mirror of
https://github.com/netbirdio/netbird.git
synced 2026-07-18 12:39:54 +00:00
* add SSO session extend flow (management)
Adds the management-server half of the SSO session-extension feature:
- New ExtendAuthSession gRPC RPC that refreshes a peer's session expiry
using a fresh JWT, validated through the same pipeline as Login but
without tearing down the tunnel or redoing the NetworkMap sync.
- Per-peer SessionExpiresAt timestamp on every LoginResponse and
SyncResponse so connected clients learn the deadline on the existing
long-lived stream, and admin-side changes (toggling expiration,
changing the expiration window) reach every peer within seconds.
- SessionExpiresAt(...) helper on Peer that derives the absolute UTC
deadline from LastLogin + the account-level PeerLoginExpiration
setting, returning zero when the peer is not SSO-tracked or expiration
is disabled.
The matching client-side consumer of these fields lands separately.
* encode SessionExpiresAt as 3-state on the wire
Previously the `sessionExpiresAt` field on LoginResponse, SyncResponse
and ExtendAuthSessionResponse was 2-state: a valid timestamp meant
"new deadline", and nil meant "clear". That conflated two distinct
meanings — "no info in this snapshot" vs "expiry is explicitly off /
peer is not SSO-tracked" — so a Sync push that legitimately couldn't
compute the deadline (settings lookup failed) would silently clear the
client's anchor and lose the warning window.
Three states now, encoded on the same field number (no .proto schema
churn — only comments and the server-side encoder change):
- nil pointer (field absent) → "no info"; client preserves anchor
- &Timestamp{} (seconds=0, nanos=0) → explicit "disabled / not SSO"
sentinel; client clears
- valid timestamp → new absolute UTC deadline
A new encodeSessionExpiresAt helper centralises the zero/non-zero
encoding and is shared by the Sync, Login and ExtendAuthSession
builders. The Sync builder still emits nil when settings are missing.
Login and ExtendAuthSession always carry an authoritative value.
The matching client-side decoder lands on feature/session-extend.
* add UserExtendedPeerSession activity event
ExtendAuthSession previously reused UserLoggedInPeer for its audit
record, which conflated two distinct user actions: a full interactive
SSO login (tunnel re-established, network map resync) versus an
in-place deadline refresh (tunnel untouched). Auditors reading the log
couldn't tell which one happened, and downstream dashboards/alerts on
"login" volume were polluted by routine extends.
Adds a dedicated UserExtendedPeerSession Activity (code 125,
"user.peer.session.extend") and switches ExtendPeerSession over to it.
The peer-extend audit trail is now distinguishable from interactive
logins.
* make ExtendAuthSession JWT-retry backoff cancellable
Skip the retry log and 200ms wait on the final attempt, and replace the
uncancellable time.Sleep with a select on time.After/ctx.Done so an
upstream cancellation aborts the wait instead of running it to
completion.
662 lines
27 KiB
Go
662 lines
27 KiB
Go
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
|
|
|
|
package proto
|
|
|
|
import (
|
|
context "context"
|
|
grpc "google.golang.org/grpc"
|
|
codes "google.golang.org/grpc/codes"
|
|
status "google.golang.org/grpc/status"
|
|
)
|
|
|
|
// This is a compile-time assertion to ensure that this generated file
|
|
// is compatible with the grpc package it is being compiled against.
|
|
// Requires gRPC-Go v1.32.0 or later.
|
|
const _ = grpc.SupportPackageIsVersion7
|
|
|
|
// ManagementServiceClient is the client API for ManagementService service.
|
|
//
|
|
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
|
type ManagementServiceClient interface {
|
|
// Login logs in peer. In case server returns codes.PermissionDenied this endpoint can be used to register Peer providing LoginRequest.setupKey
|
|
// Returns encrypted LoginResponse in EncryptedMessage.Body
|
|
Login(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
// Sync enables peer synchronization. Each peer that is connected to this stream will receive updates from the server.
|
|
// For example, if a new peer has been added to an account all other connected peers will receive this peer's Wireguard public key as an update
|
|
// The initial SyncResponse contains all of the available peers so the local state can be refreshed
|
|
// Returns encrypted SyncResponse in EncryptedMessage.Body
|
|
Sync(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (ManagementService_SyncClient, error)
|
|
// Exposes a Wireguard public key of the Management service.
|
|
// This key is used to support message encryption between client and server
|
|
GetServerKey(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*ServerKeyResponse, error)
|
|
// health check endpoint
|
|
IsHealthy(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*Empty, error)
|
|
// Exposes a device authorization flow information
|
|
// This is used for initiating a Oauth 2 device authorization grant flow
|
|
// which will be used by our clients to Login.
|
|
// EncryptedMessage of the request has a body of DeviceAuthorizationFlowRequest.
|
|
// EncryptedMessage of the response has a body of DeviceAuthorizationFlow.
|
|
GetDeviceAuthorizationFlow(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
// Exposes a PKCE authorization code flow information
|
|
// This is used for initiating a Oauth 2 authorization grant flow
|
|
// with Proof Key for Code Exchange (PKCE) which will be used by our clients to Login.
|
|
// EncryptedMessage of the request has a body of PKCEAuthorizationFlowRequest.
|
|
// EncryptedMessage of the response has a body of PKCEAuthorizationFlow.
|
|
GetPKCEAuthorizationFlow(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
// SyncMeta is used to sync metadata of the peer.
|
|
// After sync the peer if there is a change in peer posture check which needs to be evaluated by the client,
|
|
// sync meta will evaluate the checks and update the peer meta with the result.
|
|
// EncryptedMessage of the request has a body of Empty.
|
|
SyncMeta(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*Empty, error)
|
|
// Logout logs out the peer and removes it from the management server
|
|
Logout(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*Empty, error)
|
|
// Executes a job on a target peer (e.g., debug bundle)
|
|
Job(ctx context.Context, opts ...grpc.CallOption) (ManagementService_JobClient, error)
|
|
// ExtendAuthSession refreshes the peer's session expiry deadline using a fresh JWT.
|
|
// Same JWT validation pipeline as Login (including jwt.UserID == peer.UserID check),
|
|
// but does not redo the network-map sync. Only valid for SSO-registered peers where
|
|
// login expiration is enabled. The tunnel remains up.
|
|
// EncryptedMessage of the request has a body of ExtendAuthSessionRequest.
|
|
// EncryptedMessage of the response has a body of ExtendAuthSessionResponse.
|
|
ExtendAuthSession(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
// CreateExpose creates a temporary reverse proxy service for a peer
|
|
CreateExpose(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
// RenewExpose extends the TTL of an active expose session
|
|
RenewExpose(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
// StopExpose terminates an active expose session
|
|
StopExpose(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error)
|
|
}
|
|
|
|
type managementServiceClient struct {
|
|
cc grpc.ClientConnInterface
|
|
}
|
|
|
|
func NewManagementServiceClient(cc grpc.ClientConnInterface) ManagementServiceClient {
|
|
return &managementServiceClient{cc}
|
|
}
|
|
|
|
func (c *managementServiceClient) Login(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/Login", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) Sync(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (ManagementService_SyncClient, error) {
|
|
stream, err := c.cc.NewStream(ctx, &ManagementService_ServiceDesc.Streams[0], "/management.ManagementService/Sync", opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
x := &managementServiceSyncClient{stream}
|
|
if err := x.ClientStream.SendMsg(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := x.ClientStream.CloseSend(); err != nil {
|
|
return nil, err
|
|
}
|
|
return x, nil
|
|
}
|
|
|
|
type ManagementService_SyncClient interface {
|
|
Recv() (*EncryptedMessage, error)
|
|
grpc.ClientStream
|
|
}
|
|
|
|
type managementServiceSyncClient struct {
|
|
grpc.ClientStream
|
|
}
|
|
|
|
func (x *managementServiceSyncClient) Recv() (*EncryptedMessage, error) {
|
|
m := new(EncryptedMessage)
|
|
if err := x.ClientStream.RecvMsg(m); err != nil {
|
|
return nil, err
|
|
}
|
|
return m, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) GetServerKey(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*ServerKeyResponse, error) {
|
|
out := new(ServerKeyResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/GetServerKey", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) IsHealthy(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*Empty, error) {
|
|
out := new(Empty)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/isHealthy", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) GetDeviceAuthorizationFlow(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/GetDeviceAuthorizationFlow", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) GetPKCEAuthorizationFlow(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/GetPKCEAuthorizationFlow", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) SyncMeta(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*Empty, error) {
|
|
out := new(Empty)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/SyncMeta", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) Logout(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*Empty, error) {
|
|
out := new(Empty)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/Logout", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) Job(ctx context.Context, opts ...grpc.CallOption) (ManagementService_JobClient, error) {
|
|
stream, err := c.cc.NewStream(ctx, &ManagementService_ServiceDesc.Streams[1], "/management.ManagementService/Job", opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
x := &managementServiceJobClient{stream}
|
|
return x, nil
|
|
}
|
|
|
|
type ManagementService_JobClient interface {
|
|
Send(*EncryptedMessage) error
|
|
Recv() (*EncryptedMessage, error)
|
|
grpc.ClientStream
|
|
}
|
|
|
|
type managementServiceJobClient struct {
|
|
grpc.ClientStream
|
|
}
|
|
|
|
func (x *managementServiceJobClient) Send(m *EncryptedMessage) error {
|
|
return x.ClientStream.SendMsg(m)
|
|
}
|
|
|
|
func (x *managementServiceJobClient) Recv() (*EncryptedMessage, error) {
|
|
m := new(EncryptedMessage)
|
|
if err := x.ClientStream.RecvMsg(m); err != nil {
|
|
return nil, err
|
|
}
|
|
return m, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) ExtendAuthSession(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/ExtendAuthSession", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) CreateExpose(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/CreateExpose", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) RenewExpose(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/RenewExpose", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *managementServiceClient) StopExpose(ctx context.Context, in *EncryptedMessage, opts ...grpc.CallOption) (*EncryptedMessage, error) {
|
|
out := new(EncryptedMessage)
|
|
err := c.cc.Invoke(ctx, "/management.ManagementService/StopExpose", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
// ManagementServiceServer is the server API for ManagementService service.
|
|
// All implementations must embed UnimplementedManagementServiceServer
|
|
// for forward compatibility
|
|
type ManagementServiceServer interface {
|
|
// Login logs in peer. In case server returns codes.PermissionDenied this endpoint can be used to register Peer providing LoginRequest.setupKey
|
|
// Returns encrypted LoginResponse in EncryptedMessage.Body
|
|
Login(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
// Sync enables peer synchronization. Each peer that is connected to this stream will receive updates from the server.
|
|
// For example, if a new peer has been added to an account all other connected peers will receive this peer's Wireguard public key as an update
|
|
// The initial SyncResponse contains all of the available peers so the local state can be refreshed
|
|
// Returns encrypted SyncResponse in EncryptedMessage.Body
|
|
Sync(*EncryptedMessage, ManagementService_SyncServer) error
|
|
// Exposes a Wireguard public key of the Management service.
|
|
// This key is used to support message encryption between client and server
|
|
GetServerKey(context.Context, *Empty) (*ServerKeyResponse, error)
|
|
// health check endpoint
|
|
IsHealthy(context.Context, *Empty) (*Empty, error)
|
|
// Exposes a device authorization flow information
|
|
// This is used for initiating a Oauth 2 device authorization grant flow
|
|
// which will be used by our clients to Login.
|
|
// EncryptedMessage of the request has a body of DeviceAuthorizationFlowRequest.
|
|
// EncryptedMessage of the response has a body of DeviceAuthorizationFlow.
|
|
GetDeviceAuthorizationFlow(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
// Exposes a PKCE authorization code flow information
|
|
// This is used for initiating a Oauth 2 authorization grant flow
|
|
// with Proof Key for Code Exchange (PKCE) which will be used by our clients to Login.
|
|
// EncryptedMessage of the request has a body of PKCEAuthorizationFlowRequest.
|
|
// EncryptedMessage of the response has a body of PKCEAuthorizationFlow.
|
|
GetPKCEAuthorizationFlow(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
// SyncMeta is used to sync metadata of the peer.
|
|
// After sync the peer if there is a change in peer posture check which needs to be evaluated by the client,
|
|
// sync meta will evaluate the checks and update the peer meta with the result.
|
|
// EncryptedMessage of the request has a body of Empty.
|
|
SyncMeta(context.Context, *EncryptedMessage) (*Empty, error)
|
|
// Logout logs out the peer and removes it from the management server
|
|
Logout(context.Context, *EncryptedMessage) (*Empty, error)
|
|
// Executes a job on a target peer (e.g., debug bundle)
|
|
Job(ManagementService_JobServer) error
|
|
// ExtendAuthSession refreshes the peer's session expiry deadline using a fresh JWT.
|
|
// Same JWT validation pipeline as Login (including jwt.UserID == peer.UserID check),
|
|
// but does not redo the network-map sync. Only valid for SSO-registered peers where
|
|
// login expiration is enabled. The tunnel remains up.
|
|
// EncryptedMessage of the request has a body of ExtendAuthSessionRequest.
|
|
// EncryptedMessage of the response has a body of ExtendAuthSessionResponse.
|
|
ExtendAuthSession(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
// CreateExpose creates a temporary reverse proxy service for a peer
|
|
CreateExpose(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
// RenewExpose extends the TTL of an active expose session
|
|
RenewExpose(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
// StopExpose terminates an active expose session
|
|
StopExpose(context.Context, *EncryptedMessage) (*EncryptedMessage, error)
|
|
mustEmbedUnimplementedManagementServiceServer()
|
|
}
|
|
|
|
// UnimplementedManagementServiceServer must be embedded to have forward compatible implementations.
|
|
type UnimplementedManagementServiceServer struct {
|
|
}
|
|
|
|
func (UnimplementedManagementServiceServer) Login(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method Login not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) Sync(*EncryptedMessage, ManagementService_SyncServer) error {
|
|
return status.Errorf(codes.Unimplemented, "method Sync not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) GetServerKey(context.Context, *Empty) (*ServerKeyResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method GetServerKey not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) IsHealthy(context.Context, *Empty) (*Empty, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method IsHealthy not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) GetDeviceAuthorizationFlow(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method GetDeviceAuthorizationFlow not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) GetPKCEAuthorizationFlow(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method GetPKCEAuthorizationFlow not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) SyncMeta(context.Context, *EncryptedMessage) (*Empty, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method SyncMeta not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) Logout(context.Context, *EncryptedMessage) (*Empty, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method Logout not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) Job(ManagementService_JobServer) error {
|
|
return status.Errorf(codes.Unimplemented, "method Job not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) ExtendAuthSession(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method ExtendAuthSession not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) CreateExpose(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method CreateExpose not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) RenewExpose(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method RenewExpose not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) StopExpose(context.Context, *EncryptedMessage) (*EncryptedMessage, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method StopExpose not implemented")
|
|
}
|
|
func (UnimplementedManagementServiceServer) mustEmbedUnimplementedManagementServiceServer() {}
|
|
|
|
// UnsafeManagementServiceServer may be embedded to opt out of forward compatibility for this service.
|
|
// Use of this interface is not recommended, as added methods to ManagementServiceServer will
|
|
// result in compilation errors.
|
|
type UnsafeManagementServiceServer interface {
|
|
mustEmbedUnimplementedManagementServiceServer()
|
|
}
|
|
|
|
func RegisterManagementServiceServer(s grpc.ServiceRegistrar, srv ManagementServiceServer) {
|
|
s.RegisterService(&ManagementService_ServiceDesc, srv)
|
|
}
|
|
|
|
func _ManagementService_Login_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).Login(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/Login",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).Login(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_Sync_Handler(srv interface{}, stream grpc.ServerStream) error {
|
|
m := new(EncryptedMessage)
|
|
if err := stream.RecvMsg(m); err != nil {
|
|
return err
|
|
}
|
|
return srv.(ManagementServiceServer).Sync(m, &managementServiceSyncServer{stream})
|
|
}
|
|
|
|
type ManagementService_SyncServer interface {
|
|
Send(*EncryptedMessage) error
|
|
grpc.ServerStream
|
|
}
|
|
|
|
type managementServiceSyncServer struct {
|
|
grpc.ServerStream
|
|
}
|
|
|
|
func (x *managementServiceSyncServer) Send(m *EncryptedMessage) error {
|
|
return x.ServerStream.SendMsg(m)
|
|
}
|
|
|
|
func _ManagementService_GetServerKey_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(Empty)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).GetServerKey(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/GetServerKey",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).GetServerKey(ctx, req.(*Empty))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_IsHealthy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(Empty)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).IsHealthy(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/isHealthy",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).IsHealthy(ctx, req.(*Empty))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_GetDeviceAuthorizationFlow_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).GetDeviceAuthorizationFlow(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/GetDeviceAuthorizationFlow",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).GetDeviceAuthorizationFlow(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_GetPKCEAuthorizationFlow_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).GetPKCEAuthorizationFlow(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/GetPKCEAuthorizationFlow",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).GetPKCEAuthorizationFlow(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_SyncMeta_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).SyncMeta(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/SyncMeta",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).SyncMeta(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_Logout_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).Logout(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/Logout",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).Logout(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_Job_Handler(srv interface{}, stream grpc.ServerStream) error {
|
|
return srv.(ManagementServiceServer).Job(&managementServiceJobServer{stream})
|
|
}
|
|
|
|
type ManagementService_JobServer interface {
|
|
Send(*EncryptedMessage) error
|
|
Recv() (*EncryptedMessage, error)
|
|
grpc.ServerStream
|
|
}
|
|
|
|
type managementServiceJobServer struct {
|
|
grpc.ServerStream
|
|
}
|
|
|
|
func (x *managementServiceJobServer) Send(m *EncryptedMessage) error {
|
|
return x.ServerStream.SendMsg(m)
|
|
}
|
|
|
|
func (x *managementServiceJobServer) Recv() (*EncryptedMessage, error) {
|
|
m := new(EncryptedMessage)
|
|
if err := x.ServerStream.RecvMsg(m); err != nil {
|
|
return nil, err
|
|
}
|
|
return m, nil
|
|
}
|
|
|
|
func _ManagementService_ExtendAuthSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).ExtendAuthSession(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/ExtendAuthSession",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).ExtendAuthSession(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_CreateExpose_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).CreateExpose(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/CreateExpose",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).CreateExpose(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_RenewExpose_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).RenewExpose(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/RenewExpose",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).RenewExpose(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ManagementService_StopExpose_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(EncryptedMessage)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ManagementServiceServer).StopExpose(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ManagementService/StopExpose",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ManagementServiceServer).StopExpose(ctx, req.(*EncryptedMessage))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
// ManagementService_ServiceDesc is the grpc.ServiceDesc for ManagementService service.
|
|
// It's only intended for direct use with grpc.RegisterService,
|
|
// and not to be introspected or modified (even as a copy)
|
|
var ManagementService_ServiceDesc = grpc.ServiceDesc{
|
|
ServiceName: "management.ManagementService",
|
|
HandlerType: (*ManagementServiceServer)(nil),
|
|
Methods: []grpc.MethodDesc{
|
|
{
|
|
MethodName: "Login",
|
|
Handler: _ManagementService_Login_Handler,
|
|
},
|
|
{
|
|
MethodName: "GetServerKey",
|
|
Handler: _ManagementService_GetServerKey_Handler,
|
|
},
|
|
{
|
|
MethodName: "isHealthy",
|
|
Handler: _ManagementService_IsHealthy_Handler,
|
|
},
|
|
{
|
|
MethodName: "GetDeviceAuthorizationFlow",
|
|
Handler: _ManagementService_GetDeviceAuthorizationFlow_Handler,
|
|
},
|
|
{
|
|
MethodName: "GetPKCEAuthorizationFlow",
|
|
Handler: _ManagementService_GetPKCEAuthorizationFlow_Handler,
|
|
},
|
|
{
|
|
MethodName: "SyncMeta",
|
|
Handler: _ManagementService_SyncMeta_Handler,
|
|
},
|
|
{
|
|
MethodName: "Logout",
|
|
Handler: _ManagementService_Logout_Handler,
|
|
},
|
|
{
|
|
MethodName: "ExtendAuthSession",
|
|
Handler: _ManagementService_ExtendAuthSession_Handler,
|
|
},
|
|
{
|
|
MethodName: "CreateExpose",
|
|
Handler: _ManagementService_CreateExpose_Handler,
|
|
},
|
|
{
|
|
MethodName: "RenewExpose",
|
|
Handler: _ManagementService_RenewExpose_Handler,
|
|
},
|
|
{
|
|
MethodName: "StopExpose",
|
|
Handler: _ManagementService_StopExpose_Handler,
|
|
},
|
|
},
|
|
Streams: []grpc.StreamDesc{
|
|
{
|
|
StreamName: "Sync",
|
|
Handler: _ManagementService_Sync_Handler,
|
|
ServerStreams: true,
|
|
},
|
|
{
|
|
StreamName: "Job",
|
|
Handler: _ManagementService_Job_Handler,
|
|
ServerStreams: true,
|
|
ClientStreams: true,
|
|
},
|
|
},
|
|
Metadata: "management.proto",
|
|
}
|