feat(gateway-clients): add managed gateway client administration and token-bound route ownership
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
import type { IDomain } from './domain.js';
|
||||
import type { IDnsRecord, TDnsRecordType } from './dns-record.js';
|
||||
import type { TGatewayClientType } from './route-management.js';
|
||||
import type { IApiTokenPolicy, TApiTokenScope, TGatewayClientType } from './route-management.js';
|
||||
|
||||
export interface IGatewayCapabilities {
|
||||
routes: {
|
||||
@@ -34,6 +34,33 @@ export interface IGatewayCapabilities {
|
||||
};
|
||||
}
|
||||
|
||||
export interface IGatewayClientContext {
|
||||
role: IApiTokenPolicy['role'];
|
||||
scopes: TApiTokenScope[];
|
||||
gatewayClient?: {
|
||||
type: TGatewayClientType;
|
||||
id: string;
|
||||
};
|
||||
hostnamePatterns: string[];
|
||||
allowedRouteTargets: NonNullable<IApiTokenPolicy['allowedRouteTargets']>;
|
||||
capabilities: NonNullable<IApiTokenPolicy['capabilities']>;
|
||||
}
|
||||
|
||||
export interface IGatewayClient {
|
||||
id: string;
|
||||
type: TGatewayClientType;
|
||||
name: string;
|
||||
description?: string;
|
||||
hostnamePatterns: string[];
|
||||
allowedRouteTargets: NonNullable<IApiTokenPolicy['allowedRouteTargets']>;
|
||||
capabilities: NonNullable<IApiTokenPolicy['capabilities']>;
|
||||
enabled: boolean;
|
||||
tokenCount?: number;
|
||||
createdAt: number;
|
||||
updatedAt: number;
|
||||
createdBy: string;
|
||||
}
|
||||
|
||||
export interface IGatewayClientDomain extends IDomain {
|
||||
capabilities: {
|
||||
canCreateSubdomains: boolean;
|
||||
@@ -49,8 +76,8 @@ export interface IGatewayClientDomain extends IDomain {
|
||||
export type IWorkHosterDomain = IGatewayClientDomain;
|
||||
|
||||
export interface IGatewayClientOwnership {
|
||||
gatewayClientType: TGatewayClientType;
|
||||
gatewayClientId: string;
|
||||
gatewayClientType?: TGatewayClientType;
|
||||
gatewayClientId?: string;
|
||||
appId: string;
|
||||
hostname: string;
|
||||
}
|
||||
|
||||
@@ -2,6 +2,8 @@ import * as plugins from '../plugins.js';
|
||||
import type * as authInterfaces from '../data/auth.js';
|
||||
import type {
|
||||
IGatewayClientDnsRecord,
|
||||
IGatewayClientContext,
|
||||
IGatewayClient,
|
||||
IGatewayClientDomain,
|
||||
IGatewayClientOwnership,
|
||||
IGatewayClientRouteSyncResult,
|
||||
@@ -30,6 +32,112 @@ export interface IReq_GetGatewayCapabilities extends plugins.typedrequestInterfa
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_GetGatewayClientContext extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetGatewayClientContext
|
||||
> {
|
||||
method: 'getGatewayClientContext';
|
||||
request: {
|
||||
identity?: authInterfaces.IIdentity;
|
||||
apiToken?: string;
|
||||
};
|
||||
response: {
|
||||
context: IGatewayClientContext;
|
||||
capabilities: IGatewayCapabilities;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_ListGatewayClients extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_ListGatewayClients
|
||||
> {
|
||||
method: 'listGatewayClients';
|
||||
request: {
|
||||
identity: authInterfaces.IIdentity;
|
||||
};
|
||||
response: {
|
||||
gatewayClients: IGatewayClient[];
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_CreateGatewayClient extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_CreateGatewayClient
|
||||
> {
|
||||
method: 'createGatewayClient';
|
||||
request: {
|
||||
identity: authInterfaces.IIdentity;
|
||||
id?: string;
|
||||
type: IGatewayClient['type'];
|
||||
name: string;
|
||||
description?: string;
|
||||
hostnamePatterns?: string[];
|
||||
allowedRouteTargets?: IGatewayClient['allowedRouteTargets'];
|
||||
capabilities?: IGatewayClient['capabilities'];
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
gatewayClient?: IGatewayClient;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_UpdateGatewayClient extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_UpdateGatewayClient
|
||||
> {
|
||||
method: 'updateGatewayClient';
|
||||
request: {
|
||||
identity: authInterfaces.IIdentity;
|
||||
id: string;
|
||||
name?: string;
|
||||
description?: string;
|
||||
hostnamePatterns?: string[];
|
||||
allowedRouteTargets?: IGatewayClient['allowedRouteTargets'];
|
||||
capabilities?: IGatewayClient['capabilities'];
|
||||
enabled?: boolean;
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
gatewayClient?: IGatewayClient;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_DeleteGatewayClient extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_DeleteGatewayClient
|
||||
> {
|
||||
method: 'deleteGatewayClient';
|
||||
request: {
|
||||
identity: authInterfaces.IIdentity;
|
||||
id: string;
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_CreateGatewayClientToken extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_CreateGatewayClientToken
|
||||
> {
|
||||
method: 'createGatewayClientToken';
|
||||
request: {
|
||||
identity: authInterfaces.IIdentity;
|
||||
gatewayClientId: string;
|
||||
name?: string;
|
||||
expiresInDays?: number | null;
|
||||
};
|
||||
response: {
|
||||
success: boolean;
|
||||
tokenId?: string;
|
||||
tokenValue?: string;
|
||||
message?: string;
|
||||
};
|
||||
}
|
||||
|
||||
export interface IReq_GetWorkHosterDomains extends plugins.typedrequestInterfaces.implementsTR<
|
||||
plugins.typedrequestInterfaces.ITypedRequest,
|
||||
IReq_GetWorkHosterDomains
|
||||
|
||||
Reference in New Issue
Block a user