canic_core/api/auth/
root.rs1use super::AuthApi;
8use crate::{
9 cdk::types::Principal,
10 dto::{
11 auth::{
12 RootDelegationProofBatchProof, RootIssuerPolicyResponse, RootIssuerPolicyUpsertRequest,
13 RootIssuerRenewalStatusRequest, RootIssuerRenewalStatusResponse,
14 RootIssuerRenewalTemplateResponse, RootIssuerRenewalTemplateUpsertRequest,
15 },
16 error::Error,
17 },
18 ops::{ic::IcOps, runtime::env::EnvOps},
19 workflow::runtime::auth::RuntimeAuthWorkflow,
20};
21
22impl AuthApi {
23 pub fn upsert_root_issuer_policy_root(
25 request: RootIssuerPolicyUpsertRequest,
26 ) -> Result<RootIssuerPolicyResponse, Error> {
27 EnvOps::require_root().map_err(Error::from)?;
28 RuntimeAuthWorkflow::upsert_root_issuer_policy(request).map_err(Self::map_auth_error)
29 }
30
31 pub fn upsert_root_issuer_renewal_template_root(
33 request: RootIssuerRenewalTemplateUpsertRequest,
34 ) -> Result<RootIssuerRenewalTemplateResponse, Error> {
35 EnvOps::require_root().map_err(Error::from)?;
36 RuntimeAuthWorkflow::upsert_root_issuer_renewal_template(request)
37 .map_err(Self::map_auth_error)
38 }
39
40 pub fn root_issuer_renewal_status_root(
42 request: RootIssuerRenewalStatusRequest,
43 ) -> Result<RootIssuerRenewalStatusResponse, Error> {
44 EnvOps::require_root().map_err(Error::from)?;
45 Ok(RuntimeAuthWorkflow::root_issuer_renewal_status(request))
46 }
47
48 pub async fn get_or_create_chain_key_delegation_proof_root()
50 -> Result<RootDelegationProofBatchProof, Error> {
51 EnvOps::require_root().map_err(Error::from)?;
52 RuntimeAuthWorkflow::get_or_create_chain_key_delegation_proof_for_issuer_root(
53 IcOps::msg_caller(),
54 )
55 .await
56 .map_err(Self::map_auth_error)
57 }
58
59 pub async fn provision_chain_key_delegation_proof_for_issuer_root(
64 issuer_pid: Principal,
65 ) -> Result<(), Error> {
66 EnvOps::require_root().map_err(Error::from)?;
67 RuntimeAuthWorkflow::provision_chain_key_delegation_proof_for_issuer_root(issuer_pid)
68 .await
69 .map_err(Self::map_auth_error)
70 }
71}