Created
February 5, 2021 18:17
-
-
Save micahhausler/6ec85b792a0aba76d8a2f1beb41d071f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
syntax = "proto3"; | |
import "github.com/gogo/protobuf/gogoproto/gogo.proto"; | |
import "google/protobuf/any.proto"; | |
package v1alpha1; | |
service TokenGeneratorService { | |
// Generate a token with the provided claims | |
rpc GenerateToken(GenerateTokenRequest) returns (GenerateTokenResponse) {} | |
// List all active public keys | |
rpc ListPublicKeys(ListPublicKeysRequest) returns (ListPublicKeysResponse) {} | |
} | |
message JWTClaims { | |
string issuer = 1 [(gogoproto.jsontag) = "iss"]; | |
string subject = 2 [(gogoproto.jsontag)="sub"]; | |
repeated string audience = 3 [(gogoproto.jsontag)="aud"]; | |
int64 expiry= 4 [(gogoproto.jsontag)="exp"]; | |
int64 not_before= 5 [(gogoproto.jsontag)="nbf"]; | |
int64 issued_at= 6 [(gogoproto.jsontag)="iat"]; | |
string id = 7 [(gogoproto.jsontag)="jti"]; | |
} | |
message PrivateClaims { | |
string claims_namespace = 1 [(gogoproto.jsontag)="claims_namespace"]; | |
// claims are the private kubernetes claims | |
google.protobuf.Any claims = 2 [(gogoproto.jsontag)="claims"]; | |
} | |
message GenerateTokenRequest { | |
// jwt_claims are the standard claims to put in a token | |
JWTClaims jwt_claims = 1; | |
// private_claims are the Kubernetes claims to put in a token | |
PrivateClaims private_claims = 2; | |
} | |
message GenerateTokenResponse { | |
// token is the signed token | |
string token = 1; | |
} | |
message PublicKey { | |
// public_key is a PEM encoded public key | |
bytes public_key = 1; | |
// certificate is a concatenated list of PEM encoded x509 certificates | |
bytes certificates = 2; | |
// key_id is the key's ID | |
string key_id = 3; | |
// algorithm states the algorithm the key uses | |
string algorithm = 4; | |
} | |
message ListPublicKeysRequest {} | |
message ListPublicKeysResponse { | |
// public_keys is a list of public verifying keys | |
repeated PublicKey public_keys = 2; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment