Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3050194
D13759.id45301.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
36 KB
Referenced Files
None
Subscribers
None
D13759.id45301.diff
View Options
diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs
--- a/services/identity/src/grpc_services/authenticated.rs
+++ b/services/identity/src/grpc_services/authenticated.rs
@@ -29,10 +29,13 @@
OutboundKeysForUserRequest, OutboundKeysForUserResponse,
PeersDeviceListsRequest, PeersDeviceListsResponse,
PrimaryDeviceLogoutRequest, PrivilegedDeleteUsersRequest,
- RefreshUserPrekeysRequest, UpdateDeviceListRequest,
- UpdateUserPasswordFinishRequest, UpdateUserPasswordStartRequest,
- UpdateUserPasswordStartResponse, UploadOneTimeKeysRequest,
- UserDevicesPlatformDetails, UserIdentitiesRequest, UserIdentitiesResponse,
+ PrivilegedResetUserPasswordFinishRequest,
+ PrivilegedResetUserPasswordStartRequest,
+ PrivilegedResetUserPasswordStartResponse, RefreshUserPrekeysRequest,
+ UpdateDeviceListRequest, UpdateUserPasswordFinishRequest,
+ UpdateUserPasswordStartRequest, UpdateUserPasswordStartResponse,
+ UploadOneTimeKeysRequest, UserDevicesPlatformDetails, UserIdentitiesRequest,
+ UserIdentitiesResponse,
};
use super::protos::unauth::Empty;
@@ -660,6 +663,25 @@
Ok(Response::new(response))
}
+ #[tracing::instrument(skip_all)]
+ async fn privileged_reset_user_password_start(
+ &self,
+ _request: tonic::Request<PrivilegedResetUserPasswordStartRequest>,
+ ) -> Result<
+ tonic::Response<PrivilegedResetUserPasswordStartResponse>,
+ tonic::Status,
+ > {
+ unimplemented!()
+ }
+
+ #[tracing::instrument(skip_all)]
+ async fn privileged_reset_user_password_finish(
+ &self,
+ _request: tonic::Request<PrivilegedResetUserPasswordFinishRequest>,
+ ) -> Result<tonic::Response<Empty>, tonic::Status> {
+ unimplemented!()
+ }
+
#[tracing::instrument(skip_all)]
async fn get_device_list_for_user(
&self,
diff --git a/shared/protos/identity_auth.proto b/shared/protos/identity_auth.proto
--- a/shared/protos/identity_auth.proto
+++ b/shared/protos/identity_auth.proto
@@ -69,6 +69,13 @@
rpc PrivilegedDeleteUsers(PrivilegedDeleteUsersRequest) returns
(identity.unauth.Empty) {};
+ // Called by Comm staff to reset user passwords. Usage is strictly limited to
+ // accounts that have requested a password reset.
+ rpc PrivilegedResetUserPasswordStart(PrivilegedResetUserPasswordStartRequest)
+ returns (PrivilegedResetUserPasswordStartResponse) {};
+ rpc PrivilegedResetUserPasswordFinish
+ (PrivilegedResetUserPasswordFinishRequest) returns
+ (identity.unauth.Empty) {};
/* Device list actions */
@@ -251,6 +258,28 @@
repeated string user_ids = 1;
}
+// PrivilegedResetUserPassword
+
+message PrivilegedResetUserPasswordStartRequest {
+ // Initiate PAKE registration with new password
+ bytes opaque_registration_request = 1;
+ string username = 2;
+}
+
+message PrivilegedResetUserPasswordStartResponse {
+ // Identifier used to correlate start request with finish request
+ string session_id = 1;
+ // Continue PAKE registration on server with new password
+ bytes opaque_registration_response = 2;
+}
+
+message PrivilegedResetUserPasswordFinishRequest {
+ // Identifier used to correlate start and finish request
+ string session_id = 1;
+ // Complete PAKE registration with new password
+ bytes opaque_registration_upload = 2;
+}
+
// GetDeviceListForUser
message GetDeviceListRequest {
diff --git a/web/protobufs/identity-auth-client.cjs b/web/protobufs/identity-auth-client.cjs
--- a/web/protobufs/identity-auth-client.cjs
+++ b/web/protobufs/identity-auth-client.cjs
@@ -932,6 +932,128 @@
};
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ * !proto.identity.auth.PrivilegedResetUserPasswordStartRequest,
+ * !proto.identity.auth.PrivilegedResetUserPasswordStartResponse>}
+ */
+const methodDescriptor_IdentityClientService_PrivilegedResetUserPasswordStart = new grpc.web.MethodDescriptor(
+ '/identity.auth.IdentityClientService/PrivilegedResetUserPasswordStart',
+ grpc.web.MethodType.UNARY,
+ proto.identity.auth.PrivilegedResetUserPasswordStartRequest,
+ proto.identity.auth.PrivilegedResetUserPasswordStartResponse,
+ /**
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} request
+ * @return {!Uint8Array}
+ */
+ function(request) {
+ return request.serializeBinary();
+ },
+ proto.identity.auth.PrivilegedResetUserPasswordStartResponse.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} request The
+ * request proto
+ * @param {?Object<string, string>} metadata User defined
+ * call metadata
+ * @param {function(?grpc.web.RpcError, ?proto.identity.auth.PrivilegedResetUserPasswordStartResponse)}
+ * callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.identity.auth.PrivilegedResetUserPasswordStartResponse>|undefined}
+ * The XHR Node Readable Stream
+ */
+proto.identity.auth.IdentityClientServiceClient.prototype.privilegedResetUserPasswordStart =
+ function(request, metadata, callback) {
+ return this.client_.rpcCall(this.hostname_ +
+ '/identity.auth.IdentityClientService/PrivilegedResetUserPasswordStart',
+ request,
+ metadata || {},
+ methodDescriptor_IdentityClientService_PrivilegedResetUserPasswordStart,
+ callback);
+};
+
+
+/**
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} request The
+ * request proto
+ * @param {?Object<string, string>=} metadata User defined
+ * call metadata
+ * @return {!Promise<!proto.identity.auth.PrivilegedResetUserPasswordStartResponse>}
+ * Promise that resolves to the response
+ */
+proto.identity.auth.IdentityClientServicePromiseClient.prototype.privilegedResetUserPasswordStart =
+ function(request, metadata) {
+ return this.client_.unaryCall(this.hostname_ +
+ '/identity.auth.IdentityClientService/PrivilegedResetUserPasswordStart',
+ request,
+ metadata || {},
+ methodDescriptor_IdentityClientService_PrivilegedResetUserPasswordStart);
+};
+
+
+/**
+ * @const
+ * @type {!grpc.web.MethodDescriptor<
+ * !proto.identity.auth.PrivilegedResetUserPasswordFinishRequest,
+ * !proto.identity.unauth.Empty>}
+ */
+const methodDescriptor_IdentityClientService_PrivilegedResetUserPasswordFinish = new grpc.web.MethodDescriptor(
+ '/identity.auth.IdentityClientService/PrivilegedResetUserPasswordFinish',
+ grpc.web.MethodType.UNARY,
+ proto.identity.auth.PrivilegedResetUserPasswordFinishRequest,
+ identity_unauth_pb.Empty,
+ /**
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} request
+ * @return {!Uint8Array}
+ */
+ function(request) {
+ return request.serializeBinary();
+ },
+ identity_unauth_pb.Empty.deserializeBinary
+);
+
+
+/**
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} request The
+ * request proto
+ * @param {?Object<string, string>} metadata User defined
+ * call metadata
+ * @param {function(?grpc.web.RpcError, ?proto.identity.unauth.Empty)}
+ * callback The callback function(error, response)
+ * @return {!grpc.web.ClientReadableStream<!proto.identity.unauth.Empty>|undefined}
+ * The XHR Node Readable Stream
+ */
+proto.identity.auth.IdentityClientServiceClient.prototype.privilegedResetUserPasswordFinish =
+ function(request, metadata, callback) {
+ return this.client_.rpcCall(this.hostname_ +
+ '/identity.auth.IdentityClientService/PrivilegedResetUserPasswordFinish',
+ request,
+ metadata || {},
+ methodDescriptor_IdentityClientService_PrivilegedResetUserPasswordFinish,
+ callback);
+};
+
+
+/**
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} request The
+ * request proto
+ * @param {?Object<string, string>=} metadata User defined
+ * call metadata
+ * @return {!Promise<!proto.identity.unauth.Empty>}
+ * Promise that resolves to the response
+ */
+proto.identity.auth.IdentityClientServicePromiseClient.prototype.privilegedResetUserPasswordFinish =
+ function(request, metadata) {
+ return this.client_.unaryCall(this.hostname_ +
+ '/identity.auth.IdentityClientService/PrivilegedResetUserPasswordFinish',
+ request,
+ metadata || {},
+ methodDescriptor_IdentityClientService_PrivilegedResetUserPasswordFinish);
+};
+
+
/**
* @const
* @type {!grpc.web.MethodDescriptor<
diff --git a/web/protobufs/identity-auth-client.cjs.flow b/web/protobufs/identity-auth-client.cjs.flow
--- a/web/protobufs/identity-auth-client.cjs.flow
+++ b/web/protobufs/identity-auth-client.cjs.flow
@@ -109,6 +109,20 @@
response: identityStructs.Empty) => void
): grpcWeb.ClientReadableStream<identityStructs.Empty>;
+ privilegedResetUserPasswordStart(
+ request: identityAuthStructs.PrivilegedResetUserPasswordStartRequest,
+ metadata: grpcWeb.Metadata | void,
+ callback: (err: grpcWeb.RpcError,
+ response: identityAuthStructs.PrivilegedResetUserPasswordStartResponse) => void
+ ): grpcWeb.ClientReadableStream<identityAuthStructs.PrivilegedResetUserPasswordStartResponse>;
+
+ privilegedResetUserPasswordFinish(
+ request: identityAuthStructs.PrivilegedResetUserPasswordFinishRequest,
+ metadata: grpcWeb.Metadata | void,
+ callback: (err: grpcWeb.RpcError,
+ response: identityStructs.Empty) => void
+ ): grpcWeb.ClientReadableStream<identityStructs.Empty>;
+
getDeviceListForUser(
request: identityAuthStructs.GetDeviceListRequest,
metadata: grpcWeb.Metadata | void,
@@ -234,6 +248,16 @@
metadata?: grpcWeb.Metadata
): Promise<identityStructs.Empty>;
+ privilegedResetUserPasswordStart(
+ request: identityAuthStructs.PrivilegedResetUserPasswordStartRequest,
+ metadata?: grpcWeb.Metadata
+ ): Promise<identityAuthStructs.PrivilegedResetUserPasswordStartResponse>;
+
+ privilegedResetUserPasswordFinish(
+ request: identityAuthStructs.PrivilegedResetUserPasswordFinishRequest,
+ metadata?: grpcWeb.Metadata
+ ): Promise<identityStructs.Empty>;
+
getDeviceListForUser(
request: identityAuthStructs.GetDeviceListRequest,
metadata?: grpcWeb.Metadata
diff --git a/web/protobufs/identity-auth-structs.cjs b/web/protobufs/identity-auth-structs.cjs
--- a/web/protobufs/identity-auth-structs.cjs
+++ b/web/protobufs/identity-auth-structs.cjs
@@ -44,6 +44,9 @@
goog.exportSymbol('proto.identity.auth.PlatformDetails', null, global);
goog.exportSymbol('proto.identity.auth.PrimaryDeviceLogoutRequest', null, global);
goog.exportSymbol('proto.identity.auth.PrivilegedDeleteUsersRequest', null, global);
+goog.exportSymbol('proto.identity.auth.PrivilegedResetUserPasswordFinishRequest', null, global);
+goog.exportSymbol('proto.identity.auth.PrivilegedResetUserPasswordStartRequest', null, global);
+goog.exportSymbol('proto.identity.auth.PrivilegedResetUserPasswordStartResponse', null, global);
goog.exportSymbol('proto.identity.auth.RefreshUserPrekeysRequest', null, global);
goog.exportSymbol('proto.identity.auth.UpdateDeviceListRequest', null, global);
goog.exportSymbol('proto.identity.auth.UpdateUserPasswordFinishRequest', null, global);
@@ -452,6 +455,69 @@
*/
proto.identity.auth.PrivilegedDeleteUsersRequest.displayName = 'proto.identity.auth.PrivilegedDeleteUsersRequest';
}
+/**
+ * Generated by JsPbCodeGenerator.
+ * @param {Array=} opt_data Optional initial data array, typically from a
+ * server response, or constructed directly in Javascript. The array is used
+ * in place and becomes part of the constructed object. It is not cloned.
+ * If no data is provided, the constructed object will be empty, but still
+ * valid.
+ * @extends {jspb.Message}
+ * @constructor
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest = function(opt_data) {
+ jspb.Message.initialize(this, opt_data, 0, -1, null, null);
+};
+goog.inherits(proto.identity.auth.PrivilegedResetUserPasswordStartRequest, jspb.Message);
+if (goog.DEBUG && !COMPILED) {
+ /**
+ * @public
+ * @override
+ */
+ proto.identity.auth.PrivilegedResetUserPasswordStartRequest.displayName = 'proto.identity.auth.PrivilegedResetUserPasswordStartRequest';
+}
+/**
+ * Generated by JsPbCodeGenerator.
+ * @param {Array=} opt_data Optional initial data array, typically from a
+ * server response, or constructed directly in Javascript. The array is used
+ * in place and becomes part of the constructed object. It is not cloned.
+ * If no data is provided, the constructed object will be empty, but still
+ * valid.
+ * @extends {jspb.Message}
+ * @constructor
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse = function(opt_data) {
+ jspb.Message.initialize(this, opt_data, 0, -1, null, null);
+};
+goog.inherits(proto.identity.auth.PrivilegedResetUserPasswordStartResponse, jspb.Message);
+if (goog.DEBUG && !COMPILED) {
+ /**
+ * @public
+ * @override
+ */
+ proto.identity.auth.PrivilegedResetUserPasswordStartResponse.displayName = 'proto.identity.auth.PrivilegedResetUserPasswordStartResponse';
+}
+/**
+ * Generated by JsPbCodeGenerator.
+ * @param {Array=} opt_data Optional initial data array, typically from a
+ * server response, or constructed directly in Javascript. The array is used
+ * in place and becomes part of the constructed object. It is not cloned.
+ * If no data is provided, the constructed object will be empty, but still
+ * valid.
+ * @extends {jspb.Message}
+ * @constructor
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest = function(opt_data) {
+ jspb.Message.initialize(this, opt_data, 0, -1, null, null);
+};
+goog.inherits(proto.identity.auth.PrivilegedResetUserPasswordFinishRequest, jspb.Message);
+if (goog.DEBUG && !COMPILED) {
+ /**
+ * @public
+ * @override
+ */
+ proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.displayName = 'proto.identity.auth.PrivilegedResetUserPasswordFinishRequest';
+}
/**
* Generated by JsPbCodeGenerator.
* @param {Array=} opt_data Optional initial data array, typically from a
@@ -4417,6 +4483,558 @@
+if (jspb.Message.GENERATE_TO_OBJECT) {
+/**
+ * Creates an object representation of this proto.
+ * Field names that are reserved in JavaScript and will be renamed to pb_name.
+ * Optional fields that are not set will be set to undefined.
+ * To access a reserved field use, foo.pb_<name>, eg, foo.pb_default.
+ * For the list of reserved names please see:
+ * net/proto2/compiler/js/internal/generator.cc#kKeyword.
+ * @param {boolean=} opt_includeInstance Deprecated. whether to include the
+ * JSPB instance for transitional soy proto support:
+ * http://goto/soy-param-migration
+ * @return {!Object}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.toObject = function(opt_includeInstance) {
+ return proto.identity.auth.PrivilegedResetUserPasswordStartRequest.toObject(opt_includeInstance, this);
+};
+
+
+/**
+ * Static version of the {@see toObject} method.
+ * @param {boolean|undefined} includeInstance Deprecated. Whether to include
+ * the JSPB instance for transitional soy proto support:
+ * http://goto/soy-param-migration
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} msg The msg instance to transform.
+ * @return {!Object}
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.toObject = function(includeInstance, msg) {
+ var f, obj = {
+ opaqueRegistrationRequest: msg.getOpaqueRegistrationRequest_asB64(),
+ username: jspb.Message.getFieldWithDefault(msg, 2, "")
+ };
+
+ if (includeInstance) {
+ obj.$jspbMessageInstance = msg;
+ }
+ return obj;
+};
+}
+
+
+/**
+ * Deserializes binary data (in protobuf wire format).
+ * @param {jspb.ByteSource} bytes The bytes to deserialize.
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.deserializeBinary = function(bytes) {
+ var reader = new jspb.BinaryReader(bytes);
+ var msg = new proto.identity.auth.PrivilegedResetUserPasswordStartRequest;
+ return proto.identity.auth.PrivilegedResetUserPasswordStartRequest.deserializeBinaryFromReader(msg, reader);
+};
+
+
+/**
+ * Deserializes binary data (in protobuf wire format) from the
+ * given reader into the given message object.
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} msg The message object to deserialize into.
+ * @param {!jspb.BinaryReader} reader The BinaryReader to use.
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.deserializeBinaryFromReader = function(msg, reader) {
+ while (reader.nextField()) {
+ if (reader.isEndGroup()) {
+ break;
+ }
+ var field = reader.getFieldNumber();
+ switch (field) {
+ case 1:
+ var value = /** @type {!Uint8Array} */ (reader.readBytes());
+ msg.setOpaqueRegistrationRequest(value);
+ break;
+ case 2:
+ var value = /** @type {string} */ (reader.readString());
+ msg.setUsername(value);
+ break;
+ default:
+ reader.skipField();
+ break;
+ }
+ }
+ return msg;
+};
+
+
+/**
+ * Serializes the message to binary data (in protobuf wire format).
+ * @return {!Uint8Array}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.serializeBinary = function() {
+ var writer = new jspb.BinaryWriter();
+ proto.identity.auth.PrivilegedResetUserPasswordStartRequest.serializeBinaryToWriter(this, writer);
+ return writer.getResultBuffer();
+};
+
+
+/**
+ * Serializes the given message to binary data (in protobuf wire
+ * format), writing to the given BinaryWriter.
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} message
+ * @param {!jspb.BinaryWriter} writer
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.serializeBinaryToWriter = function(message, writer) {
+ var f = undefined;
+ f = message.getOpaqueRegistrationRequest_asU8();
+ if (f.length > 0) {
+ writer.writeBytes(
+ 1,
+ f
+ );
+ }
+ f = message.getUsername();
+ if (f.length > 0) {
+ writer.writeString(
+ 2,
+ f
+ );
+ }
+};
+
+
+/**
+ * optional bytes opaque_registration_request = 1;
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.getOpaqueRegistrationRequest = function() {
+ return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 1, ""));
+};
+
+
+/**
+ * optional bytes opaque_registration_request = 1;
+ * This is a type-conversion wrapper around `getOpaqueRegistrationRequest()`
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.getOpaqueRegistrationRequest_asB64 = function() {
+ return /** @type {string} */ (jspb.Message.bytesAsB64(
+ this.getOpaqueRegistrationRequest()));
+};
+
+
+/**
+ * optional bytes opaque_registration_request = 1;
+ * Note that Uint8Array is not supported on all browsers.
+ * @see http://caniuse.com/Uint8Array
+ * This is a type-conversion wrapper around `getOpaqueRegistrationRequest()`
+ * @return {!Uint8Array}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.getOpaqueRegistrationRequest_asU8 = function() {
+ return /** @type {!Uint8Array} */ (jspb.Message.bytesAsU8(
+ this.getOpaqueRegistrationRequest()));
+};
+
+
+/**
+ * @param {!(string|Uint8Array)} value
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} returns this
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.setOpaqueRegistrationRequest = function(value) {
+ return jspb.Message.setProto3BytesField(this, 1, value);
+};
+
+
+/**
+ * optional string username = 2;
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.getUsername = function() {
+ return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 2, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartRequest} returns this
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartRequest.prototype.setUsername = function(value) {
+ return jspb.Message.setProto3StringField(this, 2, value);
+};
+
+
+
+
+
+if (jspb.Message.GENERATE_TO_OBJECT) {
+/**
+ * Creates an object representation of this proto.
+ * Field names that are reserved in JavaScript and will be renamed to pb_name.
+ * Optional fields that are not set will be set to undefined.
+ * To access a reserved field use, foo.pb_<name>, eg, foo.pb_default.
+ * For the list of reserved names please see:
+ * net/proto2/compiler/js/internal/generator.cc#kKeyword.
+ * @param {boolean=} opt_includeInstance Deprecated. whether to include the
+ * JSPB instance for transitional soy proto support:
+ * http://goto/soy-param-migration
+ * @return {!Object}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.toObject = function(opt_includeInstance) {
+ return proto.identity.auth.PrivilegedResetUserPasswordStartResponse.toObject(opt_includeInstance, this);
+};
+
+
+/**
+ * Static version of the {@see toObject} method.
+ * @param {boolean|undefined} includeInstance Deprecated. Whether to include
+ * the JSPB instance for transitional soy proto support:
+ * http://goto/soy-param-migration
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse} msg The msg instance to transform.
+ * @return {!Object}
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.toObject = function(includeInstance, msg) {
+ var f, obj = {
+ sessionId: jspb.Message.getFieldWithDefault(msg, 1, ""),
+ opaqueRegistrationResponse: msg.getOpaqueRegistrationResponse_asB64()
+ };
+
+ if (includeInstance) {
+ obj.$jspbMessageInstance = msg;
+ }
+ return obj;
+};
+}
+
+
+/**
+ * Deserializes binary data (in protobuf wire format).
+ * @param {jspb.ByteSource} bytes The bytes to deserialize.
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.deserializeBinary = function(bytes) {
+ var reader = new jspb.BinaryReader(bytes);
+ var msg = new proto.identity.auth.PrivilegedResetUserPasswordStartResponse;
+ return proto.identity.auth.PrivilegedResetUserPasswordStartResponse.deserializeBinaryFromReader(msg, reader);
+};
+
+
+/**
+ * Deserializes binary data (in protobuf wire format) from the
+ * given reader into the given message object.
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse} msg The message object to deserialize into.
+ * @param {!jspb.BinaryReader} reader The BinaryReader to use.
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.deserializeBinaryFromReader = function(msg, reader) {
+ while (reader.nextField()) {
+ if (reader.isEndGroup()) {
+ break;
+ }
+ var field = reader.getFieldNumber();
+ switch (field) {
+ case 1:
+ var value = /** @type {string} */ (reader.readString());
+ msg.setSessionId(value);
+ break;
+ case 2:
+ var value = /** @type {!Uint8Array} */ (reader.readBytes());
+ msg.setOpaqueRegistrationResponse(value);
+ break;
+ default:
+ reader.skipField();
+ break;
+ }
+ }
+ return msg;
+};
+
+
+/**
+ * Serializes the message to binary data (in protobuf wire format).
+ * @return {!Uint8Array}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.serializeBinary = function() {
+ var writer = new jspb.BinaryWriter();
+ proto.identity.auth.PrivilegedResetUserPasswordStartResponse.serializeBinaryToWriter(this, writer);
+ return writer.getResultBuffer();
+};
+
+
+/**
+ * Serializes the given message to binary data (in protobuf wire
+ * format), writing to the given BinaryWriter.
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse} message
+ * @param {!jspb.BinaryWriter} writer
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.serializeBinaryToWriter = function(message, writer) {
+ var f = undefined;
+ f = message.getSessionId();
+ if (f.length > 0) {
+ writer.writeString(
+ 1,
+ f
+ );
+ }
+ f = message.getOpaqueRegistrationResponse_asU8();
+ if (f.length > 0) {
+ writer.writeBytes(
+ 2,
+ f
+ );
+ }
+};
+
+
+/**
+ * optional string session_id = 1;
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.getSessionId = function() {
+ return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 1, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse} returns this
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.setSessionId = function(value) {
+ return jspb.Message.setProto3StringField(this, 1, value);
+};
+
+
+/**
+ * optional bytes opaque_registration_response = 2;
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.getOpaqueRegistrationResponse = function() {
+ return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 2, ""));
+};
+
+
+/**
+ * optional bytes opaque_registration_response = 2;
+ * This is a type-conversion wrapper around `getOpaqueRegistrationResponse()`
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.getOpaqueRegistrationResponse_asB64 = function() {
+ return /** @type {string} */ (jspb.Message.bytesAsB64(
+ this.getOpaqueRegistrationResponse()));
+};
+
+
+/**
+ * optional bytes opaque_registration_response = 2;
+ * Note that Uint8Array is not supported on all browsers.
+ * @see http://caniuse.com/Uint8Array
+ * This is a type-conversion wrapper around `getOpaqueRegistrationResponse()`
+ * @return {!Uint8Array}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.getOpaqueRegistrationResponse_asU8 = function() {
+ return /** @type {!Uint8Array} */ (jspb.Message.bytesAsU8(
+ this.getOpaqueRegistrationResponse()));
+};
+
+
+/**
+ * @param {!(string|Uint8Array)} value
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordStartResponse} returns this
+ */
+proto.identity.auth.PrivilegedResetUserPasswordStartResponse.prototype.setOpaqueRegistrationResponse = function(value) {
+ return jspb.Message.setProto3BytesField(this, 2, value);
+};
+
+
+
+
+
+if (jspb.Message.GENERATE_TO_OBJECT) {
+/**
+ * Creates an object representation of this proto.
+ * Field names that are reserved in JavaScript and will be renamed to pb_name.
+ * Optional fields that are not set will be set to undefined.
+ * To access a reserved field use, foo.pb_<name>, eg, foo.pb_default.
+ * For the list of reserved names please see:
+ * net/proto2/compiler/js/internal/generator.cc#kKeyword.
+ * @param {boolean=} opt_includeInstance Deprecated. whether to include the
+ * JSPB instance for transitional soy proto support:
+ * http://goto/soy-param-migration
+ * @return {!Object}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.toObject = function(opt_includeInstance) {
+ return proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.toObject(opt_includeInstance, this);
+};
+
+
+/**
+ * Static version of the {@see toObject} method.
+ * @param {boolean|undefined} includeInstance Deprecated. Whether to include
+ * the JSPB instance for transitional soy proto support:
+ * http://goto/soy-param-migration
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} msg The msg instance to transform.
+ * @return {!Object}
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.toObject = function(includeInstance, msg) {
+ var f, obj = {
+ sessionId: jspb.Message.getFieldWithDefault(msg, 1, ""),
+ opaqueRegistrationUpload: msg.getOpaqueRegistrationUpload_asB64()
+ };
+
+ if (includeInstance) {
+ obj.$jspbMessageInstance = msg;
+ }
+ return obj;
+};
+}
+
+
+/**
+ * Deserializes binary data (in protobuf wire format).
+ * @param {jspb.ByteSource} bytes The bytes to deserialize.
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.deserializeBinary = function(bytes) {
+ var reader = new jspb.BinaryReader(bytes);
+ var msg = new proto.identity.auth.PrivilegedResetUserPasswordFinishRequest;
+ return proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.deserializeBinaryFromReader(msg, reader);
+};
+
+
+/**
+ * Deserializes binary data (in protobuf wire format) from the
+ * given reader into the given message object.
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} msg The message object to deserialize into.
+ * @param {!jspb.BinaryReader} reader The BinaryReader to use.
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.deserializeBinaryFromReader = function(msg, reader) {
+ while (reader.nextField()) {
+ if (reader.isEndGroup()) {
+ break;
+ }
+ var field = reader.getFieldNumber();
+ switch (field) {
+ case 1:
+ var value = /** @type {string} */ (reader.readString());
+ msg.setSessionId(value);
+ break;
+ case 2:
+ var value = /** @type {!Uint8Array} */ (reader.readBytes());
+ msg.setOpaqueRegistrationUpload(value);
+ break;
+ default:
+ reader.skipField();
+ break;
+ }
+ }
+ return msg;
+};
+
+
+/**
+ * Serializes the message to binary data (in protobuf wire format).
+ * @return {!Uint8Array}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.serializeBinary = function() {
+ var writer = new jspb.BinaryWriter();
+ proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.serializeBinaryToWriter(this, writer);
+ return writer.getResultBuffer();
+};
+
+
+/**
+ * Serializes the given message to binary data (in protobuf wire
+ * format), writing to the given BinaryWriter.
+ * @param {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} message
+ * @param {!jspb.BinaryWriter} writer
+ * @suppress {unusedLocalVariables} f is only used for nested messages
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.serializeBinaryToWriter = function(message, writer) {
+ var f = undefined;
+ f = message.getSessionId();
+ if (f.length > 0) {
+ writer.writeString(
+ 1,
+ f
+ );
+ }
+ f = message.getOpaqueRegistrationUpload_asU8();
+ if (f.length > 0) {
+ writer.writeBytes(
+ 2,
+ f
+ );
+ }
+};
+
+
+/**
+ * optional string session_id = 1;
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.getSessionId = function() {
+ return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 1, ""));
+};
+
+
+/**
+ * @param {string} value
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} returns this
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.setSessionId = function(value) {
+ return jspb.Message.setProto3StringField(this, 1, value);
+};
+
+
+/**
+ * optional bytes opaque_registration_upload = 2;
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.getOpaqueRegistrationUpload = function() {
+ return /** @type {string} */ (jspb.Message.getFieldWithDefault(this, 2, ""));
+};
+
+
+/**
+ * optional bytes opaque_registration_upload = 2;
+ * This is a type-conversion wrapper around `getOpaqueRegistrationUpload()`
+ * @return {string}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.getOpaqueRegistrationUpload_asB64 = function() {
+ return /** @type {string} */ (jspb.Message.bytesAsB64(
+ this.getOpaqueRegistrationUpload()));
+};
+
+
+/**
+ * optional bytes opaque_registration_upload = 2;
+ * Note that Uint8Array is not supported on all browsers.
+ * @see http://caniuse.com/Uint8Array
+ * This is a type-conversion wrapper around `getOpaqueRegistrationUpload()`
+ * @return {!Uint8Array}
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.getOpaqueRegistrationUpload_asU8 = function() {
+ return /** @type {!Uint8Array} */ (jspb.Message.bytesAsU8(
+ this.getOpaqueRegistrationUpload()));
+};
+
+
+/**
+ * @param {!(string|Uint8Array)} value
+ * @return {!proto.identity.auth.PrivilegedResetUserPasswordFinishRequest} returns this
+ */
+proto.identity.auth.PrivilegedResetUserPasswordFinishRequest.prototype.setOpaqueRegistrationUpload = function(value) {
+ return jspb.Message.setProto3BytesField(this, 2, value);
+};
+
+
+
+
+
if (jspb.Message.GENERATE_TO_OBJECT) {
/**
* Creates an object representation of this proto.
diff --git a/web/protobufs/identity-auth-structs.cjs.flow b/web/protobufs/identity-auth-structs.cjs.flow
--- a/web/protobufs/identity-auth-structs.cjs.flow
+++ b/web/protobufs/identity-auth-structs.cjs.flow
@@ -457,6 +457,72 @@
userIdsList: Array<string>,
}
+declare export class PrivilegedResetUserPasswordStartRequest extends Message {
+ getOpaqueRegistrationRequest(): Uint8Array | string;
+ getOpaqueRegistrationRequest_asU8(): Uint8Array;
+ getOpaqueRegistrationRequest_asB64(): string;
+ setOpaqueRegistrationRequest(value: Uint8Array | string): PrivilegedResetUserPasswordStartRequest;
+
+ getUsername(): string;
+ setUsername(value: string): PrivilegedResetUserPasswordStartRequest;
+
+ serializeBinary(): Uint8Array;
+ toObject(includeInstance?: boolean): PrivilegedResetUserPasswordStartRequestObject;
+ static toObject(includeInstance: boolean, msg: PrivilegedResetUserPasswordStartRequest): PrivilegedResetUserPasswordStartRequestObject;
+ static serializeBinaryToWriter(message: PrivilegedResetUserPasswordStartRequest, writer: BinaryWriter): void;
+ static deserializeBinary(bytes: Uint8Array): PrivilegedResetUserPasswordStartRequest;
+ static deserializeBinaryFromReader(message: PrivilegedResetUserPasswordStartRequest, reader: BinaryReader): PrivilegedResetUserPasswordStartRequest;
+}
+
+export type PrivilegedResetUserPasswordStartRequestObject = {
+ opaqueRegistrationRequest: Uint8Array | string,
+ username: string,
+}
+
+declare export class PrivilegedResetUserPasswordStartResponse extends Message {
+ getSessionId(): string;
+ setSessionId(value: string): PrivilegedResetUserPasswordStartResponse;
+
+ getOpaqueRegistrationResponse(): Uint8Array | string;
+ getOpaqueRegistrationResponse_asU8(): Uint8Array;
+ getOpaqueRegistrationResponse_asB64(): string;
+ setOpaqueRegistrationResponse(value: Uint8Array | string): PrivilegedResetUserPasswordStartResponse;
+
+ serializeBinary(): Uint8Array;
+ toObject(includeInstance?: boolean): PrivilegedResetUserPasswordStartResponseObject;
+ static toObject(includeInstance: boolean, msg: PrivilegedResetUserPasswordStartResponse): PrivilegedResetUserPasswordStartResponseObject;
+ static serializeBinaryToWriter(message: PrivilegedResetUserPasswordStartResponse, writer: BinaryWriter): void;
+ static deserializeBinary(bytes: Uint8Array): PrivilegedResetUserPasswordStartResponse;
+ static deserializeBinaryFromReader(message: PrivilegedResetUserPasswordStartResponse, reader: BinaryReader): PrivilegedResetUserPasswordStartResponse;
+}
+
+export type PrivilegedResetUserPasswordStartResponseObject = {
+ sessionId: string,
+ opaqueRegistrationResponse: Uint8Array | string,
+}
+
+declare export class PrivilegedResetUserPasswordFinishRequest extends Message {
+ getSessionId(): string;
+ setSessionId(value: string): PrivilegedResetUserPasswordFinishRequest;
+
+ getOpaqueRegistrationUpload(): Uint8Array | string;
+ getOpaqueRegistrationUpload_asU8(): Uint8Array;
+ getOpaqueRegistrationUpload_asB64(): string;
+ setOpaqueRegistrationUpload(value: Uint8Array | string): PrivilegedResetUserPasswordFinishRequest;
+
+ serializeBinary(): Uint8Array;
+ toObject(includeInstance?: boolean): PrivilegedResetUserPasswordFinishRequestObject;
+ static toObject(includeInstance: boolean, msg: PrivilegedResetUserPasswordFinishRequest): PrivilegedResetUserPasswordFinishRequestObject;
+ static serializeBinaryToWriter(message: PrivilegedResetUserPasswordFinishRequest, writer: BinaryWriter): void;
+ static deserializeBinary(bytes: Uint8Array): PrivilegedResetUserPasswordFinishRequest;
+ static deserializeBinaryFromReader(message: PrivilegedResetUserPasswordFinishRequest, reader: BinaryReader): PrivilegedResetUserPasswordFinishRequest;
+}
+
+export type PrivilegedResetUserPasswordFinishRequestObject = {
+ sessionId: string,
+ opaqueRegistrationUpload: Uint8Array | string,
+}
+
export type SinceTimestampCase = 0 | 2;
declare export class GetDeviceListRequest extends Message {
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Oct 24, 7:22 AM (22 h, 2 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2344380
Default Alt Text
D13759.id45301.diff (36 KB)
Attached To
Mode
D13759: [proto] introduce new privileged rpcs for resetting user passwords
Attached
Detach File
Event Timeline
Log In to Comment