canic_core/dto/auth/
attestation.rs1use super::IcCanisterSignatureProofV1;
8use crate::dto::{prelude::*, rpc::RootRequestMetadata};
9
10#[derive(CandidType, Clone, Debug, Deserialize)]
15pub struct RoleAttestationRequest {
16 pub subject: Principal,
17 pub role: CanisterRole,
18 #[serde(default)]
19 pub subnet_id: Option<Principal>,
20 pub audience: Principal,
21 pub ttl_ns: u64,
22 pub epoch: u64,
23 #[serde(default)]
24 pub metadata: Option<RootRequestMetadata>,
25}
26
27#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
32pub struct RoleAttestation {
33 pub subject: Principal,
34 pub role: CanisterRole,
35 #[serde(default)]
36 pub subnet_id: Option<Principal>,
37 pub audience: Principal,
38 pub issued_at_ns: u64,
39 pub expires_at_ns: u64,
40 pub epoch: u64,
41}
42
43#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
48pub enum RoleAttestationRootProof {
49 IcCanisterSignatureV1(IcCanisterSignatureProofV1),
50}
51
52#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
57pub struct RoleAttestationPrepareResponse {
58 pub payload: RoleAttestation,
59 pub payload_hash: [u8; 32],
60 pub retrieval_expires_at_ns: u64,
61}
62
63#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
68pub struct RoleAttestationGetRequest {
69 pub payload_hash: [u8; 32],
70}
71
72#[derive(CandidType, Clone, Debug, Deserialize, Eq, PartialEq, Serialize)]
77pub struct SignedRoleAttestation {
78 pub payload: RoleAttestation,
79 pub root_proof: RoleAttestationRootProof,
80}