mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-06 13:56:04 +02:00
66b4c2d3cd
proxy: Add user dashboard. [GH-123] proxy/authenticate: Add manual refresh of their session. [GH-73] authorize: Add administrator (super user) account support. [GH-110] internal/policy: Allow administrators to impersonate other users. [GH-110]
25 lines
502 B
Protocol Buffer
25 lines
502 B
Protocol Buffer
syntax = "proto3";
|
|
|
|
package authorize;
|
|
|
|
service Authorizer {
|
|
rpc Authorize(Identity) returns (AuthorizeReply) {}
|
|
rpc IsAdmin(Identity) returns (IsAdminReply) {}
|
|
|
|
}
|
|
|
|
message Identity {
|
|
// request context
|
|
string route = 1;
|
|
// user context
|
|
string user = 2;
|
|
string email = 3;
|
|
repeated string groups = 4;
|
|
// user context
|
|
string impersonate_email = 5;
|
|
repeated string impersonate_groups = 6;
|
|
}
|
|
|
|
message AuthorizeReply { bool is_valid = 1; }
|
|
|
|
message IsAdminReply { bool is_admin = 1; }
|