sdk/fidl/fuchsia.identity.external/auth_provider.fidl - fuchsia - Git at Google

 // Copyright 2019 The Fuchsia Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 library fuchsia.identity.external;

 using fuchsia.auth;
 using fuchsia.identity.tokens as tokens;

 /// The request format used to create a new OAuth 2.0 Refresh Token.
 type OauthRefreshTokenRequest = resource table {
     /// The account to create the token for, if known. If omitted, the user will
     /// be prompted to specify an account.
     1: account_id tokens.AccountId;
     /// A UI Context used to overlay a view in which the user can interactively
     /// authenticate. This field is required.
     2: ui_context client_end:fuchsia.auth.AuthenticationUIContext;
 };

 /// The request format used to exchange an OAuth 2.0 Refresh Token for an
 /// Access Token.
 type OauthAccessTokenFromOauthRefreshTokenRequest = table {
     /// The Refresh token to exchange. This field is required.
     1: refresh_token tokens.OauthRefreshToken;
     /// The OAuth ClientID for the component requesting the token. If absent, a
     /// default ClientID defined by the implementation will be used.
     2: client_id tokens.ClientId;
     /// The list of OAuth scope strings to request. If absent or empty, a
     /// default set of scopes defined by the implementation will be used.
     3: scopes vector<tokens.Scope>:tokens.MAX_SCOPE_COUNT;
 };

 /// A protocol to request the creation, exchange, and revokation of Oauth 2.0
 /// tokens.
 @discoverable
 protocol Oauth {
     /// Creates a new refresh token. If this request is successful
     /// the refresh token will be returned. Optionally an access token with
     /// the default client ID and scope may also be returned (if no token is
     /// available the fields in access_token will be unpopulated).
     CreateRefreshToken(resource struct {
         request OauthRefreshTokenRequest;
     }) -> (struct {
         refresh_token tokens.OauthRefreshToken;
         access_token tokens.OauthAccessToken;
     }) error Error;

     /// Exchanges a refresh token for an access token.
     GetAccessTokenFromRefreshToken(struct {
         request OauthAccessTokenFromOauthRefreshTokenRequest;
     }) -> (struct {
         access_token tokens.OauthAccessToken;
     }) error Error;

     /// Attempts to revoke the supplied refresh token.
     RevokeRefreshToken(struct {
         refresh_token tokens.OauthRefreshToken;
     }) -> (struct {}) error Error;

     /// Attempts to revoke the supplied access token.
     RevokeAccessToken(struct {
         access_token tokens.OauthAccessToken;
     }) -> (struct {}) error Error;
 };

 /// A protocol to request the creation, exchange, and revokation of OpenID
 /// Connect tokens.
 @discoverable
 protocol OpenIdConnect {
     /// Attempts to revoke the supplied ID token.
     RevokeIdToken(struct {
         id_token tokens.OpenIdToken;
     }) -> (struct {}) error Error;
 };

 /// The request format used to exchange an OAuth 2.0 Refresh Token for an
 /// OpenID Connect ID token.
 type OpenIdTokenFromOauthRefreshTokenRequest = table {
     /// The refresh token to exchange. This field is required.
     1: refresh_token tokens.OauthRefreshToken;
     /// The OpenID audience strings that the ID token should be issued to. If
     /// absent or empty, a default set of scopes defined by the implementation
     /// will be used.
     2: audiences vector<tokens.Audience>:tokens.MAX_AUDIENCE_COUNT;
 };

 /// The request format used to exchange an OAuth 2.0 Access Token for a User
 /// Info response as defined by OpenID Connect.
 type OpenIdUserInfoFromOauthAccessTokenRequest = table {
     /// The Access token to exchange. This field is required.
     1: access_token tokens.OauthAccessToken;
 };

 /// A protocol to perform exchanges between Oauth 2.0 and OpenID Connect tokens.
 @discoverable
 protocol OauthOpenIdConnect {
     /// Exchanges an OAuth refresh token for an OpenID Connect ID token.
     GetIdTokenFromRefreshToken(struct {
         request OpenIdTokenFromOauthRefreshTokenRequest;
     }) -> (struct {
         id_token tokens.OpenIdToken;
     }) error Error;

     /// Exchanges an OAuth access token for an OpenID Connect UserInfo.
     GetUserInfoFromAccessToken(struct {
         request OpenIdUserInfoFromOauthAccessTokenRequest;
     }) -> (struct {
         user_info tokens.OpenIdUserInfo;
     }) error Error;
 };
	// Copyright 2019 The Fuchsia Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.
	library fuchsia.identity.external;

	using fuchsia.auth;
	using fuchsia.identity.tokens as tokens;

	/// The request format used to create a new OAuth 2.0 Refresh Token.
	type OauthRefreshTokenRequest = resource table {
	/// The account to create the token for, if known. If omitted, the user will
	/// be prompted to specify an account.
	1: account_id tokens.AccountId;
	/// A UI Context used to overlay a view in which the user can interactively
	/// authenticate. This field is required.
	2: ui_context client_end:fuchsia.auth.AuthenticationUIContext;
	};

	/// The request format used to exchange an OAuth 2.0 Refresh Token for an
	/// Access Token.
	type OauthAccessTokenFromOauthRefreshTokenRequest = table {
	/// The Refresh token to exchange. This field is required.
	1: refresh_token tokens.OauthRefreshToken;
	/// The OAuth ClientID for the component requesting the token. If absent, a
	/// default ClientID defined by the implementation will be used.
	2: client_id tokens.ClientId;
	/// The list of OAuth scope strings to request. If absent or empty, a
	/// default set of scopes defined by the implementation will be used.
	3: scopes vector<tokens.Scope>:tokens.MAX_SCOPE_COUNT;
	};

	/// A protocol to request the creation, exchange, and revokation of Oauth 2.0
	/// tokens.
	@discoverable
	protocol Oauth {
	/// Creates a new refresh token. If this request is successful
	/// the refresh token will be returned. Optionally an access token with
	/// the default client ID and scope may also be returned (if no token is
	/// available the fields in access_token will be unpopulated).
	CreateRefreshToken(resource struct {
	request OauthRefreshTokenRequest;
	}) -> (struct {
	refresh_token tokens.OauthRefreshToken;
	access_token tokens.OauthAccessToken;
	}) error Error;

	/// Exchanges a refresh token for an access token.
	GetAccessTokenFromRefreshToken(struct {
	request OauthAccessTokenFromOauthRefreshTokenRequest;
	}) -> (struct {
	access_token tokens.OauthAccessToken;
	}) error Error;

	/// Attempts to revoke the supplied refresh token.
	RevokeRefreshToken(struct {
	refresh_token tokens.OauthRefreshToken;
	}) -> (struct {}) error Error;

	/// Attempts to revoke the supplied access token.
	RevokeAccessToken(struct {
	access_token tokens.OauthAccessToken;
	}) -> (struct {}) error Error;
	};

	/// A protocol to request the creation, exchange, and revokation of OpenID
	/// Connect tokens.
	@discoverable
	protocol OpenIdConnect {
	/// Attempts to revoke the supplied ID token.
	RevokeIdToken(struct {
	id_token tokens.OpenIdToken;
	}) -> (struct {}) error Error;
	};

	/// The request format used to exchange an OAuth 2.0 Refresh Token for an
	/// OpenID Connect ID token.
	type OpenIdTokenFromOauthRefreshTokenRequest = table {
	/// The refresh token to exchange. This field is required.
	1: refresh_token tokens.OauthRefreshToken;
	/// The OpenID audience strings that the ID token should be issued to. If
	/// absent or empty, a default set of scopes defined by the implementation
	/// will be used.
	2: audiences vector<tokens.Audience>:tokens.MAX_AUDIENCE_COUNT;
	};

	/// The request format used to exchange an OAuth 2.0 Access Token for a User
	/// Info response as defined by OpenID Connect.
	type OpenIdUserInfoFromOauthAccessTokenRequest = table {
	/// The Access token to exchange. This field is required.
	1: access_token tokens.OauthAccessToken;
	};

	/// A protocol to perform exchanges between Oauth 2.0 and OpenID Connect tokens.
	@discoverable
	protocol OauthOpenIdConnect {
	/// Exchanges an OAuth refresh token for an OpenID Connect ID token.
	GetIdTokenFromRefreshToken(struct {
	request OpenIdTokenFromOauthRefreshTokenRequest;
	}) -> (struct {
	id_token tokens.OpenIdToken;
	}) error Error;

	/// Exchanges an OAuth access token for an OpenID Connect UserInfo.
	GetUserInfoFromAccessToken(struct {
	request OpenIdUserInfoFromOauthAccessTokenRequest;
	}) -> (struct {
	user_info tokens.OpenIdUserInfo;
	}) error Error;
	};