From 6b7e4a6f65b556b620a2d092b965074dc28df8f2 Mon Sep 17 00:00:00 2001 From: Bjorn Tipling Date: Tue, 6 May 2025 13:55:49 -0700 Subject: [PATCH 1/5] [BB-610] Add account provisioning capability for SQL Server users MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit adds the ability to create SQL Server logins from Windows AD accounts: - Add CreateWindowsLogin method to create SQL Server logins from Windows authentication - Implement AccountManager interface in userPrincipalSyncer - Update baton_capabilities.json to include CREATE_ACCOUNT capability - Add account creation schema with domain and username fields - Update SDK dependencies 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .gitignore | 2 + baton_capabilities.json | 6 +- go.mod | 2 +- go.sum | 2 + pkg/connector/connector.go | 24 + pkg/connector/server_user.go | 129 ++++++ pkg/mssqldb/users.go | 32 ++ .../baton-sdk/internal/connector/connector.go | 3 + .../pb/c1/connector/v2/connector.pb.go | 85 ++-- .../pb/c1/connector/v2/resource.pb.go | 430 ++++++++++++------ .../c1/connector/v2/resource.pb.validate.go | 367 +++++++++++++++ .../pb/c1/connector/v2/resource_grpc.pb.go | 100 ++++ .../pkg/connectorbuilder/connectorbuilder.go | 101 +++- .../conductorone/baton-sdk/pkg/sdk/version.go | 2 +- .../baton-sdk/pkg/types/tasks/tasks.go | 3 + .../conductorone/baton-sdk/pkg/types/types.go | 2 + vendor/modules.txt | 2 +- 17 files changed, 1085 insertions(+), 207 deletions(-) diff --git a/.gitignore b/.gitignore index b2118062..7eeffe3f 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,5 @@ # Dependency directories (remove the comment below to include it) # vendor/ dist/ + +**/.claude/settings.local.json diff --git a/baton_capabilities.json b/baton_capabilities.json index 05e11033..7a50ab04 100644 --- a/baton_capabilities.json +++ b/baton_capabilities.json @@ -67,13 +67,15 @@ ] }, "capabilities": [ - "CAPABILITY_SYNC" + "CAPABILITY_SYNC", + "CAPABILITY_CREATE_ACCOUNT" ] } ], "connectorCapabilities": [ "CAPABILITY_PROVISION", - "CAPABILITY_SYNC" + "CAPABILITY_SYNC", + "CAPABILITY_CREATE_ACCOUNT" ], "credentialDetails": {} } \ No newline at end of file diff --git a/go.mod b/go.mod index 27de4397..229afbc6 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/conductorone/baton-sql-server go 1.24.1 require ( - github.com/conductorone/baton-sdk v0.2.98 + github.com/conductorone/baton-sdk v0.2.99 github.com/ennyjfrick/ruleguard-logfatal v0.0.2 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 github.com/jmoiron/sqlx v1.3.5 diff --git a/go.sum b/go.sum index 903c45f2..88423035 100644 --- a/go.sum +++ b/go.sum @@ -64,6 +64,8 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/conductorone/baton-sdk v0.2.98 h1:4kyfOPpujnZ3ZaNfxTY/LfFd41nHXBeek6APyyjSr4M= github.com/conductorone/baton-sdk v0.2.98/go.mod h1:nUgHSAf9P0lfamti5NlOSpeh1t99UNzMjIwf0I7n4/g= +github.com/conductorone/baton-sdk v0.2.99 h1:klXBM3Qn8XmieDuV/ZVGa2k2ZlsrfK2gh5ygIsqrYsw= +github.com/conductorone/baton-sdk v0.2.99/go.mod h1:nUgHSAf9P0lfamti5NlOSpeh1t99UNzMjIwf0I7n4/g= github.com/conductorone/dpop v0.2.3 h1:s91U3845GHQ6P6FWrdNr2SEOy1ES/jcFs1JtKSl2S+o= github.com/conductorone/dpop v0.2.3/go.mod h1:gyo8TtzB9SCFCsjsICH4IaLZ7y64CcrDXMOPBwfq/3s= github.com/conductorone/dpop/integrations/dpop_grpc v0.2.3 h1:kLMCNIh0Mo2vbvvkCmJ3ixsPbXEJ6HPcW53Ku9yje3s= diff --git a/pkg/connector/connector.go b/pkg/connector/connector.go index b3bd112b..978cf9f4 100644 --- a/pkg/connector/connector.go +++ b/pkg/connector/connector.go @@ -35,6 +35,30 @@ func (o *Mssqldb) Metadata(ctx context.Context) (*v2.ConnectorMetadata, error) { DisplayName: fmt.Sprintf("Microsoft SQL Server (%s)", serverInfo.Name), Annotations: annos, Description: "Baton connector for Microsoft SQL Server connector", + AccountCreationSchema: &v2.ConnectorAccountCreationSchema{ + FieldMap: map[string]*v2.ConnectorAccountCreationSchema_Field{ + "domain": { + DisplayName: "Active Directory Domain", + Required: false, + Description: "The Active Directory domain for the user (optional). If provided, the login will be created as [DOMAIN\\Username].", + Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ + StringField: &v2.ConnectorAccountCreationSchema_StringField{}, + }, + Placeholder: "DOMAIN", + Order: 1, + }, + "username": { + DisplayName: "Username", + Required: true, + Description: "The Active Directory username for which to create a SQL Server login.", + Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ + StringField: &v2.ConnectorAccountCreationSchema_StringField{}, + }, + Placeholder: "username", + Order: 2, + }, + }, + }, }, nil } diff --git a/pkg/connector/server_user.go b/pkg/connector/server_user.go index 84bb3a2d..5676d149 100644 --- a/pkg/connector/server_user.go +++ b/pkg/connector/server_user.go @@ -2,17 +2,22 @@ package connector import ( "context" + "fmt" "net/mail" v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" "github.com/conductorone/baton-sdk/pkg/annotations" _ "github.com/conductorone/baton-sdk/pkg/annotations" + "github.com/conductorone/baton-sdk/pkg/connectorbuilder" "github.com/conductorone/baton-sdk/pkg/pagination" enTypes "github.com/conductorone/baton-sdk/pkg/types/entitlement" "github.com/conductorone/baton-sdk/pkg/types/resource" "github.com/conductorone/baton-sql-server/pkg/mssqldb" + "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap" + "go.uber.org/zap" ) +// userPrincipalSyncer implements both ResourceSyncer and AccountManager. type userPrincipalSyncer struct { resourceType *v2.ResourceType client *mssqldb.Client @@ -82,6 +87,130 @@ func (d *userPrincipalSyncer) Grants(ctx context.Context, resource *v2.Resource, return nil, "", nil, nil } +// CreateAccount creates a SQL Server login and database user for an Active Directory user. +// It implements the AccountManager interface. +func (d *userPrincipalSyncer) CreateAccount( + ctx context.Context, + accountInfo *v2.AccountInfo, + credentialOptions *v2.CredentialOptions, +) (connectorbuilder.CreateAccountResponse, []*v2.PlaintextData, annotations.Annotations, error) { + l := ctxzap.Extract(ctx) + + // Extract required username field from profile + usernameVal := accountInfo.Profile.GetFields()["username"] + if usernameVal == nil || usernameVal.GetStringValue() == "" { + return nil, nil, nil, fmt.Errorf("missing required username field") + } + username := usernameVal.GetStringValue() + + // Extract optional domain field from profile + var domain string + domainVal := accountInfo.Profile.GetFields()["domain"] + if domainVal != nil && domainVal.GetStringValue() != "" { + domain = domainVal.GetStringValue() + } + + // Create the Windows login + err := d.client.CreateWindowsLogin(ctx, domain, username) + if err != nil { + l.Error("Failed to create Windows login", zap.Error(err)) + return nil, nil, nil, fmt.Errorf("failed to create Windows login: %w", err) + } + + // Determine the formatted username for the database user + var formattedUsername string + if domain != "" { + formattedUsername = fmt.Sprintf("%s\\%s", domain, username) + } else { + formattedUsername = username + } + + // Get list of databases to create users in + databases, _, err := d.client.ListDatabases(ctx, &mssqldb.Pager{}) + if err != nil { + l.Error("Failed to retrieve databases", zap.Error(err)) + errMsg := fmt.Sprintf("Login created successfully, but failed to retrieve databases: %v", err) + result := &v2.CreateAccountResponse_ActionRequiredResult{ + Message: errMsg, + IsCreateAccountResult: true, + } + return result, nil, nil, nil + } + + // Create user in each database + var dbsCreated []string + for _, db := range databases { + // Skip system databases + if db.Name == "master" || db.Name == "tempdb" || db.Name == "model" || db.Name == "msdb" { + continue + } + + err = d.client.CreateDatabaseUserForPrincipal(ctx, db.Name, formattedUsername) + if err != nil { + l.Error("Failed to create user in database", + zap.String("database", db.Name), + zap.String("user", formattedUsername), + zap.Error(err)) + errMsg := fmt.Sprintf("Login created successfully, but failed to create user in some databases: %v", err) + result := &v2.CreateAccountResponse_ActionRequiredResult{ + Message: errMsg, + IsCreateAccountResult: true, + } + return result, nil, nil, nil + } + dbsCreated = append(dbsCreated, db.Name) + } + + // Create a resource for the newly created login + profile := map[string]interface{}{ + "username": username, + "domain": domain, + "formatted_login": formattedUsername, + "databases": dbsCreated, + } + + // Use email as name if it looks like an email address + var userOpts []resource.UserTraitOption + userOpts = append(userOpts, resource.WithUserProfile(profile)) + userOpts = append(userOpts, resource.WithStatus(v2.UserTrait_Status_STATUS_ENABLED)) + + if _, err = mail.ParseAddress(username); err == nil { + userOpts = append(userOpts, resource.WithEmail(username, true)) + } + + // Create a resource object to represent the user + resource, err := resource.NewUserResource( + formattedUsername, + d.ResourceType(ctx), + formattedUsername, // Use the formatted username as the ID + userOpts, + ) + if err != nil { + l.Error("Failed to create resource for new user", zap.Error(err)) + return nil, nil, nil, fmt.Errorf("failed to create resource for new user: %w", err) + } + + // Return success result with the new user resource + successResult := &v2.CreateAccountResponse_SuccessResult{ + Resource: resource, + IsCreateAccountResult: true, + } + + return successResult, nil, nil, nil +} + +// CreateAccountCapabilityDetails returns the capability details for account creation. +func (d *userPrincipalSyncer) CreateAccountCapabilityDetails( + ctx context.Context, +) (*v2.CredentialDetailsAccountProvisioning, annotations.Annotations, error) { + return &v2.CredentialDetailsAccountProvisioning{ + SupportedCredentialOptions: []v2.CapabilityDetailCredentialOption{ + v2.CapabilityDetailCredentialOption_CAPABILITY_DETAIL_CREDENTIAL_OPTION_NO_PASSWORD, + }, + PreferredCredentialOption: v2.CapabilityDetailCredentialOption_CAPABILITY_DETAIL_CREDENTIAL_OPTION_NO_PASSWORD, + }, nil, nil +} + func newUserPrincipalSyncer(ctx context.Context, c *mssqldb.Client) *userPrincipalSyncer { return &userPrincipalSyncer{ resourceType: resourceTypeUser, diff --git a/pkg/mssqldb/users.go b/pkg/mssqldb/users.go index ddda0a08..60b3dd54 100644 --- a/pkg/mssqldb/users.go +++ b/pkg/mssqldb/users.go @@ -306,3 +306,35 @@ CREATE USER [%s] FOR LOGIN [%s]; return nil } + +// CreateWindowsLogin creates a SQL Server login from Windows AD for the specified domain and username. +// If domain is provided, it will create the login in the format [DOMAIN\Username], +// otherwise it will use just [Username]. +func (c *Client) CreateWindowsLogin(ctx context.Context, domain, username string) error { + l := ctxzap.Extract(ctx) + + // Check for invalid characters to prevent SQL injection + if (domain != "" && strings.ContainsAny(domain, "[]\"';")) || strings.ContainsAny(username, "[]\"';") { + return fmt.Errorf("invalid characters in domain or username") + } + + var loginName string + if domain != "" { + loginName = fmt.Sprintf("[%s\\%s]", domain, username) + l.Debug("creating windows login with domain", zap.String("login", loginName)) + } else { + loginName = fmt.Sprintf("[%s]", username) + l.Debug("creating windows login without domain", zap.String("login", loginName)) + } + + query := fmt.Sprintf("CREATE LOGIN %s FROM WINDOWS;", loginName) + + l.Debug("SQL QUERY", zap.String("q", query)) + + _, err := c.db.ExecContext(ctx, query) + if err != nil { + return fmt.Errorf("failed to create Windows login: %w", err) + } + + return nil +} diff --git a/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go b/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go index 19229226..42627558 100644 --- a/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go +++ b/vendor/github.com/conductorone/baton-sdk/internal/connector/connector.go @@ -35,6 +35,7 @@ const listenerFdEnv = "BATON_CONNECTOR_SERVICE_LISTENER_FD" type connectorClient struct { connectorV2.ResourceTypesServiceClient connectorV2.ResourcesServiceClient + connectorV2.ResourceGetterServiceClient connectorV2.EntitlementsServiceClient connectorV2.GrantsServiceClient connectorV2.ConnectorServiceClient @@ -372,6 +373,7 @@ func Register(ctx context.Context, s grpc.ServiceRegistrar, srv types.ConnectorS connectorV2.RegisterResourceTypesServiceServer(s, srv) connectorV2.RegisterAssetServiceServer(s, srv) connectorV2.RegisterEventServiceServer(s, srv) + connectorV2.RegisterResourceGetterServiceServer(s, srv) if opts.TicketingEnabled { connectorV2.RegisterTicketsServiceServer(s, srv) @@ -421,5 +423,6 @@ func NewConnectorClient(ctx context.Context, cc grpc.ClientConnInterface) types. EventServiceClient: connectorV2.NewEventServiceClient(cc), TicketsServiceClient: connectorV2.NewTicketsServiceClient(cc), ActionServiceClient: connectorV2.NewActionServiceClient(cc), + ResourceGetterServiceClient: connectorV2.NewResourceGetterServiceClient(cc), } } diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go index 51436ad9..6ef572ac 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/connector.pb.go @@ -38,6 +38,7 @@ const ( Capability_CAPABILITY_RESOURCE_DELETE Capability = 8 Capability_CAPABILITY_SYNC_SECRETS Capability = 9 Capability_CAPABILITY_ACTIONS Capability = 10 + Capability_CAPABILITY_TARGETED_SYNC Capability = 11 ) // Enum value maps for Capability. @@ -54,6 +55,7 @@ var ( 8: "CAPABILITY_RESOURCE_DELETE", 9: "CAPABILITY_SYNC_SECRETS", 10: "CAPABILITY_ACTIONS", + 11: "CAPABILITY_TARGETED_SYNC", } Capability_value = map[string]int32{ "CAPABILITY_UNSPECIFIED": 0, @@ -67,6 +69,7 @@ var ( "CAPABILITY_RESOURCE_DELETE": 8, "CAPABILITY_SYNC_SECRETS": 9, "CAPABILITY_ACTIONS": 10, + "CAPABILITY_TARGETED_SYNC": 11, } ) @@ -1470,7 +1473,7 @@ var file_c1_connector_v2_connector_proto_rawDesc = string([]byte{ 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x43, 0x72, 0x65, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x2a, - 0xca, 0x02, 0x0a, 0x0a, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x1a, + 0xe8, 0x02, 0x0a, 0x0a, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x1a, 0x0a, 0x16, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x18, 0x0a, 0x14, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x50, 0x52, 0x4f, 0x56, 0x49, 0x53, 0x49, @@ -1490,49 +1493,51 @@ var file_c1_connector_v2_connector_proto_rawDesc = string([]byte{ 0x45, 0x4c, 0x45, 0x54, 0x45, 0x10, 0x08, 0x12, 0x1b, 0x0a, 0x17, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x53, 0x59, 0x4e, 0x43, 0x5f, 0x53, 0x45, 0x43, 0x52, 0x45, 0x54, 0x53, 0x10, 0x09, 0x12, 0x16, 0x0a, 0x12, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, - 0x54, 0x59, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x53, 0x10, 0x0a, 0x2a, 0xf2, 0x01, 0x0a, - 0x20, 0x43, 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, - 0x6c, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, - 0x6e, 0x12, 0x33, 0x0a, 0x2f, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, - 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x5f, 0x43, 0x52, 0x45, 0x44, 0x45, 0x4e, 0x54, 0x49, 0x41, - 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, - 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x33, 0x0a, 0x2f, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, - 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x5f, 0x43, 0x52, 0x45, 0x44, - 0x45, 0x4e, 0x54, 0x49, 0x41, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, - 0x5f, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, 0x10, 0x01, 0x12, 0x37, 0x0a, 0x33, 0x43, - 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, - 0x5f, 0x43, 0x52, 0x45, 0x44, 0x45, 0x4e, 0x54, 0x49, 0x41, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, - 0x4f, 0x4e, 0x5f, 0x52, 0x41, 0x4e, 0x44, 0x4f, 0x4d, 0x5f, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, - 0x52, 0x44, 0x10, 0x02, 0x12, 0x2b, 0x0a, 0x27, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, + 0x54, 0x59, 0x5f, 0x41, 0x43, 0x54, 0x49, 0x4f, 0x4e, 0x53, 0x10, 0x0a, 0x12, 0x1c, 0x0a, 0x18, + 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x54, 0x41, 0x52, 0x47, 0x45, + 0x54, 0x45, 0x44, 0x5f, 0x53, 0x59, 0x4e, 0x43, 0x10, 0x0b, 0x2a, 0xf2, 0x01, 0x0a, 0x20, 0x43, + 0x61, 0x70, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x43, + 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x33, 0x0a, 0x2f, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x44, 0x45, + 0x54, 0x41, 0x49, 0x4c, 0x5f, 0x43, 0x52, 0x45, 0x44, 0x45, 0x4e, 0x54, 0x49, 0x41, 0x4c, 0x5f, + 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, + 0x45, 0x44, 0x10, 0x00, 0x12, 0x33, 0x0a, 0x2f, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x5f, 0x43, 0x52, 0x45, 0x44, 0x45, 0x4e, - 0x54, 0x49, 0x41, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x53, 0x4f, 0x10, - 0x03, 0x32, 0xeb, 0x02, 0x0a, 0x10, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x78, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x4d, 0x65, 0x74, - 0x61, 0x64, 0x61, 0x74, 0x61, 0x12, 0x33, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, - 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, - 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x64, - 0x61, 0x74, 0x61, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x63, 0x31, 0x2e, + 0x54, 0x49, 0x41, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x4e, 0x4f, 0x5f, 0x50, + 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, 0x10, 0x01, 0x12, 0x37, 0x0a, 0x33, 0x43, 0x41, 0x50, + 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x5f, 0x43, + 0x52, 0x45, 0x44, 0x45, 0x4e, 0x54, 0x49, 0x41, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, + 0x5f, 0x52, 0x41, 0x4e, 0x44, 0x4f, 0x4d, 0x5f, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, + 0x10, 0x02, 0x12, 0x2b, 0x0a, 0x27, 0x43, 0x41, 0x50, 0x41, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, + 0x5f, 0x44, 0x45, 0x54, 0x41, 0x49, 0x4c, 0x5f, 0x43, 0x52, 0x45, 0x44, 0x45, 0x4e, 0x54, 0x49, + 0x41, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x53, 0x4f, 0x10, 0x03, 0x32, + 0xeb, 0x02, 0x0a, 0x10, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, + 0x76, 0x69, 0x63, 0x65, 0x12, 0x78, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x64, + 0x61, 0x74, 0x61, 0x12, 0x33, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, + 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, + 0x61, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x34, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, + 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, + 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, 0x4d, 0x65, + 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x6f, + 0x0a, 0x08, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x12, 0x30, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6e, - 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, - 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x6f, 0x0a, 0x08, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x12, 0x30, 0x2e, 0x63, + 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x56, 0x61, 0x6c, + 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x56, - 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x31, - 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, - 0x2e, 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, - 0x65, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x12, 0x6c, 0x0a, 0x07, 0x43, 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x12, 0x2f, 0x2e, 0x63, - 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, - 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, - 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x30, 0x2e, - 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, - 0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x43, 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, - 0x36, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, - 0x6e, 0x64, 0x75, 0x63, 0x74, 0x6f, 0x72, 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, - 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x62, 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, - 0x63, 0x74, 0x6f, 0x72, 0x2f, 0x76, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x6c, 0x0a, 0x07, 0x43, 0x6c, 0x65, 0x61, 0x6e, 0x75, 0x70, 0x12, 0x2f, 0x2e, 0x63, 0x31, 0x2e, + 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, 0x6e, + 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6c, 0x65, + 0x61, 0x6e, 0x75, 0x70, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x30, 0x2e, 0x63, 0x31, + 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x6f, + 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x43, 0x6c, + 0x65, 0x61, 0x6e, 0x75, 0x70, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x36, 0x5a, + 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x64, + 0x75, 0x63, 0x74, 0x6f, 0x72, 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, 0x2d, 0x73, + 0x64, 0x6b, 0x2f, 0x70, 0x62, 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, + 0x6f, 0x72, 0x2f, 0x76, 0x32, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, }) var ( diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.go index 1639a155..ad9f2313 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.go @@ -1610,6 +1610,118 @@ func (x *ResourcesServiceListResourcesResponse) GetAnnotations() []*anypb.Any { return nil } +type ResourceGetterServiceGetResourceRequest struct { + state protoimpl.MessageState `protogen:"open.v1"` + ResourceId *ResourceId `protobuf:"bytes,1,opt,name=resource_id,json=resourceId,proto3" json:"resource_id,omitempty"` + ParentResourceId *ResourceId `protobuf:"bytes,2,opt,name=parent_resource_id,json=parentResourceId,proto3" json:"parent_resource_id,omitempty"` + Annotations []*anypb.Any `protobuf:"bytes,3,rep,name=annotations,proto3" json:"annotations,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ResourceGetterServiceGetResourceRequest) Reset() { + *x = ResourceGetterServiceGetResourceRequest{} + mi := &file_c1_connector_v2_resource_proto_msgTypes[22] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResourceGetterServiceGetResourceRequest) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResourceGetterServiceGetResourceRequest) ProtoMessage() {} + +func (x *ResourceGetterServiceGetResourceRequest) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_resource_proto_msgTypes[22] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResourceGetterServiceGetResourceRequest.ProtoReflect.Descriptor instead. +func (*ResourceGetterServiceGetResourceRequest) Descriptor() ([]byte, []int) { + return file_c1_connector_v2_resource_proto_rawDescGZIP(), []int{22} +} + +func (x *ResourceGetterServiceGetResourceRequest) GetResourceId() *ResourceId { + if x != nil { + return x.ResourceId + } + return nil +} + +func (x *ResourceGetterServiceGetResourceRequest) GetParentResourceId() *ResourceId { + if x != nil { + return x.ParentResourceId + } + return nil +} + +func (x *ResourceGetterServiceGetResourceRequest) GetAnnotations() []*anypb.Any { + if x != nil { + return x.Annotations + } + return nil +} + +type ResourceGetterServiceGetResourceResponse struct { + state protoimpl.MessageState `protogen:"open.v1"` + Resource *Resource `protobuf:"bytes,1,opt,name=resource,proto3" json:"resource,omitempty"` + Annotations []*anypb.Any `protobuf:"bytes,2,rep,name=annotations,proto3" json:"annotations,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *ResourceGetterServiceGetResourceResponse) Reset() { + *x = ResourceGetterServiceGetResourceResponse{} + mi := &file_c1_connector_v2_resource_proto_msgTypes[23] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *ResourceGetterServiceGetResourceResponse) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*ResourceGetterServiceGetResourceResponse) ProtoMessage() {} + +func (x *ResourceGetterServiceGetResourceResponse) ProtoReflect() protoreflect.Message { + mi := &file_c1_connector_v2_resource_proto_msgTypes[23] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use ResourceGetterServiceGetResourceResponse.ProtoReflect.Descriptor instead. +func (*ResourceGetterServiceGetResourceResponse) Descriptor() ([]byte, []int) { + return file_c1_connector_v2_resource_proto_rawDescGZIP(), []int{23} +} + +func (x *ResourceGetterServiceGetResourceResponse) GetResource() *Resource { + if x != nil { + return x.Resource + } + return nil +} + +func (x *ResourceGetterServiceGetResourceResponse) GetAnnotations() []*anypb.Any { + if x != nil { + return x.Annotations + } + return nil +} + type ExternalId struct { state protoimpl.MessageState `protogen:"open.v1"` Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` @@ -1621,7 +1733,7 @@ type ExternalId struct { func (x *ExternalId) Reset() { *x = ExternalId{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[22] + mi := &file_c1_connector_v2_resource_proto_msgTypes[24] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1633,7 +1745,7 @@ func (x *ExternalId) String() string { func (*ExternalId) ProtoMessage() {} func (x *ExternalId) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[22] + mi := &file_c1_connector_v2_resource_proto_msgTypes[24] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1646,7 +1758,7 @@ func (x *ExternalId) ProtoReflect() protoreflect.Message { // Deprecated: Use ExternalId.ProtoReflect.Descriptor instead. func (*ExternalId) Descriptor() ([]byte, []int) { - return file_c1_connector_v2_resource_proto_rawDescGZIP(), []int{22} + return file_c1_connector_v2_resource_proto_rawDescGZIP(), []int{24} } func (x *ExternalId) GetId() string { @@ -1681,7 +1793,7 @@ type AccountInfo_Email struct { func (x *AccountInfo_Email) Reset() { *x = AccountInfo_Email{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[23] + mi := &file_c1_connector_v2_resource_proto_msgTypes[25] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1693,7 +1805,7 @@ func (x *AccountInfo_Email) String() string { func (*AccountInfo_Email) ProtoMessage() {} func (x *AccountInfo_Email) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[23] + mi := &file_c1_connector_v2_resource_proto_msgTypes[25] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1732,7 +1844,7 @@ type CredentialOptions_RandomPassword struct { func (x *CredentialOptions_RandomPassword) Reset() { *x = CredentialOptions_RandomPassword{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[24] + mi := &file_c1_connector_v2_resource_proto_msgTypes[26] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1744,7 +1856,7 @@ func (x *CredentialOptions_RandomPassword) String() string { func (*CredentialOptions_RandomPassword) ProtoMessage() {} func (x *CredentialOptions_RandomPassword) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[24] + mi := &file_c1_connector_v2_resource_proto_msgTypes[26] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1775,7 +1887,7 @@ type CredentialOptions_NoPassword struct { func (x *CredentialOptions_NoPassword) Reset() { *x = CredentialOptions_NoPassword{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[25] + mi := &file_c1_connector_v2_resource_proto_msgTypes[27] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1787,7 +1899,7 @@ func (x *CredentialOptions_NoPassword) String() string { func (*CredentialOptions_NoPassword) ProtoMessage() {} func (x *CredentialOptions_NoPassword) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[25] + mi := &file_c1_connector_v2_resource_proto_msgTypes[27] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1812,7 +1924,7 @@ type CredentialOptions_SSO struct { func (x *CredentialOptions_SSO) Reset() { *x = CredentialOptions_SSO{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[26] + mi := &file_c1_connector_v2_resource_proto_msgTypes[28] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1824,7 +1936,7 @@ func (x *CredentialOptions_SSO) String() string { func (*CredentialOptions_SSO) ProtoMessage() {} func (x *CredentialOptions_SSO) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[26] + mi := &file_c1_connector_v2_resource_proto_msgTypes[28] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1857,7 +1969,7 @@ type CreateAccountResponse_SuccessResult struct { func (x *CreateAccountResponse_SuccessResult) Reset() { *x = CreateAccountResponse_SuccessResult{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[27] + mi := &file_c1_connector_v2_resource_proto_msgTypes[29] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1869,7 +1981,7 @@ func (x *CreateAccountResponse_SuccessResult) String() string { func (*CreateAccountResponse_SuccessResult) ProtoMessage() {} func (x *CreateAccountResponse_SuccessResult) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[27] + mi := &file_c1_connector_v2_resource_proto_msgTypes[29] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1910,7 +2022,7 @@ type CreateAccountResponse_ActionRequiredResult struct { func (x *CreateAccountResponse_ActionRequiredResult) Reset() { *x = CreateAccountResponse_ActionRequiredResult{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[28] + mi := &file_c1_connector_v2_resource_proto_msgTypes[30] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1922,7 +2034,7 @@ func (x *CreateAccountResponse_ActionRequiredResult) String() string { func (*CreateAccountResponse_ActionRequiredResult) ProtoMessage() {} func (x *CreateAccountResponse_ActionRequiredResult) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[28] + mi := &file_c1_connector_v2_resource_proto_msgTypes[30] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1968,7 +2080,7 @@ type EncryptionConfig_JWKPublicKeyConfig struct { func (x *EncryptionConfig_JWKPublicKeyConfig) Reset() { *x = EncryptionConfig_JWKPublicKeyConfig{} - mi := &file_c1_connector_v2_resource_proto_msgTypes[29] + mi := &file_c1_connector_v2_resource_proto_msgTypes[31] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1980,7 +2092,7 @@ func (x *EncryptionConfig_JWKPublicKeyConfig) String() string { func (*EncryptionConfig_JWKPublicKeyConfig) ProtoMessage() {} func (x *EncryptionConfig_JWKPublicKeyConfig) ProtoReflect() protoreflect.Message { - mi := &file_c1_connector_v2_resource_proto_msgTypes[29] + mi := &file_c1_connector_v2_resource_proto_msgTypes[31] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -2350,75 +2462,110 @@ var file_c1_connector_v2_resource_proto_rawDesc = string([]byte{ 0x6b, 0x65, 0x6e, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, - 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x52, 0x0a, 0x0a, 0x45, - 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x6c, 0x69, 0x6e, - 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6c, 0x69, 0x6e, 0x6b, 0x12, 0x20, 0x0a, - 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x32, - 0xab, 0x01, 0x0a, 0x14, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, - 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x92, 0x01, 0x0a, 0x11, 0x4c, 0x69, 0x73, - 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, 0x12, 0x3d, - 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, - 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, 0x53, 0x65, - 0x72, 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, - 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x3e, 0x2e, + 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xf4, 0x01, 0x0a, 0x27, + 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x47, 0x65, 0x74, 0x74, 0x65, 0x72, 0x53, 0x65, + 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, + 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3c, 0x0a, 0x0b, 0x72, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x63, + 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, + 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x52, 0x0a, 0x72, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x49, 0x64, 0x12, 0x53, 0x0a, 0x12, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, + 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x1b, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x42, 0x08, + 0xfa, 0x42, 0x05, 0x8a, 0x01, 0x02, 0x10, 0x00, 0x52, 0x10, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, + 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x49, 0x64, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, + 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x14, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x41, 0x6e, 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x22, 0x99, 0x01, 0x0a, 0x28, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x47, + 0x65, 0x74, 0x74, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, 0x52, + 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x35, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x19, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x08, 0x72, 0x65, + 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x36, 0x0a, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x41, 0x6e, + 0x79, 0x52, 0x0b, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x52, + 0x0a, 0x0a, 0x45, 0x78, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x49, 0x64, 0x12, 0x0e, 0x0a, 0x02, + 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, + 0x6c, 0x69, 0x6e, 0x6b, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6c, 0x69, 0x6e, 0x6b, + 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x32, 0xab, 0x01, 0x0a, 0x14, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, + 0x79, 0x70, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x92, 0x01, 0x0a, 0x11, + 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, + 0x73, 0x12, 0x3d, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, + 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x3e, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, + 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, + 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, + 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x32, 0x92, 0x01, 0x0a, 0x10, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x53, 0x65, + 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x7e, 0x0a, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x12, 0x35, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, + 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x36, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, - 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x54, 0x79, 0x70, 0x65, 0x73, 0x53, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, - 0x54, 0x79, 0x70, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0x92, 0x01, - 0x0a, 0x10, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, - 0x63, 0x65, 0x12, 0x7e, 0x0a, 0x0d, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x73, 0x12, 0x35, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, - 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x53, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x36, 0x2e, 0x63, 0x31, 0x2e, - 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, - 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4c, 0x69, 0x73, - 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, - 0x73, 0x65, 0x32, 0xde, 0x01, 0x0a, 0x16, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x4d, - 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x61, 0x0a, - 0x0e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, - 0x26, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, - 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, - 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, - 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, - 0x12, 0x61, 0x0a, 0x0e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x12, 0x26, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, - 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, - 0x72, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x63, 0x31, 0x2e, - 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, - 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x32, 0x81, 0x01, 0x0a, 0x16, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, - 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x67, - 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, - 0x56, 0x32, 0x12, 0x28, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, - 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, - 0x72, 0x63, 0x65, 0x56, 0x32, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x63, + 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, + 0x4c, 0x69, 0x73, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x73, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0x9c, 0x01, 0x0a, 0x15, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x47, 0x65, 0x74, 0x74, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, + 0x82, 0x01, 0x0a, 0x0b, 0x47, 0x65, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, + 0x38, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, + 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x47, 0x65, 0x74, 0x74, 0x65, 0x72, + 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x39, 0x2e, 0x63, 0x31, 0x2e, 0x63, + 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x65, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x47, 0x65, 0x74, 0x74, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, + 0x65, 0x47, 0x65, 0x74, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x32, 0xde, 0x01, 0x0a, 0x16, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, + 0x61, 0x0a, 0x0e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, + 0x65, 0x12, 0x26, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, + 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x63, 0x31, 0x2e, 0x63, + 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, + 0x73, 0x65, 0x12, 0x61, 0x0a, 0x0e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x12, 0x26, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x27, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x44, - 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x32, 0x52, - 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0x83, 0x01, 0x0a, 0x18, 0x43, 0x72, 0x65, 0x64, - 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x53, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x12, 0x67, 0x0a, 0x10, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x43, 0x72, - 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x12, 0x28, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, - 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x74, 0x61, 0x74, - 0x65, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, - 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, - 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x43, 0x72, 0x65, 0x64, 0x65, - 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0x77, 0x0a, - 0x15, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x53, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x5e, 0x0a, 0x0d, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x25, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, - 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, - 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x26, + 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x52, 0x65, 0x73, + 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0x81, 0x01, 0x0a, 0x16, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, + 0x12, 0x67, 0x0a, 0x10, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x56, 0x32, 0x12, 0x28, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, + 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, 0x32, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, - 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, - 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x36, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x64, 0x75, 0x63, 0x74, 0x6f, 0x72, 0x6f, 0x6e, - 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x62, 0x2f, 0x63, - 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2f, 0x76, 0x32, 0x62, 0x06, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x56, + 0x32, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, 0x83, 0x01, 0x0a, 0x18, 0x43, 0x72, + 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x53, + 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x67, 0x0a, 0x10, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65, + 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x12, 0x28, 0x2e, 0x63, 0x31, 0x2e, + 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x74, + 0x61, 0x74, 0x65, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x29, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, + 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x52, 0x6f, 0x74, 0x61, 0x74, 0x65, 0x43, 0x72, 0x65, + 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x32, + 0x77, 0x0a, 0x15, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, + 0x72, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x5e, 0x0a, 0x0d, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x25, 0x2e, 0x63, 0x31, 0x2e, 0x63, + 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x1a, 0x26, 0x2e, 0x63, 0x31, 0x2e, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2e, + 0x76, 0x32, 0x2e, 0x43, 0x72, 0x65, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, + 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x42, 0x36, 0x5a, 0x34, 0x67, 0x69, 0x74, 0x68, + 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6e, 0x64, 0x75, 0x63, 0x74, 0x6f, 0x72, + 0x6f, 0x6e, 0x65, 0x2f, 0x62, 0x61, 0x74, 0x6f, 0x6e, 0x2d, 0x73, 0x64, 0x6b, 0x2f, 0x70, 0x62, + 0x2f, 0x63, 0x31, 0x2f, 0x63, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x2f, 0x76, 0x32, + 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, }) var ( @@ -2434,7 +2581,7 @@ func file_c1_connector_v2_resource_proto_rawDescGZIP() []byte { } var file_c1_connector_v2_resource_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_c1_connector_v2_resource_proto_msgTypes = make([]protoimpl.MessageInfo, 30) +var file_c1_connector_v2_resource_proto_msgTypes = make([]protoimpl.MessageInfo, 32) var file_c1_connector_v2_resource_proto_goTypes = []any{ (ResourceType_Trait)(0), // 0: c1.connector.v2.ResourceType.Trait (Resource_CreationSource)(0), // 1: c1.connector.v2.Resource.CreationSource @@ -2460,81 +2607,90 @@ var file_c1_connector_v2_resource_proto_goTypes = []any{ (*Resource)(nil), // 21: c1.connector.v2.Resource (*ResourcesServiceListResourcesRequest)(nil), // 22: c1.connector.v2.ResourcesServiceListResourcesRequest (*ResourcesServiceListResourcesResponse)(nil), // 23: c1.connector.v2.ResourcesServiceListResourcesResponse - (*ExternalId)(nil), // 24: c1.connector.v2.ExternalId - (*AccountInfo_Email)(nil), // 25: c1.connector.v2.AccountInfo.Email - (*CredentialOptions_RandomPassword)(nil), // 26: c1.connector.v2.CredentialOptions.RandomPassword - (*CredentialOptions_NoPassword)(nil), // 27: c1.connector.v2.CredentialOptions.NoPassword - (*CredentialOptions_SSO)(nil), // 28: c1.connector.v2.CredentialOptions.SSO - (*CreateAccountResponse_SuccessResult)(nil), // 29: c1.connector.v2.CreateAccountResponse.SuccessResult - (*CreateAccountResponse_ActionRequiredResult)(nil), // 30: c1.connector.v2.CreateAccountResponse.ActionRequiredResult - (*EncryptionConfig_JWKPublicKeyConfig)(nil), // 31: c1.connector.v2.EncryptionConfig.JWKPublicKeyConfig - (*anypb.Any)(nil), // 32: google.protobuf.Any - (*structpb.Struct)(nil), // 33: google.protobuf.Struct + (*ResourceGetterServiceGetResourceRequest)(nil), // 24: c1.connector.v2.ResourceGetterServiceGetResourceRequest + (*ResourceGetterServiceGetResourceResponse)(nil), // 25: c1.connector.v2.ResourceGetterServiceGetResourceResponse + (*ExternalId)(nil), // 26: c1.connector.v2.ExternalId + (*AccountInfo_Email)(nil), // 27: c1.connector.v2.AccountInfo.Email + (*CredentialOptions_RandomPassword)(nil), // 28: c1.connector.v2.CredentialOptions.RandomPassword + (*CredentialOptions_NoPassword)(nil), // 29: c1.connector.v2.CredentialOptions.NoPassword + (*CredentialOptions_SSO)(nil), // 30: c1.connector.v2.CredentialOptions.SSO + (*CreateAccountResponse_SuccessResult)(nil), // 31: c1.connector.v2.CreateAccountResponse.SuccessResult + (*CreateAccountResponse_ActionRequiredResult)(nil), // 32: c1.connector.v2.CreateAccountResponse.ActionRequiredResult + (*EncryptionConfig_JWKPublicKeyConfig)(nil), // 33: c1.connector.v2.EncryptionConfig.JWKPublicKeyConfig + (*anypb.Any)(nil), // 34: google.protobuf.Any + (*structpb.Struct)(nil), // 35: google.protobuf.Struct } var file_c1_connector_v2_resource_proto_depIdxs = []int32{ 0, // 0: c1.connector.v2.ResourceType.traits:type_name -> c1.connector.v2.ResourceType.Trait - 32, // 1: c1.connector.v2.ResourceType.annotations:type_name -> google.protobuf.Any + 34, // 1: c1.connector.v2.ResourceType.annotations:type_name -> google.protobuf.Any 21, // 2: c1.connector.v2.ResourceTypesServiceListResourceTypesRequest.parent:type_name -> c1.connector.v2.Resource - 32, // 3: c1.connector.v2.ResourceTypesServiceListResourceTypesRequest.annotations:type_name -> google.protobuf.Any + 34, // 3: c1.connector.v2.ResourceTypesServiceListResourceTypesRequest.annotations:type_name -> google.protobuf.Any 2, // 4: c1.connector.v2.ResourceTypesServiceListResourceTypesResponse.list:type_name -> c1.connector.v2.ResourceType - 32, // 5: c1.connector.v2.ResourceTypesServiceListResourceTypesResponse.annotations:type_name -> google.protobuf.Any + 34, // 5: c1.connector.v2.ResourceTypesServiceListResourceTypesResponse.annotations:type_name -> google.protobuf.Any 21, // 6: c1.connector.v2.CreateResourceRequest.resource:type_name -> c1.connector.v2.Resource 21, // 7: c1.connector.v2.CreateResourceResponse.created:type_name -> c1.connector.v2.Resource - 32, // 8: c1.connector.v2.CreateResourceResponse.annotations:type_name -> google.protobuf.Any + 34, // 8: c1.connector.v2.CreateResourceResponse.annotations:type_name -> google.protobuf.Any 20, // 9: c1.connector.v2.DeleteResourceRequest.resource_id:type_name -> c1.connector.v2.ResourceId - 32, // 10: c1.connector.v2.DeleteResourceResponse.annotations:type_name -> google.protobuf.Any + 34, // 10: c1.connector.v2.DeleteResourceResponse.annotations:type_name -> google.protobuf.Any 20, // 11: c1.connector.v2.DeleteResourceV2Request.resource_id:type_name -> c1.connector.v2.ResourceId - 32, // 12: c1.connector.v2.DeleteResourceV2Response.annotations:type_name -> google.protobuf.Any + 34, // 12: c1.connector.v2.DeleteResourceV2Response.annotations:type_name -> google.protobuf.Any 20, // 13: c1.connector.v2.RotateCredentialRequest.resource_id:type_name -> c1.connector.v2.ResourceId 14, // 14: c1.connector.v2.RotateCredentialRequest.credential_options:type_name -> c1.connector.v2.CredentialOptions 19, // 15: c1.connector.v2.RotateCredentialRequest.encryption_configs:type_name -> c1.connector.v2.EncryptionConfig 17, // 16: c1.connector.v2.RotateCredentialResponse.encrypted_data:type_name -> c1.connector.v2.EncryptedData 20, // 17: c1.connector.v2.RotateCredentialResponse.resource_id:type_name -> c1.connector.v2.ResourceId - 32, // 18: c1.connector.v2.RotateCredentialResponse.annotations:type_name -> google.protobuf.Any - 25, // 19: c1.connector.v2.AccountInfo.emails:type_name -> c1.connector.v2.AccountInfo.Email - 33, // 20: c1.connector.v2.AccountInfo.profile:type_name -> google.protobuf.Struct - 26, // 21: c1.connector.v2.CredentialOptions.random_password:type_name -> c1.connector.v2.CredentialOptions.RandomPassword - 27, // 22: c1.connector.v2.CredentialOptions.no_password:type_name -> c1.connector.v2.CredentialOptions.NoPassword - 28, // 23: c1.connector.v2.CredentialOptions.sso:type_name -> c1.connector.v2.CredentialOptions.SSO + 34, // 18: c1.connector.v2.RotateCredentialResponse.annotations:type_name -> google.protobuf.Any + 27, // 19: c1.connector.v2.AccountInfo.emails:type_name -> c1.connector.v2.AccountInfo.Email + 35, // 20: c1.connector.v2.AccountInfo.profile:type_name -> google.protobuf.Struct + 28, // 21: c1.connector.v2.CredentialOptions.random_password:type_name -> c1.connector.v2.CredentialOptions.RandomPassword + 29, // 22: c1.connector.v2.CredentialOptions.no_password:type_name -> c1.connector.v2.CredentialOptions.NoPassword + 30, // 23: c1.connector.v2.CredentialOptions.sso:type_name -> c1.connector.v2.CredentialOptions.SSO 13, // 24: c1.connector.v2.CreateAccountRequest.account_info:type_name -> c1.connector.v2.AccountInfo 14, // 25: c1.connector.v2.CreateAccountRequest.credential_options:type_name -> c1.connector.v2.CredentialOptions 19, // 26: c1.connector.v2.CreateAccountRequest.encryption_configs:type_name -> c1.connector.v2.EncryptionConfig - 29, // 27: c1.connector.v2.CreateAccountResponse.success:type_name -> c1.connector.v2.CreateAccountResponse.SuccessResult - 30, // 28: c1.connector.v2.CreateAccountResponse.action_required:type_name -> c1.connector.v2.CreateAccountResponse.ActionRequiredResult + 31, // 27: c1.connector.v2.CreateAccountResponse.success:type_name -> c1.connector.v2.CreateAccountResponse.SuccessResult + 32, // 28: c1.connector.v2.CreateAccountResponse.action_required:type_name -> c1.connector.v2.CreateAccountResponse.ActionRequiredResult 17, // 29: c1.connector.v2.CreateAccountResponse.encrypted_data:type_name -> c1.connector.v2.EncryptedData - 32, // 30: c1.connector.v2.CreateAccountResponse.annotations:type_name -> google.protobuf.Any + 34, // 30: c1.connector.v2.CreateAccountResponse.annotations:type_name -> google.protobuf.Any 21, // 31: c1.connector.v2.EncryptionConfig.principal:type_name -> c1.connector.v2.Resource - 31, // 32: c1.connector.v2.EncryptionConfig.jwk_public_key_config:type_name -> c1.connector.v2.EncryptionConfig.JWKPublicKeyConfig + 33, // 32: c1.connector.v2.EncryptionConfig.jwk_public_key_config:type_name -> c1.connector.v2.EncryptionConfig.JWKPublicKeyConfig 20, // 33: c1.connector.v2.Resource.id:type_name -> c1.connector.v2.ResourceId 20, // 34: c1.connector.v2.Resource.parent_resource_id:type_name -> c1.connector.v2.ResourceId - 32, // 35: c1.connector.v2.Resource.annotations:type_name -> google.protobuf.Any - 24, // 36: c1.connector.v2.Resource.external_id:type_name -> c1.connector.v2.ExternalId + 34, // 35: c1.connector.v2.Resource.annotations:type_name -> google.protobuf.Any + 26, // 36: c1.connector.v2.Resource.external_id:type_name -> c1.connector.v2.ExternalId 1, // 37: c1.connector.v2.Resource.creation_source:type_name -> c1.connector.v2.Resource.CreationSource 20, // 38: c1.connector.v2.ResourcesServiceListResourcesRequest.parent_resource_id:type_name -> c1.connector.v2.ResourceId - 32, // 39: c1.connector.v2.ResourcesServiceListResourcesRequest.annotations:type_name -> google.protobuf.Any + 34, // 39: c1.connector.v2.ResourcesServiceListResourcesRequest.annotations:type_name -> google.protobuf.Any 21, // 40: c1.connector.v2.ResourcesServiceListResourcesResponse.list:type_name -> c1.connector.v2.Resource - 32, // 41: c1.connector.v2.ResourcesServiceListResourcesResponse.annotations:type_name -> google.protobuf.Any - 21, // 42: c1.connector.v2.CreateAccountResponse.SuccessResult.resource:type_name -> c1.connector.v2.Resource - 21, // 43: c1.connector.v2.CreateAccountResponse.ActionRequiredResult.resource:type_name -> c1.connector.v2.Resource - 3, // 44: c1.connector.v2.ResourceTypesService.ListResourceTypes:input_type -> c1.connector.v2.ResourceTypesServiceListResourceTypesRequest - 22, // 45: c1.connector.v2.ResourcesService.ListResources:input_type -> c1.connector.v2.ResourcesServiceListResourcesRequest - 5, // 46: c1.connector.v2.ResourceManagerService.CreateResource:input_type -> c1.connector.v2.CreateResourceRequest - 7, // 47: c1.connector.v2.ResourceManagerService.DeleteResource:input_type -> c1.connector.v2.DeleteResourceRequest - 9, // 48: c1.connector.v2.ResourceDeleterService.DeleteResourceV2:input_type -> c1.connector.v2.DeleteResourceV2Request - 11, // 49: c1.connector.v2.CredentialManagerService.RotateCredential:input_type -> c1.connector.v2.RotateCredentialRequest - 15, // 50: c1.connector.v2.AccountManagerService.CreateAccount:input_type -> c1.connector.v2.CreateAccountRequest - 4, // 51: c1.connector.v2.ResourceTypesService.ListResourceTypes:output_type -> c1.connector.v2.ResourceTypesServiceListResourceTypesResponse - 23, // 52: c1.connector.v2.ResourcesService.ListResources:output_type -> c1.connector.v2.ResourcesServiceListResourcesResponse - 6, // 53: c1.connector.v2.ResourceManagerService.CreateResource:output_type -> c1.connector.v2.CreateResourceResponse - 8, // 54: c1.connector.v2.ResourceManagerService.DeleteResource:output_type -> c1.connector.v2.DeleteResourceResponse - 10, // 55: c1.connector.v2.ResourceDeleterService.DeleteResourceV2:output_type -> c1.connector.v2.DeleteResourceV2Response - 12, // 56: c1.connector.v2.CredentialManagerService.RotateCredential:output_type -> c1.connector.v2.RotateCredentialResponse - 16, // 57: c1.connector.v2.AccountManagerService.CreateAccount:output_type -> c1.connector.v2.CreateAccountResponse - 51, // [51:58] is the sub-list for method output_type - 44, // [44:51] is the sub-list for method input_type - 44, // [44:44] is the sub-list for extension type_name - 44, // [44:44] is the sub-list for extension extendee - 0, // [0:44] is the sub-list for field type_name + 34, // 41: c1.connector.v2.ResourcesServiceListResourcesResponse.annotations:type_name -> google.protobuf.Any + 20, // 42: c1.connector.v2.ResourceGetterServiceGetResourceRequest.resource_id:type_name -> c1.connector.v2.ResourceId + 20, // 43: c1.connector.v2.ResourceGetterServiceGetResourceRequest.parent_resource_id:type_name -> c1.connector.v2.ResourceId + 34, // 44: c1.connector.v2.ResourceGetterServiceGetResourceRequest.annotations:type_name -> google.protobuf.Any + 21, // 45: c1.connector.v2.ResourceGetterServiceGetResourceResponse.resource:type_name -> c1.connector.v2.Resource + 34, // 46: c1.connector.v2.ResourceGetterServiceGetResourceResponse.annotations:type_name -> google.protobuf.Any + 21, // 47: c1.connector.v2.CreateAccountResponse.SuccessResult.resource:type_name -> c1.connector.v2.Resource + 21, // 48: c1.connector.v2.CreateAccountResponse.ActionRequiredResult.resource:type_name -> c1.connector.v2.Resource + 3, // 49: c1.connector.v2.ResourceTypesService.ListResourceTypes:input_type -> c1.connector.v2.ResourceTypesServiceListResourceTypesRequest + 22, // 50: c1.connector.v2.ResourcesService.ListResources:input_type -> c1.connector.v2.ResourcesServiceListResourcesRequest + 24, // 51: c1.connector.v2.ResourceGetterService.GetResource:input_type -> c1.connector.v2.ResourceGetterServiceGetResourceRequest + 5, // 52: c1.connector.v2.ResourceManagerService.CreateResource:input_type -> c1.connector.v2.CreateResourceRequest + 7, // 53: c1.connector.v2.ResourceManagerService.DeleteResource:input_type -> c1.connector.v2.DeleteResourceRequest + 9, // 54: c1.connector.v2.ResourceDeleterService.DeleteResourceV2:input_type -> c1.connector.v2.DeleteResourceV2Request + 11, // 55: c1.connector.v2.CredentialManagerService.RotateCredential:input_type -> c1.connector.v2.RotateCredentialRequest + 15, // 56: c1.connector.v2.AccountManagerService.CreateAccount:input_type -> c1.connector.v2.CreateAccountRequest + 4, // 57: c1.connector.v2.ResourceTypesService.ListResourceTypes:output_type -> c1.connector.v2.ResourceTypesServiceListResourceTypesResponse + 23, // 58: c1.connector.v2.ResourcesService.ListResources:output_type -> c1.connector.v2.ResourcesServiceListResourcesResponse + 25, // 59: c1.connector.v2.ResourceGetterService.GetResource:output_type -> c1.connector.v2.ResourceGetterServiceGetResourceResponse + 6, // 60: c1.connector.v2.ResourceManagerService.CreateResource:output_type -> c1.connector.v2.CreateResourceResponse + 8, // 61: c1.connector.v2.ResourceManagerService.DeleteResource:output_type -> c1.connector.v2.DeleteResourceResponse + 10, // 62: c1.connector.v2.ResourceDeleterService.DeleteResourceV2:output_type -> c1.connector.v2.DeleteResourceV2Response + 12, // 63: c1.connector.v2.CredentialManagerService.RotateCredential:output_type -> c1.connector.v2.RotateCredentialResponse + 16, // 64: c1.connector.v2.AccountManagerService.CreateAccount:output_type -> c1.connector.v2.CreateAccountResponse + 57, // [57:65] is the sub-list for method output_type + 49, // [49:57] is the sub-list for method input_type + 49, // [49:49] is the sub-list for extension type_name + 49, // [49:49] is the sub-list for extension extendee + 0, // [0:49] is the sub-list for field type_name } func init() { file_c1_connector_v2_resource_proto_init() } @@ -2560,9 +2716,9 @@ func file_c1_connector_v2_resource_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_c1_connector_v2_resource_proto_rawDesc), len(file_c1_connector_v2_resource_proto_rawDesc)), NumEnums: 2, - NumMessages: 30, + NumMessages: 32, NumExtensions: 0, - NumServices: 6, + NumServices: 7, }, GoTypes: file_c1_connector_v2_resource_proto_goTypes, DependencyIndexes: file_c1_connector_v2_resource_proto_depIdxs, diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.validate.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.validate.go index ca9162e8..2e0d07a6 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.validate.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource.pb.validate.go @@ -3875,6 +3875,373 @@ var _ interface { ErrorName() string } = ResourcesServiceListResourcesResponseValidationError{} +// Validate checks the field values on ResourceGetterServiceGetResourceRequest +// with the rules defined in the proto definition for this message. If any +// rules are violated, the first error encountered is returned, or nil if +// there are no violations. +func (m *ResourceGetterServiceGetResourceRequest) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on +// ResourceGetterServiceGetResourceRequest with the rules defined in the proto +// definition for this message. If any rules are violated, the result is a +// list of violation errors wrapped in +// ResourceGetterServiceGetResourceRequestMultiError, or nil if none found. +func (m *ResourceGetterServiceGetResourceRequest) ValidateAll() error { + return m.validate(true) +} + +func (m *ResourceGetterServiceGetResourceRequest) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if all { + switch v := interface{}(m.GetResourceId()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceRequestValidationError{ + field: "ResourceId", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceRequestValidationError{ + field: "ResourceId", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetResourceId()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ResourceGetterServiceGetResourceRequestValidationError{ + field: "ResourceId", + reason: "embedded message failed validation", + cause: err, + } + } + } + + if all { + switch v := interface{}(m.GetParentResourceId()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceRequestValidationError{ + field: "ParentResourceId", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceRequestValidationError{ + field: "ParentResourceId", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetParentResourceId()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ResourceGetterServiceGetResourceRequestValidationError{ + field: "ParentResourceId", + reason: "embedded message failed validation", + cause: err, + } + } + } + + for idx, item := range m.GetAnnotations() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceRequestValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceRequestValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ResourceGetterServiceGetResourceRequestValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return ResourceGetterServiceGetResourceRequestMultiError(errors) + } + + return nil +} + +// ResourceGetterServiceGetResourceRequestMultiError is an error wrapping +// multiple validation errors returned by +// ResourceGetterServiceGetResourceRequest.ValidateAll() if the designated +// constraints aren't met. +type ResourceGetterServiceGetResourceRequestMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m ResourceGetterServiceGetResourceRequestMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m ResourceGetterServiceGetResourceRequestMultiError) AllErrors() []error { return m } + +// ResourceGetterServiceGetResourceRequestValidationError is the validation +// error returned by ResourceGetterServiceGetResourceRequest.Validate if the +// designated constraints aren't met. +type ResourceGetterServiceGetResourceRequestValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e ResourceGetterServiceGetResourceRequestValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e ResourceGetterServiceGetResourceRequestValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e ResourceGetterServiceGetResourceRequestValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e ResourceGetterServiceGetResourceRequestValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e ResourceGetterServiceGetResourceRequestValidationError) ErrorName() string { + return "ResourceGetterServiceGetResourceRequestValidationError" +} + +// Error satisfies the builtin error interface +func (e ResourceGetterServiceGetResourceRequestValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sResourceGetterServiceGetResourceRequest.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = ResourceGetterServiceGetResourceRequestValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = ResourceGetterServiceGetResourceRequestValidationError{} + +// Validate checks the field values on ResourceGetterServiceGetResourceResponse +// with the rules defined in the proto definition for this message. If any +// rules are violated, the first error encountered is returned, or nil if +// there are no violations. +func (m *ResourceGetterServiceGetResourceResponse) Validate() error { + return m.validate(false) +} + +// ValidateAll checks the field values on +// ResourceGetterServiceGetResourceResponse with the rules defined in the +// proto definition for this message. If any rules are violated, the result is +// a list of violation errors wrapped in +// ResourceGetterServiceGetResourceResponseMultiError, or nil if none found. +func (m *ResourceGetterServiceGetResourceResponse) ValidateAll() error { + return m.validate(true) +} + +func (m *ResourceGetterServiceGetResourceResponse) validate(all bool) error { + if m == nil { + return nil + } + + var errors []error + + if all { + switch v := interface{}(m.GetResource()).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceResponseValidationError{ + field: "Resource", + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceResponseValidationError{ + field: "Resource", + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(m.GetResource()).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ResourceGetterServiceGetResourceResponseValidationError{ + field: "Resource", + reason: "embedded message failed validation", + cause: err, + } + } + } + + for idx, item := range m.GetAnnotations() { + _, _ = idx, item + + if all { + switch v := interface{}(item).(type) { + case interface{ ValidateAll() error }: + if err := v.ValidateAll(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceResponseValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + case interface{ Validate() error }: + if err := v.Validate(); err != nil { + errors = append(errors, ResourceGetterServiceGetResourceResponseValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + }) + } + } + } else if v, ok := interface{}(item).(interface{ Validate() error }); ok { + if err := v.Validate(); err != nil { + return ResourceGetterServiceGetResourceResponseValidationError{ + field: fmt.Sprintf("Annotations[%v]", idx), + reason: "embedded message failed validation", + cause: err, + } + } + } + + } + + if len(errors) > 0 { + return ResourceGetterServiceGetResourceResponseMultiError(errors) + } + + return nil +} + +// ResourceGetterServiceGetResourceResponseMultiError is an error wrapping +// multiple validation errors returned by +// ResourceGetterServiceGetResourceResponse.ValidateAll() if the designated +// constraints aren't met. +type ResourceGetterServiceGetResourceResponseMultiError []error + +// Error returns a concatenation of all the error messages it wraps. +func (m ResourceGetterServiceGetResourceResponseMultiError) Error() string { + msgs := make([]string, 0, len(m)) + for _, err := range m { + msgs = append(msgs, err.Error()) + } + return strings.Join(msgs, "; ") +} + +// AllErrors returns a list of validation violation errors. +func (m ResourceGetterServiceGetResourceResponseMultiError) AllErrors() []error { return m } + +// ResourceGetterServiceGetResourceResponseValidationError is the validation +// error returned by ResourceGetterServiceGetResourceResponse.Validate if the +// designated constraints aren't met. +type ResourceGetterServiceGetResourceResponseValidationError struct { + field string + reason string + cause error + key bool +} + +// Field function returns field value. +func (e ResourceGetterServiceGetResourceResponseValidationError) Field() string { return e.field } + +// Reason function returns reason value. +func (e ResourceGetterServiceGetResourceResponseValidationError) Reason() string { return e.reason } + +// Cause function returns cause value. +func (e ResourceGetterServiceGetResourceResponseValidationError) Cause() error { return e.cause } + +// Key function returns key value. +func (e ResourceGetterServiceGetResourceResponseValidationError) Key() bool { return e.key } + +// ErrorName returns error name. +func (e ResourceGetterServiceGetResourceResponseValidationError) ErrorName() string { + return "ResourceGetterServiceGetResourceResponseValidationError" +} + +// Error satisfies the builtin error interface +func (e ResourceGetterServiceGetResourceResponseValidationError) Error() string { + cause := "" + if e.cause != nil { + cause = fmt.Sprintf(" | caused by: %v", e.cause) + } + + key := "" + if e.key { + key = "key for " + } + + return fmt.Sprintf( + "invalid %sResourceGetterServiceGetResourceResponse.%s: %s%s", + key, + e.field, + e.reason, + cause) +} + +var _ error = ResourceGetterServiceGetResourceResponseValidationError{} + +var _ interface { + Field() string + Reason() string + Key() bool + Cause() error + ErrorName() string +} = ResourceGetterServiceGetResourceResponseValidationError{} + // Validate checks the field values on ExternalId with the rules defined in the // proto definition for this message. If any rules are violated, the first // error encountered is returned, or nil if there are no violations. diff --git a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource_grpc.pb.go b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource_grpc.pb.go index a3718142..c1fe9d71 100644 --- a/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource_grpc.pb.go +++ b/vendor/github.com/conductorone/baton-sdk/pb/c1/connector/v2/resource_grpc.pb.go @@ -218,6 +218,106 @@ var ResourcesService_ServiceDesc = grpc.ServiceDesc{ Metadata: "c1/connector/v2/resource.proto", } +const ( + ResourceGetterService_GetResource_FullMethodName = "/c1.connector.v2.ResourceGetterService/GetResource" +) + +// ResourceGetterServiceClient is the client API for ResourceGetterService service. +// +// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. +type ResourceGetterServiceClient interface { + GetResource(ctx context.Context, in *ResourceGetterServiceGetResourceRequest, opts ...grpc.CallOption) (*ResourceGetterServiceGetResourceResponse, error) +} + +type resourceGetterServiceClient struct { + cc grpc.ClientConnInterface +} + +func NewResourceGetterServiceClient(cc grpc.ClientConnInterface) ResourceGetterServiceClient { + return &resourceGetterServiceClient{cc} +} + +func (c *resourceGetterServiceClient) GetResource(ctx context.Context, in *ResourceGetterServiceGetResourceRequest, opts ...grpc.CallOption) (*ResourceGetterServiceGetResourceResponse, error) { + cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...) + out := new(ResourceGetterServiceGetResourceResponse) + err := c.cc.Invoke(ctx, ResourceGetterService_GetResource_FullMethodName, in, out, cOpts...) + if err != nil { + return nil, err + } + return out, nil +} + +// ResourceGetterServiceServer is the server API for ResourceGetterService service. +// All implementations should embed UnimplementedResourceGetterServiceServer +// for forward compatibility. +type ResourceGetterServiceServer interface { + GetResource(context.Context, *ResourceGetterServiceGetResourceRequest) (*ResourceGetterServiceGetResourceResponse, error) +} + +// UnimplementedResourceGetterServiceServer should be embedded to have +// forward compatible implementations. +// +// NOTE: this should be embedded by value instead of pointer to avoid a nil +// pointer dereference when methods are called. +type UnimplementedResourceGetterServiceServer struct{} + +func (UnimplementedResourceGetterServiceServer) GetResource(context.Context, *ResourceGetterServiceGetResourceRequest) (*ResourceGetterServiceGetResourceResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetResource not implemented") +} +func (UnimplementedResourceGetterServiceServer) testEmbeddedByValue() {} + +// UnsafeResourceGetterServiceServer may be embedded to opt out of forward compatibility for this service. +// Use of this interface is not recommended, as added methods to ResourceGetterServiceServer will +// result in compilation errors. +type UnsafeResourceGetterServiceServer interface { + mustEmbedUnimplementedResourceGetterServiceServer() +} + +func RegisterResourceGetterServiceServer(s grpc.ServiceRegistrar, srv ResourceGetterServiceServer) { + // If the following call pancis, it indicates UnimplementedResourceGetterServiceServer was + // embedded by pointer and is nil. This will cause panics if an + // unimplemented method is ever invoked, so we test this at initialization + // time to prevent it from happening at runtime later due to I/O. + if t, ok := srv.(interface{ testEmbeddedByValue() }); ok { + t.testEmbeddedByValue() + } + s.RegisterService(&ResourceGetterService_ServiceDesc, srv) +} + +func _ResourceGetterService_GetResource_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(ResourceGetterServiceGetResourceRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(ResourceGetterServiceServer).GetResource(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: ResourceGetterService_GetResource_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(ResourceGetterServiceServer).GetResource(ctx, req.(*ResourceGetterServiceGetResourceRequest)) + } + return interceptor(ctx, in, info, handler) +} + +// ResourceGetterService_ServiceDesc is the grpc.ServiceDesc for ResourceGetterService service. +// It's only intended for direct use with grpc.RegisterService, +// and not to be introspected or modified (even as a copy) +var ResourceGetterService_ServiceDesc = grpc.ServiceDesc{ + ServiceName: "c1.connector.v2.ResourceGetterService", + HandlerType: (*ResourceGetterServiceServer)(nil), + Methods: []grpc.MethodDesc{ + { + MethodName: "GetResource", + Handler: _ResourceGetterService_GetResource_Handler, + }, + }, + Streams: []grpc.StreamDesc{}, + Metadata: "c1/connector/v2/resource.proto", +} + const ( ResourceManagerService_CreateResource_FullMethodName = "/c1.connector.v2.ResourceManagerService/CreateResource" ResourceManagerService_DeleteResource_FullMethodName = "/c1.connector.v2.ResourceManagerService/DeleteResource" diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go index b454c808..87f146f9 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/connectorbuilder/connectorbuilder.go @@ -41,6 +41,7 @@ var tracer = otel.Tracer("baton-sdk/pkg.connectorbuilder") // - ResourceDeleter: For deleting resources // - AccountManager: For account provisioning operations // - CredentialManager: For credential rotation operations. +// - ResourceTargetedSyncer: For directly getting a resource supporting targeted sync. type ResourceSyncer interface { ResourceType(ctx context.Context) *v2.ResourceType List(ctx context.Context, parentResourceID *v2.ResourceId, pToken *pagination.Token) ([]*v2.Resource, string, annotations.Annotations, error) @@ -94,6 +95,15 @@ type ResourceDeleter interface { Delete(ctx context.Context, resourceId *v2.ResourceId) (annotations.Annotations, error) } +// ResourceTargetedSyncer extends ResourceSyncer to add capabilities for directly syncing an individual resource +// +// Implementing this interface indicates the connector supports calling "get" on a resource +// of the associated resource type. +type ResourceTargetedSyncer interface { + ResourceSyncer + Get(ctx context.Context, resourceId *v2.ResourceId, parentResourceId *v2.ResourceId) (*v2.Resource, annotations.Annotations, error) +} + // CreateAccountResponse is a semi-opaque type returned from CreateAccount operations. // // This is used to communicate the result of account creation back to Baton. @@ -184,20 +194,21 @@ type ConnectorBuilder interface { } type builderImpl struct { - resourceBuilders map[string]ResourceSyncer - resourceProvisioners map[string]ResourceProvisioner - resourceProvisionersV2 map[string]ResourceProvisionerV2 - resourceManagers map[string]ResourceManager - resourceDeleters map[string]ResourceDeleter - accountManager AccountManager - actionManager CustomActionManager - credentialManagers map[string]CredentialManager - eventFeed EventProvider - cb ConnectorBuilder - ticketManager TicketManager - ticketingEnabled bool - m *metrics.M - nowFunc func() time.Time + resourceBuilders map[string]ResourceSyncer + resourceProvisioners map[string]ResourceProvisioner + resourceProvisionersV2 map[string]ResourceProvisionerV2 + resourceManagers map[string]ResourceManager + resourceDeleters map[string]ResourceDeleter + resourceTargetedSyncers map[string]ResourceTargetedSyncer + accountManager AccountManager + actionManager CustomActionManager + credentialManagers map[string]CredentialManager + eventFeed EventProvider + cb ConnectorBuilder + ticketManager TicketManager + ticketingEnabled bool + m *metrics.M + nowFunc func() time.Time } func (b *builderImpl) BulkCreateTickets(ctx context.Context, request *v2.TicketsServiceBulkCreateTicketsRequest) (*v2.TicketsServiceBulkCreateTicketsResponse, error) { @@ -395,17 +406,18 @@ func NewConnector(ctx context.Context, in interface{}, opts ...Opt) (types.Conne switch c := in.(type) { case ConnectorBuilder: ret := &builderImpl{ - resourceBuilders: make(map[string]ResourceSyncer), - resourceProvisioners: make(map[string]ResourceProvisioner), - resourceProvisionersV2: make(map[string]ResourceProvisionerV2), - resourceManagers: make(map[string]ResourceManager), - resourceDeleters: make(map[string]ResourceDeleter), - accountManager: nil, - actionManager: nil, - credentialManagers: make(map[string]CredentialManager), - cb: c, - ticketManager: nil, - nowFunc: time.Now, + resourceBuilders: make(map[string]ResourceSyncer), + resourceProvisioners: make(map[string]ResourceProvisioner), + resourceProvisionersV2: make(map[string]ResourceProvisionerV2), + resourceManagers: make(map[string]ResourceManager), + resourceDeleters: make(map[string]ResourceDeleter), + resourceTargetedSyncers: make(map[string]ResourceTargetedSyncer), + accountManager: nil, + actionManager: nil, + credentialManagers: make(map[string]CredentialManager), + cb: c, + ticketManager: nil, + nowFunc: time.Now, } err := ret.options(opts...) @@ -472,6 +484,12 @@ func NewConnector(ctx context.Context, in interface{}, opts ...Opt) (types.Conne } ret.resourceProvisionersV2[rType.Id] = provisioner } + if targetedSyncer, ok := rb.(ResourceTargetedSyncer); ok { + if _, ok := ret.resourceTargetedSyncers[rType.Id]; ok { + return nil, fmt.Errorf("error: duplicate resource type found for resource targeted syncer %s", rType.Id) + } + ret.resourceTargetedSyncers[rType.Id] = targetedSyncer + } if resourceManager, ok := rb.(ResourceManager); ok { if _, ok := ret.resourceManagers[rType.Id]; ok { @@ -611,6 +629,35 @@ func (b *builderImpl) ListResources(ctx context.Context, request *v2.ResourcesSe return resp, nil } +func (b *builderImpl) GetResource(ctx context.Context, request *v2.ResourceGetterServiceGetResourceRequest) (*v2.ResourceGetterServiceGetResourceResponse, error) { + ctx, span := tracer.Start(ctx, "builderImpl.GetResource") + defer span.End() + + start := b.nowFunc() + tt := tasks.GetResourceType + rb, ok := b.resourceTargetedSyncers[request.ResourceId.ResourceType] + if !ok { + b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) + return nil, fmt.Errorf("error: get resource with unknown resource type %s", request.ResourceId.ResourceType) + } + + resource, annos, err := rb.Get(ctx, request.ResourceId, request.ParentResourceId) + if err != nil { + b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) + return nil, fmt.Errorf("error: get resource failed: %w", err) + } + if resource == nil { + b.m.RecordTaskFailure(ctx, tt, b.nowFunc().Sub(start)) + return nil, status.Error(codes.NotFound, "error: get resource returned nil") + } + + b.m.RecordTaskSuccess(ctx, tt, b.nowFunc().Sub(start)) + return &v2.ResourceGetterServiceGetResourceResponse{ + Resource: resource, + Annotations: annos, + }, nil +} + // ListEntitlements returns all the entitlements for a given resource. func (b *builderImpl) ListEntitlements(ctx context.Context, request *v2.EntitlementsServiceListEntitlementsRequest) (*v2.EntitlementsServiceListEntitlementsResponse, error) { ctx, span := tracer.Start(ctx, "builderImpl.ListEntitlements") @@ -779,6 +826,10 @@ func getCapabilities(ctx context.Context, b *builderImpl) (*v2.ConnectorCapabili Capabilities: []v2.Capability{v2.Capability_CAPABILITY_SYNC}, } connectorCaps[v2.Capability_CAPABILITY_SYNC] = struct{}{} + if _, ok := rb.(ResourceTargetedSyncer); ok { + resourceTypeCapability.Capabilities = append(resourceTypeCapability.Capabilities, v2.Capability_CAPABILITY_TARGETED_SYNC) + connectorCaps[v2.Capability_CAPABILITY_TARGETED_SYNC] = struct{}{} + } if _, ok := rb.(ResourceProvisioner); ok { resourceTypeCapability.Capabilities = append(resourceTypeCapability.Capabilities, v2.Capability_CAPABILITY_PROVISION) connectorCaps[v2.Capability_CAPABILITY_PROVISION] = struct{}{} diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go index 6c4b2130..cbbb5a7c 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/sdk/version.go @@ -1,3 +1,3 @@ package sdk -const Version = "v0.2.97" +const Version = "v0.2.98" diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go b/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go index 71dd5dee..87fb95c4 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/types/tasks/tasks.go @@ -36,6 +36,8 @@ func (tt TaskType) String() string { return "list_resource_types" case ListResourcesType: return "list_resources" + case GetResourceType: + return "get_resource" case ListEntitlementsType: return "list_entitlements" case ListGrantsType: @@ -81,6 +83,7 @@ const ( GetTicketSchemaType ListResourceTypesType ListResourcesType + GetResourceType ListEntitlementsType ListGrantsType GetMetadataType diff --git a/vendor/github.com/conductorone/baton-sdk/pkg/types/types.go b/vendor/github.com/conductorone/baton-sdk/pkg/types/types.go index b82cd451..191c0a9b 100644 --- a/vendor/github.com/conductorone/baton-sdk/pkg/types/types.go +++ b/vendor/github.com/conductorone/baton-sdk/pkg/types/types.go @@ -23,6 +23,7 @@ type ConnectorServer interface { connectorV2.EventServiceServer connectorV2.TicketsServiceServer connectorV2.ActionServiceServer + connectorV2.ResourceGetterServiceServer } // ConnectorClient is an interface for a type that implements all ConnectorV2 services. @@ -41,6 +42,7 @@ type ConnectorClient interface { connectorV2.EventServiceClient connectorV2.TicketsServiceClient connectorV2.ActionServiceClient + connectorV2.ResourceGetterServiceClient } // ClientWrapper is an interface that returns a connector client. diff --git a/vendor/modules.txt b/vendor/modules.txt index 4a57e1ac..ce1f4e6c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -156,7 +156,7 @@ github.com/benbjohnson/clock # github.com/cenkalti/backoff/v4 v4.3.0 ## explicit; go 1.18 github.com/cenkalti/backoff/v4 -# github.com/conductorone/baton-sdk v0.2.98 +# github.com/conductorone/baton-sdk v0.2.99 ## explicit; go 1.23.4 github.com/conductorone/baton-sdk/internal/connector github.com/conductorone/baton-sdk/pb/c1/c1z/v1 From 033538e921e59b15622fd1d6ddf02db36eede722 Mon Sep 17 00:00:00 2001 From: Bjorn Tipling Date: Tue, 6 May 2025 14:07:51 -0700 Subject: [PATCH 2/5] [BB-610] Remove automatic database user creation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Only create the Windows login without adding users to all databases. Database access should be managed through ConductorOne's access request flow. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- pkg/connector/server_user.go | 41 ++---------------------------------- 1 file changed, 2 insertions(+), 39 deletions(-) diff --git a/pkg/connector/server_user.go b/pkg/connector/server_user.go index 5676d149..06af3568 100644 --- a/pkg/connector/server_user.go +++ b/pkg/connector/server_user.go @@ -87,7 +87,7 @@ func (d *userPrincipalSyncer) Grants(ctx context.Context, resource *v2.Resource, return nil, "", nil, nil } -// CreateAccount creates a SQL Server login and database user for an Active Directory user. +// CreateAccount creates a SQL Server login for an Active Directory user without adding database users. // It implements the AccountManager interface. func (d *userPrincipalSyncer) CreateAccount( ctx context.Context, @@ -117,7 +117,7 @@ func (d *userPrincipalSyncer) CreateAccount( return nil, nil, nil, fmt.Errorf("failed to create Windows login: %w", err) } - // Determine the formatted username for the database user + // Determine the formatted username for the login var formattedUsername string if domain != "" { formattedUsername = fmt.Sprintf("%s\\%s", domain, username) @@ -125,48 +125,11 @@ func (d *userPrincipalSyncer) CreateAccount( formattedUsername = username } - // Get list of databases to create users in - databases, _, err := d.client.ListDatabases(ctx, &mssqldb.Pager{}) - if err != nil { - l.Error("Failed to retrieve databases", zap.Error(err)) - errMsg := fmt.Sprintf("Login created successfully, but failed to retrieve databases: %v", err) - result := &v2.CreateAccountResponse_ActionRequiredResult{ - Message: errMsg, - IsCreateAccountResult: true, - } - return result, nil, nil, nil - } - - // Create user in each database - var dbsCreated []string - for _, db := range databases { - // Skip system databases - if db.Name == "master" || db.Name == "tempdb" || db.Name == "model" || db.Name == "msdb" { - continue - } - - err = d.client.CreateDatabaseUserForPrincipal(ctx, db.Name, formattedUsername) - if err != nil { - l.Error("Failed to create user in database", - zap.String("database", db.Name), - zap.String("user", formattedUsername), - zap.Error(err)) - errMsg := fmt.Sprintf("Login created successfully, but failed to create user in some databases: %v", err) - result := &v2.CreateAccountResponse_ActionRequiredResult{ - Message: errMsg, - IsCreateAccountResult: true, - } - return result, nil, nil, nil - } - dbsCreated = append(dbsCreated, db.Name) - } - // Create a resource for the newly created login profile := map[string]interface{}{ "username": username, "domain": domain, "formatted_login": formattedUsername, - "databases": dbsCreated, } // Use email as name if it looks like an email address From 68bac578d0a0275b295720cf8bf8fbc89b290305 Mon Sep 17 00:00:00 2001 From: Bjorn Tipling Date: Tue, 6 May 2025 15:05:21 -0700 Subject: [PATCH 3/5] [BB-610] Add support for multiple authentication types MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add support for different login types: Windows, SQL Server, Azure AD, and Entra ID - Use FROM EXTERNAL PROVIDER for Azure AD and Entra ID authentication - Improve error handling and validation for different authentication types - Refactor code to use switch statement for better organization 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- pkg/connector/connector.go | 28 +++++++++++-- pkg/connector/server_user.go | 68 +++++++++++++++++++++--------- pkg/mssqldb/users.go | 81 +++++++++++++++++++++++++++++------- 3 files changed, 140 insertions(+), 37 deletions(-) diff --git a/pkg/connector/connector.go b/pkg/connector/connector.go index 978cf9f4..0696bc59 100644 --- a/pkg/connector/connector.go +++ b/pkg/connector/connector.go @@ -37,25 +37,45 @@ func (o *Mssqldb) Metadata(ctx context.Context) (*v2.ConnectorMetadata, error) { Description: "Baton connector for Microsoft SQL Server connector", AccountCreationSchema: &v2.ConnectorAccountCreationSchema{ FieldMap: map[string]*v2.ConnectorAccountCreationSchema_Field{ + "login_type": { + DisplayName: "Login Type", + Required: true, + Description: "The type of SQL Server authentication to use (WINDOWS, SQL, AZURE_AD, or ENTRA_ID).", + Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ + StringField: &v2.ConnectorAccountCreationSchema_StringField{}, + }, + Placeholder: "WINDOWS", + Order: 1, + }, "domain": { DisplayName: "Active Directory Domain", Required: false, - Description: "The Active Directory domain for the user (optional). If provided, the login will be created as [DOMAIN\\Username].", + Description: "The Active Directory domain for the user. Only used for Windows Authentication.", Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ StringField: &v2.ConnectorAccountCreationSchema_StringField{}, }, Placeholder: "DOMAIN", - Order: 1, + Order: 2, }, "username": { DisplayName: "Username", Required: true, - Description: "The Active Directory username for which to create a SQL Server login.", + Description: "The username for which to create a SQL Server login.", Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ StringField: &v2.ConnectorAccountCreationSchema_StringField{}, }, Placeholder: "username", - Order: 2, + Order: 3, + }, + "password": { + DisplayName: "Password", + Required: false, + Description: "The password for SQL Server authentication. Required when using SQL Server Authentication.", + Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ + StringField: &v2.ConnectorAccountCreationSchema_StringField{}, + }, + Placeholder: "password", + Order: 4, }, }, }, diff --git a/pkg/connector/server_user.go b/pkg/connector/server_user.go index 06af3568..78ed67e8 100644 --- a/pkg/connector/server_user.go +++ b/pkg/connector/server_user.go @@ -87,7 +87,7 @@ func (d *userPrincipalSyncer) Grants(ctx context.Context, resource *v2.Resource, return nil, "", nil, nil } -// CreateAccount creates a SQL Server login for an Active Directory user without adding database users. +// CreateAccount creates a SQL Server login based on the specified login type. // It implements the AccountManager interface. func (d *userPrincipalSyncer) CreateAccount( ctx context.Context, @@ -96,6 +96,14 @@ func (d *userPrincipalSyncer) CreateAccount( ) (connectorbuilder.CreateAccountResponse, []*v2.PlaintextData, annotations.Annotations, error) { l := ctxzap.Extract(ctx) + // Extract required login_type field from profile + loginTypeVal := accountInfo.Profile.GetFields()["login_type"] + if loginTypeVal == nil || loginTypeVal.GetStringValue() == "" { + return nil, nil, nil, fmt.Errorf("missing required login_type field") + } + loginTypeStr := loginTypeVal.GetStringValue() + loginType := mssqldb.LoginType(loginTypeStr) + // Extract required username field from profile usernameVal := accountInfo.Profile.GetFields()["username"] if usernameVal == nil || usernameVal.GetStringValue() == "" { @@ -103,35 +111,57 @@ func (d *userPrincipalSyncer) CreateAccount( } username := usernameVal.GetStringValue() - // Extract optional domain field from profile - var domain string - domainVal := accountInfo.Profile.GetFields()["domain"] - if domainVal != nil && domainVal.GetStringValue() != "" { - domain = domainVal.GetStringValue() - } + // Extract optional domain field (for Windows auth) or password (for SQL auth) + var domain, password string + var formattedUsername string - // Create the Windows login - err := d.client.CreateWindowsLogin(ctx, domain, username) - if err != nil { - l.Error("Failed to create Windows login", zap.Error(err)) - return nil, nil, nil, fmt.Errorf("failed to create Windows login: %w", err) - } + switch loginType { + case mssqldb.LoginTypeWindows: + // For Windows auth, extract domain + domainVal := accountInfo.Profile.GetFields()["domain"] + if domainVal != nil && domainVal.GetStringValue() != "" { + domain = domainVal.GetStringValue() + } - // Determine the formatted username for the login - var formattedUsername string - if domain != "" { - formattedUsername = fmt.Sprintf("%s\\%s", domain, username) - } else { + if domain != "" { + formattedUsername = fmt.Sprintf("%s\\%s", domain, username) + } else { + formattedUsername = username + } + case mssqldb.LoginTypeSQL: + // For SQL auth, extract password + passwordVal := accountInfo.Profile.GetFields()["password"] + if passwordVal == nil || passwordVal.GetStringValue() == "" { + return nil, nil, nil, fmt.Errorf("missing required password field for SQL Server authentication") + } + password = passwordVal.GetStringValue() + formattedUsername = username + case mssqldb.LoginTypeAzureAD, mssqldb.LoginTypeEntraID: + // For Azure AD or Entra ID, just use the username as is formattedUsername = username + default: + return nil, nil, nil, fmt.Errorf("unsupported login type: %s", loginType) + } + + // Create the login + err := d.client.CreateLogin(ctx, loginType, domain, username, password) + if err != nil { + l.Error("Failed to create login", zap.Error(err), zap.String("loginType", string(loginType))) + return nil, nil, nil, fmt.Errorf("failed to create login: %w", err) } // Create a resource for the newly created login profile := map[string]interface{}{ "username": username, - "domain": domain, + "login_type": string(loginType), "formatted_login": formattedUsername, } + // Add domain if it exists (for Windows auth) + if domain != "" { + profile["domain"] = domain + } + // Use email as name if it looks like an email address var userOpts []resource.UserTraitOption userOpts = append(userOpts, resource.WithUserProfile(profile)) diff --git a/pkg/mssqldb/users.go b/pkg/mssqldb/users.go index 60b3dd54..3e7812c0 100644 --- a/pkg/mssqldb/users.go +++ b/pkg/mssqldb/users.go @@ -307,10 +307,37 @@ CREATE USER [%s] FOR LOGIN [%s]; return nil } -// CreateWindowsLogin creates a SQL Server login from Windows AD for the specified domain and username. -// If domain is provided, it will create the login in the format [DOMAIN\Username], -// otherwise it will use just [Username]. -func (c *Client) CreateWindowsLogin(ctx context.Context, domain, username string) error { +// LoginType represents the SQL Server login type. +type LoginType string + +const ( + // LoginTypeWindows represents Windows authentication. + LoginTypeWindows LoginType = "WINDOWS" + // LoginTypeSQL represents SQL Server authentication. + LoginTypeSQL LoginType = "SQL" + // LoginTypeAzureAD represents Azure AD authentication. + LoginTypeAzureAD LoginType = "AZURE_AD" + // LoginTypeEntraID represents Azure Entra ID authentication. + LoginTypeEntraID LoginType = "ENTRA_ID" +) + +// CreateLogin creates a SQL Server login with the specified authentication type. +// For Windows authentication (loginType=WINDOWS): +// - If domain is provided, it will create the login in the format [DOMAIN\Username] +// - otherwise it will use just [Username] +// +// For SQL authentication (loginType=SQL): +// - It requires a password +// - Domain is ignored +// +// For Azure AD authentication (loginType=AZURE_AD): +// - It creates from EXTERNAL PROVIDER +// - Username should be the full Azure AD username/email +// +// For Entra ID authentication (loginType=ENTRA_ID): +// - It creates from EXTERNAL PROVIDER +// - Username should be the full Entra ID username/email +func (c *Client) CreateLogin(ctx context.Context, loginType LoginType, domain, username, password string) error { l := ctxzap.Extract(ctx) // Check for invalid characters to prevent SQL injection @@ -318,23 +345,49 @@ func (c *Client) CreateWindowsLogin(ctx context.Context, domain, username string return fmt.Errorf("invalid characters in domain or username") } - var loginName string - if domain != "" { - loginName = fmt.Sprintf("[%s\\%s]", domain, username) - l.Debug("creating windows login with domain", zap.String("login", loginName)) - } else { - loginName = fmt.Sprintf("[%s]", username) - l.Debug("creating windows login without domain", zap.String("login", loginName)) + var query string + switch loginType { + case LoginTypeWindows: + var loginName string + if domain != "" { + loginName = fmt.Sprintf("[%s\\%s]", domain, username) + l.Debug("creating windows login with domain", zap.String("login", loginName)) + } else { + loginName = fmt.Sprintf("[%s]", username) + l.Debug("creating windows login without domain", zap.String("login", loginName)) + } + query = fmt.Sprintf("CREATE LOGIN %s FROM WINDOWS;", loginName) + case LoginTypeSQL: + if password == "" { + return fmt.Errorf("password is required for SQL Server authentication") + } + // For SQL Server authentication, only username and password are used + loginName := fmt.Sprintf("[%s]", username) + l.Debug("creating SQL login", zap.String("login", loginName)) + query = fmt.Sprintf("CREATE LOGIN %s WITH PASSWORD = '%s';", loginName, password) + case LoginTypeAzureAD, LoginTypeEntraID: + // Azure AD and Entra ID use external provider + loginName := fmt.Sprintf("[%s]", username) + l.Debug("creating external provider login", zap.String("login", loginName), zap.String("type", string(loginType))) + query = fmt.Sprintf("CREATE LOGIN %s FROM EXTERNAL PROVIDER;", loginName) + default: + return fmt.Errorf("unsupported login type: %s", loginType) } - query := fmt.Sprintf("CREATE LOGIN %s FROM WINDOWS;", loginName) - l.Debug("SQL QUERY", zap.String("q", query)) _, err := c.db.ExecContext(ctx, query) if err != nil { - return fmt.Errorf("failed to create Windows login: %w", err) + return fmt.Errorf("failed to create login: %w", err) } return nil } + +// CreateWindowsLogin creates a SQL Server login from Windows AD for the specified domain and username. +// If domain is provided, it will create the login in the format [DOMAIN\Username], +// otherwise it will use just [Username]. +// This is a convenience method that calls CreateLogin with LoginTypeWindows. +func (c *Client) CreateWindowsLogin(ctx context.Context, domain, username string) error { + return c.CreateLogin(ctx, LoginTypeWindows, domain, username, "") +} From e2be667680760da3eab4864e27a56a6e80b9d213 Mon Sep 17 00:00:00 2001 From: Bjorn Tipling Date: Tue, 6 May 2025 15:08:54 -0700 Subject: [PATCH 4/5] [BB-610] Add password generation for SQL Server authentication MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Remove manual password field in favor of automatic generation - Implement secure random password generator for SQL Server logins - Return generated password as plaintext data - Fix linting issues and improve code organization 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- pkg/connector/connector.go | 10 ----- pkg/connector/server_user.go | 78 +++++++++++++++++++++++++++++++----- 2 files changed, 69 insertions(+), 19 deletions(-) diff --git a/pkg/connector/connector.go b/pkg/connector/connector.go index 0696bc59..072f7f68 100644 --- a/pkg/connector/connector.go +++ b/pkg/connector/connector.go @@ -67,16 +67,6 @@ func (o *Mssqldb) Metadata(ctx context.Context) (*v2.ConnectorMetadata, error) { Placeholder: "username", Order: 3, }, - "password": { - DisplayName: "Password", - Required: false, - Description: "The password for SQL Server authentication. Required when using SQL Server Authentication.", - Field: &v2.ConnectorAccountCreationSchema_Field_StringField{ - StringField: &v2.ConnectorAccountCreationSchema_StringField{}, - }, - Placeholder: "password", - Order: 4, - }, }, }, }, nil diff --git a/pkg/connector/server_user.go b/pkg/connector/server_user.go index 78ed67e8..a891a2d5 100644 --- a/pkg/connector/server_user.go +++ b/pkg/connector/server_user.go @@ -2,7 +2,9 @@ package connector import ( "context" + "crypto/rand" "fmt" + "math/big" "net/mail" v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" @@ -129,12 +131,9 @@ func (d *userPrincipalSyncer) CreateAccount( formattedUsername = username } case mssqldb.LoginTypeSQL: - // For SQL auth, extract password - passwordVal := accountInfo.Profile.GetFields()["password"] - if passwordVal == nil || passwordVal.GetStringValue() == "" { - return nil, nil, nil, fmt.Errorf("missing required password field for SQL Server authentication") - } - password = passwordVal.GetStringValue() + // For SQL auth, generate a strong random password + password = generateStrongPassword() + l.Debug("generated random password for SQL Server authentication") formattedUsername = username case mssqldb.LoginTypeAzureAD, mssqldb.LoginTypeEntraID: // For Azure AD or Entra ID, just use the username as is @@ -183,13 +182,26 @@ func (d *userPrincipalSyncer) CreateAccount( return nil, nil, nil, fmt.Errorf("failed to create resource for new user: %w", err) } - // Return success result with the new user resource + // Prepare the response - for SQL auth, we need to return the generated password successResult := &v2.CreateAccountResponse_SuccessResult{ Resource: resource, IsCreateAccountResult: true, } - return successResult, nil, nil, nil + var plaintextData []*v2.PlaintextData + // If this is SQL authentication, return the generated password + if loginType == mssqldb.LoginTypeSQL { + plaintextData = []*v2.PlaintextData{ + { + Name: "password", + Description: "The generated password for SQL Server authentication", + Schema: "text/plain", + Bytes: []byte(password), + }, + } + } + + return successResult, plaintextData, nil, nil } // CreateAccountCapabilityDetails returns the capability details for account creation. @@ -198,12 +210,60 @@ func (d *userPrincipalSyncer) CreateAccountCapabilityDetails( ) (*v2.CredentialDetailsAccountProvisioning, annotations.Annotations, error) { return &v2.CredentialDetailsAccountProvisioning{ SupportedCredentialOptions: []v2.CapabilityDetailCredentialOption{ - v2.CapabilityDetailCredentialOption_CAPABILITY_DETAIL_CREDENTIAL_OPTION_NO_PASSWORD, + v2.CapabilityDetailCredentialOption_CAPABILITY_DETAIL_CREDENTIAL_OPTION_NO_PASSWORD, // For Windows/Azure AD/Entra ID + v2.CapabilityDetailCredentialOption_CAPABILITY_DETAIL_CREDENTIAL_OPTION_RANDOM_PASSWORD, // For SQL Server auth }, PreferredCredentialOption: v2.CapabilityDetailCredentialOption_CAPABILITY_DETAIL_CREDENTIAL_OPTION_NO_PASSWORD, }, nil, nil } +// generateStrongPassword creates a secure random password for SQL Server. +// The password meets SQL Server complexity requirements: +// - At least 8 characters in length +// - Contains uppercase, lowercase, numbers, and special characters. +func generateStrongPassword() string { + const ( + uppercaseChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + lowercaseChars = "abcdefghijklmnopqrstuvwxyz" + numberChars = "0123456789" + specialChars = "!@#$%^&*()-_=+[]{}|;:,.<>?" + passwordLength = 16 + ) + + // Ensure at least one character from each category + password := make([]byte, passwordLength) + + // Add at least one character from each required group + addRandomChar := func(charSet string, position int) { + maxVal := big.NewInt(int64(len(charSet))) + randomIndex, _ := rand.Int(rand.Reader, maxVal) + password[position] = charSet[randomIndex.Int64()] + } + + // Add one of each required character type + addRandomChar(uppercaseChars, 0) + addRandomChar(lowercaseChars, 1) + addRandomChar(numberChars, 2) + addRandomChar(specialChars, 3) + + // Fill the rest with random characters from all sets + allChars := uppercaseChars + lowercaseChars + numberChars + specialChars + for i := 4; i < passwordLength; i++ { + maxVal := big.NewInt(int64(len(allChars))) + randomIndex, _ := rand.Int(rand.Reader, maxVal) + password[i] = allChars[randomIndex.Int64()] + } + + // Shuffle the password to avoid predictable positions of character types + for i := passwordLength - 1; i > 0; i-- { + maxVal := big.NewInt(int64(i + 1)) + j, _ := rand.Int(rand.Reader, maxVal) + password[i], password[j.Int64()] = password[j.Int64()], password[i] + } + + return string(password) +} + func newUserPrincipalSyncer(ctx context.Context, c *mssqldb.Client) *userPrincipalSyncer { return &userPrincipalSyncer{ resourceType: resourceTypeUser, From 6fb1785121a6dc1378017f7fcacbfb72bc8307e4 Mon Sep 17 00:00:00 2001 From: Bjorn Tipling Date: Tue, 6 May 2025 15:29:00 -0700 Subject: [PATCH 5/5] fix release --- .gon-amd64.json | 8 ++++---- .gon-arm64.json | 10 +++++----- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.gon-amd64.json b/.gon-amd64.json index 284017bb..328d066f 100644 --- a/.gon-amd64.json +++ b/.gon-amd64.json @@ -2,12 +2,12 @@ "source": ["./dist/macos-amd64_darwin_amd64_v1/baton-sql-server"], "bundle_id": "com.conductorone.baton-sql-server", "apple_id": { - "username" : "justin.gallardo@conductorone.com" + "username": "justin.gallardo@conductorone.com" }, "sign": { "application_identity": "Developer ID Application: Justin Gallardo (858DKH55XL)" }, - "zip" :{ - "output_path": "./dist/baton-sql-server-darwin-amd64.signed.zip" + "zip": { + "output_path": "./dist/baton-sql-server-darwin-amd64.signed.zip" } -} \ No newline at end of file +} diff --git a/.gon-arm64.json b/.gon-arm64.json index aa918c11..13ab3e31 100644 --- a/.gon-arm64.json +++ b/.gon-arm64.json @@ -1,13 +1,13 @@ { - "source": ["./dist/macos-arm64_darwin_arm64/baton-sql-server"], + "source": ["./dist/macos-arm64_darwin_arm64_v8.0/baton-sql-server"], "bundle_id": "com.conductorone.baton-sql-server", "apple_id": { - "username" : "justin.gallardo@conductorone.com" + "username": "justin.gallardo@conductorone.com" }, "sign": { "application_identity": "Developer ID Application: Justin Gallardo (858DKH55XL)" }, - "zip" :{ - "output_path": "./dist/baton-sql-server-darwin-arm64.signed.zip" + "zip": { + "output_path": "./dist/baton-sql-server-darwin-arm64.signed.zip" } -} \ No newline at end of file +}