diff --git a/proto/kms/api/cmk/registry/auth/v1/auth_grpc.pb.go b/proto/kms/api/cmk/registry/auth/v1/auth_grpc.pb.go index 279ad1b..08a21fd 100644 --- a/proto/kms/api/cmk/registry/auth/v1/auth_grpc.pb.go +++ b/proto/kms/api/cmk/registry/auth/v1/auth_grpc.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.6.0 +// - protoc-gen-go-grpc v1.6.1 // - protoc (unknown) // source: kms/api/cmk/registry/auth/v1/auth.proto diff --git a/proto/kms/api/cmk/registry/mapping/v1/mapping_grpc.pb.go b/proto/kms/api/cmk/registry/mapping/v1/mapping_grpc.pb.go index 1f51fc6..fedde79 100644 --- a/proto/kms/api/cmk/registry/mapping/v1/mapping_grpc.pb.go +++ b/proto/kms/api/cmk/registry/mapping/v1/mapping_grpc.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.6.0 +// - protoc-gen-go-grpc v1.6.1 // - protoc (unknown) // source: kms/api/cmk/registry/mapping/v1/mapping.proto diff --git a/proto/kms/api/cmk/registry/system/v1/system_grpc.pb.go b/proto/kms/api/cmk/registry/system/v1/system_grpc.pb.go index a3b5a80..234f998 100644 --- a/proto/kms/api/cmk/registry/system/v1/system_grpc.pb.go +++ b/proto/kms/api/cmk/registry/system/v1/system_grpc.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.6.0 +// - protoc-gen-go-grpc v1.6.1 // - protoc (unknown) // source: kms/api/cmk/registry/system/v1/system.proto diff --git a/proto/kms/api/cmk/registry/tenant/v1/tenant_grpc.pb.go b/proto/kms/api/cmk/registry/tenant/v1/tenant_grpc.pb.go index fa85f27..5a181ab 100644 --- a/proto/kms/api/cmk/registry/tenant/v1/tenant_grpc.pb.go +++ b/proto/kms/api/cmk/registry/tenant/v1/tenant_grpc.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.6.0 +// - protoc-gen-go-grpc v1.6.1 // - protoc (unknown) // source: kms/api/cmk/registry/tenant/v1/tenant.proto diff --git a/proto/kms/api/cmk/rpc/v1/error_details.pb.go b/proto/kms/api/cmk/rpc/v1/error_details.pb.go new file mode 100644 index 0000000..b8ba559 --- /dev/null +++ b/proto/kms/api/cmk/rpc/v1/error_details.pb.go @@ -0,0 +1,192 @@ +// Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.36.11 +// protoc (unknown) +// source: kms/api/cmk/rpc/v1/error_details.proto + +package rpcv1 + +import ( + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + reflect "reflect" + sync "sync" + unsafe "unsafe" +) + +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) + +// PreconditionFailure describes what preconditions have failed. +type PreconditionFailure struct { + state protoimpl.MessageState `protogen:"open.v1"` + Violations []*PreconditionFailure_Violation `protobuf:"bytes,1,rep,name=violations,proto3" json:"violations,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *PreconditionFailure) Reset() { + *x = PreconditionFailure{} + mi := &file_kms_api_cmk_rpc_v1_error_details_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PreconditionFailure) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PreconditionFailure) ProtoMessage() {} + +func (x *PreconditionFailure) ProtoReflect() protoreflect.Message { + mi := &file_kms_api_cmk_rpc_v1_error_details_proto_msgTypes[0] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PreconditionFailure.ProtoReflect.Descriptor instead. +func (*PreconditionFailure) Descriptor() ([]byte, []int) { + return file_kms_api_cmk_rpc_v1_error_details_proto_rawDescGZIP(), []int{0} +} + +func (x *PreconditionFailure) GetViolations() []*PreconditionFailure_Violation { + if x != nil { + return x.Violations + } + return nil +} + +type PreconditionFailure_Violation struct { + state protoimpl.MessageState `protogen:"open.v1"` + Type string `protobuf:"bytes,1,opt,name=type,proto3" json:"type,omitempty"` + Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty"` + Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *PreconditionFailure_Violation) Reset() { + *x = PreconditionFailure_Violation{} + mi := &file_kms_api_cmk_rpc_v1_error_details_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *PreconditionFailure_Violation) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*PreconditionFailure_Violation) ProtoMessage() {} + +func (x *PreconditionFailure_Violation) ProtoReflect() protoreflect.Message { + mi := &file_kms_api_cmk_rpc_v1_error_details_proto_msgTypes[1] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use PreconditionFailure_Violation.ProtoReflect.Descriptor instead. +func (*PreconditionFailure_Violation) Descriptor() ([]byte, []int) { + return file_kms_api_cmk_rpc_v1_error_details_proto_rawDescGZIP(), []int{0, 0} +} + +func (x *PreconditionFailure_Violation) GetType() string { + if x != nil { + return x.Type + } + return "" +} + +func (x *PreconditionFailure_Violation) GetSubject() string { + if x != nil { + return x.Subject + } + return "" +} + +func (x *PreconditionFailure_Violation) GetDescription() string { + if x != nil { + return x.Description + } + return "" +} + +var File_kms_api_cmk_rpc_v1_error_details_proto protoreflect.FileDescriptor + +const file_kms_api_cmk_rpc_v1_error_details_proto_rawDesc = "" + + "\n" + + "&kms/api/cmk/rpc/v1/error_details.proto\x12\x12kms.api.cmk.rpc.v1\"\xc5\x01\n" + + "\x13PreconditionFailure\x12Q\n" + + "\n" + + "violations\x18\x01 \x03(\v21.kms.api.cmk.rpc.v1.PreconditionFailure.ViolationR\n" + + "violations\x1a[\n" + + "\tViolation\x12\x12\n" + + "\x04type\x18\x01 \x01(\tR\x04type\x12\x18\n" + + "\asubject\x18\x02 \x01(\tR\asubject\x12 \n" + + "\vdescription\x18\x03 \x01(\tR\vdescriptionB\xd3\x01\n" + + "\x16com.kms.api.cmk.rpc.v1B\x11ErrorDetailsProtoP\x01Z9github.com/openkcm/api-sdk/proto/kms/api/cmk/rpc/v1;rpcv1\xa2\x02\x04KACR\xaa\x02\x12Kms.Api.Cmk.Rpc.V1\xca\x02\x12Kms\\Api\\Cmk\\Rpc\\V1\xe2\x02\x1eKms\\Api\\Cmk\\Rpc\\V1\\GPBMetadata\xea\x02\x16Kms::Api::Cmk::Rpc::V1b\x06proto3" + +var ( + file_kms_api_cmk_rpc_v1_error_details_proto_rawDescOnce sync.Once + file_kms_api_cmk_rpc_v1_error_details_proto_rawDescData []byte +) + +func file_kms_api_cmk_rpc_v1_error_details_proto_rawDescGZIP() []byte { + file_kms_api_cmk_rpc_v1_error_details_proto_rawDescOnce.Do(func() { + file_kms_api_cmk_rpc_v1_error_details_proto_rawDescData = protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_kms_api_cmk_rpc_v1_error_details_proto_rawDesc), len(file_kms_api_cmk_rpc_v1_error_details_proto_rawDesc))) + }) + return file_kms_api_cmk_rpc_v1_error_details_proto_rawDescData +} + +var file_kms_api_cmk_rpc_v1_error_details_proto_msgTypes = make([]protoimpl.MessageInfo, 2) +var file_kms_api_cmk_rpc_v1_error_details_proto_goTypes = []any{ + (*PreconditionFailure)(nil), // 0: kms.api.cmk.rpc.v1.PreconditionFailure + (*PreconditionFailure_Violation)(nil), // 1: kms.api.cmk.rpc.v1.PreconditionFailure.Violation +} +var file_kms_api_cmk_rpc_v1_error_details_proto_depIdxs = []int32{ + 1, // 0: kms.api.cmk.rpc.v1.PreconditionFailure.violations:type_name -> kms.api.cmk.rpc.v1.PreconditionFailure.Violation + 1, // [1:1] is the sub-list for method output_type + 1, // [1:1] is the sub-list for method input_type + 1, // [1:1] is the sub-list for extension type_name + 1, // [1:1] is the sub-list for extension extendee + 0, // [0:1] is the sub-list for field type_name +} + +func init() { file_kms_api_cmk_rpc_v1_error_details_proto_init() } +func file_kms_api_cmk_rpc_v1_error_details_proto_init() { + if File_kms_api_cmk_rpc_v1_error_details_proto != nil { + return + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: unsafe.Slice(unsafe.StringData(file_kms_api_cmk_rpc_v1_error_details_proto_rawDesc), len(file_kms_api_cmk_rpc_v1_error_details_proto_rawDesc)), + NumEnums: 0, + NumMessages: 2, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_kms_api_cmk_rpc_v1_error_details_proto_goTypes, + DependencyIndexes: file_kms_api_cmk_rpc_v1_error_details_proto_depIdxs, + MessageInfos: file_kms_api_cmk_rpc_v1_error_details_proto_msgTypes, + }.Build() + File_kms_api_cmk_rpc_v1_error_details_proto = out.File + file_kms_api_cmk_rpc_v1_error_details_proto_goTypes = nil + file_kms_api_cmk_rpc_v1_error_details_proto_depIdxs = nil +} diff --git a/proto/kms/api/cmk/rpc/v1/error_details.pb.validate.go b/proto/kms/api/cmk/rpc/v1/error_details.pb.validate.go new file mode 100644 index 0000000..743057a --- /dev/null +++ b/proto/kms/api/cmk/rpc/v1/error_details.pb.validate.go @@ -0,0 +1,281 @@ +// Code generated by protoc-gen-validate. DO NOT EDIT. +// source: kms/api/cmk/rpc/v1/error_details.proto + +package rpcv1 + +import ( + "bytes" + "errors" + "fmt" + "net" + "net/mail" + "net/url" + "regexp" + "sort" + "strings" + "time" + "unicode/utf8" + + "google.golang.org/protobuf/types/known/anypb" +) + +// ensure the imports are used +var ( + _ = bytes.MinRead + _ = errors.New("") + _ = fmt.Print + _ = utf8.UTFMax + _ = (*regexp.Regexp)(nil) + _ = (*strings.Reader)(nil) + _ = net.IPv4len + _ = time.Duration(0) + _ = (*url.URL)(nil) + _ = (*mail.Address)(nil) + _ = anypb.Any{} + _ = sort.Sort +) + +// Validate checks the field values on PreconditionFailure with the rules +// defined in the proto definition for this message. If any rules are +// violated, the first error encountered is returned, or nil if there are no violations. +func (m *PreconditionFailure) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on PreconditionFailure with the rules +// defined in the proto definition for this message. If any rules are +// violated, the result is a list of violation errors wrapped in +// PreconditionFailureMultiError, or nil if none found. +func (m *PreconditionFailure) ValidateAll() error { + return m.validate(true) +} + +func (m *PreconditionFailure) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + for idx, item := range m.GetViolations() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, PreconditionFailureValidationError{ + field: fmt.Sprintf("Violations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, PreconditionFailureValidationError{ + field: fmt.Sprintf("Violations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return PreconditionFailureValidationError{ + field: fmt.Sprintf("Violations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return PreconditionFailureMultiError(errors) + } + + return nil +} + +// PreconditionFailureMultiError is an error wrapping multiple validation +// errors returned by PreconditionFailure.ValidateAll() if the designated +// constraints aren't met. +type PreconditionFailureMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m PreconditionFailureMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m PreconditionFailureMultiError) AllErrors() []error { return m } + +// PreconditionFailureValidationError is the validation error returned by +// PreconditionFailure.Validate if the designated constraints aren't met. +type PreconditionFailureValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e PreconditionFailureValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e PreconditionFailureValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e PreconditionFailureValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e PreconditionFailureValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e PreconditionFailureValidationError) ErrorName() string { + return "PreconditionFailureValidationError" +} + +// Error satisfies the builtin error interface +func (e PreconditionFailureValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sPreconditionFailure.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = PreconditionFailureValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = PreconditionFailureValidationError{} + +// Validate checks the field values on PreconditionFailure_Violation with the +// rules defined in the proto definition for this message. If any rules are +// violated, the first error encountered is returned, or nil if there are no violations. +func (m *PreconditionFailure_Violation) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on PreconditionFailure_Violation with +// the rules defined in the proto definition for this message. If any rules +// are violated, the result is a list of violation errors wrapped in +// PreconditionFailure_ViolationMultiError, or nil if none found. +func (m *PreconditionFailure_Violation) ValidateAll() error { + return m.validate(true) +} + +func (m *PreconditionFailure_Violation) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + // no validation rules for Type + + // no validation rules for Subject + + // no validation rules for Description + + if len(errors) > 0 { + return PreconditionFailure_ViolationMultiError(errors) + } + + return nil +} + +// PreconditionFailure_ViolationMultiError is an error wrapping multiple +// validation errors returned by PreconditionFailure_Violation.ValidateAll() +// if the designated constraints aren't met. +type PreconditionFailure_ViolationMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m PreconditionFailure_ViolationMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m PreconditionFailure_ViolationMultiError) AllErrors() []error { return m } + +// PreconditionFailure_ViolationValidationError is the validation error +// returned by PreconditionFailure_Violation.Validate if the designated +// constraints aren't met. +type PreconditionFailure_ViolationValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e PreconditionFailure_ViolationValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e PreconditionFailure_ViolationValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e PreconditionFailure_ViolationValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e PreconditionFailure_ViolationValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e PreconditionFailure_ViolationValidationError) ErrorName() string { + return "PreconditionFailure_ViolationValidationError" +} + +// Error satisfies the builtin error interface +func (e PreconditionFailure_ViolationValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sPreconditionFailure_Violation.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = PreconditionFailure_ViolationValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = PreconditionFailure_ViolationValidationError{} diff --git a/proto/kms/api/cmk/rpc/v1/error_details.proto b/proto/kms/api/cmk/rpc/v1/error_details.proto new file mode 100644 index 0000000..5c2649e --- /dev/null +++ b/proto/kms/api/cmk/rpc/v1/error_details.proto @@ -0,0 +1,14 @@ +syntax = "proto3"; + +package kms.api.cmk.rpc.v1; + +// PreconditionFailure describes what preconditions have failed. +message PreconditionFailure { + message Violation { + string type = 1; + string subject = 2; + string description = 3; + } + + repeated Violation violations = 1; +} diff --git a/proto/kms/api/cmk/sessionmanager/oidcmapping/v1/oidcmapping_grpc.pb.go b/proto/kms/api/cmk/sessionmanager/oidcmapping/v1/oidcmapping_grpc.pb.go index 4d9752f..7511861 100644 --- a/proto/kms/api/cmk/sessionmanager/oidcmapping/v1/oidcmapping_grpc.pb.go +++ b/proto/kms/api/cmk/sessionmanager/oidcmapping/v1/oidcmapping_grpc.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.6.0 +// - protoc-gen-go-grpc v1.6.1 // - protoc (unknown) // source: kms/api/cmk/sessionmanager/oidcmapping/v1/oidcmapping.proto diff --git a/proto/kms/api/cmk/sessionmanager/session/v1/session.proto b/proto/kms/api/cmk/sessionmanager/session/v1/session.proto index f6312b8..3882a16 100644 --- a/proto/kms/api/cmk/sessionmanager/session/v1/session.proto +++ b/proto/kms/api/cmk/sessionmanager/session/v1/session.proto @@ -5,6 +5,14 @@ package kms.api.cmk.sessionmanager.session.v1; import "kms/api/cmk/types/v1/oidc.proto"; service Service { + // GetSession matches the fingerprint, tenant id, and returns a session + // and its status. Additionally, the method checks whether the tenant is blocked. + // + // The method may return the following statuses with a rich error description (see kms.api.cmk.rpc.v1 package): + // FailedPrecondition: + // PreconditionFailure: + // violations: + // type: "tenant_blocked" rpc GetSession(GetSessionRequest) returns (GetSessionResponse) {} rpc GetOIDCProvider(GetOIDCProviderRequest) returns (GetOIDCProviderResponse) {} } diff --git a/proto/kms/api/cmk/sessionmanager/session/v1/session_grpc.pb.go b/proto/kms/api/cmk/sessionmanager/session/v1/session_grpc.pb.go index 1285a54..d86adc2 100644 --- a/proto/kms/api/cmk/sessionmanager/session/v1/session_grpc.pb.go +++ b/proto/kms/api/cmk/sessionmanager/session/v1/session_grpc.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go-grpc. DO NOT EDIT. // versions: -// - protoc-gen-go-grpc v1.6.0 +// - protoc-gen-go-grpc v1.6.1 // - protoc (unknown) // source: kms/api/cmk/sessionmanager/session/v1/session.proto @@ -27,6 +27,15 @@ const ( // // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. type ServiceClient interface { + // GetSession matches the fingerprint, tenant id, and returns a session + // and its status. Additionally, the method checks whether the tenant is blocked. + // + // The method may return the following statuses with a rich error description (see kms.api.cmk.rpc.v1 package): + // FailedPrecondition: + // + // PreconditionFailure: + // violations: + // type: "tenant_blocked" GetSession(ctx context.Context, in *GetSessionRequest, opts ...grpc.CallOption) (*GetSessionResponse, error) GetOIDCProvider(ctx context.Context, in *GetOIDCProviderRequest, opts ...grpc.CallOption) (*GetOIDCProviderResponse, error) } @@ -63,6 +72,15 @@ func (c *serviceClient) GetOIDCProvider(ctx context.Context, in *GetOIDCProvider // All implementations must embed UnimplementedServiceServer // for forward compatibility. type ServiceServer interface { + // GetSession matches the fingerprint, tenant id, and returns a session + // and its status. Additionally, the method checks whether the tenant is blocked. + // + // The method may return the following statuses with a rich error description (see kms.api.cmk.rpc.v1 package): + // FailedPrecondition: + // + // PreconditionFailure: + // violations: + // type: "tenant_blocked" GetSession(context.Context, *GetSessionRequest) (*GetSessionResponse, error) GetOIDCProvider(context.Context, *GetOIDCProviderRequest) (*GetOIDCProviderResponse, error) mustEmbedUnimplementedServiceServer()