server/auth/service/protocol/replication.proto - Issue 2873113002: auth: Remove "shared" aka "global" secrets.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: server/auth/service/protocol/replication.proto

Issue 2873113002: auth: Remove "shared" aka "global" secrets. (Closed)

Patch Set: Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: server/auth/service/protocol/replication.proto

diff --git a/server/auth/service/protocol/replication.proto b/server/auth/service/protocol/replication.proto

index 0c128367fcf175193bd8e42bf5cd83162db39e26..bd2ae99896845af9c254aa8b3230b0c775ad2e76 100644

--- a/server/auth/service/protocol/replication.proto

+++ b/server/auth/service/protocol/replication.proto

@@ -4,7 +4,7 @@

// This file is copied from luci-py.git:

// appengine/components/components/auth/proto/replication.proto

-// Commit: fa51b14f344c2e31416f94b6f0d00e5129b4de3d

+// Commit: def5fc8357e1334184e34d08750c8a8ab17d3141

// Changes: renamed package to 'protocol'.

@@ -115,19 +115,6 @@ message AuthGroup {

}

-// Some secret blob. Corresponds to AuthSecret entity in model.py.

-message AuthSecret {

- // Name of the secret.

- required string name = 1;

- // Last several values of a secret, with current value in front.

- repeated bytes values = 2;

- // When secret was modified last time. Microseconds since epoch.

- required int64 modified_ts = 3;

- // Who modified the secret last time.

- required string modified_by = 4;

// A named set of whitelisted IP addresses. Corresponds to AuthIPWhitelist

// entity in model.py.

message AuthIPWhitelist {

@@ -169,9 +156,9 @@ message AuthIPWhitelistAssignment {

// An entire database of auth configuration that is being replicated.

-// Corresponds to AuthGlobalConfig entity in model.py, plus a list of all groups

-// and a list of global secrets.

message AuthDB {

+ reserved 5; // used to be 'secrets', no longer used

// OAuth2 client_id to use to mint new OAuth2 tokens.

required string oauth_client_id = 1;

// OAuth2 client secret. Not so secret really, since it's passed to clients.

@@ -180,8 +167,6 @@ message AuthDB {

repeated string oauth_additional_client_ids = 3;

// All groups.

repeated AuthGroup groups = 4;

- // Global secrets shared between services.

- repeated AuthSecret secrets = 5;

// All IP whitelists.

repeated AuthIPWhitelist ip_whitelists = 6;

// Mapping 'account -> IP whitlist to use for that account'.

« no previous file with comments | « server/auth/authtest/db.go ('k') | server/auth/service/protocol/replication.pb.go » ('j') | no next file with comments »