mirror of
https://github.com/netbirdio/netbird.git
synced 2026-04-22 18:26:41 +00:00
Add ssh authenatication with jwt (#4550)
This commit is contained in:
Viktor Liu
@@ -283,6 +283,7 @@ type LoginRequest struct {
|
||||
EnableSSHSFTP *bool `protobuf:"varint,34,opt,name=enableSSHSFTP,proto3,oneof" json:"enableSSHSFTP,omitempty"`
|
||||
EnableSSHLocalPortForwarding *bool `protobuf:"varint,35,opt,name=enableSSHLocalPortForwarding,proto3,oneof" json:"enableSSHLocalPortForwarding,omitempty"`
|
||||
EnableSSHRemotePortForwarding *bool `protobuf:"varint,36,opt,name=enableSSHRemotePortForwarding,proto3,oneof" json:"enableSSHRemotePortForwarding,omitempty"`
|
||||
DisableSSHAuth *bool `protobuf:"varint,37,opt,name=disableSSHAuth,proto3,oneof" json:"disableSSHAuth,omitempty"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
@@ -570,6 +571,13 @@ func (x *LoginRequest) GetEnableSSHRemotePortForwarding() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (x *LoginRequest) GetDisableSSHAuth() bool {
|
||||
if x != nil && x.DisableSSHAuth != nil {
|
||||
return *x.DisableSSHAuth
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
type LoginResponse struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
NeedsSSOLogin bool `protobuf:"varint,1,opt,name=needsSSOLogin,proto3" json:"needsSSOLogin,omitempty"`
|
||||
@@ -1100,6 +1108,7 @@ type GetConfigResponse struct {
|
||||
EnableSSHSFTP bool `protobuf:"varint,24,opt,name=enableSSHSFTP,proto3" json:"enableSSHSFTP,omitempty"`
|
||||
EnableSSHLocalPortForwarding bool `protobuf:"varint,22,opt,name=enableSSHLocalPortForwarding,proto3" json:"enableSSHLocalPortForwarding,omitempty"`
|
||||
EnableSSHRemotePortForwarding bool `protobuf:"varint,23,opt,name=enableSSHRemotePortForwarding,proto3" json:"enableSSHRemotePortForwarding,omitempty"`
|
||||
DisableSSHAuth bool `protobuf:"varint,25,opt,name=disableSSHAuth,proto3" json:"disableSSHAuth,omitempty"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
@@ -1302,6 +1311,13 @@ func (x *GetConfigResponse) GetEnableSSHRemotePortForwarding() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (x *GetConfigResponse) GetDisableSSHAuth() bool {
|
||||
if x != nil {
|
||||
return x.DisableSSHAuth
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// PeerState contains the latest state of a peer
|
||||
type PeerState struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
@@ -3781,6 +3797,7 @@ type SetConfigRequest struct {
|
||||
EnableSSHSFTP *bool `protobuf:"varint,30,opt,name=enableSSHSFTP,proto3,oneof" json:"enableSSHSFTP,omitempty"`
|
||||
EnableSSHLocalPortForward *bool `protobuf:"varint,31,opt,name=enableSSHLocalPortForward,proto3,oneof" json:"enableSSHLocalPortForward,omitempty"`
|
||||
EnableSSHRemotePortForward *bool `protobuf:"varint,32,opt,name=enableSSHRemotePortForward,proto3,oneof" json:"enableSSHRemotePortForward,omitempty"`
|
||||
DisableSSHAuth *bool `protobuf:"varint,33,opt,name=disableSSHAuth,proto3,oneof" json:"disableSSHAuth,omitempty"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
@@ -4039,6 +4056,13 @@ func (x *SetConfigRequest) GetEnableSSHRemotePortForward() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
func (x *SetConfigRequest) GetDisableSSHAuth() bool {
|
||||
if x != nil && x.DisableSSHAuth != nil {
|
||||
return *x.DisableSSHAuth
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
type SetConfigResponse struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
@@ -4774,6 +4798,262 @@ func (x *GetPeerSSHHostKeyResponse) GetFound() bool {
|
||||
return false
|
||||
}
|
||||
|
||||
// RequestJWTAuthRequest for initiating JWT authentication flow
|
||||
type RequestJWTAuthRequest struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthRequest) Reset() {
|
||||
*x = RequestJWTAuthRequest{}
|
||||
mi := &file_daemon_proto_msgTypes[71]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthRequest) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*RequestJWTAuthRequest) ProtoMessage() {}
|
||||
|
||||
func (x *RequestJWTAuthRequest) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_daemon_proto_msgTypes[71]
|
||||
if x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use RequestJWTAuthRequest.ProtoReflect.Descriptor instead.
|
||||
func (*RequestJWTAuthRequest) Descriptor() ([]byte, []int) {
|
||||
return file_daemon_proto_rawDescGZIP(), []int{71}
|
||||
}
|
||||
|
||||
// RequestJWTAuthResponse contains authentication flow information
|
||||
type RequestJWTAuthResponse struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
// verification URI for user authentication
|
||||
VerificationURI string `protobuf:"bytes,1,opt,name=verificationURI,proto3" json:"verificationURI,omitempty"`
|
||||
// complete verification URI (with embedded user code)
|
||||
VerificationURIComplete string `protobuf:"bytes,2,opt,name=verificationURIComplete,proto3" json:"verificationURIComplete,omitempty"`
|
||||
// user code to enter on verification URI
|
||||
UserCode string `protobuf:"bytes,3,opt,name=userCode,proto3" json:"userCode,omitempty"`
|
||||
// device code for polling
|
||||
DeviceCode string `protobuf:"bytes,4,opt,name=deviceCode,proto3" json:"deviceCode,omitempty"`
|
||||
// expiration time in seconds
|
||||
ExpiresIn int64 `protobuf:"varint,5,opt,name=expiresIn,proto3" json:"expiresIn,omitempty"`
|
||||
// if a cached token is available, it will be returned here
|
||||
CachedToken string `protobuf:"bytes,6,opt,name=cachedToken,proto3" json:"cachedToken,omitempty"`
|
||||
// maximum age of JWT tokens in seconds (from management server)
|
||||
MaxTokenAge int64 `protobuf:"varint,7,opt,name=maxTokenAge,proto3" json:"maxTokenAge,omitempty"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) Reset() {
|
||||
*x = RequestJWTAuthResponse{}
|
||||
mi := &file_daemon_proto_msgTypes[72]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*RequestJWTAuthResponse) ProtoMessage() {}
|
||||
|
||||
func (x *RequestJWTAuthResponse) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_daemon_proto_msgTypes[72]
|
||||
if x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use RequestJWTAuthResponse.ProtoReflect.Descriptor instead.
|
||||
func (*RequestJWTAuthResponse) Descriptor() ([]byte, []int) {
|
||||
return file_daemon_proto_rawDescGZIP(), []int{72}
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetVerificationURI() string {
|
||||
if x != nil {
|
||||
return x.VerificationURI
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetVerificationURIComplete() string {
|
||||
if x != nil {
|
||||
return x.VerificationURIComplete
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetUserCode() string {
|
||||
if x != nil {
|
||||
return x.UserCode
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetDeviceCode() string {
|
||||
if x != nil {
|
||||
return x.DeviceCode
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetExpiresIn() int64 {
|
||||
if x != nil {
|
||||
return x.ExpiresIn
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetCachedToken() string {
|
||||
if x != nil {
|
||||
return x.CachedToken
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *RequestJWTAuthResponse) GetMaxTokenAge() int64 {
|
||||
if x != nil {
|
||||
return x.MaxTokenAge
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
// WaitJWTTokenRequest for waiting for authentication completion
|
||||
type WaitJWTTokenRequest struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
// device code from RequestJWTAuthResponse
|
||||
DeviceCode string `protobuf:"bytes,1,opt,name=deviceCode,proto3" json:"deviceCode,omitempty"`
|
||||
// user code for verification
|
||||
UserCode string `protobuf:"bytes,2,opt,name=userCode,proto3" json:"userCode,omitempty"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenRequest) Reset() {
|
||||
*x = WaitJWTTokenRequest{}
|
||||
mi := &file_daemon_proto_msgTypes[73]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenRequest) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*WaitJWTTokenRequest) ProtoMessage() {}
|
||||
|
||||
func (x *WaitJWTTokenRequest) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_daemon_proto_msgTypes[73]
|
||||
if x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use WaitJWTTokenRequest.ProtoReflect.Descriptor instead.
|
||||
func (*WaitJWTTokenRequest) Descriptor() ([]byte, []int) {
|
||||
return file_daemon_proto_rawDescGZIP(), []int{73}
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenRequest) GetDeviceCode() string {
|
||||
if x != nil {
|
||||
return x.DeviceCode
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenRequest) GetUserCode() string {
|
||||
if x != nil {
|
||||
return x.UserCode
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// WaitJWTTokenResponse contains the JWT token after authentication
|
||||
type WaitJWTTokenResponse struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
// JWT token (access token or ID token)
|
||||
Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
|
||||
// token type (e.g., "Bearer")
|
||||
TokenType string `protobuf:"bytes,2,opt,name=tokenType,proto3" json:"tokenType,omitempty"`
|
||||
// expiration time in seconds
|
||||
ExpiresIn int64 `protobuf:"varint,3,opt,name=expiresIn,proto3" json:"expiresIn,omitempty"`
|
||||
unknownFields protoimpl.UnknownFields
|
||||
sizeCache protoimpl.SizeCache
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenResponse) Reset() {
|
||||
*x = WaitJWTTokenResponse{}
|
||||
mi := &file_daemon_proto_msgTypes[74]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenResponse) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*WaitJWTTokenResponse) ProtoMessage() {}
|
||||
|
||||
func (x *WaitJWTTokenResponse) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_daemon_proto_msgTypes[74]
|
||||
if x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use WaitJWTTokenResponse.ProtoReflect.Descriptor instead.
|
||||
func (*WaitJWTTokenResponse) Descriptor() ([]byte, []int) {
|
||||
return file_daemon_proto_rawDescGZIP(), []int{74}
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenResponse) GetToken() string {
|
||||
if x != nil {
|
||||
return x.Token
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenResponse) GetTokenType() string {
|
||||
if x != nil {
|
||||
return x.TokenType
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *WaitJWTTokenResponse) GetExpiresIn() int64 {
|
||||
if x != nil {
|
||||
return x.ExpiresIn
|
||||
}
|
||||
return 0
|
||||
}
|
||||
|
||||
type PortInfo_Range struct {
|
||||
state protoimpl.MessageState `protogen:"open.v1"`
|
||||
Start uint32 `protobuf:"varint,1,opt,name=start,proto3" json:"start,omitempty"`
|
||||
@@ -4784,7 +5064,7 @@ type PortInfo_Range struct {
|
||||
|
||||
func (x *PortInfo_Range) Reset() {
|
||||
*x = PortInfo_Range{}
|
||||
mi := &file_daemon_proto_msgTypes[72]
|
||||
mi := &file_daemon_proto_msgTypes[76]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
@@ -4796,7 +5076,7 @@ func (x *PortInfo_Range) String() string {
|
||||
func (*PortInfo_Range) ProtoMessage() {}
|
||||
|
||||
func (x *PortInfo_Range) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_daemon_proto_msgTypes[72]
|
||||
mi := &file_daemon_proto_msgTypes[76]
|
||||
if x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
@@ -4831,7 +5111,7 @@ var File_daemon_proto protoreflect.FileDescriptor
|
||||
const file_daemon_proto_rawDesc = "" +
|
||||
"\n" +
|
||||
"\fdaemon.proto\x12\x06daemon\x1a google/protobuf/descriptor.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1egoogle/protobuf/duration.proto\"\x0e\n" +
|
||||
"\fEmptyRequest\"\x94\x11\n" +
|
||||
"\fEmptyRequest\"\xd4\x11\n" +
|
||||
"\fLoginRequest\x12\x1a\n" +
|
||||
"\bsetupKey\x18\x01 \x01(\tR\bsetupKey\x12&\n" +
|
||||
"\fpreSharedKey\x18\x02 \x01(\tB\x02\x18\x01R\fpreSharedKey\x12$\n" +
|
||||
@@ -4872,7 +5152,8 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\renableSSHRoot\x18! \x01(\bH\x14R\renableSSHRoot\x88\x01\x01\x12)\n" +
|
||||
"\renableSSHSFTP\x18\" \x01(\bH\x15R\renableSSHSFTP\x88\x01\x01\x12G\n" +
|
||||
"\x1cenableSSHLocalPortForwarding\x18# \x01(\bH\x16R\x1cenableSSHLocalPortForwarding\x88\x01\x01\x12I\n" +
|
||||
"\x1denableSSHRemotePortForwarding\x18$ \x01(\bH\x17R\x1denableSSHRemotePortForwarding\x88\x01\x01B\x13\n" +
|
||||
"\x1denableSSHRemotePortForwarding\x18$ \x01(\bH\x17R\x1denableSSHRemotePortForwarding\x88\x01\x01\x12+\n" +
|
||||
"\x0edisableSSHAuth\x18% \x01(\bH\x18R\x0edisableSSHAuth\x88\x01\x01B\x13\n" +
|
||||
"\x11_rosenpassEnabledB\x10\n" +
|
||||
"\x0e_interfaceNameB\x10\n" +
|
||||
"\x0e_wireguardPortB\x17\n" +
|
||||
@@ -4896,7 +5177,8 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\x0e_enableSSHRootB\x10\n" +
|
||||
"\x0e_enableSSHSFTPB\x1f\n" +
|
||||
"\x1d_enableSSHLocalPortForwardingB \n" +
|
||||
"\x1e_enableSSHRemotePortForwarding\"\xb5\x01\n" +
|
||||
"\x1e_enableSSHRemotePortForwardingB\x11\n" +
|
||||
"\x0f_disableSSHAuth\"\xb5\x01\n" +
|
||||
"\rLoginResponse\x12$\n" +
|
||||
"\rneedsSSOLogin\x18\x01 \x01(\bR\rneedsSSOLogin\x12\x1a\n" +
|
||||
"\buserCode\x18\x02 \x01(\tR\buserCode\x12(\n" +
|
||||
@@ -4929,7 +5211,7 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\fDownResponse\"P\n" +
|
||||
"\x10GetConfigRequest\x12 \n" +
|
||||
"\vprofileName\x18\x01 \x01(\tR\vprofileName\x12\x1a\n" +
|
||||
"\busername\x18\x02 \x01(\tR\busername\"\x8b\b\n" +
|
||||
"\busername\x18\x02 \x01(\tR\busername\"\xb3\b\n" +
|
||||
"\x11GetConfigResponse\x12$\n" +
|
||||
"\rmanagementUrl\x18\x01 \x01(\tR\rmanagementUrl\x12\x1e\n" +
|
||||
"\n" +
|
||||
@@ -4958,7 +5240,8 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\renableSSHRoot\x18\x15 \x01(\bR\renableSSHRoot\x12$\n" +
|
||||
"\renableSSHSFTP\x18\x18 \x01(\bR\renableSSHSFTP\x12B\n" +
|
||||
"\x1cenableSSHLocalPortForwarding\x18\x16 \x01(\bR\x1cenableSSHLocalPortForwarding\x12D\n" +
|
||||
"\x1denableSSHRemotePortForwarding\x18\x17 \x01(\bR\x1denableSSHRemotePortForwarding\"\xfe\x05\n" +
|
||||
"\x1denableSSHRemotePortForwarding\x18\x17 \x01(\bR\x1denableSSHRemotePortForwarding\x12&\n" +
|
||||
"\x0edisableSSHAuth\x18\x19 \x01(\bR\x0edisableSSHAuth\"\xfe\x05\n" +
|
||||
"\tPeerState\x12\x0e\n" +
|
||||
"\x02IP\x18\x01 \x01(\tR\x02IP\x12\x16\n" +
|
||||
"\x06pubKey\x18\x02 \x01(\tR\x06pubKey\x12\x1e\n" +
|
||||
@@ -5161,7 +5444,7 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\busername\x18\x02 \x01(\tH\x01R\busername\x88\x01\x01B\x0e\n" +
|
||||
"\f_profileNameB\v\n" +
|
||||
"\t_username\"\x17\n" +
|
||||
"\x15SwitchProfileResponse\"\xcd\x0f\n" +
|
||||
"\x15SwitchProfileResponse\"\x8d\x10\n" +
|
||||
"\x10SetConfigRequest\x12\x1a\n" +
|
||||
"\busername\x18\x01 \x01(\tR\busername\x12 \n" +
|
||||
"\vprofileName\x18\x02 \x01(\tR\vprofileName\x12$\n" +
|
||||
@@ -5198,7 +5481,8 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\renableSSHRoot\x18\x1d \x01(\bH\x12R\renableSSHRoot\x88\x01\x01\x12)\n" +
|
||||
"\renableSSHSFTP\x18\x1e \x01(\bH\x13R\renableSSHSFTP\x88\x01\x01\x12A\n" +
|
||||
"\x19enableSSHLocalPortForward\x18\x1f \x01(\bH\x14R\x19enableSSHLocalPortForward\x88\x01\x01\x12C\n" +
|
||||
"\x1aenableSSHRemotePortForward\x18 \x01(\bH\x15R\x1aenableSSHRemotePortForward\x88\x01\x01B\x13\n" +
|
||||
"\x1aenableSSHRemotePortForward\x18 \x01(\bH\x15R\x1aenableSSHRemotePortForward\x88\x01\x01\x12+\n" +
|
||||
"\x0edisableSSHAuth\x18! \x01(\bH\x16R\x0edisableSSHAuth\x88\x01\x01B\x13\n" +
|
||||
"\x11_rosenpassEnabledB\x10\n" +
|
||||
"\x0e_interfaceNameB\x10\n" +
|
||||
"\x0e_wireguardPortB\x17\n" +
|
||||
@@ -5220,7 +5504,8 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\x0e_enableSSHRootB\x10\n" +
|
||||
"\x0e_enableSSHSFTPB\x1c\n" +
|
||||
"\x1a_enableSSHLocalPortForwardB\x1d\n" +
|
||||
"\x1b_enableSSHRemotePortForward\"\x13\n" +
|
||||
"\x1b_enableSSHRemotePortForwardB\x11\n" +
|
||||
"\x0f_disableSSHAuth\"\x13\n" +
|
||||
"\x11SetConfigResponse\"Q\n" +
|
||||
"\x11AddProfileRequest\x12\x1a\n" +
|
||||
"\busername\x18\x01 \x01(\tR\busername\x12 \n" +
|
||||
@@ -5259,7 +5544,27 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"sshHostKey\x12\x16\n" +
|
||||
"\x06peerIP\x18\x02 \x01(\tR\x06peerIP\x12\x1a\n" +
|
||||
"\bpeerFQDN\x18\x03 \x01(\tR\bpeerFQDN\x12\x14\n" +
|
||||
"\x05found\x18\x04 \x01(\bR\x05found*b\n" +
|
||||
"\x05found\x18\x04 \x01(\bR\x05found\"\x17\n" +
|
||||
"\x15RequestJWTAuthRequest\"\x9a\x02\n" +
|
||||
"\x16RequestJWTAuthResponse\x12(\n" +
|
||||
"\x0fverificationURI\x18\x01 \x01(\tR\x0fverificationURI\x128\n" +
|
||||
"\x17verificationURIComplete\x18\x02 \x01(\tR\x17verificationURIComplete\x12\x1a\n" +
|
||||
"\buserCode\x18\x03 \x01(\tR\buserCode\x12\x1e\n" +
|
||||
"\n" +
|
||||
"deviceCode\x18\x04 \x01(\tR\n" +
|
||||
"deviceCode\x12\x1c\n" +
|
||||
"\texpiresIn\x18\x05 \x01(\x03R\texpiresIn\x12 \n" +
|
||||
"\vcachedToken\x18\x06 \x01(\tR\vcachedToken\x12 \n" +
|
||||
"\vmaxTokenAge\x18\a \x01(\x03R\vmaxTokenAge\"Q\n" +
|
||||
"\x13WaitJWTTokenRequest\x12\x1e\n" +
|
||||
"\n" +
|
||||
"deviceCode\x18\x01 \x01(\tR\n" +
|
||||
"deviceCode\x12\x1a\n" +
|
||||
"\buserCode\x18\x02 \x01(\tR\buserCode\"h\n" +
|
||||
"\x14WaitJWTTokenResponse\x12\x14\n" +
|
||||
"\x05token\x18\x01 \x01(\tR\x05token\x12\x1c\n" +
|
||||
"\ttokenType\x18\x02 \x01(\tR\ttokenType\x12\x1c\n" +
|
||||
"\texpiresIn\x18\x03 \x01(\x03R\texpiresIn*b\n" +
|
||||
"\bLogLevel\x12\v\n" +
|
||||
"\aUNKNOWN\x10\x00\x12\t\n" +
|
||||
"\x05PANIC\x10\x01\x12\t\n" +
|
||||
@@ -5268,7 +5573,7 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\x04WARN\x10\x04\x12\b\n" +
|
||||
"\x04INFO\x10\x05\x12\t\n" +
|
||||
"\x05DEBUG\x10\x06\x12\t\n" +
|
||||
"\x05TRACE\x10\a2\xeb\x10\n" +
|
||||
"\x05TRACE\x10\a2\x8b\x12\n" +
|
||||
"\rDaemonService\x126\n" +
|
||||
"\x05Login\x12\x14.daemon.LoginRequest\x1a\x15.daemon.LoginResponse\"\x00\x12K\n" +
|
||||
"\fWaitSSOLogin\x12\x1b.daemon.WaitSSOLoginRequest\x1a\x1c.daemon.WaitSSOLoginResponse\"\x00\x12-\n" +
|
||||
@@ -5301,7 +5606,9 @@ const file_daemon_proto_rawDesc = "" +
|
||||
"\x10GetActiveProfile\x12\x1f.daemon.GetActiveProfileRequest\x1a .daemon.GetActiveProfileResponse\"\x00\x129\n" +
|
||||
"\x06Logout\x12\x15.daemon.LogoutRequest\x1a\x16.daemon.LogoutResponse\"\x00\x12H\n" +
|
||||
"\vGetFeatures\x12\x1a.daemon.GetFeaturesRequest\x1a\x1b.daemon.GetFeaturesResponse\"\x00\x12Z\n" +
|
||||
"\x11GetPeerSSHHostKey\x12 .daemon.GetPeerSSHHostKeyRequest\x1a!.daemon.GetPeerSSHHostKeyResponse\"\x00B\bZ\x06/protob\x06proto3"
|
||||
"\x11GetPeerSSHHostKey\x12 .daemon.GetPeerSSHHostKeyRequest\x1a!.daemon.GetPeerSSHHostKeyResponse\"\x00\x12Q\n" +
|
||||
"\x0eRequestJWTAuth\x12\x1d.daemon.RequestJWTAuthRequest\x1a\x1e.daemon.RequestJWTAuthResponse\"\x00\x12K\n" +
|
||||
"\fWaitJWTToken\x12\x1b.daemon.WaitJWTTokenRequest\x1a\x1c.daemon.WaitJWTTokenResponse\"\x00B\bZ\x06/protob\x06proto3"
|
||||
|
||||
var (
|
||||
file_daemon_proto_rawDescOnce sync.Once
|
||||
@@ -5316,7 +5623,7 @@ func file_daemon_proto_rawDescGZIP() []byte {
|
||||
}
|
||||
|
||||
var file_daemon_proto_enumTypes = make([]protoimpl.EnumInfo, 3)
|
||||
var file_daemon_proto_msgTypes = make([]protoimpl.MessageInfo, 74)
|
||||
var file_daemon_proto_msgTypes = make([]protoimpl.MessageInfo, 78)
|
||||
var file_daemon_proto_goTypes = []any{
|
||||
(LogLevel)(0), // 0: daemon.LogLevel
|
||||
(SystemEvent_Severity)(0), // 1: daemon.SystemEvent.Severity
|
||||
@@ -5392,18 +5699,22 @@ var file_daemon_proto_goTypes = []any{
|
||||
(*GetFeaturesResponse)(nil), // 71: daemon.GetFeaturesResponse
|
||||
(*GetPeerSSHHostKeyRequest)(nil), // 72: daemon.GetPeerSSHHostKeyRequest
|
||||
(*GetPeerSSHHostKeyResponse)(nil), // 73: daemon.GetPeerSSHHostKeyResponse
|
||||
nil, // 74: daemon.Network.ResolvedIPsEntry
|
||||
(*PortInfo_Range)(nil), // 75: daemon.PortInfo.Range
|
||||
nil, // 76: daemon.SystemEvent.MetadataEntry
|
||||
(*durationpb.Duration)(nil), // 77: google.protobuf.Duration
|
||||
(*timestamppb.Timestamp)(nil), // 78: google.protobuf.Timestamp
|
||||
(*RequestJWTAuthRequest)(nil), // 74: daemon.RequestJWTAuthRequest
|
||||
(*RequestJWTAuthResponse)(nil), // 75: daemon.RequestJWTAuthResponse
|
||||
(*WaitJWTTokenRequest)(nil), // 76: daemon.WaitJWTTokenRequest
|
||||
(*WaitJWTTokenResponse)(nil), // 77: daemon.WaitJWTTokenResponse
|
||||
nil, // 78: daemon.Network.ResolvedIPsEntry
|
||||
(*PortInfo_Range)(nil), // 79: daemon.PortInfo.Range
|
||||
nil, // 80: daemon.SystemEvent.MetadataEntry
|
||||
(*durationpb.Duration)(nil), // 81: google.protobuf.Duration
|
||||
(*timestamppb.Timestamp)(nil), // 82: google.protobuf.Timestamp
|
||||
}
|
||||
var file_daemon_proto_depIdxs = []int32{
|
||||
77, // 0: daemon.LoginRequest.dnsRouteInterval:type_name -> google.protobuf.Duration
|
||||
81, // 0: daemon.LoginRequest.dnsRouteInterval:type_name -> google.protobuf.Duration
|
||||
22, // 1: daemon.StatusResponse.fullStatus:type_name -> daemon.FullStatus
|
||||
78, // 2: daemon.PeerState.connStatusUpdate:type_name -> google.protobuf.Timestamp
|
||||
78, // 3: daemon.PeerState.lastWireguardHandshake:type_name -> google.protobuf.Timestamp
|
||||
77, // 4: daemon.PeerState.latency:type_name -> google.protobuf.Duration
|
||||
82, // 2: daemon.PeerState.connStatusUpdate:type_name -> google.protobuf.Timestamp
|
||||
82, // 3: daemon.PeerState.lastWireguardHandshake:type_name -> google.protobuf.Timestamp
|
||||
81, // 4: daemon.PeerState.latency:type_name -> google.protobuf.Duration
|
||||
19, // 5: daemon.FullStatus.managementState:type_name -> daemon.ManagementState
|
||||
18, // 6: daemon.FullStatus.signalState:type_name -> daemon.SignalState
|
||||
17, // 7: daemon.FullStatus.localPeerState:type_name -> daemon.LocalPeerState
|
||||
@@ -5412,8 +5723,8 @@ var file_daemon_proto_depIdxs = []int32{
|
||||
21, // 10: daemon.FullStatus.dns_servers:type_name -> daemon.NSGroupState
|
||||
52, // 11: daemon.FullStatus.events:type_name -> daemon.SystemEvent
|
||||
28, // 12: daemon.ListNetworksResponse.routes:type_name -> daemon.Network
|
||||
74, // 13: daemon.Network.resolvedIPs:type_name -> daemon.Network.ResolvedIPsEntry
|
||||
75, // 14: daemon.PortInfo.range:type_name -> daemon.PortInfo.Range
|
||||
78, // 13: daemon.Network.resolvedIPs:type_name -> daemon.Network.ResolvedIPsEntry
|
||||
79, // 14: daemon.PortInfo.range:type_name -> daemon.PortInfo.Range
|
||||
29, // 15: daemon.ForwardingRule.destinationPort:type_name -> daemon.PortInfo
|
||||
29, // 16: daemon.ForwardingRule.translatedPort:type_name -> daemon.PortInfo
|
||||
30, // 17: daemon.ForwardingRulesResponse.rules:type_name -> daemon.ForwardingRule
|
||||
@@ -5424,10 +5735,10 @@ var file_daemon_proto_depIdxs = []int32{
|
||||
49, // 22: daemon.TracePacketResponse.stages:type_name -> daemon.TraceStage
|
||||
1, // 23: daemon.SystemEvent.severity:type_name -> daemon.SystemEvent.Severity
|
||||
2, // 24: daemon.SystemEvent.category:type_name -> daemon.SystemEvent.Category
|
||||
78, // 25: daemon.SystemEvent.timestamp:type_name -> google.protobuf.Timestamp
|
||||
76, // 26: daemon.SystemEvent.metadata:type_name -> daemon.SystemEvent.MetadataEntry
|
||||
82, // 25: daemon.SystemEvent.timestamp:type_name -> google.protobuf.Timestamp
|
||||
80, // 26: daemon.SystemEvent.metadata:type_name -> daemon.SystemEvent.MetadataEntry
|
||||
52, // 27: daemon.GetEventsResponse.events:type_name -> daemon.SystemEvent
|
||||
77, // 28: daemon.SetConfigRequest.dnsRouteInterval:type_name -> google.protobuf.Duration
|
||||
81, // 28: daemon.SetConfigRequest.dnsRouteInterval:type_name -> google.protobuf.Duration
|
||||
65, // 29: daemon.ListProfilesResponse.profiles:type_name -> daemon.Profile
|
||||
27, // 30: daemon.Network.ResolvedIPsEntry.value:type_name -> daemon.IPList
|
||||
4, // 31: daemon.DaemonService.Login:input_type -> daemon.LoginRequest
|
||||
@@ -5459,37 +5770,41 @@ var file_daemon_proto_depIdxs = []int32{
|
||||
68, // 57: daemon.DaemonService.Logout:input_type -> daemon.LogoutRequest
|
||||
70, // 58: daemon.DaemonService.GetFeatures:input_type -> daemon.GetFeaturesRequest
|
||||
72, // 59: daemon.DaemonService.GetPeerSSHHostKey:input_type -> daemon.GetPeerSSHHostKeyRequest
|
||||
5, // 60: daemon.DaemonService.Login:output_type -> daemon.LoginResponse
|
||||
7, // 61: daemon.DaemonService.WaitSSOLogin:output_type -> daemon.WaitSSOLoginResponse
|
||||
9, // 62: daemon.DaemonService.Up:output_type -> daemon.UpResponse
|
||||
11, // 63: daemon.DaemonService.Status:output_type -> daemon.StatusResponse
|
||||
13, // 64: daemon.DaemonService.Down:output_type -> daemon.DownResponse
|
||||
15, // 65: daemon.DaemonService.GetConfig:output_type -> daemon.GetConfigResponse
|
||||
24, // 66: daemon.DaemonService.ListNetworks:output_type -> daemon.ListNetworksResponse
|
||||
26, // 67: daemon.DaemonService.SelectNetworks:output_type -> daemon.SelectNetworksResponse
|
||||
26, // 68: daemon.DaemonService.DeselectNetworks:output_type -> daemon.SelectNetworksResponse
|
||||
31, // 69: daemon.DaemonService.ForwardingRules:output_type -> daemon.ForwardingRulesResponse
|
||||
33, // 70: daemon.DaemonService.DebugBundle:output_type -> daemon.DebugBundleResponse
|
||||
35, // 71: daemon.DaemonService.GetLogLevel:output_type -> daemon.GetLogLevelResponse
|
||||
37, // 72: daemon.DaemonService.SetLogLevel:output_type -> daemon.SetLogLevelResponse
|
||||
40, // 73: daemon.DaemonService.ListStates:output_type -> daemon.ListStatesResponse
|
||||
42, // 74: daemon.DaemonService.CleanState:output_type -> daemon.CleanStateResponse
|
||||
44, // 75: daemon.DaemonService.DeleteState:output_type -> daemon.DeleteStateResponse
|
||||
46, // 76: daemon.DaemonService.SetSyncResponsePersistence:output_type -> daemon.SetSyncResponsePersistenceResponse
|
||||
50, // 77: daemon.DaemonService.TracePacket:output_type -> daemon.TracePacketResponse
|
||||
52, // 78: daemon.DaemonService.SubscribeEvents:output_type -> daemon.SystemEvent
|
||||
54, // 79: daemon.DaemonService.GetEvents:output_type -> daemon.GetEventsResponse
|
||||
56, // 80: daemon.DaemonService.SwitchProfile:output_type -> daemon.SwitchProfileResponse
|
||||
58, // 81: daemon.DaemonService.SetConfig:output_type -> daemon.SetConfigResponse
|
||||
60, // 82: daemon.DaemonService.AddProfile:output_type -> daemon.AddProfileResponse
|
||||
62, // 83: daemon.DaemonService.RemoveProfile:output_type -> daemon.RemoveProfileResponse
|
||||
64, // 84: daemon.DaemonService.ListProfiles:output_type -> daemon.ListProfilesResponse
|
||||
67, // 85: daemon.DaemonService.GetActiveProfile:output_type -> daemon.GetActiveProfileResponse
|
||||
69, // 86: daemon.DaemonService.Logout:output_type -> daemon.LogoutResponse
|
||||
71, // 87: daemon.DaemonService.GetFeatures:output_type -> daemon.GetFeaturesResponse
|
||||
73, // 88: daemon.DaemonService.GetPeerSSHHostKey:output_type -> daemon.GetPeerSSHHostKeyResponse
|
||||
60, // [60:89] is the sub-list for method output_type
|
||||
31, // [31:60] is the sub-list for method input_type
|
||||
74, // 60: daemon.DaemonService.RequestJWTAuth:input_type -> daemon.RequestJWTAuthRequest
|
||||
76, // 61: daemon.DaemonService.WaitJWTToken:input_type -> daemon.WaitJWTTokenRequest
|
||||
5, // 62: daemon.DaemonService.Login:output_type -> daemon.LoginResponse
|
||||
7, // 63: daemon.DaemonService.WaitSSOLogin:output_type -> daemon.WaitSSOLoginResponse
|
||||
9, // 64: daemon.DaemonService.Up:output_type -> daemon.UpResponse
|
||||
11, // 65: daemon.DaemonService.Status:output_type -> daemon.StatusResponse
|
||||
13, // 66: daemon.DaemonService.Down:output_type -> daemon.DownResponse
|
||||
15, // 67: daemon.DaemonService.GetConfig:output_type -> daemon.GetConfigResponse
|
||||
24, // 68: daemon.DaemonService.ListNetworks:output_type -> daemon.ListNetworksResponse
|
||||
26, // 69: daemon.DaemonService.SelectNetworks:output_type -> daemon.SelectNetworksResponse
|
||||
26, // 70: daemon.DaemonService.DeselectNetworks:output_type -> daemon.SelectNetworksResponse
|
||||
31, // 71: daemon.DaemonService.ForwardingRules:output_type -> daemon.ForwardingRulesResponse
|
||||
33, // 72: daemon.DaemonService.DebugBundle:output_type -> daemon.DebugBundleResponse
|
||||
35, // 73: daemon.DaemonService.GetLogLevel:output_type -> daemon.GetLogLevelResponse
|
||||
37, // 74: daemon.DaemonService.SetLogLevel:output_type -> daemon.SetLogLevelResponse
|
||||
40, // 75: daemon.DaemonService.ListStates:output_type -> daemon.ListStatesResponse
|
||||
42, // 76: daemon.DaemonService.CleanState:output_type -> daemon.CleanStateResponse
|
||||
44, // 77: daemon.DaemonService.DeleteState:output_type -> daemon.DeleteStateResponse
|
||||
46, // 78: daemon.DaemonService.SetSyncResponsePersistence:output_type -> daemon.SetSyncResponsePersistenceResponse
|
||||
50, // 79: daemon.DaemonService.TracePacket:output_type -> daemon.TracePacketResponse
|
||||
52, // 80: daemon.DaemonService.SubscribeEvents:output_type -> daemon.SystemEvent
|
||||
54, // 81: daemon.DaemonService.GetEvents:output_type -> daemon.GetEventsResponse
|
||||
56, // 82: daemon.DaemonService.SwitchProfile:output_type -> daemon.SwitchProfileResponse
|
||||
58, // 83: daemon.DaemonService.SetConfig:output_type -> daemon.SetConfigResponse
|
||||
60, // 84: daemon.DaemonService.AddProfile:output_type -> daemon.AddProfileResponse
|
||||
62, // 85: daemon.DaemonService.RemoveProfile:output_type -> daemon.RemoveProfileResponse
|
||||
64, // 86: daemon.DaemonService.ListProfiles:output_type -> daemon.ListProfilesResponse
|
||||
67, // 87: daemon.DaemonService.GetActiveProfile:output_type -> daemon.GetActiveProfileResponse
|
||||
69, // 88: daemon.DaemonService.Logout:output_type -> daemon.LogoutResponse
|
||||
71, // 89: daemon.DaemonService.GetFeatures:output_type -> daemon.GetFeaturesResponse
|
||||
73, // 90: daemon.DaemonService.GetPeerSSHHostKey:output_type -> daemon.GetPeerSSHHostKeyResponse
|
||||
75, // 91: daemon.DaemonService.RequestJWTAuth:output_type -> daemon.RequestJWTAuthResponse
|
||||
77, // 92: daemon.DaemonService.WaitJWTToken:output_type -> daemon.WaitJWTTokenResponse
|
||||
62, // [62:93] is the sub-list for method output_type
|
||||
31, // [31:62] is the sub-list for method input_type
|
||||
31, // [31:31] is the sub-list for extension type_name
|
||||
31, // [31:31] is the sub-list for extension extendee
|
||||
0, // [0:31] is the sub-list for field type_name
|
||||
@@ -5518,7 +5833,7 @@ func file_daemon_proto_init() {
|
||||
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
||||
RawDescriptor: unsafe.Slice(unsafe.StringData(file_daemon_proto_rawDesc), len(file_daemon_proto_rawDesc)),
|
||||
NumEnums: 3,
|
||||
NumMessages: 74,
|
||||
NumMessages: 78,
|
||||
NumExtensions: 0,
|
||||
NumServices: 1,
|
||||
},
|
||||
|
||||
@@ -87,6 +87,12 @@ service DaemonService {
|
||||
|
||||
// GetPeerSSHHostKey retrieves SSH host key for a specific peer
|
||||
rpc GetPeerSSHHostKey(GetPeerSSHHostKeyRequest) returns (GetPeerSSHHostKeyResponse) {}
|
||||
|
||||
// RequestJWTAuth initiates JWT authentication flow for SSH
|
||||
rpc RequestJWTAuth(RequestJWTAuthRequest) returns (RequestJWTAuthResponse) {}
|
||||
|
||||
// WaitJWTToken waits for JWT authentication completion
|
||||
rpc WaitJWTToken(WaitJWTTokenRequest) returns (WaitJWTTokenResponse) {}
|
||||
}
|
||||
|
||||
|
||||
@@ -166,6 +172,7 @@ message LoginRequest {
|
||||
optional bool enableSSHSFTP = 34;
|
||||
optional bool enableSSHLocalPortForwarding = 35;
|
||||
optional bool enableSSHRemotePortForwarding = 36;
|
||||
optional bool disableSSHAuth = 37;
|
||||
}
|
||||
|
||||
message LoginResponse {
|
||||
@@ -268,6 +275,8 @@ message GetConfigResponse {
|
||||
bool enableSSHLocalPortForwarding = 22;
|
||||
|
||||
bool enableSSHRemotePortForwarding = 23;
|
||||
|
||||
bool disableSSHAuth = 25;
|
||||
}
|
||||
|
||||
// PeerState contains the latest state of a peer
|
||||
@@ -612,6 +621,7 @@ message SetConfigRequest {
|
||||
optional bool enableSSHSFTP = 30;
|
||||
optional bool enableSSHLocalPortForward = 31;
|
||||
optional bool enableSSHRemotePortForward = 32;
|
||||
optional bool disableSSHAuth = 33;
|
||||
}
|
||||
|
||||
message SetConfigResponse{}
|
||||
@@ -681,3 +691,43 @@ message GetPeerSSHHostKeyResponse {
|
||||
// indicates if the SSH host key was found
|
||||
bool found = 4;
|
||||
}
|
||||
|
||||
// RequestJWTAuthRequest for initiating JWT authentication flow
|
||||
message RequestJWTAuthRequest {
|
||||
}
|
||||
|
||||
// RequestJWTAuthResponse contains authentication flow information
|
||||
message RequestJWTAuthResponse {
|
||||
// verification URI for user authentication
|
||||
string verificationURI = 1;
|
||||
// complete verification URI (with embedded user code)
|
||||
string verificationURIComplete = 2;
|
||||
// user code to enter on verification URI
|
||||
string userCode = 3;
|
||||
// device code for polling
|
||||
string deviceCode = 4;
|
||||
// expiration time in seconds
|
||||
int64 expiresIn = 5;
|
||||
// if a cached token is available, it will be returned here
|
||||
string cachedToken = 6;
|
||||
// maximum age of JWT tokens in seconds (from management server)
|
||||
int64 maxTokenAge = 7;
|
||||
}
|
||||
|
||||
// WaitJWTTokenRequest for waiting for authentication completion
|
||||
message WaitJWTTokenRequest {
|
||||
// device code from RequestJWTAuthResponse
|
||||
string deviceCode = 1;
|
||||
// user code for verification
|
||||
string userCode = 2;
|
||||
}
|
||||
|
||||
// WaitJWTTokenResponse contains the JWT token after authentication
|
||||
message WaitJWTTokenResponse {
|
||||
// JWT token (access token or ID token)
|
||||
string token = 1;
|
||||
// token type (e.g., "Bearer")
|
||||
string tokenType = 2;
|
||||
// expiration time in seconds
|
||||
int64 expiresIn = 3;
|
||||
}
|
||||
|
||||
@@ -66,6 +66,10 @@ type DaemonServiceClient interface {
|
||||
GetFeatures(ctx context.Context, in *GetFeaturesRequest, opts ...grpc.CallOption) (*GetFeaturesResponse, error)
|
||||
// GetPeerSSHHostKey retrieves SSH host key for a specific peer
|
||||
GetPeerSSHHostKey(ctx context.Context, in *GetPeerSSHHostKeyRequest, opts ...grpc.CallOption) (*GetPeerSSHHostKeyResponse, error)
|
||||
// RequestJWTAuth initiates JWT authentication flow for SSH
|
||||
RequestJWTAuth(ctx context.Context, in *RequestJWTAuthRequest, opts ...grpc.CallOption) (*RequestJWTAuthResponse, error)
|
||||
// WaitJWTToken waits for JWT authentication completion
|
||||
WaitJWTToken(ctx context.Context, in *WaitJWTTokenRequest, opts ...grpc.CallOption) (*WaitJWTTokenResponse, error)
|
||||
}
|
||||
|
||||
type daemonServiceClient struct {
|
||||
@@ -360,6 +364,24 @@ func (c *daemonServiceClient) GetPeerSSHHostKey(ctx context.Context, in *GetPeer
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func (c *daemonServiceClient) RequestJWTAuth(ctx context.Context, in *RequestJWTAuthRequest, opts ...grpc.CallOption) (*RequestJWTAuthResponse, error) {
|
||||
out := new(RequestJWTAuthResponse)
|
||||
err := c.cc.Invoke(ctx, "/daemon.DaemonService/RequestJWTAuth", in, out, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func (c *daemonServiceClient) WaitJWTToken(ctx context.Context, in *WaitJWTTokenRequest, opts ...grpc.CallOption) (*WaitJWTTokenResponse, error) {
|
||||
out := new(WaitJWTTokenResponse)
|
||||
err := c.cc.Invoke(ctx, "/daemon.DaemonService/WaitJWTToken", in, out, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return out, nil
|
||||
}
|
||||
|
||||
// DaemonServiceServer is the server API for DaemonService service.
|
||||
// All implementations must embed UnimplementedDaemonServiceServer
|
||||
// for forward compatibility
|
||||
@@ -412,6 +434,10 @@ type DaemonServiceServer interface {
|
||||
GetFeatures(context.Context, *GetFeaturesRequest) (*GetFeaturesResponse, error)
|
||||
// GetPeerSSHHostKey retrieves SSH host key for a specific peer
|
||||
GetPeerSSHHostKey(context.Context, *GetPeerSSHHostKeyRequest) (*GetPeerSSHHostKeyResponse, error)
|
||||
// RequestJWTAuth initiates JWT authentication flow for SSH
|
||||
RequestJWTAuth(context.Context, *RequestJWTAuthRequest) (*RequestJWTAuthResponse, error)
|
||||
// WaitJWTToken waits for JWT authentication completion
|
||||
WaitJWTToken(context.Context, *WaitJWTTokenRequest) (*WaitJWTTokenResponse, error)
|
||||
mustEmbedUnimplementedDaemonServiceServer()
|
||||
}
|
||||
|
||||
@@ -506,6 +532,12 @@ func (UnimplementedDaemonServiceServer) GetFeatures(context.Context, *GetFeature
|
||||
func (UnimplementedDaemonServiceServer) GetPeerSSHHostKey(context.Context, *GetPeerSSHHostKeyRequest) (*GetPeerSSHHostKeyResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method GetPeerSSHHostKey not implemented")
|
||||
}
|
||||
func (UnimplementedDaemonServiceServer) RequestJWTAuth(context.Context, *RequestJWTAuthRequest) (*RequestJWTAuthResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method RequestJWTAuth not implemented")
|
||||
}
|
||||
func (UnimplementedDaemonServiceServer) WaitJWTToken(context.Context, *WaitJWTTokenRequest) (*WaitJWTTokenResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method WaitJWTToken not implemented")
|
||||
}
|
||||
func (UnimplementedDaemonServiceServer) mustEmbedUnimplementedDaemonServiceServer() {}
|
||||
|
||||
// UnsafeDaemonServiceServer may be embedded to opt out of forward compatibility for this service.
|
||||
@@ -1044,6 +1076,42 @@ func _DaemonService_GetPeerSSHHostKey_Handler(srv interface{}, ctx context.Conte
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
func _DaemonService_RequestJWTAuth_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(RequestJWTAuthRequest)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if interceptor == nil {
|
||||
return srv.(DaemonServiceServer).RequestJWTAuth(ctx, in)
|
||||
}
|
||||
info := &grpc.UnaryServerInfo{
|
||||
Server: srv,
|
||||
FullMethod: "/daemon.DaemonService/RequestJWTAuth",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(DaemonServiceServer).RequestJWTAuth(ctx, req.(*RequestJWTAuthRequest))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
func _DaemonService_WaitJWTToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(WaitJWTTokenRequest)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if interceptor == nil {
|
||||
return srv.(DaemonServiceServer).WaitJWTToken(ctx, in)
|
||||
}
|
||||
info := &grpc.UnaryServerInfo{
|
||||
Server: srv,
|
||||
FullMethod: "/daemon.DaemonService/WaitJWTToken",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(DaemonServiceServer).WaitJWTToken(ctx, req.(*WaitJWTTokenRequest))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
// DaemonService_ServiceDesc is the grpc.ServiceDesc for DaemonService service.
|
||||
// It's only intended for direct use with grpc.RegisterService,
|
||||
// and not to be introspected or modified (even as a copy)
|
||||
@@ -1163,6 +1231,14 @@ var DaemonService_ServiceDesc = grpc.ServiceDesc{
|
||||
MethodName: "GetPeerSSHHostKey",
|
||||
Handler: _DaemonService_GetPeerSSHHostKey_Handler,
|
||||
},
|
||||
{
|
||||
MethodName: "RequestJWTAuth",
|
||||
Handler: _DaemonService_RequestJWTAuth_Handler,
|
||||
},
|
||||
{
|
||||
MethodName: "WaitJWTToken",
|
||||
Handler: _DaemonService_WaitJWTToken_Handler,
|
||||
},
|
||||
},
|
||||
Streams: []grpc.StreamDesc{
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user