From 0ad9a181ca0a509118cc02f028e87fb9f051aa65 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 12:37:06 -0500 Subject: [PATCH 01/13] feat: add generated connect-rpc code --- .git-branches.toml | 112 ++++ .vscode/launch.json | 28 + buf.gen.yaml | 4 + .../authorization.connect.go | 174 ++++++ .../entity_resolution.connect.go | 145 +++++ protocol/go/go.mod | 3 +- protocol/go/go.sum | 5 +- protocol/go/kas/kasconnect/kas.connect.go | 174 ++++++ .../attributesconnect/attributes.connect.go | 555 ++++++++++++++++++ .../key_access_server_registry.connect.go | 272 +++++++++ .../namespacesconnect/namespaces.connect.go | 301 ++++++++++ .../resource_mapping.connect.go | 422 +++++++++++++ .../subject_mapping.connect.go | 422 +++++++++++++ .../unsafe/unsafeconnect/unsafe.connect.go | 371 ++++++++++++ .../wellknown_configuration.connect.go | 115 ++++ 15 files changed, 3101 insertions(+), 2 deletions(-) create mode 100644 .git-branches.toml create mode 100644 .vscode/launch.json create mode 100644 protocol/go/authorization/authorizationconnect/authorization.connect.go create mode 100644 protocol/go/entityresolution/entityresolutionconnect/entity_resolution.connect.go create mode 100644 protocol/go/kas/kasconnect/kas.connect.go create mode 100644 protocol/go/policy/attributes/attributesconnect/attributes.connect.go create mode 100644 protocol/go/policy/kasregistry/kasregistryconnect/key_access_server_registry.connect.go create mode 100644 protocol/go/policy/namespaces/namespacesconnect/namespaces.connect.go create mode 100644 protocol/go/policy/resourcemapping/resourcemappingconnect/resource_mapping.connect.go create mode 100644 protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go create mode 100644 protocol/go/policy/unsafe/unsafeconnect/unsafe.connect.go create mode 100644 protocol/go/wellknownconfiguration/wellknownconfigurationconnect/wellknown_configuration.connect.go diff --git a/.git-branches.toml b/.git-branches.toml new file mode 100644 index 0000000000..f297a2b9bf --- /dev/null +++ b/.git-branches.toml @@ -0,0 +1,112 @@ +# Git Town configuration file +# +# Run "git town config setup" to add additional entries +# to this file after updating Git Town. +# +# The "push-hook" setting determines whether Git Town +# permits or prevents Git hooks while pushing branches. +# Hooks are enabled by default. If your Git hooks are slow, +# you can disable them to speed up branch syncing. +# +# When disabled, Git Town pushes using the "--no-verify" switch. +# More info at https://www.git-town.com/preferences/push-hook. +push-hook = true + +# Should Git Town push the new branches it creates +# immediately to origin even if they are empty? +# +# When enabled, you can run "git push" right away +# but creating new branches is slower and +# it triggers an unnecessary CI run on the empty branch. +# +# When disabled, many Git Town commands execute faster +# and Git Town will create the missing tracking branch +# on the first run of "git town sync". +push-new-branches = false + +# The "create-prototype-branches" setting determines whether Git Town +# always creates prototype branches. +# Prototype branches sync only locally and don't create a tracking branch +# until they are proposed. +# +# More info at https://www.git-town.com/preferences/create-prototype-branches. +create-prototype-branches = false + +# Which method should Git Town use to ship feature branches? +# +# Options: +# +# - api: merge the proposal on your code hosting platform via the code hosting API +# - fast-forward: in your local repo, fast-forward the parent branch to point to the commits on the feature branch +# - squash-merge: in your local repo, squash-merge the feature branch into its parent branch +# +# All options update proposals of child branches and remove the shipped branch locally and remotely. +ship-strategy = "api" + +# Should "git town ship" delete the tracking branch? +# You want to disable this if your code hosting platform +# (GitHub, GitLab, etc) deletes head branches when +# merging pull requests through its UI. +ship-delete-tracking-branch = false + +# Should "git town sync" sync tags with origin? +sync-tags = true + +# Should "git town sync" also fetch updates from the upstream remote? +# +# If an "upstream" remote exists, and this setting is enabled, +# "git town sync" will also update the local main branch +# with commits from the main branch at the upstream remote. +# +# This is useful if the repository you work on is a fork, +# and you want to keep it in sync with the repo it was forked from. +sync-upstream = true + +[branches] + +# The main branch is the branch from which you cut new feature branches, +# and into which you ship feature branches when they are done. +# This branch is often called "main", "master", or "development". +main = "main" + +# Perennial branches are long-lived branches. +# They are never shipped and have no ancestors. +# Typically, perennial branches have names like +# "development", "staging", "qa", "production", etc. +# +# See also the "perennial-regex" setting. +perennials = [] + +# All branches whose name matches this regular expression +# are also considered perennial branches. +# +# If you are not sure, leave this empty. +perennial-regex = "" + +[hosting] + +# Knowing the type of code hosting platform allows Git Town +# to open browser URLs and talk to the code hosting API. +# Most people can leave this on "auto-detect". +# Only change this if your code hosting server uses as custom URL. +platform = "github" + +# When using SSH identities, define the hostname +# of your source code repository. Only change this +# if the auto-detection does not work for you. +# origin-hostname = "" + +[sync-strategy] + +# How should Git Town synchronize feature branches? +# Feature branches are short-lived branches cut from +# the main branch and shipped back into the main branch. +# Typically you develop features and bug fixes on them, +# hence their name. +feature-branches = "merge" + +# How should Git Town synchronize perennial branches? +# Perennial branches have no parent branch. +# The only updates they receive are additional commits +# made to their tracking branch somewhere else. +perennial-branches = "rebase" \ No newline at end of file diff --git a/.vscode/launch.json b/.vscode/launch.json new file mode 100644 index 0000000000..80071cc8a1 --- /dev/null +++ b/.vscode/launch.json @@ -0,0 +1,28 @@ +{ + // Attach to Air for debugging + "version": "0.2.0", + "configurations": [ + { + "name": "Launch Package", + "type": "go", + "request": "launch", + "mode": "auto", + "program": "${fileDirname}", + "env": { + "TESTCONTAINERS_RYUK_CONTAINER_PRIVILEGED": "true", + "TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE": "/var/run/docker.sock" + }, + "showLog": true, + "console": "integratedTerminal" + }, + { + "name": "Attach to Air", + "type": "go", + "debugAdapter": "dlv-dap", + "mode": "remote", + "request": "attach", + "host": "127.0.0.1", + "port": 12345 + } + ] +} \ No newline at end of file diff --git a/buf.gen.yaml b/buf.gen.yaml index 9127207267..13e766c4e8 100644 --- a/buf.gen.yaml +++ b/buf.gen.yaml @@ -21,3 +21,7 @@ plugins: - remote: buf.build/grpc/go:v1.3.0 out: protocol/go opt: paths=source_relative + - remote: buf.build/connectrpc/go:v1.17.0 + out: protocol/go + opt: + - paths=source_relative diff --git a/protocol/go/authorization/authorizationconnect/authorization.connect.go b/protocol/go/authorization/authorizationconnect/authorization.connect.go new file mode 100644 index 0000000000..dd5efadb4d --- /dev/null +++ b/protocol/go/authorization/authorizationconnect/authorization.connect.go @@ -0,0 +1,174 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: authorization/authorization.proto + +package authorizationconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + authorization "github.com/opentdf/platform/protocol/go/authorization" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // AuthorizationServiceName is the fully-qualified name of the AuthorizationService service. + AuthorizationServiceName = "authorization.AuthorizationService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // AuthorizationServiceGetDecisionsProcedure is the fully-qualified name of the + // AuthorizationService's GetDecisions RPC. + AuthorizationServiceGetDecisionsProcedure = "/authorization.AuthorizationService/GetDecisions" + // AuthorizationServiceGetDecisionsByTokenProcedure is the fully-qualified name of the + // AuthorizationService's GetDecisionsByToken RPC. + AuthorizationServiceGetDecisionsByTokenProcedure = "/authorization.AuthorizationService/GetDecisionsByToken" + // AuthorizationServiceGetEntitlementsProcedure is the fully-qualified name of the + // AuthorizationService's GetEntitlements RPC. + AuthorizationServiceGetEntitlementsProcedure = "/authorization.AuthorizationService/GetEntitlements" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + authorizationServiceServiceDescriptor = authorization.File_authorization_authorization_proto.Services().ByName("AuthorizationService") + authorizationServiceGetDecisionsMethodDescriptor = authorizationServiceServiceDescriptor.Methods().ByName("GetDecisions") + authorizationServiceGetDecisionsByTokenMethodDescriptor = authorizationServiceServiceDescriptor.Methods().ByName("GetDecisionsByToken") + authorizationServiceGetEntitlementsMethodDescriptor = authorizationServiceServiceDescriptor.Methods().ByName("GetEntitlements") +) + +// AuthorizationServiceClient is a client for the authorization.AuthorizationService service. +type AuthorizationServiceClient interface { + GetDecisions(context.Context, *connect.Request[authorization.GetDecisionsRequest]) (*connect.Response[authorization.GetDecisionsResponse], error) + GetDecisionsByToken(context.Context, *connect.Request[authorization.GetDecisionsByTokenRequest]) (*connect.Response[authorization.GetDecisionsByTokenResponse], error) + GetEntitlements(context.Context, *connect.Request[authorization.GetEntitlementsRequest]) (*connect.Response[authorization.GetEntitlementsResponse], error) +} + +// NewAuthorizationServiceClient constructs a client for the authorization.AuthorizationService +// service. By default, it uses the Connect protocol with the binary Protobuf Codec, asks for +// gzipped responses, and sends uncompressed requests. To use the gRPC or gRPC-Web protocols, supply +// the connect.WithGRPC() or connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewAuthorizationServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) AuthorizationServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &authorizationServiceClient{ + getDecisions: connect.NewClient[authorization.GetDecisionsRequest, authorization.GetDecisionsResponse]( + httpClient, + baseURL+AuthorizationServiceGetDecisionsProcedure, + connect.WithSchema(authorizationServiceGetDecisionsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getDecisionsByToken: connect.NewClient[authorization.GetDecisionsByTokenRequest, authorization.GetDecisionsByTokenResponse]( + httpClient, + baseURL+AuthorizationServiceGetDecisionsByTokenProcedure, + connect.WithSchema(authorizationServiceGetDecisionsByTokenMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getEntitlements: connect.NewClient[authorization.GetEntitlementsRequest, authorization.GetEntitlementsResponse]( + httpClient, + baseURL+AuthorizationServiceGetEntitlementsProcedure, + connect.WithSchema(authorizationServiceGetEntitlementsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// authorizationServiceClient implements AuthorizationServiceClient. +type authorizationServiceClient struct { + getDecisions *connect.Client[authorization.GetDecisionsRequest, authorization.GetDecisionsResponse] + getDecisionsByToken *connect.Client[authorization.GetDecisionsByTokenRequest, authorization.GetDecisionsByTokenResponse] + getEntitlements *connect.Client[authorization.GetEntitlementsRequest, authorization.GetEntitlementsResponse] +} + +// GetDecisions calls authorization.AuthorizationService.GetDecisions. +func (c *authorizationServiceClient) GetDecisions(ctx context.Context, req *connect.Request[authorization.GetDecisionsRequest]) (*connect.Response[authorization.GetDecisionsResponse], error) { + return c.getDecisions.CallUnary(ctx, req) +} + +// GetDecisionsByToken calls authorization.AuthorizationService.GetDecisionsByToken. +func (c *authorizationServiceClient) GetDecisionsByToken(ctx context.Context, req *connect.Request[authorization.GetDecisionsByTokenRequest]) (*connect.Response[authorization.GetDecisionsByTokenResponse], error) { + return c.getDecisionsByToken.CallUnary(ctx, req) +} + +// GetEntitlements calls authorization.AuthorizationService.GetEntitlements. +func (c *authorizationServiceClient) GetEntitlements(ctx context.Context, req *connect.Request[authorization.GetEntitlementsRequest]) (*connect.Response[authorization.GetEntitlementsResponse], error) { + return c.getEntitlements.CallUnary(ctx, req) +} + +// AuthorizationServiceHandler is an implementation of the authorization.AuthorizationService +// service. +type AuthorizationServiceHandler interface { + GetDecisions(context.Context, *connect.Request[authorization.GetDecisionsRequest]) (*connect.Response[authorization.GetDecisionsResponse], error) + GetDecisionsByToken(context.Context, *connect.Request[authorization.GetDecisionsByTokenRequest]) (*connect.Response[authorization.GetDecisionsByTokenResponse], error) + GetEntitlements(context.Context, *connect.Request[authorization.GetEntitlementsRequest]) (*connect.Response[authorization.GetEntitlementsResponse], error) +} + +// NewAuthorizationServiceHandler builds an HTTP handler from the service implementation. It returns +// the path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewAuthorizationServiceHandler(svc AuthorizationServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + authorizationServiceGetDecisionsHandler := connect.NewUnaryHandler( + AuthorizationServiceGetDecisionsProcedure, + svc.GetDecisions, + connect.WithSchema(authorizationServiceGetDecisionsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + authorizationServiceGetDecisionsByTokenHandler := connect.NewUnaryHandler( + AuthorizationServiceGetDecisionsByTokenProcedure, + svc.GetDecisionsByToken, + connect.WithSchema(authorizationServiceGetDecisionsByTokenMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + authorizationServiceGetEntitlementsHandler := connect.NewUnaryHandler( + AuthorizationServiceGetEntitlementsProcedure, + svc.GetEntitlements, + connect.WithSchema(authorizationServiceGetEntitlementsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/authorization.AuthorizationService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case AuthorizationServiceGetDecisionsProcedure: + authorizationServiceGetDecisionsHandler.ServeHTTP(w, r) + case AuthorizationServiceGetDecisionsByTokenProcedure: + authorizationServiceGetDecisionsByTokenHandler.ServeHTTP(w, r) + case AuthorizationServiceGetEntitlementsProcedure: + authorizationServiceGetEntitlementsHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedAuthorizationServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedAuthorizationServiceHandler struct{} + +func (UnimplementedAuthorizationServiceHandler) GetDecisions(context.Context, *connect.Request[authorization.GetDecisionsRequest]) (*connect.Response[authorization.GetDecisionsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("authorization.AuthorizationService.GetDecisions is not implemented")) +} + +func (UnimplementedAuthorizationServiceHandler) GetDecisionsByToken(context.Context, *connect.Request[authorization.GetDecisionsByTokenRequest]) (*connect.Response[authorization.GetDecisionsByTokenResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("authorization.AuthorizationService.GetDecisionsByToken is not implemented")) +} + +func (UnimplementedAuthorizationServiceHandler) GetEntitlements(context.Context, *connect.Request[authorization.GetEntitlementsRequest]) (*connect.Response[authorization.GetEntitlementsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("authorization.AuthorizationService.GetEntitlements is not implemented")) +} diff --git a/protocol/go/entityresolution/entityresolutionconnect/entity_resolution.connect.go b/protocol/go/entityresolution/entityresolutionconnect/entity_resolution.connect.go new file mode 100644 index 0000000000..05aeae6492 --- /dev/null +++ b/protocol/go/entityresolution/entityresolutionconnect/entity_resolution.connect.go @@ -0,0 +1,145 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: entityresolution/entity_resolution.proto + +package entityresolutionconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + entityresolution "github.com/opentdf/platform/protocol/go/entityresolution" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // EntityResolutionServiceName is the fully-qualified name of the EntityResolutionService service. + EntityResolutionServiceName = "entityresolution.EntityResolutionService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // EntityResolutionServiceResolveEntitiesProcedure is the fully-qualified name of the + // EntityResolutionService's ResolveEntities RPC. + EntityResolutionServiceResolveEntitiesProcedure = "/entityresolution.EntityResolutionService/ResolveEntities" + // EntityResolutionServiceCreateEntityChainFromJwtProcedure is the fully-qualified name of the + // EntityResolutionService's CreateEntityChainFromJwt RPC. + EntityResolutionServiceCreateEntityChainFromJwtProcedure = "/entityresolution.EntityResolutionService/CreateEntityChainFromJwt" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + entityResolutionServiceServiceDescriptor = entityresolution.File_entityresolution_entity_resolution_proto.Services().ByName("EntityResolutionService") + entityResolutionServiceResolveEntitiesMethodDescriptor = entityResolutionServiceServiceDescriptor.Methods().ByName("ResolveEntities") + entityResolutionServiceCreateEntityChainFromJwtMethodDescriptor = entityResolutionServiceServiceDescriptor.Methods().ByName("CreateEntityChainFromJwt") +) + +// EntityResolutionServiceClient is a client for the entityresolution.EntityResolutionService +// service. +type EntityResolutionServiceClient interface { + ResolveEntities(context.Context, *connect.Request[entityresolution.ResolveEntitiesRequest]) (*connect.Response[entityresolution.ResolveEntitiesResponse], error) + CreateEntityChainFromJwt(context.Context, *connect.Request[entityresolution.CreateEntityChainFromJwtRequest]) (*connect.Response[entityresolution.CreateEntityChainFromJwtResponse], error) +} + +// NewEntityResolutionServiceClient constructs a client for the +// entityresolution.EntityResolutionService service. By default, it uses the Connect protocol with +// the binary Protobuf Codec, asks for gzipped responses, and sends uncompressed requests. To use +// the gRPC or gRPC-Web protocols, supply the connect.WithGRPC() or connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewEntityResolutionServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) EntityResolutionServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &entityResolutionServiceClient{ + resolveEntities: connect.NewClient[entityresolution.ResolveEntitiesRequest, entityresolution.ResolveEntitiesResponse]( + httpClient, + baseURL+EntityResolutionServiceResolveEntitiesProcedure, + connect.WithSchema(entityResolutionServiceResolveEntitiesMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createEntityChainFromJwt: connect.NewClient[entityresolution.CreateEntityChainFromJwtRequest, entityresolution.CreateEntityChainFromJwtResponse]( + httpClient, + baseURL+EntityResolutionServiceCreateEntityChainFromJwtProcedure, + connect.WithSchema(entityResolutionServiceCreateEntityChainFromJwtMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// entityResolutionServiceClient implements EntityResolutionServiceClient. +type entityResolutionServiceClient struct { + resolveEntities *connect.Client[entityresolution.ResolveEntitiesRequest, entityresolution.ResolveEntitiesResponse] + createEntityChainFromJwt *connect.Client[entityresolution.CreateEntityChainFromJwtRequest, entityresolution.CreateEntityChainFromJwtResponse] +} + +// ResolveEntities calls entityresolution.EntityResolutionService.ResolveEntities. +func (c *entityResolutionServiceClient) ResolveEntities(ctx context.Context, req *connect.Request[entityresolution.ResolveEntitiesRequest]) (*connect.Response[entityresolution.ResolveEntitiesResponse], error) { + return c.resolveEntities.CallUnary(ctx, req) +} + +// CreateEntityChainFromJwt calls entityresolution.EntityResolutionService.CreateEntityChainFromJwt. +func (c *entityResolutionServiceClient) CreateEntityChainFromJwt(ctx context.Context, req *connect.Request[entityresolution.CreateEntityChainFromJwtRequest]) (*connect.Response[entityresolution.CreateEntityChainFromJwtResponse], error) { + return c.createEntityChainFromJwt.CallUnary(ctx, req) +} + +// EntityResolutionServiceHandler is an implementation of the +// entityresolution.EntityResolutionService service. +type EntityResolutionServiceHandler interface { + ResolveEntities(context.Context, *connect.Request[entityresolution.ResolveEntitiesRequest]) (*connect.Response[entityresolution.ResolveEntitiesResponse], error) + CreateEntityChainFromJwt(context.Context, *connect.Request[entityresolution.CreateEntityChainFromJwtRequest]) (*connect.Response[entityresolution.CreateEntityChainFromJwtResponse], error) +} + +// NewEntityResolutionServiceHandler builds an HTTP handler from the service implementation. It +// returns the path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewEntityResolutionServiceHandler(svc EntityResolutionServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + entityResolutionServiceResolveEntitiesHandler := connect.NewUnaryHandler( + EntityResolutionServiceResolveEntitiesProcedure, + svc.ResolveEntities, + connect.WithSchema(entityResolutionServiceResolveEntitiesMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + entityResolutionServiceCreateEntityChainFromJwtHandler := connect.NewUnaryHandler( + EntityResolutionServiceCreateEntityChainFromJwtProcedure, + svc.CreateEntityChainFromJwt, + connect.WithSchema(entityResolutionServiceCreateEntityChainFromJwtMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/entityresolution.EntityResolutionService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case EntityResolutionServiceResolveEntitiesProcedure: + entityResolutionServiceResolveEntitiesHandler.ServeHTTP(w, r) + case EntityResolutionServiceCreateEntityChainFromJwtProcedure: + entityResolutionServiceCreateEntityChainFromJwtHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedEntityResolutionServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedEntityResolutionServiceHandler struct{} + +func (UnimplementedEntityResolutionServiceHandler) ResolveEntities(context.Context, *connect.Request[entityresolution.ResolveEntitiesRequest]) (*connect.Response[entityresolution.ResolveEntitiesResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("entityresolution.EntityResolutionService.ResolveEntities is not implemented")) +} + +func (UnimplementedEntityResolutionServiceHandler) CreateEntityChainFromJwt(context.Context, *connect.Request[entityresolution.CreateEntityChainFromJwtRequest]) (*connect.Response[entityresolution.CreateEntityChainFromJwtResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("entityresolution.EntityResolutionService.CreateEntityChainFromJwt is not implemented")) +} diff --git a/protocol/go/go.mod b/protocol/go/go.mod index 6bf4c6dfca..095c29e6fc 100644 --- a/protocol/go/go.mod +++ b/protocol/go/go.mod @@ -4,10 +4,11 @@ go 1.21 require ( buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.33.0-20240221180331-f05a6f4403ce.1 + connectrpc.com/connect v1.17.0 github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 google.golang.org/genproto/googleapis/api v0.0.0-20240311173647-c811ad7063a7 google.golang.org/grpc v1.62.1 - google.golang.org/protobuf v1.33.0 + google.golang.org/protobuf v1.34.2 ) require ( diff --git a/protocol/go/go.sum b/protocol/go/go.sum index 273670cc83..12d5c4bb59 100644 --- a/protocol/go/go.sum +++ b/protocol/go/go.sum @@ -1,5 +1,7 @@ buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.33.0-20240221180331-f05a6f4403ce.1 h1:0nWhrRcnkgw1kwJ7xibIO8bqfOA7pBzBjGCDBxIHch8= buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.33.0-20240221180331-f05a6f4403ce.1/go.mod h1:Tgn5bgL220vkFOI0KPStlcClPeOJzAv4uT+V8JXGUnw= +connectrpc.com/connect v1.17.0 h1:W0ZqMhtVzn9Zhn2yATuUokDLO5N+gIuBWMOnsQrfmZk= +connectrpc.com/connect v1.17.0/go.mod h1:0292hj1rnx8oFrStN7cB4jjVBeqs+Yx5yDIC2prWDO8= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= @@ -22,5 +24,6 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7/go. google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= diff --git a/protocol/go/kas/kasconnect/kas.connect.go b/protocol/go/kas/kasconnect/kas.connect.go new file mode 100644 index 0000000000..7af392004f --- /dev/null +++ b/protocol/go/kas/kasconnect/kas.connect.go @@ -0,0 +1,174 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: kas/kas.proto + +package kasconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + kas "github.com/opentdf/platform/protocol/go/kas" + wrapperspb "google.golang.org/protobuf/types/known/wrapperspb" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // AccessServiceName is the fully-qualified name of the AccessService service. + AccessServiceName = "kas.AccessService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // AccessServicePublicKeyProcedure is the fully-qualified name of the AccessService's PublicKey RPC. + AccessServicePublicKeyProcedure = "/kas.AccessService/PublicKey" + // AccessServiceLegacyPublicKeyProcedure is the fully-qualified name of the AccessService's + // LegacyPublicKey RPC. + AccessServiceLegacyPublicKeyProcedure = "/kas.AccessService/LegacyPublicKey" + // AccessServiceRewrapProcedure is the fully-qualified name of the AccessService's Rewrap RPC. + AccessServiceRewrapProcedure = "/kas.AccessService/Rewrap" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + accessServiceServiceDescriptor = kas.File_kas_kas_proto.Services().ByName("AccessService") + accessServicePublicKeyMethodDescriptor = accessServiceServiceDescriptor.Methods().ByName("PublicKey") + accessServiceLegacyPublicKeyMethodDescriptor = accessServiceServiceDescriptor.Methods().ByName("LegacyPublicKey") + accessServiceRewrapMethodDescriptor = accessServiceServiceDescriptor.Methods().ByName("Rewrap") +) + +// AccessServiceClient is a client for the kas.AccessService service. +type AccessServiceClient interface { + PublicKey(context.Context, *connect.Request[kas.PublicKeyRequest]) (*connect.Response[kas.PublicKeyResponse], error) + // buf:lint:ignore RPC_RESPONSE_STANDARD_NAME + LegacyPublicKey(context.Context, *connect.Request[kas.LegacyPublicKeyRequest]) (*connect.Response[wrapperspb.StringValue], error) + Rewrap(context.Context, *connect.Request[kas.RewrapRequest]) (*connect.Response[kas.RewrapResponse], error) +} + +// NewAccessServiceClient constructs a client for the kas.AccessService service. By default, it uses +// the Connect protocol with the binary Protobuf Codec, asks for gzipped responses, and sends +// uncompressed requests. To use the gRPC or gRPC-Web protocols, supply the connect.WithGRPC() or +// connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewAccessServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) AccessServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &accessServiceClient{ + publicKey: connect.NewClient[kas.PublicKeyRequest, kas.PublicKeyResponse]( + httpClient, + baseURL+AccessServicePublicKeyProcedure, + connect.WithSchema(accessServicePublicKeyMethodDescriptor), + connect.WithClientOptions(opts...), + ), + legacyPublicKey: connect.NewClient[kas.LegacyPublicKeyRequest, wrapperspb.StringValue]( + httpClient, + baseURL+AccessServiceLegacyPublicKeyProcedure, + connect.WithSchema(accessServiceLegacyPublicKeyMethodDescriptor), + connect.WithClientOptions(opts...), + ), + rewrap: connect.NewClient[kas.RewrapRequest, kas.RewrapResponse]( + httpClient, + baseURL+AccessServiceRewrapProcedure, + connect.WithSchema(accessServiceRewrapMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// accessServiceClient implements AccessServiceClient. +type accessServiceClient struct { + publicKey *connect.Client[kas.PublicKeyRequest, kas.PublicKeyResponse] + legacyPublicKey *connect.Client[kas.LegacyPublicKeyRequest, wrapperspb.StringValue] + rewrap *connect.Client[kas.RewrapRequest, kas.RewrapResponse] +} + +// PublicKey calls kas.AccessService.PublicKey. +func (c *accessServiceClient) PublicKey(ctx context.Context, req *connect.Request[kas.PublicKeyRequest]) (*connect.Response[kas.PublicKeyResponse], error) { + return c.publicKey.CallUnary(ctx, req) +} + +// LegacyPublicKey calls kas.AccessService.LegacyPublicKey. +func (c *accessServiceClient) LegacyPublicKey(ctx context.Context, req *connect.Request[kas.LegacyPublicKeyRequest]) (*connect.Response[wrapperspb.StringValue], error) { + return c.legacyPublicKey.CallUnary(ctx, req) +} + +// Rewrap calls kas.AccessService.Rewrap. +func (c *accessServiceClient) Rewrap(ctx context.Context, req *connect.Request[kas.RewrapRequest]) (*connect.Response[kas.RewrapResponse], error) { + return c.rewrap.CallUnary(ctx, req) +} + +// AccessServiceHandler is an implementation of the kas.AccessService service. +type AccessServiceHandler interface { + PublicKey(context.Context, *connect.Request[kas.PublicKeyRequest]) (*connect.Response[kas.PublicKeyResponse], error) + // buf:lint:ignore RPC_RESPONSE_STANDARD_NAME + LegacyPublicKey(context.Context, *connect.Request[kas.LegacyPublicKeyRequest]) (*connect.Response[wrapperspb.StringValue], error) + Rewrap(context.Context, *connect.Request[kas.RewrapRequest]) (*connect.Response[kas.RewrapResponse], error) +} + +// NewAccessServiceHandler builds an HTTP handler from the service implementation. It returns the +// path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewAccessServiceHandler(svc AccessServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + accessServicePublicKeyHandler := connect.NewUnaryHandler( + AccessServicePublicKeyProcedure, + svc.PublicKey, + connect.WithSchema(accessServicePublicKeyMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + accessServiceLegacyPublicKeyHandler := connect.NewUnaryHandler( + AccessServiceLegacyPublicKeyProcedure, + svc.LegacyPublicKey, + connect.WithSchema(accessServiceLegacyPublicKeyMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + accessServiceRewrapHandler := connect.NewUnaryHandler( + AccessServiceRewrapProcedure, + svc.Rewrap, + connect.WithSchema(accessServiceRewrapMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/kas.AccessService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case AccessServicePublicKeyProcedure: + accessServicePublicKeyHandler.ServeHTTP(w, r) + case AccessServiceLegacyPublicKeyProcedure: + accessServiceLegacyPublicKeyHandler.ServeHTTP(w, r) + case AccessServiceRewrapProcedure: + accessServiceRewrapHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedAccessServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedAccessServiceHandler struct{} + +func (UnimplementedAccessServiceHandler) PublicKey(context.Context, *connect.Request[kas.PublicKeyRequest]) (*connect.Response[kas.PublicKeyResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("kas.AccessService.PublicKey is not implemented")) +} + +func (UnimplementedAccessServiceHandler) LegacyPublicKey(context.Context, *connect.Request[kas.LegacyPublicKeyRequest]) (*connect.Response[wrapperspb.StringValue], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("kas.AccessService.LegacyPublicKey is not implemented")) +} + +func (UnimplementedAccessServiceHandler) Rewrap(context.Context, *connect.Request[kas.RewrapRequest]) (*connect.Response[kas.RewrapResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("kas.AccessService.Rewrap is not implemented")) +} diff --git a/protocol/go/policy/attributes/attributesconnect/attributes.connect.go b/protocol/go/policy/attributes/attributesconnect/attributes.connect.go new file mode 100644 index 0000000000..bcb8fb964d --- /dev/null +++ b/protocol/go/policy/attributes/attributesconnect/attributes.connect.go @@ -0,0 +1,555 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: policy/attributes/attributes.proto + +package attributesconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + attributes "github.com/opentdf/platform/protocol/go/policy/attributes" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // AttributesServiceName is the fully-qualified name of the AttributesService service. + AttributesServiceName = "policy.attributes.AttributesService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // AttributesServiceListAttributesProcedure is the fully-qualified name of the AttributesService's + // ListAttributes RPC. + AttributesServiceListAttributesProcedure = "/policy.attributes.AttributesService/ListAttributes" + // AttributesServiceListAttributeValuesProcedure is the fully-qualified name of the + // AttributesService's ListAttributeValues RPC. + AttributesServiceListAttributeValuesProcedure = "/policy.attributes.AttributesService/ListAttributeValues" + // AttributesServiceGetAttributeProcedure is the fully-qualified name of the AttributesService's + // GetAttribute RPC. + AttributesServiceGetAttributeProcedure = "/policy.attributes.AttributesService/GetAttribute" + // AttributesServiceGetAttributeValuesByFqnsProcedure is the fully-qualified name of the + // AttributesService's GetAttributeValuesByFqns RPC. + AttributesServiceGetAttributeValuesByFqnsProcedure = "/policy.attributes.AttributesService/GetAttributeValuesByFqns" + // AttributesServiceCreateAttributeProcedure is the fully-qualified name of the AttributesService's + // CreateAttribute RPC. + AttributesServiceCreateAttributeProcedure = "/policy.attributes.AttributesService/CreateAttribute" + // AttributesServiceUpdateAttributeProcedure is the fully-qualified name of the AttributesService's + // UpdateAttribute RPC. + AttributesServiceUpdateAttributeProcedure = "/policy.attributes.AttributesService/UpdateAttribute" + // AttributesServiceDeactivateAttributeProcedure is the fully-qualified name of the + // AttributesService's DeactivateAttribute RPC. + AttributesServiceDeactivateAttributeProcedure = "/policy.attributes.AttributesService/DeactivateAttribute" + // AttributesServiceGetAttributeValueProcedure is the fully-qualified name of the + // AttributesService's GetAttributeValue RPC. + AttributesServiceGetAttributeValueProcedure = "/policy.attributes.AttributesService/GetAttributeValue" + // AttributesServiceCreateAttributeValueProcedure is the fully-qualified name of the + // AttributesService's CreateAttributeValue RPC. + AttributesServiceCreateAttributeValueProcedure = "/policy.attributes.AttributesService/CreateAttributeValue" + // AttributesServiceUpdateAttributeValueProcedure is the fully-qualified name of the + // AttributesService's UpdateAttributeValue RPC. + AttributesServiceUpdateAttributeValueProcedure = "/policy.attributes.AttributesService/UpdateAttributeValue" + // AttributesServiceDeactivateAttributeValueProcedure is the fully-qualified name of the + // AttributesService's DeactivateAttributeValue RPC. + AttributesServiceDeactivateAttributeValueProcedure = "/policy.attributes.AttributesService/DeactivateAttributeValue" + // AttributesServiceAssignKeyAccessServerToAttributeProcedure is the fully-qualified name of the + // AttributesService's AssignKeyAccessServerToAttribute RPC. + AttributesServiceAssignKeyAccessServerToAttributeProcedure = "/policy.attributes.AttributesService/AssignKeyAccessServerToAttribute" + // AttributesServiceRemoveKeyAccessServerFromAttributeProcedure is the fully-qualified name of the + // AttributesService's RemoveKeyAccessServerFromAttribute RPC. + AttributesServiceRemoveKeyAccessServerFromAttributeProcedure = "/policy.attributes.AttributesService/RemoveKeyAccessServerFromAttribute" + // AttributesServiceAssignKeyAccessServerToValueProcedure is the fully-qualified name of the + // AttributesService's AssignKeyAccessServerToValue RPC. + AttributesServiceAssignKeyAccessServerToValueProcedure = "/policy.attributes.AttributesService/AssignKeyAccessServerToValue" + // AttributesServiceRemoveKeyAccessServerFromValueProcedure is the fully-qualified name of the + // AttributesService's RemoveKeyAccessServerFromValue RPC. + AttributesServiceRemoveKeyAccessServerFromValueProcedure = "/policy.attributes.AttributesService/RemoveKeyAccessServerFromValue" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + attributesServiceServiceDescriptor = attributes.File_policy_attributes_attributes_proto.Services().ByName("AttributesService") + attributesServiceListAttributesMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("ListAttributes") + attributesServiceListAttributeValuesMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("ListAttributeValues") + attributesServiceGetAttributeMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("GetAttribute") + attributesServiceGetAttributeValuesByFqnsMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("GetAttributeValuesByFqns") + attributesServiceCreateAttributeMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("CreateAttribute") + attributesServiceUpdateAttributeMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("UpdateAttribute") + attributesServiceDeactivateAttributeMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("DeactivateAttribute") + attributesServiceGetAttributeValueMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("GetAttributeValue") + attributesServiceCreateAttributeValueMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("CreateAttributeValue") + attributesServiceUpdateAttributeValueMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("UpdateAttributeValue") + attributesServiceDeactivateAttributeValueMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("DeactivateAttributeValue") + attributesServiceAssignKeyAccessServerToAttributeMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("AssignKeyAccessServerToAttribute") + attributesServiceRemoveKeyAccessServerFromAttributeMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("RemoveKeyAccessServerFromAttribute") + attributesServiceAssignKeyAccessServerToValueMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("AssignKeyAccessServerToValue") + attributesServiceRemoveKeyAccessServerFromValueMethodDescriptor = attributesServiceServiceDescriptor.Methods().ByName("RemoveKeyAccessServerFromValue") +) + +// AttributesServiceClient is a client for the policy.attributes.AttributesService service. +type AttributesServiceClient interface { + // --------------------------------------* + // Attribute RPCs + // --------------------------------------- + ListAttributes(context.Context, *connect.Request[attributes.ListAttributesRequest]) (*connect.Response[attributes.ListAttributesResponse], error) + ListAttributeValues(context.Context, *connect.Request[attributes.ListAttributeValuesRequest]) (*connect.Response[attributes.ListAttributeValuesResponse], error) + GetAttribute(context.Context, *connect.Request[attributes.GetAttributeRequest]) (*connect.Response[attributes.GetAttributeResponse], error) + GetAttributeValuesByFqns(context.Context, *connect.Request[attributes.GetAttributeValuesByFqnsRequest]) (*connect.Response[attributes.GetAttributeValuesByFqnsResponse], error) + CreateAttribute(context.Context, *connect.Request[attributes.CreateAttributeRequest]) (*connect.Response[attributes.CreateAttributeResponse], error) + UpdateAttribute(context.Context, *connect.Request[attributes.UpdateAttributeRequest]) (*connect.Response[attributes.UpdateAttributeResponse], error) + DeactivateAttribute(context.Context, *connect.Request[attributes.DeactivateAttributeRequest]) (*connect.Response[attributes.DeactivateAttributeResponse], error) + // --------------------------------------* + // Value RPCs + // --------------------------------------- + GetAttributeValue(context.Context, *connect.Request[attributes.GetAttributeValueRequest]) (*connect.Response[attributes.GetAttributeValueResponse], error) + CreateAttributeValue(context.Context, *connect.Request[attributes.CreateAttributeValueRequest]) (*connect.Response[attributes.CreateAttributeValueResponse], error) + UpdateAttributeValue(context.Context, *connect.Request[attributes.UpdateAttributeValueRequest]) (*connect.Response[attributes.UpdateAttributeValueResponse], error) + DeactivateAttributeValue(context.Context, *connect.Request[attributes.DeactivateAttributeValueRequest]) (*connect.Response[attributes.DeactivateAttributeValueResponse], error) + // --------------------------------------* + // Attribute <> Key Access Server RPCs + // --------------------------------------- + AssignKeyAccessServerToAttribute(context.Context, *connect.Request[attributes.AssignKeyAccessServerToAttributeRequest]) (*connect.Response[attributes.AssignKeyAccessServerToAttributeResponse], error) + RemoveKeyAccessServerFromAttribute(context.Context, *connect.Request[attributes.RemoveKeyAccessServerFromAttributeRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromAttributeResponse], error) + AssignKeyAccessServerToValue(context.Context, *connect.Request[attributes.AssignKeyAccessServerToValueRequest]) (*connect.Response[attributes.AssignKeyAccessServerToValueResponse], error) + RemoveKeyAccessServerFromValue(context.Context, *connect.Request[attributes.RemoveKeyAccessServerFromValueRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromValueResponse], error) +} + +// NewAttributesServiceClient constructs a client for the policy.attributes.AttributesService +// service. By default, it uses the Connect protocol with the binary Protobuf Codec, asks for +// gzipped responses, and sends uncompressed requests. To use the gRPC or gRPC-Web protocols, supply +// the connect.WithGRPC() or connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewAttributesServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) AttributesServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &attributesServiceClient{ + listAttributes: connect.NewClient[attributes.ListAttributesRequest, attributes.ListAttributesResponse]( + httpClient, + baseURL+AttributesServiceListAttributesProcedure, + connect.WithSchema(attributesServiceListAttributesMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listAttributeValues: connect.NewClient[attributes.ListAttributeValuesRequest, attributes.ListAttributeValuesResponse]( + httpClient, + baseURL+AttributesServiceListAttributeValuesProcedure, + connect.WithSchema(attributesServiceListAttributeValuesMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getAttribute: connect.NewClient[attributes.GetAttributeRequest, attributes.GetAttributeResponse]( + httpClient, + baseURL+AttributesServiceGetAttributeProcedure, + connect.WithSchema(attributesServiceGetAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getAttributeValuesByFqns: connect.NewClient[attributes.GetAttributeValuesByFqnsRequest, attributes.GetAttributeValuesByFqnsResponse]( + httpClient, + baseURL+AttributesServiceGetAttributeValuesByFqnsProcedure, + connect.WithSchema(attributesServiceGetAttributeValuesByFqnsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createAttribute: connect.NewClient[attributes.CreateAttributeRequest, attributes.CreateAttributeResponse]( + httpClient, + baseURL+AttributesServiceCreateAttributeProcedure, + connect.WithSchema(attributesServiceCreateAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateAttribute: connect.NewClient[attributes.UpdateAttributeRequest, attributes.UpdateAttributeResponse]( + httpClient, + baseURL+AttributesServiceUpdateAttributeProcedure, + connect.WithSchema(attributesServiceUpdateAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deactivateAttribute: connect.NewClient[attributes.DeactivateAttributeRequest, attributes.DeactivateAttributeResponse]( + httpClient, + baseURL+AttributesServiceDeactivateAttributeProcedure, + connect.WithSchema(attributesServiceDeactivateAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getAttributeValue: connect.NewClient[attributes.GetAttributeValueRequest, attributes.GetAttributeValueResponse]( + httpClient, + baseURL+AttributesServiceGetAttributeValueProcedure, + connect.WithSchema(attributesServiceGetAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createAttributeValue: connect.NewClient[attributes.CreateAttributeValueRequest, attributes.CreateAttributeValueResponse]( + httpClient, + baseURL+AttributesServiceCreateAttributeValueProcedure, + connect.WithSchema(attributesServiceCreateAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateAttributeValue: connect.NewClient[attributes.UpdateAttributeValueRequest, attributes.UpdateAttributeValueResponse]( + httpClient, + baseURL+AttributesServiceUpdateAttributeValueProcedure, + connect.WithSchema(attributesServiceUpdateAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deactivateAttributeValue: connect.NewClient[attributes.DeactivateAttributeValueRequest, attributes.DeactivateAttributeValueResponse]( + httpClient, + baseURL+AttributesServiceDeactivateAttributeValueProcedure, + connect.WithSchema(attributesServiceDeactivateAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + assignKeyAccessServerToAttribute: connect.NewClient[attributes.AssignKeyAccessServerToAttributeRequest, attributes.AssignKeyAccessServerToAttributeResponse]( + httpClient, + baseURL+AttributesServiceAssignKeyAccessServerToAttributeProcedure, + connect.WithSchema(attributesServiceAssignKeyAccessServerToAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + removeKeyAccessServerFromAttribute: connect.NewClient[attributes.RemoveKeyAccessServerFromAttributeRequest, attributes.RemoveKeyAccessServerFromAttributeResponse]( + httpClient, + baseURL+AttributesServiceRemoveKeyAccessServerFromAttributeProcedure, + connect.WithSchema(attributesServiceRemoveKeyAccessServerFromAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + assignKeyAccessServerToValue: connect.NewClient[attributes.AssignKeyAccessServerToValueRequest, attributes.AssignKeyAccessServerToValueResponse]( + httpClient, + baseURL+AttributesServiceAssignKeyAccessServerToValueProcedure, + connect.WithSchema(attributesServiceAssignKeyAccessServerToValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + removeKeyAccessServerFromValue: connect.NewClient[attributes.RemoveKeyAccessServerFromValueRequest, attributes.RemoveKeyAccessServerFromValueResponse]( + httpClient, + baseURL+AttributesServiceRemoveKeyAccessServerFromValueProcedure, + connect.WithSchema(attributesServiceRemoveKeyAccessServerFromValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// attributesServiceClient implements AttributesServiceClient. +type attributesServiceClient struct { + listAttributes *connect.Client[attributes.ListAttributesRequest, attributes.ListAttributesResponse] + listAttributeValues *connect.Client[attributes.ListAttributeValuesRequest, attributes.ListAttributeValuesResponse] + getAttribute *connect.Client[attributes.GetAttributeRequest, attributes.GetAttributeResponse] + getAttributeValuesByFqns *connect.Client[attributes.GetAttributeValuesByFqnsRequest, attributes.GetAttributeValuesByFqnsResponse] + createAttribute *connect.Client[attributes.CreateAttributeRequest, attributes.CreateAttributeResponse] + updateAttribute *connect.Client[attributes.UpdateAttributeRequest, attributes.UpdateAttributeResponse] + deactivateAttribute *connect.Client[attributes.DeactivateAttributeRequest, attributes.DeactivateAttributeResponse] + getAttributeValue *connect.Client[attributes.GetAttributeValueRequest, attributes.GetAttributeValueResponse] + createAttributeValue *connect.Client[attributes.CreateAttributeValueRequest, attributes.CreateAttributeValueResponse] + updateAttributeValue *connect.Client[attributes.UpdateAttributeValueRequest, attributes.UpdateAttributeValueResponse] + deactivateAttributeValue *connect.Client[attributes.DeactivateAttributeValueRequest, attributes.DeactivateAttributeValueResponse] + assignKeyAccessServerToAttribute *connect.Client[attributes.AssignKeyAccessServerToAttributeRequest, attributes.AssignKeyAccessServerToAttributeResponse] + removeKeyAccessServerFromAttribute *connect.Client[attributes.RemoveKeyAccessServerFromAttributeRequest, attributes.RemoveKeyAccessServerFromAttributeResponse] + assignKeyAccessServerToValue *connect.Client[attributes.AssignKeyAccessServerToValueRequest, attributes.AssignKeyAccessServerToValueResponse] + removeKeyAccessServerFromValue *connect.Client[attributes.RemoveKeyAccessServerFromValueRequest, attributes.RemoveKeyAccessServerFromValueResponse] +} + +// ListAttributes calls policy.attributes.AttributesService.ListAttributes. +func (c *attributesServiceClient) ListAttributes(ctx context.Context, req *connect.Request[attributes.ListAttributesRequest]) (*connect.Response[attributes.ListAttributesResponse], error) { + return c.listAttributes.CallUnary(ctx, req) +} + +// ListAttributeValues calls policy.attributes.AttributesService.ListAttributeValues. +func (c *attributesServiceClient) ListAttributeValues(ctx context.Context, req *connect.Request[attributes.ListAttributeValuesRequest]) (*connect.Response[attributes.ListAttributeValuesResponse], error) { + return c.listAttributeValues.CallUnary(ctx, req) +} + +// GetAttribute calls policy.attributes.AttributesService.GetAttribute. +func (c *attributesServiceClient) GetAttribute(ctx context.Context, req *connect.Request[attributes.GetAttributeRequest]) (*connect.Response[attributes.GetAttributeResponse], error) { + return c.getAttribute.CallUnary(ctx, req) +} + +// GetAttributeValuesByFqns calls policy.attributes.AttributesService.GetAttributeValuesByFqns. +func (c *attributesServiceClient) GetAttributeValuesByFqns(ctx context.Context, req *connect.Request[attributes.GetAttributeValuesByFqnsRequest]) (*connect.Response[attributes.GetAttributeValuesByFqnsResponse], error) { + return c.getAttributeValuesByFqns.CallUnary(ctx, req) +} + +// CreateAttribute calls policy.attributes.AttributesService.CreateAttribute. +func (c *attributesServiceClient) CreateAttribute(ctx context.Context, req *connect.Request[attributes.CreateAttributeRequest]) (*connect.Response[attributes.CreateAttributeResponse], error) { + return c.createAttribute.CallUnary(ctx, req) +} + +// UpdateAttribute calls policy.attributes.AttributesService.UpdateAttribute. +func (c *attributesServiceClient) UpdateAttribute(ctx context.Context, req *connect.Request[attributes.UpdateAttributeRequest]) (*connect.Response[attributes.UpdateAttributeResponse], error) { + return c.updateAttribute.CallUnary(ctx, req) +} + +// DeactivateAttribute calls policy.attributes.AttributesService.DeactivateAttribute. +func (c *attributesServiceClient) DeactivateAttribute(ctx context.Context, req *connect.Request[attributes.DeactivateAttributeRequest]) (*connect.Response[attributes.DeactivateAttributeResponse], error) { + return c.deactivateAttribute.CallUnary(ctx, req) +} + +// GetAttributeValue calls policy.attributes.AttributesService.GetAttributeValue. +func (c *attributesServiceClient) GetAttributeValue(ctx context.Context, req *connect.Request[attributes.GetAttributeValueRequest]) (*connect.Response[attributes.GetAttributeValueResponse], error) { + return c.getAttributeValue.CallUnary(ctx, req) +} + +// CreateAttributeValue calls policy.attributes.AttributesService.CreateAttributeValue. +func (c *attributesServiceClient) CreateAttributeValue(ctx context.Context, req *connect.Request[attributes.CreateAttributeValueRequest]) (*connect.Response[attributes.CreateAttributeValueResponse], error) { + return c.createAttributeValue.CallUnary(ctx, req) +} + +// UpdateAttributeValue calls policy.attributes.AttributesService.UpdateAttributeValue. +func (c *attributesServiceClient) UpdateAttributeValue(ctx context.Context, req *connect.Request[attributes.UpdateAttributeValueRequest]) (*connect.Response[attributes.UpdateAttributeValueResponse], error) { + return c.updateAttributeValue.CallUnary(ctx, req) +} + +// DeactivateAttributeValue calls policy.attributes.AttributesService.DeactivateAttributeValue. +func (c *attributesServiceClient) DeactivateAttributeValue(ctx context.Context, req *connect.Request[attributes.DeactivateAttributeValueRequest]) (*connect.Response[attributes.DeactivateAttributeValueResponse], error) { + return c.deactivateAttributeValue.CallUnary(ctx, req) +} + +// AssignKeyAccessServerToAttribute calls +// policy.attributes.AttributesService.AssignKeyAccessServerToAttribute. +func (c *attributesServiceClient) AssignKeyAccessServerToAttribute(ctx context.Context, req *connect.Request[attributes.AssignKeyAccessServerToAttributeRequest]) (*connect.Response[attributes.AssignKeyAccessServerToAttributeResponse], error) { + return c.assignKeyAccessServerToAttribute.CallUnary(ctx, req) +} + +// RemoveKeyAccessServerFromAttribute calls +// policy.attributes.AttributesService.RemoveKeyAccessServerFromAttribute. +func (c *attributesServiceClient) RemoveKeyAccessServerFromAttribute(ctx context.Context, req *connect.Request[attributes.RemoveKeyAccessServerFromAttributeRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromAttributeResponse], error) { + return c.removeKeyAccessServerFromAttribute.CallUnary(ctx, req) +} + +// AssignKeyAccessServerToValue calls +// policy.attributes.AttributesService.AssignKeyAccessServerToValue. +func (c *attributesServiceClient) AssignKeyAccessServerToValue(ctx context.Context, req *connect.Request[attributes.AssignKeyAccessServerToValueRequest]) (*connect.Response[attributes.AssignKeyAccessServerToValueResponse], error) { + return c.assignKeyAccessServerToValue.CallUnary(ctx, req) +} + +// RemoveKeyAccessServerFromValue calls +// policy.attributes.AttributesService.RemoveKeyAccessServerFromValue. +func (c *attributesServiceClient) RemoveKeyAccessServerFromValue(ctx context.Context, req *connect.Request[attributes.RemoveKeyAccessServerFromValueRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromValueResponse], error) { + return c.removeKeyAccessServerFromValue.CallUnary(ctx, req) +} + +// AttributesServiceHandler is an implementation of the policy.attributes.AttributesService service. +type AttributesServiceHandler interface { + // --------------------------------------* + // Attribute RPCs + // --------------------------------------- + ListAttributes(context.Context, *connect.Request[attributes.ListAttributesRequest]) (*connect.Response[attributes.ListAttributesResponse], error) + ListAttributeValues(context.Context, *connect.Request[attributes.ListAttributeValuesRequest]) (*connect.Response[attributes.ListAttributeValuesResponse], error) + GetAttribute(context.Context, *connect.Request[attributes.GetAttributeRequest]) (*connect.Response[attributes.GetAttributeResponse], error) + GetAttributeValuesByFqns(context.Context, *connect.Request[attributes.GetAttributeValuesByFqnsRequest]) (*connect.Response[attributes.GetAttributeValuesByFqnsResponse], error) + CreateAttribute(context.Context, *connect.Request[attributes.CreateAttributeRequest]) (*connect.Response[attributes.CreateAttributeResponse], error) + UpdateAttribute(context.Context, *connect.Request[attributes.UpdateAttributeRequest]) (*connect.Response[attributes.UpdateAttributeResponse], error) + DeactivateAttribute(context.Context, *connect.Request[attributes.DeactivateAttributeRequest]) (*connect.Response[attributes.DeactivateAttributeResponse], error) + // --------------------------------------* + // Value RPCs + // --------------------------------------- + GetAttributeValue(context.Context, *connect.Request[attributes.GetAttributeValueRequest]) (*connect.Response[attributes.GetAttributeValueResponse], error) + CreateAttributeValue(context.Context, *connect.Request[attributes.CreateAttributeValueRequest]) (*connect.Response[attributes.CreateAttributeValueResponse], error) + UpdateAttributeValue(context.Context, *connect.Request[attributes.UpdateAttributeValueRequest]) (*connect.Response[attributes.UpdateAttributeValueResponse], error) + DeactivateAttributeValue(context.Context, *connect.Request[attributes.DeactivateAttributeValueRequest]) (*connect.Response[attributes.DeactivateAttributeValueResponse], error) + // --------------------------------------* + // Attribute <> Key Access Server RPCs + // --------------------------------------- + AssignKeyAccessServerToAttribute(context.Context, *connect.Request[attributes.AssignKeyAccessServerToAttributeRequest]) (*connect.Response[attributes.AssignKeyAccessServerToAttributeResponse], error) + RemoveKeyAccessServerFromAttribute(context.Context, *connect.Request[attributes.RemoveKeyAccessServerFromAttributeRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromAttributeResponse], error) + AssignKeyAccessServerToValue(context.Context, *connect.Request[attributes.AssignKeyAccessServerToValueRequest]) (*connect.Response[attributes.AssignKeyAccessServerToValueResponse], error) + RemoveKeyAccessServerFromValue(context.Context, *connect.Request[attributes.RemoveKeyAccessServerFromValueRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromValueResponse], error) +} + +// NewAttributesServiceHandler builds an HTTP handler from the service implementation. It returns +// the path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewAttributesServiceHandler(svc AttributesServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + attributesServiceListAttributesHandler := connect.NewUnaryHandler( + AttributesServiceListAttributesProcedure, + svc.ListAttributes, + connect.WithSchema(attributesServiceListAttributesMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceListAttributeValuesHandler := connect.NewUnaryHandler( + AttributesServiceListAttributeValuesProcedure, + svc.ListAttributeValues, + connect.WithSchema(attributesServiceListAttributeValuesMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceGetAttributeHandler := connect.NewUnaryHandler( + AttributesServiceGetAttributeProcedure, + svc.GetAttribute, + connect.WithSchema(attributesServiceGetAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceGetAttributeValuesByFqnsHandler := connect.NewUnaryHandler( + AttributesServiceGetAttributeValuesByFqnsProcedure, + svc.GetAttributeValuesByFqns, + connect.WithSchema(attributesServiceGetAttributeValuesByFqnsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceCreateAttributeHandler := connect.NewUnaryHandler( + AttributesServiceCreateAttributeProcedure, + svc.CreateAttribute, + connect.WithSchema(attributesServiceCreateAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceUpdateAttributeHandler := connect.NewUnaryHandler( + AttributesServiceUpdateAttributeProcedure, + svc.UpdateAttribute, + connect.WithSchema(attributesServiceUpdateAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceDeactivateAttributeHandler := connect.NewUnaryHandler( + AttributesServiceDeactivateAttributeProcedure, + svc.DeactivateAttribute, + connect.WithSchema(attributesServiceDeactivateAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceGetAttributeValueHandler := connect.NewUnaryHandler( + AttributesServiceGetAttributeValueProcedure, + svc.GetAttributeValue, + connect.WithSchema(attributesServiceGetAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceCreateAttributeValueHandler := connect.NewUnaryHandler( + AttributesServiceCreateAttributeValueProcedure, + svc.CreateAttributeValue, + connect.WithSchema(attributesServiceCreateAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceUpdateAttributeValueHandler := connect.NewUnaryHandler( + AttributesServiceUpdateAttributeValueProcedure, + svc.UpdateAttributeValue, + connect.WithSchema(attributesServiceUpdateAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceDeactivateAttributeValueHandler := connect.NewUnaryHandler( + AttributesServiceDeactivateAttributeValueProcedure, + svc.DeactivateAttributeValue, + connect.WithSchema(attributesServiceDeactivateAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceAssignKeyAccessServerToAttributeHandler := connect.NewUnaryHandler( + AttributesServiceAssignKeyAccessServerToAttributeProcedure, + svc.AssignKeyAccessServerToAttribute, + connect.WithSchema(attributesServiceAssignKeyAccessServerToAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceRemoveKeyAccessServerFromAttributeHandler := connect.NewUnaryHandler( + AttributesServiceRemoveKeyAccessServerFromAttributeProcedure, + svc.RemoveKeyAccessServerFromAttribute, + connect.WithSchema(attributesServiceRemoveKeyAccessServerFromAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceAssignKeyAccessServerToValueHandler := connect.NewUnaryHandler( + AttributesServiceAssignKeyAccessServerToValueProcedure, + svc.AssignKeyAccessServerToValue, + connect.WithSchema(attributesServiceAssignKeyAccessServerToValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + attributesServiceRemoveKeyAccessServerFromValueHandler := connect.NewUnaryHandler( + AttributesServiceRemoveKeyAccessServerFromValueProcedure, + svc.RemoveKeyAccessServerFromValue, + connect.WithSchema(attributesServiceRemoveKeyAccessServerFromValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/policy.attributes.AttributesService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case AttributesServiceListAttributesProcedure: + attributesServiceListAttributesHandler.ServeHTTP(w, r) + case AttributesServiceListAttributeValuesProcedure: + attributesServiceListAttributeValuesHandler.ServeHTTP(w, r) + case AttributesServiceGetAttributeProcedure: + attributesServiceGetAttributeHandler.ServeHTTP(w, r) + case AttributesServiceGetAttributeValuesByFqnsProcedure: + attributesServiceGetAttributeValuesByFqnsHandler.ServeHTTP(w, r) + case AttributesServiceCreateAttributeProcedure: + attributesServiceCreateAttributeHandler.ServeHTTP(w, r) + case AttributesServiceUpdateAttributeProcedure: + attributesServiceUpdateAttributeHandler.ServeHTTP(w, r) + case AttributesServiceDeactivateAttributeProcedure: + attributesServiceDeactivateAttributeHandler.ServeHTTP(w, r) + case AttributesServiceGetAttributeValueProcedure: + attributesServiceGetAttributeValueHandler.ServeHTTP(w, r) + case AttributesServiceCreateAttributeValueProcedure: + attributesServiceCreateAttributeValueHandler.ServeHTTP(w, r) + case AttributesServiceUpdateAttributeValueProcedure: + attributesServiceUpdateAttributeValueHandler.ServeHTTP(w, r) + case AttributesServiceDeactivateAttributeValueProcedure: + attributesServiceDeactivateAttributeValueHandler.ServeHTTP(w, r) + case AttributesServiceAssignKeyAccessServerToAttributeProcedure: + attributesServiceAssignKeyAccessServerToAttributeHandler.ServeHTTP(w, r) + case AttributesServiceRemoveKeyAccessServerFromAttributeProcedure: + attributesServiceRemoveKeyAccessServerFromAttributeHandler.ServeHTTP(w, r) + case AttributesServiceAssignKeyAccessServerToValueProcedure: + attributesServiceAssignKeyAccessServerToValueHandler.ServeHTTP(w, r) + case AttributesServiceRemoveKeyAccessServerFromValueProcedure: + attributesServiceRemoveKeyAccessServerFromValueHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedAttributesServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedAttributesServiceHandler struct{} + +func (UnimplementedAttributesServiceHandler) ListAttributes(context.Context, *connect.Request[attributes.ListAttributesRequest]) (*connect.Response[attributes.ListAttributesResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.ListAttributes is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) ListAttributeValues(context.Context, *connect.Request[attributes.ListAttributeValuesRequest]) (*connect.Response[attributes.ListAttributeValuesResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.ListAttributeValues is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) GetAttribute(context.Context, *connect.Request[attributes.GetAttributeRequest]) (*connect.Response[attributes.GetAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.GetAttribute is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) GetAttributeValuesByFqns(context.Context, *connect.Request[attributes.GetAttributeValuesByFqnsRequest]) (*connect.Response[attributes.GetAttributeValuesByFqnsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.GetAttributeValuesByFqns is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) CreateAttribute(context.Context, *connect.Request[attributes.CreateAttributeRequest]) (*connect.Response[attributes.CreateAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.CreateAttribute is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) UpdateAttribute(context.Context, *connect.Request[attributes.UpdateAttributeRequest]) (*connect.Response[attributes.UpdateAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.UpdateAttribute is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) DeactivateAttribute(context.Context, *connect.Request[attributes.DeactivateAttributeRequest]) (*connect.Response[attributes.DeactivateAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.DeactivateAttribute is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) GetAttributeValue(context.Context, *connect.Request[attributes.GetAttributeValueRequest]) (*connect.Response[attributes.GetAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.GetAttributeValue is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) CreateAttributeValue(context.Context, *connect.Request[attributes.CreateAttributeValueRequest]) (*connect.Response[attributes.CreateAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.CreateAttributeValue is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) UpdateAttributeValue(context.Context, *connect.Request[attributes.UpdateAttributeValueRequest]) (*connect.Response[attributes.UpdateAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.UpdateAttributeValue is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) DeactivateAttributeValue(context.Context, *connect.Request[attributes.DeactivateAttributeValueRequest]) (*connect.Response[attributes.DeactivateAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.DeactivateAttributeValue is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) AssignKeyAccessServerToAttribute(context.Context, *connect.Request[attributes.AssignKeyAccessServerToAttributeRequest]) (*connect.Response[attributes.AssignKeyAccessServerToAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.AssignKeyAccessServerToAttribute is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) RemoveKeyAccessServerFromAttribute(context.Context, *connect.Request[attributes.RemoveKeyAccessServerFromAttributeRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.RemoveKeyAccessServerFromAttribute is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) AssignKeyAccessServerToValue(context.Context, *connect.Request[attributes.AssignKeyAccessServerToValueRequest]) (*connect.Response[attributes.AssignKeyAccessServerToValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.AssignKeyAccessServerToValue is not implemented")) +} + +func (UnimplementedAttributesServiceHandler) RemoveKeyAccessServerFromValue(context.Context, *connect.Request[attributes.RemoveKeyAccessServerFromValueRequest]) (*connect.Response[attributes.RemoveKeyAccessServerFromValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.attributes.AttributesService.RemoveKeyAccessServerFromValue is not implemented")) +} diff --git a/protocol/go/policy/kasregistry/kasregistryconnect/key_access_server_registry.connect.go b/protocol/go/policy/kasregistry/kasregistryconnect/key_access_server_registry.connect.go new file mode 100644 index 0000000000..3cfc542bcb --- /dev/null +++ b/protocol/go/policy/kasregistry/kasregistryconnect/key_access_server_registry.connect.go @@ -0,0 +1,272 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: policy/kasregistry/key_access_server_registry.proto + +package kasregistryconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + kasregistry "github.com/opentdf/platform/protocol/go/policy/kasregistry" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // KeyAccessServerRegistryServiceName is the fully-qualified name of the + // KeyAccessServerRegistryService service. + KeyAccessServerRegistryServiceName = "policy.kasregistry.KeyAccessServerRegistryService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // KeyAccessServerRegistryServiceListKeyAccessServersProcedure is the fully-qualified name of the + // KeyAccessServerRegistryService's ListKeyAccessServers RPC. + KeyAccessServerRegistryServiceListKeyAccessServersProcedure = "/policy.kasregistry.KeyAccessServerRegistryService/ListKeyAccessServers" + // KeyAccessServerRegistryServiceGetKeyAccessServerProcedure is the fully-qualified name of the + // KeyAccessServerRegistryService's GetKeyAccessServer RPC. + KeyAccessServerRegistryServiceGetKeyAccessServerProcedure = "/policy.kasregistry.KeyAccessServerRegistryService/GetKeyAccessServer" + // KeyAccessServerRegistryServiceCreateKeyAccessServerProcedure is the fully-qualified name of the + // KeyAccessServerRegistryService's CreateKeyAccessServer RPC. + KeyAccessServerRegistryServiceCreateKeyAccessServerProcedure = "/policy.kasregistry.KeyAccessServerRegistryService/CreateKeyAccessServer" + // KeyAccessServerRegistryServiceUpdateKeyAccessServerProcedure is the fully-qualified name of the + // KeyAccessServerRegistryService's UpdateKeyAccessServer RPC. + KeyAccessServerRegistryServiceUpdateKeyAccessServerProcedure = "/policy.kasregistry.KeyAccessServerRegistryService/UpdateKeyAccessServer" + // KeyAccessServerRegistryServiceDeleteKeyAccessServerProcedure is the fully-qualified name of the + // KeyAccessServerRegistryService's DeleteKeyAccessServer RPC. + KeyAccessServerRegistryServiceDeleteKeyAccessServerProcedure = "/policy.kasregistry.KeyAccessServerRegistryService/DeleteKeyAccessServer" + // KeyAccessServerRegistryServiceListKeyAccessServerGrantsProcedure is the fully-qualified name of + // the KeyAccessServerRegistryService's ListKeyAccessServerGrants RPC. + KeyAccessServerRegistryServiceListKeyAccessServerGrantsProcedure = "/policy.kasregistry.KeyAccessServerRegistryService/ListKeyAccessServerGrants" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + keyAccessServerRegistryServiceServiceDescriptor = kasregistry.File_policy_kasregistry_key_access_server_registry_proto.Services().ByName("KeyAccessServerRegistryService") + keyAccessServerRegistryServiceListKeyAccessServersMethodDescriptor = keyAccessServerRegistryServiceServiceDescriptor.Methods().ByName("ListKeyAccessServers") + keyAccessServerRegistryServiceGetKeyAccessServerMethodDescriptor = keyAccessServerRegistryServiceServiceDescriptor.Methods().ByName("GetKeyAccessServer") + keyAccessServerRegistryServiceCreateKeyAccessServerMethodDescriptor = keyAccessServerRegistryServiceServiceDescriptor.Methods().ByName("CreateKeyAccessServer") + keyAccessServerRegistryServiceUpdateKeyAccessServerMethodDescriptor = keyAccessServerRegistryServiceServiceDescriptor.Methods().ByName("UpdateKeyAccessServer") + keyAccessServerRegistryServiceDeleteKeyAccessServerMethodDescriptor = keyAccessServerRegistryServiceServiceDescriptor.Methods().ByName("DeleteKeyAccessServer") + keyAccessServerRegistryServiceListKeyAccessServerGrantsMethodDescriptor = keyAccessServerRegistryServiceServiceDescriptor.Methods().ByName("ListKeyAccessServerGrants") +) + +// KeyAccessServerRegistryServiceClient is a client for the +// policy.kasregistry.KeyAccessServerRegistryService service. +type KeyAccessServerRegistryServiceClient interface { + ListKeyAccessServers(context.Context, *connect.Request[kasregistry.ListKeyAccessServersRequest]) (*connect.Response[kasregistry.ListKeyAccessServersResponse], error) + GetKeyAccessServer(context.Context, *connect.Request[kasregistry.GetKeyAccessServerRequest]) (*connect.Response[kasregistry.GetKeyAccessServerResponse], error) + CreateKeyAccessServer(context.Context, *connect.Request[kasregistry.CreateKeyAccessServerRequest]) (*connect.Response[kasregistry.CreateKeyAccessServerResponse], error) + UpdateKeyAccessServer(context.Context, *connect.Request[kasregistry.UpdateKeyAccessServerRequest]) (*connect.Response[kasregistry.UpdateKeyAccessServerResponse], error) + DeleteKeyAccessServer(context.Context, *connect.Request[kasregistry.DeleteKeyAccessServerRequest]) (*connect.Response[kasregistry.DeleteKeyAccessServerResponse], error) + ListKeyAccessServerGrants(context.Context, *connect.Request[kasregistry.ListKeyAccessServerGrantsRequest]) (*connect.Response[kasregistry.ListKeyAccessServerGrantsResponse], error) +} + +// NewKeyAccessServerRegistryServiceClient constructs a client for the +// policy.kasregistry.KeyAccessServerRegistryService service. By default, it uses the Connect +// protocol with the binary Protobuf Codec, asks for gzipped responses, and sends uncompressed +// requests. To use the gRPC or gRPC-Web protocols, supply the connect.WithGRPC() or +// connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewKeyAccessServerRegistryServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) KeyAccessServerRegistryServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &keyAccessServerRegistryServiceClient{ + listKeyAccessServers: connect.NewClient[kasregistry.ListKeyAccessServersRequest, kasregistry.ListKeyAccessServersResponse]( + httpClient, + baseURL+KeyAccessServerRegistryServiceListKeyAccessServersProcedure, + connect.WithSchema(keyAccessServerRegistryServiceListKeyAccessServersMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getKeyAccessServer: connect.NewClient[kasregistry.GetKeyAccessServerRequest, kasregistry.GetKeyAccessServerResponse]( + httpClient, + baseURL+KeyAccessServerRegistryServiceGetKeyAccessServerProcedure, + connect.WithSchema(keyAccessServerRegistryServiceGetKeyAccessServerMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createKeyAccessServer: connect.NewClient[kasregistry.CreateKeyAccessServerRequest, kasregistry.CreateKeyAccessServerResponse]( + httpClient, + baseURL+KeyAccessServerRegistryServiceCreateKeyAccessServerProcedure, + connect.WithSchema(keyAccessServerRegistryServiceCreateKeyAccessServerMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateKeyAccessServer: connect.NewClient[kasregistry.UpdateKeyAccessServerRequest, kasregistry.UpdateKeyAccessServerResponse]( + httpClient, + baseURL+KeyAccessServerRegistryServiceUpdateKeyAccessServerProcedure, + connect.WithSchema(keyAccessServerRegistryServiceUpdateKeyAccessServerMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deleteKeyAccessServer: connect.NewClient[kasregistry.DeleteKeyAccessServerRequest, kasregistry.DeleteKeyAccessServerResponse]( + httpClient, + baseURL+KeyAccessServerRegistryServiceDeleteKeyAccessServerProcedure, + connect.WithSchema(keyAccessServerRegistryServiceDeleteKeyAccessServerMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listKeyAccessServerGrants: connect.NewClient[kasregistry.ListKeyAccessServerGrantsRequest, kasregistry.ListKeyAccessServerGrantsResponse]( + httpClient, + baseURL+KeyAccessServerRegistryServiceListKeyAccessServerGrantsProcedure, + connect.WithSchema(keyAccessServerRegistryServiceListKeyAccessServerGrantsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// keyAccessServerRegistryServiceClient implements KeyAccessServerRegistryServiceClient. +type keyAccessServerRegistryServiceClient struct { + listKeyAccessServers *connect.Client[kasregistry.ListKeyAccessServersRequest, kasregistry.ListKeyAccessServersResponse] + getKeyAccessServer *connect.Client[kasregistry.GetKeyAccessServerRequest, kasregistry.GetKeyAccessServerResponse] + createKeyAccessServer *connect.Client[kasregistry.CreateKeyAccessServerRequest, kasregistry.CreateKeyAccessServerResponse] + updateKeyAccessServer *connect.Client[kasregistry.UpdateKeyAccessServerRequest, kasregistry.UpdateKeyAccessServerResponse] + deleteKeyAccessServer *connect.Client[kasregistry.DeleteKeyAccessServerRequest, kasregistry.DeleteKeyAccessServerResponse] + listKeyAccessServerGrants *connect.Client[kasregistry.ListKeyAccessServerGrantsRequest, kasregistry.ListKeyAccessServerGrantsResponse] +} + +// ListKeyAccessServers calls +// policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServers. +func (c *keyAccessServerRegistryServiceClient) ListKeyAccessServers(ctx context.Context, req *connect.Request[kasregistry.ListKeyAccessServersRequest]) (*connect.Response[kasregistry.ListKeyAccessServersResponse], error) { + return c.listKeyAccessServers.CallUnary(ctx, req) +} + +// GetKeyAccessServer calls policy.kasregistry.KeyAccessServerRegistryService.GetKeyAccessServer. +func (c *keyAccessServerRegistryServiceClient) GetKeyAccessServer(ctx context.Context, req *connect.Request[kasregistry.GetKeyAccessServerRequest]) (*connect.Response[kasregistry.GetKeyAccessServerResponse], error) { + return c.getKeyAccessServer.CallUnary(ctx, req) +} + +// CreateKeyAccessServer calls +// policy.kasregistry.KeyAccessServerRegistryService.CreateKeyAccessServer. +func (c *keyAccessServerRegistryServiceClient) CreateKeyAccessServer(ctx context.Context, req *connect.Request[kasregistry.CreateKeyAccessServerRequest]) (*connect.Response[kasregistry.CreateKeyAccessServerResponse], error) { + return c.createKeyAccessServer.CallUnary(ctx, req) +} + +// UpdateKeyAccessServer calls +// policy.kasregistry.KeyAccessServerRegistryService.UpdateKeyAccessServer. +func (c *keyAccessServerRegistryServiceClient) UpdateKeyAccessServer(ctx context.Context, req *connect.Request[kasregistry.UpdateKeyAccessServerRequest]) (*connect.Response[kasregistry.UpdateKeyAccessServerResponse], error) { + return c.updateKeyAccessServer.CallUnary(ctx, req) +} + +// DeleteKeyAccessServer calls +// policy.kasregistry.KeyAccessServerRegistryService.DeleteKeyAccessServer. +func (c *keyAccessServerRegistryServiceClient) DeleteKeyAccessServer(ctx context.Context, req *connect.Request[kasregistry.DeleteKeyAccessServerRequest]) (*connect.Response[kasregistry.DeleteKeyAccessServerResponse], error) { + return c.deleteKeyAccessServer.CallUnary(ctx, req) +} + +// ListKeyAccessServerGrants calls +// policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServerGrants. +func (c *keyAccessServerRegistryServiceClient) ListKeyAccessServerGrants(ctx context.Context, req *connect.Request[kasregistry.ListKeyAccessServerGrantsRequest]) (*connect.Response[kasregistry.ListKeyAccessServerGrantsResponse], error) { + return c.listKeyAccessServerGrants.CallUnary(ctx, req) +} + +// KeyAccessServerRegistryServiceHandler is an implementation of the +// policy.kasregistry.KeyAccessServerRegistryService service. +type KeyAccessServerRegistryServiceHandler interface { + ListKeyAccessServers(context.Context, *connect.Request[kasregistry.ListKeyAccessServersRequest]) (*connect.Response[kasregistry.ListKeyAccessServersResponse], error) + GetKeyAccessServer(context.Context, *connect.Request[kasregistry.GetKeyAccessServerRequest]) (*connect.Response[kasregistry.GetKeyAccessServerResponse], error) + CreateKeyAccessServer(context.Context, *connect.Request[kasregistry.CreateKeyAccessServerRequest]) (*connect.Response[kasregistry.CreateKeyAccessServerResponse], error) + UpdateKeyAccessServer(context.Context, *connect.Request[kasregistry.UpdateKeyAccessServerRequest]) (*connect.Response[kasregistry.UpdateKeyAccessServerResponse], error) + DeleteKeyAccessServer(context.Context, *connect.Request[kasregistry.DeleteKeyAccessServerRequest]) (*connect.Response[kasregistry.DeleteKeyAccessServerResponse], error) + ListKeyAccessServerGrants(context.Context, *connect.Request[kasregistry.ListKeyAccessServerGrantsRequest]) (*connect.Response[kasregistry.ListKeyAccessServerGrantsResponse], error) +} + +// NewKeyAccessServerRegistryServiceHandler builds an HTTP handler from the service implementation. +// It returns the path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewKeyAccessServerRegistryServiceHandler(svc KeyAccessServerRegistryServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + keyAccessServerRegistryServiceListKeyAccessServersHandler := connect.NewUnaryHandler( + KeyAccessServerRegistryServiceListKeyAccessServersProcedure, + svc.ListKeyAccessServers, + connect.WithSchema(keyAccessServerRegistryServiceListKeyAccessServersMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + keyAccessServerRegistryServiceGetKeyAccessServerHandler := connect.NewUnaryHandler( + KeyAccessServerRegistryServiceGetKeyAccessServerProcedure, + svc.GetKeyAccessServer, + connect.WithSchema(keyAccessServerRegistryServiceGetKeyAccessServerMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + keyAccessServerRegistryServiceCreateKeyAccessServerHandler := connect.NewUnaryHandler( + KeyAccessServerRegistryServiceCreateKeyAccessServerProcedure, + svc.CreateKeyAccessServer, + connect.WithSchema(keyAccessServerRegistryServiceCreateKeyAccessServerMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + keyAccessServerRegistryServiceUpdateKeyAccessServerHandler := connect.NewUnaryHandler( + KeyAccessServerRegistryServiceUpdateKeyAccessServerProcedure, + svc.UpdateKeyAccessServer, + connect.WithSchema(keyAccessServerRegistryServiceUpdateKeyAccessServerMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + keyAccessServerRegistryServiceDeleteKeyAccessServerHandler := connect.NewUnaryHandler( + KeyAccessServerRegistryServiceDeleteKeyAccessServerProcedure, + svc.DeleteKeyAccessServer, + connect.WithSchema(keyAccessServerRegistryServiceDeleteKeyAccessServerMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + keyAccessServerRegistryServiceListKeyAccessServerGrantsHandler := connect.NewUnaryHandler( + KeyAccessServerRegistryServiceListKeyAccessServerGrantsProcedure, + svc.ListKeyAccessServerGrants, + connect.WithSchema(keyAccessServerRegistryServiceListKeyAccessServerGrantsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/policy.kasregistry.KeyAccessServerRegistryService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case KeyAccessServerRegistryServiceListKeyAccessServersProcedure: + keyAccessServerRegistryServiceListKeyAccessServersHandler.ServeHTTP(w, r) + case KeyAccessServerRegistryServiceGetKeyAccessServerProcedure: + keyAccessServerRegistryServiceGetKeyAccessServerHandler.ServeHTTP(w, r) + case KeyAccessServerRegistryServiceCreateKeyAccessServerProcedure: + keyAccessServerRegistryServiceCreateKeyAccessServerHandler.ServeHTTP(w, r) + case KeyAccessServerRegistryServiceUpdateKeyAccessServerProcedure: + keyAccessServerRegistryServiceUpdateKeyAccessServerHandler.ServeHTTP(w, r) + case KeyAccessServerRegistryServiceDeleteKeyAccessServerProcedure: + keyAccessServerRegistryServiceDeleteKeyAccessServerHandler.ServeHTTP(w, r) + case KeyAccessServerRegistryServiceListKeyAccessServerGrantsProcedure: + keyAccessServerRegistryServiceListKeyAccessServerGrantsHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedKeyAccessServerRegistryServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedKeyAccessServerRegistryServiceHandler struct{} + +func (UnimplementedKeyAccessServerRegistryServiceHandler) ListKeyAccessServers(context.Context, *connect.Request[kasregistry.ListKeyAccessServersRequest]) (*connect.Response[kasregistry.ListKeyAccessServersResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServers is not implemented")) +} + +func (UnimplementedKeyAccessServerRegistryServiceHandler) GetKeyAccessServer(context.Context, *connect.Request[kasregistry.GetKeyAccessServerRequest]) (*connect.Response[kasregistry.GetKeyAccessServerResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.kasregistry.KeyAccessServerRegistryService.GetKeyAccessServer is not implemented")) +} + +func (UnimplementedKeyAccessServerRegistryServiceHandler) CreateKeyAccessServer(context.Context, *connect.Request[kasregistry.CreateKeyAccessServerRequest]) (*connect.Response[kasregistry.CreateKeyAccessServerResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.kasregistry.KeyAccessServerRegistryService.CreateKeyAccessServer is not implemented")) +} + +func (UnimplementedKeyAccessServerRegistryServiceHandler) UpdateKeyAccessServer(context.Context, *connect.Request[kasregistry.UpdateKeyAccessServerRequest]) (*connect.Response[kasregistry.UpdateKeyAccessServerResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.kasregistry.KeyAccessServerRegistryService.UpdateKeyAccessServer is not implemented")) +} + +func (UnimplementedKeyAccessServerRegistryServiceHandler) DeleteKeyAccessServer(context.Context, *connect.Request[kasregistry.DeleteKeyAccessServerRequest]) (*connect.Response[kasregistry.DeleteKeyAccessServerResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.kasregistry.KeyAccessServerRegistryService.DeleteKeyAccessServer is not implemented")) +} + +func (UnimplementedKeyAccessServerRegistryServiceHandler) ListKeyAccessServerGrants(context.Context, *connect.Request[kasregistry.ListKeyAccessServerGrantsRequest]) (*connect.Response[kasregistry.ListKeyAccessServerGrantsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.kasregistry.KeyAccessServerRegistryService.ListKeyAccessServerGrants is not implemented")) +} diff --git a/protocol/go/policy/namespaces/namespacesconnect/namespaces.connect.go b/protocol/go/policy/namespaces/namespacesconnect/namespaces.connect.go new file mode 100644 index 0000000000..8df0903b60 --- /dev/null +++ b/protocol/go/policy/namespaces/namespacesconnect/namespaces.connect.go @@ -0,0 +1,301 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: policy/namespaces/namespaces.proto + +package namespacesconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + namespaces "github.com/opentdf/platform/protocol/go/policy/namespaces" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // NamespaceServiceName is the fully-qualified name of the NamespaceService service. + NamespaceServiceName = "policy.namespaces.NamespaceService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // NamespaceServiceGetNamespaceProcedure is the fully-qualified name of the NamespaceService's + // GetNamespace RPC. + NamespaceServiceGetNamespaceProcedure = "/policy.namespaces.NamespaceService/GetNamespace" + // NamespaceServiceListNamespacesProcedure is the fully-qualified name of the NamespaceService's + // ListNamespaces RPC. + NamespaceServiceListNamespacesProcedure = "/policy.namespaces.NamespaceService/ListNamespaces" + // NamespaceServiceCreateNamespaceProcedure is the fully-qualified name of the NamespaceService's + // CreateNamespace RPC. + NamespaceServiceCreateNamespaceProcedure = "/policy.namespaces.NamespaceService/CreateNamespace" + // NamespaceServiceUpdateNamespaceProcedure is the fully-qualified name of the NamespaceService's + // UpdateNamespace RPC. + NamespaceServiceUpdateNamespaceProcedure = "/policy.namespaces.NamespaceService/UpdateNamespace" + // NamespaceServiceDeactivateNamespaceProcedure is the fully-qualified name of the + // NamespaceService's DeactivateNamespace RPC. + NamespaceServiceDeactivateNamespaceProcedure = "/policy.namespaces.NamespaceService/DeactivateNamespace" + // NamespaceServiceAssignKeyAccessServerToNamespaceProcedure is the fully-qualified name of the + // NamespaceService's AssignKeyAccessServerToNamespace RPC. + NamespaceServiceAssignKeyAccessServerToNamespaceProcedure = "/policy.namespaces.NamespaceService/AssignKeyAccessServerToNamespace" + // NamespaceServiceRemoveKeyAccessServerFromNamespaceProcedure is the fully-qualified name of the + // NamespaceService's RemoveKeyAccessServerFromNamespace RPC. + NamespaceServiceRemoveKeyAccessServerFromNamespaceProcedure = "/policy.namespaces.NamespaceService/RemoveKeyAccessServerFromNamespace" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + namespaceServiceServiceDescriptor = namespaces.File_policy_namespaces_namespaces_proto.Services().ByName("NamespaceService") + namespaceServiceGetNamespaceMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("GetNamespace") + namespaceServiceListNamespacesMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("ListNamespaces") + namespaceServiceCreateNamespaceMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("CreateNamespace") + namespaceServiceUpdateNamespaceMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("UpdateNamespace") + namespaceServiceDeactivateNamespaceMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("DeactivateNamespace") + namespaceServiceAssignKeyAccessServerToNamespaceMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("AssignKeyAccessServerToNamespace") + namespaceServiceRemoveKeyAccessServerFromNamespaceMethodDescriptor = namespaceServiceServiceDescriptor.Methods().ByName("RemoveKeyAccessServerFromNamespace") +) + +// NamespaceServiceClient is a client for the policy.namespaces.NamespaceService service. +type NamespaceServiceClient interface { + GetNamespace(context.Context, *connect.Request[namespaces.GetNamespaceRequest]) (*connect.Response[namespaces.GetNamespaceResponse], error) + ListNamespaces(context.Context, *connect.Request[namespaces.ListNamespacesRequest]) (*connect.Response[namespaces.ListNamespacesResponse], error) + CreateNamespace(context.Context, *connect.Request[namespaces.CreateNamespaceRequest]) (*connect.Response[namespaces.CreateNamespaceResponse], error) + UpdateNamespace(context.Context, *connect.Request[namespaces.UpdateNamespaceRequest]) (*connect.Response[namespaces.UpdateNamespaceResponse], error) + DeactivateNamespace(context.Context, *connect.Request[namespaces.DeactivateNamespaceRequest]) (*connect.Response[namespaces.DeactivateNamespaceResponse], error) + // --------------------------------------* + // Namespace <> Key Access Server RPCs + // --------------------------------------- + AssignKeyAccessServerToNamespace(context.Context, *connect.Request[namespaces.AssignKeyAccessServerToNamespaceRequest]) (*connect.Response[namespaces.AssignKeyAccessServerToNamespaceResponse], error) + RemoveKeyAccessServerFromNamespace(context.Context, *connect.Request[namespaces.RemoveKeyAccessServerFromNamespaceRequest]) (*connect.Response[namespaces.RemoveKeyAccessServerFromNamespaceResponse], error) +} + +// NewNamespaceServiceClient constructs a client for the policy.namespaces.NamespaceService service. +// By default, it uses the Connect protocol with the binary Protobuf Codec, asks for gzipped +// responses, and sends uncompressed requests. To use the gRPC or gRPC-Web protocols, supply the +// connect.WithGRPC() or connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewNamespaceServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) NamespaceServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &namespaceServiceClient{ + getNamespace: connect.NewClient[namespaces.GetNamespaceRequest, namespaces.GetNamespaceResponse]( + httpClient, + baseURL+NamespaceServiceGetNamespaceProcedure, + connect.WithSchema(namespaceServiceGetNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listNamespaces: connect.NewClient[namespaces.ListNamespacesRequest, namespaces.ListNamespacesResponse]( + httpClient, + baseURL+NamespaceServiceListNamespacesProcedure, + connect.WithSchema(namespaceServiceListNamespacesMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createNamespace: connect.NewClient[namespaces.CreateNamespaceRequest, namespaces.CreateNamespaceResponse]( + httpClient, + baseURL+NamespaceServiceCreateNamespaceProcedure, + connect.WithSchema(namespaceServiceCreateNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateNamespace: connect.NewClient[namespaces.UpdateNamespaceRequest, namespaces.UpdateNamespaceResponse]( + httpClient, + baseURL+NamespaceServiceUpdateNamespaceProcedure, + connect.WithSchema(namespaceServiceUpdateNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deactivateNamespace: connect.NewClient[namespaces.DeactivateNamespaceRequest, namespaces.DeactivateNamespaceResponse]( + httpClient, + baseURL+NamespaceServiceDeactivateNamespaceProcedure, + connect.WithSchema(namespaceServiceDeactivateNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + assignKeyAccessServerToNamespace: connect.NewClient[namespaces.AssignKeyAccessServerToNamespaceRequest, namespaces.AssignKeyAccessServerToNamespaceResponse]( + httpClient, + baseURL+NamespaceServiceAssignKeyAccessServerToNamespaceProcedure, + connect.WithSchema(namespaceServiceAssignKeyAccessServerToNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + removeKeyAccessServerFromNamespace: connect.NewClient[namespaces.RemoveKeyAccessServerFromNamespaceRequest, namespaces.RemoveKeyAccessServerFromNamespaceResponse]( + httpClient, + baseURL+NamespaceServiceRemoveKeyAccessServerFromNamespaceProcedure, + connect.WithSchema(namespaceServiceRemoveKeyAccessServerFromNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// namespaceServiceClient implements NamespaceServiceClient. +type namespaceServiceClient struct { + getNamespace *connect.Client[namespaces.GetNamespaceRequest, namespaces.GetNamespaceResponse] + listNamespaces *connect.Client[namespaces.ListNamespacesRequest, namespaces.ListNamespacesResponse] + createNamespace *connect.Client[namespaces.CreateNamespaceRequest, namespaces.CreateNamespaceResponse] + updateNamespace *connect.Client[namespaces.UpdateNamespaceRequest, namespaces.UpdateNamespaceResponse] + deactivateNamespace *connect.Client[namespaces.DeactivateNamespaceRequest, namespaces.DeactivateNamespaceResponse] + assignKeyAccessServerToNamespace *connect.Client[namespaces.AssignKeyAccessServerToNamespaceRequest, namespaces.AssignKeyAccessServerToNamespaceResponse] + removeKeyAccessServerFromNamespace *connect.Client[namespaces.RemoveKeyAccessServerFromNamespaceRequest, namespaces.RemoveKeyAccessServerFromNamespaceResponse] +} + +// GetNamespace calls policy.namespaces.NamespaceService.GetNamespace. +func (c *namespaceServiceClient) GetNamespace(ctx context.Context, req *connect.Request[namespaces.GetNamespaceRequest]) (*connect.Response[namespaces.GetNamespaceResponse], error) { + return c.getNamespace.CallUnary(ctx, req) +} + +// ListNamespaces calls policy.namespaces.NamespaceService.ListNamespaces. +func (c *namespaceServiceClient) ListNamespaces(ctx context.Context, req *connect.Request[namespaces.ListNamespacesRequest]) (*connect.Response[namespaces.ListNamespacesResponse], error) { + return c.listNamespaces.CallUnary(ctx, req) +} + +// CreateNamespace calls policy.namespaces.NamespaceService.CreateNamespace. +func (c *namespaceServiceClient) CreateNamespace(ctx context.Context, req *connect.Request[namespaces.CreateNamespaceRequest]) (*connect.Response[namespaces.CreateNamespaceResponse], error) { + return c.createNamespace.CallUnary(ctx, req) +} + +// UpdateNamespace calls policy.namespaces.NamespaceService.UpdateNamespace. +func (c *namespaceServiceClient) UpdateNamespace(ctx context.Context, req *connect.Request[namespaces.UpdateNamespaceRequest]) (*connect.Response[namespaces.UpdateNamespaceResponse], error) { + return c.updateNamespace.CallUnary(ctx, req) +} + +// DeactivateNamespace calls policy.namespaces.NamespaceService.DeactivateNamespace. +func (c *namespaceServiceClient) DeactivateNamespace(ctx context.Context, req *connect.Request[namespaces.DeactivateNamespaceRequest]) (*connect.Response[namespaces.DeactivateNamespaceResponse], error) { + return c.deactivateNamespace.CallUnary(ctx, req) +} + +// AssignKeyAccessServerToNamespace calls +// policy.namespaces.NamespaceService.AssignKeyAccessServerToNamespace. +func (c *namespaceServiceClient) AssignKeyAccessServerToNamespace(ctx context.Context, req *connect.Request[namespaces.AssignKeyAccessServerToNamespaceRequest]) (*connect.Response[namespaces.AssignKeyAccessServerToNamespaceResponse], error) { + return c.assignKeyAccessServerToNamespace.CallUnary(ctx, req) +} + +// RemoveKeyAccessServerFromNamespace calls +// policy.namespaces.NamespaceService.RemoveKeyAccessServerFromNamespace. +func (c *namespaceServiceClient) RemoveKeyAccessServerFromNamespace(ctx context.Context, req *connect.Request[namespaces.RemoveKeyAccessServerFromNamespaceRequest]) (*connect.Response[namespaces.RemoveKeyAccessServerFromNamespaceResponse], error) { + return c.removeKeyAccessServerFromNamespace.CallUnary(ctx, req) +} + +// NamespaceServiceHandler is an implementation of the policy.namespaces.NamespaceService service. +type NamespaceServiceHandler interface { + GetNamespace(context.Context, *connect.Request[namespaces.GetNamespaceRequest]) (*connect.Response[namespaces.GetNamespaceResponse], error) + ListNamespaces(context.Context, *connect.Request[namespaces.ListNamespacesRequest]) (*connect.Response[namespaces.ListNamespacesResponse], error) + CreateNamespace(context.Context, *connect.Request[namespaces.CreateNamespaceRequest]) (*connect.Response[namespaces.CreateNamespaceResponse], error) + UpdateNamespace(context.Context, *connect.Request[namespaces.UpdateNamespaceRequest]) (*connect.Response[namespaces.UpdateNamespaceResponse], error) + DeactivateNamespace(context.Context, *connect.Request[namespaces.DeactivateNamespaceRequest]) (*connect.Response[namespaces.DeactivateNamespaceResponse], error) + // --------------------------------------* + // Namespace <> Key Access Server RPCs + // --------------------------------------- + AssignKeyAccessServerToNamespace(context.Context, *connect.Request[namespaces.AssignKeyAccessServerToNamespaceRequest]) (*connect.Response[namespaces.AssignKeyAccessServerToNamespaceResponse], error) + RemoveKeyAccessServerFromNamespace(context.Context, *connect.Request[namespaces.RemoveKeyAccessServerFromNamespaceRequest]) (*connect.Response[namespaces.RemoveKeyAccessServerFromNamespaceResponse], error) +} + +// NewNamespaceServiceHandler builds an HTTP handler from the service implementation. It returns the +// path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewNamespaceServiceHandler(svc NamespaceServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + namespaceServiceGetNamespaceHandler := connect.NewUnaryHandler( + NamespaceServiceGetNamespaceProcedure, + svc.GetNamespace, + connect.WithSchema(namespaceServiceGetNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + namespaceServiceListNamespacesHandler := connect.NewUnaryHandler( + NamespaceServiceListNamespacesProcedure, + svc.ListNamespaces, + connect.WithSchema(namespaceServiceListNamespacesMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + namespaceServiceCreateNamespaceHandler := connect.NewUnaryHandler( + NamespaceServiceCreateNamespaceProcedure, + svc.CreateNamespace, + connect.WithSchema(namespaceServiceCreateNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + namespaceServiceUpdateNamespaceHandler := connect.NewUnaryHandler( + NamespaceServiceUpdateNamespaceProcedure, + svc.UpdateNamespace, + connect.WithSchema(namespaceServiceUpdateNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + namespaceServiceDeactivateNamespaceHandler := connect.NewUnaryHandler( + NamespaceServiceDeactivateNamespaceProcedure, + svc.DeactivateNamespace, + connect.WithSchema(namespaceServiceDeactivateNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + namespaceServiceAssignKeyAccessServerToNamespaceHandler := connect.NewUnaryHandler( + NamespaceServiceAssignKeyAccessServerToNamespaceProcedure, + svc.AssignKeyAccessServerToNamespace, + connect.WithSchema(namespaceServiceAssignKeyAccessServerToNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + namespaceServiceRemoveKeyAccessServerFromNamespaceHandler := connect.NewUnaryHandler( + NamespaceServiceRemoveKeyAccessServerFromNamespaceProcedure, + svc.RemoveKeyAccessServerFromNamespace, + connect.WithSchema(namespaceServiceRemoveKeyAccessServerFromNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/policy.namespaces.NamespaceService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case NamespaceServiceGetNamespaceProcedure: + namespaceServiceGetNamespaceHandler.ServeHTTP(w, r) + case NamespaceServiceListNamespacesProcedure: + namespaceServiceListNamespacesHandler.ServeHTTP(w, r) + case NamespaceServiceCreateNamespaceProcedure: + namespaceServiceCreateNamespaceHandler.ServeHTTP(w, r) + case NamespaceServiceUpdateNamespaceProcedure: + namespaceServiceUpdateNamespaceHandler.ServeHTTP(w, r) + case NamespaceServiceDeactivateNamespaceProcedure: + namespaceServiceDeactivateNamespaceHandler.ServeHTTP(w, r) + case NamespaceServiceAssignKeyAccessServerToNamespaceProcedure: + namespaceServiceAssignKeyAccessServerToNamespaceHandler.ServeHTTP(w, r) + case NamespaceServiceRemoveKeyAccessServerFromNamespaceProcedure: + namespaceServiceRemoveKeyAccessServerFromNamespaceHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedNamespaceServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedNamespaceServiceHandler struct{} + +func (UnimplementedNamespaceServiceHandler) GetNamespace(context.Context, *connect.Request[namespaces.GetNamespaceRequest]) (*connect.Response[namespaces.GetNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.GetNamespace is not implemented")) +} + +func (UnimplementedNamespaceServiceHandler) ListNamespaces(context.Context, *connect.Request[namespaces.ListNamespacesRequest]) (*connect.Response[namespaces.ListNamespacesResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.ListNamespaces is not implemented")) +} + +func (UnimplementedNamespaceServiceHandler) CreateNamespace(context.Context, *connect.Request[namespaces.CreateNamespaceRequest]) (*connect.Response[namespaces.CreateNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.CreateNamespace is not implemented")) +} + +func (UnimplementedNamespaceServiceHandler) UpdateNamespace(context.Context, *connect.Request[namespaces.UpdateNamespaceRequest]) (*connect.Response[namespaces.UpdateNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.UpdateNamespace is not implemented")) +} + +func (UnimplementedNamespaceServiceHandler) DeactivateNamespace(context.Context, *connect.Request[namespaces.DeactivateNamespaceRequest]) (*connect.Response[namespaces.DeactivateNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.DeactivateNamespace is not implemented")) +} + +func (UnimplementedNamespaceServiceHandler) AssignKeyAccessServerToNamespace(context.Context, *connect.Request[namespaces.AssignKeyAccessServerToNamespaceRequest]) (*connect.Response[namespaces.AssignKeyAccessServerToNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.AssignKeyAccessServerToNamespace is not implemented")) +} + +func (UnimplementedNamespaceServiceHandler) RemoveKeyAccessServerFromNamespace(context.Context, *connect.Request[namespaces.RemoveKeyAccessServerFromNamespaceRequest]) (*connect.Response[namespaces.RemoveKeyAccessServerFromNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.namespaces.NamespaceService.RemoveKeyAccessServerFromNamespace is not implemented")) +} diff --git a/protocol/go/policy/resourcemapping/resourcemappingconnect/resource_mapping.connect.go b/protocol/go/policy/resourcemapping/resourcemappingconnect/resource_mapping.connect.go new file mode 100644 index 0000000000..415ba7fa15 --- /dev/null +++ b/protocol/go/policy/resourcemapping/resourcemappingconnect/resource_mapping.connect.go @@ -0,0 +1,422 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: policy/resourcemapping/resource_mapping.proto + +package resourcemappingconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + resourcemapping "github.com/opentdf/platform/protocol/go/policy/resourcemapping" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // ResourceMappingServiceName is the fully-qualified name of the ResourceMappingService service. + ResourceMappingServiceName = "policy.resourcemapping.ResourceMappingService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // ResourceMappingServiceListResourceMappingGroupsProcedure is the fully-qualified name of the + // ResourceMappingService's ListResourceMappingGroups RPC. + ResourceMappingServiceListResourceMappingGroupsProcedure = "/policy.resourcemapping.ResourceMappingService/ListResourceMappingGroups" + // ResourceMappingServiceGetResourceMappingGroupProcedure is the fully-qualified name of the + // ResourceMappingService's GetResourceMappingGroup RPC. + ResourceMappingServiceGetResourceMappingGroupProcedure = "/policy.resourcemapping.ResourceMappingService/GetResourceMappingGroup" + // ResourceMappingServiceCreateResourceMappingGroupProcedure is the fully-qualified name of the + // ResourceMappingService's CreateResourceMappingGroup RPC. + ResourceMappingServiceCreateResourceMappingGroupProcedure = "/policy.resourcemapping.ResourceMappingService/CreateResourceMappingGroup" + // ResourceMappingServiceUpdateResourceMappingGroupProcedure is the fully-qualified name of the + // ResourceMappingService's UpdateResourceMappingGroup RPC. + ResourceMappingServiceUpdateResourceMappingGroupProcedure = "/policy.resourcemapping.ResourceMappingService/UpdateResourceMappingGroup" + // ResourceMappingServiceDeleteResourceMappingGroupProcedure is the fully-qualified name of the + // ResourceMappingService's DeleteResourceMappingGroup RPC. + ResourceMappingServiceDeleteResourceMappingGroupProcedure = "/policy.resourcemapping.ResourceMappingService/DeleteResourceMappingGroup" + // ResourceMappingServiceListResourceMappingsProcedure is the fully-qualified name of the + // ResourceMappingService's ListResourceMappings RPC. + ResourceMappingServiceListResourceMappingsProcedure = "/policy.resourcemapping.ResourceMappingService/ListResourceMappings" + // ResourceMappingServiceListResourceMappingsByGroupFqnsProcedure is the fully-qualified name of the + // ResourceMappingService's ListResourceMappingsByGroupFqns RPC. + ResourceMappingServiceListResourceMappingsByGroupFqnsProcedure = "/policy.resourcemapping.ResourceMappingService/ListResourceMappingsByGroupFqns" + // ResourceMappingServiceGetResourceMappingProcedure is the fully-qualified name of the + // ResourceMappingService's GetResourceMapping RPC. + ResourceMappingServiceGetResourceMappingProcedure = "/policy.resourcemapping.ResourceMappingService/GetResourceMapping" + // ResourceMappingServiceCreateResourceMappingProcedure is the fully-qualified name of the + // ResourceMappingService's CreateResourceMapping RPC. + ResourceMappingServiceCreateResourceMappingProcedure = "/policy.resourcemapping.ResourceMappingService/CreateResourceMapping" + // ResourceMappingServiceUpdateResourceMappingProcedure is the fully-qualified name of the + // ResourceMappingService's UpdateResourceMapping RPC. + ResourceMappingServiceUpdateResourceMappingProcedure = "/policy.resourcemapping.ResourceMappingService/UpdateResourceMapping" + // ResourceMappingServiceDeleteResourceMappingProcedure is the fully-qualified name of the + // ResourceMappingService's DeleteResourceMapping RPC. + ResourceMappingServiceDeleteResourceMappingProcedure = "/policy.resourcemapping.ResourceMappingService/DeleteResourceMapping" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + resourceMappingServiceServiceDescriptor = resourcemapping.File_policy_resourcemapping_resource_mapping_proto.Services().ByName("ResourceMappingService") + resourceMappingServiceListResourceMappingGroupsMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("ListResourceMappingGroups") + resourceMappingServiceGetResourceMappingGroupMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("GetResourceMappingGroup") + resourceMappingServiceCreateResourceMappingGroupMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("CreateResourceMappingGroup") + resourceMappingServiceUpdateResourceMappingGroupMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("UpdateResourceMappingGroup") + resourceMappingServiceDeleteResourceMappingGroupMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("DeleteResourceMappingGroup") + resourceMappingServiceListResourceMappingsMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("ListResourceMappings") + resourceMappingServiceListResourceMappingsByGroupFqnsMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("ListResourceMappingsByGroupFqns") + resourceMappingServiceGetResourceMappingMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("GetResourceMapping") + resourceMappingServiceCreateResourceMappingMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("CreateResourceMapping") + resourceMappingServiceUpdateResourceMappingMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("UpdateResourceMapping") + resourceMappingServiceDeleteResourceMappingMethodDescriptor = resourceMappingServiceServiceDescriptor.Methods().ByName("DeleteResourceMapping") +) + +// ResourceMappingServiceClient is a client for the policy.resourcemapping.ResourceMappingService +// service. +type ResourceMappingServiceClient interface { + ListResourceMappingGroups(context.Context, *connect.Request[resourcemapping.ListResourceMappingGroupsRequest]) (*connect.Response[resourcemapping.ListResourceMappingGroupsResponse], error) + GetResourceMappingGroup(context.Context, *connect.Request[resourcemapping.GetResourceMappingGroupRequest]) (*connect.Response[resourcemapping.GetResourceMappingGroupResponse], error) + CreateResourceMappingGroup(context.Context, *connect.Request[resourcemapping.CreateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.CreateResourceMappingGroupResponse], error) + UpdateResourceMappingGroup(context.Context, *connect.Request[resourcemapping.UpdateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingGroupResponse], error) + DeleteResourceMappingGroup(context.Context, *connect.Request[resourcemapping.DeleteResourceMappingGroupRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingGroupResponse], error) + ListResourceMappings(context.Context, *connect.Request[resourcemapping.ListResourceMappingsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsResponse], error) + ListResourceMappingsByGroupFqns(context.Context, *connect.Request[resourcemapping.ListResourceMappingsByGroupFqnsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsByGroupFqnsResponse], error) + GetResourceMapping(context.Context, *connect.Request[resourcemapping.GetResourceMappingRequest]) (*connect.Response[resourcemapping.GetResourceMappingResponse], error) + CreateResourceMapping(context.Context, *connect.Request[resourcemapping.CreateResourceMappingRequest]) (*connect.Response[resourcemapping.CreateResourceMappingResponse], error) + UpdateResourceMapping(context.Context, *connect.Request[resourcemapping.UpdateResourceMappingRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingResponse], error) + DeleteResourceMapping(context.Context, *connect.Request[resourcemapping.DeleteResourceMappingRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingResponse], error) +} + +// NewResourceMappingServiceClient constructs a client for the +// policy.resourcemapping.ResourceMappingService service. By default, it uses the Connect protocol +// with the binary Protobuf Codec, asks for gzipped responses, and sends uncompressed requests. To +// use the gRPC or gRPC-Web protocols, supply the connect.WithGRPC() or connect.WithGRPCWeb() +// options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewResourceMappingServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) ResourceMappingServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &resourceMappingServiceClient{ + listResourceMappingGroups: connect.NewClient[resourcemapping.ListResourceMappingGroupsRequest, resourcemapping.ListResourceMappingGroupsResponse]( + httpClient, + baseURL+ResourceMappingServiceListResourceMappingGroupsProcedure, + connect.WithSchema(resourceMappingServiceListResourceMappingGroupsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getResourceMappingGroup: connect.NewClient[resourcemapping.GetResourceMappingGroupRequest, resourcemapping.GetResourceMappingGroupResponse]( + httpClient, + baseURL+ResourceMappingServiceGetResourceMappingGroupProcedure, + connect.WithSchema(resourceMappingServiceGetResourceMappingGroupMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createResourceMappingGroup: connect.NewClient[resourcemapping.CreateResourceMappingGroupRequest, resourcemapping.CreateResourceMappingGroupResponse]( + httpClient, + baseURL+ResourceMappingServiceCreateResourceMappingGroupProcedure, + connect.WithSchema(resourceMappingServiceCreateResourceMappingGroupMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateResourceMappingGroup: connect.NewClient[resourcemapping.UpdateResourceMappingGroupRequest, resourcemapping.UpdateResourceMappingGroupResponse]( + httpClient, + baseURL+ResourceMappingServiceUpdateResourceMappingGroupProcedure, + connect.WithSchema(resourceMappingServiceUpdateResourceMappingGroupMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deleteResourceMappingGroup: connect.NewClient[resourcemapping.DeleteResourceMappingGroupRequest, resourcemapping.DeleteResourceMappingGroupResponse]( + httpClient, + baseURL+ResourceMappingServiceDeleteResourceMappingGroupProcedure, + connect.WithSchema(resourceMappingServiceDeleteResourceMappingGroupMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listResourceMappings: connect.NewClient[resourcemapping.ListResourceMappingsRequest, resourcemapping.ListResourceMappingsResponse]( + httpClient, + baseURL+ResourceMappingServiceListResourceMappingsProcedure, + connect.WithSchema(resourceMappingServiceListResourceMappingsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listResourceMappingsByGroupFqns: connect.NewClient[resourcemapping.ListResourceMappingsByGroupFqnsRequest, resourcemapping.ListResourceMappingsByGroupFqnsResponse]( + httpClient, + baseURL+ResourceMappingServiceListResourceMappingsByGroupFqnsProcedure, + connect.WithSchema(resourceMappingServiceListResourceMappingsByGroupFqnsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getResourceMapping: connect.NewClient[resourcemapping.GetResourceMappingRequest, resourcemapping.GetResourceMappingResponse]( + httpClient, + baseURL+ResourceMappingServiceGetResourceMappingProcedure, + connect.WithSchema(resourceMappingServiceGetResourceMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createResourceMapping: connect.NewClient[resourcemapping.CreateResourceMappingRequest, resourcemapping.CreateResourceMappingResponse]( + httpClient, + baseURL+ResourceMappingServiceCreateResourceMappingProcedure, + connect.WithSchema(resourceMappingServiceCreateResourceMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateResourceMapping: connect.NewClient[resourcemapping.UpdateResourceMappingRequest, resourcemapping.UpdateResourceMappingResponse]( + httpClient, + baseURL+ResourceMappingServiceUpdateResourceMappingProcedure, + connect.WithSchema(resourceMappingServiceUpdateResourceMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deleteResourceMapping: connect.NewClient[resourcemapping.DeleteResourceMappingRequest, resourcemapping.DeleteResourceMappingResponse]( + httpClient, + baseURL+ResourceMappingServiceDeleteResourceMappingProcedure, + connect.WithSchema(resourceMappingServiceDeleteResourceMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// resourceMappingServiceClient implements ResourceMappingServiceClient. +type resourceMappingServiceClient struct { + listResourceMappingGroups *connect.Client[resourcemapping.ListResourceMappingGroupsRequest, resourcemapping.ListResourceMappingGroupsResponse] + getResourceMappingGroup *connect.Client[resourcemapping.GetResourceMappingGroupRequest, resourcemapping.GetResourceMappingGroupResponse] + createResourceMappingGroup *connect.Client[resourcemapping.CreateResourceMappingGroupRequest, resourcemapping.CreateResourceMappingGroupResponse] + updateResourceMappingGroup *connect.Client[resourcemapping.UpdateResourceMappingGroupRequest, resourcemapping.UpdateResourceMappingGroupResponse] + deleteResourceMappingGroup *connect.Client[resourcemapping.DeleteResourceMappingGroupRequest, resourcemapping.DeleteResourceMappingGroupResponse] + listResourceMappings *connect.Client[resourcemapping.ListResourceMappingsRequest, resourcemapping.ListResourceMappingsResponse] + listResourceMappingsByGroupFqns *connect.Client[resourcemapping.ListResourceMappingsByGroupFqnsRequest, resourcemapping.ListResourceMappingsByGroupFqnsResponse] + getResourceMapping *connect.Client[resourcemapping.GetResourceMappingRequest, resourcemapping.GetResourceMappingResponse] + createResourceMapping *connect.Client[resourcemapping.CreateResourceMappingRequest, resourcemapping.CreateResourceMappingResponse] + updateResourceMapping *connect.Client[resourcemapping.UpdateResourceMappingRequest, resourcemapping.UpdateResourceMappingResponse] + deleteResourceMapping *connect.Client[resourcemapping.DeleteResourceMappingRequest, resourcemapping.DeleteResourceMappingResponse] +} + +// ListResourceMappingGroups calls +// policy.resourcemapping.ResourceMappingService.ListResourceMappingGroups. +func (c *resourceMappingServiceClient) ListResourceMappingGroups(ctx context.Context, req *connect.Request[resourcemapping.ListResourceMappingGroupsRequest]) (*connect.Response[resourcemapping.ListResourceMappingGroupsResponse], error) { + return c.listResourceMappingGroups.CallUnary(ctx, req) +} + +// GetResourceMappingGroup calls +// policy.resourcemapping.ResourceMappingService.GetResourceMappingGroup. +func (c *resourceMappingServiceClient) GetResourceMappingGroup(ctx context.Context, req *connect.Request[resourcemapping.GetResourceMappingGroupRequest]) (*connect.Response[resourcemapping.GetResourceMappingGroupResponse], error) { + return c.getResourceMappingGroup.CallUnary(ctx, req) +} + +// CreateResourceMappingGroup calls +// policy.resourcemapping.ResourceMappingService.CreateResourceMappingGroup. +func (c *resourceMappingServiceClient) CreateResourceMappingGroup(ctx context.Context, req *connect.Request[resourcemapping.CreateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.CreateResourceMappingGroupResponse], error) { + return c.createResourceMappingGroup.CallUnary(ctx, req) +} + +// UpdateResourceMappingGroup calls +// policy.resourcemapping.ResourceMappingService.UpdateResourceMappingGroup. +func (c *resourceMappingServiceClient) UpdateResourceMappingGroup(ctx context.Context, req *connect.Request[resourcemapping.UpdateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingGroupResponse], error) { + return c.updateResourceMappingGroup.CallUnary(ctx, req) +} + +// DeleteResourceMappingGroup calls +// policy.resourcemapping.ResourceMappingService.DeleteResourceMappingGroup. +func (c *resourceMappingServiceClient) DeleteResourceMappingGroup(ctx context.Context, req *connect.Request[resourcemapping.DeleteResourceMappingGroupRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingGroupResponse], error) { + return c.deleteResourceMappingGroup.CallUnary(ctx, req) +} + +// ListResourceMappings calls policy.resourcemapping.ResourceMappingService.ListResourceMappings. +func (c *resourceMappingServiceClient) ListResourceMappings(ctx context.Context, req *connect.Request[resourcemapping.ListResourceMappingsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsResponse], error) { + return c.listResourceMappings.CallUnary(ctx, req) +} + +// ListResourceMappingsByGroupFqns calls +// policy.resourcemapping.ResourceMappingService.ListResourceMappingsByGroupFqns. +func (c *resourceMappingServiceClient) ListResourceMappingsByGroupFqns(ctx context.Context, req *connect.Request[resourcemapping.ListResourceMappingsByGroupFqnsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsByGroupFqnsResponse], error) { + return c.listResourceMappingsByGroupFqns.CallUnary(ctx, req) +} + +// GetResourceMapping calls policy.resourcemapping.ResourceMappingService.GetResourceMapping. +func (c *resourceMappingServiceClient) GetResourceMapping(ctx context.Context, req *connect.Request[resourcemapping.GetResourceMappingRequest]) (*connect.Response[resourcemapping.GetResourceMappingResponse], error) { + return c.getResourceMapping.CallUnary(ctx, req) +} + +// CreateResourceMapping calls policy.resourcemapping.ResourceMappingService.CreateResourceMapping. +func (c *resourceMappingServiceClient) CreateResourceMapping(ctx context.Context, req *connect.Request[resourcemapping.CreateResourceMappingRequest]) (*connect.Response[resourcemapping.CreateResourceMappingResponse], error) { + return c.createResourceMapping.CallUnary(ctx, req) +} + +// UpdateResourceMapping calls policy.resourcemapping.ResourceMappingService.UpdateResourceMapping. +func (c *resourceMappingServiceClient) UpdateResourceMapping(ctx context.Context, req *connect.Request[resourcemapping.UpdateResourceMappingRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingResponse], error) { + return c.updateResourceMapping.CallUnary(ctx, req) +} + +// DeleteResourceMapping calls policy.resourcemapping.ResourceMappingService.DeleteResourceMapping. +func (c *resourceMappingServiceClient) DeleteResourceMapping(ctx context.Context, req *connect.Request[resourcemapping.DeleteResourceMappingRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingResponse], error) { + return c.deleteResourceMapping.CallUnary(ctx, req) +} + +// ResourceMappingServiceHandler is an implementation of the +// policy.resourcemapping.ResourceMappingService service. +type ResourceMappingServiceHandler interface { + ListResourceMappingGroups(context.Context, *connect.Request[resourcemapping.ListResourceMappingGroupsRequest]) (*connect.Response[resourcemapping.ListResourceMappingGroupsResponse], error) + GetResourceMappingGroup(context.Context, *connect.Request[resourcemapping.GetResourceMappingGroupRequest]) (*connect.Response[resourcemapping.GetResourceMappingGroupResponse], error) + CreateResourceMappingGroup(context.Context, *connect.Request[resourcemapping.CreateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.CreateResourceMappingGroupResponse], error) + UpdateResourceMappingGroup(context.Context, *connect.Request[resourcemapping.UpdateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingGroupResponse], error) + DeleteResourceMappingGroup(context.Context, *connect.Request[resourcemapping.DeleteResourceMappingGroupRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingGroupResponse], error) + ListResourceMappings(context.Context, *connect.Request[resourcemapping.ListResourceMappingsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsResponse], error) + ListResourceMappingsByGroupFqns(context.Context, *connect.Request[resourcemapping.ListResourceMappingsByGroupFqnsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsByGroupFqnsResponse], error) + GetResourceMapping(context.Context, *connect.Request[resourcemapping.GetResourceMappingRequest]) (*connect.Response[resourcemapping.GetResourceMappingResponse], error) + CreateResourceMapping(context.Context, *connect.Request[resourcemapping.CreateResourceMappingRequest]) (*connect.Response[resourcemapping.CreateResourceMappingResponse], error) + UpdateResourceMapping(context.Context, *connect.Request[resourcemapping.UpdateResourceMappingRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingResponse], error) + DeleteResourceMapping(context.Context, *connect.Request[resourcemapping.DeleteResourceMappingRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingResponse], error) +} + +// NewResourceMappingServiceHandler builds an HTTP handler from the service implementation. It +// returns the path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewResourceMappingServiceHandler(svc ResourceMappingServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + resourceMappingServiceListResourceMappingGroupsHandler := connect.NewUnaryHandler( + ResourceMappingServiceListResourceMappingGroupsProcedure, + svc.ListResourceMappingGroups, + connect.WithSchema(resourceMappingServiceListResourceMappingGroupsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceGetResourceMappingGroupHandler := connect.NewUnaryHandler( + ResourceMappingServiceGetResourceMappingGroupProcedure, + svc.GetResourceMappingGroup, + connect.WithSchema(resourceMappingServiceGetResourceMappingGroupMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceCreateResourceMappingGroupHandler := connect.NewUnaryHandler( + ResourceMappingServiceCreateResourceMappingGroupProcedure, + svc.CreateResourceMappingGroup, + connect.WithSchema(resourceMappingServiceCreateResourceMappingGroupMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceUpdateResourceMappingGroupHandler := connect.NewUnaryHandler( + ResourceMappingServiceUpdateResourceMappingGroupProcedure, + svc.UpdateResourceMappingGroup, + connect.WithSchema(resourceMappingServiceUpdateResourceMappingGroupMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceDeleteResourceMappingGroupHandler := connect.NewUnaryHandler( + ResourceMappingServiceDeleteResourceMappingGroupProcedure, + svc.DeleteResourceMappingGroup, + connect.WithSchema(resourceMappingServiceDeleteResourceMappingGroupMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceListResourceMappingsHandler := connect.NewUnaryHandler( + ResourceMappingServiceListResourceMappingsProcedure, + svc.ListResourceMappings, + connect.WithSchema(resourceMappingServiceListResourceMappingsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceListResourceMappingsByGroupFqnsHandler := connect.NewUnaryHandler( + ResourceMappingServiceListResourceMappingsByGroupFqnsProcedure, + svc.ListResourceMappingsByGroupFqns, + connect.WithSchema(resourceMappingServiceListResourceMappingsByGroupFqnsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceGetResourceMappingHandler := connect.NewUnaryHandler( + ResourceMappingServiceGetResourceMappingProcedure, + svc.GetResourceMapping, + connect.WithSchema(resourceMappingServiceGetResourceMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceCreateResourceMappingHandler := connect.NewUnaryHandler( + ResourceMappingServiceCreateResourceMappingProcedure, + svc.CreateResourceMapping, + connect.WithSchema(resourceMappingServiceCreateResourceMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceUpdateResourceMappingHandler := connect.NewUnaryHandler( + ResourceMappingServiceUpdateResourceMappingProcedure, + svc.UpdateResourceMapping, + connect.WithSchema(resourceMappingServiceUpdateResourceMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + resourceMappingServiceDeleteResourceMappingHandler := connect.NewUnaryHandler( + ResourceMappingServiceDeleteResourceMappingProcedure, + svc.DeleteResourceMapping, + connect.WithSchema(resourceMappingServiceDeleteResourceMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/policy.resourcemapping.ResourceMappingService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case ResourceMappingServiceListResourceMappingGroupsProcedure: + resourceMappingServiceListResourceMappingGroupsHandler.ServeHTTP(w, r) + case ResourceMappingServiceGetResourceMappingGroupProcedure: + resourceMappingServiceGetResourceMappingGroupHandler.ServeHTTP(w, r) + case ResourceMappingServiceCreateResourceMappingGroupProcedure: + resourceMappingServiceCreateResourceMappingGroupHandler.ServeHTTP(w, r) + case ResourceMappingServiceUpdateResourceMappingGroupProcedure: + resourceMappingServiceUpdateResourceMappingGroupHandler.ServeHTTP(w, r) + case ResourceMappingServiceDeleteResourceMappingGroupProcedure: + resourceMappingServiceDeleteResourceMappingGroupHandler.ServeHTTP(w, r) + case ResourceMappingServiceListResourceMappingsProcedure: + resourceMappingServiceListResourceMappingsHandler.ServeHTTP(w, r) + case ResourceMappingServiceListResourceMappingsByGroupFqnsProcedure: + resourceMappingServiceListResourceMappingsByGroupFqnsHandler.ServeHTTP(w, r) + case ResourceMappingServiceGetResourceMappingProcedure: + resourceMappingServiceGetResourceMappingHandler.ServeHTTP(w, r) + case ResourceMappingServiceCreateResourceMappingProcedure: + resourceMappingServiceCreateResourceMappingHandler.ServeHTTP(w, r) + case ResourceMappingServiceUpdateResourceMappingProcedure: + resourceMappingServiceUpdateResourceMappingHandler.ServeHTTP(w, r) + case ResourceMappingServiceDeleteResourceMappingProcedure: + resourceMappingServiceDeleteResourceMappingHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedResourceMappingServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedResourceMappingServiceHandler struct{} + +func (UnimplementedResourceMappingServiceHandler) ListResourceMappingGroups(context.Context, *connect.Request[resourcemapping.ListResourceMappingGroupsRequest]) (*connect.Response[resourcemapping.ListResourceMappingGroupsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.ListResourceMappingGroups is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) GetResourceMappingGroup(context.Context, *connect.Request[resourcemapping.GetResourceMappingGroupRequest]) (*connect.Response[resourcemapping.GetResourceMappingGroupResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.GetResourceMappingGroup is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) CreateResourceMappingGroup(context.Context, *connect.Request[resourcemapping.CreateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.CreateResourceMappingGroupResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.CreateResourceMappingGroup is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) UpdateResourceMappingGroup(context.Context, *connect.Request[resourcemapping.UpdateResourceMappingGroupRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingGroupResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.UpdateResourceMappingGroup is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) DeleteResourceMappingGroup(context.Context, *connect.Request[resourcemapping.DeleteResourceMappingGroupRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingGroupResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.DeleteResourceMappingGroup is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) ListResourceMappings(context.Context, *connect.Request[resourcemapping.ListResourceMappingsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.ListResourceMappings is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) ListResourceMappingsByGroupFqns(context.Context, *connect.Request[resourcemapping.ListResourceMappingsByGroupFqnsRequest]) (*connect.Response[resourcemapping.ListResourceMappingsByGroupFqnsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.ListResourceMappingsByGroupFqns is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) GetResourceMapping(context.Context, *connect.Request[resourcemapping.GetResourceMappingRequest]) (*connect.Response[resourcemapping.GetResourceMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.GetResourceMapping is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) CreateResourceMapping(context.Context, *connect.Request[resourcemapping.CreateResourceMappingRequest]) (*connect.Response[resourcemapping.CreateResourceMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.CreateResourceMapping is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) UpdateResourceMapping(context.Context, *connect.Request[resourcemapping.UpdateResourceMappingRequest]) (*connect.Response[resourcemapping.UpdateResourceMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.UpdateResourceMapping is not implemented")) +} + +func (UnimplementedResourceMappingServiceHandler) DeleteResourceMapping(context.Context, *connect.Request[resourcemapping.DeleteResourceMappingRequest]) (*connect.Response[resourcemapping.DeleteResourceMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.resourcemapping.ResourceMappingService.DeleteResourceMapping is not implemented")) +} diff --git a/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go b/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go new file mode 100644 index 0000000000..6cdbf3b7d7 --- /dev/null +++ b/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go @@ -0,0 +1,422 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: policy/subjectmapping/subject_mapping.proto + +package subjectmappingconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + subjectmapping "github.com/opentdf/platform/protocol/go/policy/subjectmapping" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // SubjectMappingServiceName is the fully-qualified name of the SubjectMappingService service. + SubjectMappingServiceName = "policy.subjectmapping.SubjectMappingService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // SubjectMappingServiceMatchSubjectMappingsProcedure is the fully-qualified name of the + // SubjectMappingService's MatchSubjectMappings RPC. + SubjectMappingServiceMatchSubjectMappingsProcedure = "/policy.subjectmapping.SubjectMappingService/MatchSubjectMappings" + // SubjectMappingServiceListSubjectMappingsProcedure is the fully-qualified name of the + // SubjectMappingService's ListSubjectMappings RPC. + SubjectMappingServiceListSubjectMappingsProcedure = "/policy.subjectmapping.SubjectMappingService/ListSubjectMappings" + // SubjectMappingServiceGetSubjectMappingProcedure is the fully-qualified name of the + // SubjectMappingService's GetSubjectMapping RPC. + SubjectMappingServiceGetSubjectMappingProcedure = "/policy.subjectmapping.SubjectMappingService/GetSubjectMapping" + // SubjectMappingServiceCreateSubjectMappingProcedure is the fully-qualified name of the + // SubjectMappingService's CreateSubjectMapping RPC. + SubjectMappingServiceCreateSubjectMappingProcedure = "/policy.subjectmapping.SubjectMappingService/CreateSubjectMapping" + // SubjectMappingServiceUpdateSubjectMappingProcedure is the fully-qualified name of the + // SubjectMappingService's UpdateSubjectMapping RPC. + SubjectMappingServiceUpdateSubjectMappingProcedure = "/policy.subjectmapping.SubjectMappingService/UpdateSubjectMapping" + // SubjectMappingServiceDeleteSubjectMappingProcedure is the fully-qualified name of the + // SubjectMappingService's DeleteSubjectMapping RPC. + SubjectMappingServiceDeleteSubjectMappingProcedure = "/policy.subjectmapping.SubjectMappingService/DeleteSubjectMapping" + // SubjectMappingServiceListSubjectConditionSetsProcedure is the fully-qualified name of the + // SubjectMappingService's ListSubjectConditionSets RPC. + SubjectMappingServiceListSubjectConditionSetsProcedure = "/policy.subjectmapping.SubjectMappingService/ListSubjectConditionSets" + // SubjectMappingServiceGetSubjectConditionSetProcedure is the fully-qualified name of the + // SubjectMappingService's GetSubjectConditionSet RPC. + SubjectMappingServiceGetSubjectConditionSetProcedure = "/policy.subjectmapping.SubjectMappingService/GetSubjectConditionSet" + // SubjectMappingServiceCreateSubjectConditionSetProcedure is the fully-qualified name of the + // SubjectMappingService's CreateSubjectConditionSet RPC. + SubjectMappingServiceCreateSubjectConditionSetProcedure = "/policy.subjectmapping.SubjectMappingService/CreateSubjectConditionSet" + // SubjectMappingServiceUpdateSubjectConditionSetProcedure is the fully-qualified name of the + // SubjectMappingService's UpdateSubjectConditionSet RPC. + SubjectMappingServiceUpdateSubjectConditionSetProcedure = "/policy.subjectmapping.SubjectMappingService/UpdateSubjectConditionSet" + // SubjectMappingServiceDeleteSubjectConditionSetProcedure is the fully-qualified name of the + // SubjectMappingService's DeleteSubjectConditionSet RPC. + SubjectMappingServiceDeleteSubjectConditionSetProcedure = "/policy.subjectmapping.SubjectMappingService/DeleteSubjectConditionSet" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + subjectMappingServiceServiceDescriptor = subjectmapping.File_policy_subjectmapping_subject_mapping_proto.Services().ByName("SubjectMappingService") + subjectMappingServiceMatchSubjectMappingsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("MatchSubjectMappings") + subjectMappingServiceListSubjectMappingsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("ListSubjectMappings") + subjectMappingServiceGetSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("GetSubjectMapping") + subjectMappingServiceCreateSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("CreateSubjectMapping") + subjectMappingServiceUpdateSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("UpdateSubjectMapping") + subjectMappingServiceDeleteSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteSubjectMapping") + subjectMappingServiceListSubjectConditionSetsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("ListSubjectConditionSets") + subjectMappingServiceGetSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("GetSubjectConditionSet") + subjectMappingServiceCreateSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("CreateSubjectConditionSet") + subjectMappingServiceUpdateSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("UpdateSubjectConditionSet") + subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteSubjectConditionSet") +) + +// SubjectMappingServiceClient is a client for the policy.subjectmapping.SubjectMappingService +// service. +type SubjectMappingServiceClient interface { + // Find matching Subject Mappings for a given Subject + MatchSubjectMappings(context.Context, *connect.Request[subjectmapping.MatchSubjectMappingsRequest]) (*connect.Response[subjectmapping.MatchSubjectMappingsResponse], error) + ListSubjectMappings(context.Context, *connect.Request[subjectmapping.ListSubjectMappingsRequest]) (*connect.Response[subjectmapping.ListSubjectMappingsResponse], error) + GetSubjectMapping(context.Context, *connect.Request[subjectmapping.GetSubjectMappingRequest]) (*connect.Response[subjectmapping.GetSubjectMappingResponse], error) + CreateSubjectMapping(context.Context, *connect.Request[subjectmapping.CreateSubjectMappingRequest]) (*connect.Response[subjectmapping.CreateSubjectMappingResponse], error) + UpdateSubjectMapping(context.Context, *connect.Request[subjectmapping.UpdateSubjectMappingRequest]) (*connect.Response[subjectmapping.UpdateSubjectMappingResponse], error) + DeleteSubjectMapping(context.Context, *connect.Request[subjectmapping.DeleteSubjectMappingRequest]) (*connect.Response[subjectmapping.DeleteSubjectMappingResponse], error) + ListSubjectConditionSets(context.Context, *connect.Request[subjectmapping.ListSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.ListSubjectConditionSetsResponse], error) + GetSubjectConditionSet(context.Context, *connect.Request[subjectmapping.GetSubjectConditionSetRequest]) (*connect.Response[subjectmapping.GetSubjectConditionSetResponse], error) + CreateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.CreateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.CreateSubjectConditionSetResponse], error) + UpdateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.UpdateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.UpdateSubjectConditionSetResponse], error) + DeleteSubjectConditionSet(context.Context, *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) +} + +// NewSubjectMappingServiceClient constructs a client for the +// policy.subjectmapping.SubjectMappingService service. By default, it uses the Connect protocol +// with the binary Protobuf Codec, asks for gzipped responses, and sends uncompressed requests. To +// use the gRPC or gRPC-Web protocols, supply the connect.WithGRPC() or connect.WithGRPCWeb() +// options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewSubjectMappingServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) SubjectMappingServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &subjectMappingServiceClient{ + matchSubjectMappings: connect.NewClient[subjectmapping.MatchSubjectMappingsRequest, subjectmapping.MatchSubjectMappingsResponse]( + httpClient, + baseURL+SubjectMappingServiceMatchSubjectMappingsProcedure, + connect.WithSchema(subjectMappingServiceMatchSubjectMappingsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listSubjectMappings: connect.NewClient[subjectmapping.ListSubjectMappingsRequest, subjectmapping.ListSubjectMappingsResponse]( + httpClient, + baseURL+SubjectMappingServiceListSubjectMappingsProcedure, + connect.WithSchema(subjectMappingServiceListSubjectMappingsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getSubjectMapping: connect.NewClient[subjectmapping.GetSubjectMappingRequest, subjectmapping.GetSubjectMappingResponse]( + httpClient, + baseURL+SubjectMappingServiceGetSubjectMappingProcedure, + connect.WithSchema(subjectMappingServiceGetSubjectMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createSubjectMapping: connect.NewClient[subjectmapping.CreateSubjectMappingRequest, subjectmapping.CreateSubjectMappingResponse]( + httpClient, + baseURL+SubjectMappingServiceCreateSubjectMappingProcedure, + connect.WithSchema(subjectMappingServiceCreateSubjectMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateSubjectMapping: connect.NewClient[subjectmapping.UpdateSubjectMappingRequest, subjectmapping.UpdateSubjectMappingResponse]( + httpClient, + baseURL+SubjectMappingServiceUpdateSubjectMappingProcedure, + connect.WithSchema(subjectMappingServiceUpdateSubjectMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deleteSubjectMapping: connect.NewClient[subjectmapping.DeleteSubjectMappingRequest, subjectmapping.DeleteSubjectMappingResponse]( + httpClient, + baseURL+SubjectMappingServiceDeleteSubjectMappingProcedure, + connect.WithSchema(subjectMappingServiceDeleteSubjectMappingMethodDescriptor), + connect.WithClientOptions(opts...), + ), + listSubjectConditionSets: connect.NewClient[subjectmapping.ListSubjectConditionSetsRequest, subjectmapping.ListSubjectConditionSetsResponse]( + httpClient, + baseURL+SubjectMappingServiceListSubjectConditionSetsProcedure, + connect.WithSchema(subjectMappingServiceListSubjectConditionSetsMethodDescriptor), + connect.WithClientOptions(opts...), + ), + getSubjectConditionSet: connect.NewClient[subjectmapping.GetSubjectConditionSetRequest, subjectmapping.GetSubjectConditionSetResponse]( + httpClient, + baseURL+SubjectMappingServiceGetSubjectConditionSetProcedure, + connect.WithSchema(subjectMappingServiceGetSubjectConditionSetMethodDescriptor), + connect.WithClientOptions(opts...), + ), + createSubjectConditionSet: connect.NewClient[subjectmapping.CreateSubjectConditionSetRequest, subjectmapping.CreateSubjectConditionSetResponse]( + httpClient, + baseURL+SubjectMappingServiceCreateSubjectConditionSetProcedure, + connect.WithSchema(subjectMappingServiceCreateSubjectConditionSetMethodDescriptor), + connect.WithClientOptions(opts...), + ), + updateSubjectConditionSet: connect.NewClient[subjectmapping.UpdateSubjectConditionSetRequest, subjectmapping.UpdateSubjectConditionSetResponse]( + httpClient, + baseURL+SubjectMappingServiceUpdateSubjectConditionSetProcedure, + connect.WithSchema(subjectMappingServiceUpdateSubjectConditionSetMethodDescriptor), + connect.WithClientOptions(opts...), + ), + deleteSubjectConditionSet: connect.NewClient[subjectmapping.DeleteSubjectConditionSetRequest, subjectmapping.DeleteSubjectConditionSetResponse]( + httpClient, + baseURL+SubjectMappingServiceDeleteSubjectConditionSetProcedure, + connect.WithSchema(subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// subjectMappingServiceClient implements SubjectMappingServiceClient. +type subjectMappingServiceClient struct { + matchSubjectMappings *connect.Client[subjectmapping.MatchSubjectMappingsRequest, subjectmapping.MatchSubjectMappingsResponse] + listSubjectMappings *connect.Client[subjectmapping.ListSubjectMappingsRequest, subjectmapping.ListSubjectMappingsResponse] + getSubjectMapping *connect.Client[subjectmapping.GetSubjectMappingRequest, subjectmapping.GetSubjectMappingResponse] + createSubjectMapping *connect.Client[subjectmapping.CreateSubjectMappingRequest, subjectmapping.CreateSubjectMappingResponse] + updateSubjectMapping *connect.Client[subjectmapping.UpdateSubjectMappingRequest, subjectmapping.UpdateSubjectMappingResponse] + deleteSubjectMapping *connect.Client[subjectmapping.DeleteSubjectMappingRequest, subjectmapping.DeleteSubjectMappingResponse] + listSubjectConditionSets *connect.Client[subjectmapping.ListSubjectConditionSetsRequest, subjectmapping.ListSubjectConditionSetsResponse] + getSubjectConditionSet *connect.Client[subjectmapping.GetSubjectConditionSetRequest, subjectmapping.GetSubjectConditionSetResponse] + createSubjectConditionSet *connect.Client[subjectmapping.CreateSubjectConditionSetRequest, subjectmapping.CreateSubjectConditionSetResponse] + updateSubjectConditionSet *connect.Client[subjectmapping.UpdateSubjectConditionSetRequest, subjectmapping.UpdateSubjectConditionSetResponse] + deleteSubjectConditionSet *connect.Client[subjectmapping.DeleteSubjectConditionSetRequest, subjectmapping.DeleteSubjectConditionSetResponse] +} + +// MatchSubjectMappings calls policy.subjectmapping.SubjectMappingService.MatchSubjectMappings. +func (c *subjectMappingServiceClient) MatchSubjectMappings(ctx context.Context, req *connect.Request[subjectmapping.MatchSubjectMappingsRequest]) (*connect.Response[subjectmapping.MatchSubjectMappingsResponse], error) { + return c.matchSubjectMappings.CallUnary(ctx, req) +} + +// ListSubjectMappings calls policy.subjectmapping.SubjectMappingService.ListSubjectMappings. +func (c *subjectMappingServiceClient) ListSubjectMappings(ctx context.Context, req *connect.Request[subjectmapping.ListSubjectMappingsRequest]) (*connect.Response[subjectmapping.ListSubjectMappingsResponse], error) { + return c.listSubjectMappings.CallUnary(ctx, req) +} + +// GetSubjectMapping calls policy.subjectmapping.SubjectMappingService.GetSubjectMapping. +func (c *subjectMappingServiceClient) GetSubjectMapping(ctx context.Context, req *connect.Request[subjectmapping.GetSubjectMappingRequest]) (*connect.Response[subjectmapping.GetSubjectMappingResponse], error) { + return c.getSubjectMapping.CallUnary(ctx, req) +} + +// CreateSubjectMapping calls policy.subjectmapping.SubjectMappingService.CreateSubjectMapping. +func (c *subjectMappingServiceClient) CreateSubjectMapping(ctx context.Context, req *connect.Request[subjectmapping.CreateSubjectMappingRequest]) (*connect.Response[subjectmapping.CreateSubjectMappingResponse], error) { + return c.createSubjectMapping.CallUnary(ctx, req) +} + +// UpdateSubjectMapping calls policy.subjectmapping.SubjectMappingService.UpdateSubjectMapping. +func (c *subjectMappingServiceClient) UpdateSubjectMapping(ctx context.Context, req *connect.Request[subjectmapping.UpdateSubjectMappingRequest]) (*connect.Response[subjectmapping.UpdateSubjectMappingResponse], error) { + return c.updateSubjectMapping.CallUnary(ctx, req) +} + +// DeleteSubjectMapping calls policy.subjectmapping.SubjectMappingService.DeleteSubjectMapping. +func (c *subjectMappingServiceClient) DeleteSubjectMapping(ctx context.Context, req *connect.Request[subjectmapping.DeleteSubjectMappingRequest]) (*connect.Response[subjectmapping.DeleteSubjectMappingResponse], error) { + return c.deleteSubjectMapping.CallUnary(ctx, req) +} + +// ListSubjectConditionSets calls +// policy.subjectmapping.SubjectMappingService.ListSubjectConditionSets. +func (c *subjectMappingServiceClient) ListSubjectConditionSets(ctx context.Context, req *connect.Request[subjectmapping.ListSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.ListSubjectConditionSetsResponse], error) { + return c.listSubjectConditionSets.CallUnary(ctx, req) +} + +// GetSubjectConditionSet calls policy.subjectmapping.SubjectMappingService.GetSubjectConditionSet. +func (c *subjectMappingServiceClient) GetSubjectConditionSet(ctx context.Context, req *connect.Request[subjectmapping.GetSubjectConditionSetRequest]) (*connect.Response[subjectmapping.GetSubjectConditionSetResponse], error) { + return c.getSubjectConditionSet.CallUnary(ctx, req) +} + +// CreateSubjectConditionSet calls +// policy.subjectmapping.SubjectMappingService.CreateSubjectConditionSet. +func (c *subjectMappingServiceClient) CreateSubjectConditionSet(ctx context.Context, req *connect.Request[subjectmapping.CreateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.CreateSubjectConditionSetResponse], error) { + return c.createSubjectConditionSet.CallUnary(ctx, req) +} + +// UpdateSubjectConditionSet calls +// policy.subjectmapping.SubjectMappingService.UpdateSubjectConditionSet. +func (c *subjectMappingServiceClient) UpdateSubjectConditionSet(ctx context.Context, req *connect.Request[subjectmapping.UpdateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.UpdateSubjectConditionSetResponse], error) { + return c.updateSubjectConditionSet.CallUnary(ctx, req) +} + +// DeleteSubjectConditionSet calls +// policy.subjectmapping.SubjectMappingService.DeleteSubjectConditionSet. +func (c *subjectMappingServiceClient) DeleteSubjectConditionSet(ctx context.Context, req *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) { + return c.deleteSubjectConditionSet.CallUnary(ctx, req) +} + +// SubjectMappingServiceHandler is an implementation of the +// policy.subjectmapping.SubjectMappingService service. +type SubjectMappingServiceHandler interface { + // Find matching Subject Mappings for a given Subject + MatchSubjectMappings(context.Context, *connect.Request[subjectmapping.MatchSubjectMappingsRequest]) (*connect.Response[subjectmapping.MatchSubjectMappingsResponse], error) + ListSubjectMappings(context.Context, *connect.Request[subjectmapping.ListSubjectMappingsRequest]) (*connect.Response[subjectmapping.ListSubjectMappingsResponse], error) + GetSubjectMapping(context.Context, *connect.Request[subjectmapping.GetSubjectMappingRequest]) (*connect.Response[subjectmapping.GetSubjectMappingResponse], error) + CreateSubjectMapping(context.Context, *connect.Request[subjectmapping.CreateSubjectMappingRequest]) (*connect.Response[subjectmapping.CreateSubjectMappingResponse], error) + UpdateSubjectMapping(context.Context, *connect.Request[subjectmapping.UpdateSubjectMappingRequest]) (*connect.Response[subjectmapping.UpdateSubjectMappingResponse], error) + DeleteSubjectMapping(context.Context, *connect.Request[subjectmapping.DeleteSubjectMappingRequest]) (*connect.Response[subjectmapping.DeleteSubjectMappingResponse], error) + ListSubjectConditionSets(context.Context, *connect.Request[subjectmapping.ListSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.ListSubjectConditionSetsResponse], error) + GetSubjectConditionSet(context.Context, *connect.Request[subjectmapping.GetSubjectConditionSetRequest]) (*connect.Response[subjectmapping.GetSubjectConditionSetResponse], error) + CreateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.CreateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.CreateSubjectConditionSetResponse], error) + UpdateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.UpdateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.UpdateSubjectConditionSetResponse], error) + DeleteSubjectConditionSet(context.Context, *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) +} + +// NewSubjectMappingServiceHandler builds an HTTP handler from the service implementation. It +// returns the path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewSubjectMappingServiceHandler(svc SubjectMappingServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + subjectMappingServiceMatchSubjectMappingsHandler := connect.NewUnaryHandler( + SubjectMappingServiceMatchSubjectMappingsProcedure, + svc.MatchSubjectMappings, + connect.WithSchema(subjectMappingServiceMatchSubjectMappingsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceListSubjectMappingsHandler := connect.NewUnaryHandler( + SubjectMappingServiceListSubjectMappingsProcedure, + svc.ListSubjectMappings, + connect.WithSchema(subjectMappingServiceListSubjectMappingsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceGetSubjectMappingHandler := connect.NewUnaryHandler( + SubjectMappingServiceGetSubjectMappingProcedure, + svc.GetSubjectMapping, + connect.WithSchema(subjectMappingServiceGetSubjectMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceCreateSubjectMappingHandler := connect.NewUnaryHandler( + SubjectMappingServiceCreateSubjectMappingProcedure, + svc.CreateSubjectMapping, + connect.WithSchema(subjectMappingServiceCreateSubjectMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceUpdateSubjectMappingHandler := connect.NewUnaryHandler( + SubjectMappingServiceUpdateSubjectMappingProcedure, + svc.UpdateSubjectMapping, + connect.WithSchema(subjectMappingServiceUpdateSubjectMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceDeleteSubjectMappingHandler := connect.NewUnaryHandler( + SubjectMappingServiceDeleteSubjectMappingProcedure, + svc.DeleteSubjectMapping, + connect.WithSchema(subjectMappingServiceDeleteSubjectMappingMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceListSubjectConditionSetsHandler := connect.NewUnaryHandler( + SubjectMappingServiceListSubjectConditionSetsProcedure, + svc.ListSubjectConditionSets, + connect.WithSchema(subjectMappingServiceListSubjectConditionSetsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceGetSubjectConditionSetHandler := connect.NewUnaryHandler( + SubjectMappingServiceGetSubjectConditionSetProcedure, + svc.GetSubjectConditionSet, + connect.WithSchema(subjectMappingServiceGetSubjectConditionSetMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceCreateSubjectConditionSetHandler := connect.NewUnaryHandler( + SubjectMappingServiceCreateSubjectConditionSetProcedure, + svc.CreateSubjectConditionSet, + connect.WithSchema(subjectMappingServiceCreateSubjectConditionSetMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceUpdateSubjectConditionSetHandler := connect.NewUnaryHandler( + SubjectMappingServiceUpdateSubjectConditionSetProcedure, + svc.UpdateSubjectConditionSet, + connect.WithSchema(subjectMappingServiceUpdateSubjectConditionSetMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + subjectMappingServiceDeleteSubjectConditionSetHandler := connect.NewUnaryHandler( + SubjectMappingServiceDeleteSubjectConditionSetProcedure, + svc.DeleteSubjectConditionSet, + connect.WithSchema(subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/policy.subjectmapping.SubjectMappingService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case SubjectMappingServiceMatchSubjectMappingsProcedure: + subjectMappingServiceMatchSubjectMappingsHandler.ServeHTTP(w, r) + case SubjectMappingServiceListSubjectMappingsProcedure: + subjectMappingServiceListSubjectMappingsHandler.ServeHTTP(w, r) + case SubjectMappingServiceGetSubjectMappingProcedure: + subjectMappingServiceGetSubjectMappingHandler.ServeHTTP(w, r) + case SubjectMappingServiceCreateSubjectMappingProcedure: + subjectMappingServiceCreateSubjectMappingHandler.ServeHTTP(w, r) + case SubjectMappingServiceUpdateSubjectMappingProcedure: + subjectMappingServiceUpdateSubjectMappingHandler.ServeHTTP(w, r) + case SubjectMappingServiceDeleteSubjectMappingProcedure: + subjectMappingServiceDeleteSubjectMappingHandler.ServeHTTP(w, r) + case SubjectMappingServiceListSubjectConditionSetsProcedure: + subjectMappingServiceListSubjectConditionSetsHandler.ServeHTTP(w, r) + case SubjectMappingServiceGetSubjectConditionSetProcedure: + subjectMappingServiceGetSubjectConditionSetHandler.ServeHTTP(w, r) + case SubjectMappingServiceCreateSubjectConditionSetProcedure: + subjectMappingServiceCreateSubjectConditionSetHandler.ServeHTTP(w, r) + case SubjectMappingServiceUpdateSubjectConditionSetProcedure: + subjectMappingServiceUpdateSubjectConditionSetHandler.ServeHTTP(w, r) + case SubjectMappingServiceDeleteSubjectConditionSetProcedure: + subjectMappingServiceDeleteSubjectConditionSetHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedSubjectMappingServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedSubjectMappingServiceHandler struct{} + +func (UnimplementedSubjectMappingServiceHandler) MatchSubjectMappings(context.Context, *connect.Request[subjectmapping.MatchSubjectMappingsRequest]) (*connect.Response[subjectmapping.MatchSubjectMappingsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.MatchSubjectMappings is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) ListSubjectMappings(context.Context, *connect.Request[subjectmapping.ListSubjectMappingsRequest]) (*connect.Response[subjectmapping.ListSubjectMappingsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.ListSubjectMappings is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) GetSubjectMapping(context.Context, *connect.Request[subjectmapping.GetSubjectMappingRequest]) (*connect.Response[subjectmapping.GetSubjectMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.GetSubjectMapping is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) CreateSubjectMapping(context.Context, *connect.Request[subjectmapping.CreateSubjectMappingRequest]) (*connect.Response[subjectmapping.CreateSubjectMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.CreateSubjectMapping is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) UpdateSubjectMapping(context.Context, *connect.Request[subjectmapping.UpdateSubjectMappingRequest]) (*connect.Response[subjectmapping.UpdateSubjectMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.UpdateSubjectMapping is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) DeleteSubjectMapping(context.Context, *connect.Request[subjectmapping.DeleteSubjectMappingRequest]) (*connect.Response[subjectmapping.DeleteSubjectMappingResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.DeleteSubjectMapping is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) ListSubjectConditionSets(context.Context, *connect.Request[subjectmapping.ListSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.ListSubjectConditionSetsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.ListSubjectConditionSets is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) GetSubjectConditionSet(context.Context, *connect.Request[subjectmapping.GetSubjectConditionSetRequest]) (*connect.Response[subjectmapping.GetSubjectConditionSetResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.GetSubjectConditionSet is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) CreateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.CreateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.CreateSubjectConditionSetResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.CreateSubjectConditionSet is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) UpdateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.UpdateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.UpdateSubjectConditionSetResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.UpdateSubjectConditionSet is not implemented")) +} + +func (UnimplementedSubjectMappingServiceHandler) DeleteSubjectConditionSet(context.Context, *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.DeleteSubjectConditionSet is not implemented")) +} diff --git a/protocol/go/policy/unsafe/unsafeconnect/unsafe.connect.go b/protocol/go/policy/unsafe/unsafeconnect/unsafe.connect.go new file mode 100644 index 0000000000..db1b9cdf56 --- /dev/null +++ b/protocol/go/policy/unsafe/unsafeconnect/unsafe.connect.go @@ -0,0 +1,371 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: policy/unsafe/unsafe.proto + +package unsafeconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + unsafe "github.com/opentdf/platform/protocol/go/policy/unsafe" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // UnsafeServiceName is the fully-qualified name of the UnsafeService service. + UnsafeServiceName = "policy.unsafe.UnsafeService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // UnsafeServiceUnsafeUpdateNamespaceProcedure is the fully-qualified name of the UnsafeService's + // UnsafeUpdateNamespace RPC. + UnsafeServiceUnsafeUpdateNamespaceProcedure = "/policy.unsafe.UnsafeService/UnsafeUpdateNamespace" + // UnsafeServiceUnsafeReactivateNamespaceProcedure is the fully-qualified name of the + // UnsafeService's UnsafeReactivateNamespace RPC. + UnsafeServiceUnsafeReactivateNamespaceProcedure = "/policy.unsafe.UnsafeService/UnsafeReactivateNamespace" + // UnsafeServiceUnsafeDeleteNamespaceProcedure is the fully-qualified name of the UnsafeService's + // UnsafeDeleteNamespace RPC. + UnsafeServiceUnsafeDeleteNamespaceProcedure = "/policy.unsafe.UnsafeService/UnsafeDeleteNamespace" + // UnsafeServiceUnsafeUpdateAttributeProcedure is the fully-qualified name of the UnsafeService's + // UnsafeUpdateAttribute RPC. + UnsafeServiceUnsafeUpdateAttributeProcedure = "/policy.unsafe.UnsafeService/UnsafeUpdateAttribute" + // UnsafeServiceUnsafeReactivateAttributeProcedure is the fully-qualified name of the + // UnsafeService's UnsafeReactivateAttribute RPC. + UnsafeServiceUnsafeReactivateAttributeProcedure = "/policy.unsafe.UnsafeService/UnsafeReactivateAttribute" + // UnsafeServiceUnsafeDeleteAttributeProcedure is the fully-qualified name of the UnsafeService's + // UnsafeDeleteAttribute RPC. + UnsafeServiceUnsafeDeleteAttributeProcedure = "/policy.unsafe.UnsafeService/UnsafeDeleteAttribute" + // UnsafeServiceUnsafeUpdateAttributeValueProcedure is the fully-qualified name of the + // UnsafeService's UnsafeUpdateAttributeValue RPC. + UnsafeServiceUnsafeUpdateAttributeValueProcedure = "/policy.unsafe.UnsafeService/UnsafeUpdateAttributeValue" + // UnsafeServiceUnsafeReactivateAttributeValueProcedure is the fully-qualified name of the + // UnsafeService's UnsafeReactivateAttributeValue RPC. + UnsafeServiceUnsafeReactivateAttributeValueProcedure = "/policy.unsafe.UnsafeService/UnsafeReactivateAttributeValue" + // UnsafeServiceUnsafeDeleteAttributeValueProcedure is the fully-qualified name of the + // UnsafeService's UnsafeDeleteAttributeValue RPC. + UnsafeServiceUnsafeDeleteAttributeValueProcedure = "/policy.unsafe.UnsafeService/UnsafeDeleteAttributeValue" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + unsafeServiceServiceDescriptor = unsafe.File_policy_unsafe_unsafe_proto.Services().ByName("UnsafeService") + unsafeServiceUnsafeUpdateNamespaceMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeUpdateNamespace") + unsafeServiceUnsafeReactivateNamespaceMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeReactivateNamespace") + unsafeServiceUnsafeDeleteNamespaceMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeDeleteNamespace") + unsafeServiceUnsafeUpdateAttributeMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeUpdateAttribute") + unsafeServiceUnsafeReactivateAttributeMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeReactivateAttribute") + unsafeServiceUnsafeDeleteAttributeMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeDeleteAttribute") + unsafeServiceUnsafeUpdateAttributeValueMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeUpdateAttributeValue") + unsafeServiceUnsafeReactivateAttributeValueMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeReactivateAttributeValue") + unsafeServiceUnsafeDeleteAttributeValueMethodDescriptor = unsafeServiceServiceDescriptor.Methods().ByName("UnsafeDeleteAttributeValue") +) + +// UnsafeServiceClient is a client for the policy.unsafe.UnsafeService service. +type UnsafeServiceClient interface { + // --------------------------------------* + // Namespace RPCs + // --------------------------------------- + UnsafeUpdateNamespace(context.Context, *connect.Request[unsafe.UnsafeUpdateNamespaceRequest]) (*connect.Response[unsafe.UnsafeUpdateNamespaceResponse], error) + UnsafeReactivateNamespace(context.Context, *connect.Request[unsafe.UnsafeReactivateNamespaceRequest]) (*connect.Response[unsafe.UnsafeReactivateNamespaceResponse], error) + UnsafeDeleteNamespace(context.Context, *connect.Request[unsafe.UnsafeDeleteNamespaceRequest]) (*connect.Response[unsafe.UnsafeDeleteNamespaceResponse], error) + // --------------------------------------* + // Attribute RPCs + // --------------------------------------- + UnsafeUpdateAttribute(context.Context, *connect.Request[unsafe.UnsafeUpdateAttributeRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeResponse], error) + UnsafeReactivateAttribute(context.Context, *connect.Request[unsafe.UnsafeReactivateAttributeRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeResponse], error) + UnsafeDeleteAttribute(context.Context, *connect.Request[unsafe.UnsafeDeleteAttributeRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeResponse], error) + // --------------------------------------* + // Value RPCs + // --------------------------------------- + UnsafeUpdateAttributeValue(context.Context, *connect.Request[unsafe.UnsafeUpdateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeValueResponse], error) + UnsafeReactivateAttributeValue(context.Context, *connect.Request[unsafe.UnsafeReactivateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeValueResponse], error) + UnsafeDeleteAttributeValue(context.Context, *connect.Request[unsafe.UnsafeDeleteAttributeValueRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeValueResponse], error) +} + +// NewUnsafeServiceClient constructs a client for the policy.unsafe.UnsafeService service. By +// default, it uses the Connect protocol with the binary Protobuf Codec, asks for gzipped responses, +// and sends uncompressed requests. To use the gRPC or gRPC-Web protocols, supply the +// connect.WithGRPC() or connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewUnsafeServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) UnsafeServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &unsafeServiceClient{ + unsafeUpdateNamespace: connect.NewClient[unsafe.UnsafeUpdateNamespaceRequest, unsafe.UnsafeUpdateNamespaceResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeUpdateNamespaceProcedure, + connect.WithSchema(unsafeServiceUnsafeUpdateNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeReactivateNamespace: connect.NewClient[unsafe.UnsafeReactivateNamespaceRequest, unsafe.UnsafeReactivateNamespaceResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeReactivateNamespaceProcedure, + connect.WithSchema(unsafeServiceUnsafeReactivateNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeDeleteNamespace: connect.NewClient[unsafe.UnsafeDeleteNamespaceRequest, unsafe.UnsafeDeleteNamespaceResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeDeleteNamespaceProcedure, + connect.WithSchema(unsafeServiceUnsafeDeleteNamespaceMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeUpdateAttribute: connect.NewClient[unsafe.UnsafeUpdateAttributeRequest, unsafe.UnsafeUpdateAttributeResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeUpdateAttributeProcedure, + connect.WithSchema(unsafeServiceUnsafeUpdateAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeReactivateAttribute: connect.NewClient[unsafe.UnsafeReactivateAttributeRequest, unsafe.UnsafeReactivateAttributeResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeReactivateAttributeProcedure, + connect.WithSchema(unsafeServiceUnsafeReactivateAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeDeleteAttribute: connect.NewClient[unsafe.UnsafeDeleteAttributeRequest, unsafe.UnsafeDeleteAttributeResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeDeleteAttributeProcedure, + connect.WithSchema(unsafeServiceUnsafeDeleteAttributeMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeUpdateAttributeValue: connect.NewClient[unsafe.UnsafeUpdateAttributeValueRequest, unsafe.UnsafeUpdateAttributeValueResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeUpdateAttributeValueProcedure, + connect.WithSchema(unsafeServiceUnsafeUpdateAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeReactivateAttributeValue: connect.NewClient[unsafe.UnsafeReactivateAttributeValueRequest, unsafe.UnsafeReactivateAttributeValueResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeReactivateAttributeValueProcedure, + connect.WithSchema(unsafeServiceUnsafeReactivateAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + unsafeDeleteAttributeValue: connect.NewClient[unsafe.UnsafeDeleteAttributeValueRequest, unsafe.UnsafeDeleteAttributeValueResponse]( + httpClient, + baseURL+UnsafeServiceUnsafeDeleteAttributeValueProcedure, + connect.WithSchema(unsafeServiceUnsafeDeleteAttributeValueMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// unsafeServiceClient implements UnsafeServiceClient. +type unsafeServiceClient struct { + unsafeUpdateNamespace *connect.Client[unsafe.UnsafeUpdateNamespaceRequest, unsafe.UnsafeUpdateNamespaceResponse] + unsafeReactivateNamespace *connect.Client[unsafe.UnsafeReactivateNamespaceRequest, unsafe.UnsafeReactivateNamespaceResponse] + unsafeDeleteNamespace *connect.Client[unsafe.UnsafeDeleteNamespaceRequest, unsafe.UnsafeDeleteNamespaceResponse] + unsafeUpdateAttribute *connect.Client[unsafe.UnsafeUpdateAttributeRequest, unsafe.UnsafeUpdateAttributeResponse] + unsafeReactivateAttribute *connect.Client[unsafe.UnsafeReactivateAttributeRequest, unsafe.UnsafeReactivateAttributeResponse] + unsafeDeleteAttribute *connect.Client[unsafe.UnsafeDeleteAttributeRequest, unsafe.UnsafeDeleteAttributeResponse] + unsafeUpdateAttributeValue *connect.Client[unsafe.UnsafeUpdateAttributeValueRequest, unsafe.UnsafeUpdateAttributeValueResponse] + unsafeReactivateAttributeValue *connect.Client[unsafe.UnsafeReactivateAttributeValueRequest, unsafe.UnsafeReactivateAttributeValueResponse] + unsafeDeleteAttributeValue *connect.Client[unsafe.UnsafeDeleteAttributeValueRequest, unsafe.UnsafeDeleteAttributeValueResponse] +} + +// UnsafeUpdateNamespace calls policy.unsafe.UnsafeService.UnsafeUpdateNamespace. +func (c *unsafeServiceClient) UnsafeUpdateNamespace(ctx context.Context, req *connect.Request[unsafe.UnsafeUpdateNamespaceRequest]) (*connect.Response[unsafe.UnsafeUpdateNamespaceResponse], error) { + return c.unsafeUpdateNamespace.CallUnary(ctx, req) +} + +// UnsafeReactivateNamespace calls policy.unsafe.UnsafeService.UnsafeReactivateNamespace. +func (c *unsafeServiceClient) UnsafeReactivateNamespace(ctx context.Context, req *connect.Request[unsafe.UnsafeReactivateNamespaceRequest]) (*connect.Response[unsafe.UnsafeReactivateNamespaceResponse], error) { + return c.unsafeReactivateNamespace.CallUnary(ctx, req) +} + +// UnsafeDeleteNamespace calls policy.unsafe.UnsafeService.UnsafeDeleteNamespace. +func (c *unsafeServiceClient) UnsafeDeleteNamespace(ctx context.Context, req *connect.Request[unsafe.UnsafeDeleteNamespaceRequest]) (*connect.Response[unsafe.UnsafeDeleteNamespaceResponse], error) { + return c.unsafeDeleteNamespace.CallUnary(ctx, req) +} + +// UnsafeUpdateAttribute calls policy.unsafe.UnsafeService.UnsafeUpdateAttribute. +func (c *unsafeServiceClient) UnsafeUpdateAttribute(ctx context.Context, req *connect.Request[unsafe.UnsafeUpdateAttributeRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeResponse], error) { + return c.unsafeUpdateAttribute.CallUnary(ctx, req) +} + +// UnsafeReactivateAttribute calls policy.unsafe.UnsafeService.UnsafeReactivateAttribute. +func (c *unsafeServiceClient) UnsafeReactivateAttribute(ctx context.Context, req *connect.Request[unsafe.UnsafeReactivateAttributeRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeResponse], error) { + return c.unsafeReactivateAttribute.CallUnary(ctx, req) +} + +// UnsafeDeleteAttribute calls policy.unsafe.UnsafeService.UnsafeDeleteAttribute. +func (c *unsafeServiceClient) UnsafeDeleteAttribute(ctx context.Context, req *connect.Request[unsafe.UnsafeDeleteAttributeRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeResponse], error) { + return c.unsafeDeleteAttribute.CallUnary(ctx, req) +} + +// UnsafeUpdateAttributeValue calls policy.unsafe.UnsafeService.UnsafeUpdateAttributeValue. +func (c *unsafeServiceClient) UnsafeUpdateAttributeValue(ctx context.Context, req *connect.Request[unsafe.UnsafeUpdateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeValueResponse], error) { + return c.unsafeUpdateAttributeValue.CallUnary(ctx, req) +} + +// UnsafeReactivateAttributeValue calls policy.unsafe.UnsafeService.UnsafeReactivateAttributeValue. +func (c *unsafeServiceClient) UnsafeReactivateAttributeValue(ctx context.Context, req *connect.Request[unsafe.UnsafeReactivateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeValueResponse], error) { + return c.unsafeReactivateAttributeValue.CallUnary(ctx, req) +} + +// UnsafeDeleteAttributeValue calls policy.unsafe.UnsafeService.UnsafeDeleteAttributeValue. +func (c *unsafeServiceClient) UnsafeDeleteAttributeValue(ctx context.Context, req *connect.Request[unsafe.UnsafeDeleteAttributeValueRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeValueResponse], error) { + return c.unsafeDeleteAttributeValue.CallUnary(ctx, req) +} + +// UnsafeServiceHandler is an implementation of the policy.unsafe.UnsafeService service. +type UnsafeServiceHandler interface { + // --------------------------------------* + // Namespace RPCs + // --------------------------------------- + UnsafeUpdateNamespace(context.Context, *connect.Request[unsafe.UnsafeUpdateNamespaceRequest]) (*connect.Response[unsafe.UnsafeUpdateNamespaceResponse], error) + UnsafeReactivateNamespace(context.Context, *connect.Request[unsafe.UnsafeReactivateNamespaceRequest]) (*connect.Response[unsafe.UnsafeReactivateNamespaceResponse], error) + UnsafeDeleteNamespace(context.Context, *connect.Request[unsafe.UnsafeDeleteNamespaceRequest]) (*connect.Response[unsafe.UnsafeDeleteNamespaceResponse], error) + // --------------------------------------* + // Attribute RPCs + // --------------------------------------- + UnsafeUpdateAttribute(context.Context, *connect.Request[unsafe.UnsafeUpdateAttributeRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeResponse], error) + UnsafeReactivateAttribute(context.Context, *connect.Request[unsafe.UnsafeReactivateAttributeRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeResponse], error) + UnsafeDeleteAttribute(context.Context, *connect.Request[unsafe.UnsafeDeleteAttributeRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeResponse], error) + // --------------------------------------* + // Value RPCs + // --------------------------------------- + UnsafeUpdateAttributeValue(context.Context, *connect.Request[unsafe.UnsafeUpdateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeValueResponse], error) + UnsafeReactivateAttributeValue(context.Context, *connect.Request[unsafe.UnsafeReactivateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeValueResponse], error) + UnsafeDeleteAttributeValue(context.Context, *connect.Request[unsafe.UnsafeDeleteAttributeValueRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeValueResponse], error) +} + +// NewUnsafeServiceHandler builds an HTTP handler from the service implementation. It returns the +// path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewUnsafeServiceHandler(svc UnsafeServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + unsafeServiceUnsafeUpdateNamespaceHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeUpdateNamespaceProcedure, + svc.UnsafeUpdateNamespace, + connect.WithSchema(unsafeServiceUnsafeUpdateNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeReactivateNamespaceHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeReactivateNamespaceProcedure, + svc.UnsafeReactivateNamespace, + connect.WithSchema(unsafeServiceUnsafeReactivateNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeDeleteNamespaceHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeDeleteNamespaceProcedure, + svc.UnsafeDeleteNamespace, + connect.WithSchema(unsafeServiceUnsafeDeleteNamespaceMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeUpdateAttributeHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeUpdateAttributeProcedure, + svc.UnsafeUpdateAttribute, + connect.WithSchema(unsafeServiceUnsafeUpdateAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeReactivateAttributeHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeReactivateAttributeProcedure, + svc.UnsafeReactivateAttribute, + connect.WithSchema(unsafeServiceUnsafeReactivateAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeDeleteAttributeHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeDeleteAttributeProcedure, + svc.UnsafeDeleteAttribute, + connect.WithSchema(unsafeServiceUnsafeDeleteAttributeMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeUpdateAttributeValueHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeUpdateAttributeValueProcedure, + svc.UnsafeUpdateAttributeValue, + connect.WithSchema(unsafeServiceUnsafeUpdateAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeReactivateAttributeValueHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeReactivateAttributeValueProcedure, + svc.UnsafeReactivateAttributeValue, + connect.WithSchema(unsafeServiceUnsafeReactivateAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + unsafeServiceUnsafeDeleteAttributeValueHandler := connect.NewUnaryHandler( + UnsafeServiceUnsafeDeleteAttributeValueProcedure, + svc.UnsafeDeleteAttributeValue, + connect.WithSchema(unsafeServiceUnsafeDeleteAttributeValueMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/policy.unsafe.UnsafeService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case UnsafeServiceUnsafeUpdateNamespaceProcedure: + unsafeServiceUnsafeUpdateNamespaceHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeReactivateNamespaceProcedure: + unsafeServiceUnsafeReactivateNamespaceHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeDeleteNamespaceProcedure: + unsafeServiceUnsafeDeleteNamespaceHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeUpdateAttributeProcedure: + unsafeServiceUnsafeUpdateAttributeHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeReactivateAttributeProcedure: + unsafeServiceUnsafeReactivateAttributeHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeDeleteAttributeProcedure: + unsafeServiceUnsafeDeleteAttributeHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeUpdateAttributeValueProcedure: + unsafeServiceUnsafeUpdateAttributeValueHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeReactivateAttributeValueProcedure: + unsafeServiceUnsafeReactivateAttributeValueHandler.ServeHTTP(w, r) + case UnsafeServiceUnsafeDeleteAttributeValueProcedure: + unsafeServiceUnsafeDeleteAttributeValueHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedUnsafeServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedUnsafeServiceHandler struct{} + +func (UnimplementedUnsafeServiceHandler) UnsafeUpdateNamespace(context.Context, *connect.Request[unsafe.UnsafeUpdateNamespaceRequest]) (*connect.Response[unsafe.UnsafeUpdateNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeUpdateNamespace is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeReactivateNamespace(context.Context, *connect.Request[unsafe.UnsafeReactivateNamespaceRequest]) (*connect.Response[unsafe.UnsafeReactivateNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeReactivateNamespace is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeDeleteNamespace(context.Context, *connect.Request[unsafe.UnsafeDeleteNamespaceRequest]) (*connect.Response[unsafe.UnsafeDeleteNamespaceResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeDeleteNamespace is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeUpdateAttribute(context.Context, *connect.Request[unsafe.UnsafeUpdateAttributeRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeUpdateAttribute is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeReactivateAttribute(context.Context, *connect.Request[unsafe.UnsafeReactivateAttributeRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeReactivateAttribute is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeDeleteAttribute(context.Context, *connect.Request[unsafe.UnsafeDeleteAttributeRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeDeleteAttribute is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeUpdateAttributeValue(context.Context, *connect.Request[unsafe.UnsafeUpdateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeUpdateAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeUpdateAttributeValue is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeReactivateAttributeValue(context.Context, *connect.Request[unsafe.UnsafeReactivateAttributeValueRequest]) (*connect.Response[unsafe.UnsafeReactivateAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeReactivateAttributeValue is not implemented")) +} + +func (UnimplementedUnsafeServiceHandler) UnsafeDeleteAttributeValue(context.Context, *connect.Request[unsafe.UnsafeDeleteAttributeValueRequest]) (*connect.Response[unsafe.UnsafeDeleteAttributeValueResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.unsafe.UnsafeService.UnsafeDeleteAttributeValue is not implemented")) +} diff --git a/protocol/go/wellknownconfiguration/wellknownconfigurationconnect/wellknown_configuration.connect.go b/protocol/go/wellknownconfiguration/wellknownconfigurationconnect/wellknown_configuration.connect.go new file mode 100644 index 0000000000..ac0b4ae299 --- /dev/null +++ b/protocol/go/wellknownconfiguration/wellknownconfigurationconnect/wellknown_configuration.connect.go @@ -0,0 +1,115 @@ +// Code generated by protoc-gen-connect-go. DO NOT EDIT. +// +// Source: wellknownconfiguration/wellknown_configuration.proto + +package wellknownconfigurationconnect + +import ( + connect "connectrpc.com/connect" + context "context" + errors "errors" + wellknownconfiguration "github.com/opentdf/platform/protocol/go/wellknownconfiguration" + http "net/http" + strings "strings" +) + +// This is a compile-time assertion to ensure that this generated file and the connect package are +// compatible. If you get a compiler error that this constant is not defined, this code was +// generated with a version of connect newer than the one compiled into your binary. You can fix the +// problem by either regenerating this code with an older version of connect or updating the connect +// version compiled into your binary. +const _ = connect.IsAtLeastVersion1_13_0 + +const ( + // WellKnownServiceName is the fully-qualified name of the WellKnownService service. + WellKnownServiceName = "wellknownconfiguration.WellKnownService" +) + +// These constants are the fully-qualified names of the RPCs defined in this package. They're +// exposed at runtime as Spec.Procedure and as the final two segments of the HTTP route. +// +// Note that these are different from the fully-qualified method names used by +// google.golang.org/protobuf/reflect/protoreflect. To convert from these constants to +// reflection-formatted method names, remove the leading slash and convert the remaining slash to a +// period. +const ( + // WellKnownServiceGetWellKnownConfigurationProcedure is the fully-qualified name of the + // WellKnownService's GetWellKnownConfiguration RPC. + WellKnownServiceGetWellKnownConfigurationProcedure = "/wellknownconfiguration.WellKnownService/GetWellKnownConfiguration" +) + +// These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. +var ( + wellKnownServiceServiceDescriptor = wellknownconfiguration.File_wellknownconfiguration_wellknown_configuration_proto.Services().ByName("WellKnownService") + wellKnownServiceGetWellKnownConfigurationMethodDescriptor = wellKnownServiceServiceDescriptor.Methods().ByName("GetWellKnownConfiguration") +) + +// WellKnownServiceClient is a client for the wellknownconfiguration.WellKnownService service. +type WellKnownServiceClient interface { + GetWellKnownConfiguration(context.Context, *connect.Request[wellknownconfiguration.GetWellKnownConfigurationRequest]) (*connect.Response[wellknownconfiguration.GetWellKnownConfigurationResponse], error) +} + +// NewWellKnownServiceClient constructs a client for the wellknownconfiguration.WellKnownService +// service. By default, it uses the Connect protocol with the binary Protobuf Codec, asks for +// gzipped responses, and sends uncompressed requests. To use the gRPC or gRPC-Web protocols, supply +// the connect.WithGRPC() or connect.WithGRPCWeb() options. +// +// The URL supplied here should be the base URL for the Connect or gRPC server (for example, +// http://api.acme.com or https://acme.com/grpc). +func NewWellKnownServiceClient(httpClient connect.HTTPClient, baseURL string, opts ...connect.ClientOption) WellKnownServiceClient { + baseURL = strings.TrimRight(baseURL, "/") + return &wellKnownServiceClient{ + getWellKnownConfiguration: connect.NewClient[wellknownconfiguration.GetWellKnownConfigurationRequest, wellknownconfiguration.GetWellKnownConfigurationResponse]( + httpClient, + baseURL+WellKnownServiceGetWellKnownConfigurationProcedure, + connect.WithSchema(wellKnownServiceGetWellKnownConfigurationMethodDescriptor), + connect.WithClientOptions(opts...), + ), + } +} + +// wellKnownServiceClient implements WellKnownServiceClient. +type wellKnownServiceClient struct { + getWellKnownConfiguration *connect.Client[wellknownconfiguration.GetWellKnownConfigurationRequest, wellknownconfiguration.GetWellKnownConfigurationResponse] +} + +// GetWellKnownConfiguration calls +// wellknownconfiguration.WellKnownService.GetWellKnownConfiguration. +func (c *wellKnownServiceClient) GetWellKnownConfiguration(ctx context.Context, req *connect.Request[wellknownconfiguration.GetWellKnownConfigurationRequest]) (*connect.Response[wellknownconfiguration.GetWellKnownConfigurationResponse], error) { + return c.getWellKnownConfiguration.CallUnary(ctx, req) +} + +// WellKnownServiceHandler is an implementation of the wellknownconfiguration.WellKnownService +// service. +type WellKnownServiceHandler interface { + GetWellKnownConfiguration(context.Context, *connect.Request[wellknownconfiguration.GetWellKnownConfigurationRequest]) (*connect.Response[wellknownconfiguration.GetWellKnownConfigurationResponse], error) +} + +// NewWellKnownServiceHandler builds an HTTP handler from the service implementation. It returns the +// path on which to mount the handler and the handler itself. +// +// By default, handlers support the Connect, gRPC, and gRPC-Web protocols with the binary Protobuf +// and JSON codecs. They also support gzip compression. +func NewWellKnownServiceHandler(svc WellKnownServiceHandler, opts ...connect.HandlerOption) (string, http.Handler) { + wellKnownServiceGetWellKnownConfigurationHandler := connect.NewUnaryHandler( + WellKnownServiceGetWellKnownConfigurationProcedure, + svc.GetWellKnownConfiguration, + connect.WithSchema(wellKnownServiceGetWellKnownConfigurationMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) + return "/wellknownconfiguration.WellKnownService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + switch r.URL.Path { + case WellKnownServiceGetWellKnownConfigurationProcedure: + wellKnownServiceGetWellKnownConfigurationHandler.ServeHTTP(w, r) + default: + http.NotFound(w, r) + } + }) +} + +// UnimplementedWellKnownServiceHandler returns CodeUnimplemented from all methods. +type UnimplementedWellKnownServiceHandler struct{} + +func (UnimplementedWellKnownServiceHandler) GetWellKnownConfiguration(context.Context, *connect.Request[wellknownconfiguration.GetWellKnownConfigurationRequest]) (*connect.Response[wellknownconfiguration.GetWellKnownConfigurationResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("wellknownconfiguration.WellKnownService.GetWellKnownConfiguration is not implemented")) +} From a9f75915fba518967a9440fc507ff4267b8f8240 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 12:44:18 -0500 Subject: [PATCH 02/13] feat: move from fasthttp in-memory listener to memhttp implementation --- service/go.mod | 2 +- service/go.sum | 4 - service/internal/server/memhttp/listener.go | 59 +++++++++ service/internal/server/memhttp/memhttp.go | 138 ++++++++++++++++++++ service/internal/server/memhttp/option.go | 47 +++++++ service/internal/server/server.go | 12 +- 6 files changed, 251 insertions(+), 11 deletions(-) create mode 100644 service/internal/server/memhttp/listener.go create mode 100644 service/internal/server/memhttp/memhttp.go create mode 100644 service/internal/server/memhttp/option.go diff --git a/service/go.mod b/service/go.mod index b8ef0ef9ed..5ec2bcc398 100644 --- a/service/go.mod +++ b/service/go.mod @@ -28,7 +28,6 @@ require ( github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.9.0 github.com/testcontainers/testcontainers-go v0.32.0 - github.com/valyala/fasthttp v1.52.0 golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 google.golang.org/grpc v1.66.0 google.golang.org/protobuf v1.34.2 @@ -39,6 +38,7 @@ require ( github.com/Microsoft/hcsshim v0.12.0 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect github.com/agnivade/levenshtein v1.1.1 // indirect + github.com/andybalholm/brotli v1.1.0 // indirect github.com/antlr4-go/antlr/v4 v4.13.0 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/casbin/govaluate v1.1.0 // indirect diff --git a/service/go.sum b/service/go.sum index c669975a0e..eba42394a7 100644 --- a/service/go.sum +++ b/service/go.sum @@ -367,10 +367,6 @@ github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+F github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY= github.com/tursodatabase/libsql-client-go v0.0.0-20231216154754-8383a53d618f h1:teZ0Pj1Wp3Wk0JObKBiKZqgxhYwLeJhVAyj6DRgmQtY= github.com/tursodatabase/libsql-client-go v0.0.0-20231216154754-8383a53d618f/go.mod h1:UMde0InJz9I0Le/1YIR4xsB0E2vb01MrDY6k/eNdfkg= -github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= -github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasthttp v1.52.0 h1:wqBQpxH71XW0e2g+Og4dzQM8pk34aFYlA1Ga8db7gU0= -github.com/valyala/fasthttp v1.52.0/go.mod h1:hf5C4QnVMkNXMspnsUlfM3WitlgYflyhHYoKol/szxQ= github.com/vertica/vertica-sql-go v1.3.3 h1:fL+FKEAEy5ONmsvya2WH5T8bhkvY27y/Ik3ReR2T+Qw= github.com/vertica/vertica-sql-go v1.3.3/go.mod h1:jnn2GFuv+O2Jcjktb7zyc4Utlbu9YVqpHH/lx63+1M4= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= diff --git a/service/internal/server/memhttp/listener.go b/service/internal/server/memhttp/listener.go new file mode 100644 index 0000000000..1ec303ddba --- /dev/null +++ b/service/internal/server/memhttp/listener.go @@ -0,0 +1,59 @@ +package memhttp + +import ( + "context" + "errors" + "net" + "sync" +) + +type memoryListener struct { + conns chan net.Conn + once sync.Once + closed chan struct{} +} + +// Accept implements net.Listener. +func (l *memoryListener) Accept() (net.Conn, error) { + select { + case conn := <-l.conns: + return conn, nil + case <-l.closed: + return nil, errors.New("listener closed") + } +} + +// Close implements net.Listener. +func (l *memoryListener) Close() error { + l.once.Do(func() { + close(l.closed) + }) + return nil +} + +// Addr implements net.Listener. +func (l *memoryListener) Addr() net.Addr { + return &memoryAddr{} +} + +// DialContext is the type expected by http.Transport.DialContext. +func (l *memoryListener) DialContext(ctx context.Context, _, _ string) (net.Conn, error) { + server, client := net.Pipe() + select { + case <-l.closed: + return nil, errors.New("listener closed") + case l.conns <- server: + return client, nil + case <-ctx.Done(): + return nil, ctx.Err() + } +} + +type memoryAddr struct{} + +// Network implements net.Addr. +func (*memoryAddr) Network() string { return "memory" } + +// String implements io.Stringer, returning a value that matches the +// certificates used by net/http/httptest. +func (*memoryAddr) String() string { return "opentdf.io" } diff --git a/service/internal/server/memhttp/memhttp.go b/service/internal/server/memhttp/memhttp.go new file mode 100644 index 0000000000..5f053e27cc --- /dev/null +++ b/service/internal/server/memhttp/memhttp.go @@ -0,0 +1,138 @@ +// Package memhttp provides an in-memory HTTP server and client. For +// testing-specific adapters, see the memhttptest subpackage. +package memhttp + +import ( + "context" + "crypto/tls" + "errors" + "fmt" + "net" + "net/http" + "time" + + "golang.org/x/net/http2" + "golang.org/x/net/http2/h2c" +) + +// Server is a net/http server that uses in-memory pipes instead of TCP. By +// default, it has TLS enabled and supports HTTP/2. It otherwise uses the same +// configuration as the zero value of [http.Server]. +type Server struct { + server *http.Server + Listener *memoryListener + url string + serveErr chan error + cleanupContext func() (context.Context, context.CancelFunc) +} + +// New constructs and starts a Server. +func New(handler http.Handler, opts ...Option) *Server { + var cfg config + WithCleanupTimeout(5 * time.Second).apply(&cfg) //nolint:mnd // Specific to cleanup timeout. + for _, opt := range opts { + opt.apply(&cfg) + } + mlis := &memoryListener{ + conns: make(chan net.Conn), + closed: make(chan struct{}), + } + + var lis net.Listener = mlis + + http2Server := &http2.Server{} + + handler = h2c.NewHandler(handler, http2Server) + + server := &http.Server{ + Handler: handler, + ReadHeaderTimeout: 5 * time.Second, //nolint:mnd // Specific to read header timeout. + } + + serveErr := make(chan error, 1) + go func() { + serveErr <- server.Serve(lis) + }() + + return &Server{ + server: server, + Listener: mlis, + url: fmt.Sprintf("http://%s", mlis.Addr().String()), + serveErr: serveErr, + cleanupContext: cfg.CleanupContext, + } +} + +// Transport returns an [http2.Transport] configured to use in-memory pipes +// rather than TCP, disable automatic compression, trust the server's TLS +// certificate (if any), and use HTTP/2 (if the server supports it). +// +// Callers may reconfigure the returned Transport without affecting other +// transports or clients. +func (s *Server) Transport() *http2.Transport { + transport := &http2.Transport{ + DialTLSContext: func(ctx context.Context, network, addr string, _ *tls.Config) (net.Conn, error) { + return s.Listener.DialContext(ctx, network, addr) + }, + AllowHTTP: true, + } + + return transport +} + +// Client returns an [http.Client] configured to use in-memory pipes rather +// than TCP, disable automatic compression, trust the server's TLS certificate +// (if any), and use HTTP/2 (if the server supports it). +// +// Callers may reconfigure the returned client without affecting other clients. +func (s *Server) Client() *http.Client { + return &http.Client{Transport: s.Transport()} +} + +// URL returns the server's URL. +func (s *Server) URL() string { + return s.url +} + +// Close immediately shuts down the server. To shut down the server without +// interrupting in-flight requests, use Shutdown. +func (s *Server) Close() error { + if err := s.server.Close(); err != nil { + return err + } + return s.listenErr() +} + +// Shutdown gracefully shuts down the server, without interrupting any active +// connections. See [http.Server.Shutdown] for details. +func (s *Server) Shutdown(ctx context.Context) error { + if err := s.server.Shutdown(ctx); err != nil { + return err + } + return s.listenErr() +} + +// Cleanup calls Shutdown with a five second timeout. To customize the timeout, +// use WithCleanupTimeout. +// +// Cleanup is primarily intended for use in tests. If you find yourself using +// it, you may want to use the memhttptest package instead. +func (s *Server) Cleanup() error { + ctx, cancel := s.cleanupContext() + defer cancel() + return s.Shutdown(ctx) +} + +// RegisterOnShutdown registers a function to call on Shutdown. It's often used +// to cleanly shut down connections that have been hijacked. See +// [http.Server.RegisterOnShutdown] for details. +func (s *Server) RegisterOnShutdown(f func()) { + s.server.RegisterOnShutdown(f) +} + +func (s *Server) listenErr() error { + if err := <-s.serveErr; err != nil && !errors.Is(err, http.ErrServerClosed) { + return err + } + return nil +} diff --git a/service/internal/server/memhttp/option.go b/service/internal/server/memhttp/option.go new file mode 100644 index 0000000000..6b9666efac --- /dev/null +++ b/service/internal/server/memhttp/option.go @@ -0,0 +1,47 @@ +package memhttp + +import ( + "context" + "log" + "time" +) + +type config struct { + CleanupContext func() (context.Context, context.CancelFunc) + ErrorLog *log.Logger +} + +// An Option configures a Server. +type Option interface { + apply(*config) +} + +type optionFunc func(*config) + +func (f optionFunc) apply(cfg *config) { f(cfg) } + +// WithOptions composes multiple Options into one. +func WithOptions(opts ...Option) Option { + return optionFunc(func(cfg *config) { + for _, opt := range opts { + opt.apply(cfg) + } + }) +} + +// WithCleanupTimeout customizes the default five-second timeout for the +// server's Cleanup method. It's most useful with the memhttptest subpackage. +func WithCleanupTimeout(d time.Duration) Option { + return optionFunc(func(cfg *config) { + cfg.CleanupContext = func() (context.Context, context.CancelFunc) { + return context.WithTimeout(context.Background(), d) + } + }) +} + +// WithErrorLog sets [http.Server.ErrorLog]. +func WithErrorLog(l *log.Logger) Option { + return optionFunc(func(cfg *config) { + cfg.ErrorLog = l + }) +} diff --git a/service/internal/server/server.go b/service/internal/server/server.go index d66461b6a5..70660d71da 100644 --- a/service/internal/server/server.go +++ b/service/internal/server/server.go @@ -21,9 +21,9 @@ import ( sdkAudit "github.com/opentdf/platform/sdk/audit" "github.com/opentdf/platform/service/internal/auth" "github.com/opentdf/platform/service/internal/security" + "github.com/opentdf/platform/service/internal/server/memhttp" "github.com/opentdf/platform/service/logger" "github.com/opentdf/platform/service/logger/audit" - "github.com/valyala/fasthttp/fasthttputil" "golang.org/x/net/http2" "golang.org/x/net/http2/h2c" "google.golang.org/grpc" @@ -122,7 +122,7 @@ https://github.com/heroku/x/blob/master/grpc/grpcserver/inprocess.go https://github.com/valyala/fasthttp/blob/master/fasthttputil/inmemory_listener.go */ type inProcessServer struct { - ln *fasthttputil.InmemoryListener + ln *memhttp.Server srv *grpc.Server maxCallRecvMsgSize int @@ -158,7 +158,7 @@ func NewOpenTDFServer(config Config, logger *logger.Logger) (*OpenTDFServer, err return nil, fmt.Errorf("failed to create grpc server: %w", err) } grpcIPCServer := &inProcessServer{ - ln: fasthttputil.NewInmemoryListener(), + ln: memhttp.New(nil), srv: newGrpcInProcessServer(), maxCallRecvMsgSize: config.GRPC.MaxCallRecvMsgSizeBytes, maxCallSendMsgSize: config.GRPC.MaxCallSendMsgSizeBytes, @@ -407,8 +407,8 @@ func (s inProcessServer) Conn() *grpc.ClientConn { grpc.MaxCallRecvMsgSize(s.maxCallRecvMsgSize), grpc.MaxCallSendMsgSize(s.maxCallSendMsgSize), ), - grpc.WithContextDialer(func(_ context.Context, _ string) (net.Conn, error) { - conn, err := s.ln.Dial() + grpc.WithContextDialer(func(ctx context.Context, _ string) (net.Conn, error) { + conn, err := s.ln.Listener.DialContext(ctx, "inprocess", "") if err != nil { return nil, fmt.Errorf("failed to dial in process grpc server: %w", err) } @@ -424,7 +424,7 @@ func (s inProcessServer) Conn() *grpc.ClientConn { func (s OpenTDFServer) startInProcessGrpcServer() { s.logger.Info("starting in process grpc server") - if err := s.GRPCInProcess.srv.Serve(s.GRPCInProcess.ln); err != nil { + if err := s.GRPCInProcess.srv.Serve(s.GRPCInProcess.ln.Listener); err != nil { s.logger.Error("failed to serve in process grpc", slog.String("error", err.Error())) panic(err) } From 0e8a8101e31cc0c19414918ea5e3c9ba84cc15d7 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 15:13:20 -0500 Subject: [PATCH 03/13] fix memhttp impl with grpc server --- service/internal/server/server.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/service/internal/server/server.go b/service/internal/server/server.go index 70660d71da..f923730e76 100644 --- a/service/internal/server/server.go +++ b/service/internal/server/server.go @@ -157,9 +157,12 @@ func NewOpenTDFServer(config Config, logger *logger.Logger) (*OpenTDFServer, err if err != nil { return nil, fmt.Errorf("failed to create grpc server: %w", err) } + + grpcInProcessServer := newGrpcInProcessServer() + grpcIPCServer := &inProcessServer{ - ln: memhttp.New(nil), - srv: newGrpcInProcessServer(), + ln: memhttp.New(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { grpcInProcessServer.ServeHTTP(w, r) })), + srv: grpcInProcessServer, maxCallRecvMsgSize: config.GRPC.MaxCallRecvMsgSizeBytes, maxCallSendMsgSize: config.GRPC.MaxCallSendMsgSizeBytes, } From bf35ce6b522de7d8c4562977a137b9fdc9014216 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 18:16:31 -0500 Subject: [PATCH 04/13] feat: update service registry in preperation for connectrpc migration --- service/authorization/authorization.go | 132 +++++++++--------- .../claims/claims_entity_resolution.go | 11 +- service/entityresolution/entityresolution.go | 42 +++--- .../keycloak/keycloak_entity_resolution.go | 10 +- service/health/health.go | 34 ++--- service/kas/kas.go | 122 ++++++++-------- service/pkg/server/options.go | 8 +- service/pkg/server/services.go | 16 +-- service/pkg/server/services_test.go | 41 +++--- service/pkg/server/start.go | 4 +- service/pkg/server/start_test.go | 21 ++- .../pkg/serviceregistry/serviceregistry.go | 128 +++++++++++------ service/policy/attributes/attributes.go | 20 +-- .../kasregistry/key_access_server_registry.go | 22 +-- service/policy/namespaces/namespaces.go | 32 ++--- service/policy/policy.go | 24 ++-- .../resourcemapping/resource_mapping.go | 22 +-- .../policy/subjectmapping/subject_mapping.go | 22 +-- service/policy/unsafe/unsafe.go | 21 +-- .../wellknown_configuration.go | 20 +-- 20 files changed, 404 insertions(+), 348 deletions(-) diff --git a/service/authorization/authorization.go b/service/authorization/authorization.go index 049e0a96af..8031fa7805 100644 --- a/service/authorization/authorization.go +++ b/service/authorization/authorization.go @@ -54,92 +54,90 @@ type CustomRego struct { Query string `mapstructure:"query" json:"query" default:"data.opentdf.entitlements.attributes"` } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - Namespace: "authorization", - ServiceDesc: &authorization.AuthorizationService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - var ( - err error - entitlementRego []byte - authZCfg = new(Config) - ) - - logger := srp.Logger - - // default ERS endpoint - as := &AuthorizationService{sdk: srp.SDK, logger: logger} - if err := srp.RegisterReadinessCheck("authorization", as.IsReady); err != nil { - logger.Error("failed to register authorization readiness check", slog.String("error", err.Error())) - } +func NewRegistration() *serviceregistry.Service[AuthorizationService] { + return &serviceregistry.Service[AuthorizationService]{ + ServiceOptions: serviceregistry.ServiceOptions[AuthorizationService]{ + Namespace: "authorization", + ServiceDesc: &authorization.AuthorizationService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*AuthorizationService, serviceregistry.HandlerServer) { + var ( + err error + entitlementRego []byte + authZCfg = new(Config) + ) - if err := defaults.Set(authZCfg); err != nil { - panic(fmt.Errorf("failed to set defaults for authorization service config: %w", err)) - } + logger := srp.Logger - // Only decode config if it exists - if srp.Config != nil { - if err := mapstructure.Decode(srp.Config, &authZCfg); err != nil { - panic(fmt.Errorf("invalid auth svc cfg [%v] %w", srp.Config, err)) + // default ERS endpoint + as := &AuthorizationService{sdk: srp.SDK, logger: logger} + if err := srp.RegisterReadinessCheck("authorization", as.IsReady); err != nil { + logger.Error("failed to register authorization readiness check", slog.String("error", err.Error())) } - } - // Validate Config - validate := validator.New(validator.WithRequiredStructEnabled()) - if err := validate.Struct(authZCfg); err != nil { - var invalidValidationError *validator.InvalidValidationError - if errors.As(err, &invalidValidationError) { - logger.Error("error validating authorization service config", slog.String("error", err.Error())) - panic(fmt.Errorf("error validating authorization service config: %w", err)) + if err := defaults.Set(authZCfg); err != nil { + panic(fmt.Errorf("failed to set defaults for authorization service config: %w", err)) + } + + // Only decode config if it exists + if srp.Config != nil { + if err := mapstructure.Decode(srp.Config, &authZCfg); err != nil { + panic(fmt.Errorf("invalid auth svc cfg [%v] %w", srp.Config, err)) + } } - var validationErrors validator.ValidationErrors - if errors.As(err, &validationErrors) { - for _, err := range validationErrors { + // Validate Config + validate := validator.New(validator.WithRequiredStructEnabled()) + if err := validate.Struct(authZCfg); err != nil { + var invalidValidationError *validator.InvalidValidationError + if errors.As(err, &invalidValidationError) { logger.Error("error validating authorization service config", slog.String("error", err.Error())) panic(fmt.Errorf("error validating authorization service config: %w", err)) } + + var validationErrors validator.ValidationErrors + if errors.As(err, &validationErrors) { + for _, err := range validationErrors { + logger.Error("error validating authorization service config", slog.String("error", err.Error())) + panic(fmt.Errorf("error validating authorization service config: %w", err)) + } + } } - } - logger.Debug("authorization service config", slog.Any("config", *authZCfg)) + logger.Debug("authorization service config", slog.Any("config", *authZCfg)) - // Build Rego PreparedEvalQuery + // Build Rego PreparedEvalQuery - // Load rego from embedded file or custom path - if authZCfg.Rego.Path != "" { - entitlementRego, err = os.ReadFile(authZCfg.Rego.Path) - if err != nil { - panic(fmt.Errorf("failed to read custom entitlements.rego file: %w", err)) - } - } else { - entitlementRego, err = policies.EntitlementsRego.ReadFile("entitlements/entitlements.rego") - if err != nil { - panic(fmt.Errorf("failed to read entitlements.rego file: %w", err)) + // Load rego from embedded file or custom path + if authZCfg.Rego.Path != "" { + entitlementRego, err = os.ReadFile(authZCfg.Rego.Path) + if err != nil { + panic(fmt.Errorf("failed to read custom entitlements.rego file: %w", err)) + } + } else { + entitlementRego, err = policies.EntitlementsRego.ReadFile("entitlements/entitlements.rego") + if err != nil { + panic(fmt.Errorf("failed to read entitlements.rego file: %w", err)) + } } - } - // Register builtin - subjectmappingbuiltin.SubjectMappingBuiltin() + // Register builtin + subjectmappingbuiltin.SubjectMappingBuiltin() - as.eval, err = rego.New( - rego.Query(authZCfg.Rego.Query), - rego.Module("entitlements.rego", string(entitlementRego)), - rego.StrictBuiltinErrors(true), - ).PrepareForEval(context.Background()) - if err != nil { - panic(fmt.Errorf("failed to prepare entitlements.rego for eval: %w", err)) - } + as.eval, err = rego.New( + rego.Query(authZCfg.Rego.Query), + rego.Module("entitlements.rego", string(entitlementRego)), + rego.StrictBuiltinErrors(true), + ).PrepareForEval(context.Background()) + if err != nil { + panic(fmt.Errorf("failed to prepare entitlements.rego for eval: %w", err)) + } - as.config = *authZCfg + as.config = *authZCfg - return as, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - authServer, okAuth := server.(authorization.AuthorizationServiceServer) - if !okAuth { - return fmt.Errorf("failed to assert server type to authorization.AuthorizationServiceServer") + return as, func(ctx context.Context, mux *runtime.ServeMux) error { + return authorization.RegisterAuthorizationServiceHandlerServer(ctx, mux, as) } - return authorization.RegisterAuthorizationServiceHandlerServer(ctx, mux, authServer) - } + }, }, } } diff --git a/service/entityresolution/claims/claims_entity_resolution.go b/service/entityresolution/claims/claims_entity_resolution.go index cde559cc2b..6fea8a8d6f 100644 --- a/service/entityresolution/claims/claims_entity_resolution.go +++ b/service/entityresolution/claims/claims_entity_resolution.go @@ -22,10 +22,11 @@ type ClaimsEntityResolutionService struct { logger *logger.Logger } -func RegisterClaimsERS(_ serviceregistry.ServiceConfig, logger *logger.Logger) (any, serviceregistry.HandlerServer) { - return &ClaimsEntityResolutionService{logger: logger}, - func(ctx context.Context, mux *runtime.ServeMux, server any) error { - return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, server.(entityresolution.EntityResolutionServiceServer)) //nolint:forcetypeassert // allow type assert, following other services +func RegisterClaimsERS(_ serviceregistry.ServiceConfig, logger *logger.Logger) (ClaimsEntityResolutionService, serviceregistry.HandlerServer) { + claimsSVC := ClaimsEntityResolutionService{logger: logger} + return claimsSVC, + func(ctx context.Context, mux *runtime.ServeMux) error { + return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, claimsSVC) //nolint:forcetypeassert // allow type assert, following other services } } @@ -64,7 +65,7 @@ func EntityResolution(_ context.Context, var resolvedEntities []*entityresolution.EntityRepresentation for idx, ident := range payload { - var entityStruct = &structpb.Struct{} + entityStruct := &structpb.Struct{} switch ident.GetEntityType().(type) { case *authorization.Entity_Claims: claims := ident.GetClaims() diff --git a/service/entityresolution/entityresolution.go b/service/entityresolution/entityresolution.go index 9fd6c81e28..44537c8009 100644 --- a/service/entityresolution/entityresolution.go +++ b/service/entityresolution/entityresolution.go @@ -12,25 +12,35 @@ type ERSConfig struct { Mode string `mapstructure:"mode" json:"mode"` } -const KeycloakMode = "keycloak" -const ClaimsMode = "claims" +const ( + KeycloakMode = "keycloak" + ClaimsMode = "claims" +) + +type EntityResolution struct { + entityresolution.EntityResolutionServiceServer +} -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - Namespace: "entityresolution", - ServiceDesc: &entityresolution.EntityResolutionService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - var inputConfig ERSConfig +func NewRegistration() *serviceregistry.Service[EntityResolution] { + return &serviceregistry.Service[EntityResolution]{ + ServiceOptions: serviceregistry.ServiceOptions[EntityResolution]{ + Namespace: "entityresolution", + ServiceDesc: &entityresolution.EntityResolutionService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*EntityResolution, serviceregistry.HandlerServer) { + var inputConfig ERSConfig - if err := mapstructure.Decode(srp.Config, &inputConfig); err != nil { - panic(err) - } - if inputConfig.Mode == ClaimsMode { - return claims.RegisterClaimsERS(srp.Config, srp.Logger) - } + if err := mapstructure.Decode(srp.Config, &inputConfig); err != nil { + panic(err) + } + if inputConfig.Mode == ClaimsMode { + claimsSVC, claimsHandler := claims.RegisterClaimsERS(srp.Config, srp.Logger) + return &EntityResolution{EntityResolutionServiceServer: claimsSVC}, claimsHandler + } - // Default to keyclaok ERS - return keycloak.RegisterKeycloakERS(srp.Config, srp.Logger) + // Default to keyclaok ERS + kcSVC, kcHandler := keycloak.RegisterKeycloakERS(srp.Config, srp.Logger) + return &EntityResolution{EntityResolutionServiceServer: kcSVC}, kcHandler + }, }, } } diff --git a/service/entityresolution/keycloak/keycloak_entity_resolution.go b/service/entityresolution/keycloak/keycloak_entity_resolution.go index a2a9b484cd..5c0617a214 100644 --- a/service/entityresolution/keycloak/keycloak_entity_resolution.go +++ b/service/entityresolution/keycloak/keycloak_entity_resolution.go @@ -52,16 +52,16 @@ type KeycloakConfig struct { InferID InferredIdentityConfig `mapstructure:"inferid,omitempty" json:"inferid,omitempty"` } -func RegisterKeycloakERS(config serviceregistry.ServiceConfig, logger *logger.Logger) (any, serviceregistry.HandlerServer) { +func RegisterKeycloakERS(config serviceregistry.ServiceConfig, logger *logger.Logger) (*KeycloakEntityResolutionService, serviceregistry.HandlerServer) { var inputIdpConfig KeycloakConfig if err := mapstructure.Decode(config, &inputIdpConfig); err != nil { panic(err) } logger.Debug("entity_resolution configuration", "config", inputIdpConfig) - - return &KeycloakEntityResolutionService{idpConfig: inputIdpConfig, logger: logger}, - func(ctx context.Context, mux *runtime.ServeMux, server any) error { - return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, server.(entityresolution.EntityResolutionServiceServer)) //nolint:forcetypeassert // allow type assert, following other services + keycloakSVC := &KeycloakEntityResolutionService{idpConfig: inputIdpConfig, logger: logger} + return keycloakSVC, + func(ctx context.Context, mux *runtime.ServeMux) error { + return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, keycloakSVC) //nolint:forcetypeassert // allow type assert, following other services } } diff --git a/service/health/health.go b/service/health/health.go index a8e53c4a12..053da5dffc 100644 --- a/service/health/health.go +++ b/service/health/health.go @@ -12,29 +12,29 @@ import ( "google.golang.org/grpc/status" ) -var ( - serviceHealthChecks = make(map[string]func(context.Context) error) -) +var serviceHealthChecks = make(map[string]func(context.Context) error) type HealthService struct { //nolint:revive // HealthService is a valid name for this struct healthpb.UnimplementedHealthServer logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - Namespace: "health", - ServiceDesc: &healthpb.Health_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - err := srp.WellKnownConfig("health", map[string]any{ - "endpoint": "/healthz", - }) - if err != nil { - srp.Logger.Error("failed to set well-known config", slog.String("error", err.Error())) - } - return &HealthService{logger: srp.Logger}, func(_ context.Context, _ *runtime.ServeMux, _ any) error { - return nil - } +func NewRegistration() *serviceregistry.Service[HealthService] { + return &serviceregistry.Service[HealthService]{ + ServiceOptions: serviceregistry.ServiceOptions[HealthService]{ + Namespace: "health", + ServiceDesc: &healthpb.Health_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*HealthService, serviceregistry.HandlerServer) { + err := srp.WellKnownConfig("health", map[string]any{ + "endpoint": "/healthz", + }) + if err != nil { + srp.Logger.Error("failed to set well-known config", slog.String("error", err.Error())) + } + return &HealthService{logger: srp.Logger}, func(_ context.Context, _ *runtime.ServeMux) error { + return nil + } + }, }, } } diff --git a/service/kas/kas.go b/service/kas/kas.go index 8cb3c14963..280a068ec1 100644 --- a/service/kas/kas.go +++ b/service/kas/kas.go @@ -15,77 +15,75 @@ import ( "github.com/opentdf/platform/service/pkg/serviceregistry" ) -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - Namespace: "kas", - ServiceDesc: &kaspb.AccessService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - // FIXME msg="mismatched key access url" keyAccessURL=http://localhost:9000 kasURL=https://:9000 - hostWithPort := srp.OTDF.HTTPServer.Addr - if strings.HasPrefix(hostWithPort, ":") { - hostWithPort = "localhost" + hostWithPort - } - kasURLString := "http://" + hostWithPort - kasURI, err := url.Parse(kasURLString) - if err != nil { - panic(fmt.Errorf("invalid kas address [%s] %w", kasURLString, err)) - } +func NewRegistration() *serviceregistry.Service[access.Provider] { + return &serviceregistry.Service[access.Provider]{ + ServiceOptions: serviceregistry.ServiceOptions[access.Provider]{ + Namespace: "kas", + ServiceDesc: &kaspb.AccessService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*access.Provider, serviceregistry.HandlerServer) { + // FIXME msg="mismatched key access url" keyAccessURL=http://localhost:9000 kasURL=https://:9000 + hostWithPort := srp.OTDF.HTTPServer.Addr + if strings.HasPrefix(hostWithPort, ":") { + hostWithPort = "localhost" + hostWithPort + } + kasURLString := "http://" + hostWithPort + kasURI, err := url.Parse(kasURLString) + if err != nil { + panic(fmt.Errorf("invalid kas address [%s] %w", kasURLString, err)) + } - var kasCfg access.KASConfig - if err := mapstructure.Decode(srp.Config, &kasCfg); err != nil { - panic(fmt.Errorf("invalid kas cfg [%v] %w", srp.Config, err)) - } + var kasCfg access.KASConfig + if err := mapstructure.Decode(srp.Config, &kasCfg); err != nil { + panic(fmt.Errorf("invalid kas cfg [%v] %w", srp.Config, err)) + } - switch { - case kasCfg.ECCertID != "" && len(kasCfg.Keyring) > 0: - panic("invalid kas cfg: please specify keyring or eccertid, not both") - case len(kasCfg.Keyring) == 0: - deprecatedOrDefault := func(kid, alg string) { - if kid == "" { - kid = srp.OTDF.CryptoProvider.FindKID(alg) + switch { + case kasCfg.ECCertID != "" && len(kasCfg.Keyring) > 0: + panic("invalid kas cfg: please specify keyring or eccertid, not both") + case len(kasCfg.Keyring) == 0: + deprecatedOrDefault := func(kid, alg string) { + if kid == "" { + kid = srp.OTDF.CryptoProvider.FindKID(alg) + } + if kid == "" { + srp.Logger.Warn("no known key for alg", "algorithm", alg) + return + } + kasCfg.Keyring = append(kasCfg.Keyring, access.CurrentKeyFor{ + Algorithm: alg, + KID: kid, + }) + kasCfg.Keyring = append(kasCfg.Keyring, access.CurrentKeyFor{ + Algorithm: alg, + KID: kid, + Legacy: true, + }) } - if kid == "" { - srp.Logger.Warn("no known key for alg", "algorithm", alg) - return - } - kasCfg.Keyring = append(kasCfg.Keyring, access.CurrentKeyFor{ - Algorithm: alg, - KID: kid, - }) - kasCfg.Keyring = append(kasCfg.Keyring, access.CurrentKeyFor{ - Algorithm: alg, - KID: kid, - Legacy: true, - }) + deprecatedOrDefault(kasCfg.ECCertID, security.AlgorithmECP256R1) + deprecatedOrDefault(kasCfg.RSACertID, security.AlgorithmRSA2048) + default: + kasCfg.Keyring = append(kasCfg.Keyring, inferLegacyKeys(kasCfg.Keyring)...) } - deprecatedOrDefault(kasCfg.ECCertID, security.AlgorithmECP256R1) - deprecatedOrDefault(kasCfg.RSACertID, security.AlgorithmRSA2048) - default: - kasCfg.Keyring = append(kasCfg.Keyring, inferLegacyKeys(kasCfg.Keyring)...) - } - p := access.Provider{ - URI: *kasURI, - AttributeSvc: nil, - CryptoProvider: srp.OTDF.CryptoProvider, - SDK: srp.SDK, - Logger: srp.Logger, - KASConfig: kasCfg, - } + p := access.Provider{ + URI: *kasURI, + AttributeSvc: nil, + CryptoProvider: srp.OTDF.CryptoProvider, + SDK: srp.SDK, + Logger: srp.Logger, + KASConfig: kasCfg, + } - srp.Logger.Debug("kas config", "config", kasCfg) + srp.Logger.Debug("kas config", "config", kasCfg) - if err := srp.RegisterReadinessCheck("kas", p.IsReady); err != nil { - srp.Logger.Error("failed to register kas readiness check", slog.String("error", err.Error())) - } + if err := srp.RegisterReadinessCheck("kas", p.IsReady); err != nil { + srp.Logger.Error("failed to register kas readiness check", slog.String("error", err.Error())) + } - return &p, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - kas, ok := server.(*access.Provider) - if !ok { - panic("invalid kas server object") + return &p, func(ctx context.Context, mux *runtime.ServeMux) error { + return kaspb.RegisterAccessServiceHandlerServer(ctx, mux, &p) } - return kaspb.RegisterAccessServiceHandlerServer(ctx, mux, kas) - } + }, }, } } diff --git a/service/pkg/server/options.go b/service/pkg/server/options.go index 75eed19eec..6a44e268fd 100644 --- a/service/pkg/server/options.go +++ b/service/pkg/server/options.go @@ -12,8 +12,8 @@ type StartConfig struct { WaitForShutdownSignal bool PublicRoutes []string authzDefaultPolicyExtension [][]string - extraCoreServices []serviceregistry.Registration - extraServices []serviceregistry.Registration + extraCoreServices []serviceregistry.IService + extraServices []serviceregistry.IService } // Deprecated: Use WithConfigKey @@ -73,7 +73,7 @@ func WithAuthZDefaultPolicyExtension(policies [][]string) StartOptions { // WithCoreServices option adds additional core services to the platform // It takes a variadic parameter of type serviceregistry.Registration, which represents the core services to be added. -func WithCoreServices(services ...serviceregistry.Registration) StartOptions { +func WithCoreServices(services ...serviceregistry.IService) StartOptions { return func(c StartConfig) StartConfig { c.extraCoreServices = append(c.extraCoreServices, services...) return c @@ -83,7 +83,7 @@ func WithCoreServices(services ...serviceregistry.Registration) StartOptions { // WithServices option adds additional services to the platform. // This will set the mode for these services to the namespace name. // It takes a variadic parameter of type serviceregistry.Registration, which represents the services to be added. -func WithServices(services ...serviceregistry.Registration) StartOptions { +func WithServices(services ...serviceregistry.IService) StartOptions { return func(c StartConfig) StartConfig { c.extraServices = append(c.extraServices, services...) return c diff --git a/service/pkg/server/services.go b/service/pkg/server/services.go index 6941609a86..a21e736174 100644 --- a/service/pkg/server/services.go +++ b/service/pkg/server/services.go @@ -39,7 +39,7 @@ const ( // registerEssentialServices registers the essential services to the given service registry. // It takes a serviceregistry.Registry as input and returns an error if registration fails. func registerEssentialServices(reg serviceregistry.Registry) error { - essentialServices := []serviceregistry.Registration{ + essentialServices := []serviceregistry.IService{ health.NewRegistration(), } // Register the essential services @@ -55,7 +55,7 @@ func registerEssentialServices(reg serviceregistry.Registry) error { // It returns the list of registered services and any error encountered during registration. func registerCoreServices(reg serviceregistry.Registry, mode []string) ([]string, error) { var ( - services []serviceregistry.Registration + services []serviceregistry.IService registeredServices []string ) @@ -63,7 +63,7 @@ func registerCoreServices(reg serviceregistry.Registry, mode []string) ([]string switch m { case "all": registeredServices = append(registeredServices, []string{servicePolicy, serviceAuthorization, serviceKAS, serviceWellKnown, serviceEntityResolution}...) - services = append(services, []serviceregistry.Registration{ + services = append(services, []serviceregistry.IService{ authorization.NewRegistration(), kas.NewRegistration(), wellknown.NewRegistration(), @@ -72,7 +72,7 @@ func registerCoreServices(reg serviceregistry.Registry, mode []string) ([]string services = append(services, policy.NewRegistrations()...) case "core": registeredServices = append(registeredServices, []string{servicePolicy, serviceAuthorization, serviceWellKnown}...) - services = append(services, []serviceregistry.Registration{ + services = append(services, []serviceregistry.IService{ entityresolution.NewRegistration(), authorization.NewRegistration(), wellknown.NewRegistration(), @@ -142,17 +142,17 @@ func startServices(ctx context.Context, cfg config.Config, otdf *server.OpenTDFS for _, svc := range namespace.Services { // Get new db client if it is required and not already created - if svc.DB.Required && svcDBClient == nil { + if svc.IsDBRequired() && svcDBClient == nil { logger.Debug("creating database client", slog.String("namespace", ns)) var err error - svcDBClient, err = newServiceDBClient(ctx, cfg.Logger, cfg.DB, ns, svc.DB.Migrations) + svcDBClient, err = newServiceDBClient(ctx, cfg.Logger, cfg.DB, ns, svc.DBMigrations()) if err != nil { return err } } err = svc.Start(ctx, serviceregistry.RegistrationParams{ - Config: cfg.Services[svc.Namespace], + Config: cfg.Services[svc.GetNamespace()], Logger: svcLogger, DBClient: svcDBClient, SDK: client, @@ -182,7 +182,7 @@ func startServices(ctx context.Context, cfg config.Config, otdf *server.OpenTDFS logger.Info( "service running", slog.String("namespace", ns), - slog.String("service", svc.ServiceDesc.ServiceName), + slog.String("service", svc.GetServiceDesc().ServiceName), slog.Group("database", slog.Any("required", svcDBClient != nil), slog.Any("migrationStatus", determineStatusOfMigration(svcDBClient)), diff --git a/service/pkg/server/services_test.go b/service/pkg/server/services_test.go index ee50ab6fcb..1f9037f400 100644 --- a/service/pkg/server/services_test.go +++ b/service/pkg/server/services_test.go @@ -22,17 +22,17 @@ type mockTestServiceOptions struct { serviceName string serviceHandlerType any serviceObject any - serviceHandler func(ctx context.Context, mux *runtime.ServeMux, server any) error + serviceHandler func(ctx context.Context, mux *runtime.ServeMux) error dbRegister serviceregistry.DBRegister } -func mockTestServiceRegistry(opts mockTestServiceOptions) (serviceregistry.Registration, *spyTestService) { +func mockTestServiceRegistry(opts mockTestServiceOptions) (serviceregistry.IService, *spyTestService) { spy := &spyTestService{} mockTestServiceDefaults := mockTestServiceOptions{ namespace: "test", serviceName: "TestService", serviceHandlerType: (*interface{})(nil), - serviceHandler: func(_ context.Context, _ *runtime.ServeMux, _ any) error { + serviceHandler: func(_ context.Context, _ *runtime.ServeMux) error { return nil }, } @@ -52,21 +52,28 @@ func mockTestServiceRegistry(opts mockTestServiceOptions) (serviceregistry.Regis serviceHandler = opts.serviceHandler } - return serviceregistry.Registration{ - Namespace: namespace, - ServiceDesc: &grpc.ServiceDesc{ - ServiceName: serviceName, - HandlerType: serviceHandlerType, + return &serviceregistry.Service[TestService]{ + ServiceOptions: serviceregistry.ServiceOptions[TestService]{ + Namespace: namespace, + ServiceDesc: &grpc.ServiceDesc{ + ServiceName: serviceName, + HandlerType: serviceHandlerType, + }, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*TestService, serviceregistry.HandlerServer) { + var ts *TestService + var ok bool + if ts, ok = opts.serviceObject.(*TestService); !ok { + panic("serviceObject is not a TestService") + } + return ts, func(ctx context.Context, mux *runtime.ServeMux) error { + spy.wasCalled = true + spy.callParams = append(spy.callParams, srp, ctx, mux, ts) + return serviceHandler(ctx, mux) + } + }, + + DB: opts.dbRegister, }, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return opts.serviceObject, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - spy.wasCalled = true - spy.callParams = append(spy.callParams, srp, ctx, mux, server) - return serviceHandler(ctx, mux, server) - } - }, - - DB: opts.dbRegister, }, spy } diff --git a/service/pkg/server/start.go b/service/pkg/server/start.go index 1b3af7c8bc..8a82dec64e 100644 --- a/service/pkg/server/start.go +++ b/service/pkg/server/start.go @@ -126,9 +126,9 @@ func Start(f ...StartOptions) error { if len(startConfig.extraServices) > 0 { logger.Debug("registering extra services") for _, service := range startConfig.extraServices { - err := svcRegistry.RegisterService(service, service.Namespace) + err := svcRegistry.RegisterService(service, service.GetNamespace()) if err != nil { - logger.Error("could not register extra service", slog.String("namespace", service.Namespace), slog.String("error", err.Error())) + logger.Error("could not register extra service", slog.String("namespace", service.GetNamespace()), slog.String("error", err.Error())) return fmt.Errorf("could not register extra service: %w", err) } } diff --git a/service/pkg/server/start_test.go b/service/pkg/server/start_test.go index 0d6a6c51c5..5ab8ed3144 100644 --- a/service/pkg/server/start_test.go +++ b/service/pkg/server/start_test.go @@ -2,15 +2,13 @@ package server import ( "context" - "fmt" "io" + "log/slog" "net/http" "net/http/httptest" "testing" "time" - "log/slog" - "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" "github.com/opentdf/platform/service/internal/auth" "github.com/opentdf/platform/service/internal/config" @@ -22,8 +20,10 @@ import ( "github.com/stretchr/testify/suite" ) -type TestServiceService interface{} -type TestService struct{} +type ( + TestServiceService interface{} + TestService struct{} +) func (t TestService) TestHandler(w http.ResponseWriter, _ *http.Request, _ map[string]string) { _, err := w.Write([]byte("hello from test service!")) @@ -99,14 +99,11 @@ func (suite *StartTestSuite) Test_Start_When_Extra_Service_Registered_Expect_Res require.NoError(t, err) // Register Test Service + ts := &TestService{} registerTestService, _ := mockTestServiceRegistry(mockTestServiceOptions{ - serviceObject: &TestService{}, - serviceHandler: func(_ context.Context, mux *runtime.ServeMux, server any) error { - t, ok := server.(*TestService) - if !ok { - return fmt.Errorf("Surprise! Not a TestService") - } - return mux.HandlePath(http.MethodGet, "/healthz", t.TestHandler) + serviceObject: ts, + serviceHandler: func(_ context.Context, mux *runtime.ServeMux) error { + return mux.HandlePath(http.MethodGet, "/healthz", ts.TestHandler) }, }) diff --git a/service/pkg/serviceregistry/serviceregistry.go b/service/pkg/serviceregistry/serviceregistry.go index a5c1f71571..6369dae241 100644 --- a/service/pkg/serviceregistry/serviceregistry.go +++ b/service/pkg/serviceregistry/serviceregistry.go @@ -5,8 +5,10 @@ import ( "embed" "fmt" "log/slog" + "net/http" "slices" + "connectrpc.com/connect" "github.com/opentdf/platform/sdk" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" @@ -47,23 +49,10 @@ type RegistrationParams struct { // ready to serve requests. This function should be called in the RegisterFunc function. RegisterReadinessCheck func(namespace string, check func(context.Context) error) error } -type HandlerServer func(ctx context.Context, mux *runtime.ServeMux, server any) error -type RegisterFunc func(RegistrationParams) (Impl any, HandlerServer HandlerServer) - -// Registration is a struct that holds the information needed to register a service -type Registration struct { - // Namespace is the namespace of the service. One or more gRPC services can be registered under - // the same namespace. - Namespace string - // ServiceDesc is the gRPC service descriptor. For non-gRPC services, this can be mocked out, - // but at minimum, the ServiceName field must be set - ServiceDesc *grpc.ServiceDesc - // RegisterFunc is the function that will be called to register the service - RegisterFunc RegisterFunc - - // DB is optional and used to register the service with a database - DB DBRegister -} +type ( + HandlerServer func(ctx context.Context, mux *runtime.ServeMux) error + RegisterFunc[S any] func(RegistrationParams) (Impl *S, HandlerServer HandlerServer) +) // DBRegister is a struct that holds the information needed to register a service with a database type DBRegister struct { @@ -75,21 +64,78 @@ type DBRegister struct { Migrations *embed.FS } +type IService interface { + IsDBRequired() bool + DBMigrations() *embed.FS + GetNamespace() string + GetServiceDesc() *grpc.ServiceDesc + Start(ctx context.Context, params RegistrationParams) error + IsStarted() bool + Shutdown() error + RegisterGRPCServer(server *grpc.Server) error + RegisterHTTPServer(ctx context.Context, mux *runtime.ServeMux) error +} + // Service is a struct that holds the registration information for a service as well as the state // of the service within the instance of the platform. -type Service struct { - Registration - impl any +type Service[S any] struct { + // Registration + impl *S handleFunc HandlerServer // Started is a flag that indicates whether the service has been started Started bool // Close is a function that can be called to close the service Close func() + // Service Options + ServiceOptions[S] +} + +type ServiceOptions[S any] struct { + // Namespace is the namespace of the service. One or more gRPC services can be registered under + // the same namespace. + Namespace string + // ServiceDesc is the gRPC service descriptor. For non-gRPC services, this can be mocked out, + // but at minimum, the ServiceName field must be set + ServiceDesc *grpc.ServiceDesc + // RegisterFunc is the function that will be called to register the service + RegisterFunc RegisterFunc[S] + httpHandlerFunc HandlerServer + // ConnectRPCServiceHandler is the function that will be called to register the service with the + ConnectRPCFunc func(S, ...connect.HandlerOption) (string, http.Handler) + // DB is optional and used to register the service with a database + DB DBRegister +} + +func (s Service[S]) GetNamespace() string { + return s.Namespace +} + +func (s Service[S]) GetServiceDesc() *grpc.ServiceDesc { + return s.ServiceDesc +} + +func (s Service[S]) IsStarted() bool { + return s.Started +} + +func (s Service[S]) Shutdown() error { + if s.Close != nil { + s.Close() + } + return nil +} + +func (s Service[S]) IsDBRequired() bool { + return s.DB.Required +} + +func (s Service[S]) DBMigrations() *embed.FS { + return s.DB.Migrations } // Start starts the service and performs necessary initialization steps. // It returns an error if the service is already started or if there is an issue running database migrations. -func (s *Service) Start(ctx context.Context, params RegistrationParams) error { +func (s *Service[S]) Start(ctx context.Context, params RegistrationParams) error { if s.Started { return fmt.Errorf("service already started") } @@ -113,7 +159,7 @@ func (s *Service) Start(ctx context.Context, params RegistrationParams) error { // RegisterGRPCServer registers the gRPC server with the service implementation. // It checks if the service implementation is registered and then registers the service with the server. // It returns an error if the service implementation is not registered. -func (s *Service) RegisterGRPCServer(server *grpc.Server) error { +func (s *Service[S]) RegisterGRPCServer(server *grpc.Server) error { if s.impl == nil { return fmt.Errorf("service did not register an implementation") } @@ -126,17 +172,17 @@ func (s *Service) RegisterGRPCServer(server *grpc.Server) error { // RegisterHTTPServer registers an HTTP server with the service. // It takes a context, a ServeMux, and an implementation function as parameters. // If the service did not register a handler, it returns an error. -func (s *Service) RegisterHTTPServer(ctx context.Context, mux *runtime.ServeMux) error { +func (s *Service[S]) RegisterHTTPServer(ctx context.Context, mux *runtime.ServeMux) error { if s.handleFunc == nil { return fmt.Errorf("service did not register a handler") } - return s.handleFunc(ctx, mux, s.impl) + return s.handleFunc(ctx, mux) } // namespace represents a namespace in the service registry. type Namespace struct { Mode string - Services []Service + Services []IService } // Registry represents a map of service namespaces. @@ -150,8 +196,8 @@ func NewServiceRegistry() Registry { // RegisterCoreService registers a core service with the given registration information. // It calls the RegisterService method of the Registry instance with the provided registration and service type "core". // Returns an error if the registration fails. -func (reg Registry) RegisterCoreService(r Registration) error { - return reg.RegisterService(r, "core") +func (reg Registry) RegisterCoreService(svc IService) error { + return reg.RegisterService(svc, "core") } // RegisterService registers a service in the service registry. @@ -160,27 +206,25 @@ func (reg Registry) RegisterCoreService(r Registration) error { // such as the namespace and service description. // The mode string specifies the mode in which the service should be registered. // It returns an error if the service is already registered in the specified namespace. -func (reg Registry) RegisterService(r Registration, mode string) error { +func (reg Registry) RegisterService(svc IService, mode string) error { // Can't directly modify structs within a map, so we need to copy the namespace - copyNamespace := reg[r.Namespace] + copyNamespace := reg[svc.GetNamespace()] copyNamespace.Mode = mode if copyNamespace.Services == nil { - copyNamespace.Services = make([]Service, 0) + copyNamespace.Services = make([]IService, 0) } - found := slices.ContainsFunc(reg[r.Namespace].Services, func(s Service) bool { - return s.ServiceDesc.ServiceName == r.ServiceDesc.ServiceName + found := slices.ContainsFunc(reg[svc.GetNamespace()].Services, func(s IService) bool { + return s.GetServiceDesc().ServiceName == svc.GetServiceDesc().ServiceName }) if found { - return fmt.Errorf("service already registered namespace:%s service:%s", r.Namespace, r.ServiceDesc.ServiceName) + return fmt.Errorf("service already registered namespace:%s service:%s", svc.GetNamespace(), svc.GetServiceDesc().ServiceName) } - slog.Info("registered service", slog.String("namespace", r.Namespace), slog.String("service", r.ServiceDesc.ServiceName)) - copyNamespace.Services = append(copyNamespace.Services, Service{ - Registration: r, - }) + slog.Info("registered service", slog.String("namespace", svc.GetNamespace()), slog.String("service", svc.GetServiceDesc().ServiceName)) + copyNamespace.Services = append(copyNamespace.Services, svc) - reg[r.Namespace] = copyNamespace + reg[svc.GetNamespace()] = copyNamespace return nil } @@ -191,9 +235,11 @@ func (reg Registry) RegisterService(r Registration, mode string) error { func (reg Registry) Shutdown() { for name, ns := range reg { for _, svc := range ns.Services { - if svc.Close != nil && svc.Started { - slog.Info("stopping service", slog.String("namespace", name), slog.String("service", svc.ServiceDesc.ServiceName)) - svc.Close() + if svc.IsStarted() { + slog.Info("stopping service", slog.String("namespace", name), slog.String("service", svc.GetServiceDesc().ServiceName)) + if err := svc.Shutdown(); err != nil { + slog.Error("error stopping service", slog.String("namespace", name), slog.String("service", svc.GetServiceDesc().ServiceName), slog.String("error", err.Error())) + } } } } diff --git a/service/policy/attributes/attributes.go b/service/policy/attributes/attributes.go index 2bae2efe2f..c3d31aa836 100644 --- a/service/policy/attributes/attributes.go +++ b/service/policy/attributes/attributes.go @@ -21,16 +21,18 @@ type AttributesService struct { //nolint:revive // AttributesService is a valid logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - ServiceDesc: &attributes.AttributesService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return &AttributesService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger}, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - if srv, ok := server.(attributes.AttributesServiceServer); ok { - return attributes.RegisterAttributesServiceHandlerServer(ctx, mux, srv) +func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *serviceregistry.Service[AttributesService] { + return &serviceregistry.Service[AttributesService]{ + ServiceOptions: serviceregistry.ServiceOptions[AttributesService]{ + Namespace: ns, + DB: dbRegister, + ServiceDesc: &attributes.AttributesService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*AttributesService, serviceregistry.HandlerServer) { + as := &AttributesService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} + return as, func(ctx context.Context, mux *runtime.ServeMux) error { + return attributes.RegisterAttributesServiceHandlerServer(ctx, mux, as) } - return fmt.Errorf("failed to assert server as attributes.AttributesServiceServer") - } + }, }, } } diff --git a/service/policy/kasregistry/key_access_server_registry.go b/service/policy/kasregistry/key_access_server_registry.go index c64bad3ff9..a310facc80 100644 --- a/service/policy/kasregistry/key_access_server_registry.go +++ b/service/policy/kasregistry/key_access_server_registry.go @@ -2,7 +2,6 @@ package kasregistry import ( "context" - "fmt" "log/slog" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" @@ -21,17 +20,18 @@ type KeyAccessServerRegistry struct { logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - ServiceDesc: &kasr.KeyAccessServerRegistryService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return &KeyAccessServerRegistry{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger}, func(ctx context.Context, mux *runtime.ServeMux, s any) error { - srv, ok := s.(kasr.KeyAccessServerRegistryServiceServer) - if !ok { - return fmt.Errorf("argument is not of type kasr.KeyAccessServerRegistryServiceServer") +func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *serviceregistry.Service[KeyAccessServerRegistry] { + return &serviceregistry.Service[KeyAccessServerRegistry]{ + ServiceOptions: serviceregistry.ServiceOptions[KeyAccessServerRegistry]{ + Namespace: ns, + DB: dbRegister, + ServiceDesc: &kasr.KeyAccessServerRegistryService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*KeyAccessServerRegistry, serviceregistry.HandlerServer) { + ksr := &KeyAccessServerRegistry{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} + return ksr, func(ctx context.Context, mux *runtime.ServeMux) error { + return kasr.RegisterKeyAccessServerRegistryServiceHandlerServer(ctx, mux, ksr) } - return kasr.RegisterKeyAccessServerRegistryServiceHandlerServer(ctx, mux, srv) - } + }, }, } } diff --git a/service/policy/namespaces/namespaces.go b/service/policy/namespaces/namespaces.go index 5598f5880c..f9ca32f53b 100644 --- a/service/policy/namespaces/namespaces.go +++ b/service/policy/namespaces/namespaces.go @@ -21,23 +21,23 @@ type NamespacesService struct { //nolint:revive // NamespacesService is a valid logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - ServiceDesc: &namespaces.NamespaceService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - ns := &NamespacesService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} - - if err := srp.RegisterReadinessCheck("policy", ns.IsReady); err != nil { - srp.Logger.Error("failed to register policy readiness check", slog.String("error", err.Error())) - } - - return ns, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - nsServer, ok := server.(namespaces.NamespaceServiceServer) - if !ok { - return fmt.Errorf("failed to assert server as namespaces.NamespaceServiceServer") +func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *serviceregistry.Service[NamespacesService] { + return &serviceregistry.Service[NamespacesService]{ + ServiceOptions: serviceregistry.ServiceOptions[NamespacesService]{ + Namespace: ns, + DB: dbRegister, + ServiceDesc: &namespaces.NamespaceService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*NamespacesService, serviceregistry.HandlerServer) { + ns := &NamespacesService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} + + if err := srp.RegisterReadinessCheck("policy", ns.IsReady); err != nil { + srp.Logger.Error("failed to register policy readiness check", slog.String("error", err.Error())) } - return namespaces.RegisterNamespaceServiceHandlerServer(ctx, mux, nsServer) - } + + return ns, func(ctx context.Context, mux *runtime.ServeMux) error { + return namespaces.RegisterNamespaceServiceHandlerServer(ctx, mux, ns) + } + }, }, } } diff --git a/service/policy/policy.go b/service/policy/policy.go index 3096f31d20..69db81e86b 100644 --- a/service/policy/policy.go +++ b/service/policy/policy.go @@ -19,25 +19,21 @@ func init() { Migrations = &migrations.FS } -func NewRegistrations() []serviceregistry.Registration { - registrations := []serviceregistry.Registration{} +func NewRegistrations() []serviceregistry.IService { + registrations := []serviceregistry.IService{} namespace := "policy" dbRegister := serviceregistry.DBRegister{ Required: true, Migrations: Migrations, } - for _, r := range []serviceregistry.Registration{ - attributes.NewRegistration(), - namespaces.NewRegistration(), - resourcemapping.NewRegistration(), - subjectmapping.NewRegistration(), - kasregistry.NewRegistration(), - unsafe.NewRegistration(), - } { - r.Namespace = namespace - r.DB = dbRegister - registrations = append(registrations, r) - } + registrations = append(registrations, []serviceregistry.IService{ + attributes.NewRegistration(namespace, dbRegister), + namespaces.NewRegistration(namespace, dbRegister), + resourcemapping.NewRegistration(namespace, dbRegister), + subjectmapping.NewRegistration(namespace, dbRegister), + kasregistry.NewRegistration(namespace, dbRegister), + unsafe.NewRegistration(namespace, dbRegister), + }...) return registrations } diff --git a/service/policy/resourcemapping/resource_mapping.go b/service/policy/resourcemapping/resource_mapping.go index 58d4f273cc..54e732172e 100644 --- a/service/policy/resourcemapping/resource_mapping.go +++ b/service/policy/resourcemapping/resource_mapping.go @@ -2,7 +2,6 @@ package resourcemapping import ( "context" - "fmt" "log/slog" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" @@ -21,17 +20,18 @@ type ResourceMappingService struct { //nolint:revive // ResourceMappingService i logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - ServiceDesc: &resourcemapping.ResourceMappingService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return &ResourceMappingService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger}, func(ctx context.Context, mux *runtime.ServeMux, s any) error { - server, ok := s.(resourcemapping.ResourceMappingServiceServer) - if !ok { - return fmt.Errorf("failed to assert server as resourcemapping.ResourceMappingServiceServer") +func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *serviceregistry.Service[ResourceMappingService] { + return &serviceregistry.Service[ResourceMappingService]{ + ServiceOptions: serviceregistry.ServiceOptions[ResourceMappingService]{ + Namespace: ns, + DB: dbRegister, + ServiceDesc: &resourcemapping.ResourceMappingService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*ResourceMappingService, serviceregistry.HandlerServer) { + rm := &ResourceMappingService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} + return rm, func(ctx context.Context, mux *runtime.ServeMux) error { + return resourcemapping.RegisterResourceMappingServiceHandlerServer(ctx, mux, rm) } - return resourcemapping.RegisterResourceMappingServiceHandlerServer(ctx, mux, server) - } + }, }, } } diff --git a/service/policy/subjectmapping/subject_mapping.go b/service/policy/subjectmapping/subject_mapping.go index 3413ae4e4f..a44842a181 100644 --- a/service/policy/subjectmapping/subject_mapping.go +++ b/service/policy/subjectmapping/subject_mapping.go @@ -2,7 +2,6 @@ package subjectmapping import ( "context" - "fmt" "log/slog" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" @@ -21,17 +20,18 @@ type SubjectMappingService struct { //nolint:revive // SubjectMappingService is logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - ServiceDesc: &sm.SubjectMappingService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return &SubjectMappingService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger}, func(ctx context.Context, mux *runtime.ServeMux, s any) error { - server, ok := s.(sm.SubjectMappingServiceServer) - if !ok { - return fmt.Errorf("failed to assert server as sm.SubjectMappingServiceServer") +func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *serviceregistry.Service[SubjectMappingService] { + return &serviceregistry.Service[SubjectMappingService]{ + ServiceOptions: serviceregistry.ServiceOptions[SubjectMappingService]{ + Namespace: ns, + DB: dbRegister, + ServiceDesc: &sm.SubjectMappingService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*SubjectMappingService, serviceregistry.HandlerServer) { + smSvc := &SubjectMappingService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} + return smSvc, func(ctx context.Context, mux *runtime.ServeMux) error { + return sm.RegisterSubjectMappingServiceHandlerServer(ctx, mux, smSvc) } - return sm.RegisterSubjectMappingServiceHandlerServer(ctx, mux, server) - } + }, }, } } diff --git a/service/policy/unsafe/unsafe.go b/service/policy/unsafe/unsafe.go index bfade319f3..ed1f2700ec 100644 --- a/service/policy/unsafe/unsafe.go +++ b/service/policy/unsafe/unsafe.go @@ -2,7 +2,6 @@ package unsafe import ( "context" - "fmt" "log/slog" "github.com/grpc-ecosystem/grpc-gateway/v2/runtime" @@ -21,16 +20,18 @@ type UnsafeService struct { //nolint:revive // UnsafeService is a valid name for logger *logger.Logger } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - ServiceDesc: &unsafe.UnsafeService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return &UnsafeService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger}, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - if srv, ok := server.(unsafe.UnsafeServiceServer); ok { - return unsafe.RegisterUnsafeServiceHandlerServer(ctx, mux, srv) +func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *serviceregistry.Service[UnsafeService] { + return &serviceregistry.Service[UnsafeService]{ + ServiceOptions: serviceregistry.ServiceOptions[UnsafeService]{ + Namespace: ns, + DB: dbRegister, + ServiceDesc: &unsafe.UnsafeService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*UnsafeService, serviceregistry.HandlerServer) { + unsafeSvc := &UnsafeService{dbClient: policydb.NewClient(srp.DBClient, srp.Logger), logger: srp.Logger} + return unsafeSvc, func(ctx context.Context, mux *runtime.ServeMux) error { + return unsafe.RegisterUnsafeServiceHandlerServer(ctx, mux, unsafeSvc) } - return fmt.Errorf("failed to assert server as unsafe.UnsafeServiceServer") - } + }, }, } } diff --git a/service/wellknownconfiguration/wellknown_configuration.go b/service/wellknownconfiguration/wellknown_configuration.go index dbfe045a10..bbfb34e3ad 100644 --- a/service/wellknownconfiguration/wellknown_configuration.go +++ b/service/wellknownconfiguration/wellknown_configuration.go @@ -35,17 +35,17 @@ func RegisterConfiguration(namespace string, config any) error { return nil } -func NewRegistration() serviceregistry.Registration { - return serviceregistry.Registration{ - Namespace: "wellknown", - ServiceDesc: &wellknown.WellKnownService_ServiceDesc, - RegisterFunc: func(srp serviceregistry.RegistrationParams) (any, serviceregistry.HandlerServer) { - return &WellKnownService{logger: srp.Logger}, func(ctx context.Context, mux *runtime.ServeMux, server any) error { - if srv, ok := server.(wellknown.WellKnownServiceServer); ok { - return wellknown.RegisterWellKnownServiceHandlerServer(ctx, mux, srv) +func NewRegistration() *serviceregistry.Service[WellKnownService] { + return &serviceregistry.Service[WellKnownService]{ + ServiceOptions: serviceregistry.ServiceOptions[WellKnownService]{ + Namespace: "wellknown", + ServiceDesc: &wellknown.WellKnownService_ServiceDesc, + RegisterFunc: func(srp serviceregistry.RegistrationParams) (*WellKnownService, serviceregistry.HandlerServer) { + wk := &WellKnownService{logger: srp.Logger} + return wk, func(ctx context.Context, mux *runtime.ServeMux) error { + return wellknown.RegisterWellKnownServiceHandlerServer(ctx, mux, wk) } - return fmt.Errorf("failed to assert server as WellKnownServiceServer") - } + }, }, } } From 5886d1d7ee8d57d24c4ed3b1fff63a6ba5e89e5e Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 19:09:35 -0500 Subject: [PATCH 05/13] fix linter issues --- .../entityresolution/claims/claims_entity_resolution.go | 2 +- .../keycloak/keycloak_entity_resolution.go | 2 +- service/pkg/server/services.go | 2 +- service/pkg/serviceregistry/serviceregistry.go | 9 ++++----- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/service/entityresolution/claims/claims_entity_resolution.go b/service/entityresolution/claims/claims_entity_resolution.go index 6fea8a8d6f..07ca34fd4a 100644 --- a/service/entityresolution/claims/claims_entity_resolution.go +++ b/service/entityresolution/claims/claims_entity_resolution.go @@ -26,7 +26,7 @@ func RegisterClaimsERS(_ serviceregistry.ServiceConfig, logger *logger.Logger) ( claimsSVC := ClaimsEntityResolutionService{logger: logger} return claimsSVC, func(ctx context.Context, mux *runtime.ServeMux) error { - return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, claimsSVC) //nolint:forcetypeassert // allow type assert, following other services + return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, claimsSVC) } } diff --git a/service/entityresolution/keycloak/keycloak_entity_resolution.go b/service/entityresolution/keycloak/keycloak_entity_resolution.go index 5c0617a214..16d3ba7e2b 100644 --- a/service/entityresolution/keycloak/keycloak_entity_resolution.go +++ b/service/entityresolution/keycloak/keycloak_entity_resolution.go @@ -61,7 +61,7 @@ func RegisterKeycloakERS(config serviceregistry.ServiceConfig, logger *logger.Lo keycloakSVC := &KeycloakEntityResolutionService{idpConfig: inputIdpConfig, logger: logger} return keycloakSVC, func(ctx context.Context, mux *runtime.ServeMux) error { - return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, keycloakSVC) //nolint:forcetypeassert // allow type assert, following other services + return entityresolution.RegisterEntityResolutionServiceHandlerServer(ctx, mux, keycloakSVC) } } diff --git a/service/pkg/server/services.go b/service/pkg/server/services.go index a21e736174..14d4e8f602 100644 --- a/service/pkg/server/services.go +++ b/service/pkg/server/services.go @@ -174,7 +174,7 @@ func startServices(ctx context.Context, cfg config.Config, otdf *server.OpenTDFS } // Register the service with the gRPC gateway - if err := svc.RegisterHTTPServer(ctx, otdf.Mux); err != nil { //nolint:staticcheck // This is deprecated for internal tracking + if err := svc.RegisterHTTPServer(ctx, otdf.Mux); err != nil { logger.Error("failed to register service to grpc gateway", slog.String("namespace", ns), slog.String("error", err.Error())) return err } diff --git a/service/pkg/serviceregistry/serviceregistry.go b/service/pkg/serviceregistry/serviceregistry.go index 6369dae241..2d9ca082ed 100644 --- a/service/pkg/serviceregistry/serviceregistry.go +++ b/service/pkg/serviceregistry/serviceregistry.go @@ -80,8 +80,7 @@ type IService interface { // of the service within the instance of the platform. type Service[S any] struct { // Registration - impl *S - handleFunc HandlerServer + impl *S // Started is a flag that indicates whether the service has been started Started bool // Close is a function that can be called to close the service @@ -150,7 +149,7 @@ func (s *Service[S]) Start(ctx context.Context, params RegistrationParams) error ) } - s.impl, s.handleFunc = s.RegisterFunc(params) + s.impl, s.httpHandlerFunc = s.RegisterFunc(params) s.Started = true return nil @@ -173,10 +172,10 @@ func (s *Service[S]) RegisterGRPCServer(server *grpc.Server) error { // It takes a context, a ServeMux, and an implementation function as parameters. // If the service did not register a handler, it returns an error. func (s *Service[S]) RegisterHTTPServer(ctx context.Context, mux *runtime.ServeMux) error { - if s.handleFunc == nil { + if s.httpHandlerFunc == nil { return fmt.Errorf("service did not register a handler") } - return s.handleFunc(ctx, mux) + return s.httpHandlerFunc(ctx, mux) } // namespace represents a namespace in the service registry. From 35553bc891d01621dab63554eb6af50fa5e399b2 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 19:14:32 -0500 Subject: [PATCH 06/13] untrack vscode folder --- .gitignore | 2 +- .vscode/launch.json | 28 ---------------------------- 2 files changed, 1 insertion(+), 29 deletions(-) delete mode 100644 .vscode/launch.json diff --git a/.gitignore b/.gitignore index cda093a8a4..9ecf754dc8 100644 --- a/.gitignore +++ b/.gitignore @@ -24,7 +24,7 @@ __pycache__ # Userland files opentdf.yaml -.vscode/settings.json +.vscode/ .idea/ # Generated files diff --git a/.vscode/launch.json b/.vscode/launch.json deleted file mode 100644 index 80071cc8a1..0000000000 --- a/.vscode/launch.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - // Attach to Air for debugging - "version": "0.2.0", - "configurations": [ - { - "name": "Launch Package", - "type": "go", - "request": "launch", - "mode": "auto", - "program": "${fileDirname}", - "env": { - "TESTCONTAINERS_RYUK_CONTAINER_PRIVILEGED": "true", - "TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE": "/var/run/docker.sock" - }, - "showLog": true, - "console": "integratedTerminal" - }, - { - "name": "Attach to Air", - "type": "go", - "debugAdapter": "dlv-dap", - "mode": "remote", - "request": "attach", - "host": "127.0.0.1", - "port": 12345 - } - ] -} \ No newline at end of file From 92a8bcf315303908a25d28afb3a472702d0b7951 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Mon, 4 Nov 2024 19:27:48 -0500 Subject: [PATCH 07/13] regen subjectmappings --- .../subject_mapping.connect.go | 77 +++++++++++++------ 1 file changed, 54 insertions(+), 23 deletions(-) diff --git a/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go b/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go index 6cdbf3b7d7..ddce801411 100644 --- a/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go +++ b/protocol/go/policy/subjectmapping/subjectmappingconnect/subject_mapping.connect.go @@ -66,22 +66,26 @@ const ( // SubjectMappingServiceDeleteSubjectConditionSetProcedure is the fully-qualified name of the // SubjectMappingService's DeleteSubjectConditionSet RPC. SubjectMappingServiceDeleteSubjectConditionSetProcedure = "/policy.subjectmapping.SubjectMappingService/DeleteSubjectConditionSet" + // SubjectMappingServiceDeleteAllUnmappedSubjectConditionSetsProcedure is the fully-qualified name + // of the SubjectMappingService's DeleteAllUnmappedSubjectConditionSets RPC. + SubjectMappingServiceDeleteAllUnmappedSubjectConditionSetsProcedure = "/policy.subjectmapping.SubjectMappingService/DeleteAllUnmappedSubjectConditionSets" ) // These variables are the protoreflect.Descriptor objects for the RPCs defined in this package. var ( - subjectMappingServiceServiceDescriptor = subjectmapping.File_policy_subjectmapping_subject_mapping_proto.Services().ByName("SubjectMappingService") - subjectMappingServiceMatchSubjectMappingsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("MatchSubjectMappings") - subjectMappingServiceListSubjectMappingsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("ListSubjectMappings") - subjectMappingServiceGetSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("GetSubjectMapping") - subjectMappingServiceCreateSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("CreateSubjectMapping") - subjectMappingServiceUpdateSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("UpdateSubjectMapping") - subjectMappingServiceDeleteSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteSubjectMapping") - subjectMappingServiceListSubjectConditionSetsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("ListSubjectConditionSets") - subjectMappingServiceGetSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("GetSubjectConditionSet") - subjectMappingServiceCreateSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("CreateSubjectConditionSet") - subjectMappingServiceUpdateSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("UpdateSubjectConditionSet") - subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteSubjectConditionSet") + subjectMappingServiceServiceDescriptor = subjectmapping.File_policy_subjectmapping_subject_mapping_proto.Services().ByName("SubjectMappingService") + subjectMappingServiceMatchSubjectMappingsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("MatchSubjectMappings") + subjectMappingServiceListSubjectMappingsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("ListSubjectMappings") + subjectMappingServiceGetSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("GetSubjectMapping") + subjectMappingServiceCreateSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("CreateSubjectMapping") + subjectMappingServiceUpdateSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("UpdateSubjectMapping") + subjectMappingServiceDeleteSubjectMappingMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteSubjectMapping") + subjectMappingServiceListSubjectConditionSetsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("ListSubjectConditionSets") + subjectMappingServiceGetSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("GetSubjectConditionSet") + subjectMappingServiceCreateSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("CreateSubjectConditionSet") + subjectMappingServiceUpdateSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("UpdateSubjectConditionSet") + subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteSubjectConditionSet") + subjectMappingServiceDeleteAllUnmappedSubjectConditionSetsMethodDescriptor = subjectMappingServiceServiceDescriptor.Methods().ByName("DeleteAllUnmappedSubjectConditionSets") ) // SubjectMappingServiceClient is a client for the policy.subjectmapping.SubjectMappingService @@ -99,6 +103,7 @@ type SubjectMappingServiceClient interface { CreateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.CreateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.CreateSubjectConditionSetResponse], error) UpdateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.UpdateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.UpdateSubjectConditionSetResponse], error) DeleteSubjectConditionSet(context.Context, *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) + DeleteAllUnmappedSubjectConditionSets(context.Context, *connect.Request[subjectmapping.DeleteAllUnmappedSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.DeleteAllUnmappedSubjectConditionSetsResponse], error) } // NewSubjectMappingServiceClient constructs a client for the @@ -178,22 +183,29 @@ func NewSubjectMappingServiceClient(httpClient connect.HTTPClient, baseURL strin connect.WithSchema(subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor), connect.WithClientOptions(opts...), ), + deleteAllUnmappedSubjectConditionSets: connect.NewClient[subjectmapping.DeleteAllUnmappedSubjectConditionSetsRequest, subjectmapping.DeleteAllUnmappedSubjectConditionSetsResponse]( + httpClient, + baseURL+SubjectMappingServiceDeleteAllUnmappedSubjectConditionSetsProcedure, + connect.WithSchema(subjectMappingServiceDeleteAllUnmappedSubjectConditionSetsMethodDescriptor), + connect.WithClientOptions(opts...), + ), } } // subjectMappingServiceClient implements SubjectMappingServiceClient. type subjectMappingServiceClient struct { - matchSubjectMappings *connect.Client[subjectmapping.MatchSubjectMappingsRequest, subjectmapping.MatchSubjectMappingsResponse] - listSubjectMappings *connect.Client[subjectmapping.ListSubjectMappingsRequest, subjectmapping.ListSubjectMappingsResponse] - getSubjectMapping *connect.Client[subjectmapping.GetSubjectMappingRequest, subjectmapping.GetSubjectMappingResponse] - createSubjectMapping *connect.Client[subjectmapping.CreateSubjectMappingRequest, subjectmapping.CreateSubjectMappingResponse] - updateSubjectMapping *connect.Client[subjectmapping.UpdateSubjectMappingRequest, subjectmapping.UpdateSubjectMappingResponse] - deleteSubjectMapping *connect.Client[subjectmapping.DeleteSubjectMappingRequest, subjectmapping.DeleteSubjectMappingResponse] - listSubjectConditionSets *connect.Client[subjectmapping.ListSubjectConditionSetsRequest, subjectmapping.ListSubjectConditionSetsResponse] - getSubjectConditionSet *connect.Client[subjectmapping.GetSubjectConditionSetRequest, subjectmapping.GetSubjectConditionSetResponse] - createSubjectConditionSet *connect.Client[subjectmapping.CreateSubjectConditionSetRequest, subjectmapping.CreateSubjectConditionSetResponse] - updateSubjectConditionSet *connect.Client[subjectmapping.UpdateSubjectConditionSetRequest, subjectmapping.UpdateSubjectConditionSetResponse] - deleteSubjectConditionSet *connect.Client[subjectmapping.DeleteSubjectConditionSetRequest, subjectmapping.DeleteSubjectConditionSetResponse] + matchSubjectMappings *connect.Client[subjectmapping.MatchSubjectMappingsRequest, subjectmapping.MatchSubjectMappingsResponse] + listSubjectMappings *connect.Client[subjectmapping.ListSubjectMappingsRequest, subjectmapping.ListSubjectMappingsResponse] + getSubjectMapping *connect.Client[subjectmapping.GetSubjectMappingRequest, subjectmapping.GetSubjectMappingResponse] + createSubjectMapping *connect.Client[subjectmapping.CreateSubjectMappingRequest, subjectmapping.CreateSubjectMappingResponse] + updateSubjectMapping *connect.Client[subjectmapping.UpdateSubjectMappingRequest, subjectmapping.UpdateSubjectMappingResponse] + deleteSubjectMapping *connect.Client[subjectmapping.DeleteSubjectMappingRequest, subjectmapping.DeleteSubjectMappingResponse] + listSubjectConditionSets *connect.Client[subjectmapping.ListSubjectConditionSetsRequest, subjectmapping.ListSubjectConditionSetsResponse] + getSubjectConditionSet *connect.Client[subjectmapping.GetSubjectConditionSetRequest, subjectmapping.GetSubjectConditionSetResponse] + createSubjectConditionSet *connect.Client[subjectmapping.CreateSubjectConditionSetRequest, subjectmapping.CreateSubjectConditionSetResponse] + updateSubjectConditionSet *connect.Client[subjectmapping.UpdateSubjectConditionSetRequest, subjectmapping.UpdateSubjectConditionSetResponse] + deleteSubjectConditionSet *connect.Client[subjectmapping.DeleteSubjectConditionSetRequest, subjectmapping.DeleteSubjectConditionSetResponse] + deleteAllUnmappedSubjectConditionSets *connect.Client[subjectmapping.DeleteAllUnmappedSubjectConditionSetsRequest, subjectmapping.DeleteAllUnmappedSubjectConditionSetsResponse] } // MatchSubjectMappings calls policy.subjectmapping.SubjectMappingService.MatchSubjectMappings. @@ -255,6 +267,12 @@ func (c *subjectMappingServiceClient) DeleteSubjectConditionSet(ctx context.Cont return c.deleteSubjectConditionSet.CallUnary(ctx, req) } +// DeleteAllUnmappedSubjectConditionSets calls +// policy.subjectmapping.SubjectMappingService.DeleteAllUnmappedSubjectConditionSets. +func (c *subjectMappingServiceClient) DeleteAllUnmappedSubjectConditionSets(ctx context.Context, req *connect.Request[subjectmapping.DeleteAllUnmappedSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.DeleteAllUnmappedSubjectConditionSetsResponse], error) { + return c.deleteAllUnmappedSubjectConditionSets.CallUnary(ctx, req) +} + // SubjectMappingServiceHandler is an implementation of the // policy.subjectmapping.SubjectMappingService service. type SubjectMappingServiceHandler interface { @@ -270,6 +288,7 @@ type SubjectMappingServiceHandler interface { CreateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.CreateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.CreateSubjectConditionSetResponse], error) UpdateSubjectConditionSet(context.Context, *connect.Request[subjectmapping.UpdateSubjectConditionSetRequest]) (*connect.Response[subjectmapping.UpdateSubjectConditionSetResponse], error) DeleteSubjectConditionSet(context.Context, *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) + DeleteAllUnmappedSubjectConditionSets(context.Context, *connect.Request[subjectmapping.DeleteAllUnmappedSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.DeleteAllUnmappedSubjectConditionSetsResponse], error) } // NewSubjectMappingServiceHandler builds an HTTP handler from the service implementation. It @@ -344,6 +363,12 @@ func NewSubjectMappingServiceHandler(svc SubjectMappingServiceHandler, opts ...c connect.WithSchema(subjectMappingServiceDeleteSubjectConditionSetMethodDescriptor), connect.WithHandlerOptions(opts...), ) + subjectMappingServiceDeleteAllUnmappedSubjectConditionSetsHandler := connect.NewUnaryHandler( + SubjectMappingServiceDeleteAllUnmappedSubjectConditionSetsProcedure, + svc.DeleteAllUnmappedSubjectConditionSets, + connect.WithSchema(subjectMappingServiceDeleteAllUnmappedSubjectConditionSetsMethodDescriptor), + connect.WithHandlerOptions(opts...), + ) return "/policy.subjectmapping.SubjectMappingService/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { switch r.URL.Path { case SubjectMappingServiceMatchSubjectMappingsProcedure: @@ -368,6 +393,8 @@ func NewSubjectMappingServiceHandler(svc SubjectMappingServiceHandler, opts ...c subjectMappingServiceUpdateSubjectConditionSetHandler.ServeHTTP(w, r) case SubjectMappingServiceDeleteSubjectConditionSetProcedure: subjectMappingServiceDeleteSubjectConditionSetHandler.ServeHTTP(w, r) + case SubjectMappingServiceDeleteAllUnmappedSubjectConditionSetsProcedure: + subjectMappingServiceDeleteAllUnmappedSubjectConditionSetsHandler.ServeHTTP(w, r) default: http.NotFound(w, r) } @@ -420,3 +447,7 @@ func (UnimplementedSubjectMappingServiceHandler) UpdateSubjectConditionSet(conte func (UnimplementedSubjectMappingServiceHandler) DeleteSubjectConditionSet(context.Context, *connect.Request[subjectmapping.DeleteSubjectConditionSetRequest]) (*connect.Response[subjectmapping.DeleteSubjectConditionSetResponse], error) { return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.DeleteSubjectConditionSet is not implemented")) } + +func (UnimplementedSubjectMappingServiceHandler) DeleteAllUnmappedSubjectConditionSets(context.Context, *connect.Request[subjectmapping.DeleteAllUnmappedSubjectConditionSetsRequest]) (*connect.Response[subjectmapping.DeleteAllUnmappedSubjectConditionSetsResponse], error) { + return nil, connect.NewError(connect.CodeUnimplemented, errors.New("policy.subjectmapping.SubjectMappingService.DeleteAllUnmappedSubjectConditionSets is not implemented")) +} From 95f8da209686263fa68c6830c56de8c0939a04ca Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Tue, 5 Nov 2024 11:08:59 -0500 Subject: [PATCH 08/13] show go.mod in protocol/go --- .gitattributes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitattributes b/.gitattributes index 8052f8372a..2800126d46 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,5 +1,5 @@ +protocol/go/go.mod linguist-generated=false protocol/go/** linguist-generated=true -sdkjava/src/main/java/** linguist-generated=true docs/grpc/** linguist-generated=true docs/openapi/** linguist-generated=true service/policy/db/*.sql.go linguist-generated=true From 320b4d2d0524f783dcb93cfb248989677fc790ee Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Tue, 5 Nov 2024 11:11:46 -0500 Subject: [PATCH 09/13] try just go.mod --- .gitattributes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitattributes b/.gitattributes index 2800126d46..9d9a6e2aaa 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,4 +1,4 @@ -protocol/go/go.mod linguist-generated=false +go.mod linguist-generated=false protocol/go/** linguist-generated=true docs/grpc/** linguist-generated=true docs/openapi/** linguist-generated=true From d6998d87dd34e643ba786af191164b2ace2aec46 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Tue, 5 Nov 2024 11:17:33 -0500 Subject: [PATCH 10/13] attribute changes --- .gitattributes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitattributes b/.gitattributes index 9d9a6e2aaa..66d85e6a27 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,5 +1,5 @@ go.mod linguist-generated=false -protocol/go/** linguist-generated=true +sdkjava/src/main/java/** linguist-generated=true docs/grpc/** linguist-generated=true docs/openapi/** linguist-generated=true service/policy/db/*.sql.go linguist-generated=true From 515bbb20cc3cb3ba4a143356a3a7260c6dce4151 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Tue, 5 Nov 2024 11:24:37 -0500 Subject: [PATCH 11/13] remove javasdk from gitattributes --- .gitattributes | 2 -- 1 file changed, 2 deletions(-) diff --git a/.gitattributes b/.gitattributes index 66d85e6a27..2669ff174a 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,5 +1,3 @@ -go.mod linguist-generated=false -sdkjava/src/main/java/** linguist-generated=true docs/grpc/** linguist-generated=true docs/openapi/** linguist-generated=true service/policy/db/*.sql.go linguist-generated=true From 9ee727f3c1e036943c1a32f02c314e4a6a65e625 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Tue, 5 Nov 2024 13:19:27 -0500 Subject: [PATCH 12/13] update service go.mod --- service/go.mod | 1 + service/go.sum | 2 ++ 2 files changed, 3 insertions(+) diff --git a/service/go.mod b/service/go.mod index 51d945bcaf..3056b9d5f4 100644 --- a/service/go.mod +++ b/service/go.mod @@ -3,6 +3,7 @@ module github.com/opentdf/platform/service go 1.22 require ( + connectrpc.com/connect v1.17.0 github.com/Masterminds/squirrel v1.5.4 github.com/Nerzal/gocloak/v13 v13.9.0 github.com/bmatcuk/doublestar v1.3.4 diff --git a/service/go.sum b/service/go.sum index 98234e6005..e64f2e4af6 100644 --- a/service/go.sum +++ b/service/go.sum @@ -1,5 +1,7 @@ buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.34.1-20240508200655-46a4cf4ba109.1 h1:LEXWFH/xZ5oOWrC3oOtHbUyBdzRWMCPpAQmKC9v05mA= buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.34.1-20240508200655-46a4cf4ba109.1/go.mod h1:XF+P8+RmfdufmIYpGUC+6bF7S+IlmHDEnCrO3OXaUAQ= +connectrpc.com/connect v1.17.0 h1:W0ZqMhtVzn9Zhn2yATuUokDLO5N+gIuBWMOnsQrfmZk= +connectrpc.com/connect v1.17.0/go.mod h1:0292hj1rnx8oFrStN7cB4jjVBeqs+Yx5yDIC2prWDO8= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU= From 4bda5980f00e761af497a1282e399719059db498 Mon Sep 17 00:00:00 2001 From: Sean Trantalis Date: Wed, 6 Nov 2024 12:30:28 -0500 Subject: [PATCH 13/13] fix keycloak spelling in comment --- service/entityresolution/entityresolution.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/service/entityresolution/entityresolution.go b/service/entityresolution/entityresolution.go index 44537c8009..d66c2dc6b4 100644 --- a/service/entityresolution/entityresolution.go +++ b/service/entityresolution/entityresolution.go @@ -37,7 +37,7 @@ func NewRegistration() *serviceregistry.Service[EntityResolution] { return &EntityResolution{EntityResolutionServiceServer: claimsSVC}, claimsHandler } - // Default to keyclaok ERS + // Default to keycloak ERS kcSVC, kcHandler := keycloak.RegisterKeycloakERS(srp.Config, srp.Logger) return &EntityResolution{EntityResolutionServiceServer: kcSVC}, kcHandler },