrapper), so the bare proto domain message maps +// directly onto the SDK's response struct. Because proto JSON (protojson + +// grpc-gateway REST) emits int64 fields as strings, REST bodies are decoded +// with protojson before being round-tripped onto the SDK type. +type methodSpec struct { + // name is the human method name for error messages, e.g. "Login". + name string + + // graphql is the prebuilt GraphQL request; nil means gql-unsupported. + graphql *GraphQLRequest + // graphqlField is the top-level response field to unwrap, e.g. "login". + graphqlField string + + // restMethod / restPath are the typed REST endpoint, e.g. + // (http.MethodPost, "/v1/login"). An empty restPath means rest-unsupported. + restMethod string + restPath string + // restBody is the JSON payload for POST endpoints (nil for GET). + restBody interface{} + // restResp returns a fresh proto response message to protojson-unmarshal the + // REST body into (so int64 string fields decode correctly). + restResp func() proto.Message + + // grpcCall invokes the generated stub and returns the proto response; nil + // means grpc-unsupported. + grpcCall func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) +} + +// supported reports which protocols a spec implements, for error messages. +func (s methodSpec) supported() string { + var got []string + if s.graphql != nil { + got = append(got, "graphql") + } + if s.restPath != "" { + got = append(got, "rest") + } + if s.grpcCall != nil { + got = append(got, "grpc") + } + return strings.Join(got, " or ") +} + +// projectProto round-trips a flat proto response message onto the SDK's +// response struct (out). +func (s methodSpec) projectProto(resp interface{}, out interface{}) error { + return remarshal(resp, out) +} + +// execute dispatches a public client method over the client's selected +// protocol and unmarshals the result into out (a pointer). Calling a method on +// a protocol it does not support returns a clear error before any network call. +func (c *AuthorizerClient) execute(spec methodSpec, headers map[string]string, out interface{}) error { + switch c.Protocol { + case ProtocolREST: + if spec.restPath == "" { + return unsupportedProtocol(spec.name, c.Protocol, spec.supported()) + } + // Decode proto-typed REST responses with protojson (int64 serialize as + // strings over REST), then map the flat proto message onto the SDK type. + if out == nil || spec.restResp == nil { + return c.executeREST(spec.restMethod, spec.restPath, spec.restBody, headers, nil) + } + resp := spec.restResp() + if err := c.executeREST(spec.restMethod, spec.restPath, spec.restBody, headers, resp); err != nil { + return err + } + return spec.projectProto(resp, out) + + case ProtocolGRPC: + if spec.grpcCall == nil { + return unsupportedProtocol(spec.name, c.Protocol, spec.supported()) + } + conn, err := grpcDial(c.AuthorizerURL, c.GRPCEndpoint) + if err != nil { + return err + } + defer conn.Close() + + ctx := outgoingContext(context.Background(), mergeHeaders(c.ExtraHeaders, headers)) + cli := authorizerv1.NewAuthorizerServiceClient(conn) + resp, err := spec.grpcCall(ctx, cli) + if err != nil { + return err + } + if out == nil { + return nil + } + return spec.projectProto(resp, out) + + default: // ProtocolGraphQL + if spec.graphql == nil { + return unsupportedProtocol(spec.name, c.Protocol, spec.supported()) + } + bytesData, err := c.ExecuteGraphQL(spec.graphql, headers) + if err != nil { + return err + } + if out == nil { + return nil + } + var res map[string]json.RawMessage + if err := json.Unmarshal(bytesData, &res); err != nil { + return err + } + field, ok := res[spec.graphqlField] + if !ok { + return nil + } + return json.Unmarshal(field, out) + } +} + +// remarshal JSON round-trips a proto response message into the SDK's own +// response struct, so the public method signatures stay identical across +// protocols. Proto messages carry json tags matching the GraphQL/REST shapes. +func remarshal(from, to interface{}) error { + if to == nil { + return nil + } + b, err := json.Marshal(from) + if err != nil { + return err + } + return json.Unmarshal(b, to) +} + +// mergeHeaders merges per-call headers over the client's default headers. +func mergeHeaders(base, override map[string]string) map[string]string { + if len(base) == 0 { + return override + } + merged := make(map[string]string, len(base)+len(override)) + for k, v := range base { + merged[k] = v + } + for k, v := range override { + merged[k] = v + } + return merged +} + +// unsupportedProtocol builds the standard " not available over +// " error used by methods that only exist on a subset of protocols. +func unsupportedProtocol(method string, p Protocol, supported string) error { + return fmt.Errorf("%s not available over %s; use %s", method, p, supported) +} + +// grpcOpts is a convenience alias so spec closures stay short. +type grpcOpts = []grpc.CallOption diff --git a/fga.go b/fga.go index 95502e3..38735bf 100644 --- a/fga.go +++ b/fga.go @@ -1,7 +1,5 @@ package authorizer -import "encoding/json" - // This file implements the client-facing fine-grained authorization (FGA) // surface backed by Authorizer's embedded OpenFGA engine. Only the read-side // operations a relying party needs are exposed here — checking permissions and @@ -15,6 +13,9 @@ import "encoding/json" // `User` override ("type:id", or a bare id treated as "user:") is honored // only when the caller is a super-admin OR it equals the caller's own token // subject; anything else is rejected by the server — never silently ignored. +// +// The individual operations live in check_permissions.go and +// list_permissions.go. // FgaTupleInput is a single relationship tuple: User is related to Object via // Relation. Used to pass contextual tuples that are evaluated for one check @@ -24,93 +25,3 @@ type FgaTupleInput struct { Relation string `json:"relation"` Object string `json:"object"` } - -// PermissionCheckInput is one permission to evaluate: "does the subject have -// Relation on Object?". -type PermissionCheckInput struct { - Relation string `json:"relation"` - Object string `json:"object"` - // ContextualTuples are evaluated for this check only and not persisted. - ContextualTuples []*FgaTupleInput `json:"contextual_tuples,omitempty"` -} - -// CheckPermissionsRequest evaluates one or more permission checks in a single -// call. The subject defaults to the authenticated caller. -type CheckPermissionsRequest struct { - Checks []*PermissionCheckInput `json:"checks"` - // User optionally overrides the subject ("type:id" or bare id → "user:id"). - // Honored only for super-admin callers or when it equals the caller's own - // token subject; rejected otherwise. - User string `json:"user,omitempty"` -} - -// PermissionCheckResult is the outcome of one permission check, echoing the -// checked Relation/Object pair so batch results are self-describing (and -// positionally aligned with the request's Checks). -type PermissionCheckResult struct { - Relation string `json:"relation"` - Object string `json:"object"` - Allowed bool `json:"allowed"` -} - -// CheckPermissionsResponse carries one result per supplied check, in order. -type CheckPermissionsResponse struct { - Results []*PermissionCheckResult `json:"results"` -} - -// ListPermissionsRequest enumerates the objects of ObjectType the subject -// holds Relation on. Subject resolution follows the same rules as -// CheckPermissionsRequest.User. -type ListPermissionsRequest struct { - Relation string `json:"relation"` - ObjectType string `json:"object_type"` - // User optionally overrides the subject; same trust rules as - // CheckPermissionsRequest.User. - User string `json:"user,omitempty"` -} - -// ListPermissionsResponse lists the fully-qualified object ids (e.g. -// "document:1") the subject holds the queried permission on. -type ListPermissionsResponse struct { - Objects []string `json:"objects"` -} - -// CheckPermissions performs the check_permissions query, evaluating one or -// more relation/object checks for the authenticated caller in a single round -// trip. Results come back in the same order as the supplied Checks, each -// echoing its relation/object pair. headers must carry the caller's bearer -// token or session cookie so the server can pin the subject. -func (c *AuthorizerClient) CheckPermissions(req *CheckPermissionsRequest, headers map[string]string) (*CheckPermissionsResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `query checkPermissions($data: CheckPermissionsInput!){check_permissions(params: $data) { results { relation object allowed } } }`, - Variables: map[string]interface{}{"data": req}, - }, headers) - if err != nil { - return nil, err - } - - var res map[string]*CheckPermissionsResponse - if err := json.Unmarshal(bytesData, &res); err != nil { - return nil, err - } - return res["check_permissions"], nil -} - -// ListPermissions performs the list_permissions query, returning the -// fully-qualified ids of objects of ObjectType the authenticated caller holds -// Relation on. headers must carry the caller's credentials. -func (c *AuthorizerClient) ListPermissions(req *ListPermissionsRequest, headers map[string]string) (*ListPermissionsResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `query listPermissions($data: ListPermissionsInput!){list_permissions(params: $data) { objects } }`, - Variables: map[string]interface{}{"data": req}, - }, headers) - if err != nil { - return nil, err - } - - var res map[string]*ListPermissionsResponse - if err := json.Unmarshal(bytesData, &res); err != nil { - return nil, err - } - return res["list_permissions"], nil -} diff --git a/forgot_password.go b/forgot_password.go index 27aa66f..c547bf0 100644 --- a/forgot_password.go +++ b/forgot_password.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // ForgotPasswordRequest defines attributes for forgot_password request @@ -28,18 +32,28 @@ func (c *AuthorizerClient) ForgotPassword(req *ForgotPasswordRequest) (*ForgotPa req.RedirectURI = NewStringRef(c.RedirectURL) } - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation forgotPassword($data: ForgotPasswordRequest!) { forgot_password(params: $data) { message should_show_mobile_otp_screen } }`, - Variables: map[string]interface{}{ - "data": req, + var res ForgotPasswordResponse + err := c.execute(methodSpec{ + name: "ForgotPassword", + graphql: &GraphQLRequest{ + Query: `mutation forgotPassword($data: ForgotPasswordRequest!) { forgot_password(params: $data) { message should_show_mobile_otp_screen } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "forgot_password", + restMethod: http.MethodPost, + restPath: "/v1/forgot_password", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ForgotPasswordResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ForgotPasswordRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ForgotPassword(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*ForgotPasswordResponse - json.Unmarshal(bytesData, &res) - - return res["forgot_password"], nil + return &res, nil } diff --git a/get_meta_data.go b/get_meta_data.go index b5e323d..e219bac 100644 --- a/get_meta_data.go +++ b/get_meta_data.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // MetaDataResponse defines attributes for MetaData response query @@ -32,16 +36,24 @@ type MetaDataResponse struct { // It performs meta query on authorizer instance. // It returns MetaResponse reference or error. func (c *AuthorizerClient) GetMetaData() (*MetaDataResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `query { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_discord_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }`, - Variables: nil, - }, nil) + var res MetaDataResponse + err := c.execute(methodSpec{ + name: "GetMetaData", + graphql: &GraphQLRequest{ + Query: `query { meta { version client_id is_google_login_enabled is_facebook_login_enabled is_github_login_enabled is_linkedin_login_enabled is_apple_login_enabled is_twitter_login_enabled is_discord_login_enabled is_microsoft_login_enabled is_twitch_login_enabled is_roblox_login_enabled is_email_verification_enabled is_basic_authentication_enabled is_magic_link_login_enabled is_sign_up_enabled is_strong_password_enabled is_multi_factor_auth_enabled is_mobile_basic_authentication_enabled is_phone_verification_enabled } }`, + Variables: nil, + }, + graphqlField: "meta", + restMethod: http.MethodGet, + restPath: "/v1/meta", + restBody: nil, + restResp: func() proto.Message { return &authorizerv1.Meta{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + return cli.Meta(ctx, &authorizerv1.MetaRequest{}) + }, + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*MetaDataResponse - json.Unmarshal(bytesData, &res) - - return res["meta"], nil + return &res, nil } diff --git a/get_profile.go b/get_profile.go index c664a44..86bbf15 100644 --- a/get_profile.go +++ b/get_profile.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // GetProfile is method attached to AuthorizerClient. @@ -10,16 +14,24 @@ import ( // It returns User reference or error. // For implementation details check GetProfileExample examples/get_profile.go func (c *AuthorizerClient) GetProfile(headers map[string]string) (*User, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`query { profile { %s } }`, UserFragment), - Variables: nil, - }, headers) + var res User + err := c.execute(methodSpec{ + name: "GetProfile", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`query { profile { %s } }`, UserFragment), + Variables: nil, + }, + graphqlField: "profile", + restMethod: http.MethodGet, + restPath: "/v1/profile", + restBody: nil, + restResp: func() proto.Message { return &authorizerv1.User{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + return cli.Profile(ctx, &authorizerv1.ProfileRequest{}) + }, + }, headers, &res) if err != nil { return nil, err } - - var res map[string]*User - json.Unmarshal(bytesData, &res) - - return res["profile"], nil + return &res, nil } diff --git a/get_session.go b/get_session.go index 866576d..2e39af7 100644 --- a/get_session.go +++ b/get_session.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // SessionQueryRequest defines attributes for session query request @@ -18,18 +22,28 @@ type SessionQueryInput = SessionQueryRequest // It performs session query on authorizer instance. // It returns AuthTokenResponse reference or error. func (c *AuthorizerClient) GetSession(req *SessionQueryRequest, headers map[string]string) (*AuthTokenResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`query getSession($data: SessionQueryRequest){session(params: $data) { %s } }`, AuthTokenResponseFragment), - Variables: map[string]interface{}{ - "data": req, + var res AuthTokenResponse + err := c.execute(methodSpec{ + name: "GetSession", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`query getSession($data: SessionQueryRequest){session(params: $data) { %s } }`, AuthTokenResponseFragment), + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "session", + restMethod: http.MethodPost, + restPath: "/v1/session", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.AuthResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.SessionRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.Session(ctx, &in) }, - }, headers) + }, headers, &res) if err != nil { return nil, err } - - var res map[string]*AuthTokenResponse - json.Unmarshal(bytesData, &res) - - return res["session"], nil + return &res, nil } diff --git a/go.mod b/go.mod index b1e17e6..de35615 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,17 @@ module github.com/authorizerdev/authorizer-go go 1.25.5 + +require ( + buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.11-20260415201107-50325440f8f2.1 + google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa + google.golang.org/grpc v1.81.1 + google.golang.org/protobuf v1.36.11 +) + +require ( + golang.org/x/net v0.51.0 // indirect + golang.org/x/sys v0.42.0 // indirect + golang.org/x/text v0.34.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20260523011958-0a33c5d7ca68 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..af6b23e --- /dev/null +++ b/go.sum @@ -0,0 +1,42 @@ +buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.11-20260415201107-50325440f8f2.1 h1:s6hzCXtND/ICdGPTMGk7C+/BFlr2Jg5GyH0NKf4XGXg= +buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.36.11-20260415201107-50325440f8f2.1/go.mod h1:tvtbpgaVXZX4g6Pn+AnzFycuRK3MOz5HJfEGeEllXYM= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= +github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64= +go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= +go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I= +go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0= +go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM= +go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY= +go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg= +go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg= +go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw= +go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A= +go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A= +go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0= +golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= +golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk= +golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA= +gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4= +gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E= +google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa h1:Kjn0N0tCrDgiAFW+lGO4JZ3ck44CehvJQMAwj9QF0G8= +google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa/go.mod h1:q4lMZS6kskjT5HvCPrnnypcDPVJqT/f4nfxmkE7gryY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20260523011958-0a33c5d7ca68 h1:PvEgGJf9C/1u5CHkInMg7UFYYUoiaQmW2LbtH0pjB78= +google.golang.org/genproto/googleapis/rpc v0.0.0-20260523011958-0a33c5d7ca68/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8= +google.golang.org/grpc v1.81.1 h1:VnnIIZ88UzOOKLukQi+ImGz8O1Wdp8nAGGnvOfEIWQQ= +google.golang.org/grpc v1.81.1/go.mod h1:xGH9GfzOyMTGIOXBJmXt+BX/V0kcdQbdcuwQ/zNw42I= +google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= +google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= diff --git a/graphql.go b/graphql.go index 02134e5..f329d27 100644 --- a/graphql.go +++ b/graphql.go @@ -6,6 +6,7 @@ import ( "errors" "io" "net/http" + "net/url" "time" ) @@ -50,6 +51,18 @@ func (c *AuthorizerClient) ExecuteGraphQL(req *GraphQLRequest, headers map[strin httpReq.Header.Add(key, val) } + // Authorizer's CSRF guard rejects state-changing requests without an + // Origin or Referer header. Browsers send Origin automatically; this + // server-side client must set it explicitly. The server's own origin + // always passes the guard's same-origin rule (the default when + // ALLOWED_ORIGINS is the wildcard). Deployments with an explicit + // allowlist can override it via ExtraHeaders or per-call headers. + if httpReq.Header.Get("Origin") == "" { + if u, err := url.Parse(c.AuthorizerURL); err == nil && u.Scheme != "" && u.Host != "" { + httpReq.Header.Set("Origin", u.Scheme+"://"+u.Host) + } + } + res, err := client.Do(httpReq) if err != nil { return nil, err @@ -73,6 +86,13 @@ func (c *AuthorizerClient) ExecuteGraphQL(req *GraphQLRequest, headers map[strin return nil, errors.New(gqlRes.Errors[0].Message) } + // Non-GraphQL failures (e.g. the CSRF guard's 403, a proxy error page) + // carry no "errors" array. Without this check they would surface as a + // nil result with a nil error and panic the caller. + if res.StatusCode >= http.StatusBadRequest { + return nil, errors.New(http.StatusText(res.StatusCode) + ": " + string(bodyBytes)) + } + dataBytes, err := json.Marshal(gqlRes.Data) if err != nil { return nil, err diff --git a/internal/genpb/authorizer/v1/admin.pb.go b/internal/genpb/authorizer/v1/admin.pb.go new file mode 100644 index 0000000..db3a03b --- /dev/null +++ b/internal/genpb/authorizer/v1/admin.pb.go @@ -0,0 +1,5119 @@ +// proto/authorizer/v1/admin.proto +// +// AuthorizerAdminService exposes Authorizer's super-admin-only operations +// (the `_`-prefixed GraphQL queries/mutations). It is registered on the SAME +// grpc.Server and gateway mux as AuthorizerService. Every RPC requires +// super-admin auth (admin session cookie or x-authorizer-admin-secret header) +// except AdminLogin, which establishes it. Admin operations are intentionally +// NOT exposed over MCP. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/admin.proto + +package authorizerv1 + +import ( + _ "buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go/buf/validate" + _ "google.golang.org/genproto/googleapis/api/annotations" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type AdminLoginRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + AdminSecret string `protobuf:"bytes,1,opt,name=admin_secret,json=adminSecret,proto3" json:"admin_secret,omitempty"` +} + +func (x *AdminLoginRequest) Reset() { + *x = AdminLoginRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminLoginRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminLoginRequest) ProtoMessage() {} + +func (x *AdminLoginRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminLoginRequest.ProtoReflect.Descriptor instead. +func (*AdminLoginRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{0} +} + +func (x *AdminLoginRequest) GetAdminSecret() string { + if x != nil { + return x.AdminSecret + } + return "" +} + +type AdminLoginResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *AdminLoginResponse) Reset() { + *x = AdminLoginResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminLoginResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminLoginResponse) ProtoMessage() {} + +func (x *AdminLoginResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminLoginResponse.ProtoReflect.Descriptor instead. +func (*AdminLoginResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{1} +} + +func (x *AdminLoginResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type AdminLogoutRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *AdminLogoutRequest) Reset() { + *x = AdminLogoutRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminLogoutRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminLogoutRequest) ProtoMessage() {} + +func (x *AdminLogoutRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[2] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminLogoutRequest.ProtoReflect.Descriptor instead. +func (*AdminLogoutRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{2} +} + +type AdminLogoutResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *AdminLogoutResponse) Reset() { + *x = AdminLogoutResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminLogoutResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminLogoutResponse) ProtoMessage() {} + +func (x *AdminLogoutResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminLogoutResponse.ProtoReflect.Descriptor instead. +func (*AdminLogoutResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{3} +} + +func (x *AdminLogoutResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type AdminSessionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *AdminSessionRequest) Reset() { + *x = AdminSessionRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminSessionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminSessionRequest) ProtoMessage() {} + +func (x *AdminSessionRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminSessionRequest.ProtoReflect.Descriptor instead. +func (*AdminSessionRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{4} +} + +type AdminSessionResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *AdminSessionResponse) Reset() { + *x = AdminSessionResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminSessionResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminSessionResponse) ProtoMessage() {} + +func (x *AdminSessionResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[5] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminSessionResponse.ProtoReflect.Descriptor instead. +func (*AdminSessionResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{5} +} + +func (x *AdminSessionResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type AdminMetaRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *AdminMetaRequest) Reset() { + *x = AdminMetaRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminMetaRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminMetaRequest) ProtoMessage() {} + +func (x *AdminMetaRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[6] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminMetaRequest.ProtoReflect.Descriptor instead. +func (*AdminMetaRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{6} +} + +type AdminMetaResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + AdminMeta *AdminMeta `protobuf:"bytes,1,opt,name=admin_meta,json=adminMeta,proto3" json:"admin_meta,omitempty"` +} + +func (x *AdminMetaResponse) Reset() { + *x = AdminMetaResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminMetaResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminMetaResponse) ProtoMessage() {} + +func (x *AdminMetaResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminMetaResponse.ProtoReflect.Descriptor instead. +func (*AdminMetaResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{7} +} + +func (x *AdminMetaResponse) GetAdminMeta() *AdminMeta { + if x != nil { + return x.AdminMeta + } + return nil +} + +// AdminMeta mirrors model.AdminMeta exactly (no version field). +type AdminMeta struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Roles []string `protobuf:"bytes,1,rep,name=roles,proto3" json:"roles,omitempty"` + DefaultRoles []string `protobuf:"bytes,2,rep,name=default_roles,json=defaultRoles,proto3" json:"default_roles,omitempty"` + ProtectedRoles []string `protobuf:"bytes,3,rep,name=protected_roles,json=protectedRoles,proto3" json:"protected_roles,omitempty"` +} + +func (x *AdminMeta) Reset() { + *x = AdminMeta{} + mi := &file_authorizer_v1_admin_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AdminMeta) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AdminMeta) ProtoMessage() {} + +func (x *AdminMeta) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AdminMeta.ProtoReflect.Descriptor instead. +func (*AdminMeta) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{8} +} + +func (x *AdminMeta) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *AdminMeta) GetDefaultRoles() []string { + if x != nil { + return x.DefaultRoles + } + return nil +} + +func (x *AdminMeta) GetProtectedRoles() []string { + if x != nil { + return x.ProtectedRoles + } + return nil +} + +type UsersRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Pagination *PaginationRequest `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *UsersRequest) Reset() { + *x = UsersRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UsersRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UsersRequest) ProtoMessage() {} + +func (x *UsersRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[9] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UsersRequest.ProtoReflect.Descriptor instead. +func (*UsersRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{9} +} + +func (x *UsersRequest) GetPagination() *PaginationRequest { + if x != nil { + return x.Pagination + } + return nil +} + +type UsersResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Users []*User `protobuf:"bytes,1,rep,name=users,proto3" json:"users,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *UsersResponse) Reset() { + *x = UsersResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UsersResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UsersResponse) ProtoMessage() {} + +func (x *UsersResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[10] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UsersResponse.ProtoReflect.Descriptor instead. +func (*UsersResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{10} +} + +func (x *UsersResponse) GetUsers() []*User { + if x != nil { + return x.Users + } + return nil +} + +func (x *UsersResponse) GetPagination() *Pagination { + if x != nil { + return x.Pagination + } + return nil +} + +// UserRequest fetches a single user by id or email; at least one must be set. +type UserRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Email string `protobuf:"bytes,2,opt,name=email,proto3" json:"email,omitempty"` +} + +func (x *UserRequest) Reset() { + *x = UserRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UserRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UserRequest) ProtoMessage() {} + +func (x *UserRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[11] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UserRequest.ProtoReflect.Descriptor instead. +func (*UserRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{11} +} + +func (x *UserRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *UserRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +type UserResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + User *User `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"` +} + +func (x *UserResponse) Reset() { + *x = UserResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UserResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UserResponse) ProtoMessage() {} + +func (x *UserResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UserResponse.ProtoReflect.Descriptor instead. +func (*UserResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{12} +} + +func (x *UserResponse) GetUser() *User { + if x != nil { + return x.User + } + return nil +} + +// UpdateUserRequest mirrors model.UpdateUserRequest. Nullable GraphQL inputs use +// proto3 `optional` so an unset field is distinguishable from an empty value +// (e.g. clearing a name vs leaving it untouched, or email_verified=false). +type UpdateUserRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Email *string `protobuf:"bytes,2,opt,name=email,proto3,oneof" json:"email,omitempty"` + EmailVerified *bool `protobuf:"varint,3,opt,name=email_verified,json=emailVerified,proto3,oneof" json:"email_verified,omitempty"` + GivenName *string `protobuf:"bytes,4,opt,name=given_name,json=givenName,proto3,oneof" json:"given_name,omitempty"` + FamilyName *string `protobuf:"bytes,5,opt,name=family_name,json=familyName,proto3,oneof" json:"family_name,omitempty"` + MiddleName *string `protobuf:"bytes,6,opt,name=middle_name,json=middleName,proto3,oneof" json:"middle_name,omitempty"` + Nickname *string `protobuf:"bytes,7,opt,name=nickname,proto3,oneof" json:"nickname,omitempty"` + Gender *string `protobuf:"bytes,8,opt,name=gender,proto3,oneof" json:"gender,omitempty"` + Birthdate *string `protobuf:"bytes,9,opt,name=birthdate,proto3,oneof" json:"birthdate,omitempty"` + PhoneNumber *string `protobuf:"bytes,10,opt,name=phone_number,json=phoneNumber,proto3,oneof" json:"phone_number,omitempty"` + PhoneNumberVerified *bool `protobuf:"varint,11,opt,name=phone_number_verified,json=phoneNumberVerified,proto3,oneof" json:"phone_number_verified,omitempty"` + Picture *string `protobuf:"bytes,12,opt,name=picture,proto3,oneof" json:"picture,omitempty"` + Roles []string `protobuf:"bytes,13,rep,name=roles,proto3" json:"roles,omitempty"` + IsMultiFactorAuthEnabled *bool `protobuf:"varint,14,opt,name=is_multi_factor_auth_enabled,json=isMultiFactorAuthEnabled,proto3,oneof" json:"is_multi_factor_auth_enabled,omitempty"` + AppData *AppData `protobuf:"bytes,15,opt,name=app_data,json=appData,proto3" json:"app_data,omitempty"` +} + +func (x *UpdateUserRequest) Reset() { + *x = UpdateUserRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateUserRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateUserRequest) ProtoMessage() {} + +func (x *UpdateUserRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateUserRequest.ProtoReflect.Descriptor instead. +func (*UpdateUserRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{13} +} + +func (x *UpdateUserRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *UpdateUserRequest) GetEmail() string { + if x != nil && x.Email != nil { + return *x.Email + } + return "" +} + +func (x *UpdateUserRequest) GetEmailVerified() bool { + if x != nil && x.EmailVerified != nil { + return *x.EmailVerified + } + return false +} + +func (x *UpdateUserRequest) GetGivenName() string { + if x != nil && x.GivenName != nil { + return *x.GivenName + } + return "" +} + +func (x *UpdateUserRequest) GetFamilyName() string { + if x != nil && x.FamilyName != nil { + return *x.FamilyName + } + return "" +} + +func (x *UpdateUserRequest) GetMiddleName() string { + if x != nil && x.MiddleName != nil { + return *x.MiddleName + } + return "" +} + +func (x *UpdateUserRequest) GetNickname() string { + if x != nil && x.Nickname != nil { + return *x.Nickname + } + return "" +} + +func (x *UpdateUserRequest) GetGender() string { + if x != nil && x.Gender != nil { + return *x.Gender + } + return "" +} + +func (x *UpdateUserRequest) GetBirthdate() string { + if x != nil && x.Birthdate != nil { + return *x.Birthdate + } + return "" +} + +func (x *UpdateUserRequest) GetPhoneNumber() string { + if x != nil && x.PhoneNumber != nil { + return *x.PhoneNumber + } + return "" +} + +func (x *UpdateUserRequest) GetPhoneNumberVerified() bool { + if x != nil && x.PhoneNumberVerified != nil { + return *x.PhoneNumberVerified + } + return false +} + +func (x *UpdateUserRequest) GetPicture() string { + if x != nil && x.Picture != nil { + return *x.Picture + } + return "" +} + +func (x *UpdateUserRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *UpdateUserRequest) GetIsMultiFactorAuthEnabled() bool { + if x != nil && x.IsMultiFactorAuthEnabled != nil { + return *x.IsMultiFactorAuthEnabled + } + return false +} + +func (x *UpdateUserRequest) GetAppData() *AppData { + if x != nil { + return x.AppData + } + return nil +} + +type UpdateUserResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + User *User `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"` +} + +func (x *UpdateUserResponse) Reset() { + *x = UpdateUserResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateUserResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateUserResponse) ProtoMessage() {} + +func (x *UpdateUserResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[14] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateUserResponse.ProtoReflect.Descriptor instead. +func (*UpdateUserResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{14} +} + +func (x *UpdateUserResponse) GetUser() *User { + if x != nil { + return x.User + } + return nil +} + +// DeleteUserRequest mirrors model.DeleteUserRequest. +type DeleteUserRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` +} + +func (x *DeleteUserRequest) Reset() { + *x = DeleteUserRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteUserRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteUserRequest) ProtoMessage() {} + +func (x *DeleteUserRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[15] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteUserRequest.ProtoReflect.Descriptor instead. +func (*DeleteUserRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{15} +} + +func (x *DeleteUserRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +type DeleteUserResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *DeleteUserResponse) Reset() { + *x = DeleteUserResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[16] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteUserResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteUserResponse) ProtoMessage() {} + +func (x *DeleteUserResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[16] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteUserResponse.ProtoReflect.Descriptor instead. +func (*DeleteUserResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{16} +} + +func (x *DeleteUserResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type VerificationRequestsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Pagination *PaginationRequest `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *VerificationRequestsRequest) Reset() { + *x = VerificationRequestsRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *VerificationRequestsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*VerificationRequestsRequest) ProtoMessage() {} + +func (x *VerificationRequestsRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[17] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use VerificationRequestsRequest.ProtoReflect.Descriptor instead. +func (*VerificationRequestsRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{17} +} + +func (x *VerificationRequestsRequest) GetPagination() *PaginationRequest { + if x != nil { + return x.Pagination + } + return nil +} + +type VerificationRequestsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + VerificationRequests []*VerificationRequest `protobuf:"bytes,1,rep,name=verification_requests,json=verificationRequests,proto3" json:"verification_requests,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *VerificationRequestsResponse) Reset() { + *x = VerificationRequestsResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[18] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *VerificationRequestsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*VerificationRequestsResponse) ProtoMessage() {} + +func (x *VerificationRequestsResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[18] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use VerificationRequestsResponse.ProtoReflect.Descriptor instead. +func (*VerificationRequestsResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{18} +} + +func (x *VerificationRequestsResponse) GetVerificationRequests() []*VerificationRequest { + if x != nil { + return x.VerificationRequests + } + return nil +} + +func (x *VerificationRequestsResponse) GetPagination() *Pagination { + if x != nil { + return x.Pagination + } + return nil +} + +// VerificationRequest mirrors model.VerificationRequest field-for-field. +type VerificationRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Identifier string `protobuf:"bytes,2,opt,name=identifier,proto3" json:"identifier,omitempty"` + Token string `protobuf:"bytes,3,opt,name=token,proto3" json:"token,omitempty"` + Email string `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"` + Expires int64 `protobuf:"varint,5,opt,name=expires,proto3" json:"expires,omitempty"` + CreatedAt int64 `protobuf:"varint,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` + UpdatedAt int64 `protobuf:"varint,7,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"` + Nonce string `protobuf:"bytes,8,opt,name=nonce,proto3" json:"nonce,omitempty"` + RedirectUri string `protobuf:"bytes,9,opt,name=redirect_uri,json=redirectUri,proto3" json:"redirect_uri,omitempty"` +} + +func (x *VerificationRequest) Reset() { + *x = VerificationRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[19] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *VerificationRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*VerificationRequest) ProtoMessage() {} + +func (x *VerificationRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[19] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use VerificationRequest.ProtoReflect.Descriptor instead. +func (*VerificationRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{19} +} + +func (x *VerificationRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *VerificationRequest) GetIdentifier() string { + if x != nil { + return x.Identifier + } + return "" +} + +func (x *VerificationRequest) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +func (x *VerificationRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *VerificationRequest) GetExpires() int64 { + if x != nil { + return x.Expires + } + return 0 +} + +func (x *VerificationRequest) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + +func (x *VerificationRequest) GetUpdatedAt() int64 { + if x != nil { + return x.UpdatedAt + } + return 0 +} + +func (x *VerificationRequest) GetNonce() string { + if x != nil { + return x.Nonce + } + return "" +} + +func (x *VerificationRequest) GetRedirectUri() string { + if x != nil { + return x.RedirectUri + } + return "" +} + +// RevokeAccessRequest mirrors model.UpdateAccessRequest (a single user id). It +// is kept distinct from EnableAccessRequest per buf's one-message-per-RPC rule. +type RevokeAccessRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + UserId string `protobuf:"bytes,1,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"` +} + +func (x *RevokeAccessRequest) Reset() { + *x = RevokeAccessRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[20] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *RevokeAccessRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeAccessRequest) ProtoMessage() {} + +func (x *RevokeAccessRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[20] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeAccessRequest.ProtoReflect.Descriptor instead. +func (*RevokeAccessRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{20} +} + +func (x *RevokeAccessRequest) GetUserId() string { + if x != nil { + return x.UserId + } + return "" +} + +type RevokeAccessResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *RevokeAccessResponse) Reset() { + *x = RevokeAccessResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[21] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *RevokeAccessResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeAccessResponse) ProtoMessage() {} + +func (x *RevokeAccessResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[21] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeAccessResponse.ProtoReflect.Descriptor instead. +func (*RevokeAccessResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{21} +} + +func (x *RevokeAccessResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// EnableAccessRequest mirrors model.UpdateAccessRequest (a single user id). It +// is kept distinct from RevokeAccessRequest per buf's one-message-per-RPC rule. +type EnableAccessRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + UserId string `protobuf:"bytes,1,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"` +} + +func (x *EnableAccessRequest) Reset() { + *x = EnableAccessRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[22] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EnableAccessRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EnableAccessRequest) ProtoMessage() {} + +func (x *EnableAccessRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[22] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EnableAccessRequest.ProtoReflect.Descriptor instead. +func (*EnableAccessRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{22} +} + +func (x *EnableAccessRequest) GetUserId() string { + if x != nil { + return x.UserId + } + return "" +} + +type EnableAccessResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *EnableAccessResponse) Reset() { + *x = EnableAccessResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[23] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EnableAccessResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EnableAccessResponse) ProtoMessage() {} + +func (x *EnableAccessResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[23] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EnableAccessResponse.ProtoReflect.Descriptor instead. +func (*EnableAccessResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{23} +} + +func (x *EnableAccessResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// InviteMembersRequest mirrors model.InviteMemberRequest. redirect_uri is +// optional; when unset the configured app URL is used. +type InviteMembersRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Emails []string `protobuf:"bytes,1,rep,name=emails,proto3" json:"emails,omitempty"` + RedirectUri *string `protobuf:"bytes,2,opt,name=redirect_uri,json=redirectUri,proto3,oneof" json:"redirect_uri,omitempty"` +} + +func (x *InviteMembersRequest) Reset() { + *x = InviteMembersRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[24] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *InviteMembersRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*InviteMembersRequest) ProtoMessage() {} + +func (x *InviteMembersRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[24] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use InviteMembersRequest.ProtoReflect.Descriptor instead. +func (*InviteMembersRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{24} +} + +func (x *InviteMembersRequest) GetEmails() []string { + if x != nil { + return x.Emails + } + return nil +} + +func (x *InviteMembersRequest) GetRedirectUri() string { + if x != nil && x.RedirectUri != nil { + return *x.RedirectUri + } + return "" +} + +// InviteMembersResponse mirrors model.InviteMembersResponse (a message plus the +// list of newly invited users). +type InviteMembersResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` + Users []*User `protobuf:"bytes,2,rep,name=users,proto3" json:"users,omitempty"` +} + +func (x *InviteMembersResponse) Reset() { + *x = InviteMembersResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[25] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *InviteMembersResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*InviteMembersResponse) ProtoMessage() {} + +func (x *InviteMembersResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[25] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use InviteMembersResponse.ProtoReflect.Descriptor instead. +func (*InviteMembersResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{25} +} + +func (x *InviteMembersResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *InviteMembersResponse) GetUsers() []*User { + if x != nil { + return x.Users + } + return nil +} + +// Webhook mirrors model.Webhook field-for-field. headers is a free-form JSON +// object (reusing the shared AppData wrapper around google.protobuf.Struct). +type Webhook struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + EventName string `protobuf:"bytes,2,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"` + EventDescription string `protobuf:"bytes,3,opt,name=event_description,json=eventDescription,proto3" json:"event_description,omitempty"` + Endpoint string `protobuf:"bytes,4,opt,name=endpoint,proto3" json:"endpoint,omitempty"` + Enabled bool `protobuf:"varint,5,opt,name=enabled,proto3" json:"enabled,omitempty"` + Headers *AppData `protobuf:"bytes,6,opt,name=headers,proto3" json:"headers,omitempty"` + CreatedAt int64 `protobuf:"varint,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` + UpdatedAt int64 `protobuf:"varint,8,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"` +} + +func (x *Webhook) Reset() { + *x = Webhook{} + mi := &file_authorizer_v1_admin_proto_msgTypes[26] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *Webhook) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Webhook) ProtoMessage() {} + +func (x *Webhook) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[26] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Webhook.ProtoReflect.Descriptor instead. +func (*Webhook) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{26} +} + +func (x *Webhook) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *Webhook) GetEventName() string { + if x != nil { + return x.EventName + } + return "" +} + +func (x *Webhook) GetEventDescription() string { + if x != nil { + return x.EventDescription + } + return "" +} + +func (x *Webhook) GetEndpoint() string { + if x != nil { + return x.Endpoint + } + return "" +} + +func (x *Webhook) GetEnabled() bool { + if x != nil { + return x.Enabled + } + return false +} + +func (x *Webhook) GetHeaders() *AppData { + if x != nil { + return x.Headers + } + return nil +} + +func (x *Webhook) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + +func (x *Webhook) GetUpdatedAt() int64 { + if x != nil { + return x.UpdatedAt + } + return 0 +} + +// WebhookLog mirrors model.WebhookLog field-for-field. +type WebhookLog struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + HttpStatus int64 `protobuf:"varint,2,opt,name=http_status,json=httpStatus,proto3" json:"http_status,omitempty"` + Response string `protobuf:"bytes,3,opt,name=response,proto3" json:"response,omitempty"` + Request string `protobuf:"bytes,4,opt,name=request,proto3" json:"request,omitempty"` + WebhookId string `protobuf:"bytes,5,opt,name=webhook_id,json=webhookId,proto3" json:"webhook_id,omitempty"` + CreatedAt int64 `protobuf:"varint,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` + UpdatedAt int64 `protobuf:"varint,7,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"` +} + +func (x *WebhookLog) Reset() { + *x = WebhookLog{} + mi := &file_authorizer_v1_admin_proto_msgTypes[27] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *WebhookLog) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WebhookLog) ProtoMessage() {} + +func (x *WebhookLog) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[27] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WebhookLog.ProtoReflect.Descriptor instead. +func (*WebhookLog) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{27} +} + +func (x *WebhookLog) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *WebhookLog) GetHttpStatus() int64 { + if x != nil { + return x.HttpStatus + } + return 0 +} + +func (x *WebhookLog) GetResponse() string { + if x != nil { + return x.Response + } + return "" +} + +func (x *WebhookLog) GetRequest() string { + if x != nil { + return x.Request + } + return "" +} + +func (x *WebhookLog) GetWebhookId() string { + if x != nil { + return x.WebhookId + } + return "" +} + +func (x *WebhookLog) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + +func (x *WebhookLog) GetUpdatedAt() int64 { + if x != nil { + return x.UpdatedAt + } + return 0 +} + +// AddWebhookRequest mirrors model.AddWebhookRequest. event_description is +// optional; when unset it defaults to the event name with dots replaced by +// spaces. +type AddWebhookRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EventName string `protobuf:"bytes,1,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"` + EventDescription *string `protobuf:"bytes,2,opt,name=event_description,json=eventDescription,proto3,oneof" json:"event_description,omitempty"` + Endpoint string `protobuf:"bytes,3,opt,name=endpoint,proto3" json:"endpoint,omitempty"` + Enabled bool `protobuf:"varint,4,opt,name=enabled,proto3" json:"enabled,omitempty"` + Headers *AppData `protobuf:"bytes,5,opt,name=headers,proto3" json:"headers,omitempty"` +} + +func (x *AddWebhookRequest) Reset() { + *x = AddWebhookRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[28] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AddWebhookRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AddWebhookRequest) ProtoMessage() {} + +func (x *AddWebhookRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[28] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AddWebhookRequest.ProtoReflect.Descriptor instead. +func (*AddWebhookRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{28} +} + +func (x *AddWebhookRequest) GetEventName() string { + if x != nil { + return x.EventName + } + return "" +} + +func (x *AddWebhookRequest) GetEventDescription() string { + if x != nil && x.EventDescription != nil { + return *x.EventDescription + } + return "" +} + +func (x *AddWebhookRequest) GetEndpoint() string { + if x != nil { + return x.Endpoint + } + return "" +} + +func (x *AddWebhookRequest) GetEnabled() bool { + if x != nil { + return x.Enabled + } + return false +} + +func (x *AddWebhookRequest) GetHeaders() *AppData { + if x != nil { + return x.Headers + } + return nil +} + +type AddWebhookResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *AddWebhookResponse) Reset() { + *x = AddWebhookResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[29] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AddWebhookResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AddWebhookResponse) ProtoMessage() {} + +func (x *AddWebhookResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[29] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AddWebhookResponse.ProtoReflect.Descriptor instead. +func (*AddWebhookResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{29} +} + +func (x *AddWebhookResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// UpdateWebhookRequest mirrors model.UpdateWebhookRequest. Nullable GraphQL +// inputs use proto3 `optional` so an unset field is distinguishable from an +// empty value. +type UpdateWebhookRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + EventName *string `protobuf:"bytes,2,opt,name=event_name,json=eventName,proto3,oneof" json:"event_name,omitempty"` + EventDescription *string `protobuf:"bytes,3,opt,name=event_description,json=eventDescription,proto3,oneof" json:"event_description,omitempty"` + Endpoint *string `protobuf:"bytes,4,opt,name=endpoint,proto3,oneof" json:"endpoint,omitempty"` + Enabled *bool `protobuf:"varint,5,opt,name=enabled,proto3,oneof" json:"enabled,omitempty"` + Headers *AppData `protobuf:"bytes,6,opt,name=headers,proto3" json:"headers,omitempty"` +} + +func (x *UpdateWebhookRequest) Reset() { + *x = UpdateWebhookRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[30] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateWebhookRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateWebhookRequest) ProtoMessage() {} + +func (x *UpdateWebhookRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[30] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateWebhookRequest.ProtoReflect.Descriptor instead. +func (*UpdateWebhookRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{30} +} + +func (x *UpdateWebhookRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *UpdateWebhookRequest) GetEventName() string { + if x != nil && x.EventName != nil { + return *x.EventName + } + return "" +} + +func (x *UpdateWebhookRequest) GetEventDescription() string { + if x != nil && x.EventDescription != nil { + return *x.EventDescription + } + return "" +} + +func (x *UpdateWebhookRequest) GetEndpoint() string { + if x != nil && x.Endpoint != nil { + return *x.Endpoint + } + return "" +} + +func (x *UpdateWebhookRequest) GetEnabled() bool { + if x != nil && x.Enabled != nil { + return *x.Enabled + } + return false +} + +func (x *UpdateWebhookRequest) GetHeaders() *AppData { + if x != nil { + return x.Headers + } + return nil +} + +type UpdateWebhookResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *UpdateWebhookResponse) Reset() { + *x = UpdateWebhookResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[31] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateWebhookResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateWebhookResponse) ProtoMessage() {} + +func (x *UpdateWebhookResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[31] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateWebhookResponse.ProtoReflect.Descriptor instead. +func (*UpdateWebhookResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{31} +} + +func (x *UpdateWebhookResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// DeleteWebhookRequest mirrors model.WebhookRequest (a single webhook id). It is +// kept distinct from GetWebhookRequest per buf's one-message-per-RPC rule. +type DeleteWebhookRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` +} + +func (x *DeleteWebhookRequest) Reset() { + *x = DeleteWebhookRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[32] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteWebhookRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteWebhookRequest) ProtoMessage() {} + +func (x *DeleteWebhookRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[32] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteWebhookRequest.ProtoReflect.Descriptor instead. +func (*DeleteWebhookRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{32} +} + +func (x *DeleteWebhookRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +type DeleteWebhookResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *DeleteWebhookResponse) Reset() { + *x = DeleteWebhookResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[33] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteWebhookResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteWebhookResponse) ProtoMessage() {} + +func (x *DeleteWebhookResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[33] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteWebhookResponse.ProtoReflect.Descriptor instead. +func (*DeleteWebhookResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{33} +} + +func (x *DeleteWebhookResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// GetWebhookRequest mirrors model.WebhookRequest (a single webhook id). It is +// kept distinct from DeleteWebhookRequest per buf's one-message-per-RPC rule. +type GetWebhookRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` +} + +func (x *GetWebhookRequest) Reset() { + *x = GetWebhookRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[34] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *GetWebhookRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetWebhookRequest) ProtoMessage() {} + +func (x *GetWebhookRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[34] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetWebhookRequest.ProtoReflect.Descriptor instead. +func (*GetWebhookRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{34} +} + +func (x *GetWebhookRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +type GetWebhookResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Webhook *Webhook `protobuf:"bytes,1,opt,name=webhook,proto3" json:"webhook,omitempty"` +} + +func (x *GetWebhookResponse) Reset() { + *x = GetWebhookResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[35] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *GetWebhookResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*GetWebhookResponse) ProtoMessage() {} + +func (x *GetWebhookResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[35] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use GetWebhookResponse.ProtoReflect.Descriptor instead. +func (*GetWebhookResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{35} +} + +func (x *GetWebhookResponse) GetWebhook() *Webhook { + if x != nil { + return x.Webhook + } + return nil +} + +type WebhooksRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Pagination *PaginationRequest `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *WebhooksRequest) Reset() { + *x = WebhooksRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[36] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *WebhooksRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WebhooksRequest) ProtoMessage() {} + +func (x *WebhooksRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[36] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WebhooksRequest.ProtoReflect.Descriptor instead. +func (*WebhooksRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{36} +} + +func (x *WebhooksRequest) GetPagination() *PaginationRequest { + if x != nil { + return x.Pagination + } + return nil +} + +type WebhooksResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Webhooks []*Webhook `protobuf:"bytes,1,rep,name=webhooks,proto3" json:"webhooks,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *WebhooksResponse) Reset() { + *x = WebhooksResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[37] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *WebhooksResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WebhooksResponse) ProtoMessage() {} + +func (x *WebhooksResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[37] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WebhooksResponse.ProtoReflect.Descriptor instead. +func (*WebhooksResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{37} +} + +func (x *WebhooksResponse) GetWebhooks() []*Webhook { + if x != nil { + return x.Webhooks + } + return nil +} + +func (x *WebhooksResponse) GetPagination() *Pagination { + if x != nil { + return x.Pagination + } + return nil +} + +// WebhookLogsRequest mirrors model.ListWebhookLogRequest. webhook_id is +// optional; when unset logs for all webhooks are returned. +type WebhookLogsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Pagination *PaginationRequest `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"` + WebhookId *string `protobuf:"bytes,2,opt,name=webhook_id,json=webhookId,proto3,oneof" json:"webhook_id,omitempty"` +} + +func (x *WebhookLogsRequest) Reset() { + *x = WebhookLogsRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[38] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *WebhookLogsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WebhookLogsRequest) ProtoMessage() {} + +func (x *WebhookLogsRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[38] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WebhookLogsRequest.ProtoReflect.Descriptor instead. +func (*WebhookLogsRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{38} +} + +func (x *WebhookLogsRequest) GetPagination() *PaginationRequest { + if x != nil { + return x.Pagination + } + return nil +} + +func (x *WebhookLogsRequest) GetWebhookId() string { + if x != nil && x.WebhookId != nil { + return *x.WebhookId + } + return "" +} + +type WebhookLogsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + WebhookLogs []*WebhookLog `protobuf:"bytes,1,rep,name=webhook_logs,json=webhookLogs,proto3" json:"webhook_logs,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *WebhookLogsResponse) Reset() { + *x = WebhookLogsResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[39] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *WebhookLogsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*WebhookLogsResponse) ProtoMessage() {} + +func (x *WebhookLogsResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[39] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use WebhookLogsResponse.ProtoReflect.Descriptor instead. +func (*WebhookLogsResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{39} +} + +func (x *WebhookLogsResponse) GetWebhookLogs() []*WebhookLog { + if x != nil { + return x.WebhookLogs + } + return nil +} + +func (x *WebhookLogsResponse) GetPagination() *Pagination { + if x != nil { + return x.Pagination + } + return nil +} + +// TestEndpointRequest mirrors model.TestEndpointRequest. event_description is +// optional and unused by the test payload but accepted for parity. +type TestEndpointRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Endpoint string `protobuf:"bytes,1,opt,name=endpoint,proto3" json:"endpoint,omitempty"` + EventName string `protobuf:"bytes,2,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"` + EventDescription *string `protobuf:"bytes,3,opt,name=event_description,json=eventDescription,proto3,oneof" json:"event_description,omitempty"` + Headers *AppData `protobuf:"bytes,4,opt,name=headers,proto3" json:"headers,omitempty"` +} + +func (x *TestEndpointRequest) Reset() { + *x = TestEndpointRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[40] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *TestEndpointRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TestEndpointRequest) ProtoMessage() {} + +func (x *TestEndpointRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[40] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TestEndpointRequest.ProtoReflect.Descriptor instead. +func (*TestEndpointRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{40} +} + +func (x *TestEndpointRequest) GetEndpoint() string { + if x != nil { + return x.Endpoint + } + return "" +} + +func (x *TestEndpointRequest) GetEventName() string { + if x != nil { + return x.EventName + } + return "" +} + +func (x *TestEndpointRequest) GetEventDescription() string { + if x != nil && x.EventDescription != nil { + return *x.EventDescription + } + return "" +} + +func (x *TestEndpointRequest) GetHeaders() *AppData { + if x != nil { + return x.Headers + } + return nil +} + +// TestEndpointResponse mirrors model.TestEndpointResponse. +type TestEndpointResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + HttpStatus int64 `protobuf:"varint,1,opt,name=http_status,json=httpStatus,proto3" json:"http_status,omitempty"` + Response string `protobuf:"bytes,2,opt,name=response,proto3" json:"response,omitempty"` +} + +func (x *TestEndpointResponse) Reset() { + *x = TestEndpointResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[41] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *TestEndpointResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*TestEndpointResponse) ProtoMessage() {} + +func (x *TestEndpointResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[41] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use TestEndpointResponse.ProtoReflect.Descriptor instead. +func (*TestEndpointResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{41} +} + +func (x *TestEndpointResponse) GetHttpStatus() int64 { + if x != nil { + return x.HttpStatus + } + return 0 +} + +func (x *TestEndpointResponse) GetResponse() string { + if x != nil { + return x.Response + } + return "" +} + +// EmailTemplate mirrors model.EmailTemplate field-for-field. +type EmailTemplate struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + EventName string `protobuf:"bytes,2,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"` + Template string `protobuf:"bytes,3,opt,name=template,proto3" json:"template,omitempty"` + Design string `protobuf:"bytes,4,opt,name=design,proto3" json:"design,omitempty"` + Subject string `protobuf:"bytes,5,opt,name=subject,proto3" json:"subject,omitempty"` + CreatedAt int64 `protobuf:"varint,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` + UpdatedAt int64 `protobuf:"varint,7,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"` +} + +func (x *EmailTemplate) Reset() { + *x = EmailTemplate{} + mi := &file_authorizer_v1_admin_proto_msgTypes[42] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EmailTemplate) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EmailTemplate) ProtoMessage() {} + +func (x *EmailTemplate) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[42] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EmailTemplate.ProtoReflect.Descriptor instead. +func (*EmailTemplate) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{42} +} + +func (x *EmailTemplate) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *EmailTemplate) GetEventName() string { + if x != nil { + return x.EventName + } + return "" +} + +func (x *EmailTemplate) GetTemplate() string { + if x != nil { + return x.Template + } + return "" +} + +func (x *EmailTemplate) GetDesign() string { + if x != nil { + return x.Design + } + return "" +} + +func (x *EmailTemplate) GetSubject() string { + if x != nil { + return x.Subject + } + return "" +} + +func (x *EmailTemplate) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + +func (x *EmailTemplate) GetUpdatedAt() int64 { + if x != nil { + return x.UpdatedAt + } + return 0 +} + +// AddEmailTemplateRequest mirrors model.AddEmailTemplateRequest. design is +// optional. +type AddEmailTemplateRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EventName string `protobuf:"bytes,1,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"` + Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` + Template string `protobuf:"bytes,3,opt,name=template,proto3" json:"template,omitempty"` + Design *string `protobuf:"bytes,4,opt,name=design,proto3,oneof" json:"design,omitempty"` +} + +func (x *AddEmailTemplateRequest) Reset() { + *x = AddEmailTemplateRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[43] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AddEmailTemplateRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AddEmailTemplateRequest) ProtoMessage() {} + +func (x *AddEmailTemplateRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[43] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AddEmailTemplateRequest.ProtoReflect.Descriptor instead. +func (*AddEmailTemplateRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{43} +} + +func (x *AddEmailTemplateRequest) GetEventName() string { + if x != nil { + return x.EventName + } + return "" +} + +func (x *AddEmailTemplateRequest) GetSubject() string { + if x != nil { + return x.Subject + } + return "" +} + +func (x *AddEmailTemplateRequest) GetTemplate() string { + if x != nil { + return x.Template + } + return "" +} + +func (x *AddEmailTemplateRequest) GetDesign() string { + if x != nil && x.Design != nil { + return *x.Design + } + return "" +} + +type AddEmailTemplateResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *AddEmailTemplateResponse) Reset() { + *x = AddEmailTemplateResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[44] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AddEmailTemplateResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AddEmailTemplateResponse) ProtoMessage() {} + +func (x *AddEmailTemplateResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[44] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AddEmailTemplateResponse.ProtoReflect.Descriptor instead. +func (*AddEmailTemplateResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{44} +} + +func (x *AddEmailTemplateResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// UpdateEmailTemplateRequest mirrors model.UpdateEmailTemplateRequest. Nullable +// GraphQL inputs use proto3 `optional` so an unset field is distinguishable from +// an empty value. +type UpdateEmailTemplateRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + EventName *string `protobuf:"bytes,2,opt,name=event_name,json=eventName,proto3,oneof" json:"event_name,omitempty"` + Template *string `protobuf:"bytes,3,opt,name=template,proto3,oneof" json:"template,omitempty"` + Subject *string `protobuf:"bytes,4,opt,name=subject,proto3,oneof" json:"subject,omitempty"` + Design *string `protobuf:"bytes,5,opt,name=design,proto3,oneof" json:"design,omitempty"` +} + +func (x *UpdateEmailTemplateRequest) Reset() { + *x = UpdateEmailTemplateRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[45] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateEmailTemplateRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateEmailTemplateRequest) ProtoMessage() {} + +func (x *UpdateEmailTemplateRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[45] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateEmailTemplateRequest.ProtoReflect.Descriptor instead. +func (*UpdateEmailTemplateRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{45} +} + +func (x *UpdateEmailTemplateRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *UpdateEmailTemplateRequest) GetEventName() string { + if x != nil && x.EventName != nil { + return *x.EventName + } + return "" +} + +func (x *UpdateEmailTemplateRequest) GetTemplate() string { + if x != nil && x.Template != nil { + return *x.Template + } + return "" +} + +func (x *UpdateEmailTemplateRequest) GetSubject() string { + if x != nil && x.Subject != nil { + return *x.Subject + } + return "" +} + +func (x *UpdateEmailTemplateRequest) GetDesign() string { + if x != nil && x.Design != nil { + return *x.Design + } + return "" +} + +type UpdateEmailTemplateResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *UpdateEmailTemplateResponse) Reset() { + *x = UpdateEmailTemplateResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[46] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateEmailTemplateResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateEmailTemplateResponse) ProtoMessage() {} + +func (x *UpdateEmailTemplateResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[46] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateEmailTemplateResponse.ProtoReflect.Descriptor instead. +func (*UpdateEmailTemplateResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{46} +} + +func (x *UpdateEmailTemplateResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// DeleteEmailTemplateRequest mirrors model.DeleteEmailTemplateRequest (a single +// email template id). +type DeleteEmailTemplateRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` +} + +func (x *DeleteEmailTemplateRequest) Reset() { + *x = DeleteEmailTemplateRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[47] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteEmailTemplateRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteEmailTemplateRequest) ProtoMessage() {} + +func (x *DeleteEmailTemplateRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[47] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteEmailTemplateRequest.ProtoReflect.Descriptor instead. +func (*DeleteEmailTemplateRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{47} +} + +func (x *DeleteEmailTemplateRequest) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +type DeleteEmailTemplateResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *DeleteEmailTemplateResponse) Reset() { + *x = DeleteEmailTemplateResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[48] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeleteEmailTemplateResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeleteEmailTemplateResponse) ProtoMessage() {} + +func (x *DeleteEmailTemplateResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[48] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeleteEmailTemplateResponse.ProtoReflect.Descriptor instead. +func (*DeleteEmailTemplateResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{48} +} + +func (x *DeleteEmailTemplateResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type EmailTemplatesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Pagination *PaginationRequest `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *EmailTemplatesRequest) Reset() { + *x = EmailTemplatesRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[49] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EmailTemplatesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EmailTemplatesRequest) ProtoMessage() {} + +func (x *EmailTemplatesRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[49] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EmailTemplatesRequest.ProtoReflect.Descriptor instead. +func (*EmailTemplatesRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{49} +} + +func (x *EmailTemplatesRequest) GetPagination() *PaginationRequest { + if x != nil { + return x.Pagination + } + return nil +} + +type EmailTemplatesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + EmailTemplates []*EmailTemplate `protobuf:"bytes,1,rep,name=email_templates,json=emailTemplates,proto3" json:"email_templates,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *EmailTemplatesResponse) Reset() { + *x = EmailTemplatesResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[50] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EmailTemplatesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EmailTemplatesResponse) ProtoMessage() {} + +func (x *EmailTemplatesResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[50] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EmailTemplatesResponse.ProtoReflect.Descriptor instead. +func (*EmailTemplatesResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{50} +} + +func (x *EmailTemplatesResponse) GetEmailTemplates() []*EmailTemplate { + if x != nil { + return x.EmailTemplates + } + return nil +} + +func (x *EmailTemplatesResponse) GetPagination() *Pagination { + if x != nil { + return x.Pagination + } + return nil +} + +// AuditLog mirrors model.AuditLog field-for-field. +type AuditLog struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + ActorId string `protobuf:"bytes,2,opt,name=actor_id,json=actorId,proto3" json:"actor_id,omitempty"` + ActorType string `protobuf:"bytes,3,opt,name=actor_type,json=actorType,proto3" json:"actor_type,omitempty"` + ActorEmail string `protobuf:"bytes,4,opt,name=actor_email,json=actorEmail,proto3" json:"actor_email,omitempty"` + Action string `protobuf:"bytes,5,opt,name=action,proto3" json:"action,omitempty"` + ResourceType string `protobuf:"bytes,6,opt,name=resource_type,json=resourceType,proto3" json:"resource_type,omitempty"` + ResourceId string `protobuf:"bytes,7,opt,name=resource_id,json=resourceId,proto3" json:"resource_id,omitempty"` + IpAddress string `protobuf:"bytes,8,opt,name=ip_address,json=ipAddress,proto3" json:"ip_address,omitempty"` + UserAgent string `protobuf:"bytes,9,opt,name=user_agent,json=userAgent,proto3" json:"user_agent,omitempty"` + Metadata string `protobuf:"bytes,10,opt,name=metadata,proto3" json:"metadata,omitempty"` + CreatedAt int64 `protobuf:"varint,11,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` +} + +func (x *AuditLog) Reset() { + *x = AuditLog{} + mi := &file_authorizer_v1_admin_proto_msgTypes[51] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AuditLog) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuditLog) ProtoMessage() {} + +func (x *AuditLog) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[51] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuditLog.ProtoReflect.Descriptor instead. +func (*AuditLog) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{51} +} + +func (x *AuditLog) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *AuditLog) GetActorId() string { + if x != nil { + return x.ActorId + } + return "" +} + +func (x *AuditLog) GetActorType() string { + if x != nil { + return x.ActorType + } + return "" +} + +func (x *AuditLog) GetActorEmail() string { + if x != nil { + return x.ActorEmail + } + return "" +} + +func (x *AuditLog) GetAction() string { + if x != nil { + return x.Action + } + return "" +} + +func (x *AuditLog) GetResourceType() string { + if x != nil { + return x.ResourceType + } + return "" +} + +func (x *AuditLog) GetResourceId() string { + if x != nil { + return x.ResourceId + } + return "" +} + +func (x *AuditLog) GetIpAddress() string { + if x != nil { + return x.IpAddress + } + return "" +} + +func (x *AuditLog) GetUserAgent() string { + if x != nil { + return x.UserAgent + } + return "" +} + +func (x *AuditLog) GetMetadata() string { + if x != nil { + return x.Metadata + } + return "" +} + +func (x *AuditLog) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + +// AuditLogsRequest mirrors model.ListAuditLogRequest. All filter fields are +// optional; when unset no filtering is applied for that field. +type AuditLogsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Pagination *PaginationRequest `protobuf:"bytes,1,opt,name=pagination,proto3" json:"pagination,omitempty"` + Action *string `protobuf:"bytes,2,opt,name=action,proto3,oneof" json:"action,omitempty"` + ActorId *string `protobuf:"bytes,3,opt,name=actor_id,json=actorId,proto3,oneof" json:"actor_id,omitempty"` + ResourceType *string `protobuf:"bytes,4,opt,name=resource_type,json=resourceType,proto3,oneof" json:"resource_type,omitempty"` + ResourceId *string `protobuf:"bytes,5,opt,name=resource_id,json=resourceId,proto3,oneof" json:"resource_id,omitempty"` + FromTimestamp *int64 `protobuf:"varint,6,opt,name=from_timestamp,json=fromTimestamp,proto3,oneof" json:"from_timestamp,omitempty"` + ToTimestamp *int64 `protobuf:"varint,7,opt,name=to_timestamp,json=toTimestamp,proto3,oneof" json:"to_timestamp,omitempty"` +} + +func (x *AuditLogsRequest) Reset() { + *x = AuditLogsRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[52] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AuditLogsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuditLogsRequest) ProtoMessage() {} + +func (x *AuditLogsRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[52] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuditLogsRequest.ProtoReflect.Descriptor instead. +func (*AuditLogsRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{52} +} + +func (x *AuditLogsRequest) GetPagination() *PaginationRequest { + if x != nil { + return x.Pagination + } + return nil +} + +func (x *AuditLogsRequest) GetAction() string { + if x != nil && x.Action != nil { + return *x.Action + } + return "" +} + +func (x *AuditLogsRequest) GetActorId() string { + if x != nil && x.ActorId != nil { + return *x.ActorId + } + return "" +} + +func (x *AuditLogsRequest) GetResourceType() string { + if x != nil && x.ResourceType != nil { + return *x.ResourceType + } + return "" +} + +func (x *AuditLogsRequest) GetResourceId() string { + if x != nil && x.ResourceId != nil { + return *x.ResourceId + } + return "" +} + +func (x *AuditLogsRequest) GetFromTimestamp() int64 { + if x != nil && x.FromTimestamp != nil { + return *x.FromTimestamp + } + return 0 +} + +func (x *AuditLogsRequest) GetToTimestamp() int64 { + if x != nil && x.ToTimestamp != nil { + return *x.ToTimestamp + } + return 0 +} + +type AuditLogsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + AuditLogs []*AuditLog `protobuf:"bytes,1,rep,name=audit_logs,json=auditLogs,proto3" json:"audit_logs,omitempty"` + Pagination *Pagination `protobuf:"bytes,2,opt,name=pagination,proto3" json:"pagination,omitempty"` +} + +func (x *AuditLogsResponse) Reset() { + *x = AuditLogsResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[53] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AuditLogsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuditLogsResponse) ProtoMessage() {} + +func (x *AuditLogsResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[53] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuditLogsResponse.ProtoReflect.Descriptor instead. +func (*AuditLogsResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{53} +} + +func (x *AuditLogsResponse) GetAuditLogs() []*AuditLog { + if x != nil { + return x.AuditLogs + } + return nil +} + +func (x *AuditLogsResponse) GetPagination() *Pagination { + if x != nil { + return x.Pagination + } + return nil +} + +// FgaModel is a fine-grained authorization model: its id and DSL form. Mirrors +// model.FgaModel field-for-field. An empty model (both fields empty) is the +// valid "no model written yet" state. +type FgaModel struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + Dsl string `protobuf:"bytes,2,opt,name=dsl,proto3" json:"dsl,omitempty"` +} + +func (x *FgaModel) Reset() { + *x = FgaModel{} + mi := &file_authorizer_v1_admin_proto_msgTypes[54] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaModel) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaModel) ProtoMessage() {} + +func (x *FgaModel) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[54] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaModel.ProtoReflect.Descriptor instead. +func (*FgaModel) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{54} +} + +func (x *FgaModel) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *FgaModel) GetDsl() string { + if x != nil { + return x.Dsl + } + return "" +} + +// FgaTuple is one persisted relationship tuple returned by FgaReadTuples. +// Mirrors model.FgaTuple field-for-field (the read shape; writes use the shared +// FgaTupleInput). +type FgaTuple struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + User string `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` + Object string `protobuf:"bytes,3,opt,name=object,proto3" json:"object,omitempty"` +} + +func (x *FgaTuple) Reset() { + *x = FgaTuple{} + mi := &file_authorizer_v1_admin_proto_msgTypes[55] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaTuple) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaTuple) ProtoMessage() {} + +func (x *FgaTuple) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[55] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaTuple.ProtoReflect.Descriptor instead. +func (*FgaTuple) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{55} +} + +func (x *FgaTuple) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +func (x *FgaTuple) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *FgaTuple) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +// FgaGetModelRequest takes no parameters; the active model is implied. +type FgaGetModelRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *FgaGetModelRequest) Reset() { + *x = FgaGetModelRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[56] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaGetModelRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaGetModelRequest) ProtoMessage() {} + +func (x *FgaGetModelRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[56] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaGetModelRequest.ProtoReflect.Descriptor instead. +func (*FgaGetModelRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{56} +} + +type FgaGetModelResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Model *FgaModel `protobuf:"bytes,1,opt,name=model,proto3" json:"model,omitempty"` +} + +func (x *FgaGetModelResponse) Reset() { + *x = FgaGetModelResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[57] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaGetModelResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaGetModelResponse) ProtoMessage() {} + +func (x *FgaGetModelResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[57] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaGetModelResponse.ProtoReflect.Descriptor instead. +func (*FgaGetModelResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{57} +} + +func (x *FgaGetModelResponse) GetModel() *FgaModel { + if x != nil { + return x.Model + } + return nil +} + +// FgaWriteModelRequest mirrors model.FgaWriteModelInput (the model DSL). +type FgaWriteModelRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Dsl string `protobuf:"bytes,1,opt,name=dsl,proto3" json:"dsl,omitempty"` +} + +func (x *FgaWriteModelRequest) Reset() { + *x = FgaWriteModelRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[58] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaWriteModelRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaWriteModelRequest) ProtoMessage() {} + +func (x *FgaWriteModelRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[58] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaWriteModelRequest.ProtoReflect.Descriptor instead. +func (*FgaWriteModelRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{58} +} + +func (x *FgaWriteModelRequest) GetDsl() string { + if x != nil { + return x.Dsl + } + return "" +} + +type FgaWriteModelResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Model *FgaModel `protobuf:"bytes,1,opt,name=model,proto3" json:"model,omitempty"` +} + +func (x *FgaWriteModelResponse) Reset() { + *x = FgaWriteModelResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[59] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaWriteModelResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaWriteModelResponse) ProtoMessage() {} + +func (x *FgaWriteModelResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[59] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaWriteModelResponse.ProtoReflect.Descriptor instead. +func (*FgaWriteModelResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{59} +} + +func (x *FgaWriteModelResponse) GetModel() *FgaModel { + if x != nil { + return x.Model + } + return nil +} + +// FgaWriteTuplesRequest mirrors model.FgaWriteTuplesInput, reusing the shared +// FgaTupleInput message. +type FgaWriteTuplesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Tuples []*FgaTupleInput `protobuf:"bytes,1,rep,name=tuples,proto3" json:"tuples,omitempty"` +} + +func (x *FgaWriteTuplesRequest) Reset() { + *x = FgaWriteTuplesRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[60] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaWriteTuplesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaWriteTuplesRequest) ProtoMessage() {} + +func (x *FgaWriteTuplesRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[60] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaWriteTuplesRequest.ProtoReflect.Descriptor instead. +func (*FgaWriteTuplesRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{60} +} + +func (x *FgaWriteTuplesRequest) GetTuples() []*FgaTupleInput { + if x != nil { + return x.Tuples + } + return nil +} + +type FgaWriteTuplesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *FgaWriteTuplesResponse) Reset() { + *x = FgaWriteTuplesResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[61] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaWriteTuplesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaWriteTuplesResponse) ProtoMessage() {} + +func (x *FgaWriteTuplesResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[61] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaWriteTuplesResponse.ProtoReflect.Descriptor instead. +func (*FgaWriteTuplesResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{61} +} + +func (x *FgaWriteTuplesResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// FgaDeleteTuplesRequest mirrors model.FgaWriteTuplesInput (same shape as a +// write; the tuples to remove). +type FgaDeleteTuplesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Tuples []*FgaTupleInput `protobuf:"bytes,1,rep,name=tuples,proto3" json:"tuples,omitempty"` +} + +func (x *FgaDeleteTuplesRequest) Reset() { + *x = FgaDeleteTuplesRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[62] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaDeleteTuplesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaDeleteTuplesRequest) ProtoMessage() {} + +func (x *FgaDeleteTuplesRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[62] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaDeleteTuplesRequest.ProtoReflect.Descriptor instead. +func (*FgaDeleteTuplesRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{62} +} + +func (x *FgaDeleteTuplesRequest) GetTuples() []*FgaTupleInput { + if x != nil { + return x.Tuples + } + return nil +} + +type FgaDeleteTuplesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *FgaDeleteTuplesResponse) Reset() { + *x = FgaDeleteTuplesResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[63] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaDeleteTuplesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaDeleteTuplesResponse) ProtoMessage() {} + +func (x *FgaDeleteTuplesResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[63] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaDeleteTuplesResponse.ProtoReflect.Descriptor instead. +func (*FgaDeleteTuplesResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{63} +} + +func (x *FgaDeleteTuplesResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +// FgaReadTuplesRequest mirrors model.FgaReadTuplesInput. All filter fields are +// optional; an empty filter reads all tuples (paginated). +type FgaReadTuplesRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + User *string `protobuf:"bytes,1,opt,name=user,proto3,oneof" json:"user,omitempty"` + Relation *string `protobuf:"bytes,2,opt,name=relation,proto3,oneof" json:"relation,omitempty"` + Object *string `protobuf:"bytes,3,opt,name=object,proto3,oneof" json:"object,omitempty"` + PageSize *int64 `protobuf:"varint,4,opt,name=page_size,json=pageSize,proto3,oneof" json:"page_size,omitempty"` + ContinuationToken *string `protobuf:"bytes,5,opt,name=continuation_token,json=continuationToken,proto3,oneof" json:"continuation_token,omitempty"` +} + +func (x *FgaReadTuplesRequest) Reset() { + *x = FgaReadTuplesRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[64] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaReadTuplesRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaReadTuplesRequest) ProtoMessage() {} + +func (x *FgaReadTuplesRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[64] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaReadTuplesRequest.ProtoReflect.Descriptor instead. +func (*FgaReadTuplesRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{64} +} + +func (x *FgaReadTuplesRequest) GetUser() string { + if x != nil && x.User != nil { + return *x.User + } + return "" +} + +func (x *FgaReadTuplesRequest) GetRelation() string { + if x != nil && x.Relation != nil { + return *x.Relation + } + return "" +} + +func (x *FgaReadTuplesRequest) GetObject() string { + if x != nil && x.Object != nil { + return *x.Object + } + return "" +} + +func (x *FgaReadTuplesRequest) GetPageSize() int64 { + if x != nil && x.PageSize != nil { + return *x.PageSize + } + return 0 +} + +func (x *FgaReadTuplesRequest) GetContinuationToken() string { + if x != nil && x.ContinuationToken != nil { + return *x.ContinuationToken + } + return "" +} + +type FgaReadTuplesResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Tuples []*FgaTuple `protobuf:"bytes,1,rep,name=tuples,proto3" json:"tuples,omitempty"` + ContinuationToken *string `protobuf:"bytes,2,opt,name=continuation_token,json=continuationToken,proto3,oneof" json:"continuation_token,omitempty"` +} + +func (x *FgaReadTuplesResponse) Reset() { + *x = FgaReadTuplesResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[65] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaReadTuplesResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaReadTuplesResponse) ProtoMessage() {} + +func (x *FgaReadTuplesResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[65] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaReadTuplesResponse.ProtoReflect.Descriptor instead. +func (*FgaReadTuplesResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{65} +} + +func (x *FgaReadTuplesResponse) GetTuples() []*FgaTuple { + if x != nil { + return x.Tuples + } + return nil +} + +func (x *FgaReadTuplesResponse) GetContinuationToken() string { + if x != nil && x.ContinuationToken != nil { + return *x.ContinuationToken + } + return "" +} + +// FgaListUsersRequest mirrors model.FgaListUsersInput. +type FgaListUsersRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Object string `protobuf:"bytes,1,opt,name=object,proto3" json:"object,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` + UserType string `protobuf:"bytes,3,opt,name=user_type,json=userType,proto3" json:"user_type,omitempty"` +} + +func (x *FgaListUsersRequest) Reset() { + *x = FgaListUsersRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[66] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaListUsersRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaListUsersRequest) ProtoMessage() {} + +func (x *FgaListUsersRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[66] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaListUsersRequest.ProtoReflect.Descriptor instead. +func (*FgaListUsersRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{66} +} + +func (x *FgaListUsersRequest) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +func (x *FgaListUsersRequest) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *FgaListUsersRequest) GetUserType() string { + if x != nil { + return x.UserType + } + return "" +} + +type FgaListUsersResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Users []string `protobuf:"bytes,1,rep,name=users,proto3" json:"users,omitempty"` +} + +func (x *FgaListUsersResponse) Reset() { + *x = FgaListUsersResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[67] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaListUsersResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaListUsersResponse) ProtoMessage() {} + +func (x *FgaListUsersResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[67] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaListUsersResponse.ProtoReflect.Descriptor instead. +func (*FgaListUsersResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{67} +} + +func (x *FgaListUsersResponse) GetUsers() []string { + if x != nil { + return x.Users + } + return nil +} + +// FgaExpandRequest mirrors model.FgaExpandInput. +type FgaExpandRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` + Object string `protobuf:"bytes,2,opt,name=object,proto3" json:"object,omitempty"` +} + +func (x *FgaExpandRequest) Reset() { + *x = FgaExpandRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[68] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaExpandRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaExpandRequest) ProtoMessage() {} + +func (x *FgaExpandRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[68] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaExpandRequest.ProtoReflect.Descriptor instead. +func (*FgaExpandRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{68} +} + +func (x *FgaExpandRequest) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *FgaExpandRequest) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +type FgaExpandResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Tree string `protobuf:"bytes,1,opt,name=tree,proto3" json:"tree,omitempty"` +} + +func (x *FgaExpandResponse) Reset() { + *x = FgaExpandResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[69] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaExpandResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaExpandResponse) ProtoMessage() {} + +func (x *FgaExpandResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[69] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaExpandResponse.ProtoReflect.Descriptor instead. +func (*FgaExpandResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{69} +} + +func (x *FgaExpandResponse) GetTree() string { + if x != nil { + return x.Tree + } + return "" +} + +// FgaResetRequest takes no parameters; the whole store is reset. +type FgaResetRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *FgaResetRequest) Reset() { + *x = FgaResetRequest{} + mi := &file_authorizer_v1_admin_proto_msgTypes[70] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaResetRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaResetRequest) ProtoMessage() {} + +func (x *FgaResetRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[70] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaResetRequest.ProtoReflect.Descriptor instead. +func (*FgaResetRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{70} +} + +type FgaResetResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *FgaResetResponse) Reset() { + *x = FgaResetResponse{} + mi := &file_authorizer_v1_admin_proto_msgTypes[71] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaResetResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaResetResponse) ProtoMessage() {} + +func (x *FgaResetResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_admin_proto_msgTypes[71] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaResetResponse.ProtoReflect.Descriptor instead. +func (*FgaResetResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_admin_proto_rawDescGZIP(), []int{71} +} + +func (x *FgaResetResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +var File_authorizer_v1_admin_proto protoreflect.FileDescriptor + +var file_authorizer_v1_admin_proto_rawDesc = []byte{ + 0x0a, 0x19, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1a, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, + 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x1a, 0x1b, 0x62, 0x75, 0x66, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, + 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, + 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, + 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x3f, 0x0a, + 0x11, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x2a, 0x0a, 0x0c, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x5f, 0x73, 0x65, 0x63, 0x72, + 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, + 0x01, 0x52, 0x0b, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x22, 0x2e, + 0x0a, 0x12, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x14, + 0x0a, 0x12, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x22, 0x2f, 0x0a, 0x13, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, + 0x6f, 0x75, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x15, 0x0a, 0x13, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, + 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x30, 0x0a, 0x14, + 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x12, + 0x0a, 0x10, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x22, 0x4c, 0x0a, 0x11, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x61, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x37, 0x0a, 0x0a, 0x61, 0x64, 0x6d, 0x69, 0x6e, + 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x18, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, + 0x6e, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x09, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x61, + 0x22, 0x6f, 0x0a, 0x09, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x14, 0x0a, + 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x72, 0x6f, + 0x6c, 0x65, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x72, + 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, + 0x75, 0x6c, 0x74, 0x52, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x74, + 0x65, 0x63, 0x74, 0x65, 0x64, 0x5f, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64, 0x52, 0x6f, 0x6c, 0x65, + 0x73, 0x22, 0x50, 0x0a, 0x0c, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x40, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x22, 0x75, 0x0a, 0x0d, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x29, 0x0a, 0x05, 0x75, 0x73, 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x05, 0x75, 0x73, 0x65, 0x72, 0x73, 0x12, + 0x39, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, + 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x33, 0x0a, 0x0b, 0x55, 0x73, + 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, + 0x69, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x22, + 0x37, 0x0a, 0x0c, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x27, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, + 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x9c, 0x06, 0x0a, 0x11, 0x55, 0x70, 0x64, + 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x17, + 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, + 0x02, 0x10, 0x01, 0x52, 0x02, 0x69, 0x64, 0x12, 0x19, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x88, + 0x01, 0x01, 0x12, 0x2a, 0x0a, 0x0e, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x76, 0x65, 0x72, 0x69, + 0x66, 0x69, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x48, 0x01, 0x52, 0x0d, 0x65, 0x6d, + 0x61, 0x69, 0x6c, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x88, 0x01, 0x01, 0x12, 0x22, + 0x0a, 0x0a, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x48, 0x02, 0x52, 0x09, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x88, + 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x03, 0x52, 0x0a, 0x66, 0x61, 0x6d, 0x69, 0x6c, + 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x6d, 0x69, 0x64, 0x64, + 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x48, 0x04, 0x52, + 0x0a, 0x6d, 0x69, 0x64, 0x64, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x1f, + 0x0a, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, + 0x48, 0x05, 0x52, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, + 0x1b, 0x0a, 0x06, 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x06, 0x52, 0x06, 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x21, 0x0a, 0x09, + 0x62, 0x69, 0x72, 0x74, 0x68, 0x64, 0x61, 0x74, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x07, 0x52, 0x09, 0x62, 0x69, 0x72, 0x74, 0x68, 0x64, 0x61, 0x74, 0x65, 0x88, 0x01, 0x01, 0x12, + 0x26, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, + 0x0a, 0x20, 0x01, 0x28, 0x09, 0x48, 0x08, 0x52, 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x37, 0x0a, 0x15, 0x70, 0x68, 0x6f, 0x6e, 0x65, + 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, + 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x48, 0x09, 0x52, 0x13, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, + 0x75, 0x6d, 0x62, 0x65, 0x72, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x88, 0x01, 0x01, + 0x12, 0x1d, 0x0a, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, + 0x09, 0x48, 0x0a, 0x52, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x88, 0x01, 0x01, 0x12, + 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, + 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x43, 0x0a, 0x1c, 0x69, 0x73, 0x5f, 0x6d, 0x75, 0x6c, 0x74, + 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x65, 0x6e, + 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x08, 0x48, 0x0b, 0x52, 0x18, 0x69, + 0x73, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x41, 0x75, 0x74, 0x68, + 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x88, 0x01, 0x01, 0x12, 0x31, 0x0a, 0x08, 0x61, 0x70, + 0x70, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x70, + 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x61, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x42, 0x08, 0x0a, + 0x06, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x42, 0x11, 0x0a, 0x0f, 0x5f, 0x65, 0x6d, 0x61, 0x69, + 0x6c, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x67, + 0x69, 0x76, 0x65, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x66, 0x61, + 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x0e, 0x0a, 0x0c, 0x5f, 0x6d, 0x69, + 0x64, 0x64, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x6e, 0x69, + 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x09, 0x0a, 0x07, 0x5f, 0x67, 0x65, 0x6e, 0x64, 0x65, + 0x72, 0x42, 0x0c, 0x0a, 0x0a, 0x5f, 0x62, 0x69, 0x72, 0x74, 0x68, 0x64, 0x61, 0x74, 0x65, 0x42, + 0x0f, 0x0a, 0x0d, 0x5f, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, + 0x42, 0x18, 0x0a, 0x16, 0x5f, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, + 0x72, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x42, 0x0a, 0x0a, 0x08, 0x5f, 0x70, + 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x42, 0x1f, 0x0a, 0x1d, 0x5f, 0x69, 0x73, 0x5f, 0x6d, 0x75, + 0x6c, 0x74, 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, + 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0x3d, 0x0a, 0x12, 0x55, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x27, 0x0a, + 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, + 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x32, 0x0a, 0x11, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1d, 0x0a, 0x05, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, + 0x02, 0x10, 0x01, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x22, 0x2e, 0x0a, 0x12, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x5f, 0x0a, 0x1b, 0x56, 0x65, + 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, 0x0a, 0x0a, 0x70, 0x61, 0x67, + 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, + 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, + 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xb2, 0x01, 0x0a, 0x1c, + 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x57, 0x0a, 0x15, + 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x22, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, 0x69, + 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, + 0x14, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x22, 0x82, 0x02, 0x0a, 0x13, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1e, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, + 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x69, 0x64, + 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, + 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x14, + 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x03, 0x52, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x12, 0x1d, + 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x06, 0x20, 0x01, + 0x28, 0x03, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1d, 0x0a, + 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, + 0x03, 0x52, 0x09, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x14, 0x0a, 0x05, + 0x6e, 0x6f, 0x6e, 0x63, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6e, 0x6f, 0x6e, + 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x75, + 0x72, 0x69, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, + 0x63, 0x74, 0x55, 0x72, 0x69, 0x22, 0x37, 0x0a, 0x13, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x41, + 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x20, 0x0a, 0x07, + 0x75, 0x73, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, + 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x22, 0x30, + 0x0a, 0x14, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, + 0x22, 0x37, 0x0a, 0x13, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x20, 0x0a, 0x07, 0x75, 0x73, 0x65, 0x72, 0x5f, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, + 0x01, 0x52, 0x06, 0x75, 0x73, 0x65, 0x72, 0x49, 0x64, 0x22, 0x30, 0x0a, 0x14, 0x45, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x67, 0x0a, 0x14, 0x49, + 0x6e, 0x76, 0x69, 0x74, 0x65, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x73, 0x18, 0x01, 0x20, + 0x03, 0x28, 0x09, 0x52, 0x06, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x73, 0x12, 0x26, 0x0a, 0x0c, 0x72, + 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x48, 0x00, 0x52, 0x0b, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x55, 0x72, 0x69, + 0x88, 0x01, 0x01, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, + 0x5f, 0x75, 0x72, 0x69, 0x22, 0x5c, 0x0a, 0x15, 0x49, 0x6e, 0x76, 0x69, 0x74, 0x65, 0x4d, 0x65, + 0x6d, 0x62, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, + 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, + 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x29, 0x0a, 0x05, 0x75, 0x73, 0x65, 0x72, 0x73, + 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x05, 0x75, 0x73, 0x65, + 0x72, 0x73, 0x22, 0x8b, 0x02, 0x0a, 0x07, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x12, 0x0e, + 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, + 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x2b, 0x0a, + 0x11, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x44, + 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x6e, + 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x6e, + 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, + 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, + 0x12, 0x30, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x41, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, + 0x72, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, + 0x18, 0x07, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, + 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, + 0x08, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, + 0x22, 0xd0, 0x01, 0x0a, 0x0a, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x12, + 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, + 0x1f, 0x0a, 0x0b, 0x68, 0x74, 0x74, 0x70, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, + 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x72, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, + 0x6b, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x77, 0x65, 0x62, 0x68, + 0x6f, 0x6f, 0x6b, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, + 0x5f, 0x61, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, + 0x65, 0x64, 0x41, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x5f, + 0x61, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x64, 0x41, 0x74, 0x22, 0xf4, 0x01, 0x0a, 0x11, 0x41, 0x64, 0x64, 0x57, 0x65, 0x62, 0x68, 0x6f, + 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x26, 0x0a, 0x0a, 0x65, 0x76, 0x65, + 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, + 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, + 0x65, 0x12, 0x30, 0x0a, 0x11, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x10, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x88, 0x01, 0x01, 0x12, 0x23, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x08, + 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, + 0x6c, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, + 0x65, 0x64, 0x12, 0x30, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x68, 0x65, 0x61, + 0x64, 0x65, 0x72, 0x73, 0x42, 0x14, 0x0a, 0x12, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x64, + 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x2e, 0x0a, 0x12, 0x41, 0x64, + 0x64, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0xb5, 0x02, 0x0a, 0x14, 0x55, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x17, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x02, 0x69, 0x64, 0x12, 0x22, 0x0a, 0x0a, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x48, 0x00, 0x52, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, + 0x12, 0x30, 0x0a, 0x11, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, 0x52, 0x10, 0x65, + 0x76, 0x65, 0x6e, 0x74, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x88, + 0x01, 0x01, 0x12, 0x1f, 0x0a, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, + 0x88, 0x01, 0x01, 0x12, 0x1d, 0x0a, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x08, 0x48, 0x03, 0x52, 0x07, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x88, + 0x01, 0x01, 0x12, 0x30, 0x0a, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x68, 0x65, 0x61, + 0x64, 0x65, 0x72, 0x73, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, + 0x61, 0x6d, 0x65, 0x42, 0x14, 0x0a, 0x12, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x64, 0x65, + 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x65, 0x6e, + 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x42, 0x0a, 0x0a, 0x08, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, + 0x65, 0x64, 0x22, 0x31, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x57, 0x65, 0x62, 0x68, + 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x2f, 0x0a, 0x14, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x57, + 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x17, 0x0a, + 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, + 0x10, 0x01, 0x52, 0x02, 0x69, 0x64, 0x22, 0x31, 0x0a, 0x15, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x2c, 0x0a, 0x11, 0x47, 0x65, 0x74, + 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x17, + 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, + 0x02, 0x10, 0x01, 0x52, 0x02, 0x69, 0x64, 0x22, 0x46, 0x0a, 0x12, 0x47, 0x65, 0x74, 0x57, 0x65, + 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x30, 0x0a, + 0x07, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x57, + 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x07, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x22, + 0x53, 0x0a, 0x0f, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x40, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x81, 0x01, 0x0a, 0x10, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x32, 0x0a, 0x08, 0x77, 0x65, 0x62, + 0x68, 0x6f, 0x6f, 0x6b, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x65, 0x62, 0x68, + 0x6f, 0x6f, 0x6b, 0x52, 0x08, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x73, 0x12, 0x39, 0x0a, + 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x70, 0x61, + 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x89, 0x01, 0x0a, 0x12, 0x57, 0x65, 0x62, + 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x40, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x12, 0x22, 0x0a, 0x0a, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x5f, 0x69, 0x64, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x09, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, + 0x49, 0x64, 0x88, 0x01, 0x01, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, + 0x6b, 0x5f, 0x69, 0x64, 0x22, 0x8e, 0x01, 0x0a, 0x13, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, + 0x4c, 0x6f, 0x67, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x3c, 0x0a, 0x0c, + 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x5f, 0x6c, 0x6f, 0x67, 0x73, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x52, 0x0b, 0x77, + 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x73, 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x61, + 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, + 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xdc, 0x01, 0x0a, 0x13, 0x54, 0x65, 0x73, 0x74, 0x45, 0x6e, + 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x23, 0x0a, + 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x08, 0x65, 0x6e, 0x64, 0x70, 0x6f, 0x69, + 0x6e, 0x74, 0x12, 0x26, 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, + 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x30, 0x0a, 0x11, 0x65, 0x76, + 0x65, 0x6e, 0x74, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x10, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x44, 0x65, + 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x12, 0x30, 0x0a, 0x07, + 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, + 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x42, 0x14, + 0x0a, 0x12, 0x5f, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x53, 0x0a, 0x14, 0x54, 0x65, 0x73, 0x74, 0x45, 0x6e, 0x64, 0x70, + 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x1f, 0x0a, 0x0b, + 0x68, 0x74, 0x74, 0x70, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x03, 0x52, 0x0a, 0x68, 0x74, 0x74, 0x70, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x1a, 0x0a, + 0x08, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x08, 0x72, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0xca, 0x01, 0x0a, 0x0d, 0x45, 0x6d, + 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x0e, 0x0a, 0x02, 0x69, + 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x65, + 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x74, 0x65, + 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x74, 0x65, + 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x12, 0x18, + 0x0a, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x63, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x63, 0x72, + 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x75, 0x70, 0x64, + 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x22, 0xb1, 0x01, 0x0a, 0x17, 0x41, 0x64, 0x64, 0x45, 0x6d, + 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x26, 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, + 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x21, 0x0a, 0x07, 0x73, 0x75, + 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, + 0x72, 0x02, 0x10, 0x01, 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x23, 0x0a, + 0x08, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x08, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, + 0x74, 0x65, 0x12, 0x1b, 0x0a, 0x06, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x88, 0x01, 0x01, 0x42, + 0x09, 0x0a, 0x07, 0x5f, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x22, 0x34, 0x0a, 0x18, 0x41, 0x64, + 0x64, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, + 0x22, 0xe9, 0x01, 0x0a, 0x1a, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, + 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, + 0x17, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, + 0x72, 0x02, 0x10, 0x01, 0x52, 0x02, 0x69, 0x64, 0x12, 0x22, 0x0a, 0x0a, 0x65, 0x76, 0x65, 0x6e, + 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x09, + 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x88, 0x01, 0x01, 0x12, 0x1f, 0x0a, 0x08, + 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, 0x01, + 0x52, 0x08, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x88, 0x01, 0x01, 0x12, 0x1d, 0x0a, + 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, + 0x52, 0x07, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x88, 0x01, 0x01, 0x12, 0x1b, 0x0a, 0x06, + 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x03, 0x52, 0x06, + 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x0d, 0x0a, 0x0b, 0x5f, 0x65, 0x76, + 0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x0b, 0x0a, 0x09, 0x5f, 0x74, 0x65, 0x6d, + 0x70, 0x6c, 0x61, 0x74, 0x65, 0x42, 0x0a, 0x0a, 0x08, 0x5f, 0x73, 0x75, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x42, 0x09, 0x0a, 0x07, 0x5f, 0x64, 0x65, 0x73, 0x69, 0x67, 0x6e, 0x22, 0x37, 0x0a, 0x1b, + 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, + 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x35, 0x0a, 0x1a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, + 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x12, 0x17, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x02, 0x69, 0x64, 0x22, 0x37, 0x0a, 0x1b, + 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, + 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x59, 0x0a, 0x15, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, + 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x40, + 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x22, 0x9a, 0x01, 0x0a, 0x16, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, + 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x45, 0x0a, 0x0f, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x18, 0x01, + 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, + 0x74, 0x65, 0x52, 0x0e, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, + 0x65, 0x73, 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0xcc, 0x02, + 0x0a, 0x08, 0x41, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x19, 0x0a, 0x08, 0x61, 0x63, + 0x74, 0x6f, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x61, 0x63, + 0x74, 0x6f, 0x72, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x74, + 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x61, 0x63, 0x74, 0x6f, 0x72, + 0x54, 0x79, 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x65, 0x6d, + 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x63, 0x74, 0x6f, 0x72, + 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x23, 0x0a, + 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x06, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, + 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, + 0x64, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x70, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, + 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x69, 0x70, 0x41, 0x64, 0x64, 0x72, 0x65, + 0x73, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x61, 0x67, 0x65, 0x6e, 0x74, + 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x75, 0x73, 0x65, 0x72, 0x41, 0x67, 0x65, 0x6e, + 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x18, 0x0a, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x08, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x1d, 0x0a, + 0x0a, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, + 0x03, 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x22, 0x93, 0x03, 0x0a, + 0x10, 0x41, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x40, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x52, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, + 0x12, 0x1e, 0x0a, 0x08, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x48, 0x01, 0x52, 0x07, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x49, 0x64, 0x88, 0x01, 0x01, + 0x12, 0x28, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, + 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x02, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x88, 0x01, 0x01, 0x12, 0x24, 0x0a, 0x0b, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x03, 0x52, 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x88, 0x01, 0x01, + 0x12, 0x2a, 0x0a, 0x0e, 0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, + 0x6d, 0x70, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x48, 0x04, 0x52, 0x0d, 0x66, 0x72, 0x6f, 0x6d, + 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x88, 0x01, 0x01, 0x12, 0x26, 0x0a, 0x0c, + 0x74, 0x6f, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x07, 0x20, 0x01, + 0x28, 0x03, 0x48, 0x05, 0x52, 0x0b, 0x74, 0x6f, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, + 0x70, 0x88, 0x01, 0x01, 0x42, 0x09, 0x0a, 0x07, 0x5f, 0x61, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x42, + 0x0b, 0x0a, 0x09, 0x5f, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x69, 0x64, 0x42, 0x10, 0x0a, 0x0e, + 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x42, 0x0e, + 0x0a, 0x0c, 0x5f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x42, 0x11, + 0x0a, 0x0f, 0x5f, 0x66, 0x72, 0x6f, 0x6d, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, + 0x70, 0x42, 0x0f, 0x0a, 0x0d, 0x5f, 0x74, 0x6f, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, + 0x6d, 0x70, 0x22, 0x86, 0x01, 0x0a, 0x11, 0x41, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x36, 0x0a, 0x0a, 0x61, 0x75, 0x64, 0x69, + 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x64, + 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x52, 0x09, 0x61, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x73, + 0x12, 0x39, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x0a, 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x2c, 0x0a, 0x08, 0x46, + 0x67, 0x61, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x10, 0x0a, 0x03, 0x64, 0x73, 0x6c, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x64, 0x73, 0x6c, 0x22, 0x52, 0x0a, 0x08, 0x46, 0x67, 0x61, + 0x54, 0x75, 0x70, 0x6c, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x14, 0x0a, + 0x12, 0x46, 0x67, 0x61, 0x47, 0x65, 0x74, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x22, 0x44, 0x0a, 0x13, 0x46, 0x67, 0x61, 0x47, 0x65, 0x74, 0x4d, 0x6f, 0x64, + 0x65, 0x6c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2d, 0x0a, 0x05, 0x6d, 0x6f, + 0x64, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x4d, 0x6f, 0x64, + 0x65, 0x6c, 0x52, 0x05, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x22, 0x31, 0x0a, 0x14, 0x46, 0x67, 0x61, + 0x57, 0x72, 0x69, 0x74, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x19, 0x0a, 0x03, 0x64, 0x73, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, + 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x03, 0x64, 0x73, 0x6c, 0x22, 0x46, 0x0a, 0x15, + 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, 0x74, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x2d, 0x0a, 0x05, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x05, 0x6d, + 0x6f, 0x64, 0x65, 0x6c, 0x22, 0x4d, 0x0a, 0x15, 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, 0x74, 0x65, + 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x34, 0x0a, + 0x06, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, + 0x61, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x52, 0x06, 0x74, 0x75, 0x70, + 0x6c, 0x65, 0x73, 0x22, 0x32, 0x0a, 0x16, 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, 0x74, 0x65, 0x54, + 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, + 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, + 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x4e, 0x0a, 0x16, 0x46, 0x67, 0x61, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x34, 0x0a, 0x06, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x46, 0x67, 0x61, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x52, + 0x06, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x22, 0x33, 0x0a, 0x17, 0x46, 0x67, 0x61, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x89, 0x02, 0x0a, + 0x14, 0x46, 0x67, 0x61, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x17, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x88, 0x01, 0x01, 0x12, 0x1f, + 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x48, 0x01, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x88, 0x01, 0x01, 0x12, + 0x1b, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x02, 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x88, 0x01, 0x01, 0x12, 0x20, 0x0a, 0x09, + 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x48, + 0x03, 0x52, 0x08, 0x70, 0x61, 0x67, 0x65, 0x53, 0x69, 0x7a, 0x65, 0x88, 0x01, 0x01, 0x12, 0x32, + 0x0a, 0x12, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, + 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x48, 0x04, 0x52, 0x11, 0x63, 0x6f, + 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x88, + 0x01, 0x01, 0x42, 0x07, 0x0a, 0x05, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x42, 0x0b, 0x0a, 0x09, 0x5f, + 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x09, 0x0a, 0x07, 0x5f, 0x6f, 0x62, 0x6a, + 0x65, 0x63, 0x74, 0x42, 0x0c, 0x0a, 0x0a, 0x5f, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x69, 0x7a, + 0x65, 0x42, 0x15, 0x0a, 0x13, 0x5f, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x93, 0x01, 0x0a, 0x15, 0x46, 0x67, 0x61, + 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x2f, 0x0a, 0x06, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x52, 0x06, 0x74, 0x75, 0x70, + 0x6c, 0x65, 0x73, 0x12, 0x32, 0x0a, 0x12, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48, + 0x00, 0x52, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x88, 0x01, 0x01, 0x42, 0x15, 0x0a, 0x13, 0x5f, 0x63, 0x6f, 0x6e, 0x74, + 0x69, 0x6e, 0x75, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x81, + 0x01, 0x0a, 0x13, 0x46, 0x67, 0x61, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, + 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x23, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, + 0x10, 0x01, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x24, 0x0a, 0x09, + 0x75, 0x73, 0x65, 0x72, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x54, 0x79, + 0x70, 0x65, 0x22, 0x2c, 0x0a, 0x14, 0x46, 0x67, 0x61, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, + 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x75, 0x73, + 0x65, 0x72, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x75, 0x73, 0x65, 0x72, 0x73, + 0x22, 0x58, 0x0a, 0x10, 0x46, 0x67, 0x61, 0x45, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x23, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, + 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1f, 0x0a, 0x06, 0x6f, 0x62, 0x6a, + 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, + 0x10, 0x01, 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x27, 0x0a, 0x11, 0x46, 0x67, + 0x61, 0x45, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x12, 0x0a, 0x04, 0x74, 0x72, 0x65, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, + 0x72, 0x65, 0x65, 0x22, 0x11, 0x0a, 0x0f, 0x46, 0x67, 0x61, 0x52, 0x65, 0x73, 0x65, 0x74, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x2c, 0x0a, 0x10, 0x46, 0x67, 0x61, 0x52, 0x65, 0x73, + 0x65, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, + 0x73, 0x61, 0x67, 0x65, 0x32, 0xf5, 0x1e, 0x0a, 0x16, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, + 0x71, 0x0a, 0x0a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x20, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, + 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x1e, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x3a, 0x01, + 0x2a, 0x22, 0x0f, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x6c, 0x6f, 0x67, + 0x69, 0x6e, 0x12, 0x6e, 0x0a, 0x0b, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, + 0x74, 0x12, 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x18, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x12, + 0x22, 0x10, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x6c, 0x6f, 0x67, 0x6f, + 0x75, 0x74, 0x12, 0x72, 0x0a, 0x0c, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x73, 0x73, 0x69, + 0x6f, 0x6e, 0x12, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x73, 0x73, + 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x19, 0x82, 0xd3, 0xe4, + 0x93, 0x02, 0x13, 0x12, 0x11, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x73, + 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x66, 0x0a, 0x09, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4d, + 0x65, 0x74, 0x61, 0x12, 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x16, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x12, 0x0e, + 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x6d, 0x65, 0x74, 0x61, 0x12, 0x5e, + 0x0a, 0x05, 0x55, 0x73, 0x65, 0x72, 0x73, 0x12, 0x1b, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1c, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x1a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x14, 0x3a, 0x01, 0x2a, 0x22, 0x0f, 0x2f, + 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x73, 0x12, 0x5a, + 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x12, 0x1a, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x19, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x3a, 0x01, 0x2a, 0x22, 0x0e, 0x2f, 0x76, 0x31, 0x2f, + 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x75, 0x73, 0x65, 0x72, 0x12, 0x73, 0x0a, 0x0a, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x12, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x55, + 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x20, 0x82, + 0xd3, 0xe4, 0x93, 0x02, 0x1a, 0x3a, 0x01, 0x2a, 0x22, 0x15, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, + 0x6d, 0x69, 0x6e, 0x2f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x12, + 0x73, 0x0a, 0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x12, 0x20, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, + 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x20, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1a, 0x3a, 0x01, 0x2a, 0x22, 0x15, 0x2f, + 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, + 0x75, 0x73, 0x65, 0x72, 0x12, 0x9b, 0x01, 0x0a, 0x14, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x12, 0x2a, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, + 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2b, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, + 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x2a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x24, 0x3a, 0x01, + 0x2a, 0x22, 0x1f, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x76, 0x65, 0x72, + 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x73, 0x12, 0x7b, 0x0a, 0x0c, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x41, 0x63, 0x63, 0x65, + 0x73, 0x73, 0x12, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x41, 0x63, 0x63, + 0x65, 0x73, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x22, 0x82, 0xd3, 0xe4, + 0x93, 0x02, 0x1c, 0x3a, 0x01, 0x2a, 0x22, 0x17, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, + 0x6e, 0x2f, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, + 0x7b, 0x0a, 0x0c, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, + 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x22, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1c, + 0x3a, 0x01, 0x2a, 0x22, 0x17, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x65, + 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x12, 0x7f, 0x0a, 0x0d, + 0x49, 0x6e, 0x76, 0x69, 0x74, 0x65, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, 0x12, 0x23, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x49, 0x6e, + 0x76, 0x69, 0x74, 0x65, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x49, 0x6e, 0x76, 0x69, 0x74, 0x65, 0x4d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x23, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, + 0x3a, 0x01, 0x2a, 0x22, 0x18, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x69, + 0x6e, 0x76, 0x69, 0x74, 0x65, 0x5f, 0x6d, 0x65, 0x6d, 0x62, 0x65, 0x72, 0x73, 0x12, 0x73, 0x0a, + 0x0a, 0x41, 0x64, 0x64, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x12, 0x20, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x64, 0x57, + 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, + 0x64, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x22, 0x20, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1a, 0x3a, 0x01, 0x2a, 0x22, 0x15, 0x2f, 0x76, 0x31, + 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x61, 0x64, 0x64, 0x5f, 0x77, 0x65, 0x62, 0x68, 0x6f, + 0x6f, 0x6b, 0x12, 0x7f, 0x0a, 0x0d, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x57, 0x65, 0x62, 0x68, + 0x6f, 0x6f, 0x6b, 0x12, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, + 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x57, + 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x23, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x3a, 0x01, 0x2a, 0x22, 0x18, 0x2f, 0x76, 0x31, 0x2f, 0x61, + 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x77, 0x65, 0x62, 0x68, + 0x6f, 0x6f, 0x6b, 0x12, 0x7f, 0x0a, 0x0d, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x57, 0x65, 0x62, + 0x68, 0x6f, 0x6f, 0x6b, 0x12, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x57, 0x65, 0x62, 0x68, 0x6f, + 0x6f, 0x6b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x23, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1d, 0x3a, 0x01, 0x2a, 0x22, 0x18, 0x2f, 0x76, 0x31, 0x2f, + 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, 0x77, 0x65, 0x62, + 0x68, 0x6f, 0x6f, 0x6b, 0x12, 0x6f, 0x0a, 0x0a, 0x47, 0x65, 0x74, 0x57, 0x65, 0x62, 0x68, 0x6f, + 0x6f, 0x6b, 0x12, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x74, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1c, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x16, 0x3a, + 0x01, 0x2a, 0x22, 0x11, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x77, 0x65, + 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x12, 0x6a, 0x0a, 0x08, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, + 0x73, 0x12, 0x1e, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x1d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a, 0x22, 0x12, 0x2f, + 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x77, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, + 0x73, 0x12, 0x77, 0x0a, 0x0b, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x73, + 0x12, 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x2e, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x57, 0x65, 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x73, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x21, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1b, 0x3a, + 0x01, 0x2a, 0x22, 0x16, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x77, 0x65, + 0x62, 0x68, 0x6f, 0x6f, 0x6b, 0x5f, 0x6c, 0x6f, 0x67, 0x73, 0x12, 0x7b, 0x0a, 0x0c, 0x54, 0x65, + 0x73, 0x74, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x22, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x65, 0x73, 0x74, 0x45, + 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x54, + 0x65, 0x73, 0x74, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x22, 0x22, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1c, 0x3a, 0x01, 0x2a, 0x22, 0x17, + 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x74, 0x65, 0x73, 0x74, 0x5f, 0x65, + 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x12, 0x8c, 0x01, 0x0a, 0x10, 0x41, 0x64, 0x64, 0x45, + 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x26, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x64, + 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x64, 0x64, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, + 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x27, 0x82, + 0xd3, 0xe4, 0x93, 0x02, 0x21, 0x3a, 0x01, 0x2a, 0x22, 0x1c, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, + 0x6d, 0x69, 0x6e, 0x2f, 0x61, 0x64, 0x64, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x74, 0x65, + 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x98, 0x01, 0x0a, 0x13, 0x55, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x29, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, + 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2a, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, + 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x2a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x24, 0x3a, 0x01, 0x2a, + 0x22, 0x1f, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x75, 0x70, 0x64, 0x61, + 0x74, 0x65, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, + 0x65, 0x12, 0x98, 0x01, 0x0a, 0x13, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6d, 0x61, 0x69, + 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x29, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2a, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, + 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x22, 0x2a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x24, 0x3a, 0x01, 0x2a, 0x22, 0x1f, 0x2f, 0x76, 0x31, + 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x5f, 0x65, 0x6d, + 0x61, 0x69, 0x6c, 0x5f, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x12, 0x83, 0x01, 0x0a, + 0x0e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x12, + 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x54, 0x65, 0x6d, 0x70, 0x6c, + 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x24, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x1e, 0x3a, 0x01, 0x2a, 0x22, 0x19, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, + 0x69, 0x6e, 0x2f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x74, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x74, + 0x65, 0x73, 0x12, 0x6f, 0x0a, 0x09, 0x41, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x73, 0x12, + 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x41, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x2e, 0x41, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x1f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x3a, 0x01, 0x2a, 0x22, 0x14, 0x2f, + 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x61, 0x75, 0x64, 0x69, 0x74, 0x5f, 0x6c, + 0x6f, 0x67, 0x73, 0x12, 0x71, 0x0a, 0x0b, 0x46, 0x67, 0x61, 0x47, 0x65, 0x74, 0x4d, 0x6f, 0x64, + 0x65, 0x6c, 0x12, 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x47, 0x65, 0x74, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x47, 0x65, 0x74, 0x4d, 0x6f, 0x64, 0x65, + 0x6c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1b, 0x82, 0xd3, 0xe4, 0x93, 0x02, + 0x15, 0x12, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x66, 0x67, 0x61, + 0x2f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x12, 0x7a, 0x0a, 0x0d, 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, + 0x74, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x12, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, 0x74, 0x65, + 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, + 0x57, 0x72, 0x69, 0x74, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x6c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x3a, 0x01, 0x2a, 0x22, 0x13, 0x2f, + 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x66, 0x67, 0x61, 0x2f, 0x6d, 0x6f, 0x64, + 0x65, 0x6c, 0x12, 0x7e, 0x0a, 0x0e, 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, 0x74, 0x65, 0x54, 0x75, + 0x70, 0x6c, 0x65, 0x73, 0x12, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x57, 0x72, 0x69, 0x74, 0x65, 0x54, 0x75, 0x70, + 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x57, 0x72, + 0x69, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x22, 0x1f, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x3a, 0x01, 0x2a, 0x22, 0x14, 0x2f, 0x76, + 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x66, 0x67, 0x61, 0x2f, 0x74, 0x75, 0x70, 0x6c, + 0x65, 0x73, 0x12, 0x88, 0x01, 0x0a, 0x0f, 0x46, 0x67, 0x61, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x12, 0x25, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, + 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, + 0x61, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x26, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x20, 0x3a, 0x01, 0x2a, + 0x22, 0x1b, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x66, 0x67, 0x61, 0x2f, + 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x2f, 0x64, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x12, 0x80, 0x01, + 0x0a, 0x0d, 0x46, 0x67, 0x61, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x12, + 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x46, 0x67, 0x61, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x52, 0x65, 0x61, 0x64, 0x54, 0x75, 0x70, 0x6c, + 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x24, 0x82, 0xd3, 0xe4, 0x93, + 0x02, 0x1e, 0x3a, 0x01, 0x2a, 0x22, 0x19, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, + 0x2f, 0x66, 0x67, 0x61, 0x2f, 0x74, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x2f, 0x72, 0x65, 0x61, 0x64, + 0x12, 0x7c, 0x0a, 0x0c, 0x46, 0x67, 0x61, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, + 0x12, 0x22, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x2e, 0x46, 0x67, 0x61, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, + 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x23, 0x82, 0xd3, 0xe4, 0x93, 0x02, + 0x1d, 0x3a, 0x01, 0x2a, 0x22, 0x18, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2f, + 0x66, 0x67, 0x61, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x5f, 0x75, 0x73, 0x65, 0x72, 0x73, 0x12, 0x6f, + 0x0a, 0x09, 0x46, 0x67, 0x61, 0x45, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x12, 0x1f, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x45, + 0x78, 0x70, 0x61, 0x6e, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, + 0x45, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1f, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x3a, 0x01, 0x2a, 0x22, 0x14, 0x2f, 0x76, 0x31, 0x2f, 0x61, + 0x64, 0x6d, 0x69, 0x6e, 0x2f, 0x66, 0x67, 0x61, 0x2f, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x64, 0x12, + 0x6b, 0x0a, 0x08, 0x46, 0x67, 0x61, 0x52, 0x65, 0x73, 0x65, 0x74, 0x12, 0x1e, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x52, + 0x65, 0x73, 0x65, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1f, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x52, + 0x65, 0x73, 0x65, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1e, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x18, 0x3a, 0x01, 0x2a, 0x22, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x64, 0x6d, + 0x69, 0x6e, 0x2f, 0x66, 0x67, 0x61, 0x2f, 0x72, 0x65, 0x73, 0x65, 0x74, 0x42, 0xc6, 0x01, 0x0a, + 0x11, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x42, 0x0a, 0x41, 0x64, 0x6d, 0x69, 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, + 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x64, 0x65, 0x76, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, 0x6f, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, + 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x19, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, + 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_authorizer_v1_admin_proto_rawDescOnce sync.Once + file_authorizer_v1_admin_proto_rawDescData = file_authorizer_v1_admin_proto_rawDesc +) + +func file_authorizer_v1_admin_proto_rawDescGZIP() []byte { + file_authorizer_v1_admin_proto_rawDescOnce.Do(func() { + file_authorizer_v1_admin_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_admin_proto_rawDescData) + }) + return file_authorizer_v1_admin_proto_rawDescData +} + +var file_authorizer_v1_admin_proto_msgTypes = make([]protoimpl.MessageInfo, 72) +var file_authorizer_v1_admin_proto_goTypes = []any{ + (*AdminLoginRequest)(nil), // 0: authorizer.v1.AdminLoginRequest + (*AdminLoginResponse)(nil), // 1: authorizer.v1.AdminLoginResponse + (*AdminLogoutRequest)(nil), // 2: authorizer.v1.AdminLogoutRequest + (*AdminLogoutResponse)(nil), // 3: authorizer.v1.AdminLogoutResponse + (*AdminSessionRequest)(nil), // 4: authorizer.v1.AdminSessionRequest + (*AdminSessionResponse)(nil), // 5: authorizer.v1.AdminSessionResponse + (*AdminMetaRequest)(nil), // 6: authorizer.v1.AdminMetaRequest + (*AdminMetaResponse)(nil), // 7: authorizer.v1.AdminMetaResponse + (*AdminMeta)(nil), // 8: authorizer.v1.AdminMeta + (*UsersRequest)(nil), // 9: authorizer.v1.UsersRequest + (*UsersResponse)(nil), // 10: authorizer.v1.UsersResponse + (*UserRequest)(nil), // 11: authorizer.v1.UserRequest + (*UserResponse)(nil), // 12: authorizer.v1.UserResponse + (*UpdateUserRequest)(nil), // 13: authorizer.v1.UpdateUserRequest + (*UpdateUserResponse)(nil), // 14: authorizer.v1.UpdateUserResponse + (*DeleteUserRequest)(nil), // 15: authorizer.v1.DeleteUserRequest + (*DeleteUserResponse)(nil), // 16: authorizer.v1.DeleteUserResponse + (*VerificationRequestsRequest)(nil), // 17: authorizer.v1.VerificationRequestsRequest + (*VerificationRequestsResponse)(nil), // 18: authorizer.v1.VerificationRequestsResponse + (*VerificationRequest)(nil), // 19: authorizer.v1.VerificationRequest + (*RevokeAccessRequest)(nil), // 20: authorizer.v1.RevokeAccessRequest + (*RevokeAccessResponse)(nil), // 21: authorizer.v1.RevokeAccessResponse + (*EnableAccessRequest)(nil), // 22: authorizer.v1.EnableAccessRequest + (*EnableAccessResponse)(nil), // 23: authorizer.v1.EnableAccessResponse + (*InviteMembersRequest)(nil), // 24: authorizer.v1.InviteMembersRequest + (*InviteMembersResponse)(nil), // 25: authorizer.v1.InviteMembersResponse + (*Webhook)(nil), // 26: authorizer.v1.Webhook + (*WebhookLog)(nil), // 27: authorizer.v1.WebhookLog + (*AddWebhookRequest)(nil), // 28: authorizer.v1.AddWebhookRequest + (*AddWebhookResponse)(nil), // 29: authorizer.v1.AddWebhookResponse + (*UpdateWebhookRequest)(nil), // 30: authorizer.v1.UpdateWebhookRequest + (*UpdateWebhookResponse)(nil), // 31: authorizer.v1.UpdateWebhookResponse + (*DeleteWebhookRequest)(nil), // 32: authorizer.v1.DeleteWebhookRequest + (*DeleteWebhookResponse)(nil), // 33: authorizer.v1.DeleteWebhookResponse + (*GetWebhookRequest)(nil), // 34: authorizer.v1.GetWebhookRequest + (*GetWebhookResponse)(nil), // 35: authorizer.v1.GetWebhookResponse + (*WebhooksRequest)(nil), // 36: authorizer.v1.WebhooksRequest + (*WebhooksResponse)(nil), // 37: authorizer.v1.WebhooksResponse + (*WebhookLogsRequest)(nil), // 38: authorizer.v1.WebhookLogsRequest + (*WebhookLogsResponse)(nil), // 39: authorizer.v1.WebhookLogsResponse + (*TestEndpointRequest)(nil), // 40: authorizer.v1.TestEndpointRequest + (*TestEndpointResponse)(nil), // 41: authorizer.v1.TestEndpointResponse + (*EmailTemplate)(nil), // 42: authorizer.v1.EmailTemplate + (*AddEmailTemplateRequest)(nil), // 43: authorizer.v1.AddEmailTemplateRequest + (*AddEmailTemplateResponse)(nil), // 44: authorizer.v1.AddEmailTemplateResponse + (*UpdateEmailTemplateRequest)(nil), // 45: authorizer.v1.UpdateEmailTemplateRequest + (*UpdateEmailTemplateResponse)(nil), // 46: authorizer.v1.UpdateEmailTemplateResponse + (*DeleteEmailTemplateRequest)(nil), // 47: authorizer.v1.DeleteEmailTemplateRequest + (*DeleteEmailTemplateResponse)(nil), // 48: authorizer.v1.DeleteEmailTemplateResponse + (*EmailTemplatesRequest)(nil), // 49: authorizer.v1.EmailTemplatesRequest + (*EmailTemplatesResponse)(nil), // 50: authorizer.v1.EmailTemplatesResponse + (*AuditLog)(nil), // 51: authorizer.v1.AuditLog + (*AuditLogsRequest)(nil), // 52: authorizer.v1.AuditLogsRequest + (*AuditLogsResponse)(nil), // 53: authorizer.v1.AuditLogsResponse + (*FgaModel)(nil), // 54: authorizer.v1.FgaModel + (*FgaTuple)(nil), // 55: authorizer.v1.FgaTuple + (*FgaGetModelRequest)(nil), // 56: authorizer.v1.FgaGetModelRequest + (*FgaGetModelResponse)(nil), // 57: authorizer.v1.FgaGetModelResponse + (*FgaWriteModelRequest)(nil), // 58: authorizer.v1.FgaWriteModelRequest + (*FgaWriteModelResponse)(nil), // 59: authorizer.v1.FgaWriteModelResponse + (*FgaWriteTuplesRequest)(nil), // 60: authorizer.v1.FgaWriteTuplesRequest + (*FgaWriteTuplesResponse)(nil), // 61: authorizer.v1.FgaWriteTuplesResponse + (*FgaDeleteTuplesRequest)(nil), // 62: authorizer.v1.FgaDeleteTuplesRequest + (*FgaDeleteTuplesResponse)(nil), // 63: authorizer.v1.FgaDeleteTuplesResponse + (*FgaReadTuplesRequest)(nil), // 64: authorizer.v1.FgaReadTuplesRequest + (*FgaReadTuplesResponse)(nil), // 65: authorizer.v1.FgaReadTuplesResponse + (*FgaListUsersRequest)(nil), // 66: authorizer.v1.FgaListUsersRequest + (*FgaListUsersResponse)(nil), // 67: authorizer.v1.FgaListUsersResponse + (*FgaExpandRequest)(nil), // 68: authorizer.v1.FgaExpandRequest + (*FgaExpandResponse)(nil), // 69: authorizer.v1.FgaExpandResponse + (*FgaResetRequest)(nil), // 70: authorizer.v1.FgaResetRequest + (*FgaResetResponse)(nil), // 71: authorizer.v1.FgaResetResponse + (*PaginationRequest)(nil), // 72: authorizer.v1.PaginationRequest + (*User)(nil), // 73: authorizer.v1.User + (*Pagination)(nil), // 74: authorizer.v1.Pagination + (*AppData)(nil), // 75: authorizer.v1.AppData + (*FgaTupleInput)(nil), // 76: authorizer.v1.FgaTupleInput +} +var file_authorizer_v1_admin_proto_depIdxs = []int32{ + 8, // 0: authorizer.v1.AdminMetaResponse.admin_meta:type_name -> authorizer.v1.AdminMeta + 72, // 1: authorizer.v1.UsersRequest.pagination:type_name -> authorizer.v1.PaginationRequest + 73, // 2: authorizer.v1.UsersResponse.users:type_name -> authorizer.v1.User + 74, // 3: authorizer.v1.UsersResponse.pagination:type_name -> authorizer.v1.Pagination + 73, // 4: authorizer.v1.UserResponse.user:type_name -> authorizer.v1.User + 75, // 5: authorizer.v1.UpdateUserRequest.app_data:type_name -> authorizer.v1.AppData + 73, // 6: authorizer.v1.UpdateUserResponse.user:type_name -> authorizer.v1.User + 72, // 7: authorizer.v1.VerificationRequestsRequest.pagination:type_name -> authorizer.v1.PaginationRequest + 19, // 8: authorizer.v1.VerificationRequestsResponse.verification_requests:type_name -> authorizer.v1.VerificationRequest + 74, // 9: authorizer.v1.VerificationRequestsResponse.pagination:type_name -> authorizer.v1.Pagination + 73, // 10: authorizer.v1.InviteMembersResponse.users:type_name -> authorizer.v1.User + 75, // 11: authorizer.v1.Webhook.headers:type_name -> authorizer.v1.AppData + 75, // 12: authorizer.v1.AddWebhookRequest.headers:type_name -> authorizer.v1.AppData + 75, // 13: authorizer.v1.UpdateWebhookRequest.headers:type_name -> authorizer.v1.AppData + 26, // 14: authorizer.v1.GetWebhookResponse.webhook:type_name -> authorizer.v1.Webhook + 72, // 15: authorizer.v1.WebhooksRequest.pagination:type_name -> authorizer.v1.PaginationRequest + 26, // 16: authorizer.v1.WebhooksResponse.webhooks:type_name -> authorizer.v1.Webhook + 74, // 17: authorizer.v1.WebhooksResponse.pagination:type_name -> authorizer.v1.Pagination + 72, // 18: authorizer.v1.WebhookLogsRequest.pagination:type_name -> authorizer.v1.PaginationRequest + 27, // 19: authorizer.v1.WebhookLogsResponse.webhook_logs:type_name -> authorizer.v1.WebhookLog + 74, // 20: authorizer.v1.WebhookLogsResponse.pagination:type_name -> authorizer.v1.Pagination + 75, // 21: authorizer.v1.TestEndpointRequest.headers:type_name -> authorizer.v1.AppData + 72, // 22: authorizer.v1.EmailTemplatesRequest.pagination:type_name -> authorizer.v1.PaginationRequest + 42, // 23: authorizer.v1.EmailTemplatesResponse.email_templates:type_name -> authorizer.v1.EmailTemplate + 74, // 24: authorizer.v1.EmailTemplatesResponse.pagination:type_name -> authorizer.v1.Pagination + 72, // 25: authorizer.v1.AuditLogsRequest.pagination:type_name -> authorizer.v1.PaginationRequest + 51, // 26: authorizer.v1.AuditLogsResponse.audit_logs:type_name -> authorizer.v1.AuditLog + 74, // 27: authorizer.v1.AuditLogsResponse.pagination:type_name -> authorizer.v1.Pagination + 54, // 28: authorizer.v1.FgaGetModelResponse.model:type_name -> authorizer.v1.FgaModel + 54, // 29: authorizer.v1.FgaWriteModelResponse.model:type_name -> authorizer.v1.FgaModel + 76, // 30: authorizer.v1.FgaWriteTuplesRequest.tuples:type_name -> authorizer.v1.FgaTupleInput + 76, // 31: authorizer.v1.FgaDeleteTuplesRequest.tuples:type_name -> authorizer.v1.FgaTupleInput + 55, // 32: authorizer.v1.FgaReadTuplesResponse.tuples:type_name -> authorizer.v1.FgaTuple + 0, // 33: authorizer.v1.AuthorizerAdminService.AdminLogin:input_type -> authorizer.v1.AdminLoginRequest + 2, // 34: authorizer.v1.AuthorizerAdminService.AdminLogout:input_type -> authorizer.v1.AdminLogoutRequest + 4, // 35: authorizer.v1.AuthorizerAdminService.AdminSession:input_type -> authorizer.v1.AdminSessionRequest + 6, // 36: authorizer.v1.AuthorizerAdminService.AdminMeta:input_type -> authorizer.v1.AdminMetaRequest + 9, // 37: authorizer.v1.AuthorizerAdminService.Users:input_type -> authorizer.v1.UsersRequest + 11, // 38: authorizer.v1.AuthorizerAdminService.User:input_type -> authorizer.v1.UserRequest + 13, // 39: authorizer.v1.AuthorizerAdminService.UpdateUser:input_type -> authorizer.v1.UpdateUserRequest + 15, // 40: authorizer.v1.AuthorizerAdminService.DeleteUser:input_type -> authorizer.v1.DeleteUserRequest + 17, // 41: authorizer.v1.AuthorizerAdminService.VerificationRequests:input_type -> authorizer.v1.VerificationRequestsRequest + 20, // 42: authorizer.v1.AuthorizerAdminService.RevokeAccess:input_type -> authorizer.v1.RevokeAccessRequest + 22, // 43: authorizer.v1.AuthorizerAdminService.EnableAccess:input_type -> authorizer.v1.EnableAccessRequest + 24, // 44: authorizer.v1.AuthorizerAdminService.InviteMembers:input_type -> authorizer.v1.InviteMembersRequest + 28, // 45: authorizer.v1.AuthorizerAdminService.AddWebhook:input_type -> authorizer.v1.AddWebhookRequest + 30, // 46: authorizer.v1.AuthorizerAdminService.UpdateWebhook:input_type -> authorizer.v1.UpdateWebhookRequest + 32, // 47: authorizer.v1.AuthorizerAdminService.DeleteWebhook:input_type -> authorizer.v1.DeleteWebhookRequest + 34, // 48: authorizer.v1.AuthorizerAdminService.GetWebhook:input_type -> authorizer.v1.GetWebhookRequest + 36, // 49: authorizer.v1.AuthorizerAdminService.Webhooks:input_type -> authorizer.v1.WebhooksRequest + 38, // 50: authorizer.v1.AuthorizerAdminService.WebhookLogs:input_type -> authorizer.v1.WebhookLogsRequest + 40, // 51: authorizer.v1.AuthorizerAdminService.TestEndpoint:input_type -> authorizer.v1.TestEndpointRequest + 43, // 52: authorizer.v1.AuthorizerAdminService.AddEmailTemplate:input_type -> authorizer.v1.AddEmailTemplateRequest + 45, // 53: authorizer.v1.AuthorizerAdminService.UpdateEmailTemplate:input_type -> authorizer.v1.UpdateEmailTemplateRequest + 47, // 54: authorizer.v1.AuthorizerAdminService.DeleteEmailTemplate:input_type -> authorizer.v1.DeleteEmailTemplateRequest + 49, // 55: authorizer.v1.AuthorizerAdminService.EmailTemplates:input_type -> authorizer.v1.EmailTemplatesRequest + 52, // 56: authorizer.v1.AuthorizerAdminService.AuditLogs:input_type -> authorizer.v1.AuditLogsRequest + 56, // 57: authorizer.v1.AuthorizerAdminService.FgaGetModel:input_type -> authorizer.v1.FgaGetModelRequest + 58, // 58: authorizer.v1.AuthorizerAdminService.FgaWriteModel:input_type -> authorizer.v1.FgaWriteModelRequest + 60, // 59: authorizer.v1.AuthorizerAdminService.FgaWriteTuples:input_type -> authorizer.v1.FgaWriteTuplesRequest + 62, // 60: authorizer.v1.AuthorizerAdminService.FgaDeleteTuples:input_type -> authorizer.v1.FgaDeleteTuplesRequest + 64, // 61: authorizer.v1.AuthorizerAdminService.FgaReadTuples:input_type -> authorizer.v1.FgaReadTuplesRequest + 66, // 62: authorizer.v1.AuthorizerAdminService.FgaListUsers:input_type -> authorizer.v1.FgaListUsersRequest + 68, // 63: authorizer.v1.AuthorizerAdminService.FgaExpand:input_type -> authorizer.v1.FgaExpandRequest + 70, // 64: authorizer.v1.AuthorizerAdminService.FgaReset:input_type -> authorizer.v1.FgaResetRequest + 1, // 65: authorizer.v1.AuthorizerAdminService.AdminLogin:output_type -> authorizer.v1.AdminLoginResponse + 3, // 66: authorizer.v1.AuthorizerAdminService.AdminLogout:output_type -> authorizer.v1.AdminLogoutResponse + 5, // 67: authorizer.v1.AuthorizerAdminService.AdminSession:output_type -> authorizer.v1.AdminSessionResponse + 7, // 68: authorizer.v1.AuthorizerAdminService.AdminMeta:output_type -> authorizer.v1.AdminMetaResponse + 10, // 69: authorizer.v1.AuthorizerAdminService.Users:output_type -> authorizer.v1.UsersResponse + 12, // 70: authorizer.v1.AuthorizerAdminService.User:output_type -> authorizer.v1.UserResponse + 14, // 71: authorizer.v1.AuthorizerAdminService.UpdateUser:output_type -> authorizer.v1.UpdateUserResponse + 16, // 72: authorizer.v1.AuthorizerAdminService.DeleteUser:output_type -> authorizer.v1.DeleteUserResponse + 18, // 73: authorizer.v1.AuthorizerAdminService.VerificationRequests:output_type -> authorizer.v1.VerificationRequestsResponse + 21, // 74: authorizer.v1.AuthorizerAdminService.RevokeAccess:output_type -> authorizer.v1.RevokeAccessResponse + 23, // 75: authorizer.v1.AuthorizerAdminService.EnableAccess:output_type -> authorizer.v1.EnableAccessResponse + 25, // 76: authorizer.v1.AuthorizerAdminService.InviteMembers:output_type -> authorizer.v1.InviteMembersResponse + 29, // 77: authorizer.v1.AuthorizerAdminService.AddWebhook:output_type -> authorizer.v1.AddWebhookResponse + 31, // 78: authorizer.v1.AuthorizerAdminService.UpdateWebhook:output_type -> authorizer.v1.UpdateWebhookResponse + 33, // 79: authorizer.v1.AuthorizerAdminService.DeleteWebhook:output_type -> authorizer.v1.DeleteWebhookResponse + 35, // 80: authorizer.v1.AuthorizerAdminService.GetWebhook:output_type -> authorizer.v1.GetWebhookResponse + 37, // 81: authorizer.v1.AuthorizerAdminService.Webhooks:output_type -> authorizer.v1.WebhooksResponse + 39, // 82: authorizer.v1.AuthorizerAdminService.WebhookLogs:output_type -> authorizer.v1.WebhookLogsResponse + 41, // 83: authorizer.v1.AuthorizerAdminService.TestEndpoint:output_type -> authorizer.v1.TestEndpointResponse + 44, // 84: authorizer.v1.AuthorizerAdminService.AddEmailTemplate:output_type -> authorizer.v1.AddEmailTemplateResponse + 46, // 85: authorizer.v1.AuthorizerAdminService.UpdateEmailTemplate:output_type -> authorizer.v1.UpdateEmailTemplateResponse + 48, // 86: authorizer.v1.AuthorizerAdminService.DeleteEmailTemplate:output_type -> authorizer.v1.DeleteEmailTemplateResponse + 50, // 87: authorizer.v1.AuthorizerAdminService.EmailTemplates:output_type -> authorizer.v1.EmailTemplatesResponse + 53, // 88: authorizer.v1.AuthorizerAdminService.AuditLogs:output_type -> authorizer.v1.AuditLogsResponse + 57, // 89: authorizer.v1.AuthorizerAdminService.FgaGetModel:output_type -> authorizer.v1.FgaGetModelResponse + 59, // 90: authorizer.v1.AuthorizerAdminService.FgaWriteModel:output_type -> authorizer.v1.FgaWriteModelResponse + 61, // 91: authorizer.v1.AuthorizerAdminService.FgaWriteTuples:output_type -> authorizer.v1.FgaWriteTuplesResponse + 63, // 92: authorizer.v1.AuthorizerAdminService.FgaDeleteTuples:output_type -> authorizer.v1.FgaDeleteTuplesResponse + 65, // 93: authorizer.v1.AuthorizerAdminService.FgaReadTuples:output_type -> authorizer.v1.FgaReadTuplesResponse + 67, // 94: authorizer.v1.AuthorizerAdminService.FgaListUsers:output_type -> authorizer.v1.FgaListUsersResponse + 69, // 95: authorizer.v1.AuthorizerAdminService.FgaExpand:output_type -> authorizer.v1.FgaExpandResponse + 71, // 96: authorizer.v1.AuthorizerAdminService.FgaReset:output_type -> authorizer.v1.FgaResetResponse + 65, // [65:97] is the sub-list for method output_type + 33, // [33:65] is the sub-list for method input_type + 33, // [33:33] is the sub-list for extension type_name + 33, // [33:33] is the sub-list for extension extendee + 0, // [0:33] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_admin_proto_init() } +func file_authorizer_v1_admin_proto_init() { + if File_authorizer_v1_admin_proto != nil { + return + } + file_authorizer_v1_annotations_proto_init() + file_authorizer_v1_common_proto_init() + file_authorizer_v1_pagination_proto_init() + file_authorizer_v1_types_proto_init() + file_authorizer_v1_admin_proto_msgTypes[13].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[24].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[28].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[30].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[38].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[40].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[43].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[45].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[52].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[64].OneofWrappers = []any{} + file_authorizer_v1_admin_proto_msgTypes[65].OneofWrappers = []any{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_admin_proto_rawDesc, + NumEnums: 0, + NumMessages: 72, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_authorizer_v1_admin_proto_goTypes, + DependencyIndexes: file_authorizer_v1_admin_proto_depIdxs, + MessageInfos: file_authorizer_v1_admin_proto_msgTypes, + }.Build() + File_authorizer_v1_admin_proto = out.File + file_authorizer_v1_admin_proto_rawDesc = nil + file_authorizer_v1_admin_proto_goTypes = nil + file_authorizer_v1_admin_proto_depIdxs = nil +} diff --git a/internal/genpb/authorizer/v1/admin_grpc.pb.go b/internal/genpb/authorizer/v1/admin_grpc.pb.go new file mode 100644 index 0000000..ac1c406 --- /dev/null +++ b/internal/genpb/authorizer/v1/admin_grpc.pb.go @@ -0,0 +1,1440 @@ +// proto/authorizer/v1/admin.proto +// +// AuthorizerAdminService exposes Authorizer's super-admin-only operations +// (the `_`-prefixed GraphQL queries/mutations). It is registered on the SAME +// grpc.Server and gateway mux as AuthorizerService. Every RPC requires +// super-admin auth (admin session cookie or x-authorizer-admin-secret header) +// except AdminLogin, which establishes it. Admin operations are intentionally +// NOT exposed over MCP. + +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.5.1 +// - protoc (unknown) +// source: authorizer/v1/admin.proto + +package authorizerv1 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.64.0 or later. +const _ = grpc.SupportPackageIsVersion9 + +const ( + AuthorizerAdminService_AdminLogin_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AdminLogin" + AuthorizerAdminService_AdminLogout_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AdminLogout" + AuthorizerAdminService_AdminSession_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AdminSession" + AuthorizerAdminService_AdminMeta_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AdminMeta" + AuthorizerAdminService_Users_FullMethodName = "/authorizer.v1.AuthorizerAdminService/Users" + AuthorizerAdminService_User_FullMethodName = "/authorizer.v1.AuthorizerAdminService/User" + AuthorizerAdminService_UpdateUser_FullMethodName = "/authorizer.v1.AuthorizerAdminService/UpdateUser" + AuthorizerAdminService_DeleteUser_FullMethodName = "/authorizer.v1.AuthorizerAdminService/DeleteUser" + AuthorizerAdminService_VerificationRequests_FullMethodName = "/authorizer.v1.AuthorizerAdminService/VerificationRequests" + AuthorizerAdminService_RevokeAccess_FullMethodName = "/authorizer.v1.AuthorizerAdminService/RevokeAccess" + AuthorizerAdminService_EnableAccess_FullMethodName = "/authorizer.v1.AuthorizerAdminService/EnableAccess" + AuthorizerAdminService_InviteMembers_FullMethodName = "/authorizer.v1.AuthorizerAdminService/InviteMembers" + AuthorizerAdminService_AddWebhook_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AddWebhook" + AuthorizerAdminService_UpdateWebhook_FullMethodName = "/authorizer.v1.AuthorizerAdminService/UpdateWebhook" + AuthorizerAdminService_DeleteWebhook_FullMethodName = "/authorizer.v1.AuthorizerAdminService/DeleteWebhook" + AuthorizerAdminService_GetWebhook_FullMethodName = "/authorizer.v1.AuthorizerAdminService/GetWebhook" + AuthorizerAdminService_Webhooks_FullMethodName = "/authorizer.v1.AuthorizerAdminService/Webhooks" + AuthorizerAdminService_WebhookLogs_FullMethodName = "/authorizer.v1.AuthorizerAdminService/WebhookLogs" + AuthorizerAdminService_TestEndpoint_FullMethodName = "/authorizer.v1.AuthorizerAdminService/TestEndpoint" + AuthorizerAdminService_AddEmailTemplate_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AddEmailTemplate" + AuthorizerAdminService_UpdateEmailTemplate_FullMethodName = "/authorizer.v1.AuthorizerAdminService/UpdateEmailTemplate" + AuthorizerAdminService_DeleteEmailTemplate_FullMethodName = "/authorizer.v1.AuthorizerAdminService/DeleteEmailTemplate" + AuthorizerAdminService_EmailTemplates_FullMethodName = "/authorizer.v1.AuthorizerAdminService/EmailTemplates" + AuthorizerAdminService_AuditLogs_FullMethodName = "/authorizer.v1.AuthorizerAdminService/AuditLogs" + AuthorizerAdminService_FgaGetModel_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaGetModel" + AuthorizerAdminService_FgaWriteModel_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaWriteModel" + AuthorizerAdminService_FgaWriteTuples_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaWriteTuples" + AuthorizerAdminService_FgaDeleteTuples_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaDeleteTuples" + AuthorizerAdminService_FgaReadTuples_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaReadTuples" + AuthorizerAdminService_FgaListUsers_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaListUsers" + AuthorizerAdminService_FgaExpand_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaExpand" + AuthorizerAdminService_FgaReset_FullMethodName = "/authorizer.v1.AuthorizerAdminService/FgaReset" +) + +// AuthorizerAdminServiceClient is the client API for AuthorizerAdminService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +// +// AuthorizerAdminService is the single gRPC service for Authorizer's admin +// (super-admin-only) API surface. RPCs are added one domain group at a time; +// see specs/2026-06-15-authorizer-admin-service-plan.md. +type AuthorizerAdminServiceClient interface { + // AdminLogin validates the admin secret and establishes an admin session + // (Set-Cookie for browser callers). Public entry point — the ONLY admin RPC + // that does not require an existing super-admin session. + AdminLogin(ctx context.Context, in *AdminLoginRequest, opts ...grpc.CallOption) (*AdminLoginResponse, error) + // AdminLogout clears the admin session cookie. Requires super-admin auth. + AdminLogout(ctx context.Context, in *AdminLogoutRequest, opts ...grpc.CallOption) (*AdminLogoutResponse, error) + // AdminSession refreshes the admin session cookie. Requires super-admin auth. + AdminSession(ctx context.Context, in *AdminSessionRequest, opts ...grpc.CallOption) (*AdminSessionResponse, error) + // AdminMeta returns admin-only configuration metadata (configured roles, + // default roles, protected roles). Requires super-admin auth. + AdminMeta(ctx context.Context, in *AdminMetaRequest, opts ...grpc.CallOption) (*AdminMetaResponse, error) + // Users returns a paginated list of all users. Requires super-admin auth. + Users(ctx context.Context, in *UsersRequest, opts ...grpc.CallOption) (*UsersResponse, error) + // User returns a single user by id or email. Requires super-admin auth. + User(ctx context.Context, in *UserRequest, opts ...grpc.CallOption) (*UserResponse, error) + // UpdateUser updates a user's profile, roles, MFA, or verification state and + // returns the updated user. Requires super-admin auth. + UpdateUser(ctx context.Context, in *UpdateUserRequest, opts ...grpc.CallOption) (*UpdateUserResponse, error) + // DeleteUser deletes a user (and associated OTP/verification data) by email. + // Requires super-admin auth. + DeleteUser(ctx context.Context, in *DeleteUserRequest, opts ...grpc.CallOption) (*DeleteUserResponse, error) + // VerificationRequests returns a paginated list of pending verification + // requests. Requires super-admin auth. + VerificationRequests(ctx context.Context, in *VerificationRequestsRequest, opts ...grpc.CallOption) (*VerificationRequestsResponse, error) + // RevokeAccess revokes a user's access (sets the revoked timestamp), kills + // their sessions, and fires the access-revoked webhook. Requires super-admin + // auth. + RevokeAccess(ctx context.Context, in *RevokeAccessRequest, opts ...grpc.CallOption) (*RevokeAccessResponse, error) + // EnableAccess re-enables a previously revoked user (clears the revoked + // timestamp) and fires the access-enabled webhook. Requires super-admin auth. + EnableAccess(ctx context.Context, in *EnableAccessRequest, opts ...grpc.CallOption) (*EnableAccessResponse, error) + // InviteMembers creates accounts for new emails and sends invite emails. + // Requires super-admin auth and a configured email service. + InviteMembers(ctx context.Context, in *InviteMembersRequest, opts ...grpc.CallOption) (*InviteMembersResponse, error) + // AddWebhook registers a new webhook for an event. Requires super-admin auth. + AddWebhook(ctx context.Context, in *AddWebhookRequest, opts ...grpc.CallOption) (*AddWebhookResponse, error) + // UpdateWebhook updates an existing webhook's event, endpoint, headers, or + // enabled state. Requires super-admin auth. + UpdateWebhook(ctx context.Context, in *UpdateWebhookRequest, opts ...grpc.CallOption) (*UpdateWebhookResponse, error) + // DeleteWebhook deletes a webhook by id. Requires super-admin auth. + DeleteWebhook(ctx context.Context, in *DeleteWebhookRequest, opts ...grpc.CallOption) (*DeleteWebhookResponse, error) + // GetWebhook returns a single webhook by id. Requires super-admin auth. + GetWebhook(ctx context.Context, in *GetWebhookRequest, opts ...grpc.CallOption) (*GetWebhookResponse, error) + // Webhooks returns a paginated list of webhooks. Requires super-admin auth. + Webhooks(ctx context.Context, in *WebhooksRequest, opts ...grpc.CallOption) (*WebhooksResponse, error) + // WebhookLogs returns a paginated list of webhook delivery logs, optionally + // filtered by webhook id. Requires super-admin auth. + WebhookLogs(ctx context.Context, in *WebhookLogsRequest, opts ...grpc.CallOption) (*WebhookLogsResponse, error) + // TestEndpoint sends a synthetic event payload to a webhook endpoint and + // returns the HTTP status and response body. Requires super-admin auth. + TestEndpoint(ctx context.Context, in *TestEndpointRequest, opts ...grpc.CallOption) (*TestEndpointResponse, error) + // AddEmailTemplate creates a new email template for an event. Requires + // super-admin auth. + AddEmailTemplate(ctx context.Context, in *AddEmailTemplateRequest, opts ...grpc.CallOption) (*AddEmailTemplateResponse, error) + // UpdateEmailTemplate updates an existing email template's event, subject, + // body, or design. Requires super-admin auth. + UpdateEmailTemplate(ctx context.Context, in *UpdateEmailTemplateRequest, opts ...grpc.CallOption) (*UpdateEmailTemplateResponse, error) + // DeleteEmailTemplate deletes an email template by id. Requires super-admin + // auth. + DeleteEmailTemplate(ctx context.Context, in *DeleteEmailTemplateRequest, opts ...grpc.CallOption) (*DeleteEmailTemplateResponse, error) + // EmailTemplates returns a paginated list of email templates. Requires + // super-admin auth. + EmailTemplates(ctx context.Context, in *EmailTemplatesRequest, opts ...grpc.CallOption) (*EmailTemplatesResponse, error) + // AuditLogs returns a paginated, optionally-filtered list of audit log + // entries. Requires super-admin auth. + AuditLogs(ctx context.Context, in *AuditLogsRequest, opts ...grpc.CallOption) (*AuditLogsResponse, error) + // FgaGetModel returns the active fine-grained authorization model as DSL. A + // store with no model yet returns an empty model (not an error). Requires + // super-admin auth. + FgaGetModel(ctx context.Context, in *FgaGetModelRequest, opts ...grpc.CallOption) (*FgaGetModelResponse, error) + // FgaWriteModel installs a new fine-grained authorization model from its DSL + // and returns the new model id. Requires super-admin auth. Audited. + FgaWriteModel(ctx context.Context, in *FgaWriteModelRequest, opts ...grpc.CallOption) (*FgaWriteModelResponse, error) + // FgaWriteTuples persists the given relationship tuples (additive). Requires + // super-admin auth. Audited. + FgaWriteTuples(ctx context.Context, in *FgaWriteTuplesRequest, opts ...grpc.CallOption) (*FgaWriteTuplesResponse, error) + // FgaDeleteTuples removes the given relationship tuples. Requires super-admin + // auth. Audited. + FgaDeleteTuples(ctx context.Context, in *FgaDeleteTuplesRequest, opts ...grpc.CallOption) (*FgaDeleteTuplesResponse, error) + // FgaReadTuples returns a page of persisted tuples matching the filter. + // Requires super-admin auth. + FgaReadTuples(ctx context.Context, in *FgaReadTuplesRequest, opts ...grpc.CallOption) (*FgaReadTuplesResponse, error) + // FgaListUsers returns the fully-qualified user ids of user_type that have + // relation on object ("who can access this object?"). Requires super-admin + // auth. + FgaListUsers(ctx context.Context, in *FgaListUsersRequest, opts ...grpc.CallOption) (*FgaListUsersResponse, error) + // FgaExpand returns the OpenFGA relationship/userset tree for (relation, + // object) as a JSON string (the explainability primitive). Requires + // super-admin auth. + FgaExpand(ctx context.Context, in *FgaExpandRequest, opts ...grpc.CallOption) (*FgaExpandResponse, error) + // FgaReset deletes the entire fine-grained authorization store (the model, + // all its versions, and all tuples) and starts a fresh, empty store. Refused + // while any tuples still exist. Requires super-admin auth. Destructive and + // audited. + FgaReset(ctx context.Context, in *FgaResetRequest, opts ...grpc.CallOption) (*FgaResetResponse, error) +} + +type authorizerAdminServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewAuthorizerAdminServiceClient(cc grpc.ClientConnInterface) AuthorizerAdminServiceClient { + return &authorizerAdminServiceClient{cc} +} + +func (c *authorizerAdminServiceClient) AdminLogin(ctx context.Context, in *AdminLoginRequest, opts ...grpc.CallOption) (*AdminLoginResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AdminLoginResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AdminLogin_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) AdminLogout(ctx context.Context, in *AdminLogoutRequest, opts ...grpc.CallOption) (*AdminLogoutResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AdminLogoutResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AdminLogout_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) AdminSession(ctx context.Context, in *AdminSessionRequest, opts ...grpc.CallOption) (*AdminSessionResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AdminSessionResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AdminSession_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) AdminMeta(ctx context.Context, in *AdminMetaRequest, opts ...grpc.CallOption) (*AdminMetaResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AdminMetaResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AdminMeta_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) Users(ctx context.Context, in *UsersRequest, opts ...grpc.CallOption) (*UsersResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UsersResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_Users_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) User(ctx context.Context, in *UserRequest, opts ...grpc.CallOption) (*UserResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UserResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_User_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) UpdateUser(ctx context.Context, in *UpdateUserRequest, opts ...grpc.CallOption) (*UpdateUserResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UpdateUserResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_UpdateUser_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) DeleteUser(ctx context.Context, in *DeleteUserRequest, opts ...grpc.CallOption) (*DeleteUserResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(DeleteUserResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_DeleteUser_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) VerificationRequests(ctx context.Context, in *VerificationRequestsRequest, opts ...grpc.CallOption) (*VerificationRequestsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(VerificationRequestsResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_VerificationRequests_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) RevokeAccess(ctx context.Context, in *RevokeAccessRequest, opts ...grpc.CallOption) (*RevokeAccessResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(RevokeAccessResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_RevokeAccess_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) EnableAccess(ctx context.Context, in *EnableAccessRequest, opts ...grpc.CallOption) (*EnableAccessResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(EnableAccessResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_EnableAccess_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) InviteMembers(ctx context.Context, in *InviteMembersRequest, opts ...grpc.CallOption) (*InviteMembersResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(InviteMembersResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_InviteMembers_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) AddWebhook(ctx context.Context, in *AddWebhookRequest, opts ...grpc.CallOption) (*AddWebhookResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AddWebhookResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AddWebhook_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) UpdateWebhook(ctx context.Context, in *UpdateWebhookRequest, opts ...grpc.CallOption) (*UpdateWebhookResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UpdateWebhookResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_UpdateWebhook_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) DeleteWebhook(ctx context.Context, in *DeleteWebhookRequest, opts ...grpc.CallOption) (*DeleteWebhookResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(DeleteWebhookResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_DeleteWebhook_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) GetWebhook(ctx context.Context, in *GetWebhookRequest, opts ...grpc.CallOption) (*GetWebhookResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(GetWebhookResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_GetWebhook_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) Webhooks(ctx context.Context, in *WebhooksRequest, opts ...grpc.CallOption) (*WebhooksResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(WebhooksResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_Webhooks_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) WebhookLogs(ctx context.Context, in *WebhookLogsRequest, opts ...grpc.CallOption) (*WebhookLogsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(WebhookLogsResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_WebhookLogs_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) TestEndpoint(ctx context.Context, in *TestEndpointRequest, opts ...grpc.CallOption) (*TestEndpointResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(TestEndpointResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_TestEndpoint_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) AddEmailTemplate(ctx context.Context, in *AddEmailTemplateRequest, opts ...grpc.CallOption) (*AddEmailTemplateResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AddEmailTemplateResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AddEmailTemplate_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) UpdateEmailTemplate(ctx context.Context, in *UpdateEmailTemplateRequest, opts ...grpc.CallOption) (*UpdateEmailTemplateResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UpdateEmailTemplateResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_UpdateEmailTemplate_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) DeleteEmailTemplate(ctx context.Context, in *DeleteEmailTemplateRequest, opts ...grpc.CallOption) (*DeleteEmailTemplateResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(DeleteEmailTemplateResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_DeleteEmailTemplate_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) EmailTemplates(ctx context.Context, in *EmailTemplatesRequest, opts ...grpc.CallOption) (*EmailTemplatesResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(EmailTemplatesResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_EmailTemplates_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) AuditLogs(ctx context.Context, in *AuditLogsRequest, opts ...grpc.CallOption) (*AuditLogsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AuditLogsResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_AuditLogs_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaGetModel(ctx context.Context, in *FgaGetModelRequest, opts ...grpc.CallOption) (*FgaGetModelResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaGetModelResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaGetModel_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaWriteModel(ctx context.Context, in *FgaWriteModelRequest, opts ...grpc.CallOption) (*FgaWriteModelResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaWriteModelResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaWriteModel_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaWriteTuples(ctx context.Context, in *FgaWriteTuplesRequest, opts ...grpc.CallOption) (*FgaWriteTuplesResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaWriteTuplesResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaWriteTuples_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaDeleteTuples(ctx context.Context, in *FgaDeleteTuplesRequest, opts ...grpc.CallOption) (*FgaDeleteTuplesResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaDeleteTuplesResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaDeleteTuples_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaReadTuples(ctx context.Context, in *FgaReadTuplesRequest, opts ...grpc.CallOption) (*FgaReadTuplesResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaReadTuplesResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaReadTuples_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaListUsers(ctx context.Context, in *FgaListUsersRequest, opts ...grpc.CallOption) (*FgaListUsersResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaListUsersResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaListUsers_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaExpand(ctx context.Context, in *FgaExpandRequest, opts ...grpc.CallOption) (*FgaExpandResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaExpandResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaExpand_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerAdminServiceClient) FgaReset(ctx context.Context, in *FgaResetRequest, opts ...grpc.CallOption) (*FgaResetResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(FgaResetResponse) + err := c.cc.Invoke(ctx, AuthorizerAdminService_FgaReset_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AuthorizerAdminServiceServer is the server API for AuthorizerAdminService service. +// All implementations should embed UnimplementedAuthorizerAdminServiceServer +// for forward compatibility. +// +// AuthorizerAdminService is the single gRPC service for Authorizer's admin +// (super-admin-only) API surface. RPCs are added one domain group at a time; +// see specs/2026-06-15-authorizer-admin-service-plan.md. +type AuthorizerAdminServiceServer interface { + // AdminLogin validates the admin secret and establishes an admin session + // (Set-Cookie for browser callers). Public entry point — the ONLY admin RPC + // that does not require an existing super-admin session. + AdminLogin(context.Context, *AdminLoginRequest) (*AdminLoginResponse, error) + // AdminLogout clears the admin session cookie. Requires super-admin auth. + AdminLogout(context.Context, *AdminLogoutRequest) (*AdminLogoutResponse, error) + // AdminSession refreshes the admin session cookie. Requires super-admin auth. + AdminSession(context.Context, *AdminSessionRequest) (*AdminSessionResponse, error) + // AdminMeta returns admin-only configuration metadata (configured roles, + // default roles, protected roles). Requires super-admin auth. + AdminMeta(context.Context, *AdminMetaRequest) (*AdminMetaResponse, error) + // Users returns a paginated list of all users. Requires super-admin auth. + Users(context.Context, *UsersRequest) (*UsersResponse, error) + // User returns a single user by id or email. Requires super-admin auth. + User(context.Context, *UserRequest) (*UserResponse, error) + // UpdateUser updates a user's profile, roles, MFA, or verification state and + // returns the updated user. Requires super-admin auth. + UpdateUser(context.Context, *UpdateUserRequest) (*UpdateUserResponse, error) + // DeleteUser deletes a user (and associated OTP/verification data) by email. + // Requires super-admin auth. + DeleteUser(context.Context, *DeleteUserRequest) (*DeleteUserResponse, error) + // VerificationRequests returns a paginated list of pending verification + // requests. Requires super-admin auth. + VerificationRequests(context.Context, *VerificationRequestsRequest) (*VerificationRequestsResponse, error) + // RevokeAccess revokes a user's access (sets the revoked timestamp), kills + // their sessions, and fires the access-revoked webhook. Requires super-admin + // auth. + RevokeAccess(context.Context, *RevokeAccessRequest) (*RevokeAccessResponse, error) + // EnableAccess re-enables a previously revoked user (clears the revoked + // timestamp) and fires the access-enabled webhook. Requires super-admin auth. + EnableAccess(context.Context, *EnableAccessRequest) (*EnableAccessResponse, error) + // InviteMembers creates accounts for new emails and sends invite emails. + // Requires super-admin auth and a configured email service. + InviteMembers(context.Context, *InviteMembersRequest) (*InviteMembersResponse, error) + // AddWebhook registers a new webhook for an event. Requires super-admin auth. + AddWebhook(context.Context, *AddWebhookRequest) (*AddWebhookResponse, error) + // UpdateWebhook updates an existing webhook's event, endpoint, headers, or + // enabled state. Requires super-admin auth. + UpdateWebhook(context.Context, *UpdateWebhookRequest) (*UpdateWebhookResponse, error) + // DeleteWebhook deletes a webhook by id. Requires super-admin auth. + DeleteWebhook(context.Context, *DeleteWebhookRequest) (*DeleteWebhookResponse, error) + // GetWebhook returns a single webhook by id. Requires super-admin auth. + GetWebhook(context.Context, *GetWebhookRequest) (*GetWebhookResponse, error) + // Webhooks returns a paginated list of webhooks. Requires super-admin auth. + Webhooks(context.Context, *WebhooksRequest) (*WebhooksResponse, error) + // WebhookLogs returns a paginated list of webhook delivery logs, optionally + // filtered by webhook id. Requires super-admin auth. + WebhookLogs(context.Context, *WebhookLogsRequest) (*WebhookLogsResponse, error) + // TestEndpoint sends a synthetic event payload to a webhook endpoint and + // returns the HTTP status and response body. Requires super-admin auth. + TestEndpoint(context.Context, *TestEndpointRequest) (*TestEndpointResponse, error) + // AddEmailTemplate creates a new email template for an event. Requires + // super-admin auth. + AddEmailTemplate(context.Context, *AddEmailTemplateRequest) (*AddEmailTemplateResponse, error) + // UpdateEmailTemplate updates an existing email template's event, subject, + // body, or design. Requires super-admin auth. + UpdateEmailTemplate(context.Context, *UpdateEmailTemplateRequest) (*UpdateEmailTemplateResponse, error) + // DeleteEmailTemplate deletes an email template by id. Requires super-admin + // auth. + DeleteEmailTemplate(context.Context, *DeleteEmailTemplateRequest) (*DeleteEmailTemplateResponse, error) + // EmailTemplates returns a paginated list of email templates. Requires + // super-admin auth. + EmailTemplates(context.Context, *EmailTemplatesRequest) (*EmailTemplatesResponse, error) + // AuditLogs returns a paginated, optionally-filtered list of audit log + // entries. Requires super-admin auth. + AuditLogs(context.Context, *AuditLogsRequest) (*AuditLogsResponse, error) + // FgaGetModel returns the active fine-grained authorization model as DSL. A + // store with no model yet returns an empty model (not an error). Requires + // super-admin auth. + FgaGetModel(context.Context, *FgaGetModelRequest) (*FgaGetModelResponse, error) + // FgaWriteModel installs a new fine-grained authorization model from its DSL + // and returns the new model id. Requires super-admin auth. Audited. + FgaWriteModel(context.Context, *FgaWriteModelRequest) (*FgaWriteModelResponse, error) + // FgaWriteTuples persists the given relationship tuples (additive). Requires + // super-admin auth. Audited. + FgaWriteTuples(context.Context, *FgaWriteTuplesRequest) (*FgaWriteTuplesResponse, error) + // FgaDeleteTuples removes the given relationship tuples. Requires super-admin + // auth. Audited. + FgaDeleteTuples(context.Context, *FgaDeleteTuplesRequest) (*FgaDeleteTuplesResponse, error) + // FgaReadTuples returns a page of persisted tuples matching the filter. + // Requires super-admin auth. + FgaReadTuples(context.Context, *FgaReadTuplesRequest) (*FgaReadTuplesResponse, error) + // FgaListUsers returns the fully-qualified user ids of user_type that have + // relation on object ("who can access this object?"). Requires super-admin + // auth. + FgaListUsers(context.Context, *FgaListUsersRequest) (*FgaListUsersResponse, error) + // FgaExpand returns the OpenFGA relationship/userset tree for (relation, + // object) as a JSON string (the explainability primitive). Requires + // super-admin auth. + FgaExpand(context.Context, *FgaExpandRequest) (*FgaExpandResponse, error) + // FgaReset deletes the entire fine-grained authorization store (the model, + // all its versions, and all tuples) and starts a fresh, empty store. Refused + // while any tuples still exist. Requires super-admin auth. Destructive and + // audited. + FgaReset(context.Context, *FgaResetRequest) (*FgaResetResponse, error) +} + +// UnimplementedAuthorizerAdminServiceServer should be embedded to have +// forward compatible implementations. +// +// NOTE: this should be embedded by value instead of pointer to avoid a nil +// pointer dereference when methods are called. +type UnimplementedAuthorizerAdminServiceServer struct{} + +func (UnimplementedAuthorizerAdminServiceServer) AdminLogin(context.Context, *AdminLoginRequest) (*AdminLoginResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AdminLogin not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) AdminLogout(context.Context, *AdminLogoutRequest) (*AdminLogoutResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AdminLogout not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) AdminSession(context.Context, *AdminSessionRequest) (*AdminSessionResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AdminSession not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) AdminMeta(context.Context, *AdminMetaRequest) (*AdminMetaResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AdminMeta not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) Users(context.Context, *UsersRequest) (*UsersResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Users not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) User(context.Context, *UserRequest) (*UserResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method User not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) UpdateUser(context.Context, *UpdateUserRequest) (*UpdateUserResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateUser not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) DeleteUser(context.Context, *DeleteUserRequest) (*DeleteUserResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteUser not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) VerificationRequests(context.Context, *VerificationRequestsRequest) (*VerificationRequestsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method VerificationRequests not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) RevokeAccess(context.Context, *RevokeAccessRequest) (*RevokeAccessResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method RevokeAccess not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) EnableAccess(context.Context, *EnableAccessRequest) (*EnableAccessResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method EnableAccess not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) InviteMembers(context.Context, *InviteMembersRequest) (*InviteMembersResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method InviteMembers not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) AddWebhook(context.Context, *AddWebhookRequest) (*AddWebhookResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddWebhook not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) UpdateWebhook(context.Context, *UpdateWebhookRequest) (*UpdateWebhookResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateWebhook not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) DeleteWebhook(context.Context, *DeleteWebhookRequest) (*DeleteWebhookResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteWebhook not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) GetWebhook(context.Context, *GetWebhookRequest) (*GetWebhookResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetWebhook not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) Webhooks(context.Context, *WebhooksRequest) (*WebhooksResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Webhooks not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) WebhookLogs(context.Context, *WebhookLogsRequest) (*WebhookLogsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method WebhookLogs not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) TestEndpoint(context.Context, *TestEndpointRequest) (*TestEndpointResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method TestEndpoint not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) AddEmailTemplate(context.Context, *AddEmailTemplateRequest) (*AddEmailTemplateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AddEmailTemplate not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) UpdateEmailTemplate(context.Context, *UpdateEmailTemplateRequest) (*UpdateEmailTemplateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateEmailTemplate not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) DeleteEmailTemplate(context.Context, *DeleteEmailTemplateRequest) (*DeleteEmailTemplateResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeleteEmailTemplate not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) EmailTemplates(context.Context, *EmailTemplatesRequest) (*EmailTemplatesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method EmailTemplates not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) AuditLogs(context.Context, *AuditLogsRequest) (*AuditLogsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method AuditLogs not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaGetModel(context.Context, *FgaGetModelRequest) (*FgaGetModelResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaGetModel not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaWriteModel(context.Context, *FgaWriteModelRequest) (*FgaWriteModelResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaWriteModel not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaWriteTuples(context.Context, *FgaWriteTuplesRequest) (*FgaWriteTuplesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaWriteTuples not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaDeleteTuples(context.Context, *FgaDeleteTuplesRequest) (*FgaDeleteTuplesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaDeleteTuples not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaReadTuples(context.Context, *FgaReadTuplesRequest) (*FgaReadTuplesResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaReadTuples not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaListUsers(context.Context, *FgaListUsersRequest) (*FgaListUsersResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaListUsers not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaExpand(context.Context, *FgaExpandRequest) (*FgaExpandResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaExpand not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) FgaReset(context.Context, *FgaResetRequest) (*FgaResetResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method FgaReset not implemented") +} +func (UnimplementedAuthorizerAdminServiceServer) testEmbeddedByValue() {} + +// UnsafeAuthorizerAdminServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AuthorizerAdminServiceServer will +// result in compilation errors. +type UnsafeAuthorizerAdminServiceServer interface { + mustEmbedUnimplementedAuthorizerAdminServiceServer() +} + +func RegisterAuthorizerAdminServiceServer(s grpc.ServiceRegistrar, srv AuthorizerAdminServiceServer) { + // If the following call pancis, it indicates UnimplementedAuthorizerAdminServiceServer was + // embedded by pointer and is nil. This will cause panics if an + // unimplemented method is ever invoked, so we test this at initialization + // time to prevent it from happening at runtime later due to I/O. + if t, ok := srv.(interface{ testEmbeddedByValue() }); ok { + t.testEmbeddedByValue() + } + s.RegisterService(&AuthorizerAdminService_ServiceDesc, srv) +} + +func _AuthorizerAdminService_AdminLogin_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AdminLoginRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AdminLogin(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AdminLogin_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AdminLogin(ctx, req.(*AdminLoginRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_AdminLogout_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AdminLogoutRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AdminLogout(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AdminLogout_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AdminLogout(ctx, req.(*AdminLogoutRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_AdminSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AdminSessionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AdminSession(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AdminSession_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AdminSession(ctx, req.(*AdminSessionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_AdminMeta_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AdminMetaRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AdminMeta(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AdminMeta_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AdminMeta(ctx, req.(*AdminMetaRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_Users_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UsersRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).Users(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_Users_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).Users(ctx, req.(*UsersRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_User_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UserRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).User(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_User_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).User(ctx, req.(*UserRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_UpdateUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateUserRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).UpdateUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_UpdateUser_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).UpdateUser(ctx, req.(*UpdateUserRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_DeleteUser_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteUserRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).DeleteUser(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_DeleteUser_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).DeleteUser(ctx, req.(*DeleteUserRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_VerificationRequests_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(VerificationRequestsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).VerificationRequests(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_VerificationRequests_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).VerificationRequests(ctx, req.(*VerificationRequestsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_RevokeAccess_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(RevokeAccessRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).RevokeAccess(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_RevokeAccess_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).RevokeAccess(ctx, req.(*RevokeAccessRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_EnableAccess_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EnableAccessRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).EnableAccess(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_EnableAccess_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).EnableAccess(ctx, req.(*EnableAccessRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_InviteMembers_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(InviteMembersRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).InviteMembers(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_InviteMembers_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).InviteMembers(ctx, req.(*InviteMembersRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_AddWebhook_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AddWebhookRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AddWebhook(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AddWebhook_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AddWebhook(ctx, req.(*AddWebhookRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_UpdateWebhook_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateWebhookRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).UpdateWebhook(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_UpdateWebhook_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).UpdateWebhook(ctx, req.(*UpdateWebhookRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_DeleteWebhook_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteWebhookRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).DeleteWebhook(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_DeleteWebhook_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).DeleteWebhook(ctx, req.(*DeleteWebhookRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_GetWebhook_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(GetWebhookRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).GetWebhook(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_GetWebhook_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).GetWebhook(ctx, req.(*GetWebhookRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_Webhooks_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(WebhooksRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).Webhooks(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_Webhooks_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).Webhooks(ctx, req.(*WebhooksRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_WebhookLogs_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(WebhookLogsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).WebhookLogs(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_WebhookLogs_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).WebhookLogs(ctx, req.(*WebhookLogsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_TestEndpoint_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(TestEndpointRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).TestEndpoint(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_TestEndpoint_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).TestEndpoint(ctx, req.(*TestEndpointRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_AddEmailTemplate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AddEmailTemplateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AddEmailTemplate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AddEmailTemplate_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AddEmailTemplate(ctx, req.(*AddEmailTemplateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_UpdateEmailTemplate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateEmailTemplateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).UpdateEmailTemplate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_UpdateEmailTemplate_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).UpdateEmailTemplate(ctx, req.(*UpdateEmailTemplateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_DeleteEmailTemplate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteEmailTemplateRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).DeleteEmailTemplate(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_DeleteEmailTemplate_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).DeleteEmailTemplate(ctx, req.(*DeleteEmailTemplateRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_EmailTemplates_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(EmailTemplatesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).EmailTemplates(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_EmailTemplates_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).EmailTemplates(ctx, req.(*EmailTemplatesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_AuditLogs_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(AuditLogsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).AuditLogs(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_AuditLogs_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).AuditLogs(ctx, req.(*AuditLogsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaGetModel_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaGetModelRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaGetModel(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaGetModel_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaGetModel(ctx, req.(*FgaGetModelRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaWriteModel_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaWriteModelRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaWriteModel(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaWriteModel_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaWriteModel(ctx, req.(*FgaWriteModelRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaWriteTuples_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaWriteTuplesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaWriteTuples(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaWriteTuples_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaWriteTuples(ctx, req.(*FgaWriteTuplesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaDeleteTuples_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaDeleteTuplesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaDeleteTuples(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaDeleteTuples_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaDeleteTuples(ctx, req.(*FgaDeleteTuplesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaReadTuples_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaReadTuplesRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaReadTuples(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaReadTuples_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaReadTuples(ctx, req.(*FgaReadTuplesRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaListUsers_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaListUsersRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaListUsers(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaListUsers_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaListUsers(ctx, req.(*FgaListUsersRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaExpand_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaExpandRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaExpand(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaExpand_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaExpand(ctx, req.(*FgaExpandRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerAdminService_FgaReset_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(FgaResetRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerAdminServiceServer).FgaReset(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerAdminService_FgaReset_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerAdminServiceServer).FgaReset(ctx, req.(*FgaResetRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// AuthorizerAdminService_ServiceDesc is the grpc.ServiceDesc for AuthorizerAdminService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var AuthorizerAdminService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "authorizer.v1.AuthorizerAdminService", + HandlerType: (*AuthorizerAdminServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "AdminLogin", + Handler: _AuthorizerAdminService_AdminLogin_Handler, + }, + { + MethodName: "AdminLogout", + Handler: _AuthorizerAdminService_AdminLogout_Handler, + }, + { + MethodName: "AdminSession", + Handler: _AuthorizerAdminService_AdminSession_Handler, + }, + { + MethodName: "AdminMeta", + Handler: _AuthorizerAdminService_AdminMeta_Handler, + }, + { + MethodName: "Users", + Handler: _AuthorizerAdminService_Users_Handler, + }, + { + MethodName: "User", + Handler: _AuthorizerAdminService_User_Handler, + }, + { + MethodName: "UpdateUser", + Handler: _AuthorizerAdminService_UpdateUser_Handler, + }, + { + MethodName: "DeleteUser", + Handler: _AuthorizerAdminService_DeleteUser_Handler, + }, + { + MethodName: "VerificationRequests", + Handler: _AuthorizerAdminService_VerificationRequests_Handler, + }, + { + MethodName: "RevokeAccess", + Handler: _AuthorizerAdminService_RevokeAccess_Handler, + }, + { + MethodName: "EnableAccess", + Handler: _AuthorizerAdminService_EnableAccess_Handler, + }, + { + MethodName: "InviteMembers", + Handler: _AuthorizerAdminService_InviteMembers_Handler, + }, + { + MethodName: "AddWebhook", + Handler: _AuthorizerAdminService_AddWebhook_Handler, + }, + { + MethodName: "UpdateWebhook", + Handler: _AuthorizerAdminService_UpdateWebhook_Handler, + }, + { + MethodName: "DeleteWebhook", + Handler: _AuthorizerAdminService_DeleteWebhook_Handler, + }, + { + MethodName: "GetWebhook", + Handler: _AuthorizerAdminService_GetWebhook_Handler, + }, + { + MethodName: "Webhooks", + Handler: _AuthorizerAdminService_Webhooks_Handler, + }, + { + MethodName: "WebhookLogs", + Handler: _AuthorizerAdminService_WebhookLogs_Handler, + }, + { + MethodName: "TestEndpoint", + Handler: _AuthorizerAdminService_TestEndpoint_Handler, + }, + { + MethodName: "AddEmailTemplate", + Handler: _AuthorizerAdminService_AddEmailTemplate_Handler, + }, + { + MethodName: "UpdateEmailTemplate", + Handler: _AuthorizerAdminService_UpdateEmailTemplate_Handler, + }, + { + MethodName: "DeleteEmailTemplate", + Handler: _AuthorizerAdminService_DeleteEmailTemplate_Handler, + }, + { + MethodName: "EmailTemplates", + Handler: _AuthorizerAdminService_EmailTemplates_Handler, + }, + { + MethodName: "AuditLogs", + Handler: _AuthorizerAdminService_AuditLogs_Handler, + }, + { + MethodName: "FgaGetModel", + Handler: _AuthorizerAdminService_FgaGetModel_Handler, + }, + { + MethodName: "FgaWriteModel", + Handler: _AuthorizerAdminService_FgaWriteModel_Handler, + }, + { + MethodName: "FgaWriteTuples", + Handler: _AuthorizerAdminService_FgaWriteTuples_Handler, + }, + { + MethodName: "FgaDeleteTuples", + Handler: _AuthorizerAdminService_FgaDeleteTuples_Handler, + }, + { + MethodName: "FgaReadTuples", + Handler: _AuthorizerAdminService_FgaReadTuples_Handler, + }, + { + MethodName: "FgaListUsers", + Handler: _AuthorizerAdminService_FgaListUsers_Handler, + }, + { + MethodName: "FgaExpand", + Handler: _AuthorizerAdminService_FgaExpand_Handler, + }, + { + MethodName: "FgaReset", + Handler: _AuthorizerAdminService_FgaReset_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "authorizer/v1/admin.proto", +} diff --git a/internal/genpb/authorizer/v1/annotations.pb.go b/internal/genpb/authorizer/v1/annotations.pb.go new file mode 100644 index 0000000..7e4662d --- /dev/null +++ b/internal/genpb/authorizer/v1/annotations.pb.go @@ -0,0 +1,331 @@ +// proto/authorizer/v1/annotations.proto +// +// Custom proto options that decorate Authorizer service methods with +// authorization, audit, MCP-exposure, and visibility metadata. +// +// All options live on MethodOptions and are read at runtime by the gRPC +// server (auth/permission/audit interceptors) and by the MCP server, and +// at codegen time by the OpenAPI generator. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/annotations.proto + +package authorizerv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + descriptorpb "google.golang.org/protobuf/types/descriptorpb" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// PermissionRequirement names one (resource, scope) pair the caller must hold +// to invoke the RPC. Multiple values on a method are AND-combined (the caller +// must hold *all* of them); to express OR semantics, list the alternatives in +// a single PermissionRequirement with a wildcard scope and let the policy +// engine evaluate. +type PermissionRequirement struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Resource name as registered in the authz subsystem (e.g. "user", + // "webhook"). Required. + Resource string `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"` + // Scope name (e.g. "read", "write", "delete"). Required. + Scope string `protobuf:"bytes,2,opt,name=scope,proto3" json:"scope,omitempty"` +} + +func (x *PermissionRequirement) Reset() { + *x = PermissionRequirement{} + mi := &file_authorizer_v1_annotations_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PermissionRequirement) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PermissionRequirement) ProtoMessage() {} + +func (x *PermissionRequirement) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_annotations_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PermissionRequirement.ProtoReflect.Descriptor instead. +func (*PermissionRequirement) Descriptor() ([]byte, []int) { + return file_authorizer_v1_annotations_proto_rawDescGZIP(), []int{0} +} + +func (x *PermissionRequirement) GetResource() string { + if x != nil { + return x.Resource + } + return "" +} + +func (x *PermissionRequirement) GetScope() string { + if x != nil { + return x.Scope + } + return "" +} + +// McpTool marks an RPC as exposed via the Authorizer MCP server. +// Defaults to "not exposed" when the option is absent. +type McpTool struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Whether the RPC is reachable as an MCP tool. Default false. + Exposed bool `protobuf:"varint,1,opt,name=exposed,proto3" json:"exposed,omitempty"` + // Optional override for the tool name surfaced to MCP clients. When unset, + // the snake_case form of the RPC method name is used. + ToolName string `protobuf:"bytes,2,opt,name=tool_name,json=toolName,proto3" json:"tool_name,omitempty"` + // Hint to the MCP host that the tool mutates state in a way that warrants + // explicit user confirmation (e.g. delete operations). + Destructive bool `protobuf:"varint,3,opt,name=destructive,proto3" json:"destructive,omitempty"` +} + +func (x *McpTool) Reset() { + *x = McpTool{} + mi := &file_authorizer_v1_annotations_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *McpTool) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*McpTool) ProtoMessage() {} + +func (x *McpTool) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_annotations_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use McpTool.ProtoReflect.Descriptor instead. +func (*McpTool) Descriptor() ([]byte, []int) { + return file_authorizer_v1_annotations_proto_rawDescGZIP(), []int{1} +} + +func (x *McpTool) GetExposed() bool { + if x != nil { + return x.Exposed + } + return false +} + +func (x *McpTool) GetToolName() string { + if x != nil { + return x.ToolName + } + return "" +} + +func (x *McpTool) GetDestructive() bool { + if x != nil { + return x.Destructive + } + return false +} + +var file_authorizer_v1_annotations_proto_extTypes = []protoimpl.ExtensionInfo{ + { + ExtendedType: (*descriptorpb.MethodOptions)(nil), + ExtensionType: ([]*PermissionRequirement)(nil), + Field: 50001, + Name: "authorizer.v1.required_permissions", + Tag: "bytes,50001,rep,name=required_permissions", + Filename: "authorizer/v1/annotations.proto", + }, + { + ExtendedType: (*descriptorpb.MethodOptions)(nil), + ExtensionType: (*McpTool)(nil), + Field: 50002, + Name: "authorizer.v1.mcp_tool", + Tag: "bytes,50002,opt,name=mcp_tool", + Filename: "authorizer/v1/annotations.proto", + }, + { + ExtendedType: (*descriptorpb.MethodOptions)(nil), + ExtensionType: (*bool)(nil), + Field: 50003, + Name: "authorizer.v1.audit_log", + Tag: "varint,50003,opt,name=audit_log", + Filename: "authorizer/v1/annotations.proto", + }, + { + ExtendedType: (*descriptorpb.MethodOptions)(nil), + ExtensionType: (*bool)(nil), + Field: 50004, + Name: "authorizer.v1.public", + Tag: "varint,50004,opt,name=public", + Filename: "authorizer/v1/annotations.proto", + }, +} + +// Extension fields to descriptorpb.MethodOptions. +var ( + // All permissions the caller must hold (AND). Empty means "no authz check + // beyond the auth interceptor". + // + // repeated authorizer.v1.PermissionRequirement required_permissions = 50001; + E_RequiredPermissions = &file_authorizer_v1_annotations_proto_extTypes[0] + // MCP-tool exposure metadata; absent means "not exposed". + // + // optional authorizer.v1.McpTool mcp_tool = 50002; + E_McpTool = &file_authorizer_v1_annotations_proto_extTypes[1] + // When true, the audit interceptor records an entry for the invocation. + // + // optional bool audit_log = 50003; + E_AuditLog = &file_authorizer_v1_annotations_proto_extTypes[2] + // When true, the auth interceptor allows unauthenticated callers. Use for + // login, signup, magic-link request, password-reset request, etc. + // + // optional bool public = 50004; + E_Public = &file_authorizer_v1_annotations_proto_extTypes[3] +) + +var File_authorizer_v1_annotations_proto protoreflect.FileDescriptor + +var file_authorizer_v1_annotations_proto_rawDesc = []byte{ + 0x0a, 0x1f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x12, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x1a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x22, 0x49, 0x0a, 0x15, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, + 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, + 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, + 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x22, 0x62, 0x0a, + 0x07, 0x4d, 0x63, 0x70, 0x54, 0x6f, 0x6f, 0x6c, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x6f, + 0x73, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x65, 0x78, 0x70, 0x6f, 0x73, + 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x74, 0x6f, 0x6f, 0x6c, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x74, 0x6f, 0x6f, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x12, + 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x69, 0x76, + 0x65, 0x3a, 0x79, 0x0a, 0x14, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x70, 0x65, + 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xd1, 0x86, 0x03, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x13, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, + 0x64, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x3a, 0x53, 0x0a, 0x08, + 0x6d, 0x63, 0x70, 0x5f, 0x74, 0x6f, 0x6f, 0x6c, 0x12, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xd2, 0x86, 0x03, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x2e, 0x4d, 0x63, 0x70, 0x54, 0x6f, 0x6f, 0x6c, 0x52, 0x07, 0x6d, 0x63, 0x70, 0x54, 0x6f, 0x6f, + 0x6c, 0x3a, 0x3d, 0x0a, 0x09, 0x61, 0x75, 0x64, 0x69, 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x12, 0x1e, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xd3, + 0x86, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x61, 0x75, 0x64, 0x69, 0x74, 0x4c, 0x6f, 0x67, + 0x3a, 0x38, 0x0a, 0x06, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x12, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, + 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0xd4, 0x86, 0x03, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x06, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x42, 0xcc, 0x01, 0x0a, 0x11, 0x63, + 0x6f, 0x6d, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x42, 0x10, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x50, 0x72, 0x6f, + 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, + 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x64, 0x65, 0x76, 0x2f, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, 0x6f, 0x2f, 0x69, 0x6e, 0x74, + 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, 0x2f, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x0d, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x0d, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x19, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, + 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, +} + +var ( + file_authorizer_v1_annotations_proto_rawDescOnce sync.Once + file_authorizer_v1_annotations_proto_rawDescData = file_authorizer_v1_annotations_proto_rawDesc +) + +func file_authorizer_v1_annotations_proto_rawDescGZIP() []byte { + file_authorizer_v1_annotations_proto_rawDescOnce.Do(func() { + file_authorizer_v1_annotations_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_annotations_proto_rawDescData) + }) + return file_authorizer_v1_annotations_proto_rawDescData +} + +var file_authorizer_v1_annotations_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_authorizer_v1_annotations_proto_goTypes = []any{ + (*PermissionRequirement)(nil), // 0: authorizer.v1.PermissionRequirement + (*McpTool)(nil), // 1: authorizer.v1.McpTool + (*descriptorpb.MethodOptions)(nil), // 2: google.protobuf.MethodOptions +} +var file_authorizer_v1_annotations_proto_depIdxs = []int32{ + 2, // 0: authorizer.v1.required_permissions:extendee -> google.protobuf.MethodOptions + 2, // 1: authorizer.v1.mcp_tool:extendee -> google.protobuf.MethodOptions + 2, // 2: authorizer.v1.audit_log:extendee -> google.protobuf.MethodOptions + 2, // 3: authorizer.v1.public:extendee -> google.protobuf.MethodOptions + 0, // 4: authorizer.v1.required_permissions:type_name -> authorizer.v1.PermissionRequirement + 1, // 5: authorizer.v1.mcp_tool:type_name -> authorizer.v1.McpTool + 6, // [6:6] is the sub-list for method output_type + 6, // [6:6] is the sub-list for method input_type + 4, // [4:6] is the sub-list for extension type_name + 0, // [0:4] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_annotations_proto_init() } +func file_authorizer_v1_annotations_proto_init() { + if File_authorizer_v1_annotations_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_annotations_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 4, + NumServices: 0, + }, + GoTypes: file_authorizer_v1_annotations_proto_goTypes, + DependencyIndexes: file_authorizer_v1_annotations_proto_depIdxs, + MessageInfos: file_authorizer_v1_annotations_proto_msgTypes, + ExtensionInfos: file_authorizer_v1_annotations_proto_extTypes, + }.Build() + File_authorizer_v1_annotations_proto = out.File + file_authorizer_v1_annotations_proto_rawDesc = nil + file_authorizer_v1_annotations_proto_goTypes = nil + file_authorizer_v1_annotations_proto_depIdxs = nil +} diff --git a/internal/genpb/authorizer/v1/authorizer.pb.go b/internal/genpb/authorizer/v1/authorizer.pb.go new file mode 100644 index 0000000..f169026 --- /dev/null +++ b/internal/genpb/authorizer/v1/authorizer.pb.go @@ -0,0 +1,2667 @@ +// AuthorizerService is the single gRPC service that exposes Authorizer's +// public API. Method names match the GraphQL operation names 1:1 +// (snake_case in GraphQL → PascalCase in proto): Signup, Login, +// MagicLinkLogin, VerifyEmail, ResendVerifyEmail, ForgotPassword, +// ResetPassword, VerifyOtp, ResendOtp, UpdateProfile, DeactivateAccount, +// Revoke, Meta, Session, Profile, ValidateJwtToken, ValidateSession, +// CheckPermissions, ListPermissions, Logout. +// +// Why one service: clients consume a single typed client per language, +// discovery is trivial, and the surface mirrors the GraphQL one users +// already know. The trade-off is that we lose resource-oriented evolution +// (no `List/Get/Create` symmetry per resource) — acceptable for an auth +// surface where most operations are stateless verbs anyway. +// +// REST mapping follows a simple rule: +// - GET /v1/{method} when the request body is empty (Meta, Profile, +// Logout) +// - POST /v1/{method} otherwise + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/authorizer.proto + +package authorizerv1 + +import ( + _ "buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go/buf/validate" + _ "google.golang.org/genproto/googleapis/api/annotations" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type SignupRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + PhoneNumber string `protobuf:"bytes,2,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + Password string `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"` + ConfirmPassword string `protobuf:"bytes,4,opt,name=confirm_password,json=confirmPassword,proto3" json:"confirm_password,omitempty"` + GivenName string `protobuf:"bytes,5,opt,name=given_name,json=givenName,proto3" json:"given_name,omitempty"` + FamilyName string `protobuf:"bytes,6,opt,name=family_name,json=familyName,proto3" json:"family_name,omitempty"` + MiddleName string `protobuf:"bytes,7,opt,name=middle_name,json=middleName,proto3" json:"middle_name,omitempty"` + Nickname string `protobuf:"bytes,8,opt,name=nickname,proto3" json:"nickname,omitempty"` + Gender string `protobuf:"bytes,9,opt,name=gender,proto3" json:"gender,omitempty"` + Birthdate string `protobuf:"bytes,10,opt,name=birthdate,proto3" json:"birthdate,omitempty"` + Picture string `protobuf:"bytes,11,opt,name=picture,proto3" json:"picture,omitempty"` + Roles []string `protobuf:"bytes,12,rep,name=roles,proto3" json:"roles,omitempty"` + Scope []string `protobuf:"bytes,13,rep,name=scope,proto3" json:"scope,omitempty"` + RedirectUri string `protobuf:"bytes,14,opt,name=redirect_uri,json=redirectUri,proto3" json:"redirect_uri,omitempty"` + IsMultiFactorAuthEnabled bool `protobuf:"varint,15,opt,name=is_multi_factor_auth_enabled,json=isMultiFactorAuthEnabled,proto3" json:"is_multi_factor_auth_enabled,omitempty"` + State string `protobuf:"bytes,16,opt,name=state,proto3" json:"state,omitempty"` + AppData *AppData `protobuf:"bytes,17,opt,name=app_data,json=appData,proto3" json:"app_data,omitempty"` +} + +func (x *SignupRequest) Reset() { + *x = SignupRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SignupRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SignupRequest) ProtoMessage() {} + +func (x *SignupRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SignupRequest.ProtoReflect.Descriptor instead. +func (*SignupRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{0} +} + +func (x *SignupRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *SignupRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *SignupRequest) GetPassword() string { + if x != nil { + return x.Password + } + return "" +} + +func (x *SignupRequest) GetConfirmPassword() string { + if x != nil { + return x.ConfirmPassword + } + return "" +} + +func (x *SignupRequest) GetGivenName() string { + if x != nil { + return x.GivenName + } + return "" +} + +func (x *SignupRequest) GetFamilyName() string { + if x != nil { + return x.FamilyName + } + return "" +} + +func (x *SignupRequest) GetMiddleName() string { + if x != nil { + return x.MiddleName + } + return "" +} + +func (x *SignupRequest) GetNickname() string { + if x != nil { + return x.Nickname + } + return "" +} + +func (x *SignupRequest) GetGender() string { + if x != nil { + return x.Gender + } + return "" +} + +func (x *SignupRequest) GetBirthdate() string { + if x != nil { + return x.Birthdate + } + return "" +} + +func (x *SignupRequest) GetPicture() string { + if x != nil { + return x.Picture + } + return "" +} + +func (x *SignupRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *SignupRequest) GetScope() []string { + if x != nil { + return x.Scope + } + return nil +} + +func (x *SignupRequest) GetRedirectUri() string { + if x != nil { + return x.RedirectUri + } + return "" +} + +func (x *SignupRequest) GetIsMultiFactorAuthEnabled() bool { + if x != nil { + return x.IsMultiFactorAuthEnabled + } + return false +} + +func (x *SignupRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +func (x *SignupRequest) GetAppData() *AppData { + if x != nil { + return x.AppData + } + return nil +} + +type LoginRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + PhoneNumber string `protobuf:"bytes,2,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + Password string `protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"` + Roles []string `protobuf:"bytes,4,rep,name=roles,proto3" json:"roles,omitempty"` + Scope []string `protobuf:"bytes,5,rep,name=scope,proto3" json:"scope,omitempty"` + State string `protobuf:"bytes,6,opt,name=state,proto3" json:"state,omitempty"` +} + +func (x *LoginRequest) Reset() { + *x = LoginRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *LoginRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LoginRequest) ProtoMessage() {} + +func (x *LoginRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LoginRequest.ProtoReflect.Descriptor instead. +func (*LoginRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{1} +} + +func (x *LoginRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *LoginRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *LoginRequest) GetPassword() string { + if x != nil { + return x.Password + } + return "" +} + +func (x *LoginRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *LoginRequest) GetScope() []string { + if x != nil { + return x.Scope + } + return nil +} + +func (x *LoginRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +type LogoutRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *LogoutRequest) Reset() { + *x = LogoutRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *LogoutRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LogoutRequest) ProtoMessage() {} + +func (x *LogoutRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[2] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LogoutRequest.ProtoReflect.Descriptor instead. +func (*LogoutRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{2} +} + +type LogoutResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *LogoutResponse) Reset() { + *x = LogoutResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *LogoutResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*LogoutResponse) ProtoMessage() {} + +func (x *LogoutResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use LogoutResponse.ProtoReflect.Descriptor instead. +func (*LogoutResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{3} +} + +func (x *LogoutResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type MagicLinkLoginRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"` + Scope []string `protobuf:"bytes,3,rep,name=scope,proto3" json:"scope,omitempty"` + State string `protobuf:"bytes,4,opt,name=state,proto3" json:"state,omitempty"` + RedirectUri string `protobuf:"bytes,5,opt,name=redirect_uri,json=redirectUri,proto3" json:"redirect_uri,omitempty"` +} + +func (x *MagicLinkLoginRequest) Reset() { + *x = MagicLinkLoginRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *MagicLinkLoginRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*MagicLinkLoginRequest) ProtoMessage() {} + +func (x *MagicLinkLoginRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use MagicLinkLoginRequest.ProtoReflect.Descriptor instead. +func (*MagicLinkLoginRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{4} +} + +func (x *MagicLinkLoginRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *MagicLinkLoginRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *MagicLinkLoginRequest) GetScope() []string { + if x != nil { + return x.Scope + } + return nil +} + +func (x *MagicLinkLoginRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +func (x *MagicLinkLoginRequest) GetRedirectUri() string { + if x != nil { + return x.RedirectUri + } + return "" +} + +type MagicLinkLoginResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *MagicLinkLoginResponse) Reset() { + *x = MagicLinkLoginResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *MagicLinkLoginResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*MagicLinkLoginResponse) ProtoMessage() {} + +func (x *MagicLinkLoginResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[5] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use MagicLinkLoginResponse.ProtoReflect.Descriptor instead. +func (*MagicLinkLoginResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{5} +} + +func (x *MagicLinkLoginResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type VerifyEmailRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` + State string `protobuf:"bytes,2,opt,name=state,proto3" json:"state,omitempty"` +} + +func (x *VerifyEmailRequest) Reset() { + *x = VerifyEmailRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *VerifyEmailRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*VerifyEmailRequest) ProtoMessage() {} + +func (x *VerifyEmailRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[6] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use VerifyEmailRequest.ProtoReflect.Descriptor instead. +func (*VerifyEmailRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{6} +} + +func (x *VerifyEmailRequest) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +func (x *VerifyEmailRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +type ResendVerifyEmailRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + Identifier string `protobuf:"bytes,2,opt,name=identifier,proto3" json:"identifier,omitempty"` + State string `protobuf:"bytes,3,opt,name=state,proto3" json:"state,omitempty"` +} + +func (x *ResendVerifyEmailRequest) Reset() { + *x = ResendVerifyEmailRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResendVerifyEmailRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResendVerifyEmailRequest) ProtoMessage() {} + +func (x *ResendVerifyEmailRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResendVerifyEmailRequest.ProtoReflect.Descriptor instead. +func (*ResendVerifyEmailRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{7} +} + +func (x *ResendVerifyEmailRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *ResendVerifyEmailRequest) GetIdentifier() string { + if x != nil { + return x.Identifier + } + return "" +} + +func (x *ResendVerifyEmailRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +type ResendVerifyEmailResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *ResendVerifyEmailResponse) Reset() { + *x = ResendVerifyEmailResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResendVerifyEmailResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResendVerifyEmailResponse) ProtoMessage() {} + +func (x *ResendVerifyEmailResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResendVerifyEmailResponse.ProtoReflect.Descriptor instead. +func (*ResendVerifyEmailResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{8} +} + +func (x *ResendVerifyEmailResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type VerifyOtpRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Exactly one of email / phone_number is required. + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + PhoneNumber string `protobuf:"bytes,2,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + Otp string `protobuf:"bytes,3,opt,name=otp,proto3" json:"otp,omitempty"` + IsTotp bool `protobuf:"varint,4,opt,name=is_totp,json=isTotp,proto3" json:"is_totp,omitempty"` + State string `protobuf:"bytes,5,opt,name=state,proto3" json:"state,omitempty"` +} + +func (x *VerifyOtpRequest) Reset() { + *x = VerifyOtpRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *VerifyOtpRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*VerifyOtpRequest) ProtoMessage() {} + +func (x *VerifyOtpRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[9] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use VerifyOtpRequest.ProtoReflect.Descriptor instead. +func (*VerifyOtpRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{9} +} + +func (x *VerifyOtpRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *VerifyOtpRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *VerifyOtpRequest) GetOtp() string { + if x != nil { + return x.Otp + } + return "" +} + +func (x *VerifyOtpRequest) GetIsTotp() bool { + if x != nil { + return x.IsTotp + } + return false +} + +func (x *VerifyOtpRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +type ResendOtpRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + PhoneNumber string `protobuf:"bytes,2,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + State string `protobuf:"bytes,3,opt,name=state,proto3" json:"state,omitempty"` +} + +func (x *ResendOtpRequest) Reset() { + *x = ResendOtpRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResendOtpRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResendOtpRequest) ProtoMessage() {} + +func (x *ResendOtpRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[10] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResendOtpRequest.ProtoReflect.Descriptor instead. +func (*ResendOtpRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{10} +} + +func (x *ResendOtpRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *ResendOtpRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *ResendOtpRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +type ResendOtpResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *ResendOtpResponse) Reset() { + *x = ResendOtpResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResendOtpResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResendOtpResponse) ProtoMessage() {} + +func (x *ResendOtpResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[11] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResendOtpResponse.ProtoReflect.Descriptor instead. +func (*ResendOtpResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{11} +} + +func (x *ResendOtpResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type ForgotPasswordRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Email string `protobuf:"bytes,1,opt,name=email,proto3" json:"email,omitempty"` + PhoneNumber string `protobuf:"bytes,2,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + State string `protobuf:"bytes,3,opt,name=state,proto3" json:"state,omitempty"` + RedirectUri string `protobuf:"bytes,4,opt,name=redirect_uri,json=redirectUri,proto3" json:"redirect_uri,omitempty"` +} + +func (x *ForgotPasswordRequest) Reset() { + *x = ForgotPasswordRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ForgotPasswordRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ForgotPasswordRequest) ProtoMessage() {} + +func (x *ForgotPasswordRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ForgotPasswordRequest.ProtoReflect.Descriptor instead. +func (*ForgotPasswordRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{12} +} + +func (x *ForgotPasswordRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *ForgotPasswordRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *ForgotPasswordRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +func (x *ForgotPasswordRequest) GetRedirectUri() string { + if x != nil { + return x.RedirectUri + } + return "" +} + +type ForgotPasswordResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` + // For SMS-driven flows the UI may need to render an OTP entry screen. + ShouldShowMobileOtpScreen bool `protobuf:"varint,2,opt,name=should_show_mobile_otp_screen,json=shouldShowMobileOtpScreen,proto3" json:"should_show_mobile_otp_screen,omitempty"` +} + +func (x *ForgotPasswordResponse) Reset() { + *x = ForgotPasswordResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ForgotPasswordResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ForgotPasswordResponse) ProtoMessage() {} + +func (x *ForgotPasswordResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ForgotPasswordResponse.ProtoReflect.Descriptor instead. +func (*ForgotPasswordResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{13} +} + +func (x *ForgotPasswordResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *ForgotPasswordResponse) GetShouldShowMobileOtpScreen() bool { + if x != nil { + return x.ShouldShowMobileOtpScreen + } + return false +} + +type ResetPasswordRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // For email flows: the token from the reset email. For SMS flows: the OTP. + Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"` + Otp string `protobuf:"bytes,2,opt,name=otp,proto3" json:"otp,omitempty"` + PhoneNumber string `protobuf:"bytes,3,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + Password string `protobuf:"bytes,4,opt,name=password,proto3" json:"password,omitempty"` + ConfirmPassword string `protobuf:"bytes,5,opt,name=confirm_password,json=confirmPassword,proto3" json:"confirm_password,omitempty"` +} + +func (x *ResetPasswordRequest) Reset() { + *x = ResetPasswordRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResetPasswordRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResetPasswordRequest) ProtoMessage() {} + +func (x *ResetPasswordRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[14] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResetPasswordRequest.ProtoReflect.Descriptor instead. +func (*ResetPasswordRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{14} +} + +func (x *ResetPasswordRequest) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +func (x *ResetPasswordRequest) GetOtp() string { + if x != nil { + return x.Otp + } + return "" +} + +func (x *ResetPasswordRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *ResetPasswordRequest) GetPassword() string { + if x != nil { + return x.Password + } + return "" +} + +func (x *ResetPasswordRequest) GetConfirmPassword() string { + if x != nil { + return x.ConfirmPassword + } + return "" +} + +type ResetPasswordResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *ResetPasswordResponse) Reset() { + *x = ResetPasswordResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResetPasswordResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResetPasswordResponse) ProtoMessage() {} + +func (x *ResetPasswordResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[15] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResetPasswordResponse.ProtoReflect.Descriptor instead. +func (*ResetPasswordResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{15} +} + +func (x *ResetPasswordResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type ProfileRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *ProfileRequest) Reset() { + *x = ProfileRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[16] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ProfileRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ProfileRequest) ProtoMessage() {} + +func (x *ProfileRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[16] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ProfileRequest.ProtoReflect.Descriptor instead. +func (*ProfileRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{16} +} + +type UpdateProfileRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + OldPassword string `protobuf:"bytes,1,opt,name=old_password,json=oldPassword,proto3" json:"old_password,omitempty"` + NewPassword string `protobuf:"bytes,2,opt,name=new_password,json=newPassword,proto3" json:"new_password,omitempty"` + ConfirmNewPassword string `protobuf:"bytes,3,opt,name=confirm_new_password,json=confirmNewPassword,proto3" json:"confirm_new_password,omitempty"` + Email string `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"` + GivenName string `protobuf:"bytes,5,opt,name=given_name,json=givenName,proto3" json:"given_name,omitempty"` + FamilyName string `protobuf:"bytes,6,opt,name=family_name,json=familyName,proto3" json:"family_name,omitempty"` + MiddleName string `protobuf:"bytes,7,opt,name=middle_name,json=middleName,proto3" json:"middle_name,omitempty"` + Nickname string `protobuf:"bytes,8,opt,name=nickname,proto3" json:"nickname,omitempty"` + Gender string `protobuf:"bytes,9,opt,name=gender,proto3" json:"gender,omitempty"` + Birthdate string `protobuf:"bytes,10,opt,name=birthdate,proto3" json:"birthdate,omitempty"` + PhoneNumber string `protobuf:"bytes,11,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + Picture string `protobuf:"bytes,12,opt,name=picture,proto3" json:"picture,omitempty"` + // optional: absent means "leave MFA unchanged"; present false explicitly + // disables MFA. A non-optional bool would make every partial update send + // false and silently disable MFA. + IsMultiFactorAuthEnabled *bool `protobuf:"varint,13,opt,name=is_multi_factor_auth_enabled,json=isMultiFactorAuthEnabled,proto3,oneof" json:"is_multi_factor_auth_enabled,omitempty"` + AppData *AppData `protobuf:"bytes,14,opt,name=app_data,json=appData,proto3" json:"app_data,omitempty"` +} + +func (x *UpdateProfileRequest) Reset() { + *x = UpdateProfileRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateProfileRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateProfileRequest) ProtoMessage() {} + +func (x *UpdateProfileRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[17] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateProfileRequest.ProtoReflect.Descriptor instead. +func (*UpdateProfileRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{17} +} + +func (x *UpdateProfileRequest) GetOldPassword() string { + if x != nil { + return x.OldPassword + } + return "" +} + +func (x *UpdateProfileRequest) GetNewPassword() string { + if x != nil { + return x.NewPassword + } + return "" +} + +func (x *UpdateProfileRequest) GetConfirmNewPassword() string { + if x != nil { + return x.ConfirmNewPassword + } + return "" +} + +func (x *UpdateProfileRequest) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *UpdateProfileRequest) GetGivenName() string { + if x != nil { + return x.GivenName + } + return "" +} + +func (x *UpdateProfileRequest) GetFamilyName() string { + if x != nil { + return x.FamilyName + } + return "" +} + +func (x *UpdateProfileRequest) GetMiddleName() string { + if x != nil { + return x.MiddleName + } + return "" +} + +func (x *UpdateProfileRequest) GetNickname() string { + if x != nil { + return x.Nickname + } + return "" +} + +func (x *UpdateProfileRequest) GetGender() string { + if x != nil { + return x.Gender + } + return "" +} + +func (x *UpdateProfileRequest) GetBirthdate() string { + if x != nil { + return x.Birthdate + } + return "" +} + +func (x *UpdateProfileRequest) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *UpdateProfileRequest) GetPicture() string { + if x != nil { + return x.Picture + } + return "" +} + +func (x *UpdateProfileRequest) GetIsMultiFactorAuthEnabled() bool { + if x != nil && x.IsMultiFactorAuthEnabled != nil { + return *x.IsMultiFactorAuthEnabled + } + return false +} + +func (x *UpdateProfileRequest) GetAppData() *AppData { + if x != nil { + return x.AppData + } + return nil +} + +type UpdateProfileResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *UpdateProfileResponse) Reset() { + *x = UpdateProfileResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[18] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *UpdateProfileResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*UpdateProfileResponse) ProtoMessage() {} + +func (x *UpdateProfileResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[18] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use UpdateProfileResponse.ProtoReflect.Descriptor instead. +func (*UpdateProfileResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{18} +} + +func (x *UpdateProfileResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type DeactivateAccountRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *DeactivateAccountRequest) Reset() { + *x = DeactivateAccountRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[19] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeactivateAccountRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeactivateAccountRequest) ProtoMessage() {} + +func (x *DeactivateAccountRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[19] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeactivateAccountRequest.ProtoReflect.Descriptor instead. +func (*DeactivateAccountRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{19} +} + +type DeactivateAccountResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *DeactivateAccountResponse) Reset() { + *x = DeactivateAccountResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[20] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *DeactivateAccountResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*DeactivateAccountResponse) ProtoMessage() {} + +func (x *DeactivateAccountResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[20] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use DeactivateAccountResponse.ProtoReflect.Descriptor instead. +func (*DeactivateAccountResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{20} +} + +func (x *DeactivateAccountResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type RevokeRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + RefreshToken string `protobuf:"bytes,1,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` +} + +func (x *RevokeRequest) Reset() { + *x = RevokeRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[21] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *RevokeRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeRequest) ProtoMessage() {} + +func (x *RevokeRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[21] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeRequest.ProtoReflect.Descriptor instead. +func (*RevokeRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{21} +} + +func (x *RevokeRequest) GetRefreshToken() string { + if x != nil { + return x.RefreshToken + } + return "" +} + +type RevokeResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` +} + +func (x *RevokeResponse) Reset() { + *x = RevokeResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[22] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *RevokeResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RevokeResponse) ProtoMessage() {} + +func (x *RevokeResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[22] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RevokeResponse.ProtoReflect.Descriptor instead. +func (*RevokeResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{22} +} + +func (x *RevokeResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +type SessionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Roles []string `protobuf:"bytes,1,rep,name=roles,proto3" json:"roles,omitempty"` + Scope []string `protobuf:"bytes,2,rep,name=scope,proto3" json:"scope,omitempty"` + State string `protobuf:"bytes,3,opt,name=state,proto3" json:"state,omitempty"` + // Optional fine-grained authorization gate: each (relation, object) is + // checked against the authenticated caller with AND semantics, fail-closed. + // Requires fine-grained authorization enabled (--fga-store). + RequiredRelations []*FgaRelationInput `protobuf:"bytes,4,rep,name=required_relations,json=requiredRelations,proto3" json:"required_relations,omitempty"` +} + +func (x *SessionRequest) Reset() { + *x = SessionRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[23] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SessionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SessionRequest) ProtoMessage() {} + +func (x *SessionRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[23] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SessionRequest.ProtoReflect.Descriptor instead. +func (*SessionRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{23} +} + +func (x *SessionRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *SessionRequest) GetScope() []string { + if x != nil { + return x.Scope + } + return nil +} + +func (x *SessionRequest) GetState() string { + if x != nil { + return x.State + } + return "" +} + +func (x *SessionRequest) GetRequiredRelations() []*FgaRelationInput { + if x != nil { + return x.RequiredRelations + } + return nil +} + +type ValidateJwtTokenRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + TokenType string `protobuf:"bytes,1,opt,name=token_type,json=tokenType,proto3" json:"token_type,omitempty"` + Token string `protobuf:"bytes,2,opt,name=token,proto3" json:"token,omitempty"` + Roles []string `protobuf:"bytes,3,rep,name=roles,proto3" json:"roles,omitempty"` + // Optional fine-grained authorization gate (AND semantics, fail-closed). + RequiredRelations []*FgaRelationInput `protobuf:"bytes,4,rep,name=required_relations,json=requiredRelations,proto3" json:"required_relations,omitempty"` +} + +func (x *ValidateJwtTokenRequest) Reset() { + *x = ValidateJwtTokenRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[24] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ValidateJwtTokenRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateJwtTokenRequest) ProtoMessage() {} + +func (x *ValidateJwtTokenRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[24] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateJwtTokenRequest.ProtoReflect.Descriptor instead. +func (*ValidateJwtTokenRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{24} +} + +func (x *ValidateJwtTokenRequest) GetTokenType() string { + if x != nil { + return x.TokenType + } + return "" +} + +func (x *ValidateJwtTokenRequest) GetToken() string { + if x != nil { + return x.Token + } + return "" +} + +func (x *ValidateJwtTokenRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *ValidateJwtTokenRequest) GetRequiredRelations() []*FgaRelationInput { + if x != nil { + return x.RequiredRelations + } + return nil +} + +type ValidateJwtTokenResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + IsValid bool `protobuf:"varint,1,opt,name=is_valid,json=isValid,proto3" json:"is_valid,omitempty"` + // Free-form JWT claims (matches GraphQL ValidateJWTTokenResponse.claims). + Claims *AppData `protobuf:"bytes,2,opt,name=claims,proto3" json:"claims,omitempty"` +} + +func (x *ValidateJwtTokenResponse) Reset() { + *x = ValidateJwtTokenResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[25] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ValidateJwtTokenResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateJwtTokenResponse) ProtoMessage() {} + +func (x *ValidateJwtTokenResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[25] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateJwtTokenResponse.ProtoReflect.Descriptor instead. +func (*ValidateJwtTokenResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{25} +} + +func (x *ValidateJwtTokenResponse) GetIsValid() bool { + if x != nil { + return x.IsValid + } + return false +} + +func (x *ValidateJwtTokenResponse) GetClaims() *AppData { + if x != nil { + return x.Claims + } + return nil +} + +type ValidateSessionRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Cookie string `protobuf:"bytes,1,opt,name=cookie,proto3" json:"cookie,omitempty"` + Roles []string `protobuf:"bytes,2,rep,name=roles,proto3" json:"roles,omitempty"` + // Optional fine-grained authorization gate (AND semantics, fail-closed). + RequiredRelations []*FgaRelationInput `protobuf:"bytes,3,rep,name=required_relations,json=requiredRelations,proto3" json:"required_relations,omitempty"` +} + +func (x *ValidateSessionRequest) Reset() { + *x = ValidateSessionRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[26] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ValidateSessionRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateSessionRequest) ProtoMessage() {} + +func (x *ValidateSessionRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[26] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateSessionRequest.ProtoReflect.Descriptor instead. +func (*ValidateSessionRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{26} +} + +func (x *ValidateSessionRequest) GetCookie() string { + if x != nil { + return x.Cookie + } + return "" +} + +func (x *ValidateSessionRequest) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *ValidateSessionRequest) GetRequiredRelations() []*FgaRelationInput { + if x != nil { + return x.RequiredRelations + } + return nil +} + +type ValidateSessionResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + IsValid bool `protobuf:"varint,1,opt,name=is_valid,json=isValid,proto3" json:"is_valid,omitempty"` + User *User `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` +} + +func (x *ValidateSessionResponse) Reset() { + *x = ValidateSessionResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[27] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ValidateSessionResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ValidateSessionResponse) ProtoMessage() {} + +func (x *ValidateSessionResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[27] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ValidateSessionResponse.ProtoReflect.Descriptor instead. +func (*ValidateSessionResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{27} +} + +func (x *ValidateSessionResponse) GetIsValid() bool { + if x != nil { + return x.IsValid + } + return false +} + +func (x *ValidateSessionResponse) GetUser() *User { + if x != nil { + return x.User + } + return nil +} + +type MetaRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields +} + +func (x *MetaRequest) Reset() { + *x = MetaRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[28] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *MetaRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*MetaRequest) ProtoMessage() {} + +func (x *MetaRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[28] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use MetaRequest.ProtoReflect.Descriptor instead. +func (*MetaRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{28} +} + +type CheckPermissionsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // The checks to evaluate; at least one, at most 100. + Checks []*PermissionCheckInput `protobuf:"bytes,1,rep,name=checks,proto3" json:"checks,omitempty"` + // Optional explicit subject ("type:id", or a bare id treated as + // "user:"). Honored only for super-admins or when it equals the + // caller's own token subject; anything else is rejected. + User string `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"` +} + +func (x *CheckPermissionsRequest) Reset() { + *x = CheckPermissionsRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[29] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CheckPermissionsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CheckPermissionsRequest) ProtoMessage() {} + +func (x *CheckPermissionsRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[29] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CheckPermissionsRequest.ProtoReflect.Descriptor instead. +func (*CheckPermissionsRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{29} +} + +func (x *CheckPermissionsRequest) GetChecks() []*PermissionCheckInput { + if x != nil { + return x.Checks + } + return nil +} + +func (x *CheckPermissionsRequest) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +type CheckPermissionsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // One result per supplied check, in order. + Results []*PermissionCheckResult `protobuf:"bytes,1,rep,name=results,proto3" json:"results,omitempty"` +} + +func (x *CheckPermissionsResponse) Reset() { + *x = CheckPermissionsResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[30] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *CheckPermissionsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*CheckPermissionsResponse) ProtoMessage() {} + +func (x *CheckPermissionsResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[30] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use CheckPermissionsResponse.ProtoReflect.Descriptor instead. +func (*CheckPermissionsResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{30} +} + +func (x *CheckPermissionsResponse) GetResults() []*PermissionCheckResult { + if x != nil { + return x.Results + } + return nil +} + +type ListPermissionsRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Optional relation filter (e.g. "can_view"). + Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` + // Optional object-type filter (e.g. "document"). + ObjectType string `protobuf:"bytes,2,opt,name=object_type,json=objectType,proto3" json:"object_type,omitempty"` + // Optional explicit subject; same trust rules as CheckPermissionsRequest. + User string `protobuf:"bytes,3,opt,name=user,proto3" json:"user,omitempty"` +} + +func (x *ListPermissionsRequest) Reset() { + *x = ListPermissionsRequest{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[31] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ListPermissionsRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListPermissionsRequest) ProtoMessage() {} + +func (x *ListPermissionsRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[31] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListPermissionsRequest.ProtoReflect.Descriptor instead. +func (*ListPermissionsRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{31} +} + +func (x *ListPermissionsRequest) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *ListPermissionsRequest) GetObjectType() string { + if x != nil { + return x.ObjectType + } + return "" +} + +func (x *ListPermissionsRequest) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +type ListPermissionsResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // Distinct fully-qualified object ids the subject can access. + Objects []string `protobuf:"bytes,1,rep,name=objects,proto3" json:"objects,omitempty"` + // The (object, relation) detail — relevant when no relation filter was + // supplied. + Permissions []*Permission `protobuf:"bytes,2,rep,name=permissions,proto3" json:"permissions,omitempty"` + // True when the result was capped (1000 entries) and more permissions + // exist. + Truncated bool `protobuf:"varint,3,opt,name=truncated,proto3" json:"truncated,omitempty"` +} + +func (x *ListPermissionsResponse) Reset() { + *x = ListPermissionsResponse{} + mi := &file_authorizer_v1_authorizer_proto_msgTypes[32] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ListPermissionsResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ListPermissionsResponse) ProtoMessage() {} + +func (x *ListPermissionsResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_authorizer_proto_msgTypes[32] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ListPermissionsResponse.ProtoReflect.Descriptor instead. +func (*ListPermissionsResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_authorizer_proto_rawDescGZIP(), []int{32} +} + +func (x *ListPermissionsResponse) GetObjects() []string { + if x != nil { + return x.Objects + } + return nil +} + +func (x *ListPermissionsResponse) GetPermissions() []*Permission { + if x != nil { + return x.Permissions + } + return nil +} + +func (x *ListPermissionsResponse) GetTruncated() bool { + if x != nil { + return x.Truncated + } + return false +} + +var File_authorizer_v1_authorizer_proto protoreflect.FileDescriptor + +var file_authorizer_v1_authorizer_proto_rawDesc = []byte{ + 0x0a, 0x1e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x12, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x1a, + 0x1f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x61, + 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x1a, 0x1a, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x74, 0x79, 0x70, 0x65, + 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x62, 0x75, 0x66, 0x2f, 0x76, 0x61, 0x6c, + 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, + 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x22, 0xdf, 0x04, 0x0a, 0x0d, 0x53, 0x69, 0x67, 0x6e, 0x75, 0x70, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2a, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, + 0x02, 0x18, 0x20, 0x52, 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, + 0x12, 0x26, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01, 0x18, 0x80, 0x01, 0x52, 0x08, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x35, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x72, 0x6d, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01, 0x18, 0x80, 0x01, 0x52, 0x0f, + 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x72, 0x6d, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, + 0x1d, 0x0a, 0x0a, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x09, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, + 0x0a, 0x0b, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0a, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, + 0x1f, 0x0a, 0x0b, 0x6d, 0x69, 0x64, 0x64, 0x6c, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x07, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6d, 0x69, 0x64, 0x64, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, + 0x12, 0x1a, 0x0a, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, + 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x67, 0x65, + 0x6e, 0x64, 0x65, 0x72, 0x12, 0x1c, 0x0a, 0x09, 0x62, 0x69, 0x72, 0x74, 0x68, 0x64, 0x61, 0x74, + 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x62, 0x69, 0x72, 0x74, 0x68, 0x64, 0x61, + 0x74, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, 0x0b, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x72, 0x6f, 0x6c, + 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x0d, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x65, 0x64, 0x69, + 0x72, 0x65, 0x63, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, + 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x55, 0x72, 0x69, 0x12, 0x3e, 0x0a, 0x1c, 0x69, + 0x73, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x61, + 0x75, 0x74, 0x68, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0f, 0x20, 0x01, 0x28, + 0x08, 0x52, 0x18, 0x69, 0x73, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, + 0x41, 0x75, 0x74, 0x68, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x73, + 0x74, 0x61, 0x74, 0x65, 0x18, 0x10, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, + 0x65, 0x12, 0x31, 0x0a, 0x08, 0x61, 0x70, 0x70, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x11, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x61, 0x70, 0x70, + 0x44, 0x61, 0x74, 0x61, 0x22, 0xc4, 0x01, 0x0a, 0x0c, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, + 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2a, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, + 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, + 0x72, 0x02, 0x18, 0x20, 0x52, 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, + 0x72, 0x12, 0x26, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01, 0x18, 0x80, 0x01, 0x52, + 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, + 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, + 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, + 0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x06, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x0f, 0x0a, 0x0d, 0x4c, + 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x2a, 0x0a, 0x0e, + 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, + 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x9c, 0x01, 0x0a, 0x15, 0x4d, 0x61, 0x67, + 0x69, 0x63, 0x4c, 0x69, 0x6e, 0x6b, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, 0x65, 0x6d, 0x61, + 0x69, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, + 0x65, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x14, + 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, + 0x74, 0x61, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, + 0x5f, 0x75, 0x72, 0x69, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x65, 0x64, 0x69, + 0x72, 0x65, 0x63, 0x74, 0x55, 0x72, 0x69, 0x22, 0x32, 0x0a, 0x16, 0x4d, 0x61, 0x67, 0x69, 0x63, + 0x4c, 0x69, 0x6e, 0x6b, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x49, 0x0a, 0x12, 0x56, + 0x65, 0x72, 0x69, 0x66, 0x79, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x1d, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, + 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x79, 0x0a, 0x18, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, + 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, 0x65, 0x6d, 0x61, + 0x69, 0x6c, 0x12, 0x27, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, + 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x73, + 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, + 0x65, 0x22, 0x35, 0x0a, 0x19, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, 0x56, 0x65, 0x72, 0x69, 0x66, + 0x79, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, + 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0xaa, 0x01, 0x0a, 0x10, 0x56, 0x65, 0x72, + 0x69, 0x66, 0x79, 0x4f, 0x74, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, + 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, + 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2a, 0x0a, + 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x18, 0x20, 0x52, 0x0b, 0x70, 0x68, + 0x6f, 0x6e, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x1b, 0x0a, 0x03, 0x6f, 0x74, 0x70, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x09, 0xba, 0x48, 0x06, 0x72, 0x04, 0x10, 0x01, 0x18, + 0x10, 0x52, 0x03, 0x6f, 0x74, 0x70, 0x12, 0x17, 0x0a, 0x07, 0x69, 0x73, 0x5f, 0x74, 0x6f, 0x74, + 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x69, 0x73, 0x54, 0x6f, 0x74, 0x70, 0x12, + 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, + 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x74, 0x0a, 0x10, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, 0x4f, + 0x74, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, + 0x69, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, + 0xc0, 0x02, 0x52, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2a, 0x0a, 0x0c, 0x70, 0x68, 0x6f, + 0x6e, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x18, 0x20, 0x52, 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, + 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x22, 0x2d, 0x0a, 0x11, 0x52, + 0x65, 0x73, 0x65, 0x6e, 0x64, 0x4f, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x9c, 0x01, 0x0a, 0x15, 0x46, + 0x6f, 0x72, 0x67, 0x6f, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x2a, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, + 0x02, 0x18, 0x20, 0x52, 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, + 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x65, 0x64, 0x69, 0x72, 0x65, + 0x63, 0x74, 0x5f, 0x75, 0x72, 0x69, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x65, + 0x64, 0x69, 0x72, 0x65, 0x63, 0x74, 0x55, 0x72, 0x69, 0x22, 0x74, 0x0a, 0x16, 0x46, 0x6f, 0x72, + 0x67, 0x6f, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x40, 0x0a, + 0x1d, 0x73, 0x68, 0x6f, 0x75, 0x6c, 0x64, 0x5f, 0x73, 0x68, 0x6f, 0x77, 0x5f, 0x6d, 0x6f, 0x62, + 0x69, 0x6c, 0x65, 0x5f, 0x6f, 0x74, 0x70, 0x5f, 0x73, 0x63, 0x72, 0x65, 0x65, 0x6e, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x73, 0x68, 0x6f, 0x75, 0x6c, 0x64, 0x53, 0x68, 0x6f, 0x77, + 0x4d, 0x6f, 0x62, 0x69, 0x6c, 0x65, 0x4f, 0x74, 0x70, 0x53, 0x63, 0x72, 0x65, 0x65, 0x6e, 0x22, + 0xc9, 0x01, 0x0a, 0x14, 0x52, 0x65, 0x73, 0x65, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, + 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, + 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x10, + 0x0a, 0x03, 0x6f, 0x74, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6f, 0x74, 0x70, + 0x12, 0x2a, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x18, 0x20, 0x52, + 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x26, 0x0a, 0x08, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, + 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01, 0x18, 0x80, 0x01, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, + 0x77, 0x6f, 0x72, 0x64, 0x12, 0x35, 0x0a, 0x10, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x72, 0x6d, 0x5f, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, + 0xba, 0x48, 0x07, 0x72, 0x05, 0x10, 0x01, 0x18, 0x80, 0x01, 0x52, 0x0f, 0x63, 0x6f, 0x6e, 0x66, + 0x69, 0x72, 0x6d, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x22, 0x31, 0x0a, 0x15, 0x52, + 0x65, 0x73, 0x65, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x10, + 0x0a, 0x0e, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x22, 0xd4, 0x04, 0x0a, 0x14, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, + 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x6f, 0x6c, 0x64, + 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0b, 0x6f, 0x6c, 0x64, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x2b, 0x0a, 0x0c, + 0x6e, 0x65, 0x77, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0x80, 0x01, 0x52, 0x0b, 0x6e, 0x65, + 0x77, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x3a, 0x0a, 0x14, 0x63, 0x6f, 0x6e, + 0x66, 0x69, 0x72, 0x6d, 0x5f, 0x6e, 0x65, 0x77, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, + 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0x80, + 0x01, 0x52, 0x12, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x72, 0x6d, 0x4e, 0x65, 0x77, 0x50, 0x61, 0x73, + 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x1e, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x42, 0x08, 0xba, 0x48, 0x05, 0x72, 0x03, 0x18, 0xc0, 0x02, 0x52, 0x05, + 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x1d, 0x0a, 0x0a, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x5f, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x67, 0x69, 0x76, 0x65, 0x6e, + 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x66, 0x61, 0x6d, 0x69, 0x6c, + 0x79, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6d, 0x69, 0x64, 0x64, 0x6c, 0x65, 0x5f, + 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6d, 0x69, 0x64, 0x64, + 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, + 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x18, 0x09, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x06, 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x12, 0x1c, 0x0a, 0x09, 0x62, 0x69, + 0x72, 0x74, 0x68, 0x64, 0x61, 0x74, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x62, + 0x69, 0x72, 0x74, 0x68, 0x64, 0x61, 0x74, 0x65, 0x12, 0x2a, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, + 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, + 0xba, 0x48, 0x04, 0x72, 0x02, 0x18, 0x20, 0x52, 0x0b, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, + 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x12, 0x43, + 0x0a, 0x1c, 0x69, 0x73, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, + 0x72, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0d, + 0x20, 0x01, 0x28, 0x08, 0x48, 0x00, 0x52, 0x18, 0x69, 0x73, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x46, + 0x61, 0x63, 0x74, 0x6f, 0x72, 0x41, 0x75, 0x74, 0x68, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, + 0x88, 0x01, 0x01, 0x12, 0x31, 0x0a, 0x08, 0x61, 0x70, 0x70, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, + 0x0e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x07, 0x61, + 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x42, 0x1f, 0x0a, 0x1d, 0x5f, 0x69, 0x73, 0x5f, 0x6d, 0x75, + 0x6c, 0x74, 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, + 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x22, 0x31, 0x0a, 0x15, 0x55, 0x70, 0x64, 0x61, 0x74, + 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x1a, 0x0a, 0x18, 0x44, 0x65, + 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x35, 0x0a, 0x19, 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, + 0x76, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, + 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0x3d, 0x0a, + 0x0d, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x2c, + 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0c, + 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, 0x2a, 0x0a, 0x0e, + 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, + 0x0a, 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x07, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x22, 0xa2, 0x01, 0x0a, 0x0e, 0x53, 0x65, 0x73, + 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x72, + 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x72, 0x6f, 0x6c, 0x65, + 0x73, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, + 0x52, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x65, 0x12, 0x4e, 0x0a, + 0x12, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x52, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x52, 0x11, 0x72, 0x65, 0x71, 0x75, + 0x69, 0x72, 0x65, 0x64, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xc6, 0x01, + 0x0a, 0x17, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x4a, 0x77, 0x74, 0x54, 0x6f, 0x6b, + 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x26, 0x0a, 0x0a, 0x74, 0x6f, 0x6b, + 0x65, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, + 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x09, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x54, 0x79, 0x70, + 0x65, 0x12, 0x1d, 0x0a, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, 0x01, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e, + 0x12, 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, + 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x4e, 0x0a, 0x12, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, + 0x65, 0x64, 0x5f, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, + 0x70, 0x75, 0x74, 0x52, 0x11, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x52, 0x65, 0x6c, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x65, 0x0a, 0x18, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, + 0x74, 0x65, 0x4a, 0x77, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x69, 0x73, 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x69, 0x73, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x12, 0x2e, 0x0a, + 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, + 0x70, 0x44, 0x61, 0x74, 0x61, 0x52, 0x06, 0x63, 0x6c, 0x61, 0x69, 0x6d, 0x73, 0x22, 0x9f, 0x01, + 0x0a, 0x16, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x0a, 0x06, 0x63, 0x6f, 0x6f, 0x6b, + 0x69, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x07, 0xba, 0x48, 0x04, 0x72, 0x02, 0x10, + 0x01, 0x52, 0x06, 0x63, 0x6f, 0x6f, 0x6b, 0x69, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, + 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, + 0x4e, 0x0a, 0x12, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x5f, 0x72, 0x65, 0x6c, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x52, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x52, 0x11, 0x72, 0x65, + 0x71, 0x75, 0x69, 0x72, 0x65, 0x64, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, + 0x5d, 0x0a, 0x17, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x73, 0x73, 0x69, + 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x19, 0x0a, 0x08, 0x69, 0x73, + 0x5f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x69, 0x73, + 0x56, 0x61, 0x6c, 0x69, 0x64, 0x12, 0x27, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x0d, + 0x0a, 0x0b, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x22, 0x76, 0x0a, + 0x17, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, + 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x47, 0x0a, 0x06, 0x63, 0x68, 0x65, 0x63, + 0x6b, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, + 0x69, 0x6f, 0x6e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x42, 0x0a, 0xba, + 0x48, 0x07, 0x92, 0x01, 0x04, 0x08, 0x01, 0x10, 0x64, 0x52, 0x06, 0x63, 0x68, 0x65, 0x63, 0x6b, + 0x73, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x5a, 0x0a, 0x18, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50, 0x65, + 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x12, 0x3e, 0x0a, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x68, 0x65, + 0x63, 0x6b, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x52, 0x07, 0x72, 0x65, 0x73, 0x75, 0x6c, 0x74, + 0x73, 0x22, 0x69, 0x0a, 0x16, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, + 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, + 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6f, 0x62, + 0x6a, 0x65, 0x63, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x22, 0x8e, 0x01, 0x0a, + 0x17, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6f, 0x62, 0x6a, 0x65, + 0x63, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x6f, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x73, 0x12, 0x3b, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, + 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, + 0x6f, 0x6e, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, + 0x1c, 0x0a, 0x09, 0x74, 0x72, 0x75, 0x6e, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x09, 0x74, 0x72, 0x75, 0x6e, 0x63, 0x61, 0x74, 0x65, 0x64, 0x32, 0xe8, 0x12, + 0x0a, 0x11, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, + 0x69, 0x63, 0x65, 0x12, 0x66, 0x0a, 0x06, 0x53, 0x69, 0x67, 0x6e, 0x75, 0x70, 0x12, 0x1c, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x69, + 0x67, 0x6e, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x21, 0x92, 0xb5, 0x18, 0x00, 0x98, 0xb5, + 0x18, 0x01, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0f, 0x3a, 0x01, 0x2a, 0x22, + 0x0a, 0x2f, 0x76, 0x31, 0x2f, 0x73, 0x69, 0x67, 0x6e, 0x75, 0x70, 0x12, 0x63, 0x0a, 0x05, 0x4c, + 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x1b, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x20, + 0x92, 0xb5, 0x18, 0x00, 0x98, 0xb5, 0x18, 0x01, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, + 0x02, 0x0e, 0x3a, 0x01, 0x2a, 0x22, 0x09, 0x2f, 0x76, 0x31, 0x2f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, + 0x12, 0x5d, 0x0a, 0x06, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x12, 0x1c, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, + 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x16, 0x98, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, + 0x93, 0x02, 0x0c, 0x22, 0x0a, 0x2f, 0x76, 0x31, 0x2f, 0x6c, 0x6f, 0x67, 0x6f, 0x75, 0x74, 0x12, + 0x86, 0x01, 0x0a, 0x0e, 0x4d, 0x61, 0x67, 0x69, 0x63, 0x4c, 0x69, 0x6e, 0x6b, 0x4c, 0x6f, 0x67, + 0x69, 0x6e, 0x12, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x4d, 0x61, 0x67, 0x69, 0x63, 0x4c, 0x69, 0x6e, 0x6b, 0x4c, 0x6f, 0x67, 0x69, + 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x61, 0x67, 0x69, 0x63, 0x4c, 0x69, + 0x6e, 0x6b, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, + 0x27, 0x98, 0xb5, 0x18, 0x01, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x3a, + 0x01, 0x2a, 0x22, 0x14, 0x2f, 0x76, 0x31, 0x2f, 0x6d, 0x61, 0x67, 0x69, 0x63, 0x5f, 0x6c, 0x69, + 0x6e, 0x6b, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x72, 0x0a, 0x0b, 0x56, 0x65, 0x72, 0x69, + 0x66, 0x79, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x21, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x45, 0x6d, + 0x61, 0x69, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52, + 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x23, 0x98, 0xb5, 0x18, 0x01, 0xa0, 0xb5, 0x18, + 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x15, 0x3a, 0x01, 0x2a, 0x22, 0x10, 0x2f, 0x76, 0x31, 0x2f, + 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x8e, 0x01, 0x0a, + 0x11, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x45, 0x6d, 0x61, + 0x69, 0x6c, 0x12, 0x27, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x45, + 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x73, 0x65, + 0x6e, 0x64, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x26, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, + 0x1c, 0x3a, 0x01, 0x2a, 0x22, 0x17, 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x73, 0x65, 0x6e, 0x64, + 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x6c, 0x0a, + 0x09, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x4f, 0x74, 0x70, 0x12, 0x1f, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x65, 0x72, 0x69, 0x66, + 0x79, 0x4f, 0x74, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x21, 0x98, 0xb5, 0x18, 0x01, 0xa0, 0xb5, + 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x3a, 0x01, 0x2a, 0x22, 0x0e, 0x2f, 0x76, 0x31, + 0x2f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x79, 0x5f, 0x6f, 0x74, 0x70, 0x12, 0x6d, 0x0a, 0x09, 0x52, + 0x65, 0x73, 0x65, 0x6e, 0x64, 0x4f, 0x74, 0x70, 0x12, 0x1f, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, 0x4f, + 0x74, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x20, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x6e, 0x64, + 0x4f, 0x74, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1d, 0xa0, 0xb5, 0x18, + 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x13, 0x3a, 0x01, 0x2a, 0x22, 0x0e, 0x2f, 0x76, 0x31, 0x2f, + 0x72, 0x65, 0x73, 0x65, 0x6e, 0x64, 0x5f, 0x6f, 0x74, 0x70, 0x12, 0x81, 0x01, 0x0a, 0x0e, 0x46, + 0x6f, 0x72, 0x67, 0x6f, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x24, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x6f, + 0x72, 0x67, 0x6f, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x25, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x6f, 0x72, 0x67, 0x6f, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, + 0x72, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x22, 0xa0, 0xb5, 0x18, 0x01, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x18, 0x3a, 0x01, 0x2a, 0x22, 0x13, 0x2f, 0x76, 0x31, 0x2f, 0x66, + 0x6f, 0x72, 0x67, 0x6f, 0x74, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x81, + 0x01, 0x0a, 0x0d, 0x52, 0x65, 0x73, 0x65, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, + 0x12, 0x23, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, + 0x2e, 0x52, 0x65, 0x73, 0x65, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x74, 0x50, 0x61, 0x73, 0x73, 0x77, + 0x6f, 0x72, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x25, 0x98, 0xb5, 0x18, + 0x01, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a, 0x22, 0x12, + 0x2f, 0x76, 0x31, 0x2f, 0x72, 0x65, 0x73, 0x65, 0x74, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, + 0x72, 0x64, 0x12, 0x58, 0x0a, 0x07, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x1d, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x50, 0x72, + 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x13, 0x2e, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x73, 0x65, + 0x72, 0x22, 0x19, 0x92, 0xb5, 0x18, 0x02, 0x08, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0d, 0x12, + 0x0b, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x7d, 0x0a, 0x0d, + 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x23, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x70, + 0x64, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, + 0x73, 0x74, 0x1a, 0x24, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x21, 0x98, 0xb5, 0x18, 0x01, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x17, 0x3a, 0x01, 0x2a, 0x22, 0x12, 0x2f, 0x76, 0x31, 0x2f, 0x75, 0x70, 0x64, + 0x61, 0x74, 0x65, 0x5f, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x93, 0x01, 0x0a, 0x11, + 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, + 0x74, 0x12, 0x27, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, + 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x28, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x61, 0x63, 0x74, + 0x69, 0x76, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x2b, 0x92, 0xb5, 0x18, 0x02, 0x18, 0x01, 0x98, 0xb5, 0x18, 0x01, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1b, 0x3a, 0x01, 0x2a, 0x22, 0x16, 0x2f, 0x76, 0x31, 0x2f, 0x64, + 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, + 0x74, 0x12, 0x64, 0x0a, 0x06, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x12, 0x1c, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, + 0x6b, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x1d, 0x98, 0xb5, 0x18, 0x01, 0xa0, 0xb5, + 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0f, 0x3a, 0x01, 0x2a, 0x22, 0x0a, 0x2f, 0x76, 0x31, + 0x2f, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x12, 0x5d, 0x0a, 0x07, 0x53, 0x65, 0x73, 0x73, 0x69, + 0x6f, 0x6e, 0x12, 0x1d, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x1b, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, + 0x31, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x16, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x10, 0x3a, 0x01, 0x2a, 0x22, 0x0b, 0x2f, 0x76, 0x31, 0x2f, 0x73, + 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x8a, 0x01, 0x0a, 0x10, 0x56, 0x61, 0x6c, 0x69, 0x64, + 0x61, 0x74, 0x65, 0x4a, 0x77, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x26, 0x2e, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x61, 0x6c, 0x69, + 0x64, 0x61, 0x74, 0x65, 0x4a, 0x77, 0x74, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x4a, 0x77, 0x74, 0x54, + 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x25, 0xa0, 0xb5, + 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x1b, 0x3a, 0x01, 0x2a, 0x22, 0x16, 0x2f, 0x76, 0x31, + 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x5f, 0x6a, 0x77, 0x74, 0x5f, 0x74, 0x6f, + 0x6b, 0x65, 0x6e, 0x12, 0x85, 0x01, 0x0a, 0x0f, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, + 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x25, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, + 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x56, + 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x53, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x23, 0xa0, 0xb5, 0x18, 0x01, 0x82, 0xd3, 0xe4, 0x93, + 0x02, 0x19, 0x3a, 0x01, 0x2a, 0x22, 0x14, 0x2f, 0x76, 0x31, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, + 0x61, 0x74, 0x65, 0x5f, 0x73, 0x65, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x53, 0x0a, 0x04, 0x4d, + 0x65, 0x74, 0x61, 0x12, 0x1a, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x2e, 0x76, 0x31, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x13, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, + 0x4d, 0x65, 0x74, 0x61, 0x22, 0x1a, 0x92, 0xb5, 0x18, 0x02, 0x08, 0x01, 0xa0, 0xb5, 0x18, 0x01, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x0a, 0x12, 0x08, 0x2f, 0x76, 0x31, 0x2f, 0x6d, 0x65, 0x74, 0x61, + 0x12, 0x8b, 0x01, 0x0a, 0x10, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, + 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x26, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x50, 0x65, 0x72, 0x6d, 0x69, + 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x43, 0x68, + 0x65, 0x63, 0x6b, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x26, 0x92, 0xb5, 0x18, 0x02, 0x08, 0x01, 0x82, 0xd3, + 0xe4, 0x93, 0x02, 0x1a, 0x3a, 0x01, 0x2a, 0x22, 0x15, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x68, 0x65, + 0x63, 0x6b, 0x5f, 0x70, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x87, + 0x01, 0x0a, 0x0f, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x12, 0x25, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, + 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, + 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x50, 0x65, + 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, + 0x65, 0x22, 0x25, 0x92, 0xb5, 0x18, 0x02, 0x08, 0x01, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x19, 0x3a, + 0x01, 0x2a, 0x22, 0x14, 0x2f, 0x76, 0x31, 0x2f, 0x6c, 0x69, 0x73, 0x74, 0x5f, 0x70, 0x65, 0x72, + 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0xcb, 0x01, 0x0a, 0x11, 0x63, 0x6f, 0x6d, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0f, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, + 0x01, 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x64, 0x65, 0x76, 0x2f, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, 0x6f, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, + 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x19, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, + 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_authorizer_v1_authorizer_proto_rawDescOnce sync.Once + file_authorizer_v1_authorizer_proto_rawDescData = file_authorizer_v1_authorizer_proto_rawDesc +) + +func file_authorizer_v1_authorizer_proto_rawDescGZIP() []byte { + file_authorizer_v1_authorizer_proto_rawDescOnce.Do(func() { + file_authorizer_v1_authorizer_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_authorizer_proto_rawDescData) + }) + return file_authorizer_v1_authorizer_proto_rawDescData +} + +var file_authorizer_v1_authorizer_proto_msgTypes = make([]protoimpl.MessageInfo, 33) +var file_authorizer_v1_authorizer_proto_goTypes = []any{ + (*SignupRequest)(nil), // 0: authorizer.v1.SignupRequest + (*LoginRequest)(nil), // 1: authorizer.v1.LoginRequest + (*LogoutRequest)(nil), // 2: authorizer.v1.LogoutRequest + (*LogoutResponse)(nil), // 3: authorizer.v1.LogoutResponse + (*MagicLinkLoginRequest)(nil), // 4: authorizer.v1.MagicLinkLoginRequest + (*MagicLinkLoginResponse)(nil), // 5: authorizer.v1.MagicLinkLoginResponse + (*VerifyEmailRequest)(nil), // 6: authorizer.v1.VerifyEmailRequest + (*ResendVerifyEmailRequest)(nil), // 7: authorizer.v1.ResendVerifyEmailRequest + (*ResendVerifyEmailResponse)(nil), // 8: authorizer.v1.ResendVerifyEmailResponse + (*VerifyOtpRequest)(nil), // 9: authorizer.v1.VerifyOtpRequest + (*ResendOtpRequest)(nil), // 10: authorizer.v1.ResendOtpRequest + (*ResendOtpResponse)(nil), // 11: authorizer.v1.ResendOtpResponse + (*ForgotPasswordRequest)(nil), // 12: authorizer.v1.ForgotPasswordRequest + (*ForgotPasswordResponse)(nil), // 13: authorizer.v1.ForgotPasswordResponse + (*ResetPasswordRequest)(nil), // 14: authorizer.v1.ResetPasswordRequest + (*ResetPasswordResponse)(nil), // 15: authorizer.v1.ResetPasswordResponse + (*ProfileRequest)(nil), // 16: authorizer.v1.ProfileRequest + (*UpdateProfileRequest)(nil), // 17: authorizer.v1.UpdateProfileRequest + (*UpdateProfileResponse)(nil), // 18: authorizer.v1.UpdateProfileResponse + (*DeactivateAccountRequest)(nil), // 19: authorizer.v1.DeactivateAccountRequest + (*DeactivateAccountResponse)(nil), // 20: authorizer.v1.DeactivateAccountResponse + (*RevokeRequest)(nil), // 21: authorizer.v1.RevokeRequest + (*RevokeResponse)(nil), // 22: authorizer.v1.RevokeResponse + (*SessionRequest)(nil), // 23: authorizer.v1.SessionRequest + (*ValidateJwtTokenRequest)(nil), // 24: authorizer.v1.ValidateJwtTokenRequest + (*ValidateJwtTokenResponse)(nil), // 25: authorizer.v1.ValidateJwtTokenResponse + (*ValidateSessionRequest)(nil), // 26: authorizer.v1.ValidateSessionRequest + (*ValidateSessionResponse)(nil), // 27: authorizer.v1.ValidateSessionResponse + (*MetaRequest)(nil), // 28: authorizer.v1.MetaRequest + (*CheckPermissionsRequest)(nil), // 29: authorizer.v1.CheckPermissionsRequest + (*CheckPermissionsResponse)(nil), // 30: authorizer.v1.CheckPermissionsResponse + (*ListPermissionsRequest)(nil), // 31: authorizer.v1.ListPermissionsRequest + (*ListPermissionsResponse)(nil), // 32: authorizer.v1.ListPermissionsResponse + (*AppData)(nil), // 33: authorizer.v1.AppData + (*FgaRelationInput)(nil), // 34: authorizer.v1.FgaRelationInput + (*User)(nil), // 35: authorizer.v1.User + (*PermissionCheckInput)(nil), // 36: authorizer.v1.PermissionCheckInput + (*PermissionCheckResult)(nil), // 37: authorizer.v1.PermissionCheckResult + (*Permission)(nil), // 38: authorizer.v1.Permission + (*AuthResponse)(nil), // 39: authorizer.v1.AuthResponse + (*Meta)(nil), // 40: authorizer.v1.Meta +} +var file_authorizer_v1_authorizer_proto_depIdxs = []int32{ + 33, // 0: authorizer.v1.SignupRequest.app_data:type_name -> authorizer.v1.AppData + 33, // 1: authorizer.v1.UpdateProfileRequest.app_data:type_name -> authorizer.v1.AppData + 34, // 2: authorizer.v1.SessionRequest.required_relations:type_name -> authorizer.v1.FgaRelationInput + 34, // 3: authorizer.v1.ValidateJwtTokenRequest.required_relations:type_name -> authorizer.v1.FgaRelationInput + 33, // 4: authorizer.v1.ValidateJwtTokenResponse.claims:type_name -> authorizer.v1.AppData + 34, // 5: authorizer.v1.ValidateSessionRequest.required_relations:type_name -> authorizer.v1.FgaRelationInput + 35, // 6: authorizer.v1.ValidateSessionResponse.user:type_name -> authorizer.v1.User + 36, // 7: authorizer.v1.CheckPermissionsRequest.checks:type_name -> authorizer.v1.PermissionCheckInput + 37, // 8: authorizer.v1.CheckPermissionsResponse.results:type_name -> authorizer.v1.PermissionCheckResult + 38, // 9: authorizer.v1.ListPermissionsResponse.permissions:type_name -> authorizer.v1.Permission + 0, // 10: authorizer.v1.AuthorizerService.Signup:input_type -> authorizer.v1.SignupRequest + 1, // 11: authorizer.v1.AuthorizerService.Login:input_type -> authorizer.v1.LoginRequest + 2, // 12: authorizer.v1.AuthorizerService.Logout:input_type -> authorizer.v1.LogoutRequest + 4, // 13: authorizer.v1.AuthorizerService.MagicLinkLogin:input_type -> authorizer.v1.MagicLinkLoginRequest + 6, // 14: authorizer.v1.AuthorizerService.VerifyEmail:input_type -> authorizer.v1.VerifyEmailRequest + 7, // 15: authorizer.v1.AuthorizerService.ResendVerifyEmail:input_type -> authorizer.v1.ResendVerifyEmailRequest + 9, // 16: authorizer.v1.AuthorizerService.VerifyOtp:input_type -> authorizer.v1.VerifyOtpRequest + 10, // 17: authorizer.v1.AuthorizerService.ResendOtp:input_type -> authorizer.v1.ResendOtpRequest + 12, // 18: authorizer.v1.AuthorizerService.ForgotPassword:input_type -> authorizer.v1.ForgotPasswordRequest + 14, // 19: authorizer.v1.AuthorizerService.ResetPassword:input_type -> authorizer.v1.ResetPasswordRequest + 16, // 20: authorizer.v1.AuthorizerService.Profile:input_type -> authorizer.v1.ProfileRequest + 17, // 21: authorizer.v1.AuthorizerService.UpdateProfile:input_type -> authorizer.v1.UpdateProfileRequest + 19, // 22: authorizer.v1.AuthorizerService.DeactivateAccount:input_type -> authorizer.v1.DeactivateAccountRequest + 21, // 23: authorizer.v1.AuthorizerService.Revoke:input_type -> authorizer.v1.RevokeRequest + 23, // 24: authorizer.v1.AuthorizerService.Session:input_type -> authorizer.v1.SessionRequest + 24, // 25: authorizer.v1.AuthorizerService.ValidateJwtToken:input_type -> authorizer.v1.ValidateJwtTokenRequest + 26, // 26: authorizer.v1.AuthorizerService.ValidateSession:input_type -> authorizer.v1.ValidateSessionRequest + 28, // 27: authorizer.v1.AuthorizerService.Meta:input_type -> authorizer.v1.MetaRequest + 29, // 28: authorizer.v1.AuthorizerService.CheckPermissions:input_type -> authorizer.v1.CheckPermissionsRequest + 31, // 29: authorizer.v1.AuthorizerService.ListPermissions:input_type -> authorizer.v1.ListPermissionsRequest + 39, // 30: authorizer.v1.AuthorizerService.Signup:output_type -> authorizer.v1.AuthResponse + 39, // 31: authorizer.v1.AuthorizerService.Login:output_type -> authorizer.v1.AuthResponse + 3, // 32: authorizer.v1.AuthorizerService.Logout:output_type -> authorizer.v1.LogoutResponse + 5, // 33: authorizer.v1.AuthorizerService.MagicLinkLogin:output_type -> authorizer.v1.MagicLinkLoginResponse + 39, // 34: authorizer.v1.AuthorizerService.VerifyEmail:output_type -> authorizer.v1.AuthResponse + 8, // 35: authorizer.v1.AuthorizerService.ResendVerifyEmail:output_type -> authorizer.v1.ResendVerifyEmailResponse + 39, // 36: authorizer.v1.AuthorizerService.VerifyOtp:output_type -> authorizer.v1.AuthResponse + 11, // 37: authorizer.v1.AuthorizerService.ResendOtp:output_type -> authorizer.v1.ResendOtpResponse + 13, // 38: authorizer.v1.AuthorizerService.ForgotPassword:output_type -> authorizer.v1.ForgotPasswordResponse + 15, // 39: authorizer.v1.AuthorizerService.ResetPassword:output_type -> authorizer.v1.ResetPasswordResponse + 35, // 40: authorizer.v1.AuthorizerService.Profile:output_type -> authorizer.v1.User + 18, // 41: authorizer.v1.AuthorizerService.UpdateProfile:output_type -> authorizer.v1.UpdateProfileResponse + 20, // 42: authorizer.v1.AuthorizerService.DeactivateAccount:output_type -> authorizer.v1.DeactivateAccountResponse + 22, // 43: authorizer.v1.AuthorizerService.Revoke:output_type -> authorizer.v1.RevokeResponse + 39, // 44: authorizer.v1.AuthorizerService.Session:output_type -> authorizer.v1.AuthResponse + 25, // 45: authorizer.v1.AuthorizerService.ValidateJwtToken:output_type -> authorizer.v1.ValidateJwtTokenResponse + 27, // 46: authorizer.v1.AuthorizerService.ValidateSession:output_type -> authorizer.v1.ValidateSessionResponse + 40, // 47: authorizer.v1.AuthorizerService.Meta:output_type -> authorizer.v1.Meta + 30, // 48: authorizer.v1.AuthorizerService.CheckPermissions:output_type -> authorizer.v1.CheckPermissionsResponse + 32, // 49: authorizer.v1.AuthorizerService.ListPermissions:output_type -> authorizer.v1.ListPermissionsResponse + 30, // [30:50] is the sub-list for method output_type + 10, // [10:30] is the sub-list for method input_type + 10, // [10:10] is the sub-list for extension type_name + 10, // [10:10] is the sub-list for extension extendee + 0, // [0:10] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_authorizer_proto_init() } +func file_authorizer_v1_authorizer_proto_init() { + if File_authorizer_v1_authorizer_proto != nil { + return + } + file_authorizer_v1_annotations_proto_init() + file_authorizer_v1_common_proto_init() + file_authorizer_v1_types_proto_init() + file_authorizer_v1_authorizer_proto_msgTypes[17].OneofWrappers = []any{} + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_authorizer_proto_rawDesc, + NumEnums: 0, + NumMessages: 33, + NumExtensions: 0, + NumServices: 1, + }, + GoTypes: file_authorizer_v1_authorizer_proto_goTypes, + DependencyIndexes: file_authorizer_v1_authorizer_proto_depIdxs, + MessageInfos: file_authorizer_v1_authorizer_proto_msgTypes, + }.Build() + File_authorizer_v1_authorizer_proto = out.File + file_authorizer_v1_authorizer_proto_rawDesc = nil + file_authorizer_v1_authorizer_proto_goTypes = nil + file_authorizer_v1_authorizer_proto_depIdxs = nil +} diff --git a/internal/genpb/authorizer/v1/authorizer_grpc.pb.go b/internal/genpb/authorizer/v1/authorizer_grpc.pb.go new file mode 100644 index 0000000..6ae658f --- /dev/null +++ b/internal/genpb/authorizer/v1/authorizer_grpc.pb.go @@ -0,0 +1,918 @@ +// AuthorizerService is the single gRPC service that exposes Authorizer's +// public API. Method names match the GraphQL operation names 1:1 +// (snake_case in GraphQL → PascalCase in proto): Signup, Login, +// MagicLinkLogin, VerifyEmail, ResendVerifyEmail, ForgotPassword, +// ResetPassword, VerifyOtp, ResendOtp, UpdateProfile, DeactivateAccount, +// Revoke, Meta, Session, Profile, ValidateJwtToken, ValidateSession, +// CheckPermissions, ListPermissions, Logout. +// +// Why one service: clients consume a single typed client per language, +// discovery is trivial, and the surface mirrors the GraphQL one users +// already know. The trade-off is that we lose resource-oriented evolution +// (no `List/Get/Create` symmetry per resource) — acceptable for an auth +// surface where most operations are stateless verbs anyway. +// +// REST mapping follows a simple rule: +// - GET /v1/{method} when the request body is empty (Meta, Profile, +// Logout) +// - POST /v1/{method} otherwise + +// Code generated by protoc-gen-go-grpc. DO NOT EDIT. +// versions: +// - protoc-gen-go-grpc v1.5.1 +// - protoc (unknown) +// source: authorizer/v1/authorizer.proto + +package authorizerv1 + +import ( + context "context" + grpc "google.golang.org/grpc" + codes "google.golang.org/grpc/codes" + status "google.golang.org/grpc/status" +) + +// This is a compile-time assertion to ensure that this generated file +// is compatible with the grpc package it is being compiled against. +// Requires gRPC-Go v1.64.0 or later. +const _ = grpc.SupportPackageIsVersion9 + +const ( + AuthorizerService_Signup_FullMethodName = "/authorizer.v1.AuthorizerService/Signup" + AuthorizerService_Login_FullMethodName = "/authorizer.v1.AuthorizerService/Login" + AuthorizerService_Logout_FullMethodName = "/authorizer.v1.AuthorizerService/Logout" + AuthorizerService_MagicLinkLogin_FullMethodName = "/authorizer.v1.AuthorizerService/MagicLinkLogin" + AuthorizerService_VerifyEmail_FullMethodName = "/authorizer.v1.AuthorizerService/VerifyEmail" + AuthorizerService_ResendVerifyEmail_FullMethodName = "/authorizer.v1.AuthorizerService/ResendVerifyEmail" + AuthorizerService_VerifyOtp_FullMethodName = "/authorizer.v1.AuthorizerService/VerifyOtp" + AuthorizerService_ResendOtp_FullMethodName = "/authorizer.v1.AuthorizerService/ResendOtp" + AuthorizerService_ForgotPassword_FullMethodName = "/authorizer.v1.AuthorizerService/ForgotPassword" + AuthorizerService_ResetPassword_FullMethodName = "/authorizer.v1.AuthorizerService/ResetPassword" + AuthorizerService_Profile_FullMethodName = "/authorizer.v1.AuthorizerService/Profile" + AuthorizerService_UpdateProfile_FullMethodName = "/authorizer.v1.AuthorizerService/UpdateProfile" + AuthorizerService_DeactivateAccount_FullMethodName = "/authorizer.v1.AuthorizerService/DeactivateAccount" + AuthorizerService_Revoke_FullMethodName = "/authorizer.v1.AuthorizerService/Revoke" + AuthorizerService_Session_FullMethodName = "/authorizer.v1.AuthorizerService/Session" + AuthorizerService_ValidateJwtToken_FullMethodName = "/authorizer.v1.AuthorizerService/ValidateJwtToken" + AuthorizerService_ValidateSession_FullMethodName = "/authorizer.v1.AuthorizerService/ValidateSession" + AuthorizerService_Meta_FullMethodName = "/authorizer.v1.AuthorizerService/Meta" + AuthorizerService_CheckPermissions_FullMethodName = "/authorizer.v1.AuthorizerService/CheckPermissions" + AuthorizerService_ListPermissions_FullMethodName = "/authorizer.v1.AuthorizerService/ListPermissions" +) + +// AuthorizerServiceClient is the client API for AuthorizerService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type AuthorizerServiceClient interface { + // Signup registers a new user. Public; requires sign-up enabled in config. + // Returns AuthResponse with tokens + (browser callers) Set-Cookie headers. + Signup(ctx context.Context, in *SignupRequest, opts ...grpc.CallOption) (*AuthResponse, error) + // Login authenticates with email/phone + password. + Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*AuthResponse, error) + // Logout ends the caller's current session. POST, not GET: logout mutates + // server state (clears the session) and is audit-logged, so it must not be + // a "safe" method per RFC 9110 §9.2.1 — GET would also expose it to CSRF. + Logout(ctx context.Context, in *LogoutRequest, opts ...grpc.CallOption) (*LogoutResponse, error) + // MagicLinkLogin dispatches a passwordless email link. The clicked link + // hits the existing /verify_email browser handler. + MagicLinkLogin(ctx context.Context, in *MagicLinkLoginRequest, opts ...grpc.CallOption) (*MagicLinkLoginResponse, error) + VerifyEmail(ctx context.Context, in *VerifyEmailRequest, opts ...grpc.CallOption) (*AuthResponse, error) + ResendVerifyEmail(ctx context.Context, in *ResendVerifyEmailRequest, opts ...grpc.CallOption) (*ResendVerifyEmailResponse, error) + VerifyOtp(ctx context.Context, in *VerifyOtpRequest, opts ...grpc.CallOption) (*AuthResponse, error) + ResendOtp(ctx context.Context, in *ResendOtpRequest, opts ...grpc.CallOption) (*ResendOtpResponse, error) + ForgotPassword(ctx context.Context, in *ForgotPasswordRequest, opts ...grpc.CallOption) (*ForgotPasswordResponse, error) + ResetPassword(ctx context.Context, in *ResetPasswordRequest, opts ...grpc.CallOption) (*ResetPasswordResponse, error) + // Profile returns the authenticated user. + Profile(ctx context.Context, in *ProfileRequest, opts ...grpc.CallOption) (*User, error) + UpdateProfile(ctx context.Context, in *UpdateProfileRequest, opts ...grpc.CallOption) (*UpdateProfileResponse, error) + // DeactivateAccount soft-deletes the caller's account and revokes all + // refresh tokens as a side effect. OAuth has no concept of account + // deactivation; this is the typed equivalent of SCIM PATCH active=false. + DeactivateAccount(ctx context.Context, in *DeactivateAccountRequest, opts ...grpc.CallOption) (*DeactivateAccountResponse, error) + // Revoke invalidates a refresh token. Typed mirror of RFC 7009. + Revoke(ctx context.Context, in *RevokeRequest, opts ...grpc.CallOption) (*RevokeResponse, error) + // Session returns the AuthResponse bound to the caller's session cookie only. + // NOT exposed as an MCP tool — SessionResponse carries access_token, + // refresh_token, id_token, authenticator_secret, and recovery codes, + // none of which should land in an LLM transcript. (Security audit C1.) + Session(ctx context.Context, in *SessionRequest, opts ...grpc.CallOption) (*AuthResponse, error) + ValidateJwtToken(ctx context.Context, in *ValidateJwtTokenRequest, opts ...grpc.CallOption) (*ValidateJwtTokenResponse, error) + ValidateSession(ctx context.Context, in *ValidateSessionRequest, opts ...grpc.CallOption) (*ValidateSessionResponse, error) + // Meta returns server feature flags. No auth required. + Meta(ctx context.Context, in *MetaRequest, opts ...grpc.CallOption) (*Meta, error) + // CheckPermissions evaluates one or more fine-grained permission checks + // ("does the subject have on ?") in a single call and + // returns one result per check, in order. The subject defaults to the + // authenticated caller; an explicit `user` is honored only for super-admins + // or when it equals the caller's own subject. Fail-closed. + CheckPermissions(ctx context.Context, in *CheckPermissionsRequest, opts ...grpc.CallOption) (*CheckPermissionsResponse, error) + // ListPermissions enumerates what the subject can access. With both + // `relation` and `object_type` set it answers "which s can I + // ?"; either or both filters may be omitted to enumerate every + // matching (type, relation) pair of the active model. Results are capped; + // `truncated` reports when more permissions exist. Subject resolution + // follows the same rules as CheckPermissions. + ListPermissions(ctx context.Context, in *ListPermissionsRequest, opts ...grpc.CallOption) (*ListPermissionsResponse, error) +} + +type authorizerServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewAuthorizerServiceClient(cc grpc.ClientConnInterface) AuthorizerServiceClient { + return &authorizerServiceClient{cc} +} + +func (c *authorizerServiceClient) Signup(ctx context.Context, in *SignupRequest, opts ...grpc.CallOption) (*AuthResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AuthResponse) + err := c.cc.Invoke(ctx, AuthorizerService_Signup_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) Login(ctx context.Context, in *LoginRequest, opts ...grpc.CallOption) (*AuthResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AuthResponse) + err := c.cc.Invoke(ctx, AuthorizerService_Login_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) Logout(ctx context.Context, in *LogoutRequest, opts ...grpc.CallOption) (*LogoutResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(LogoutResponse) + err := c.cc.Invoke(ctx, AuthorizerService_Logout_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) MagicLinkLogin(ctx context.Context, in *MagicLinkLoginRequest, opts ...grpc.CallOption) (*MagicLinkLoginResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(MagicLinkLoginResponse) + err := c.cc.Invoke(ctx, AuthorizerService_MagicLinkLogin_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) VerifyEmail(ctx context.Context, in *VerifyEmailRequest, opts ...grpc.CallOption) (*AuthResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AuthResponse) + err := c.cc.Invoke(ctx, AuthorizerService_VerifyEmail_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ResendVerifyEmail(ctx context.Context, in *ResendVerifyEmailRequest, opts ...grpc.CallOption) (*ResendVerifyEmailResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ResendVerifyEmailResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ResendVerifyEmail_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) VerifyOtp(ctx context.Context, in *VerifyOtpRequest, opts ...grpc.CallOption) (*AuthResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AuthResponse) + err := c.cc.Invoke(ctx, AuthorizerService_VerifyOtp_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ResendOtp(ctx context.Context, in *ResendOtpRequest, opts ...grpc.CallOption) (*ResendOtpResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ResendOtpResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ResendOtp_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ForgotPassword(ctx context.Context, in *ForgotPasswordRequest, opts ...grpc.CallOption) (*ForgotPasswordResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ForgotPasswordResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ForgotPassword_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ResetPassword(ctx context.Context, in *ResetPasswordRequest, opts ...grpc.CallOption) (*ResetPasswordResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ResetPasswordResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ResetPassword_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) Profile(ctx context.Context, in *ProfileRequest, opts ...grpc.CallOption) (*User, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(User) + err := c.cc.Invoke(ctx, AuthorizerService_Profile_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) UpdateProfile(ctx context.Context, in *UpdateProfileRequest, opts ...grpc.CallOption) (*UpdateProfileResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(UpdateProfileResponse) + err := c.cc.Invoke(ctx, AuthorizerService_UpdateProfile_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) DeactivateAccount(ctx context.Context, in *DeactivateAccountRequest, opts ...grpc.CallOption) (*DeactivateAccountResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(DeactivateAccountResponse) + err := c.cc.Invoke(ctx, AuthorizerService_DeactivateAccount_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) Revoke(ctx context.Context, in *RevokeRequest, opts ...grpc.CallOption) (*RevokeResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(RevokeResponse) + err := c.cc.Invoke(ctx, AuthorizerService_Revoke_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) Session(ctx context.Context, in *SessionRequest, opts ...grpc.CallOption) (*AuthResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(AuthResponse) + err := c.cc.Invoke(ctx, AuthorizerService_Session_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ValidateJwtToken(ctx context.Context, in *ValidateJwtTokenRequest, opts ...grpc.CallOption) (*ValidateJwtTokenResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ValidateJwtTokenResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ValidateJwtToken_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ValidateSession(ctx context.Context, in *ValidateSessionRequest, opts ...grpc.CallOption) (*ValidateSessionResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ValidateSessionResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ValidateSession_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) Meta(ctx context.Context, in *MetaRequest, opts ...grpc.CallOption) (*Meta, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(Meta) + err := c.cc.Invoke(ctx, AuthorizerService_Meta_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) CheckPermissions(ctx context.Context, in *CheckPermissionsRequest, opts ...grpc.CallOption) (*CheckPermissionsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(CheckPermissionsResponse) + err := c.cc.Invoke(ctx, AuthorizerService_CheckPermissions_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +func (c *authorizerServiceClient) ListPermissions(ctx context.Context, in *ListPermissionsRequest, opts ...grpc.CallOption) (*ListPermissionsResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ListPermissionsResponse) + err := c.cc.Invoke(ctx, AuthorizerService_ListPermissions_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +// AuthorizerServiceServer is the server API for AuthorizerService service. +// All implementations should embed UnimplementedAuthorizerServiceServer +// for forward compatibility. +type AuthorizerServiceServer interface { + // Signup registers a new user. Public; requires sign-up enabled in config. + // Returns AuthResponse with tokens + (browser callers) Set-Cookie headers. + Signup(context.Context, *SignupRequest) (*AuthResponse, error) + // Login authenticates with email/phone + password. + Login(context.Context, *LoginRequest) (*AuthResponse, error) + // Logout ends the caller's current session. POST, not GET: logout mutates + // server state (clears the session) and is audit-logged, so it must not be + // a "safe" method per RFC 9110 §9.2.1 — GET would also expose it to CSRF. + Logout(context.Context, *LogoutRequest) (*LogoutResponse, error) + // MagicLinkLogin dispatches a passwordless email link. The clicked link + // hits the existing /verify_email browser handler. + MagicLinkLogin(context.Context, *MagicLinkLoginRequest) (*MagicLinkLoginResponse, error) + VerifyEmail(context.Context, *VerifyEmailRequest) (*AuthResponse, error) + ResendVerifyEmail(context.Context, *ResendVerifyEmailRequest) (*ResendVerifyEmailResponse, error) + VerifyOtp(context.Context, *VerifyOtpRequest) (*AuthResponse, error) + ResendOtp(context.Context, *ResendOtpRequest) (*ResendOtpResponse, error) + ForgotPassword(context.Context, *ForgotPasswordRequest) (*ForgotPasswordResponse, error) + ResetPassword(context.Context, *ResetPasswordRequest) (*ResetPasswordResponse, error) + // Profile returns the authenticated user. + Profile(context.Context, *ProfileRequest) (*User, error) + UpdateProfile(context.Context, *UpdateProfileRequest) (*UpdateProfileResponse, error) + // DeactivateAccount soft-deletes the caller's account and revokes all + // refresh tokens as a side effect. OAuth has no concept of account + // deactivation; this is the typed equivalent of SCIM PATCH active=false. + DeactivateAccount(context.Context, *DeactivateAccountRequest) (*DeactivateAccountResponse, error) + // Revoke invalidates a refresh token. Typed mirror of RFC 7009. + Revoke(context.Context, *RevokeRequest) (*RevokeResponse, error) + // Session returns the AuthResponse bound to the caller's session cookie only. + // NOT exposed as an MCP tool — SessionResponse carries access_token, + // refresh_token, id_token, authenticator_secret, and recovery codes, + // none of which should land in an LLM transcript. (Security audit C1.) + Session(context.Context, *SessionRequest) (*AuthResponse, error) + ValidateJwtToken(context.Context, *ValidateJwtTokenRequest) (*ValidateJwtTokenResponse, error) + ValidateSession(context.Context, *ValidateSessionRequest) (*ValidateSessionResponse, error) + // Meta returns server feature flags. No auth required. + Meta(context.Context, *MetaRequest) (*Meta, error) + // CheckPermissions evaluates one or more fine-grained permission checks + // ("does the subject have on ?") in a single call and + // returns one result per check, in order. The subject defaults to the + // authenticated caller; an explicit `user` is honored only for super-admins + // or when it equals the caller's own subject. Fail-closed. + CheckPermissions(context.Context, *CheckPermissionsRequest) (*CheckPermissionsResponse, error) + // ListPermissions enumerates what the subject can access. With both + // `relation` and `object_type` set it answers "which s can I + // ?"; either or both filters may be omitted to enumerate every + // matching (type, relation) pair of the active model. Results are capped; + // `truncated` reports when more permissions exist. Subject resolution + // follows the same rules as CheckPermissions. + ListPermissions(context.Context, *ListPermissionsRequest) (*ListPermissionsResponse, error) +} + +// UnimplementedAuthorizerServiceServer should be embedded to have +// forward compatible implementations. +// +// NOTE: this should be embedded by value instead of pointer to avoid a nil +// pointer dereference when methods are called. +type UnimplementedAuthorizerServiceServer struct{} + +func (UnimplementedAuthorizerServiceServer) Signup(context.Context, *SignupRequest) (*AuthResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Signup not implemented") +} +func (UnimplementedAuthorizerServiceServer) Login(context.Context, *LoginRequest) (*AuthResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Login not implemented") +} +func (UnimplementedAuthorizerServiceServer) Logout(context.Context, *LogoutRequest) (*LogoutResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Logout not implemented") +} +func (UnimplementedAuthorizerServiceServer) MagicLinkLogin(context.Context, *MagicLinkLoginRequest) (*MagicLinkLoginResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method MagicLinkLogin not implemented") +} +func (UnimplementedAuthorizerServiceServer) VerifyEmail(context.Context, *VerifyEmailRequest) (*AuthResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method VerifyEmail not implemented") +} +func (UnimplementedAuthorizerServiceServer) ResendVerifyEmail(context.Context, *ResendVerifyEmailRequest) (*ResendVerifyEmailResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ResendVerifyEmail not implemented") +} +func (UnimplementedAuthorizerServiceServer) VerifyOtp(context.Context, *VerifyOtpRequest) (*AuthResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method VerifyOtp not implemented") +} +func (UnimplementedAuthorizerServiceServer) ResendOtp(context.Context, *ResendOtpRequest) (*ResendOtpResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ResendOtp not implemented") +} +func (UnimplementedAuthorizerServiceServer) ForgotPassword(context.Context, *ForgotPasswordRequest) (*ForgotPasswordResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ForgotPassword not implemented") +} +func (UnimplementedAuthorizerServiceServer) ResetPassword(context.Context, *ResetPasswordRequest) (*ResetPasswordResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ResetPassword not implemented") +} +func (UnimplementedAuthorizerServiceServer) Profile(context.Context, *ProfileRequest) (*User, error) { + return nil, status.Errorf(codes.Unimplemented, "method Profile not implemented") +} +func (UnimplementedAuthorizerServiceServer) UpdateProfile(context.Context, *UpdateProfileRequest) (*UpdateProfileResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method UpdateProfile not implemented") +} +func (UnimplementedAuthorizerServiceServer) DeactivateAccount(context.Context, *DeactivateAccountRequest) (*DeactivateAccountResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method DeactivateAccount not implemented") +} +func (UnimplementedAuthorizerServiceServer) Revoke(context.Context, *RevokeRequest) (*RevokeResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Revoke not implemented") +} +func (UnimplementedAuthorizerServiceServer) Session(context.Context, *SessionRequest) (*AuthResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method Session not implemented") +} +func (UnimplementedAuthorizerServiceServer) ValidateJwtToken(context.Context, *ValidateJwtTokenRequest) (*ValidateJwtTokenResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ValidateJwtToken not implemented") +} +func (UnimplementedAuthorizerServiceServer) ValidateSession(context.Context, *ValidateSessionRequest) (*ValidateSessionResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ValidateSession not implemented") +} +func (UnimplementedAuthorizerServiceServer) Meta(context.Context, *MetaRequest) (*Meta, error) { + return nil, status.Errorf(codes.Unimplemented, "method Meta not implemented") +} +func (UnimplementedAuthorizerServiceServer) CheckPermissions(context.Context, *CheckPermissionsRequest) (*CheckPermissionsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method CheckPermissions not implemented") +} +func (UnimplementedAuthorizerServiceServer) ListPermissions(context.Context, *ListPermissionsRequest) (*ListPermissionsResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method ListPermissions not implemented") +} +func (UnimplementedAuthorizerServiceServer) testEmbeddedByValue() {} + +// UnsafeAuthorizerServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to AuthorizerServiceServer will +// result in compilation errors. +type UnsafeAuthorizerServiceServer interface { + mustEmbedUnimplementedAuthorizerServiceServer() +} + +func RegisterAuthorizerServiceServer(s grpc.ServiceRegistrar, srv AuthorizerServiceServer) { + // If the following call pancis, it indicates UnimplementedAuthorizerServiceServer was + // embedded by pointer and is nil. This will cause panics if an + // unimplemented method is ever invoked, so we test this at initialization + // time to prevent it from happening at runtime later due to I/O. + if t, ok := srv.(interface{ testEmbeddedByValue() }); ok { + t.testEmbeddedByValue() + } + s.RegisterService(&AuthorizerService_ServiceDesc, srv) +} + +func _AuthorizerService_Signup_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SignupRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Signup(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Signup_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Signup(ctx, req.(*SignupRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_Login_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(LoginRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Login(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Login_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Login(ctx, req.(*LoginRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_Logout_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(LogoutRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Logout(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Logout_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Logout(ctx, req.(*LogoutRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_MagicLinkLogin_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(MagicLinkLoginRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).MagicLinkLogin(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_MagicLinkLogin_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).MagicLinkLogin(ctx, req.(*MagicLinkLoginRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_VerifyEmail_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(VerifyEmailRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).VerifyEmail(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_VerifyEmail_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).VerifyEmail(ctx, req.(*VerifyEmailRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ResendVerifyEmail_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ResendVerifyEmailRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ResendVerifyEmail(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ResendVerifyEmail_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ResendVerifyEmail(ctx, req.(*ResendVerifyEmailRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_VerifyOtp_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(VerifyOtpRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).VerifyOtp(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_VerifyOtp_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).VerifyOtp(ctx, req.(*VerifyOtpRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ResendOtp_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ResendOtpRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ResendOtp(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ResendOtp_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ResendOtp(ctx, req.(*ResendOtpRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ForgotPassword_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ForgotPasswordRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ForgotPassword(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ForgotPassword_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ForgotPassword(ctx, req.(*ForgotPasswordRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ResetPassword_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ResetPasswordRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ResetPassword(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ResetPassword_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ResetPassword(ctx, req.(*ResetPasswordRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_Profile_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ProfileRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Profile(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Profile_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Profile(ctx, req.(*ProfileRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_UpdateProfile_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(UpdateProfileRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).UpdateProfile(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_UpdateProfile_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).UpdateProfile(ctx, req.(*UpdateProfileRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_DeactivateAccount_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeactivateAccountRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).DeactivateAccount(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_DeactivateAccount_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).DeactivateAccount(ctx, req.(*DeactivateAccountRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_Revoke_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(RevokeRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Revoke(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Revoke_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Revoke(ctx, req.(*RevokeRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_Session_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(SessionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Session(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Session_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Session(ctx, req.(*SessionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ValidateJwtToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ValidateJwtTokenRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ValidateJwtToken(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ValidateJwtToken_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ValidateJwtToken(ctx, req.(*ValidateJwtTokenRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ValidateSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ValidateSessionRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ValidateSession(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ValidateSession_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ValidateSession(ctx, req.(*ValidateSessionRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_Meta_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(MetaRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).Meta(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_Meta_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).Meta(ctx, req.(*MetaRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_CheckPermissions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(CheckPermissionsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).CheckPermissions(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_CheckPermissions_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).CheckPermissions(ctx, req.(*CheckPermissionsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +func _AuthorizerService_ListPermissions_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ListPermissionsRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(AuthorizerServiceServer).ListPermissions(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: AuthorizerService_ListPermissions_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(AuthorizerServiceServer).ListPermissions(ctx, req.(*ListPermissionsRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// AuthorizerService_ServiceDesc is the grpc.ServiceDesc for AuthorizerService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var AuthorizerService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "authorizer.v1.AuthorizerService", + HandlerType: (*AuthorizerServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "Signup", + Handler: _AuthorizerService_Signup_Handler, + }, + { + MethodName: "Login", + Handler: _AuthorizerService_Login_Handler, + }, + { + MethodName: "Logout", + Handler: _AuthorizerService_Logout_Handler, + }, + { + MethodName: "MagicLinkLogin", + Handler: _AuthorizerService_MagicLinkLogin_Handler, + }, + { + MethodName: "VerifyEmail", + Handler: _AuthorizerService_VerifyEmail_Handler, + }, + { + MethodName: "ResendVerifyEmail", + Handler: _AuthorizerService_ResendVerifyEmail_Handler, + }, + { + MethodName: "VerifyOtp", + Handler: _AuthorizerService_VerifyOtp_Handler, + }, + { + MethodName: "ResendOtp", + Handler: _AuthorizerService_ResendOtp_Handler, + }, + { + MethodName: "ForgotPassword", + Handler: _AuthorizerService_ForgotPassword_Handler, + }, + { + MethodName: "ResetPassword", + Handler: _AuthorizerService_ResetPassword_Handler, + }, + { + MethodName: "Profile", + Handler: _AuthorizerService_Profile_Handler, + }, + { + MethodName: "UpdateProfile", + Handler: _AuthorizerService_UpdateProfile_Handler, + }, + { + MethodName: "DeactivateAccount", + Handler: _AuthorizerService_DeactivateAccount_Handler, + }, + { + MethodName: "Revoke", + Handler: _AuthorizerService_Revoke_Handler, + }, + { + MethodName: "Session", + Handler: _AuthorizerService_Session_Handler, + }, + { + MethodName: "ValidateJwtToken", + Handler: _AuthorizerService_ValidateJwtToken_Handler, + }, + { + MethodName: "ValidateSession", + Handler: _AuthorizerService_ValidateSession_Handler, + }, + { + MethodName: "Meta", + Handler: _AuthorizerService_Meta_Handler, + }, + { + MethodName: "CheckPermissions", + Handler: _AuthorizerService_CheckPermissions_Handler, + }, + { + MethodName: "ListPermissions", + Handler: _AuthorizerService_ListPermissions_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "authorizer/v1/authorizer.proto", +} diff --git a/internal/genpb/authorizer/v1/common.pb.go b/internal/genpb/authorizer/v1/common.pb.go new file mode 100644 index 0000000..851c2ee --- /dev/null +++ b/internal/genpb/authorizer/v1/common.pb.go @@ -0,0 +1,157 @@ +// proto/authorizer/v1/common.proto +// +// Shared scalar-ish types used across Authorizer services. +// +// Kept intentionally tiny: only types that don't naturally belong to a single +// resource service live here. Add a new entry only when at least two services +// share it. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/common.proto + +package authorizerv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + structpb "google.golang.org/protobuf/types/known/structpb" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// AppData is a free-form key/value bag stored against a user. Mirrors the +// GraphQL `Map` scalar. Values are JSON-typed (string, number, bool, null, +// nested object, nested array) to match what the existing storage layer +// accepts. +type AppData struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Value *structpb.Struct `protobuf:"bytes,1,opt,name=value,proto3" json:"value,omitempty"` +} + +func (x *AppData) Reset() { + *x = AppData{} + mi := &file_authorizer_v1_common_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AppData) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AppData) ProtoMessage() {} + +func (x *AppData) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_common_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AppData.ProtoReflect.Descriptor instead. +func (*AppData) Descriptor() ([]byte, []int) { + return file_authorizer_v1_common_proto_rawDescGZIP(), []int{0} +} + +func (x *AppData) GetValue() *structpb.Struct { + if x != nil { + return x.Value + } + return nil +} + +var File_authorizer_v1_common_proto protoreflect.FileDescriptor + +var file_authorizer_v1_common_proto_rawDesc = []byte{ + 0x0a, 0x1a, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x1a, 0x1c, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x73, 0x74, 0x72, + 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x38, 0x0a, 0x07, 0x41, 0x70, 0x70, + 0x44, 0x61, 0x74, 0x61, 0x12, 0x2d, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x05, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x42, 0xc7, 0x01, 0x0a, 0x11, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, + 0x6e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, + 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x64, + 0x65, 0x76, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, 0x6f, + 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, 0x2f, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, + 0xaa, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, 0x31, + 0xca, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, + 0xe2, 0x02, 0x19, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, + 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_authorizer_v1_common_proto_rawDescOnce sync.Once + file_authorizer_v1_common_proto_rawDescData = file_authorizer_v1_common_proto_rawDesc +) + +func file_authorizer_v1_common_proto_rawDescGZIP() []byte { + file_authorizer_v1_common_proto_rawDescOnce.Do(func() { + file_authorizer_v1_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_common_proto_rawDescData) + }) + return file_authorizer_v1_common_proto_rawDescData +} + +var file_authorizer_v1_common_proto_msgTypes = make([]protoimpl.MessageInfo, 1) +var file_authorizer_v1_common_proto_goTypes = []any{ + (*AppData)(nil), // 0: authorizer.v1.AppData + (*structpb.Struct)(nil), // 1: google.protobuf.Struct +} +var file_authorizer_v1_common_proto_depIdxs = []int32{ + 1, // 0: authorizer.v1.AppData.value:type_name -> google.protobuf.Struct + 1, // [1:1] is the sub-list for method output_type + 1, // [1:1] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_common_proto_init() } +func file_authorizer_v1_common_proto_init() { + if File_authorizer_v1_common_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_common_proto_rawDesc, + NumEnums: 0, + NumMessages: 1, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_authorizer_v1_common_proto_goTypes, + DependencyIndexes: file_authorizer_v1_common_proto_depIdxs, + MessageInfos: file_authorizer_v1_common_proto_msgTypes, + }.Build() + File_authorizer_v1_common_proto = out.File + file_authorizer_v1_common_proto_rawDesc = nil + file_authorizer_v1_common_proto_goTypes = nil + file_authorizer_v1_common_proto_depIdxs = nil +} diff --git a/internal/genpb/authorizer/v1/errors.pb.go b/internal/genpb/authorizer/v1/errors.pb.go new file mode 100644 index 0000000..3acdc28 --- /dev/null +++ b/internal/genpb/authorizer/v1/errors.pb.go @@ -0,0 +1,217 @@ +// proto/authorizer/v1/errors.proto +// +// Domain-specific error reasons attached to google.rpc.Status via ErrorInfo. +// +// Wire shape: handlers return standard gRPC status codes (e.g. +// PERMISSION_DENIED, INVALID_ARGUMENT) and attach an ErrorInfo detail whose +// `reason` field is one of the enum values below. The gateway surfaces the +// same ErrorInfo in the REST response body. Clients should branch on the +// enum, not on the human-readable message. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/errors.proto + +package authorizerv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type ErrorReason int32 + +const ( + ErrorReason_ERROR_REASON_UNSPECIFIED ErrorReason = 0 + // Authentication failed (bad credentials, expired token, missing cookie). + // Maps to gRPC UNAUTHENTICATED / HTTP 401. + ErrorReason_ERROR_REASON_INVALID_CREDENTIALS ErrorReason = 1 + // Caller is authenticated but lacks the required permission. + // Maps to PERMISSION_DENIED / HTTP 403. + ErrorReason_ERROR_REASON_PERMISSION_DENIED ErrorReason = 2 + // The targeted resource does not exist. NOT_FOUND / 404. + ErrorReason_ERROR_REASON_NOT_FOUND ErrorReason = 3 + // A unique constraint was violated (e.g. email already registered). + // ALREADY_EXISTS / 409. + ErrorReason_ERROR_REASON_ALREADY_EXISTS ErrorReason = 4 + // Request validation failed beyond what protovalidate caught + // (cross-field, business-rule). INVALID_ARGUMENT / 400. + ErrorReason_ERROR_REASON_INVALID_REQUEST ErrorReason = 5 + // A required identity-verification step has not been completed + // (email not verified, phone not verified, MFA required). FAILED_PRECONDITION / 412. + ErrorReason_ERROR_REASON_VERIFICATION_REQUIRED ErrorReason = 6 + // The current configuration disables the requested operation + // (sign-up disabled, magic-link login disabled, etc.). FAILED_PRECONDITION / 412. + ErrorReason_ERROR_REASON_OPERATION_DISABLED ErrorReason = 7 + // Caller exceeded the configured rate limit. RESOURCE_EXHAUSTED / 429. + ErrorReason_ERROR_REASON_RATE_LIMITED ErrorReason = 8 + // A verification token (email, password reset, magic link, OTP) is expired + // or has already been consumed. FAILED_PRECONDITION / 412. + ErrorReason_ERROR_REASON_TOKEN_EXPIRED ErrorReason = 9 + // The account is deactivated or its access has been revoked by an admin. + // FAILED_PRECONDITION / 412. + ErrorReason_ERROR_REASON_ACCOUNT_DEACTIVATED ErrorReason = 10 +) + +// Enum value maps for ErrorReason. +var ( + ErrorReason_name = map[int32]string{ + 0: "ERROR_REASON_UNSPECIFIED", + 1: "ERROR_REASON_INVALID_CREDENTIALS", + 2: "ERROR_REASON_PERMISSION_DENIED", + 3: "ERROR_REASON_NOT_FOUND", + 4: "ERROR_REASON_ALREADY_EXISTS", + 5: "ERROR_REASON_INVALID_REQUEST", + 6: "ERROR_REASON_VERIFICATION_REQUIRED", + 7: "ERROR_REASON_OPERATION_DISABLED", + 8: "ERROR_REASON_RATE_LIMITED", + 9: "ERROR_REASON_TOKEN_EXPIRED", + 10: "ERROR_REASON_ACCOUNT_DEACTIVATED", + } + ErrorReason_value = map[string]int32{ + "ERROR_REASON_UNSPECIFIED": 0, + "ERROR_REASON_INVALID_CREDENTIALS": 1, + "ERROR_REASON_PERMISSION_DENIED": 2, + "ERROR_REASON_NOT_FOUND": 3, + "ERROR_REASON_ALREADY_EXISTS": 4, + "ERROR_REASON_INVALID_REQUEST": 5, + "ERROR_REASON_VERIFICATION_REQUIRED": 6, + "ERROR_REASON_OPERATION_DISABLED": 7, + "ERROR_REASON_RATE_LIMITED": 8, + "ERROR_REASON_TOKEN_EXPIRED": 9, + "ERROR_REASON_ACCOUNT_DEACTIVATED": 10, + } +) + +func (x ErrorReason) Enum() *ErrorReason { + p := new(ErrorReason) + *p = x + return p +} + +func (x ErrorReason) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (ErrorReason) Descriptor() protoreflect.EnumDescriptor { + return file_authorizer_v1_errors_proto_enumTypes[0].Descriptor() +} + +func (ErrorReason) Type() protoreflect.EnumType { + return &file_authorizer_v1_errors_proto_enumTypes[0] +} + +func (x ErrorReason) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Use ErrorReason.Descriptor instead. +func (ErrorReason) EnumDescriptor() ([]byte, []int) { + return file_authorizer_v1_errors_proto_rawDescGZIP(), []int{0} +} + +var File_authorizer_v1_errors_proto protoreflect.FileDescriptor + +var file_authorizer_v1_errors_proto_rawDesc = []byte{ + 0x0a, 0x1a, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x65, 0x72, 0x72, 0x6f, 0x72, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2a, 0x86, 0x03, 0x0a, 0x0b, + 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x18, 0x45, + 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, + 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x24, 0x0a, 0x20, 0x45, 0x52, 0x52, + 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, + 0x44, 0x5f, 0x43, 0x52, 0x45, 0x44, 0x45, 0x4e, 0x54, 0x49, 0x41, 0x4c, 0x53, 0x10, 0x01, 0x12, + 0x22, 0x0a, 0x1e, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, + 0x50, 0x45, 0x52, 0x4d, 0x49, 0x53, 0x53, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x45, 0x4e, 0x49, 0x45, + 0x44, 0x10, 0x02, 0x12, 0x1a, 0x0a, 0x16, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, + 0x53, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x46, 0x4f, 0x55, 0x4e, 0x44, 0x10, 0x03, 0x12, + 0x1f, 0x0a, 0x1b, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, + 0x41, 0x4c, 0x52, 0x45, 0x41, 0x44, 0x59, 0x5f, 0x45, 0x58, 0x49, 0x53, 0x54, 0x53, 0x10, 0x04, + 0x12, 0x20, 0x0a, 0x1c, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, + 0x5f, 0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, 0x44, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x45, 0x53, 0x54, + 0x10, 0x05, 0x12, 0x26, 0x0a, 0x22, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, + 0x4f, 0x4e, 0x5f, 0x56, 0x45, 0x52, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, + 0x52, 0x45, 0x51, 0x55, 0x49, 0x52, 0x45, 0x44, 0x10, 0x06, 0x12, 0x23, 0x0a, 0x1f, 0x45, 0x52, + 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x4f, 0x50, 0x45, 0x52, 0x41, + 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x44, 0x49, 0x53, 0x41, 0x42, 0x4c, 0x45, 0x44, 0x10, 0x07, 0x12, + 0x1d, 0x0a, 0x19, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, + 0x52, 0x41, 0x54, 0x45, 0x5f, 0x4c, 0x49, 0x4d, 0x49, 0x54, 0x45, 0x44, 0x10, 0x08, 0x12, 0x1e, + 0x0a, 0x1a, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x54, + 0x4f, 0x4b, 0x45, 0x4e, 0x5f, 0x45, 0x58, 0x50, 0x49, 0x52, 0x45, 0x44, 0x10, 0x09, 0x12, 0x24, + 0x0a, 0x20, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x5f, 0x52, 0x45, 0x41, 0x53, 0x4f, 0x4e, 0x5f, 0x41, + 0x43, 0x43, 0x4f, 0x55, 0x4e, 0x54, 0x5f, 0x44, 0x45, 0x41, 0x43, 0x54, 0x49, 0x56, 0x41, 0x54, + 0x45, 0x44, 0x10, 0x0a, 0x42, 0xc7, 0x01, 0x0a, 0x11, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x45, 0x72, 0x72, 0x6f, + 0x72, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, + 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, + 0x64, 0x65, 0x76, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, + 0x6f, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, + 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, + 0x58, 0xaa, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, + 0x31, 0xca, 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, + 0x31, 0xe2, 0x02, 0x19, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, + 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, + 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_authorizer_v1_errors_proto_rawDescOnce sync.Once + file_authorizer_v1_errors_proto_rawDescData = file_authorizer_v1_errors_proto_rawDesc +) + +func file_authorizer_v1_errors_proto_rawDescGZIP() []byte { + file_authorizer_v1_errors_proto_rawDescOnce.Do(func() { + file_authorizer_v1_errors_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_errors_proto_rawDescData) + }) + return file_authorizer_v1_errors_proto_rawDescData +} + +var file_authorizer_v1_errors_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_authorizer_v1_errors_proto_goTypes = []any{ + (ErrorReason)(0), // 0: authorizer.v1.ErrorReason +} +var file_authorizer_v1_errors_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_errors_proto_init() } +func file_authorizer_v1_errors_proto_init() { + if File_authorizer_v1_errors_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_errors_proto_rawDesc, + NumEnums: 1, + NumMessages: 0, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_authorizer_v1_errors_proto_goTypes, + DependencyIndexes: file_authorizer_v1_errors_proto_depIdxs, + EnumInfos: file_authorizer_v1_errors_proto_enumTypes, + }.Build() + File_authorizer_v1_errors_proto = out.File + file_authorizer_v1_errors_proto_rawDesc = nil + file_authorizer_v1_errors_proto_goTypes = nil + file_authorizer_v1_errors_proto_depIdxs = nil +} diff --git a/internal/genpb/authorizer/v1/pagination.pb.go b/internal/genpb/authorizer/v1/pagination.pb.go new file mode 100644 index 0000000..2e21800 --- /dev/null +++ b/internal/genpb/authorizer/v1/pagination.pb.go @@ -0,0 +1,265 @@ +// proto/authorizer/v1/pagination.proto +// +// Pagination types shared across List RPCs. +// +// The Authorizer GraphQL surface uses page+limit (offset-based) pagination. +// To keep the proto surface familiar for current users *and* compatible with +// AIP-158 (page_token-based) clients, both shapes are accepted on +// PaginationRequest; the server picks page_token when set, else falls back to +// page+limit. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/pagination.proto + +package authorizerv1 + +import ( + _ "buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go/buf/validate" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +type PaginationRequest struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + // 1-based page number. Ignored when page_token is set. Default 1. + Page int64 `protobuf:"varint,1,opt,name=page,proto3" json:"page,omitempty"` + // Page size. Server enforces an upper bound (typically 100). Default 10. + Limit int64 `protobuf:"varint,2,opt,name=limit,proto3" json:"limit,omitempty"` + // Opaque cursor returned by the previous List call's `next_page_token`. + // Preferred for new clients (AIP-158). When set, `page` is ignored. + PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"` +} + +func (x *PaginationRequest) Reset() { + *x = PaginationRequest{} + mi := &file_authorizer_v1_pagination_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PaginationRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PaginationRequest) ProtoMessage() {} + +func (x *PaginationRequest) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_pagination_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PaginationRequest.ProtoReflect.Descriptor instead. +func (*PaginationRequest) Descriptor() ([]byte, []int) { + return file_authorizer_v1_pagination_proto_rawDescGZIP(), []int{0} +} + +func (x *PaginationRequest) GetPage() int64 { + if x != nil { + return x.Page + } + return 0 +} + +func (x *PaginationRequest) GetLimit() int64 { + if x != nil { + return x.Limit + } + return 0 +} + +func (x *PaginationRequest) GetPageToken() string { + if x != nil { + return x.PageToken + } + return "" +} + +type Pagination struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Limit int64 `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"` + Page int64 `protobuf:"varint,2,opt,name=page,proto3" json:"page,omitempty"` + Offset int64 `protobuf:"varint,3,opt,name=offset,proto3" json:"offset,omitempty"` + Total int64 `protobuf:"varint,4,opt,name=total,proto3" json:"total,omitempty"` + // Opaque cursor for the next page; empty when no more pages. + NextPageToken string `protobuf:"bytes,5,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"` +} + +func (x *Pagination) Reset() { + *x = Pagination{} + mi := &file_authorizer_v1_pagination_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *Pagination) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Pagination) ProtoMessage() {} + +func (x *Pagination) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_pagination_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Pagination.ProtoReflect.Descriptor instead. +func (*Pagination) Descriptor() ([]byte, []int) { + return file_authorizer_v1_pagination_proto_rawDescGZIP(), []int{1} +} + +func (x *Pagination) GetLimit() int64 { + if x != nil { + return x.Limit + } + return 0 +} + +func (x *Pagination) GetPage() int64 { + if x != nil { + return x.Page + } + return 0 +} + +func (x *Pagination) GetOffset() int64 { + if x != nil { + return x.Offset + } + return 0 +} + +func (x *Pagination) GetTotal() int64 { + if x != nil { + return x.Total + } + return 0 +} + +func (x *Pagination) GetNextPageToken() string { + if x != nil { + return x.NextPageToken + } + return "" +} + +var File_authorizer_v1_pagination_proto protoreflect.FileDescriptor + +var file_authorizer_v1_pagination_proto_rawDesc = []byte{ + 0x0a, 0x1e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x70, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x12, 0x0d, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x1a, + 0x1b, 0x62, 0x75, 0x66, 0x2f, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2f, 0x76, 0x61, + 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x71, 0x0a, 0x11, + 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x12, 0x1b, 0x0a, 0x04, 0x70, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x42, + 0x07, 0xba, 0x48, 0x04, 0x22, 0x02, 0x28, 0x00, 0x52, 0x04, 0x70, 0x61, 0x67, 0x65, 0x12, 0x20, + 0x0a, 0x05, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x42, 0x0a, 0xba, + 0x48, 0x07, 0x22, 0x05, 0x18, 0xe8, 0x07, 0x28, 0x00, 0x52, 0x05, 0x6c, 0x69, 0x6d, 0x69, 0x74, + 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x22, + 0x8c, 0x01, 0x0a, 0x0a, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x14, + 0x0a, 0x05, 0x6c, 0x69, 0x6d, 0x69, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x6c, + 0x69, 0x6d, 0x69, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, + 0x28, 0x03, 0x52, 0x04, 0x70, 0x61, 0x67, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, + 0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, + 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, + 0x05, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x12, 0x26, 0x0a, 0x0f, 0x6e, 0x65, 0x78, 0x74, 0x5f, 0x70, + 0x61, 0x67, 0x65, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0d, 0x6e, 0x65, 0x78, 0x74, 0x50, 0x61, 0x67, 0x65, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x42, 0xcb, + 0x01, 0x0a, 0x11, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, + 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0f, 0x50, 0x61, 0x67, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, + 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x64, 0x65, + 0x76, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, 0x6f, 0x2f, + 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, 0x2f, 0x61, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, + 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, + 0x02, 0x0d, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0xe2, + 0x02, 0x19, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0x5c, + 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_authorizer_v1_pagination_proto_rawDescOnce sync.Once + file_authorizer_v1_pagination_proto_rawDescData = file_authorizer_v1_pagination_proto_rawDesc +) + +func file_authorizer_v1_pagination_proto_rawDescGZIP() []byte { + file_authorizer_v1_pagination_proto_rawDescOnce.Do(func() { + file_authorizer_v1_pagination_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_pagination_proto_rawDescData) + }) + return file_authorizer_v1_pagination_proto_rawDescData +} + +var file_authorizer_v1_pagination_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_authorizer_v1_pagination_proto_goTypes = []any{ + (*PaginationRequest)(nil), // 0: authorizer.v1.PaginationRequest + (*Pagination)(nil), // 1: authorizer.v1.Pagination +} +var file_authorizer_v1_pagination_proto_depIdxs = []int32{ + 0, // [0:0] is the sub-list for method output_type + 0, // [0:0] is the sub-list for method input_type + 0, // [0:0] is the sub-list for extension type_name + 0, // [0:0] is the sub-list for extension extendee + 0, // [0:0] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_pagination_proto_init() } +func file_authorizer_v1_pagination_proto_init() { + if File_authorizer_v1_pagination_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_pagination_proto_rawDesc, + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_authorizer_v1_pagination_proto_goTypes, + DependencyIndexes: file_authorizer_v1_pagination_proto_depIdxs, + MessageInfos: file_authorizer_v1_pagination_proto_msgTypes, + }.Build() + File_authorizer_v1_pagination_proto = out.File + file_authorizer_v1_pagination_proto_rawDesc = nil + file_authorizer_v1_pagination_proto_goTypes = nil + file_authorizer_v1_pagination_proto_depIdxs = nil +} diff --git a/internal/genpb/authorizer/v1/types.pb.go b/internal/genpb/authorizer/v1/types.pb.go new file mode 100644 index 0000000..f701922 --- /dev/null +++ b/internal/genpb/authorizer/v1/types.pb.go @@ -0,0 +1,1131 @@ +// Shared message types used by the Authorizer service. Field naming mirrors +// the GraphQL schema 1:1 so REST/gRPC clients see the same shape. + +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.35.2 +// protoc (unknown) +// source: authorizer/v1/types.proto + +package authorizerv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// User mirrors the GraphQL User type. Returned by Profile and embedded in +// AuthResponse. +type User struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` + // Either email or phone_number is always present. + Email string `protobuf:"bytes,2,opt,name=email,proto3" json:"email,omitempty"` + EmailVerified bool `protobuf:"varint,3,opt,name=email_verified,json=emailVerified,proto3" json:"email_verified,omitempty"` + SignupMethods string `protobuf:"bytes,4,opt,name=signup_methods,json=signupMethods,proto3" json:"signup_methods,omitempty"` + GivenName string `protobuf:"bytes,5,opt,name=given_name,json=givenName,proto3" json:"given_name,omitempty"` + FamilyName string `protobuf:"bytes,6,opt,name=family_name,json=familyName,proto3" json:"family_name,omitempty"` + MiddleName string `protobuf:"bytes,7,opt,name=middle_name,json=middleName,proto3" json:"middle_name,omitempty"` + Nickname string `protobuf:"bytes,8,opt,name=nickname,proto3" json:"nickname,omitempty"` + // Defaults to email when unset. + PreferredUsername string `protobuf:"bytes,9,opt,name=preferred_username,json=preferredUsername,proto3" json:"preferred_username,omitempty"` + Gender string `protobuf:"bytes,10,opt,name=gender,proto3" json:"gender,omitempty"` + Birthdate string `protobuf:"bytes,11,opt,name=birthdate,proto3" json:"birthdate,omitempty"` + PhoneNumber string `protobuf:"bytes,12,opt,name=phone_number,json=phoneNumber,proto3" json:"phone_number,omitempty"` + PhoneNumberVerified bool `protobuf:"varint,13,opt,name=phone_number_verified,json=phoneNumberVerified,proto3" json:"phone_number_verified,omitempty"` + Picture string `protobuf:"bytes,14,opt,name=picture,proto3" json:"picture,omitempty"` + Roles []string `protobuf:"bytes,15,rep,name=roles,proto3" json:"roles,omitempty"` + CreatedAt int64 `protobuf:"varint,16,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` + UpdatedAt int64 `protobuf:"varint,17,opt,name=updated_at,json=updatedAt,proto3" json:"updated_at,omitempty"` + RevokedTimestamp int64 `protobuf:"varint,18,opt,name=revoked_timestamp,json=revokedTimestamp,proto3" json:"revoked_timestamp,omitempty"` + IsMultiFactorAuthEnabled bool `protobuf:"varint,19,opt,name=is_multi_factor_auth_enabled,json=isMultiFactorAuthEnabled,proto3" json:"is_multi_factor_auth_enabled,omitempty"` + // Free-form key/value bag — same as GraphQL `app_data: Map`. + AppData *AppData `protobuf:"bytes,20,opt,name=app_data,json=appData,proto3" json:"app_data,omitempty"` +} + +func (x *User) Reset() { + *x = User{} + mi := &file_authorizer_v1_types_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *User) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*User) ProtoMessage() {} + +func (x *User) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use User.ProtoReflect.Descriptor instead. +func (*User) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{0} +} + +func (x *User) GetId() string { + if x != nil { + return x.Id + } + return "" +} + +func (x *User) GetEmail() string { + if x != nil { + return x.Email + } + return "" +} + +func (x *User) GetEmailVerified() bool { + if x != nil { + return x.EmailVerified + } + return false +} + +func (x *User) GetSignupMethods() string { + if x != nil { + return x.SignupMethods + } + return "" +} + +func (x *User) GetGivenName() string { + if x != nil { + return x.GivenName + } + return "" +} + +func (x *User) GetFamilyName() string { + if x != nil { + return x.FamilyName + } + return "" +} + +func (x *User) GetMiddleName() string { + if x != nil { + return x.MiddleName + } + return "" +} + +func (x *User) GetNickname() string { + if x != nil { + return x.Nickname + } + return "" +} + +func (x *User) GetPreferredUsername() string { + if x != nil { + return x.PreferredUsername + } + return "" +} + +func (x *User) GetGender() string { + if x != nil { + return x.Gender + } + return "" +} + +func (x *User) GetBirthdate() string { + if x != nil { + return x.Birthdate + } + return "" +} + +func (x *User) GetPhoneNumber() string { + if x != nil { + return x.PhoneNumber + } + return "" +} + +func (x *User) GetPhoneNumberVerified() bool { + if x != nil { + return x.PhoneNumberVerified + } + return false +} + +func (x *User) GetPicture() string { + if x != nil { + return x.Picture + } + return "" +} + +func (x *User) GetRoles() []string { + if x != nil { + return x.Roles + } + return nil +} + +func (x *User) GetCreatedAt() int64 { + if x != nil { + return x.CreatedAt + } + return 0 +} + +func (x *User) GetUpdatedAt() int64 { + if x != nil { + return x.UpdatedAt + } + return 0 +} + +func (x *User) GetRevokedTimestamp() int64 { + if x != nil { + return x.RevokedTimestamp + } + return 0 +} + +func (x *User) GetIsMultiFactorAuthEnabled() bool { + if x != nil { + return x.IsMultiFactorAuthEnabled + } + return false +} + +func (x *User) GetAppData() *AppData { + if x != nil { + return x.AppData + } + return nil +} + +// AuthResponse mirrors the GraphQL AuthResponse type. Returned (wrapped) by +// every method that produces a session: Signup, Login, MagicLinkLogin, +// VerifyEmail, VerifyOtp, Session. +type AuthResponse struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Message string `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"` + ShouldShowEmailOtpScreen bool `protobuf:"varint,2,opt,name=should_show_email_otp_screen,json=shouldShowEmailOtpScreen,proto3" json:"should_show_email_otp_screen,omitempty"` + ShouldShowMobileOtpScreen bool `protobuf:"varint,3,opt,name=should_show_mobile_otp_screen,json=shouldShowMobileOtpScreen,proto3" json:"should_show_mobile_otp_screen,omitempty"` + ShouldShowTotpScreen bool `protobuf:"varint,4,opt,name=should_show_totp_screen,json=shouldShowTotpScreen,proto3" json:"should_show_totp_screen,omitempty"` + AccessToken string `protobuf:"bytes,5,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"` + IdToken string `protobuf:"bytes,6,opt,name=id_token,json=idToken,proto3" json:"id_token,omitempty"` + RefreshToken string `protobuf:"bytes,7,opt,name=refresh_token,json=refreshToken,proto3" json:"refresh_token,omitempty"` + ExpiresIn int64 `protobuf:"varint,8,opt,name=expires_in,json=expiresIn,proto3" json:"expires_in,omitempty"` + User *User `protobuf:"bytes,9,opt,name=user,proto3" json:"user,omitempty"` + // TOTP enrolment artifacts (populated only when this AuthResponse + // initiates TOTP setup; one-time, never re-shown). + AuthenticatorScannerImage string `protobuf:"bytes,10,opt,name=authenticator_scanner_image,json=authenticatorScannerImage,proto3" json:"authenticator_scanner_image,omitempty"` + AuthenticatorSecret string `protobuf:"bytes,11,opt,name=authenticator_secret,json=authenticatorSecret,proto3" json:"authenticator_secret,omitempty"` + AuthenticatorRecoveryCodes []string `protobuf:"bytes,12,rep,name=authenticator_recovery_codes,json=authenticatorRecoveryCodes,proto3" json:"authenticator_recovery_codes,omitempty"` +} + +func (x *AuthResponse) Reset() { + *x = AuthResponse{} + mi := &file_authorizer_v1_types_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *AuthResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*AuthResponse) ProtoMessage() {} + +func (x *AuthResponse) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use AuthResponse.ProtoReflect.Descriptor instead. +func (*AuthResponse) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{1} +} + +func (x *AuthResponse) GetMessage() string { + if x != nil { + return x.Message + } + return "" +} + +func (x *AuthResponse) GetShouldShowEmailOtpScreen() bool { + if x != nil { + return x.ShouldShowEmailOtpScreen + } + return false +} + +func (x *AuthResponse) GetShouldShowMobileOtpScreen() bool { + if x != nil { + return x.ShouldShowMobileOtpScreen + } + return false +} + +func (x *AuthResponse) GetShouldShowTotpScreen() bool { + if x != nil { + return x.ShouldShowTotpScreen + } + return false +} + +func (x *AuthResponse) GetAccessToken() string { + if x != nil { + return x.AccessToken + } + return "" +} + +func (x *AuthResponse) GetIdToken() string { + if x != nil { + return x.IdToken + } + return "" +} + +func (x *AuthResponse) GetRefreshToken() string { + if x != nil { + return x.RefreshToken + } + return "" +} + +func (x *AuthResponse) GetExpiresIn() int64 { + if x != nil { + return x.ExpiresIn + } + return 0 +} + +func (x *AuthResponse) GetUser() *User { + if x != nil { + return x.User + } + return nil +} + +func (x *AuthResponse) GetAuthenticatorScannerImage() string { + if x != nil { + return x.AuthenticatorScannerImage + } + return "" +} + +func (x *AuthResponse) GetAuthenticatorSecret() string { + if x != nil { + return x.AuthenticatorSecret + } + return "" +} + +func (x *AuthResponse) GetAuthenticatorRecoveryCodes() []string { + if x != nil { + return x.AuthenticatorRecoveryCodes + } + return nil +} + +// Permission is one (object, relation) pair the subject holds: "subject has +// `relation` on `object`". Mirrors the GraphQL Permission type. +type Permission struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Object string `protobuf:"bytes,1,opt,name=object,proto3" json:"object,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` +} + +func (x *Permission) Reset() { + *x = Permission{} + mi := &file_authorizer_v1_types_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *Permission) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Permission) ProtoMessage() {} + +func (x *Permission) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[2] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Permission.ProtoReflect.Descriptor instead. +func (*Permission) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{2} +} + +func (x *Permission) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +func (x *Permission) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +// FgaRelationInput is a (relation, object) requirement evaluated against the +// authenticated caller during Session / ValidateJwtToken / ValidateSession. +// AND semantics, fail-closed. Mirrors the GraphQL FgaRelationInput type. +type FgaRelationInput struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` + Object string `protobuf:"bytes,2,opt,name=object,proto3" json:"object,omitempty"` +} + +func (x *FgaRelationInput) Reset() { + *x = FgaRelationInput{} + mi := &file_authorizer_v1_types_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaRelationInput) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaRelationInput) ProtoMessage() {} + +func (x *FgaRelationInput) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaRelationInput.ProtoReflect.Descriptor instead. +func (*FgaRelationInput) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{3} +} + +func (x *FgaRelationInput) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *FgaRelationInput) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +// FgaTupleInput is one relationship tuple supplied as request-scoped context +// for a permission check; contextual tuples are never persisted. Mirrors the +// GraphQL FgaTupleInput type. +type FgaTupleInput struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + User string `protobuf:"bytes,1,opt,name=user,proto3" json:"user,omitempty"` + Relation string `protobuf:"bytes,2,opt,name=relation,proto3" json:"relation,omitempty"` + Object string `protobuf:"bytes,3,opt,name=object,proto3" json:"object,omitempty"` +} + +func (x *FgaTupleInput) Reset() { + *x = FgaTupleInput{} + mi := &file_authorizer_v1_types_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *FgaTupleInput) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*FgaTupleInput) ProtoMessage() {} + +func (x *FgaTupleInput) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use FgaTupleInput.ProtoReflect.Descriptor instead. +func (*FgaTupleInput) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{4} +} + +func (x *FgaTupleInput) GetUser() string { + if x != nil { + return x.User + } + return "" +} + +func (x *FgaTupleInput) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *FgaTupleInput) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +// PermissionCheckInput is one permission to evaluate: "does the subject have +// on ?". Mirrors the GraphQL PermissionCheckInput type. +type PermissionCheckInput struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` + Object string `protobuf:"bytes,2,opt,name=object,proto3" json:"object,omitempty"` + ContextualTuples []*FgaTupleInput `protobuf:"bytes,3,rep,name=contextual_tuples,json=contextualTuples,proto3" json:"contextual_tuples,omitempty"` +} + +func (x *PermissionCheckInput) Reset() { + *x = PermissionCheckInput{} + mi := &file_authorizer_v1_types_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PermissionCheckInput) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PermissionCheckInput) ProtoMessage() {} + +func (x *PermissionCheckInput) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[5] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PermissionCheckInput.ProtoReflect.Descriptor instead. +func (*PermissionCheckInput) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{5} +} + +func (x *PermissionCheckInput) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *PermissionCheckInput) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +func (x *PermissionCheckInput) GetContextualTuples() []*FgaTupleInput { + if x != nil { + return x.ContextualTuples + } + return nil +} + +// PermissionCheckResult is the outcome of one permission check, echoing the +// checked pair so batch results are self-describing (and positionally +// aligned). Mirrors the GraphQL PermissionCheckResult type. +type PermissionCheckResult struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Relation string `protobuf:"bytes,1,opt,name=relation,proto3" json:"relation,omitempty"` + Object string `protobuf:"bytes,2,opt,name=object,proto3" json:"object,omitempty"` + Allowed bool `protobuf:"varint,3,opt,name=allowed,proto3" json:"allowed,omitempty"` +} + +func (x *PermissionCheckResult) Reset() { + *x = PermissionCheckResult{} + mi := &file_authorizer_v1_types_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PermissionCheckResult) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PermissionCheckResult) ProtoMessage() {} + +func (x *PermissionCheckResult) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[6] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PermissionCheckResult.ProtoReflect.Descriptor instead. +func (*PermissionCheckResult) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{6} +} + +func (x *PermissionCheckResult) GetRelation() string { + if x != nil { + return x.Relation + } + return "" +} + +func (x *PermissionCheckResult) GetObject() string { + if x != nil { + return x.Object + } + return "" +} + +func (x *PermissionCheckResult) GetAllowed() bool { + if x != nil { + return x.Allowed + } + return false +} + +// Meta mirrors the GraphQL Meta type — server feature flags + provider +// availability, returned by the Meta query. +type Meta struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Version string `protobuf:"bytes,1,opt,name=version,proto3" json:"version,omitempty"` + ClientId string `protobuf:"bytes,2,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"` + IsGoogleLoginEnabled bool `protobuf:"varint,3,opt,name=is_google_login_enabled,json=isGoogleLoginEnabled,proto3" json:"is_google_login_enabled,omitempty"` + IsFacebookLoginEnabled bool `protobuf:"varint,4,opt,name=is_facebook_login_enabled,json=isFacebookLoginEnabled,proto3" json:"is_facebook_login_enabled,omitempty"` + IsGithubLoginEnabled bool `protobuf:"varint,5,opt,name=is_github_login_enabled,json=isGithubLoginEnabled,proto3" json:"is_github_login_enabled,omitempty"` + IsLinkedinLoginEnabled bool `protobuf:"varint,6,opt,name=is_linkedin_login_enabled,json=isLinkedinLoginEnabled,proto3" json:"is_linkedin_login_enabled,omitempty"` + IsAppleLoginEnabled bool `protobuf:"varint,7,opt,name=is_apple_login_enabled,json=isAppleLoginEnabled,proto3" json:"is_apple_login_enabled,omitempty"` + IsDiscordLoginEnabled bool `protobuf:"varint,8,opt,name=is_discord_login_enabled,json=isDiscordLoginEnabled,proto3" json:"is_discord_login_enabled,omitempty"` + IsTwitterLoginEnabled bool `protobuf:"varint,9,opt,name=is_twitter_login_enabled,json=isTwitterLoginEnabled,proto3" json:"is_twitter_login_enabled,omitempty"` + IsMicrosoftLoginEnabled bool `protobuf:"varint,10,opt,name=is_microsoft_login_enabled,json=isMicrosoftLoginEnabled,proto3" json:"is_microsoft_login_enabled,omitempty"` + IsTwitchLoginEnabled bool `protobuf:"varint,11,opt,name=is_twitch_login_enabled,json=isTwitchLoginEnabled,proto3" json:"is_twitch_login_enabled,omitempty"` + IsRobloxLoginEnabled bool `protobuf:"varint,12,opt,name=is_roblox_login_enabled,json=isRobloxLoginEnabled,proto3" json:"is_roblox_login_enabled,omitempty"` + IsEmailVerificationEnabled bool `protobuf:"varint,13,opt,name=is_email_verification_enabled,json=isEmailVerificationEnabled,proto3" json:"is_email_verification_enabled,omitempty"` + IsBasicAuthenticationEnabled bool `protobuf:"varint,14,opt,name=is_basic_authentication_enabled,json=isBasicAuthenticationEnabled,proto3" json:"is_basic_authentication_enabled,omitempty"` + IsMagicLinkLoginEnabled bool `protobuf:"varint,15,opt,name=is_magic_link_login_enabled,json=isMagicLinkLoginEnabled,proto3" json:"is_magic_link_login_enabled,omitempty"` + IsSignUpEnabled bool `protobuf:"varint,16,opt,name=is_sign_up_enabled,json=isSignUpEnabled,proto3" json:"is_sign_up_enabled,omitempty"` + IsStrongPasswordEnabled bool `protobuf:"varint,17,opt,name=is_strong_password_enabled,json=isStrongPasswordEnabled,proto3" json:"is_strong_password_enabled,omitempty"` + IsMultiFactorAuthEnabled bool `protobuf:"varint,18,opt,name=is_multi_factor_auth_enabled,json=isMultiFactorAuthEnabled,proto3" json:"is_multi_factor_auth_enabled,omitempty"` + IsMobileBasicAuthenticationEnabled bool `protobuf:"varint,19,opt,name=is_mobile_basic_authentication_enabled,json=isMobileBasicAuthenticationEnabled,proto3" json:"is_mobile_basic_authentication_enabled,omitempty"` + IsPhoneVerificationEnabled bool `protobuf:"varint,20,opt,name=is_phone_verification_enabled,json=isPhoneVerificationEnabled,proto3" json:"is_phone_verification_enabled,omitempty"` +} + +func (x *Meta) Reset() { + *x = Meta{} + mi := &file_authorizer_v1_types_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *Meta) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*Meta) ProtoMessage() {} + +func (x *Meta) ProtoReflect() protoreflect.Message { + mi := &file_authorizer_v1_types_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use Meta.ProtoReflect.Descriptor instead. +func (*Meta) Descriptor() ([]byte, []int) { + return file_authorizer_v1_types_proto_rawDescGZIP(), []int{7} +} + +func (x *Meta) GetVersion() string { + if x != nil { + return x.Version + } + return "" +} + +func (x *Meta) GetClientId() string { + if x != nil { + return x.ClientId + } + return "" +} + +func (x *Meta) GetIsGoogleLoginEnabled() bool { + if x != nil { + return x.IsGoogleLoginEnabled + } + return false +} + +func (x *Meta) GetIsFacebookLoginEnabled() bool { + if x != nil { + return x.IsFacebookLoginEnabled + } + return false +} + +func (x *Meta) GetIsGithubLoginEnabled() bool { + if x != nil { + return x.IsGithubLoginEnabled + } + return false +} + +func (x *Meta) GetIsLinkedinLoginEnabled() bool { + if x != nil { + return x.IsLinkedinLoginEnabled + } + return false +} + +func (x *Meta) GetIsAppleLoginEnabled() bool { + if x != nil { + return x.IsAppleLoginEnabled + } + return false +} + +func (x *Meta) GetIsDiscordLoginEnabled() bool { + if x != nil { + return x.IsDiscordLoginEnabled + } + return false +} + +func (x *Meta) GetIsTwitterLoginEnabled() bool { + if x != nil { + return x.IsTwitterLoginEnabled + } + return false +} + +func (x *Meta) GetIsMicrosoftLoginEnabled() bool { + if x != nil { + return x.IsMicrosoftLoginEnabled + } + return false +} + +func (x *Meta) GetIsTwitchLoginEnabled() bool { + if x != nil { + return x.IsTwitchLoginEnabled + } + return false +} + +func (x *Meta) GetIsRobloxLoginEnabled() bool { + if x != nil { + return x.IsRobloxLoginEnabled + } + return false +} + +func (x *Meta) GetIsEmailVerificationEnabled() bool { + if x != nil { + return x.IsEmailVerificationEnabled + } + return false +} + +func (x *Meta) GetIsBasicAuthenticationEnabled() bool { + if x != nil { + return x.IsBasicAuthenticationEnabled + } + return false +} + +func (x *Meta) GetIsMagicLinkLoginEnabled() bool { + if x != nil { + return x.IsMagicLinkLoginEnabled + } + return false +} + +func (x *Meta) GetIsSignUpEnabled() bool { + if x != nil { + return x.IsSignUpEnabled + } + return false +} + +func (x *Meta) GetIsStrongPasswordEnabled() bool { + if x != nil { + return x.IsStrongPasswordEnabled + } + return false +} + +func (x *Meta) GetIsMultiFactorAuthEnabled() bool { + if x != nil { + return x.IsMultiFactorAuthEnabled + } + return false +} + +func (x *Meta) GetIsMobileBasicAuthenticationEnabled() bool { + if x != nil { + return x.IsMobileBasicAuthenticationEnabled + } + return false +} + +func (x *Meta) GetIsPhoneVerificationEnabled() bool { + if x != nil { + return x.IsPhoneVerificationEnabled + } + return false +} + +var File_authorizer_v1_types_proto protoreflect.FileDescriptor + +var file_authorizer_v1_types_proto_rawDesc = []byte{ + 0x0a, 0x19, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, + 0x74, 0x79, 0x70, 0x65, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x61, 0x75, 0x74, + 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x1a, 0x1a, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc1, 0x05, 0x0a, 0x04, 0x55, 0x73, 0x65, 0x72, 0x12, + 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, + 0x14, 0x0a, 0x05, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, + 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x12, 0x25, 0x0a, 0x0e, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x76, + 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x65, + 0x6d, 0x61, 0x69, 0x6c, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x12, 0x25, 0x0a, 0x0e, + 0x73, 0x69, 0x67, 0x6e, 0x75, 0x70, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x73, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x73, 0x69, 0x67, 0x6e, 0x75, 0x70, 0x4d, 0x65, 0x74, 0x68, + 0x6f, 0x64, 0x73, 0x12, 0x1d, 0x0a, 0x0a, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x67, 0x69, 0x76, 0x65, 0x6e, 0x4e, 0x61, + 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x5f, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x66, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x4e, + 0x61, 0x6d, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6d, 0x69, 0x64, 0x64, 0x6c, 0x65, 0x5f, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6d, 0x69, 0x64, 0x64, 0x6c, 0x65, + 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x69, 0x63, 0x6b, 0x6e, 0x61, 0x6d, 0x65, + 0x12, 0x2d, 0x0a, 0x12, 0x70, 0x72, 0x65, 0x66, 0x65, 0x72, 0x72, 0x65, 0x64, 0x5f, 0x75, 0x73, + 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x70, 0x72, + 0x65, 0x66, 0x65, 0x72, 0x72, 0x65, 0x64, 0x55, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, + 0x16, 0x0a, 0x06, 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x06, 0x67, 0x65, 0x6e, 0x64, 0x65, 0x72, 0x12, 0x1c, 0x0a, 0x09, 0x62, 0x69, 0x72, 0x74, 0x68, + 0x64, 0x61, 0x74, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x62, 0x69, 0x72, 0x74, + 0x68, 0x64, 0x61, 0x74, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x6e, + 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x68, 0x6f, + 0x6e, 0x65, 0x4e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x32, 0x0a, 0x15, 0x70, 0x68, 0x6f, 0x6e, + 0x65, 0x5f, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, + 0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x4e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x12, 0x18, 0x0a, 0x07, + 0x70, 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x70, + 0x69, 0x63, 0x74, 0x75, 0x72, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x18, + 0x0f, 0x20, 0x03, 0x28, 0x09, 0x52, 0x05, 0x72, 0x6f, 0x6c, 0x65, 0x73, 0x12, 0x1d, 0x0a, 0x0a, + 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x10, 0x20, 0x01, 0x28, 0x03, + 0x52, 0x09, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x75, + 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x61, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x03, 0x52, + 0x09, 0x75, 0x70, 0x64, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x2b, 0x0a, 0x11, 0x72, 0x65, + 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, + 0x12, 0x20, 0x01, 0x28, 0x03, 0x52, 0x10, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x54, 0x69, + 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x3e, 0x0a, 0x1c, 0x69, 0x73, 0x5f, 0x6d, 0x75, + 0x6c, 0x74, 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x5f, + 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x13, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x69, + 0x73, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x41, 0x75, 0x74, 0x68, + 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x31, 0x0a, 0x08, 0x61, 0x70, 0x70, 0x5f, 0x64, + 0x61, 0x74, 0x61, 0x18, 0x14, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x41, 0x70, 0x70, 0x44, 0x61, 0x74, + 0x61, 0x52, 0x07, 0x61, 0x70, 0x70, 0x44, 0x61, 0x74, 0x61, 0x22, 0xc1, 0x04, 0x0a, 0x0c, 0x41, + 0x75, 0x74, 0x68, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x6d, + 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6d, 0x65, + 0x73, 0x73, 0x61, 0x67, 0x65, 0x12, 0x3e, 0x0a, 0x1c, 0x73, 0x68, 0x6f, 0x75, 0x6c, 0x64, 0x5f, + 0x73, 0x68, 0x6f, 0x77, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x5f, 0x6f, 0x74, 0x70, 0x5f, 0x73, + 0x63, 0x72, 0x65, 0x65, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, 0x73, 0x68, 0x6f, + 0x75, 0x6c, 0x64, 0x53, 0x68, 0x6f, 0x77, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x4f, 0x74, 0x70, 0x53, + 0x63, 0x72, 0x65, 0x65, 0x6e, 0x12, 0x40, 0x0a, 0x1d, 0x73, 0x68, 0x6f, 0x75, 0x6c, 0x64, 0x5f, + 0x73, 0x68, 0x6f, 0x77, 0x5f, 0x6d, 0x6f, 0x62, 0x69, 0x6c, 0x65, 0x5f, 0x6f, 0x74, 0x70, 0x5f, + 0x73, 0x63, 0x72, 0x65, 0x65, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x19, 0x73, 0x68, + 0x6f, 0x75, 0x6c, 0x64, 0x53, 0x68, 0x6f, 0x77, 0x4d, 0x6f, 0x62, 0x69, 0x6c, 0x65, 0x4f, 0x74, + 0x70, 0x53, 0x63, 0x72, 0x65, 0x65, 0x6e, 0x12, 0x35, 0x0a, 0x17, 0x73, 0x68, 0x6f, 0x75, 0x6c, + 0x64, 0x5f, 0x73, 0x68, 0x6f, 0x77, 0x5f, 0x74, 0x6f, 0x74, 0x70, 0x5f, 0x73, 0x63, 0x72, 0x65, + 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x73, 0x68, 0x6f, 0x75, 0x6c, 0x64, + 0x53, 0x68, 0x6f, 0x77, 0x54, 0x6f, 0x74, 0x70, 0x53, 0x63, 0x72, 0x65, 0x65, 0x6e, 0x12, 0x21, + 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, + 0x6e, 0x12, 0x19, 0x0a, 0x08, 0x69, 0x64, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x06, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x07, 0x69, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x23, 0x0a, 0x0d, + 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x07, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, + 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x5f, 0x69, 0x6e, 0x18, + 0x08, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x49, 0x6e, + 0x12, 0x27, 0x0a, 0x04, 0x75, 0x73, 0x65, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, + 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x55, + 0x73, 0x65, 0x72, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x3e, 0x0a, 0x1b, 0x61, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x5f, 0x73, 0x63, 0x61, 0x6e, 0x6e, + 0x65, 0x72, 0x5f, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x19, + 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x53, 0x63, 0x61, + 0x6e, 0x6e, 0x65, 0x72, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x12, 0x31, 0x0a, 0x14, 0x61, 0x75, 0x74, + 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x5f, 0x73, 0x65, 0x63, 0x72, 0x65, + 0x74, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x13, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, + 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x63, 0x72, 0x65, 0x74, 0x12, 0x40, 0x0a, 0x1c, + 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, 0x72, 0x5f, 0x72, 0x65, + 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x03, + 0x28, 0x09, 0x52, 0x1a, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x6f, + 0x72, 0x52, 0x65, 0x63, 0x6f, 0x76, 0x65, 0x72, 0x79, 0x43, 0x6f, 0x64, 0x65, 0x73, 0x22, 0x40, + 0x0a, 0x0a, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, + 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6f, 0x62, + 0x6a, 0x65, 0x63, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x22, 0x46, 0x0a, 0x10, 0x46, 0x67, 0x61, 0x52, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, + 0x6e, 0x70, 0x75, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x22, 0x57, 0x0a, 0x0d, 0x46, 0x67, 0x61, 0x54, + 0x75, 0x70, 0x6c, 0x65, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x73, 0x65, + 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x73, 0x65, 0x72, 0x12, 0x1a, 0x0a, + 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x62, 0x6a, + 0x65, 0x63, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, + 0x74, 0x22, 0x95, 0x01, 0x0a, 0x14, 0x50, 0x65, 0x72, 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, + 0x43, 0x68, 0x65, 0x63, 0x6b, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, + 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, + 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x49, + 0x0a, 0x11, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, 0x75, 0x61, 0x6c, 0x5f, 0x74, 0x75, 0x70, + 0x6c, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x61, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x76, 0x31, 0x2e, 0x46, 0x67, 0x61, 0x54, 0x75, 0x70, + 0x6c, 0x65, 0x49, 0x6e, 0x70, 0x75, 0x74, 0x52, 0x10, 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x78, 0x74, + 0x75, 0x61, 0x6c, 0x54, 0x75, 0x70, 0x6c, 0x65, 0x73, 0x22, 0x65, 0x0a, 0x15, 0x50, 0x65, 0x72, + 0x6d, 0x69, 0x73, 0x73, 0x69, 0x6f, 0x6e, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x52, 0x65, 0x73, 0x75, + 0x6c, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, + 0x0a, 0x06, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, + 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x12, 0x18, 0x0a, 0x07, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, + 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x07, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x65, 0x64, + 0x22, 0xfc, 0x08, 0x0a, 0x04, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x18, 0x0a, 0x07, 0x76, 0x65, 0x72, + 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, 0x72, 0x73, + 0x69, 0x6f, 0x6e, 0x12, 0x1b, 0x0a, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, + 0x12, 0x35, 0x0a, 0x17, 0x69, 0x73, 0x5f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x5f, 0x6c, 0x6f, + 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x08, 0x52, 0x14, 0x69, 0x73, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x4c, 0x6f, 0x67, 0x69, 0x6e, + 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x39, 0x0a, 0x19, 0x69, 0x73, 0x5f, 0x66, 0x61, + 0x63, 0x65, 0x62, 0x6f, 0x6f, 0x6b, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x69, 0x73, 0x46, 0x61, + 0x63, 0x65, 0x62, 0x6f, 0x6f, 0x6b, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, + 0x65, 0x64, 0x12, 0x35, 0x0a, 0x17, 0x69, 0x73, 0x5f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x5f, + 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x14, 0x69, 0x73, 0x47, 0x69, 0x74, 0x68, 0x75, 0x62, 0x4c, 0x6f, 0x67, + 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x39, 0x0a, 0x19, 0x69, 0x73, 0x5f, + 0x6c, 0x69, 0x6e, 0x6b, 0x65, 0x64, 0x69, 0x6e, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, + 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x69, 0x73, + 0x4c, 0x69, 0x6e, 0x6b, 0x65, 0x64, 0x69, 0x6e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x64, 0x12, 0x33, 0x0a, 0x16, 0x69, 0x73, 0x5f, 0x61, 0x70, 0x70, 0x6c, 0x65, + 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x07, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x69, 0x73, 0x41, 0x70, 0x70, 0x6c, 0x65, 0x4c, 0x6f, 0x67, + 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x37, 0x0a, 0x18, 0x69, 0x73, 0x5f, + 0x64, 0x69, 0x73, 0x63, 0x6f, 0x72, 0x64, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, + 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x08, 0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x69, 0x73, 0x44, + 0x69, 0x73, 0x63, 0x6f, 0x72, 0x64, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, + 0x65, 0x64, 0x12, 0x37, 0x0a, 0x18, 0x69, 0x73, 0x5f, 0x74, 0x77, 0x69, 0x74, 0x74, 0x65, 0x72, + 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x09, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x15, 0x69, 0x73, 0x54, 0x77, 0x69, 0x74, 0x74, 0x65, 0x72, 0x4c, + 0x6f, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x3b, 0x0a, 0x1a, 0x69, + 0x73, 0x5f, 0x6d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x5f, 0x6c, 0x6f, 0x67, 0x69, + 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x17, 0x69, 0x73, 0x4d, 0x69, 0x63, 0x72, 0x6f, 0x73, 0x6f, 0x66, 0x74, 0x4c, 0x6f, 0x67, 0x69, + 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x35, 0x0a, 0x17, 0x69, 0x73, 0x5f, 0x74, + 0x77, 0x69, 0x74, 0x63, 0x68, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, + 0x6c, 0x65, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x52, 0x14, 0x69, 0x73, 0x54, 0x77, 0x69, + 0x74, 0x63, 0x68, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, + 0x35, 0x0a, 0x17, 0x69, 0x73, 0x5f, 0x72, 0x6f, 0x62, 0x6c, 0x6f, 0x78, 0x5f, 0x6c, 0x6f, 0x67, + 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, + 0x52, 0x14, 0x69, 0x73, 0x52, 0x6f, 0x62, 0x6c, 0x6f, 0x78, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x45, + 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x41, 0x0a, 0x1d, 0x69, 0x73, 0x5f, 0x65, 0x6d, 0x61, + 0x69, 0x6c, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, + 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x08, 0x52, 0x1a, 0x69, + 0x73, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x45, 0x0a, 0x1f, 0x69, 0x73, 0x5f, + 0x62, 0x61, 0x73, 0x69, 0x63, 0x5f, 0x61, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0e, 0x20, 0x01, + 0x28, 0x08, 0x52, 0x1c, 0x69, 0x73, 0x42, 0x61, 0x73, 0x69, 0x63, 0x41, 0x75, 0x74, 0x68, 0x65, + 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, + 0x12, 0x3c, 0x0a, 0x1b, 0x69, 0x73, 0x5f, 0x6d, 0x61, 0x67, 0x69, 0x63, 0x5f, 0x6c, 0x69, 0x6e, + 0x6b, 0x5f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, + 0x0f, 0x20, 0x01, 0x28, 0x08, 0x52, 0x17, 0x69, 0x73, 0x4d, 0x61, 0x67, 0x69, 0x63, 0x4c, 0x69, + 0x6e, 0x6b, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x2b, + 0x0a, 0x12, 0x69, 0x73, 0x5f, 0x73, 0x69, 0x67, 0x6e, 0x5f, 0x75, 0x70, 0x5f, 0x65, 0x6e, 0x61, + 0x62, 0x6c, 0x65, 0x64, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x69, 0x73, 0x53, 0x69, + 0x67, 0x6e, 0x55, 0x70, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x3b, 0x0a, 0x1a, 0x69, + 0x73, 0x5f, 0x73, 0x74, 0x72, 0x6f, 0x6e, 0x67, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, + 0x64, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x52, + 0x17, 0x69, 0x73, 0x53, 0x74, 0x72, 0x6f, 0x6e, 0x67, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, + 0x64, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x3e, 0x0a, 0x1c, 0x69, 0x73, 0x5f, 0x6d, + 0x75, 0x6c, 0x74, 0x69, 0x5f, 0x66, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x75, 0x74, 0x68, + 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x12, 0x20, 0x01, 0x28, 0x08, 0x52, 0x18, + 0x69, 0x73, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x46, 0x61, 0x63, 0x74, 0x6f, 0x72, 0x41, 0x75, 0x74, + 0x68, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x52, 0x0a, 0x26, 0x69, 0x73, 0x5f, 0x6d, + 0x6f, 0x62, 0x69, 0x6c, 0x65, 0x5f, 0x62, 0x61, 0x73, 0x69, 0x63, 0x5f, 0x61, 0x75, 0x74, 0x68, + 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, + 0x65, 0x64, 0x18, 0x13, 0x20, 0x01, 0x28, 0x08, 0x52, 0x22, 0x69, 0x73, 0x4d, 0x6f, 0x62, 0x69, + 0x6c, 0x65, 0x42, 0x61, 0x73, 0x69, 0x63, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x12, 0x41, 0x0a, 0x1d, + 0x69, 0x73, 0x5f, 0x70, 0x68, 0x6f, 0x6e, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, + 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x14, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x1a, 0x69, 0x73, 0x50, 0x68, 0x6f, 0x6e, 0x65, 0x56, 0x65, 0x72, 0x69, + 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x42, + 0xc6, 0x01, 0x0a, 0x11, 0x63, 0x6f, 0x6d, 0x2e, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, + 0x65, 0x72, 0x2e, 0x76, 0x31, 0x42, 0x0a, 0x54, 0x79, 0x70, 0x65, 0x73, 0x50, 0x72, 0x6f, 0x74, + 0x6f, 0x50, 0x01, 0x5a, 0x50, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, + 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x64, 0x65, 0x76, 0x2f, 0x61, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2d, 0x67, 0x6f, 0x2f, 0x69, 0x6e, 0x74, 0x65, + 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x62, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x65, 0x72, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x0d, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x0d, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x19, 0x41, 0x75, + 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x65, 0x72, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, + 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x65, 0x72, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, +} + +var ( + file_authorizer_v1_types_proto_rawDescOnce sync.Once + file_authorizer_v1_types_proto_rawDescData = file_authorizer_v1_types_proto_rawDesc +) + +func file_authorizer_v1_types_proto_rawDescGZIP() []byte { + file_authorizer_v1_types_proto_rawDescOnce.Do(func() { + file_authorizer_v1_types_proto_rawDescData = protoimpl.X.CompressGZIP(file_authorizer_v1_types_proto_rawDescData) + }) + return file_authorizer_v1_types_proto_rawDescData +} + +var file_authorizer_v1_types_proto_msgTypes = make([]protoimpl.MessageInfo, 8) +var file_authorizer_v1_types_proto_goTypes = []any{ + (*User)(nil), // 0: authorizer.v1.User + (*AuthResponse)(nil), // 1: authorizer.v1.AuthResponse + (*Permission)(nil), // 2: authorizer.v1.Permission + (*FgaRelationInput)(nil), // 3: authorizer.v1.FgaRelationInput + (*FgaTupleInput)(nil), // 4: authorizer.v1.FgaTupleInput + (*PermissionCheckInput)(nil), // 5: authorizer.v1.PermissionCheckInput + (*PermissionCheckResult)(nil), // 6: authorizer.v1.PermissionCheckResult + (*Meta)(nil), // 7: authorizer.v1.Meta + (*AppData)(nil), // 8: authorizer.v1.AppData +} +var file_authorizer_v1_types_proto_depIdxs = []int32{ + 8, // 0: authorizer.v1.User.app_data:type_name -> authorizer.v1.AppData + 0, // 1: authorizer.v1.AuthResponse.user:type_name -> authorizer.v1.User + 4, // 2: authorizer.v1.PermissionCheckInput.contextual_tuples:type_name -> authorizer.v1.FgaTupleInput + 3, // [3:3] is the sub-list for method output_type + 3, // [3:3] is the sub-list for method input_type + 3, // [3:3] is the sub-list for extension type_name + 3, // [3:3] is the sub-list for extension extendee + 0, // [0:3] is the sub-list for field type_name +} + +func init() { file_authorizer_v1_types_proto_init() } +func file_authorizer_v1_types_proto_init() { + if File_authorizer_v1_types_proto != nil { + return + } + file_authorizer_v1_common_proto_init() + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_authorizer_v1_types_proto_rawDesc, + NumEnums: 0, + NumMessages: 8, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_authorizer_v1_types_proto_goTypes, + DependencyIndexes: file_authorizer_v1_types_proto_depIdxs, + MessageInfos: file_authorizer_v1_types_proto_msgTypes, + }.Build() + File_authorizer_v1_types_proto = out.File + file_authorizer_v1_types_proto_rawDesc = nil + file_authorizer_v1_types_proto_goTypes = nil + file_authorizer_v1_types_proto_depIdxs = nil +} diff --git a/list_permissions.go b/list_permissions.go new file mode 100644 index 0000000..40d8aa6 --- /dev/null +++ b/list_permissions.go @@ -0,0 +1,71 @@ +package authorizer + +import ( + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" +) + +// ListPermissionsRequest enumerates what the subject can access. With both +// Relation and ObjectType set it answers "which s can I +// ?". Either or both filters may be omitted: every matching +// (type, relation) pair of the active model is then enumerated, so an empty +// request returns ALL permissions the subject holds. Subject resolution +// follows the same rules as CheckPermissionsRequest.User. +type ListPermissionsRequest struct { + Relation string `json:"relation,omitempty"` + ObjectType string `json:"object_type,omitempty"` + // User optionally overrides the subject; same trust rules as + // CheckPermissionsRequest.User. + User string `json:"user,omitempty"` +} + +// Permission is one (object, relation) pair the subject holds. +type Permission struct { + Object string `json:"object"` + Relation string `json:"relation"` +} + +// ListPermissionsResponse lists what the subject can access. Objects is the +// distinct fully-qualified object ids (e.g. "document:1"); Permissions carries +// the (object, relation) detail — relevant when no Relation filter was +// supplied. Truncated is true when the result was capped (1000 entries) and +// more permissions exist. +type ListPermissionsResponse struct { + Objects []string `json:"objects"` + Permissions []*Permission `json:"permissions"` + Truncated bool `json:"truncated"` +} + +// ListPermissions performs the list_permissions query, returning the +// fully-qualified ids of objects of ObjectType the authenticated caller holds +// Relation on (or, with filters omitted, everything the caller holds). +// headers must carry the caller's credentials. +func (c *AuthorizerClient) ListPermissions(req *ListPermissionsRequest, headers map[string]string) (*ListPermissionsResponse, error) { + var res ListPermissionsResponse + err := c.execute(methodSpec{ + name: "ListPermissions", + graphql: &GraphQLRequest{ + Query: `query listPermissions($data: ListPermissionsInput!){list_permissions(params: $data) { objects permissions { object relation } truncated } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "list_permissions", + restMethod: http.MethodPost, + restPath: "/v1/list_permissions", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ListPermissionsResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ListPermissionsRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ListPermissions(ctx, &in) + }, + }, headers, &res) + if err != nil { + return nil, err + } + return &res, nil +} diff --git a/login.go b/login.go index 466a4e5..e722d05 100644 --- a/login.go +++ b/login.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // LoginRequest defines attributes for login request @@ -19,21 +23,32 @@ type LoginRequest struct { type LoginInput = LoginRequest // Login is method attached to AuthorizerClient. -// It performs login mutation on authorizer instance. +// It performs login on the authorizer instance over the client's selected +// protocol (graphql, rest or grpc). // It takes LoginRequest reference as parameter and returns AuthTokenResponse reference or error. func (c *AuthorizerClient) Login(req *LoginRequest) (*AuthTokenResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`mutation login($data: LoginRequest!) { login(params: $data) { %s } }`, AuthTokenResponseFragment), - Variables: map[string]interface{}{ - "data": req, + var res AuthTokenResponse + err := c.execute(methodSpec{ + name: "Login", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`mutation login($data: LoginRequest!) { login(params: $data) { %s } }`, AuthTokenResponseFragment), + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "login", + restMethod: http.MethodPost, + restPath: "/v1/login", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.AuthResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.LoginRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.Login(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*AuthTokenResponse - json.Unmarshal(bytesData, &res) - - return res["login"], nil + return &res, nil } diff --git a/logout.go b/logout.go index 7e59165..e691d43 100644 --- a/logout.go +++ b/logout.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // TODO does not work without cookie @@ -11,16 +15,24 @@ import ( // It takes LogoutInput reference as parameter and returns Response reference or error. // For implementation details check LogoutExample examples/Logout.go func (c *AuthorizerClient) Logout(headers map[string]string) (*Response, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation { logout { message } }`, - Variables: nil, - }, headers) + var res Response + err := c.execute(methodSpec{ + name: "Logout", + graphql: &GraphQLRequest{ + Query: `mutation { logout { message } }`, + Variables: nil, + }, + graphqlField: "logout", + restMethod: http.MethodPost, + restPath: "/v1/logout", + restBody: nil, + restResp: func() proto.Message { return &authorizerv1.LogoutResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + return cli.Logout(ctx, &authorizerv1.LogoutRequest{}) + }, + }, headers, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["logout"], nil + return &res, nil } diff --git a/magic_link_login.go b/magic_link_login.go index d2b16e8..5504b51 100644 --- a/magic_link_login.go +++ b/magic_link_login.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // MagicLinkLoginRequest defines attributes for magic link login request @@ -17,7 +21,8 @@ type MagicLinkLoginRequest struct { type MagicLinkLoginInput = MagicLinkLoginRequest // MagicLinkLogin is method attached to AuthorizerClient. -// It performs magic_link_login mutation on authorizer instance. +// It performs magic_link_login mutation on the authorizer instance over the +// client's selected protocol (graphql, rest or grpc). // It takes MagicLinkLoginRequest reference as parameter and returns Response reference or error. func (c *AuthorizerClient) MagicLinkLogin(req *MagicLinkLoginRequest) (*Response, error) { if req.State == nil || StringValue(req.State) == "" { @@ -29,18 +34,28 @@ func (c *AuthorizerClient) MagicLinkLogin(req *MagicLinkLoginRequest) (*Response req.RedirectURI = NewStringRef(c.RedirectURL) } - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation magicLinkLogin($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}`, - Variables: map[string]interface{}{ - "data": req, + var res Response + err := c.execute(methodSpec{ + name: "MagicLinkLogin", + graphql: &GraphQLRequest{ + Query: `mutation magicLinkLogin($data: MagicLinkLoginRequest!) { magic_link_login(params: $data) { message }}`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "magic_link_login", + restMethod: http.MethodPost, + restPath: "/v1/magic_link_login", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.MagicLinkLoginResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.MagicLinkLoginRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.MagicLinkLogin(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["magic_link_login"], nil + return &res, nil } diff --git a/protocol.go b/protocol.go new file mode 100644 index 0000000..c0caf01 --- /dev/null +++ b/protocol.go @@ -0,0 +1,84 @@ +package authorizer + +import ( + "context" + "crypto/tls" + "fmt" + "net/url" + "strings" + + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "google.golang.org/grpc/credentials/insecure" +) + +// Protocol selects the wire transport a client uses to talk to authorizer. +type Protocol string + +const ( + // ProtocolGraphQL routes calls through POST /graphql. This is the default + // and keeps the SDK 100% backward compatible. + ProtocolGraphQL Protocol = "graphql" + + // ProtocolREST routes calls through the typed REST endpoints + // (POST/GET /v1/) generated from the proto google.api.http + // annotations. + ProtocolREST Protocol = "rest" + + // ProtocolGRPC routes calls through the generated gRPC service stub by + // dialing AuthorizerURL. + ProtocolGRPC Protocol = "grpc" +) + +// defaultGRPCPort is the port the authorizer server's gRPC listener binds to by +// default. It is separate from the HTTP port served from AuthorizerURL. +const defaultGRPCPort = "9091" + +// grpcDial opens a gRPC client connection. When grpcEndpoint is non-empty it is +// dialed verbatim; otherwise the host is derived from authorizerURL and the gRPC +// server's default port (9091) is used, since gRPC listens on its own port and +// not the HTTP URL's port. An https:// URL (or an explicit :443 host) uses TLS; +// everything else dials insecurely, matching the typical self-hosted +// http://host:8080 deployment. +func grpcDial(authorizerURL, grpcEndpoint string) (*grpc.ClientConn, error) { + u, err := url.Parse(authorizerURL) + if err != nil { + return nil, fmt.Errorf("invalid authorizerURL %q: %w", authorizerURL, err) + } + + var creds credentials.TransportCredentials + if u.Scheme == "https" || strings.HasSuffix(u.Host, ":443") { + creds = credentials.NewTLS(&tls.Config{}) + } else { + creds = insecure.NewCredentials() + } + + host := grpcEndpoint + if host == "" { + // Derive the host from authorizerURL and target the gRPC port. + host = u.Host + if host == "" { + // authorizerURL may be a bare host:port without a scheme. + host = strings.TrimSuffix(authorizerURL, "/") + } + host = stripPort(host) + ":" + defaultGRPCPort + } + if (u.Scheme == "https" || strings.HasSuffix(u.Host, ":443")) && !strings.Contains(host, ":") { + host += ":443" + } + + return grpc.NewClient(host, grpc.WithTransportCredentials(creds)) +} + +// stripPort removes a trailing :port from host, leaving the bare host. +func stripPort(host string) string { + if i := strings.LastIndex(host, ":"); i != -1 { + return host[:i] + } + return host +} + +// grpcContext builds a context carrying the given outgoing metadata headers. +func grpcContext(headers map[string]string) context.Context { + return outgoingContext(context.Background(), headers) +} diff --git a/resend_otp.go b/resend_otp.go index f11c7c4..fdb4b55 100644 --- a/resend_otp.go +++ b/resend_otp.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // ResendOTPRequest defines attributes for resend_otp request @@ -18,18 +22,28 @@ type ResendOTPInput = ResendOTPRequest // It performs resend_otp mutation on authorizer instance. // It takes ResendOTPRequest reference as parameter and returns Response reference or error. func (c *AuthorizerClient) ResendOTP(req *ResendOTPRequest) (*Response, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation resendOtp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}`, - Variables: map[string]interface{}{ - "data": req, + var res Response + err := c.execute(methodSpec{ + name: "ResendOTP", + graphql: &GraphQLRequest{ + Query: `mutation resendOtp($data: ResendOTPRequest!) { resend_otp(params: $data) { message }}`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "resend_otp", + restMethod: http.MethodPost, + restPath: "/v1/resend_otp", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ResendOtpResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ResendOtpRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ResendOtp(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["resend_otp"], nil + return &res, nil } diff --git a/resend_verify_email.go b/resend_verify_email.go index 83c1562..71d3856 100644 --- a/resend_verify_email.go +++ b/resend_verify_email.go @@ -1,31 +1,45 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // ResendVerifyEmailRequest defines attributes for resend_verify_email request type ResendVerifyEmailRequest struct { - Email string `json:"email"` - Identifier *string `json:"identifier,omitempty"` + Email string `json:"email"` + Identifier *string `json:"identifier,omitempty"` } // ResendVerifyEmail is method attached to AuthorizerClient. // It performs resend_verify_email mutation on authorizer instance. // It takes ResendVerifyEmailRequest reference as parameter and returns Response reference or error. func (c *AuthorizerClient) ResendVerifyEmail(req *ResendVerifyEmailRequest) (*Response, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation resendVerifyEmail($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}`, - Variables: map[string]interface{}{ - "data": req, + var res Response + err := c.execute(methodSpec{ + name: "ResendVerifyEmail", + graphql: &GraphQLRequest{ + Query: `mutation resendVerifyEmail($data: ResendVerifyEmailRequest!) { resend_verify_email(params: $data) { message }}`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "resend_verify_email", + restMethod: http.MethodPost, + restPath: "/v1/resend_verify_email", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ResendVerifyEmailResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ResendVerifyEmailRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ResendVerifyEmail(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["resend_verify_email"], nil + return &res, nil } diff --git a/reset_password.go b/reset_password.go index 7587901..0ee5ddc 100644 --- a/reset_password.go +++ b/reset_password.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // ResetPasswordRequest defines attributes for reset_password request @@ -20,18 +24,28 @@ type ResetPasswordInput = ResetPasswordRequest // It performs reset_password mutation on authorizer instance. // It takes ResetPasswordRequest reference as parameter and returns Response reference or error. func (c *AuthorizerClient) ResetPassword(req *ResetPasswordRequest) (*Response, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation resetPassword($data: ResetPasswordRequest!) { reset_password(params: $data) { message } }`, - Variables: map[string]interface{}{ - "data": req, + var res Response + err := c.execute(methodSpec{ + name: "ResetPassword", + graphql: &GraphQLRequest{ + Query: `mutation resetPassword($data: ResetPasswordRequest!) { reset_password(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "reset_password", + restMethod: http.MethodPost, + restPath: "/v1/reset_password", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ResetPasswordResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ResetPasswordRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ResetPassword(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["reset_password"], nil + return &res, nil } diff --git a/signup.go b/signup.go index 41c05a1..55a7790 100644 --- a/signup.go +++ b/signup.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // SignUpRequest defines attributes for signup request @@ -33,18 +37,28 @@ type SignUpInput = SignUpRequest // It performs signup mutation on authorizer instance. // It takes SignUpRequest reference as parameter and returns AuthTokenResponse reference or error. func (c *AuthorizerClient) SignUp(req *SignUpRequest) (*AuthTokenResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`mutation signup($data: SignUpRequest!) { signup(params: $data) { %s }}`, AuthTokenResponseFragment), - Variables: map[string]interface{}{ - "data": req, + var res AuthTokenResponse + err := c.execute(methodSpec{ + name: "SignUp", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`mutation signup($data: SignUpRequest!) { signup(params: $data) { %s }}`, AuthTokenResponseFragment), + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "signup", + restMethod: http.MethodPost, + restPath: "/v1/signup", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.AuthResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.SignupRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.Signup(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*AuthTokenResponse - json.Unmarshal(bytesData, &res) - - return res["signup"], nil + return &res, nil } diff --git a/test/admin_test.go b/test/admin_test.go new file mode 100644 index 0000000..b5e0ffd --- /dev/null +++ b/test/admin_test.go @@ -0,0 +1,260 @@ +package main + +import ( + "fmt" + "strings" + "testing" + + "github.com/authorizerdev/authorizer-go" + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" +) + +const adminSecret = "admin" + +// adminProtocols are the transports the admin surface supports end-to-end. +var adminProtocols = []authorizer.Protocol{ + authorizer.ProtocolGraphQL, + authorizer.ProtocolREST, + authorizer.ProtocolGRPC, +} + +// adminClient builds an admin client pinned to the given protocol. +func adminClient(t *testing.T, p authorizer.Protocol) *authorizer.AuthorizerAdminClient { + t.Helper() + c, err := authorizer.NewAuthorizerAdminClient(authorizerURL, adminSecret, + authorizer.WithAdminProtocol(p), + authorizer.WithAdminExtraHeaders(map[string]string{"Origin": authorizerURL}), + ) + if err != nil { + t.Fatalf("failed to create %s admin client: %v", p, err) + } + return c +} + +func TestNewAuthorizerAdminClientValidation(t *testing.T) { + if _, err := authorizer.NewAuthorizerAdminClient("", "secret"); err == nil { + t.Error("expected error for missing authorizerURL") + } + if _, err := authorizer.NewAuthorizerAdminClient(authorizerURL, ""); err == nil { + t.Error("expected error for missing adminSecret") + } + c, err := authorizer.NewAuthorizerAdminClient(authorizerURL, adminSecret) + if err != nil { + t.Fatalf("unexpected error: %v", err) + } + if c.Protocol != authorizer.ProtocolGraphQL { + t.Errorf("expected default admin protocol graphql, got %q", c.Protocol) + } +} + +// TestAdminUsersAcrossProtocols lists users over each supported protocol. +func TestAdminUsersAcrossProtocols(t *testing.T) { + for _, p := range adminProtocols { + p := p + t.Run(string(p), func(t *testing.T) { + c := adminClient(t, p) + res, err := c.Users(&authorizerv1.UsersRequest{ + Pagination: &authorizerv1.PaginationRequest{Page: 1, Limit: 10}, + }) + if err != nil { + t.Fatalf("[%s] Users failed: %v", p, err) + } + if res == nil { + t.Fatalf("[%s] Users returned nil response", p) + } + }) + } +} + +// TestAdminMetaProtocolAvailability verifies AdminMeta works over rest+grpc and +// returns a clear error over graphql (which has no _admin_meta-shaped op here). +func TestAdminMetaProtocolAvailability(t *testing.T) { + // rest + grpc: supported + for _, p := range []authorizer.Protocol{authorizer.ProtocolREST, authorizer.ProtocolGRPC} { + c := adminClient(t, p) + if _, err := c.AdminMeta(); err != nil { + t.Fatalf("[%s] AdminMeta failed: %v", p, err) + } + } + + // graphql: unsupported → clear error, no network 404 + c := adminClient(t, authorizer.ProtocolGraphQL) + _, err := c.AdminMeta() + if err == nil { + t.Fatal("expected AdminMeta to error over graphql") + } + if !strings.Contains(err.Error(), "not available over graphql") { + t.Errorf("expected clear unsupported-protocol error, got %v", err) + } +} + +// TestAdminGqlOnlyExtras verifies the gql-only methods error over rest+grpc. +func TestAdminGqlOnlyExtras(t *testing.T) { + for _, p := range []authorizer.Protocol{authorizer.ProtocolREST, authorizer.ProtocolGRPC} { + c := adminClient(t, p) + if _, err := c.GenerateJWTKeys(&authorizer.GenerateJWTKeysRequest{Type: "HS256"}); err == nil { + t.Errorf("[%s] expected GenerateJWTKeys to error (gql-only)", p) + } else if !strings.Contains(err.Error(), "use graphql") { + t.Errorf("[%s] expected 'use graphql' hint, got %v", p, err) + } + } +} + +// webhookEventByProtocol assigns each protocol a DISTINCT, server-valid webhook +// event name so the cross-protocol loop never trips the +// authorizer_webhooks.event_name UNIQUE constraint (event names are validated +// against a fixed server-side enum, so a random suffix is rejected). +var webhookEventByProtocol = map[authorizer.Protocol]string{ + authorizer.ProtocolGraphQL: "user.login", + authorizer.ProtocolREST: "user.signup", + authorizer.ProtocolGRPC: "user.created", +} + +// TestAdminWebhookLifecycle exercises add → list (locate) → delete over each +// supported protocol. Each protocol uses a distinct valid event_name, and the +// created webhook is always deleted at the end (even on failure) so it does not +// pollute later runs. +func TestAdminWebhookLifecycle(t *testing.T) { + for _, p := range adminProtocols { + p := p + t.Run(string(p), func(t *testing.T) { + c := adminClient(t, p) + eventName := webhookEventByProtocol[p] + + added, err := c.AddWebhook(&authorizerv1.AddWebhookRequest{ + EventName: eventName, + Endpoint: "https://example.com/webhook", + Enabled: true, + }) + if err != nil { + t.Fatalf("[%s] AddWebhook failed: %v", p, err) + } + if added == nil { + t.Fatalf("[%s] AddWebhook returned nil", p) + } + + // Locate the webhook by its event_name to get its id (the list is + // paginated — an explicit limit is required or it returns empty), + // then schedule deletion so the fixture is cleaned up. The storage + // layer appends a "-" suffix to the stored event_name, so + // match by prefix rather than exact equality. + list, err := c.Webhooks(&authorizerv1.WebhooksRequest{ + Pagination: &authorizerv1.PaginationRequest{Page: 1, Limit: 1000}, + }) + if err != nil { + t.Fatalf("[%s] Webhooks failed: %v", p, err) + } + var id string + for _, w := range list.GetWebhooks() { + if strings.HasPrefix(w.GetEventName(), eventName+"-") { + id = w.GetId() + break + } + } + if id == "" { + t.Fatalf("[%s] created webhook %q not found in list", p, eventName) + } + t.Cleanup(func() { + if _, err := c.DeleteWebhook(&authorizerv1.DeleteWebhookRequest{Id: id}); err != nil { + t.Errorf("[%s] DeleteWebhook cleanup failed: %v", p, err) + } + }) + + // GetWebhook by id (round-trips the int64 created_at/updated_at over + // REST via protojson). + if _, err := c.GetWebhook(&authorizerv1.GetWebhookRequest{Id: id}); err != nil { + t.Fatalf("[%s] GetWebhook failed: %v", p, err) + } + }) + } +} + +// TestAdminFgaModelAndTuples drives the FGA admin flow: write a model, write +// tuples, then read / list / expand. Each protocol writes a DISTINCT object +// ("document:") so re-running the same tuple across the loop does not +// trip openfga's "tuple already exists" guard on a shared store. FgaReset +// (destructive) is NOT run here — it runs once at the very end in +// TestAdminFgaResetLast so the suite never wipes the store mid-run. +func TestAdminFgaModelAndTuples(t *testing.T) { + const model = `model + schema 1.1 +type user +type document + relations + define can_view: [user]` + + for _, p := range adminProtocols { + p := p + t.Run(string(p), func(t *testing.T) { + c := adminClient(t, p) + object := fmt.Sprintf("document:%s", p) + + if _, err := c.FgaWriteModel(&authorizerv1.FgaWriteModelRequest{Dsl: model}); err != nil { + skipIfFgaUnavailable(t, err) + t.Fatalf("[%s] FgaWriteModel failed: %v", p, err) + } + + // Write-once-then-verify: tolerate "already exists" so the test is + // rerun-safe against a shared (non-ephemeral) store. + if _, err := c.FgaWriteTuples(&authorizerv1.FgaWriteTuplesRequest{ + Tuples: []*authorizerv1.FgaTupleInput{ + {User: "user:1", Relation: "can_view", Object: object}, + }, + }); err != nil && !strings.Contains(err.Error(), "already exist") { + t.Fatalf("[%s] FgaWriteTuples failed: %v", p, err) + } + + if _, err := c.FgaReadTuples(&authorizerv1.FgaReadTuplesRequest{}); err != nil { + t.Fatalf("[%s] FgaReadTuples failed: %v", p, err) + } + + if _, err := c.FgaListUsers(&authorizerv1.FgaListUsersRequest{ + Object: object, + Relation: "can_view", + UserType: "user", + }); err != nil { + t.Fatalf("[%s] FgaListUsers failed: %v", p, err) + } + + if _, err := c.FgaExpand(&authorizerv1.FgaExpandRequest{ + Relation: "can_view", + Object: object, + }); err != nil { + t.Fatalf("[%s] FgaExpand failed: %v", p, err) + } + }) + } +} + +// TestAdminFgaResetLast exercises the destructive FgaReset exactly once (over +// rest — FgaReset is a rest/grpc-only RPC, no graphql op) so it does not run +// inside the per-protocol loop and wipe the store mid-suite. The server refuses +// to reset the model while tuples exist, so every existing tuple is read and +// deleted first (covers tuples written by TestAdminFgaModelAndTuples plus any +// left over from a prior run, keeping the suite rerun-safe). +// +// DESTRUCTIVE: FgaReset clears all FGA tuples and the model on the server. +func TestAdminFgaResetLast(t *testing.T) { + c := adminClient(t, authorizer.ProtocolREST) + + read, err := c.FgaReadTuples(&authorizerv1.FgaReadTuplesRequest{}) + if err != nil { + skipIfFgaUnavailable(t, err) + t.Fatalf("FgaReadTuples failed: %v", err) + } + var tuples []*authorizerv1.FgaTupleInput + for _, tp := range read.GetTuples() { + tuples = append(tuples, &authorizerv1.FgaTupleInput{ + User: tp.GetUser(), Relation: tp.GetRelation(), Object: tp.GetObject(), + }) + } + if len(tuples) > 0 { + if _, err := c.FgaDeleteTuples(&authorizerv1.FgaDeleteTuplesRequest{Tuples: tuples}); err != nil { + t.Fatalf("FgaDeleteTuples failed: %v", err) + } + } + + if _, err := c.FgaReset(); err != nil { + t.Fatalf("FgaReset failed: %v", err) + } +} diff --git a/test/authorizer_test.go b/test/authorizer_test.go index 67fe4ba..17d6587 100644 --- a/test/authorizer_test.go +++ b/test/authorizer_test.go @@ -3,18 +3,29 @@ package main import ( "fmt" "math/rand" + "os" "strings" "testing" "github.com/authorizerdev/authorizer-go" ) -const ( - authorizerURL = "http://localhost:8080" - clientID = "123456" - testPassword = "Abc@123" +// Integration-test target. Overridable via env so the same suite runs against a +// local container on a non-default port and in CI. +var ( + authorizerURL = envOr("AUTHORIZER_TEST_URL", "http://localhost:8080") + clientID = envOr("AUTHORIZER_TEST_CLIENT_ID", "123456") ) +const testPassword = "Abc@123" + +func envOr(key, def string) string { + if v := os.Getenv(key); v != "" { + return v + } + return def +} + // testClient returns a new authorizer client configured for integration tests. // The Origin header is required: the server's CSRF middleware rejects // state-changing requests (all GraphQL POSTs) that carry neither an Origin nor @@ -328,9 +339,11 @@ func skipIfFgaUnavailable(t *testing.T, err error) { // The server keeps engine errors opaque: "fine-grained authorization is // not enabled" when started without an FGA store, and "authorization // check failed" / "authorization list failed" when the engine is up but - // no authorization model has been written yet. + // no authorization model has been written yet. Servers that predate the + // FGA schema reject the query itself with `Unknown type + // "CheckPermissionsInput"` (or the List equivalent). msg := err.Error() - for _, s := range []string{"not enabled", "unauthorized", "check failed", "list failed"} { + for _, s := range []string{"not enabled", "unauthorized", "check failed", "list failed", "unknown type"} { if strings.Contains(strings.ToLower(msg), s) { t.Skipf("FGA not available on target server (%v) - skipping", err) } @@ -427,4 +440,10 @@ func TestListPermissions(t *testing.T) { if len(objs.Objects) != 0 { t.Errorf("ListPermissions: expected no accessible objects for a new user, got %d", len(objs.Objects)) } + if len(objs.Permissions) != 0 { + t.Errorf("ListPermissions: expected no permissions for a new user, got %d", len(objs.Permissions)) + } + if objs.Truncated { + t.Error("ListPermissions: expected truncated=false for an empty result") + } } diff --git a/test/protocol_test.go b/test/protocol_test.go new file mode 100644 index 0000000..57622ff --- /dev/null +++ b/test/protocol_test.go @@ -0,0 +1,225 @@ +package main + +import ( + "fmt" + "strings" + "testing" + + "github.com/authorizerdev/authorizer-go" +) + +// protocols is the set of wire transports the public client supports. Each +// integration test that should hold across transports loops over this slice. +// graphql is the default; rest and grpc are wired from the proto annotations. +var protocols = []authorizer.Protocol{ + authorizer.ProtocolGraphQL, + authorizer.ProtocolREST, + authorizer.ProtocolGRPC, +} + +// protocolClient builds a user client pinned to the given protocol. The Origin +// header is required for the HTTP transports (CSRF guard); it is harmless for +// grpc (carried as metadata, ignored server-side). +func protocolClient(t *testing.T, p authorizer.Protocol) *authorizer.AuthorizerClient { + t.Helper() + c, err := authorizer.NewAuthorizerClient(clientID, authorizerURL, "", map[string]string{ + "Origin": authorizerURL, + }, authorizer.WithProtocol(p)) + if err != nil { + t.Fatalf("failed to create %s client: %v", p, err) + } + return c +} + +// TestProtocolDefaultIsGraphQL guards the backward-compatibility contract: a +// client built the old way must default to graphql. +func TestProtocolDefaultIsGraphQL(t *testing.T) { + c, err := authorizer.NewAuthorizerClient(clientID, authorizerURL, "", nil) + if err != nil { + t.Fatalf("NewAuthorizerClient failed: %v", err) + } + if c.Protocol != authorizer.ProtocolGraphQL { + t.Errorf("expected default protocol graphql, got %q", c.Protocol) + } +} + +// TestSignUpProfileAcrossProtocols exercises the cross-protocol public flow over +// graphql+rest+grpc: signup returns an access token, and that token is used to +// fetch the profile over the same protocol. This verifies the flat-envelope +// mapping end to end: AuthResponse → AuthTokenResponse and User → User come back +// populated over all three transports (the int64 created_at/updated_at fields +// decode via protojson over REST), and that authenticated grpc Profile calls +// carry the bearer token as metadata (the #636 interceptor rejects +// unauthenticated non-public RPCs). +func TestSignUpProfileAcrossProtocols(t *testing.T) { + for _, p := range protocols { + p := p + t.Run(string(p), func(t *testing.T) { + c := protocolClient(t, p) + email := uniqueEmail() + + signupRes, err := c.SignUp(&authorizer.SignUpRequest{ + Email: &email, + Password: testPassword, + ConfirmPassword: testPassword, + }) + if err != nil { + t.Fatalf("[%s] SignUp failed: %v", p, err) + } + if signupRes == nil || signupRes.AccessToken == nil || *signupRes.AccessToken == "" { + t.Fatalf("[%s] SignUp: expected non-empty access_token, got %+v", p, signupRes) + } + if signupRes.User == nil || signupRes.User.Email != email { + t.Fatalf("[%s] SignUp: expected user email %q, got %+v", p, email, signupRes.User) + } + + authHeader := map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", authorizer.StringValue(signupRes.AccessToken)), + } + + profile, err := c.GetProfile(authHeader) + if err != nil { + t.Fatalf("[%s] GetProfile failed: %v", p, err) + } + if profile == nil || profile.Email != email { + t.Errorf("[%s] GetProfile: expected email %q, got %+v", p, email, profile) + } + }) + } +} + +// TestLoginAcrossProtocols verifies Login works over graphql, rest AND grpc as +// of 2.3.0 (PR #635 migrated Login to the service layer). Each protocol +// must return a populated access token from the flat AuthResponse. +func TestLoginAcrossProtocols(t *testing.T) { + for _, p := range protocols { + p := p + t.Run(string(p), func(t *testing.T) { + email := uniqueEmail() + // Signup over graphql so every protocol's Login has a fresh account. + gql := protocolClient(t, authorizer.ProtocolGraphQL) + if _, err := gql.SignUp(&authorizer.SignUpRequest{ + Email: &email, + Password: testPassword, + ConfirmPassword: testPassword, + }); err != nil { + t.Fatalf("SignUp failed: %v", err) + } + + c := protocolClient(t, p) + loginRes, err := c.Login(&authorizer.LoginRequest{Email: &email, Password: testPassword}) + if err != nil { + t.Fatalf("[%s] Login failed: %v", p, err) + } + if loginRes == nil || loginRes.AccessToken == nil || *loginRes.AccessToken == "" { + t.Fatalf("[%s] Login: expected non-empty access_token, got %+v", p, loginRes) + } + }) + } +} + +// TestPublicMethodsReachServerAcrossProtocols asserts that every formerly +// graphql-only public method is now invokable over rest+grpc: the call must +// reach the server (no client-side "not available over " error). The +// server's domain response (success or a real validation error) is accepted — +// the contract under test is protocol availability, not auth/email semantics. +func TestPublicMethodsReachServerAcrossProtocols(t *testing.T) { + email := uniqueEmail() + phone := "+10000000000" + publicMethods := map[string]func(*authorizer.AuthorizerClient) error{ + "MagicLinkLogin": func(c *authorizer.AuthorizerClient) error { + _, e := c.MagicLinkLogin(&authorizer.MagicLinkLoginRequest{Email: email}) + return e + }, + "VerifyEmail": func(c *authorizer.AuthorizerClient) error { + _, e := c.VerifyEmail(&authorizer.VerifyEmailRequest{Token: "t"}) + return e + }, + "ResendVerifyEmail": func(c *authorizer.AuthorizerClient) error { + _, e := c.ResendVerifyEmail(&authorizer.ResendVerifyEmailRequest{Email: email}) + return e + }, + "VerifyOTP": func(c *authorizer.AuthorizerClient) error { + _, e := c.VerifyOTP(&authorizer.VerifyOTPRequest{Email: &email, OTP: "000000"}) + return e + }, + "ResendOTP": func(c *authorizer.AuthorizerClient) error { + _, e := c.ResendOTP(&authorizer.ResendOTPRequest{Email: &email}) + return e + }, + "ForgotPassword": func(c *authorizer.AuthorizerClient) error { + _, e := c.ForgotPassword(&authorizer.ForgotPasswordRequest{Email: &email}) + return e + }, + "ResetPassword": func(c *authorizer.AuthorizerClient) error { + _, e := c.ResetPassword(&authorizer.ResetPasswordRequest{Password: testPassword, ConfirmPassword: testPassword, PhoneNumber: &phone}) + return e + }, + } + + for _, p := range protocols { + p := p + c := protocolClient(t, p) + for name, call := range publicMethods { + name, call := name, call + t.Run(fmt.Sprintf("%s/%s", p, name), func(t *testing.T) { + // Any error must be a server/domain error, never the SDK's + // client-side unsupported-protocol guard. + if err := call(c); err != nil && strings.Contains(err.Error(), "not available over ") { + t.Errorf("[%s] %s: method should be available over %s now, got %v", p, name, p, err) + } + }) + } + } +} + +// TestUpdateProfileAcrossProtocols verifies the authenticated UpdateProfile RPC +// works over graphql+rest+grpc with a bearer token. For grpc this exercises the +// #636 interceptor path: the bearer token must be carried as metadata or the +// non-public RPC is rejected before the handler. +func TestUpdateProfileAcrossProtocols(t *testing.T) { + for _, p := range protocols { + p := p + t.Run(string(p), func(t *testing.T) { + email := uniqueEmail() + c := protocolClient(t, p) + signupRes, err := c.SignUp(&authorizer.SignUpRequest{ + Email: &email, + Password: testPassword, + ConfirmPassword: testPassword, + }) + if err != nil { + t.Fatalf("[%s] SignUp failed: %v", p, err) + } + authHeader := map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", authorizer.StringValue(signupRes.AccessToken)), + } + given := "Cross Protocol" + res, err := c.UpdateProfile(&authorizer.UpdateProfileRequest{GivenName: &given}, authHeader) + if err != nil { + t.Fatalf("[%s] UpdateProfile failed: %v", p, err) + } + if res == nil || res.Message == "" { + t.Errorf("[%s] UpdateProfile: expected non-empty message, got %+v", p, res) + } + }) + } +} + +// TestGetMetaDataAcrossProtocols checks the no-auth meta endpoint over every +// protocol (graphql query, GET /v1/meta, grpc Meta). +func TestGetMetaDataAcrossProtocols(t *testing.T) { + for _, p := range protocols { + p := p + t.Run(string(p), func(t *testing.T) { + c := protocolClient(t, p) + res, err := c.GetMetaData() + if err != nil { + t.Fatalf("[%s] GetMetaData failed: %v", p, err) + } + if res == nil || res.Version == "" { + t.Errorf("[%s] GetMetaData: expected non-empty version, got %+v", p, res) + } + }) + } +} diff --git a/transport.go b/transport.go new file mode 100644 index 0000000..e1c6ba4 --- /dev/null +++ b/transport.go @@ -0,0 +1,112 @@ +package authorizer + +import ( + "bytes" + "context" + "encoding/json" + "errors" + "io" + "net/http" + "net/url" + + "google.golang.org/grpc/metadata" + "google.golang.org/protobuf/encoding/protojson" + "google.golang.org/protobuf/proto" +) + +// outgoingContext attaches the given headers as gRPC outgoing metadata. +func outgoingContext(ctx context.Context, headers map[string]string) context.Context { + if len(headers) == 0 { + return ctx + } + md := metadata.MD{} + for k, v := range headers { + md.Set(k, v) + } + return metadata.NewOutgoingContext(ctx, md) +} + +// executeREST performs an HTTP request against a typed REST endpoint. +// - method: http.MethodPost or http.MethodGet. +// - path: the REST path from the proto annotation, e.g. "/v1/login". +// - body: request payload (marshalled to JSON for POST; ignored for GET). +// - extraHeaders + perCallHeaders are merged onto the request. +// - out: pointer the JSON response body is unmarshalled into (may be nil). +// +// The Origin header is auto-injected for the same CSRF reason as ExecuteGraphQL. +func (c *AuthorizerClient) executeREST(method, path string, body interface{}, perCallHeaders map[string]string, out interface{}) error { + return doREST(c.AuthorizerURL, method, path, body, c.ExtraHeaders, perCallHeaders, out) +} + +// doREST is the shared REST executor used by both the user and admin clients. +func doREST(baseURL, method, path string, body interface{}, extraHeaders, perCallHeaders map[string]string, out interface{}) error { + var reqBody io.Reader + if method == http.MethodPost && body != nil { + jsonReq, err := json.Marshal(body) + if err != nil { + return err + } + reqBody = bytes.NewReader(jsonReq) + } + + httpReq, err := http.NewRequest(method, baseURL+path, reqBody) + if err != nil { + return err + } + httpReq.Header.Set("Content-Type", "application/json") + + for key, val := range extraHeaders { + httpReq.Header.Add(key, val) + } + for key, val := range perCallHeaders { + httpReq.Header.Add(key, val) + } + + // Authorizer's CSRF guard rejects state-changing requests without an + // Origin or Referer header (see ExecuteGraphQL for the full rationale). + if httpReq.Header.Get("Origin") == "" { + if u, err := url.Parse(baseURL); err == nil && u.Scheme != "" && u.Host != "" { + httpReq.Header.Set("Origin", u.Scheme+"://"+u.Host) + } + } + + res, err := http.DefaultClient.Do(httpReq) + if err != nil { + return err + } + defer res.Body.Close() + + bodyBytes, err := io.ReadAll(res.Body) + if err != nil { + return err + } + + if res.StatusCode >= http.StatusBadRequest { + // Typed REST errors come back as {"message": "..."} or a google.rpc + // status. Surface the message when present, else the raw body. + var errRes struct { + Message string `json:"message"` + Error string `json:"error"` + } + if json.Unmarshal(bodyBytes, &errRes) == nil { + if errRes.Message != "" { + return errors.New(errRes.Message) + } + if errRes.Error != "" { + return errors.New(errRes.Error) + } + } + return errors.New(http.StatusText(res.StatusCode) + ": " + string(bodyBytes)) + } + + if out == nil { + return nil + } + // Proto-typed responses must be decoded with protojson: grpc-gateway emits + // int64/uint64 fields as JSON strings, which encoding/json cannot unmarshal + // into Go int64 fields. + if msg, ok := out.(proto.Message); ok { + return protojson.UnmarshalOptions{DiscardUnknown: true}.Unmarshal(bodyBytes, msg) + } + return json.Unmarshal(bodyBytes, out) +} diff --git a/update_profile.go b/update_profile.go index 9a2f36c..f554413 100644 --- a/update_profile.go +++ b/update_profile.go @@ -1,7 +1,11 @@ package authorizer import ( - "encoding/json" + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // UpdateProfileRequest defines attributes for update_profile request @@ -32,18 +36,28 @@ type UpdateProfileInput = UpdateProfileRequest // It performs update_profile mutation on authorizer instance. // It returns Response reference or error. func (c *AuthorizerClient) UpdateProfile(req *UpdateProfileRequest, headers map[string]string) (*Response, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `mutation updateProfile($data: UpdateProfileRequest!) { update_profile(params: $data) { message } }`, - Variables: map[string]interface{}{ - "data": req, + var res Response + err := c.execute(methodSpec{ + name: "UpdateProfile", + graphql: &GraphQLRequest{ + Query: `mutation updateProfile($data: UpdateProfileRequest!) { update_profile(params: $data) { message } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "update_profile", + restMethod: http.MethodPost, + restPath: "/v1/update_profile", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.UpdateProfileResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.UpdateProfileRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.UpdateProfile(ctx, &in) }, - }, headers) + }, headers, &res) if err != nil { return nil, err } - - var res map[string]*Response - json.Unmarshal(bytesData, &res) - - return res["update_profile"], nil + return &res, nil } diff --git a/validate_jwt_token.go b/validate_jwt_token.go index 0719091..5f02f1d 100644 --- a/validate_jwt_token.go +++ b/validate_jwt_token.go @@ -1,6 +1,12 @@ package authorizer -import "encoding/json" +import ( + "context" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" +) type TokenType string @@ -33,18 +39,28 @@ type ValidateJWTTokenResponse struct { // It performs validate_jwt_token query on authorizer instance. // It returns ValidateJWTTokenResponse reference or error. func (c *AuthorizerClient) ValidateJWTToken(req *ValidateJWTTokenRequest) (*ValidateJWTTokenResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: `query validateJWTToken($data: ValidateJWTTokenRequest!){validate_jwt_token(params: $data) { is_valid claims } }`, - Variables: map[string]interface{}{ - "data": req, + var res ValidateJWTTokenResponse + err := c.execute(methodSpec{ + name: "ValidateJWTToken", + graphql: &GraphQLRequest{ + Query: `query validateJWTToken($data: ValidateJWTTokenRequest!){validate_jwt_token(params: $data) { is_valid claims } }`, + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "validate_jwt_token", + restMethod: http.MethodPost, + restPath: "/v1/validate_jwt_token", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ValidateJwtTokenResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ValidateJwtTokenRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ValidateJwtToken(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*ValidateJWTTokenResponse - json.Unmarshal(bytesData, &res) - - return res["validate_jwt_token"], nil + return &res, nil } diff --git a/validate_session.go b/validate_session.go index 4f7b805..074754f 100644 --- a/validate_session.go +++ b/validate_session.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // ValidateSessionRequest defines attributes for validate_session request @@ -24,18 +28,28 @@ type ValidateSessionResponse struct { // It performs validate_session query on authorizer instance. // It returns ValidateSessionResponse reference or error. func (c *AuthorizerClient) ValidateSession(req *ValidateSessionRequest) (*ValidateSessionResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`query validateSession($data: ValidateSessionRequest!){validate_session(params: $data) { is_valid user { %s } } }`, UserFragment), - Variables: map[string]interface{}{ - "data": req, + var res ValidateSessionResponse + err := c.execute(methodSpec{ + name: "ValidateSession", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`query validateSession($data: ValidateSessionRequest!){validate_session(params: $data) { is_valid user { %s } } }`, UserFragment), + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "validate_session", + restMethod: http.MethodPost, + restPath: "/v1/validate_session", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.ValidateSessionResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.ValidateSessionRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.ValidateSession(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*ValidateSessionResponse - json.Unmarshal(bytesData, &res) - - return res["validate_session"], nil + return &res, nil } diff --git a/verify_email.go b/verify_email.go index 114efab..0c86e35 100644 --- a/verify_email.go +++ b/verify_email.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // VerifyEmailRequest defines attributes for verify_email request @@ -18,18 +22,28 @@ type VerifyEmailInput = VerifyEmailRequest // It performs verify_email mutation on authorizer instance. // It returns AuthTokenResponse reference or error. func (c *AuthorizerClient) VerifyEmail(req *VerifyEmailRequest) (*AuthTokenResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`mutation verifyEmail($data: VerifyEmailRequest!) { verify_email(params: $data) { %s}}`, AuthTokenResponseFragment), - Variables: map[string]interface{}{ - "data": req, + var res AuthTokenResponse + err := c.execute(methodSpec{ + name: "VerifyEmail", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`mutation verifyEmail($data: VerifyEmailRequest!) { verify_email(params: $data) { %s}}`, AuthTokenResponseFragment), + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "verify_email", + restMethod: http.MethodPost, + restPath: "/v1/verify_email", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.AuthResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.VerifyEmailRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.VerifyEmail(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*AuthTokenResponse - json.Unmarshal(bytesData, &res) - - return res["verify_email"], nil + return &res, nil } diff --git a/verify_otp.go b/verify_otp.go index 657357a..701457e 100644 --- a/verify_otp.go +++ b/verify_otp.go @@ -1,8 +1,12 @@ package authorizer import ( - "encoding/json" + "context" "fmt" + "net/http" + + authorizerv1 "github.com/authorizerdev/authorizer-go/internal/genpb/authorizer/v1" + "google.golang.org/protobuf/proto" ) // VerifyOTPRequest defines attributes for verify_otp request @@ -21,18 +25,28 @@ type VerifyOTPInput = VerifyOTPRequest // It performs verify_otp mutation on authorizer instance. // It returns AuthTokenResponse reference or error. func (c *AuthorizerClient) VerifyOTP(req *VerifyOTPRequest) (*AuthTokenResponse, error) { - bytesData, err := c.ExecuteGraphQL(&GraphQLRequest{ - Query: fmt.Sprintf(`mutation verifyOtp($data: VerifyOTPRequest!) { verify_otp(params: $data) { %s }}`, AuthTokenResponseFragment), - Variables: map[string]interface{}{ - "data": req, + var res AuthTokenResponse + err := c.execute(methodSpec{ + name: "VerifyOTP", + graphql: &GraphQLRequest{ + Query: fmt.Sprintf(`mutation verifyOtp($data: VerifyOTPRequest!) { verify_otp(params: $data) { %s }}`, AuthTokenResponseFragment), + Variables: map[string]interface{}{"data": req}, + }, + graphqlField: "verify_otp", + restMethod: http.MethodPost, + restPath: "/v1/verify_otp", + restBody: req, + restResp: func() proto.Message { return &authorizerv1.AuthResponse{} }, + grpcCall: func(ctx context.Context, cli authorizerv1.AuthorizerServiceClient) (interface{}, error) { + var in authorizerv1.VerifyOtpRequest + if err := remarshal(req, &in); err != nil { + return nil, err + } + return cli.VerifyOtp(ctx, &in) }, - }, nil) + }, nil, &res) if err != nil { return nil, err } - - var res map[string]*AuthTokenResponse - json.Unmarshal(bytesData, &res) - - return res["verify_otp"], nil + return &res, nil }