Merge pull request 'feature/better-certservice' (#16) from feature/better-certservice into master
Reviewed-on: https://gitea.benny.dog/torjus/ezshare/pulls/16
This commit is contained in:
commit
570531ce0b
@ -394,3 +394,71 @@ func ActionClientChangePassword(c *cli.Context) error {
|
|||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func ActionClientCertList(c *cli.Context) error {
|
||||||
|
cfg, err := getConfig(c)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
addr := cfg.Client.DefaultServer
|
||||||
|
if c.IsSet("addr") {
|
||||||
|
addr = c.String("addr")
|
||||||
|
}
|
||||||
|
|
||||||
|
clientCreds, err := cfg.Client.Creds()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
conn, err := grpc.DialContext(c.Context, addr, grpc.WithTransportCredentials(clientCreds))
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer conn.Close()
|
||||||
|
|
||||||
|
client := pb.NewCertificateServiceClient(conn)
|
||||||
|
resp, err := client.ListCertificates(c.Context, &pb.Empty{})
|
||||||
|
if err != nil {
|
||||||
|
return cli.Exit(fmt.Sprintf("unable to list certificates: %s", err), 1)
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, info := range resp.Certificates {
|
||||||
|
fmt.Printf("%s - %s", info.Serial, info.OwnerUsername)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func ActionClientCertRevoke(c *cli.Context) error {
|
||||||
|
if c.Args().Len() < 1 {
|
||||||
|
return cli.Exit("need at least 1 argument", 1)
|
||||||
|
}
|
||||||
|
cfg, err := getConfig(c)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
addr := cfg.Client.DefaultServer
|
||||||
|
if c.IsSet("addr") {
|
||||||
|
addr = c.String("addr")
|
||||||
|
}
|
||||||
|
|
||||||
|
clientCreds, err := cfg.Client.Creds()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
conn, err := grpc.DialContext(c.Context, addr, grpc.WithTransportCredentials(clientCreds))
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer conn.Close()
|
||||||
|
|
||||||
|
client := pb.NewCertificateServiceClient(conn)
|
||||||
|
for _, serial := range c.Args().Slice() {
|
||||||
|
if _, err := client.RevokeCertificate(c.Context, &pb.RevokeCertificateRequest{Serial: serial}); err != nil {
|
||||||
|
fmt.Printf("Revoked %s\n", serial)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
@ -33,6 +33,7 @@ func ActionServe(c *cli.Context) error {
|
|||||||
serverLogger := logger.Named("SERV")
|
serverLogger := logger.Named("SERV")
|
||||||
authLogger := logger.Named("AUTH")
|
authLogger := logger.Named("AUTH")
|
||||||
httpLogger := logger.Named("HTTP")
|
httpLogger := logger.Named("HTTP")
|
||||||
|
certLogger := logger.Named("CERT")
|
||||||
|
|
||||||
// Read certificates
|
// Read certificates
|
||||||
srvCertBytes, err := cfg.Server.GRPC.Certs.GetCertBytes()
|
srvCertBytes, err := cfg.Server.GRPC.Certs.GetCertBytes()
|
||||||
@ -108,6 +109,10 @@ func ActionServe(c *cli.Context) error {
|
|||||||
grpcFileServer.Hostname = c.String("hostname")
|
grpcFileServer.Hostname = c.String("hostname")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Setup cert-service
|
||||||
|
certServiceServer := server.NewCertServiceServer(certSvc, certStore, userStore)
|
||||||
|
certServiceServer.Logger = certLogger
|
||||||
|
|
||||||
// Setup user-service
|
// Setup user-service
|
||||||
grpcUserServer := server.NewGRPCUserServiceServer(userStore, certSvc)
|
grpcUserServer := server.NewGRPCUserServiceServer(userStore, certSvc)
|
||||||
grpcUserServer.Logger = logger.Named("USER")
|
grpcUserServer.Logger = logger.Named("USER")
|
||||||
@ -136,10 +141,11 @@ func ActionServe(c *cli.Context) error {
|
|||||||
|
|
||||||
grpcServer := grpc.NewServer(
|
grpcServer := grpc.NewServer(
|
||||||
grpc.Creds(creds),
|
grpc.Creds(creds),
|
||||||
grpc.ChainUnaryInterceptor(interceptors.NewAuthInterceptor(userStore, authLogger)),
|
grpc.ChainUnaryInterceptor(interceptors.NewAuthInterceptor(userStore, certSvc, authLogger)),
|
||||||
)
|
)
|
||||||
pb.RegisterFileServiceServer(grpcServer, grpcFileServer)
|
pb.RegisterFileServiceServer(grpcServer, grpcFileServer)
|
||||||
pb.RegisterUserServiceServer(grpcServer, grpcUserServer)
|
pb.RegisterUserServiceServer(grpcServer, grpcUserServer)
|
||||||
|
pb.RegisterCertificateServiceServer(grpcServer, certServiceServer)
|
||||||
|
|
||||||
// wait for cancel
|
// wait for cancel
|
||||||
go func() {
|
go func() {
|
||||||
|
@ -10,9 +10,10 @@ import (
|
|||||||
"crypto/x509/pkix"
|
"crypto/x509/pkix"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
"fmt"
|
"fmt"
|
||||||
"gitea.benny.dog/torjus/ezshare/store"
|
|
||||||
"math/big"
|
"math/big"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"gitea.benny.dog/torjus/ezshare/store"
|
||||||
)
|
)
|
||||||
|
|
||||||
type CertService struct {
|
type CertService struct {
|
||||||
@ -58,7 +59,7 @@ func NewCertService(s store.CertificateStore, certBytes, keyBytes []byte) (*Cert
|
|||||||
|
|
||||||
func (cs *CertService) NewClient(id string) ([]byte, []byte, error) {
|
func (cs *CertService) NewClient(id string) ([]byte, []byte, error) {
|
||||||
cert := &x509.Certificate{
|
cert := &x509.Certificate{
|
||||||
SerialNumber: big.NewInt(time.Now().Unix()),
|
SerialNumber: big.NewInt(time.Now().UnixMilli()),
|
||||||
Subject: pkix.Name{
|
Subject: pkix.Name{
|
||||||
CommonName: id,
|
CommonName: id,
|
||||||
Organization: []string{"ezshare"},
|
Organization: []string{"ezshare"},
|
||||||
@ -66,8 +67,7 @@ func (cs *CertService) NewClient(id string) ([]byte, []byte, error) {
|
|||||||
Locality: []string{"Oslo"},
|
Locality: []string{"Oslo"},
|
||||||
},
|
},
|
||||||
NotBefore: time.Now(),
|
NotBefore: time.Now(),
|
||||||
NotAfter: time.Now().AddDate(10, 0, 0),
|
NotAfter: time.Now().AddDate(0, 0, 30),
|
||||||
SubjectKeyId: []byte{1, 2, 3, 4, 6},
|
|
||||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
|
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
|
||||||
KeyUsage: x509.KeyUsageDigitalSignature,
|
KeyUsage: x509.KeyUsageDigitalSignature,
|
||||||
}
|
}
|
||||||
@ -101,6 +101,15 @@ func (cs *CertService) NewClient(id string) ([]byte, []byte, error) {
|
|||||||
return nil, nil, fmt.Errorf("unable to encode client private key: %w", err)
|
return nil, nil, fmt.Errorf("unable to encode client private key: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
signed, err := x509.ParseCertificate(certBytes)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := cs.store.StoreCertificate(signed); err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
|
||||||
return certPEM.Bytes(), keyPEM.Bytes(), nil
|
return certPEM.Bytes(), keyPEM.Bytes(), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -129,5 +138,13 @@ func (cs *CertService) VerifyClient(certBytes []byte) (string, error) {
|
|||||||
return "", fmt.Errorf("unable to verify: %w", err)
|
return "", fmt.Errorf("unable to verify: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
revoked, err := cs.store.IsRevoked(cert.SerialNumber.String())
|
||||||
|
if err != nil {
|
||||||
|
return "", fmt.Errorf("unable to check if revoked: %w", err)
|
||||||
|
}
|
||||||
|
if revoked {
|
||||||
|
return "", fmt.Errorf("certificate is revoked")
|
||||||
|
}
|
||||||
|
|
||||||
return cert.Subject.CommonName, nil
|
return cert.Subject.CommonName, nil
|
||||||
}
|
}
|
||||||
|
17
main.go
17
main.go
@ -114,6 +114,23 @@ func main() {
|
|||||||
Usage: "Initialize default config",
|
Usage: "Initialize default config",
|
||||||
Action: actions.ActionInitConfig,
|
Action: actions.ActionInitConfig,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
Name: "cert",
|
||||||
|
Usage: "Certificate-related commands",
|
||||||
|
Subcommands: []*cli.Command{
|
||||||
|
{
|
||||||
|
Name: "list",
|
||||||
|
Usage: "List certificates",
|
||||||
|
Action: actions.ActionClientCertList,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "revoke",
|
||||||
|
Usage: "Revoke certificate(s)",
|
||||||
|
ArgsUsage: "SERIAL [SERIAL...]",
|
||||||
|
Action: actions.ActionClientCertRevoke,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
399
pb/ezshare.pb.go
399
pb/ezshare.pb.go
@ -1064,6 +1064,102 @@ func (x *ChangePasswordRequest) GetNewPassword() string {
|
|||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// List
|
||||||
|
type ListCertificatesResponse struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
|
Certificates []*ListCertificatesResponse_CertificateInfo `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse) Reset() {
|
||||||
|
*x = ListCertificatesResponse{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_protos_ezshare_proto_msgTypes[19]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*ListCertificatesResponse) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_protos_ezshare_proto_msgTypes[19]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use ListCertificatesResponse.ProtoReflect.Descriptor instead.
|
||||||
|
func (*ListCertificatesResponse) Descriptor() ([]byte, []int) {
|
||||||
|
return file_protos_ezshare_proto_rawDescGZIP(), []int{19}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse) GetCertificates() []*ListCertificatesResponse_CertificateInfo {
|
||||||
|
if x != nil {
|
||||||
|
return x.Certificates
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Revoke
|
||||||
|
type RevokeCertificateRequest struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
|
Serial string `protobuf:"bytes,1,opt,name=serial,proto3" json:"serial,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *RevokeCertificateRequest) Reset() {
|
||||||
|
*x = RevokeCertificateRequest{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_protos_ezshare_proto_msgTypes[20]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *RevokeCertificateRequest) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*RevokeCertificateRequest) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *RevokeCertificateRequest) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_protos_ezshare_proto_msgTypes[20]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use RevokeCertificateRequest.ProtoReflect.Descriptor instead.
|
||||||
|
func (*RevokeCertificateRequest) Descriptor() ([]byte, []int) {
|
||||||
|
return file_protos_ezshare_proto_rawDescGZIP(), []int{20}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *RevokeCertificateRequest) GetSerial() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Serial
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
type File_Metadata struct {
|
type File_Metadata struct {
|
||||||
state protoimpl.MessageState
|
state protoimpl.MessageState
|
||||||
sizeCache protoimpl.SizeCache
|
sizeCache protoimpl.SizeCache
|
||||||
@ -1077,7 +1173,7 @@ type File_Metadata struct {
|
|||||||
func (x *File_Metadata) Reset() {
|
func (x *File_Metadata) Reset() {
|
||||||
*x = File_Metadata{}
|
*x = File_Metadata{}
|
||||||
if protoimpl.UnsafeEnabled {
|
if protoimpl.UnsafeEnabled {
|
||||||
mi := &file_protos_ezshare_proto_msgTypes[19]
|
mi := &file_protos_ezshare_proto_msgTypes[21]
|
||||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
ms.StoreMessageInfo(mi)
|
ms.StoreMessageInfo(mi)
|
||||||
}
|
}
|
||||||
@ -1090,7 +1186,7 @@ func (x *File_Metadata) String() string {
|
|||||||
func (*File_Metadata) ProtoMessage() {}
|
func (*File_Metadata) ProtoMessage() {}
|
||||||
|
|
||||||
func (x *File_Metadata) ProtoReflect() protoreflect.Message {
|
func (x *File_Metadata) ProtoReflect() protoreflect.Message {
|
||||||
mi := &file_protos_ezshare_proto_msgTypes[19]
|
mi := &file_protos_ezshare_proto_msgTypes[21]
|
||||||
if protoimpl.UnsafeEnabled && x != nil {
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
if ms.LoadMessageInfo() == nil {
|
if ms.LoadMessageInfo() == nil {
|
||||||
@ -1139,7 +1235,7 @@ type ListFilesResponse_ListFileInfo struct {
|
|||||||
func (x *ListFilesResponse_ListFileInfo) Reset() {
|
func (x *ListFilesResponse_ListFileInfo) Reset() {
|
||||||
*x = ListFilesResponse_ListFileInfo{}
|
*x = ListFilesResponse_ListFileInfo{}
|
||||||
if protoimpl.UnsafeEnabled {
|
if protoimpl.UnsafeEnabled {
|
||||||
mi := &file_protos_ezshare_proto_msgTypes[20]
|
mi := &file_protos_ezshare_proto_msgTypes[22]
|
||||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
ms.StoreMessageInfo(mi)
|
ms.StoreMessageInfo(mi)
|
||||||
}
|
}
|
||||||
@ -1152,7 +1248,7 @@ func (x *ListFilesResponse_ListFileInfo) String() string {
|
|||||||
func (*ListFilesResponse_ListFileInfo) ProtoMessage() {}
|
func (*ListFilesResponse_ListFileInfo) ProtoMessage() {}
|
||||||
|
|
||||||
func (x *ListFilesResponse_ListFileInfo) ProtoReflect() protoreflect.Message {
|
func (x *ListFilesResponse_ListFileInfo) ProtoReflect() protoreflect.Message {
|
||||||
mi := &file_protos_ezshare_proto_msgTypes[20]
|
mi := &file_protos_ezshare_proto_msgTypes[22]
|
||||||
if protoimpl.UnsafeEnabled && x != nil {
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
if ms.LoadMessageInfo() == nil {
|
if ms.LoadMessageInfo() == nil {
|
||||||
@ -1182,6 +1278,69 @@ func (x *ListFilesResponse_ListFileInfo) GetMetadata() *File_Metadata {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type ListCertificatesResponse_CertificateInfo struct {
|
||||||
|
state protoimpl.MessageState
|
||||||
|
sizeCache protoimpl.SizeCache
|
||||||
|
unknownFields protoimpl.UnknownFields
|
||||||
|
|
||||||
|
Serial string `protobuf:"bytes,1,opt,name=serial,proto3" json:"serial,omitempty"`
|
||||||
|
OwnerId string `protobuf:"bytes,2,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
|
||||||
|
OwnerUsername string `protobuf:"bytes,3,opt,name=owner_username,json=ownerUsername,proto3" json:"owner_username,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse_CertificateInfo) Reset() {
|
||||||
|
*x = ListCertificatesResponse_CertificateInfo{}
|
||||||
|
if protoimpl.UnsafeEnabled {
|
||||||
|
mi := &file_protos_ezshare_proto_msgTypes[23]
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse_CertificateInfo) String() string {
|
||||||
|
return protoimpl.X.MessageStringOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (*ListCertificatesResponse_CertificateInfo) ProtoMessage() {}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse_CertificateInfo) ProtoReflect() protoreflect.Message {
|
||||||
|
mi := &file_protos_ezshare_proto_msgTypes[23]
|
||||||
|
if protoimpl.UnsafeEnabled && x != nil {
|
||||||
|
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||||
|
if ms.LoadMessageInfo() == nil {
|
||||||
|
ms.StoreMessageInfo(mi)
|
||||||
|
}
|
||||||
|
return ms
|
||||||
|
}
|
||||||
|
return mi.MessageOf(x)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Deprecated: Use ListCertificatesResponse_CertificateInfo.ProtoReflect.Descriptor instead.
|
||||||
|
func (*ListCertificatesResponse_CertificateInfo) Descriptor() ([]byte, []int) {
|
||||||
|
return file_protos_ezshare_proto_rawDescGZIP(), []int{19, 0}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse_CertificateInfo) GetSerial() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.Serial
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse_CertificateInfo) GetOwnerId() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.OwnerId
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
func (x *ListCertificatesResponse_CertificateInfo) GetOwnerUsername() string {
|
||||||
|
if x != nil {
|
||||||
|
return x.OwnerUsername
|
||||||
|
}
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
var File_protos_ezshare_proto protoreflect.FileDescriptor
|
var File_protos_ezshare_proto protoreflect.FileDescriptor
|
||||||
|
|
||||||
var file_protos_ezshare_proto_rawDesc = []byte{
|
var file_protos_ezshare_proto_rawDesc = []byte{
|
||||||
@ -1289,50 +1448,78 @@ var file_protos_ezshare_proto_rawDesc = []byte{
|
|||||||
0x77, 0x6f, 0x72, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6f, 0x6c, 0x64, 0x50,
|
0x77, 0x6f, 0x72, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6f, 0x6c, 0x64, 0x50,
|
||||||
0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x6e, 0x65, 0x77, 0x5f, 0x70,
|
0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x21, 0x0a, 0x0c, 0x6e, 0x65, 0x77, 0x5f, 0x70,
|
||||||
0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6e,
|
0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6e,
|
||||||
0x65, 0x77, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x32, 0xa5, 0x02, 0x0a, 0x0b, 0x46,
|
0x65, 0x77, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x22, 0xde, 0x01, 0x0a, 0x18, 0x4c,
|
||||||
0x69, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x47, 0x0a, 0x0a, 0x55, 0x70,
|
0x69, 0x73, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x52,
|
||||||
0x6c, 0x6f, 0x61, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61,
|
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x55, 0x0a, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69,
|
||||||
0x72, 0x65, 0x2e, 0x55, 0x70, 0x6c, 0x6f, 0x61, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71,
|
0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x31, 0x2e,
|
||||||
0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x55,
|
0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x65, 0x72, 0x74,
|
||||||
0x70, 0x6c, 0x6f, 0x61, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
|
0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
||||||
0x65, 0x22, 0x00, 0x12, 0x3e, 0x0a, 0x07, 0x47, 0x65, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x17,
|
0x2e, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x66, 0x6f,
|
||||||
0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x46, 0x69, 0x6c, 0x65,
|
0x52, 0x0c, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x1a, 0x6b,
|
||||||
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x18, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72,
|
0x0a, 0x0f, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x49, 0x6e, 0x66,
|
||||||
0x65, 0x2e, 0x47, 0x65, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
|
0x6f, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28,
|
||||||
0x65, 0x22, 0x00, 0x12, 0x47, 0x0a, 0x0a, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x46, 0x69, 0x6c,
|
0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x19, 0x0a, 0x08, 0x6f, 0x77, 0x6e,
|
||||||
0x65, 0x12, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x44, 0x65, 0x6c, 0x65,
|
0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6f, 0x77, 0x6e,
|
||||||
0x74, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e,
|
0x65, 0x72, 0x49, 0x64, 0x12, 0x25, 0x0a, 0x0e, 0x6f, 0x77, 0x6e, 0x65, 0x72, 0x5f, 0x75, 0x73,
|
||||||
0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x46, 0x69,
|
0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x6f, 0x77,
|
||||||
0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x44, 0x0a, 0x09,
|
0x6e, 0x65, 0x72, 0x55, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x22, 0x32, 0x0a, 0x18, 0x52,
|
||||||
0x4c, 0x69, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x19, 0x2e, 0x65, 0x7a, 0x73, 0x68,
|
0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65,
|
||||||
0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x71,
|
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61,
|
||||||
0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c,
|
0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x32,
|
||||||
0x69, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
0xa5, 0x02, 0x0a, 0x0b, 0x46, 0x69, 0x6c, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12,
|
||||||
0x22, 0x00, 0x32, 0xd9, 0x02, 0x0a, 0x0b, 0x55, 0x73, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69,
|
0x47, 0x0a, 0x0a, 0x55, 0x70, 0x6c, 0x6f, 0x61, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x1a, 0x2e,
|
||||||
0x63, 0x65, 0x12, 0x49, 0x0a, 0x08, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x12, 0x1c,
|
0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x55, 0x70, 0x6c, 0x6f, 0x61, 0x64, 0x46, 0x69,
|
||||||
0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65,
|
0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x65, 0x7a, 0x73, 0x68,
|
||||||
0x72, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1d, 0x2e, 0x65,
|
0x61, 0x72, 0x65, 0x2e, 0x55, 0x70, 0x6c, 0x6f, 0x61, 0x64, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65,
|
||||||
0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x55,
|
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x3e, 0x0a, 0x07, 0x47, 0x65, 0x74, 0x46,
|
||||||
0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x40, 0x0a,
|
0x69, 0x6c, 0x65, 0x12, 0x17, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x47, 0x65,
|
||||||
0x05, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x19, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65,
|
0x74, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x18, 0x2e, 0x65,
|
||||||
0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x47, 0x65, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65,
|
||||||
0x74, 0x1a, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x6f, 0x67, 0x69,
|
0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x47, 0x0a, 0x0a, 0x44, 0x65, 0x6c, 0x65,
|
||||||
0x6e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12,
|
0x74, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65,
|
||||||
0x3f, 0x0a, 0x04, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x19, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72,
|
0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65,
|
||||||
0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65,
|
0x73, 0x74, 0x1a, 0x1b, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x44, 0x65, 0x6c,
|
||||||
0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73,
|
0x65, 0x74, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22,
|
||||||
0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00,
|
0x00, 0x12, 0x44, 0x0a, 0x09, 0x4c, 0x69, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x19,
|
||||||
0x12, 0x38, 0x0a, 0x07, 0x41, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x65, 0x12, 0x1b, 0x2e, 0x65, 0x7a,
|
0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x46, 0x69, 0x6c,
|
||||||
0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x65, 0x55, 0x73, 0x65,
|
0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68,
|
||||||
0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61,
|
0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x52, 0x65, 0x73,
|
||||||
0x72, 0x65, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x42, 0x0a, 0x0e, 0x43, 0x68,
|
0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x32, 0xd9, 0x02, 0x0a, 0x0b, 0x55, 0x73, 0x65, 0x72,
|
||||||
0x61, 0x6e, 0x67, 0x65, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x1e, 0x2e, 0x65,
|
0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x49, 0x0a, 0x08, 0x52, 0x65, 0x67, 0x69, 0x73,
|
||||||
0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x50, 0x61, 0x73,
|
0x74, 0x65, 0x72, 0x12, 0x1c, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x52, 0x65,
|
||||||
0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x65,
|
0x67, 0x69, 0x73, 0x74, 0x65, 0x72, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
||||||
0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x42, 0x23,
|
0x74, 0x1a, 0x1d, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, 0x69,
|
||||||
0x5a, 0x21, 0x67, 0x69, 0x74, 0x65, 0x61, 0x2e, 0x62, 0x65, 0x6e, 0x6e, 0x79, 0x2e, 0x64, 0x6f,
|
0x73, 0x74, 0x65, 0x72, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65,
|
||||||
0x67, 0x2f, 0x74, 0x6f, 0x72, 0x6a, 0x75, 0x73, 0x2f, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65,
|
0x22, 0x00, 0x12, 0x40, 0x0a, 0x05, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x12, 0x19, 0x2e, 0x65, 0x7a,
|
||||||
0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x55, 0x73, 0x65, 0x72, 0x52,
|
||||||
|
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65,
|
||||||
|
0x2e, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
||||||
|
0x73, 0x65, 0x22, 0x00, 0x12, 0x3f, 0x0a, 0x04, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x19, 0x2e, 0x65,
|
||||||
|
0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73,
|
||||||
|
0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72,
|
||||||
|
0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x55, 0x73, 0x65, 0x72, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f,
|
||||||
|
0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x38, 0x0a, 0x07, 0x41, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x65,
|
||||||
|
0x12, 0x1b, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x41, 0x70, 0x70, 0x72, 0x6f,
|
||||||
|
0x76, 0x65, 0x55, 0x73, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e,
|
||||||
|
0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12,
|
||||||
|
0x42, 0x0a, 0x0e, 0x43, 0x68, 0x61, 0x6e, 0x67, 0x65, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72,
|
||||||
|
0x64, 0x12, 0x1e, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x43, 0x68, 0x61, 0x6e,
|
||||||
|
0x67, 0x65, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
||||||
|
0x74, 0x1a, 0x0e, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x45, 0x6d, 0x70, 0x74,
|
||||||
|
0x79, 0x22, 0x00, 0x32, 0xa7, 0x01, 0x0a, 0x12, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63,
|
||||||
|
0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x47, 0x0a, 0x10, 0x4c, 0x69,
|
||||||
|
0x73, 0x74, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x12, 0x0e,
|
||||||
|
0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x21,
|
||||||
|
0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x4c, 0x69, 0x73, 0x74, 0x43, 0x65, 0x72,
|
||||||
|
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
|
||||||
|
0x65, 0x22, 0x00, 0x12, 0x48, 0x0a, 0x11, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72,
|
||||||
|
0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x21, 0x2e, 0x65, 0x7a, 0x73, 0x68, 0x61,
|
||||||
|
0x72, 0x65, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69,
|
||||||
|
0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x65, 0x7a,
|
||||||
|
0x73, 0x68, 0x61, 0x72, 0x65, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x42, 0x23, 0x5a,
|
||||||
|
0x21, 0x67, 0x69, 0x74, 0x65, 0x61, 0x2e, 0x62, 0x65, 0x6e, 0x6e, 0x79, 0x2e, 0x64, 0x6f, 0x67,
|
||||||
|
0x2f, 0x74, 0x6f, 0x72, 0x6a, 0x75, 0x73, 0x2f, 0x65, 0x7a, 0x73, 0x68, 0x61, 0x72, 0x65, 0x2f,
|
||||||
|
0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -1348,7 +1535,7 @@ func file_protos_ezshare_proto_rawDescGZIP() []byte {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var file_protos_ezshare_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
|
var file_protos_ezshare_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
|
||||||
var file_protos_ezshare_proto_msgTypes = make([]protoimpl.MessageInfo, 21)
|
var file_protos_ezshare_proto_msgTypes = make([]protoimpl.MessageInfo, 24)
|
||||||
var file_protos_ezshare_proto_goTypes = []interface{}{
|
var file_protos_ezshare_proto_goTypes = []interface{}{
|
||||||
(User_Role)(0), // 0: ezshare.User.Role
|
(User_Role)(0), // 0: ezshare.User.Role
|
||||||
(*Empty)(nil), // 1: ezshare.Empty
|
(*Empty)(nil), // 1: ezshare.Empty
|
||||||
@ -1370,43 +1557,51 @@ var file_protos_ezshare_proto_goTypes = []interface{}{
|
|||||||
(*ListUsersResponse)(nil), // 17: ezshare.ListUsersResponse
|
(*ListUsersResponse)(nil), // 17: ezshare.ListUsersResponse
|
||||||
(*ApproveUserRequest)(nil), // 18: ezshare.ApproveUserRequest
|
(*ApproveUserRequest)(nil), // 18: ezshare.ApproveUserRequest
|
||||||
(*ChangePasswordRequest)(nil), // 19: ezshare.ChangePasswordRequest
|
(*ChangePasswordRequest)(nil), // 19: ezshare.ChangePasswordRequest
|
||||||
(*File_Metadata)(nil), // 20: ezshare.File.Metadata
|
(*ListCertificatesResponse)(nil), // 20: ezshare.ListCertificatesResponse
|
||||||
(*ListFilesResponse_ListFileInfo)(nil), // 21: ezshare.ListFilesResponse.ListFileInfo
|
(*RevokeCertificateRequest)(nil), // 21: ezshare.RevokeCertificateRequest
|
||||||
(*timestamppb.Timestamp)(nil), // 22: google.protobuf.Timestamp
|
(*File_Metadata)(nil), // 22: ezshare.File.Metadata
|
||||||
|
(*ListFilesResponse_ListFileInfo)(nil), // 23: ezshare.ListFilesResponse.ListFileInfo
|
||||||
|
(*ListCertificatesResponse_CertificateInfo)(nil), // 24: ezshare.ListCertificatesResponse.CertificateInfo
|
||||||
|
(*timestamppb.Timestamp)(nil), // 25: google.protobuf.Timestamp
|
||||||
}
|
}
|
||||||
var file_protos_ezshare_proto_depIdxs = []int32{
|
var file_protos_ezshare_proto_depIdxs = []int32{
|
||||||
20, // 0: ezshare.File.metadata:type_name -> ezshare.File.Metadata
|
22, // 0: ezshare.File.metadata:type_name -> ezshare.File.Metadata
|
||||||
22, // 1: ezshare.UploadFileRequest.expires_on:type_name -> google.protobuf.Timestamp
|
25, // 1: ezshare.UploadFileRequest.expires_on:type_name -> google.protobuf.Timestamp
|
||||||
2, // 2: ezshare.GetFileResponse.file:type_name -> ezshare.File
|
2, // 2: ezshare.GetFileResponse.file:type_name -> ezshare.File
|
||||||
21, // 3: ezshare.ListFilesResponse.files:type_name -> ezshare.ListFilesResponse.ListFileInfo
|
23, // 3: ezshare.ListFilesResponse.files:type_name -> ezshare.ListFilesResponse.ListFileInfo
|
||||||
0, // 4: ezshare.User.user_role:type_name -> ezshare.User.Role
|
0, // 4: ezshare.User.user_role:type_name -> ezshare.User.Role
|
||||||
11, // 5: ezshare.ListUsersResponse.users:type_name -> ezshare.User
|
11, // 5: ezshare.ListUsersResponse.users:type_name -> ezshare.User
|
||||||
22, // 6: ezshare.File.Metadata.uploaded_on:type_name -> google.protobuf.Timestamp
|
24, // 6: ezshare.ListCertificatesResponse.certificates:type_name -> ezshare.ListCertificatesResponse.CertificateInfo
|
||||||
22, // 7: ezshare.File.Metadata.expires_on:type_name -> google.protobuf.Timestamp
|
25, // 7: ezshare.File.Metadata.uploaded_on:type_name -> google.protobuf.Timestamp
|
||||||
20, // 8: ezshare.ListFilesResponse.ListFileInfo.metadata:type_name -> ezshare.File.Metadata
|
25, // 8: ezshare.File.Metadata.expires_on:type_name -> google.protobuf.Timestamp
|
||||||
3, // 9: ezshare.FileService.UploadFile:input_type -> ezshare.UploadFileRequest
|
22, // 9: ezshare.ListFilesResponse.ListFileInfo.metadata:type_name -> ezshare.File.Metadata
|
||||||
5, // 10: ezshare.FileService.GetFile:input_type -> ezshare.GetFileRequest
|
3, // 10: ezshare.FileService.UploadFile:input_type -> ezshare.UploadFileRequest
|
||||||
7, // 11: ezshare.FileService.DeleteFile:input_type -> ezshare.DeleteFileRequest
|
5, // 11: ezshare.FileService.GetFile:input_type -> ezshare.GetFileRequest
|
||||||
9, // 12: ezshare.FileService.ListFiles:input_type -> ezshare.ListFilesRequest
|
7, // 12: ezshare.FileService.DeleteFile:input_type -> ezshare.DeleteFileRequest
|
||||||
12, // 13: ezshare.UserService.Register:input_type -> ezshare.RegisterUserRequest
|
9, // 13: ezshare.FileService.ListFiles:input_type -> ezshare.ListFilesRequest
|
||||||
14, // 14: ezshare.UserService.Login:input_type -> ezshare.LoginUserRequest
|
12, // 14: ezshare.UserService.Register:input_type -> ezshare.RegisterUserRequest
|
||||||
16, // 15: ezshare.UserService.List:input_type -> ezshare.ListUsersRequest
|
14, // 15: ezshare.UserService.Login:input_type -> ezshare.LoginUserRequest
|
||||||
18, // 16: ezshare.UserService.Approve:input_type -> ezshare.ApproveUserRequest
|
16, // 16: ezshare.UserService.List:input_type -> ezshare.ListUsersRequest
|
||||||
19, // 17: ezshare.UserService.ChangePassword:input_type -> ezshare.ChangePasswordRequest
|
18, // 17: ezshare.UserService.Approve:input_type -> ezshare.ApproveUserRequest
|
||||||
4, // 18: ezshare.FileService.UploadFile:output_type -> ezshare.UploadFileResponse
|
19, // 18: ezshare.UserService.ChangePassword:input_type -> ezshare.ChangePasswordRequest
|
||||||
6, // 19: ezshare.FileService.GetFile:output_type -> ezshare.GetFileResponse
|
1, // 19: ezshare.CertificateService.ListCertificates:input_type -> ezshare.Empty
|
||||||
8, // 20: ezshare.FileService.DeleteFile:output_type -> ezshare.DeleteFileResponse
|
21, // 20: ezshare.CertificateService.RevokeCertificate:input_type -> ezshare.RevokeCertificateRequest
|
||||||
10, // 21: ezshare.FileService.ListFiles:output_type -> ezshare.ListFilesResponse
|
4, // 21: ezshare.FileService.UploadFile:output_type -> ezshare.UploadFileResponse
|
||||||
13, // 22: ezshare.UserService.Register:output_type -> ezshare.RegisterUserResponse
|
6, // 22: ezshare.FileService.GetFile:output_type -> ezshare.GetFileResponse
|
||||||
15, // 23: ezshare.UserService.Login:output_type -> ezshare.LoginUserResponse
|
8, // 23: ezshare.FileService.DeleteFile:output_type -> ezshare.DeleteFileResponse
|
||||||
17, // 24: ezshare.UserService.List:output_type -> ezshare.ListUsersResponse
|
10, // 24: ezshare.FileService.ListFiles:output_type -> ezshare.ListFilesResponse
|
||||||
1, // 25: ezshare.UserService.Approve:output_type -> ezshare.Empty
|
13, // 25: ezshare.UserService.Register:output_type -> ezshare.RegisterUserResponse
|
||||||
1, // 26: ezshare.UserService.ChangePassword:output_type -> ezshare.Empty
|
15, // 26: ezshare.UserService.Login:output_type -> ezshare.LoginUserResponse
|
||||||
18, // [18:27] is the sub-list for method output_type
|
17, // 27: ezshare.UserService.List:output_type -> ezshare.ListUsersResponse
|
||||||
9, // [9:18] is the sub-list for method input_type
|
1, // 28: ezshare.UserService.Approve:output_type -> ezshare.Empty
|
||||||
9, // [9:9] is the sub-list for extension type_name
|
1, // 29: ezshare.UserService.ChangePassword:output_type -> ezshare.Empty
|
||||||
9, // [9:9] is the sub-list for extension extendee
|
20, // 30: ezshare.CertificateService.ListCertificates:output_type -> ezshare.ListCertificatesResponse
|
||||||
0, // [0:9] is the sub-list for field type_name
|
1, // 31: ezshare.CertificateService.RevokeCertificate:output_type -> ezshare.Empty
|
||||||
|
21, // [21:32] is the sub-list for method output_type
|
||||||
|
10, // [10:21] is the sub-list for method input_type
|
||||||
|
10, // [10:10] is the sub-list for extension type_name
|
||||||
|
10, // [10:10] is the sub-list for extension extendee
|
||||||
|
0, // [0:10] is the sub-list for field type_name
|
||||||
}
|
}
|
||||||
|
|
||||||
func init() { file_protos_ezshare_proto_init() }
|
func init() { file_protos_ezshare_proto_init() }
|
||||||
@ -1644,7 +1839,7 @@ func file_protos_ezshare_proto_init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_protos_ezshare_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
|
file_protos_ezshare_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
|
||||||
switch v := v.(*File_Metadata); i {
|
switch v := v.(*ListCertificatesResponse); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
case 1:
|
case 1:
|
||||||
@ -1656,6 +1851,30 @@ func file_protos_ezshare_proto_init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
file_protos_ezshare_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
|
file_protos_ezshare_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
|
||||||
|
switch v := v.(*RevokeCertificateRequest); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
file_protos_ezshare_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
|
||||||
|
switch v := v.(*File_Metadata); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
file_protos_ezshare_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} {
|
||||||
switch v := v.(*ListFilesResponse_ListFileInfo); i {
|
switch v := v.(*ListFilesResponse_ListFileInfo); i {
|
||||||
case 0:
|
case 0:
|
||||||
return &v.state
|
return &v.state
|
||||||
@ -1667,6 +1886,18 @@ func file_protos_ezshare_proto_init() {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
file_protos_ezshare_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} {
|
||||||
|
switch v := v.(*ListCertificatesResponse_CertificateInfo); i {
|
||||||
|
case 0:
|
||||||
|
return &v.state
|
||||||
|
case 1:
|
||||||
|
return &v.sizeCache
|
||||||
|
case 2:
|
||||||
|
return &v.unknownFields
|
||||||
|
default:
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
type x struct{}
|
type x struct{}
|
||||||
out := protoimpl.TypeBuilder{
|
out := protoimpl.TypeBuilder{
|
||||||
@ -1674,9 +1905,9 @@ func file_protos_ezshare_proto_init() {
|
|||||||
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
||||||
RawDescriptor: file_protos_ezshare_proto_rawDesc,
|
RawDescriptor: file_protos_ezshare_proto_rawDesc,
|
||||||
NumEnums: 1,
|
NumEnums: 1,
|
||||||
NumMessages: 21,
|
NumMessages: 24,
|
||||||
NumExtensions: 0,
|
NumExtensions: 0,
|
||||||
NumServices: 2,
|
NumServices: 3,
|
||||||
},
|
},
|
||||||
GoTypes: file_protos_ezshare_proto_goTypes,
|
GoTypes: file_protos_ezshare_proto_goTypes,
|
||||||
DependencyIndexes: file_protos_ezshare_proto_depIdxs,
|
DependencyIndexes: file_protos_ezshare_proto_depIdxs,
|
||||||
|
@ -437,3 +437,125 @@ var UserService_ServiceDesc = grpc.ServiceDesc{
|
|||||||
Streams: []grpc.StreamDesc{},
|
Streams: []grpc.StreamDesc{},
|
||||||
Metadata: "protos/ezshare.proto",
|
Metadata: "protos/ezshare.proto",
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// CertificateServiceClient is the client API for CertificateService service.
|
||||||
|
//
|
||||||
|
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
|
||||||
|
type CertificateServiceClient interface {
|
||||||
|
ListCertificates(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*ListCertificatesResponse, error)
|
||||||
|
RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Empty, error)
|
||||||
|
}
|
||||||
|
|
||||||
|
type certificateServiceClient struct {
|
||||||
|
cc grpc.ClientConnInterface
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewCertificateServiceClient(cc grpc.ClientConnInterface) CertificateServiceClient {
|
||||||
|
return &certificateServiceClient{cc}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *certificateServiceClient) ListCertificates(ctx context.Context, in *Empty, opts ...grpc.CallOption) (*ListCertificatesResponse, error) {
|
||||||
|
out := new(ListCertificatesResponse)
|
||||||
|
err := c.cc.Invoke(ctx, "/ezshare.CertificateService/ListCertificates", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *certificateServiceClient) RevokeCertificate(ctx context.Context, in *RevokeCertificateRequest, opts ...grpc.CallOption) (*Empty, error) {
|
||||||
|
out := new(Empty)
|
||||||
|
err := c.cc.Invoke(ctx, "/ezshare.CertificateService/RevokeCertificate", in, out, opts...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return out, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// CertificateServiceServer is the server API for CertificateService service.
|
||||||
|
// All implementations must embed UnimplementedCertificateServiceServer
|
||||||
|
// for forward compatibility
|
||||||
|
type CertificateServiceServer interface {
|
||||||
|
ListCertificates(context.Context, *Empty) (*ListCertificatesResponse, error)
|
||||||
|
RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Empty, error)
|
||||||
|
mustEmbedUnimplementedCertificateServiceServer()
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnimplementedCertificateServiceServer must be embedded to have forward compatible implementations.
|
||||||
|
type UnimplementedCertificateServiceServer struct {
|
||||||
|
}
|
||||||
|
|
||||||
|
func (UnimplementedCertificateServiceServer) ListCertificates(context.Context, *Empty) (*ListCertificatesResponse, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method ListCertificates not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedCertificateServiceServer) RevokeCertificate(context.Context, *RevokeCertificateRequest) (*Empty, error) {
|
||||||
|
return nil, status.Errorf(codes.Unimplemented, "method RevokeCertificate not implemented")
|
||||||
|
}
|
||||||
|
func (UnimplementedCertificateServiceServer) mustEmbedUnimplementedCertificateServiceServer() {}
|
||||||
|
|
||||||
|
// UnsafeCertificateServiceServer may be embedded to opt out of forward compatibility for this service.
|
||||||
|
// Use of this interface is not recommended, as added methods to CertificateServiceServer will
|
||||||
|
// result in compilation errors.
|
||||||
|
type UnsafeCertificateServiceServer interface {
|
||||||
|
mustEmbedUnimplementedCertificateServiceServer()
|
||||||
|
}
|
||||||
|
|
||||||
|
func RegisterCertificateServiceServer(s grpc.ServiceRegistrar, srv CertificateServiceServer) {
|
||||||
|
s.RegisterService(&CertificateService_ServiceDesc, srv)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _CertificateService_ListCertificates_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(Empty)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(CertificateServiceServer).ListCertificates(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/ezshare.CertificateService/ListCertificates",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(CertificateServiceServer).ListCertificates(ctx, req.(*Empty))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
func _CertificateService_RevokeCertificate_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||||
|
in := new(RevokeCertificateRequest)
|
||||||
|
if err := dec(in); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if interceptor == nil {
|
||||||
|
return srv.(CertificateServiceServer).RevokeCertificate(ctx, in)
|
||||||
|
}
|
||||||
|
info := &grpc.UnaryServerInfo{
|
||||||
|
Server: srv,
|
||||||
|
FullMethod: "/ezshare.CertificateService/RevokeCertificate",
|
||||||
|
}
|
||||||
|
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||||
|
return srv.(CertificateServiceServer).RevokeCertificate(ctx, req.(*RevokeCertificateRequest))
|
||||||
|
}
|
||||||
|
return interceptor(ctx, in, info, handler)
|
||||||
|
}
|
||||||
|
|
||||||
|
// CertificateService_ServiceDesc is the grpc.ServiceDesc for CertificateService service.
|
||||||
|
// It's only intended for direct use with grpc.RegisterService,
|
||||||
|
// and not to be introspected or modified (even as a copy)
|
||||||
|
var CertificateService_ServiceDesc = grpc.ServiceDesc{
|
||||||
|
ServiceName: "ezshare.CertificateService",
|
||||||
|
HandlerType: (*CertificateServiceServer)(nil),
|
||||||
|
Methods: []grpc.MethodDesc{
|
||||||
|
{
|
||||||
|
MethodName: "ListCertificates",
|
||||||
|
Handler: _CertificateService_ListCertificates_Handler,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
MethodName: "RevokeCertificate",
|
||||||
|
Handler: _CertificateService_RevokeCertificate_Handler,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Streams: []grpc.StreamDesc{},
|
||||||
|
Metadata: "protos/ezshare.proto",
|
||||||
|
}
|
||||||
|
@ -135,3 +135,27 @@ service UserService {
|
|||||||
rpc Approve(ApproveUserRequest) returns (Empty) {}
|
rpc Approve(ApproveUserRequest) returns (Empty) {}
|
||||||
rpc ChangePassword(ChangePasswordRequest) returns (Empty) {}
|
rpc ChangePassword(ChangePasswordRequest) returns (Empty) {}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
///////////////////////////////
|
||||||
|
// Certificate related stuff //
|
||||||
|
///////////////////////////////
|
||||||
|
|
||||||
|
// List
|
||||||
|
message ListCertificatesResponse {
|
||||||
|
message CertificateInfo {
|
||||||
|
string serial = 1;
|
||||||
|
string owner_id = 2;
|
||||||
|
string owner_username = 3;
|
||||||
|
}
|
||||||
|
repeated CertificateInfo certificates = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Revoke
|
||||||
|
message RevokeCertificateRequest {
|
||||||
|
string serial = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
service CertificateService {
|
||||||
|
rpc ListCertificates(Empty) returns (ListCertificatesResponse) {}
|
||||||
|
rpc RevokeCertificate(RevokeCertificateRequest) returns (Empty) {}
|
||||||
|
}
|
86
server/certservice.go
Normal file
86
server/certservice.go
Normal file
@ -0,0 +1,86 @@
|
|||||||
|
package server
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"gitea.benny.dog/torjus/ezshare/certs"
|
||||||
|
"gitea.benny.dog/torjus/ezshare/pb"
|
||||||
|
"gitea.benny.dog/torjus/ezshare/server/interceptors"
|
||||||
|
"gitea.benny.dog/torjus/ezshare/store"
|
||||||
|
"go.uber.org/zap"
|
||||||
|
"google.golang.org/grpc/codes"
|
||||||
|
"google.golang.org/grpc/status"
|
||||||
|
)
|
||||||
|
|
||||||
|
type CertServiceServer struct {
|
||||||
|
Logger *zap.SugaredLogger
|
||||||
|
svc *certs.CertService
|
||||||
|
store store.CertificateStore
|
||||||
|
userStore store.UserStore
|
||||||
|
pb.UnimplementedCertificateServiceServer
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewCertServiceServer(svc *certs.CertService, store store.CertificateStore, userStore store.UserStore) *CertServiceServer {
|
||||||
|
return &CertServiceServer{
|
||||||
|
Logger: zap.NewNop().Sugar(),
|
||||||
|
svc: svc,
|
||||||
|
store: store,
|
||||||
|
userStore: userStore,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *CertServiceServer) ListCertificates(ctx context.Context, _ *pb.Empty) (*pb.ListCertificatesResponse, error) {
|
||||||
|
allCerts, err := s.store.ListCertificates()
|
||||||
|
if err != nil {
|
||||||
|
s.Logger.Warnw("Error listing certificates.", "error", err)
|
||||||
|
return nil, status.Error(codes.Internal, "error fetching certificates")
|
||||||
|
}
|
||||||
|
|
||||||
|
user := interceptors.UserIDFromContext(ctx)
|
||||||
|
role := interceptors.RoleFromContext(ctx)
|
||||||
|
|
||||||
|
var certInfos []*pb.ListCertificatesResponse_CertificateInfo
|
||||||
|
|
||||||
|
for _, serial := range allCerts {
|
||||||
|
cert, err := s.store.GetCertificate(serial)
|
||||||
|
if err != nil {
|
||||||
|
s.Logger.Warnw("Error getting certificate.", "error", err)
|
||||||
|
return nil, status.Error(codes.Internal, "error fetching certificates")
|
||||||
|
}
|
||||||
|
owner, err := s.userStore.GetUser(cert.Subject.CommonName)
|
||||||
|
if err != nil {
|
||||||
|
s.Logger.Warnw("Error getting user.", "error", err)
|
||||||
|
return nil, status.Error(codes.Internal, "error fetching certificate owners")
|
||||||
|
}
|
||||||
|
if cert.Subject.CommonName == user || role == pb.User_ADMIN {
|
||||||
|
info := &pb.ListCertificatesResponse_CertificateInfo{
|
||||||
|
Serial: serial,
|
||||||
|
OwnerId: cert.Subject.CommonName,
|
||||||
|
OwnerUsername: owner.Username,
|
||||||
|
}
|
||||||
|
certInfos = append(certInfos, info)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return &pb.ListCertificatesResponse{Certificates: certInfos}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *CertServiceServer) RevokeCertificate(ctx context.Context, req *pb.RevokeCertificateRequest) (*pb.Empty, error) {
|
||||||
|
user := interceptors.UserIDFromContext(ctx)
|
||||||
|
role := interceptors.RoleFromContext(ctx)
|
||||||
|
cert, err := s.store.GetCertificate(req.Serial)
|
||||||
|
if err != nil {
|
||||||
|
return nil, status.Error(codes.Internal, "error fetching certificate")
|
||||||
|
}
|
||||||
|
|
||||||
|
if user == cert.Subject.CommonName || role == pb.User_ADMIN {
|
||||||
|
if err := s.store.Revoke(req.Serial); err != nil {
|
||||||
|
s.Logger.Warnw("Error revoking certificate.", "error", err)
|
||||||
|
return nil, status.Error(codes.Internal, "error revoking certificate")
|
||||||
|
}
|
||||||
|
s.Logger.Infow("Revoked certificate.", "serial", req.Serial, "requested_by", user)
|
||||||
|
return &pb.Empty{}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return nil, status.Error(codes.PermissionDenied, "permission denied")
|
||||||
|
}
|
@ -3,12 +3,15 @@ package interceptors
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
|
"gitea.benny.dog/torjus/ezshare/certs"
|
||||||
"gitea.benny.dog/torjus/ezshare/pb"
|
"gitea.benny.dog/torjus/ezshare/pb"
|
||||||
"gitea.benny.dog/torjus/ezshare/store"
|
"gitea.benny.dog/torjus/ezshare/store"
|
||||||
"go.uber.org/zap"
|
"go.uber.org/zap"
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
|
"google.golang.org/grpc/codes"
|
||||||
"google.golang.org/grpc/credentials"
|
"google.golang.org/grpc/credentials"
|
||||||
"google.golang.org/grpc/peer"
|
"google.golang.org/grpc/peer"
|
||||||
|
"google.golang.org/grpc/status"
|
||||||
)
|
)
|
||||||
|
|
||||||
type ContextKey string
|
type ContextKey string
|
||||||
@ -16,9 +19,14 @@ type ContextKey string
|
|||||||
var ContextKeyRole ContextKey = "role"
|
var ContextKeyRole ContextKey = "role"
|
||||||
var ContextKeyUserID ContextKey = "userid"
|
var ContextKeyUserID ContextKey = "userid"
|
||||||
|
|
||||||
func NewAuthInterceptor(s store.UserStore, logger *zap.SugaredLogger) grpc.UnaryServerInterceptor {
|
func NewAuthInterceptor(s store.UserStore, certSvc *certs.CertService, logger *zap.SugaredLogger) grpc.UnaryServerInterceptor {
|
||||||
// TODO: Verify that cert is signed by our ca
|
// TODO: Verify that cert is signed by our ca
|
||||||
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
|
return func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
|
||||||
|
// Login doesn't need valid cert
|
||||||
|
if info.FullMethod == "/ezshare.UserService/Login" {
|
||||||
|
return handler(ctx, req)
|
||||||
|
}
|
||||||
|
|
||||||
p, ok := peer.FromContext(ctx)
|
p, ok := peer.FromContext(ctx)
|
||||||
if ok {
|
if ok {
|
||||||
tlsInfo, ok := p.AuthInfo.(credentials.TLSInfo)
|
tlsInfo, ok := p.AuthInfo.(credentials.TLSInfo)
|
||||||
@ -26,13 +34,18 @@ func NewAuthInterceptor(s store.UserStore, logger *zap.SugaredLogger) grpc.Unary
|
|||||||
if len(tlsInfo.State.PeerCertificates) == 1 {
|
if len(tlsInfo.State.PeerCertificates) == 1 {
|
||||||
cert := tlsInfo.State.PeerCertificates[0]
|
cert := tlsInfo.State.PeerCertificates[0]
|
||||||
|
|
||||||
id := cert.Subject.CommonName
|
// Check if valid
|
||||||
|
id, err := certSvc.VerifyClient(cert.Raw)
|
||||||
|
if err != nil {
|
||||||
|
logger.Infow("Rejected client due to invalid cert", "error", "err", "remote_addr", p.Addr.String(), "method", info.FullMethod)
|
||||||
|
return nil, status.Error(codes.Unauthenticated, "invalid client certificate")
|
||||||
|
}
|
||||||
|
|
||||||
user, err := s.GetUser(id)
|
user, err := s.GetUser(id)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
newCtx := context.WithValue(ctx, ContextKeyRole, user.UserRole)
|
newCtx := context.WithValue(ctx, ContextKeyRole, user.UserRole)
|
||||||
newCtx = context.WithValue(newCtx, ContextKeyUserID, user.Id)
|
newCtx = context.WithValue(newCtx, ContextKeyUserID, user.Id)
|
||||||
logger.Debugw("Authenticated user.", "username", user.Username, "role", user.UserRole.String())
|
logger.Debugw("Authenticated user.", "username", user.Username, "role", user.UserRole.String(), "method", info.FullMethod)
|
||||||
return handler(newCtx, req)
|
return handler(newCtx, req)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -21,6 +21,7 @@ var bktKey = []byte("files")
|
|||||||
var bktKeyCerts = []byte("certs")
|
var bktKeyCerts = []byte("certs")
|
||||||
var bktKeyKeys = []byte("keys")
|
var bktKeyKeys = []byte("keys")
|
||||||
var bktKeyUsers = []byte("users")
|
var bktKeyUsers = []byte("users")
|
||||||
|
var bktKeyRevoked = []byte("revoked")
|
||||||
|
|
||||||
func NewBoltStore(path string) (*BoltStore, error) {
|
func NewBoltStore(path string) (*BoltStore, error) {
|
||||||
s := &BoltStore{}
|
s := &BoltStore{}
|
||||||
@ -42,6 +43,9 @@ func NewBoltStore(path string) (*BoltStore, error) {
|
|||||||
if _, err := t.CreateBucketIfNotExists(bktKeyUsers); err != nil {
|
if _, err := t.CreateBucketIfNotExists(bktKeyUsers); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if _, err := t.CreateBucketIfNotExists(bktKeyRevoked); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -128,12 +132,12 @@ func (s *BoltStore) ListFiles() ([]*pb.ListFilesResponse_ListFileInfo, error) {
|
|||||||
// Certificate store
|
// Certificate store
|
||||||
var _ CertificateStore = &BoltStore{}
|
var _ CertificateStore = &BoltStore{}
|
||||||
|
|
||||||
func (s *BoltStore) GetCertificate(id string) (*x509.Certificate, error) {
|
func (s *BoltStore) GetCertificate(serial string) (*x509.Certificate, error) {
|
||||||
var raw []byte
|
var raw []byte
|
||||||
err := s.db.View(func(t *bolt.Tx) error {
|
err := s.db.View(func(t *bolt.Tx) error {
|
||||||
bkt := t.Bucket(bktKeyCerts)
|
bkt := t.Bucket(bktKeyCerts)
|
||||||
|
|
||||||
raw = bkt.Get([]byte(id))
|
raw = bkt.Get([]byte(serial))
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -151,13 +155,13 @@ func (s *BoltStore) GetCertificate(id string) (*x509.Certificate, error) {
|
|||||||
return cert, nil
|
return cert, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *BoltStore) StoreCertificate(id string, cert *x509.Certificate) error {
|
func (s *BoltStore) StoreCertificate(cert *x509.Certificate) error {
|
||||||
data := make([]byte, len(cert.Raw))
|
data := make([]byte, len(cert.Raw))
|
||||||
copy(data, cert.Raw)
|
copy(data, cert.Raw)
|
||||||
|
|
||||||
return s.db.Update(func(t *bolt.Tx) error {
|
return s.db.Update(func(t *bolt.Tx) error {
|
||||||
bkt := t.Bucket(bktKeyCerts)
|
bkt := t.Bucket(bktKeyCerts)
|
||||||
return bkt.Put([]byte(id), cert.Raw)
|
return bkt.Put([]byte(cert.SerialNumber.String()), cert.Raw)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -202,6 +206,29 @@ func (s *BoltStore) ListCertificates() ([]string, error) {
|
|||||||
return ids, nil
|
return ids, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *BoltStore) Revoke(serial string) error {
|
||||||
|
return s.db.Update(func(tx *bolt.Tx) error {
|
||||||
|
bkt := tx.Bucket(bktKeyRevoked)
|
||||||
|
return bkt.Put([]byte(serial), []byte{'r'})
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *BoltStore) IsRevoked(serial string) (bool, error) {
|
||||||
|
var revoked bool
|
||||||
|
err := s.db.View(func(tx *bolt.Tx) error {
|
||||||
|
bkt := tx.Bucket(bktKeyRevoked)
|
||||||
|
status := bkt.Get([]byte(serial))
|
||||||
|
if status != nil {
|
||||||
|
revoked = true
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
return revoked, nil
|
||||||
|
}
|
||||||
|
|
||||||
var _ UserStore = &BoltStore{}
|
var _ UserStore = &BoltStore{}
|
||||||
|
|
||||||
func (s *BoltStore) StoreUser(user *pb.User) error {
|
func (s *BoltStore) StoreUser(user *pb.User) error {
|
||||||
|
@ -18,6 +18,8 @@ type MemoryStore struct {
|
|||||||
keys map[string][]byte
|
keys map[string][]byte
|
||||||
usersLock sync.RWMutex
|
usersLock sync.RWMutex
|
||||||
users map[string]*pb.User
|
users map[string]*pb.User
|
||||||
|
revokedCerts map[string]struct{}
|
||||||
|
revokedLock sync.RWMutex
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewMemoryStore() *MemoryStore {
|
func NewMemoryStore() *MemoryStore {
|
||||||
@ -26,6 +28,7 @@ func NewMemoryStore() *MemoryStore {
|
|||||||
certs: make(map[string][]byte),
|
certs: make(map[string][]byte),
|
||||||
keys: make(map[string][]byte),
|
keys: make(map[string][]byte),
|
||||||
users: make(map[string]*pb.User),
|
users: make(map[string]*pb.User),
|
||||||
|
revokedCerts: make(map[string]struct{}),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -88,11 +91,11 @@ func (s *MemoryStore) ListFiles() ([]*pb.ListFilesResponse_ListFileInfo, error)
|
|||||||
|
|
||||||
var _ CertificateStore = &MemoryStore{}
|
var _ CertificateStore = &MemoryStore{}
|
||||||
|
|
||||||
func (s *MemoryStore) GetCertificate(id string) (*x509.Certificate, error) {
|
func (s *MemoryStore) GetCertificate(serial string) (*x509.Certificate, error) {
|
||||||
s.certLock.Lock()
|
s.certLock.Lock()
|
||||||
defer s.certLock.Unlock()
|
defer s.certLock.Unlock()
|
||||||
|
|
||||||
data, ok := s.certs[id]
|
data, ok := s.certs[serial]
|
||||||
if !ok {
|
if !ok {
|
||||||
// TODO: Make separate error, or rename error
|
// TODO: Make separate error, or rename error
|
||||||
return nil, ErrNoSuchItem
|
return nil, ErrNoSuchItem
|
||||||
@ -101,7 +104,7 @@ func (s *MemoryStore) GetCertificate(id string) (*x509.Certificate, error) {
|
|||||||
return x509.ParseCertificate(data)
|
return x509.ParseCertificate(data)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *MemoryStore) StoreCertificate(id string, cert *x509.Certificate) error {
|
func (s *MemoryStore) StoreCertificate(cert *x509.Certificate) error {
|
||||||
s.certLock.Lock()
|
s.certLock.Lock()
|
||||||
defer s.certLock.Unlock()
|
defer s.certLock.Unlock()
|
||||||
|
|
||||||
@ -109,7 +112,7 @@ func (s *MemoryStore) StoreCertificate(id string, cert *x509.Certificate) error
|
|||||||
data := make([]byte, len(cert.Raw))
|
data := make([]byte, len(cert.Raw))
|
||||||
copy(data, cert.Raw)
|
copy(data, cert.Raw)
|
||||||
|
|
||||||
s.certs[id] = data
|
s.certs[cert.SerialNumber.String()] = data
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -147,6 +150,22 @@ func (s *MemoryStore) ListCertificates() ([]string, error) {
|
|||||||
return certIDs, nil
|
return certIDs, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *MemoryStore) Revoke(serial string) error {
|
||||||
|
s.revokedLock.Lock()
|
||||||
|
defer s.revokedLock.Unlock()
|
||||||
|
|
||||||
|
s.revokedCerts[serial] = struct{}{}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *MemoryStore) IsRevoked(serial string) (bool, error) {
|
||||||
|
s.revokedLock.RLock()
|
||||||
|
defer s.revokedLock.RUnlock()
|
||||||
|
|
||||||
|
_, revoked := s.revokedCerts[serial]
|
||||||
|
return revoked, nil
|
||||||
|
}
|
||||||
|
|
||||||
///////////////
|
///////////////
|
||||||
// UserStore //
|
// UserStore //
|
||||||
///////////////
|
///////////////
|
||||||
|
@ -18,11 +18,13 @@ type FileStore interface {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type CertificateStore interface {
|
type CertificateStore interface {
|
||||||
GetCertificate(id string) (*x509.Certificate, error)
|
GetCertificate(serial string) (*x509.Certificate, error)
|
||||||
StoreCertificate(id string, cert *x509.Certificate) error
|
StoreCertificate(cert *x509.Certificate) error
|
||||||
GetKey(id string) (*ecdsa.PrivateKey, error)
|
GetKey(id string) (*ecdsa.PrivateKey, error)
|
||||||
StoreKey(id string, key *ecdsa.PrivateKey) error
|
StoreKey(id string, key *ecdsa.PrivateKey) error
|
||||||
ListCertificates() ([]string, error)
|
ListCertificates() ([]string, error)
|
||||||
|
Revoke(serial string) error
|
||||||
|
IsRevoked(serial string) (bool, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type UserStore interface {
|
type UserStore interface {
|
||||||
|
@ -79,7 +79,7 @@ func doCertificateStoreTest(s store.CertificateStore, t *testing.T) {
|
|||||||
|
|
||||||
// Create cert and key
|
// Create cert and key
|
||||||
unsigned := &x509.Certificate{
|
unsigned := &x509.Certificate{
|
||||||
SerialNumber: big.NewInt(time.Now().Unix()),
|
SerialNumber: big.NewInt(time.Now().UnixMilli()),
|
||||||
Subject: pkix.Name{
|
Subject: pkix.Name{
|
||||||
Organization: []string{"ezshare"},
|
Organization: []string{"ezshare"},
|
||||||
Country: []string{"No"},
|
Country: []string{"No"},
|
||||||
@ -106,7 +106,7 @@ func doCertificateStoreTest(s store.CertificateStore, t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Store cert
|
// Store cert
|
||||||
if err := s.StoreCertificate("cert", cert); err != nil {
|
if err := s.StoreCertificate(cert); err != nil {
|
||||||
t.Fatalf("Error storing cert: %s", err)
|
t.Fatalf("Error storing cert: %s", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -123,11 +123,11 @@ func doCertificateStoreTest(s store.CertificateStore, t *testing.T) {
|
|||||||
if len(ids) != 1 {
|
if len(ids) != 1 {
|
||||||
t.Fatalf("List has wrong length: %s", err)
|
t.Fatalf("List has wrong length: %s", err)
|
||||||
}
|
}
|
||||||
if ids[0] != "cert" {
|
if ids[0] != cert.SerialNumber.String() {
|
||||||
t.Fatalf("List has wrong id")
|
t.Fatalf("List has wrong id")
|
||||||
}
|
}
|
||||||
|
|
||||||
retrievedCert, err := s.GetCertificate("cert")
|
retrievedCert, err := s.GetCertificate(cert.SerialNumber.String())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("Unable to get certificate from store: %s", err)
|
t.Fatalf("Unable to get certificate from store: %s", err)
|
||||||
}
|
}
|
||||||
@ -142,6 +142,26 @@ func doCertificateStoreTest(s store.CertificateStore, t *testing.T) {
|
|||||||
if !retrievedKey.Equal(privateKey) {
|
if !retrievedKey.Equal(privateKey) {
|
||||||
t.Errorf("Retrieved key does not match stored.")
|
t.Errorf("Retrieved key does not match stored.")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Revoke
|
||||||
|
isRevoked, err := s.IsRevoked(cert.SerialNumber.String())
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Error checking if certificate is revoked: %s", err)
|
||||||
|
}
|
||||||
|
if isRevoked {
|
||||||
|
t.Fatalf("Unrevoked certificate is revoked")
|
||||||
|
}
|
||||||
|
if err := s.Revoke(cert.SerialNumber.String()); err != nil {
|
||||||
|
t.Fatalf("Error revoking certificate: %s", err)
|
||||||
|
}
|
||||||
|
isRevoked, err = s.IsRevoked(cert.SerialNumber.String())
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Error checking if certificate is revoked: %s", err)
|
||||||
|
}
|
||||||
|
if !isRevoked {
|
||||||
|
t.Fatalf("Revoked certificate is not revoked")
|
||||||
|
}
|
||||||
|
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user