canic_core/dto/
auth.rs

1use crate::dto::{error::Error, prelude::*, rpc::RootRequestMetadata};
2
3//
4// DelegationAudience
5//
6
7#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
8pub enum DelegationAudience {
9    Any,
10    Roles(Vec<CanisterRole>),
11}
12
13//
14// DelegationCert
15//
16
17#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
18pub struct DelegationCert {
19    pub root_pid: Principal,
20    pub shard_pid: Principal,
21    pub issued_at: u64,
22    pub expires_at: u64,
23    pub scopes: Vec<String>,
24    pub aud: DelegationAudience,
25}
26
27//
28// DelegationProof
29//
30
31#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
32pub struct DelegationProof {
33    pub cert: DelegationCert,
34    pub cert_sig: Vec<u8>,
35}
36
37//
38// DelegationProofInstallIntent
39//
40
41#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq)]
42pub enum DelegationProofInstallIntent {
43    Provisioning,
44    Repair,
45}
46
47//
48// DelegationProofInstallRequest
49//
50
51#[derive(CandidType, Clone, Debug, Deserialize)]
52pub struct DelegationProofInstallRequest {
53    pub proof: DelegationProof,
54    pub intent: DelegationProofInstallIntent,
55    #[serde(default)]
56    pub root_public_key_sec1: Option<Vec<u8>>,
57    pub shard_public_key_sec1: Vec<u8>,
58}
59
60//
61// DelegatedTokenClaims
62//
63
64#[derive(CandidType, Clone, Debug, Deserialize)]
65pub struct DelegatedTokenClaims {
66    pub sub: Principal,
67    pub shard_pid: Principal,
68    pub scopes: Vec<String>,
69    pub aud: DelegationAudience,
70    pub iat: u64,
71    pub exp: u64,
72    // Optional signed application payload. CANIC preserves this field but does
73    // not interpret it; applications own its schema and authorization meaning.
74    #[serde(default)]
75    pub ext: Option<Vec<u8>>,
76}
77
78//
79// DelegatedToken
80//
81
82#[derive(CandidType, Clone, Debug, Deserialize)]
83pub struct DelegatedToken {
84    pub claims: DelegatedTokenClaims,
85    pub proof: DelegationProof,
86    pub token_sig: Vec<u8>,
87}
88
89//
90// DelegationRequest
91//
92
93#[derive(CandidType, Clone, Debug, Deserialize)]
94pub struct DelegationRequest {
95    pub shard_pid: Principal,
96    pub scopes: Vec<String>,
97    pub aud: DelegationAudience,
98    pub ttl_secs: u64,
99    pub shard_public_key_sec1: Vec<u8>,
100    #[serde(default)]
101    pub metadata: Option<RootRequestMetadata>,
102}
103
104//
105// RoleAttestationRequest
106//
107
108#[derive(CandidType, Clone, Debug, Deserialize)]
109pub struct RoleAttestationRequest {
110    pub subject: Principal,
111    pub role: CanisterRole,
112    #[serde(default)]
113    pub subnet_id: Option<Principal>,
114    #[serde(default)]
115    pub audience: Option<Principal>,
116    pub ttl_secs: u64,
117    pub epoch: u64,
118    #[serde(default)]
119    pub metadata: Option<RootRequestMetadata>,
120}
121
122//
123// RoleAttestation
124//
125
126#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
127pub struct RoleAttestation {
128    pub subject: Principal,
129    pub role: CanisterRole,
130    #[serde(default)]
131    pub subnet_id: Option<Principal>,
132    #[serde(default)]
133    pub audience: Option<Principal>,
134    pub issued_at: u64,
135    pub expires_at: u64,
136    pub epoch: u64,
137}
138
139//
140// SignedRoleAttestation
141//
142
143#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
144pub struct SignedRoleAttestation {
145    pub payload: RoleAttestation,
146    pub signature: Vec<u8>,
147    pub key_id: u32,
148}
149
150//
151// AttestationKeyStatus
152//
153
154#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq)]
155pub enum AttestationKeyStatus {
156    Current,
157    Previous,
158}
159
160//
161// AttestationKey
162//
163
164#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
165pub struct AttestationKey {
166    pub key_id: u32,
167    pub public_key: Vec<u8>,
168    pub status: AttestationKeyStatus,
169    #[serde(default)]
170    pub valid_from: Option<u64>,
171    #[serde(default)]
172    pub valid_until: Option<u64>,
173}
174
175//
176// AttestationKeySet
177//
178
179#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
180pub struct AttestationKeySet {
181    pub root_pid: Principal,
182    pub generated_at: u64,
183    pub keys: Vec<AttestationKey>,
184}
185
186// Canonical delegation issuance response. Fanout results are verifier-only.
187//
188// DelegationProvisionResponse
189//
190
191#[derive(CandidType, Clone, Debug, Deserialize, Serialize)]
192pub struct DelegationProvisionResponse {
193    pub proof: DelegationProof,
194    pub results: Vec<DelegationProvisionTargetResponse>,
195}
196
197//
198// DelegationVerifierProofPushRequest
199//
200
201#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
202pub struct DelegationVerifierProofPushRequest {
203    pub proof: DelegationProof,
204    pub verifier_targets: Vec<Principal>,
205}
206
207//
208// DelegationVerifierProofPushResponse
209//
210
211#[derive(CandidType, Clone, Debug, Deserialize)]
212pub struct DelegationVerifierProofPushResponse {
213    pub results: Vec<DelegationProvisionTargetResponse>,
214}
215
216//
217// DelegationProofStatus
218//
219
220#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq)]
221pub struct DelegationProofStatus {
222    pub shard_pid: Principal,
223    pub issued_at: u64,
224    pub expires_at: u64,
225}
226
227#[derive(CandidType, Clone, Copy, Debug, Deserialize, Eq, PartialEq, Serialize)]
228pub enum DelegationProvisionStatus {
229    Ok,
230    Failed,
231}
232
233//
234// DelegationAdminCommand
235//
236
237#[derive(CandidType, Clone, Debug, Deserialize)]
238pub enum DelegationAdminCommand {
239    RepairVerifiers(DelegationVerifierProofPushRequest),
240}
241
242//
243// DelegationAdminResponse
244//
245
246#[derive(CandidType, Clone, Debug, Deserialize)]
247pub enum DelegationAdminResponse {
248    RepairedVerifiers {
249        result: DelegationVerifierProofPushResponse,
250    },
251}
252
253//
254// DelegationProvisionTargetResponse
255//
256
257#[derive(CandidType, Clone, Debug, Deserialize, Serialize)]
258pub struct DelegationProvisionTargetResponse {
259    pub target: Principal,
260    pub status: DelegationProvisionStatus,
261    pub error: Option<Error>,
262}
canic_core/dto/auth.rs

canic_core/dto/
auth.rs
