linkerd2_proxy_api/gen/
io.linkerd.proxy.identity.rs

1#[allow(clippy::derive_partial_eq_without_eq)]
2#[derive(Clone, PartialEq, ::prost::Message)]
3pub struct CertifyRequest {
4    #[prost(string, tag = "1")]
5    pub identity: ::prost::alloc::string::String,
6    /// Proof of the requester's identity.
7    ///
8    /// In Kubernetes, for instance, this is the contents of a service account
9    /// token.
10    #[prost(bytes = "vec", tag = "2")]
11    pub token: ::prost::alloc::vec::Vec<u8>,
12    /// A PEM-encoded x509 Certificate Signing Request.
13    #[prost(bytes = "vec", tag = "3")]
14    pub certificate_signing_request: ::prost::alloc::vec::Vec<u8>,
15}
16#[allow(clippy::derive_partial_eq_without_eq)]
17#[derive(Clone, PartialEq, ::prost::Message)]
18pub struct CertifyResponse {
19    /// A PEM-encoded x509 Certificate.
20    #[prost(bytes = "vec", tag = "1")]
21    pub leaf_certificate: ::prost::alloc::vec::Vec<u8>,
22    /// A list of PEM-encoded x509 Certificates that establish the trust chain
23    /// between the leaf_certificate and the well-known trust anchors.
24    #[prost(bytes = "vec", repeated, tag = "2")]
25    pub intermediate_certificates: ::prost::alloc::vec::Vec<
26        ::prost::alloc::vec::Vec<u8>,
27    >,
28    #[prost(message, optional, tag = "3")]
29    pub valid_until: ::core::option::Option<::prost_types::Timestamp>,
30}
31/// Generated client implementations.
32pub mod identity_client {
33    #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
34    use tonic::codegen::*;
35    use tonic::codegen::http::Uri;
36    #[derive(Debug, Clone)]
37    pub struct IdentityClient<T> {
38        inner: tonic::client::Grpc<T>,
39    }
40    impl<T> IdentityClient<T>
41    where
42        T: tonic::client::GrpcService<tonic::body::BoxBody>,
43        T::Error: Into<StdError>,
44        T::ResponseBody: Body<Data = Bytes> + Send + 'static,
45        <T::ResponseBody as Body>::Error: Into<StdError> + Send,
46    {
47        pub fn new(inner: T) -> Self {
48            let inner = tonic::client::Grpc::new(inner);
49            Self { inner }
50        }
51        pub fn with_origin(inner: T, origin: Uri) -> Self {
52            let inner = tonic::client::Grpc::with_origin(inner, origin);
53            Self { inner }
54        }
55        pub fn with_interceptor<F>(
56            inner: T,
57            interceptor: F,
58        ) -> IdentityClient<InterceptedService<T, F>>
59        where
60            F: tonic::service::Interceptor,
61            T::ResponseBody: Default,
62            T: tonic::codegen::Service<
63                http::Request<tonic::body::BoxBody>,
64                Response = http::Response<
65                    <T as tonic::client::GrpcService<tonic::body::BoxBody>>::ResponseBody,
66                >,
67            >,
68            <T as tonic::codegen::Service<
69                http::Request<tonic::body::BoxBody>,
70            >>::Error: Into<StdError> + Send + Sync,
71        {
72            IdentityClient::new(InterceptedService::new(inner, interceptor))
73        }
74        /// Compress requests with the given encoding.
75        ///
76        /// This requires the server to support it otherwise it might respond with an
77        /// error.
78        #[must_use]
79        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
80            self.inner = self.inner.send_compressed(encoding);
81            self
82        }
83        /// Enable decompressing responses.
84        #[must_use]
85        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
86            self.inner = self.inner.accept_compressed(encoding);
87            self
88        }
89        /// Limits the maximum size of a decoded message.
90        ///
91        /// Default: `4MB`
92        #[must_use]
93        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
94            self.inner = self.inner.max_decoding_message_size(limit);
95            self
96        }
97        /// Limits the maximum size of an encoded message.
98        ///
99        /// Default: `usize::MAX`
100        #[must_use]
101        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
102            self.inner = self.inner.max_encoding_message_size(limit);
103            self
104        }
105        /// Requests that a time-bounded certificate be signed.
106        ///
107        /// The requester must provide a token that verifies the client's identity and
108        /// a Certificate Signing Request that adheres to the service naming rules.
109        ///
110        /// Errors are returned when the provided request is invalid or when
111        /// authentication cannot be performed.
112        pub async fn certify(
113            &mut self,
114            request: impl tonic::IntoRequest<super::CertifyRequest>,
115        ) -> std::result::Result<
116            tonic::Response<super::CertifyResponse>,
117            tonic::Status,
118        > {
119            self.inner
120                .ready()
121                .await
122                .map_err(|e| {
123                    tonic::Status::new(
124                        tonic::Code::Unknown,
125                        format!("Service was not ready: {}", e.into()),
126                    )
127                })?;
128            let codec = tonic::codec::ProstCodec::default();
129            let path = http::uri::PathAndQuery::from_static(
130                "/io.linkerd.proxy.identity.Identity/Certify",
131            );
132            let mut req = request.into_request();
133            req.extensions_mut()
134                .insert(
135                    GrpcMethod::new("io.linkerd.proxy.identity.Identity", "Certify"),
136                );
137            self.inner.unary(req, path, codec).await
138        }
139    }
140}
141/// Generated server implementations.
142pub mod identity_server {
143    #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)]
144    use tonic::codegen::*;
145    /// Generated trait containing gRPC methods that should be implemented for use with IdentityServer.
146    #[async_trait]
147    pub trait Identity: Send + Sync + 'static {
148        /// Requests that a time-bounded certificate be signed.
149        ///
150        /// The requester must provide a token that verifies the client's identity and
151        /// a Certificate Signing Request that adheres to the service naming rules.
152        ///
153        /// Errors are returned when the provided request is invalid or when
154        /// authentication cannot be performed.
155        async fn certify(
156            &self,
157            request: tonic::Request<super::CertifyRequest>,
158        ) -> std::result::Result<tonic::Response<super::CertifyResponse>, tonic::Status>;
159    }
160    #[derive(Debug)]
161    pub struct IdentityServer<T: Identity> {
162        inner: _Inner<T>,
163        accept_compression_encodings: EnabledCompressionEncodings,
164        send_compression_encodings: EnabledCompressionEncodings,
165        max_decoding_message_size: Option<usize>,
166        max_encoding_message_size: Option<usize>,
167    }
168    struct _Inner<T>(Arc<T>);
169    impl<T: Identity> IdentityServer<T> {
170        pub fn new(inner: T) -> Self {
171            Self::from_arc(Arc::new(inner))
172        }
173        pub fn from_arc(inner: Arc<T>) -> Self {
174            let inner = _Inner(inner);
175            Self {
176                inner,
177                accept_compression_encodings: Default::default(),
178                send_compression_encodings: Default::default(),
179                max_decoding_message_size: None,
180                max_encoding_message_size: None,
181            }
182        }
183        pub fn with_interceptor<F>(
184            inner: T,
185            interceptor: F,
186        ) -> InterceptedService<Self, F>
187        where
188            F: tonic::service::Interceptor,
189        {
190            InterceptedService::new(Self::new(inner), interceptor)
191        }
192        /// Enable decompressing requests with the given encoding.
193        #[must_use]
194        pub fn accept_compressed(mut self, encoding: CompressionEncoding) -> Self {
195            self.accept_compression_encodings.enable(encoding);
196            self
197        }
198        /// Compress responses with the given encoding, if the client supports it.
199        #[must_use]
200        pub fn send_compressed(mut self, encoding: CompressionEncoding) -> Self {
201            self.send_compression_encodings.enable(encoding);
202            self
203        }
204        /// Limits the maximum size of a decoded message.
205        ///
206        /// Default: `4MB`
207        #[must_use]
208        pub fn max_decoding_message_size(mut self, limit: usize) -> Self {
209            self.max_decoding_message_size = Some(limit);
210            self
211        }
212        /// Limits the maximum size of an encoded message.
213        ///
214        /// Default: `usize::MAX`
215        #[must_use]
216        pub fn max_encoding_message_size(mut self, limit: usize) -> Self {
217            self.max_encoding_message_size = Some(limit);
218            self
219        }
220    }
221    impl<T, B> tonic::codegen::Service<http::Request<B>> for IdentityServer<T>
222    where
223        T: Identity,
224        B: Body + Send + 'static,
225        B::Error: Into<StdError> + Send + 'static,
226    {
227        type Response = http::Response<tonic::body::BoxBody>;
228        type Error = std::convert::Infallible;
229        type Future = BoxFuture<Self::Response, Self::Error>;
230        fn poll_ready(
231            &mut self,
232            _cx: &mut Context<'_>,
233        ) -> Poll<std::result::Result<(), Self::Error>> {
234            Poll::Ready(Ok(()))
235        }
236        fn call(&mut self, req: http::Request<B>) -> Self::Future {
237            let inner = self.inner.clone();
238            match req.uri().path() {
239                "/io.linkerd.proxy.identity.Identity/Certify" => {
240                    #[allow(non_camel_case_types)]
241                    struct CertifySvc<T: Identity>(pub Arc<T>);
242                    impl<T: Identity> tonic::server::UnaryService<super::CertifyRequest>
243                    for CertifySvc<T> {
244                        type Response = super::CertifyResponse;
245                        type Future = BoxFuture<
246                            tonic::Response<Self::Response>,
247                            tonic::Status,
248                        >;
249                        fn call(
250                            &mut self,
251                            request: tonic::Request<super::CertifyRequest>,
252                        ) -> Self::Future {
253                            let inner = Arc::clone(&self.0);
254                            let fut = async move {
255                                <T as Identity>::certify(&inner, request).await
256                            };
257                            Box::pin(fut)
258                        }
259                    }
260                    let accept_compression_encodings = self.accept_compression_encodings;
261                    let send_compression_encodings = self.send_compression_encodings;
262                    let max_decoding_message_size = self.max_decoding_message_size;
263                    let max_encoding_message_size = self.max_encoding_message_size;
264                    let inner = self.inner.clone();
265                    let fut = async move {
266                        let inner = inner.0;
267                        let method = CertifySvc(inner);
268                        let codec = tonic::codec::ProstCodec::default();
269                        let mut grpc = tonic::server::Grpc::new(codec)
270                            .apply_compression_config(
271                                accept_compression_encodings,
272                                send_compression_encodings,
273                            )
274                            .apply_max_message_size_config(
275                                max_decoding_message_size,
276                                max_encoding_message_size,
277                            );
278                        let res = grpc.unary(method, req).await;
279                        Ok(res)
280                    };
281                    Box::pin(fut)
282                }
283                _ => {
284                    Box::pin(async move {
285                        Ok(
286                            http::Response::builder()
287                                .status(200)
288                                .header("grpc-status", "12")
289                                .header("content-type", "application/grpc")
290                                .body(empty_body())
291                                .unwrap(),
292                        )
293                    })
294                }
295            }
296        }
297    }
298    impl<T: Identity> Clone for IdentityServer<T> {
299        fn clone(&self) -> Self {
300            let inner = self.inner.clone();
301            Self {
302                inner,
303                accept_compression_encodings: self.accept_compression_encodings,
304                send_compression_encodings: self.send_compression_encodings,
305                max_decoding_message_size: self.max_decoding_message_size,
306                max_encoding_message_size: self.max_encoding_message_size,
307            }
308        }
309    }
310    impl<T: Identity> Clone for _Inner<T> {
311        fn clone(&self) -> Self {
312            Self(Arc::clone(&self.0))
313        }
314    }
315    impl<T: std::fmt::Debug> std::fmt::Debug for _Inner<T> {
316        fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
317            write!(f, "{:?}", self.0)
318        }
319    }
320    impl<T: Identity> tonic::server::NamedService for IdentityServer<T> {
321        const NAME: &'static str = "io.linkerd.proxy.identity.Identity";
322    }
323}