diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs --- a/services/identity/src/grpc_services/authenticated.rs +++ b/services/identity/src/grpc_services/authenticated.rs @@ -22,7 +22,8 @@ InboundKeyInfo, InboundKeysForUserRequest, InboundKeysForUserResponse, KeyserverKeysResponse, LinkFarcasterAccountRequest, OutboundKeyInfo, OutboundKeysForUserRequest, OutboundKeysForUserResponse, - PeersDeviceListsRequest, PeersDeviceListsResponse, RefreshUserPrekeysRequest, + PeersDeviceListsRequest, PeersDeviceListsResponse, + PrimaryDeviceLogoutRequest, RefreshUserPrekeysRequest, UpdateDeviceListRequest, UpdateUserPasswordFinishRequest, UpdateUserPasswordStartRequest, UpdateUserPasswordStartResponse, UploadOneTimeKeysRequest, UserDevicesPlatformDetails, UserIdentitiesRequest, @@ -415,6 +416,15 @@ Ok(Response::new(response)) } + #[tracing::instrument(skip_all)] + async fn log_out_primary_device( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + let response = Empty {}; + Ok(Response::new(response)) + } + #[tracing::instrument(skip_all)] async fn log_out_secondary_device( &self, diff --git a/shared/protos/identity_auth.proto b/shared/protos/identity_auth.proto --- a/shared/protos/identity_auth.proto +++ b/shared/protos/identity_auth.proto @@ -53,6 +53,10 @@ // Called by a ssecondary device to log out (clear its keys and access token) rpc LogOutSecondaryDevice(identity.unauth.Empty) returns (identity.unauth.Empty) {} + // Called by a primary device to log out (clear all devices' keys and tokens) + rpc LogOutPrimaryDevice(PrimaryDeviceLogoutRequest) returns + (identity.unauth.Empty) {} + // Called by a user to delete their own account rpc DeletePasswordUserStart(DeletePasswordUserStartRequest) returns (DeletePasswordUserStartResponse) {} @@ -197,6 +201,21 @@ bytes opaque_login_response = 3; } +// LogOutPrimaryDevice + +message PrimaryDeviceLogoutRequest { + // A stringified JSON object of the following format: + // { + // "rawDeviceList": JSON.stringify({ + // "devices": [] + // "timestamp": , + // }), + // "curPrimarySignature": "base64-encoded primary device signature" + // } + // The device list is a singleton of primary device that is being logged out. + string signed_device_list = 1; +} + // DeletePasswordUser // First user must log in diff --git a/web/protobufs/identity-auth-client.cjs b/web/protobufs/identity-auth-client.cjs --- a/web/protobufs/identity-auth-client.cjs +++ b/web/protobufs/identity-auth-client.cjs @@ -627,6 +627,67 @@ }; +/** + * @const + * @type {!grpc.web.MethodDescriptor< + * !proto.identity.auth.PrimaryDeviceLogoutRequest, + * !proto.identity.unauth.Empty>} + */ +const methodDescriptor_IdentityClientService_LogOutPrimaryDevice = new grpc.web.MethodDescriptor( + '/identity.auth.IdentityClientService/LogOutPrimaryDevice', + grpc.web.MethodType.UNARY, + proto.identity.auth.PrimaryDeviceLogoutRequest, + identity_unauth_pb.Empty, + /** + * @param {!proto.identity.auth.PrimaryDeviceLogoutRequest} request + * @return {!Uint8Array} + */ + function(request) { + return request.serializeBinary(); + }, + identity_unauth_pb.Empty.deserializeBinary +); + + +/** + * @param {!proto.identity.auth.PrimaryDeviceLogoutRequest} request The + * request proto + * @param {?Object} metadata User defined + * call metadata + * @param {function(?grpc.web.RpcError, ?proto.identity.unauth.Empty)} + * callback The callback function(error, response) + * @return {!grpc.web.ClientReadableStream|undefined} + * The XHR Node Readable Stream + */ +proto.identity.auth.IdentityClientServiceClient.prototype.logOutPrimaryDevice = + function(request, metadata, callback) { + return this.client_.rpcCall(this.hostname_ + + '/identity.auth.IdentityClientService/LogOutPrimaryDevice', + request, + metadata || {}, + methodDescriptor_IdentityClientService_LogOutPrimaryDevice, + callback); +}; + + +/** + * @param {!proto.identity.auth.PrimaryDeviceLogoutRequest} request The + * request proto + * @param {?Object=} metadata User defined + * call metadata + * @return {!Promise} + * Promise that resolves to the response + */ +proto.identity.auth.IdentityClientServicePromiseClient.prototype.logOutPrimaryDevice = + function(request, metadata) { + return this.client_.unaryCall(this.hostname_ + + '/identity.auth.IdentityClientService/LogOutPrimaryDevice', + request, + metadata || {}, + methodDescriptor_IdentityClientService_LogOutPrimaryDevice); +}; + + /** * @const * @type {!grpc.web.MethodDescriptor< diff --git a/web/protobufs/identity-auth-client.cjs.flow b/web/protobufs/identity-auth-client.cjs.flow --- a/web/protobufs/identity-auth-client.cjs.flow +++ b/web/protobufs/identity-auth-client.cjs.flow @@ -74,6 +74,13 @@ response: identityStructs.Empty) => void ): grpcWeb.ClientReadableStream; + logOutPrimaryDevice( + request: identityAuthStructs.PrimaryDeviceLogoutRequest, + metadata: grpcWeb.Metadata | void, + callback: (err: grpcWeb.RpcError, + response: identityStructs.Empty) => void + ): grpcWeb.ClientReadableStream; + deletePasswordUserStart( request: identityAuthStructs.DeletePasswordUserStartRequest, metadata: grpcWeb.Metadata | void, @@ -195,6 +202,11 @@ metadata?: grpcWeb.Metadata ): Promise; + logOutPrimaryDevice( + request: identityAuthStructs.PrimaryDeviceLogoutRequest, + metadata?: grpcWeb.Metadata + ): Promise; + deletePasswordUserStart( request: identityAuthStructs.DeletePasswordUserStartRequest, metadata?: grpcWeb.Metadata diff --git a/web/protobufs/identity-auth-structs.cjs b/web/protobufs/identity-auth-structs.cjs --- a/web/protobufs/identity-auth-structs.cjs +++ b/web/protobufs/identity-auth-structs.cjs @@ -42,6 +42,7 @@ goog.exportSymbol('proto.identity.auth.PeersDeviceListsRequest', null, global); goog.exportSymbol('proto.identity.auth.PeersDeviceListsResponse', null, global); goog.exportSymbol('proto.identity.auth.PlatformDetails', null, global); +goog.exportSymbol('proto.identity.auth.PrimaryDeviceLogoutRequest', null, global); goog.exportSymbol('proto.identity.auth.RefreshUserPrekeysRequest', null, global); goog.exportSymbol('proto.identity.auth.UpdateDeviceListRequest', null, global); goog.exportSymbol('proto.identity.auth.UpdateUserPasswordFinishRequest', null, global); @@ -345,6 +346,27 @@ */ proto.identity.auth.UpdateUserPasswordStartResponse.displayName = 'proto.identity.auth.UpdateUserPasswordStartResponse'; } +/** + * Generated by JsPbCodeGenerator. + * @param {Array=} opt_data Optional initial data array, typically from a + * server response, or constructed directly in Javascript. The array is used + * in place and becomes part of the constructed object. It is not cloned. + * If no data is provided, the constructed object will be empty, but still + * valid. + * @extends {jspb.Message} + * @constructor + */ +proto.identity.auth.PrimaryDeviceLogoutRequest = function(opt_data) { + jspb.Message.initialize(this, opt_data, 0, -1, null, null); +}; +goog.inherits(proto.identity.auth.PrimaryDeviceLogoutRequest, jspb.Message); +if (goog.DEBUG && !COMPILED) { + /** + * @public + * @override + */ + proto.identity.auth.PrimaryDeviceLogoutRequest.displayName = 'proto.identity.auth.PrimaryDeviceLogoutRequest'; +} /** * Generated by JsPbCodeGenerator. * @param {Array=} opt_data Optional initial data array, typically from a @@ -3565,6 +3587,136 @@ +if (jspb.Message.GENERATE_TO_OBJECT) { +/** + * Creates an object representation of this proto. + * Field names that are reserved in JavaScript and will be renamed to pb_name. + * Optional fields that are not set will be set to undefined. + * To access a reserved field use, foo.pb_, eg, foo.pb_default. + * For the list of reserved names please see: + * net/proto2/compiler/js/internal/generator.cc#kKeyword. + * @param {boolean=} opt_includeInstance Deprecated. whether to include the + * JSPB instance for transitional soy proto support: + * http://goto/soy-param-migration + * @return {!Object} + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.prototype.toObject = function(opt_includeInstance) { + return proto.identity.auth.PrimaryDeviceLogoutRequest.toObject(opt_includeInstance, this); +}; + + +/** + * Static version of the {@see toObject} method. + * @param {boolean|undefined} includeInstance Deprecated. Whether to include + * the JSPB instance for transitional soy proto support: + * http://goto/soy-param-migration + * @param {!proto.identity.auth.PrimaryDeviceLogoutRequest} msg The msg instance to transform. + * @return {!Object} + * @suppress {unusedLocalVariables} f is only used for nested messages + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.toObject = function(includeInstance, msg) { + var f, obj = { + signedDeviceList: jspb.Message.getFieldWithDefault(msg, 1, "") + }; + + if (includeInstance) { + obj.$jspbMessageInstance = msg; + } + return obj; +}; +} + + +/** + * Deserializes binary data (in protobuf wire format). + * @param {jspb.ByteSource} bytes The bytes to deserialize. + * @return {!proto.identity.auth.PrimaryDeviceLogoutRequest} + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.deserializeBinary = function(bytes) { + var reader = new jspb.BinaryReader(bytes); + var msg = new proto.identity.auth.PrimaryDeviceLogoutRequest; + return proto.identity.auth.PrimaryDeviceLogoutRequest.deserializeBinaryFromReader(msg, reader); +}; + + +/** + * Deserializes binary data (in protobuf wire format) from the + * given reader into the given message object. + * @param {!proto.identity.auth.PrimaryDeviceLogoutRequest} msg The message object to deserialize into. + * @param {!jspb.BinaryReader} reader The BinaryReader to use. + * @return {!proto.identity.auth.PrimaryDeviceLogoutRequest} + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.deserializeBinaryFromReader = function(msg, reader) { + while (reader.nextField()) { + if (reader.isEndGroup()) { + break; + } + var field = reader.getFieldNumber(); + switch (field) { + case 1: + var value = /** @type {string} */ (reader.readString()); + msg.setSignedDeviceList(value); + break; + default: + reader.skipField(); + break; + } + } + return msg; +}; + + +/** + * Serializes the message to binary data (in protobuf wire format). + * @return {!Uint8Array} + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.prototype.serializeBinary = function() { + var writer = new jspb.BinaryWriter(); + proto.identity.auth.PrimaryDeviceLogoutRequest.serializeBinaryToWriter(this, writer); + return writer.getResultBuffer(); +}; + + +/** + * Serializes the given message to binary data (in protobuf wire + * format), writing to the given BinaryWriter. + * @param {!proto.identity.auth.PrimaryDeviceLogoutRequest} message + * @param {!jspb.BinaryWriter} writer + * @suppress {unusedLocalVariables} f is only used for nested messages + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.serializeBinaryToWriter = function(message, writer) { + var f = undefined; + f = message.getSignedDeviceList(); + if (f.length > 0) { + writer.writeString( + 1, + f + ); + } +}; + + +/** + * optional string signed_device_list = 1; + * @return {string} + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.prototype.getSignedDeviceList = function() { + return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 1, "")); +}; + + +/** + * @param {string} value + * @return {!proto.identity.auth.PrimaryDeviceLogoutRequest} returns this + */ +proto.identity.auth.PrimaryDeviceLogoutRequest.prototype.setSignedDeviceList = function(value) { + return jspb.Message.setProto3StringField(this, 1, value); +}; + + + + + if (jspb.Message.GENERATE_TO_OBJECT) { /** * Creates an object representation of this proto. diff --git a/web/protobufs/identity-auth-structs.cjs.flow b/web/protobufs/identity-auth-structs.cjs.flow --- a/web/protobufs/identity-auth-structs.cjs.flow +++ b/web/protobufs/identity-auth-structs.cjs.flow @@ -361,6 +361,22 @@ opaqueLoginResponse: Uint8Array | string, }; +declare export class PrimaryDeviceLogoutRequest extends Message { + getSignedDeviceList(): string; + setSignedDeviceList(value: string): PrimaryDeviceLogoutRequest; + + serializeBinary(): Uint8Array; + toObject(includeInstance?: boolean): PrimaryDeviceLogoutRequestObject; + static toObject(includeInstance: boolean, msg: PrimaryDeviceLogoutRequest): PrimaryDeviceLogoutRequestObject; + static serializeBinaryToWriter(message: PrimaryDeviceLogoutRequest, writer: BinaryWriter): void; + static deserializeBinary(bytes: Uint8Array): PrimaryDeviceLogoutRequest; + static deserializeBinaryFromReader(message: PrimaryDeviceLogoutRequest, reader: BinaryReader): PrimaryDeviceLogoutRequest; +} + +export type PrimaryDeviceLogoutRequestObject = { + signedDeviceList: string, +} + declare export class DeletePasswordUserStartRequest extends Message { getOpaqueLoginRequest(): Uint8Array | string; getOpaqueLoginRequest_asU8(): Uint8Array;