import type { BinaryWriteOptions } from "@protobuf-ts/runtime"; import type { IBinaryWriter } from "@protobuf-ts/runtime"; import type { BinaryReadOptions } from "@protobuf-ts/runtime"; import type { IBinaryReader } from "@protobuf-ts/runtime"; import type { PartialMessage } from "@protobuf-ts/runtime"; import { MessageType } from "@protobuf-ts/runtime"; import { BuildInfo } from "./repl/repl.js"; import { ReplToken } from "./token/token.js"; import { Timestamp } from "../google/protobuf/timestamp.js"; import { Org } from "./repl/repl.js"; /** * GovalSigningAuthority is information about a goval token, that can be used to * validate it. It is stored in the footer of the PASETO. * * @generated from protobuf message replit.goval.api.GovalSigningAuthority */ export interface GovalSigningAuthority { /** * @generated from protobuf oneof: cert */ cert: { oneofKind: "keyId"; /** * The ID of the root public key that was used to sign the token. * * @generated from protobuf field: string key_id = 1 */ keyId: string; } | { oneofKind: "signedCert"; /** * A signed PASETO with a GovalCert in the body and the * GovalSigningAuthority used to sign the body in the footer. * * @generated from protobuf field: string signed_cert = 2 */ signedCert: string; } | { oneofKind: undefined; }; /** * An enum detailing how the body of the PASETO this is a footer of should * be decoded * * @generated from protobuf field: replit.goval.api.TokenVersion version = 3 */ version: TokenVersion; /** * A string containing the issuer of a token. This is used to track who is * sending tokens with a particular key id, so that we can rotate safely. * * @generated from protobuf field: string issuer = 4 */ issuer: string; } /** * Claims are actions that a cert is allowed to do. Claims can be repeated (e.g. * to allow a cert to apply to multiple replids or users). * * Claims should be enforced on certificates by ensuring that certificates * are signed by a certificate that has a superset of claims. * * When a cert is used to sign a message, it is the responsibility of the * service validating the message to ensure that any requests in the message are * backed up by claims in the certificate. Claims in a single certificate should * be interpreted as a union (e.g. if replid and user is set, the token may * apply to any repls owned by the user, or any repls in replid, regardless of * the owner). * * @generated from protobuf message replit.goval.api.CertificateClaim */ export interface CertificateClaim { /** * @generated from protobuf oneof: claim */ claim: { oneofKind: "replid"; /** * This cert has the authority to sign messages on behalf of a replid * * @generated from protobuf field: string replid = 1 */ replid: string; } | { oneofKind: "user"; /** * This cert has the authority to sign messages on behalf of a user * * @generated from protobuf field: string user = 2 */ user: string; } | { oneofKind: "userId"; /** * This cert has the authority to sign messages on behalf of a user id * * @generated from protobuf field: int64 user_id = 7 */ userId: bigint; } | { oneofKind: "org"; /** * This cert has the authority to sign messages on behalf of an org * * @generated from protobuf field: replit.goval.api.repl.Org org = 8 */ org: Org; } | { oneofKind: "cluster"; /** * This cert has the authority to sign messages in a certain cluster * * @generated from protobuf field: string cluster = 4 */ cluster: string; } | { oneofKind: "subcluster"; /** * This cert has the authority to sign messages in a certain subcluster * * @generated from protobuf field: string subcluster = 5 */ subcluster: string; } | { oneofKind: "deployment"; /** * This cert has the authority to sign messages that claim to come from a * deployment. * * @generated from protobuf field: bool deployment = 6 */ deployment: boolean; } | { oneofKind: "flag"; /** * This cert has the authority to perform an action as described in * FlagClaim * * @generated from protobuf field: replit.goval.api.FlagClaim flag = 3 */ flag: FlagClaim; } | { oneofKind: undefined; }; } /** * GovalCert provides a mechanism of establishing a chain of trust without * requiring a single private key to be duplciated to all services that send * messages. The processes of generating intermediate certs is as follows: * - A PASETO `v2.public` root keypair is generated and added to GSM with an * arbitrary key id. * - The root public key id is encoded in a GovalSigningAuthority * - An intermediate PASETO `v2.public` keypair is generated * - The intermediate public key is encoded in a GovalCert, along with * information about the lifetime and claims of that cert. * - The GovalCert is encoded in the body of a PASETO and signed with the root * private key. The root signing authority is inserted into the footer of the * PASETO to use for validation. * - This signed PASETO is encoded in another GovalSigningAuthority and appended * as the footer of PASETOs signed by the intermediate private key. * Additional intermediate certs can be generated and signed by private key and * signing authority of the previous cert. * * When validating a chain of certs, the footer of each wrapped PASETO is * recursed until reaching a root key id. The body of that PASETO is * validated with the root public key. The body is decoded into a GovalCert, * its lifetime is checked, and the public key is pulled out and used to * validate the next PASETO, continuing back up the chain. At each step along * the chain (except for the root), the claims of a certificate must be verified * to be a subset of the claims of the certificate signing it. * * @generated from protobuf message replit.goval.api.GovalCert */ export interface GovalCert { /** * Issue timestamp. Equivalent to JWT's "iat" (Issued At) claim. Tokens with * no `iat` field will be treated as if they had been issed at the UNIX epoch * (1970-01-01T00:00:00Z). * * @generated from protobuf field: google.protobuf.Timestamp iat = 1 */ iat?: Timestamp; /** * Expiration timestamp. Equivalent to JWT's "exp" (Expiration Time) Claim. * If unset, will default to one hour after `iat`. * * @generated from protobuf field: google.protobuf.Timestamp exp = 2 */ exp?: Timestamp; /** * A list of claims this cert can authorize * * @generated from protobuf field: repeated replit.goval.api.CertificateClaim claims = 3 */ claims: CertificateClaim[]; /** * The PASETO `v2.public` (Ed25519) public key authorized to sign requests in * this scope. Must be encoded in either PASERK SID or a PEM PUBLIC KEY * block. (This key is usally generated in nodejs, and nodejs does not * provide an interface to get the raw key bytes) * * @generated from protobuf field: string publicKey = 4 */ publicKey: string; } /** * A GovalToken should be the body of any PASETO we send * * @generated from protobuf message replit.goval.api.GovalToken */ export interface GovalToken { /** * Issue timestamp. Equivalent to JWT's "iat" (Issued At) claim. Tokens with * no `iat` field will be treated as if they had been issed at the UNIX epoch * (1970-01-01T00:00:00Z). * * @generated from protobuf field: google.protobuf.Timestamp iat = 1 */ iat?: Timestamp; /** * Expiration timestamp. Equivalent to JWT's "exp" (Expiration Time) Claim. * If unset, will default to one hour after `iat`. * * @generated from protobuf field: google.protobuf.Timestamp exp = 2 */ exp?: Timestamp; /** * Tokens are only allowed to act for a single repl, replid is the repl that * this token is authorized for. The validator must check that the replid of * this token agrees with the claims in any of the certs signing it. * * @generated from protobuf field: string replid = 3 */ replid: string; /** * The token body, all future tokens should rely on the information in * GovalToken to establish basic validity, and should only add additional * fields. ReplToken has its own iat, exp, and replid for legacy reasons. * * @generated from protobuf oneof: Token */ token: { oneofKind: "replToken"; /** * This token is used to authorize a request to create a repl in goval * * @generated from protobuf field: replit.goval.api.token.ReplToken repl_token = 4 */ replToken: ReplToken; } | { oneofKind: "replIdentity"; /** * This token is used to prove a Repl's identity. * * @generated from protobuf field: replit.goval.api.GovalReplIdentity repl_identity = 5 */ replIdentity: GovalReplIdentity; } | { oneofKind: undefined; }; } /** * A GovalReplIdentity is used in identity PASETO tokens which are used for * authentication between repls. * * @generated from protobuf message replit.goval.api.GovalReplIdentity */ export interface GovalReplIdentity { /** * This identity has this Repl ID * * @generated from protobuf field: string replid = 1 */ replid: string; /** * This identity is in the context of this user * * @generated from protobuf field: string user = 2 */ user: string; /** * This repl has this slug * * @generated from protobuf field: string slug = 3 */ slug: string; /** * If set, this token can only be consumed by this a Repl with this Repl ID. * Equivalent to JWT's "aud" (Audience) claim. * * @generated from protobuf field: string aud = 4 */ aud: string; /** * If true, this token is generated in an ephemeral environment (such as * a guest fork). Systems can use this to potentially reject ephemeral tokens * if that makes sense for their API. * * @generated from protobuf field: bool ephemeral = 5 */ ephemeral: boolean; /** * This identity is forked from this Repl ID. * This is set for "guest forks", where server(s) might need to know the * original repl's ID despite the running environment being a fork. * * @generated from protobuf field: string originReplid = 6 */ originReplid: string; /** * same as the `user` field, but it's the ID instead of the username * * @generated from protobuf field: int64 user_id = 7 */ userId: bigint; /** * If this is a build repl for a hosting deployment, include extra * information about the specs of the build * * @generated from protobuf field: replit.goval.api.repl.BuildInfo build_info = 8 */ buildInfo?: BuildInfo; /** * A boolean indicating if the owner of the repl is a team. * * @generated from protobuf field: bool is_team = 9 */ isTeam: boolean; /** * A list of roles for the user who owns the repl. * * @generated from protobuf field: repeated string roles = 10 */ roles: string[]; /** * Runtime information about the Repl. * * @generated from protobuf oneof: runtime */ runtime: { oneofKind: "interactive"; /** * This is set if the Repl is running interactively. This is not set when * the Repl is running in hosting. * * @generated from protobuf field: replit.goval.api.ReplRuntimeInteractive interactive = 11 */ interactive: ReplRuntimeInteractive; } | { oneofKind: "hosting"; /** * This is set if the Repl is running in a hosting subcluster. * * @generated from protobuf field: replit.goval.api.ReplRuntimeHosting hosting = 13 */ hosting: ReplRuntimeHosting; } | { oneofKind: "deployment"; /** * This is set if the Repl is running in a Deployment. * * @generated from protobuf field: replit.goval.api.ReplRuntimeDeployment deployment = 12 */ deployment: ReplRuntimeDeployment; } | { oneofKind: undefined; }; /** * The organization that owns the Repl * * @generated from protobuf field: replit.goval.api.repl.Org org = 14 */ org?: Org; } /** * @generated from protobuf message replit.goval.api.ReplRuntimeInteractive */ export interface ReplRuntimeInteractive { /** * The cluster in which this Repl is running. * * @generated from protobuf field: string cluster = 1 */ cluster: string; /** * The subcluster in which this Repl is running. * * @generated from protobuf field: string subcluster = 2 */ subcluster: string; } /** * @generated from protobuf message replit.goval.api.ReplRuntimeHosting */ export interface ReplRuntimeHosting { /** * The cluster in which this Repl is running. * * @generated from protobuf field: string cluster = 1 */ cluster: string; /** * The subcluster in which this Repl is running. * * @generated from protobuf field: string subcluster = 2 */ subcluster: string; } /** * @generated from protobuf message replit.goval.api.ReplRuntimeDeployment */ export interface ReplRuntimeDeployment { } /** * @generated from protobuf enum replit.goval.api.TokenVersion */ export declare enum TokenVersion { /** * Body contains are bare ReplToken and must be decoded explicitly * * @generated from protobuf enum value: BARE_REPL_TOKEN = 0; */ BARE_REPL_TOKEN = 0, /** * Body contains a GovalToken and can be interrogated about the type of its * own message * * @generated from protobuf enum value: TYPE_AWARE_TOKEN = 1; */ TYPE_AWARE_TOKEN = 1 } /** * @generated from protobuf enum replit.goval.api.FlagClaim */ export declare enum FlagClaim { /** * Cert has the authority to sign ReplToken messages that can be validated * by goval * * @generated from protobuf enum value: MINT_GOVAL_TOKEN = 0; */ MINT_GOVAL_TOKEN = 0, /** * Cert has the authority to sign additional intermediate certs. (The claims * on intermediate certs signed by this cert are still enforced.) * * @generated from protobuf enum value: SIGN_INTERMEDIATE_CERT = 1; */ SIGN_INTERMEDIATE_CERT = 1, /** * Cert has the authority to sign GovalToken messages that can prove identity. * * @generated from protobuf enum value: IDENTITY = 5; */ IDENTITY = 5, /** * Cert has the authority to sign GovalToken messages that authorizes the * bearer to use Ghostwriter. * * @generated from protobuf enum value: GHOSTWRITER = 6; */ GHOSTWRITER = 6, /** * Cert has ability to mint Repl Identity tokens * * @generated from protobuf enum value: RENEW_IDENTITY = 7; */ RENEW_IDENTITY = 7, /** * Cert has abilit to mint Repl KV tokens * * @generated from protobuf enum value: RENEW_KV = 8; */ RENEW_KV = 8, /** * Cert has the authority to sign ReplToken messages that claim to come from * Deployments. If this claim is not set, the cert will only be able to emit * tokens only for interactive Repls. * * @generated from protobuf enum value: DEPLOYMENTS = 10; */ DEPLOYMENTS = 10, /** * Cert has the authority to sign ReplToken messages for any ReplID. If this * claim is not set, the cert will only be able to emit tokens only for the * list explicitly enumerated by the other claims. If that list is empty, the * cert has no ability to sign any tokens. * * @generated from protobuf enum value: ANY_REPLID = 2; */ ANY_REPLID = 2, /** * Cert has the authority to sign ReplToken messages for any user. If this * claim is not set, the cert will only be able to emit tokens only for the * list explicitly enumerated by the other claims. If that list is empty, the * cert has no ability to sign any tokens. * * @generated from protobuf enum value: ANY_USER = 3; */ ANY_USER = 3, /** * Cert has the authority to sign ReplToken messages for any user id. If this * claim is not set, the cert will only be able to emit tokens only for the * list explicitly enumerated by the other claims. If that list is empty, the * cert has no ability to sign any tokens that have a user id. * * @generated from protobuf enum value: ANY_USER_ID = 11; */ ANY_USER_ID = 11, /** * Cert has the authority to sign ReplToken messages for any org. If this * claim is not set, the cert will only be able to emit tokens only for the * list explicitly enumerated by the other claims. If that list is empty, the * cert has no ability to sign any tokens that have an org. * * @generated from protobuf enum value: ANY_ORG = 12; */ ANY_ORG = 12, /** * Cert has the authority to sign ReplToken messages for any cluster. If this * claim is not set, the cert will only be able to emit tokens only for the * list explicitly enumerated by the other claims. If that list is empty, the * cert has no ability to sign any tokens. * * @generated from protobuf enum value: ANY_CLUSTER = 4; */ ANY_CLUSTER = 4, /** * Cert has the authority to sign ReplToken messages for any subcluster. If * this claim is not set, the cert will only be able to emit tokens only for * the list explicitly enumerated by the other claims. If that list is empty, * the cert has no ability to sign any tokens that have a subcluster. * * @generated from protobuf enum value: ANY_SUBCLUSTER = 9; */ ANY_SUBCLUSTER = 9 } declare class GovalSigningAuthority$Type extends MessageType { constructor(); create(value?: PartialMessage): GovalSigningAuthority; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: GovalSigningAuthority): GovalSigningAuthority; internalBinaryWrite(message: GovalSigningAuthority, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.GovalSigningAuthority */ export declare const GovalSigningAuthority: GovalSigningAuthority$Type; declare class CertificateClaim$Type extends MessageType { constructor(); create(value?: PartialMessage): CertificateClaim; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: CertificateClaim): CertificateClaim; internalBinaryWrite(message: CertificateClaim, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.CertificateClaim */ export declare const CertificateClaim: CertificateClaim$Type; declare class GovalCert$Type extends MessageType { constructor(); create(value?: PartialMessage): GovalCert; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: GovalCert): GovalCert; internalBinaryWrite(message: GovalCert, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.GovalCert */ export declare const GovalCert: GovalCert$Type; declare class GovalToken$Type extends MessageType { constructor(); create(value?: PartialMessage): GovalToken; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: GovalToken): GovalToken; internalBinaryWrite(message: GovalToken, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.GovalToken */ export declare const GovalToken: GovalToken$Type; declare class GovalReplIdentity$Type extends MessageType { constructor(); create(value?: PartialMessage): GovalReplIdentity; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: GovalReplIdentity): GovalReplIdentity; internalBinaryWrite(message: GovalReplIdentity, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.GovalReplIdentity */ export declare const GovalReplIdentity: GovalReplIdentity$Type; declare class ReplRuntimeInteractive$Type extends MessageType { constructor(); create(value?: PartialMessage): ReplRuntimeInteractive; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: ReplRuntimeInteractive): ReplRuntimeInteractive; internalBinaryWrite(message: ReplRuntimeInteractive, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.ReplRuntimeInteractive */ export declare const ReplRuntimeInteractive: ReplRuntimeInteractive$Type; declare class ReplRuntimeHosting$Type extends MessageType { constructor(); create(value?: PartialMessage): ReplRuntimeHosting; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: ReplRuntimeHosting): ReplRuntimeHosting; internalBinaryWrite(message: ReplRuntimeHosting, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.ReplRuntimeHosting */ export declare const ReplRuntimeHosting: ReplRuntimeHosting$Type; declare class ReplRuntimeDeployment$Type extends MessageType { constructor(); create(value?: PartialMessage): ReplRuntimeDeployment; internalBinaryRead(reader: IBinaryReader, length: number, options: BinaryReadOptions, target?: ReplRuntimeDeployment): ReplRuntimeDeployment; internalBinaryWrite(message: ReplRuntimeDeployment, writer: IBinaryWriter, options: BinaryWriteOptions): IBinaryWriter; } /** * @generated MessageType for protobuf message replit.goval.api.ReplRuntimeDeployment */ export declare const ReplRuntimeDeployment: ReplRuntimeDeployment$Type; export {};