syntax = "proto3";

package authorization;

import "authorization_message.proto";
import "base_message.proto";

service AuthorizationService {
  rpc InternalAuthorizationDeleteCache(base.Empty) returns (base.StatusRes);
  rpc InternalInitRoutes(InternalInitRoutesReq) returns (base.StatusRes) {}
  rpc InternalGetUserIdentityBasic(GetUserReq) returns (UserIdentityBasic) {}
  rpc InternalGetUserIAM(GetUserReq) returns (InternalIAM) {}
  rpc CheckIAM(CheckIAMReq) returns (InternalIAM) {}

  rpc UserLoginSendOTP(UserSendOtpReq) returns (UserSendOtpRes) {}
  rpc UserLoginWithOTP(UserLoginReq) returns (UserAccessTokenRes) {}
  rpc UserGetAccessTokenByRefreshToken(UserRefreshTokenReq)
      returns (UserAccessTokenRes) {}

  rpc UserGetUserPermission(InternalIAM) returns (PermissionList) {}

  rpc UserGetIdentity(InternalIAM) returns (Identity) {}
  rpc UserUpdateIdentity(UserUpdateIdentityReq) returns (base.StatusRes) {}

  rpc UserGetBankInfoList(ReqWithIAMAndParams) returns (BankInfoList) {}
  rpc UserUpdateBankInfo(UserUpdateBankInfoReq) returns (base.StatusRes) {}
  rpc UserRemoveBankInfo(IdReqWithIAM) returns (base.StatusRes) {}

  rpc GetUser(GetUserReq) returns (User) {}

  // Two Factor Authentication
  // For now it's only SMS-OTP - later will be Email-OTP or other methods can be
  // added For HMAC-OTP there won't be a need to call this api
  rpc SendTFAReq(TFAReq) returns (base.StatusRes) {}
  // For HMAC-OTP an initialization step must be added to exchange keys
  rpc InitTFAReq(InternalIAM) returns (TFAExRes) {}
  rpc CheckTFACode(CheckTFAReq) returns (base.StatusRes) {}
}