@mochabug/adapt-plugin-builder
Version:
This encapsulate the building an bundling logic for mochabug adapt plugins
715 lines • 22.6 kB
TypeScript
import type { GenEnum, GenFile, GenMessage } from "@bufbuild/protobuf/codegenv1";
import type { File, FileJson } from "./file_pb";
import type { Message } from "@bufbuild/protobuf";
/**
* Describes the file mochabugapis/adapt/plugins/v1/oauth2_service.proto.
*/
export declare const file_mochabugapis_adapt_plugins_v1_oauth2_service: GenFile;
/**
* OAuth2 service configuration
*
* @generated from message mochabugapis.adapt.plugins.v1.Oauth2Definition
*/
export type Oauth2Definition = Message<"mochabugapis.adapt.plugins.v1.Oauth2Definition"> & {
/**
* The OAuth2 grant type to be used.
*
* @generated from field: mochabugapis.adapt.plugins.v1.Oauth2GrantType grant_type = 1;
*/
grantType: Oauth2GrantType;
/**
* The required scopes.
*
* @generated from field: repeated string scopes = 2;
*/
scopes: string[];
/**
* The client authentication method.
* REQUIRED when grant_type is:
* - OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE
* - OAUTH2_GRANT_TYPE_CLIENT_CREDENTIALS
*
* MUST NOT be set when grant_type is:
* - OAUTH2_GRANT_TYPE_JWT_BEARER
* - OAUTH2_GRANT_TYPE_SAML2_BEARER
*
* @generated from field: optional mochabugapis.adapt.plugins.v1.Oauth2AuthType auth_method = 3;
*/
authMethod?: Oauth2AuthType;
/**
* Algorithm used for signing assertions.
* REQUIRED when:
* - grant_type is OAUTH2_GRANT_TYPE_JWT_BEARER
* - grant_type is OAUTH2_GRANT_TYPE_SAML2_BEARER
* - auth_method is OAUTH2_AUTH_TYPE_PRIVATE_KEY_JWT
* - auth_method is OAUTH2_AUTH_TYPE_SAML2_BEARER
*
* MUST NOT be set otherwise.
*
* @generated from field: optional mochabugapis.adapt.plugins.v1.PrivateKeyAlg alg = 4;
*/
alg?: PrivateKeyAlg;
/**
* Client ID.
* This is required when used as plugin_oauth2, but not onto a vertex => oauth2
*
* @generated from field: optional string client_id = 5;
*/
clientId?: string;
/**
* The token endpoint URL.
*
* @generated from field: string token_endpoint = 6;
*/
tokenEndpoint: string;
/**
* Configuration specific to the Authorization Code grant type.
* REQUIRED when grant_type is OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE.
* MUST NOT be set otherwise.
*
* @generated from field: optional mochabugapis.adapt.plugins.v1.Oauth2Code code = 7;
*/
code?: Oauth2Code;
};
/**
* OAuth2 service configuration
*
* @generated from message mochabugapis.adapt.plugins.v1.Oauth2Definition
*/
export type Oauth2DefinitionJson = {
/**
* The OAuth2 grant type to be used.
*
* @generated from field: mochabugapis.adapt.plugins.v1.Oauth2GrantType grant_type = 1;
*/
grantType?: Oauth2GrantTypeJson;
/**
* The required scopes.
*
* @generated from field: repeated string scopes = 2;
*/
scopes?: string[];
/**
* The client authentication method.
* REQUIRED when grant_type is:
* - OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE
* - OAUTH2_GRANT_TYPE_CLIENT_CREDENTIALS
*
* MUST NOT be set when grant_type is:
* - OAUTH2_GRANT_TYPE_JWT_BEARER
* - OAUTH2_GRANT_TYPE_SAML2_BEARER
*
* @generated from field: optional mochabugapis.adapt.plugins.v1.Oauth2AuthType auth_method = 3;
*/
authMethod?: Oauth2AuthTypeJson;
/**
* Algorithm used for signing assertions.
* REQUIRED when:
* - grant_type is OAUTH2_GRANT_TYPE_JWT_BEARER
* - grant_type is OAUTH2_GRANT_TYPE_SAML2_BEARER
* - auth_method is OAUTH2_AUTH_TYPE_PRIVATE_KEY_JWT
* - auth_method is OAUTH2_AUTH_TYPE_SAML2_BEARER
*
* MUST NOT be set otherwise.
*
* @generated from field: optional mochabugapis.adapt.plugins.v1.PrivateKeyAlg alg = 4;
*/
alg?: PrivateKeyAlgJson;
/**
* Client ID.
* This is required when used as plugin_oauth2, but not onto a vertex => oauth2
*
* @generated from field: optional string client_id = 5;
*/
clientId?: string;
/**
* The token endpoint URL.
*
* @generated from field: string token_endpoint = 6;
*/
tokenEndpoint?: string;
/**
* Configuration specific to the Authorization Code grant type.
* REQUIRED when grant_type is OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE.
* MUST NOT be set otherwise.
*
* @generated from field: optional mochabugapis.adapt.plugins.v1.Oauth2Code code = 7;
*/
code?: Oauth2CodeJson;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.Oauth2Definition.
* Use `create(Oauth2DefinitionSchema)` to create a new message.
*/
export declare const Oauth2DefinitionSchema: GenMessage<Oauth2Definition, Oauth2DefinitionJson>;
/**
* The code grant type
* IMPORTANT: it has to be configured with refresh token in order to work correctly
* this is not needed for client credentials of course since we are owning the client
* WE ONLY SUPPORT OIDC since we need the sub claim to distinguish between different users
*
* @generated from message mochabugapis.adapt.plugins.v1.Oauth2Code
*/
export type Oauth2Code = Message<"mochabugapis.adapt.plugins.v1.Oauth2Code"> & {
/**
* The auth endpoint (i.e. where it gets redirected for login)
*
* @generated from field: string auth_endpoint = 1;
*/
authEndpoint: string;
/**
* We need to know the issuer in order to validate the token
*
* @generated from field: string issuer = 2;
*/
issuer: string;
/**
* We also need the JWKs endpoint to validate the token
*
* @generated from field: string jwks_uri = 3;
*/
jwksUri: string;
/**
* Additional parameters used for the oauth2 login endpoint
* Do not include state or nonce here since we're generating them
* in the backend. All params will be encoded in the URL
*
* @generated from field: map<string, string> additional_params = 4;
*/
additionalParams: {
[key: string]: string;
};
/**
* Whether or not to use the PKCE extension
*
* @generated from field: bool use_pkce = 5;
*/
usePkce: boolean;
};
/**
* The code grant type
* IMPORTANT: it has to be configured with refresh token in order to work correctly
* this is not needed for client credentials of course since we are owning the client
* WE ONLY SUPPORT OIDC since we need the sub claim to distinguish between different users
*
* @generated from message mochabugapis.adapt.plugins.v1.Oauth2Code
*/
export type Oauth2CodeJson = {
/**
* The auth endpoint (i.e. where it gets redirected for login)
*
* @generated from field: string auth_endpoint = 1;
*/
authEndpoint?: string;
/**
* We need to know the issuer in order to validate the token
*
* @generated from field: string issuer = 2;
*/
issuer?: string;
/**
* We also need the JWKs endpoint to validate the token
*
* @generated from field: string jwks_uri = 3;
*/
jwksUri?: string;
/**
* Additional parameters used for the oauth2 login endpoint
* Do not include state or nonce here since we're generating them
* in the backend. All params will be encoded in the URL
*
* @generated from field: map<string, string> additional_params = 4;
*/
additionalParams?: {
[key: string]: string;
};
/**
* Whether or not to use the PKCE extension
*
* @generated from field: bool use_pkce = 5;
*/
usePkce?: boolean;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.Oauth2Code.
* Use `create(Oauth2CodeSchema)` to create a new message.
*/
export declare const Oauth2CodeSchema: GenMessage<Oauth2Code, Oauth2CodeJson>;
/**
* The actual oauth2 config
*
* @generated from message mochabugapis.adapt.plugins.v1.Oauth2Config
*/
export type Oauth2Config = Message<"mochabugapis.adapt.plugins.v1.Oauth2Config"> & {
/**
* The client id, required for client credentials on vertices only
*
* @generated from field: optional string client_id = 1;
*/
clientId?: string;
/**
* The auth method is required to be set
*
* @generated from oneof mochabugapis.adapt.plugins.v1.Oauth2Config.auth_method
*/
authMethod: {
/**
* Use basic authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.BasicAuth basic_auth = 2;
*/
value: BasicAuth;
case: "basicAuth";
} | {
/**
* Use form authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.FormAuth form_auth = 3;
*/
value: FormAuth;
case: "formAuth";
} | {
/**
* Use private JWT authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.PrivateJWTAuth private_jwt_auth = 4;
*/
value: PrivateJWTAuth;
case: "privateJwtAuth";
} | {
/**
* Use mTLS authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.MTLSAuth mtls_auth = 5;
*/
value: MTLSAuth;
case: "mtlsAuth";
} | {
/**
* Use SAML bearer authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.SAMLAuth saml_auth = 6;
*/
value: SAMLAuth;
case: "samlAuth";
} | {
/**
* In case we have code flow with consent
*
* @generated from field: bool consent = 7;
*/
value: boolean;
case: "consent";
} | {
case: undefined;
value?: undefined;
};
};
/**
* The actual oauth2 config
*
* @generated from message mochabugapis.adapt.plugins.v1.Oauth2Config
*/
export type Oauth2ConfigJson = {
/**
* The client id, required for client credentials on vertices only
*
* @generated from field: optional string client_id = 1;
*/
clientId?: string;
/**
* Use basic authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.BasicAuth basic_auth = 2;
*/
basicAuth?: BasicAuthJson;
/**
* Use form authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.FormAuth form_auth = 3;
*/
formAuth?: FormAuthJson;
/**
* Use private JWT authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.PrivateJWTAuth private_jwt_auth = 4;
*/
privateJwtAuth?: PrivateJWTAuthJson;
/**
* Use mTLS authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.MTLSAuth mtls_auth = 5;
*/
mtlsAuth?: MTLSAuthJson;
/**
* Use SAML bearer authentication for the client
*
* @generated from field: mochabugapis.adapt.plugins.v1.SAMLAuth saml_auth = 6;
*/
samlAuth?: SAMLAuthJson;
/**
* In case we have code flow with consent
*
* @generated from field: bool consent = 7;
*/
consent?: boolean;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.Oauth2Config.
* Use `create(Oauth2ConfigSchema)` to create a new message.
*/
export declare const Oauth2ConfigSchema: GenMessage<Oauth2Config, Oauth2ConfigJson>;
/**
* Basic auth
*
* @generated from message mochabugapis.adapt.plugins.v1.BasicAuth
*/
export type BasicAuth = Message<"mochabugapis.adapt.plugins.v1.BasicAuth"> & {
/**
* The password
*
* @generated from field: string client_secret = 1;
*/
clientSecret: string;
};
/**
* Basic auth
*
* @generated from message mochabugapis.adapt.plugins.v1.BasicAuth
*/
export type BasicAuthJson = {
/**
* The password
*
* @generated from field: string client_secret = 1;
*/
clientSecret?: string;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.BasicAuth.
* Use `create(BasicAuthSchema)` to create a new message.
*/
export declare const BasicAuthSchema: GenMessage<BasicAuth, BasicAuthJson>;
/**
* Form auth
*
* @generated from message mochabugapis.adapt.plugins.v1.FormAuth
*/
export type FormAuth = Message<"mochabugapis.adapt.plugins.v1.FormAuth"> & {
/**
* The password
*
* @generated from field: string client_secret = 1;
*/
clientSecret: string;
};
/**
* Form auth
*
* @generated from message mochabugapis.adapt.plugins.v1.FormAuth
*/
export type FormAuthJson = {
/**
* The password
*
* @generated from field: string client_secret = 1;
*/
clientSecret?: string;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.FormAuth.
* Use `create(FormAuthSchema)` to create a new message.
*/
export declare const FormAuthSchema: GenMessage<FormAuth, FormAuthJson>;
/**
* Private JWT auth
*
* @generated from message mochabugapis.adapt.plugins.v1.PrivateJWTAuth
*/
export type PrivateJWTAuth = Message<"mochabugapis.adapt.plugins.v1.PrivateJWTAuth"> & {
/**
* The private key in PEM format
* The content of the file must be PEM format after decoding
* The content must contain a PRIVATE KEY block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File private_key = 1;
*/
privateKey?: File;
};
/**
* Private JWT auth
*
* @generated from message mochabugapis.adapt.plugins.v1.PrivateJWTAuth
*/
export type PrivateJWTAuthJson = {
/**
* The private key in PEM format
* The content of the file must be PEM format after decoding
* The content must contain a PRIVATE KEY block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File private_key = 1;
*/
privateKey?: FileJson;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.PrivateJWTAuth.
* Use `create(PrivateJWTAuthSchema)` to create a new message.
*/
export declare const PrivateJWTAuthSchema: GenMessage<PrivateJWTAuth, PrivateJWTAuthJson>;
/**
* mTLS auth
*
* @generated from message mochabugapis.adapt.plugins.v1.MTLSAuth
*/
export type MTLSAuth = Message<"mochabugapis.adapt.plugins.v1.MTLSAuth"> & {
/**
* The certificate in PEM format
* The content of the file must be PEM format after decoding
* If a certificate chain is presented. The server certificate must be the first one
*
* @generated from field: mochabugapis.adapt.plugins.v1.File certificate = 1;
*/
certificate?: File;
/**
* The private key in PEM format
* The content of the file must be PEM format after decoding
* The content must contain a PRIVATE KEY block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File private_key = 2;
*/
privateKey?: File;
/**
* The CA certificate in PEM format. Trusted server authority file
* The content of the file must be PEM format after decoding
* The content must contain a CERTIFICATE block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File ca_certificate = 3;
*/
caCertificate?: File;
};
/**
* mTLS auth
*
* @generated from message mochabugapis.adapt.plugins.v1.MTLSAuth
*/
export type MTLSAuthJson = {
/**
* The certificate in PEM format
* The content of the file must be PEM format after decoding
* If a certificate chain is presented. The server certificate must be the first one
*
* @generated from field: mochabugapis.adapt.plugins.v1.File certificate = 1;
*/
certificate?: FileJson;
/**
* The private key in PEM format
* The content of the file must be PEM format after decoding
* The content must contain a PRIVATE KEY block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File private_key = 2;
*/
privateKey?: FileJson;
/**
* The CA certificate in PEM format. Trusted server authority file
* The content of the file must be PEM format after decoding
* The content must contain a CERTIFICATE block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File ca_certificate = 3;
*/
caCertificate?: FileJson;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.MTLSAuth.
* Use `create(MTLSAuthSchema)` to create a new message.
*/
export declare const MTLSAuthSchema: GenMessage<MTLSAuth, MTLSAuthJson>;
/**
* SAML bearer auth
*
* @generated from message mochabugapis.adapt.plugins.v1.SAMLAuth
*/
export type SAMLAuth = Message<"mochabugapis.adapt.plugins.v1.SAMLAuth"> & {
/**
* The private key in PEM format
* The content of the file must be PEM format after decoding
* The content must contain a PRIVATE KEY block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File private_key = 1;
*/
privateKey?: File;
/**
* The certificate in PEM format
* The content of the file must be PEM format after decoding
* If a certificate chain is presented. The server certificate must be the first one
*
* @generated from field: mochabugapis.adapt.plugins.v1.File certificate = 2;
*/
certificate?: File;
};
/**
* SAML bearer auth
*
* @generated from message mochabugapis.adapt.plugins.v1.SAMLAuth
*/
export type SAMLAuthJson = {
/**
* The private key in PEM format
* The content of the file must be PEM format after decoding
* The content must contain a PRIVATE KEY block
*
* @generated from field: mochabugapis.adapt.plugins.v1.File private_key = 1;
*/
privateKey?: FileJson;
/**
* The certificate in PEM format
* The content of the file must be PEM format after decoding
* If a certificate chain is presented. The server certificate must be the first one
*
* @generated from field: mochabugapis.adapt.plugins.v1.File certificate = 2;
*/
certificate?: FileJson;
};
/**
* Describes the message mochabugapis.adapt.plugins.v1.SAMLAuth.
* Use `create(SAMLAuthSchema)` to create a new message.
*/
export declare const SAMLAuthSchema: GenMessage<SAMLAuth, SAMLAuthJson>;
/**
* The algorithm used for signing JWT or SAML assertions
*
* @generated from enum mochabugapis.adapt.plugins.v1.PrivateKeyAlg
*/
export declare enum PrivateKeyAlg {
/**
* Unknown algorithm (invalid)
*
* @generated from enum value: PRIVATE_KEY_ALG_UNSPECIFIED = 0;
*/
UNSPECIFIED = 0,
/**
* RS256 algorithm
*
* @generated from enum value: PRIVATE_KEY_ALG_RS256 = 1;
*/
RS256 = 1
}
/**
* The algorithm used for signing JWT or SAML assertions
*
* @generated from enum mochabugapis.adapt.plugins.v1.PrivateKeyAlg
*/
export type PrivateKeyAlgJson = "PRIVATE_KEY_ALG_UNSPECIFIED" | "PRIVATE_KEY_ALG_RS256";
/**
* Describes the enum mochabugapis.adapt.plugins.v1.PrivateKeyAlg.
*/
export declare const PrivateKeyAlgSchema: GenEnum<PrivateKeyAlg, PrivateKeyAlgJson>;
/**
* The OAuth2 grant type
*
* @generated from enum mochabugapis.adapt.plugins.v1.Oauth2GrantType
*/
export declare enum Oauth2GrantType {
/**
* Not specified (invalid)
*
* @generated from enum value: OAUTH2_GRANT_TYPE_UNSPECIFIED = 0;
*/
UNSPECIFIED = 0,
/**
* Authorization Code Grant
* grant_type=authorization_code
*
* @generated from enum value: OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE = 1;
*/
AUTHORIZATION_CODE = 1,
/**
* Client Credentials Grant
* grant_type=client_credentials
*
* @generated from enum value: OAUTH2_GRANT_TYPE_CLIENT_CREDENTIALS = 2;
*/
CLIENT_CREDENTIALS = 2,
/**
* JWT Bearer Assertion Grant
* grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
*
* @generated from enum value: OAUTH2_GRANT_TYPE_JWT_BEARER = 3;
*/
JWT_BEARER = 3,
/**
* SAML 2.0 Bearer Assertion Grant
* grant_type=urn:ietf:params:oauth:grant-type:saml2-bearer
*
* @generated from enum value: OAUTH2_GRANT_TYPE_SAML2_BEARER = 4;
*/
SAML2_BEARER = 4
}
/**
* The OAuth2 grant type
*
* @generated from enum mochabugapis.adapt.plugins.v1.Oauth2GrantType
*/
export type Oauth2GrantTypeJson = "OAUTH2_GRANT_TYPE_UNSPECIFIED" | "OAUTH2_GRANT_TYPE_AUTHORIZATION_CODE" | "OAUTH2_GRANT_TYPE_CLIENT_CREDENTIALS" | "OAUTH2_GRANT_TYPE_JWT_BEARER" | "OAUTH2_GRANT_TYPE_SAML2_BEARER";
/**
* Describes the enum mochabugapis.adapt.plugins.v1.Oauth2GrantType.
*/
export declare const Oauth2GrantTypeSchema: GenEnum<Oauth2GrantType, Oauth2GrantTypeJson>;
/**
* The OAuth2 client authentication method
*
* @generated from enum mochabugapis.adapt.plugins.v1.Oauth2AuthType
*/
export declare enum Oauth2AuthType {
/**
* Not specified (invalid)
*
* @generated from enum value: OAUTH2_AUTH_TYPE_UNSPECIFIED = 0;
*/
UNSPECIFIED = 0,
/**
* Basic Authentication (client ID and secret in Authorization header)
* client_secret_basic
*
* @generated from enum value: OAUTH2_AUTH_TYPE_BASIC = 1;
*/
BASIC = 1,
/**
* Form Authentication (client ID and secret in form body)
* client_secret_post
*
* @generated from enum value: OAUTH2_AUTH_TYPE_FORM = 2;
*/
FORM = 2,
/**
* Private Key JWT Authentication
* client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
*
* @generated from enum value: OAUTH2_AUTH_TYPE_PRIVATE_KEY_JWT = 3;
*/
PRIVATE_KEY_JWT = 3,
/**
* Mutual TLS Authentication
* tls_client_auth / self_signed_tls_client_auth
*
* @generated from enum value: OAUTH2_AUTH_TYPE_MTLS = 4;
*/
MTLS = 4,
/**
* SAML 2.0 Bearer Assertion for Client Authentication
* client_assertion_type=urn:ietf:params:oauth:client-assertion-type:saml2-bearer
*
* @generated from enum value: OAUTH2_AUTH_TYPE_SAML2_BEARER = 5;
*/
SAML2_BEARER = 5
}
/**
* The OAuth2 client authentication method
*
* @generated from enum mochabugapis.adapt.plugins.v1.Oauth2AuthType
*/
export type Oauth2AuthTypeJson = "OAUTH2_AUTH_TYPE_UNSPECIFIED" | "OAUTH2_AUTH_TYPE_BASIC" | "OAUTH2_AUTH_TYPE_FORM" | "OAUTH2_AUTH_TYPE_PRIVATE_KEY_JWT" | "OAUTH2_AUTH_TYPE_MTLS" | "OAUTH2_AUTH_TYPE_SAML2_BEARER";
/**
* Describes the enum mochabugapis.adapt.plugins.v1.Oauth2AuthType.
*/
export declare const Oauth2AuthTypeSchema: GenEnum<Oauth2AuthType, Oauth2AuthTypeJson>;
//# sourceMappingURL=oauth2_service_pb.d.ts.map