syntax = "proto3"; package auth.v1; /* Internal */ message InternalInitRoutesReq { repeated InternalRoute routes = 1; } message InternalRoute { string path = 1; string method = 2; string handler = 3; } /* Role Permission */ message Role { int64 id = 1; string title = 2; string key = 3; string type = 4; } message Permission { int64 id = 1; string title = 2; string key = 3; string route = 4; string method = 5; } message PermissionList { repeated Permission list = 1; } /* UserSendOtp */ message UserSendOtpReq { string mobile = 1; } message UserSendOtpRes { int64 expired_at = 1; } /* UserLogin */ message UserLoginReq { string mobile = 1; string otp_code = 2; } message UserRefreshTokenReq { string refresh_token = 1; } message UserAccessTokenRes { string access_token = 1; int64 access_expired_at = 2; string refresh_token = 3; } /* IAM */ message CheckIAMReq { string access_token = 1; string route = 2; string method = 3; } message InternalIAM { User user = 1; IdentityBasic identity = 2; repeated Company company = 3; } message IdReqWithIAM { int64 id = 1; InternalIAM iam = 2; } message ReqWithIAMAndParams { InternalIAM iam = 1; optional bool accepted = 2; } /* User */ message GetUserReq { int64 user_id = 1; string national_id = 2; } message User { int64 id = 1; string national_id = 2; string mobile = 3; string email = 4; repeated int64 roles = 5; } message Company { int64 id = 1; string name = 2; string name_fa = 3; string location = 4; bool can_provide_bnpl = 5; } message Identity { string national_id = 1; string national_serial_id = 2; string first_name = 3; string first_name_en = 4; string last_name = 5; string last_name_en = 6; string father_name = 7; int64 birthdate = 8; string birthdate_time = 9; bool is_alive = 10; int32 gender = 11; string serial_number = 12; string serial_type = 13; string shenasname_number = 14; string shenasname_seri = 15; string shenasname_serial = 16; int32 status = 17; string updated_at = 18; string created_at = 19; string email = 20; string mobile = 21; optional Company company = 22; optional string employee_info = 23; } message IdentityBasic { string first_name = 1; string last_name = 2; } message UserIdentityBasic { int64 id = 1; string national_id = 2; string mobile = 3; string first_name = 4; string last_name = 5; } message UserUpdateIdentityReq { InternalIAM iam = 1; string national_id = 2; string birthdate = 3; string email = 4; } message UserUpdateBankInfoReq { InternalIAM iam = 1; string deposit_number = 2; string iban_number = 3; string card_number = 4; } message BankInfoList { repeated BankInfo list = 1; } // Status 0: Fail Verify, 1: Verified, 2: Does not Match user's credential enum BankInfoStatusEnum { FAIL_VERIFY = 0; VERIFIED = 1; DOES_NOT_MATCH = 2; } message BankInfo { int64 id = 1; string deposit_number = 2; string iban_number = 3; string card_number = 4; BankInfoStatusEnum status = 5; string updated_at = 6; string created_at = 7; } /* Two Factor Authentication */ message IdReqWithIAMAndTFA { int64 id = 1; InternalIAM iam = 2; string tfa_code = 3; } message TFAReq { InternalIAM iam = 1; optional string mobile = 2; optional string email = 3; optional string reason = 4; // issued jwt reason -> can be login, redeem, withdrawal } // Two Factor Authentication Exchange Response message TFAExRes { InternalIAM iam = 1; string secret = 2; string qrcode_base64 = 3; } message CheckTFAReq { InternalIAM iam = 1; string code = 2; optional string algorithm = 3; optional string reason = 4; // Can be later used as a lookup } message TFA { TfaStateEnum state = 1; int64 code = 2; string transaction_id = 3; } enum TfaStateEnum { TFA_STATE_ENUM_UNSPECIFIED = 0; LOGIN = 1; INTERNAL_TRANSFER = 2; EXTERNAL_TRANSFER = 3; } message Recipient { string id = 1; optional string first_name = 2; optional string last_name = 3; } message LookUpNameReq { Recipient recipient = 1; } message LookUpNameRes { Recipient recipient = 1; }