syntax = "proto3";

package go.micro.auth;

service Auth {
	rpc Generate(GenerateRequest) returns (GenerateResponse) {};
	rpc Inspect(InspectRequest)  returns (InspectResponse) {};		
	rpc Refresh(RefreshRequest)  returns (RefreshResponse) {};
}

message Token {
	string token = 1;
	string type = 2;
	int64 created = 3;
	int64 expiry = 4;
	string subject = 5;
	repeated string roles = 6;
	map<string, string> metadata = 7;
	string namespace = 8;
}

message Account {
	string id = 1;
	Token secret = 2;
	repeated string roles = 3;
	map<string, string> metadata = 4;
	string namespace = 5;
}

message Resource{
	string name = 1;
	string type = 2;
	string endpoint = 3;
}

message GenerateRequest {
	string id = 1;
	repeated string roles = 2;
	map<string, string> metadata = 3;
	int64 secret_expiry = 4;
	string namespace = 5;
}

message GenerateResponse {
	Account account = 1;
}

message GrantRequest {
	string role = 1;
	Resource resource = 2;
}

message GrantResponse {}

message RevokeRequest {
	string role = 1;
	Resource resource = 2;
}

message RevokeResponse {}

message InspectRequest {
	string token = 1;
}

message InspectResponse {
	Account account = 1;
}

message RefreshRequest {
	string secret = 1;
	int64 token_expiry = 2;
}

message RefreshResponse {
	Token token = 1;
}