mirror of
https://github.com/netbirdio/netbird.git
synced 2026-07-17 20:19:55 +00:00
* [agent-network] Shared proto, OpenAPI schema, and generated types * [agent-network] Management: store, manager, synthesizer, policy engine, provider catalog, HTTP/gRPC API Adds the account-scoped agent-network module: provider/policy/budget CRUD and store, the reverse-proxy service synthesizer, policy selection + limit enforcement, the provider catalog (incl. Vertex AI and AWS Bedrock entries), and the management HTTP + proxy gRPC surfaces. * [management] Fix agent-network proxy-peer fan-out on affected-peer recompute The affected-peers resolver loaded only persisted reverse-proxy services, but agent-network services are synthesized on demand and never persisted. As a result the embedded proxy peer was never folded into the affected set when a client's group changed, so the proxy received no network-map update for a newly authorised client and rejected its handshake until a full resync (restart). loadProxyServices now merges the synthesized agent-network services (injected via a registration hook to avoid an import cycle), so proxy peers learn newly authorised clients immediately. * [proxy] Reverse-proxy middleware framework, chain, and request plumbing The per-target middleware chain (slots, dispatcher, mutation gate, metadata merger), body capture, access-log terminal sink, and the proxy wiring that builds + runs chains for synthesized agent-network services. * [proxy] LLM parsers, pricing, and builtin middlewares (OpenAI, Anthropic, Vertex AI, AWS Bedrock) Request/response parsers and SSE/event-stream metering, the embedded pricing table, and the builtin middleware set: request parser, router, policy limit-check/record, cost meter, guardrail, identity inject, response parser. Includes the path-routed providers — Google Vertex AI (keyfile:: service-account OAuth minting) and AWS Bedrock (bearer auth, invoke/converse/streaming, optional /bedrock prefix) — plus the Models allowlist and unmeterable-publisher deny. * [proxy] IPv6 in-place apply and TCP accept-loop hardening on netstack listeners * [agent-network] End-to-end test suite, module docs, and deployment preset * [agent-network] Fix codespell typos and exclude false positives - labelgen word pool: vermillion -> vermilion, racoon -> raccoon. - codespell ignore list: add flate (Go compress/flate package), recordin (a test-local identifier), and unparseable (a valid alternative spelling used consistently across identifiers + a metadata-value constant). * [management] Set LastSeen on injected proxy peer in realstack test (MySQL strict-mode) The injected embedded proxy peer had a PeerStatus with a zero LastSeen, which serializes to '0000-00-00' and is rejected by MySQL in strict mode (SQLite tolerates it). Set LastSeen to a valid time so SaveAccount succeeds on both engines. * [agent-network] Remove e2e shell-script suite from this branch The end-to-end shell scripts under scripts/e2e/ are maintained in a separate testing suite and are not part of this change set. * [agent-network] Polish module docs: remove internal review scaffolding, fix links, verify diagrams Strip PR-review framing, commit references, absolute paths, and stale internal references from the agent-network module docs; fix broken relative links; verify all diagrams against the current architecture. Remove the internal AI-reviewer prompt file. * [management] Refine session expiration handling to support 3-state encoding for SSO deadlines * [agent-network] Relocate agentnetwork package to internals/modules Move management/server/agentnetwork (and its catalog/, labelgen/, types/ subpackages) to management/internals/modules/agentnetwork, alongside the reverse-proxy module, and rewrite all importers. Pure relocation: package names, the synthesizer + affectedpeers registration hook, and store access (shared store.Store) are unchanged, so no import cycle is introduced (affectedpeers still depends only on the agentnetwork/types leaf). * [agent-network] Co-locate HTTP handlers in the module (RegisterEndpoints) Move the agent-network HTTP handlers from server/http/handlers/agentnetwork into the module at internals/modules/agentnetwork/handlers (package handlers) and rename the entrypoint AddEndpoints -> RegisterEndpoints, matching the reverse-proxy module convention. Wiring in http/handler.go updated accordingly.
570 lines
23 KiB
Go
570 lines
23 KiB
Go
// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
|
|
|
|
package proto
|
|
|
|
import (
|
|
context "context"
|
|
grpc "google.golang.org/grpc"
|
|
codes "google.golang.org/grpc/codes"
|
|
status "google.golang.org/grpc/status"
|
|
)
|
|
|
|
// This is a compile-time assertion to ensure that this generated file
|
|
// is compatible with the grpc package it is being compiled against.
|
|
// Requires gRPC-Go v1.32.0 or later.
|
|
const _ = grpc.SupportPackageIsVersion7
|
|
|
|
// ProxyServiceClient is the client API for ProxyService service.
|
|
//
|
|
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
|
type ProxyServiceClient interface {
|
|
GetMappingUpdate(ctx context.Context, in *GetMappingUpdateRequest, opts ...grpc.CallOption) (ProxyService_GetMappingUpdateClient, error)
|
|
// SyncMappings is a bidirectional stream that replaces GetMappingUpdate for
|
|
// new proxies. The proxy sends an initial SyncMappingsRequest to start the
|
|
// stream and then sends an ack after each batch is fully processed.
|
|
// Management waits for the ack before sending the next batch, providing
|
|
// application-level back-pressure during large initial syncs.
|
|
// Old proxies continue using GetMappingUpdate; old management servers
|
|
// return Unimplemented for this RPC and proxies fall back.
|
|
SyncMappings(ctx context.Context, opts ...grpc.CallOption) (ProxyService_SyncMappingsClient, error)
|
|
SendAccessLog(ctx context.Context, in *SendAccessLogRequest, opts ...grpc.CallOption) (*SendAccessLogResponse, error)
|
|
Authenticate(ctx context.Context, in *AuthenticateRequest, opts ...grpc.CallOption) (*AuthenticateResponse, error)
|
|
SendStatusUpdate(ctx context.Context, in *SendStatusUpdateRequest, opts ...grpc.CallOption) (*SendStatusUpdateResponse, error)
|
|
CreateProxyPeer(ctx context.Context, in *CreateProxyPeerRequest, opts ...grpc.CallOption) (*CreateProxyPeerResponse, error)
|
|
GetOIDCURL(ctx context.Context, in *GetOIDCURLRequest, opts ...grpc.CallOption) (*GetOIDCURLResponse, error)
|
|
// ValidateSession validates a session token and checks user access permissions.
|
|
// Called by the proxy after receiving a session token from OIDC callback.
|
|
ValidateSession(ctx context.Context, in *ValidateSessionRequest, opts ...grpc.CallOption) (*ValidateSessionResponse, error)
|
|
// ValidateTunnelPeer resolves an inbound peer by its WireGuard tunnel IP and
|
|
// checks the resolved user's access against the service's access_groups.
|
|
// Acts as a fast-path equivalent of OIDC for requests originating on the
|
|
// netbird mesh: when the source IP maps to a known peer in the calling
|
|
// account and that peer is in the service's access_groups, the proxy can
|
|
// issue a session cookie without redirecting through the OIDC flow.
|
|
// Mirrors ValidateSession's response shape.
|
|
ValidateTunnelPeer(ctx context.Context, in *ValidateTunnelPeerRequest, opts ...grpc.CallOption) (*ValidateTunnelPeerResponse, error)
|
|
// CheckLLMPolicyLimits is the pre-flight RPC the proxy calls before each
|
|
// LLM request. Management runs the per-policy headroom selection across
|
|
// every policy authorising the caller's user / groups for the resolved
|
|
// provider and returns the chosen attribution policy + group, or a deny
|
|
// when no applicable policy has headroom > 0.
|
|
CheckLLMPolicyLimits(ctx context.Context, in *CheckLLMPolicyLimitsRequest, opts ...grpc.CallOption) (*CheckLLMPolicyLimitsResponse, error)
|
|
// RecordLLMUsage is the post-flight RPC the proxy calls after the upstream
|
|
// returns. Increments the per-(dimension, window) counters for the
|
|
// attribution policy chosen by CheckLLMPolicyLimits.
|
|
RecordLLMUsage(ctx context.Context, in *RecordLLMUsageRequest, opts ...grpc.CallOption) (*RecordLLMUsageResponse, error)
|
|
}
|
|
|
|
type proxyServiceClient struct {
|
|
cc grpc.ClientConnInterface
|
|
}
|
|
|
|
func NewProxyServiceClient(cc grpc.ClientConnInterface) ProxyServiceClient {
|
|
return &proxyServiceClient{cc}
|
|
}
|
|
|
|
func (c *proxyServiceClient) GetMappingUpdate(ctx context.Context, in *GetMappingUpdateRequest, opts ...grpc.CallOption) (ProxyService_GetMappingUpdateClient, error) {
|
|
stream, err := c.cc.NewStream(ctx, &ProxyService_ServiceDesc.Streams[0], "/management.ProxyService/GetMappingUpdate", opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
x := &proxyServiceGetMappingUpdateClient{stream}
|
|
if err := x.ClientStream.SendMsg(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := x.ClientStream.CloseSend(); err != nil {
|
|
return nil, err
|
|
}
|
|
return x, nil
|
|
}
|
|
|
|
type ProxyService_GetMappingUpdateClient interface {
|
|
Recv() (*GetMappingUpdateResponse, error)
|
|
grpc.ClientStream
|
|
}
|
|
|
|
type proxyServiceGetMappingUpdateClient struct {
|
|
grpc.ClientStream
|
|
}
|
|
|
|
func (x *proxyServiceGetMappingUpdateClient) Recv() (*GetMappingUpdateResponse, error) {
|
|
m := new(GetMappingUpdateResponse)
|
|
if err := x.ClientStream.RecvMsg(m); err != nil {
|
|
return nil, err
|
|
}
|
|
return m, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) SyncMappings(ctx context.Context, opts ...grpc.CallOption) (ProxyService_SyncMappingsClient, error) {
|
|
stream, err := c.cc.NewStream(ctx, &ProxyService_ServiceDesc.Streams[1], "/management.ProxyService/SyncMappings", opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
x := &proxyServiceSyncMappingsClient{stream}
|
|
return x, nil
|
|
}
|
|
|
|
type ProxyService_SyncMappingsClient interface {
|
|
Send(*SyncMappingsRequest) error
|
|
Recv() (*SyncMappingsResponse, error)
|
|
grpc.ClientStream
|
|
}
|
|
|
|
type proxyServiceSyncMappingsClient struct {
|
|
grpc.ClientStream
|
|
}
|
|
|
|
func (x *proxyServiceSyncMappingsClient) Send(m *SyncMappingsRequest) error {
|
|
return x.ClientStream.SendMsg(m)
|
|
}
|
|
|
|
func (x *proxyServiceSyncMappingsClient) Recv() (*SyncMappingsResponse, error) {
|
|
m := new(SyncMappingsResponse)
|
|
if err := x.ClientStream.RecvMsg(m); err != nil {
|
|
return nil, err
|
|
}
|
|
return m, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) SendAccessLog(ctx context.Context, in *SendAccessLogRequest, opts ...grpc.CallOption) (*SendAccessLogResponse, error) {
|
|
out := new(SendAccessLogResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/SendAccessLog", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) Authenticate(ctx context.Context, in *AuthenticateRequest, opts ...grpc.CallOption) (*AuthenticateResponse, error) {
|
|
out := new(AuthenticateResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/Authenticate", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) SendStatusUpdate(ctx context.Context, in *SendStatusUpdateRequest, opts ...grpc.CallOption) (*SendStatusUpdateResponse, error) {
|
|
out := new(SendStatusUpdateResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/SendStatusUpdate", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) CreateProxyPeer(ctx context.Context, in *CreateProxyPeerRequest, opts ...grpc.CallOption) (*CreateProxyPeerResponse, error) {
|
|
out := new(CreateProxyPeerResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/CreateProxyPeer", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) GetOIDCURL(ctx context.Context, in *GetOIDCURLRequest, opts ...grpc.CallOption) (*GetOIDCURLResponse, error) {
|
|
out := new(GetOIDCURLResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/GetOIDCURL", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) ValidateSession(ctx context.Context, in *ValidateSessionRequest, opts ...grpc.CallOption) (*ValidateSessionResponse, error) {
|
|
out := new(ValidateSessionResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/ValidateSession", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) ValidateTunnelPeer(ctx context.Context, in *ValidateTunnelPeerRequest, opts ...grpc.CallOption) (*ValidateTunnelPeerResponse, error) {
|
|
out := new(ValidateTunnelPeerResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/ValidateTunnelPeer", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) CheckLLMPolicyLimits(ctx context.Context, in *CheckLLMPolicyLimitsRequest, opts ...grpc.CallOption) (*CheckLLMPolicyLimitsResponse, error) {
|
|
out := new(CheckLLMPolicyLimitsResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/CheckLLMPolicyLimits", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
func (c *proxyServiceClient) RecordLLMUsage(ctx context.Context, in *RecordLLMUsageRequest, opts ...grpc.CallOption) (*RecordLLMUsageResponse, error) {
|
|
out := new(RecordLLMUsageResponse)
|
|
err := c.cc.Invoke(ctx, "/management.ProxyService/RecordLLMUsage", in, out, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return out, nil
|
|
}
|
|
|
|
// ProxyServiceServer is the server API for ProxyService service.
|
|
// All implementations must embed UnimplementedProxyServiceServer
|
|
// for forward compatibility
|
|
type ProxyServiceServer interface {
|
|
GetMappingUpdate(*GetMappingUpdateRequest, ProxyService_GetMappingUpdateServer) error
|
|
// SyncMappings is a bidirectional stream that replaces GetMappingUpdate for
|
|
// new proxies. The proxy sends an initial SyncMappingsRequest to start the
|
|
// stream and then sends an ack after each batch is fully processed.
|
|
// Management waits for the ack before sending the next batch, providing
|
|
// application-level back-pressure during large initial syncs.
|
|
// Old proxies continue using GetMappingUpdate; old management servers
|
|
// return Unimplemented for this RPC and proxies fall back.
|
|
SyncMappings(ProxyService_SyncMappingsServer) error
|
|
SendAccessLog(context.Context, *SendAccessLogRequest) (*SendAccessLogResponse, error)
|
|
Authenticate(context.Context, *AuthenticateRequest) (*AuthenticateResponse, error)
|
|
SendStatusUpdate(context.Context, *SendStatusUpdateRequest) (*SendStatusUpdateResponse, error)
|
|
CreateProxyPeer(context.Context, *CreateProxyPeerRequest) (*CreateProxyPeerResponse, error)
|
|
GetOIDCURL(context.Context, *GetOIDCURLRequest) (*GetOIDCURLResponse, error)
|
|
// ValidateSession validates a session token and checks user access permissions.
|
|
// Called by the proxy after receiving a session token from OIDC callback.
|
|
ValidateSession(context.Context, *ValidateSessionRequest) (*ValidateSessionResponse, error)
|
|
// ValidateTunnelPeer resolves an inbound peer by its WireGuard tunnel IP and
|
|
// checks the resolved user's access against the service's access_groups.
|
|
// Acts as a fast-path equivalent of OIDC for requests originating on the
|
|
// netbird mesh: when the source IP maps to a known peer in the calling
|
|
// account and that peer is in the service's access_groups, the proxy can
|
|
// issue a session cookie without redirecting through the OIDC flow.
|
|
// Mirrors ValidateSession's response shape.
|
|
ValidateTunnelPeer(context.Context, *ValidateTunnelPeerRequest) (*ValidateTunnelPeerResponse, error)
|
|
// CheckLLMPolicyLimits is the pre-flight RPC the proxy calls before each
|
|
// LLM request. Management runs the per-policy headroom selection across
|
|
// every policy authorising the caller's user / groups for the resolved
|
|
// provider and returns the chosen attribution policy + group, or a deny
|
|
// when no applicable policy has headroom > 0.
|
|
CheckLLMPolicyLimits(context.Context, *CheckLLMPolicyLimitsRequest) (*CheckLLMPolicyLimitsResponse, error)
|
|
// RecordLLMUsage is the post-flight RPC the proxy calls after the upstream
|
|
// returns. Increments the per-(dimension, window) counters for the
|
|
// attribution policy chosen by CheckLLMPolicyLimits.
|
|
RecordLLMUsage(context.Context, *RecordLLMUsageRequest) (*RecordLLMUsageResponse, error)
|
|
mustEmbedUnimplementedProxyServiceServer()
|
|
}
|
|
|
|
// UnimplementedProxyServiceServer must be embedded to have forward compatible implementations.
|
|
type UnimplementedProxyServiceServer struct {
|
|
}
|
|
|
|
func (UnimplementedProxyServiceServer) GetMappingUpdate(*GetMappingUpdateRequest, ProxyService_GetMappingUpdateServer) error {
|
|
return status.Errorf(codes.Unimplemented, "method GetMappingUpdate not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) SyncMappings(ProxyService_SyncMappingsServer) error {
|
|
return status.Errorf(codes.Unimplemented, "method SyncMappings not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) SendAccessLog(context.Context, *SendAccessLogRequest) (*SendAccessLogResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method SendAccessLog not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) Authenticate(context.Context, *AuthenticateRequest) (*AuthenticateResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method Authenticate not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) SendStatusUpdate(context.Context, *SendStatusUpdateRequest) (*SendStatusUpdateResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method SendStatusUpdate not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) CreateProxyPeer(context.Context, *CreateProxyPeerRequest) (*CreateProxyPeerResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method CreateProxyPeer not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) GetOIDCURL(context.Context, *GetOIDCURLRequest) (*GetOIDCURLResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method GetOIDCURL not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) ValidateSession(context.Context, *ValidateSessionRequest) (*ValidateSessionResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method ValidateSession not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) ValidateTunnelPeer(context.Context, *ValidateTunnelPeerRequest) (*ValidateTunnelPeerResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method ValidateTunnelPeer not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) CheckLLMPolicyLimits(context.Context, *CheckLLMPolicyLimitsRequest) (*CheckLLMPolicyLimitsResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method CheckLLMPolicyLimits not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) RecordLLMUsage(context.Context, *RecordLLMUsageRequest) (*RecordLLMUsageResponse, error) {
|
|
return nil, status.Errorf(codes.Unimplemented, "method RecordLLMUsage not implemented")
|
|
}
|
|
func (UnimplementedProxyServiceServer) mustEmbedUnimplementedProxyServiceServer() {}
|
|
|
|
// UnsafeProxyServiceServer may be embedded to opt out of forward compatibility for this service.
|
|
// Use of this interface is not recommended, as added methods to ProxyServiceServer will
|
|
// result in compilation errors.
|
|
type UnsafeProxyServiceServer interface {
|
|
mustEmbedUnimplementedProxyServiceServer()
|
|
}
|
|
|
|
func RegisterProxyServiceServer(s grpc.ServiceRegistrar, srv ProxyServiceServer) {
|
|
s.RegisterService(&ProxyService_ServiceDesc, srv)
|
|
}
|
|
|
|
func _ProxyService_GetMappingUpdate_Handler(srv interface{}, stream grpc.ServerStream) error {
|
|
m := new(GetMappingUpdateRequest)
|
|
if err := stream.RecvMsg(m); err != nil {
|
|
return err
|
|
}
|
|
return srv.(ProxyServiceServer).GetMappingUpdate(m, &proxyServiceGetMappingUpdateServer{stream})
|
|
}
|
|
|
|
type ProxyService_GetMappingUpdateServer interface {
|
|
Send(*GetMappingUpdateResponse) error
|
|
grpc.ServerStream
|
|
}
|
|
|
|
type proxyServiceGetMappingUpdateServer struct {
|
|
grpc.ServerStream
|
|
}
|
|
|
|
func (x *proxyServiceGetMappingUpdateServer) Send(m *GetMappingUpdateResponse) error {
|
|
return x.ServerStream.SendMsg(m)
|
|
}
|
|
|
|
func _ProxyService_SyncMappings_Handler(srv interface{}, stream grpc.ServerStream) error {
|
|
return srv.(ProxyServiceServer).SyncMappings(&proxyServiceSyncMappingsServer{stream})
|
|
}
|
|
|
|
type ProxyService_SyncMappingsServer interface {
|
|
Send(*SyncMappingsResponse) error
|
|
Recv() (*SyncMappingsRequest, error)
|
|
grpc.ServerStream
|
|
}
|
|
|
|
type proxyServiceSyncMappingsServer struct {
|
|
grpc.ServerStream
|
|
}
|
|
|
|
func (x *proxyServiceSyncMappingsServer) Send(m *SyncMappingsResponse) error {
|
|
return x.ServerStream.SendMsg(m)
|
|
}
|
|
|
|
func (x *proxyServiceSyncMappingsServer) Recv() (*SyncMappingsRequest, error) {
|
|
m := new(SyncMappingsRequest)
|
|
if err := x.ServerStream.RecvMsg(m); err != nil {
|
|
return nil, err
|
|
}
|
|
return m, nil
|
|
}
|
|
|
|
func _ProxyService_SendAccessLog_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(SendAccessLogRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).SendAccessLog(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/SendAccessLog",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).SendAccessLog(ctx, req.(*SendAccessLogRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_Authenticate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(AuthenticateRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).Authenticate(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/Authenticate",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).Authenticate(ctx, req.(*AuthenticateRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_SendStatusUpdate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(SendStatusUpdateRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).SendStatusUpdate(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/SendStatusUpdate",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).SendStatusUpdate(ctx, req.(*SendStatusUpdateRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_CreateProxyPeer_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(CreateProxyPeerRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).CreateProxyPeer(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/CreateProxyPeer",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).CreateProxyPeer(ctx, req.(*CreateProxyPeerRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_GetOIDCURL_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(GetOIDCURLRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).GetOIDCURL(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/GetOIDCURL",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).GetOIDCURL(ctx, req.(*GetOIDCURLRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_ValidateSession_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(ValidateSessionRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).ValidateSession(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/ValidateSession",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).ValidateSession(ctx, req.(*ValidateSessionRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_ValidateTunnelPeer_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(ValidateTunnelPeerRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).ValidateTunnelPeer(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/ValidateTunnelPeer",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).ValidateTunnelPeer(ctx, req.(*ValidateTunnelPeerRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_CheckLLMPolicyLimits_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(CheckLLMPolicyLimitsRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).CheckLLMPolicyLimits(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/CheckLLMPolicyLimits",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).CheckLLMPolicyLimits(ctx, req.(*CheckLLMPolicyLimitsRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
func _ProxyService_RecordLLMUsage_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
|
in := new(RecordLLMUsageRequest)
|
|
if err := dec(in); err != nil {
|
|
return nil, err
|
|
}
|
|
if interceptor == nil {
|
|
return srv.(ProxyServiceServer).RecordLLMUsage(ctx, in)
|
|
}
|
|
info := &grpc.UnaryServerInfo{
|
|
Server: srv,
|
|
FullMethod: "/management.ProxyService/RecordLLMUsage",
|
|
}
|
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
|
return srv.(ProxyServiceServer).RecordLLMUsage(ctx, req.(*RecordLLMUsageRequest))
|
|
}
|
|
return interceptor(ctx, in, info, handler)
|
|
}
|
|
|
|
// ProxyService_ServiceDesc is the grpc.ServiceDesc for ProxyService service.
|
|
// It's only intended for direct use with grpc.RegisterService,
|
|
// and not to be introspected or modified (even as a copy)
|
|
var ProxyService_ServiceDesc = grpc.ServiceDesc{
|
|
ServiceName: "management.ProxyService",
|
|
HandlerType: (*ProxyServiceServer)(nil),
|
|
Methods: []grpc.MethodDesc{
|
|
{
|
|
MethodName: "SendAccessLog",
|
|
Handler: _ProxyService_SendAccessLog_Handler,
|
|
},
|
|
{
|
|
MethodName: "Authenticate",
|
|
Handler: _ProxyService_Authenticate_Handler,
|
|
},
|
|
{
|
|
MethodName: "SendStatusUpdate",
|
|
Handler: _ProxyService_SendStatusUpdate_Handler,
|
|
},
|
|
{
|
|
MethodName: "CreateProxyPeer",
|
|
Handler: _ProxyService_CreateProxyPeer_Handler,
|
|
},
|
|
{
|
|
MethodName: "GetOIDCURL",
|
|
Handler: _ProxyService_GetOIDCURL_Handler,
|
|
},
|
|
{
|
|
MethodName: "ValidateSession",
|
|
Handler: _ProxyService_ValidateSession_Handler,
|
|
},
|
|
{
|
|
MethodName: "ValidateTunnelPeer",
|
|
Handler: _ProxyService_ValidateTunnelPeer_Handler,
|
|
},
|
|
{
|
|
MethodName: "CheckLLMPolicyLimits",
|
|
Handler: _ProxyService_CheckLLMPolicyLimits_Handler,
|
|
},
|
|
{
|
|
MethodName: "RecordLLMUsage",
|
|
Handler: _ProxyService_RecordLLMUsage_Handler,
|
|
},
|
|
},
|
|
Streams: []grpc.StreamDesc{
|
|
{
|
|
StreamName: "GetMappingUpdate",
|
|
Handler: _ProxyService_GetMappingUpdate_Handler,
|
|
ServerStreams: true,
|
|
},
|
|
{
|
|
StreamName: "SyncMappings",
|
|
Handler: _ProxyService_SyncMappings_Handler,
|
|
ServerStreams: true,
|
|
ClientStreams: true,
|
|
},
|
|
},
|
|
Metadata: "proxy_service.proto",
|
|
}
|