diff --git a/keepercli-package/mypy.ini b/keepercli-package/mypy.ini index 2ea47926..a2f1494f 100644 --- a/keepercli-package/mypy.ini +++ b/keepercli-package/mypy.ini @@ -2,7 +2,7 @@ warn_no_return = False files = src/ exclude = src/keepercli/import_plugins/lastpass_lib -python_version = 3.8 +python_version = 3.10 [mypy-keepersdk.proto.*] ignore_errors = True diff --git a/keepercli-package/src/keepercli/__main__.py b/keepercli-package/src/keepercli/__main__.py index 91bd230d..544ed9b0 100644 --- a/keepercli-package/src/keepercli/__main__.py +++ b/keepercli-package/src/keepercli/__main__.py @@ -25,7 +25,7 @@ from .commands import base -def get_params_from_config(config_filename: Optional[str]=None) -> params.KeeperParams: +def get_keeper_config(config_filename: Optional[str]=None) -> params.KeeperConfig: if os.getenv("KEEPER_COMMANDER_DEBUG"): logging.getLogger().setLevel(logging.DEBUG) logging.info('Debug ON') @@ -67,9 +67,7 @@ def get_default_path() -> pathlib.Path: except IOError as ioe: logging.warning('Error: Unable to open config file %s: %s', config_filename, ioe) - context = params.KeeperParams(config_filename, config or {}) - context.config_filename = config_filename - return context + return params.KeeperConfig(config_filename=config_filename, config=config or {}) def usage(message: str) -> None: @@ -135,7 +133,9 @@ def welcome() -> None: parser.add_argument('--unmask-all', action='store_true', help=unmask_help) fail_on_throttle_help = 'Disable default client-side pausing of command execution and re-sending of requests upon ' \ 'server-side throttling' -parser.add_argument('--fail-on-throttle', action='store_true', help=fail_on_throttle_help) +parser.add_argument('--fail-on-throttle', dest='fail_on_throttle', action='store_true', help=fail_on_throttle_help) +parser.add_argument('--skip-vault', dest='skip_vault', action='store_true', help='Skip loading vault') +parser.add_argument('--skip-enterprise', dest='skip_enterprise', action='store_true', help='Skip loading enterprise') parser.add_argument('command', nargs='?', type=str, action='store', help='Command') parser.add_argument('options', nargs='*', action='store', help='Options') setattr(parser, 'error', usage) @@ -147,44 +147,55 @@ def main(): sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?$', '', sys.argv[0]) opts, flags = parser.parse_known_args(sys.argv[1:]) - context = get_params_from_config(opts.config) + app_config = get_keeper_config(opts.config) if opts.batch_mode: - context.batch_mode = True + app_config.batch_mode = True if opts.debug: - context.debug = opts.debug + app_config.debug = opts.debug - logging.getLogger().setLevel(logging.WARNING if context.batch_mode else logging.DEBUG if opts.debug else logging.INFO) + logging.getLogger().setLevel(logging.WARNING if app_config.batch_mode else logging.DEBUG if opts.debug else logging.INFO) if opts.version: print(f'Keeper Commander, version {__version__}') return if opts.unmask_all: - context.unmask_all = opts.unmask_all + app_config.unmask_all = opts.unmask_all + + if opts.skip_vault: + app_config.skip_vault = True + + if opts.skip_enterprise: + app_config.skip_enterprise = True if opts.fail_on_throttle: - context.fail_on_throttle = opts.fail_on_throttle + app_config.fail_on_throttle = opts.fail_on_throttle + + if opts.server: + app_config.server = opts.server + + if opts.user: + app_config.username = opts.user if opts.password: - context.password = opts.password + app_config.password = opts.password else: pwd = os.getenv('KEEPER_PASSWORD') if pwd: - context.password = pwd + app_config.password = pwd if not opts.command: opts.command = 'shell' - if not context.batch_mode: + if not app_config.batch_mode: welcome() versioning.welcome_print_version() commands = base.CliCommands() register_commands.register_commands(commands) - r_code = cli.loop(context, commands) - context.clear_session() + r_code = cli.loop(app_config, commands) sys.exit(r_code) diff --git a/keepercli-package/src/keepercli/cli.py b/keepercli-package/src/keepercli/cli.py index abeeb208..9cc9a4dd 100644 --- a/keepercli-package/src/keepercli/cli.py +++ b/keepercli-package/src/keepercli/cli.py @@ -8,7 +8,7 @@ from . import prompt_utils, api, autocomplete from .commands import command_completer, base, command_history from .helpers import report_utils -from .params import KeeperParams +from .params import KeeperParams, KeeperConfig from keepersdk import constants from keepersdk.vault import vault_utils @@ -45,58 +45,64 @@ def do_command(command_line: str, context: KeeperParams, commands: base.CliComma return command.execute_args(context, args.strip(), command=orig_cmd) else: display_command_help(commands) + return None -def loop(context: KeeperParams, commands: base.CliCommands): +def loop(keeper_config: KeeperConfig, commands: base.CliCommands): prompt_session: Optional[PromptSession] = None command_queue: List[str] = [] + context_stack: List[KeeperParams] = [] + context = KeeperParams(keeper_config) def get_prompt() -> str: - if context.batch_mode: + if keeper_config.batch_mode: return '' if context.auth is None: return 'Not logged in' - if context.vault is None: - return context.auth.auth_context.username - vault_data = context.vault.vault_data - folder_path = vault_data.root_folder.name - path = vault_utils.get_folder_path(vault_data, folder_uid=context.current_folder) - if path: - folder_path += '/' + path + if context.vault is not None: + vault_data = context.vault.vault_data + folder_path = vault_data.root_folder.name + path = vault_utils.get_folder_path(vault_data, folder_uid=context.current_folder) + if path: + folder_path += '/' + path - if len(folder_path) > 40: - folder_path = '...' + folder_path[-37:] - return folder_path + if len(folder_path) > 40: + folder_path = '...' + folder_path[-37:] + return folder_path + if context.enterprise_data is not None: + return context.enterprise_data.enterprise_info.enterprise_name + + return context.auth.auth_context.username logger = api.get_logger() - if not context.batch_mode: + if not keeper_config.batch_mode: if sys.stdin.isatty() and sys.stdout.isatty(): from prompt_toolkit.enums import EditingMode from prompt_toolkit.shortcuts import CompleteStyle completer = command_completer.CommandCompleter(commands, autocomplete.standard_completer(context)) prompt_session = PromptSession( - multiline=False, editing_mode=EditingMode.VI, complete_style=CompleteStyle.MULTI_COLUMN, + multiline=False, editing_mode=EditingMode.EMACS, complete_style=CompleteStyle.MULTI_COLUMN, complete_while_typing=False, completer=completer, auto_suggest=None, key_bindings=prompt_utils.kb, enable_history_search=False, history=KeeperHistory()) - if context.username: + if keeper_config.username: options = '--resume-session' - if context.password: - options += ' --pass="{0}"'.format(context.password.replace('"', '\\"')) - cmd = 'login ' + options + ' ' + context.username + if keeper_config.password: + options += ' --pass="{0}"'.format(keeper_config.password.replace('"', '\\"')) + cmd = 'login ' + options + ' ' + keeper_config.username command_queue.append(cmd) else: - if context.server: - api.get_logger().info('Current Keeper region: %s', context.server) + if keeper_config.server: + api.get_logger().info('Current Keeper region: %s', keeper_config.server) else: api.get_logger().info('Use "server" command to change Keeper region > "server US"') for region in constants.KEEPER_PUBLIC_HOSTS: api.get_logger().info('\t%s: %s', region, constants.KEEPER_PUBLIC_HOSTS[region]) api.get_logger().info('To login type: login ') else: - logger.setLevel(logging.DEBUG if context.debug else logging.WARNING) + logger.setLevel(logging.DEBUG if keeper_config.debug else logging.WARNING) while True: if context.auth: @@ -123,21 +129,29 @@ def get_prompt() -> str: continue if command.lower() in ('q', 'quit'): - break + if len(context_stack) > 0: + context_to_release = context + context = context_stack.pop() + logger.info('Returning to previous context...') + context_to_release.clear_session() + continue + else: + break suppress_errno = False if command.startswith("@"): suppress_errno = True command = command[1:] - if context.batch_mode: - logger.info('> %s', command) error_no = 1 try: if context.vault and context.vault.sync_requested: context.vault.sync_down() result = do_command(command, context, commands) error_no = 0 - if result: + if isinstance(result, KeeperParams): + context_stack.append(context) + context = result + elif isinstance(result, str): prompt_utils.output_text(result) except base.CommandError as ce: logger.warning(ce.message) @@ -149,7 +163,7 @@ def get_prompt() -> str: logger.debug(e, exc_info=True) logger.error('An unexpected error occurred: %s. Type "debug" to toggle verbose error output', e) - if context.batch_mode and error_no != 0 and not suppress_errno: + if keeper_config.batch_mode and error_no != 0 and not suppress_errno: break diff --git a/keepercli-package/src/keepercli/commands/account_commands.py b/keepercli-package/src/keepercli/commands/account_commands.py index 0c565e50..1af31029 100644 --- a/keepercli-package/src/keepercli/commands/account_commands.py +++ b/keepercli-package/src/keepercli/commands/account_commands.py @@ -2,7 +2,7 @@ import datetime from typing import Tuple, Optional, List, Any -from keepersdk.authentication import auth_utils +from keepersdk.authentication import keeper_auth from keepersdk.proto import AccountSummary_pb2 from . import base from .. import params, login, api @@ -25,9 +25,12 @@ def execute(self, context: params.KeeperParams, **kwargs): username = kwargs.get('email') or '' password = kwargs.get('password') or '' resume_session = kwargs.get('resume_session') is True - login.LoginFlow.login(context, username=username, password=password, resume_session=resume_session, - sso_master_password=kwargs.get('sso_password') is True) - + auth = login.LoginFlow.login( + context.keeper_config, username=username, password=password, server=context.keeper_config.server, + resume_session=resume_session, sso_master_password=kwargs.get('sso_password') is True) + if auth is None: + raise base.CommandError("Login failed") + context.set_auth(auth) # TODO check enforcements @@ -78,11 +81,11 @@ def execute(self, context: params.KeeperParams, **kwargs): if action == 'rename' or action == 'ren': value = ops[1] - auth_utils.rename_device(context.auth, value) + keeper_auth.rename_device(context.auth, value) logger.info(f'Successfully renamed device to {value}') elif action == 'register': - is_device_registered = auth_utils.register_data_key_for_device(context.auth) + is_device_registered = keeper_auth.register_data_key_for_device(context.auth) if is_device_registered: logger.info('Successfully registered device') else: @@ -96,12 +99,12 @@ def execute(self, context: params.KeeperParams, **kwargs): value = ops[1] value_extracted = '1' if parse_utils.as_boolean(value) else '0' - auth_utils.set_user_setting(context.auth, 'persistent_login', value_extracted) + keeper_auth.set_user_setting(context.auth, 'persistent_login', value_extracted) msg = 'ENABLED' if value_extracted == '1' else 'DISABLED' logger.info(f'Successfully {msg} Persistent Login on this account') if value_extracted == '1': - auth_utils.register_data_key_for_device(context.auth) + keeper_auth.register_data_key_for_device(context.auth) _, this_device = ThisDeviceCommand.get_account_summary_and_this_device(context) if this_device and not this_device.encryptedDataKeyPresent: @@ -115,14 +118,14 @@ def execute(self, context: params.KeeperParams, **kwargs): msg = 'ENABLED' if value_extracted == '1' else 'DISABLED' # invert ip_auto_approve value before passing it to ip_disable_auto_approve value_extracted = '0' if value_extracted == '1' else '1' if value_extracted == '0' else value_extracted - auth_utils.set_user_setting(context.auth, 'ip_disable_auto_approve', value_extracted) + keeper_auth.set_user_setting(context.auth, 'ip_disable_auto_approve', value_extracted) logger.info(f'Successfully {msg} `ip_auto_approve`') elif action == 'no-yubikey-pin': value = ops[1] value_extracted = '1' if parse_utils.as_boolean(value) else '0' msg = 'ENABLED' if value_extracted == '0' else 'DISABLED' - auth_utils.set_user_setting(context.auth, 'security_keys_no_user_verify', value_extracted) + keeper_auth.set_user_setting(context.auth, 'security_keys_no_user_verify', value_extracted) logger.info(f'Successfully {msg} Security Key PIN verification') elif action == 'timeout' or action == 'to': @@ -131,7 +134,7 @@ def execute(self, context: params.KeeperParams, **kwargs): timeout_in_minutes = delta.seconds // 60 if timeout_in_minutes < 3: timeout_in_minutes = 0 - auth_utils.set_user_setting(context.auth, 'logout_timer', str(timeout_in_minutes)) + keeper_auth.set_user_setting(context.auth, 'logout_timer', str(timeout_in_minutes)) display_value = 'default value' if delta == datetime.timedelta(0) else \ timeout_utils.format_timeout(delta) logger.info('Successfully set "logout_timer" to %s.', display_value) @@ -154,7 +157,7 @@ def is_persistent_login_disabled(context: params.KeeperParams) -> bool: def get_account_summary_and_this_device(context: params.KeeperParams) \ -> Tuple[AccountSummary_pb2.AccountSummaryElements, AccountSummary_pb2.DeviceInfo]: assert context.auth is not None - acct_summary = auth_utils.load_account_summary(context.auth) + acct_summary = keeper_auth.load_account_summary(context.auth) devices = acct_summary.devices current_device_token = context.auth.auth_context.device_token this_device = next((x for x in devices if x.encryptedDeviceToken == current_device_token), None) diff --git a/keepercli-package/src/keepercli/commands/base.py b/keepercli-package/src/keepercli/commands/base.py index a7bd07d5..636ce4c4 100644 --- a/keepercli-package/src/keepercli/commands/base.py +++ b/keepercli-package/src/keepercli/commands/base.py @@ -106,11 +106,11 @@ def description(self): def execute_args(self, context: KeeperParams, args: str, **kwargs): value = self.validate(args) - if hasattr(context, self._attr_name): + if hasattr(context.keeper_config, self._attr_name): if args: - setattr(context, self._attr_name, value) + setattr(context.keeper_config, self._attr_name, value) else: - return getattr(context, self._attr_name) + return getattr(context.keeper_config, self._attr_name) def validate(self, value: str) -> Any: return value diff --git a/keepercli-package/src/keepercli/commands/cli_commands.py b/keepercli-package/src/keepercli/commands/cli_commands.py index 4392d4da..0f198263 100644 --- a/keepercli-package/src/keepercli/commands/cli_commands.py +++ b/keepercli-package/src/keepercli/commands/cli_commands.py @@ -53,7 +53,7 @@ class DebugCommand(base.ICliCommand): def execute_args(self, context: KeeperParams, args: str, **kwargs): logger = logging.getLogger() is_debug = logger.getEffectiveLevel() <= logging.DEBUG - logger.setLevel((logging.WARNING if context.batch_mode else logging.INFO) if is_debug else logging.DEBUG) + logger.setLevel((logging.WARNING if context.keeper_config.batch_mode else logging.INFO) if is_debug else logging.DEBUG) is_debug = logger.getEffectiveLevel() <= logging.DEBUG prompt_utils.output_text('Debug ' + ('ON' if is_debug else 'OFF')) diff --git a/keepercli-package/src/keepercli/commands/enterprise_info.py b/keepercli-package/src/keepercli/commands/enterprise_info.py index e6133099..cd46be21 100644 --- a/keepercli-package/src/keepercli/commands/enterprise_info.py +++ b/keepercli-package/src/keepercli/commands/enterprise_info.py @@ -32,7 +32,7 @@ def execute(self, context: KeeperParams, **kwargs) -> None: reset: Optional[bool] = None if kwargs.get('reset') is True: reset = True - enterprise_loader.load(reset) + enterprise_loader.load(reset=reset or False) class EnterpriseInfoCommand(base.GroupCommand): @@ -43,6 +43,7 @@ def __init__(self): self.register_command(EnterpriseInfoUserCommand(), 'user', 'u') self.register_command(EnterpriseInfoTeamCommand(), 'team', 't') self.register_command(EnterpriseInfoRoleCommand(), 'role', 'r') + self.register_command(EnterpriseInfoManagedCompanyCommand(), 'managed-company', 'mc') self.default_verb = 'tree' @@ -63,7 +64,13 @@ def execute(self, context: KeeperParams, **kwargs): logger = api.get_logger() subnodes = enterprise_utils.NodeUtils.get_subnodes(enterprise_data) - root_nodes: Dict[int, bool] = enterprise_utils.EnterpriseMixin.get_managed_nodes_for_user(enterprise_data, context.auth.auth_context.username) + root_nodes: Dict[int, bool] + if context.auth.auth_context.is_mc_superadmin: + root_nodes = { + enterprise_data.root_node.node_id: True + } + else: + root_nodes = enterprise_utils.EnterpriseMixin.get_managed_nodes_for_user(enterprise_data, context.auth.auth_context.username) managed_nodes = enterprise_utils.EnterpriseMixin.expand_managed_nodes(root_nodes, subnodes) accessible_nodes: Set[int] = set() @@ -700,3 +707,59 @@ def execute(self, context: KeeperParams, **kwargs): headers = [report_utils.field_to_title(x) for x in headers] return report_utils.dump_report_data(rows, headers, fmt=kwargs.get('format'), filename=kwargs.get('output')) + + +class EnterpriseInfoManagedCompanyCommand(base.ArgparseCommand, enterprise_utils.EnterpriseMixin): + def __init__(self): + parser = argparse.ArgumentParser(prog='enterprise-info mc', parents=[base.report_output_parser], + description='Display managed company information.', + formatter_class=argparse.RawTextHelpFormatter) + parser.add_argument('pattern', nargs='?', type=str, help='search pattern') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + assert context.enterprise_data is not None + enterprise_data = context.enterprise_data + + pattern = (kwargs.get('pattern') or '').lower() + + rows = [] + for idx, mc in enumerate(enterprise_data.managed_companies.get_all_entities(), 1): + # Map product IDs to plan names + plan_name = mc.product_id + if mc.product_id == 'enterprise': + plan_name = 'Enterprise' + elif mc.product_id == 'enterprise_plus': + plan_name = 'Enterprise Plus' + elif mc.product_id == 'business': + plan_name = 'Business' + elif mc.product_id == 'businessPlus': + plan_name = 'Business Plus' + + # Get storage info from file_plan_type + storage = mc.file_plan_type if mc.file_plan_type else '' + + # Count add-ons + addon_count = len(mc.add_ons) if mc.add_ons else 0 + + # Get node name + node_name = enterprise_utils.NodeUtils.get_node_path(enterprise_data, mc.msp_node_id, omit_root=True) + + allocated: Optional[int] = mc.number_of_seats + if allocated == 2147483647: + allocated = None + + # Get active users + active = mc.number_of_users if mc.number_of_users else 0 + + row = [mc.mc_enterprise_id, mc.mc_enterprise_name, node_name, plan_name, storage, addon_count, allocated, active] + + if pattern: + if not any(1 for x in self.tokenize_row(row) if x and str(x).lower().find(pattern) >= 0): + continue + rows.append(row) + + headers = ['company_id', 'company_name', 'node', 'plan', 'storage', 'addons', 'allocated', 'active'] + if kwargs.get('format') != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(rows, headers, fmt=kwargs.get('format'), filename=kwargs.get('output')) diff --git a/keepercli-package/src/keepercli/commands/msp.py b/keepercli-package/src/keepercli/commands/msp.py new file mode 100644 index 00000000..11929568 --- /dev/null +++ b/keepercli-package/src/keepercli/commands/msp.py @@ -0,0 +1,37 @@ +import argparse + +from keepersdk.enterprise import msp_auth +from . import base +from .. import prompt_utils, api +from ..params import KeeperParams + + +class SwitchToManagedCompanyCommand(base.ArgparseCommand): + parser = argparse.ArgumentParser(prog='switch-to-mc', description='Switch to a managed company context') + parser.add_argument('mc_id', type=int, help='Managed company ID') + + def __init__(self): + super().__init__(SwitchToManagedCompanyCommand.parser) + + def execute(self, context: KeeperParams, **kwargs): + assert context.enterprise_data is not None + assert context.auth is not None + logger = api.get_logger() + + mc_id = kwargs.get('mc_id') + if not isinstance(mc_id, int): + raise base.CommandError('The managed company ID must be an integer') + + prompt_utils.output_text(f'Switching to managed company {mc_id}...') + mc_auth, tree_key = msp_auth.login_to_managed_company(context.enterprise_loader, mc_id) + mc_auth.auth_context.is_enterprise_admin = True + mc_auth.auth_context.is_mc_superadmin = True + mc_auth.auth_context.enterprise_id = mc_id + + mc_context = KeeperParams(context.keeper_config) + mc_context.set_auth(mc_auth, tree_key=tree_key, skip_vault=True) + + logger.info('Successfully switched to managed company %s', mc_id) + logger.info('Use "q" to return to the previous context') + + return mc_context diff --git a/keepercli-package/src/keepercli/commands/pedm_admin.py b/keepercli-package/src/keepercli/commands/pedm_admin.py new file mode 100644 index 00000000..91706b45 --- /dev/null +++ b/keepercli-package/src/keepercli/commands/pedm_admin.py @@ -0,0 +1,1797 @@ +from __future__ import annotations + +import argparse +import calendar +import copy +import datetime +import fnmatch +import json +import os.path +import re +from typing import Any, List, Optional, Dict, Union, Tuple, Set, Pattern + +from cryptography import x509 +from cryptography.hazmat.primitives import serialization + +from keepersdk import crypto, constants +from keepersdk import utils +from keepersdk.plugins.pedm import admin_plugin, pedm_shared, admin_types, admin_storage +from keepersdk.plugins.pedm.pedm_shared import CollectionType +from keepersdk.proto import NotificationCenter_pb2, pedm_pb2 +from . import base, pedm_aram +from .. import prompt_utils, api +from ..helpers import report_utils +from ..params import KeeperParams + + +class PedmUtils: + @staticmethod + def resolve_single_agent(pedm: admin_plugin.PedmPlugin, agent_uid: Any) -> admin_types.PedmAgent: + if not isinstance(agent_uid, str): + raise base.CommandError(f'Invalid agent_name: {agent_uid}') + + agent = pedm.agents.get_entity(agent_uid) + if agent: + return agent + raise base.CommandError(f'Agent UID \"{agent_uid}\" does not exist') + + @staticmethod + def resolve_single_deployment(pedm: admin_plugin.PedmPlugin, deployment_name: Any) -> admin_types.PedmDeployment: + if not isinstance(deployment_name, str): + raise base.CommandError(f'Invalid deployment name: {deployment_name}') + + deployment = pedm.deployments.get_entity(deployment_name) + if deployment: + return deployment + + l_deployment_name = deployment_name.lower() + deployments = [x for x in pedm.deployments.get_all_entities() if x.name.lower() == l_deployment_name] + if len(deployments) == 0: + raise base.CommandError(f'Deployment \"{deployment_name}\" does not exist') + if len(deployments) >= 2: + raise base.CommandError(f'Deployment \"{deployment_name}\" is not unique. Please use Deployment UID') + + return deployments[0] + + @staticmethod + def resolve_existing_policies(pedm: admin_plugin.PedmPlugin, policy_names: Any) -> List[admin_types.PedmPolicy]: + found_policies: Dict[str, admin_types.PedmPolicy] = {} + p: Optional[admin_types.PedmPolicy] + if isinstance(policy_names, list): + for policy_name in policy_names: + p = pedm.policies.get_entity(policy_name) + if p is None: + raise base.CommandError(f'Policy name "{policy_name}" is not found') + found_policies[p.policy_uid] = p + if len(found_policies) == 0: + raise base.CommandError('No policies were found') + return list(found_policies.values()) + + @staticmethod + def resolve_single_policy(pedm: admin_plugin.PedmPlugin, policy_uid: Any) -> admin_types.PedmPolicy: + if not isinstance(policy_uid, str): + raise base.CommandError(f'Invalid policy UID: {policy_uid}') + policy = pedm.policies.get_entity(policy_uid) + + if isinstance(policy, admin_types.PedmPolicy): + return policy + raise base.CommandError(f'Policy UID \"{policy_uid}\" does not exist') + + @staticmethod + def get_collection_name_lookup( + pedm: admin_plugin.PedmPlugin + ) -> Dict[str, Union[admin_types.PedmCollection, List[admin_types.PedmCollection]]]: + collection_lookup: Dict[str, Union[admin_types.PedmCollection, List[admin_types.PedmCollection]]] = {} + + for collection in pedm.collections.get_all_entities(): + if not isinstance(collection.collection_data, dict): + continue + collection_name = collection.collection_data.get('Name') + if not isinstance(collection_name, str) and not collection_name: + continue + collection_name = collection_name.lower() + collection_lookup[collection_name] = collection + c = collection_lookup.get(collection_name) + if c is None: + collection_lookup[collection_name] = collection + elif isinstance(c, list): + c.append(collection) + elif isinstance(c, admin_types.PedmCollection): + collection_lookup[collection_name] = [c, collection] + return collection_lookup + + @staticmethod + def get_orphan_resources(pedm: admin_plugin.PedmPlugin) -> List[str]: + resource_types = {CollectionType.OsBuild, CollectionType.Application, CollectionType.UserAccount, CollectionType.GroupAccount} + collections = {x.collection_uid for x in pedm.storage.collections.get_all_entities() if x.collection_type in resource_types} + links = {x.collection_uid for x in pedm.storage.collection_links.get_all_links() if x.link_type == pedm_pb2.CollectionLinkType.CLT_AGENT} + return list(collections.difference(links)) + + @staticmethod + def resolve_existing_collections( + pedm: admin_plugin.PedmPlugin, + collection_names: Any, + *, + collection_type: Optional[int] = None, + ignore_missing: bool = False, + ) -> List[admin_types.PedmCollection]: + + found_collections: Dict[str, admin_types.PedmCollection] = {} + if not isinstance(collection_names, list): + collection_names = [collection_names] + + resolve_by_name = [] + for name in collection_names: + if not isinstance(name, str) and not ignore_missing: + raise base.CommandError(f'Invalid collection name: {name}') + + collection = pedm.collections.get_entity(name) + if collection is None: + resolve_by_name.append(name) + else: + found_collections[collection.collection_uid] = collection + + if len(resolve_by_name) > 0: + collection_lookup = PedmUtils.get_collection_name_lookup(pedm) + for name in resolve_by_name: + c: Optional[admin_types.PedmCollection] = None + cc = collection_lookup.get(name) + if cc is None: + cc = collection_lookup.get(name.lower()) + if isinstance(cc, admin_types.PedmCollection): + c = cc + elif isinstance(cc, list): + if len(cc) > 1 and isinstance(collection_type, int): + cc = [x for x in cc if x.collection_type == collection_type] + if len(cc) == 1: + c = cc[0] + else: + if not ignore_missing: + raise base.CommandError(f'Collection \"{name}\" is not unique. Please use Collection UID') + if c is None: + if not ignore_missing: + raise base.CommandError(f'Collection "{name}" is not found') + else: + found_collections[c.collection_uid] = c + return list(found_collections.values()) + + +class PedmCommand(base.GroupCommand): + def __init__(self): + super().__init__('Privilege Manager - PEDM') + self.register_command(PedmSyncDownCommand(), 'sync-down') + self.register_command(PedmDeploymentCommand(), 'deployment', 'd') + self.register_command(PedmAgentCommand(), 'agent', 'a') + self.register_command(PedmPolicyCommand(), 'policy', 'p') + self.register_command(PedmCollectionCommand(), 'collection', 'c') + self.register_command(PedmApprovalCommand(), 'approval') + self.register_command(pedm_aram.PedmReportCommand(), 'report') + + +class PedmSyncDownCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='sync-down', description='Sync down PEDM data from the backend') + parser.add_argument('--reload', dest='reload', action='store_true', help='Perform full sync') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + plugin = context.pedm_plugin + plugin.sync_down(reload=kwargs.get('reload') is True) + + +class PedmDeploymentCommand(base.GroupCommand): + def __init__(self): + super().__init__('Manage PEDM deployments') + self.register_command(PedmDeploymentListCommand(), 'list', 'l') + self.register_command(PedmDeploymentAddCommand(), 'add', 'a') + self.register_command(PedmDeploymentUpdateCommand(), 'edit') + self.register_command(PedmDeploymentDeleteCommand(), 'delete') + self.register_command(PedmDeploymentDownloadCommand(), 'download') + self.default_verb = 'list' + + +class PedmDeploymentListCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='list', description='List PEDM deployments', parents=[base.report_output_parser]) + parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', + help='print verbose information') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + plugin = context.pedm_plugin + + verbose = kwargs.get('verbose') is True + table: List[List[Any]] = [] + headers = ['deployment_uid', 'name', 'disabled', 'created', 'updated'] + if verbose: + headers.append('agents') + else: + headers.append('agent_count') + row: List[Any] + for dep in plugin.deployments.get_all_entities(): + row = [dep.deployment_uid, dep.name, dep.disabled, dep.created, dep.updated] + agents = [x.agent_uid for x in plugin.deployment_agents.get_links_by_subject(dep.deployment_uid)] + if verbose: + row.append(agents) + else: + row.append(len(agents)) + table.append(row) + + table.sort(key=lambda x: x[1]) + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(table, headers, fmt=fmt, filename=kwargs.get('output')) + + +class PedmDeploymentAddCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='add', description='Add PEDM deployments') + parser.add_argument('-f', '--force', dest='force', action='store_true', + help='do not prompt for confirmation') + parser.add_argument('--spiffe-cert', dest='spiffe', action='store', + help='File containing SPIFFE server certificate') + parser.add_argument('name', help='Deployment name') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + enterprise_data = context.enterprise_data + assert enterprise_data is not None + plugin = context.pedm_plugin + deployment_name = kwargs.get('name') + if not deployment_name: + raise base.CommandError('Deployment name is required') + force =kwargs.get('force') is True + if not force: + l_name = deployment_name.lower() + has_name = any((True for x in plugin.deployments.get_all_entities() if x.name.lower() == l_name)) + if has_name: + raise base.CommandError(f'Deployment "{deployment_name}" already exists.') + + ec_public_key = crypto.unload_ec_public_key(enterprise_data.enterprise_info.ec_public_key) + agent_info = pedm_shared.DeploymentAgentInformation(hash_key=plugin.agent_key, peer_public_key=ec_public_key) + spiffe_cert: Optional[bytes] = None + spiffe = kwargs.get('spiffe') + if isinstance(spiffe, str): + spiffe = os.path.expanduser(spiffe) + if not os.path.isfile(spiffe): + raise base.CommandError(f'File "{spiffe}" does not exist') + _, ext = os.path.splitext(spiffe) + with open(spiffe, 'rb') as f: + if ext in ('.cer', '.der'): + cert = x509.load_der_x509_certificate(f.read()) + elif ext == '.pem': + cert = x509.load_pem_x509_certificate(f.read()) + else: + cert = x509.load_pem_x509_certificate(f.read()) + spiffe_cert = cert.public_bytes(serialization.Encoding.DER) + add_rq = admin_types.AddDeployment(name=deployment_name, spiffe_cert=spiffe_cert, agent_info=agent_info) + rs = plugin.modify_deployments(add_deployments=[add_rq]) + if len(rs.remove) > 0: + status = rs.remove[0] + if isinstance(status, admin_types.EntityStatus) and not status.success: + raise base.CommandError(f'Failed to add deployment "{status.entity_uid}": {status.message}') + + +class PedmDeploymentUpdateCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='update', description='Update PEDM deployment') + parser.add_argument('--disable', dest='disable', action='store', choices=['on', 'off'], + help='do not prompt for confirmation') + parser.add_argument('--spiffe-cert', dest='spiffe', action='store', + help='File containing SPIFFE server certificate') + parser.add_argument('--name',action='store', help='Deployment name') + parser.add_argument('deployment', metavar='DEPLOYMENT', help='Deployment name or UID') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + plugin = context.pedm_plugin + deployment = PedmUtils.resolve_single_deployment(plugin, kwargs.get('deployment')) + name = kwargs.get('name') + disable_choice = kwargs.get('disable') + disabled: Optional[bool] = None + if disable_choice is not None: + disabled = True if disable_choice == 'on' else False + + spiffe_cert: Optional[bytes] = None + spiffe = kwargs.get('spiffe') + if isinstance(spiffe, str): + spiffe = os.path.expanduser(spiffe) + if not os.path.isfile(spiffe): + raise base.CommandError(f'File "{spiffe}" does not exist') + _, ext = os.path.splitext(spiffe) + with open(spiffe, 'rb') as f: + if ext in ('.cer', '.der'): + cert = x509.load_der_x509_certificate(f.read()) + elif ext == '.pem': + cert = x509.load_pem_x509_certificate(f.read()) + else: + cert = x509.load_pem_x509_certificate(f.read()) + spiffe_cert = cert.public_bytes(serialization.Encoding.DER) + + update_rq = admin_types.UpdateDeployment( + deployment_uid=deployment.deployment_uid, name=name, disabled=disabled, spiffe_cert=spiffe_cert) + rs = plugin.modify_deployments(update_deployments=[update_rq]) + if len(rs.remove) > 0: + status = rs.remove[0] + if isinstance(status, admin_types.EntityStatus) and not status.success: + raise base.CommandError(f'Failed to update policy "{status.entity_uid}": {status.message}') + + +class PedmDeploymentDeleteCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='delete', description='Delete PEDM deployment') + parser.add_argument('-f', '--force', dest='force', action='store_true', + help='do not prompt for confirmation') + parser.add_argument('deployment', metavar='DEPLOYMENT', nargs='+', + help='Deployment name or UID') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + plugin = context.pedm_plugin + deployment_names = kwargs.get('deployment') + if isinstance(deployment_names, str): + deployment_names = [deployment_names] + if not isinstance(deployment_names, list): + raise base.CommandError(f'deployment argument is empty') + + deployments: List[str] = [] + for deployment_name in deployment_names: + try: + deployment = PedmUtils.resolve_single_deployment(plugin, deployment_name) + deployment_name = deployment.name + deployment_uid = deployment.deployment_uid + except Exception as e: + d = plugin.storage.deployments.get_entity(deployment_name) if deployment_name else None + if d: + deployment_uid = d.deployment_uid + else: + raise e + deployments.append(deployment_uid) + + if len(deployments) == 0: + raise base.CommandError('No deployments found') + + force = kwargs.get('force') is True + if not force: + answer = prompt_utils.user_choice(f'Do you want to delete {len(deployments)} deployment(s)?', 'yN') + if answer.lower() not in {'y', 'yes'}: + return + + rs = plugin.modify_deployments(remove_deployments=deployments) + for status in rs.remove: + if isinstance(status, admin_types.EntityStatus) and not status.success: + raise base.CommandError(f'Failed to delete deployment "{status.entity_uid}": {status.message}') + + +class PedmDeploymentDownloadCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='download', description='Download PEDM deployment package') + parser.add_argument('--file', dest='file', action='store', help='File name') + parser.add_argument('deployment', metavar='DEPLOYMENT', help='Deployment name or UID') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs): + auth = context.auth + assert auth is not None + enterprise_data = context.enterprise_data + assert enterprise_data is not None + + plugin = context.pedm_plugin + deployment = PedmUtils.resolve_single_deployment(plugin, kwargs.get('deployment')) + host = next((host for host, server in constants.KEEPER_PUBLIC_HOSTS.items() if server == auth.keeper_endpoint.server), auth.keeper_endpoint.server) + token = f'{host}:{deployment.deployment_uid}:{utils.base64_url_encode(deployment.private_key)}' + filename = kwargs.get('file') + if filename: + with open(filename, 'wt') as f: + f.write(token) + else: + return token + +class PedmAgentCommand(base.GroupCommand): + def __init__(self): + super().__init__('Manage PEDM agents') + self.register_command(PedmAgentListCommand(), 'list', 'l') + self.register_command(PedmAgentEditCommand(), 'edit', 'e') + self.register_command(PedmAgentDeleteCommand(), 'delete') + self.register_command(PedmAgentCollectionCommand(), 'collection', 'c') + self.default_verb = 'list' + + +class PedmAgentCollectionCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='list', parents=[base.report_output_parser], + description='List PEDM agent resources') + parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', + help='print verbose information') + parser.add_argument('--type', dest='type', action='store', type=int, + help='collection type filter') + parser.add_argument('agent', help='Agent UID') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + verbose = kwargs.get('verbose') is True + collection_type: Optional[int] = kwargs.get('type') + agent = PedmUtils.resolve_single_agent(plugin, kwargs.get('agent')) + resource_uids = {x.collection_uid for x in plugin.storage.collection_links.get_links_by_object(agent.agent_uid)} + collections = [plugin.collections.get_entity(x) or x for x in resource_uids] + if isinstance(collection_type, int): + collections = [x for x in collections if isinstance(x, admin_types.PedmCollection) and x.collection_type == collection_type] + + table: List[List[Any]] = [] + headers = ['collection_type'] + if verbose: + headers.extend(['collection_uid', 'value']) + for collection in collections: + if isinstance(collection, admin_types.PedmCollection): + col_type_name = pedm_shared.collection_type_to_name(collection.collection_type) + col_type_name += f' ({col_type_name})' + collection_value = [f'{k}={v}' for k, v in collection.collection_data.items()] + row = [col_type_name, collection.collection_uid, collection_value] + else: + row = ['', collection, ''] + table.append(row) + else: + headers.extend(['count']) + r_map: Dict[int, int] = {} + for collection in collections: + if not isinstance(collection, admin_types.PedmCollection): + continue + if collection.collection_type not in r_map: + r_map[collection.collection_type] = 0 + r_map[collection.collection_type] += 1 + for collection_type, cnt in r_map.items(): + col_type_name = pedm_shared.collection_type_to_name(collection_type) + col_type_name += f' ({collection_type})' + table.append([col_type_name, cnt]) + + table.sort(key=lambda x: x[0]) + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(table, headers, fmt=fmt, filename=kwargs.get('output')) + + +class PedmAgentDeleteCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='update', description='Delete PEDM agents') + parser.add_argument('--force', dest='force', action='store_true', + help='do not prompt for confirmation') + parser.add_argument('agent', nargs='+', help='Agent UID(s)') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + agents = kwargs['agent'] + if isinstance(agents, str): + agents = [agents] + agent_uid_list: List[str] = [] + if isinstance(agents, list): + for agent_name in agents: + agent = PedmUtils.resolve_single_agent(plugin, agent_name) + agent_uid_list.append(agent.agent_uid) + + if len(agent_uid_list) == 0: + return + + statuses = plugin.modify_agents( remove_agents=agent_uid_list) + if isinstance(statuses.remove, list): + for status in statuses.remove: + if isinstance(status, admin_types.EntityStatus) and not status.success: + utils.get_logger().warning(f'Failed to remove agent "{status.entity_uid}": {status.message}') + + +class PedmAgentEditCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='update', description='Update PEDM agents') + parser.add_argument('--enable', dest='enable', action='store', choices=['on', 'off'], + help='Enables or disables agents') + parser.add_argument('--deployment', dest='deployment', action='store', + help='Moves agent to deployment') + parser.add_argument('agent', nargs='+', help='Agent UID(s)') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + deployment_uid = kwargs.get('deployment') + if deployment_uid: + deployment = plugin.deployments.get_entity(deployment_uid) + if not deployment: + raise base.CommandError(f'Deployment "{deployment_uid}" does not exist') + else: + deployment_uid = None + + disabled: Optional[bool] = None + enable = kwargs.get('enable') + if isinstance(enable, str): + if enable.lower() == 'on': + disabled = False + elif enable.lower() == 'off': + disabled = True + else: + raise base.CommandError(f'"enable" argument must be "on" or "off"') + + update_agents: List[admin_types.UpdateAgent] = [] + agents = kwargs['agent'] + if isinstance(agents, str): + agents = [agents] + if isinstance(agents, list): + for a in agents: + agent = plugin.agents.get_entity(a) + if agent is None: + raise base.CommandError(f'Agent "{a}" does not exist') + update_agents.append(admin_types.UpdateAgent( + agent_uid=agent.agent_uid, + deployment_uid=deployment_uid, + disabled=disabled, + )) + if len(update_agents) > 0: + statuses = plugin.modify_agents(update_agents=update_agents) + if isinstance(statuses.update, list): + for status in statuses.update: + if isinstance(status, admin_types.EntityStatus) and not status.success: + utils.get_logger().warning(f'Failed to update agent "{status.entity_uid}": {status.message}') + + +class PedmAgentListCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='list', description='List PEDM agents', + parents=[base.report_output_parser]) + parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', + help='print verbose information') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + verbose = kwargs.get('verbose') is True + table = [] + headers = ['agent_uid', 'machine_name', 'deployment', 'disabled', 'created'] + active_agents: Set[str] = set() + if verbose: + headers.extend(('active', 'properties')) + auth = plugin.loader.keeper_auth + rq = pedm_pb2.PolicyAgentRequest() + rq.summaryOnly = False + rs = auth.execute_router("pedm/get_policy_agents", rq, response_type=pedm_pb2.PolicyAgentResponse) + assert rs is not None + active_agents.update((utils.base64_url_encode(x) for x in rs.agentUid)) + + for agent in plugin.agents.get_all_entities(): + deployment = plugin.deployments.get_entity(agent.deployment_uid) + deployment_name = deployment.name if deployment else agent.deployment_uid + time_created = datetime.datetime.fromtimestamp(int(agent.created // 1000)) if agent.created else None + machine_name = '' + if isinstance(agent.properties, dict): + machine_name = agent.properties.get('MachineName') or '' + row: List[Any] = [agent.agent_uid, machine_name, deployment_name, agent.disabled, time_created] + if verbose: + row.append(agent.agent_uid in active_agents) + props: Optional[List[str]] = None + if agent.properties: + props = [f'{k}={v}' for k, v in agent.properties.items()] + props.sort() + row.append(props) + + table.append(row) + + table.sort(key=lambda x: x[2]) + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(table, headers, fmt=fmt, filename=kwargs.get('output')) + + +class PedmPolicyCommand(base.GroupCommand): + def __init__(self): + super().__init__('Manage PEDM policies') + self.register_command(PedmPolicyListCommand(), 'list', 'l') + self.register_command(PedmPolicyAddCommand(), 'add', 'a') + self.register_command(PedmPolicyEditCommand(), 'edit', 'e') + self.register_command(PedmPolicyViewCommand(), 'view', 'v') + self.register_command(PedmPolicyAgentsCommand(), 'agents') + self.register_command(PedmPolicyAssignCommand(), 'assign') + self.register_command(PedmPolicyDeleteCommand(), 'delete') + self.default_verb = 'list' + + +class PedmPolicyMixin: + ALL_FILTERS: List[str] = ['USER', 'MACHINE', 'APP', 'TIME', 'DATE', 'DAY'] + ALL_CONTROLS: List[str] = ['ALLOW', 'DENY', 'NOTIFY', 'MFA', 'JUSTIFY', 'APPROVAL', 'AUDIT', 'RECORD'] + + policy_filter = argparse.ArgumentParser(add_help=False) + policy_filter.add_argument('--user-filter', dest='user_filter', action='append', + help='Policy user filter. User collection UID or *') + policy_filter.add_argument('--machine-filter', dest='machine_filter', action='append', + help='Policy machine filter. Machine collection UID ') + policy_filter.add_argument('--app-filter', dest='app_filter', action='append', + help='Policy application filter. Application collection UID') + policy_filter.add_argument('--date-filter', dest='date_filter', action='append', + help='Policy date filter. Date range in ISO format. YYYY-MM-DD:YYYY-MM-DD') + policy_filter.add_argument('--time-filter', dest='time_filter', action='append', + help='Policy time filter. Time. 24 hours format: HH:MM-HH:MM') + policy_filter.add_argument('--day-filter', dest='day_filter', action='append', + help='Policy day filter. Day of Week') + policy_filter.add_argument('--risk-level', dest='risk_level', type=int, help='Policy risk level') + + @staticmethod + def resolve_collections(plugin: admin_plugin.PedmPlugin, col_types: List[int], col_values: List[str]) -> List[str]: + result: List[str] = [] + if not col_values: + return result + + collection_lookup: Dict[str, Union[str, List[str]]] = {} + for c in plugin.collections.get_all_entities(): + if c.collection_type not in col_types: continue + collection_lookup[c.collection_uid] = c.collection_uid + if c.collection_type >= 100: + collection_name: Optional[str] = c.collection_data.get('Name') + if not collection_name: + continue + collection_name = collection_name.lower() + cv = collection_lookup.get(collection_name) + if not cv: + cv = c.collection_uid + elif isinstance(cv, str): + cv = [cv, c.collection_uid] + elif isinstance(cv, list): + cv.append(c.collection_uid) + else: + continue + collection_lookup[collection_name] = cv + + for col_value in col_values: + if col_value == '*': + result.append(col_value) + else: + cv = collection_lookup[col_value] + if not cv: + cv = collection_lookup[col_value.lower()] + if not cv: + raise base.CommandError(f'collection value "{col_value}" cannot be resolved') + if isinstance(cv, str): + result.append(cv) + else: + raise base.CommandError(f'collection value "{col_value}" is not unique. Use collection UID') + + return result + + @staticmethod + def to_time(v: str) -> Optional[str]: + if not v: + return None + + try: + tc = [int(x) for x in v.split(':')] + while len(tc) < 3: + tc.append(0) + if tc[0] >= 24: + raise base.CommandError(f'time value "{v}" is not valid. Hours: 0 - 23') + if tc[1] >= 60: + raise base.CommandError(f'time value "{v}" is not valid. Minutes: 0 - 59') + if tc[2] >= 60: + raise base.CommandError(f'time value "{v}" is not valid. Seconds: 0 - 59') + + return ':'.join((f'{x:02d}' for x in tc)) + except Exception as e: + raise base.CommandError(f'time value "{v}" is not valid.') + + @staticmethod + def from_time(v: Any) -> Optional[str]: + if not isinstance(v, str): + return None + try: + tc = [int(x) for x in v.split(':')] + tc = tc[:3] + if tc[2] == 0: + tc = tc[:2] + return ':'.join((f'{x:02d}' for x in tc)) + except Exception: + pass + + @staticmethod + def parse_times(policy_times: Optional[List[Dict[str, Any]]]) -> Optional[List[str]]: + if not isinstance(policy_times, list): + return None + + result: List[str] = [] + for policy_time in policy_times: + start_time = PedmPolicyMixin.from_time(policy_time.get('StartTime')) or '' + end_time = PedmPolicyMixin.from_time(policy_time.get('EndTime')) or '' + if start_time or end_time: + result.append(f'{start_time}-{end_time}') + return result + + @staticmethod + def to_date(v: str) -> Optional[str]: + if not v: + return None + try: + date_value = datetime.datetime.fromisoformat(v).date() + return date_value.isoformat() + except Exception as e: + raise base.CommandError(f'date value "{v}" is not valid.') + + @staticmethod + def resolve_dates(d_values: List[str]) -> List[Dict[str, str]]: + # { "StartDate": "2025-01-01", "EndDate": "2025-01-25" } + result: List[Dict[str, str]] = [] + if not d_values: + return result + for d_value in d_values: + comp: List[Any] = d_value.split(':') + if 1 <= len(comp) <= 2: + dat: Dict[str, str] = {} + comp = [PedmPolicyAddCommand.to_date(x) for x in comp] + if comp[0]: + dat['StartDate'] = comp[0] + if len(comp) == 2 and comp[1]: + dat['EndDate'] = comp[1] + result.append(dat) + else: + raise base.CommandError(f'date range "{d_value}" is not valid.') + + return result + + @staticmethod + def resolve_times(t_values: List[str]) -> List[Dict[str, str]]: + # { "StartTime" : "09:00:00", "EndTime" : "18:00:00" } + result: List[Dict[str, str]] = [] + if not t_values: + return result + for t_value in t_values: + comp: List[Any] = t_value.split('-') + if 1 <= len(comp) <= 2: + tim: Dict[str, str] = {} + comp = [PedmPolicyAddCommand.to_time(x) for x in comp] + if comp[0]: + tim['StartTime'] = comp[0] + if len(comp) == 2 and comp[1]: + tim['EndTime'] = comp[1] + result.append(tim) + else: + raise base.CommandError(f'time range "{t_value}" is not valid.') + + return result + + DAY_LOOKUP: Optional[Dict[str, int]] = None + @staticmethod + def get_day_lookup() -> Dict[str, int]: + if PedmPolicyMixin.DAY_LOOKUP is None: + PedmPolicyMixin.DAY_LOOKUP = {} + for day_no, day_name in enumerate(calendar.day_name): + day_no += 1 + if day_no > 6: + day_no -= 7 + PedmPolicyMixin.DAY_LOOKUP[day_name.lower()] = day_no + for day_no, day_name in enumerate(calendar.day_abbr): + day_no += 1 + if day_no > 6: + day_no -= 7 + PedmPolicyMixin.DAY_LOOKUP[day_name.lower()] = day_no + return PedmPolicyMixin.DAY_LOOKUP + + @staticmethod + def resolve_days(d_values: List[str]) -> List[int]: + # integer in American convention + result: List[int] = [] + if not d_values: + return result + + day_lookup = PedmPolicyMixin.get_day_lookup() + weekday: Optional[int] + for d_value in d_values: + if d_value.isnumeric(): + weekday = int(d_value) + if 6 < weekday < 0: + weekday = None + else: + weekday = day_lookup.get(d_value.lower()) + if weekday is None: + raise base.CommandError(f'day value "{d_value}" is not valid.') + result.append(weekday) + return result + + @staticmethod + def get_policy_controls(policy_type_name: str, **kwargs) -> Optional[List[str]]: + p_controls: Optional[Union[str, List[str]]] = kwargs.get('control') + if not p_controls: + return None + + allowed_controls: Set[str] = set() + if policy_type_name == 'PrivilegeElevation': + allowed_controls.update(('audit', 'notify', 'mfa', 'justify', 'approval')) + elif policy_type_name == 'Access': + allowed_controls.update(('audit', 'notify', 'allow', 'deny')) + elif policy_type_name == 'CommandLine': + allowed_controls.update(('audit', 'notify', 'allow', 'deny')) + + controls: List[str] = [] + if isinstance(p_controls, str): + controls = [p_controls] + + wrong_controls = set(p_controls) - allowed_controls + if len(wrong_controls) > 0: + raise base.CommandError(f'"Control(s): {(", ".join(wrong_controls))}" are not valid for {policy_type_name} policy type') + + p_c = {x.upper() for x in p_controls} + for c in PedmPolicyMixin.ALL_CONTROLS: + if c in p_c: + p_c.remove(c) + controls.append(c) + if len(p_c) > 0: + raise base.CommandError(f'"control: {", ".join(p_c)}" is not supported') + return controls + + @staticmethod + def get_policy_filter(plugin: admin_plugin.PedmPlugin, **kwargs) -> Dict[str, Any]: + policy_filter: Dict[str, Any] = {} + for f in PedmPolicyMixin.ALL_FILTERS: + arg_name = f'{f.lower()}_filter' + p_filter: Any = kwargs.get(arg_name) + if not p_filter: continue + if isinstance(p_filter, str): + p_filter = [p_filter] + + if f == 'USER': + filter_name = 'UserCheck' + elif f == 'MACHINE': + filter_name = 'MachineCheck' + elif f == 'APP': + filter_name = 'ApplicationCheck' + elif f == 'DATE': + filter_name = 'DateCheck' + elif f == 'TIME': + filter_name = 'TimeCheck' + elif f == 'DAY': + filter_name = 'DayCheck' + else: + continue + if '*' in p_filter: + policy_filter[filter_name] = ['*'] + else: + if f == 'USER': + policy_filter[filter_name] = PedmPolicyAddCommand.resolve_collections(plugin, [3, 6, 103], p_filter) + elif f == 'MACHINE': + policy_filter[filter_name] = PedmPolicyAddCommand.resolve_collections(plugin, [1, 101], p_filter) + elif f == 'APP': + policy_filter[filter_name] = PedmPolicyAddCommand.resolve_collections(plugin, [2, 102], p_filter) + elif f == 'DATE': + policy_filter[filter_name] = PedmPolicyAddCommand.resolve_dates(p_filter) + elif f == 'TIME': + policy_filter[filter_name] = PedmPolicyAddCommand.resolve_times(p_filter) + elif f == 'DAY': + policy_filter[filter_name] = PedmPolicyAddCommand.resolve_days(p_filter) + risk_level = kwargs.get('risk_level') + if isinstance(risk_level, int): + if risk_level < 0 or risk_level > 100: + raise base.CommandError(f'risk level "{risk_level}" is not valid: 0-100') + policy_filter['RiskLevel'] = risk_level + return policy_filter + + +class PedmPolicyListCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='list', description='List PEDM policies', + parents=[base.report_output_parser]) + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + table: List[List[Any]] = [] + all_agents = utils.base64_url_encode(plugin.all_agents) + headers = ['policy_uid', 'policy_name', 'policy_type', 'status', 'controls', 'users', 'machines', 'applications', 'collections'] + for policy in plugin.policies.get_all_entities(): + data = policy.data or {} + actions = data.get('Actions') or {} + on_success = actions.get('OnSuccess') or {} + controls = on_success.get('Controls') or '' + + collections = [x.collection_uid for x in plugin.storage.collection_links.get_links_by_object(policy.policy_uid)] + collections = ['*' if x == all_agents else x for x in collections] + collections.sort() + + status = data.get('Status') + if policy.disabled: + status = 'off' + table.append([policy.policy_uid, data.get('PolicyName'), data.get('PolicyType'), status, + controls, data.get('UserCheck'), data.get('MachineCheck'), data.get('ApplicationCheck'), + collections]) + + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(table, headers, fmt=fmt, filename=kwargs.get('output'), sort_by=1) + + +class PedmPolicyAddCommand(base.ArgparseCommand, PedmPolicyMixin): + def __init__(self): + parser = argparse.ArgumentParser(prog='add', description='Add PEDM policy', parents=[PedmPolicyMixin.policy_filter]) + parser.add_argument('--policy-type', dest='policy_type', action='store', default='elevation', + choices=['elevation', 'file_access', 'command', 'least_privilege'], + help='Policy type') + parser.add_argument('--policy-name', dest='policy_name', action='store', + help='Policy name') + parser.add_argument('--control', dest='control', action='append', + choices=['allow', 'deny', 'audit', 'notify', 'mfa', 'justify', 'approval'], + help='Policy controls') + parser.add_argument('--status', dest='status', action='store', + choices=['enforce', 'monitor', 'monitor_and_notify'], + help='Policy Status') + parser.add_argument('--enable', dest='enable', action='store', choices=['on', 'off'], + help='Enables or disables policy') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + p_type = kwargs.get('policy_type') + if p_type == 'elevation': + policy_type = 'PrivilegeElevation' + elif p_type == 'file_access': + policy_type = 'FileAccess' + elif p_type == 'command': + policy_type = 'CommandLine' + elif p_type == 'least_privilege': + policy_type = 'LeastPrivilege' + else: + raise base.CommandError(f'"policy-type: {p_type}" is not supported') + + policy_uid = utils.generate_uid() + controls = PedmPolicyMixin.get_policy_controls(policy_type, **kwargs) + + policy_data: Dict[str, Any] = { + 'PolicyName': kwargs.get('policy_name') or '', + 'PolicyType': policy_type, + 'PolicyId': policy_uid, + 'Status': 'off', + 'Actions': { + 'OnSuccess': {'Controls': controls or []}, + 'OnFailure': {'Command': ''} + }, + "NotificationMessage": "A policy has been set to monitor mode. When this policy is enabled, [mfa, justification, request] will be required to run this process as an administrator.", + "NotificationRequiresAcknowledge": False, + "RiskLevel": 50, + 'Operator': 'And', + 'Rules': [ + { + 'RuleName': 'UserCheck', + 'ErrorMessage': 'This user is not included in this policy', + 'RuleExpressionType': 'BuiltInAction', + 'Expression': 'CheckUser()' + }, + { + 'RuleName': 'MachineCheck', + 'ErrorMessage': 'This Machine is not included in this policy', + 'RuleExpressionType': 'BuiltInAction', + 'Expression': 'CheckMachine()' + }, + { + 'RuleName': 'ApplicationCheck', + 'ErrorMessage': 'This application is not included in this policy', + 'RuleExpressionType': 'BuiltInAction', + 'Expression': 'CheckFile(false)' + }, + { + "RuleName": "DateCheck", + "ErrorMessage": "Current date is not covered by this policy", + "RuleExpressionType": "BuiltInAction", + "Expression": "CheckDate()" + }, + { + 'RuleName': 'TimeCheck', + 'ErrorMessage': 'Current time is not covered by this policy', + 'RuleExpressionType': 'BuiltInAction', + 'Expression': 'CheckTime()' + }, + { + 'RuleName': 'DayCheck', + 'ErrorMessage': 'Today is not included in this policy', + 'RuleExpressionType': 'BuiltInAction', + 'Expression': 'CheckDay()' + } + ] + } + policy_filter = PedmPolicyMixin.get_policy_filter(plugin, **kwargs) + if policy_filter: + policy_data.update(policy_filter) + + for filter_name in ('UserCheck', 'MachineCheck', 'ApplicationCheck', 'DateCheck', 'TimeCheck', 'DayCheck'): + f = policy_filter.get(filter_name) + if f is None: + policy_filter[filter_name] = ['*'] + + arg_status = kwargs.get('status') + if isinstance(arg_status, str): + policy_data['Status'] = arg_status + else: + policy_data['Status'] = 'enforce' + + disabled: bool = False + arg_enable = kwargs.get('enable') + if isinstance(arg_enable, str): + disabled = True if arg_enable == 'off' else False + + policy_key = utils.generate_aes_key() + add_policy = admin_types.PedmPolicy( + policy_uid=policy_uid, policy_key=policy_key, data=policy_data, admin_data={}, disabled=disabled) + rs = plugin.modify_policies(add_policies=[add_policy]) + if len(rs.remove) > 0: + status = rs.remove[0] + if isinstance(status, admin_types.EntityStatus) and not status.success: + raise base.CommandError(f'Failed to add policy "{status.entity_uid}": {status.message}') + + +class PedmPolicyEditCommand(base.ArgparseCommand, PedmPolicyMixin): + def __init__(self): + parser = argparse.ArgumentParser(prog='edit', description='Edit PEDM policy', parents=[PedmPolicyMixin.policy_filter]) + parser.add_argument('policy', help='Policy UID') + parser.add_argument('--policy-name', dest='policy_name', action='store', + help='Policy name') + parser.add_argument('--control', dest='control', action='append', + choices=['allow', 'deny', 'audit', 'notify', 'mfa', 'justify', 'approval'], + help='Policy controls') + parser.add_argument('--status', dest='status', action='store', + choices=['enforce', 'monitor', 'monitor_and_notify'], + help='Policy Status') + parser.add_argument('--enable', dest='enable', action='store', choices=['on', 'off'], + help='Enables or disables policy') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + policy = PedmUtils.resolve_single_policy(plugin, kwargs.get('policy')) + + policy_data = copy.deepcopy(policy.data or {}) + policy_type = policy_data.get('PolicyType') or 'Unknown' + controls = PedmPolicyMixin.get_policy_controls(policy_type, **kwargs) + if isinstance(controls, list): + actions = policy_data.get('Actions') + if not isinstance(actions, dict): + actions = {} + policy_data['Actions'] = actions + on_success = actions.get('OnSuccess') + if not isinstance(on_success, dict): + on_success = {} + on_success['Controls'] = controls + policy_data['OnSuccess'] = on_success + + policy_name = kwargs.get('policy_name') + if policy_name: + policy_data['PolicyName'] = policy_name + policy_filter = PedmPolicyMixin.get_policy_filter(plugin, **kwargs) + if policy_filter: + policy_data.update(policy_filter) + + arg_status = kwargs.get('status') + if isinstance(arg_status, str): + policy_data['Status'] = arg_status + + disabled: Optional[bool] = None + arg_enable = kwargs.get('enable') + if isinstance(arg_enable, str): + disabled = True if arg_enable == 'off' else False + + pu = admin_types.PedmUpdatePolicy(policy_uid=policy.policy_uid, data=policy_data, disabled=disabled) + + rs = plugin.modify_policies(update_policies=[pu]) + if len(rs.update) > 0: + status = rs.update[0] + if isinstance(status, admin_types.EntityStatus) and not status.success: + raise base.CommandError(f'Failed to update policy "{status.entity_uid}": {status.message}') + + +class PedmPolicyViewCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='view', parents=[base.json_output_parser], description='View PEDM policy') + parser.add_argument('policy', help='Policy UID or name') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + policy = PedmUtils.resolve_single_policy(plugin, kwargs.get('policy')) + + body = json.dumps(policy.data, indent=4) + filename = kwargs.get('output') + if kwargs.get('format') == 'json' and filename: + with open(filename, 'w') as f: + f.write(body) + else: + return body + + +class PedmPolicyDeleteCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='delete', description='Delete PEDM policy') + parser.add_argument('policy', type=str, nargs='+', help='Policy UID or name') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + policies = PedmUtils.resolve_existing_policies(plugin, kwargs.get('policy')) + to_delete = [x.policy_uid for x in policies] + + rs = plugin.modify_policies(remove_policies=to_delete) + if len(rs.remove) > 0: + status = rs.remove[0] + if isinstance(status, admin_types.EntityStatus) and not status.success: + raise base.CommandError(f'Failed to delete policy "{status.entity_uid}": {status.message}') + + +class PedmPolicyAgentsCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='agent', description='Show agents for policies') + parser.add_argument('policy', type=str, nargs='+', help='Policy UID or name') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + auth = plugin.loader.keeper_auth + + policy_args = kwargs.get('policy') + if not isinstance(policy_args, list): + policy_args = [policy_args] + policies = PedmUtils.resolve_existing_policies(plugin, policy_args) + if len(policies) == 0: + policy_list = ', '.join(policy_args) + raise base.CommandError(f'Policy "{policy_list}" not found') + policy_uids = [utils.base64_url_decode(x.policy_uid) for x in policies] + rq = pedm_pb2.PolicyAgentRequest() + rq.policyUid.extend(policy_uids) + rq.summaryOnly = False + rs = auth.execute_router("pedm/get_policy_agents", rq, response_type=pedm_pb2.PolicyAgentResponse) + assert rs is not None + + table = [] + headers = ['key', 'uid', 'name', 'status'] + for p in policies: + data = p.data or {} + status = data.get('Status') + if p.disabled: + status = 'off' + table.append(['Policy', p.policy_uid, data.get('PolicyName'), status]) + for a in rs.agentUid: + agent_uid = utils.base64_url_encode(a) + row = ['Agent', agent_uid] + agent = plugin.agents.get_entity(agent_uid) + machine_name = '' + status = '' + if agent: + if isinstance(agent.properties, dict): + machine_name = agent.properties.get('MachineName') or '' + status = 'off' if agent.disabled else 'on' + row.append(machine_name) + row.append(status) + table.append(row) + + return report_utils.dump_report_data(table, headers, group_by=0) + + +class PedmPolicyAssignCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='assign', description='Assign collections to policy') + parser.add_argument('-c', '--collection', action='append', help='Collection UID') + parser.add_argument('policy', type=str, nargs='+', help='Policy UID or name') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + policies = PedmUtils.resolve_existing_policies(plugin, kwargs.get('policy')) + policy_uids = [utils.base64_url_decode(x.policy_uid) for x in policies] + collections = kwargs.get('collection') + collection_uids: List[bytes] = [] + if isinstance(collections, list): + for c in collections: + if c in ['*', 'all']: + collection_uids.append(plugin.all_agents) + elif c: + collection_uid = utils.base64_url_decode(c) + if len(collection_uid) == 16: + collection_uids.append(collection_uid) + else: + utils.get_logger().info('Invalid collection UID: %s. Skipped', c) + + if len(policy_uids) == 0: + raise base.CommandError('Nothing to do') + + statuses = plugin.assign_policy_collections(policy_uids, collection_uids) + for status in statuses.add: + if not status.success: + raise base.CommandError(f'Failed to add to policy: {status.message}') + for status in statuses.remove: + if not status.success: + raise base.CommandError(f'Failed to remove from policy: {status.message}') + + +class PedmCollectionCommand(base.GroupCommand): + def __init__(self): + super().__init__('Manage PEDM collections') + self.register_command(PedmCollectionListCommand(), 'list', 'l') + self.register_command(PedmCollectionViewCommand(), 'view', 'v') + self.register_command(PedmCollectionAddCommand(), 'add', 'a') + self.register_command(PedmCollectionUpdateCommand(), 'update', 'u') + self.register_command(PedmCollectionDeleteCommand(), 'delete') + self.register_command(PedmCollectionConnectCommand(), 'connect') + self.register_command(PedmCollectionDisconnectCommand(), 'disconnect') + self.register_command(PedmCollectionWipeOutCommand(), 'wipe-out') + self.default_verb = 'list' + + +class PedmCollectionWipeOutCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='wipe-out', description='Wipe out PEDM collections') + parser.add_argument('--type', dest='type', action='store', type=int, + help='collection type') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + collection_type = kwargs.get('type') + if isinstance(collection_type, int): + collection_type = [collection_type] + collections: List[str] = [] + for coll in plugin.storage.collections.get_all_entities(): + if collection_type and coll.collection_type not in collection_type: + continue + collections.append(coll.collection_uid) + + plugin.modify_collections(remove_collections=collections) + + +class PedmCollectionAddCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='add', description='Creates PEDM collections') + parser.add_argument('--type', dest='type', action='store', type=int, + help='collection type') + parser.add_argument('collection', type=str, nargs='+', help='Collection name') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + collection: Any = kwargs.get('collection') + collection_type = kwargs.get('type') + if not collection_type: + raise base.CommandError('Collection type is required') + # if collection_type < 100: + # raise base.CommandError('Only collections with type greater than 100 are supported') + + if isinstance(collection, str): + collection = [collection] + + collections: Dict[str, admin_types.CollectionData] = {} + for c in collection: + collection_uid = utils.generate_uid() + collection_data = { + 'Name': c, + 'IsCustom': True + } + collections[collection_uid] = admin_types.CollectionData( + collection_uid=collection_uid, collection_type=collection_type, + collection_data=json.dumps(collection_data)) + + status = plugin.modify_collections(add_collections=collections.values()) + if len(status.add) > 0: + for st in status.add: + if isinstance(st, admin_types.EntityStatus) and not st.success: + raise base.CommandError(f'Failed to add collection "{st.entity_uid}": {st.message}') + + +class PedmCollectionUpdateCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='update', description='Update PEDM collection') + parser.add_argument('--type', dest='type', action='store', type=int, + help='collection type (optional)') + parser.add_argument('--name', dest='name', action='store', required=True, + help='Collection name') + parser.add_argument('collection', help='Collection') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + collection = kwargs.get('collection') + collection_type = kwargs.get('type') + collection_name = kwargs.get('name') + if not collection_name: + raise base.CommandError('Collection name is required') + + existing_collections = PedmUtils.resolve_existing_collections(plugin, collection, collection_type=collection_type) + if len(existing_collections) > 0: + if len(existing_collections) > 1: + raise base.CommandError(f'Multiple collections found for collection "{collection}". Use Collection UID.') + collections: admin_types.CollectionData + coll = existing_collections[0] + collection_info = coll.collection_data + collection_info['Name'] = collection_name + collection_data = admin_types.CollectionData( + collection_uid=coll.collection_uid, collection_type=coll.collection_type, + collection_data=json.dumps(collection_info)) + + status = plugin.modify_collections(update_collections=[collection_data]) + if len(status.update) > 0: + for st in status.update: + if isinstance(st, admin_types.EntityStatus) and not st.success: + raise base.CommandError(f'Failed to update collection "{st.entity_uid}": {st.message}') + + +class PedmCollectionDeleteCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='delete', description='Delete PEDM collections') + parser.add_argument('-f', '--force', dest='force', action='store_true', + help='do not prompt for confirmation') + parser.add_argument('collection', nargs='+', help='Collection or @orphan_resource') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + collection = kwargs.get('collection') + if not collection: + raise base.CommandError('Collection is required') + + if isinstance(collection, str): + collection = [collection] + pseudo_collections = {x for x in collection if x in ('@orphan_resource')} + collection = [x for x in collection if x not in pseudo_collections] + force = kwargs.get('force') is True + existing_collections = PedmUtils.resolve_existing_collections(plugin, collection, ignore_missing=True) + unique_collections = set((x.collection_uid for x in existing_collections)) + if force: + for collection_name in collection: + if collection_name not in unique_collections: + try: + uid = utils.base64_url_decode(collection_name) + if len(uid) == 16: + unique_collections.add(collection_name) + except: + pass + + if '@orphan_resource' in pseudo_collections: + unique_collections.update(PedmUtils.get_orphan_resources(plugin)) + + if len(unique_collections) == 0: + utils.get_logger().info('No collections found') + return + + if not force: + answer = prompt_utils.user_choice(f'Do you want to remove {len(unique_collections)} collection(s)?', 'yN', default='n') + if answer.lower() not in ('y', 'yes'): + return + + status = plugin.modify_collections(remove_collections=unique_collections) + if len(status.remove) > 0: + for st in status.remove: + if isinstance(st, admin_types.EntityStatus) and not st.success: + raise base.CommandError(f'Failed to remove collection "{st.entity_uid}": {st.message}') + + +class PedmCollectionConnectCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='link', description='Link values to PEDM collection') + parser.add_argument('--collection', '-c', dest='collection', action='store', + help='Parent collection UID or name') + parser.add_argument('--link-type', dest='link_type', action='store', required=True, + choices=['agent', 'policy', 'collection'], help='collection type filter') + parser.add_argument('links', nargs='+', help='Link UIDs or names') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + col_name = kwargs.get('collection') + collections = PedmUtils.resolve_existing_collections(plugin, [col_name]) + if len(collections) != 1: + raise base.CommandError(f'Could not resolve a single collection: {col_name}') + collection = collections[0] + link_type = kwargs.get('link_type') + link_names: Any = kwargs.get('links') + links: List[str] = [] + collection_link_type: int + if link_type == 'collection': + coll_links = PedmUtils.resolve_existing_collections(plugin, link_names) + links.extend((x.collection_uid for x in coll_links)) + collection_link_type = pedm_pb2.CLT_COLLECTION + elif link_type == 'agent': + for agent_name in link_names: + agent = PedmUtils.resolve_single_agent(plugin, agent_name) + links.append(agent.agent_uid) + collection_link_type = pedm_pb2.CLT_AGENT + elif link_type == 'policy': + pol_links = PedmUtils.resolve_existing_policies(plugin, link_names) + links.extend((x.policy_uid for x in pol_links)) + collection_link_type = pedm_pb2.CLT_POLICY + else: + raise base.CommandError(f'Unknown link type: {link_type}') + + to_add = [admin_types.CollectionLink( + collection_uid=collection.collection_uid, link_uid=x, link_type=collection_link_type) for x in links] + + status = plugin.set_collection_links(set_links=to_add) + if len(status.add) > 0: + for st in status.add: + if isinstance(st, admin_types.LinkStatus) and not st.success: + raise base.CommandError(f'Failed to set collection link "{st.object_uid}": {st.message}') + + +class PedmCollectionDisconnectCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='unlink', description='Unlink values from PEDM collections') + parser.add_argument('--collection', '-c', dest='collection', action='store', + help='Parent collection UID or name') + parser.add_argument('-f', '--force', dest='force', action='store_true', + help='do not prompt for confirmation') + parser.add_argument('links', nargs='+', help='UIDs to unlink') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + col_name = kwargs.get('collection') + collections = PedmUtils.resolve_existing_collections(plugin, [col_name]) + if len(collections) != 1: + raise base.CommandError(f'Could not resolve a single collection: {col_name}') + collection = collections[0] + + existing_links= list(x for x in plugin.storage.collection_links.get_links_by_subject(collection.collection_uid)) + links: Any = kwargs.get('links') + to_unlink: Set[str] = set(links) + + to_remove: List[admin_types.CollectionLink] = [] + for link in existing_links: + link_uid = link.link_uid + if link_uid in to_unlink: + to_remove.append(admin_types.CollectionLink( + collection_uid=collection.collection_uid, + link_uid=link_uid, + link_type=link.link_type) # type: ignore + ) + to_unlink.remove(link_uid) + + if len(to_unlink) > 0: + utils.get_logger().info(f'{len(to_unlink)} link(s) cannot be removed from collection: {col_name}') + + if len(to_remove) == 0: + return + + force = kwargs.get('force') is True + if not force: + answer = prompt_utils.user_choice( + f'Do you want to remove {len(to_remove)} link(s)?', 'yN', default='n') + if answer.lower() not in ('y', 'yes'): + return + + status = plugin.set_collection_links(unset_links=to_remove) + if len(status.remove) > 0: + for st in status.remove: + if isinstance(st, admin_types.LinkStatus) and not st.success: + raise base.CommandError(f'Failed to unset collection link "{st.object_uid}": {st.message}') + + +class PedmCollectionListCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='list', description='List PEDM collections', + parents=[base.report_output_parser]) + parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', + help='print verbose information') + parser.add_argument('--type', dest='type', action='store', type=int, + help='collection type filter') + parser.add_argument('--pattern', dest='pattern', action='store', + help='collection search pattern') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + table: List[List[Any]] = [] + row: List[Any] + collection_type: Optional[int] = kwargs.get('type') + verbose = kwargs.get('verbose') is True + pattern = kwargs.get('pattern') + + if isinstance(collection_type, int): + col_dict: Dict[str, List[admin_storage.PedmStorageCollectionLink]] = {} + for col in plugin.collections.get_all_entities(): + if col.collection_type != collection_type: + continue + col_dict[col.collection_uid] = list(plugin.storage.collection_links.get_links_by_subject(col.collection_uid)) + + headers = ['collection_uid', 'value'] + if verbose: + headers.extend(['link_info']) + else: + headers.extend(['link_count']) + for (collection_uid, links) in col_dict.items(): + collection = plugin.collections.get_entity(collection_uid) + if not collection: + continue + cv = [f'{k}={v}' for k, v in collection.collection_data.items()] + row = [collection_uid, cv] + if verbose: + link_info = [f'{x.link_uid} ({pedm_shared.collection_link_type_to_name(x.link_type)})' for x in links] + row.append(link_info) + else: + row.append(len(links)) + table.append(row) + else: + type_dict: Dict[int, List[admin_types.PedmCollection]] = {} + for col in plugin.collections.get_all_entities(): + if col.collection_type not in type_dict: + type_dict[col.collection_type] = [] + type_dict[col.collection_type].append(col) + + headers = ['id', 'collection_type'] + if verbose: + headers.extend(['collection_uid', 'value']) + else: + headers.extend(['value_count']) + + for (col_type, collections) in type_dict.items(): + col_type_name = pedm_shared.collection_type_to_name(col_type) + if verbose: + for collection in collections: + cv = [f'{k}={v}' for k, v in collection.collection_data.items()] + table.append([col_type, col_type_name, collection.collection_uid, cv]) + else: + table.append([col_type, col_type_name, len(collections)]) + + regex: Optional[Pattern[str]] = re.compile(fnmatch.translate(f'*{pattern}*')) if pattern else None + if regex is not None: + def any_match(row: Any) -> bool: + if not row: + return False + if not isinstance(row, list): + return False + + match = False + for column in row: + column_values = [] + if isinstance(column, list): + column_values.extend([x for x in column if isinstance(x, str)]) + elif isinstance(column, str): + column_values.append(column) + match = any((True for x in column_values if regex.match(x))) + if match: + break + return match + + table = [x for x in table if any_match(x)] + + table.sort(key=lambda x: x[0]) + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(table, headers, column_width=80, fmt=fmt, filename=kwargs.get('output')) + + +class PedmCollectionViewCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='view', description='Show PEDM collection details', + parents=[base.report_output_parser]) + parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', + help='print verbose information') + parser.add_argument('--link', dest='link', action='append', help='Show link details') + parser.add_argument('collection', nargs='+', help='Collection UID') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + collection_uid = kwargs.get('collection') + if isinstance(collection_uid, str): + collection_uid = [collection_uid] + if not collection_uid: + return + + collections: Dict[str, admin_types.PedmCollection] = {} + + for uid in collection_uid: + coll = plugin.collections.get_entity(uid) + if coll: + collections[uid] = coll + + link_info: List[str] = [] + agent_link_data: Dict[Tuple[str, str], Dict[str, Any]] = {} + link = kwargs.get('link') + if isinstance(link, str): + link = [link] + if isinstance(link, list) and len(link) > 0: + links: List[admin_types.CollectionLink] = [] + for c_uid in collection_uid: + for l_uid in link: + cl = plugin.storage.collection_links.get_link(c_uid, l_uid) + if cl: + links.append(admin_types.CollectionLink( + collection_uid=c_uid, link_type=cl.link_type, link_uid=l_uid)) + if len(links) > 0: + for cld in plugin.get_collection_links(links=links): + if not cld.link_data: + continue + collection_uid = cld.collection_link.collection_uid + link_uid = cld.collection_link.link_uid + try: + agent_data = json.loads(crypto.decrypt_aes_v2(cld.link_data, plugin.agent_key)) + agent_link_data[(collection_uid, link_uid)] = agent_data + except: + pass + link_info = list({x[1] for x in agent_link_data.keys()}) + + verbose = kwargs.get('verbose') is True + headers = ['collection_uid', 'collection_type', 'collection_value'] + if len(link_info) > 0: + headers.extend((f'"{x}"' for x in link_info)) + else: + if verbose: + headers.append('link_uid') + else: + headers.append('link_count') + table = [] + row: List[Any] + for collection_uid, coll in collections.items(): + row = [collection_uid] + if coll: + collection_type = f'{pedm_shared.collection_type_to_name(coll.collection_type)} ({coll.collection_type})' + row.append(collection_type) + collection_value = [f'{k}={v}' for k, v in coll.collection_data.items()] + row.append(collection_value) + + if len(link_info) > 0: + for link in link_info: + ld = agent_link_data[(coll.collection_uid, link)] + if ld: + row.append([f'{x[0]}={x[1]}' for x in ld.items()]) + else: + row.append(None) + else: + link_titles = list((f'{x.link_uid} ({pedm_shared.collection_link_type_to_name(x.link_type)})' + for x in plugin.storage.collection_links.get_links_by_subject(collection_uid))) + if verbose: + row.append(link_titles) + else: + row.append(len(link_titles)) + table.append(row) + + table.sort(key=lambda x: x[0]) + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + column_width = None if verbose else 50 + return report_utils.dump_report_data(table, headers, column_width=column_width, fmt=fmt, filename=kwargs.get('output')) + + +class PedmApprovalCommand(base.GroupCommand): + def __init__(self): + super().__init__('Manage PEDM approval requests') + self.register_command(PedmApprovalListCommand(), 'list', 'l') + self.register_command(PedmApprovalStatusCommand(), 'action', 'a') + self.default_verb = 'list' + + +class PedmApprovalListCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='list', description='List PEDM approval requests', + parents=[base.report_output_parser]) + parser.add_argument('--type', dest='type', action='store', type=int, + help='approval type filter') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + + table: List[List[Any]] = [] + headers = ['approval_uid', 'approval_type', 'status', 'agent_uid', 'account_info', 'application_info', 'justification', 'expire_in', 'created'] + for approval in plugin.approvals.get_all_entities(): + approval_uid = approval.approval_uid + a_status = plugin.storage.approval_status.get_entity(approval_uid) + if a_status: + if a_status.approval_status == NotificationCenter_pb2.NAS_APPROVED: + status = 'Approved' + elif a_status.approval_status == NotificationCenter_pb2.NAS_DENIED: + status = 'Denied' + elif a_status.approval_status == NotificationCenter_pb2.NAS_UNSPECIFIED: + status = 'Pending' + else: + status = 'Unsupported' + else: + status = 'Pending' + account_info = [y[:30] for y in (f'{k}={v}' for k, v in approval.account_info.items())] + application_info = [y[:30] for y in (f'{k}={v}' for k, v in approval.application_info.items())] + table.append([approval.approval_uid, pedm_shared.approval_type_to_name(approval.approval_type), + status, approval.agent_uid, account_info, application_info, approval.justification, + approval.expire_in, approval.created]) + + table.sort(key=lambda x: x[8], reverse=True) + fmt = kwargs.get('format') + if fmt != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(table, headers, fmt=fmt, filename=kwargs.get('output')) + + +class PedmApprovalStatusCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='action', description='Modify PEDM approval requests') + parser.add_argument('--approve', dest='approve', action='append', + help='Request UIDs for approval') + parser.add_argument('--deny', dest='deny', action='append', + help='Request UIDs for denial') + parser.add_argument('--remove', dest='remove', action='append', + help='Request UIDs for removal. UID, @approved, @denied, @pending') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> None: + plugin = context.pedm_plugin + + logger = api.get_logger() + def verify_uid(uids: Any) -> Optional[List[bytes]]: + if isinstance(uids, str): + uids = [uids] + if isinstance(uids, list): + to_uid = [] + for uid in uids: + approve_uid = utils.base64_url_decode(uid) + if len(approve_uid) == 16: + to_uid.append(approve_uid) + else: + logger.warning(f'Invalid UID: {uid}') + if len(to_uid) > 0: + return to_uid + return None + + to_approve = verify_uid(kwargs.get('approve')) + to_deny = verify_uid(kwargs.get('deny')) + to_remove = kwargs.get('remove') + if to_remove: + if isinstance(to_remove, str): + to_remove = [to_remove] + to_remove_set: Set[bytes] = set() + to_resolve = [] + for uid in to_remove: + if uid == '@approved': + to_remove_set.update( + (utils.base64_url_decode(x.approval_uid) for x in plugin.storage.approval_status.get_all_entities() if x.approval_status == NotificationCenter_pb2.NAS_APPROVED)) + elif uid == '@denied': + to_remove_set.update( + (utils.base64_url_decode(x.approval_uid) for x in plugin.storage.approval_status.get_all_entities() if x.approval_status == NotificationCenter_pb2.NAS_DENIED)) + elif uid == '@pending': + to_remove_set.update( + (utils.base64_url_decode(x.approval_uid) for x in plugin.storage.approval_status.get_all_entities() if x.approval_status == NotificationCenter_pb2.NAS_UNSPECIFIED)) + else: + to_resolve.append(uid) + if len(to_resolve) > 0: + to_remove = verify_uid(to_resolve) + if isinstance(to_remove, list): + to_remove_set.update(to_remove) + to_remove = list(to_remove_set) + + status_rs = plugin.modify_approvals(to_approve=to_approve, to_deny=to_deny, to_remove=to_remove) + if status_rs.add: + for status in status_rs.add: + if not status.success: + if isinstance(status, admin_types.EntityStatus): + logger.warning(f'Failed to approved "{status.entity_uid}": {status.message}') + if status_rs.update: + for status in status_rs.update: + if not status.success: + if isinstance(status, admin_types.EntityStatus): + logger.warning(f'Failed to deny "{status.entity_uid}": {status.message}') + if status_rs.remove: + for status in status_rs.remove: + if not status.success: + if isinstance(status, admin_types.EntityStatus): + logger.warning(f'Failed to remove "{status.entity_uid}": {status.message}') diff --git a/keepercli-package/src/keepercli/commands/pedm_aram.py b/keepercli-package/src/keepercli/commands/pedm_aram.py new file mode 100644 index 00000000..abd99a34 --- /dev/null +++ b/keepercli-package/src/keepercli/commands/pedm_aram.py @@ -0,0 +1,565 @@ +import argparse +import datetime +import json +import re +from typing import Any, List, Dict, Optional, Callable, Union + +import attrs +from prompt_toolkit import print_formatted_text, HTML + +from keepersdk.authentication import keeper_auth +from keepersdk.enterprise import enterprise_types +from keepersdk import utils, crypto +from keepersdk.proto import pedm_pb2 +from . import base, pedm_admin +from ..helpers import report_utils +from ..params import KeeperParams + + +class PedmReportCommand(base.GroupCommand): + def __init__(self): + super().__init__('Display PEDM reports') + self.register_command(PedmPolicyUsageReportCommand(), 'policy-usage', 'pu') + self.register_command(PedmColumnReportCommand(), 'column', 'c') + self.register_command(PedmEventReportCommand(), 'event', 'e') + self.register_command(PedmEventSummaryReportCommand(), 'summary', 's') + + +@attrs.define(kw_only=True) +class FieldInfo: + name: str + type: str + protection: str + +in_pattern = re.compile(r"\s*in\s*\(\s*(.*)\s*\)", re.IGNORECASE) +between_pattern = re.compile(r"\s*between\s+(\S*)\s+and\s+(.*)", re.IGNORECASE) +predefined_date_filters = {'today', 'yesterday', 'last_7_days', 'last_30_days', 'month_to_date', 'last_month', + 'year_to_date', 'last_year'} + +display_fields = ('deployment_uid', 'admin_uid', 'agent_uid', 'agent_status', 'agent_version', + 'session_uid', 'session_type', 'policy_uid', 'policy_version', + 'request_uid', 'evaluation_status', 'request_status', 'plugin_uid', 'plugin_version', 'update_status', + 'user_info', 'target_info', 'reason') + +class AuditMixin: + syslog_templates: Optional[Dict[str, str]] = None + field_info: Optional[Dict[str, FieldInfo]] = None + + @staticmethod + def load_audit_metadata(auth: keeper_auth.KeeperAuth) -> None: + if AuditMixin.syslog_templates is None: + rq = { + 'fields': ['audit_event_type', 'report_field'] + } + rs = auth.execute_router_json('pedm/get_audit_event_dimensions', rq) + assert rs is not None + AuditMixin.syslog_templates = {} + AuditMixin.field_info = {} + for et in rs['audit_event_type']: + name = et.get('name') + syslog = et.get('syslog') + if name and syslog: + AuditMixin.syslog_templates[name] = syslog + + for rf in rs['report_field']: + name = rf.get('name') or '' + field_type = rf.get('type') or '' + protection = rf.get('protection') or '' + AuditMixin.field_info[name] = FieldInfo(name=name, type=field_type, protection=protection) + + @staticmethod + def convert_date_filter(value: Any) -> Union[int, str]: + if isinstance(value, datetime.datetime): + value = value.timestamp() + elif isinstance(value, datetime.date): + dt = datetime.datetime.combine(value, datetime.datetime.min.time()) + value = dt.timestamp() + elif isinstance(value, (int, float)): + value = float(value) + elif isinstance(value, str): + if value in {predefined_date_filters}: + return value + if len(value) <= 10: + value = datetime.datetime.strptime(value, '%Y-%m-%d') + else: + value = datetime.datetime.strptime(value, '%Y-%m-%dT%H:%M:%SZ') + value = value.timestamp() + return int(value) + + @staticmethod + def convert_str_or_int_filter(value: Any) -> Union[str, int]: + if isinstance(value, str): + if value.isdigit(): + return int(value) + else: + return value + elif isinstance(value, int): + return value + return str(value) + + @staticmethod + def get_filter(value: str, convert: Callable[[Any], Any]) -> Any: + filter_value = value.strip() + bet = between_pattern.match(filter_value) + if bet is not None: + dt1, dt2, *_ = bet.groups() + dt1 = convert(dt1) + dt2 = convert(dt2) + return {'min': dt1, 'max': dt2} + + inp = in_pattern.match(filter_value) + if inp is not None: + arr = [] + for v in inp.groups()[0].split(','): + arr.append(convert(v.strip())) + return arr + + for prefix in ['>=', '<=', '>', '<', '=']: + if filter_value.startswith(prefix): + value = convert(filter_value[len(prefix):].strip()) + if prefix == '>=': + return {'min': value} + if prefix == '<=': + return {'max': value} + if prefix == '>': + return {'min': value, 'exclude_min': True} + if prefix == '<': + return {'max': value, 'exclude_max': True} + return value + + return convert(filter_value) + + @staticmethod + def get_field_value(field: str, value: Any, *, report_type: str = 'raw') -> Any: + if field in ('event_time', 'first_date', 'last_date'): + if isinstance(value, str): + return value + if isinstance(value, (int, float)): + value = int(value) + dt = datetime.datetime.fromtimestamp(value, tz=datetime.timezone.utc) + dt = dt.replace(tzinfo=datetime.timezone.utc).astimezone(tz=None) + if field == 'event_time': + if report_type in ('day', 'week'): + return dt.date() + if report_type == 'month': + return dt.strftime('%B, %Y') + if report_type == 'hour': + return dt.strftime('%Y-%m-%d @%H:00') + return dt + return value + + @staticmethod + def get_enterprise_user_id(user_uid: str) -> Optional[int]: + try: + user_bytes = utils.base64_url_decode(user_uid) + if len(user_bytes) == 16: + return int.from_bytes(user_bytes[8:], byteorder='big') + except: + pass + return None + +audit_column_description = ''' +Audit Column Report Command +Returns unique values for audit report fields. + +To get a list of all report fields: +Commander> pedm report column report_field + +To get a list of all report events: +Commander> pedm report column audit_event_type +''' + +class PedmColumnReportCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='report column', description='Run column data audit reports', + parents=[base.report_output_parser]) + parser.add_argument('--syntax-help', dest='syntax_help', action='store_true', help='display help') + parser.add_argument('column', nargs='?', help='Audit report column') + + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + if kwargs.get("syntax_help") is True: + print_formatted_text(HTML(audit_column_description)) + return + + assert context.enterprise_data is not None + assert context.auth is not None + auth = context.auth + + AuditMixin.load_audit_metadata(auth) + assert AuditMixin.field_info is not None + + column = kwargs.get('column') + if not (isinstance(column, str) and len(column) > 0): + raise base.CommandError('"column" must be a non-empty string') + + f_info: Optional[FieldInfo] = None + if column != "report_field": + f_info = AuditMixin.field_info.get(column) + if not f_info: + raise base.CommandError(f'column "{column}" is not a known audit report column') + if f_info.type != 'group': + raise base.CommandError(f'column "{column}" is not a known audit report grouping column') + rq = { + 'fields': [column] + } + rs = auth.execute_router_json('pedm/get_audit_event_dimensions', rq) + assert rs is not None + rows: List[List[Any]] = [] + headers: List[str] + if column == 'report_field': + headers = ['name', 'type', 'protection'] + elif column == 'audit_event_type': + headers = ['name', 'id', 'is_client', 'syslog'] + else: + headers = ['value'] + + dimension = rs.get(column) + if not isinstance(dimension, list): + raise base.CommandError('Server response is not supported') + for d in dimension: + if isinstance(d, dict): + row = [] + for header in headers: + row.append(d.pop(header, None)) + if len(d) > 0: + for k, v in d.items(): + headers.append(k) + row.append(v) + rows.append(row) + if f_info is not None and f_info.protection == 'hash': + headers.insert(0, 'uid') + uids = [x[0] for x in rows] + uids = uids[:500] + coll_rq = pedm_pb2.AuditCollectionRequest() + # coll_rq.collectionName.append(f_info.name) + coll_rq.valueUid.extend([utils.base64_url_decode(x) for x in uids]) + coll_rs = auth.execute_router( + 'pedm/get_audit_collections', coll_rq, response_type=pedm_pb2.AuditCollectionResponse) + value_lookup: Dict[str, str] = {} + assert coll_rs is not None + ec_private = context.enterprise_data.enterprise_info.ec_private_key + for v in coll_rs.values: + value_uid = utils.base64_url_encode(v.valueUid) + try: + decrypted_data = crypto.decrypt_ec(v.encryptedData, ec_private) + value_lookup[value_uid] = decrypted_data.decode('utf-8', 'ignore') + except: + pass + for row in rows: + value = value_lookup.get(row[0]) + if value: + row.append(value) + + if kwargs.get('format') != 'json': + headers = [report_utils.field_to_title(x) for x in headers] + + return report_utils.dump_report_data(rows, headers, fmt=kwargs.get('format'), filename=kwargs.get('output'), + row_number=True, sort_by=0, column_width=80) + +audit_report_description = ''' +Audit Event Report Command + +To get a list of event fields run the following command: +Commander> pedm report column report_field + +Any field that has type group or filter can be used as filter + +Filter syntax: [FIELD_NAME]=[CRITERIA] +where criteria is +1. single value: Example: "agent_uid=NJvK0I5RpuF0UFMwRKY_Dw" +2. list of values: Example: "agent_uid=IN(NJvK0I5RpuF0UFMwRKY_Dw, VYLhwqhRvhIpma9e1HoDFw)" +3. range value: Example: "created=BETWEEN 2024-01-01 AND 2024-02-01" +Predefined date range values: today, yesterday, last_7_days, last_30_days, month_to_date, last_month, year_to_date, last_year +event_time=last_month +''' +class PedmEventReportCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='report event', description='Run audit event reports', + parents=[base.report_output_parser]) + parser.add_argument('--syntax-help', dest='syntax_help', action='store_true', help='display help') + parser.add_argument('--report-format', dest='report_format', action='store', default='message', + choices=['message', 'fields'], help='output format (raw reports only)') + parser.add_argument('--timezone', dest='timezone', action='store', help='return results for specific timezone') + parser.add_argument('--limit', dest='limit', type=int, action='store', + help='maximum number of returned rows (1000 max)') + parser.add_argument('--order', dest='order', action='store', choices=['desc', 'asc'], help='sort order') + parser.add_argument('filter', nargs='*', help='Report filters') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + if kwargs.get("syntax_help") is True: + print_formatted_text(HTML(audit_report_description)) + return + assert context.enterprise_data is not None + assert context.auth is not None + auth = context.auth + + AuditMixin.load_audit_metadata(auth) + assert AuditMixin.field_info is not None + assert AuditMixin.syslog_templates is not None + + filters = kwargs.get('filter') + if filters and isinstance(filters, str): + filters = [filters] + report_filter: Dict[str, Any] = {} + for filter_arg in filters: + field, sep, criteria = filter_arg.partition('=') + if not sep: + raise base.CommandError(f'Filter syntax error: {filter_arg}') + info = AuditMixin.field_info.get(field) + if not info: + raise base.CommandError(f'field "{field}" is not a known audit report column') + if info.type not in ('group', 'filter'): + raise base.CommandError(f'column "{field}" is not a known audit report filter column') + convert: Callable[[Any], Any] + if filter_arg == 'event_time': + convert = AuditMixin.convert_date_filter + else: + convert = AuditMixin.convert_str_or_int_filter + report_filter[field] = AuditMixin.get_filter(criteria, convert) + rq: Dict[str, Any] = { + 'timezone': datetime.datetime.now().astimezone().tzname() + } + if len(report_filter) > 0: + rq['filter'] = report_filter + limit = kwargs.get('limit') + if limit is not None: + rq['limit'] = limit + order = kwargs.get('order') + if order: + rq['order'] = order + rs = auth.execute_router_json('pedm/get_audit_events', rq) + assert rs is not None + events = rs.get('audit_event_overview_report_rows') + assert isinstance(events, list) + for event in events: + if 'admin_uid' in event: + user_id = AuditMixin.get_enterprise_user_id(event['admin_uid']) + if isinstance(user_id, int): + user = context.enterprise_data.users.get_entity(user_id) + if isinstance(user, enterprise_types.User): + event['admin_uid'] = user.username + + if kwargs.get('format') == 'json': + return json.dumps(events, indent=2) + + rows: List[List[Any]] = [] + headers: List[str] = [] + if kwargs.get('report_format') == 'message': + headers.extend(('event_time', 'audit_event_type', 'message')) + for event in events: + event_type = event.get('audit_event_type') + if not event_type: + rows.append([None, 'Event is missing "event_type" field']) + continue + syslog = AuditMixin.syslog_templates.get(event_type) + if not syslog: + rows.append([None, f'Syslog message is missing for event "{event_type}"']) + continue + while True: + pattern = re.search(r'\${(\w+)}', syslog) + if pattern: + token = pattern[1] + value = event.get(token) + val = AuditMixin.get_field_value(token, value, report_type='raw') + if val is None: + val = '' + sp = pattern.span() + syslog = syslog[:sp[0]] + str(val) + syslog[sp[1]:] + else: + break + event_time = event.get('event_time') + e_time = AuditMixin.get_field_value('event_time', event_time, report_type='raw') + rows.append([e_time, event_type, syslog]) + else: + all_fields = set() + if isinstance(events, list): + for event in events: + all_fields.update(event.keys()) + headers = ['event_time', 'audit_event_type'] + headers.extend((x for x in display_fields if x in all_fields)) + for event in events: + rows.append([AuditMixin.get_field_value(x, event.get(x)) for x in headers]) + + headers = [report_utils.field_to_title(x) for x in headers] + + return report_utils.dump_report_data(rows, headers, fmt=kwargs.get('format'), filename=kwargs.get('output'), + row_number=True) + + +audit_summary_report_description = ''' +Audit Summary Report Command Syntax Description: + +To get a list of event fields run the following command: +My Vault> pedm report column report_field + +Any field that has type "group" can be used as grouping column + +Any field that has type "group" or "filter" can be used as filter + +--group-by: Defines break down report properties. + +--aggregate: Defines the aggregate value: + occurrences number of events. COUNT(*) + first_created starting date. MIN(created) + last_created ending date. MAX(created) + +Filter syntax += +where criteria is +1. single value: Example: "agent_uid=NJvK0I5RpuF0UFMwRKY_Dw" +2. list of values: Example: "agent_uid=IN(NJvK0I5RpuF0UFMwRKY_Dw, VYLhwqhRvhIpma9e1HoDFw)" +3. range value: Example: "created=BETWEEN 2024-01-01 AND 2024-02-01" +Predefined date range values: today, yesterday, last_7_days, last_30_days, month_to_date, last_month, year_to_date, last_year +"event_time=last_month" +''' + +class PedmEventSummaryReportCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='report event', description='Run audit summary reports', + parents=[base.report_output_parser]) + parser.add_argument('--syntax-help', dest='syntax_help', action='store_true', help='display help') + parser.add_argument('--report-type', dest='report_type', action='store', required=True, + choices=['hour', 'day', 'month', 'span'], help='report type') + parser.add_argument('--group-by', dest='group_by', action='append', + help='group by columns. (can be repeated).') + parser.add_argument('--aggregate', dest='aggregate', action='append', required=True, + choices=['occurrences', 'first_date', 'last_date'], + help='aggregated value. (can be repeated).') + parser.add_argument('--timezone', dest='timezone', action='store', help='return results for specific timezone') + parser.add_argument('--limit', dest='limit', type=int, action='store', + help='maximum number of returned rows (2000 max)') + parser.add_argument('--order', dest='order', action='store', choices=['desc', 'asc'], help='sort order') + parser.add_argument('filter', nargs='*', help='Report filters') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + if kwargs.get("syntax_help") is True: + return audit_summary_report_description + + assert context.enterprise_data is not None + assert context.auth is not None + auth = context.auth + + AuditMixin.load_audit_metadata(auth) + assert AuditMixin.field_info is not None + + filters = kwargs.get('filter') + if filters and isinstance(filters, str): + filters = [filters] + report_filter: Dict[str, Any] = {} + for filter_arg in filters: + field, sep, criteria = filter_arg.partition('=') + if not sep: + raise base.CommandError(f'Filter syntax error: {filter_arg}') + info = AuditMixin.field_info.get(field) + if not info: + raise base.CommandError(f'field "{field}" is not a known audit report column') + if info.type not in ('group', 'filter'): + raise base.CommandError(f'column "{field}" is not a known audit report filter column') + convert: Callable[[Any], Any] + if filter_arg == 'event_time': + convert = AuditMixin.convert_date_filter + else: + convert = AuditMixin.convert_str_or_int_filter + report_filter[field] = AuditMixin.get_filter(criteria, convert) + + report_type: Optional[str] = kwargs.get('report_type') + if not report_type: + raise base.CommandError(f'"report-type" is a required argument') + aggregate = kwargs.get('aggregate') + if not aggregate: + aggregate = ['occurrences'] + elif isinstance(aggregate, str): + aggregate = [aggregate] + + rq: Dict[str, Any] = { + 'report_type': report_type, + 'aggregate': aggregate, + 'timezone': datetime.datetime.now().astimezone().tzname() + } + + if len(report_filter) > 0: + rq['filter'] = report_filter + group_by = kwargs.get('group_by') + if group_by: + if isinstance(group_by, str): + group_by = [group_by] + rq['group_by'] = group_by + + limit = kwargs.get('limit') or 50 + rq['limit'] = limit + order = kwargs.get('order') or 'desc' + rq['order'] = order + rs = auth.execute_router_json('pedm/get_summary_audit_report', rq) + assert rs is not None + + events = rs.get('audit_event_summary_report_rows') + assert isinstance(events, list) + + if kwargs.get('format') == 'json': + return json.dumps(events, indent=2) + + if not events: + return + + headers = [] + if report_type != 'span': + headers.append('event_time') + headers.extend(aggregate) + if group_by: + headers.extend(group_by) + rows: List[List[Any]] = [] + for event in events: + rows.append([AuditMixin.get_field_value(x, event.get(x), report_type=report_type) for x in headers]) + + headers = [report_utils.field_to_title(x) for x in headers] + return report_utils.dump_report_data(rows, headers, fmt=kwargs.get('format'), filename=kwargs.get('output'), + row_number=True) + + +class PedmPolicyUsageReportCommand(base.ArgparseCommand): + def __init__(self): + parser = argparse.ArgumentParser(prog='report policy-usage', description='Run audit summary reports', + parents=[base.report_output_parser]) + parser.add_argument('--summary', dest='summary', action='store_true', help='Agent count only') + parser.add_argument('policy', nargs='+', help='Policy UID') + super().__init__(parser) + + def execute(self, context: KeeperParams, **kwargs) -> Any: + plugin = context.pedm_plugin + assert context.auth is not None + auth = context.auth + + is_summary = kwargs.get('summary') is True + rq = pedm_pb2.PolicyAgentRequest() + rq.summaryOnly = is_summary + policies = kwargs.get('policy') + if not isinstance(policies, list): + policies = [str(policies)] + if '*' in policies: + rq.policyUid.append(plugin.all_agents) + else: + policies = pedm_admin.PedmUtils.resolve_existing_policies(plugin, policies) + if len(policies) == 0: + raise base.CommandError(f'Cannot find any policy') + rq.policyUid.extend([utils.base64_url_decode(x.policy_uid) for x in policies]) + + rs = auth.execute_router( + 'pedm/get_policy_agents', rq, response_type=pedm_pb2.PolicyAgentResponse) + assert rs is not None + rows: List[List[Any]] = [] + headers: List[str] + if is_summary: + headers = ['policy_uid', 'agent_count'] + rows = [[[utils.base64_url_encode(x) for x in rq.policyUid], rs.agentCount]] + else: + headers = ['policy_uid', 'agent_uid'] + for i in range(max(len(rq.policyUid), len(rs.agentUid))): + policy_uid = utils.base64_url_encode(rq.policyUid[i]) if i < len(rq.policyUid) else '' + agent_uid = utils.base64_url_encode(rs.agentUid[i]) if i < len(rs.agentUid) else '' + rows.append([policy_uid, agent_uid]) + + return report_utils.dump_report_data(rows, headers, fmt=kwargs.get('format'), filename=kwargs.get('output')) \ No newline at end of file diff --git a/keepercli-package/src/keepercli/login.py b/keepercli-package/src/keepercli/login.py index 1cd1ddd9..2dc9e017 100644 --- a/keepercli-package/src/keepercli/login.py +++ b/keepercli-package/src/keepercli/login.py @@ -11,7 +11,7 @@ from prompt_toolkit.formatted_text import FormattedText from keepersdk import errors, utils, crypto -from keepersdk.authentication import login_auth, keeper_auth, endpoint +from keepersdk.authentication import login_auth, keeper_auth, endpoint, configuration from keepersdk.proto import APIRequest_pb2, enterprise_pb2, ssocloud_pb2 from keepersdk.authentication.yubikey import yubikey_authenticate, IKeeperUserInteraction @@ -40,15 +40,18 @@ def request_uv(self, permissions, rd_id): class LoginFlow: @staticmethod - def login(context: KeeperParams, *, + def login(storage: configuration.IConfigurationStorage, *, + server: Optional[str] = None, username: Optional[str] = None, password: Optional[str] = None, sso_master_password: bool = False, - resume_session: bool = False) -> Optional[bool]: + resume_session: bool = False) -> Optional[keeper_auth.KeeperAuth]: + login_configuration = storage.get() + if not server: + server = login_configuration.last_server if not username: - conf = context.get() - username = conf.last_login + username = login_configuration.last_login resume_session = True if not username: raise Exception('Keeper username is not provided') @@ -56,7 +59,7 @@ def login(context: KeeperParams, *, logger = utils.get_logger() logger.info('Logging in to Keeper as "%s"', username) - keeper_endpoint = endpoint.KeeperEndpoint(context, context.server) + keeper_endpoint = endpoint.KeeperEndpoint(storage, server) auth = login_auth.LoginAuth(keeper_endpoint) try: def on_next_step(): @@ -73,8 +76,11 @@ def keeper_redirect(region): passwords = [] if password: passwords.append(password) - if context.password: - passwords.append(context.password) + user_configuration = login_configuration.users().get(username) + if user_configuration is not None: + user_password = user_configuration.password + if user_password and user_password != password: + passwords.append(user_password) auth.resume_session = resume_session auth.alternate_password = sso_master_password @@ -96,7 +102,7 @@ def keeper_redirect(region): elif isinstance(step, login_auth.LoginStepDeviceApproval): LoginFlow.verify_device(step) elif isinstance(step, login_auth.LoginStepTwoFactor): - LoginFlow.handle_two_factor(context, step) + LoginFlow.handle_two_factor(step) elif isinstance(step, login_auth.LoginStepPassword): LoginFlow.handle_verify_password(step) elif isinstance(step, login_auth.LoginStepSsoToken): @@ -108,9 +114,7 @@ def keeper_redirect(region): if isinstance(step, login_auth.LoginStepError): raise errors.KeeperApiError(step.code, step.message) if isinstance(step, login_auth.LoginStepConnected): - authentication = step.take_keeper_auth() - LoginFlow.post_login(context, authentication) - return True + return LoginFlow.post_login(step.take_keeper_auth()) else: raise errors.KeeperApiError('not_supported', f'Login step {type(step).__name__} is not supported') except KeyboardInterrupt: @@ -276,7 +280,7 @@ def two_factor_code_to_duration(text: str) -> login_auth.TwoFactorDuration: FormattedText([('', 'Install fido2 package '), ('class:h3', "'pip install fido2'")])] @staticmethod - def handle_two_factor(context: KeeperParams, step: login_auth.LoginStepTwoFactor): + def handle_two_factor(step: login_auth.LoginStepTwoFactor): channels = [x for x in step.get_channels() if x.channel_type != login_auth.TwoFactorChannel.Other] menu = [] for i in range(len(channels)): @@ -333,8 +337,6 @@ def handle_two_factor(context: KeeperParams, step: login_auth.LoginStepTwoFactor utils.get_logger().error(e) else: # 2FA code - config_expiration = context.mfa_duration - step.duration = LoginFlow.two_factor_code_to_duration(config_expiration) step.duration = min(step.duration, channel.max_expiration) available_dura = sorted((x for x in LoginFlow.DurationCodes.keys() if x <= channel.max_expiration)) available_codes = [LoginFlow.two_factor_duration_to_code(x) for x in available_dura] @@ -473,32 +475,34 @@ def verify_device(step: login_auth.LoginStepDeviceApproval): step.resume() @staticmethod - def post_login(context: KeeperParams, auth: keeper_auth.KeeperAuth): - if auth.auth_context.session_token_restriction != keeper_auth.SessionTokenRestriction.Unrestricted: - if auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.AccountExpired: - msg = ( - 'Your Keeper account has expired. Please open the Keeper app to renew or visit the Web ' - 'Vault at https://keepersecurity.com/vault' - ) - raise Exception(msg) - if auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.AccountRecovery: - prompt_utils.output_text( - 'Your Master Password has expired, you are required to change it before you can login.') - password = LoginAPI.change_master_password(auth) - if password: - context.password = password - LoginFlow.login(context) + def post_login(auth: keeper_auth.KeeperAuth) -> keeper_auth.KeeperAuth: + if auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.Unrestricted: + return auth + + if auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.AccountExpired: + msg = ( + 'Your Keeper account has expired. Please open the Keeper app to renew or visit the Web ' + 'Vault at https://keepersecurity.com/vault' + ) + raise Exception(msg) + if auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.AccountRecovery: + prompt_utils.output_text( + 'Your Master Password has expired, you are required to change it before you can login.') + password = LoginAPI.change_master_password(auth) + if password: + new_auth = LoginFlow.login(auth.keeper_endpoint.storage, password=password) + if new_auth: + auth.close() + return new_auth else: - raise Exception('Change master password failed') - elif auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.ShareAccount: - prompt_utils.output_text('Account transfer required.') - _ = LoginAPI.accept_account_transfer_consent(auth) - - - if auth.auth_context.session_token_restriction != keeper_auth.SessionTokenRestriction.Unrestricted: - raise Exception('Please log into the Web Vault to update your account settings.') - - context.auth = auth + return auth + else: + raise Exception('Change master password failed') + if auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.ShareAccount: + prompt_utils.output_text('Account transfer required.') + _ = LoginAPI.accept_account_transfer_consent(auth) + return auth + raise Exception('Please log into the Web Vault to update your account settings.') class LoginAPI: diff --git a/keepercli-package/src/keepercli/params.py b/keepercli-package/src/keepercli/params.py index 816c39a2..421e9dc0 100644 --- a/keepercli-package/src/keepercli/params.py +++ b/keepercli-package/src/keepercli/params.py @@ -1,96 +1,123 @@ import json import os import sqlite3 +import threading from typing import Dict, Optional, Any, Type from keepersdk.authentication import configuration, endpoint, keeper_auth from keepersdk.enterprise import sqlite_enterprise_storage, enterprise_types, enterprise_loader from keepersdk.vault import vault_online, sqlite_storage +from keepersdk.plugins.pedm import admin_plugin -class ParamsConfig: - def __init__(self, config_filename: str, config: Optional[Dict] = None) -> None: - self.config_filename: str = config_filename +class KeeperConfig(configuration.IConfigurationStorage): + def __init__(self, *, + config_filename: Optional[str] = None, + config: Optional[Dict] = None) -> None: + self.config_filename: Optional[str] = config_filename self.config: Dict[str, Any] = config or {} self.shadow_config: Dict[str, Any] = {} + self.thread_local = threading.local() - def _getter(self, name: str, value_type: Optional[Type] = None) -> Any: + def getter(self, name: str, value_type: Optional[Type] = None) -> Any: value = self.shadow_config.get(name) if name in self.shadow_config else self.config.get(name) if value is not None: if value_type is not None: if not isinstance(value, value_type): - return + return None return value + return None - def _setter(self, name: str, value: Any, value_type: Optional[Type] = None) -> None: + def setter(self, name: str, value: Any, value_type: Optional[Type] = None) -> None: if value is None: if name in self.shadow_config: del self.shadow_config[name] else: if value_type is not None and not isinstance(value, value_type): - return + return None if name in self.config: if self.config[name] == value: if name in self.shadow_config: del self.shadow_config[name] - return + return None self.shadow_config[name] = value + return None + + def get(self) -> configuration.JsonKeeperConfiguration: + return configuration.JsonKeeperConfiguration(self.config) + + def put(self, keeper_configuration: configuration.IKeeperConfiguration) -> None: + if self.config_filename: + jc = configuration.JsonKeeperConfiguration(self.config) + jc.assign(keeper_configuration) + self.config = json.loads(json.dumps(jc)) + + with open(self.config_filename, 'w') as fd: + json.dump(self.config, fd, ensure_ascii=False, indent=2) @property def batch_mode(self) -> bool: - return self._getter('batch_mode', bool) + return self.getter('batch_mode', bool) @batch_mode.setter def batch_mode(self, value: bool): - self._setter('batch_mode', value, bool) + self.setter('batch_mode', value, bool) @property def debug(self) -> bool: - return self._getter('debug', bool) + return self.getter('debug', bool) @debug.setter def debug(self, value: bool): - self._setter('debug', value, bool) + self.setter('debug', value, bool) @property def unmask_all(self) -> str: - return self._getter('unmask_all', str) + return self.getter('unmask_all', str) @unmask_all.setter def unmask_all(self, value: str): - self._setter('unmask_all', value, str) - - @property - def certificate_check(self) -> bool: - return self._getter('certificate_check', bool) + self.setter('unmask_all', value, str) @property def fail_on_throttle(self) -> bool: - return self._getter('fail_on_throttle', bool) + return self.getter('fail_on_throttle', bool) @fail_on_throttle.setter - def fail_on_throttle(self, value: str): - self._setter('fail_on_throttle', value, str) + def fail_on_throttle(self, value: bool): + self.setter('fail_on_throttle', value, bool) @property - def mfa_duration(self) -> str: - return self._getter('mfa_duration', str) + def skip_vault(self) -> bool: + return self.getter('skip_vault', bool) + + @skip_vault.setter + def skip_vault(self, value: bool): + self.setter('skip_vault', value, bool) + + @property + def skip_enterprise(self) -> bool: + return self.getter('skip_enterprise', bool) + + @skip_enterprise.setter + def skip_enterprise(self, value: bool): + self.setter('skip_enterprise', value, bool) @property def server(self) -> Optional[str]: - return self._getter('last_server', str) or endpoint.DEFAULT_KEEPER_SERVER + return self.getter('last_server', str) or endpoint.DEFAULT_KEEPER_SERVER @server.setter def server(self, value: Optional[str]): - self._setter('last_server', value, str) + self.setter('last_server', value, str) @property def username(self) -> Optional[str]: - return self._getter('last_login', str) + return self.getter('last_login', str) @username.setter def username(self, value: Optional[str]): - self._setter('last_login', value, str) + self.setter('last_login', value, str) @property def password(self) -> Optional[str]: @@ -104,30 +131,63 @@ def password(self, value: Optional[str]): if 'password' in self.shadow_config: del self.shadow_config['password'] + def get_connection(self) -> sqlite3.Connection: + if not hasattr(self.thread_local, 'sqlite_connection'): + if self.config_filename: + file_path = os.path.abspath(self.config_filename) + file_path = os.path.dirname(file_path) + file_path = os.path.join(file_path, 'keeper_db.sqlite') + else: + file_path = ':memory:' + self.thread_local.sqlite_connection = sqlite3.Connection(file_path) + return self.thread_local.sqlite_connection + + +# TODO Make vault, enterprise, and plugins Mixins +class KeeperParams: + def __init__(self, keeper_config: KeeperConfig): + self._keeper_config = keeper_config + cert_check = self.certificate_check + if isinstance(cert_check, bool): + endpoint.set_certificate_check(cert_check) + + self._environment_variables: Dict[str, Any] = {} -class KeeperParams(ParamsConfig, configuration.IConfigurationStorage): - def __init__(self, config_filename: str, config: Optional[Dict]): - super().__init__(config_filename, config) - self.current_folder: Optional[str] = None self._auth: Optional[keeper_auth.KeeperAuth] = None + + self.current_folder: Optional[str] = None self._vault: Optional[vault_online.VaultOnline] = None + self._enterprise_loader: Optional[enterprise_loader.EnterpriseLoader] = None - self._sqlite_connection: Optional[sqlite3.Connection] = None - self._environment_variables: Dict[str, Any] = {} - cert_check = self.certificate_check - if isinstance(cert_check, bool): - endpoint.set_certificate_check(cert_check) + + self._pedm_plugin: Optional[admin_plugin.PedmPlugin] = None + + @property + def keeper_config(self) -> KeeperConfig: + return self._keeper_config + + @property + def environment_variables(self) -> Dict[str, Any]: + return self._environment_variables + + @property + def certificate_check(self) -> bool: + return self._keeper_config.getter('certificate_check', bool) def clear_session(self) -> None: - self.shadow_config.clear() self.current_folder = None - self._enterprise_loader = None + + if self._pedm_plugin: + self._pedm_plugin.close() + self._pedm_plugin = None + + if self._enterprise_loader: + self._enterprise_loader = None + if self._vault: self._vault.close() - self._vault = None - if self._sqlite_connection: - self._sqlite_connection.close() - self._sqlite_connection = None + self._vault = None + if self._auth: self._auth.close() self._auth = None @@ -136,20 +196,29 @@ def clear_session(self) -> None: def auth(self) -> Optional[keeper_auth.KeeperAuth]: return self._auth - @auth.setter - def auth(self, value: keeper_auth.KeeperAuth): + def set_auth(self, value: keeper_auth.KeeperAuth, *, + tree_key: Optional[bytes] = None, + skip_vault: Optional[bool] = None, + skip_enterprise: Optional[bool] = None, + ): self.clear_session() if value: self._auth = value - storage = sqlite_storage.SqliteVaultStorage(self.get_connection, self._auth.auth_context.account_uid) - self._vault = vault_online.get_vault_online(self._auth, storage) - self.vault_down() - if self._auth.auth_context.is_enterprise_admin: - enterprise_id = self._auth.auth_context.license.get('enterpriseId') + if skip_vault is None: + skip_vault = self.keeper_config.skip_vault + if not skip_vault: + storage = sqlite_storage.SqliteVaultStorage(self._keeper_config.get_connection, self._auth.auth_context.account_uid) + self._vault = vault_online.get_vault_online(self._auth, storage) + self.vault_down() + + if skip_enterprise is None: + skip_enterprise = self.keeper_config.skip_enterprise + if not skip_enterprise and self._auth.auth_context.is_enterprise_admin: + enterprise_id = self._auth.auth_context.enterprise_id assert isinstance(enterprise_id, int) enterprise_storage = sqlite_enterprise_storage.SqliteEnterpriseStorage( - self.get_connection, enterprise_id) - self._enterprise_loader = enterprise_loader.EnterpriseLoader(self._auth, enterprise_storage) + self._keeper_config.get_connection, enterprise_id) + self._enterprise_loader = enterprise_loader.EnterpriseLoader(self._auth, enterprise_storage, tree_key=tree_key) self.enterprise_down() @property @@ -157,6 +226,16 @@ def enterprise_loader(self) -> enterprise_types.IEnterpriseLoader: assert self._enterprise_loader is not None return self._enterprise_loader + @property + def pedm_plugin(self) -> admin_plugin.PedmPlugin: + assert self._enterprise_loader is not None + if not self._pedm_plugin: + self._pedm_plugin = admin_plugin.PedmPlugin(self._enterprise_loader) + + if self._pedm_plugin.need_sync: + self._pedm_plugin.sync_down() + return self._pedm_plugin + def vault_down(self): if self._vault: self._vault.sync_down() @@ -165,14 +244,6 @@ def enterprise_down(self): if self._auth and self._enterprise_loader: _ = self._enterprise_loader.load() - def get_connection(self) -> sqlite3.Connection: - if self._sqlite_connection is None: - file_path = os.path.abspath(self.config_filename) - file_path = os.path.dirname(file_path) - file_path = os.path.join(file_path, 'keeper_db.sqlite') - self._sqlite_connection = sqlite3.Connection(file_path) - return self._sqlite_connection - @property def vault(self) -> Optional[vault_online.VaultOnline]: return self._vault @@ -181,18 +252,4 @@ def vault(self) -> Optional[vault_online.VaultOnline]: def enterprise_data(self) -> Optional[enterprise_types.IEnterpriseData]: if self._enterprise_loader is not None: return self._enterprise_loader.enterprise_data - - def get(self) -> configuration.JsonKeeperConfiguration: - return configuration.JsonKeeperConfiguration(self.config) - - def put(self, keeper_configuration: configuration.IKeeperConfiguration) -> None: - jc = configuration.JsonKeeperConfiguration(self.config) - jc.assign(keeper_configuration) - self.config = json.loads(json.dumps(jc)) - - with open(self.config_filename, 'w') as fd: - json.dump(self.config, fd, ensure_ascii=False, indent=2) - - @property - def environment_variables(self) -> Dict[str, Any]: - return self._environment_variables + return None diff --git a/keepercli-package/src/keepercli/register_commands.py b/keepercli-package/src/keepercli/register_commands.py index fb7a5ec9..a98fc542 100644 --- a/keepercli-package/src/keepercli/register_commands.py +++ b/keepercli-package/src/keepercli/register_commands.py @@ -14,6 +14,7 @@ def register_commands(commands: base.CliCommands, scopes: Optional[base.CommandS if not scopes or bool(scopes & base.CommandScope.Account): from .commands import account_commands from .biometric import BiometricCommand + from .commands import account_commands commands.register_command('server', base.GetterSetterCommand('server', 'Sets or displays current Keeper region'), base.CommandScope.Account) @@ -25,10 +26,10 @@ def register_commands(commands: base.CliCommands, scopes: Optional[base.CommandS if not scopes or bool(scopes & base.CommandScope.Vault): - from .commands import (vault_folder, vault, vault_record, record_edit, importer_commands, breachwatch, + from .commands import (vault_folder, vault, vault_record, record_edit, importer_commands, breachwatch, record_type, secrets_manager, share_management, password_report, trash, record_file_report, record_handling_commands, register) - + commands.register_command('sync-down', vault.SyncDownCommand(), base.CommandScope.Vault, 'd') commands.register_command('cd', vault_folder.FolderCdCommand(), base.CommandScope.Vault) commands.register_command('ls', vault_folder.FolderListCommand(), base.CommandScope.Vault) @@ -80,7 +81,7 @@ def register_commands(commands: base.CliCommands, scopes: Optional[base.CommandS if not scopes or bool(scopes & base.CommandScope.Enterprise): from .commands import (enterprise_info, enterprise_node, enterprise_role, enterprise_team, enterprise_user, enterprise_create_user, - importer_commands, audit_report, audit_alert, audit_log, transfer_account) + importer_commands, audit_report, audit_alert, audit_log, transfer_account, pedm_admin, msp) commands.register_command('create-user', enterprise_create_user.CreateEnterpriseUserCommand(), base.CommandScope.Enterprise, 'ecu') commands.register_command('enterprise-down', enterprise_info.EnterpriseDownCommand(), base.CommandScope.Enterprise, 'ed') @@ -95,4 +96,6 @@ def register_commands(commands: base.CliCommands, scopes: Optional[base.CommandS commands.register_command('audit-log', audit_log.AuditLogCommand(), base.CommandScope.Enterprise, 'al') commands.register_command('download-membership', importer_commands.DownloadMembershipCommand(), base.CommandScope.Enterprise) commands.register_command('apply-membership', importer_commands.ApplyMembershipCommand(), base.CommandScope.Enterprise) - commands.register_command('device-approve', enterprise_user.EnterpriseDeviceApprovalCommand(), base.CommandScope.Enterprise) \ No newline at end of file + commands.register_command('device-approve', enterprise_user.EnterpriseDeviceApprovalCommand(), base.CommandScope.Enterprise) + commands.register_command('pedm', pedm_admin.PedmCommand(), base.CommandScope.Enterprise) + commands.register_command('switch-to-mc', msp.SwitchToManagedCompanyCommand(), base.CommandScope.Enterprise) diff --git a/keepersdk-package/README.md b/keepersdk-package/README.md new file mode 100644 index 00000000..a79e48a0 --- /dev/null +++ b/keepersdk-package/README.md @@ -0,0 +1,384 @@ +[![PyPI](https://img.shields.io/pypi/v/keepersdk)](https://pypi.org/project/keepersdk/) +[![License](https://img.shields.io/pypi/l/keepersdk)](https://github.com/Keeper-Security/keeper-sdk-python/blob/master/LICENSE) +![Python](https://img.shields.io/pypi/pyversions/keepersdk) +![License](https://img.shields.io/pypi/status/keepersdk) + +# Keeper SDK for Python + +## Overview + +The Keeper SDK for Python provides developers with a comprehensive toolkit for integrating Keeper Security's password management and secrets management capabilities into Python applications. This repository contains two primary packages: + +- **Keeper SDK (`keepersdk`)**: A Python library for programmatic access to Keeper Vault, enabling developers to build custom integrations, automate password management workflows, and manage enterprise console operations. +- **Keeper CLI (`keepercli`)**: A modern command-line interface for interacting with Keeper Vault and Enterprise Console, offering efficient commands for vault management, enterprise administration, and automation tasks. + +## Table of Contents + +- [Prerequisites](#prerequisites) +- [Keeper SDK](#keeper-sdk) + - [SDK Installation](#sdk-installation) + - [SDK Environment Setup](#sdk-environment-setup) + - [SDK Configuration](#sdk-configuration) + - [SDK Usage Example](#sdk-usage-example) +- [Keeper CLI](#keeper-cli) + - [CLI Installation](#cli-installation) + - [CLI Environment Setup](#cli-environment-setup) + - [CLI Usage](#cli-usage) +- [Development Setup](#development-setup) +- [Contributing](#contributing) +- [License](#license) + +--- + +## Prerequisites + +Before installing the Keeper SDK or CLI, ensure your system meets the following requirements: + +- **Python Version**: Python 3.10 or higher +- **Operating System**: Windows, macOS, or Linux +- **Package Manager**: pip (Python package installer) +- **Virtual Environment** (recommended): `venv` or `virtualenv` + +To verify your Python version: +```bash +python3 --version +``` + +--- + +## Keeper SDK + +### About Keeper SDK + +The Keeper SDK is a Python library that provides programmatic access to Keeper Security's platform. It enables developers to: + +- Authenticate users and manage sessions +- Access and manipulate vault records (passwords, files, custom fields) +- Manage folders and shared folders +- Administer enterprise console operations (users, teams, roles, nodes) +- Integrate Keeper's zero-knowledge security architecture into applications +- Automate password rotation and secrets management workflows + +### SDK Installation + +#### From PyPI (Recommended) + +Install the latest stable release from the Python Package Index: + +```bash +pip install keepersdk +``` + +#### From Source + +To install from source for development or testing purposes: + +```bash +# Clone the repository +git clone https://github.com/Keeper-Security/keeper-sdk-python +cd keeper-sdk-python/keepersdk-package + +# Install the SDK +pip install -e . +``` + +### SDK Environment Setup + +For optimal development practices, it's recommended to use a virtual environment: + +**Step 1: Create a Virtual Environment** + +```bash +# On macOS/Linux +python3 -m venv venv + +# On Windows +python -m venv venv +``` + +**Step 2: Activate the Virtual Environment** + +```bash +# On macOS/Linux +source venv/bin/activate + +# On Windows +venv\Scripts\activate +``` + +**Step 3: Install Keeper SDK dependencies** + +```bash +pip install -e keepersdk-package +``` + +**Step 4: Install keepersdk into the venv** +```bash +pip install -e keepercli-package +``` + +Your environment is now ready for SDK development. + +### SDK Configuration + +The Keeper SDK uses a configuration storage system to manage authentication settings and endpoints. You can use: + +- **JsonConfigurationStorage**: Stores configuration in JSON format (default) +- **InMemoryConfigurationStorage**: Temporary in-memory storage for testing +- **Custom implementations**: Implement your own configuration storage + +#### **Requirement for client** + +If you are accessing keepersdk from a new device, you need to ensure that there is a config.json file present from which the sdk reads credentials. This ensures that the client doesn't contain any hardcoded credentials. Create the .json file in .keeper folder of current user, you might need to create a .keeper folder. A sample showing the structure of the config.json needed is shown below: + +``` +{ + "users": [ + { + "user": "username@yourcompany.com", + "password":"yourpassword", + "server": "keepersecurity.com", + "last_device": { + "device_token": "" + } + } + ], + "servers": [ + { + "server": "keepersecurity.com", + "server_key_id": 10 + } + ], + "devices": [ + { + "device_token": "", + "private_key": "", + "server_info": [ + { + "server": "keepersecurity.com", + "clone_code": "" + } + ] + } + ], + "last_login": "username@yourcompany.com", + "last_server": "keepersecurity.com" +} +``` + +### SDK Usage Example + +Below is a complete example demonstrating authentication, vault synchronization, and record retrieval: + +```python +import sqlite3 +import getpass + +from keepersdk.authentication import login_auth, configuration, endpoint +from keepersdk.vault import sqlite_storage, vault_online, vault_record + +# Initialize configuration and authentication context +config = configuration.JsonConfigurationStorage() +keeper_endpoint = endpoint.KeeperEndpoint(config) +login_auth_context = login_auth.LoginAuth(keeper_endpoint) + +# Authenticate user +login_auth_context.login(config.get().users()[0].username, config.get().users()[0].password) + +while not login_auth_context.login_step.is_final(): + if isinstance(login_auth_context.login_step, login_auth.LoginStepDeviceApproval): + login_auth_context.login_step.send_push(login_auth.DeviceApprovalChannel.KeeperPush) + print("Device approval request sent. Login to existing vault/console or ask admin to approve this device and then press return/enter to resume") + input() + elif isinstance(login_auth_context.login_step, login_auth.LoginStepPassword): + password = getpass.getpass('Enter password: ') + login_auth_context.login_step.verify_password(password) + elif isinstance(login_auth_context.login_step, login_auth.LoginStepTwoFactor): + channel = login_auth_context.login_step.get_channels()[0] + code = getpass.getpass(f'Enter 2FA code for {channel.channel_name}: ') + login_auth_context.login_step.send_code(channel.channel_uid, code) + else: + raise NotImplementedError() + +# Check if login was successful +if isinstance(login_auth_context.login_step, login_auth.LoginStepConnected): + # Obtain authenticated session + keeper_auth = login_auth_context.login_step.take_keeper_auth() + + # Set up vault storage (using SQLite in-memory database) + conn = sqlite3.Connection('file::memory:', uri=True) + vault_storage = sqlite_storage.SqliteVaultStorage( + lambda: conn, + vault_owner=bytes(keeper_auth.auth_context.username, 'utf-8') + ) + + # Initialize vault and synchronize with Keeper servers + vault = vault_online.VaultOnline(keeper_auth, vault_storage) + vault.sync_down() + + # Access and display vault records + print("Vault Records:") + print("-" * 50) + for record in vault.vault_data.records(): + print(f'Title: {record.title}') + + # Handle legacy (v2) records + if record.version == 2: + legacy_record = vault.vault_data.load_record(record.record_uid) + if isinstance(legacy_record, vault_record.PasswordRecord): + print(f'Username: {legacy_record.login}') + print(f'URL: {legacy_record.link}') + + # Handle modern (v3+) records + elif record.version >= 3: + print(f'Record Type: {record.record_type}') + + print("-" * 50) + vault.close() + keeper_auth.close() +``` + +**Important Security Notes:** +- Never hardcode credentials in production code +- Always implement proper two-factor authentication +- Use device approval flows for enhanced security +- Consider using environment variables or secure vaults for credential management + +--- + +## Keeper CLI + +### About Keeper CLI + +Keeper CLI is a powerful command-line interface that provides direct access to Keeper Vault and Enterprise Console features. It enables users to: + +- Manage vault records, folders, and attachments from the terminal +- Perform enterprise administration tasks (user management, team operations, role assignments) +- Execute batch operations and automation scripts +- Generate audit reports and monitor security events +- Configure Secrets Manager applications +- Import and export vault data + +Keeper CLI is ideal for system administrators, DevOps engineers, and power users who prefer terminal-based workflows. + +### CLI Installation + +#### From Source + +```bash +# Clone the repository +git clone https://github.com/Keeper-Security/keeper-sdk-python +cd keeper-sdk-python/keepercli-package + +# Install dependencies +pip install -e . +``` + +### CLI Environment Setup + +**Complete Setup from Source:** + +**Step 1: Create and Activate Virtual Environment** + +```bash +# Create virtual environment +python3 -m venv venv + +# Activate virtual environment +# On macOS/Linux: +source venv/bin/activate +# On Windows: +venv\Scripts\activate +``` + +**Step 2: Install Keeper SDK (Required Dependency)** + +```bash +cd keepersdk-package +pip install -e . +``` + +**Step 3: Install Keeper CLI** + +```bash +cd ../keepercli-package +pip install -e . +``` + +### CLI Usage + +Once installed, launch Keeper CLI: + +```bash +# Run Keeper CLI +python -m keepercli +``` + +**Common CLI Commands:** + +```bash +# Login to your Keeper account +Not Logged In> login + +# List all vault records +My Vault> list + +# Search for a specific record +My Vault> search + +# Display record details +My Vault> get + +# Add a new record +My Vault> add-record + +# Sync vault with server +My Vault> sync-down + +# Enterprise user management +My Vault> enterprise-user list +My Vault> enterprise-user add +My Vault> enterprise-user edit + +# Team management +My Vault> enterprise-team list +My Vault> enterprise-team add + +# Generate audit report +My Vault> audit-report + +# Exit CLI +My Vault> quit +``` + +**Interactive Mode:** + +Keeper CLI provides an interactive shell with command history, tab completion, and contextual help: + +```bash +My Vault> help # Display all available commands +My Vault> help # Get help for a specific command +My Vault> my-command --help # Display command-specific options +``` + +--- + +## Contributing + +We welcome contributions from the community! Please feel free to submit pull requests, report issues, or suggest enhancements through our [GitHub repository](https://github.com/Keeper-Security/keeper-sdk-python). + +--- + +## License + +This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details. + +--- + +## Support + +For support, documentation, and additional resources: + +- **Documentation**: [Keeper Security Developer Portal](https://docs.keeper.io/) +- **Support**: [Keeper Security Support](https://www.keepersecurity.com/support.html) +- **Community**: [Keeper Security GitHub](https://github.com/Keeper-Security) \ No newline at end of file diff --git a/keepersdk-package/src/keepersdk/__init__.py b/keepersdk-package/src/keepersdk/__init__.py index d448bbd0..f44b6d75 100644 --- a/keepersdk-package/src/keepersdk/__init__.py +++ b/keepersdk-package/src/keepersdk/__init__.py @@ -10,6 +10,6 @@ # from . import background -__version__ = '1.0.0' +__version__ = '1.0.1' background.init() diff --git a/keepersdk-package/src/keepersdk/authentication/auth_utils.py b/keepersdk-package/src/keepersdk/authentication/auth_utils.py index 83a8d42e..6785db15 100644 --- a/keepersdk-package/src/keepersdk/authentication/auth_utils.py +++ b/keepersdk-package/src/keepersdk/authentication/auth_utils.py @@ -3,47 +3,3 @@ from . import keeper_auth from .. import crypto, errors -def load_account_summary(auth: keeper_auth.KeeperAuth) -> AccountSummary_pb2.AccountSummaryElements: - rq = AccountSummary_pb2.AccountSummaryRequest() - rq.summaryVersion = 1 - account_summary = auth.execute_auth_rest('login/account_summary', rq, - response_type=AccountSummary_pb2.AccountSummaryElements) - assert account_summary is not None - return account_summary - - -def register_data_key_for_device(auth: keeper_auth.KeeperAuth) -> bool: - device_key = auth.auth_context.device_private_key - assert device_key is not None - rq = APIRequest_pb2.RegisterDeviceDataKeyRequest() - rq.encryptedDeviceToken = auth.auth_context.device_token - rq.encryptedDeviceDataKey = crypto.encrypt_ec(auth.auth_context.data_key, device_key.public_key()) - try: - auth.execute_auth_rest('authentication/register_encrypted_data_key_for_device', rq) - except errors.KeeperApiError as kae: - if kae.result_code == 'device_data_key_exists': - return False - raise kae - return True - - -def rename_device(auth: keeper_auth.KeeperAuth, new_name: str): - rq = APIRequest_pb2.DeviceUpdateRequest() - rq.clientVersion = auth.keeper_endpoint.client_version - # rq.deviceStatus = proto.DEVICE_OK - rq.deviceName = new_name - rq.encryptedDeviceToken = auth.auth_context.device_token - - auth.execute_auth_rest('authentication/update_device', rq) - - -def set_user_setting(auth: keeper_auth.KeeperAuth, name: str, value: str) -> None: - # Available setting names: - # - logout_timer - # - persistent_login - # - ip_disable_auto_approve - - rq = APIRequest_pb2.UserSettingRequest() - rq.setting = name - rq.value = value - auth.execute_auth_rest('setting/set_user_setting', rq) diff --git a/keepersdk-package/src/keepersdk/authentication/endpoint.py b/keepersdk-package/src/keepersdk/authentication/endpoint.py index c6dd39f4..6f623a2f 100644 --- a/keepersdk-package/src/keepersdk/authentication/endpoint.py +++ b/keepersdk-package/src/keepersdk/authentication/endpoint.py @@ -82,10 +82,10 @@ def prepare_api_request(key_id: int, transmission_key: bytes, class KeeperEndpoint(object): def __init__(self, configuration_storage: configuration.IConfigurationStorage, keeper_server: Optional[str] = None) -> None: - self.client_version = CLIENT_VERSION - self.device_name = DEFAULT_DEVICE_NAME + self.client_version: str = CLIENT_VERSION + self.device_name: str = DEFAULT_DEVICE_NAME self.locale = resolve_locale() - self._server = '' + self._server: str = '' self._server_key_id = 7 self._storage = configuration_storage if not keeper_server: @@ -94,6 +94,10 @@ def __init__(self, configuration_storage: configuration.IConfigurationStorage, self.server = keeper_server or DEFAULT_KEEPER_SERVER self.fail_on_throttle = False + @property + def storage(self) -> configuration.IConfigurationStorage: + return self._storage + @property def server(self) -> str: return self._server or DEFAULT_KEEPER_SERVER @@ -165,10 +169,49 @@ def execute_router_rest(self, endpoint: str, *, session_token: bytes, payload: O else: code = 'router_error' raise errors.KeeperApiError(code, router_response.errorMessage) + return None + else: + message = response.reason + raise errors.KeeperApiError('router_error', f'{message}: {response.status_code}') + + def execute_router_bi(self, encryption_key: bytes, endpoint: str, request: Optional[TRQ], *, + response_type: Type[TRS]) -> Optional[TRS]: + logger = utils.get_logger() + if logger.level <= logging.DEBUG: + js = MessageToJson(request) if request else '' + logger.debug('>>> [RQ] \"%s\": %s', endpoint, js) + + if 'ROUTER_URL' in os.environ: + up = urlparse(os.environ['ROUTER_URL']) + url_comp = (up.scheme, up.netloc, f'api/bi/{endpoint}', None, None, None) + else: + url_comp = ('https', self.get_router_server(), f'api/bi/{endpoint}', None, None, None) + url = urlunparse(url_comp) + + logger.debug('>>> [ROUTER] POST Request: [%s]', url) + + rq = APIRequest_pb2.ApiRequestByKey() + rq.keyId = 2 + if request: + payload = crypto.encrypt_aes_v2(request.SerializeToString(), encryption_key) + rq.payload = payload + + response = requests.post(url, data=rq.SerializeToString()) + if response.status_code == 200: + rs_body = response.content + payload = crypto.decrypt_aes_v2(rs_body, encryption_key) + router_response = response_type() + router_response.ParseFromString(payload) + if logger.level <= logging.DEBUG: + js = MessageToJson(router_response) if router_response else '' + logger.debug('>>> [RS] \"%s\": %s', endpoint, js) + + return router_response else: message = response.reason raise errors.KeeperApiError('router_error', f'{message}: {response.status_code}') + def _communicate_keeper(self, endpoint: str, payload: Optional[bytes], session_token: Optional[bytes] = None, diff --git a/keepersdk-package/src/keepersdk/authentication/keeper_auth.py b/keepersdk-package/src/keepersdk/authentication/keeper_auth.py index 4382511d..90703802 100644 --- a/keepersdk-package/src/keepersdk/authentication/keeper_auth.py +++ b/keepersdk-package/src/keepersdk/authentication/keeper_auth.py @@ -5,16 +5,17 @@ import json import logging import time -from typing import Optional, Dict, Any, List, Type, Set, Iterable +from typing import Optional, Dict, Any, List, Type, Set, Iterable, Union import attrs from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePrivateKey, EllipticCurvePublicKey from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey, RSAPublicKey -from google.protobuf.json_format import MessageToJson +from google.protobuf.json_format import MessageToJson, MessageToDict +from urllib3.util import url from . import endpoint, notifications from .. import errors, utils, crypto -from ..proto import APIRequest_pb2 +from ..proto import AccountSummary_pb2, APIRequest_pb2, breachwatch_pb2, push_pb2 class IKeeperAuth(abc.ABC): @@ -61,6 +62,7 @@ def __init__(self) -> None: self.enterprise_rsa_public_key: Optional[RSAPublicKey] = None self.enterprise_ec_public_key: Optional[EllipticCurvePublicKey] = None self.is_enterprise_admin = False + self.is_mc_superadmin = False self.enterprise_id: Optional[int] = None self.enforcements: Dict[str, Any] = {} self.settings: Dict[str, Any] = {} @@ -98,11 +100,10 @@ def check_keepalive(self) -> bool: class KeeperAuth: - def __init__(self, keeper_endpoint: endpoint.KeeperEndpoint, auth_context: AuthContext, - push_notifications: Optional[notifications.FanOut[Dict[str, Any]]] = None) -> None: + def __init__(self, keeper_endpoint: endpoint.KeeperEndpoint, auth_context: AuthContext) -> None: self.keeper_endpoint = keeper_endpoint self.auth_context = auth_context - self._push_notifications: Optional[notifications.FanOut[Dict[str, Any]]] = push_notifications + self.push_notifications: Optional[notifications.FanOut[Dict[str, Any]]] = None self._ttk: Optional[TimeToKeepalive] = None self._key_cache: Optional[Dict[str, UserKeys]] = None @@ -112,13 +113,10 @@ def __enter__(self): def __exit__(self, exc_type, exc_val, exc_tb): self.close() - @property - def push_notifications(self) -> Optional[notifications.FanOut[Dict[str, Any]]]: - return self._push_notifications - def close(self) -> None: - if self._push_notifications and not self._push_notifications.is_completed: - self._push_notifications.shutdown() + if self.push_notifications and not self.push_notifications.is_completed: + self.push_notifications.shutdown() + self.push_notifications = None def _update_ttk(self): if self._ttk: @@ -204,6 +202,7 @@ def execute_router(self, path: str, request: Optional[endpoint.TRQ], *, logger.debug('>>> [RS] \"%s\": %s', path, js) return response + return None def execute_router_json(self, path: str, request: Optional[Dict[str, Any]]) -> Optional[Dict[str, Any]]: logger = utils.get_logger() @@ -309,7 +308,132 @@ def load_team_keys(self, team_uids: Iterable[str]) -> None: def get_user_keys(self, username: str) -> Optional[UserKeys]: if self._key_cache: return self._key_cache.get(username) + return None def get_team_keys(self, team_uid: str) -> Optional[UserKeys]: if self._key_cache: return self._key_cache.get(team_uid) + return None + + def post_login(self) -> None: + rs = load_account_summary(self) + + assert rs is not None + if rs.license.enterpriseId: + self.auth_context.enterprise_id = rs.license.enterpriseId + self.auth_context.forbid_rsa = rs.forbidKeyType2 + self.auth_context.settings.update(MessageToDict(rs.settings)) + self.auth_context.license.update(MessageToDict(rs.license)) + enf = MessageToDict(rs.Enforcements) + if 'strings' in enf: + strs = {x['key']: x['value'] for x in enf['strings'] if 'key' in x and 'value' in x} + self.auth_context.enforcements.update(strs) + if 'booleans' in enf: + bools = {x['key']: x.get('value', False) for x in enf['booleans'] if 'key' in x} + self.auth_context.enforcements.update(bools) + if 'longs' in enf: + longs = {x['key']: x['value'] for x in enf['longs'] if 'key' in x and 'value' in x} + self.auth_context.enforcements.update(longs) + if 'jsons' in enf: + jsons = {x['key']: x['value'] for x in enf['jsons'] if 'key' in x and 'value' in x} + self.auth_context.enforcements.update(jsons) + self.auth_context.is_enterprise_admin = rs.isEnterpriseAdmin + if rs.clientKey: + self.auth_context.client_key = crypto.decrypt_aes_v1(rs.clientKey, self.auth_context.data_key) + if rs.keysInfo.encryptedPrivateKey: + rsa_private_key = crypto.decrypt_aes_v1(rs.keysInfo.encryptedPrivateKey, self.auth_context.data_key) + self.auth_context.rsa_private_key = crypto.load_rsa_private_key(rsa_private_key) + if rs.keysInfo.encryptedEccPrivateKey: + ec_private_key = crypto.decrypt_aes_v2(rs.keysInfo.encryptedEccPrivateKey, self.auth_context.data_key) + self.auth_context.ec_private_key = crypto.load_ec_private_key(ec_private_key) + if rs.keysInfo.eccPublicKey: + self.auth_context.ec_public_key = crypto.load_ec_public_key(rs.keysInfo.eccPublicKey) + + if self.auth_context.session_token_restriction == SessionTokenRestriction.Unrestricted: + if self.auth_context.license.get('accountType', 0) == 2: + try: + e_rs = self.execute_auth_rest('enterprise/get_enterprise_public_key', None, + response_type=breachwatch_pb2.EnterprisePublicKeyResponse) + assert e_rs is not None + if e_rs.enterpriseECCPublicKey: + self.auth_context.enterprise_ec_public_key = \ + crypto.load_ec_public_key(e_rs.enterpriseECCPublicKey) + if e_rs.enterprisePublicKey: + self.auth_context.enterprise_rsa_public_key = \ + crypto.load_rsa_public_key(e_rs.enterprisePublicKey) + + except Exception as e: + logger = utils.get_logger() + logger.debug('Get enterprise public key error: %s', e) + + +def load_account_summary(auth: KeeperAuth) -> AccountSummary_pb2.AccountSummaryElements: + rq = AccountSummary_pb2.AccountSummaryRequest() + rq.summaryVersion = 1 + account_summary = auth.execute_auth_rest('login/account_summary', rq, + response_type=AccountSummary_pb2.AccountSummaryElements) + assert account_summary is not None + return account_summary + + +def register_data_key_for_device(auth: KeeperAuth) -> bool: + device_key = auth.auth_context.device_private_key + assert device_key is not None + rq = APIRequest_pb2.RegisterDeviceDataKeyRequest() + rq.encryptedDeviceToken = auth.auth_context.device_token + rq.encryptedDeviceDataKey = crypto.encrypt_ec(auth.auth_context.data_key, device_key.public_key()) + try: + auth.execute_auth_rest('authentication/register_encrypted_data_key_for_device', rq) + except errors.KeeperApiError as kae: + if kae.result_code == 'device_data_key_exists': + return False + raise kae + return True + +def rename_device(auth: KeeperAuth, new_name: str): + rq = APIRequest_pb2.DeviceUpdateRequest() + rq.clientVersion = auth.keeper_endpoint.client_version + # rq.deviceStatus = proto.DEVICE_OK + rq.deviceName = new_name + rq.encryptedDeviceToken = auth.auth_context.device_token + + auth.execute_auth_rest('authentication/update_device', rq) + + +def set_user_setting(auth: KeeperAuth, name: str, value: str) -> None: + # Available setting names: + # - logout_timer + # - persistent_login + # - ip_disable_auto_approve + + rq = APIRequest_pb2.UserSettingRequest() + rq.setting = name + rq.value = value + auth.execute_auth_rest('setting/set_user_setting', rq) + + +class KeeperPushNotifications(notifications.BasePushNotifications): + def __init__(self, auth: KeeperAuth) -> None: + super().__init__() + self.auth: KeeperAuth = auth + self.transmission_key = utils.generate_aes_key() + + def on_messaged_received(self, message: Union[str, bytes]): + if isinstance(message, bytes): + if self.transmission_key: + decrypted_data = crypto.decrypt_aes_v2(message, self.transmission_key) + else: + decrypted_data = message + rs = push_pb2.WssClientResponse() + rs.ParseFromString(decrypted_data) + self.push(json.loads(rs.message)) + + async def on_connected(self): + await self.send_message(utils.base64_url_encode(self.auth.auth_context.session_token)) + + def get_connection_parameters(self) -> Optional[notifications.PushConnectionParameters]: + self.auth.execute_auth_rest('keep_alive', None) + push_url = self.auth.keeper_endpoint.get_push_url( + self.transmission_key, self.auth.auth_context.device_token, self.auth.auth_context.message_session_uid) + params = notifications.PushConnectionParameters(url=push_url) + return params \ No newline at end of file diff --git a/keepersdk-package/src/keepersdk/authentication/login_auth.py b/keepersdk-package/src/keepersdk/authentication/login_auth.py index eef25a5a..8578cbc8 100644 --- a/keepersdk-package/src/keepersdk/authentication/login_auth.py +++ b/keepersdk-package/src/keepersdk/authentication/login_auth.py @@ -1,16 +1,18 @@ +from __future__ import annotations + import abc import dataclasses import enum import json -from typing import Type, Optional, List, Callable, Dict, Any, Sequence +from typing import Type, Optional, List, Callable, Dict, Any, Sequence, Union from urllib.parse import urlparse, urlunparse, quote_plus from cryptography.hazmat.primitives.asymmetric import ec -from google.protobuf.json_format import MessageToDict -from . import endpoint, configuration, keeper_auth, auth_utils, notifications, push_notifications +from . import endpoint, configuration, keeper_auth, notifications +from .notifications import PushConnectionParameters from .. import crypto, utils, errors -from ..proto import APIRequest_pb2, breachwatch_pb2, ssocloud_pb2 +from ..proto import APIRequest_pb2, ssocloud_pb2, push_pb2 class ILoginStep(abc.ABC): @@ -624,10 +626,8 @@ def _ensure_push_notifications(login: LoginAuth) -> None: if login.push_notifications: return - keeper_pushes = push_notifications.KeeperPushNotifications() - transmission_key = utils.generate_aes_key() - url = login.keeper_endpoint.get_push_url(transmission_key, login.context.device_token, login.context.message_session_uid) - keeper_pushes.connect_to_push_channel(url, transmission_key) + keeper_pushes = LoginPushNotifications(login) + keeper_pushes.connect_to_push_channel() login.push_notifications = keeper_pushes @@ -684,58 +684,6 @@ def _on_requires_2fa(login: LoginAuth, response: APIRequest_pb2.LoginResponse): login.login_step = _TwoFactorStep(login, response.encryptedLoginToken, list(response.channels)) -def _post_login(logged_auth: keeper_auth.KeeperAuth) -> None: - rs = auth_utils.load_account_summary(logged_auth) - - assert rs is not None - if rs.license.enterpriseId: - logged_auth.auth_context.enterprise_id = rs.license.enterpriseId - logged_auth.auth_context.forbid_rsa = rs.forbidKeyType2 - logged_auth.auth_context.settings.update(MessageToDict(rs.settings)) - logged_auth.auth_context.license.update(MessageToDict(rs.license)) - enf = MessageToDict(rs.Enforcements) - if 'strings' in enf: - strs = {x['key']: x['value'] for x in enf['strings'] if 'key' in x and 'value' in x} - logged_auth.auth_context.enforcements.update(strs) - if 'booleans' in enf: - bools = {x['key']: x.get('value', False) for x in enf['booleans'] if 'key' in x} - logged_auth.auth_context.enforcements.update(bools) - if 'longs' in enf: - longs = {x['key']: x['value'] for x in enf['longs'] if 'key' in x and 'value' in x} - logged_auth.auth_context.enforcements.update(longs) - if 'jsons' in enf: - jsons = {x['key']: x['value'] for x in enf['jsons'] if 'key' in x and 'value' in x} - logged_auth.auth_context.enforcements.update(jsons) - logged_auth.auth_context.is_enterprise_admin = rs.isEnterpriseAdmin - if rs.clientKey: - logged_auth.auth_context.client_key = crypto.decrypt_aes_v1(rs.clientKey, logged_auth.auth_context.data_key) - if rs.keysInfo.encryptedPrivateKey: - rsa_private_key = crypto.decrypt_aes_v1(rs.keysInfo.encryptedPrivateKey, logged_auth.auth_context.data_key) - logged_auth.auth_context.rsa_private_key = crypto.load_rsa_private_key(rsa_private_key) - if rs.keysInfo.encryptedEccPrivateKey: - ec_private_key = crypto.decrypt_aes_v2(rs.keysInfo.encryptedEccPrivateKey, logged_auth.auth_context.data_key) - logged_auth.auth_context.ec_private_key = crypto.load_ec_private_key(ec_private_key) - if rs.keysInfo.eccPublicKey: - logged_auth.auth_context.ec_public_key = crypto.load_ec_public_key(rs.keysInfo.eccPublicKey) - - if logged_auth.auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.Unrestricted: - if logged_auth.auth_context.license.get('accountType', 0) == 2: - try: - e_rs = logged_auth.execute_auth_rest('enterprise/get_enterprise_public_key', None, - response_type=breachwatch_pb2.EnterprisePublicKeyResponse) - assert e_rs is not None - if e_rs.enterpriseECCPublicKey: - logged_auth.auth_context.enterprise_ec_public_key = \ - crypto.load_ec_public_key(e_rs.enterpriseECCPublicKey) - if e_rs.enterprisePublicKey: - logged_auth.auth_context.enterprise_rsa_public_key = \ - crypto.load_rsa_public_key(e_rs.enterprisePublicKey) - - except Exception as e: - logger = utils.get_logger() - logger.debug('Get enterprise public key error: %s', e) - - def _on_logged_in(login: LoginAuth, response: APIRequest_pb2.LoginResponse, on_decrypt_data_key: Callable[[bytes], bytes]) -> None: login.context.username = response.primaryUsername @@ -754,15 +702,14 @@ def _on_logged_in(login: LoginAuth, response: APIRequest_pb2.LoginResponse, auth_context.message_session_uid = login.context.message_session_uid keeper_endpoint = login.keeper_endpoint - # Create push_notifications if not provided (for testing or custom implementations) - push_notif = login.push_notifications if login.push_notifications is not None else push_notifications.KeeperPushNotifications() - logged_auth = keeper_auth.KeeperAuth(keeper_endpoint, auth_context, push_notifications=push_notif) - _post_login(logged_auth) + logged_auth = keeper_auth.KeeperAuth(keeper_endpoint, auth_context) + logged_auth.post_login() # Start push notifications if unrestricted and using KeeperPushNotifications if auth_context.session_token_restriction == keeper_auth.SessionTokenRestriction.Unrestricted: - if isinstance(push_notif, push_notifications.KeeperPushNotifications): - push_notif.start_push_server(logged_auth) + push_notif = keeper_auth.KeeperPushNotifications(logged_auth) + push_notif.connect_to_push_channel() + logged_auth.push_notifications = push_notif login.login_step = _ConnectedLoginStep(logged_auth) logged_auth.on_idle() @@ -1126,3 +1073,32 @@ def get_channel_by_uid(self, channel_uid): def close(self): if self._login.push_notifications: self._login.push_notifications.remove_all() + + +class LoginPushNotifications(notifications.BasePushNotifications): + def __init__(self, login: LoginAuth) -> None: + super().__init__() + self.login: Optional[LoginAuth] = login + self.transmission_key = utils.generate_aes_key() + + def on_messaged_received(self, message: Union[str, bytes]): + if isinstance(message, bytes): + if self.transmission_key: + decrypted_data = crypto.decrypt_aes_v2(message, self.transmission_key) + else: + decrypted_data = message + rs = push_pb2.WssClientResponse() + rs.ParseFromString(decrypted_data) + self.push(json.loads(rs.message)) + + async def on_connected(self): + pass + + def get_connection_parameters(self) -> Optional[PushConnectionParameters]: + if self.login: + url = self.login.keeper_endpoint.get_push_url( + self.transmission_key, self.login.context.device_token, self.login.context.message_session_uid) + self.login = None + return notifications.PushConnectionParameters(url=url) + return None + diff --git a/keepersdk-package/src/keepersdk/authentication/notifications.py b/keepersdk-package/src/keepersdk/authentication/notifications.py index 34cc6b2e..2d941e6d 100644 --- a/keepersdk-package/src/keepersdk/authentication/notifications.py +++ b/keepersdk-package/src/keepersdk/authentication/notifications.py @@ -1,6 +1,16 @@ -"""Generic observer/pub-sub pattern implementation.""" +import abc +import asyncio +import ssl +from dataclasses import dataclass +from typing import Optional, TypeVar, Generic, Callable, List, Union, Dict, Any -from typing import Optional, TypeVar, Generic, Callable, List +import websockets +import websockets.exceptions +import websockets.frames +import websockets.protocol + +from . import endpoint +from .. import utils, background M = TypeVar('M') @@ -63,3 +73,90 @@ def shutdown(self): """Shutdown the FanOut, marking it as completed and removing all callbacks.""" self._is_completed = True self._callbacks.clear() + + +@dataclass(frozen=True) +class PushConnectionParameters: + url: str + headers: Optional[Dict[str, str]] = None + + +class BasePushNotifications(abc.ABC, FanOut[Dict[str, Any]]): + def __init__(self) -> None: + super().__init__() + self._ws_app: Optional[websockets.ClientConnection] = None + self.use_pushes = False + + @abc.abstractmethod + def on_messaged_received(self, message: Union[str, bytes]): + pass + + @abc.abstractmethod + async def on_connected(self): + pass + + @abc.abstractmethod + def get_connection_parameters(self) -> Optional[PushConnectionParameters]: + pass + + async def main_loop(self) -> None: + logger = utils.get_logger() + try: + await self.close_ws() + except Exception as e: + logger.debug('Push notification close error: %s', e) + + ssl_context: Optional[ssl.SSLContext] = None + + while self.use_pushes: + push_parameters = self.get_connection_parameters() + if push_parameters is None: + break + if not push_parameters.url: + break + + url: str = push_parameters.url + headers: Dict[str, str] = push_parameters.headers or {} + + if url.startswith('wss://'): + ssl_context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH) + if not endpoint.get_certificate_check(): + ssl_context.verify_mode = ssl.CERT_NONE + try: + async with websockets.connect( + url, additional_headers=headers, ping_interval=30, open_timeout=4, ssl=ssl_context) as ws_app: + self._ws_app = ws_app + await self.on_connected() + + async for message in ws_app: + try: + self.on_messaged_received(message) + except Exception as e: + logger.debug('Push notification: decrypt error: ', e) + except Exception as e: + logger.debug('Push notification: exception: %s', e) + + logger.debug('Push notification: exit.') + if self._ws_app == ws_app: + self._ws_app = None + + async def send_message(self, message: Union[str, bytes]): + if self._ws_app and self._ws_app.state == websockets.protocol.State.OPEN: + await self._ws_app.send(message) + + async def close_ws(self): + ws_app = self._ws_app + if ws_app and ws_app.state == websockets.protocol.State.OPEN: + try: + await ws_app.close(websockets.frames.CloseCode.GOING_AWAY) + except Exception: + pass + + def connect_to_push_channel(self) -> None: + self.use_pushes = True + asyncio.run_coroutine_threadsafe(self.main_loop(), background.get_loop()) + + def shutdown(self): + self.use_pushes = False + asyncio.run_coroutine_threadsafe(self.close_ws(), loop=background.get_loop()).result() + super().shutdown() diff --git a/keepersdk-package/src/keepersdk/authentication/push_notifications.py b/keepersdk-package/src/keepersdk/authentication/push_notifications.py deleted file mode 100644 index 6c2d1f1c..00000000 --- a/keepersdk-package/src/keepersdk/authentication/push_notifications.py +++ /dev/null @@ -1,94 +0,0 @@ -import asyncio -import json -import ssl -from typing import Optional, Dict, Any - -import websockets -import websockets.frames -import websockets.protocol -import websockets.exceptions - -from . import endpoint, notifications, keeper_auth -from .. import crypto, utils, background -from ..proto import push_pb2 - - -class KeeperPushNotifications(notifications.FanOut[Dict[str, Any]]): - """Keeper Security push notification handler with WebSocket connection management.""" - - def __init__(self) -> None: - super().__init__() - self._ws_app: Optional[websockets.ClientConnection] = None - self._use_pushes = False - - async def main_loop(self, push_url: str, transmission_key: bytes, data: Optional[bytes] = None): - """Main WebSocket connection loop for receiving push notifications.""" - logger = utils.get_logger() - try: - await self.close_ws() - except Exception as e: - logger.debug('Push notification close error: %s', e) - - ssl_context = ssl.create_default_context(ssl.Purpose.SERVER_AUTH) - if not endpoint.get_certificate_check(): - ssl_context.verify_mode = ssl.CERT_NONE - - ws_app = None - try: - async with websockets.connect(push_url, ping_interval=30, open_timeout=4, ssl=ssl_context) as ws_app: - self._ws_app = ws_app - if data: - await ws_app.send(utils.base64_url_encode(data)) - async for message in ws_app: - if isinstance(message, bytes): - try: - decrypted_data = crypto.decrypt_aes_v2(message, transmission_key) - rs = push_pb2.WssClientResponse() - rs.ParseFromString(decrypted_data) - self.push(json.loads(rs.message)) - except Exception as e: - logger.debug('Push notification: decrypt error: ', e) - except Exception as e: - logger.debug('Push notification: exception: %s', e) - - logger.debug('Push notification: exit.') - if self._ws_app == ws_app: - self._ws_app = None - - async def close_ws(self): - """Close the WebSocket connection if open.""" - self._use_pushes = False - ws_app = self._ws_app - if ws_app and ws_app.state == websockets.protocol.State.OPEN: - try: - await ws_app.close(websockets.frames.CloseCode.GOING_AWAY) - except Exception: - pass - - def connect_to_push_channel(self, push_url: str, transmission_key: bytes, data: Optional[bytes] = None) -> None: - """Connect to a push notification channel.""" - asyncio.run_coroutine_threadsafe(self.main_loop(push_url, transmission_key, data), background.get_loop()) - - def shutdown(self): - """Shutdown push notifications and close connections.""" - super().shutdown() - asyncio.run_coroutine_threadsafe(self.close_ws(), loop=background.get_loop()).result() - - async def _push_server_guard(self, auth: keeper_auth.KeeperAuth): - """Guard loop that maintains push notification connection with keep-alive.""" - transmission_key = utils.generate_aes_key() - self._use_pushes = True - try: - while self._use_pushes: - url = auth.keeper_endpoint.get_push_url( - transmission_key, auth.auth_context.device_token, auth.auth_context.message_session_uid) - await self.main_loop(url, transmission_key, auth.auth_context.session_token) - auth.execute_auth_rest('keep_alive', None) - except Exception as e: - utils.get_logger().debug(e) - finally: - self._use_pushes = False - - def start_push_server(self, auth: keeper_auth.KeeperAuth): - """Start push notification server with authenticated session.""" - asyncio.run_coroutine_threadsafe(self._push_server_guard(auth), loop=background.get_loop()) diff --git a/keepersdk-package/src/keepersdk/enterprise/batch_management.py b/keepersdk-package/src/keepersdk/enterprise/batch_management.py index dd9fcd28..7abe7098 100644 --- a/keepersdk-package/src/keepersdk/enterprise/batch_management.py +++ b/keepersdk-package/src/keepersdk/enterprise/batch_management.py @@ -240,7 +240,6 @@ def user_actions(self, *, enterprise_data = self.loader.enterprise_data u: Optional[enterprise_types.User] - user: enterprise_management.UserEdit for user_list, user_action in ((to_lock, UserAction.Lock), (to_unlock, UserAction.Unlock), (to_extend_transfer, UserAction.ExtendTransfer), (to_expire_password, UserAction.ExpirePassword), @@ -263,8 +262,6 @@ def modify_team_users(self, *, to_remove: Optional[Iterable[enterprise_management.TeamUserEdit]] = None) -> None: enterprise_data = self.loader.enterprise_data - t: Optional[enterprise_types.Team] - u: Optional[enterprise_types.User] team_user: enterprise_management.TeamUserEdit for team_user_list, action in ((to_add, EntityAction.Add), (to_remove, EntityAction.Remove)): if team_user_list is None: @@ -294,7 +291,6 @@ def modify_role_users(self, *, to_remove: Optional[Iterable[enterprise_management.RoleUserEdit]] = None) -> None: enterprise_data = self.loader.enterprise_data - r: Optional[enterprise_types.Role] u: Optional[enterprise_types.User] role_user: enterprise_management.RoleUserEdit for role_user_list, action in ((to_add, EntityAction.Add), (to_remove, EntityAction.Remove)): @@ -324,8 +320,6 @@ def modify_role_teams(self, *, to_remove: Optional[Iterable[enterprise_management.RoleTeamEdit]] = None) -> None: enterprise_data = self.loader.enterprise_data - r: Optional[enterprise_types.Role] - t: Optional[enterprise_types.Team] role_team: enterprise_management.RoleTeamEdit for role_team_list, action in ((to_add, EntityAction.Add), (to_remove, EntityAction.Remove)): if role_team_list is None: @@ -356,8 +350,6 @@ def modify_managed_nodes(self, *, to_remove: Optional[Iterable[enterprise_management.ManagedNodeEdit]] = None) -> None: enterprise_data = self.loader.enterprise_data - r: Optional[enterprise_types.Role] - n: Optional[enterprise_types.Node] mn: Optional[enterprise_types.ManagedNode] managed_node: enterprise_management.ManagedNodeEdit for mn_list, action in ((to_add, EntityAction.Add), (to_update, EntityAction.Update), (to_remove, EntityAction.Remove)): @@ -493,7 +485,7 @@ def _to_node_requests(self) -> Tuple[List[Dict[str, Any]], List[Dict[str, Any]]] if existing_node is not None: rq['encrypted_data'] = existing_node.encrypted_data elif action == EntityAction.Add: - raise Exception(f'empty node name') + raise Exception('empty node name') if isinstance(node.restrict_visibility, bool): rq['restrict_visibility'] = '1' if node.restrict_visibility else '0' @@ -615,7 +607,7 @@ def _to_team_requests(self) -> Tuple[List[Dict[str, Any]], List[Dict[str, Any]]] rq['ecc_public_key'] = utils.base64_url_encode(ec_public_data) team_key = utils.generate_aes_key() team_keys.aes = team_key - encrypted_team_key = crypto.encrypt_aes_v1(team_key, tree_key) + encrypted_team_key = crypto.encrypt_aes_v1(team_key, auth.auth_context.data_key) rq['team_key'] = utils.base64_url_encode(encrypted_team_key) encrypted_team_key = crypto.encrypt_aes_v2(team_key, tree_key) rq['encrypted_team_key'] = utils.base64_url_encode(encrypted_team_key) @@ -725,10 +717,10 @@ def _to_managed_node_requests(self) -> Tuple[List[Dict[str, Any]], List[Dict[str node_id = m_node.managed_node_id r = enterprise_data.roles.get_entity(role_id) if not r: - raise Exception(f'role not found') + raise Exception('role not found') n = enterprise_data.nodes.get_entity(node_id) if not n: - raise Exception(f'node not found') + raise Exception('node not found') mn = enterprise_data.managed_nodes.get_link(role_id, node_id) rq: Dict[str, Any] = { @@ -737,12 +729,12 @@ def _to_managed_node_requests(self) -> Tuple[List[Dict[str, Any]], List[Dict[str } if action == EntityAction.Add: if mn: - raise Exception(f'already exists') + raise Exception('already exists') rq['command'] = 'role_managed_node_add' rq['cascade_node_management'] = m_node.cascade_node_management else: if not mn: - raise Exception(f'does not exist') + raise Exception('does not exist') if action == EntityAction.Update: if not isinstance(m_node.cascade_node_management, bool): continue diff --git a/keepersdk-package/src/keepersdk/enterprise/enterprise_data.py b/keepersdk-package/src/keepersdk/enterprise/enterprise_data.py index 5ca0b86b..03a48849 100644 --- a/keepersdk-package/src/keepersdk/enterprise/enterprise_data.py +++ b/keepersdk-package/src/keepersdk/enterprise/enterprise_data.py @@ -17,7 +17,7 @@ def __init__(self) -> None: self._team_users = private_data.TeamUserLink() self._queued_team_users = private_data.QueuedTeamUserLink() self._role_users = private_data.RoleUserLink() - self._role_privileges = private_data.RolePrivilegeLink() + self._role_privileges = private_data.RolePrivilegeLinkReader() self._role_enforcements = private_data.RoleEnforcementLink() self._role_teams = private_data.RoleTeamLink() self._licenses = private_data.LicenseEntity() @@ -78,7 +78,7 @@ def role_enforcement_plugin(self) -> enterprise_types.IEnterprisePlugin[enterpri return self._role_enforcements @property - def role_privilege_plugin(self) -> private_data.RolePrivilegeLink: + def role_privilege_plugin(self) -> private_data.RolePrivilegeLinkReader: return self._role_privileges def get_supported_entities(self) -> Iterable[int]: diff --git a/keepersdk-package/src/keepersdk/enterprise/enterprise_loader.py b/keepersdk-package/src/keepersdk/enterprise/enterprise_loader.py index 4e1533aa..026a740f 100644 --- a/keepersdk-package/src/keepersdk/enterprise/enterprise_loader.py +++ b/keepersdk-package/src/keepersdk/enterprise/enterprise_loader.py @@ -8,7 +8,8 @@ class EnterpriseLoader(enterprise_types.IEnterpriseLoader): - def __init__(self, auth: keeper_auth.KeeperAuth, storage: Optional[enterprise_types.IEnterpriseStorage]=None): + def __init__(self, auth: keeper_auth.KeeperAuth, storage: enterprise_types.IEnterpriseStorage, *, + tree_key: Optional[bytes]=None): super().__init__() self._keeper_auth = auth self._storage = storage @@ -18,6 +19,7 @@ def __init__(self, auth: keeper_auth.KeeperAuth, storage: Optional[enterprise_ty self._id_start: int = 0 self._id_count: int = 0 self._id_rq_no = 0 + self.load(tree_key=tree_key) @property def storage(self) -> enterprise_types.IEnterpriseStorage: @@ -104,8 +106,9 @@ def load_role_keys(self, ids: Iterable[int]) -> None: def get_role_keys(self, role_id: int) -> Optional[bytes]: if self._role_keys: return self._role_keys[role_id] + return None - def load(self, reset: Optional[bool] = False) -> Set[int]: + def load(self, *, reset: bool = False, tree_key: Optional[bytes] = None) -> Set[int]: if self._enterprise_data is None: self._enterprise_data = EnterpriseData() enterprise_info = self._enterprise_data.enterprise_info @@ -113,24 +116,26 @@ def load(self, reset: Optional[bool] = False) -> Set[int]: auth_context = self._keeper_auth.auth_context rq_keys = enterprise_pb2.GetEnterpriseDataKeysRequest() - rs_keys = self._keeper_auth.execute_auth_rest( - 'enterprise/get_enterprise_data_keys', rq_keys, - response_type=enterprise_pb2.GetEnterpriseDataKeysResponse) + rs_keys = self._keeper_auth.execute_auth_rest('enterprise/get_enterprise_data_keys', rq_keys, + response_type=enterprise_pb2.GetEnterpriseDataKeysResponse) assert rs_keys is not None - encrypted_tree_key = utils.base64_url_decode(rs_keys.treeKey.treeKey) - if rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_DATA_KEY: - enterprise_info._tree_key = crypto.decrypt_aes_v1(encrypted_tree_key, auth_context.data_key) - elif rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_PUBLIC_KEY: - if len(encrypted_tree_key) == 60: + if tree_key: + enterprise_info._tree_key = tree_key + else: + encrypted_tree_key = utils.base64_url_decode(rs_keys.treeKey.treeKey) + if rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_DATA_KEY: + enterprise_info._tree_key = crypto.decrypt_aes_v1(encrypted_tree_key, auth_context.data_key) + elif rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_PUBLIC_KEY: + if len(encrypted_tree_key) == 60: + enterprise_info._tree_key = crypto.decrypt_aes_v2(encrypted_tree_key, auth_context.data_key) + else: + assert auth_context.rsa_private_key is not None + enterprise_info._tree_key = crypto.decrypt_rsa(encrypted_tree_key, auth_context.rsa_private_key) + elif rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_DATA_KEY_GCM: enterprise_info._tree_key = crypto.decrypt_aes_v2(encrypted_tree_key, auth_context.data_key) - else: - assert auth_context.rsa_private_key is not None - enterprise_info._tree_key = crypto.decrypt_rsa(encrypted_tree_key, auth_context.rsa_private_key) - elif rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_DATA_KEY_GCM: - enterprise_info._tree_key = crypto.decrypt_aes_v2(encrypted_tree_key, auth_context.data_key) - elif rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_PUBLIC_KEY_ECC: - assert auth_context.ec_private_key is not None - enterprise_info._tree_key = crypto.decrypt_ec(encrypted_tree_key, auth_context.ec_private_key) + elif rs_keys.treeKey.keyTypeId == enterprise_pb2.ENCRYPTED_BY_PUBLIC_KEY_ECC: + assert auth_context.ec_private_key is not None + enterprise_info._tree_key = crypto.decrypt_ec(encrypted_tree_key, auth_context.ec_private_key) if rs_keys.enterpriseKeys.rsaEncryptedPrivateKey: decrypted_key = crypto.decrypt_aes_v2(rs_keys.enterpriseKeys.rsaEncryptedPrivateKey, enterprise_info.tree_key) @@ -169,13 +174,14 @@ def load(self, reset: Optional[bool] = False) -> Set[int]: enterprise_info._ec_private_key = ec_private enterprise_info._ec_public_key = ec_public - if reset is True: + if reset: if self._storage is not None: self._storage.settings.delete() self._continuation_token = None enterprise_data = self._enterprise_data tree_key = enterprise_data.enterprise_info.tree_key + assert tree_key is not None if self._continuation_token is None: if self._storage is not None: settings = self._storage.settings.load() diff --git a/keepersdk-package/src/keepersdk/enterprise/enterprise_types.py b/keepersdk-package/src/keepersdk/enterprise/enterprise_types.py index 8c74d7d7..398ec7fe 100644 --- a/keepersdk-package/src/keepersdk/enterprise/enterprise_types.py +++ b/keepersdk-package/src/keepersdk/enterprise/enterprise_types.py @@ -9,7 +9,7 @@ from cryptography.hazmat.primitives.asymmetric import ec, rsa from ..authentication import keeper_auth -from ..storage.storage_types import T, IRecordStorage, ILinkStorage, IEntity, ILink +from ..storage.storage_types import T, IRecordStorage, ILinkReaderStorage, IEntityReader, ILinkReader @attrs.define(kw_only=True) @@ -452,102 +452,102 @@ def root_node(self) -> Node: @property @abc.abstractmethod - def nodes(self) -> IEntity[Node, int]: + def nodes(self) -> IEntityReader[Node, int]: pass @property @abc.abstractmethod - def roles(self) -> IEntity[Role, int]: + def roles(self) -> IEntityReader[Role, int]: pass @property @abc.abstractmethod - def users(self) -> IEntity[User, int]: + def users(self) -> IEntityReader[User, int]: pass @property @abc.abstractmethod - def teams(self) -> IEntity[Team, str]: + def teams(self) -> IEntityReader[Team, str]: pass @property @abc.abstractmethod - def team_users(self) -> ILink[TeamUser, str, int]: + def team_users(self) -> ILinkReader[TeamUser, str, int]: pass @property @abc.abstractmethod - def queued_teams(self) -> IEntity[QueuedTeam, str]: + def queued_teams(self) -> IEntityReader[QueuedTeam, str]: pass @property @abc.abstractmethod - def queued_team_users(self) -> ILink[QueuedTeamUser, str, int]: + def queued_team_users(self) -> ILinkReader[QueuedTeamUser, str, int]: pass @property @abc.abstractmethod - def role_users(self) -> ILink[RoleUser, int, int]: + def role_users(self) -> ILinkReader[RoleUser, int, int]: pass @property @abc.abstractmethod - def role_teams(self) -> ILink[RoleTeam, int, str]: + def role_teams(self) -> ILinkReader[RoleTeam, int, str]: pass @property @abc.abstractmethod - def managed_nodes(self) -> ILink[ManagedNode, int, int]: + def managed_nodes(self) -> ILinkReader[ManagedNode, int, int]: pass @property @abc.abstractmethod - def role_privileges(self) -> ILink[RolePrivileges, int, int]: + def role_privileges(self) -> ILinkReader[RolePrivileges, int, int]: pass @property @abc.abstractmethod - def role_enforcements(self) -> ILink[RoleEnforcement, int, str]: + def role_enforcements(self) -> ILinkReader[RoleEnforcement, int, str]: pass @property @abc.abstractmethod - def licenses(self) -> IEntity[License, int]: + def licenses(self) -> IEntityReader[License, int]: pass @property @abc.abstractmethod - def sso_services(self) -> IEntity[SsoService, int]: + def sso_services(self) -> IEntityReader[SsoService, int]: pass @property @abc.abstractmethod - def bridges(self) -> IEntity[Bridge, int]: + def bridges(self) -> IEntityReader[Bridge, int]: pass @property @abc.abstractmethod - def scims(self) -> IEntity[Scim, int]: + def scims(self) -> IEntityReader[Scim, int]: pass @property @abc.abstractmethod - def email_provision(self) -> IEntity[EmailProvision, int]: + def email_provision(self) -> IEntityReader[EmailProvision, int]: pass @property @abc.abstractmethod - def managed_companies(self) -> IEntity[ManagedCompany, int]: + def managed_companies(self) -> IEntityReader[ManagedCompany, int]: pass @property @abc.abstractmethod - def device_approval_requests(self) -> IEntity[DeviceApprovalRequest, str]: + def device_approval_requests(self) -> IEntityReader[DeviceApprovalRequest, str]: pass @property @abc.abstractmethod - def user_aliases(self) -> ILink[UserAlias, int, str]: + def user_aliases(self) -> ILinkReader[UserAlias, int, str]: pass @@ -581,7 +581,7 @@ def settings(self) -> IRecordStorage[EnterpriseSettings]: @property @abc.abstractmethod - def entity_data(self) -> ILinkStorage[EnterpriseEntityData, int, str]: + def entity_data(self) -> ILinkReaderStorage[EnterpriseEntityData, int, str]: pass @abc.abstractmethod @@ -606,7 +606,7 @@ def keeper_auth(self) -> keeper_auth.KeeperAuth: pass @abc.abstractmethod - def load(self, reset: Optional[bool] = False) -> Set[int]: + def load(self, *, reset: bool = False, tree_key: Optional[bytes] = None) -> Set[int]: pass @abc.abstractmethod diff --git a/keepersdk-package/src/keepersdk/enterprise/msp_auth.py b/keepersdk-package/src/keepersdk/enterprise/msp_auth.py new file mode 100644 index 00000000..7c150b18 --- /dev/null +++ b/keepersdk-package/src/keepersdk/enterprise/msp_auth.py @@ -0,0 +1,29 @@ +from typing import Tuple + +from . import enterprise_types +from .. import crypto, utils +from ..authentication import keeper_auth +from ..proto import enterprise_pb2 + + +def login_to_managed_company(loader: enterprise_types.IEnterpriseLoader, mc_enterprise_id: int) -> Tuple[keeper_auth.KeeperAuth, bytes]: + auth = loader.keeper_auth + tree_key = loader.enterprise_data.enterprise_info.tree_key + rq = enterprise_pb2.LoginToMcRequest() + rq.mcEnterpriseId = mc_enterprise_id + rs = auth.execute_auth_rest('authentication/login_to_mc', rq, response_type=enterprise_pb2.LoginToMcResponse) + assert rs is not None + auth_context = keeper_auth.AuthContext() + auth_context.username = auth.auth_context.username + auth_context.account_uid = auth.auth_context.account_uid + auth_context.data_key = auth.auth_context.data_key + auth_context.device_token = auth.auth_context.device_token + auth_context.device_private_key = auth.auth_context.device_private_key + auth_context.session_token = rs.encryptedSessionToken + encrypted_tree_key = utils.base64_url_decode(rs.encryptedTreeKey) + mc_tree_key = crypto.decrypt_aes_v2(encrypted_tree_key, tree_key) + mc_auth = keeper_auth.KeeperAuth(auth.keeper_endpoint, auth_context) + mc_auth.post_login() + + return mc_auth, mc_tree_key + diff --git a/keepersdk-package/src/keepersdk/enterprise/private_data.py b/keepersdk-package/src/keepersdk/enterprise/private_data.py index 4a62aebb..7ed25c09 100644 --- a/keepersdk-package/src/keepersdk/enterprise/private_data.py +++ b/keepersdk-package/src/keepersdk/enterprise/private_data.py @@ -5,7 +5,7 @@ from . import enterprise_types from .. import utils, crypto from ..proto import enterprise_pb2 -from ..storage.storage_types import T, K, KS, KO, IEntity, ILink +from ..storage.storage_types import T, K, KS, KO, IEntityReader, ILinkReader def to_storage_key(value: Any) -> str: if isinstance(value, str): @@ -18,7 +18,7 @@ def to_storage_key(value: Any) -> str: def get_storage_key(*comps: Any) -> str: return '|'.join((to_storage_key(x) for x in comps)) -class _IEnterpriseEntity(Generic[T, K], IEntity[T, K], enterprise_types.IEnterprisePlugin[T], abc.ABC): +class _IEnterpriseEntityReader(Generic[T, K], IEntityReader[T, K], enterprise_types.IEnterprisePlugin[T], abc.ABC): def __init__(self) -> None: super().__init__() self._data: Optional[Dict[K, T]] = None @@ -55,7 +55,7 @@ def get_entity(self, key: K) -> Optional[T]: return self._data.get(key) -class _IEnterpriseLink(Generic[T, KS, KO], ILink[T, KS, KO], enterprise_types.IEnterprisePlugin[T], abc.ABC): +class _IEnterpriseLinkReader(Generic[T, KS, KO], ILinkReader[T, KS, KO], enterprise_types.IEnterprisePlugin[T], abc.ABC): def __init__(self) -> None: super().__init__() self._data: Optional[Dict[Tuple[KS, KO], T]] = None @@ -118,7 +118,7 @@ def _decrypt_encrypted_data(data: str, key_type: str, tree_key: bytes) -> Dict[s return json.loads(ed.decode()) -class NodeEntity(_IEnterpriseEntity[enterprise_types.Node, int]): +class NodeEntity(_IEnterpriseEntityReader[enterprise_types.Node, int]): def get_entity_key(self, entity: enterprise_types.Node) -> int: return entity.node_id @@ -151,7 +151,7 @@ def frozen_entity_type(cls) -> Type[enterprise_types.Node]: return enterprise_types.INode -class RoleEntity(_IEnterpriseEntity[enterprise_types.Role, int]): +class RoleEntity(_IEnterpriseEntityReader[enterprise_types.Role, int]): def __init__(self): super().__init__() @@ -183,7 +183,7 @@ def frozen_entity_type(cls) -> Type[enterprise_types.Role]: return enterprise_types.IRole -class UserEntity(_IEnterpriseEntity[enterprise_types.User, int]): +class UserEntity(_IEnterpriseEntityReader[enterprise_types.User, int]): def get_entity_key(self, entity: enterprise_types.User) -> int: return entity.enterprise_user_id @@ -210,7 +210,7 @@ def convert_entity(self, data) -> enterprise_types.User: return user -class TeamEntity(_IEnterpriseEntity[enterprise_types.Team, str]): +class TeamEntity(_IEnterpriseEntityReader[enterprise_types.Team, str]): def get_entity_key(self, entity: enterprise_types.Team) -> str: return entity.team_uid @@ -223,7 +223,7 @@ def convert_entity(self, data) -> enterprise_types.Team: encrypted_team_key=utils.base64_url_decode(proto_entity.encryptedTeamKey)) -class QueuedTeamEntity(_IEnterpriseEntity[enterprise_types.QueuedTeam, str]): +class QueuedTeamEntity(_IEnterpriseEntityReader[enterprise_types.QueuedTeam, str]): def get_entity_key(self, entity: enterprise_types.QueuedTeam) -> str: return entity.team_uid @@ -238,7 +238,7 @@ def frozen_entity_type(cls) -> Optional[Type[enterprise_types.QueuedTeam]]: return enterprise_types.IQueuedTeam -class TeamUserLink(_IEnterpriseLink[enterprise_types.TeamUser, str, int]): +class TeamUserLink(_IEnterpriseLinkReader[enterprise_types.TeamUser, str, int]): def get_subject_key(self, entity: enterprise_types.TeamUser) -> str: return entity.team_uid @@ -253,7 +253,7 @@ def convert_entity(self, data) -> enterprise_types.TeamUser: return tu -class RoleUserLink(_IEnterpriseLink[enterprise_types.RoleUser, int, int]): +class RoleUserLink(_IEnterpriseLinkReader[enterprise_types.RoleUser, int, int]): def get_subject_key(self, entity: enterprise_types.RoleUser) -> int: return entity.role_id @@ -267,7 +267,7 @@ def convert_entity(self, data) -> enterprise_types.RoleUser: return rul -class RolePrivilegeLink(ILink[enterprise_types.RolePrivileges, int, int], enterprise_types.IEnterpriseDataPlugin): +class RolePrivilegeLinkReader(ILinkReader[enterprise_types.RolePrivileges, int, int], enterprise_types.IEnterpriseDataPlugin): def __init__(self) -> None: super().__init__() self._data: Optional[Dict[Tuple[int, int], enterprise_types.RolePrivileges]] = None @@ -329,7 +329,7 @@ def get_all_links(self) -> Iterable[enterprise_types.RolePrivileges]: yield v -class RoleEnforcementLink(_IEnterpriseLink[enterprise_types.RoleEnforcement, int, str]): +class RoleEnforcementLink(_IEnterpriseLinkReader[enterprise_types.RoleEnforcement, int, str]): def get_subject_key(self, entity: enterprise_types.RoleEnforcement) -> int: return entity.role_id @@ -344,7 +344,7 @@ def convert_entity(self, data) -> enterprise_types.RoleEnforcement: return rel -class RoleTeamLink(_IEnterpriseLink[enterprise_types.RoleTeam, int, str]): +class RoleTeamLink(_IEnterpriseLinkReader[enterprise_types.RoleTeam, int, str]): def get_subject_key(self, entity: enterprise_types.RoleTeam) -> int: return entity.role_id @@ -358,7 +358,7 @@ def convert_entity(self, data) -> enterprise_types.RoleTeam: return rt -class LicenseEntity(_IEnterpriseEntity[enterprise_types.License, int]): +class LicenseEntity(_IEnterpriseEntityReader[enterprise_types.License, int]): def get_entity_key(self, entity: enterprise_types.License) -> int: return entity.enterprise_license_id @@ -412,7 +412,7 @@ def convert_entity(self, data) -> enterprise_types.License: distributor=proto_entity.distributor, msp_permits=msp_permits, managed_by=managed_by) -class ManagedNodeLink(_IEnterpriseLink[enterprise_types.ManagedNode, int, int]): +class ManagedNodeLink(_IEnterpriseLinkReader[enterprise_types.ManagedNode, int, int]): def get_subject_key(self, entity: enterprise_types.ManagedNode) -> int: return entity.role_id @@ -427,7 +427,7 @@ def convert_entity(self, data) -> enterprise_types.ManagedNode: return mn -class ManagedCompanyEntity(_IEnterpriseEntity[enterprise_types.ManagedCompany, int]): +class ManagedCompanyEntity(_IEnterpriseEntityReader[enterprise_types.ManagedCompany, int]): def get_entity_key(self, entity: enterprise_types.ManagedCompany) -> int: return entity.mc_enterprise_id @@ -451,15 +451,15 @@ def convert_entity(self, data) -> enterprise_types.ManagedCompany: tree_key_role=proto_entity.tree_key_role, file_plan_type=proto_entity.filePlanType, add_ons=license_add_on) -class DeviceApprovalRequestEntity(_IEnterpriseEntity[enterprise_types.DeviceApprovalRequest, str]): - +class DeviceApprovalRequestEntity(_IEnterpriseEntityReader[enterprise_types.DeviceApprovalRequest, str]): + def get_entity_key(self, entity: enterprise_types.DeviceApprovalRequest) -> str: return f'{entity.enterprise_user_id}:{entity.device_id}' - + def convert_entity(self, data) -> enterprise_types.DeviceApprovalRequest: proto_entity = enterprise_pb2.DeviceRequestForAdminApproval() proto_entity.ParseFromString(data) - + return enterprise_types.DeviceApprovalRequest( enterprise_user_id=proto_entity.enterpriseUserId, device_id=proto_entity.deviceId, @@ -480,7 +480,7 @@ def frozen_entity_type(cls) -> Type[enterprise_types.DeviceApprovalRequest]: return enterprise_types.IDeviceApprovalRequest -class QueuedTeamUserLink(enterprise_types.ILink[enterprise_types.QueuedTeamUser, str, int], enterprise_types.IEnterpriseDataPlugin): +class QueuedTeamUserLink(enterprise_types.ILinkReader[enterprise_types.QueuedTeamUser, str, int], enterprise_types.IEnterpriseDataPlugin): def __init__(self) -> None: super().__init__() self._data: Optional[Dict[Tuple[str, int], enterprise_types.QueuedTeamUser]] = None @@ -534,7 +534,7 @@ def get_all_links(self): yield v -class UserAliasLink(_IEnterpriseLink[enterprise_types.UserAlias, int, str]): +class UserAliasLink(_IEnterpriseLinkReader[enterprise_types.UserAlias, int, str]): def get_subject_key(self, entity: enterprise_types.UserAlias) -> int: return entity.enterprise_user_id @@ -547,7 +547,7 @@ def convert_entity(self, data): return enterprise_types.UserAlias(enterprise_user_id=proto_entity.enterpriseUserId, username=proto_entity.username) -class BridgeEntity(_IEnterpriseEntity[enterprise_types.Bridge, int]): +class BridgeEntity(_IEnterpriseEntityReader[enterprise_types.Bridge, int]): def get_entity_key(self, entity): return entity.bridge_id @@ -559,7 +559,7 @@ def convert_entity(self, data): lan_ip_enforcement=proto_entity.lanIpEnforcement, status=proto_entity.status) -class ScimEntity(_IEnterpriseEntity[enterprise_types.Scim, int]): +class ScimEntity(_IEnterpriseEntityReader[enterprise_types.Scim, int]): def get_entity_key(self, entity): return entity.scim_id @@ -571,7 +571,7 @@ def convert_entity(self, data): role_prefix=proto_entity.rolePrefix, unique_groups=proto_entity.uniqueGroups) -class SsoServiceEntity(_IEnterpriseEntity[enterprise_types.SsoService, int]): +class SsoServiceEntity(_IEnterpriseEntityReader[enterprise_types.SsoService, int]): def get_entity_key(self, entity): return entity.sso_service_provider_id @@ -584,7 +584,7 @@ def convert_entity(self, data): is_cloud=proto_entity.isCloud) -class EmailProvisionEntity(_IEnterpriseEntity[enterprise_types.EmailProvision, int]): +class EmailProvisionEntity(_IEnterpriseEntityReader[enterprise_types.EmailProvision, int]): def get_entity_key(self, entity): return entity.id diff --git a/keepersdk-package/src/keepersdk/enterprise/sqlite_enterprise_storage.py b/keepersdk-package/src/keepersdk/enterprise/sqlite_enterprise_storage.py index 861aa70b..64a925d0 100644 --- a/keepersdk-package/src/keepersdk/enterprise/sqlite_enterprise_storage.py +++ b/keepersdk-package/src/keepersdk/enterprise/sqlite_enterprise_storage.py @@ -34,7 +34,7 @@ def id_range(self) -> storage_types.IRecordStorage[enterprise_types.EnterpriseId return self._id_range_storage @property - def entity_data(self) -> storage_types.ILinkStorage[enterprise_types.EnterpriseEntityData, int, str]: + def entity_data(self) -> storage_types.ILinkReaderStorage[enterprise_types.EnterpriseEntityData, int, str]: return self._data_storage def clear(self): diff --git a/keepersdk-package/src/keepersdk/plugins/pedm/__init__.py b/keepersdk-package/src/keepersdk/plugins/pedm/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/keepersdk-package/src/keepersdk/plugins/pedm/admin_plugin.py b/keepersdk-package/src/keepersdk/plugins/pedm/admin_plugin.py new file mode 100644 index 00000000..5a236e05 --- /dev/null +++ b/keepersdk-package/src/keepersdk/plugins/pedm/admin_plugin.py @@ -0,0 +1,813 @@ +from __future__ import annotations + +import abc +import base64 +import datetime +import json +import os +from typing import List, Optional, Set, Iterable, Tuple, Dict, Any, cast, Union +from urllib.parse import urlunparse, urlparse + +from . import admin_storage, admin_types +from ... import crypto, utils +from ...authentication import notifications, endpoint, keeper_auth +from ...enterprise import enterprise_loader, sqlite_enterprise_storage +from ...proto import pedm_pb2, folder_pb2 +from ...storage import storage_types, in_memory + + +class RebuildTask: + def __init__(self, full_rebuild = False) -> None: + self._full_rebuild = full_rebuild + self._agents: Optional[Set[str]] = None + self._policies: Optional[Set[str]] = None + self._collections: Optional[Set[str]] = None + self._approvals: Optional[Set[str]] = None + + @property + def full_rebuild(self) -> bool: + return self._full_rebuild + + def add_agents(self, agents: Iterable[str]) -> None: + if self._full_rebuild: + return + if self._agents is None: + self._agents = set() + self._agents.update(agents) + + def add_policies(self, policies: Iterable[str]) -> None: + if self._full_rebuild: + return + if self._policies is None: + self._policies = set() + self._policies.update(policies) + + def add_collections(self, collections: Iterable[str]) -> None: + if self._full_rebuild: + return + if self._collections is None: + self._collections = set() + self._collections.update(collections) + + def add_approvals(self, approvals: Iterable[str]) -> None: + if self._full_rebuild: + return + if self._approvals is None: + self._approvals = set() + self._approvals.update(approvals) + + @property + def agents(self) -> Optional[Iterable[str]]: + return self._agents + + @property + def policies(self) -> Optional[Iterable[str]]: + return self._policies + + @property + def collections(self) -> Optional[Iterable[str]]: + return self._collections + + @property + def approvals(self) -> Optional[Iterable[str]]: + return self._approvals + + +class IPedmAdmin(abc.ABC): + @abc.abstractmethod + def sync_down(self, *, reload: bool = False) -> None: + pass + + @property + @abc.abstractmethod + def deployments(self) -> storage_types.IEntityReader[admin_types.PedmDeployment, str]: + pass + + @property + @abc.abstractmethod + def agents(self) -> storage_types.IEntityReader[admin_types.PedmAgent, str]: + pass + + +class PedmAdminNotifications(notifications.BasePushNotifications): + def __init__(self, auth: keeper_auth.KeeperAuth): + super().__init__() + self.auth = auth + self.logger = utils.get_logger() + + def on_messaged_received(self, message: Union[str, bytes]): + self.logger.debug('Received KEPM Admin notification: %s', message) + if isinstance(message, str): + try: + data: Dict[str, Any] = json.loads(message) + self.push(data) + except: + pass + + async def on_connected(self): + pass + + def get_connection_parameters(self) -> Optional[notifications.PushConnectionParameters]: + if 'ROUTER_URL' in os.environ: + router_url = os.environ['ROUTER_URL'] + else: + router_url = f'https://{self.auth.keeper_endpoint.get_router_server()}' + up = urlparse(router_url) + url_comp = ('wss' if up.scheme == 'https' else 'ws', up.netloc, 'api/user/client', None, None, None) + url = str(urlunparse(url_comp)) + + transmission_key = utils.generate_aes_key() + session_token = self.auth.auth_context.session_token + encrypted_session_token = crypto.encrypt_aes_v2(session_token, transmission_key) + encrypted_transmission_key = endpoint.encrypt_with_keeper_key( + transmission_key, self.auth.keeper_endpoint.server_key_id) + + headers = { + 'TransmissionKey': base64.b64encode(encrypted_transmission_key).decode('ascii'), + 'Authorization': 'KeeperUser ' + base64.b64encode(encrypted_session_token).decode('ascii'), + } + return notifications.PushConnectionParameters(url=url, headers=headers) + + +class PedmPlugin(IPedmAdmin): + def __init__(self, loader: enterprise_loader.EnterpriseLoader): + assert loader.keeper_auth.auth_context.enterprise_id + assert loader.keeper_auth.auth_context.is_enterprise_admin + self._enterprise_id = loader.keeper_auth.auth_context.enterprise_id + self.enterprise_uid: str = utils.base64_url_encode(self._enterprise_id.to_bytes(16, byteorder='big')) + loader_storage = loader.storage + self.storage: admin_storage.IPedmStorage + if isinstance(loader_storage, sqlite_enterprise_storage.SqliteEnterpriseStorage): + self.storage = admin_storage.SqlitePedmStorage(loader_storage.get_connection, self._enterprise_id) + else: + self.storage = admin_storage.MemoryPedmStorage() + self.loader = loader + self.device_uid = utils.generate_uid() + self._populate_data = True + self._agent_key: Optional[bytes] = None + self._all_agents: Optional[bytes] = None + + self._deployments = in_memory.InMemoryEntityStorage[admin_types.PedmDeployment, str]() + self._agents = in_memory.InMemoryEntityStorage[admin_types.PedmAgent, str]() + self._deployment_agents = in_memory.InMemoryLinkStorage[admin_types.PedmDeploymentAgent, str, str]() + self._policies = in_memory.InMemoryEntityStorage[admin_types.PedmPolicy, str]() + self._collections = in_memory.InMemoryEntityStorage[admin_types.PedmCollection, str]() + self._approvals = in_memory.InMemoryEntityStorage[admin_types.PedmApproval, str]() + + self._push_notifications = PedmAdminNotifications(self.loader.keeper_auth) + self._push_notifications.register_callback(self.on_push_message) + self._push_notifications.connect_to_push_channel() + self._need_sync = True + self.logger = utils.get_logger() + + def on_push_message(self, message: Dict[str, Any]): + if isinstance(message, dict): + message_type = message.get('type') + if message_type == 'pedm_sync': + self._need_sync = True + + def close(self): + self._push_notifications.shutdown() + + @property + def deployments(self) -> storage_types.IEntityReader[admin_types.PedmDeployment, str]: + return self._deployments + + @property + def agents(self) -> storage_types.IEntityReader[admin_types.PedmAgent, str]: + return self._agents + + @property + def policies(self) -> storage_types.IEntityReader[admin_types.PedmPolicy, str]: + return self._policies + + @property + def collections(self) -> storage_types.IEntityReader[admin_types.PedmCollection, str]: + return self._collections + + @property + def deployment_agents(self) -> storage_types.ILinkReader[admin_types.PedmDeploymentAgent, str, str]: + return self._deployment_agents + + @property + def approvals(self) -> storage_types.IEntityReader[admin_types.PedmApproval, str]: + return self._approvals + + @property + def need_sync(self) -> bool: + return self._need_sync + + @property + def agent_key(self) -> bytes: + if self._agent_key is None: + enterprise_info = self.loader.enterprise_data.enterprise_info + x1 = int.from_bytes(enterprise_info.tree_key[:16], byteorder='big', signed=False) + x2 = int.from_bytes(enterprise_info.tree_key[16:], byteorder='big', signed=False) + salt = (x1 ^ x2).to_bytes(length=16, byteorder='big', signed=False) + ec_private_key = crypto.unload_ec_private_key(enterprise_info.ec_private_key) + self._agent_key = crypto.derive_key_v1(utils.base64_url_encode(ec_private_key), salt, 1_000_000) + return self._agent_key + + @property + def all_agents(self) -> bytes: + if self._all_agents is None: + self._all_agents = (0).to_bytes(16, byteorder='big') + return self._all_agents + + def build_data(self, task: RebuildTask) -> None: + tree_key = self.loader.enterprise_data.enterprise_info.tree_key + + self._deployments.clear() + deps: List[admin_types.PedmDeployment] = [] + for dep in self.storage.deployments.get_all_entities(): + try: + pd = self.load_deployment(dep, tree_key) + deps.append(pd) + except Exception as e: + self.logger.debug('Deployment "%s" decryption error: %s', dep.deployment_uid, e) + self._deployments.put_entities(deps) + + if task.full_rebuild: + self._agents.clear() + self._policies.clear() + self._collections.clear() + self._approvals.clear() + else: + if task.agents is not None: + self._agents.delete_uids(task.agents) + if task.policies is not None: + self._policies.delete_uids(task.policies) + if task.collections is not None: + self._collections.delete_uids(task.collections) + if task.approvals is not None: + self._approvals.delete_uids(task.approvals) + + def get_agents() -> Iterable[admin_storage.PedmStorageAgent]: + if task.full_rebuild: + yield from self.storage.agents.get_all_entities() + if task.agents is not None: + for agent_uid in task.agents: + a = self.storage.agents.get_entity(agent_uid) + if a is not None: + yield a + + ags: List[admin_types.PedmAgent] = [] + for agent_dto in get_agents(): + properties: Optional[Dict[str, Any]] = None + if agent_dto.data is not None and len(agent_dto.data) > 0: + try: + decrypted_data = crypto.decrypt_aes_v2(agent_dto.data, self.agent_key) + properties = json.loads(decrypted_data) + except Exception as e: + self.logger.debug('Agent "%s" decryption error: %s', agent_dto.agent_uid, e) + agent = admin_types.PedmAgent( + agent_uid=agent_dto.agent_uid, machine_id=agent_dto.machine_id, created=agent_dto.created, + deployment_uid=agent_dto.deployment_uid, disabled=agent_dto.disabled, public_key=agent_dto.public_key, + properties=properties) + ags.append(agent) + self._agents.put_entities(ags) + + self._deployment_agents.clear() + das: List[admin_types.PedmDeploymentAgent] = [] + for agent in self._agents.get_all_entities(): + if agent.deployment_uid: + das.append(admin_types.PedmDeploymentAgent(deployment_uid=agent.deployment_uid, agent_uid=agent.agent_uid)) + self._deployment_agents.put_links(das) + + def get_policies() -> Iterable[admin_storage.PedmStoragePolicy]: + if task.full_rebuild: + yield from self.storage.policies.get_all_entities() + elif task.policies is not None: + for policy_uid in task.policies: + p = self.storage.policies.get_entity(policy_uid) + if p is not None: + yield p + + policies: List[admin_types.PedmPolicy] = [] + for policy_dto in get_policies(): + try: + policy_key = crypto.decrypt_aes_v2(policy_dto.key, self.agent_key) + json_data = crypto.decrypt_aes_v2(policy_dto.data, policy_key) + data = json.loads(json_data) + admin_data = json.loads(policy_dto.admin_data) + policy = admin_types.PedmPolicy(policy_uid=policy_dto.policy_uid, policy_key=policy_key, data=data, + admin_data=admin_data, disabled=policy_dto.disabled) + policies.append(policy) + except Exception as e: + self.logger.debug('Policy load error: %s', e) + if len(policies) > 0: + self._policies.put_entities(policies) + + def get_collections() -> Iterable[admin_storage.PedmStorageCollection]: + if task.full_rebuild: + yield from self.storage.collections.get_all_entities() + elif task.collections is not None: + for collection_uid in task.collections: + c = self.storage.collections.get_entity(collection_uid) + if c is not None: + yield c + + collections: List[admin_types.PedmCollection] = [] + for collection_dto in get_collections(): + try: + collection_value = crypto.decrypt_aes_v2(collection_dto.data, self.agent_key).decode('utf-8') + collection_data = json.loads(collection_value) + collection = admin_types.PedmCollection( + collection_uid=collection_dto.collection_uid, collection_type=collection_dto.collection_type, + collection_data=collection_data, created=collection_dto.created) + except Exception as e: + self.logger.info('Collection "%s" load error: %s', collection_dto.collection_uid, e) + collection = admin_types.PedmCollection( + collection_uid=collection_dto.collection_uid, collection_type=collection_dto.collection_type, + collection_data={}, created=collection_dto.created) + collections.append(collection) + + if len(collections) > 0: + self._collections.put_entities(collections) + + def get_approvals() -> Iterable[admin_storage.PedmStorageApproval]: + if task.full_rebuild: + yield from self.storage.approvals.get_all_entities() + elif task.approvals is not None: + for approval_uid in task.approvals: + c = self.storage.approvals.get_entity(approval_uid) + if c is not None: + yield c + + approvals: List[admin_types.PedmApproval] = [] + for approval_dto in get_approvals(): + try: + application_info = json.loads(crypto.decrypt_aes_v2(approval_dto.application_info, self.agent_key)) + account_info = json.loads(crypto.decrypt_aes_v2(approval_dto.account_info, self.agent_key)) + justification = crypto.decrypt_aes_v2(approval_dto.justification, self.agent_key) if approval_dto.justification else b'' + created = datetime.datetime.fromtimestamp(approval_dto.created / 1000) + approval = admin_types.PedmApproval( + approval_uid=approval_dto.approval_uid, approval_type=approval_dto.approval_type, + agent_uid=approval_dto.agent_uid, account_info=account_info, + application_info=application_info, justification=justification.decode('utf-8'), + expire_in=approval_dto.expire_in, created=created + ) + approvals.append(approval) + except Exception as e: + self.logger.warning('Approval "%s" load error: %s', approval_dto.approval_uid, e) + if len(approvals) > 0: + self._approvals.put_entities(approvals) + + def sync_down(self, *, reload: bool = False) -> None: + if reload is True: + self.storage.reset() + self._populate_data = True + auth = self.loader.keeper_auth + + task = RebuildTask(self._populate_data) + setting = self.storage.settings.get_entity('PEDM_SYNC_TOKEN') + if setting is None: + setting = admin_storage.PedmAdminSettings(key='PEDM_SYNC_TOKEN', value='') + token: bytes = b'' + if isinstance(setting.value, str) and len(setting.value) > 0: + token = utils.base64_url_decode(setting.value) + + deployments: List[ admin_storage.PedmStorageDeployment] = [] + delete_deployments: List[str] = [] + policies: List[admin_storage.PedmStoragePolicy] = [] + delete_policies: List[str] = [] + agents: List[admin_storage.PedmStorageAgent] = [] + delete_agents: List[str] = [] + collections: List[admin_storage.PedmStorageCollection] = [] + delete_collections: List[str] = [] + collection_links: List[admin_storage.PedmStorageCollectionLink] = [] + delete_collection_links: List[Tuple[str, str]] = [] + approvals: List[admin_storage.PedmStorageApproval] = [] + delete_approvals: List[str] = [] + approval_status: List[admin_storage.PedmStorageApprovalStatus] = [] + + sync_rq = pedm_pb2.GetPedmDataRequest() + done = False + while not done: + sync_rq.continuationToken = token + sync_rs = auth.execute_router('pedm/sync_pedm_data', sync_rq, response_type=pedm_pb2.GetPedmDataResponse) + assert sync_rs is not None + if sync_rs.resetCache: + self.storage.reset() + + token = sync_rs.continuationToken + done = not sync_rs.hasMore + + for ra in sync_rs.removedAgents: + agent_uid = utils.base64_url_encode(ra) + delete_agents.append(agent_uid) + + for rp in sync_rs.removedPolicies: + policy_uid = utils.base64_url_encode(rp) + delete_policies.append(policy_uid) + + for rd in sync_rs.removedDeployments: + deployment_uid = utils.base64_url_encode(rd) + delete_deployments.append(deployment_uid) + + for rc in sync_rs.removedCollection: + collection_uid = utils.base64_url_encode(rc) + delete_collections.append(collection_uid) + + for rcl in sync_rs.removedCollectionLink: + collection_uid = utils.base64_url_encode(rcl.collectionUid) + link_uid = utils.base64_url_encode(rcl.linkUid) + delete_collection_links.append((collection_uid, link_uid)) + + for ra in sync_rs.removedApprovals: + approval_uid = utils.base64_url_encode(ra) + delete_approvals.append(approval_uid) + + for deployment in sync_rs.deployments: + dep_id = utils.base64_url_encode(deployment.deploymentUid) + psd = admin_storage.PedmStorageDeployment( + deployment_uid=dep_id, public_key=deployment.ecPublicKey, encrypted_key=deployment.aesKey, + disabled=deployment.disabled, data=deployment.encryptedData, created=deployment.created, + last_updated=deployment.modified) + deployments.append(psd) + + for policy in sync_rs.policies: + policy_uid = utils.base64_url_encode(policy.policyUid) + policies.append(admin_storage.PedmStoragePolicy( + policy_uid=policy_uid, data=policy.encryptedData, admin_data=policy.plainData, + key=policy.encryptedKey, disabled=policy.disabled, + created=policy.created, updated=policy.modified)) + + for agent in sync_rs.agents: + agent_uid = utils.base64_url_encode(agent.agentUid) + agents.append(admin_storage.PedmStorageAgent( + agent_uid=agent_uid, machine_id=agent.machineId, public_key=agent.ecPublicKey, + deployment_uid=utils.base64_url_encode(agent.deploymentUid), data=agent.encryptedData, + disabled=agent.disabled, created=agent.created, modified=agent.modified)) + + for collection in sync_rs.collections: + collection_uid = utils.base64_url_encode(collection.collectionUid) + collections.append(admin_storage.PedmStorageCollection( + collection_uid=collection_uid, data=collection.encryptedData, + collection_type=collection.collectionType, created=collection.created)) + + for collection_link in sync_rs.collectionLink: + collection_uid = utils.base64_url_encode(collection_link.collectionUid) + link_uid = utils.base64_url_encode(collection_link.linkUid) + collection_links.append(admin_storage.PedmStorageCollectionLink( + collection_uid=collection_uid, link_uid=link_uid, link_type=collection_link.linkType)) + + for approval in sync_rs.approvals: + approval_uid = utils.base64_url_encode(approval.approvalUid) + agent_uid = utils.base64_url_encode(approval.agentUid) + + approvals.append(admin_storage.PedmStorageApproval( + approval_uid=approval_uid, approval_type=approval.approvalType, agent_uid=agent_uid, + account_info=approval.accountInfo, application_info=approval.applicationInfo, + justification=approval.justification, expire_in=approval.expireIn, created=approval.created)) + + for status in sync_rs.approvalStatus: + approval_uid = utils.base64_url_encode(status.approvalUid) + approval_status.append(admin_storage.PedmStorageApprovalStatus( + approval_uid=approval_uid, approval_status=status.approvalStatus, + enterprise_user_id=status.enterpriseUserId, modified=status.modified)) + + setting.value = utils.base64_url_encode(token) + self.storage.settings.put_entities([setting]) + + if len(delete_deployments) > 0: + uids = list(delete_deployments) + self.storage.deployments.delete_uids(uids) + if len(delete_policies) > 0: + uids = list(delete_policies) + task.add_policies(uids) + self.storage.policies.delete_uids(uids) + if len(delete_agents) > 0: + task.add_agents(delete_agents) + delete_approvals.extend( + [x.approval_uid for x in self.storage.approvals.get_all_entities() if x.agent_uid in delete_agents]) + self.storage.collection_links.delete_links_by_objects(delete_agents) + self.storage.agents.delete_uids(delete_agents) + if len(delete_collections) > 0: + task.add_collections(delete_collections) + self.storage.collection_links.delete_links_by_subjects(delete_collections) + self.storage.collection_links.delete_links_by_objects(delete_collections) + self.storage.collections.delete_uids(delete_collections) + if len(delete_collection_links) > 0: + self.storage.collection_links.delete_links(delete_collection_links) + if len(delete_approvals) > 0: + task.add_approvals(delete_approvals) + self.storage.approvals.delete_uids(delete_approvals) + self.storage.approval_status.delete_uids(delete_approvals) + + if len(deployments) > 0: + self.storage.deployments.put_entities(deployments) + if len(policies) > 0: + task.add_policies((x.policy_uid for x in policies)) + self.storage.policies.put_entities(policies) + if len(agents) > 0: + task.add_agents((x.agent_uid for x in agents)) + self.storage.agents.put_entities(agents) + if len(collections) > 0: + task.add_collections((x.collection_uid for x in collections)) + self.storage.collections.put_entities(collections) + if len(collection_links) > 0: + self.storage.collection_links.put_links(collection_links) + if len(approvals) > 0: + task.add_approvals((x.approval_uid for x in approvals)) + self.storage.approvals.put_entities(approvals) + if len(approval_status) > 0: + task.add_approvals((x.approval_uid for x in approval_status)) + self.storage.approval_status.put_entities(approval_status) + + self.build_data(task) + self._need_sync = False + self._populate_data = False + + def assign_policy_collections( + self, policies: List[bytes], collections: List[bytes] + ) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + + rq = pedm_pb2.SetPolicyCollectionRequest() + for policy_uid in policies: + rq_link = pedm_pb2.PolicyLink() + rq_link.policyUid = policy_uid + rq_link.collectionUid.extend(collections) + rq.setCollection.append(rq_link) + + status_rs = auth.execute_router('pedm/set_policy_collections', rq, + response_type=pedm_pb2.PedmStatusResponse) + self._need_sync = True + assert status_rs is not None + return admin_types.ModifyStatus.from_proto(status_rs) + + def modify_policies(self, *, + add_policies: Optional[Iterable[admin_types.PedmPolicy]] = None, + update_policies: Optional[Iterable[admin_types.PedmUpdatePolicy]] = None, + remove_policies: Optional[Iterable[str]] = None) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + + rq = pedm_pb2.PolicyRequest() + if add_policies is not None: + for policy in add_policies: + pa = pedm_pb2.PolicyAdd() + policy_uid = policy.policy_uid or utils.generate_uid() + pa.policyUid = utils.base64_url_decode(policy_uid) + policy_key = policy.policy_key or utils.generate_aes_key() + pa.encryptedKey = crypto.encrypt_aes_v2(policy_key, self.agent_key) + + admin_data = json.dumps(policy.admin_data).encode('utf-8') + pa.plainData = admin_data + + policy_data = json.dumps(policy.data).encode('utf-8') + encrypted_data = crypto.encrypt_aes_v2(policy_data, policy_key) + pa.encryptedData = encrypted_data + + pa.disabled = policy.disabled + rq.addPolicy.append(pa) + if update_policies is not None: + for policy_update in update_policies: + policy_uid = policy_update.policy_uid + existing_policy = self.policies.get_entity(policy_uid) + if existing_policy is None: + raise Exception(f'Update: Policy {policy_uid} not found') + pu = pedm_pb2.PolicyUpdate() + pu.policyUid = utils.base64_url_decode(existing_policy.policy_uid) + if isinstance(policy_update.admin_data, dict): + pass + if isinstance(policy_update.data, dict): + json_policy = json.dumps(policy_update.data).encode('utf-8') + encrypted_data = crypto.encrypt_aes_v2(json_policy, existing_policy.policy_key) + pu.encryptedData = encrypted_data + if isinstance(policy_update.disabled, bool): + pu.disabled = folder_pb2.BOOLEAN_TRUE if policy_update.disabled else folder_pb2.BOOLEAN_FALSE + rq.updatePolicy.append(pu) + if remove_policies is not None: + rq.removePolicy.extend((utils.base64_url_decode(x) for x in remove_policies)) + + status_rs = auth.execute_router('pedm/modify_policy', rq, response_type=pedm_pb2.PedmStatusResponse) + self._need_sync = True + assert status_rs is not None + return admin_types.ModifyStatus.from_proto(status_rs) + + + @staticmethod + def load_deployment(s_dep: admin_storage.PedmStorageDeployment, tree_key: bytes) -> admin_types.PedmDeployment: + deployment_key = crypto.decrypt_aes_v2(s_dep.encrypted_key, tree_key) + decrypted_data = crypto.decrypt_aes_v2(s_dep.data, deployment_key) + data = pedm_pb2.DeploymentData() + data.ParseFromString(decrypted_data) + name = data.name + d_private_key = data.ecPrivateKey + created = datetime.datetime.fromtimestamp(s_dep.created / 1000) + updated = datetime.datetime.fromtimestamp(s_dep.last_updated / 1000) + return admin_types.PedmDeployment( + deployment_uid=s_dep.deployment_uid, name=name, deployment_key=deployment_key, disabled=s_dep.disabled, + created=created, updated=updated, public_key=s_dep.public_key, private_key=d_private_key) + + def modify_deployments(self, *, + add_deployments: Optional[Iterable[admin_types.AddDeployment]] = None, + update_deployments: Optional[Iterable[admin_types.UpdateDeployment]] = None, + remove_deployments: Optional[Iterable[str]] = None) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + tree_key = self.loader.enterprise_data.enterprise_info.tree_key + + mrq = pedm_pb2.ModifyDeploymentRequest() + if add_deployments is not None: + for add_deployment in add_deployments: + deployment_uid = utils.generate_uid() + deployment_key = utils.generate_aes_key() + priv_key, pub_key = crypto.generate_ec_key() + d_public_key = crypto.unload_ec_public_key(pub_key) + d_private_key = crypto.unload_ec_private_key(priv_key) + + a_rq = pedm_pb2.DeploymentCreateRequest() + a_rq.deploymentUid = utils.base64_url_decode(deployment_uid) + a_rq.aesKey = crypto.encrypt_aes_v2(deployment_key, tree_key) + a_rq.ecPublicKey = d_public_key + if isinstance(add_deployment.spiffe_cert, bytes) and len(add_deployment.spiffe_cert) > 0: + a_rq.spiffeCertificate = add_deployment.spiffe_cert + data = pedm_pb2.DeploymentData() + data.ecPrivateKey = d_private_key + if add_deployment.name: + data.name = add_deployment.name + data_bytes = data.SerializeToString() + a_rq.encryptedData = crypto.encrypt_aes_v2(data_bytes, deployment_key) + agent_data = json.dumps(add_deployment.agent_info.to_dict()).encode('utf-8') + a_rq.agentData = crypto.encrypt_ec(agent_data, pub_key) + mrq.addDeployment.append(a_rq) + + if update_deployments is not None: + for ud in update_deployments: + deployment_uid = ud.deployment_uid + s_dep = self.storage.deployments.get_entity(deployment_uid) + if not s_dep: + raise Exception(f'Update Deployment: "{deployment_uid}" not found') + dep = self.load_deployment(s_dep, tree_key) + + u_rq = pedm_pb2.DeploymentUpdateRequest() + u_rq.deploymentUid = utils.base64_url_decode(ud.deployment_uid) + if ud.disabled is None: + u_rq.disabled = folder_pb2.BOOLEAN_NO_CHANGE + else: + u_rq.disabled = folder_pb2.BOOLEAN_TRUE if ud.disabled else folder_pb2.BOOLEAN_FALSE + if ud.name: + data = pedm_pb2.DeploymentData() + data.ecPrivateKey =dep.private_key + data.name = ud.name + data_bytes = data.SerializeToString() + u_rq.encryptedData = crypto.encrypt_aes_v2(data_bytes, dep.deployment_key) + if ud.spiffe_cert is not None: + u_rq.spiffeCertificate = ud.spiffe_cert + + mrq.updateDeployment.append(u_rq) + + if remove_deployments is not None: + for deployment_uid in remove_deployments: + s_dep = self.storage.deployments.get_entity(deployment_uid) + if not s_dep: + raise Exception(f'Delete Deployment: "{deployment_uid}" not found') + mrq.removeDeployment.append(utils.base64_url_decode(deployment_uid)) + + status_rs = auth.execute_router('pedm/modify_deployment', request=mrq, response_type=pedm_pb2.PedmStatusResponse) + assert status_rs is not None + self._need_sync = True + return admin_types.ModifyStatus.from_proto(status_rs) + + def modify_collections(self, *, + add_collections: Optional[Iterable[admin_types.CollectionData]] = None, + update_collections: Optional[Iterable[admin_types.CollectionData]] = None, + remove_collections: Optional[Iterable[str]] = None) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + + to_add: List[pedm_pb2.CollectionValue] = [] + to_update: List[pedm_pb2.CollectionValue] = [] + for colls in (add_collections, update_collections): + if colls is not None: + for coll in colls: + cv = pedm_pb2.CollectionValue() + cv.collectionUid = utils.base64_url_decode(coll.collection_uid) + cv.collectionType = coll.collection_type + cv.encryptedData = crypto.encrypt_aes_v2(coll.collection_data.encode(), self.agent_key) + if colls is add_collections: + to_add.append(cv) + elif colls is update_collections: + to_update.append(cv) + to_remove: List[bytes] = [] + if remove_collections is not None: + for collection_uid in remove_collections: + to_remove.append(utils.base64_url_decode(collection_uid)) + + status = admin_types.ModifyStatus(add=[], update=[], remove=[]) + while len(to_add) > 0 or len(to_update) > 0 or len(to_remove) > 0: + crq = pedm_pb2.CollectionRequest() + if len(to_add) > 0: + add_chunk = to_add[:500] + to_add = to_add[500:] + crq.addCollection.extend(add_chunk) + + if len(to_update) > 0: + update_chunk = to_update[:500] + to_update = to_update[500:] + crq.updateCollection.extend(update_chunk) + + if len(to_remove) > 0: + remove_chunk = to_remove[:500] + to_remove = to_remove[500:] + crq.removeCollection.extend(remove_chunk) + status_rs = auth.execute_router('pedm/modify_collection', request=crq, + response_type=pedm_pb2.PedmStatusResponse) + assert status_rs is not None + status.merge(admin_types.ModifyStatus.from_proto(status_rs)) + self._need_sync = True + return status + + def get_collection_links(self, *, links: Iterable[admin_types.CollectionLink]) -> Iterable[admin_types.CollectionLinkData]: + auth = self.loader.keeper_auth + link_rq = pedm_pb2.GetCollectionLinkRequest() + for l in links: + cl = pedm_pb2.CollectionLink() + cl.collectionUid = utils.base64_url_decode(l.collection_uid) + cl.linkType = cast(pedm_pb2.CollectionLinkType, l.link_type) + cl.linkUid = utils.base64_url_decode(l.link_uid) + link_rq.collectionLink.append(cl) + link_rs = auth.execute_router( + 'pedm/get_collection_links', request=link_rq, response_type=pedm_pb2.GetCollectionLinkResponse) + assert link_rs is not None + for ld in link_rs.collectionLinkData: + collection_link = admin_types.CollectionLink( + collection_uid=utils.base64_url_encode(ld.collectionUid), link_type=ld.linkType, + link_uid=utils.base64_url_encode(ld.linkUid)) + yield admin_types.CollectionLinkData(collection_link=collection_link, link_data=ld.linkData) + + def set_collection_links( + self, *, set_links: Optional[Iterable[admin_types.CollectionLink]] = None, + unset_links: Optional[Iterable[admin_types.CollectionLink]] = None + ) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + + clrq = pedm_pb2.SetCollectionLinkRequest() + if set_links is not None: + for coll in set_links: + cln = pedm_pb2.CollectionLinkData() + cln.collectionUid = utils.base64_url_decode(coll.collection_uid) + cln.linkUid = utils.base64_url_decode(coll.link_uid) + cln.linkType = coll.link_type # type: ignore + clrq.addCollection.append(cln) + + if unset_links is not None: + for coll in unset_links: + cl = pedm_pb2.CollectionLink() + cl.collectionUid = utils.base64_url_decode(coll.collection_uid) + cl.linkUid = utils.base64_url_decode(coll.link_uid) + cl.linkType = coll.link_type # type: ignore + clrq.removeCollection.append(cl) + + status_rs = auth.execute_router('pedm/set_collection_links', request=clrq, + response_type=pedm_pb2.PedmStatusResponse) + assert status_rs is not None + self._need_sync = True + return admin_types.ModifyStatus.from_proto(status_rs) + + def modify_agents(self, *, + update_agents: Optional[Iterable[admin_types.UpdateAgent]] = None, + remove_agents: Optional[Iterable[str]] = None) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + + rq = pedm_pb2.ModifyAgentRequest() + if update_agents is not None: + for ua in update_agents: + agent_uid = ua.agent_uid + existing_agent = self.agents.get_entity(agent_uid) + if existing_agent is None: + raise Exception(f'Update: Policy {agent_uid} not found') + au = pedm_pb2.AgentUpdate() + au.agentUid = utils.base64_url_decode(agent_uid) + if isinstance(ua.deployment_uid, str): + au.deploymentUid = utils.base64_url_decode(ua.deployment_uid) + if isinstance(ua.disabled, bool): + au.disabled = folder_pb2.BOOLEAN_TRUE if ua.disabled else folder_pb2.BOOLEAN_FALSE + + rq.updateAgent.append(au) + if remove_agents is not None: + rq.removeAgent.extend((utils.base64_url_decode(x) for x in remove_agents)) + + status_rs = auth.execute_router('pedm/modify_agent', rq, response_type=pedm_pb2.PedmStatusResponse) + self._need_sync = True + assert status_rs is not None + return admin_types.ModifyStatus.from_proto(status_rs) + + def modify_approvals(self, *, + to_approve: Optional[List[bytes]] = None, + to_deny: Optional[List[bytes]] = None, + to_remove: Optional[List[bytes]] = None) -> admin_types.ModifyStatus: + auth = self.loader.keeper_auth + + rq = pedm_pb2.ApprovalActionRequest() + if to_approve: + rq.approve.extend(to_approve) + if to_deny: + rq.deny.extend(to_deny) + if to_remove: + rq.remove.extend(to_remove) + + status_rs = auth.execute_router('pedm/approval_action', rq, response_type=pedm_pb2.PedmStatusResponse) + self._need_sync = True + assert status_rs is not None + return admin_types.ModifyStatus.from_proto(status_rs) diff --git a/keepersdk-package/src/keepersdk/plugins/pedm/admin_storage.py b/keepersdk-package/src/keepersdk/plugins/pedm/admin_storage.py new file mode 100644 index 00000000..803a81b5 --- /dev/null +++ b/keepersdk-package/src/keepersdk/plugins/pedm/admin_storage.py @@ -0,0 +1,279 @@ +import abc +import sqlite3 +from typing import Callable + +import attrs + +from ... import sqlite_dao +from ...storage import storage_types, sqlite, in_memory + + +@attrs.define(kw_only=True) +class PedmAdminSettings(storage_types.IUid[str]): + key: str = '' + value: str = '' + def uid(self) -> str: + return self.key + + +@attrs.define(kw_only=True) +class PedmStorageDeployment(storage_types.IUid[str]): + deployment_uid: str = '' + encrypted_key: bytes = b'' + disabled: bool = False + data: bytes = b'' + public_key: bytes = b'' + created: int = 0 + last_updated: int = 0 + def uid(self) -> str: + return self.deployment_uid + + +@attrs.define(kw_only=True) +class PedmStorageAgent(storage_types.IUid[str]): + agent_uid: str = '' + machine_id: str = '' + deployment_uid: str = '' + public_key: bytes = b'' + data: bytes = b'' + disabled: bool = False + created: int = 0 + modified: int = 0 + def uid(self) -> str: + return self.agent_uid + + +@attrs.define(kw_only=True) +class PedmStoragePolicy(storage_types.IUid[str]): + policy_uid: str = '' + admin_data: bytes = b'' + data: bytes = b'' + key: bytes = b'' + disabled: bool = False + created: int = 0 + updated: int = 0 + def uid(self) -> str: + return self.policy_uid + + +@attrs.define(kw_only=True) +class PedmStorageCollection(storage_types.IUid[str]): + collection_uid: str = '' + collection_type: int = 0 + data: bytes = b'' + created: int = 0 + def uid(self) -> str: + return self.collection_uid + + +@attrs.define(kw_only=True) +class PedmStorageCollectionLink(storage_types.IUidLink[str, str]): + collection_uid: str = '' + link_uid: str = '' + link_type: int = 0 + def subject_uid(self) -> str: + return self.collection_uid + def object_uid(self) -> str: + return self.link_uid + + +@attrs.define(kw_only=True) +class PedmStorageApproval(storage_types.IUid[str]): + approval_uid: str = '' + approval_type: int = 0 + agent_uid: str = '' + account_info: bytes = b'' + application_info: bytes = b'' + justification: bytes = b'' + expire_in: int = 0 + created: int = 0 + def uid(self) -> str: + return self.approval_uid + +@attrs.define(kw_only=True) +class PedmStorageApprovalStatus(storage_types.IUid[str]): + approval_uid: str = '' + approval_status: int = 0 + enterprise_user_id: int = 0 + modified: int = 0 + def uid(self) -> str: + return self.approval_uid + + +class IPedmStorage(abc.ABC): + @property + @abc.abstractmethod + def settings(self) -> storage_types.IEntityReaderStorage[PedmAdminSettings, str]: + pass + + @property + @abc.abstractmethod + def deployments(self) -> storage_types.IEntityReaderStorage[PedmStorageDeployment, str]: + pass + + @property + @abc.abstractmethod + def agents(self) -> storage_types.IEntityReaderStorage[PedmStorageAgent, str]: + pass + + @property + @abc.abstractmethod + def policies(self) -> storage_types.IEntityReaderStorage[PedmStoragePolicy, str]: + pass + + @property + @abc.abstractmethod + def collections(self) -> storage_types.IEntityReaderStorage[PedmStorageCollection, str]: + pass + + @property + @abc.abstractmethod + def collection_links(self) -> storage_types.ILinkReaderStorage[PedmStorageCollectionLink, str, str]: + pass + + @property + @abc.abstractmethod + def approvals(self) -> storage_types.IEntityReaderStorage[PedmStorageApproval, str]: + pass + + @property + @abc.abstractmethod + def approval_status(self) -> storage_types.IEntityReaderStorage[PedmStorageApprovalStatus, str]: + pass + + @abc.abstractmethod + def reset(self): + pass + + +class MemoryPedmStorage(IPedmStorage): + def __init__(self): + self._settings = in_memory.InMemoryEntityStorage[PedmAdminSettings, str]() + self._deployments = in_memory.InMemoryEntityStorage[PedmStorageDeployment, str]() + self._agents = in_memory.InMemoryEntityStorage[PedmStorageAgent, str]() + self._policies = in_memory.InMemoryEntityStorage[PedmStoragePolicy, str]() + self._collections = in_memory.InMemoryEntityStorage[PedmStorageCollection, str]() + self._collection_links = in_memory.InMemoryLinkStorage[PedmStorageCollectionLink, str, str]() + self._approvals = in_memory.InMemoryEntityStorage[PedmStorageApproval, str]() + self._approval_status = in_memory.InMemoryEntityStorage[PedmStorageApprovalStatus, str]() + + @property + def settings(self) -> storage_types.IEntityReaderStorage[PedmAdminSettings, str]: + return self._settings + + @property + def deployments(self) -> storage_types.IEntityReaderStorage[PedmStorageDeployment, str]: + return self._deployments + + @property + def agents(self) -> storage_types.IEntityReaderStorage[PedmStorageAgent, str]: + return self._agents + + @property + def policies(self) -> storage_types.IEntityReaderStorage[PedmStoragePolicy, str]: + return self._policies + + @property + def collections(self) -> storage_types.IEntityReaderStorage[PedmStorageCollection, str]: + return self._collections + + @property + def collection_links(self) -> storage_types.ILinkReaderStorage[PedmStorageCollectionLink, str, str]: + return self._collection_links + + @property + def approvals(self) -> storage_types.IEntityReaderStorage[PedmStorageApproval, str]: + return self._approvals + + @property + def approval_status(self) -> storage_types.IEntityReaderStorage[PedmStorageApprovalStatus, str]: + return self._approval_status + + def reset(self): + self._settings.clear() + self._deployments.clear() + self._agents.clear() + self._policies.clear() + self._collections.clear() + self._collection_links.clear() + self._approvals.clear() + self._approval_status.clear() + + +class SqlitePedmStorage(IPedmStorage): + def __init__(self, get_connection: Callable[[], sqlite3.Connection], enterprise_id: int): + self.get_connection = get_connection + self.enterprise_id = enterprise_id + self.owner_column = 'enterprise_id' + setting_schema = sqlite_dao.TableSchema.load_schema( + PedmAdminSettings, 'key', owner_column=self.owner_column, owner_type=int) + deployment_schema = sqlite_dao.TableSchema.load_schema( + PedmStorageDeployment, primary_key='deployment_uid', owner_column=self.owner_column, owner_type=int) + agent_schema = sqlite_dao.TableSchema.load_schema( + PedmStorageAgent, primary_key='agent_uid', owner_column=self.owner_column, owner_type=int) + policy_schema = sqlite_dao.TableSchema.load_schema( + PedmStoragePolicy, primary_key='policy_uid', owner_column=self.owner_column, owner_type=int) + collection_schema = sqlite_dao.TableSchema.load_schema( + PedmStorageCollection, primary_key='collection_uid', owner_column=self.owner_column, owner_type=int) + collection_link_schema = sqlite_dao.TableSchema.load_schema( + PedmStorageCollectionLink, primary_key=['collection_uid', 'link_uid'], indexes={'Link': 'link_uid'}, + owner_column=self.owner_column, owner_type=int) + approval_schema = sqlite_dao.TableSchema.load_schema( + PedmStorageApproval, primary_key='approval_uid', owner_column=self.owner_column, owner_type=int) + approval_status_schema = sqlite_dao.TableSchema.load_schema( + PedmStorageApprovalStatus, primary_key='approval_uid', owner_column=self.owner_column, owner_type=int) + + sqlite_dao.verify_database( + self.get_connection(),(setting_schema, deployment_schema, agent_schema, policy_schema, + collection_schema, collection_link_schema, approval_schema, approval_status_schema)) + + self._settings = sqlite.SqliteEntityStorage(self.get_connection, setting_schema, owner=self.enterprise_id) + self._deployments = sqlite.SqliteEntityStorage(self.get_connection, deployment_schema, owner=self.enterprise_id) + self._agents = sqlite.SqliteEntityStorage(self.get_connection, agent_schema, owner=self.enterprise_id) + self._policies = sqlite.SqliteEntityStorage(self.get_connection, policy_schema, owner=self.enterprise_id) + self._collections = sqlite.SqliteEntityStorage(self.get_connection, collection_schema, owner=self.enterprise_id) + self._collection_links = sqlite.SqliteLinkStorage(self.get_connection, collection_link_schema, owner=self.enterprise_id) + self._approvals = sqlite.SqliteEntityStorage(self.get_connection, approval_schema, owner=self.enterprise_id) + self._approval_status = sqlite.SqliteEntityStorage(self.get_connection, approval_status_schema, owner=self.enterprise_id) + + @property + def settings(self) -> storage_types.IEntityReaderStorage[PedmAdminSettings, str]: + return self._settings + + @property + def deployments(self) -> storage_types.IEntityReaderStorage[PedmStorageDeployment, str]: + return self._deployments + + @property + def agents(self) -> storage_types.IEntityReaderStorage[PedmStorageAgent, str]: + return self._agents + + @property + def policies(self) -> storage_types.IEntityReaderStorage[PedmStoragePolicy, str]: + return self._policies + + @property + def collections(self) -> storage_types.IEntityReaderStorage[PedmStorageCollection, str]: + return self._collections + + @property + def collection_links(self) -> storage_types.ILinkReaderStorage[PedmStorageCollectionLink, str, str]: + return self._collection_links + + @property + def approvals(self) -> storage_types.IEntityReaderStorage[PedmStorageApproval, str]: + return self._approvals + + @property + def approval_status(self) -> storage_types.IEntityReaderStorage[PedmStorageApprovalStatus, str]: + return self._approval_status + + def reset(self): + self._settings.delete_all() + self._deployments.delete_all() + self._agents.delete_all() + self._policies.delete_all() + self._collections.delete_all() + self._collection_links.delete_all() + self._approvals.delete_all() + self._approval_status.delete_all() diff --git a/keepersdk-package/src/keepersdk/plugins/pedm/admin_types.py b/keepersdk-package/src/keepersdk/plugins/pedm/admin_types.py new file mode 100644 index 00000000..98e725e0 --- /dev/null +++ b/keepersdk-package/src/keepersdk/plugins/pedm/admin_types.py @@ -0,0 +1,180 @@ +from __future__ import annotations + +import datetime +from typing import Optional, Dict, Any, List, Protocol, Union + +import attrs + +from . import pedm_shared +from ... import utils +from ...proto import pedm_pb2 +from ...storage import storage_types + + +@attrs.define(kw_only=True, frozen=True) +class PedmDeployment(storage_types.IUid[str]): + deployment_uid: str + name: str + deployment_key: bytes + public_key: bytes + private_key: bytes + disabled: bool + created: datetime.datetime + updated: datetime.datetime + def uid(self) -> str: + return self.deployment_uid + +@attrs.define(kw_only=True, frozen=True) +class PedmAgent(storage_types.IUid[str]): + agent_uid: str + machine_id: str + deployment_uid: str + public_key: bytes = b'' + disabled: bool = False + properties: Optional[Dict[str, Any]] = None + created: int = 0 + def uid(self) -> str: + return self.agent_uid + + +@attrs.define(kw_only=True, frozen=True) +class PedmDeploymentAgent(storage_types.IUidLink[str, str]): + deployment_uid: str + agent_uid: str + def subject_uid(self) -> str: + return self.deployment_uid + def object_uid(self) -> str: + return self.agent_uid + + +@attrs.define(kw_only=True, frozen=True) +class PedmPolicy(storage_types.IUid[str]): + policy_uid: str + policy_key: bytes + admin_data: Optional[Dict[str, Any]] = None + disabled: bool = False + data: Optional[Dict[str, Any]] = None + def uid(self) -> str: + return self.policy_uid + + +@attrs.define(kw_only=True, frozen=True) +class PedmUpdatePolicy: + policy_uid: str + admin_data: Optional[Dict[str, Any]] = None + disabled: Optional[bool] = None + data: Optional[Dict[str, Any]] = None + + +@attrs.define(kw_only=True, frozen=True) +class PedmCollection(storage_types.IUid[str]): + collection_uid: str + collection_type: int + collection_data: Dict[str, Any] + created: int = 0 + def uid(self) -> str: + return self.collection_uid + + +@attrs.define(kw_only=True, frozen=True) +class PedmApproval(storage_types.IUid[str]): + approval_uid: str + approval_type: int + agent_uid: str + account_info: Dict[str, str] + application_info: Dict[str, str] + justification: str + expire_in: int + created: datetime.datetime + def uid(self) -> str: + return self.approval_uid + + +@attrs.define(kw_only=True) +class AddDeployment: + name: str + spiffe_cert: Optional[bytes] = None + agent_info: pedm_shared.DeploymentAgentInformation + + +@attrs.define(kw_only=True) +class UpdateDeployment: + deployment_uid: str + name: Optional[str] = None + disabled: Optional[bool] = None + spiffe_cert: Optional[bytes] = None + + +@attrs.define(kw_only=True) +class UpdateAgent: + agent_uid: str + deployment_uid: Optional[str] = None + disabled: Optional[bool] = None + + +@attrs.define(kw_only=True) +class CollectionData: + collection_uid: str + collection_type: int + collection_data: str + + +@attrs.define(kw_only=True) +class CollectionLink: + collection_uid: str + link_uid: str + link_type: int + +@attrs.define(kw_only=True) +class CollectionLinkData: + collection_link: CollectionLink + link_data: Optional[bytes] = None + +class PedmStatus(Protocol): + success: bool + message: str + +@attrs.define(kw_only=True, frozen=True) +class EntityStatus(PedmStatus): + entity_uid: str + success: bool + message: str + +@attrs.define(kw_only=True, frozen=True) +class LinkStatus(PedmStatus): + subject_uid: str + object_uid: str + success: bool + message: str + +def parse_pedm_status(status: pedm_pb2.PedmStatus) -> Optional[Union[EntityStatus, LinkStatus]]: + if len(status.key) == 1: + return EntityStatus(entity_uid=utils.base64_url_encode(status.key[0]), + success=status.success, message=status.message) + if len(status.key) == 2: + return LinkStatus(subject_uid=utils.base64_url_encode(status.key[0]), + object_uid=utils.base64_url_encode(status.key[1]), + success=status.success, message=status.message) + return None + + +@attrs.define(kw_only=True) +class ModifyStatus: + add: List[Union[EntityStatus, LinkStatus]] + update: List[Union[EntityStatus, LinkStatus]] + remove: List[Union[EntityStatus, LinkStatus]] + + @classmethod + def from_proto(cls, status_rs: pedm_pb2.PedmStatusResponse) -> ModifyStatus: + add_status = [y for y in (parse_pedm_status(x) for x in status_rs.addStatus) if y] + update_status = [y for y in (parse_pedm_status(x) for x in status_rs.updateStatus) if y] + remove_status = [y for y in (parse_pedm_status(x) for x in status_rs.removeStatus) if y] + return cls(add=add_status, update=update_status, remove=remove_status) + + def merge(self, other: ModifyStatus) -> None: + if other.add: + self.add += other.add + if other.update: + self.update += other.update + if other.remove: + self.remove += other.remove diff --git a/keepersdk-package/src/keepersdk/plugins/pedm/pedm_shared.py b/keepersdk-package/src/keepersdk/plugins/pedm/pedm_shared.py new file mode 100644 index 00000000..3b767b4f --- /dev/null +++ b/keepersdk-package/src/keepersdk/plugins/pedm/pedm_shared.py @@ -0,0 +1,106 @@ +from __future__ import annotations + +import enum +from typing import Dict, Any + +import attrs +import hashlib +import hmac + +from ... import utils +from ...proto import pedm_pb2 + +@attrs.define(kw_only=True) +class DeploymentAgentInformation: + hash_key: bytes + peer_public_key: bytes + + def to_dict(self) -> Dict[str, Any]: + return { + 'hash_key': utils.base64_url_encode(self.hash_key), + 'peer_public_key': utils.base64_url_encode(self.peer_public_key), + } + + @classmethod + def from_dict(cls, data: Dict[str, Any]) -> DeploymentAgentInformation: + hash_key = data['hash_key'] + peer_public_key = data.get('peer_public_key') or data['pair_public_key'] + return DeploymentAgentInformation(hash_key=utils.base64_url_decode(hash_key), + peer_public_key=utils.base64_url_decode(peer_public_key)) + + +def get_collection_uid(hash_key: bytes, collection_type: int, value: str) -> str: + message = collection_type.to_bytes(4, byteorder='big') + value.strip().lower().encode('utf-8') + d = hmac.new(hash_key, message, hashlib.sha256).digest() + x1 = int.from_bytes(d[:16], byteorder='big', signed=False) + x2 = int.from_bytes(d[16:], byteorder='big', signed=False) + return utils.base64_url_encode((x1 ^ x2).to_bytes(length=16, byteorder='big', signed=False)) + + +class CollectionType(int, enum.Enum): + Other = 0, + OsBuild = 1, + Application = 2, + UserAccount = 3, + GroupAccount = 4, + ApplicationName = 5, + UserName = 10, + CustomAppCollection = 102, + CustomUserCollection = 103, + CustomMachineCollection = 201, + OsVersion = 202, + + +def collection_type_to_name(collection_type: int) -> str: + if collection_type == CollectionType.OsBuild: + return 'OS Build' + if collection_type == CollectionType.Application: + return 'Application' + if collection_type == CollectionType.UserAccount: + return 'User Account' + if collection_type == CollectionType.GroupAccount: + return 'Group Account' + if collection_type == CollectionType.ApplicationName: + return 'App Name' + if collection_type == CollectionType.UserName: + return 'User Name' + if collection_type == CollectionType.CustomAppCollection: + return 'App Collection' + if collection_type == CollectionType.CustomUserCollection: + return 'User Collection' + if collection_type == CollectionType.CustomMachineCollection: + return 'Machine Collection' + if collection_type == CollectionType.OsVersion: + return 'OS Version' + return 'Other' + +def collection_link_type_to_name(collection_link_type: int) -> str: + if collection_link_type == pedm_pb2.CollectionLinkType.CLT_AGENT: + return 'AGENT' + if collection_link_type == pedm_pb2.CollectionLinkType.CLT_POLICY: + return 'POLICY' + if collection_link_type == pedm_pb2.CollectionLinkType.CLT_COLLECTION: + return 'COLLECTION' + return 'OTHER' + + +class EventRequestType(int, enum.Enum): + Other = 0, + PrivilegeElevation = 1, + FileAccess = 2, + CommandLine = 5, + LeastPrivilege = 6, + Custom = 99 + +def approval_type_to_name(event_type: int) -> str: + if event_type == EventRequestType.PrivilegeElevation: + return 'PrivilegeElevation' + if event_type == EventRequestType.FileAccess: + return 'FileAccess' + if event_type == EventRequestType.CommandLine: + return 'CommandLine' + if event_type == EventRequestType.LeastPrivilege: + return 'LeastPrivilege' + if event_type == EventRequestType.Custom: + return 'Custom' + return 'Other' diff --git a/keepersdk-package/src/keepersdk/plugins/sox/sox_storage.py b/keepersdk-package/src/keepersdk/plugins/sox/sox_storage.py index 4230d260..3b5d113f 100644 --- a/keepersdk-package/src/keepersdk/plugins/sox/sox_storage.py +++ b/keepersdk-package/src/keepersdk/plugins/sox/sox_storage.py @@ -34,7 +34,7 @@ def __init__(self, get_connection: Callable[[], sqlite3.Connection], enterprise_ self._sox_record_storage = sqlite.SqliteEntityStorage(self.get_connection, sox_record_schema, owner=enterprise_id) @property - def sox_record_storage(self) -> storage_types.IEntityStorage[StorageSoxRecord, str]: + def sox_record_storage(self) -> storage_types.IEntityReaderStorage[StorageSoxRecord, str]: return self._sox_record_storage def get_owned_records(self, user_id: int) -> Iterator[StorageSoxRecord]: diff --git a/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.py b/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.py index a391978c..54b85407 100644 --- a/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: APIRequest.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'APIRequest.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -17,7 +25,7 @@ from . import enterprise_pb2 as enterprise__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x10\x41PIRequest.proto\x12\x0e\x41uthentication\x1a\x10\x65nterprise.proto\"\xb0\x01\n\nApiRequest\x12 \n\x18\x65ncryptedTransmissionKey\x18\x01 \x01(\x0c\x12\x13\n\x0bpublicKeyId\x18\x02 \x01(\x05\x12\x0e\n\x06locale\x18\x03 \x01(\t\x12\x18\n\x10\x65ncryptedPayload\x18\x04 \x01(\x0c\x12\x16\n\x0e\x65ncryptionType\x18\x05 \x01(\x05\x12\x11\n\trecaptcha\x18\x06 \x01(\t\x12\x16\n\x0esubEnvironment\x18\x07 \x01(\t\"j\n\x11\x41piRequestPayload\x12\x0f\n\x07payload\x18\x01 \x01(\x0c\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x02 \x01(\x0c\x12\x11\n\ttimeToken\x18\x03 \x01(\x0c\x12\x12\n\napiVersion\x18\x04 \x01(\x05\"6\n\tTransform\x12\x0b\n\x03key\x18\x01 \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x02 \x01(\x0c\"\xa0\x01\n\rDeviceRequest\x12\x15\n\rclientVersion\x18\x01 \x01(\t\x12\x12\n\ndeviceName\x18\x02 \x01(\t\x12\x16\n\x0e\x64\x65vicePlatform\x18\x03 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x04 \x01(\x0e\x32 .Authentication.ClientFormFactor\x12\x10\n\x08username\x18\x05 \x01(\t\"T\n\x0b\x41uthRequest\x12\x15\n\rclientVersion\x18\x01 \x01(\t\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x03 \x01(\x0c\"\xc3\x01\n\x14NewUserMinimumParams\x12\x19\n\x11minimumIterations\x18\x01 \x01(\x05\x12\x1a\n\x12passwordMatchRegex\x18\x02 \x03(\t\x12 \n\x18passwordMatchDescription\x18\x03 \x03(\t\x12\x1a\n\x12isEnterpriseDomain\x18\x04 \x01(\x08\x12\x1e\n\x16\x65nterpriseEccPublicKey\x18\x05 \x01(\x0c\x12\x16\n\x0e\x66orbidKeyType2\x18\x06 \x01(\x08\"\x89\x01\n\x0fPreLoginRequest\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12,\n\tloginType\x18\x02 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x16\n\x0etwoFactorToken\x18\x03 \x01(\x0c\"\x80\x02\n\x0cLoginRequest\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12,\n\tloginType\x18\x02 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x1f\n\x17\x61uthenticationHashPrime\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x04 \x01(\x0c\x12\x14\n\x0c\x61uthResponse\x18\x05 \x01(\x0c\x12\x16\n\x0emcEnterpriseId\x18\x06 \x01(\x05\x12\x12\n\npush_token\x18\x07 \x01(\t\x12\x10\n\x08platform\x18\x08 \x01(\t\"\\\n\x0e\x44\x65viceResponse\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12,\n\x06status\x18\x02 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\"V\n\x04Salt\x12\x12\n\niterations\x18\x01 \x01(\x05\x12\x0c\n\x04salt\x18\x02 \x01(\x0c\x12\x11\n\talgorithm\x18\x03 \x01(\x05\x12\x0b\n\x03uid\x18\x04 \x01(\x0c\x12\x0c\n\x04name\x18\x05 \x01(\t\" \n\x10TwoFactorChannel\x12\x0c\n\x04type\x18\x01 \x01(\x05\"\xfc\x02\n\x11StartLoginRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x04 \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x05 \x01(\x0c\x12,\n\tloginType\x18\x06 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x16\n\x0emcEnterpriseId\x18\x07 \x01(\x05\x12\x30\n\x0bloginMethod\x18\x08 \x01(\x0e\x32\x1b.Authentication.LoginMethod\x12\x15\n\rforceNewLogin\x18\t \x01(\x08\x12\x11\n\tcloneCode\x18\n \x01(\x0c\x12\x18\n\x10v2TwoFactorToken\x18\x0b \x01(\t\x12\x12\n\naccountUid\x18\x0c \x01(\x0c\x12\x18\n\x10\x66romSessionToken\x18\r \x01(\x0c\"\xa7\x04\n\rLoginResponse\x12.\n\nloginState\x18\x01 \x01(\x0e\x32\x1a.Authentication.LoginState\x12\x12\n\naccountUid\x18\x02 \x01(\x0c\x12\x17\n\x0fprimaryUsername\x18\x03 \x01(\t\x12\x18\n\x10\x65ncryptedDataKey\x18\x04 \x01(\x0c\x12\x42\n\x14\x65ncryptedDataKeyType\x18\x05 \x01(\x0e\x32$.Authentication.EncryptedDataKeyType\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x06 \x01(\x0c\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x07 \x01(\x0c\x12:\n\x10sessionTokenType\x18\x08 \x01(\x0e\x32 .Authentication.SessionTokenType\x12\x0f\n\x07message\x18\t \x01(\t\x12\x0b\n\x03url\x18\n \x01(\t\x12\x36\n\x08\x63hannels\x18\x0b \x03(\x0b\x32$.Authentication.TwoFactorChannelInfo\x12\"\n\x04salt\x18\x0c \x03(\x0b\x32\x14.Authentication.Salt\x12\x11\n\tcloneCode\x18\r \x01(\x0c\x12\x1a\n\x12stateSpecificValue\x18\x0e \x01(\t\x12\x18\n\x10ssoClientVersion\x18\x0f \x01(\t\x12 \n\x18sessionTokenTypeModifier\x18\x10 \x01(\t\"_\n\x11SwitchListElement\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x10\n\x08\x66ullName\x18\x02 \x01(\t\x12\x14\n\x0c\x61uthRequired\x18\x03 \x01(\x08\x12\x10\n\x08isLinked\x18\x04 \x01(\x08\"I\n\x12SwitchListResponse\x12\x33\n\x08\x65lements\x18\x01 \x03(\x0b\x32!.Authentication.SwitchListElement\"\x8c\x01\n\x0bSsoUserInfo\x12\x13\n\x0b\x63ompanyName\x18\x01 \x01(\t\x12\x13\n\x0bsamlRequest\x18\x02 \x01(\t\x12\x17\n\x0fsamlRequestType\x18\x03 \x01(\t\x12\x15\n\rssoDomainName\x18\x04 \x01(\t\x12\x10\n\x08loginUrl\x18\x05 \x01(\t\x12\x11\n\tlogoutUrl\x18\x06 \x01(\t\"\xd6\x01\n\x10PreLoginResponse\x12\x32\n\x0c\x64\x65viceStatus\x18\x01 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\x12\"\n\x04salt\x18\x02 \x03(\x0b\x32\x14.Authentication.Salt\x12\x38\n\x0eOBSOLETE_FIELD\x18\x03 \x03(\x0b\x32 .Authentication.TwoFactorChannel\x12\x30\n\x0bssoUserInfo\x18\x04 \x01(\x0b\x32\x1b.Authentication.SsoUserInfo\"&\n\x12LoginAsUserRequest\x12\x10\n\x08username\x18\x01 \x01(\t\"W\n\x13LoginAsUserResponse\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x01 \x01(\x0c\x12!\n\x19\x65ncryptedSharedAccountKey\x18\x02 \x01(\x0c\"\x84\x01\n\x17ValidateAuthHashRequest\x12\x36\n\x0epasswordMethod\x18\x01 \x01(\x0e\x32\x1e.Authentication.PasswordMethod\x12\x14\n\x0c\x61uthResponse\x18\x02 \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x03 \x01(\x0c\"\xc4\x02\n\x14TwoFactorChannelInfo\x12\x39\n\x0b\x63hannelType\x18\x01 \x01(\x0e\x32$.Authentication.TwoFactorChannelType\x12\x13\n\x0b\x63hannel_uid\x18\x02 \x01(\x0c\x12\x13\n\x0b\x63hannelName\x18\x03 \x01(\t\x12\x11\n\tchallenge\x18\x04 \x01(\t\x12\x14\n\x0c\x63\x61pabilities\x18\x05 \x03(\t\x12\x13\n\x0bphoneNumber\x18\x06 \x01(\t\x12:\n\rmaxExpiration\x18\x07 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\x12\x11\n\tcreatedOn\x18\x08 \x01(\x03\x12:\n\rlastFrequency\x18\t \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"d\n\x12TwoFactorDuoStatus\x12\x14\n\x0c\x63\x61pabilities\x18\x01 \x03(\t\x12\x13\n\x0bphoneNumber\x18\x02 \x01(\t\x12\x12\n\nenroll_url\x18\x03 \x01(\t\x12\x0f\n\x07message\x18\x04 \x01(\t\"\xc7\x01\n\x13TwoFactorAddRequest\x12\x39\n\x0b\x63hannelType\x18\x01 \x01(\x0e\x32$.Authentication.TwoFactorChannelType\x12\x13\n\x0b\x63hannel_uid\x18\x02 \x01(\x0c\x12\x13\n\x0b\x63hannelName\x18\x03 \x01(\t\x12\x13\n\x0bphoneNumber\x18\x04 \x01(\t\x12\x36\n\x0b\x64uoPushType\x18\x05 \x01(\x0e\x32!.Authentication.TwoFactorPushType\"B\n\x16TwoFactorRenameRequest\x12\x13\n\x0b\x63hannel_uid\x18\x01 \x01(\x0c\x12\x13\n\x0b\x63hannelName\x18\x02 \x01(\t\"=\n\x14TwoFactorAddResponse\x12\x11\n\tchallenge\x18\x01 \x01(\t\x12\x12\n\nbackupKeys\x18\x02 \x03(\t\"-\n\x16TwoFactorDeleteRequest\x12\x13\n\x0b\x63hannel_uid\x18\x01 \x01(\x0c\"a\n\x15TwoFactorListResponse\x12\x36\n\x08\x63hannels\x18\x01 \x03(\x0b\x32$.Authentication.TwoFactorChannelInfo\x12\x10\n\x08\x65xpireOn\x18\x02 \x01(\x03\"Y\n TwoFactorUpdateExpirationRequest\x12\x35\n\x08\x65xpireIn\x18\x01 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"\xc9\x01\n\x18TwoFactorValidateRequest\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x35\n\tvalueType\x18\x02 \x01(\x0e\x32\".Authentication.TwoFactorValueType\x12\r\n\x05value\x18\x03 \x01(\t\x12\x13\n\x0b\x63hannel_uid\x18\x04 \x01(\x0c\x12\x35\n\x08\x65xpireIn\x18\x05 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"8\n\x19TwoFactorValidateResponse\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\"\xb8\x01\n\x18TwoFactorSendPushRequest\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x33\n\x08pushType\x18\x02 \x01(\x0e\x32!.Authentication.TwoFactorPushType\x12\x13\n\x0b\x63hannel_uid\x18\x03 \x01(\x0c\x12\x35\n\x08\x65xpireIn\x18\x04 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"\x83\x01\n\x07License\x12\x0f\n\x07\x63reated\x18\x01 \x01(\x03\x12\x12\n\nexpiration\x18\x02 \x01(\x03\x12\x34\n\rlicenseStatus\x18\x03 \x01(\x0e\x32\x1d.Authentication.LicenseStatus\x12\x0c\n\x04paid\x18\x04 \x01(\x08\x12\x0f\n\x07message\x18\x05 \x01(\t\"G\n\x0fOwnerlessRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x11\n\trecordKey\x18\x02 \x01(\x0c\x12\x0e\n\x06status\x18\x03 \x01(\x05\"L\n\x10OwnerlessRecords\x12\x38\n\x0fownerlessRecord\x18\x01 \x03(\x0b\x32\x1f.Authentication.OwnerlessRecord\"\xd7\x01\n\x0fUserAuthRequest\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04salt\x18\x02 \x01(\x0c\x12\x12\n\niterations\x18\x03 \x01(\x05\x12\x1a\n\x12\x65ncryptedClientKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x61uthHash\x18\x05 \x01(\x0c\x12\x18\n\x10\x65ncryptedDataKey\x18\x06 \x01(\x0c\x12,\n\tloginType\x18\x07 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x0c\n\x04name\x18\x08 \x01(\t\x12\x11\n\talgorithm\x18\t \x01(\x05\"\x19\n\nUidRequest\x12\x0b\n\x03uid\x18\x01 \x03(\x0c\"\xff\x01\n\x13\x44\x65viceUpdateRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x12\n\ndeviceName\x18\x03 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\x12\x16\n\x0e\x64\x65vicePlatform\x18\x06 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x07 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\x80\x02\n\x14\x44\x65viceUpdateResponse\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x12\n\ndeviceName\x18\x03 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\x12\x16\n\x0e\x64\x65vicePlatform\x18\x06 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x07 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\xd5\x01\n\x1dRegisterDeviceInRegionRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x12\n\ndeviceName\x18\x03 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x16\n\x0e\x64\x65vicePlatform\x18\x05 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x06 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\xf8\x02\n\x13RegistrationRequest\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12\x38\n\x0fuserAuthRequest\x18\x02 \x01(\x0b\x32\x1f.Authentication.UserAuthRequest\x12\x1a\n\x12\x65ncryptedClientKey\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x04 \x01(\x0c\x12\x11\n\tpublicKey\x18\x05 \x01(\x0c\x12\x18\n\x10verificationCode\x18\x06 \x01(\t\x12\x1e\n\x16\x64\x65precatedAuthHashHash\x18\x07 \x01(\x0c\x12$\n\x1c\x64\x65precatedEncryptedClientKey\x18\x08 \x01(\x0c\x12%\n\x1d\x64\x65precatedEncryptedPrivateKey\x18\t \x01(\x0c\x12\"\n\x1a\x64\x65precatedEncryptionParams\x18\n \x01(\x0c\"\xd0\x01\n\x16\x43onvertUserToV3Request\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12\x38\n\x0fuserAuthRequest\x18\x02 \x01(\x0b\x32\x1f.Authentication.UserAuthRequest\x12\x1a\n\x12\x65ncryptedClientKey\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x04 \x01(\x0c\x12\x11\n\tpublicKey\x18\x05 \x01(\x0c\"$\n\x10RevisionResponse\x12\x10\n\x08revision\x18\x01 \x01(\x03\"&\n\x12\x43hangeEmailRequest\x12\x10\n\x08newEmail\x18\x01 \x01(\t\"8\n\x13\x43hangeEmailResponse\x12!\n\x19\x65ncryptedChangeEmailToken\x18\x01 \x01(\x0c\"6\n\x1d\x45mailVerificationLinkResponse\x12\x15\n\remailVerified\x18\x01 \x01(\x08\")\n\x0cSecurityData\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"@\n\x11SecurityScoreData\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"\x8b\x02\n\x13SecurityDataRequest\x12\x38\n\x12recordSecurityData\x18\x01 \x03(\x0b\x32\x1c.Authentication.SecurityData\x12@\n\x1amasterPasswordSecurityData\x18\x02 \x03(\x0b\x32\x1c.Authentication.SecurityData\x12\x34\n\x0e\x65ncryptionType\x18\x03 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x42\n\x17recordSecurityScoreData\x18\x04 \x03(\x0b\x32!.Authentication.SecurityScoreData\"\xc6\x02\n\x1dSecurityReportIncrementalData\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1b\n\x13\x63urrentSecurityData\x18\x02 \x01(\x0c\x12#\n\x1b\x63urrentSecurityDataRevision\x18\x03 \x01(\x03\x12\x17\n\x0foldSecurityData\x18\x04 \x01(\x0c\x12\x1f\n\x17oldSecurityDataRevision\x18\x05 \x01(\x03\x12?\n\x19\x63urrentDataEncryptionType\x18\x06 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12;\n\x15oldDataEncryptionType\x18\x07 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x11\n\trecordUid\x18\x08 \x01(\x0c\"\x9f\x02\n\x0eSecurityReport\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1b\n\x13\x65ncryptedReportData\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\x12\x11\n\ttwoFactor\x18\x04 \x01(\t\x12\x11\n\tlastLogin\x18\x05 \x01(\x03\x12\x1e\n\x16numberOfReusedPassword\x18\x06 \x01(\x05\x12T\n\x1dsecurityReportIncrementalData\x18\x07 \x03(\x0b\x32-.Authentication.SecurityReportIncrementalData\x12\x0e\n\x06userId\x18\x08 \x01(\x05\x12\x18\n\x10hasOldEncryption\x18\t \x01(\x08\"n\n\x19SecurityReportSaveRequest\x12\x36\n\x0esecurityReport\x18\x01 \x03(\x0b\x32\x1e.Authentication.SecurityReport\x12\x19\n\x11\x63ontinuationToken\x18\x02 \x01(\x0c\")\n\x15SecurityReportRequest\x12\x10\n\x08\x66romPage\x18\x01 \x01(\x03\"\xf5\x01\n\x16SecurityReportResponse\x12\x1c\n\x14\x65nterprisePrivateKey\x18\x01 \x01(\x0c\x12\x36\n\x0esecurityReport\x18\x02 \x03(\x0b\x32\x1e.Authentication.SecurityReport\x12\x14\n\x0c\x61sOfRevision\x18\x03 \x01(\x03\x12\x10\n\x08\x66romPage\x18\x04 \x01(\x03\x12\x0e\n\x06toPage\x18\x05 \x01(\x03\x12\x10\n\x08\x63omplete\x18\x06 \x01(\x08\x12\x1f\n\x17\x65nterpriseEccPrivateKey\x18\x07 \x01(\x0c\x12\x1a\n\x12hasIncrementalData\x18\x08 \x01(\x08\";\n\x1eIncrementalSecurityDataRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"\x92\x01\n\x1fIncrementalSecurityDataResponse\x12T\n\x1dsecurityReportIncrementalData\x18\x01 \x03(\x0b\x32-.Authentication.SecurityReportIncrementalData\x12\x19\n\x11\x63ontinuationToken\x18\x02 \x01(\x0c\"\'\n\x16ReusedPasswordsRequest\x12\r\n\x05\x63ount\x18\x01 \x01(\x05\">\n\x14SummaryConsoleReport\x12\x12\n\nreportType\x18\x01 \x01(\x05\x12\x12\n\nreportData\x18\x02 \x01(\x0c\"|\n\x12\x43hangeToKeyTypeOne\x12/\n\nobjectType\x18\x01 \x01(\x0e\x32\x1b.Authentication.ObjectTypes\x12\x12\n\nprimaryUid\x18\x02 \x01(\x0c\x12\x14\n\x0csecondaryUid\x18\x03 \x01(\x0c\x12\x0b\n\x03key\x18\x04 \x01(\x0c\"[\n\x19\x43hangeToKeyTypeOneRequest\x12>\n\x12\x63hangeToKeyTypeOne\x18\x01 \x03(\x0b\x32\".Authentication.ChangeToKeyTypeOne\"U\n\x18\x43hangeToKeyTypeOneStatus\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04type\x18\x02 \x01(\t\x12\x0e\n\x06status\x18\x03 \x01(\t\x12\x0e\n\x06reason\x18\x04 \x01(\t\"h\n\x1a\x43hangeToKeyTypeOneResponse\x12J\n\x18\x63hangeToKeyTypeOneStatus\x18\x01 \x03(\x0b\x32(.Authentication.ChangeToKeyTypeOneStatus\"\xb9\x01\n\x18GetChangeKeyTypesRequest\x12=\n\x10onlyTheseObjects\x18\x01 \x03(\x0e\x32#.Authentication.EncryptedObjectType\x12\r\n\x05limit\x18\x02 \x01(\x05\x12\x1a\n\x12includeRecommended\x18\x03 \x01(\x08\x12\x13\n\x0bincludeKeys\x18\x04 \x01(\x08\x12\x1e\n\x16includeAllowedKeyTypes\x18\x05 \x01(\x08\"\x82\x01\n\x19GetChangeKeyTypesResponse\x12+\n\x04keys\x18\x01 \x03(\x0b\x32\x1d.Authentication.ChangeKeyType\x12\x38\n\x0f\x61llowedKeyTypes\x18\x02 \x03(\x0b\x32\x1f.Authentication.AllowedKeyTypes\"\x81\x01\n\x0f\x41llowedKeyTypes\x12\x37\n\nobjectType\x18\x01 \x01(\x0e\x32#.Authentication.EncryptedObjectType\x12\x35\n\x0f\x61llowedKeyTypes\x18\x02 \x03(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"=\n\x0e\x43hangeKeyTypes\x12+\n\x04keys\x18\x01 \x03(\x0b\x32\x1d.Authentication.ChangeKeyType\"\xd6\x01\n\rChangeKeyType\x12\x37\n\nobjectType\x18\x01 \x01(\x0e\x32#.Authentication.EncryptedObjectType\x12\x0b\n\x03uid\x18\x02 \x01(\x0c\x12\x14\n\x0csecondaryUid\x18\x03 \x01(\x0c\x12\x0b\n\x03key\x18\x04 \x01(\x0c\x12-\n\x07keyType\x18\x05 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12-\n\x06status\x18\x06 \x01(\x0e\x32\x1d.Authentication.GenericStatus\"!\n\x06SetKey\x12\n\n\x02id\x18\x01 \x01(\x03\x12\x0b\n\x03key\x18\x02 \x01(\x0c\"5\n\rSetKeyRequest\x12$\n\x04keys\x18\x01 \x03(\x0b\x32\x16.Authentication.SetKey\"\x92\x05\n\x11\x43reateUserRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x14\n\x0c\x61uthVerifier\x18\x02 \x01(\x0c\x12\x18\n\x10\x65ncryptionParams\x18\x03 \x01(\x0c\x12\x14\n\x0crsaPublicKey\x18\x04 \x01(\x0c\x12\x1e\n\x16rsaEncryptedPrivateKey\x18\x05 \x01(\x0c\x12\x14\n\x0c\x65\x63\x63PublicKey\x18\x06 \x01(\x0c\x12\x1e\n\x16\x65\x63\x63\x45ncryptedPrivateKey\x18\x07 \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x08 \x01(\x0c\x12\x1a\n\x12\x65ncryptedClientKey\x18\t \x01(\x0c\x12\x15\n\rclientVersion\x18\n \x01(\t\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x0b \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x0c \x01(\x0c\x12\x19\n\x11messageSessionUid\x18\r \x01(\x0c\x12\x17\n\x0finstallReferrer\x18\x0e \x01(\t\x12\x0e\n\x06mccMNC\x18\x0f \x01(\x05\x12\x0b\n\x03mfg\x18\x10 \x01(\t\x12\r\n\x05model\x18\x11 \x01(\t\x12\r\n\x05\x62rand\x18\x12 \x01(\t\x12\x0f\n\x07product\x18\x13 \x01(\t\x12\x0e\n\x06\x64\x65vice\x18\x14 \x01(\t\x12\x0f\n\x07\x63\x61rrier\x18\x15 \x01(\t\x12\x18\n\x10verificationCode\x18\x16 \x01(\t\x12\x42\n\x16\x65nterpriseRegistration\x18\x17 \x01(\x0b\x32\".Enterprise.EnterpriseRegistration\x12\"\n\x1a\x65ncryptedVerificationToken\x18\x18 \x01(\x0c\x12\x1e\n\x16\x65nterpriseUsersDataKey\x18\x19 \x01(\x0c\"W\n!NodeEnforcementAddOrUpdateRequest\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x13\n\x0b\x65nforcement\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\"C\n\x1cNodeEnforcementRemoveRequest\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x13\n\x0b\x65nforcement\x18\x02 \x01(\t\"\x9f\x01\n\x0f\x41piRequestByKey\x12\r\n\x05keyId\x18\x01 \x01(\x05\x12\x0f\n\x07payload\x18\x02 \x01(\x0c\x12\x10\n\x08username\x18\x03 \x01(\t\x12\x0e\n\x06locale\x18\x04 \x01(\t\x12<\n\x11supportedLanguage\x18\x05 \x01(\x0e\x32!.Authentication.SupportedLanguage\x12\x0c\n\x04type\x18\x06 \x01(\x05\"\xc7\x01\n\x15\x41piRequestByKAtoKAKey\x12,\n\x0csourceRegion\x18\x01 \x01(\x0e\x32\x16.Authentication.Region\x12\x0f\n\x07payload\x18\x02 \x01(\x0c\x12<\n\x11supportedLanguage\x18\x03 \x01(\x0e\x32!.Authentication.SupportedLanguage\x12\x31\n\x11\x64\x65stinationRegion\x18\x04 \x01(\x0e\x32\x16.Authentication.Region\".\n\x0fMemcacheRequest\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x0e\n\x06userId\x18\x02 \x01(\x05\".\n\x10MemcacheResponse\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t\"w\n\x1cMasterPasswordReentryRequest\x12\x16\n\x0epbkdf2Password\x18\x01 \x01(\t\x12?\n\x06\x61\x63tion\x18\x02 \x01(\x0e\x32/.Authentication.MasterPasswordReentryActionType\"\\\n\x1dMasterPasswordReentryResponse\x12;\n\x06status\x18\x01 \x01(\x0e\x32+.Authentication.MasterPasswordReentryStatus\"\xb3\x01\n\x19\x44\x65viceRegistrationRequest\x12\x15\n\rclientVersion\x18\x01 \x01(\t\x12\x12\n\ndeviceName\x18\x02 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x03 \x01(\x0c\x12\x16\n\x0e\x64\x65vicePlatform\x18\x04 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x05 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\x9a\x01\n\x19\x44\x65viceVerificationRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x1b\n\x13verificationChannel\x18\x03 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x04 \x01(\x0c\x12\x15\n\rclientVersion\x18\x05 \x01(\t\"\xb2\x01\n\x1a\x44\x65viceVerificationResponse\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x03 \x01(\x0c\x12\x15\n\rclientVersion\x18\x04 \x01(\t\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\"\xc8\x01\n\x15\x44\x65viceApprovalRequest\x12\r\n\x05\x65mail\x18\x01 \x01(\t\x12\x18\n\x10twoFactorChannel\x18\x02 \x01(\t\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x0e\n\x06locale\x18\x04 \x01(\t\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x05 \x01(\x0c\x12\x10\n\x08totpCode\x18\x06 \x01(\t\x12\x10\n\x08\x64\x65viceIp\x18\x07 \x01(\t\x12\x1d\n\x15\x64\x65viceTokenExpireDays\x18\x08 \x01(\t\"9\n\x16\x44\x65viceApprovalResponse\x12\x1f\n\x17\x65ncryptedTwoFactorToken\x18\x01 \x01(\x0c\"~\n\x14\x41pproveDeviceRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x02 \x01(\x0c\x12\x14\n\x0c\x64\x65nyApproval\x18\x03 \x01(\x08\x12\x12\n\nlinkDevice\x18\x04 \x01(\x08\"E\n\x1a\x45nterpriseUserAliasRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\r\n\x05\x61lias\x18\x02 \x01(\t\"Y\n\x1d\x45nterpriseUserAddAliasRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\r\n\x05\x61lias\x18\x02 \x01(\t\x12\x0f\n\x07primary\x18\x03 \x01(\x08\"w\n\x1f\x45nterpriseUserAddAliasRequestV2\x12T\n\x1d\x65nterpriseUserAddAliasRequest\x18\x01 \x03(\x0b\x32-.Authentication.EnterpriseUserAddAliasRequest\"H\n\x1c\x45nterpriseUserAddAliasStatus\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06status\x18\x02 \x01(\t\"^\n\x1e\x45nterpriseUserAddAliasResponse\x12<\n\x06status\x18\x01 \x03(\x0b\x32,.Authentication.EnterpriseUserAddAliasStatus\"&\n\x06\x44\x65vice\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\"\\\n\x1cRegisterDeviceDataKeyRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x02 \x01(\x0c\"n\n)ValidateCreateUserVerificationCodeRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x18\n\x10verificationCode\x18\x03 \x01(\t\"\xa3\x01\n%ValidateDeviceVerificationCodeRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x18\n\x10verificationCode\x18\x03 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x04 \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x05 \x01(\x0c\"Y\n\x19SendSessionMessageRequest\x12\x19\n\x11messageSessionUid\x18\x01 \x01(\x0c\x12\x0f\n\x07\x63ommand\x18\x02 \x01(\t\x12\x10\n\x08username\x18\x03 \x01(\t\"M\n\x11GlobalUserAccount\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x12\n\naccountUid\x18\x02 \x01(\x0c\x12\x12\n\nregionName\x18\x03 \x01(\t\"7\n\x0f\x41\x63\x63ountUsername\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x12\n\ndateActive\x18\x02 \x01(\t\"P\n\x19SsoServiceProviderRequest\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x0e\n\x06locale\x18\x03 \x01(\t\"a\n\x1aSsoServiceProviderResponse\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\r\n\x05spUrl\x18\x02 \x01(\t\x12\x0f\n\x07isCloud\x18\x03 \x01(\x08\x12\x15\n\rclientVersion\x18\x04 \x01(\t\"4\n\x12UserSettingRequest\x12\x0f\n\x07setting\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t\"f\n\rThrottleState\x12*\n\x04type\x18\x01 \x01(\x0e\x32\x1c.Authentication.ThrottleType\x12\x0b\n\x03key\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\x12\r\n\x05state\x18\x04 \x01(\x08\"\xb5\x01\n\x0eThrottleState2\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x16\n\x0ekeyDescription\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\x12\x18\n\x10valueDescription\x18\x04 \x01(\t\x12\x12\n\nidentifier\x18\x05 \x01(\t\x12\x0e\n\x06locked\x18\x06 \x01(\x08\x12\x1a\n\x12includedInAllClear\x18\x07 \x01(\x08\x12\x15\n\rexpireSeconds\x18\x08 \x01(\x05\"\x97\x01\n\x11\x44\x65viceInformation\x12\x10\n\x08\x64\x65viceId\x18\x01 \x01(\x03\x12\x12\n\ndeviceName\x18\x02 \x01(\t\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x11\n\tlastLogin\x18\x04 \x01(\x03\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\"*\n\x0bUserSetting\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\x08\".\n\x12UserDataKeyRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x03(\x03\"+\n\x18UserDataKeyByNodeRequest\x12\x0f\n\x07nodeIds\x18\x01 \x03(\x03\"\x80\x01\n\x1b\x45nterpriseUserIdDataKeyPair\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x18\n\x10\x65ncryptedDataKey\x18\x02 \x01(\x0c\x12-\n\x07keyType\x18\x03 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"\x95\x01\n\x0bUserDataKey\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x0f\n\x07roleKey\x18\x02 \x01(\x0c\x12\x12\n\nprivateKey\x18\x03 \x01(\t\x12Q\n\x1c\x65nterpriseUserIdDataKeyPairs\x18\x04 \x03(\x0b\x32+.Authentication.EnterpriseUserIdDataKeyPair\"z\n\x13UserDataKeyResponse\x12\x31\n\x0cuserDataKeys\x18\x01 \x03(\x0b\x32\x1b.Authentication.UserDataKey\x12\x14\n\x0c\x61\x63\x63\x65ssDenied\x18\x02 \x03(\x03\x12\x1a\n\x12noEncryptedDataKey\x18\x03 \x03(\x03\"H\n)MasterPasswordRecoveryVerificationRequest\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\"U\n\x1cGetSecurityQuestionV3Request\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x18\n\x10verificationCode\x18\x02 \x01(\t\"r\n\x1dGetSecurityQuestionV3Response\x12\x18\n\x10securityQuestion\x18\x01 \x01(\t\x12\x15\n\rbackupKeyDate\x18\x02 \x01(\x03\x12\x0c\n\x04salt\x18\x03 \x01(\x0c\x12\x12\n\niterations\x18\x04 \x01(\x05\"n\n\x19GetDataKeyBackupV3Request\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x18\n\x10verificationCode\x18\x02 \x01(\t\x12\x1a\n\x12securityAnswerHash\x18\x03 \x01(\x0c\"v\n\rPasswordRules\x12\x10\n\x08ruleType\x18\x01 \x01(\t\x12\r\n\x05match\x18\x02 \x01(\x08\x12\x0f\n\x07pattern\x18\x03 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x04 \x01(\t\x12\x0f\n\x07minimum\x18\x05 \x01(\x05\x12\r\n\x05value\x18\x06 \x01(\t\"\xc9\x02\n\x1aGetDataKeyBackupV3Response\x12\x15\n\rdataKeyBackup\x18\x01 \x01(\x0c\x12\x19\n\x11\x64\x61taKeyBackupDate\x18\x02 \x01(\x03\x12\x11\n\tpublicKey\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x04 \x01(\x0c\x12\x11\n\tclientKey\x18\x05 \x01(\x0c\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x06 \x01(\x0c\x12\x34\n\rpasswordRules\x18\x07 \x03(\x0b\x32\x1d.Authentication.PasswordRules\x12\x1a\n\x12passwordRulesIntro\x18\x08 \x01(\t\x12\x1f\n\x17minimumPbkdf2Iterations\x18\t \x01(\x05\x12$\n\x07keyType\x18\n \x01(\x0e\x32\x13.Enterprise.KeyType\")\n\x14GetPublicKeysRequest\x12\x11\n\tusernames\x18\x01 \x03(\t\"r\n\x11PublicKeyResponse\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x11\n\tpublicKey\x18\x02 \x01(\x0c\x12\x14\n\x0cpublicEccKey\x18\x03 \x01(\x0c\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x11\n\terrorCode\x18\x05 \x01(\t\"P\n\x15GetPublicKeysResponse\x12\x37\n\x0ckeyResponses\x18\x01 \x03(\x0b\x32!.Authentication.PublicKeyResponse\"F\n\x14SetEccKeyPairRequest\x12\x11\n\tpublicKey\x18\x01 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x02 \x01(\x0c\"I\n\x15SetEccKeyPairsRequest\x12\x30\n\x08teamKeys\x18\x01 \x03(\x0b\x32\x1e.Authentication.TeamEccKeyPair\"R\n\x16SetEccKeyPairsResponse\x12\x38\n\x08teamKeys\x18\x01 \x03(\x0b\x32&.Authentication.TeamEccKeyPairResponse\"Q\n\x0eTeamEccKeyPair\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x11\n\tpublicKey\x18\x02 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x03 \x01(\x0c\"X\n\x16TeamEccKeyPairResponse\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12-\n\x06status\x18\x02 \x01(\x0e\x32\x1d.Authentication.GenericStatus\"D\n\x17GetKsmPublicKeysRequest\x12\x11\n\tclientIds\x18\x01 \x03(\x0c\x12\x16\n\x0e\x63ontrollerUids\x18\x02 \x03(\x0c\"U\n\x17\x44\x65vicePublicKeyResponse\x12\x10\n\x08\x63lientId\x18\x01 \x01(\x0c\x12\x11\n\tpublicKey\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\"Y\n\x18GetKsmPublicKeysResponse\x12=\n\x0ckeyResponses\x18\x01 \x03(\x0b\x32\'.Authentication.DevicePublicKeyResponse\"X\n\x13\x41\x64\x64\x41ppSharesRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12+\n\x06shares\x18\x02 \x03(\x0b\x32\x1b.Authentication.AppShareAdd\">\n\x16RemoveAppSharesRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x0e\n\x06shares\x18\x02 \x03(\x0c\"\x87\x01\n\x0b\x41ppShareAdd\x12\x11\n\tsecretUid\x18\x02 \x01(\x0c\x12\x37\n\tshareType\x18\x03 \x01(\x0e\x32$.Authentication.ApplicationShareType\x12\x1a\n\x12\x65ncryptedSecretKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x65\x64itable\x18\x05 \x01(\x08\"\x89\x01\n\x08\x41ppShare\x12\x11\n\tsecretUid\x18\x01 \x01(\x0c\x12\x37\n\tshareType\x18\x02 \x01(\x0e\x32$.Authentication.ApplicationShareType\x12\x10\n\x08\x65\x64itable\x18\x03 \x01(\x08\x12\x11\n\tcreatedOn\x18\x04 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x05 \x01(\x0c\"\xd9\x01\n\x13\x41\x64\x64\x41ppClientRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x17\n\x0f\x65ncryptedAppKey\x18\x02 \x01(\x0c\x12\x10\n\x08\x63lientId\x18\x03 \x01(\x0c\x12\x0e\n\x06lockIp\x18\x04 \x01(\x08\x12\x1b\n\x13\x66irstAccessExpireOn\x18\x05 \x01(\x03\x12\x16\n\x0e\x61\x63\x63\x65ssExpireOn\x18\x06 \x01(\x03\x12\n\n\x02id\x18\x07 \x01(\t\x12\x30\n\rappClientType\x18\x08 \x01(\x0e\x32\x19.Enterprise.AppClientType\"@\n\x17RemoveAppClientsRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x0f\n\x07\x63lients\x18\x02 \x03(\x0c\"\xaa\x01\n\x17\x41\x64\x64\x45xternalShareRequest\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x1a\n\x12\x65ncryptedRecordKey\x18\x02 \x01(\x0c\x12\x10\n\x08\x63lientId\x18\x03 \x01(\x0c\x12\x16\n\x0e\x61\x63\x63\x65ssExpireOn\x18\x04 \x01(\x03\x12\n\n\x02id\x18\x05 \x01(\t\x12\x16\n\x0eisSelfDestruct\x18\x06 \x01(\x08\x12\x12\n\nisEditable\x18\x07 \x01(\x08\"\x93\x02\n\tAppClient\x12\n\n\x02id\x18\x01 \x01(\t\x12\x10\n\x08\x63lientId\x18\x02 \x01(\x0c\x12\x11\n\tcreatedOn\x18\x03 \x01(\x03\x12\x13\n\x0b\x66irstAccess\x18\x04 \x01(\x03\x12\x12\n\nlastAccess\x18\x05 \x01(\x03\x12\x11\n\tpublicKey\x18\x06 \x01(\x0c\x12\x0e\n\x06lockIp\x18\x07 \x01(\x08\x12\x11\n\tipAddress\x18\x08 \x01(\t\x12\x1b\n\x13\x66irstAccessExpireOn\x18\t \x01(\x03\x12\x16\n\x0e\x61\x63\x63\x65ssExpireOn\x18\n \x01(\x03\x12\x30\n\rappClientType\x18\x0b \x01(\x0e\x32\x19.Enterprise.AppClientType\x12\x0f\n\x07\x63\x61nEdit\x18\x0c \x01(\x08\")\n\x11GetAppInfoRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x03(\x0c\"\x8e\x01\n\x07\x41ppInfo\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12(\n\x06shares\x18\x02 \x03(\x0b\x32\x18.Authentication.AppShare\x12*\n\x07\x63lients\x18\x03 \x03(\x0b\x32\x19.Authentication.AppClient\x12\x17\n\x0fisExternalShare\x18\x04 \x01(\x08\">\n\x12GetAppInfoResponse\x12(\n\x07\x61ppInfo\x18\x01 \x03(\x0b\x32\x17.Authentication.AppInfo\"\xd5\x01\n\x12\x41pplicationSummary\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x12\n\nlastAccess\x18\x02 \x01(\x03\x12\x14\n\x0crecordShares\x18\x03 \x01(\x05\x12\x14\n\x0c\x66olderShares\x18\x04 \x01(\x05\x12\x15\n\rfolderRecords\x18\x05 \x01(\x05\x12\x13\n\x0b\x63lientCount\x18\x06 \x01(\x05\x12\x1a\n\x12\x65xpiredClientCount\x18\x07 \x01(\x05\x12\x10\n\x08username\x18\x08 \x01(\t\x12\x0f\n\x07\x61ppData\x18\t \x01(\x0c\"`\n\x1eGetApplicationsSummaryResponse\x12>\n\x12\x61pplicationSummary\x18\x01 \x03(\x0b\x32\".Authentication.ApplicationSummary\"/\n\x1bGetVerificationTokenRequest\x12\x10\n\x08username\x18\x01 \x01(\t\"B\n\x1cGetVerificationTokenResponse\x12\"\n\x1a\x65ncryptedVerificationToken\x18\x01 \x01(\x0c\"\'\n\x16SendShareInviteRequest\x12\r\n\x05\x65mail\x18\x01 \x01(\t\"\xc5\x01\n\x18TimeLimitedAccessRequest\x12\x12\n\naccountUid\x18\x01 \x03(\x0c\x12\x0f\n\x07teamUid\x18\x02 \x03(\x0c\x12\x11\n\trecordUid\x18\x03 \x03(\x0c\x12\x17\n\x0fsharedObjectUid\x18\x04 \x01(\x0c\x12\x44\n\x15timeLimitedAccessType\x18\x05 \x01(\x0e\x32%.Authentication.TimeLimitedAccessType\x12\x12\n\nexpiration\x18\x06 \x01(\x03\"7\n\x17TimeLimitedAccessStatus\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0f\n\x07message\x18\x02 \x01(\t\"\xf8\x01\n\x19TimeLimitedAccessResponse\x12\x10\n\x08revision\x18\x01 \x01(\x03\x12\x41\n\x10userAccessStatus\x18\x02 \x03(\x0b\x32\'.Authentication.TimeLimitedAccessStatus\x12\x41\n\x10teamAccessStatus\x18\x03 \x03(\x0b\x32\'.Authentication.TimeLimitedAccessStatus\x12\x43\n\x12recordAccessStatus\x18\x04 \x03(\x0b\x32\'.Authentication.TimeLimitedAccessStatus\"+\n\x16RequestDownloadRequest\x12\x11\n\tfileNames\x18\x01 \x03(\t\"g\n\x17RequestDownloadResponse\x12\x0e\n\x06result\x18\x01 \x01(\t\x12\x0f\n\x07message\x18\x02 \x01(\t\x12+\n\tdownloads\x18\x03 \x03(\x0b\x32\x18.Authentication.Download\"D\n\x08\x44ownload\x12\x10\n\x08\x66ileName\x18\x01 \x01(\t\x12\x0b\n\x03url\x18\x02 \x01(\t\x12\x19\n\x11successStatusCode\x18\x03 \x01(\x05\"#\n\x11\x44\x65leteUserRequest\x12\x0e\n\x06reason\x18\x01 \x01(\t\"\x84\x01\n\x1b\x43hangeMasterPasswordRequest\x12\x14\n\x0c\x61uthVerifier\x18\x01 \x01(\x0c\x12\x18\n\x10\x65ncryptionParams\x18\x02 \x01(\x0c\x12\x1b\n\x13\x66romServiceProvider\x18\x03 \x01(\x08\x12\x18\n\x10iterationsChange\x18\x04 \x01(\x08\"=\n\x1c\x43hangeMasterPasswordResponse\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x01 \x01(\x0c\"Y\n\x1b\x41\x63\x63ountRecoverySetupRequest\x12 \n\x18recoveryEncryptedDataKey\x18\x01 \x01(\x0c\x12\x18\n\x10recoveryAuthHash\x18\x02 \x01(\x0c\"\xac\x01\n!AccountRecoveryVerifyCodeResponse\x12\x34\n\rbackupKeyType\x18\x01 \x01(\x0e\x32\x1d.Authentication.BackupKeyType\x12\x15\n\rbackupKeyDate\x18\x02 \x01(\x03\x12\x18\n\x10securityQuestion\x18\x03 \x01(\t\x12\x0c\n\x04salt\x18\x04 \x01(\x0c\x12\x12\n\niterations\x18\x05 \x01(\x05\",\n\x1b\x45mergencyAccessLoginRequest\x12\r\n\x05owner\x18\x01 \x01(\t\"\xb5\x01\n\x1c\x45mergencyAccessLoginResponse\x12\x14\n\x0csessionToken\x18\x01 \x01(\x0c\x12%\n\x07\x64\x61taKey\x18\x02 \x01(\x0b\x32\x14.Enterprise.TypedKey\x12+\n\rrsaPrivateKey\x18\x03 \x01(\x0b\x32\x14.Enterprise.TypedKey\x12+\n\reccPrivateKey\x18\x04 \x01(\x0b\x32\x14.Enterprise.TypedKey\"\xb2\x01\n\x0bUserTeamKey\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x18\n\x10\x65nterpriseUserId\x18\x03 \x01(\x03\x12\x1b\n\x13\x65ncryptedTeamKeyRSA\x18\x04 \x01(\x0c\x12\x1a\n\x12\x65ncryptedTeamKeyEC\x18\x05 \x01(\x0c\x12-\n\x06status\x18\x06 \x01(\x0e\x32\x1d.Authentication.GenericStatus\")\n\x16GenericRequestResponse\x12\x0f\n\x07request\x18\x01 \x03(\x0c\"f\n\x1aPasskeyRegistrationRequest\x12H\n\x17\x61uthenticatorAttachment\x18\x01 \x01(\x0e\x32\'.Authentication.AuthenticatorAttachment\"P\n\x1bPasskeyRegistrationResponse\x12\x16\n\x0e\x63hallengeToken\x18\x01 \x01(\x0c\x12\x19\n\x11pkCreationOptions\x18\x02 \x01(\t\"\x84\x01\n\x1fPasskeyRegistrationFinalization\x12\x16\n\x0e\x63hallengeToken\x18\x01 \x01(\x0c\x12\x1d\n\x15\x61uthenticatorResponse\x18\x02 \x01(\t\x12\x19\n\x0c\x66riendlyName\x18\x03 \x01(\tH\x00\x88\x01\x01\x42\x0f\n\r_friendlyName\"\xb3\x02\n\x1cPasskeyAuthenticationRequest\x12H\n\x17\x61uthenticatorAttachment\x18\x01 \x01(\x0e\x32\'.Authentication.AuthenticatorAttachment\x12\x36\n\x0epasskeyPurpose\x18\x02 \x01(\x0e\x32\x1e.Authentication.PasskeyPurpose\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x04 \x01(\x0c\x12\x15\n\x08username\x18\x05 \x01(\tH\x00\x88\x01\x01\x12 \n\x13\x65ncryptedLoginToken\x18\x06 \x01(\x0cH\x01\x88\x01\x01\x42\x0b\n\t_usernameB\x16\n\x14_encryptedLoginToken\"\x8b\x01\n\x1dPasskeyAuthenticationResponse\x12\x18\n\x10pkRequestOptions\x18\x01 \x01(\t\x12\x16\n\x0e\x63hallengeToken\x18\x02 \x01(\x0c\x12 \n\x13\x65ncryptedLoginToken\x18\x03 \x01(\x0cH\x00\x88\x01\x01\x42\x16\n\x14_encryptedLoginToken\"\xbf\x01\n\x18PasskeyValidationRequest\x12\x16\n\x0e\x63hallengeToken\x18\x01 \x01(\x0c\x12\x19\n\x11\x61ssertionResponse\x18\x02 \x01(\x0c\x12\x36\n\x0epasskeyPurpose\x18\x03 \x01(\x0e\x32\x1e.Authentication.PasskeyPurpose\x12 \n\x13\x65ncryptedLoginToken\x18\x04 \x01(\x0cH\x00\x88\x01\x01\x42\x16\n\x14_encryptedLoginToken\"I\n\x19PasskeyValidationResponse\x12\x0f\n\x07isValid\x18\x01 \x01(\x08\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x02 \x01(\x0c\"h\n\x14UpdatePasskeyRequest\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x14\n\x0c\x63redentialId\x18\x02 \x01(\x0c\x12\x19\n\x0c\x66riendlyName\x18\x03 \x01(\tH\x00\x88\x01\x01\x42\x0f\n\r_friendlyName\"-\n\x12PasskeyListRequest\x12\x17\n\x0fincludeDisabled\x18\x01 \x01(\x08\"\xa4\x01\n\x0bPasskeyInfo\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x14\n\x0c\x63redentialId\x18\x02 \x01(\x0c\x12\x14\n\x0c\x66riendlyName\x18\x03 \x01(\t\x12\x0e\n\x06\x41\x41GUID\x18\x04 \x01(\t\x12\x17\n\x0f\x63reatedAtMillis\x18\x05 \x01(\x03\x12\x16\n\x0elastUsedMillis\x18\x06 \x01(\x03\x12\x18\n\x10\x64isabledAtMillis\x18\x07 \x01(\x03\"G\n\x13PasskeyListResponse\x12\x30\n\x0bpasskeyInfo\x18\x01 \x03(\x0b\x32\x1b.Authentication.PasskeyInfo\"C\n\x0fTranslationInfo\x12\x16\n\x0etranslationKey\x18\x01 \x01(\t\x12\x18\n\x10translationValue\x18\x02 \x01(\t\",\n\x12TranslationRequest\x12\x16\n\x0etranslationKey\x18\x01 \x03(\t\"O\n\x13TranslationResponse\x12\x38\n\x0ftranslationInfo\x18\x01 \x03(\x0b\x32\x1f.Authentication.TranslationInfo*\xd3\x02\n\x11SupportedLanguage\x12\x0b\n\x07\x45NGLISH\x10\x00\x12\n\n\x06\x41RABIC\x10\x01\x12\x0b\n\x07\x42RITISH\x10\x02\x12\x0b\n\x07\x43HINESE\x10\x03\x12\x15\n\x11\x43HINESE_HONG_KONG\x10\x04\x12\x12\n\x0e\x43HINESE_TAIWAN\x10\x05\x12\t\n\x05\x44UTCH\x10\x06\x12\n\n\x06\x46RENCH\x10\x07\x12\n\n\x06GERMAN\x10\x08\x12\t\n\x05GREEK\x10\t\x12\n\n\x06HEBREW\x10\n\x12\x0b\n\x07ITALIAN\x10\x0b\x12\x0c\n\x08JAPANESE\x10\x0c\x12\n\n\x06KOREAN\x10\r\x12\n\n\x06POLISH\x10\x0e\x12\x0e\n\nPORTUGUESE\x10\x0f\x12\x15\n\x11PORTUGUESE_BRAZIL\x10\x10\x12\x0c\n\x08ROMANIAN\x10\x11\x12\x0b\n\x07RUSSIAN\x10\x12\x12\n\n\x06SLOVAK\x10\x13\x12\x0b\n\x07SPANISH\x10\x14\x12\x0b\n\x07\x46INNISH\x10\x15\x12\x0b\n\x07SWEDISH\x10\x16*k\n\tLoginType\x12\n\n\x06NORMAL\x10\x00\x12\x07\n\x03SSO\x10\x01\x12\x07\n\x03\x42IO\x10\x02\x12\r\n\tALTERNATE\x10\x03\x12\x0b\n\x07OFFLINE\x10\x04\x12\x13\n\x0f\x46ORGOT_PASSWORD\x10\x05\x12\x0f\n\x0bPASSKEY_BIO\x10\x06*q\n\x0c\x44\x65viceStatus\x12\x19\n\x15\x44\x45VICE_NEEDS_APPROVAL\x10\x00\x12\r\n\tDEVICE_OK\x10\x01\x12\x1b\n\x17\x44\x45VICE_DISABLED_BY_USER\x10\x02\x12\x1a\n\x16\x44\x45VICE_LOCKED_BY_ADMIN\x10\x03*A\n\rLicenseStatus\x12\t\n\x05OTHER\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0b\n\x07\x45XPIRED\x10\x02\x12\x0c\n\x08\x44ISABLED\x10\x03*7\n\x0b\x41\x63\x63ountType\x12\x0c\n\x08\x43ONSUMER\x10\x00\x12\n\n\x06\x46\x41MILY\x10\x01\x12\x0e\n\nENTERPRISE\x10\x02*\x9f\x02\n\x10SessionTokenType\x12\x12\n\x0eNO_RESTRICTION\x10\x00\x12\x14\n\x10\x41\x43\x43OUNT_RECOVERY\x10\x01\x12\x11\n\rSHARE_ACCOUNT\x10\x02\x12\x0c\n\x08PURCHASE\x10\x03\x12\x0c\n\x08RESTRICT\x10\x04\x12\x11\n\rACCEPT_INVITE\x10\x05\x12\x12\n\x0eSUPPORT_SERVER\x10\x06\x12\x17\n\x13\x45NTERPRISE_CREATION\x10\x07\x12\x1f\n\x1b\x45XPIRED_BUT_ALLOWED_TO_SYNC\x10\x08\x12\x18\n\x14\x41\x43\x43\x45PT_FAMILY_INVITE\x10\t\x12!\n\x1d\x45NTERPRISE_CREATION_PURCHASED\x10\n\x12\x14\n\x10\x45MERGENCY_ACCESS\x10\x0b*G\n\x07Version\x12\x13\n\x0finvalid_version\x10\x00\x12\x13\n\x0f\x64\x65\x66\x61ult_version\x10\x01\x12\x12\n\x0esecond_version\x10\x02*7\n\x1fMasterPasswordReentryActionType\x12\n\n\x06UNMASK\x10\x00\x12\x08\n\x04\x43OPY\x10\x01*l\n\x0bLoginMethod\x12\x17\n\x13INVALID_LOGINMETHOD\x10\x00\x12\x14\n\x10\x45XISTING_ACCOUNT\x10\x01\x12\x0e\n\nSSO_DOMAIN\x10\x02\x12\r\n\tAFTER_SSO\x10\x03\x12\x0f\n\x0bNEW_ACCOUNT\x10\x04*\xbe\x04\n\nLoginState\x12\x16\n\x12INVALID_LOGINSTATE\x10\x00\x12\x0e\n\nLOGGED_OUT\x10\x01\x12\x1c\n\x18\x44\x45VICE_APPROVAL_REQUIRED\x10\x02\x12\x11\n\rDEVICE_LOCKED\x10\x03\x12\x12\n\x0e\x41\x43\x43OUNT_LOCKED\x10\x04\x12\x19\n\x15\x44\x45VICE_ACCOUNT_LOCKED\x10\x05\x12\x0b\n\x07UPGRADE\x10\x06\x12\x13\n\x0fLICENSE_EXPIRED\x10\x07\x12\x13\n\x0fREGION_REDIRECT\x10\x08\x12\x16\n\x12REDIRECT_CLOUD_SSO\x10\t\x12\x17\n\x13REDIRECT_ONSITE_SSO\x10\n\x12\x10\n\x0cREQUIRES_2FA\x10\x0c\x12\x16\n\x12REQUIRES_AUTH_HASH\x10\r\x12\x15\n\x11REQUIRES_USERNAME\x10\x0e\x12\x19\n\x15\x41\x46TER_CLOUD_SSO_LOGIN\x10\x0f\x12\x1d\n\x19REQUIRES_ACCOUNT_CREATION\x10\x10\x12&\n\"REQUIRES_DEVICE_ENCRYPTED_DATA_KEY\x10\x11\x12\x17\n\x13LOGIN_TOKEN_EXPIRED\x10\x12\x12\x1e\n\x1aPASSKEY_INITIATE_CHALLENGE\x10\x13\x12\x19\n\x15PASSKEY_AUTH_REQUIRED\x10\x14\x12!\n\x1dPASSKEY_VERIFY_AUTHENTICATION\x10\x15\x12\x17\n\x13\x41\x46TER_PASSKEY_LOGIN\x10\x16\x12\r\n\tLOGGED_IN\x10\x63*k\n\x14\x45ncryptedDataKeyType\x12\n\n\x06NO_KEY\x10\x00\x12\x18\n\x14\x42Y_DEVICE_PUBLIC_KEY\x10\x01\x12\x0f\n\x0b\x42Y_PASSWORD\x10\x02\x12\x10\n\x0c\x42Y_ALTERNATE\x10\x03\x12\n\n\x06\x42Y_BIO\x10\x04*-\n\x0ePasswordMethod\x12\x0b\n\x07\x45NTERED\x10\x00\x12\x0e\n\nBIOMETRICS\x10\x01*\xb9\x01\n\x11TwoFactorPushType\x12\x14\n\x10TWO_FA_PUSH_NONE\x10\x00\x12\x13\n\x0fTWO_FA_PUSH_SMS\x10\x01\x12\x16\n\x12TWO_FA_PUSH_KEEPER\x10\x02\x12\x18\n\x14TWO_FA_PUSH_DUO_PUSH\x10\x03\x12\x18\n\x14TWO_FA_PUSH_DUO_TEXT\x10\x04\x12\x18\n\x14TWO_FA_PUSH_DUO_CALL\x10\x05\x12\x13\n\x0fTWO_FA_PUSH_DNA\x10\x06*\xc3\x01\n\x12TwoFactorValueType\x12\x14\n\x10TWO_FA_CODE_NONE\x10\x00\x12\x14\n\x10TWO_FA_CODE_TOTP\x10\x01\x12\x13\n\x0fTWO_FA_CODE_SMS\x10\x02\x12\x13\n\x0fTWO_FA_CODE_DUO\x10\x03\x12\x13\n\x0fTWO_FA_CODE_RSA\x10\x04\x12\x13\n\x0fTWO_FA_RESP_U2F\x10\x05\x12\x18\n\x14TWO_FA_RESP_WEBAUTHN\x10\x06\x12\x13\n\x0fTWO_FA_CODE_DNA\x10\x07*\xe1\x01\n\x14TwoFactorChannelType\x12\x12\n\x0eTWO_FA_CT_NONE\x10\x00\x12\x12\n\x0eTWO_FA_CT_TOTP\x10\x01\x12\x11\n\rTWO_FA_CT_SMS\x10\x02\x12\x11\n\rTWO_FA_CT_DUO\x10\x03\x12\x11\n\rTWO_FA_CT_RSA\x10\x04\x12\x14\n\x10TWO_FA_CT_BACKUP\x10\x05\x12\x11\n\rTWO_FA_CT_U2F\x10\x06\x12\x16\n\x12TWO_FA_CT_WEBAUTHN\x10\x07\x12\x14\n\x10TWO_FA_CT_KEEPER\x10\x08\x12\x11\n\rTWO_FA_CT_DNA\x10\t*\xab\x01\n\x13TwoFactorExpiration\x12\x1a\n\x16TWO_FA_EXP_IMMEDIATELY\x10\x00\x12\x18\n\x14TWO_FA_EXP_5_MINUTES\x10\x01\x12\x17\n\x13TWO_FA_EXP_12_HOURS\x10\x02\x12\x17\n\x13TWO_FA_EXP_24_HOURS\x10\x03\x12\x16\n\x12TWO_FA_EXP_30_DAYS\x10\x04\x12\x14\n\x10TWO_FA_EXP_NEVER\x10\x05*@\n\x0bLicenseType\x12\t\n\x05VAULT\x10\x00\x12\x08\n\x04\x43HAT\x10\x01\x12\x0b\n\x07STORAGE\x10\x02\x12\x0f\n\x0b\x42REACHWATCH\x10\x03*i\n\x0bObjectTypes\x12\n\n\x06RECORD\x10\x00\x12\x16\n\x12SHARED_FOLDER_USER\x10\x01\x12\x16\n\x12SHARED_FOLDER_TEAM\x10\x02\x12\x0f\n\x0bUSER_FOLDER\x10\x03\x12\r\n\tTEAM_USER\x10\x04*\xa1\x02\n\x13\x45ncryptedObjectType\x12\x13\n\x0f\x45OT_UNSPECIFIED\x10\x00\x12\x12\n\x0e\x45OT_RECORD_KEY\x10\x01\x12\x1e\n\x1a\x45OT_SHARED_FOLDER_USER_KEY\x10\x02\x12\x1e\n\x1a\x45OT_SHARED_FOLDER_TEAM_KEY\x10\x03\x12\x15\n\x11\x45OT_TEAM_USER_KEY\x10\x04\x12\x17\n\x13\x45OT_USER_FOLDER_KEY\x10\x05\x12\x15\n\x11\x45OT_SECURITY_DATA\x10\x06\x12%\n!EOT_SECURITY_DATA_MASTER_PASSWORD\x10\x07\x12\x1c\n\x18\x45OT_EMERGENCY_ACCESS_KEY\x10\x08\x12\x15\n\x11\x45OT_V2_RECORD_KEY\x10\t*M\n\x1bMasterPasswordReentryStatus\x12\x0e\n\nMP_UNKNOWN\x10\x00\x12\x0e\n\nMP_SUCCESS\x10\x01\x12\x0e\n\nMP_FAILURE\x10\x02*`\n\x1b\x41lternateAuthenticationType\x12\x1d\n\x19\x41LTERNATE_MASTER_PASSWORD\x10\x00\x12\r\n\tBIOMETRIC\x10\x01\x12\x13\n\x0f\x41\x43\x43OUNT_RECOVER\x10\x02*\x9a\x02\n\x0cThrottleType\x12\x1b\n\x17PASSWORD_RETRY_THROTTLE\x10\x00\x12\"\n\x1ePASSWORD_RETRY_LEGACY_THROTTLE\x10\x01\x12\x13\n\x0fTWO_FA_THROTTLE\x10\x02\x12\x1a\n\x16TWO_FA_LEGACY_THROTTLE\x10\x03\x12\x15\n\x11QA_RETRY_THROTTLE\x10\x04\x12\x1c\n\x18\x41\x43\x43OUNT_RECOVER_THROTTLE\x10\x05\x12.\n*VALIDATE_DEVICE_VERIFICATION_CODE_THROTTLE\x10\x06\x12\x33\n/VALIDATE_CREATE_USER_VERIFICATION_CODE_THROTTLE\x10\x07*H\n\x06Region\x12\x0b\n\x07UNKNOWN\x10\x00\x12\x06\n\x02\x65u\x10\x01\x12\x06\n\x02us\x10\x02\x12\t\n\x05usgov\x10\x03\x12\x06\n\x02\x61u\x10\x04\x12\x06\n\x02jp\x10\x05\x12\x06\n\x02\x63\x61\x10\x06*D\n\x14\x41pplicationShareType\x12\x15\n\x11SHARE_TYPE_RECORD\x10\x00\x12\x15\n\x11SHARE_TYPE_FOLDER\x10\x01*\xa4\x01\n\x15TimeLimitedAccessType\x12$\n INVALID_TIME_LIMITED_ACCESS_TYPE\x10\x00\x12\x19\n\x15USER_ACCESS_TO_RECORD\x10\x01\x12\'\n#USER_OR_TEAM_ACCESS_TO_SHAREDFOLDER\x10\x02\x12!\n\x1dRECORD_ACCESS_TO_SHAREDFOLDER\x10\x03*<\n\rBackupKeyType\x12\x12\n\x0e\x42KT_SEC_ANSWER\x10\x00\x12\x17\n\x13\x42KT_PASSPHRASE_HASH\x10\x01*W\n\rGenericStatus\x12\x0b\n\x07SUCCESS\x10\x00\x12\x12\n\x0eINVALID_OBJECT\x10\x01\x12\x12\n\x0e\x41LREADY_EXISTS\x10\x02\x12\x11\n\rACCESS_DENIED\x10\x03*N\n\x17\x41uthenticatorAttachment\x12\x12\n\x0e\x43ROSS_PLATFORM\x10\x00\x12\x0c\n\x08PLATFORM\x10\x01\x12\x11\n\rALL_SUPPORTED\x10\x02*-\n\x0ePasskeyPurpose\x12\x0c\n\x08PK_LOGIN\x10\x00\x12\r\n\tPK_REAUTH\x10\x01*K\n\x10\x43lientFormFactor\x12\x0c\n\x08\x46\x46_EMPTY\x10\x00\x12\x0c\n\x08\x46\x46_PHONE\x10\x01\x12\r\n\tFF_TABLET\x10\x02\x12\x0c\n\x08\x46\x46_WATCH\x10\x03\x42*\n\x18\x63om.keepersecurity.protoB\x0e\x41uthenticationb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x10\x41PIRequest.proto\x12\x0e\x41uthentication\x1a\x10\x65nterprise.proto\"{\n\rQrcMessageKey\x12\x19\n\x11\x63lientEcPublicKey\x18\x01 \x01(\x0c\x12\x1c\n\x14mlKemEncapsulatedKey\x18\x02 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x03 \x01(\x0c\x12\x12\n\nmsgVersion\x18\x04 \x01(\x05\x12\x0f\n\x07\x65\x63KeyId\x18\x05 \x01(\x05\"\xe6\x01\n\nApiRequest\x12 \n\x18\x65ncryptedTransmissionKey\x18\x01 \x01(\x0c\x12\x13\n\x0bpublicKeyId\x18\x02 \x01(\x05\x12\x0e\n\x06locale\x18\x03 \x01(\t\x12\x18\n\x10\x65ncryptedPayload\x18\x04 \x01(\x0c\x12\x16\n\x0e\x65ncryptionType\x18\x05 \x01(\x05\x12\x11\n\trecaptcha\x18\x06 \x01(\t\x12\x16\n\x0esubEnvironment\x18\x07 \x01(\t\x12\x34\n\rqrcMessageKey\x18\x08 \x01(\x0b\x32\x1d.Authentication.QrcMessageKey\"j\n\x11\x41piRequestPayload\x12\x0f\n\x07payload\x18\x01 \x01(\x0c\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x02 \x01(\x0c\x12\x11\n\ttimeToken\x18\x03 \x01(\x0c\x12\x12\n\napiVersion\x18\x04 \x01(\x05\"6\n\tTransform\x12\x0b\n\x03key\x18\x01 \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x02 \x01(\x0c\"\xa0\x01\n\rDeviceRequest\x12\x15\n\rclientVersion\x18\x01 \x01(\t\x12\x12\n\ndeviceName\x18\x02 \x01(\t\x12\x16\n\x0e\x64\x65vicePlatform\x18\x03 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x04 \x01(\x0e\x32 .Authentication.ClientFormFactor\x12\x10\n\x08username\x18\x05 \x01(\t\"T\n\x0b\x41uthRequest\x12\x15\n\rclientVersion\x18\x01 \x01(\t\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x03 \x01(\x0c\"\xc3\x01\n\x14NewUserMinimumParams\x12\x19\n\x11minimumIterations\x18\x01 \x01(\x05\x12\x1a\n\x12passwordMatchRegex\x18\x02 \x03(\t\x12 \n\x18passwordMatchDescription\x18\x03 \x03(\t\x12\x1a\n\x12isEnterpriseDomain\x18\x04 \x01(\x08\x12\x1e\n\x16\x65nterpriseEccPublicKey\x18\x05 \x01(\x0c\x12\x16\n\x0e\x66orbidKeyType2\x18\x06 \x01(\x08\"\x89\x01\n\x0fPreLoginRequest\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12,\n\tloginType\x18\x02 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x16\n\x0etwoFactorToken\x18\x03 \x01(\x0c\"\x80\x02\n\x0cLoginRequest\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12,\n\tloginType\x18\x02 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x1f\n\x17\x61uthenticationHashPrime\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x04 \x01(\x0c\x12\x14\n\x0c\x61uthResponse\x18\x05 \x01(\x0c\x12\x16\n\x0emcEnterpriseId\x18\x06 \x01(\x05\x12\x12\n\npush_token\x18\x07 \x01(\t\x12\x10\n\x08platform\x18\x08 \x01(\t\"\\\n\x0e\x44\x65viceResponse\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12,\n\x06status\x18\x02 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\"V\n\x04Salt\x12\x12\n\niterations\x18\x01 \x01(\x05\x12\x0c\n\x04salt\x18\x02 \x01(\x0c\x12\x11\n\talgorithm\x18\x03 \x01(\x05\x12\x0b\n\x03uid\x18\x04 \x01(\x0c\x12\x0c\n\x04name\x18\x05 \x01(\t\" \n\x10TwoFactorChannel\x12\x0c\n\x04type\x18\x01 \x01(\x05\"\xfc\x02\n\x11StartLoginRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x04 \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x05 \x01(\x0c\x12,\n\tloginType\x18\x06 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x16\n\x0emcEnterpriseId\x18\x07 \x01(\x05\x12\x30\n\x0bloginMethod\x18\x08 \x01(\x0e\x32\x1b.Authentication.LoginMethod\x12\x15\n\rforceNewLogin\x18\t \x01(\x08\x12\x11\n\tcloneCode\x18\n \x01(\x0c\x12\x18\n\x10v2TwoFactorToken\x18\x0b \x01(\t\x12\x12\n\naccountUid\x18\x0c \x01(\x0c\x12\x18\n\x10\x66romSessionToken\x18\r \x01(\x0c\"\xa7\x04\n\rLoginResponse\x12.\n\nloginState\x18\x01 \x01(\x0e\x32\x1a.Authentication.LoginState\x12\x12\n\naccountUid\x18\x02 \x01(\x0c\x12\x17\n\x0fprimaryUsername\x18\x03 \x01(\t\x12\x18\n\x10\x65ncryptedDataKey\x18\x04 \x01(\x0c\x12\x42\n\x14\x65ncryptedDataKeyType\x18\x05 \x01(\x0e\x32$.Authentication.EncryptedDataKeyType\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x06 \x01(\x0c\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x07 \x01(\x0c\x12:\n\x10sessionTokenType\x18\x08 \x01(\x0e\x32 .Authentication.SessionTokenType\x12\x0f\n\x07message\x18\t \x01(\t\x12\x0b\n\x03url\x18\n \x01(\t\x12\x36\n\x08\x63hannels\x18\x0b \x03(\x0b\x32$.Authentication.TwoFactorChannelInfo\x12\"\n\x04salt\x18\x0c \x03(\x0b\x32\x14.Authentication.Salt\x12\x11\n\tcloneCode\x18\r \x01(\x0c\x12\x1a\n\x12stateSpecificValue\x18\x0e \x01(\t\x12\x18\n\x10ssoClientVersion\x18\x0f \x01(\t\x12 \n\x18sessionTokenTypeModifier\x18\x10 \x01(\t\"v\n\x11SwitchListElement\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x10\n\x08\x66ullName\x18\x02 \x01(\t\x12\x14\n\x0c\x61uthRequired\x18\x03 \x01(\x08\x12\x10\n\x08isLinked\x18\x04 \x01(\x08\x12\x15\n\rprofilePicUrl\x18\x05 \x01(\t\"I\n\x12SwitchListResponse\x12\x33\n\x08\x65lements\x18\x01 \x03(\x0b\x32!.Authentication.SwitchListElement\"\x8c\x01\n\x0bSsoUserInfo\x12\x13\n\x0b\x63ompanyName\x18\x01 \x01(\t\x12\x13\n\x0bsamlRequest\x18\x02 \x01(\t\x12\x17\n\x0fsamlRequestType\x18\x03 \x01(\t\x12\x15\n\rssoDomainName\x18\x04 \x01(\t\x12\x10\n\x08loginUrl\x18\x05 \x01(\t\x12\x11\n\tlogoutUrl\x18\x06 \x01(\t\"\xd6\x01\n\x10PreLoginResponse\x12\x32\n\x0c\x64\x65viceStatus\x18\x01 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\x12\"\n\x04salt\x18\x02 \x03(\x0b\x32\x14.Authentication.Salt\x12\x38\n\x0eOBSOLETE_FIELD\x18\x03 \x03(\x0b\x32 .Authentication.TwoFactorChannel\x12\x30\n\x0bssoUserInfo\x18\x04 \x01(\x0b\x32\x1b.Authentication.SsoUserInfo\"&\n\x12LoginAsUserRequest\x12\x10\n\x08username\x18\x01 \x01(\t\"W\n\x13LoginAsUserResponse\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x01 \x01(\x0c\x12!\n\x19\x65ncryptedSharedAccountKey\x18\x02 \x01(\x0c\"\x84\x01\n\x17ValidateAuthHashRequest\x12\x36\n\x0epasswordMethod\x18\x01 \x01(\x0e\x32\x1e.Authentication.PasswordMethod\x12\x14\n\x0c\x61uthResponse\x18\x02 \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x03 \x01(\x0c\"\xc4\x02\n\x14TwoFactorChannelInfo\x12\x39\n\x0b\x63hannelType\x18\x01 \x01(\x0e\x32$.Authentication.TwoFactorChannelType\x12\x13\n\x0b\x63hannel_uid\x18\x02 \x01(\x0c\x12\x13\n\x0b\x63hannelName\x18\x03 \x01(\t\x12\x11\n\tchallenge\x18\x04 \x01(\t\x12\x14\n\x0c\x63\x61pabilities\x18\x05 \x03(\t\x12\x13\n\x0bphoneNumber\x18\x06 \x01(\t\x12:\n\rmaxExpiration\x18\x07 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\x12\x11\n\tcreatedOn\x18\x08 \x01(\x03\x12:\n\rlastFrequency\x18\t \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"d\n\x12TwoFactorDuoStatus\x12\x14\n\x0c\x63\x61pabilities\x18\x01 \x03(\t\x12\x13\n\x0bphoneNumber\x18\x02 \x01(\t\x12\x12\n\nenroll_url\x18\x03 \x01(\t\x12\x0f\n\x07message\x18\x04 \x01(\t\"\xc7\x01\n\x13TwoFactorAddRequest\x12\x39\n\x0b\x63hannelType\x18\x01 \x01(\x0e\x32$.Authentication.TwoFactorChannelType\x12\x13\n\x0b\x63hannel_uid\x18\x02 \x01(\x0c\x12\x13\n\x0b\x63hannelName\x18\x03 \x01(\t\x12\x13\n\x0bphoneNumber\x18\x04 \x01(\t\x12\x36\n\x0b\x64uoPushType\x18\x05 \x01(\x0e\x32!.Authentication.TwoFactorPushType\"B\n\x16TwoFactorRenameRequest\x12\x13\n\x0b\x63hannel_uid\x18\x01 \x01(\x0c\x12\x13\n\x0b\x63hannelName\x18\x02 \x01(\t\"=\n\x14TwoFactorAddResponse\x12\x11\n\tchallenge\x18\x01 \x01(\t\x12\x12\n\nbackupKeys\x18\x02 \x03(\t\"-\n\x16TwoFactorDeleteRequest\x12\x13\n\x0b\x63hannel_uid\x18\x01 \x01(\x0c\"a\n\x15TwoFactorListResponse\x12\x36\n\x08\x63hannels\x18\x01 \x03(\x0b\x32$.Authentication.TwoFactorChannelInfo\x12\x10\n\x08\x65xpireOn\x18\x02 \x01(\x03\"Y\n TwoFactorUpdateExpirationRequest\x12\x35\n\x08\x65xpireIn\x18\x01 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"\xc9\x01\n\x18TwoFactorValidateRequest\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x35\n\tvalueType\x18\x02 \x01(\x0e\x32\".Authentication.TwoFactorValueType\x12\r\n\x05value\x18\x03 \x01(\t\x12\x13\n\x0b\x63hannel_uid\x18\x04 \x01(\x0c\x12\x35\n\x08\x65xpireIn\x18\x05 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"8\n\x19TwoFactorValidateResponse\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\"\xb8\x01\n\x18TwoFactorSendPushRequest\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x33\n\x08pushType\x18\x02 \x01(\x0e\x32!.Authentication.TwoFactorPushType\x12\x13\n\x0b\x63hannel_uid\x18\x03 \x01(\x0c\x12\x35\n\x08\x65xpireIn\x18\x04 \x01(\x0e\x32#.Authentication.TwoFactorExpiration\"\x83\x01\n\x07License\x12\x0f\n\x07\x63reated\x18\x01 \x01(\x03\x12\x12\n\nexpiration\x18\x02 \x01(\x03\x12\x34\n\rlicenseStatus\x18\x03 \x01(\x0e\x32\x1d.Authentication.LicenseStatus\x12\x0c\n\x04paid\x18\x04 \x01(\x08\x12\x0f\n\x07message\x18\x05 \x01(\t\"G\n\x0fOwnerlessRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x11\n\trecordKey\x18\x02 \x01(\x0c\x12\x0e\n\x06status\x18\x03 \x01(\x05\"L\n\x10OwnerlessRecords\x12\x38\n\x0fownerlessRecord\x18\x01 \x03(\x0b\x32\x1f.Authentication.OwnerlessRecord\"\xd7\x01\n\x0fUserAuthRequest\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04salt\x18\x02 \x01(\x0c\x12\x12\n\niterations\x18\x03 \x01(\x05\x12\x1a\n\x12\x65ncryptedClientKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x61uthHash\x18\x05 \x01(\x0c\x12\x18\n\x10\x65ncryptedDataKey\x18\x06 \x01(\x0c\x12,\n\tloginType\x18\x07 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x0c\n\x04name\x18\x08 \x01(\t\x12\x11\n\talgorithm\x18\t \x01(\x05\"\x19\n\nUidRequest\x12\x0b\n\x03uid\x18\x01 \x03(\x0c\"\xff\x01\n\x13\x44\x65viceUpdateRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x12\n\ndeviceName\x18\x03 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\x12\x16\n\x0e\x64\x65vicePlatform\x18\x06 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x07 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\x80\x02\n\x14\x44\x65viceUpdateResponse\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x12\n\ndeviceName\x18\x03 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\x12\x16\n\x0e\x64\x65vicePlatform\x18\x06 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x07 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\xd5\x01\n\x1dRegisterDeviceInRegionRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x12\n\ndeviceName\x18\x03 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x16\n\x0e\x64\x65vicePlatform\x18\x05 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x06 \x01(\x0e\x32 .Authentication.ClientFormFactor\"\xf8\x02\n\x13RegistrationRequest\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12\x38\n\x0fuserAuthRequest\x18\x02 \x01(\x0b\x32\x1f.Authentication.UserAuthRequest\x12\x1a\n\x12\x65ncryptedClientKey\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x04 \x01(\x0c\x12\x11\n\tpublicKey\x18\x05 \x01(\x0c\x12\x18\n\x10verificationCode\x18\x06 \x01(\t\x12\x1e\n\x16\x64\x65precatedAuthHashHash\x18\x07 \x01(\x0c\x12$\n\x1c\x64\x65precatedEncryptedClientKey\x18\x08 \x01(\x0c\x12%\n\x1d\x64\x65precatedEncryptedPrivateKey\x18\t \x01(\x0c\x12\"\n\x1a\x64\x65precatedEncryptionParams\x18\n \x01(\x0c\"\xd0\x01\n\x16\x43onvertUserToV3Request\x12\x30\n\x0b\x61uthRequest\x18\x01 \x01(\x0b\x32\x1b.Authentication.AuthRequest\x12\x38\n\x0fuserAuthRequest\x18\x02 \x01(\x0b\x32\x1f.Authentication.UserAuthRequest\x12\x1a\n\x12\x65ncryptedClientKey\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x04 \x01(\x0c\x12\x11\n\tpublicKey\x18\x05 \x01(\x0c\"$\n\x10RevisionResponse\x12\x10\n\x08revision\x18\x01 \x01(\x03\"&\n\x12\x43hangeEmailRequest\x12\x10\n\x08newEmail\x18\x01 \x01(\t\"8\n\x13\x43hangeEmailResponse\x12!\n\x19\x65ncryptedChangeEmailToken\x18\x01 \x01(\x0c\"6\n\x1d\x45mailVerificationLinkResponse\x12\x15\n\remailVerified\x18\x01 \x01(\x08\")\n\x0cSecurityData\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"@\n\x11SecurityScoreData\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"\x8b\x02\n\x13SecurityDataRequest\x12\x38\n\x12recordSecurityData\x18\x01 \x03(\x0b\x32\x1c.Authentication.SecurityData\x12@\n\x1amasterPasswordSecurityData\x18\x02 \x03(\x0b\x32\x1c.Authentication.SecurityData\x12\x34\n\x0e\x65ncryptionType\x18\x03 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x42\n\x17recordSecurityScoreData\x18\x04 \x03(\x0b\x32!.Authentication.SecurityScoreData\"\xc6\x02\n\x1dSecurityReportIncrementalData\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1b\n\x13\x63urrentSecurityData\x18\x02 \x01(\x0c\x12#\n\x1b\x63urrentSecurityDataRevision\x18\x03 \x01(\x03\x12\x17\n\x0foldSecurityData\x18\x04 \x01(\x0c\x12\x1f\n\x17oldSecurityDataRevision\x18\x05 \x01(\x03\x12?\n\x19\x63urrentDataEncryptionType\x18\x06 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12;\n\x15oldDataEncryptionType\x18\x07 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x11\n\trecordUid\x18\x08 \x01(\x0c\"\x9f\x02\n\x0eSecurityReport\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1b\n\x13\x65ncryptedReportData\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\x12\x11\n\ttwoFactor\x18\x04 \x01(\t\x12\x11\n\tlastLogin\x18\x05 \x01(\x03\x12\x1e\n\x16numberOfReusedPassword\x18\x06 \x01(\x05\x12T\n\x1dsecurityReportIncrementalData\x18\x07 \x03(\x0b\x32-.Authentication.SecurityReportIncrementalData\x12\x0e\n\x06userId\x18\x08 \x01(\x05\x12\x18\n\x10hasOldEncryption\x18\t \x01(\x08\"n\n\x19SecurityReportSaveRequest\x12\x36\n\x0esecurityReport\x18\x01 \x03(\x0b\x32\x1e.Authentication.SecurityReport\x12\x19\n\x11\x63ontinuationToken\x18\x02 \x01(\x0c\")\n\x15SecurityReportRequest\x12\x10\n\x08\x66romPage\x18\x01 \x01(\x03\"\xf5\x01\n\x16SecurityReportResponse\x12\x1c\n\x14\x65nterprisePrivateKey\x18\x01 \x01(\x0c\x12\x36\n\x0esecurityReport\x18\x02 \x03(\x0b\x32\x1e.Authentication.SecurityReport\x12\x14\n\x0c\x61sOfRevision\x18\x03 \x01(\x03\x12\x10\n\x08\x66romPage\x18\x04 \x01(\x03\x12\x0e\n\x06toPage\x18\x05 \x01(\x03\x12\x10\n\x08\x63omplete\x18\x06 \x01(\x08\x12\x1f\n\x17\x65nterpriseEccPrivateKey\x18\x07 \x01(\x0c\x12\x1a\n\x12hasIncrementalData\x18\x08 \x01(\x08\";\n\x1eIncrementalSecurityDataRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"\x92\x01\n\x1fIncrementalSecurityDataResponse\x12T\n\x1dsecurityReportIncrementalData\x18\x01 \x03(\x0b\x32-.Authentication.SecurityReportIncrementalData\x12\x19\n\x11\x63ontinuationToken\x18\x02 \x01(\x0c\"\'\n\x16ReusedPasswordsRequest\x12\r\n\x05\x63ount\x18\x01 \x01(\x05\">\n\x14SummaryConsoleReport\x12\x12\n\nreportType\x18\x01 \x01(\x05\x12\x12\n\nreportData\x18\x02 \x01(\x0c\"|\n\x12\x43hangeToKeyTypeOne\x12/\n\nobjectType\x18\x01 \x01(\x0e\x32\x1b.Authentication.ObjectTypes\x12\x12\n\nprimaryUid\x18\x02 \x01(\x0c\x12\x14\n\x0csecondaryUid\x18\x03 \x01(\x0c\x12\x0b\n\x03key\x18\x04 \x01(\x0c\"[\n\x19\x43hangeToKeyTypeOneRequest\x12>\n\x12\x63hangeToKeyTypeOne\x18\x01 \x03(\x0b\x32\".Authentication.ChangeToKeyTypeOne\"U\n\x18\x43hangeToKeyTypeOneStatus\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0c\n\x04type\x18\x02 \x01(\t\x12\x0e\n\x06status\x18\x03 \x01(\t\x12\x0e\n\x06reason\x18\x04 \x01(\t\"h\n\x1a\x43hangeToKeyTypeOneResponse\x12J\n\x18\x63hangeToKeyTypeOneStatus\x18\x01 \x03(\x0b\x32(.Authentication.ChangeToKeyTypeOneStatus\"\xb9\x01\n\x18GetChangeKeyTypesRequest\x12=\n\x10onlyTheseObjects\x18\x01 \x03(\x0e\x32#.Authentication.EncryptedObjectType\x12\r\n\x05limit\x18\x02 \x01(\x05\x12\x1a\n\x12includeRecommended\x18\x03 \x01(\x08\x12\x13\n\x0bincludeKeys\x18\x04 \x01(\x08\x12\x1e\n\x16includeAllowedKeyTypes\x18\x05 \x01(\x08\"\x82\x01\n\x19GetChangeKeyTypesResponse\x12+\n\x04keys\x18\x01 \x03(\x0b\x32\x1d.Authentication.ChangeKeyType\x12\x38\n\x0f\x61llowedKeyTypes\x18\x02 \x03(\x0b\x32\x1f.Authentication.AllowedKeyTypes\"\x81\x01\n\x0f\x41llowedKeyTypes\x12\x37\n\nobjectType\x18\x01 \x01(\x0e\x32#.Authentication.EncryptedObjectType\x12\x35\n\x0f\x61llowedKeyTypes\x18\x02 \x03(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"=\n\x0e\x43hangeKeyTypes\x12+\n\x04keys\x18\x01 \x03(\x0b\x32\x1d.Authentication.ChangeKeyType\"\xd6\x01\n\rChangeKeyType\x12\x37\n\nobjectType\x18\x01 \x01(\x0e\x32#.Authentication.EncryptedObjectType\x12\x0b\n\x03uid\x18\x02 \x01(\x0c\x12\x14\n\x0csecondaryUid\x18\x03 \x01(\x0c\x12\x0b\n\x03key\x18\x04 \x01(\x0c\x12-\n\x07keyType\x18\x05 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12-\n\x06status\x18\x06 \x01(\x0e\x32\x1d.Authentication.GenericStatus\"!\n\x06SetKey\x12\n\n\x02id\x18\x01 \x01(\x03\x12\x0b\n\x03key\x18\x02 \x01(\x0c\"5\n\rSetKeyRequest\x12$\n\x04keys\x18\x01 \x03(\x0b\x32\x16.Authentication.SetKey\"\x92\x05\n\x11\x43reateUserRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x14\n\x0c\x61uthVerifier\x18\x02 \x01(\x0c\x12\x18\n\x10\x65ncryptionParams\x18\x03 \x01(\x0c\x12\x14\n\x0crsaPublicKey\x18\x04 \x01(\x0c\x12\x1e\n\x16rsaEncryptedPrivateKey\x18\x05 \x01(\x0c\x12\x14\n\x0c\x65\x63\x63PublicKey\x18\x06 \x01(\x0c\x12\x1e\n\x16\x65\x63\x63\x45ncryptedPrivateKey\x18\x07 \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x08 \x01(\x0c\x12\x1a\n\x12\x65ncryptedClientKey\x18\t \x01(\x0c\x12\x15\n\rclientVersion\x18\n \x01(\t\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x0b \x01(\x0c\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x0c \x01(\x0c\x12\x19\n\x11messageSessionUid\x18\r \x01(\x0c\x12\x17\n\x0finstallReferrer\x18\x0e \x01(\t\x12\x0e\n\x06mccMNC\x18\x0f \x01(\x05\x12\x0b\n\x03mfg\x18\x10 \x01(\t\x12\r\n\x05model\x18\x11 \x01(\t\x12\r\n\x05\x62rand\x18\x12 \x01(\t\x12\x0f\n\x07product\x18\x13 \x01(\t\x12\x0e\n\x06\x64\x65vice\x18\x14 \x01(\t\x12\x0f\n\x07\x63\x61rrier\x18\x15 \x01(\t\x12\x18\n\x10verificationCode\x18\x16 \x01(\t\x12\x42\n\x16\x65nterpriseRegistration\x18\x17 \x01(\x0b\x32\".Enterprise.EnterpriseRegistration\x12\"\n\x1a\x65ncryptedVerificationToken\x18\x18 \x01(\x0c\x12\x1e\n\x16\x65nterpriseUsersDataKey\x18\x19 \x01(\x0c\"W\n!NodeEnforcementAddOrUpdateRequest\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x13\n\x0b\x65nforcement\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\"C\n\x1cNodeEnforcementRemoveRequest\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x13\n\x0b\x65nforcement\x18\x02 \x01(\t\"\x9f\x01\n\x0f\x41piRequestByKey\x12\r\n\x05keyId\x18\x01 \x01(\x05\x12\x0f\n\x07payload\x18\x02 \x01(\x0c\x12\x10\n\x08username\x18\x03 \x01(\t\x12\x0e\n\x06locale\x18\x04 \x01(\t\x12<\n\x11supportedLanguage\x18\x05 \x01(\x0e\x32!.Authentication.SupportedLanguage\x12\x0c\n\x04type\x18\x06 \x01(\x05\"\xc7\x01\n\x15\x41piRequestByKAtoKAKey\x12,\n\x0csourceRegion\x18\x01 \x01(\x0e\x32\x16.Authentication.Region\x12\x0f\n\x07payload\x18\x02 \x01(\x0c\x12<\n\x11supportedLanguage\x18\x03 \x01(\x0e\x32!.Authentication.SupportedLanguage\x12\x31\n\x11\x64\x65stinationRegion\x18\x04 \x01(\x0e\x32\x16.Authentication.Region\".\n\x0fMemcacheRequest\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x0e\n\x06userId\x18\x02 \x01(\x05\".\n\x10MemcacheResponse\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t\"w\n\x1cMasterPasswordReentryRequest\x12\x16\n\x0epbkdf2Password\x18\x01 \x01(\t\x12?\n\x06\x61\x63tion\x18\x02 \x01(\x0e\x32/.Authentication.MasterPasswordReentryActionType\"\\\n\x1dMasterPasswordReentryResponse\x12;\n\x06status\x18\x01 \x01(\x0e\x32+.Authentication.MasterPasswordReentryStatus\"\xc5\x01\n\x19\x44\x65viceRegistrationRequest\x12\x15\n\rclientVersion\x18\x01 \x01(\t\x12\x12\n\ndeviceName\x18\x02 \x01(\t\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x03 \x01(\x0c\x12\x16\n\x0e\x64\x65vicePlatform\x18\x04 \x01(\t\x12:\n\x10\x63lientFormFactor\x18\x05 \x01(\x0e\x32 .Authentication.ClientFormFactor\x12\x10\n\x08username\x18\x06 \x01(\t\"\x9a\x01\n\x19\x44\x65viceVerificationRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x1b\n\x13verificationChannel\x18\x03 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x04 \x01(\x0c\x12\x15\n\rclientVersion\x18\x05 \x01(\t\"\xb2\x01\n\x1a\x44\x65viceVerificationResponse\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x03 \x01(\x0c\x12\x15\n\rclientVersion\x18\x04 \x01(\t\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\"\xc8\x01\n\x15\x44\x65viceApprovalRequest\x12\r\n\x05\x65mail\x18\x01 \x01(\t\x12\x18\n\x10twoFactorChannel\x18\x02 \x01(\t\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x0e\n\x06locale\x18\x04 \x01(\t\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x05 \x01(\x0c\x12\x10\n\x08totpCode\x18\x06 \x01(\t\x12\x10\n\x08\x64\x65viceIp\x18\x07 \x01(\t\x12\x1d\n\x15\x64\x65viceTokenExpireDays\x18\x08 \x01(\t\"9\n\x16\x44\x65viceApprovalResponse\x12\x1f\n\x17\x65ncryptedTwoFactorToken\x18\x01 \x01(\x0c\"~\n\x14\x41pproveDeviceRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x02 \x01(\x0c\x12\x14\n\x0c\x64\x65nyApproval\x18\x03 \x01(\x08\x12\x12\n\nlinkDevice\x18\x04 \x01(\x08\"E\n\x1a\x45nterpriseUserAliasRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\r\n\x05\x61lias\x18\x02 \x01(\t\"Y\n\x1d\x45nterpriseUserAddAliasRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\r\n\x05\x61lias\x18\x02 \x01(\t\x12\x0f\n\x07primary\x18\x03 \x01(\x08\"w\n\x1f\x45nterpriseUserAddAliasRequestV2\x12T\n\x1d\x65nterpriseUserAddAliasRequest\x18\x01 \x03(\x0b\x32-.Authentication.EnterpriseUserAddAliasRequest\"H\n\x1c\x45nterpriseUserAddAliasStatus\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06status\x18\x02 \x01(\t\"^\n\x1e\x45nterpriseUserAddAliasResponse\x12<\n\x06status\x18\x01 \x03(\x0b\x32,.Authentication.EnterpriseUserAddAliasStatus\"&\n\x06\x44\x65vice\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\"\\\n\x1cRegisterDeviceDataKeyRequest\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x01 \x01(\x0c\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x02 \x01(\x0c\"n\n)ValidateCreateUserVerificationCodeRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x18\n\x10verificationCode\x18\x03 \x01(\t\"\xa3\x01\n%ValidateDeviceVerificationCodeRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x18\n\x10verificationCode\x18\x03 \x01(\t\x12\x19\n\x11messageSessionUid\x18\x04 \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x05 \x01(\x0c\"Y\n\x19SendSessionMessageRequest\x12\x19\n\x11messageSessionUid\x18\x01 \x01(\x0c\x12\x0f\n\x07\x63ommand\x18\x02 \x01(\t\x12\x10\n\x08username\x18\x03 \x01(\t\"M\n\x11GlobalUserAccount\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x12\n\naccountUid\x18\x02 \x01(\x0c\x12\x12\n\nregionName\x18\x03 \x01(\t\"7\n\x0f\x41\x63\x63ountUsername\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x12\n\ndateActive\x18\x02 \x01(\t\"P\n\x19SsoServiceProviderRequest\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x0e\n\x06locale\x18\x03 \x01(\t\"a\n\x1aSsoServiceProviderResponse\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\r\n\x05spUrl\x18\x02 \x01(\t\x12\x0f\n\x07isCloud\x18\x03 \x01(\x08\x12\x15\n\rclientVersion\x18\x04 \x01(\t\"4\n\x12UserSettingRequest\x12\x0f\n\x07setting\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t\"f\n\rThrottleState\x12*\n\x04type\x18\x01 \x01(\x0e\x32\x1c.Authentication.ThrottleType\x12\x0b\n\x03key\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\x12\r\n\x05state\x18\x04 \x01(\x08\"\xb5\x01\n\x0eThrottleState2\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x16\n\x0ekeyDescription\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\x12\x18\n\x10valueDescription\x18\x04 \x01(\t\x12\x12\n\nidentifier\x18\x05 \x01(\t\x12\x0e\n\x06locked\x18\x06 \x01(\x08\x12\x1a\n\x12includedInAllClear\x18\x07 \x01(\x08\x12\x15\n\rexpireSeconds\x18\x08 \x01(\x05\"\x97\x01\n\x11\x44\x65viceInformation\x12\x10\n\x08\x64\x65viceId\x18\x01 \x01(\x03\x12\x12\n\ndeviceName\x18\x02 \x01(\t\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x11\n\tlastLogin\x18\x04 \x01(\x03\x12\x32\n\x0c\x64\x65viceStatus\x18\x05 \x01(\x0e\x32\x1c.Authentication.DeviceStatus\"*\n\x0bUserSetting\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\x08\".\n\x12UserDataKeyRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x03(\x03\"+\n\x18UserDataKeyByNodeRequest\x12\x0f\n\x07nodeIds\x18\x01 \x03(\x03\"\x80\x01\n\x1b\x45nterpriseUserIdDataKeyPair\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x18\n\x10\x65ncryptedDataKey\x18\x02 \x01(\x0c\x12-\n\x07keyType\x18\x03 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"\x95\x01\n\x0bUserDataKey\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x0f\n\x07roleKey\x18\x02 \x01(\x0c\x12\x12\n\nprivateKey\x18\x03 \x01(\t\x12Q\n\x1c\x65nterpriseUserIdDataKeyPairs\x18\x04 \x03(\x0b\x32+.Authentication.EnterpriseUserIdDataKeyPair\"z\n\x13UserDataKeyResponse\x12\x31\n\x0cuserDataKeys\x18\x01 \x03(\x0b\x32\x1b.Authentication.UserDataKey\x12\x14\n\x0c\x61\x63\x63\x65ssDenied\x18\x02 \x03(\x03\x12\x1a\n\x12noEncryptedDataKey\x18\x03 \x03(\x03\"H\n)MasterPasswordRecoveryVerificationRequest\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\"U\n\x1cGetSecurityQuestionV3Request\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x18\n\x10verificationCode\x18\x02 \x01(\t\"r\n\x1dGetSecurityQuestionV3Response\x12\x18\n\x10securityQuestion\x18\x01 \x01(\t\x12\x15\n\rbackupKeyDate\x18\x02 \x01(\x03\x12\x0c\n\x04salt\x18\x03 \x01(\x0c\x12\x12\n\niterations\x18\x04 \x01(\x05\"n\n\x19GetDataKeyBackupV3Request\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x01 \x01(\x0c\x12\x18\n\x10verificationCode\x18\x02 \x01(\t\x12\x1a\n\x12securityAnswerHash\x18\x03 \x01(\x0c\"v\n\rPasswordRules\x12\x10\n\x08ruleType\x18\x01 \x01(\t\x12\r\n\x05match\x18\x02 \x01(\x08\x12\x0f\n\x07pattern\x18\x03 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x04 \x01(\t\x12\x0f\n\x07minimum\x18\x05 \x01(\x05\x12\r\n\x05value\x18\x06 \x01(\t\"\xc9\x02\n\x1aGetDataKeyBackupV3Response\x12\x15\n\rdataKeyBackup\x18\x01 \x01(\x0c\x12\x19\n\x11\x64\x61taKeyBackupDate\x18\x02 \x01(\x03\x12\x11\n\tpublicKey\x18\x03 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x04 \x01(\x0c\x12\x11\n\tclientKey\x18\x05 \x01(\x0c\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x06 \x01(\x0c\x12\x34\n\rpasswordRules\x18\x07 \x03(\x0b\x32\x1d.Authentication.PasswordRules\x12\x1a\n\x12passwordRulesIntro\x18\x08 \x01(\t\x12\x1f\n\x17minimumPbkdf2Iterations\x18\t \x01(\x05\x12$\n\x07keyType\x18\n \x01(\x0e\x32\x13.Enterprise.KeyType\")\n\x14GetPublicKeysRequest\x12\x11\n\tusernames\x18\x01 \x03(\t\"r\n\x11PublicKeyResponse\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x11\n\tpublicKey\x18\x02 \x01(\x0c\x12\x14\n\x0cpublicEccKey\x18\x03 \x01(\x0c\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x11\n\terrorCode\x18\x05 \x01(\t\"P\n\x15GetPublicKeysResponse\x12\x37\n\x0ckeyResponses\x18\x01 \x03(\x0b\x32!.Authentication.PublicKeyResponse\"F\n\x14SetEccKeyPairRequest\x12\x11\n\tpublicKey\x18\x01 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x02 \x01(\x0c\"I\n\x15SetEccKeyPairsRequest\x12\x30\n\x08teamKeys\x18\x01 \x03(\x0b\x32\x1e.Authentication.TeamEccKeyPair\"R\n\x16SetEccKeyPairsResponse\x12\x38\n\x08teamKeys\x18\x01 \x03(\x0b\x32&.Authentication.TeamEccKeyPairResponse\"Q\n\x0eTeamEccKeyPair\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x11\n\tpublicKey\x18\x02 \x01(\x0c\x12\x1b\n\x13\x65ncryptedPrivateKey\x18\x03 \x01(\x0c\"X\n\x16TeamEccKeyPairResponse\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12-\n\x06status\x18\x02 \x01(\x0e\x32\x1d.Authentication.GenericStatus\"D\n\x17GetKsmPublicKeysRequest\x12\x11\n\tclientIds\x18\x01 \x03(\x0c\x12\x16\n\x0e\x63ontrollerUids\x18\x02 \x03(\x0c\"U\n\x17\x44\x65vicePublicKeyResponse\x12\x10\n\x08\x63lientId\x18\x01 \x01(\x0c\x12\x11\n\tpublicKey\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\"Y\n\x18GetKsmPublicKeysResponse\x12=\n\x0ckeyResponses\x18\x01 \x03(\x0b\x32\'.Authentication.DevicePublicKeyResponse\"X\n\x13\x41\x64\x64\x41ppSharesRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12+\n\x06shares\x18\x02 \x03(\x0b\x32\x1b.Authentication.AppShareAdd\">\n\x16RemoveAppSharesRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x0e\n\x06shares\x18\x02 \x03(\x0c\"\x87\x01\n\x0b\x41ppShareAdd\x12\x11\n\tsecretUid\x18\x02 \x01(\x0c\x12\x37\n\tshareType\x18\x03 \x01(\x0e\x32$.Authentication.ApplicationShareType\x12\x1a\n\x12\x65ncryptedSecretKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x65\x64itable\x18\x05 \x01(\x08\"\x89\x01\n\x08\x41ppShare\x12\x11\n\tsecretUid\x18\x01 \x01(\x0c\x12\x37\n\tshareType\x18\x02 \x01(\x0e\x32$.Authentication.ApplicationShareType\x12\x10\n\x08\x65\x64itable\x18\x03 \x01(\x08\x12\x11\n\tcreatedOn\x18\x04 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x05 \x01(\x0c\"\xd9\x01\n\x13\x41\x64\x64\x41ppClientRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x17\n\x0f\x65ncryptedAppKey\x18\x02 \x01(\x0c\x12\x10\n\x08\x63lientId\x18\x03 \x01(\x0c\x12\x0e\n\x06lockIp\x18\x04 \x01(\x08\x12\x1b\n\x13\x66irstAccessExpireOn\x18\x05 \x01(\x03\x12\x16\n\x0e\x61\x63\x63\x65ssExpireOn\x18\x06 \x01(\x03\x12\n\n\x02id\x18\x07 \x01(\t\x12\x30\n\rappClientType\x18\x08 \x01(\x0e\x32\x19.Enterprise.AppClientType\"@\n\x17RemoveAppClientsRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x0f\n\x07\x63lients\x18\x02 \x03(\x0c\"\xaa\x01\n\x17\x41\x64\x64\x45xternalShareRequest\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x1a\n\x12\x65ncryptedRecordKey\x18\x02 \x01(\x0c\x12\x10\n\x08\x63lientId\x18\x03 \x01(\x0c\x12\x16\n\x0e\x61\x63\x63\x65ssExpireOn\x18\x04 \x01(\x03\x12\n\n\x02id\x18\x05 \x01(\t\x12\x16\n\x0eisSelfDestruct\x18\x06 \x01(\x08\x12\x12\n\nisEditable\x18\x07 \x01(\x08\"\x93\x02\n\tAppClient\x12\n\n\x02id\x18\x01 \x01(\t\x12\x10\n\x08\x63lientId\x18\x02 \x01(\x0c\x12\x11\n\tcreatedOn\x18\x03 \x01(\x03\x12\x13\n\x0b\x66irstAccess\x18\x04 \x01(\x03\x12\x12\n\nlastAccess\x18\x05 \x01(\x03\x12\x11\n\tpublicKey\x18\x06 \x01(\x0c\x12\x0e\n\x06lockIp\x18\x07 \x01(\x08\x12\x11\n\tipAddress\x18\x08 \x01(\t\x12\x1b\n\x13\x66irstAccessExpireOn\x18\t \x01(\x03\x12\x16\n\x0e\x61\x63\x63\x65ssExpireOn\x18\n \x01(\x03\x12\x30\n\rappClientType\x18\x0b \x01(\x0e\x32\x19.Enterprise.AppClientType\x12\x0f\n\x07\x63\x61nEdit\x18\x0c \x01(\x08\")\n\x11GetAppInfoRequest\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x03(\x0c\"\x8e\x01\n\x07\x41ppInfo\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12(\n\x06shares\x18\x02 \x03(\x0b\x32\x18.Authentication.AppShare\x12*\n\x07\x63lients\x18\x03 \x03(\x0b\x32\x19.Authentication.AppClient\x12\x17\n\x0fisExternalShare\x18\x04 \x01(\x08\">\n\x12GetAppInfoResponse\x12(\n\x07\x61ppInfo\x18\x01 \x03(\x0b\x32\x17.Authentication.AppInfo\"\xd5\x01\n\x12\x41pplicationSummary\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x12\n\nlastAccess\x18\x02 \x01(\x03\x12\x14\n\x0crecordShares\x18\x03 \x01(\x05\x12\x14\n\x0c\x66olderShares\x18\x04 \x01(\x05\x12\x15\n\rfolderRecords\x18\x05 \x01(\x05\x12\x13\n\x0b\x63lientCount\x18\x06 \x01(\x05\x12\x1a\n\x12\x65xpiredClientCount\x18\x07 \x01(\x05\x12\x10\n\x08username\x18\x08 \x01(\t\x12\x0f\n\x07\x61ppData\x18\t \x01(\x0c\"`\n\x1eGetApplicationsSummaryResponse\x12>\n\x12\x61pplicationSummary\x18\x01 \x03(\x0b\x32\".Authentication.ApplicationSummary\"/\n\x1bGetVerificationTokenRequest\x12\x10\n\x08username\x18\x01 \x01(\t\"B\n\x1cGetVerificationTokenResponse\x12\"\n\x1a\x65ncryptedVerificationToken\x18\x01 \x01(\x0c\"\'\n\x16SendShareInviteRequest\x12\r\n\x05\x65mail\x18\x01 \x01(\t\"\xc5\x01\n\x18TimeLimitedAccessRequest\x12\x12\n\naccountUid\x18\x01 \x03(\x0c\x12\x0f\n\x07teamUid\x18\x02 \x03(\x0c\x12\x11\n\trecordUid\x18\x03 \x03(\x0c\x12\x17\n\x0fsharedObjectUid\x18\x04 \x01(\x0c\x12\x44\n\x15timeLimitedAccessType\x18\x05 \x01(\x0e\x32%.Authentication.TimeLimitedAccessType\x12\x12\n\nexpiration\x18\x06 \x01(\x03\"7\n\x17TimeLimitedAccessStatus\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x0f\n\x07message\x18\x02 \x01(\t\"\xf8\x01\n\x19TimeLimitedAccessResponse\x12\x10\n\x08revision\x18\x01 \x01(\x03\x12\x41\n\x10userAccessStatus\x18\x02 \x03(\x0b\x32\'.Authentication.TimeLimitedAccessStatus\x12\x41\n\x10teamAccessStatus\x18\x03 \x03(\x0b\x32\'.Authentication.TimeLimitedAccessStatus\x12\x43\n\x12recordAccessStatus\x18\x04 \x03(\x0b\x32\'.Authentication.TimeLimitedAccessStatus\"+\n\x16RequestDownloadRequest\x12\x11\n\tfileNames\x18\x01 \x03(\t\"g\n\x17RequestDownloadResponse\x12\x0e\n\x06result\x18\x01 \x01(\t\x12\x0f\n\x07message\x18\x02 \x01(\t\x12+\n\tdownloads\x18\x03 \x03(\x0b\x32\x18.Authentication.Download\"D\n\x08\x44ownload\x12\x10\n\x08\x66ileName\x18\x01 \x01(\t\x12\x0b\n\x03url\x18\x02 \x01(\t\x12\x19\n\x11successStatusCode\x18\x03 \x01(\x05\"#\n\x11\x44\x65leteUserRequest\x12\x0e\n\x06reason\x18\x01 \x01(\t\"\x84\x01\n\x1b\x43hangeMasterPasswordRequest\x12\x14\n\x0c\x61uthVerifier\x18\x01 \x01(\x0c\x12\x18\n\x10\x65ncryptionParams\x18\x02 \x01(\x0c\x12\x1b\n\x13\x66romServiceProvider\x18\x03 \x01(\x08\x12\x18\n\x10iterationsChange\x18\x04 \x01(\x08\"=\n\x1c\x43hangeMasterPasswordResponse\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x01 \x01(\x0c\"Y\n\x1b\x41\x63\x63ountRecoverySetupRequest\x12 \n\x18recoveryEncryptedDataKey\x18\x01 \x01(\x0c\x12\x18\n\x10recoveryAuthHash\x18\x02 \x01(\x0c\"\xac\x01\n!AccountRecoveryVerifyCodeResponse\x12\x34\n\rbackupKeyType\x18\x01 \x01(\x0e\x32\x1d.Authentication.BackupKeyType\x12\x15\n\rbackupKeyDate\x18\x02 \x01(\x03\x12\x18\n\x10securityQuestion\x18\x03 \x01(\t\x12\x0c\n\x04salt\x18\x04 \x01(\x0c\x12\x12\n\niterations\x18\x05 \x01(\x05\",\n\x1b\x45mergencyAccessLoginRequest\x12\r\n\x05owner\x18\x01 \x01(\t\"\xb5\x01\n\x1c\x45mergencyAccessLoginResponse\x12\x14\n\x0csessionToken\x18\x01 \x01(\x0c\x12%\n\x07\x64\x61taKey\x18\x02 \x01(\x0b\x32\x14.Enterprise.TypedKey\x12+\n\rrsaPrivateKey\x18\x03 \x01(\x0b\x32\x14.Enterprise.TypedKey\x12+\n\reccPrivateKey\x18\x04 \x01(\x0b\x32\x14.Enterprise.TypedKey\"\xb2\x01\n\x0bUserTeamKey\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x18\n\x10\x65nterpriseUserId\x18\x03 \x01(\x03\x12\x1b\n\x13\x65ncryptedTeamKeyRSA\x18\x04 \x01(\x0c\x12\x1a\n\x12\x65ncryptedTeamKeyEC\x18\x05 \x01(\x0c\x12-\n\x06status\x18\x06 \x01(\x0e\x32\x1d.Authentication.GenericStatus\")\n\x16GenericRequestResponse\x12\x0f\n\x07request\x18\x01 \x03(\x0c\"f\n\x1aPasskeyRegistrationRequest\x12H\n\x17\x61uthenticatorAttachment\x18\x01 \x01(\x0e\x32\'.Authentication.AuthenticatorAttachment\"P\n\x1bPasskeyRegistrationResponse\x12\x16\n\x0e\x63hallengeToken\x18\x01 \x01(\x0c\x12\x19\n\x11pkCreationOptions\x18\x02 \x01(\t\"\x84\x01\n\x1fPasskeyRegistrationFinalization\x12\x16\n\x0e\x63hallengeToken\x18\x01 \x01(\x0c\x12\x1d\n\x15\x61uthenticatorResponse\x18\x02 \x01(\t\x12\x19\n\x0c\x66riendlyName\x18\x03 \x01(\tH\x00\x88\x01\x01\x42\x0f\n\r_friendlyName\"\xb3\x02\n\x1cPasskeyAuthenticationRequest\x12H\n\x17\x61uthenticatorAttachment\x18\x01 \x01(\x0e\x32\'.Authentication.AuthenticatorAttachment\x12\x36\n\x0epasskeyPurpose\x18\x02 \x01(\x0e\x32\x1e.Authentication.PasskeyPurpose\x12\x15\n\rclientVersion\x18\x03 \x01(\t\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x04 \x01(\x0c\x12\x15\n\x08username\x18\x05 \x01(\tH\x00\x88\x01\x01\x12 \n\x13\x65ncryptedLoginToken\x18\x06 \x01(\x0cH\x01\x88\x01\x01\x42\x0b\n\t_usernameB\x16\n\x14_encryptedLoginToken\"\x8b\x01\n\x1dPasskeyAuthenticationResponse\x12\x18\n\x10pkRequestOptions\x18\x01 \x01(\t\x12\x16\n\x0e\x63hallengeToken\x18\x02 \x01(\x0c\x12 \n\x13\x65ncryptedLoginToken\x18\x03 \x01(\x0cH\x00\x88\x01\x01\x42\x16\n\x14_encryptedLoginToken\"\xbf\x01\n\x18PasskeyValidationRequest\x12\x16\n\x0e\x63hallengeToken\x18\x01 \x01(\x0c\x12\x19\n\x11\x61ssertionResponse\x18\x02 \x01(\x0c\x12\x36\n\x0epasskeyPurpose\x18\x03 \x01(\x0e\x32\x1e.Authentication.PasskeyPurpose\x12 \n\x13\x65ncryptedLoginToken\x18\x04 \x01(\x0cH\x00\x88\x01\x01\x42\x16\n\x14_encryptedLoginToken\"I\n\x19PasskeyValidationResponse\x12\x0f\n\x07isValid\x18\x01 \x01(\x08\x12\x1b\n\x13\x65ncryptedLoginToken\x18\x02 \x01(\x0c\"h\n\x14UpdatePasskeyRequest\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x14\n\x0c\x63redentialId\x18\x02 \x01(\x0c\x12\x19\n\x0c\x66riendlyName\x18\x03 \x01(\tH\x00\x88\x01\x01\x42\x0f\n\r_friendlyName\"-\n\x12PasskeyListRequest\x12\x17\n\x0fincludeDisabled\x18\x01 \x01(\x08\"\xa4\x01\n\x0bPasskeyInfo\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x14\n\x0c\x63redentialId\x18\x02 \x01(\x0c\x12\x14\n\x0c\x66riendlyName\x18\x03 \x01(\t\x12\x0e\n\x06\x41\x41GUID\x18\x04 \x01(\t\x12\x17\n\x0f\x63reatedAtMillis\x18\x05 \x01(\x03\x12\x16\n\x0elastUsedMillis\x18\x06 \x01(\x03\x12\x18\n\x10\x64isabledAtMillis\x18\x07 \x01(\x03\"G\n\x13PasskeyListResponse\x12\x30\n\x0bpasskeyInfo\x18\x01 \x03(\x0b\x32\x1b.Authentication.PasskeyInfo\"C\n\x0fTranslationInfo\x12\x16\n\x0etranslationKey\x18\x01 \x01(\t\x12\x18\n\x10translationValue\x18\x02 \x01(\t\",\n\x12TranslationRequest\x12\x16\n\x0etranslationKey\x18\x01 \x03(\t\"O\n\x13TranslationResponse\x12\x38\n\x0ftranslationInfo\x18\x01 \x03(\x0b\x32\x1f.Authentication.TranslationInfo*\xd3\x02\n\x11SupportedLanguage\x12\x0b\n\x07\x45NGLISH\x10\x00\x12\n\n\x06\x41RABIC\x10\x01\x12\x0b\n\x07\x42RITISH\x10\x02\x12\x0b\n\x07\x43HINESE\x10\x03\x12\x15\n\x11\x43HINESE_HONG_KONG\x10\x04\x12\x12\n\x0e\x43HINESE_TAIWAN\x10\x05\x12\t\n\x05\x44UTCH\x10\x06\x12\n\n\x06\x46RENCH\x10\x07\x12\n\n\x06GERMAN\x10\x08\x12\t\n\x05GREEK\x10\t\x12\n\n\x06HEBREW\x10\n\x12\x0b\n\x07ITALIAN\x10\x0b\x12\x0c\n\x08JAPANESE\x10\x0c\x12\n\n\x06KOREAN\x10\r\x12\n\n\x06POLISH\x10\x0e\x12\x0e\n\nPORTUGUESE\x10\x0f\x12\x15\n\x11PORTUGUESE_BRAZIL\x10\x10\x12\x0c\n\x08ROMANIAN\x10\x11\x12\x0b\n\x07RUSSIAN\x10\x12\x12\n\n\x06SLOVAK\x10\x13\x12\x0b\n\x07SPANISH\x10\x14\x12\x0b\n\x07\x46INNISH\x10\x15\x12\x0b\n\x07SWEDISH\x10\x16*k\n\tLoginType\x12\n\n\x06NORMAL\x10\x00\x12\x07\n\x03SSO\x10\x01\x12\x07\n\x03\x42IO\x10\x02\x12\r\n\tALTERNATE\x10\x03\x12\x0b\n\x07OFFLINE\x10\x04\x12\x13\n\x0f\x46ORGOT_PASSWORD\x10\x05\x12\x0f\n\x0bPASSKEY_BIO\x10\x06*q\n\x0c\x44\x65viceStatus\x12\x19\n\x15\x44\x45VICE_NEEDS_APPROVAL\x10\x00\x12\r\n\tDEVICE_OK\x10\x01\x12\x1b\n\x17\x44\x45VICE_DISABLED_BY_USER\x10\x02\x12\x1a\n\x16\x44\x45VICE_LOCKED_BY_ADMIN\x10\x03*A\n\rLicenseStatus\x12\t\n\x05OTHER\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0b\n\x07\x45XPIRED\x10\x02\x12\x0c\n\x08\x44ISABLED\x10\x03*7\n\x0b\x41\x63\x63ountType\x12\x0c\n\x08\x43ONSUMER\x10\x00\x12\n\n\x06\x46\x41MILY\x10\x01\x12\x0e\n\nENTERPRISE\x10\x02*\x9f\x02\n\x10SessionTokenType\x12\x12\n\x0eNO_RESTRICTION\x10\x00\x12\x14\n\x10\x41\x43\x43OUNT_RECOVERY\x10\x01\x12\x11\n\rSHARE_ACCOUNT\x10\x02\x12\x0c\n\x08PURCHASE\x10\x03\x12\x0c\n\x08RESTRICT\x10\x04\x12\x11\n\rACCEPT_INVITE\x10\x05\x12\x12\n\x0eSUPPORT_SERVER\x10\x06\x12\x17\n\x13\x45NTERPRISE_CREATION\x10\x07\x12\x1f\n\x1b\x45XPIRED_BUT_ALLOWED_TO_SYNC\x10\x08\x12\x18\n\x14\x41\x43\x43\x45PT_FAMILY_INVITE\x10\t\x12!\n\x1d\x45NTERPRISE_CREATION_PURCHASED\x10\n\x12\x14\n\x10\x45MERGENCY_ACCESS\x10\x0b*G\n\x07Version\x12\x13\n\x0finvalid_version\x10\x00\x12\x13\n\x0f\x64\x65\x66\x61ult_version\x10\x01\x12\x12\n\x0esecond_version\x10\x02*7\n\x1fMasterPasswordReentryActionType\x12\n\n\x06UNMASK\x10\x00\x12\x08\n\x04\x43OPY\x10\x01*l\n\x0bLoginMethod\x12\x17\n\x13INVALID_LOGINMETHOD\x10\x00\x12\x14\n\x10\x45XISTING_ACCOUNT\x10\x01\x12\x0e\n\nSSO_DOMAIN\x10\x02\x12\r\n\tAFTER_SSO\x10\x03\x12\x0f\n\x0bNEW_ACCOUNT\x10\x04*\xbe\x04\n\nLoginState\x12\x16\n\x12INVALID_LOGINSTATE\x10\x00\x12\x0e\n\nLOGGED_OUT\x10\x01\x12\x1c\n\x18\x44\x45VICE_APPROVAL_REQUIRED\x10\x02\x12\x11\n\rDEVICE_LOCKED\x10\x03\x12\x12\n\x0e\x41\x43\x43OUNT_LOCKED\x10\x04\x12\x19\n\x15\x44\x45VICE_ACCOUNT_LOCKED\x10\x05\x12\x0b\n\x07UPGRADE\x10\x06\x12\x13\n\x0fLICENSE_EXPIRED\x10\x07\x12\x13\n\x0fREGION_REDIRECT\x10\x08\x12\x16\n\x12REDIRECT_CLOUD_SSO\x10\t\x12\x17\n\x13REDIRECT_ONSITE_SSO\x10\n\x12\x10\n\x0cREQUIRES_2FA\x10\x0c\x12\x16\n\x12REQUIRES_AUTH_HASH\x10\r\x12\x15\n\x11REQUIRES_USERNAME\x10\x0e\x12\x19\n\x15\x41\x46TER_CLOUD_SSO_LOGIN\x10\x0f\x12\x1d\n\x19REQUIRES_ACCOUNT_CREATION\x10\x10\x12&\n\"REQUIRES_DEVICE_ENCRYPTED_DATA_KEY\x10\x11\x12\x17\n\x13LOGIN_TOKEN_EXPIRED\x10\x12\x12\x1e\n\x1aPASSKEY_INITIATE_CHALLENGE\x10\x13\x12\x19\n\x15PASSKEY_AUTH_REQUIRED\x10\x14\x12!\n\x1dPASSKEY_VERIFY_AUTHENTICATION\x10\x15\x12\x17\n\x13\x41\x46TER_PASSKEY_LOGIN\x10\x16\x12\r\n\tLOGGED_IN\x10\x63*k\n\x14\x45ncryptedDataKeyType\x12\n\n\x06NO_KEY\x10\x00\x12\x18\n\x14\x42Y_DEVICE_PUBLIC_KEY\x10\x01\x12\x0f\n\x0b\x42Y_PASSWORD\x10\x02\x12\x10\n\x0c\x42Y_ALTERNATE\x10\x03\x12\n\n\x06\x42Y_BIO\x10\x04*-\n\x0ePasswordMethod\x12\x0b\n\x07\x45NTERED\x10\x00\x12\x0e\n\nBIOMETRICS\x10\x01*\xb9\x01\n\x11TwoFactorPushType\x12\x14\n\x10TWO_FA_PUSH_NONE\x10\x00\x12\x13\n\x0fTWO_FA_PUSH_SMS\x10\x01\x12\x16\n\x12TWO_FA_PUSH_KEEPER\x10\x02\x12\x18\n\x14TWO_FA_PUSH_DUO_PUSH\x10\x03\x12\x18\n\x14TWO_FA_PUSH_DUO_TEXT\x10\x04\x12\x18\n\x14TWO_FA_PUSH_DUO_CALL\x10\x05\x12\x13\n\x0fTWO_FA_PUSH_DNA\x10\x06*\xc3\x01\n\x12TwoFactorValueType\x12\x14\n\x10TWO_FA_CODE_NONE\x10\x00\x12\x14\n\x10TWO_FA_CODE_TOTP\x10\x01\x12\x13\n\x0fTWO_FA_CODE_SMS\x10\x02\x12\x13\n\x0fTWO_FA_CODE_DUO\x10\x03\x12\x13\n\x0fTWO_FA_CODE_RSA\x10\x04\x12\x13\n\x0fTWO_FA_RESP_U2F\x10\x05\x12\x18\n\x14TWO_FA_RESP_WEBAUTHN\x10\x06\x12\x13\n\x0fTWO_FA_CODE_DNA\x10\x07*\xe1\x01\n\x14TwoFactorChannelType\x12\x12\n\x0eTWO_FA_CT_NONE\x10\x00\x12\x12\n\x0eTWO_FA_CT_TOTP\x10\x01\x12\x11\n\rTWO_FA_CT_SMS\x10\x02\x12\x11\n\rTWO_FA_CT_DUO\x10\x03\x12\x11\n\rTWO_FA_CT_RSA\x10\x04\x12\x14\n\x10TWO_FA_CT_BACKUP\x10\x05\x12\x11\n\rTWO_FA_CT_U2F\x10\x06\x12\x16\n\x12TWO_FA_CT_WEBAUTHN\x10\x07\x12\x14\n\x10TWO_FA_CT_KEEPER\x10\x08\x12\x11\n\rTWO_FA_CT_DNA\x10\t*\xab\x01\n\x13TwoFactorExpiration\x12\x1a\n\x16TWO_FA_EXP_IMMEDIATELY\x10\x00\x12\x18\n\x14TWO_FA_EXP_5_MINUTES\x10\x01\x12\x17\n\x13TWO_FA_EXP_12_HOURS\x10\x02\x12\x17\n\x13TWO_FA_EXP_24_HOURS\x10\x03\x12\x16\n\x12TWO_FA_EXP_30_DAYS\x10\x04\x12\x14\n\x10TWO_FA_EXP_NEVER\x10\x05*@\n\x0bLicenseType\x12\t\n\x05VAULT\x10\x00\x12\x08\n\x04\x43HAT\x10\x01\x12\x0b\n\x07STORAGE\x10\x02\x12\x0f\n\x0b\x42REACHWATCH\x10\x03*i\n\x0bObjectTypes\x12\n\n\x06RECORD\x10\x00\x12\x16\n\x12SHARED_FOLDER_USER\x10\x01\x12\x16\n\x12SHARED_FOLDER_TEAM\x10\x02\x12\x0f\n\x0bUSER_FOLDER\x10\x03\x12\r\n\tTEAM_USER\x10\x04*\xa1\x02\n\x13\x45ncryptedObjectType\x12\x13\n\x0f\x45OT_UNSPECIFIED\x10\x00\x12\x12\n\x0e\x45OT_RECORD_KEY\x10\x01\x12\x1e\n\x1a\x45OT_SHARED_FOLDER_USER_KEY\x10\x02\x12\x1e\n\x1a\x45OT_SHARED_FOLDER_TEAM_KEY\x10\x03\x12\x15\n\x11\x45OT_TEAM_USER_KEY\x10\x04\x12\x17\n\x13\x45OT_USER_FOLDER_KEY\x10\x05\x12\x15\n\x11\x45OT_SECURITY_DATA\x10\x06\x12%\n!EOT_SECURITY_DATA_MASTER_PASSWORD\x10\x07\x12\x1c\n\x18\x45OT_EMERGENCY_ACCESS_KEY\x10\x08\x12\x15\n\x11\x45OT_V2_RECORD_KEY\x10\t*M\n\x1bMasterPasswordReentryStatus\x12\x0e\n\nMP_UNKNOWN\x10\x00\x12\x0e\n\nMP_SUCCESS\x10\x01\x12\x0e\n\nMP_FAILURE\x10\x02*`\n\x1b\x41lternateAuthenticationType\x12\x1d\n\x19\x41LTERNATE_MASTER_PASSWORD\x10\x00\x12\r\n\tBIOMETRIC\x10\x01\x12\x13\n\x0f\x41\x43\x43OUNT_RECOVER\x10\x02*\x9a\x02\n\x0cThrottleType\x12\x1b\n\x17PASSWORD_RETRY_THROTTLE\x10\x00\x12\"\n\x1ePASSWORD_RETRY_LEGACY_THROTTLE\x10\x01\x12\x13\n\x0fTWO_FA_THROTTLE\x10\x02\x12\x1a\n\x16TWO_FA_LEGACY_THROTTLE\x10\x03\x12\x15\n\x11QA_RETRY_THROTTLE\x10\x04\x12\x1c\n\x18\x41\x43\x43OUNT_RECOVER_THROTTLE\x10\x05\x12.\n*VALIDATE_DEVICE_VERIFICATION_CODE_THROTTLE\x10\x06\x12\x33\n/VALIDATE_CREATE_USER_VERIFICATION_CODE_THROTTLE\x10\x07*H\n\x06Region\x12\x0b\n\x07UNKNOWN\x10\x00\x12\x06\n\x02\x65u\x10\x01\x12\x06\n\x02us\x10\x02\x12\t\n\x05usgov\x10\x03\x12\x06\n\x02\x61u\x10\x04\x12\x06\n\x02jp\x10\x05\x12\x06\n\x02\x63\x61\x10\x06*D\n\x14\x41pplicationShareType\x12\x15\n\x11SHARE_TYPE_RECORD\x10\x00\x12\x15\n\x11SHARE_TYPE_FOLDER\x10\x01*\xa4\x01\n\x15TimeLimitedAccessType\x12$\n INVALID_TIME_LIMITED_ACCESS_TYPE\x10\x00\x12\x19\n\x15USER_ACCESS_TO_RECORD\x10\x01\x12\'\n#USER_OR_TEAM_ACCESS_TO_SHAREDFOLDER\x10\x02\x12!\n\x1dRECORD_ACCESS_TO_SHAREDFOLDER\x10\x03*<\n\rBackupKeyType\x12\x12\n\x0e\x42KT_SEC_ANSWER\x10\x00\x12\x17\n\x13\x42KT_PASSPHRASE_HASH\x10\x01*W\n\rGenericStatus\x12\x0b\n\x07SUCCESS\x10\x00\x12\x12\n\x0eINVALID_OBJECT\x10\x01\x12\x12\n\x0e\x41LREADY_EXISTS\x10\x02\x12\x11\n\rACCESS_DENIED\x10\x03*N\n\x17\x41uthenticatorAttachment\x12\x12\n\x0e\x43ROSS_PLATFORM\x10\x00\x12\x0c\n\x08PLATFORM\x10\x01\x12\x11\n\rALL_SUPPORTED\x10\x02*-\n\x0ePasskeyPurpose\x12\x0c\n\x08PK_LOGIN\x10\x00\x12\r\n\tPK_REAUTH\x10\x01*K\n\x10\x43lientFormFactor\x12\x0c\n\x08\x46\x46_EMPTY\x10\x00\x12\x0c\n\x08\x46\x46_PHONE\x10\x01\x12\r\n\tFF_TABLET\x10\x02\x12\x0c\n\x08\x46\x46_WATCH\x10\x03\x42*\n\x18\x63om.keepersecurity.protoB\x0e\x41uthenticationb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -25,402 +33,404 @@ if not _descriptor._USE_C_DESCRIPTORS: _globals['DESCRIPTOR']._loaded_options = None _globals['DESCRIPTOR']._serialized_options = b'\n\030com.keepersecurity.protoB\016Authentication' - _globals['_SUPPORTEDLANGUAGE']._serialized_start=21295 - _globals['_SUPPORTEDLANGUAGE']._serialized_end=21634 - _globals['_LOGINTYPE']._serialized_start=21636 - _globals['_LOGINTYPE']._serialized_end=21743 - _globals['_DEVICESTATUS']._serialized_start=21745 - _globals['_DEVICESTATUS']._serialized_end=21858 - _globals['_LICENSESTATUS']._serialized_start=21860 - _globals['_LICENSESTATUS']._serialized_end=21925 - _globals['_ACCOUNTTYPE']._serialized_start=21927 - _globals['_ACCOUNTTYPE']._serialized_end=21982 - _globals['_SESSIONTOKENTYPE']._serialized_start=21985 - _globals['_SESSIONTOKENTYPE']._serialized_end=22272 - _globals['_VERSION']._serialized_start=22274 - _globals['_VERSION']._serialized_end=22345 - _globals['_MASTERPASSWORDREENTRYACTIONTYPE']._serialized_start=22347 - _globals['_MASTERPASSWORDREENTRYACTIONTYPE']._serialized_end=22402 - _globals['_LOGINMETHOD']._serialized_start=22404 - _globals['_LOGINMETHOD']._serialized_end=22512 - _globals['_LOGINSTATE']._serialized_start=22515 - _globals['_LOGINSTATE']._serialized_end=23089 - _globals['_ENCRYPTEDDATAKEYTYPE']._serialized_start=23091 - _globals['_ENCRYPTEDDATAKEYTYPE']._serialized_end=23198 - _globals['_PASSWORDMETHOD']._serialized_start=23200 - _globals['_PASSWORDMETHOD']._serialized_end=23245 - _globals['_TWOFACTORPUSHTYPE']._serialized_start=23248 - _globals['_TWOFACTORPUSHTYPE']._serialized_end=23433 - _globals['_TWOFACTORVALUETYPE']._serialized_start=23436 - _globals['_TWOFACTORVALUETYPE']._serialized_end=23631 - _globals['_TWOFACTORCHANNELTYPE']._serialized_start=23634 - _globals['_TWOFACTORCHANNELTYPE']._serialized_end=23859 - _globals['_TWOFACTOREXPIRATION']._serialized_start=23862 - _globals['_TWOFACTOREXPIRATION']._serialized_end=24033 - _globals['_LICENSETYPE']._serialized_start=24035 - _globals['_LICENSETYPE']._serialized_end=24099 - _globals['_OBJECTTYPES']._serialized_start=24101 - _globals['_OBJECTTYPES']._serialized_end=24206 - _globals['_ENCRYPTEDOBJECTTYPE']._serialized_start=24209 - _globals['_ENCRYPTEDOBJECTTYPE']._serialized_end=24498 - _globals['_MASTERPASSWORDREENTRYSTATUS']._serialized_start=24500 - _globals['_MASTERPASSWORDREENTRYSTATUS']._serialized_end=24577 - _globals['_ALTERNATEAUTHENTICATIONTYPE']._serialized_start=24579 - _globals['_ALTERNATEAUTHENTICATIONTYPE']._serialized_end=24675 - _globals['_THROTTLETYPE']._serialized_start=24678 - _globals['_THROTTLETYPE']._serialized_end=24960 - _globals['_REGION']._serialized_start=24962 - _globals['_REGION']._serialized_end=25034 - _globals['_APPLICATIONSHARETYPE']._serialized_start=25036 - _globals['_APPLICATIONSHARETYPE']._serialized_end=25104 - _globals['_TIMELIMITEDACCESSTYPE']._serialized_start=25107 - _globals['_TIMELIMITEDACCESSTYPE']._serialized_end=25271 - _globals['_BACKUPKEYTYPE']._serialized_start=25273 - _globals['_BACKUPKEYTYPE']._serialized_end=25333 - _globals['_GENERICSTATUS']._serialized_start=25335 - _globals['_GENERICSTATUS']._serialized_end=25422 - _globals['_AUTHENTICATORATTACHMENT']._serialized_start=25424 - _globals['_AUTHENTICATORATTACHMENT']._serialized_end=25502 - _globals['_PASSKEYPURPOSE']._serialized_start=25504 - _globals['_PASSKEYPURPOSE']._serialized_end=25549 - _globals['_CLIENTFORMFACTOR']._serialized_start=25551 - _globals['_CLIENTFORMFACTOR']._serialized_end=25626 - _globals['_APIREQUEST']._serialized_start=55 - _globals['_APIREQUEST']._serialized_end=231 - _globals['_APIREQUESTPAYLOAD']._serialized_start=233 - _globals['_APIREQUESTPAYLOAD']._serialized_end=339 - _globals['_TRANSFORM']._serialized_start=341 - _globals['_TRANSFORM']._serialized_end=395 - _globals['_DEVICEREQUEST']._serialized_start=398 - _globals['_DEVICEREQUEST']._serialized_end=558 - _globals['_AUTHREQUEST']._serialized_start=560 - _globals['_AUTHREQUEST']._serialized_end=644 - _globals['_NEWUSERMINIMUMPARAMS']._serialized_start=647 - _globals['_NEWUSERMINIMUMPARAMS']._serialized_end=842 - _globals['_PRELOGINREQUEST']._serialized_start=845 - _globals['_PRELOGINREQUEST']._serialized_end=982 - _globals['_LOGINREQUEST']._serialized_start=985 - _globals['_LOGINREQUEST']._serialized_end=1241 - _globals['_DEVICERESPONSE']._serialized_start=1243 - _globals['_DEVICERESPONSE']._serialized_end=1335 - _globals['_SALT']._serialized_start=1337 - _globals['_SALT']._serialized_end=1423 - _globals['_TWOFACTORCHANNEL']._serialized_start=1425 - _globals['_TWOFACTORCHANNEL']._serialized_end=1457 - _globals['_STARTLOGINREQUEST']._serialized_start=1460 - _globals['_STARTLOGINREQUEST']._serialized_end=1840 - _globals['_LOGINRESPONSE']._serialized_start=1843 - _globals['_LOGINRESPONSE']._serialized_end=2394 - _globals['_SWITCHLISTELEMENT']._serialized_start=2396 - _globals['_SWITCHLISTELEMENT']._serialized_end=2491 - _globals['_SWITCHLISTRESPONSE']._serialized_start=2493 - _globals['_SWITCHLISTRESPONSE']._serialized_end=2566 - _globals['_SSOUSERINFO']._serialized_start=2569 - _globals['_SSOUSERINFO']._serialized_end=2709 - _globals['_PRELOGINRESPONSE']._serialized_start=2712 - _globals['_PRELOGINRESPONSE']._serialized_end=2926 - _globals['_LOGINASUSERREQUEST']._serialized_start=2928 - _globals['_LOGINASUSERREQUEST']._serialized_end=2966 - _globals['_LOGINASUSERRESPONSE']._serialized_start=2968 - _globals['_LOGINASUSERRESPONSE']._serialized_end=3055 - _globals['_VALIDATEAUTHHASHREQUEST']._serialized_start=3058 - _globals['_VALIDATEAUTHHASHREQUEST']._serialized_end=3190 - _globals['_TWOFACTORCHANNELINFO']._serialized_start=3193 - _globals['_TWOFACTORCHANNELINFO']._serialized_end=3517 - _globals['_TWOFACTORDUOSTATUS']._serialized_start=3519 - _globals['_TWOFACTORDUOSTATUS']._serialized_end=3619 - _globals['_TWOFACTORADDREQUEST']._serialized_start=3622 - _globals['_TWOFACTORADDREQUEST']._serialized_end=3821 - _globals['_TWOFACTORRENAMEREQUEST']._serialized_start=3823 - _globals['_TWOFACTORRENAMEREQUEST']._serialized_end=3889 - _globals['_TWOFACTORADDRESPONSE']._serialized_start=3891 - _globals['_TWOFACTORADDRESPONSE']._serialized_end=3952 - _globals['_TWOFACTORDELETEREQUEST']._serialized_start=3954 - _globals['_TWOFACTORDELETEREQUEST']._serialized_end=3999 - _globals['_TWOFACTORLISTRESPONSE']._serialized_start=4001 - _globals['_TWOFACTORLISTRESPONSE']._serialized_end=4098 - _globals['_TWOFACTORUPDATEEXPIRATIONREQUEST']._serialized_start=4100 - _globals['_TWOFACTORUPDATEEXPIRATIONREQUEST']._serialized_end=4189 - _globals['_TWOFACTORVALIDATEREQUEST']._serialized_start=4192 - _globals['_TWOFACTORVALIDATEREQUEST']._serialized_end=4393 - _globals['_TWOFACTORVALIDATERESPONSE']._serialized_start=4395 - _globals['_TWOFACTORVALIDATERESPONSE']._serialized_end=4451 - _globals['_TWOFACTORSENDPUSHREQUEST']._serialized_start=4454 - _globals['_TWOFACTORSENDPUSHREQUEST']._serialized_end=4638 - _globals['_LICENSE']._serialized_start=4641 - _globals['_LICENSE']._serialized_end=4772 - _globals['_OWNERLESSRECORD']._serialized_start=4774 - _globals['_OWNERLESSRECORD']._serialized_end=4845 - _globals['_OWNERLESSRECORDS']._serialized_start=4847 - _globals['_OWNERLESSRECORDS']._serialized_end=4923 - _globals['_USERAUTHREQUEST']._serialized_start=4926 - _globals['_USERAUTHREQUEST']._serialized_end=5141 - _globals['_UIDREQUEST']._serialized_start=5143 - _globals['_UIDREQUEST']._serialized_end=5168 - _globals['_DEVICEUPDATEREQUEST']._serialized_start=5171 - _globals['_DEVICEUPDATEREQUEST']._serialized_end=5426 - _globals['_DEVICEUPDATERESPONSE']._serialized_start=5429 - _globals['_DEVICEUPDATERESPONSE']._serialized_end=5685 - _globals['_REGISTERDEVICEINREGIONREQUEST']._serialized_start=5688 - _globals['_REGISTERDEVICEINREGIONREQUEST']._serialized_end=5901 - _globals['_REGISTRATIONREQUEST']._serialized_start=5904 - _globals['_REGISTRATIONREQUEST']._serialized_end=6280 - _globals['_CONVERTUSERTOV3REQUEST']._serialized_start=6283 - _globals['_CONVERTUSERTOV3REQUEST']._serialized_end=6491 - _globals['_REVISIONRESPONSE']._serialized_start=6493 - _globals['_REVISIONRESPONSE']._serialized_end=6529 - _globals['_CHANGEEMAILREQUEST']._serialized_start=6531 - _globals['_CHANGEEMAILREQUEST']._serialized_end=6569 - _globals['_CHANGEEMAILRESPONSE']._serialized_start=6571 - _globals['_CHANGEEMAILRESPONSE']._serialized_end=6627 - _globals['_EMAILVERIFICATIONLINKRESPONSE']._serialized_start=6629 - _globals['_EMAILVERIFICATIONLINKRESPONSE']._serialized_end=6683 - _globals['_SECURITYDATA']._serialized_start=6685 - _globals['_SECURITYDATA']._serialized_end=6726 - _globals['_SECURITYSCOREDATA']._serialized_start=6728 - _globals['_SECURITYSCOREDATA']._serialized_end=6792 - _globals['_SECURITYDATAREQUEST']._serialized_start=6795 - _globals['_SECURITYDATAREQUEST']._serialized_end=7062 - _globals['_SECURITYREPORTINCREMENTALDATA']._serialized_start=7065 - _globals['_SECURITYREPORTINCREMENTALDATA']._serialized_end=7391 - _globals['_SECURITYREPORT']._serialized_start=7394 - _globals['_SECURITYREPORT']._serialized_end=7681 - _globals['_SECURITYREPORTSAVEREQUEST']._serialized_start=7683 - _globals['_SECURITYREPORTSAVEREQUEST']._serialized_end=7793 - _globals['_SECURITYREPORTREQUEST']._serialized_start=7795 - _globals['_SECURITYREPORTREQUEST']._serialized_end=7836 - _globals['_SECURITYREPORTRESPONSE']._serialized_start=7839 - _globals['_SECURITYREPORTRESPONSE']._serialized_end=8084 - _globals['_INCREMENTALSECURITYDATAREQUEST']._serialized_start=8086 - _globals['_INCREMENTALSECURITYDATAREQUEST']._serialized_end=8145 - _globals['_INCREMENTALSECURITYDATARESPONSE']._serialized_start=8148 - _globals['_INCREMENTALSECURITYDATARESPONSE']._serialized_end=8294 - _globals['_REUSEDPASSWORDSREQUEST']._serialized_start=8296 - _globals['_REUSEDPASSWORDSREQUEST']._serialized_end=8335 - _globals['_SUMMARYCONSOLEREPORT']._serialized_start=8337 - _globals['_SUMMARYCONSOLEREPORT']._serialized_end=8399 - _globals['_CHANGETOKEYTYPEONE']._serialized_start=8401 - _globals['_CHANGETOKEYTYPEONE']._serialized_end=8525 - _globals['_CHANGETOKEYTYPEONEREQUEST']._serialized_start=8527 - _globals['_CHANGETOKEYTYPEONEREQUEST']._serialized_end=8618 - _globals['_CHANGETOKEYTYPEONESTATUS']._serialized_start=8620 - _globals['_CHANGETOKEYTYPEONESTATUS']._serialized_end=8705 - _globals['_CHANGETOKEYTYPEONERESPONSE']._serialized_start=8707 - _globals['_CHANGETOKEYTYPEONERESPONSE']._serialized_end=8811 - _globals['_GETCHANGEKEYTYPESREQUEST']._serialized_start=8814 - _globals['_GETCHANGEKEYTYPESREQUEST']._serialized_end=8999 - _globals['_GETCHANGEKEYTYPESRESPONSE']._serialized_start=9002 - _globals['_GETCHANGEKEYTYPESRESPONSE']._serialized_end=9132 - _globals['_ALLOWEDKEYTYPES']._serialized_start=9135 - _globals['_ALLOWEDKEYTYPES']._serialized_end=9264 - _globals['_CHANGEKEYTYPES']._serialized_start=9266 - _globals['_CHANGEKEYTYPES']._serialized_end=9327 - _globals['_CHANGEKEYTYPE']._serialized_start=9330 - _globals['_CHANGEKEYTYPE']._serialized_end=9544 - _globals['_SETKEY']._serialized_start=9546 - _globals['_SETKEY']._serialized_end=9579 - _globals['_SETKEYREQUEST']._serialized_start=9581 - _globals['_SETKEYREQUEST']._serialized_end=9634 - _globals['_CREATEUSERREQUEST']._serialized_start=9637 - _globals['_CREATEUSERREQUEST']._serialized_end=10295 - _globals['_NODEENFORCEMENTADDORUPDATEREQUEST']._serialized_start=10297 - _globals['_NODEENFORCEMENTADDORUPDATEREQUEST']._serialized_end=10384 - _globals['_NODEENFORCEMENTREMOVEREQUEST']._serialized_start=10386 - _globals['_NODEENFORCEMENTREMOVEREQUEST']._serialized_end=10453 - _globals['_APIREQUESTBYKEY']._serialized_start=10456 - _globals['_APIREQUESTBYKEY']._serialized_end=10615 - _globals['_APIREQUESTBYKATOKAKEY']._serialized_start=10618 - _globals['_APIREQUESTBYKATOKAKEY']._serialized_end=10817 - _globals['_MEMCACHEREQUEST']._serialized_start=10819 - _globals['_MEMCACHEREQUEST']._serialized_end=10865 - _globals['_MEMCACHERESPONSE']._serialized_start=10867 - _globals['_MEMCACHERESPONSE']._serialized_end=10913 - _globals['_MASTERPASSWORDREENTRYREQUEST']._serialized_start=10915 - _globals['_MASTERPASSWORDREENTRYREQUEST']._serialized_end=11034 - _globals['_MASTERPASSWORDREENTRYRESPONSE']._serialized_start=11036 - _globals['_MASTERPASSWORDREENTRYRESPONSE']._serialized_end=11128 - _globals['_DEVICEREGISTRATIONREQUEST']._serialized_start=11131 - _globals['_DEVICEREGISTRATIONREQUEST']._serialized_end=11310 - _globals['_DEVICEVERIFICATIONREQUEST']._serialized_start=11313 - _globals['_DEVICEVERIFICATIONREQUEST']._serialized_end=11467 - _globals['_DEVICEVERIFICATIONRESPONSE']._serialized_start=11470 - _globals['_DEVICEVERIFICATIONRESPONSE']._serialized_end=11648 - _globals['_DEVICEAPPROVALREQUEST']._serialized_start=11651 - _globals['_DEVICEAPPROVALREQUEST']._serialized_end=11851 - _globals['_DEVICEAPPROVALRESPONSE']._serialized_start=11853 - _globals['_DEVICEAPPROVALRESPONSE']._serialized_end=11910 - _globals['_APPROVEDEVICEREQUEST']._serialized_start=11912 - _globals['_APPROVEDEVICEREQUEST']._serialized_end=12038 - _globals['_ENTERPRISEUSERALIASREQUEST']._serialized_start=12040 - _globals['_ENTERPRISEUSERALIASREQUEST']._serialized_end=12109 - _globals['_ENTERPRISEUSERADDALIASREQUEST']._serialized_start=12111 - _globals['_ENTERPRISEUSERADDALIASREQUEST']._serialized_end=12200 - _globals['_ENTERPRISEUSERADDALIASREQUESTV2']._serialized_start=12202 - _globals['_ENTERPRISEUSERADDALIASREQUESTV2']._serialized_end=12321 - _globals['_ENTERPRISEUSERADDALIASSTATUS']._serialized_start=12323 - _globals['_ENTERPRISEUSERADDALIASSTATUS']._serialized_end=12395 - _globals['_ENTERPRISEUSERADDALIASRESPONSE']._serialized_start=12397 - _globals['_ENTERPRISEUSERADDALIASRESPONSE']._serialized_end=12491 - _globals['_DEVICE']._serialized_start=12493 - _globals['_DEVICE']._serialized_end=12531 - _globals['_REGISTERDEVICEDATAKEYREQUEST']._serialized_start=12533 - _globals['_REGISTERDEVICEDATAKEYREQUEST']._serialized_end=12625 - _globals['_VALIDATECREATEUSERVERIFICATIONCODEREQUEST']._serialized_start=12627 - _globals['_VALIDATECREATEUSERVERIFICATIONCODEREQUEST']._serialized_end=12737 - _globals['_VALIDATEDEVICEVERIFICATIONCODEREQUEST']._serialized_start=12740 - _globals['_VALIDATEDEVICEVERIFICATIONCODEREQUEST']._serialized_end=12903 - _globals['_SENDSESSIONMESSAGEREQUEST']._serialized_start=12905 - _globals['_SENDSESSIONMESSAGEREQUEST']._serialized_end=12994 - _globals['_GLOBALUSERACCOUNT']._serialized_start=12996 - _globals['_GLOBALUSERACCOUNT']._serialized_end=13073 - _globals['_ACCOUNTUSERNAME']._serialized_start=13075 - _globals['_ACCOUNTUSERNAME']._serialized_end=13130 - _globals['_SSOSERVICEPROVIDERREQUEST']._serialized_start=13132 - _globals['_SSOSERVICEPROVIDERREQUEST']._serialized_end=13212 - _globals['_SSOSERVICEPROVIDERRESPONSE']._serialized_start=13214 - _globals['_SSOSERVICEPROVIDERRESPONSE']._serialized_end=13311 - _globals['_USERSETTINGREQUEST']._serialized_start=13313 - _globals['_USERSETTINGREQUEST']._serialized_end=13365 - _globals['_THROTTLESTATE']._serialized_start=13367 - _globals['_THROTTLESTATE']._serialized_end=13469 - _globals['_THROTTLESTATE2']._serialized_start=13472 - _globals['_THROTTLESTATE2']._serialized_end=13653 - _globals['_DEVICEINFORMATION']._serialized_start=13656 - _globals['_DEVICEINFORMATION']._serialized_end=13807 - _globals['_USERSETTING']._serialized_start=13809 - _globals['_USERSETTING']._serialized_end=13851 - _globals['_USERDATAKEYREQUEST']._serialized_start=13853 - _globals['_USERDATAKEYREQUEST']._serialized_end=13899 - _globals['_USERDATAKEYBYNODEREQUEST']._serialized_start=13901 - _globals['_USERDATAKEYBYNODEREQUEST']._serialized_end=13944 - _globals['_ENTERPRISEUSERIDDATAKEYPAIR']._serialized_start=13947 - _globals['_ENTERPRISEUSERIDDATAKEYPAIR']._serialized_end=14075 - _globals['_USERDATAKEY']._serialized_start=14078 - _globals['_USERDATAKEY']._serialized_end=14227 - _globals['_USERDATAKEYRESPONSE']._serialized_start=14229 - _globals['_USERDATAKEYRESPONSE']._serialized_end=14351 - _globals['_MASTERPASSWORDRECOVERYVERIFICATIONREQUEST']._serialized_start=14353 - _globals['_MASTERPASSWORDRECOVERYVERIFICATIONREQUEST']._serialized_end=14425 - _globals['_GETSECURITYQUESTIONV3REQUEST']._serialized_start=14427 - _globals['_GETSECURITYQUESTIONV3REQUEST']._serialized_end=14512 - _globals['_GETSECURITYQUESTIONV3RESPONSE']._serialized_start=14514 - _globals['_GETSECURITYQUESTIONV3RESPONSE']._serialized_end=14628 - _globals['_GETDATAKEYBACKUPV3REQUEST']._serialized_start=14630 - _globals['_GETDATAKEYBACKUPV3REQUEST']._serialized_end=14740 - _globals['_PASSWORDRULES']._serialized_start=14742 - _globals['_PASSWORDRULES']._serialized_end=14860 - _globals['_GETDATAKEYBACKUPV3RESPONSE']._serialized_start=14863 - _globals['_GETDATAKEYBACKUPV3RESPONSE']._serialized_end=15192 - _globals['_GETPUBLICKEYSREQUEST']._serialized_start=15194 - _globals['_GETPUBLICKEYSREQUEST']._serialized_end=15235 - _globals['_PUBLICKEYRESPONSE']._serialized_start=15237 - _globals['_PUBLICKEYRESPONSE']._serialized_end=15351 - _globals['_GETPUBLICKEYSRESPONSE']._serialized_start=15353 - _globals['_GETPUBLICKEYSRESPONSE']._serialized_end=15433 - _globals['_SETECCKEYPAIRREQUEST']._serialized_start=15435 - _globals['_SETECCKEYPAIRREQUEST']._serialized_end=15505 - _globals['_SETECCKEYPAIRSREQUEST']._serialized_start=15507 - _globals['_SETECCKEYPAIRSREQUEST']._serialized_end=15580 - _globals['_SETECCKEYPAIRSRESPONSE']._serialized_start=15582 - _globals['_SETECCKEYPAIRSRESPONSE']._serialized_end=15664 - _globals['_TEAMECCKEYPAIR']._serialized_start=15666 - _globals['_TEAMECCKEYPAIR']._serialized_end=15747 - _globals['_TEAMECCKEYPAIRRESPONSE']._serialized_start=15749 - _globals['_TEAMECCKEYPAIRRESPONSE']._serialized_end=15837 - _globals['_GETKSMPUBLICKEYSREQUEST']._serialized_start=15839 - _globals['_GETKSMPUBLICKEYSREQUEST']._serialized_end=15907 - _globals['_DEVICEPUBLICKEYRESPONSE']._serialized_start=15909 - _globals['_DEVICEPUBLICKEYRESPONSE']._serialized_end=15994 - _globals['_GETKSMPUBLICKEYSRESPONSE']._serialized_start=15996 - _globals['_GETKSMPUBLICKEYSRESPONSE']._serialized_end=16085 - _globals['_ADDAPPSHARESREQUEST']._serialized_start=16087 - _globals['_ADDAPPSHARESREQUEST']._serialized_end=16175 - _globals['_REMOVEAPPSHARESREQUEST']._serialized_start=16177 - _globals['_REMOVEAPPSHARESREQUEST']._serialized_end=16239 - _globals['_APPSHAREADD']._serialized_start=16242 - _globals['_APPSHAREADD']._serialized_end=16377 - _globals['_APPSHARE']._serialized_start=16380 - _globals['_APPSHARE']._serialized_end=16517 - _globals['_ADDAPPCLIENTREQUEST']._serialized_start=16520 - _globals['_ADDAPPCLIENTREQUEST']._serialized_end=16737 - _globals['_REMOVEAPPCLIENTSREQUEST']._serialized_start=16739 - _globals['_REMOVEAPPCLIENTSREQUEST']._serialized_end=16803 - _globals['_ADDEXTERNALSHAREREQUEST']._serialized_start=16806 - _globals['_ADDEXTERNALSHAREREQUEST']._serialized_end=16976 - _globals['_APPCLIENT']._serialized_start=16979 - _globals['_APPCLIENT']._serialized_end=17254 - _globals['_GETAPPINFOREQUEST']._serialized_start=17256 - _globals['_GETAPPINFOREQUEST']._serialized_end=17297 - _globals['_APPINFO']._serialized_start=17300 - _globals['_APPINFO']._serialized_end=17442 - _globals['_GETAPPINFORESPONSE']._serialized_start=17444 - _globals['_GETAPPINFORESPONSE']._serialized_end=17506 - _globals['_APPLICATIONSUMMARY']._serialized_start=17509 - _globals['_APPLICATIONSUMMARY']._serialized_end=17722 - _globals['_GETAPPLICATIONSSUMMARYRESPONSE']._serialized_start=17724 - _globals['_GETAPPLICATIONSSUMMARYRESPONSE']._serialized_end=17820 - _globals['_GETVERIFICATIONTOKENREQUEST']._serialized_start=17822 - _globals['_GETVERIFICATIONTOKENREQUEST']._serialized_end=17869 - _globals['_GETVERIFICATIONTOKENRESPONSE']._serialized_start=17871 - _globals['_GETVERIFICATIONTOKENRESPONSE']._serialized_end=17937 - _globals['_SENDSHAREINVITEREQUEST']._serialized_start=17939 - _globals['_SENDSHAREINVITEREQUEST']._serialized_end=17978 - _globals['_TIMELIMITEDACCESSREQUEST']._serialized_start=17981 - _globals['_TIMELIMITEDACCESSREQUEST']._serialized_end=18178 - _globals['_TIMELIMITEDACCESSSTATUS']._serialized_start=18180 - _globals['_TIMELIMITEDACCESSSTATUS']._serialized_end=18235 - _globals['_TIMELIMITEDACCESSRESPONSE']._serialized_start=18238 - _globals['_TIMELIMITEDACCESSRESPONSE']._serialized_end=18486 - _globals['_REQUESTDOWNLOADREQUEST']._serialized_start=18488 - _globals['_REQUESTDOWNLOADREQUEST']._serialized_end=18531 - _globals['_REQUESTDOWNLOADRESPONSE']._serialized_start=18533 - _globals['_REQUESTDOWNLOADRESPONSE']._serialized_end=18636 - _globals['_DOWNLOAD']._serialized_start=18638 - _globals['_DOWNLOAD']._serialized_end=18706 - _globals['_DELETEUSERREQUEST']._serialized_start=18708 - _globals['_DELETEUSERREQUEST']._serialized_end=18743 - _globals['_CHANGEMASTERPASSWORDREQUEST']._serialized_start=18746 - _globals['_CHANGEMASTERPASSWORDREQUEST']._serialized_end=18878 - _globals['_CHANGEMASTERPASSWORDRESPONSE']._serialized_start=18880 - _globals['_CHANGEMASTERPASSWORDRESPONSE']._serialized_end=18941 - _globals['_ACCOUNTRECOVERYSETUPREQUEST']._serialized_start=18943 - _globals['_ACCOUNTRECOVERYSETUPREQUEST']._serialized_end=19032 - _globals['_ACCOUNTRECOVERYVERIFYCODERESPONSE']._serialized_start=19035 - _globals['_ACCOUNTRECOVERYVERIFYCODERESPONSE']._serialized_end=19207 - _globals['_EMERGENCYACCESSLOGINREQUEST']._serialized_start=19209 - _globals['_EMERGENCYACCESSLOGINREQUEST']._serialized_end=19253 - _globals['_EMERGENCYACCESSLOGINRESPONSE']._serialized_start=19256 - _globals['_EMERGENCYACCESSLOGINRESPONSE']._serialized_end=19437 - _globals['_USERTEAMKEY']._serialized_start=19440 - _globals['_USERTEAMKEY']._serialized_end=19618 - _globals['_GENERICREQUESTRESPONSE']._serialized_start=19620 - _globals['_GENERICREQUESTRESPONSE']._serialized_end=19661 - _globals['_PASSKEYREGISTRATIONREQUEST']._serialized_start=19663 - _globals['_PASSKEYREGISTRATIONREQUEST']._serialized_end=19765 - _globals['_PASSKEYREGISTRATIONRESPONSE']._serialized_start=19767 - _globals['_PASSKEYREGISTRATIONRESPONSE']._serialized_end=19847 - _globals['_PASSKEYREGISTRATIONFINALIZATION']._serialized_start=19850 - _globals['_PASSKEYREGISTRATIONFINALIZATION']._serialized_end=19982 - _globals['_PASSKEYAUTHENTICATIONREQUEST']._serialized_start=19985 - _globals['_PASSKEYAUTHENTICATIONREQUEST']._serialized_end=20292 - _globals['_PASSKEYAUTHENTICATIONRESPONSE']._serialized_start=20295 - _globals['_PASSKEYAUTHENTICATIONRESPONSE']._serialized_end=20434 - _globals['_PASSKEYVALIDATIONREQUEST']._serialized_start=20437 - _globals['_PASSKEYVALIDATIONREQUEST']._serialized_end=20628 - _globals['_PASSKEYVALIDATIONRESPONSE']._serialized_start=20630 - _globals['_PASSKEYVALIDATIONRESPONSE']._serialized_end=20703 - _globals['_UPDATEPASSKEYREQUEST']._serialized_start=20705 - _globals['_UPDATEPASSKEYREQUEST']._serialized_end=20809 - _globals['_PASSKEYLISTREQUEST']._serialized_start=20811 - _globals['_PASSKEYLISTREQUEST']._serialized_end=20856 - _globals['_PASSKEYINFO']._serialized_start=20859 - _globals['_PASSKEYINFO']._serialized_end=21023 - _globals['_PASSKEYLISTRESPONSE']._serialized_start=21025 - _globals['_PASSKEYLISTRESPONSE']._serialized_end=21096 - _globals['_TRANSLATIONINFO']._serialized_start=21098 - _globals['_TRANSLATIONINFO']._serialized_end=21165 - _globals['_TRANSLATIONREQUEST']._serialized_start=21167 - _globals['_TRANSLATIONREQUEST']._serialized_end=21211 - _globals['_TRANSLATIONRESPONSE']._serialized_start=21213 - _globals['_TRANSLATIONRESPONSE']._serialized_end=21292 + _globals['_SUPPORTEDLANGUAGE']._serialized_start=21515 + _globals['_SUPPORTEDLANGUAGE']._serialized_end=21854 + _globals['_LOGINTYPE']._serialized_start=21856 + _globals['_LOGINTYPE']._serialized_end=21963 + _globals['_DEVICESTATUS']._serialized_start=21965 + _globals['_DEVICESTATUS']._serialized_end=22078 + _globals['_LICENSESTATUS']._serialized_start=22080 + _globals['_LICENSESTATUS']._serialized_end=22145 + _globals['_ACCOUNTTYPE']._serialized_start=22147 + _globals['_ACCOUNTTYPE']._serialized_end=22202 + _globals['_SESSIONTOKENTYPE']._serialized_start=22205 + _globals['_SESSIONTOKENTYPE']._serialized_end=22492 + _globals['_VERSION']._serialized_start=22494 + _globals['_VERSION']._serialized_end=22565 + _globals['_MASTERPASSWORDREENTRYACTIONTYPE']._serialized_start=22567 + _globals['_MASTERPASSWORDREENTRYACTIONTYPE']._serialized_end=22622 + _globals['_LOGINMETHOD']._serialized_start=22624 + _globals['_LOGINMETHOD']._serialized_end=22732 + _globals['_LOGINSTATE']._serialized_start=22735 + _globals['_LOGINSTATE']._serialized_end=23309 + _globals['_ENCRYPTEDDATAKEYTYPE']._serialized_start=23311 + _globals['_ENCRYPTEDDATAKEYTYPE']._serialized_end=23418 + _globals['_PASSWORDMETHOD']._serialized_start=23420 + _globals['_PASSWORDMETHOD']._serialized_end=23465 + _globals['_TWOFACTORPUSHTYPE']._serialized_start=23468 + _globals['_TWOFACTORPUSHTYPE']._serialized_end=23653 + _globals['_TWOFACTORVALUETYPE']._serialized_start=23656 + _globals['_TWOFACTORVALUETYPE']._serialized_end=23851 + _globals['_TWOFACTORCHANNELTYPE']._serialized_start=23854 + _globals['_TWOFACTORCHANNELTYPE']._serialized_end=24079 + _globals['_TWOFACTOREXPIRATION']._serialized_start=24082 + _globals['_TWOFACTOREXPIRATION']._serialized_end=24253 + _globals['_LICENSETYPE']._serialized_start=24255 + _globals['_LICENSETYPE']._serialized_end=24319 + _globals['_OBJECTTYPES']._serialized_start=24321 + _globals['_OBJECTTYPES']._serialized_end=24426 + _globals['_ENCRYPTEDOBJECTTYPE']._serialized_start=24429 + _globals['_ENCRYPTEDOBJECTTYPE']._serialized_end=24718 + _globals['_MASTERPASSWORDREENTRYSTATUS']._serialized_start=24720 + _globals['_MASTERPASSWORDREENTRYSTATUS']._serialized_end=24797 + _globals['_ALTERNATEAUTHENTICATIONTYPE']._serialized_start=24799 + _globals['_ALTERNATEAUTHENTICATIONTYPE']._serialized_end=24895 + _globals['_THROTTLETYPE']._serialized_start=24898 + _globals['_THROTTLETYPE']._serialized_end=25180 + _globals['_REGION']._serialized_start=25182 + _globals['_REGION']._serialized_end=25254 + _globals['_APPLICATIONSHARETYPE']._serialized_start=25256 + _globals['_APPLICATIONSHARETYPE']._serialized_end=25324 + _globals['_TIMELIMITEDACCESSTYPE']._serialized_start=25327 + _globals['_TIMELIMITEDACCESSTYPE']._serialized_end=25491 + _globals['_BACKUPKEYTYPE']._serialized_start=25493 + _globals['_BACKUPKEYTYPE']._serialized_end=25553 + _globals['_GENERICSTATUS']._serialized_start=25555 + _globals['_GENERICSTATUS']._serialized_end=25642 + _globals['_AUTHENTICATORATTACHMENT']._serialized_start=25644 + _globals['_AUTHENTICATORATTACHMENT']._serialized_end=25722 + _globals['_PASSKEYPURPOSE']._serialized_start=25724 + _globals['_PASSKEYPURPOSE']._serialized_end=25769 + _globals['_CLIENTFORMFACTOR']._serialized_start=25771 + _globals['_CLIENTFORMFACTOR']._serialized_end=25846 + _globals['_QRCMESSAGEKEY']._serialized_start=54 + _globals['_QRCMESSAGEKEY']._serialized_end=177 + _globals['_APIREQUEST']._serialized_start=180 + _globals['_APIREQUEST']._serialized_end=410 + _globals['_APIREQUESTPAYLOAD']._serialized_start=412 + _globals['_APIREQUESTPAYLOAD']._serialized_end=518 + _globals['_TRANSFORM']._serialized_start=520 + _globals['_TRANSFORM']._serialized_end=574 + _globals['_DEVICEREQUEST']._serialized_start=577 + _globals['_DEVICEREQUEST']._serialized_end=737 + _globals['_AUTHREQUEST']._serialized_start=739 + _globals['_AUTHREQUEST']._serialized_end=823 + _globals['_NEWUSERMINIMUMPARAMS']._serialized_start=826 + _globals['_NEWUSERMINIMUMPARAMS']._serialized_end=1021 + _globals['_PRELOGINREQUEST']._serialized_start=1024 + _globals['_PRELOGINREQUEST']._serialized_end=1161 + _globals['_LOGINREQUEST']._serialized_start=1164 + _globals['_LOGINREQUEST']._serialized_end=1420 + _globals['_DEVICERESPONSE']._serialized_start=1422 + _globals['_DEVICERESPONSE']._serialized_end=1514 + _globals['_SALT']._serialized_start=1516 + _globals['_SALT']._serialized_end=1602 + _globals['_TWOFACTORCHANNEL']._serialized_start=1604 + _globals['_TWOFACTORCHANNEL']._serialized_end=1636 + _globals['_STARTLOGINREQUEST']._serialized_start=1639 + _globals['_STARTLOGINREQUEST']._serialized_end=2019 + _globals['_LOGINRESPONSE']._serialized_start=2022 + _globals['_LOGINRESPONSE']._serialized_end=2573 + _globals['_SWITCHLISTELEMENT']._serialized_start=2575 + _globals['_SWITCHLISTELEMENT']._serialized_end=2693 + _globals['_SWITCHLISTRESPONSE']._serialized_start=2695 + _globals['_SWITCHLISTRESPONSE']._serialized_end=2768 + _globals['_SSOUSERINFO']._serialized_start=2771 + _globals['_SSOUSERINFO']._serialized_end=2911 + _globals['_PRELOGINRESPONSE']._serialized_start=2914 + _globals['_PRELOGINRESPONSE']._serialized_end=3128 + _globals['_LOGINASUSERREQUEST']._serialized_start=3130 + _globals['_LOGINASUSERREQUEST']._serialized_end=3168 + _globals['_LOGINASUSERRESPONSE']._serialized_start=3170 + _globals['_LOGINASUSERRESPONSE']._serialized_end=3257 + _globals['_VALIDATEAUTHHASHREQUEST']._serialized_start=3260 + _globals['_VALIDATEAUTHHASHREQUEST']._serialized_end=3392 + _globals['_TWOFACTORCHANNELINFO']._serialized_start=3395 + _globals['_TWOFACTORCHANNELINFO']._serialized_end=3719 + _globals['_TWOFACTORDUOSTATUS']._serialized_start=3721 + _globals['_TWOFACTORDUOSTATUS']._serialized_end=3821 + _globals['_TWOFACTORADDREQUEST']._serialized_start=3824 + _globals['_TWOFACTORADDREQUEST']._serialized_end=4023 + _globals['_TWOFACTORRENAMEREQUEST']._serialized_start=4025 + _globals['_TWOFACTORRENAMEREQUEST']._serialized_end=4091 + _globals['_TWOFACTORADDRESPONSE']._serialized_start=4093 + _globals['_TWOFACTORADDRESPONSE']._serialized_end=4154 + _globals['_TWOFACTORDELETEREQUEST']._serialized_start=4156 + _globals['_TWOFACTORDELETEREQUEST']._serialized_end=4201 + _globals['_TWOFACTORLISTRESPONSE']._serialized_start=4203 + _globals['_TWOFACTORLISTRESPONSE']._serialized_end=4300 + _globals['_TWOFACTORUPDATEEXPIRATIONREQUEST']._serialized_start=4302 + _globals['_TWOFACTORUPDATEEXPIRATIONREQUEST']._serialized_end=4391 + _globals['_TWOFACTORVALIDATEREQUEST']._serialized_start=4394 + _globals['_TWOFACTORVALIDATEREQUEST']._serialized_end=4595 + _globals['_TWOFACTORVALIDATERESPONSE']._serialized_start=4597 + _globals['_TWOFACTORVALIDATERESPONSE']._serialized_end=4653 + _globals['_TWOFACTORSENDPUSHREQUEST']._serialized_start=4656 + _globals['_TWOFACTORSENDPUSHREQUEST']._serialized_end=4840 + _globals['_LICENSE']._serialized_start=4843 + _globals['_LICENSE']._serialized_end=4974 + _globals['_OWNERLESSRECORD']._serialized_start=4976 + _globals['_OWNERLESSRECORD']._serialized_end=5047 + _globals['_OWNERLESSRECORDS']._serialized_start=5049 + _globals['_OWNERLESSRECORDS']._serialized_end=5125 + _globals['_USERAUTHREQUEST']._serialized_start=5128 + _globals['_USERAUTHREQUEST']._serialized_end=5343 + _globals['_UIDREQUEST']._serialized_start=5345 + _globals['_UIDREQUEST']._serialized_end=5370 + _globals['_DEVICEUPDATEREQUEST']._serialized_start=5373 + _globals['_DEVICEUPDATEREQUEST']._serialized_end=5628 + _globals['_DEVICEUPDATERESPONSE']._serialized_start=5631 + _globals['_DEVICEUPDATERESPONSE']._serialized_end=5887 + _globals['_REGISTERDEVICEINREGIONREQUEST']._serialized_start=5890 + _globals['_REGISTERDEVICEINREGIONREQUEST']._serialized_end=6103 + _globals['_REGISTRATIONREQUEST']._serialized_start=6106 + _globals['_REGISTRATIONREQUEST']._serialized_end=6482 + _globals['_CONVERTUSERTOV3REQUEST']._serialized_start=6485 + _globals['_CONVERTUSERTOV3REQUEST']._serialized_end=6693 + _globals['_REVISIONRESPONSE']._serialized_start=6695 + _globals['_REVISIONRESPONSE']._serialized_end=6731 + _globals['_CHANGEEMAILREQUEST']._serialized_start=6733 + _globals['_CHANGEEMAILREQUEST']._serialized_end=6771 + _globals['_CHANGEEMAILRESPONSE']._serialized_start=6773 + _globals['_CHANGEEMAILRESPONSE']._serialized_end=6829 + _globals['_EMAILVERIFICATIONLINKRESPONSE']._serialized_start=6831 + _globals['_EMAILVERIFICATIONLINKRESPONSE']._serialized_end=6885 + _globals['_SECURITYDATA']._serialized_start=6887 + _globals['_SECURITYDATA']._serialized_end=6928 + _globals['_SECURITYSCOREDATA']._serialized_start=6930 + _globals['_SECURITYSCOREDATA']._serialized_end=6994 + _globals['_SECURITYDATAREQUEST']._serialized_start=6997 + _globals['_SECURITYDATAREQUEST']._serialized_end=7264 + _globals['_SECURITYREPORTINCREMENTALDATA']._serialized_start=7267 + _globals['_SECURITYREPORTINCREMENTALDATA']._serialized_end=7593 + _globals['_SECURITYREPORT']._serialized_start=7596 + _globals['_SECURITYREPORT']._serialized_end=7883 + _globals['_SECURITYREPORTSAVEREQUEST']._serialized_start=7885 + _globals['_SECURITYREPORTSAVEREQUEST']._serialized_end=7995 + _globals['_SECURITYREPORTREQUEST']._serialized_start=7997 + _globals['_SECURITYREPORTREQUEST']._serialized_end=8038 + _globals['_SECURITYREPORTRESPONSE']._serialized_start=8041 + _globals['_SECURITYREPORTRESPONSE']._serialized_end=8286 + _globals['_INCREMENTALSECURITYDATAREQUEST']._serialized_start=8288 + _globals['_INCREMENTALSECURITYDATAREQUEST']._serialized_end=8347 + _globals['_INCREMENTALSECURITYDATARESPONSE']._serialized_start=8350 + _globals['_INCREMENTALSECURITYDATARESPONSE']._serialized_end=8496 + _globals['_REUSEDPASSWORDSREQUEST']._serialized_start=8498 + _globals['_REUSEDPASSWORDSREQUEST']._serialized_end=8537 + _globals['_SUMMARYCONSOLEREPORT']._serialized_start=8539 + _globals['_SUMMARYCONSOLEREPORT']._serialized_end=8601 + _globals['_CHANGETOKEYTYPEONE']._serialized_start=8603 + _globals['_CHANGETOKEYTYPEONE']._serialized_end=8727 + _globals['_CHANGETOKEYTYPEONEREQUEST']._serialized_start=8729 + _globals['_CHANGETOKEYTYPEONEREQUEST']._serialized_end=8820 + _globals['_CHANGETOKEYTYPEONESTATUS']._serialized_start=8822 + _globals['_CHANGETOKEYTYPEONESTATUS']._serialized_end=8907 + _globals['_CHANGETOKEYTYPEONERESPONSE']._serialized_start=8909 + _globals['_CHANGETOKEYTYPEONERESPONSE']._serialized_end=9013 + _globals['_GETCHANGEKEYTYPESREQUEST']._serialized_start=9016 + _globals['_GETCHANGEKEYTYPESREQUEST']._serialized_end=9201 + _globals['_GETCHANGEKEYTYPESRESPONSE']._serialized_start=9204 + _globals['_GETCHANGEKEYTYPESRESPONSE']._serialized_end=9334 + _globals['_ALLOWEDKEYTYPES']._serialized_start=9337 + _globals['_ALLOWEDKEYTYPES']._serialized_end=9466 + _globals['_CHANGEKEYTYPES']._serialized_start=9468 + _globals['_CHANGEKEYTYPES']._serialized_end=9529 + _globals['_CHANGEKEYTYPE']._serialized_start=9532 + _globals['_CHANGEKEYTYPE']._serialized_end=9746 + _globals['_SETKEY']._serialized_start=9748 + _globals['_SETKEY']._serialized_end=9781 + _globals['_SETKEYREQUEST']._serialized_start=9783 + _globals['_SETKEYREQUEST']._serialized_end=9836 + _globals['_CREATEUSERREQUEST']._serialized_start=9839 + _globals['_CREATEUSERREQUEST']._serialized_end=10497 + _globals['_NODEENFORCEMENTADDORUPDATEREQUEST']._serialized_start=10499 + _globals['_NODEENFORCEMENTADDORUPDATEREQUEST']._serialized_end=10586 + _globals['_NODEENFORCEMENTREMOVEREQUEST']._serialized_start=10588 + _globals['_NODEENFORCEMENTREMOVEREQUEST']._serialized_end=10655 + _globals['_APIREQUESTBYKEY']._serialized_start=10658 + _globals['_APIREQUESTBYKEY']._serialized_end=10817 + _globals['_APIREQUESTBYKATOKAKEY']._serialized_start=10820 + _globals['_APIREQUESTBYKATOKAKEY']._serialized_end=11019 + _globals['_MEMCACHEREQUEST']._serialized_start=11021 + _globals['_MEMCACHEREQUEST']._serialized_end=11067 + _globals['_MEMCACHERESPONSE']._serialized_start=11069 + _globals['_MEMCACHERESPONSE']._serialized_end=11115 + _globals['_MASTERPASSWORDREENTRYREQUEST']._serialized_start=11117 + _globals['_MASTERPASSWORDREENTRYREQUEST']._serialized_end=11236 + _globals['_MASTERPASSWORDREENTRYRESPONSE']._serialized_start=11238 + _globals['_MASTERPASSWORDREENTRYRESPONSE']._serialized_end=11330 + _globals['_DEVICEREGISTRATIONREQUEST']._serialized_start=11333 + _globals['_DEVICEREGISTRATIONREQUEST']._serialized_end=11530 + _globals['_DEVICEVERIFICATIONREQUEST']._serialized_start=11533 + _globals['_DEVICEVERIFICATIONREQUEST']._serialized_end=11687 + _globals['_DEVICEVERIFICATIONRESPONSE']._serialized_start=11690 + _globals['_DEVICEVERIFICATIONRESPONSE']._serialized_end=11868 + _globals['_DEVICEAPPROVALREQUEST']._serialized_start=11871 + _globals['_DEVICEAPPROVALREQUEST']._serialized_end=12071 + _globals['_DEVICEAPPROVALRESPONSE']._serialized_start=12073 + _globals['_DEVICEAPPROVALRESPONSE']._serialized_end=12130 + _globals['_APPROVEDEVICEREQUEST']._serialized_start=12132 + _globals['_APPROVEDEVICEREQUEST']._serialized_end=12258 + _globals['_ENTERPRISEUSERALIASREQUEST']._serialized_start=12260 + _globals['_ENTERPRISEUSERALIASREQUEST']._serialized_end=12329 + _globals['_ENTERPRISEUSERADDALIASREQUEST']._serialized_start=12331 + _globals['_ENTERPRISEUSERADDALIASREQUEST']._serialized_end=12420 + _globals['_ENTERPRISEUSERADDALIASREQUESTV2']._serialized_start=12422 + _globals['_ENTERPRISEUSERADDALIASREQUESTV2']._serialized_end=12541 + _globals['_ENTERPRISEUSERADDALIASSTATUS']._serialized_start=12543 + _globals['_ENTERPRISEUSERADDALIASSTATUS']._serialized_end=12615 + _globals['_ENTERPRISEUSERADDALIASRESPONSE']._serialized_start=12617 + _globals['_ENTERPRISEUSERADDALIASRESPONSE']._serialized_end=12711 + _globals['_DEVICE']._serialized_start=12713 + _globals['_DEVICE']._serialized_end=12751 + _globals['_REGISTERDEVICEDATAKEYREQUEST']._serialized_start=12753 + _globals['_REGISTERDEVICEDATAKEYREQUEST']._serialized_end=12845 + _globals['_VALIDATECREATEUSERVERIFICATIONCODEREQUEST']._serialized_start=12847 + _globals['_VALIDATECREATEUSERVERIFICATIONCODEREQUEST']._serialized_end=12957 + _globals['_VALIDATEDEVICEVERIFICATIONCODEREQUEST']._serialized_start=12960 + _globals['_VALIDATEDEVICEVERIFICATIONCODEREQUEST']._serialized_end=13123 + _globals['_SENDSESSIONMESSAGEREQUEST']._serialized_start=13125 + _globals['_SENDSESSIONMESSAGEREQUEST']._serialized_end=13214 + _globals['_GLOBALUSERACCOUNT']._serialized_start=13216 + _globals['_GLOBALUSERACCOUNT']._serialized_end=13293 + _globals['_ACCOUNTUSERNAME']._serialized_start=13295 + _globals['_ACCOUNTUSERNAME']._serialized_end=13350 + _globals['_SSOSERVICEPROVIDERREQUEST']._serialized_start=13352 + _globals['_SSOSERVICEPROVIDERREQUEST']._serialized_end=13432 + _globals['_SSOSERVICEPROVIDERRESPONSE']._serialized_start=13434 + _globals['_SSOSERVICEPROVIDERRESPONSE']._serialized_end=13531 + _globals['_USERSETTINGREQUEST']._serialized_start=13533 + _globals['_USERSETTINGREQUEST']._serialized_end=13585 + _globals['_THROTTLESTATE']._serialized_start=13587 + _globals['_THROTTLESTATE']._serialized_end=13689 + _globals['_THROTTLESTATE2']._serialized_start=13692 + _globals['_THROTTLESTATE2']._serialized_end=13873 + _globals['_DEVICEINFORMATION']._serialized_start=13876 + _globals['_DEVICEINFORMATION']._serialized_end=14027 + _globals['_USERSETTING']._serialized_start=14029 + _globals['_USERSETTING']._serialized_end=14071 + _globals['_USERDATAKEYREQUEST']._serialized_start=14073 + _globals['_USERDATAKEYREQUEST']._serialized_end=14119 + _globals['_USERDATAKEYBYNODEREQUEST']._serialized_start=14121 + _globals['_USERDATAKEYBYNODEREQUEST']._serialized_end=14164 + _globals['_ENTERPRISEUSERIDDATAKEYPAIR']._serialized_start=14167 + _globals['_ENTERPRISEUSERIDDATAKEYPAIR']._serialized_end=14295 + _globals['_USERDATAKEY']._serialized_start=14298 + _globals['_USERDATAKEY']._serialized_end=14447 + _globals['_USERDATAKEYRESPONSE']._serialized_start=14449 + _globals['_USERDATAKEYRESPONSE']._serialized_end=14571 + _globals['_MASTERPASSWORDRECOVERYVERIFICATIONREQUEST']._serialized_start=14573 + _globals['_MASTERPASSWORDRECOVERYVERIFICATIONREQUEST']._serialized_end=14645 + _globals['_GETSECURITYQUESTIONV3REQUEST']._serialized_start=14647 + _globals['_GETSECURITYQUESTIONV3REQUEST']._serialized_end=14732 + _globals['_GETSECURITYQUESTIONV3RESPONSE']._serialized_start=14734 + _globals['_GETSECURITYQUESTIONV3RESPONSE']._serialized_end=14848 + _globals['_GETDATAKEYBACKUPV3REQUEST']._serialized_start=14850 + _globals['_GETDATAKEYBACKUPV3REQUEST']._serialized_end=14960 + _globals['_PASSWORDRULES']._serialized_start=14962 + _globals['_PASSWORDRULES']._serialized_end=15080 + _globals['_GETDATAKEYBACKUPV3RESPONSE']._serialized_start=15083 + _globals['_GETDATAKEYBACKUPV3RESPONSE']._serialized_end=15412 + _globals['_GETPUBLICKEYSREQUEST']._serialized_start=15414 + _globals['_GETPUBLICKEYSREQUEST']._serialized_end=15455 + _globals['_PUBLICKEYRESPONSE']._serialized_start=15457 + _globals['_PUBLICKEYRESPONSE']._serialized_end=15571 + _globals['_GETPUBLICKEYSRESPONSE']._serialized_start=15573 + _globals['_GETPUBLICKEYSRESPONSE']._serialized_end=15653 + _globals['_SETECCKEYPAIRREQUEST']._serialized_start=15655 + _globals['_SETECCKEYPAIRREQUEST']._serialized_end=15725 + _globals['_SETECCKEYPAIRSREQUEST']._serialized_start=15727 + _globals['_SETECCKEYPAIRSREQUEST']._serialized_end=15800 + _globals['_SETECCKEYPAIRSRESPONSE']._serialized_start=15802 + _globals['_SETECCKEYPAIRSRESPONSE']._serialized_end=15884 + _globals['_TEAMECCKEYPAIR']._serialized_start=15886 + _globals['_TEAMECCKEYPAIR']._serialized_end=15967 + _globals['_TEAMECCKEYPAIRRESPONSE']._serialized_start=15969 + _globals['_TEAMECCKEYPAIRRESPONSE']._serialized_end=16057 + _globals['_GETKSMPUBLICKEYSREQUEST']._serialized_start=16059 + _globals['_GETKSMPUBLICKEYSREQUEST']._serialized_end=16127 + _globals['_DEVICEPUBLICKEYRESPONSE']._serialized_start=16129 + _globals['_DEVICEPUBLICKEYRESPONSE']._serialized_end=16214 + _globals['_GETKSMPUBLICKEYSRESPONSE']._serialized_start=16216 + _globals['_GETKSMPUBLICKEYSRESPONSE']._serialized_end=16305 + _globals['_ADDAPPSHARESREQUEST']._serialized_start=16307 + _globals['_ADDAPPSHARESREQUEST']._serialized_end=16395 + _globals['_REMOVEAPPSHARESREQUEST']._serialized_start=16397 + _globals['_REMOVEAPPSHARESREQUEST']._serialized_end=16459 + _globals['_APPSHAREADD']._serialized_start=16462 + _globals['_APPSHAREADD']._serialized_end=16597 + _globals['_APPSHARE']._serialized_start=16600 + _globals['_APPSHARE']._serialized_end=16737 + _globals['_ADDAPPCLIENTREQUEST']._serialized_start=16740 + _globals['_ADDAPPCLIENTREQUEST']._serialized_end=16957 + _globals['_REMOVEAPPCLIENTSREQUEST']._serialized_start=16959 + _globals['_REMOVEAPPCLIENTSREQUEST']._serialized_end=17023 + _globals['_ADDEXTERNALSHAREREQUEST']._serialized_start=17026 + _globals['_ADDEXTERNALSHAREREQUEST']._serialized_end=17196 + _globals['_APPCLIENT']._serialized_start=17199 + _globals['_APPCLIENT']._serialized_end=17474 + _globals['_GETAPPINFOREQUEST']._serialized_start=17476 + _globals['_GETAPPINFOREQUEST']._serialized_end=17517 + _globals['_APPINFO']._serialized_start=17520 + _globals['_APPINFO']._serialized_end=17662 + _globals['_GETAPPINFORESPONSE']._serialized_start=17664 + _globals['_GETAPPINFORESPONSE']._serialized_end=17726 + _globals['_APPLICATIONSUMMARY']._serialized_start=17729 + _globals['_APPLICATIONSUMMARY']._serialized_end=17942 + _globals['_GETAPPLICATIONSSUMMARYRESPONSE']._serialized_start=17944 + _globals['_GETAPPLICATIONSSUMMARYRESPONSE']._serialized_end=18040 + _globals['_GETVERIFICATIONTOKENREQUEST']._serialized_start=18042 + _globals['_GETVERIFICATIONTOKENREQUEST']._serialized_end=18089 + _globals['_GETVERIFICATIONTOKENRESPONSE']._serialized_start=18091 + _globals['_GETVERIFICATIONTOKENRESPONSE']._serialized_end=18157 + _globals['_SENDSHAREINVITEREQUEST']._serialized_start=18159 + _globals['_SENDSHAREINVITEREQUEST']._serialized_end=18198 + _globals['_TIMELIMITEDACCESSREQUEST']._serialized_start=18201 + _globals['_TIMELIMITEDACCESSREQUEST']._serialized_end=18398 + _globals['_TIMELIMITEDACCESSSTATUS']._serialized_start=18400 + _globals['_TIMELIMITEDACCESSSTATUS']._serialized_end=18455 + _globals['_TIMELIMITEDACCESSRESPONSE']._serialized_start=18458 + _globals['_TIMELIMITEDACCESSRESPONSE']._serialized_end=18706 + _globals['_REQUESTDOWNLOADREQUEST']._serialized_start=18708 + _globals['_REQUESTDOWNLOADREQUEST']._serialized_end=18751 + _globals['_REQUESTDOWNLOADRESPONSE']._serialized_start=18753 + _globals['_REQUESTDOWNLOADRESPONSE']._serialized_end=18856 + _globals['_DOWNLOAD']._serialized_start=18858 + _globals['_DOWNLOAD']._serialized_end=18926 + _globals['_DELETEUSERREQUEST']._serialized_start=18928 + _globals['_DELETEUSERREQUEST']._serialized_end=18963 + _globals['_CHANGEMASTERPASSWORDREQUEST']._serialized_start=18966 + _globals['_CHANGEMASTERPASSWORDREQUEST']._serialized_end=19098 + _globals['_CHANGEMASTERPASSWORDRESPONSE']._serialized_start=19100 + _globals['_CHANGEMASTERPASSWORDRESPONSE']._serialized_end=19161 + _globals['_ACCOUNTRECOVERYSETUPREQUEST']._serialized_start=19163 + _globals['_ACCOUNTRECOVERYSETUPREQUEST']._serialized_end=19252 + _globals['_ACCOUNTRECOVERYVERIFYCODERESPONSE']._serialized_start=19255 + _globals['_ACCOUNTRECOVERYVERIFYCODERESPONSE']._serialized_end=19427 + _globals['_EMERGENCYACCESSLOGINREQUEST']._serialized_start=19429 + _globals['_EMERGENCYACCESSLOGINREQUEST']._serialized_end=19473 + _globals['_EMERGENCYACCESSLOGINRESPONSE']._serialized_start=19476 + _globals['_EMERGENCYACCESSLOGINRESPONSE']._serialized_end=19657 + _globals['_USERTEAMKEY']._serialized_start=19660 + _globals['_USERTEAMKEY']._serialized_end=19838 + _globals['_GENERICREQUESTRESPONSE']._serialized_start=19840 + _globals['_GENERICREQUESTRESPONSE']._serialized_end=19881 + _globals['_PASSKEYREGISTRATIONREQUEST']._serialized_start=19883 + _globals['_PASSKEYREGISTRATIONREQUEST']._serialized_end=19985 + _globals['_PASSKEYREGISTRATIONRESPONSE']._serialized_start=19987 + _globals['_PASSKEYREGISTRATIONRESPONSE']._serialized_end=20067 + _globals['_PASSKEYREGISTRATIONFINALIZATION']._serialized_start=20070 + _globals['_PASSKEYREGISTRATIONFINALIZATION']._serialized_end=20202 + _globals['_PASSKEYAUTHENTICATIONREQUEST']._serialized_start=20205 + _globals['_PASSKEYAUTHENTICATIONREQUEST']._serialized_end=20512 + _globals['_PASSKEYAUTHENTICATIONRESPONSE']._serialized_start=20515 + _globals['_PASSKEYAUTHENTICATIONRESPONSE']._serialized_end=20654 + _globals['_PASSKEYVALIDATIONREQUEST']._serialized_start=20657 + _globals['_PASSKEYVALIDATIONREQUEST']._serialized_end=20848 + _globals['_PASSKEYVALIDATIONRESPONSE']._serialized_start=20850 + _globals['_PASSKEYVALIDATIONRESPONSE']._serialized_end=20923 + _globals['_UPDATEPASSKEYREQUEST']._serialized_start=20925 + _globals['_UPDATEPASSKEYREQUEST']._serialized_end=21029 + _globals['_PASSKEYLISTREQUEST']._serialized_start=21031 + _globals['_PASSKEYLISTREQUEST']._serialized_end=21076 + _globals['_PASSKEYINFO']._serialized_start=21079 + _globals['_PASSKEYINFO']._serialized_end=21243 + _globals['_PASSKEYLISTRESPONSE']._serialized_start=21245 + _globals['_PASSKEYLISTRESPONSE']._serialized_end=21316 + _globals['_TRANSLATIONINFO']._serialized_start=21318 + _globals['_TRANSLATIONINFO']._serialized_end=21385 + _globals['_TRANSLATIONREQUEST']._serialized_start=21387 + _globals['_TRANSLATIONREQUEST']._serialized_end=21431 + _globals['_TRANSLATIONRESPONSE']._serialized_start=21433 + _globals['_TRANSLATIONRESPONSE']._serialized_end=21512 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.pyi b/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.pyi index 13ab5e46..149d8093 100644 --- a/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/APIRequest_pb2.pyi @@ -467,8 +467,22 @@ FF_PHONE: ClientFormFactor FF_TABLET: ClientFormFactor FF_WATCH: ClientFormFactor +class QrcMessageKey(_message.Message): + __slots__ = ("clientEcPublicKey", "mlKemEncapsulatedKey", "data", "msgVersion", "ecKeyId") + CLIENTECPUBLICKEY_FIELD_NUMBER: _ClassVar[int] + MLKEMENCAPSULATEDKEY_FIELD_NUMBER: _ClassVar[int] + DATA_FIELD_NUMBER: _ClassVar[int] + MSGVERSION_FIELD_NUMBER: _ClassVar[int] + ECKEYID_FIELD_NUMBER: _ClassVar[int] + clientEcPublicKey: bytes + mlKemEncapsulatedKey: bytes + data: bytes + msgVersion: int + ecKeyId: int + def __init__(self, clientEcPublicKey: _Optional[bytes] = ..., mlKemEncapsulatedKey: _Optional[bytes] = ..., data: _Optional[bytes] = ..., msgVersion: _Optional[int] = ..., ecKeyId: _Optional[int] = ...) -> None: ... + class ApiRequest(_message.Message): - __slots__ = ("encryptedTransmissionKey", "publicKeyId", "locale", "encryptedPayload", "encryptionType", "recaptcha", "subEnvironment") + __slots__ = ("encryptedTransmissionKey", "publicKeyId", "locale", "encryptedPayload", "encryptionType", "recaptcha", "subEnvironment", "qrcMessageKey") ENCRYPTEDTRANSMISSIONKEY_FIELD_NUMBER: _ClassVar[int] PUBLICKEYID_FIELD_NUMBER: _ClassVar[int] LOCALE_FIELD_NUMBER: _ClassVar[int] @@ -476,6 +490,7 @@ class ApiRequest(_message.Message): ENCRYPTIONTYPE_FIELD_NUMBER: _ClassVar[int] RECAPTCHA_FIELD_NUMBER: _ClassVar[int] SUBENVIRONMENT_FIELD_NUMBER: _ClassVar[int] + QRCMESSAGEKEY_FIELD_NUMBER: _ClassVar[int] encryptedTransmissionKey: bytes publicKeyId: int locale: str @@ -483,7 +498,8 @@ class ApiRequest(_message.Message): encryptionType: int recaptcha: str subEnvironment: str - def __init__(self, encryptedTransmissionKey: _Optional[bytes] = ..., publicKeyId: _Optional[int] = ..., locale: _Optional[str] = ..., encryptedPayload: _Optional[bytes] = ..., encryptionType: _Optional[int] = ..., recaptcha: _Optional[str] = ..., subEnvironment: _Optional[str] = ...) -> None: ... + qrcMessageKey: QrcMessageKey + def __init__(self, encryptedTransmissionKey: _Optional[bytes] = ..., publicKeyId: _Optional[int] = ..., locale: _Optional[str] = ..., encryptedPayload: _Optional[bytes] = ..., encryptionType: _Optional[int] = ..., recaptcha: _Optional[str] = ..., subEnvironment: _Optional[str] = ..., qrcMessageKey: _Optional[_Union[QrcMessageKey, _Mapping]] = ...) -> None: ... class ApiRequestPayload(_message.Message): __slots__ = ("payload", "encryptedSessionToken", "timeToken", "apiVersion") @@ -670,16 +686,18 @@ class LoginResponse(_message.Message): def __init__(self, loginState: _Optional[_Union[LoginState, str]] = ..., accountUid: _Optional[bytes] = ..., primaryUsername: _Optional[str] = ..., encryptedDataKey: _Optional[bytes] = ..., encryptedDataKeyType: _Optional[_Union[EncryptedDataKeyType, str]] = ..., encryptedLoginToken: _Optional[bytes] = ..., encryptedSessionToken: _Optional[bytes] = ..., sessionTokenType: _Optional[_Union[SessionTokenType, str]] = ..., message: _Optional[str] = ..., url: _Optional[str] = ..., channels: _Optional[_Iterable[_Union[TwoFactorChannelInfo, _Mapping]]] = ..., salt: _Optional[_Iterable[_Union[Salt, _Mapping]]] = ..., cloneCode: _Optional[bytes] = ..., stateSpecificValue: _Optional[str] = ..., ssoClientVersion: _Optional[str] = ..., sessionTokenTypeModifier: _Optional[str] = ...) -> None: ... class SwitchListElement(_message.Message): - __slots__ = ("username", "fullName", "authRequired", "isLinked") + __slots__ = ("username", "fullName", "authRequired", "isLinked", "profilePicUrl") USERNAME_FIELD_NUMBER: _ClassVar[int] FULLNAME_FIELD_NUMBER: _ClassVar[int] AUTHREQUIRED_FIELD_NUMBER: _ClassVar[int] ISLINKED_FIELD_NUMBER: _ClassVar[int] + PROFILEPICURL_FIELD_NUMBER: _ClassVar[int] username: str fullName: str authRequired: bool isLinked: bool - def __init__(self, username: _Optional[str] = ..., fullName: _Optional[str] = ..., authRequired: bool = ..., isLinked: bool = ...) -> None: ... + profilePicUrl: str + def __init__(self, username: _Optional[str] = ..., fullName: _Optional[str] = ..., authRequired: bool = ..., isLinked: bool = ..., profilePicUrl: _Optional[str] = ...) -> None: ... class SwitchListResponse(_message.Message): __slots__ = ("elements",) @@ -1394,18 +1412,20 @@ class MasterPasswordReentryResponse(_message.Message): def __init__(self, status: _Optional[_Union[MasterPasswordReentryStatus, str]] = ...) -> None: ... class DeviceRegistrationRequest(_message.Message): - __slots__ = ("clientVersion", "deviceName", "devicePublicKey", "devicePlatform", "clientFormFactor") + __slots__ = ("clientVersion", "deviceName", "devicePublicKey", "devicePlatform", "clientFormFactor", "username") CLIENTVERSION_FIELD_NUMBER: _ClassVar[int] DEVICENAME_FIELD_NUMBER: _ClassVar[int] DEVICEPUBLICKEY_FIELD_NUMBER: _ClassVar[int] DEVICEPLATFORM_FIELD_NUMBER: _ClassVar[int] CLIENTFORMFACTOR_FIELD_NUMBER: _ClassVar[int] + USERNAME_FIELD_NUMBER: _ClassVar[int] clientVersion: str deviceName: str devicePublicKey: bytes devicePlatform: str clientFormFactor: ClientFormFactor - def __init__(self, clientVersion: _Optional[str] = ..., deviceName: _Optional[str] = ..., devicePublicKey: _Optional[bytes] = ..., devicePlatform: _Optional[str] = ..., clientFormFactor: _Optional[_Union[ClientFormFactor, str]] = ...) -> None: ... + username: str + def __init__(self, clientVersion: _Optional[str] = ..., deviceName: _Optional[str] = ..., devicePublicKey: _Optional[bytes] = ..., devicePlatform: _Optional[str] = ..., clientFormFactor: _Optional[_Union[ClientFormFactor, str]] = ..., username: _Optional[str] = ...) -> None: ... class DeviceVerificationRequest(_message.Message): __slots__ = ("encryptedDeviceToken", "username", "verificationChannel", "messageSessionUid", "clientVersion") diff --git a/keepersdk-package/src/keepersdk/proto/AccountSummary_pb2.py b/keepersdk-package/src/keepersdk/proto/AccountSummary_pb2.py index d7f840ed..b3f598a9 100644 --- a/keepersdk-package/src/keepersdk/proto/AccountSummary_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/AccountSummary_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: AccountSummary.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'AccountSummary.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() diff --git a/keepersdk-package/src/keepersdk/proto/GraphSync_pb2.py b/keepersdk-package/src/keepersdk/proto/GraphSync_pb2.py index 1857c268..1599095b 100644 --- a/keepersdk-package/src/keepersdk/proto/GraphSync_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/GraphSync_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: GraphSync.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'GraphSync.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() diff --git a/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.py b/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.py index 111c616d..40ab71b1 100644 --- a/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: NotificationCenter.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'NotificationCenter.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -17,7 +25,7 @@ from . import GraphSync_pb2 as GraphSync__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x18NotificationCenter.proto\x12\x12NotificationCenter\x1a\x0fGraphSync.proto\".\n\rEncryptedData\x12\x0f\n\x07version\x18\x01 \x01(\x05\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"\xe2\x02\n\x0cNotification\x12\x32\n\x04type\x18\x01 \x01(\x0e\x32$.NotificationCenter.NotificationType\x12>\n\x08\x63\x61tegory\x18\x02 \x01(\x0e\x32(.NotificationCenter.NotificationCategoryB\x02\x18\x01\x12\'\n\x06sender\x18\x03 \x01(\x0b\x32\x17.GraphSync.GraphSyncRef\x12\x16\n\x0esenderFullName\x18\x04 \x01(\t\x12\x38\n\rencryptedData\x18\x05 \x01(\x0b\x32!.NotificationCenter.EncryptedData\x12%\n\x04refs\x18\x06 \x03(\x0b\x32\x17.GraphSync.GraphSyncRef\x12<\n\ncategories\x18\x07 \x03(\x0e\x32(.NotificationCenter.NotificationCategory\"\x97\x01\n\x14NotificationReadMark\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x1c\n\x14notification_edge_id\x18\x02 \x01(\x03\x12\x14\n\x0cmark_edge_id\x18\x03 \x01(\x03\x12>\n\nreadStatus\x18\x04 \x01(\x0e\x32*.NotificationCenter.NotificationReadStatus\"\xa6\x02\n\x13NotificationContent\x12\x38\n\x0cnotification\x18\x01 \x01(\x0b\x32 .NotificationCenter.NotificationH\x00\x12@\n\nreadStatus\x18\x02 \x01(\x0e\x32*.NotificationCenter.NotificationReadStatusH\x00\x12H\n\x0e\x61pprovalStatus\x18\x03 \x01(\x0e\x32..NotificationCenter.NotificationApprovalStatusH\x00\x12\x17\n\rtrimmingPoint\x18\x04 \x01(\x08H\x00\x12\x15\n\rclientTypeIDs\x18\x05 \x03(\x05\x12\x11\n\tdeviceIDs\x18\x06 \x03(\x03\x42\x06\n\x04type\"o\n\x13NotificationWrapper\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x38\n\x07\x63ontent\x18\x02 \x01(\x0b\x32\'.NotificationCenter.NotificationContent\x12\x11\n\ttimestamp\x18\x03 \x01(\x03\"m\n\x10NotificationSync\x12\x35\n\x04\x64\x61ta\x18\x01 \x03(\x0b\x32\'.NotificationCenter.NotificationWrapper\x12\x11\n\tsyncPoint\x18\x02 \x01(\x03\x12\x0f\n\x07hasMore\x18\x03 \x01(\x08\"g\n\x10ReadStatusUpdate\x12\x17\n\x0fnotificationUid\x18\x01 \x01(\x0c\x12:\n\x06status\x18\x02 \x01(\x0e\x32*.NotificationCenter.NotificationReadStatus\"o\n\x14\x41pprovalStatusUpdate\x12\x17\n\x0fnotificationUid\x18\x01 \x01(\x0c\x12>\n\x06status\x18\x02 \x01(\x0e\x32..NotificationCenter.NotificationApprovalStatus\"^\n\x1cProcessMarkReadEventsRequest\x12>\n\x10readStatusUpdate\x18\x01 \x03(\x0b\x32$.NotificationCenter.ReadStatusUpdate\"\xa8\x01\n\x17NotificationSendRequest\x12+\n\nrecipients\x18\x01 \x03(\x0b\x32\x17.GraphSync.GraphSyncRef\x12\x36\n\x0cnotification\x18\x02 \x01(\x0b\x32 .NotificationCenter.Notification\x12\x15\n\rclientTypeIDs\x18\x03 \x03(\x05\x12\x11\n\tdeviceIDs\x18\x04 \x03(\x03\"^\n\x18NotificationsSendRequest\x12\x42\n\rnotifications\x18\x01 \x03(\x0b\x32+.NotificationCenter.NotificationSendRequest\",\n\x17NotificationSyncRequest\x12\x11\n\tsyncPoint\x18\x01 \x01(\x03*\x9f\x01\n\x14NotificationCategory\x12\x12\n\x0eNC_UNSPECIFIED\x10\x00\x12\x0e\n\nNC_ACCOUNT\x10\x01\x12\x0e\n\nNC_SHARING\x10\x02\x12\x11\n\rNC_ENTERPRISE\x10\x03\x12\x0f\n\x0bNC_SECURITY\x10\x04\x12\x0e\n\nNC_REQUEST\x10\x05\x12\r\n\tNC_SYSTEM\x10\x06\x12\x10\n\x0cNC_PROMOTION\x10\x07*\xe0\x02\n\x10NotificationType\x12\x12\n\x0eNT_UNSPECIFIED\x10\x00\x12\x0c\n\x08NT_ALERT\x10\x01\x12\x16\n\x12NT_DEVICE_APPROVAL\x10\x02\x12\x1a\n\x16NT_MASTER_PASS_UPDATED\x10\x03\x12\x15\n\x11NT_SHARE_APPROVAL\x10\x04\x12\x1e\n\x1aNT_SHARE_APPROVAL_APPROVED\x10\x05\x12\r\n\tNT_SHARED\x10\x06\x12\x12\n\x0eNT_TRANSFERRED\x10\x07\x12\x1c\n\x18NT_LICENSE_LIMIT_REACHED\x10\x08\x12\x17\n\x13NT_APPROVAL_REQUEST\x10\t\x12\x18\n\x14NT_APPROVED_RESPONSE\x10\n\x12\x16\n\x12NT_DENIED_RESPONSE\x10\x0b\x12\x15\n\x11NT_2FA_CONFIGURED\x10\x0c\x12\x1c\n\x18NT_SHARE_APPROVAL_DENIED\x10\r*Y\n\x16NotificationReadStatus\x12\x13\n\x0fNRS_UNSPECIFIED\x10\x00\x12\x0c\n\x08NRS_LAST\x10\x01\x12\x0c\n\x08NRS_READ\x10\x02\x12\x0e\n\nNRS_UNREAD\x10\x03*\x86\x01\n\x1aNotificationApprovalStatus\x12\x13\n\x0fNAS_UNSPECIFIED\x10\x00\x12\x10\n\x0cNAS_APPROVED\x10\x01\x12\x0e\n\nNAS_DENIED\x10\x02\x12\x1c\n\x18NAS_LOST_APPROVAL_RIGHTS\x10\x03\x12\x13\n\x0fNAS_LOST_ACCESS\x10\x04\x42.\n\x18\x63om.keepersecurity.protoB\x12NotificationCenterb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x18NotificationCenter.proto\x12\x12NotificationCenter\x1a\x0fGraphSync.proto\".\n\rEncryptedData\x12\x0f\n\x07version\x18\x01 \x01(\x05\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"\xe2\x02\n\x0cNotification\x12\x32\n\x04type\x18\x01 \x01(\x0e\x32$.NotificationCenter.NotificationType\x12>\n\x08\x63\x61tegory\x18\x02 \x01(\x0e\x32(.NotificationCenter.NotificationCategoryB\x02\x18\x01\x12\'\n\x06sender\x18\x03 \x01(\x0b\x32\x17.GraphSync.GraphSyncRef\x12\x16\n\x0esenderFullName\x18\x04 \x01(\t\x12\x38\n\rencryptedData\x18\x05 \x01(\x0b\x32!.NotificationCenter.EncryptedData\x12%\n\x04refs\x18\x06 \x03(\x0b\x32\x17.GraphSync.GraphSyncRef\x12<\n\ncategories\x18\x07 \x03(\x0e\x32(.NotificationCenter.NotificationCategory\"\x97\x01\n\x14NotificationReadMark\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x1c\n\x14notification_edge_id\x18\x02 \x01(\x03\x12\x14\n\x0cmark_edge_id\x18\x03 \x01(\x03\x12>\n\nreadStatus\x18\x04 \x01(\x0e\x32*.NotificationCenter.NotificationReadStatus\"\xa6\x02\n\x13NotificationContent\x12\x38\n\x0cnotification\x18\x01 \x01(\x0b\x32 .NotificationCenter.NotificationH\x00\x12@\n\nreadStatus\x18\x02 \x01(\x0e\x32*.NotificationCenter.NotificationReadStatusH\x00\x12H\n\x0e\x61pprovalStatus\x18\x03 \x01(\x0e\x32..NotificationCenter.NotificationApprovalStatusH\x00\x12\x17\n\rtrimmingPoint\x18\x04 \x01(\x08H\x00\x12\x15\n\rclientTypeIDs\x18\x05 \x03(\x05\x12\x11\n\tdeviceIDs\x18\x06 \x03(\x03\x42\x06\n\x04type\"o\n\x13NotificationWrapper\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12\x38\n\x07\x63ontent\x18\x02 \x01(\x0b\x32\'.NotificationCenter.NotificationContent\x12\x11\n\ttimestamp\x18\x03 \x01(\x03\"m\n\x10NotificationSync\x12\x35\n\x04\x64\x61ta\x18\x01 \x03(\x0b\x32\'.NotificationCenter.NotificationWrapper\x12\x11\n\tsyncPoint\x18\x02 \x01(\x03\x12\x0f\n\x07hasMore\x18\x03 \x01(\x08\"g\n\x10ReadStatusUpdate\x12\x17\n\x0fnotificationUid\x18\x01 \x01(\x0c\x12:\n\x06status\x18\x02 \x01(\x0e\x32*.NotificationCenter.NotificationReadStatus\"o\n\x14\x41pprovalStatusUpdate\x12\x17\n\x0fnotificationUid\x18\x01 \x01(\x0c\x12>\n\x06status\x18\x02 \x01(\x0e\x32..NotificationCenter.NotificationApprovalStatus\"^\n\x1cProcessMarkReadEventsRequest\x12>\n\x10readStatusUpdate\x18\x01 \x03(\x0b\x32$.NotificationCenter.ReadStatusUpdate\"\xa8\x01\n\x17NotificationSendRequest\x12+\n\nrecipients\x18\x01 \x03(\x0b\x32\x17.GraphSync.GraphSyncRef\x12\x36\n\x0cnotification\x18\x02 \x01(\x0b\x32 .NotificationCenter.Notification\x12\x15\n\rclientTypeIDs\x18\x03 \x03(\x05\x12\x11\n\tdeviceIDs\x18\x04 \x03(\x03\"^\n\x18NotificationsSendRequest\x12\x42\n\rnotifications\x18\x01 \x03(\x0b\x32+.NotificationCenter.NotificationSendRequest\",\n\x17NotificationSyncRequest\x12\x11\n\tsyncPoint\x18\x01 \x01(\x03\"e\n(NotificationsApprovalStatusUpdateRequest\x12\x39\n\x07updates\x18\x01 \x03(\x0b\x32(.NotificationCenter.ApprovalStatusUpdate*\x9f\x01\n\x14NotificationCategory\x12\x12\n\x0eNC_UNSPECIFIED\x10\x00\x12\x0e\n\nNC_ACCOUNT\x10\x01\x12\x0e\n\nNC_SHARING\x10\x02\x12\x11\n\rNC_ENTERPRISE\x10\x03\x12\x0f\n\x0bNC_SECURITY\x10\x04\x12\x0e\n\nNC_REQUEST\x10\x05\x12\r\n\tNC_SYSTEM\x10\x06\x12\x10\n\x0cNC_PROMOTION\x10\x07*\xb7\x03\n\x10NotificationType\x12\x12\n\x0eNT_UNSPECIFIED\x10\x00\x12\x0c\n\x08NT_ALERT\x10\x01\x12\x16\n\x12NT_DEVICE_APPROVAL\x10\x02\x12\x1a\n\x16NT_MASTER_PASS_UPDATED\x10\x03\x12\x15\n\x11NT_SHARE_APPROVAL\x10\x04\x12\x1e\n\x1aNT_SHARE_APPROVAL_APPROVED\x10\x05\x12\r\n\tNT_SHARED\x10\x06\x12\x12\n\x0eNT_TRANSFERRED\x10\x07\x12\x1c\n\x18NT_LICENSE_LIMIT_REACHED\x10\x08\x12\x17\n\x13NT_APPROVAL_REQUEST\x10\t\x12\x18\n\x14NT_APPROVED_RESPONSE\x10\n\x12\x16\n\x12NT_DENIED_RESPONSE\x10\x0b\x12\x15\n\x11NT_2FA_CONFIGURED\x10\x0c\x12\x1c\n\x18NT_SHARE_APPROVAL_DENIED\x10\r\x12\x1f\n\x1bNT_DEVICE_APPROVAL_APPROVED\x10\x0e\x12\x1d\n\x19NT_DEVICE_APPROVAL_DENIED\x10\x0f\x12\x15\n\x11NT_ACCOUNT_CREATE\x10\x10*Y\n\x16NotificationReadStatus\x12\x13\n\x0fNRS_UNSPECIFIED\x10\x00\x12\x0c\n\x08NRS_LAST\x10\x01\x12\x0c\n\x08NRS_READ\x10\x02\x12\x0e\n\nNRS_UNREAD\x10\x03*\x86\x01\n\x1aNotificationApprovalStatus\x12\x13\n\x0fNAS_UNSPECIFIED\x10\x00\x12\x10\n\x0cNAS_APPROVED\x10\x01\x12\x0e\n\nNAS_DENIED\x10\x02\x12\x1c\n\x18NAS_LOST_APPROVAL_RIGHTS\x10\x03\x12\x13\n\x0fNAS_LOST_ACCESS\x10\x04\x42.\n\x18\x63om.keepersecurity.protoB\x12NotificationCenterb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -27,14 +35,14 @@ _globals['DESCRIPTOR']._serialized_options = b'\n\030com.keepersecurity.protoB\022NotificationCenter' _globals['_NOTIFICATION'].fields_by_name['category']._loaded_options = None _globals['_NOTIFICATION'].fields_by_name['category']._serialized_options = b'\030\001' - _globals['_NOTIFICATIONCATEGORY']._serialized_start=1773 - _globals['_NOTIFICATIONCATEGORY']._serialized_end=1932 - _globals['_NOTIFICATIONTYPE']._serialized_start=1935 - _globals['_NOTIFICATIONTYPE']._serialized_end=2287 - _globals['_NOTIFICATIONREADSTATUS']._serialized_start=2289 - _globals['_NOTIFICATIONREADSTATUS']._serialized_end=2378 - _globals['_NOTIFICATIONAPPROVALSTATUS']._serialized_start=2381 - _globals['_NOTIFICATIONAPPROVALSTATUS']._serialized_end=2515 + _globals['_NOTIFICATIONCATEGORY']._serialized_start=1876 + _globals['_NOTIFICATIONCATEGORY']._serialized_end=2035 + _globals['_NOTIFICATIONTYPE']._serialized_start=2038 + _globals['_NOTIFICATIONTYPE']._serialized_end=2477 + _globals['_NOTIFICATIONREADSTATUS']._serialized_start=2479 + _globals['_NOTIFICATIONREADSTATUS']._serialized_end=2568 + _globals['_NOTIFICATIONAPPROVALSTATUS']._serialized_start=2571 + _globals['_NOTIFICATIONAPPROVALSTATUS']._serialized_end=2705 _globals['_ENCRYPTEDDATA']._serialized_start=65 _globals['_ENCRYPTEDDATA']._serialized_end=111 _globals['_NOTIFICATION']._serialized_start=114 @@ -59,4 +67,6 @@ _globals['_NOTIFICATIONSSENDREQUEST']._serialized_end=1724 _globals['_NOTIFICATIONSYNCREQUEST']._serialized_start=1726 _globals['_NOTIFICATIONSYNCREQUEST']._serialized_end=1770 + _globals['_NOTIFICATIONSAPPROVALSTATUSUPDATEREQUEST']._serialized_start=1772 + _globals['_NOTIFICATIONSAPPROVALSTATUSUPDATEREQUEST']._serialized_end=1873 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.pyi b/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.pyi index 78c9948a..fd5d287d 100644 --- a/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/NotificationCenter_pb2.pyi @@ -34,6 +34,9 @@ class NotificationType(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): NT_DENIED_RESPONSE: _ClassVar[NotificationType] NT_2FA_CONFIGURED: _ClassVar[NotificationType] NT_SHARE_APPROVAL_DENIED: _ClassVar[NotificationType] + NT_DEVICE_APPROVAL_APPROVED: _ClassVar[NotificationType] + NT_DEVICE_APPROVAL_DENIED: _ClassVar[NotificationType] + NT_ACCOUNT_CREATE: _ClassVar[NotificationType] class NotificationReadStatus(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): __slots__ = () @@ -71,6 +74,9 @@ NT_APPROVED_RESPONSE: NotificationType NT_DENIED_RESPONSE: NotificationType NT_2FA_CONFIGURED: NotificationType NT_SHARE_APPROVAL_DENIED: NotificationType +NT_DEVICE_APPROVAL_APPROVED: NotificationType +NT_DEVICE_APPROVAL_DENIED: NotificationType +NT_ACCOUNT_CREATE: NotificationType NRS_UNSPECIFIED: NotificationReadStatus NRS_LAST: NotificationReadStatus NRS_READ: NotificationReadStatus @@ -200,3 +206,9 @@ class NotificationSyncRequest(_message.Message): SYNCPOINT_FIELD_NUMBER: _ClassVar[int] syncPoint: int def __init__(self, syncPoint: _Optional[int] = ...) -> None: ... + +class NotificationsApprovalStatusUpdateRequest(_message.Message): + __slots__ = ("updates",) + UPDATES_FIELD_NUMBER: _ClassVar[int] + updates: _containers.RepeatedCompositeFieldContainer[ApprovalStatusUpdate] + def __init__(self, updates: _Optional[_Iterable[_Union[ApprovalStatusUpdate, _Mapping]]] = ...) -> None: ... diff --git a/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.py b/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.py index 978c3cbb..8887cf3a 100644 --- a/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: SyncDown.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'SyncDown.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -21,7 +29,7 @@ from . import NotificationCenter_pb2 as NotificationCenter__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0eSyncDown.proto\x12\x05Vault\x1a\x0crecord.proto\x1a\x11\x62reachwatch.proto\x1a\x10\x41PIRequest.proto\x1a\x10\x65nterprise.proto\x1a\x18NotificationCenter.proto\"A\n\x0fSyncDownRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x13\n\x0b\x64\x61taVersion\x18\x02 \x01(\x05\"\x81\x11\n\x10SyncDownResponse\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\x12\'\n\x0b\x63\x61\x63heStatus\x18\x03 \x01(\x0e\x32\x12.Vault.CacheStatus\x12&\n\x0buserFolders\x18\x04 \x03(\x0b\x32\x11.Vault.UserFolder\x12*\n\rsharedFolders\x18\x05 \x03(\x0b\x32\x13.Vault.SharedFolder\x12>\n\x17userFolderSharedFolders\x18\x06 \x03(\x0b\x32\x1d.Vault.UserFolderSharedFolder\x12\x36\n\x13sharedFolderFolders\x18\x07 \x03(\x0b\x32\x19.Vault.SharedFolderFolder\x12\x1e\n\x07records\x18\x08 \x03(\x0b\x32\r.Vault.Record\x12-\n\x0erecordMetaData\x18\t \x03(\x0b\x32\x15.Vault.RecordMetaData\x12+\n\rnonSharedData\x18\n \x03(\x0b\x32\x14.Vault.NonSharedData\x12&\n\x0brecordLinks\x18\x0b \x03(\x0b\x32\x11.Vault.RecordLink\x12\x32\n\x11userFolderRecords\x18\x0c \x03(\x0b\x32\x17.Vault.UserFolderRecord\x12\x36\n\x13sharedFolderRecords\x18\r \x03(\x0b\x32\x19.Vault.SharedFolderRecord\x12\x42\n\x19sharedFolderFolderRecords\x18\x0e \x03(\x0b\x32\x1f.Vault.SharedFolderFolderRecord\x12\x32\n\x11sharedFolderUsers\x18\x0f \x03(\x0b\x32\x17.Vault.SharedFolderUser\x12\x32\n\x11sharedFolderTeams\x18\x10 \x03(\x0b\x32\x17.Vault.SharedFolderTeam\x12\x1a\n\x12recordAddAuditData\x18\x11 \x03(\x0c\x12\x1a\n\x05teams\x18\x12 \x03(\x0b\x32\x0b.Vault.Team\x12,\n\x0esharingChanges\x18\x13 \x03(\x0b\x32\x14.Vault.SharingChange\x12\x1f\n\x07profile\x18\x14 \x01(\x0b\x32\x0e.Vault.Profile\x12%\n\nprofilePic\x18\x15 \x01(\x0b\x32\x11.Vault.ProfilePic\x12\x34\n\x12pendingTeamMembers\x18\x16 \x03(\x0b\x32\x18.Vault.PendingTeamMember\x12\x34\n\x12\x62reachWatchRecords\x18\x17 \x03(\x0b\x32\x18.Vault.BreachWatchRecord\x12\"\n\tuserAuths\x18\x18 \x03(\x0b\x32\x0f.Vault.UserAuth\x12?\n\x17\x62reachWatchSecurityData\x18\x19 \x03(\x0b\x32\x1e.Vault.BreachWatchSecurityData\x12/\n\x0freusedPasswords\x18\x1a \x01(\x0b\x32\x16.Vault.ReusedPasswords\x12\x1a\n\x12removedUserFolders\x18\x1b \x03(\x0c\x12\x1c\n\x14removedSharedFolders\x18\x1c \x03(\x0c\x12\x45\n\x1eremovedUserFolderSharedFolders\x18\x1d \x03(\x0b\x32\x1d.Vault.UserFolderSharedFolder\x12=\n\x1aremovedSharedFolderFolders\x18\x1e \x03(\x0b\x32\x19.Vault.SharedFolderFolder\x12\x16\n\x0eremovedRecords\x18\x1f \x03(\x0c\x12-\n\x12removedRecordLinks\x18 \x03(\x0b\x32\x11.Vault.RecordLink\x12\x39\n\x18removedUserFolderRecords\x18! \x03(\x0b\x32\x17.Vault.UserFolderRecord\x12=\n\x1aremovedSharedFolderRecords\x18\" \x03(\x0b\x32\x19.Vault.SharedFolderRecord\x12I\n removedSharedFolderFolderRecords\x18# \x03(\x0b\x32\x1f.Vault.SharedFolderFolderRecord\x12\x39\n\x18removedSharedFolderUsers\x18$ \x03(\x0b\x32\x17.Vault.SharedFolderUser\x12\x39\n\x18removedSharedFolderTeams\x18% \x03(\x0b\x32\x17.Vault.SharedFolderTeam\x12\x14\n\x0cremovedTeams\x18& \x03(\x0c\x12&\n\x0cksmAppShares\x18\' \x03(\x0b\x32\x10.Vault.KsmChange\x12\'\n\rksmAppClients\x18( \x03(\x0b\x32\x10.Vault.KsmChange\x12\x30\n\x10shareInvitations\x18) \x03(\x0b\x32\x16.Vault.ShareInvitation\x12+\n\x0b\x64iagnostics\x18* \x01(\x0b\x32\x16.Vault.SyncDiagnostics\x12.\n\x0frecordRotations\x18+ \x03(\x0b\x32\x15.Vault.RecordRotation\x12\x1a\n\x05users\x18, \x03(\x0b\x32\x0b.Vault.User\x12\x14\n\x0cremovedUsers\x18- \x03(\x0c\x12\x33\n\x11securityScoreData\x18. \x03(\x0b\x32\x18.Vault.SecurityScoreData\x12\x41\n\x10notificationSync\x18/ \x03(\x0b\x32\'.NotificationCenter.NotificationWrapper\"\x92\x01\n\nUserFolder\x12\x11\n\tfolderUid\x18\x01 \x01(\x0c\x12\x11\n\tparentUid\x18\x02 \x01(\x0c\x12\x15\n\ruserFolderKey\x18\x03 \x01(\x0c\x12\'\n\x07keyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x10\n\x08revision\x18\x05 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x06 \x01(\x0c\"\xd5\x02\n\x0cSharedFolder\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x17\n\x0fsharedFolderKey\x18\x03 \x01(\x0c\x12\'\n\x07keyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x0c\n\x04\x64\x61ta\x18\x05 \x01(\x0c\x12\x1c\n\x14\x64\x65\x66\x61ultManageRecords\x18\x06 \x01(\x08\x12\x1a\n\x12\x64\x65\x66\x61ultManageUsers\x18\x07 \x01(\x08\x12\x16\n\x0e\x64\x65\x66\x61ultCanEdit\x18\x08 \x01(\x08\x12\x19\n\x11\x64\x65\x66\x61ultCanReshare\x18\t \x01(\x08\x12\'\n\x0b\x63\x61\x63heStatus\x18\n \x01(\x0e\x32\x12.Vault.CacheStatus\x12\r\n\x05owner\x18\x0b \x01(\t\x12\x17\n\x0fownerAccountUid\x18\x0c \x01(\x0c\x12\x0c\n\x04name\x18\r \x01(\x0c\"V\n\x16UserFolderSharedFolder\x12\x11\n\tfolderUid\x18\x01 \x01(\x0c\x12\x17\n\x0fsharedFolderUid\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"\xbb\x01\n\x12SharedFolderFolder\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\tfolderUid\x18\x02 \x01(\x0c\x12\x11\n\tparentUid\x18\x03 \x01(\x0c\x12\x1d\n\x15sharedFolderFolderKey\x18\x04 \x01(\x0c\x12\'\n\x07keyType\x18\x05 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x10\n\x08revision\x18\x06 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x07 \x01(\x0c\"l\n\x0fSharedFolderKey\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x17\n\x0fsharedFolderKey\x18\x02 \x01(\x0c\x12\'\n\x07keyType\x18\x03 \x01(\x0e\x32\x16.Records.RecordKeyType\"\xc3\x02\n\x04Team\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0f\n\x07teamKey\x18\x03 \x01(\x0c\x12+\n\x0bteamKeyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x16\n\x0eteamPrivateKey\x18\x05 \x01(\x0c\x12\x14\n\x0crestrictEdit\x18\x06 \x01(\x08\x12\x15\n\rrestrictShare\x18\x07 \x01(\x08\x12\x14\n\x0crestrictView\x18\x08 \x01(\x08\x12\x1c\n\x14removedSharedFolders\x18\t \x03(\x0c\x12\x30\n\x10sharedFolderKeys\x18\n \x03(\x0b\x32\x16.Vault.SharedFolderKey\x12\x19\n\x11teamEccPrivateKey\x18\x0b \x01(\x0c\x12\x18\n\x10teamEccPublicKey\x18\x0c \x01(\x0c\"\xbf\x01\n\x06Record\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x0f\n\x07version\x18\x03 \x01(\x05\x12\x0e\n\x06shared\x18\x04 \x01(\x08\x12\x1a\n\x12\x63lientModifiedTime\x18\x05 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x06 \x01(\x0c\x12\r\n\x05\x65xtra\x18\x07 \x01(\x0c\x12\r\n\x05udata\x18\x08 \x01(\t\x12\x10\n\x08\x66ileSize\x18\t \x01(\x03\x12\x15\n\rthumbnailSize\x18\n \x01(\x03\"b\n\nRecordLink\x12\x17\n\x0fparentRecordUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63hildRecordUid\x18\x02 \x01(\x0c\x12\x11\n\trecordKey\x18\x03 \x01(\x0c\x12\x10\n\x08revision\x18\x04 \x01(\x03\"J\n\x10UserFolderRecord\x12\x11\n\tfolderUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"k\n\x18SharedFolderFolderRecord\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\tfolderUid\x18\x02 \x01(\x0c\x12\x11\n\trecordUid\x18\x03 \x01(\x0c\x12\x10\n\x08revision\x18\x04 \x01(\x03\"0\n\rNonSharedData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"\x9f\x02\n\x0eRecordMetaData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\r\n\x05owner\x18\x02 \x01(\x08\x12\x11\n\trecordKey\x18\x03 \x01(\x0c\x12-\n\rrecordKeyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x10\n\x08\x63\x61nShare\x18\x05 \x01(\x08\x12\x0f\n\x07\x63\x61nEdit\x18\x06 \x01(\x08\x12\x17\n\x0fownerAccountUid\x18\x07 \x01(\x0c\x12\x12\n\nexpiration\x18\x08 \x01(\x03\x12\x42\n\x1a\x65xpirationNotificationType\x18\t \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x15\n\rownerUsername\x18\n \x01(\t\"2\n\rSharingChange\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0e\n\x06shared\x18\x02 \x01(\x08\">\n\x07Profile\x12\x0c\n\x04\x64\x61ta\x18\x01 \x01(\x0c\x12\x13\n\x0bprofileName\x18\x02 \x01(\t\x12\x10\n\x08revision\x18\x03 \x01(\x03\"+\n\nProfilePic\x12\x0b\n\x03url\x18\x01 \x01(\t\x12\x10\n\x08revision\x18\x02 \x01(\x03\"p\n\x11PendingTeamMember\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x15\n\ruserPublicKey\x18\x02 \x01(\x0c\x12\x10\n\x08teamUids\x18\x03 \x03(\x0c\x12\x18\n\x10userEccPublicKey\x18\x04 \x01(\x0c\"\xa6\x01\n\x11\x42reachWatchRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12.\n\x04type\x18\x03 \x01(\x0e\x32 .BreachWatch.BreachWatchInfoType\x12\x11\n\tscannedBy\x18\x04 \x01(\t\x12\x10\n\x08revision\x18\x05 \x01(\x03\x12\x1b\n\x13scannedByAccountUid\x18\x06 \x01(\x0c\"\xb4\x01\n\x08UserAuth\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12,\n\tloginType\x18\x02 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x0f\n\x07\x64\x65leted\x18\x03 \x01(\x08\x12\x12\n\niterations\x18\x04 \x01(\x05\x12\x0c\n\x04salt\x18\x05 \x01(\x0c\x12\x1a\n\x12\x65ncryptedClientKey\x18\x06 \x01(\x0c\x12\x10\n\x08revision\x18\x07 \x01(\x03\x12\x0c\n\x04name\x18\x08 \x01(\t\">\n\x17\x42reachWatchSecurityData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\"2\n\x0fReusedPasswords\x12\r\n\x05\x63ount\x18\x01 \x01(\x05\x12\x10\n\x08revision\x18\x02 \x01(\x03\"\xa9\x02\n\x12SharedFolderRecord\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x11\n\trecordKey\x18\x03 \x01(\x0c\x12\x10\n\x08\x63\x61nShare\x18\x04 \x01(\x08\x12\x0f\n\x07\x63\x61nEdit\x18\x05 \x01(\x08\x12\x17\n\x0fownerAccountUid\x18\x06 \x01(\x0c\x12\x12\n\nexpiration\x18\x07 \x01(\x03\x12\r\n\x05owner\x18\x08 \x01(\x08\x12\x42\n\x1a\x65xpirationNotificationType\x18\t \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x15\n\rownerUsername\x18\n \x01(\t\x12\x1a\n\x12rotateOnExpiration\x18\x0b \x01(\x08\"\xf1\x01\n\x10SharedFolderUser\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x15\n\rmanageRecords\x18\x03 \x01(\x08\x12\x13\n\x0bmanageUsers\x18\x04 \x01(\x08\x12\x12\n\naccountUid\x18\x05 \x01(\x0c\x12\x12\n\nexpiration\x18\x06 \x01(\x03\x12\x42\n\x1a\x65xpirationNotificationType\x18\x07 \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x1a\n\x12rotateOnExpiration\x18\x08 \x01(\x08\"\xea\x01\n\x10SharedFolderTeam\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x0f\n\x07teamUid\x18\x02 \x01(\x0c\x12\x0c\n\x04name\x18\x03 \x01(\t\x12\x15\n\rmanageRecords\x18\x04 \x01(\x08\x12\x13\n\x0bmanageUsers\x18\x05 \x01(\x08\x12\x12\n\nexpiration\x18\x06 \x01(\x03\x12\x42\n\x1a\x65xpirationNotificationType\x18\x07 \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x1a\n\x12rotateOnExpiration\x18\x08 \x01(\x08\"\x8a\x01\n\tKsmChange\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08\x64\x65tailId\x18\x02 \x01(\x0c\x12\x0f\n\x07removed\x18\x03 \x01(\x08\x12\x30\n\rappClientType\x18\x04 \x01(\x0e\x32\x19.Enterprise.AppClientType\x12\x12\n\nexpiration\x18\x05 \x01(\x03\"#\n\x0fShareInvitation\x12\x10\n\x08username\x18\x01 \x01(\t\",\n\x04User\x12\x12\n\naccountUid\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\"{\n\x0fSyncDiagnostics\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x0e\n\x06userId\x18\x02 \x01(\x05\x12\x18\n\x10\x65nterpriseUserId\x18\x03 \x01(\x03\x12\x10\n\x08syncedTo\x18\x04 \x01(\x03\x12\x11\n\tsyncingTo\x18\x05 \x01(\x03\"\xee\x01\n\x0eRecordRotation\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x18\n\x10\x63onfigurationUid\x18\x03 \x01(\x0c\x12\x10\n\x08schedule\x18\x04 \x01(\t\x12\x15\n\rpwdComplexity\x18\x05 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x06 \x01(\x08\x12\x13\n\x0bresourceUid\x18\x07 \x01(\x0c\x12\x14\n\x0clastRotation\x18\x08 \x01(\x03\x12\x37\n\x12lastRotationStatus\x18\t \x01(\x0e\x32\x1b.Vault.RecordRotationStatus\"F\n\x11SecurityScoreData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"3\n\x1d\x42reachWatchGetSyncDataRequest\x12\x12\n\nrecordUids\x18\x01 \x03(\x0c\"\xb3\x01\n\x1e\x42reachWatchGetSyncDataResponse\x12\x34\n\x12\x62reachWatchRecords\x18\x01 \x03(\x0b\x32\x18.Vault.BreachWatchRecord\x12?\n\x17\x62reachWatchSecurityData\x18\x02 \x03(\x0b\x32\x1e.Vault.BreachWatchSecurityData\x12\x1a\n\x05users\x18\x03 \x03(\x0b\x32\x0b.Vault.User\"6\n\x18GetAccountUidMapResponse\x12\x1a\n\x05users\x18\x01 \x03(\x0b\x32\x0b.Vault.User*\"\n\x0b\x43\x61\x63heStatus\x12\x08\n\x04KEEP\x10\x00\x12\t\n\x05\x43LEAR\x10\x01*f\n\x14RecordRotationStatus\x12\x14\n\x10RRST_NOT_ROTATED\x10\x00\x12\x14\n\x10RRST_IN_PROGRESS\x10\x01\x12\x10\n\x0cRRST_SUCCESS\x10\x02\x12\x10\n\x0cRRST_FAILURE\x10\x03\x42!\n\x18\x63om.keepersecurity.protoB\x05Vaultb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0eSyncDown.proto\x12\x05Vault\x1a\x0crecord.proto\x1a\x11\x62reachwatch.proto\x1a\x10\x41PIRequest.proto\x1a\x10\x65nterprise.proto\x1a\x18NotificationCenter.proto\"A\n\x0fSyncDownRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x13\n\x0b\x64\x61taVersion\x18\x02 \x01(\x05\"\x81\x11\n\x10SyncDownResponse\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\x12\'\n\x0b\x63\x61\x63heStatus\x18\x03 \x01(\x0e\x32\x12.Vault.CacheStatus\x12&\n\x0buserFolders\x18\x04 \x03(\x0b\x32\x11.Vault.UserFolder\x12*\n\rsharedFolders\x18\x05 \x03(\x0b\x32\x13.Vault.SharedFolder\x12>\n\x17userFolderSharedFolders\x18\x06 \x03(\x0b\x32\x1d.Vault.UserFolderSharedFolder\x12\x36\n\x13sharedFolderFolders\x18\x07 \x03(\x0b\x32\x19.Vault.SharedFolderFolder\x12\x1e\n\x07records\x18\x08 \x03(\x0b\x32\r.Vault.Record\x12-\n\x0erecordMetaData\x18\t \x03(\x0b\x32\x15.Vault.RecordMetaData\x12+\n\rnonSharedData\x18\n \x03(\x0b\x32\x14.Vault.NonSharedData\x12&\n\x0brecordLinks\x18\x0b \x03(\x0b\x32\x11.Vault.RecordLink\x12\x32\n\x11userFolderRecords\x18\x0c \x03(\x0b\x32\x17.Vault.UserFolderRecord\x12\x36\n\x13sharedFolderRecords\x18\r \x03(\x0b\x32\x19.Vault.SharedFolderRecord\x12\x42\n\x19sharedFolderFolderRecords\x18\x0e \x03(\x0b\x32\x1f.Vault.SharedFolderFolderRecord\x12\x32\n\x11sharedFolderUsers\x18\x0f \x03(\x0b\x32\x17.Vault.SharedFolderUser\x12\x32\n\x11sharedFolderTeams\x18\x10 \x03(\x0b\x32\x17.Vault.SharedFolderTeam\x12\x1a\n\x12recordAddAuditData\x18\x11 \x03(\x0c\x12\x1a\n\x05teams\x18\x12 \x03(\x0b\x32\x0b.Vault.Team\x12,\n\x0esharingChanges\x18\x13 \x03(\x0b\x32\x14.Vault.SharingChange\x12\x1f\n\x07profile\x18\x14 \x01(\x0b\x32\x0e.Vault.Profile\x12%\n\nprofilePic\x18\x15 \x01(\x0b\x32\x11.Vault.ProfilePic\x12\x34\n\x12pendingTeamMembers\x18\x16 \x03(\x0b\x32\x18.Vault.PendingTeamMember\x12\x34\n\x12\x62reachWatchRecords\x18\x17 \x03(\x0b\x32\x18.Vault.BreachWatchRecord\x12\"\n\tuserAuths\x18\x18 \x03(\x0b\x32\x0f.Vault.UserAuth\x12?\n\x17\x62reachWatchSecurityData\x18\x19 \x03(\x0b\x32\x1e.Vault.BreachWatchSecurityData\x12/\n\x0freusedPasswords\x18\x1a \x01(\x0b\x32\x16.Vault.ReusedPasswords\x12\x1a\n\x12removedUserFolders\x18\x1b \x03(\x0c\x12\x1c\n\x14removedSharedFolders\x18\x1c \x03(\x0c\x12\x45\n\x1eremovedUserFolderSharedFolders\x18\x1d \x03(\x0b\x32\x1d.Vault.UserFolderSharedFolder\x12=\n\x1aremovedSharedFolderFolders\x18\x1e \x03(\x0b\x32\x19.Vault.SharedFolderFolder\x12\x16\n\x0eremovedRecords\x18\x1f \x03(\x0c\x12-\n\x12removedRecordLinks\x18 \x03(\x0b\x32\x11.Vault.RecordLink\x12\x39\n\x18removedUserFolderRecords\x18! \x03(\x0b\x32\x17.Vault.UserFolderRecord\x12=\n\x1aremovedSharedFolderRecords\x18\" \x03(\x0b\x32\x19.Vault.SharedFolderRecord\x12I\n removedSharedFolderFolderRecords\x18# \x03(\x0b\x32\x1f.Vault.SharedFolderFolderRecord\x12\x39\n\x18removedSharedFolderUsers\x18$ \x03(\x0b\x32\x17.Vault.SharedFolderUser\x12\x39\n\x18removedSharedFolderTeams\x18% \x03(\x0b\x32\x17.Vault.SharedFolderTeam\x12\x14\n\x0cremovedTeams\x18& \x03(\x0c\x12&\n\x0cksmAppShares\x18\' \x03(\x0b\x32\x10.Vault.KsmChange\x12\'\n\rksmAppClients\x18( \x03(\x0b\x32\x10.Vault.KsmChange\x12\x30\n\x10shareInvitations\x18) \x03(\x0b\x32\x16.Vault.ShareInvitation\x12+\n\x0b\x64iagnostics\x18* \x01(\x0b\x32\x16.Vault.SyncDiagnostics\x12.\n\x0frecordRotations\x18+ \x03(\x0b\x32\x15.Vault.RecordRotation\x12\x1a\n\x05users\x18, \x03(\x0b\x32\x0b.Vault.User\x12\x14\n\x0cremovedUsers\x18- \x03(\x0c\x12\x33\n\x11securityScoreData\x18. \x03(\x0b\x32\x18.Vault.SecurityScoreData\x12\x41\n\x10notificationSync\x18/ \x03(\x0b\x32\'.NotificationCenter.NotificationWrapper\"\x92\x01\n\nUserFolder\x12\x11\n\tfolderUid\x18\x01 \x01(\x0c\x12\x11\n\tparentUid\x18\x02 \x01(\x0c\x12\x15\n\ruserFolderKey\x18\x03 \x01(\x0c\x12\'\n\x07keyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x10\n\x08revision\x18\x05 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x06 \x01(\x0c\"\xd5\x02\n\x0cSharedFolder\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x17\n\x0fsharedFolderKey\x18\x03 \x01(\x0c\x12\'\n\x07keyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x0c\n\x04\x64\x61ta\x18\x05 \x01(\x0c\x12\x1c\n\x14\x64\x65\x66\x61ultManageRecords\x18\x06 \x01(\x08\x12\x1a\n\x12\x64\x65\x66\x61ultManageUsers\x18\x07 \x01(\x08\x12\x16\n\x0e\x64\x65\x66\x61ultCanEdit\x18\x08 \x01(\x08\x12\x19\n\x11\x64\x65\x66\x61ultCanReshare\x18\t \x01(\x08\x12\'\n\x0b\x63\x61\x63heStatus\x18\n \x01(\x0e\x32\x12.Vault.CacheStatus\x12\r\n\x05owner\x18\x0b \x01(\t\x12\x17\n\x0fownerAccountUid\x18\x0c \x01(\x0c\x12\x0c\n\x04name\x18\r \x01(\x0c\"V\n\x16UserFolderSharedFolder\x12\x11\n\tfolderUid\x18\x01 \x01(\x0c\x12\x17\n\x0fsharedFolderUid\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"\xbb\x01\n\x12SharedFolderFolder\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\tfolderUid\x18\x02 \x01(\x0c\x12\x11\n\tparentUid\x18\x03 \x01(\x0c\x12\x1d\n\x15sharedFolderFolderKey\x18\x04 \x01(\x0c\x12\'\n\x07keyType\x18\x05 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x10\n\x08revision\x18\x06 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x07 \x01(\x0c\"l\n\x0fSharedFolderKey\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x17\n\x0fsharedFolderKey\x18\x02 \x01(\x0c\x12\'\n\x07keyType\x18\x03 \x01(\x0e\x32\x16.Records.RecordKeyType\"\xc3\x02\n\x04Team\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0f\n\x07teamKey\x18\x03 \x01(\x0c\x12+\n\x0bteamKeyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x16\n\x0eteamPrivateKey\x18\x05 \x01(\x0c\x12\x14\n\x0crestrictEdit\x18\x06 \x01(\x08\x12\x15\n\rrestrictShare\x18\x07 \x01(\x08\x12\x14\n\x0crestrictView\x18\x08 \x01(\x08\x12\x1c\n\x14removedSharedFolders\x18\t \x03(\x0c\x12\x30\n\x10sharedFolderKeys\x18\n \x03(\x0b\x32\x16.Vault.SharedFolderKey\x12\x19\n\x11teamEccPrivateKey\x18\x0b \x01(\x0c\x12\x18\n\x10teamEccPublicKey\x18\x0c \x01(\x0c\"\xbf\x01\n\x06Record\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x0f\n\x07version\x18\x03 \x01(\x05\x12\x0e\n\x06shared\x18\x04 \x01(\x08\x12\x1a\n\x12\x63lientModifiedTime\x18\x05 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x06 \x01(\x0c\x12\r\n\x05\x65xtra\x18\x07 \x01(\x0c\x12\r\n\x05udata\x18\x08 \x01(\t\x12\x10\n\x08\x66ileSize\x18\t \x01(\x03\x12\x15\n\rthumbnailSize\x18\n \x01(\x03\"b\n\nRecordLink\x12\x17\n\x0fparentRecordUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63hildRecordUid\x18\x02 \x01(\x0c\x12\x11\n\trecordKey\x18\x03 \x01(\x0c\x12\x10\n\x08revision\x18\x04 \x01(\x03\"J\n\x10UserFolderRecord\x12\x11\n\tfolderUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"k\n\x18SharedFolderFolderRecord\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\tfolderUid\x18\x02 \x01(\x0c\x12\x11\n\trecordUid\x18\x03 \x01(\x0c\x12\x10\n\x08revision\x18\x04 \x01(\x03\"0\n\rNonSharedData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"\x9f\x02\n\x0eRecordMetaData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\r\n\x05owner\x18\x02 \x01(\x08\x12\x11\n\trecordKey\x18\x03 \x01(\x0c\x12-\n\rrecordKeyType\x18\x04 \x01(\x0e\x32\x16.Records.RecordKeyType\x12\x10\n\x08\x63\x61nShare\x18\x05 \x01(\x08\x12\x0f\n\x07\x63\x61nEdit\x18\x06 \x01(\x08\x12\x17\n\x0fownerAccountUid\x18\x07 \x01(\x0c\x12\x12\n\nexpiration\x18\x08 \x01(\x03\x12\x42\n\x1a\x65xpirationNotificationType\x18\t \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x15\n\rownerUsername\x18\n \x01(\t\"2\n\rSharingChange\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0e\n\x06shared\x18\x02 \x01(\x08\">\n\x07Profile\x12\x0c\n\x04\x64\x61ta\x18\x01 \x01(\x0c\x12\x13\n\x0bprofileName\x18\x02 \x01(\t\x12\x10\n\x08revision\x18\x03 \x01(\x03\"+\n\nProfilePic\x12\x0b\n\x03url\x18\x01 \x01(\t\x12\x10\n\x08revision\x18\x02 \x01(\x03\"p\n\x11PendingTeamMember\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x15\n\ruserPublicKey\x18\x02 \x01(\x0c\x12\x10\n\x08teamUids\x18\x03 \x03(\x0c\x12\x18\n\x10userEccPublicKey\x18\x04 \x01(\x0c\"\xa6\x01\n\x11\x42reachWatchRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12.\n\x04type\x18\x03 \x01(\x0e\x32 .BreachWatch.BreachWatchInfoType\x12\x11\n\tscannedBy\x18\x04 \x01(\t\x12\x10\n\x08revision\x18\x05 \x01(\x03\x12\x1b\n\x13scannedByAccountUid\x18\x06 \x01(\x0c\"\xb4\x01\n\x08UserAuth\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\x12,\n\tloginType\x18\x02 \x01(\x0e\x32\x19.Authentication.LoginType\x12\x0f\n\x07\x64\x65leted\x18\x03 \x01(\x08\x12\x12\n\niterations\x18\x04 \x01(\x05\x12\x0c\n\x04salt\x18\x05 \x01(\x0c\x12\x1a\n\x12\x65ncryptedClientKey\x18\x06 \x01(\x0c\x12\x10\n\x08revision\x18\x07 \x01(\x03\x12\x0c\n\x04name\x18\x08 \x01(\t\"O\n\x17\x42reachWatchSecurityData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x0f\n\x07removed\x18\x03 \x01(\x08\"2\n\x0fReusedPasswords\x12\r\n\x05\x63ount\x18\x01 \x01(\x05\x12\x10\n\x08revision\x18\x02 \x01(\x03\"\xa9\x02\n\x12SharedFolderRecord\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x11\n\trecordKey\x18\x03 \x01(\x0c\x12\x10\n\x08\x63\x61nShare\x18\x04 \x01(\x08\x12\x0f\n\x07\x63\x61nEdit\x18\x05 \x01(\x08\x12\x17\n\x0fownerAccountUid\x18\x06 \x01(\x0c\x12\x12\n\nexpiration\x18\x07 \x01(\x03\x12\r\n\x05owner\x18\x08 \x01(\x08\x12\x42\n\x1a\x65xpirationNotificationType\x18\t \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x15\n\rownerUsername\x18\n \x01(\t\x12\x1a\n\x12rotateOnExpiration\x18\x0b \x01(\x08\"\xf1\x01\n\x10SharedFolderUser\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x15\n\rmanageRecords\x18\x03 \x01(\x08\x12\x13\n\x0bmanageUsers\x18\x04 \x01(\x08\x12\x12\n\naccountUid\x18\x05 \x01(\x0c\x12\x12\n\nexpiration\x18\x06 \x01(\x03\x12\x42\n\x1a\x65xpirationNotificationType\x18\x07 \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x1a\n\x12rotateOnExpiration\x18\x08 \x01(\x08\"\xea\x01\n\x10SharedFolderTeam\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x0f\n\x07teamUid\x18\x02 \x01(\x0c\x12\x0c\n\x04name\x18\x03 \x01(\t\x12\x15\n\rmanageRecords\x18\x04 \x01(\x08\x12\x13\n\x0bmanageUsers\x18\x05 \x01(\x08\x12\x12\n\nexpiration\x18\x06 \x01(\x03\x12\x42\n\x1a\x65xpirationNotificationType\x18\x07 \x01(\x0e\x32\x1e.Records.TimerNotificationType\x12\x1a\n\x12rotateOnExpiration\x18\x08 \x01(\x08\"\x8a\x01\n\tKsmChange\x12\x14\n\x0c\x61ppRecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08\x64\x65tailId\x18\x02 \x01(\x0c\x12\x0f\n\x07removed\x18\x03 \x01(\x08\x12\x30\n\rappClientType\x18\x04 \x01(\x0e\x32\x19.Enterprise.AppClientType\x12\x12\n\nexpiration\x18\x05 \x01(\x03\"#\n\x0fShareInvitation\x12\x10\n\x08username\x18\x01 \x01(\t\",\n\x04User\x12\x12\n\naccountUid\x18\x01 \x01(\x0c\x12\x10\n\x08username\x18\x02 \x01(\t\"{\n\x0fSyncDiagnostics\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x0e\n\x06userId\x18\x02 \x01(\x05\x12\x18\n\x10\x65nterpriseUserId\x18\x03 \x01(\x03\x12\x10\n\x08syncedTo\x18\x04 \x01(\x03\x12\x11\n\tsyncingTo\x18\x05 \x01(\x03\"\xee\x01\n\x0eRecordRotation\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x18\n\x10\x63onfigurationUid\x18\x03 \x01(\x0c\x12\x10\n\x08schedule\x18\x04 \x01(\t\x12\x15\n\rpwdComplexity\x18\x05 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x06 \x01(\x08\x12\x13\n\x0bresourceUid\x18\x07 \x01(\x0c\x12\x14\n\x0clastRotation\x18\x08 \x01(\x03\x12\x37\n\x12lastRotationStatus\x18\t \x01(\x0e\x32\x1b.Vault.RecordRotationStatus\"F\n\x11SecurityScoreData\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12\x10\n\x08revision\x18\x03 \x01(\x03\"3\n\x1d\x42reachWatchGetSyncDataRequest\x12\x12\n\nrecordUids\x18\x01 \x03(\x0c\"\xb3\x01\n\x1e\x42reachWatchGetSyncDataResponse\x12\x34\n\x12\x62reachWatchRecords\x18\x01 \x03(\x0b\x32\x18.Vault.BreachWatchRecord\x12?\n\x17\x62reachWatchSecurityData\x18\x02 \x03(\x0b\x32\x1e.Vault.BreachWatchSecurityData\x12\x1a\n\x05users\x18\x03 \x03(\x0b\x32\x0b.Vault.User\"6\n\x18GetAccountUidMapResponse\x12\x1a\n\x05users\x18\x01 \x03(\x0b\x32\x0b.Vault.User*\"\n\x0b\x43\x61\x63heStatus\x12\x08\n\x04KEEP\x10\x00\x12\t\n\x05\x43LEAR\x10\x01*f\n\x14RecordRotationStatus\x12\x14\n\x10RRST_NOT_ROTATED\x10\x00\x12\x14\n\x10RRST_IN_PROGRESS\x10\x01\x12\x10\n\x0cRRST_SUCCESS\x10\x02\x12\x10\n\x0cRRST_FAILURE\x10\x03\x42!\n\x18\x63om.keepersecurity.protoB\x05Vaultb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -29,10 +37,10 @@ if not _descriptor._USE_C_DESCRIPTORS: _globals['DESCRIPTOR']._loaded_options = None _globals['DESCRIPTOR']._serialized_options = b'\n\030com.keepersecurity.protoB\005Vault' - _globals['_CACHESTATUS']._serialized_start=6870 - _globals['_CACHESTATUS']._serialized_end=6904 - _globals['_RECORDROTATIONSTATUS']._serialized_start=6906 - _globals['_RECORDROTATIONSTATUS']._serialized_end=7008 + _globals['_CACHESTATUS']._serialized_start=6887 + _globals['_CACHESTATUS']._serialized_end=6921 + _globals['_RECORDROTATIONSTATUS']._serialized_start=6923 + _globals['_RECORDROTATIONSTATUS']._serialized_end=7025 _globals['_SYNCDOWNREQUEST']._serialized_start=120 _globals['_SYNCDOWNREQUEST']._serialized_end=185 _globals['_SYNCDOWNRESPONSE']._serialized_start=188 @@ -74,31 +82,31 @@ _globals['_USERAUTH']._serialized_start=4838 _globals['_USERAUTH']._serialized_end=5018 _globals['_BREACHWATCHSECURITYDATA']._serialized_start=5020 - _globals['_BREACHWATCHSECURITYDATA']._serialized_end=5082 - _globals['_REUSEDPASSWORDS']._serialized_start=5084 - _globals['_REUSEDPASSWORDS']._serialized_end=5134 - _globals['_SHAREDFOLDERRECORD']._serialized_start=5137 - _globals['_SHAREDFOLDERRECORD']._serialized_end=5434 - _globals['_SHAREDFOLDERUSER']._serialized_start=5437 - _globals['_SHAREDFOLDERUSER']._serialized_end=5678 - _globals['_SHAREDFOLDERTEAM']._serialized_start=5681 - _globals['_SHAREDFOLDERTEAM']._serialized_end=5915 - _globals['_KSMCHANGE']._serialized_start=5918 - _globals['_KSMCHANGE']._serialized_end=6056 - _globals['_SHAREINVITATION']._serialized_start=6058 - _globals['_SHAREINVITATION']._serialized_end=6093 - _globals['_USER']._serialized_start=6095 - _globals['_USER']._serialized_end=6139 - _globals['_SYNCDIAGNOSTICS']._serialized_start=6141 - _globals['_SYNCDIAGNOSTICS']._serialized_end=6264 - _globals['_RECORDROTATION']._serialized_start=6267 - _globals['_RECORDROTATION']._serialized_end=6505 - _globals['_SECURITYSCOREDATA']._serialized_start=6507 - _globals['_SECURITYSCOREDATA']._serialized_end=6577 - _globals['_BREACHWATCHGETSYNCDATAREQUEST']._serialized_start=6579 - _globals['_BREACHWATCHGETSYNCDATAREQUEST']._serialized_end=6630 - _globals['_BREACHWATCHGETSYNCDATARESPONSE']._serialized_start=6633 - _globals['_BREACHWATCHGETSYNCDATARESPONSE']._serialized_end=6812 - _globals['_GETACCOUNTUIDMAPRESPONSE']._serialized_start=6814 - _globals['_GETACCOUNTUIDMAPRESPONSE']._serialized_end=6868 + _globals['_BREACHWATCHSECURITYDATA']._serialized_end=5099 + _globals['_REUSEDPASSWORDS']._serialized_start=5101 + _globals['_REUSEDPASSWORDS']._serialized_end=5151 + _globals['_SHAREDFOLDERRECORD']._serialized_start=5154 + _globals['_SHAREDFOLDERRECORD']._serialized_end=5451 + _globals['_SHAREDFOLDERUSER']._serialized_start=5454 + _globals['_SHAREDFOLDERUSER']._serialized_end=5695 + _globals['_SHAREDFOLDERTEAM']._serialized_start=5698 + _globals['_SHAREDFOLDERTEAM']._serialized_end=5932 + _globals['_KSMCHANGE']._serialized_start=5935 + _globals['_KSMCHANGE']._serialized_end=6073 + _globals['_SHAREINVITATION']._serialized_start=6075 + _globals['_SHAREINVITATION']._serialized_end=6110 + _globals['_USER']._serialized_start=6112 + _globals['_USER']._serialized_end=6156 + _globals['_SYNCDIAGNOSTICS']._serialized_start=6158 + _globals['_SYNCDIAGNOSTICS']._serialized_end=6281 + _globals['_RECORDROTATION']._serialized_start=6284 + _globals['_RECORDROTATION']._serialized_end=6522 + _globals['_SECURITYSCOREDATA']._serialized_start=6524 + _globals['_SECURITYSCOREDATA']._serialized_end=6594 + _globals['_BREACHWATCHGETSYNCDATAREQUEST']._serialized_start=6596 + _globals['_BREACHWATCHGETSYNCDATAREQUEST']._serialized_end=6647 + _globals['_BREACHWATCHGETSYNCDATARESPONSE']._serialized_start=6650 + _globals['_BREACHWATCHGETSYNCDATARESPONSE']._serialized_end=6829 + _globals['_GETACCOUNTUIDMAPRESPONSE']._serialized_start=6831 + _globals['_GETACCOUNTUIDMAPRESPONSE']._serialized_end=6885 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.pyi b/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.pyi index e4a7e178..3a60cf8b 100644 --- a/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/SyncDown_pb2.pyi @@ -412,12 +412,14 @@ class UserAuth(_message.Message): def __init__(self, uid: _Optional[bytes] = ..., loginType: _Optional[_Union[_APIRequest_pb2.LoginType, str]] = ..., deleted: bool = ..., iterations: _Optional[int] = ..., salt: _Optional[bytes] = ..., encryptedClientKey: _Optional[bytes] = ..., revision: _Optional[int] = ..., name: _Optional[str] = ...) -> None: ... class BreachWatchSecurityData(_message.Message): - __slots__ = ("recordUid", "revision") + __slots__ = ("recordUid", "revision", "removed") RECORDUID_FIELD_NUMBER: _ClassVar[int] REVISION_FIELD_NUMBER: _ClassVar[int] + REMOVED_FIELD_NUMBER: _ClassVar[int] recordUid: bytes revision: int - def __init__(self, recordUid: _Optional[bytes] = ..., revision: _Optional[int] = ...) -> None: ... + removed: bool + def __init__(self, recordUid: _Optional[bytes] = ..., revision: _Optional[int] = ..., removed: bool = ...) -> None: ... class ReusedPasswords(_message.Message): __slots__ = ("count", "revision") diff --git a/keepersdk-package/src/keepersdk/proto/enterprise_pb2.py b/keepersdk-package/src/keepersdk/proto/enterprise_pb2.py index bea2fedc..e1575598 100644 --- a/keepersdk-package/src/keepersdk/proto/enterprise_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/enterprise_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: enterprise.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'enterprise.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -16,7 +24,7 @@ -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x10\x65nterprise.proto\x12\nEnterprise\"\x84\x01\n\x18\x45nterpriseKeyPairRequest\x12\x1b\n\x13\x65nterprisePublicKey\x18\x01 \x01(\x0c\x12%\n\x1d\x65ncryptedEnterprisePrivateKey\x18\x02 \x01(\x0c\x12$\n\x07keyType\x18\x03 \x01(\x0e\x32\x13.Enterprise.KeyType\"\'\n\x14GetTeamMemberRequest\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\"}\n\x0e\x45nterpriseUser\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\r\n\x05\x65mail\x18\x02 \x01(\t\x12\x1a\n\x12\x65nterpriseUsername\x18\x03 \x01(\t\x12\x14\n\x0cisShareAdmin\x18\x04 \x01(\x08\x12\x10\n\x08username\x18\x05 \x01(\t\"K\n\x15GetTeamMemberResponse\x12\x32\n\x0e\x65nterpriseUser\x18\x01 \x03(\x0b\x32\x1a.Enterprise.EnterpriseUser\"-\n\x11\x45nterpriseUserIds\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x03(\x03\"B\n\x19\x45nterprisePersonalAccount\x12\r\n\x05\x65mail\x18\x01 \x01(\t\x12\x16\n\x0eOBSOLETE_FIELD\x18\x02 \x01(\x0c\"S\n\x17\x45ncryptedTeamKeyRequest\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x65ncryptedTeamKey\x18\x02 \x01(\x0c\x12\r\n\x05\x66orce\x18\x03 \x01(\x08\"+\n\x0fReEncryptedData\x12\n\n\x02id\x18\x01 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\"?\n\x12ReEncryptedRoleKey\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x18\n\x10\x65ncryptedRoleKey\x18\x02 \x01(\x0c\"P\n\x16ReEncryptedUserDataKey\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14userEncryptedDataKey\x18\x02 \x01(\x0c\"\xd8\x02\n\x1bNodeToManagedCompanyRequest\x12\x11\n\tcompanyId\x18\x01 \x01(\x05\x12*\n\x05nodes\x18\x02 \x03(\x0b\x32\x1b.Enterprise.ReEncryptedData\x12*\n\x05roles\x18\x03 \x03(\x0b\x32\x1b.Enterprise.ReEncryptedData\x12*\n\x05users\x18\x04 \x03(\x0b\x32\x1b.Enterprise.ReEncryptedData\x12\x30\n\x08roleKeys\x18\x05 \x03(\x0b\x32\x1e.Enterprise.ReEncryptedRoleKey\x12\x35\n\x08teamKeys\x18\x06 \x03(\x0b\x32#.Enterprise.EncryptedTeamKeyRequest\x12\x39\n\rusersDataKeys\x18\x07 \x03(\x0b\x32\".Enterprise.ReEncryptedUserDataKey\",\n\x08RoleTeam\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x0f\n\x07teamUid\x18\x02 \x01(\x0c\"4\n\tRoleTeams\x12\'\n\trole_team\x18\x01 \x03(\x0b\x32\x14.Enterprise.RoleTeam\"R\n\x0fRoleUserAddKeys\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0f\n\x07treeKey\x18\x02 \x01(\t\x12\x14\n\x0croleAdminKey\x18\x03 \x01(\t\"T\n\x0bRoleUserAdd\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x34\n\x0froleUserAddKeys\x18\x02 \x03(\x0b\x32\x1b.Enterprise.RoleUserAddKeys\"D\n\x13RoleUsersAddRequest\x12-\n\x0croleUserAdds\x18\x01 \x03(\x0b\x32\x17.Enterprise.RoleUserAdd\"\x80\x01\n\x11RoleUserAddResult\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x30\n\x06status\x18\x03 \x01(\x0e\x32 .Enterprise.RoleUserModifyStatus\x12\x0f\n\x07message\x18\x04 \x01(\t\"F\n\x14RoleUsersAddResponse\x12.\n\x07results\x18\x01 \x03(\x0b\x32\x1d.Enterprise.RoleUserAddResult\"<\n\x0eRoleUserRemove\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\"M\n\x16RoleUsersRemoveRequest\x12\x33\n\x0froleUserRemoves\x18\x01 \x03(\x0b\x32\x1a.Enterprise.RoleUserRemove\"\x83\x01\n\x14RoleUserRemoveResult\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x30\n\x06status\x18\x03 \x01(\x0e\x32 .Enterprise.RoleUserModifyStatus\x12\x0f\n\x07message\x18\x04 \x01(\t\"L\n\x17RoleUsersRemoveResponse\x12\x31\n\x07results\x18\x01 \x03(\x0b\x32 .Enterprise.RoleUserRemoveResult\"\xa0\x04\n\x16\x45nterpriseRegistration\x12\x18\n\x10\x65ncryptedTreeKey\x18\x01 \x01(\x0c\x12\x16\n\x0e\x65nterpriseName\x18\x02 \x01(\t\x12\x14\n\x0crootNodeData\x18\x03 \x01(\x0c\x12\x15\n\radminUserData\x18\x04 \x01(\x0c\x12\x11\n\tadminName\x18\x05 \x01(\t\x12\x10\n\x08roleData\x18\x06 \x01(\x0c\x12\x38\n\nrsaKeyPair\x18\x07 \x01(\x0b\x32$.Enterprise.EnterpriseKeyPairRequest\x12\x13\n\x0bnumberSeats\x18\x08 \x01(\x05\x12\x32\n\x0e\x65nterpriseType\x18\t \x01(\x0e\x32\x1a.Enterprise.EnterpriseType\x12\x15\n\rrolePublicKey\x18\n \x01(\x0c\x12*\n\"rolePrivateKeyEncryptedWithRoleKey\x18\x0b \x01(\x0c\x12#\n\x1broleKeyEncryptedWithTreeKey\x18\x0c \x01(\x0c\x12\x38\n\neccKeyPair\x18\r \x01(\x0b\x32$.Enterprise.EnterpriseKeyPairRequest\x12\x18\n\x10\x61llUsersRoleData\x18\x0e \x01(\x0c\x12)\n!roleKeyEncryptedWithUserPublicKey\x18\x0f \x01(\x0c\x12\x18\n\x10\x61pproverRoleData\x18\x10 \x01(\x0c\"H\n\x1a\x44omainPasswordRulesRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x18\n\x10verificationCode\x18\x02 \x01(\t\"\\\n\x19\x44omainPasswordRulesFields\x12\x0c\n\x04type\x18\x01 \x01(\t\x12\x0f\n\x07minimum\x18\x02 \x01(\x05\x12\x0f\n\x07maximum\x18\x03 \x01(\x05\x12\x0f\n\x07\x61llowed\x18\x04 \x01(\x08\"E\n\x10LoginToMcRequest\x12\x16\n\x0emcEnterpriseId\x18\x01 \x01(\x05\x12\x19\n\x11messageSessionUid\x18\x02 \x01(\x0c\"L\n\x11LoginToMcResponse\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x01 \x01(\x0c\x12\x18\n\x10\x65ncryptedTreeKey\x18\x02 \x01(\t\"g\n\x1b\x44omainPasswordRulesResponse\x12H\n\x19\x64omainPasswordRulesFields\x18\x01 \x03(\x0b\x32%.Enterprise.DomainPasswordRulesFields\"\x88\x01\n\x18\x41pproveUserDeviceRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x02 \x01(\x0c\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x03 \x01(\x0c\x12\x14\n\x0c\x64\x65nyApproval\x18\x04 \x01(\x08\"t\n\x19\x41pproveUserDeviceResponse\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x02 \x01(\x0c\x12\x0e\n\x06\x66\x61iled\x18\x03 \x01(\x08\x12\x0f\n\x07message\x18\x04 \x01(\t\"Y\n\x19\x41pproveUserDevicesRequest\x12<\n\x0e\x64\x65viceRequests\x18\x01 \x03(\x0b\x32$.Enterprise.ApproveUserDeviceRequest\"\\\n\x1a\x41pproveUserDevicesResponse\x12>\n\x0f\x64\x65viceResponses\x18\x01 \x03(\x0b\x32%.Enterprise.ApproveUserDeviceResponse\"\x87\x01\n\x15\x45nterpriseUserDataKey\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14userEncryptedDataKey\x18\x02 \x01(\x0c\x12\x11\n\tkeyTypeId\x18\x03 \x01(\x05\x12\x0f\n\x07roleKey\x18\x04 \x01(\x0c\x12\x12\n\nprivateKey\x18\x05 \x01(\x0c\"I\n\x16\x45nterpriseUserDataKeys\x12/\n\x04keys\x18\x01 \x03(\x0b\x32!.Enterprise.EnterpriseUserDataKey\"g\n\x1a\x45nterpriseUserDataKeyLight\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14userEncryptedDataKey\x18\x02 \x01(\x0c\x12\x11\n\tkeyTypeId\x18\x03 \x01(\x05\"d\n\x1c\x45nterpriseUserDataKeysByNode\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x34\n\x04keys\x18\x02 \x03(\x0b\x32&.Enterprise.EnterpriseUserDataKeyLight\"^\n$EnterpriseUserDataKeysByNodeResponse\x12\x36\n\x04keys\x18\x01 \x03(\x0b\x32(.Enterprise.EnterpriseUserDataKeysByNode\"2\n\x15\x45nterpriseDataRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"0\n\x13SpecialProvisioning\x12\x0b\n\x03url\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\"\x84\x02\n\x11GeneralDataEntity\x12\x16\n\x0e\x65nterpriseName\x18\x01 \x01(\t\x12\x1a\n\x12restrictVisibility\x18\x02 \x01(\x08\x12<\n\x13specialProvisioning\x18\x04 \x01(\x0b\x32\x1f.Enterprise.SpecialProvisioning\x12\x30\n\ruserPrivilege\x18\x07 \x01(\x0b\x32\x19.Enterprise.UserPrivilege\x12\x13\n\x0b\x64istributor\x18\x08 \x01(\x08\x12\x1d\n\x15\x66orbidAccountTransfer\x18\t \x01(\x08\x12\x17\n\x0fshowUserOnboard\x18\n \x01(\x08\"\xfd\x01\n\x04Node\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x10\n\x08parentId\x18\x02 \x01(\x03\x12\x10\n\x08\x62ridgeId\x18\x03 \x01(\x03\x12\x0e\n\x06scimId\x18\x04 \x01(\x03\x12\x11\n\tlicenseId\x18\x05 \x01(\x03\x12\x15\n\rencryptedData\x18\x06 \x01(\t\x12\x12\n\nduoEnabled\x18\x07 \x01(\x08\x12\x12\n\nrsaEnabled\x18\x08 \x01(\x08\x12 \n\x14ssoServiceProviderId\x18\t \x01(\x03\x42\x02\x18\x01\x12\x1a\n\x12restrictVisibility\x18\n \x01(\x08\x12!\n\x15ssoServiceProviderIds\x18\x0b \x03(\x03\x42\x02\x10\x01\"\x8e\x01\n\x04Role\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\t\x12\x0f\n\x07keyType\x18\x04 \x01(\t\x12\x14\n\x0cvisibleBelow\x18\x05 \x01(\x08\x12\x16\n\x0enewUserInherit\x18\x06 \x01(\x08\x12\x10\n\x08roleType\x18\x07 \x01(\t\"\xb8\x02\n\x04User\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\t\x12\x0f\n\x07keyType\x18\x04 \x01(\t\x12\x10\n\x08username\x18\x05 \x01(\t\x12\x0e\n\x06status\x18\x06 \x01(\t\x12\x0c\n\x04lock\x18\x07 \x01(\x05\x12\x0e\n\x06userId\x18\x08 \x01(\x05\x12\x1e\n\x16\x61\x63\x63ountShareExpiration\x18\t \x01(\x03\x12\x10\n\x08\x66ullName\x18\n \x01(\t\x12\x10\n\x08jobTitle\x18\x0b \x01(\t\x12\x12\n\ntfaEnabled\x18\x0c \x01(\x08\x12\x46\n\x18transferAcceptanceStatus\x18\r \x01(\x0e\x32$.Enterprise.TransferAcceptanceStatus\"7\n\tUserAlias\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08username\x18\x02 \x01(\t\"\xac\x01\n\x18\x43omplianceReportMetaData\x12\x11\n\treportUid\x18\x01 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x12\n\nreportName\x18\x03 \x01(\t\x12\x15\n\rdateGenerated\x18\x04 \x01(\x03\x12\x11\n\trunByName\x18\x05 \x01(\t\x12\x16\n\x0enumberOfOwners\x18\x07 \x01(\x05\x12\x17\n\x0fnumberOfRecords\x18\x08 \x01(\x05\"S\n\x0bManagedNode\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x15\n\rmanagedNodeId\x18\x02 \x01(\x03\x12\x1d\n\x15\x63\x61scadeNodeManagement\x18\x03 \x01(\x08\"T\n\x0fUserManagedNode\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x1d\n\x15\x63\x61scadeNodeManagement\x18\x02 \x01(\x08\x12\x12\n\nprivileges\x18\x03 \x03(\t\"w\n\rUserPrivilege\x12\x35\n\x10userManagedNodes\x18\x01 \x03(\x0b\x32\x1b.Enterprise.UserManagedNode\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\t\"4\n\x08RoleUser\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\"M\n\rRolePrivilege\x12\x15\n\rmanagedNodeId\x18\x01 \x01(\x03\x12\x0e\n\x06roleId\x18\x02 \x01(\x03\x12\x15\n\rprivilegeType\x18\x03 \x01(\t\"I\n\x0fRoleEnforcement\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x17\n\x0f\x65nforcementType\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\"\xa9\x01\n\x04Team\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x14\n\x0crestrictEdit\x18\x04 \x01(\x08\x12\x15\n\rrestrictShare\x18\x05 \x01(\x08\x12\x14\n\x0crestrictView\x18\x06 \x01(\x08\x12\x15\n\rencryptedData\x18\x07 \x01(\t\x12\x18\n\x10\x65ncryptedTeamKey\x18\x08 \x01(\t\"G\n\x08TeamUser\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x10\n\x08userType\x18\x03 \x01(\t\"K\n\x1aGetDistributorInfoResponse\x12-\n\x0c\x64istributors\x18\x01 \x03(\x0b\x32\x17.Enterprise.Distributor\"B\n\x0b\x44istributor\x12\x0c\n\x04name\x18\x01 \x01(\t\x12%\n\x08mspInfos\x18\x02 \x03(\x0b\x32\x13.Enterprise.MspInfo\"\x9d\x02\n\x07MspInfo\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x16\n\x0e\x65nterpriseName\x18\x02 \x01(\t\x12\x19\n\x11\x61llocatedLicenses\x18\x03 \x01(\x05\x12\x19\n\x11\x61llowedMcProducts\x18\x04 \x03(\t\x12\x15\n\rallowedAddOns\x18\x05 \x03(\t\x12\x17\n\x0fmaxFilePlanType\x18\x06 \x01(\t\x12\x34\n\x10managedCompanies\x18\x07 \x03(\x0b\x32\x1a.Enterprise.ManagedCompany\x12\x1e\n\x16\x61llowUnlimitedLicenses\x18\x08 \x01(\x08\x12(\n\x06\x61\x64\x64Ons\x18\t \x03(\x0b\x32\x18.Enterprise.LicenseAddOn\"\x91\x02\n\x0eManagedCompany\x12\x16\n\x0emcEnterpriseId\x18\x01 \x01(\x05\x12\x18\n\x10mcEnterpriseName\x18\x02 \x01(\t\x12\x11\n\tmspNodeId\x18\x03 \x01(\x03\x12\x15\n\rnumberOfSeats\x18\x04 \x01(\x05\x12\x15\n\rnumberOfUsers\x18\x05 \x01(\x05\x12\x11\n\tproductId\x18\x06 \x01(\t\x12\x11\n\tisExpired\x18\x07 \x01(\x08\x12\x0f\n\x07treeKey\x18\x08 \x01(\t\x12\x15\n\rtree_key_role\x18\t \x01(\x03\x12\x14\n\x0c\x66ilePlanType\x18\n \x01(\t\x12(\n\x06\x61\x64\x64Ons\x18\x0b \x03(\x0b\x32\x18.Enterprise.LicenseAddOn\"R\n\x07MSPPool\x12\x11\n\tproductId\x18\x01 \x01(\t\x12\r\n\x05seats\x18\x02 \x01(\x05\x12\x16\n\x0e\x61vailableSeats\x18\x03 \x01(\x05\x12\r\n\x05stash\x18\x04 \x01(\x05\":\n\nMSPContact\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x16\n\x0e\x65nterpriseName\x18\x02 \x01(\t\"\xec\x01\n\x0cLicenseAddOn\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0f\n\x07\x65nabled\x18\x02 \x01(\x08\x12\x0f\n\x07isTrial\x18\x03 \x01(\x08\x12\x12\n\nexpiration\x18\x04 \x01(\x03\x12\x0f\n\x07\x63reated\x18\x05 \x01(\x03\x12\r\n\x05seats\x18\x06 \x01(\x05\x12\x16\n\x0e\x61\x63tivationTime\x18\x07 \x01(\x03\x12\x19\n\x11includedInProduct\x18\x08 \x01(\x08\x12\x14\n\x0c\x61piCallCount\x18\t \x01(\x05\x12\x17\n\x0ftierDescription\x18\n \x01(\t\x12\x16\n\x0eseatsAllocated\x18\x0b \x01(\x05\"s\n\tMCDefault\x12\x11\n\tmcProduct\x18\x01 \x01(\t\x12\x0e\n\x06\x61\x64\x64Ons\x18\x02 \x03(\t\x12\x14\n\x0c\x66ilePlanType\x18\x03 \x01(\t\x12\x13\n\x0bmaxLicenses\x18\x04 \x01(\x05\x12\x18\n\x10\x66ixedMaxLicenses\x18\x05 \x01(\x08\"\xd2\x01\n\nMSPPermits\x12\x12\n\nrestricted\x18\x01 \x01(\x08\x12\x1a\n\x12maxAllowedLicenses\x18\x02 \x01(\x05\x12\x19\n\x11\x61llowedMcProducts\x18\x03 \x03(\t\x12\x15\n\rallowedAddOns\x18\x04 \x03(\t\x12\x17\n\x0fmaxFilePlanType\x18\x05 \x01(\t\x12\x1e\n\x16\x61llowUnlimitedLicenses\x18\x06 \x01(\x08\x12)\n\nmcDefaults\x18\x07 \x03(\x0b\x32\x15.Enterprise.MCDefault\"\xa0\x04\n\x07License\x12\x0c\n\x04paid\x18\x01 \x01(\x08\x12\x15\n\rnumberOfSeats\x18\x02 \x01(\x05\x12\x12\n\nexpiration\x18\x03 \x01(\x03\x12\x14\n\x0clicenseKeyId\x18\x04 \x01(\x05\x12\x15\n\rproductTypeId\x18\x05 \x01(\x05\x12\x0c\n\x04name\x18\x06 \x01(\t\x12\x1b\n\x13\x65nterpriseLicenseId\x18\x07 \x01(\x03\x12\x16\n\x0eseatsAllocated\x18\x08 \x01(\x05\x12\x14\n\x0cseatsPending\x18\t \x01(\x05\x12\x0c\n\x04tier\x18\n \x01(\x05\x12\x16\n\x0e\x66ilePlanTypeId\x18\x0b \x01(\x05\x12\x10\n\x08maxBytes\x18\x0c \x01(\x03\x12\x19\n\x11storageExpiration\x18\r \x01(\x03\x12\x15\n\rlicenseStatus\x18\x0e \x01(\t\x12$\n\x07mspPool\x18\x0f \x03(\x0b\x32\x13.Enterprise.MSPPool\x12)\n\tmanagedBy\x18\x10 \x01(\x0b\x32\x16.Enterprise.MSPContact\x12(\n\x06\x61\x64\x64Ons\x18\x11 \x03(\x0b\x32\x18.Enterprise.LicenseAddOn\x12\x17\n\x0fnextBillingDate\x18\x12 \x01(\x03\x12\x17\n\x0fhasMSPLegacyLog\x18\x13 \x01(\x08\x12*\n\nmspPermits\x18\x14 \x01(\x0b\x32\x16.Enterprise.MSPPermits\x12\x13\n\x0b\x64istributor\x18\x15 \x01(\x08\"n\n\x06\x42ridge\x12\x10\n\x08\x62ridgeId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x18\n\x10wanIpEnforcement\x18\x03 \x01(\t\x12\x18\n\x10lanIpEnforcement\x18\x04 \x01(\t\x12\x0e\n\x06status\x18\x05 \x01(\t\"t\n\x04Scim\x12\x0e\n\x06scimId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x0e\n\x06status\x18\x03 \x01(\t\x12\x12\n\nlastSynced\x18\x04 \x01(\x03\x12\x12\n\nrolePrefix\x18\x05 \x01(\t\x12\x14\n\x0cuniqueGroups\x18\x06 \x01(\x08\"L\n\x0e\x45mailProvision\x12\n\n\x02id\x18\x01 \x01(\x05\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x0e\n\x06\x64omain\x18\x03 \x01(\t\x12\x0e\n\x06method\x18\x04 \x01(\t\"R\n\nQueuedTeam\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x15\n\rencryptedData\x18\x04 \x01(\t\"0\n\x0eQueuedTeamUser\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\r\n\x05users\x18\x02 \x03(\x03\"\xa4\x01\n\x0eTeamsAddResult\x12\x34\n\x11successfulTeamAdd\x18\x01 \x03(\x0b\x32\x19.Enterprise.TeamAddResult\x12\x36\n\x13unsuccessfulTeamAdd\x18\x02 \x03(\x0b\x32\x19.Enterprise.TeamAddResult\x12\x0e\n\x06result\x18\x03 \x01(\t\x12\x14\n\x0c\x65rrorMessage\x18\x04 \x01(\t\"U\n\rTeamAddResult\x12\x1e\n\x04team\x18\x01 \x01(\x0b\x32\x10.Enterprise.Team\x12\x0e\n\x06result\x18\x02 \x01(\t\x12\x14\n\x0c\x65rrorMessage\x18\x03 \x01(\t\"\x91\x01\n\nSsoService\x12\x1c\n\x14ssoServiceProviderId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x0c\n\x04name\x18\x03 \x01(\t\x12\x0e\n\x06sp_url\x18\x04 \x01(\t\x12\x16\n\x0einviteNewUsers\x18\x05 \x01(\x08\x12\x0e\n\x06\x61\x63tive\x18\x06 \x01(\x08\x12\x0f\n\x07isCloud\x18\x07 \x01(\x08\"1\n\x10ReportFilterUser\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\r\n\x05\x65mail\x18\x02 \x01(\t\"\x97\x02\n\x1d\x44\x65viceRequestForAdminApproval\x12\x10\n\x08\x64\x65viceId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x03 \x01(\x0c\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x12\n\ndeviceName\x18\x05 \x01(\t\x12\x15\n\rclientVersion\x18\x06 \x01(\t\x12\x12\n\ndeviceType\x18\x07 \x01(\t\x12\x0c\n\x04\x64\x61te\x18\x08 \x01(\x03\x12\x11\n\tipAddress\x18\t \x01(\t\x12\x10\n\x08location\x18\n \x01(\t\x12\r\n\x05\x65mail\x18\x0b \x01(\t\x12\x12\n\naccountUid\x18\x0c \x01(\x0c\"`\n\x0e\x45nterpriseData\x12\x30\n\x06\x65ntity\x18\x01 \x01(\x0e\x32 .Enterprise.EnterpriseDataEntity\x12\x0e\n\x06\x64\x65lete\x18\x02 \x01(\x08\x12\x0c\n\x04\x64\x61ta\x18\x03 \x03(\x0c\"\xd0\x01\n\x16\x45nterpriseDataResponse\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\x12,\n\x0b\x63\x61\x63heStatus\x18\x03 \x01(\x0e\x32\x17.Enterprise.CacheStatus\x12(\n\x04\x64\x61ta\x18\x04 \x03(\x0b\x32\x1a.Enterprise.EnterpriseData\x12\x32\n\x0bgeneralData\x18\x05 \x01(\x0b\x32\x1d.Enterprise.GeneralDataEntity\"*\n\rBackupRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"\x98\x01\n\x0c\x42\x61\x63kupRecord\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x0b\n\x03key\x18\x03 \x01(\x0c\x12*\n\x07keyType\x18\x04 \x01(\x0e\x32\x19.Enterprise.BackupKeyType\x12\x0f\n\x07version\x18\x05 \x01(\x05\x12\x0c\n\x04\x64\x61ta\x18\x06 \x01(\x0c\x12\r\n\x05\x65xtra\x18\x07 \x01(\x0c\".\n\tBackupKey\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x11\n\tbackupKey\x18\x02 \x01(\x0c\"\x8d\x02\n\nBackupUser\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x10\n\x08userName\x18\x02 \x01(\t\x12\x0f\n\x07\x64\x61taKey\x18\x03 \x01(\x0c\x12\x36\n\x0b\x64\x61taKeyType\x18\x04 \x01(\x0e\x32!.Enterprise.BackupUserDataKeyType\x12\x12\n\nprivateKey\x18\x05 \x01(\x0c\x12\x0f\n\x07treeKey\x18\x06 \x01(\x0c\x12.\n\x0btreeKeyType\x18\x07 \x01(\x0e\x32\x19.Enterprise.BackupKeyType\x12)\n\nbackupKeys\x18\x08 \x03(\x0b\x32\x15.Enterprise.BackupKey\x12\x14\n\x0cprivateECKey\x18\t \x01(\x0c\"\x9e\x01\n\x0e\x42\x61\x63kupResponse\x12\x1f\n\x17\x65nterpriseEccPrivateKey\x18\x01 \x01(\x0c\x12%\n\x05users\x18\x02 \x03(\x0b\x32\x16.Enterprise.BackupUser\x12)\n\x07records\x18\x03 \x03(\x0b\x32\x18.Enterprise.BackupRecord\x12\x19\n\x11\x63ontinuationToken\x18\x04 \x01(\x0c\"e\n\nBackupFile\x12\x0c\n\x04user\x18\x01 \x01(\t\x12\x11\n\tbackupUid\x18\x02 \x01(\x0c\x12\x10\n\x08\x66ileName\x18\x03 \x01(\t\x12\x0f\n\x07\x63reated\x18\x04 \x01(\x03\x12\x13\n\x0b\x64ownloadUrl\x18\x05 \x01(\t\"8\n\x0f\x42\x61\x63kupsResponse\x12%\n\x05\x66iles\x18\x01 \x03(\x0b\x32\x16.Enterprise.BackupFile\".\n\x1cGetEnterpriseDataKeysRequest\x12\x0e\n\x06roleId\x18\x01 \x03(\x03\"\xff\x01\n\x1dGetEnterpriseDataKeysResponse\x12:\n\x12reEncryptedRoleKey\x18\x01 \x03(\x0b\x32\x1e.Enterprise.ReEncryptedRoleKey\x12$\n\x07roleKey\x18\x02 \x03(\x0b\x32\x13.Enterprise.RoleKey\x12\"\n\x06mspKey\x18\x03 \x01(\x0b\x32\x12.Enterprise.MspKey\x12\x32\n\x0e\x65nterpriseKeys\x18\x04 \x01(\x0b\x32\x1a.Enterprise.EnterpriseKeys\x12$\n\x07treeKey\x18\x05 \x01(\x0b\x32\x13.Enterprise.TreeKey\"^\n\x07RoleKey\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x14\n\x0c\x65ncryptedKey\x18\x02 \x01(\t\x12-\n\x07keyType\x18\x03 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"d\n\x06MspKey\x12\x1b\n\x13\x65ncryptedMspTreeKey\x18\x01 \x01(\t\x12=\n\x17\x65ncryptedMspTreeKeyType\x18\x02 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"|\n\x0e\x45nterpriseKeys\x12\x14\n\x0crsaPublicKey\x18\x01 \x01(\x0c\x12\x1e\n\x16rsaEncryptedPrivateKey\x18\x02 \x01(\x0c\x12\x14\n\x0c\x65\x63\x63PublicKey\x18\x03 \x01(\x0c\x12\x1e\n\x16\x65\x63\x63\x45ncryptedPrivateKey\x18\x04 \x01(\x0c\"H\n\x07TreeKey\x12\x0f\n\x07treeKey\x18\x01 \x01(\t\x12,\n\tkeyTypeId\x18\x02 \x01(\x0e\x32\x19.Enterprise.BackupKeyType\"E\n\x14SharedRecordResponse\x12-\n\x06\x65vents\x18\x01 \x03(\x0b\x32\x1d.Enterprise.SharedRecordEvent\"p\n\x11SharedRecordEvent\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08userName\x18\x02 \x01(\t\x12\x0f\n\x07\x63\x61nEdit\x18\x03 \x01(\x08\x12\x12\n\ncanReshare\x18\x04 \x01(\x08\x12\x11\n\tshareFrom\x18\x05 \x01(\x05\".\n\x1cSetRestrictVisibilityRequest\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\"\xd0\x01\n\x0eUserAddRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12-\n\x07keyType\x18\x04 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x05 \x01(\t\x12\x10\n\x08jobTitle\x18\x06 \x01(\t\x12\r\n\x05\x65mail\x18\x07 \x01(\t\x12\x1b\n\x13suppressEmailInvite\x18\x08 \x01(\x08\":\n\x11UserUpdateRequest\x12%\n\x05users\x18\x01 \x03(\x0b\x32\x16.Enterprise.UserUpdate\"\xaf\x01\n\nUserUpdate\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12-\n\x07keyType\x18\x04 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x05 \x01(\t\x12\x10\n\x08jobTitle\x18\x06 \x01(\t\x12\r\n\x05\x65mail\x18\x07 \x01(\t\"A\n\x12UserUpdateResponse\x12+\n\x05users\x18\x01 \x03(\x0b\x32\x1c.Enterprise.UserUpdateResult\"Z\n\x10UserUpdateResult\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12,\n\x06status\x18\x02 \x01(\x0e\x32\x1c.Enterprise.UserUpdateStatus\"J\n\x1d\x43omplianceRecordOwnersRequest\x12\x0f\n\x07nodeIds\x18\x01 \x03(\x03\x12\x18\n\x10includeNonShared\x18\x02 \x01(\x08\"O\n\x1e\x43omplianceRecordOwnersResponse\x12-\n\x0crecordOwners\x18\x01 \x03(\x0b\x32\x17.Enterprise.RecordOwner\"7\n\x0bRecordOwner\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06shared\x18\x02 \x01(\x08\"\xa6\x01\n PreliminaryComplianceDataRequest\x12\x19\n\x11\x65nterpriseUserIds\x18\x01 \x03(\x03\x12\x18\n\x10includeNonShared\x18\x02 \x01(\x08\x12\x19\n\x11\x63ontinuationToken\x18\x03 \x01(\x0c\x12\x32\n*includeTotalMatchingRecordsInFirstResponse\x18\x04 \x01(\x08\"\x9f\x01\n!PreliminaryComplianceDataResponse\x12\x30\n\rauditUserData\x18\x01 \x03(\x0b\x32\x19.Enterprise.AuditUserData\x12\x19\n\x11\x63ontinuationToken\x18\x02 \x01(\x0c\x12\x0f\n\x07hasMore\x18\x03 \x01(\x08\x12\x1c\n\x14totalMatchingRecords\x18\x04 \x01(\x05\"K\n\x0f\x41uditUserRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x15\n\rencryptedData\x18\x02 \x01(\x0c\x12\x0e\n\x06shared\x18\x03 \x01(\x08\"\x8d\x01\n\rAuditUserData\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x35\n\x10\x61uditUserRecords\x18\x02 \x03(\x0b\x32\x1b.Enterprise.AuditUserRecord\x12+\n\x06status\x18\x03 \x01(\x0e\x32\x1b.Enterprise.AuditUserStatus\"\x7f\n\x17\x43omplianceReportFilters\x12\x14\n\x0crecordTitles\x18\x01 \x03(\t\x12\x12\n\nrecordUids\x18\x02 \x03(\x0c\x12\x11\n\tjobTitles\x18\x03 \x03(\x03\x12\x0c\n\x04urls\x18\x04 \x03(\t\x12\x19\n\x11\x65nterpriseUserIds\x18\x05 \x03(\x03\"\x7f\n\x17\x43omplianceReportRequest\x12<\n\x13\x63omplianceReportRun\x18\x01 \x01(\x0b\x32\x1f.Enterprise.ComplianceReportRun\x12\x12\n\nreportName\x18\x02 \x01(\t\x12\x12\n\nsaveReport\x18\x03 \x01(\x08\"\x85\x01\n\x13\x43omplianceReportRun\x12N\n\x17reportCriteriaAndFilter\x18\x01 \x01(\x0b\x32-.Enterprise.ComplianceReportCriteriaAndFilter\x12\r\n\x05users\x18\x02 \x03(\x03\x12\x0f\n\x07records\x18\x03 \x03(\x0c\"\xfc\x01\n!ComplianceReportCriteriaAndFilter\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x13\n\x0b\x63riteriaUid\x18\x02 \x01(\x0c\x12\x14\n\x0c\x63riteriaName\x18\x03 \x01(\t\x12\x36\n\x08\x63riteria\x18\x04 \x01(\x0b\x32$.Enterprise.ComplianceReportCriteria\x12\x33\n\x07\x66ilters\x18\x05 \x03(\x0b\x32\".Enterprise.ComplianceReportFilter\x12\x14\n\x0clastModified\x18\x06 \x01(\x03\x12\x19\n\x11nodeEncryptedData\x18\x07 \x01(\x0c\"b\n\x18\x43omplianceReportCriteria\x12\x11\n\tjobTitles\x18\x01 \x03(\t\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\x12\x18\n\x10includeNonShared\x18\x03 \x01(\x08\"x\n\x16\x43omplianceReportFilter\x12\x14\n\x0crecordTitles\x18\x01 \x03(\t\x12\x12\n\nrecordUids\x18\x02 \x03(\x0c\x12\x11\n\tjobTitles\x18\x03 \x03(\t\x12\x0c\n\x04urls\x18\x04 \x03(\t\x12\x13\n\x0brecordTypes\x18\x05 \x03(\t\"\xa1\x05\n\x18\x43omplianceReportResponse\x12\x15\n\rdateGenerated\x18\x01 \x01(\x03\x12\x15\n\rrunByUserName\x18\x02 \x01(\t\x12\x12\n\nreportName\x18\x03 \x01(\t\x12\x11\n\treportUid\x18\x04 \x01(\x0c\x12<\n\x13\x63omplianceReportRun\x18\x05 \x01(\x0b\x32\x1f.Enterprise.ComplianceReportRun\x12-\n\x0cuserProfiles\x18\x06 \x03(\x0b\x32\x17.Enterprise.UserProfile\x12)\n\nauditTeams\x18\x07 \x03(\x0b\x32\x15.Enterprise.AuditTeam\x12-\n\x0c\x61uditRecords\x18\x08 \x03(\x0b\x32\x17.Enterprise.AuditRecord\x12+\n\x0buserRecords\x18\t \x03(\x0b\x32\x16.Enterprise.UserRecord\x12;\n\x13sharedFolderRecords\x18\n \x03(\x0b\x32\x1e.Enterprise.SharedFolderRecord\x12\x37\n\x11sharedFolderUsers\x18\x0b \x03(\x0b\x32\x1c.Enterprise.SharedFolderUser\x12\x37\n\x11sharedFolderTeams\x18\x0c \x03(\x0b\x32\x1c.Enterprise.SharedFolderTeam\x12\x31\n\x0e\x61uditTeamUsers\x18\r \x03(\x0b\x32\x19.Enterprise.AuditTeamUser\x12)\n\nauditRoles\x18\x0e \x03(\x0b\x32\x15.Enterprise.AuditRole\x12/\n\rlinkedRecords\x18\x0f \x03(\x0b\x32\x18.Enterprise.LinkedRecord\"\x81\x01\n\x0b\x41uditRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x11\n\tauditData\x18\x02 \x01(\x0c\x12\x16\n\x0ehasAttachments\x18\x03 \x01(\x08\x12\x0f\n\x07inTrash\x18\x04 \x01(\x08\x12\x10\n\x08treeLeft\x18\x05 \x01(\x05\x12\x11\n\ttreeRight\x18\x06 \x01(\x05\"\x80\x02\n\tAuditRole\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x15\n\rencryptedData\x18\x02 \x01(\x0c\x12&\n\x1erestrictShareOutsideEnterprise\x18\x03 \x01(\x08\x12\x18\n\x10restrictShareAll\x18\x04 \x01(\x08\x12\"\n\x1arestrictShareOfAttachments\x18\x05 \x01(\x08\x12)\n!restrictMaskPasswordsWhileEditing\x18\x06 \x01(\x08\x12;\n\x13roleNodeManagements\x18\x07 \x03(\x0b\x32\x1e.Enterprise.RoleNodeManagement\"^\n\x12RoleNodeManagement\x12\x10\n\x08treeLeft\x18\x01 \x01(\x05\x12\x11\n\ttreeRight\x18\x02 \x01(\x05\x12\x0f\n\x07\x63\x61scade\x18\x03 \x01(\x08\x12\x12\n\nprivileges\x18\x04 \x01(\x05\"k\n\x0bUserProfile\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08\x66ullName\x18\x02 \x01(\t\x12\x10\n\x08jobTitle\x18\x03 \x01(\t\x12\r\n\x05\x65mail\x18\x04 \x01(\t\x12\x0f\n\x07roleIds\x18\x05 \x03(\x03\"=\n\x10RecordPermission\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x16\n\x0epermissionBits\x18\x02 \x01(\x05\"_\n\nUserRecord\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x37\n\x11recordPermissions\x18\x02 \x03(\x0b\x32\x1c.Enterprise.RecordPermission\"[\n\tAuditTeam\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x10\n\x08teamName\x18\x02 \x01(\t\x12\x14\n\x0crestrictEdit\x18\x03 \x01(\x08\x12\x15\n\rrestrictShare\x18\x04 \x01(\x08\";\n\rAuditTeamUser\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\"\x9f\x01\n\x12SharedFolderRecord\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x37\n\x11recordPermissions\x18\x02 \x03(\x0b\x32\x1c.Enterprise.RecordPermission\x12\x37\n\x11shareAdminRecords\x18\x03 \x03(\x0b\x32\x1c.Enterprise.ShareAdminRecord\"M\n\x10ShareAdminRecord\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1f\n\x17recordPermissionIndexes\x18\x02 \x03(\x05\"F\n\x10SharedFolderUser\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\"=\n\x10SharedFolderTeam\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x10\n\x08teamUids\x18\x02 \x03(\x0c\"/\n\x1aGetComplianceReportRequest\x12\x11\n\treportUid\x18\x01 \x01(\x0c\"2\n\x1bGetComplianceReportResponse\x12\x13\n\x0b\x64ownloadUrl\x18\x01 \x01(\t\"6\n\x1f\x43omplianceReportCriteriaRequest\x12\x13\n\x0b\x63riteriaUid\x18\x01 \x01(\x0c\";\n$SaveComplianceReportCriteriaResponse\x12\x13\n\x0b\x63riteriaUid\x18\x01 \x01(\x0c\"4\n\x0cLinkedRecord\x12\x10\n\x08ownerUid\x18\x01 \x01(\x0c\x12\x12\n\nrecordUids\x18\x02 \x03(\x0c\"W\n\x17GetSharingAdminsRequest\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x10\n\x08username\x18\x03 \x01(\t\"\xe0\x01\n\x0eUserProfileExt\x12\r\n\x05\x65mail\x18\x01 \x01(\t\x12\x10\n\x08\x66ullName\x18\x02 \x01(\t\x12\x10\n\x08jobTitle\x18\x03 \x01(\t\x12\x14\n\x0cisMSPMCAdmin\x18\x04 \x01(\x08\x12\x18\n\x10isInSharedFolder\x18\x05 \x01(\x08\x12&\n\x1eisShareAdminForRequestedObject\x18\x06 \x01(\x08\x12(\n isShareAdminForSharedFolderOwner\x18\x07 \x01(\x08\x12\x19\n\x11hasAccessToObject\x18\x08 \x01(\x08\"O\n\x18GetSharingAdminsResponse\x12\x33\n\x0fuserProfileExts\x18\x01 \x03(\x0b\x32\x1a.Enterprise.UserProfileExt\"_\n\x1eTeamsEnterpriseUsersAddRequest\x12=\n\x05teams\x18\x01 \x03(\x0b\x32..Enterprise.TeamsEnterpriseUsersAddTeamRequest\"t\n\"TeamsEnterpriseUsersAddTeamRequest\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12=\n\x05users\x18\x02 \x03(\x0b\x32..Enterprise.TeamsEnterpriseUsersAddUserRequest\"\xab\x01\n\"TeamsEnterpriseUsersAddUserRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12*\n\x08userType\x18\x02 \x01(\x0e\x32\x18.Enterprise.TeamUserType\x12\x13\n\x07teamKey\x18\x03 \x01(\tB\x02\x18\x01\x12*\n\x0ctypedTeamKey\x18\x04 \x01(\x0b\x32\x14.Enterprise.TypedKey\"F\n\x08TypedKey\x12\x0b\n\x03key\x18\x01 \x01(\x0c\x12-\n\x07keyType\x18\x02 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"s\n\x1fTeamsEnterpriseUsersAddResponse\x12>\n\x05teams\x18\x01 \x03(\x0b\x32/.Enterprise.TeamsEnterpriseUsersAddTeamResponse\x12\x10\n\x08revision\x18\x02 \x01(\x03\"\xc4\x01\n#TeamsEnterpriseUsersAddTeamResponse\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12>\n\x05users\x18\x02 \x03(\x0b\x32/.Enterprise.TeamsEnterpriseUsersAddUserResponse\x12\x0f\n\x07success\x18\x03 \x01(\x08\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x12\n\nresultCode\x18\x05 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x06 \x01(\t\"\x9f\x01\n#TeamsEnterpriseUsersAddUserResponse\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x0f\n\x07success\x18\x03 \x01(\x08\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x12\n\nresultCode\x18\x05 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x06 \x01(\t\"M\n\x0b\x44omainAlias\x12\x0e\n\x06\x64omain\x18\x01 \x01(\t\x12\r\n\x05\x61lias\x18\x02 \x01(\t\x12\x0e\n\x06status\x18\x03 \x01(\x05\x12\x0f\n\x07message\x18\x04 \x01(\t\"B\n\x12\x44omainAliasRequest\x12,\n\x0b\x64omainAlias\x18\x01 \x03(\x0b\x32\x17.Enterprise.DomainAlias\"C\n\x13\x44omainAliasResponse\x12,\n\x0b\x64omainAlias\x18\x01 \x03(\x0b\x32\x17.Enterprise.DomainAlias\"m\n\x1f\x45nterpriseUsersProvisionRequest\x12\x33\n\x05users\x18\x01 \x03(\x0b\x32$.Enterprise.EnterpriseUsersProvision\x12\x15\n\rclientVersion\x18\x02 \x01(\t\"\xb6\x03\n\x18\x45nterpriseUsersProvision\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x15\n\rencryptedData\x18\x04 \x01(\t\x12-\n\x07keyType\x18\x05 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x06 \x01(\t\x12\x10\n\x08jobTitle\x18\x07 \x01(\t\x12\x1e\n\x16\x65nterpriseUsersDataKey\x18\x08 \x01(\x0c\x12\x14\n\x0c\x61uthVerifier\x18\t \x01(\x0c\x12\x18\n\x10\x65ncryptionParams\x18\n \x01(\x0c\x12\x14\n\x0crsaPublicKey\x18\x0b \x01(\x0c\x12\x1e\n\x16rsaEncryptedPrivateKey\x18\x0c \x01(\x0c\x12\x14\n\x0c\x65\x63\x63PublicKey\x18\r \x01(\x0c\x12\x1e\n\x16\x65\x63\x63\x45ncryptedPrivateKey\x18\x0e \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x0f \x01(\x0c\x12\x1a\n\x12\x65ncryptedClientKey\x18\x10 \x01(\x0c\"_\n EnterpriseUsersProvisionResponse\x12;\n\x07results\x18\x01 \x03(\x0b\x32*.Enterprise.EnterpriseUsersProvisionResult\"q\n\x1e\x45nterpriseUsersProvisionResult\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0c\n\x04\x63ode\x18\x02 \x01(\t\x12\x0f\n\x07message\x18\x03 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x04 \x01(\t\"a\n\x19\x45nterpriseUsersAddRequest\x12-\n\x05users\x18\x01 \x03(\x0b\x32\x1e.Enterprise.EnterpriseUsersAdd\x12\x15\n\rclientVersion\x18\x02 \x01(\t\"\x8c\x02\n\x12\x45nterpriseUsersAdd\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x15\n\rencryptedData\x18\x04 \x01(\t\x12-\n\x07keyType\x18\x05 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x06 \x01(\t\x12\x10\n\x08jobTitle\x18\x07 \x01(\t\x12\x1b\n\x13suppressEmailInvite\x18\x08 \x01(\x08\x12\x15\n\rinviteeLocale\x18\t \x01(\t\x12\x0c\n\x04move\x18\n \x01(\x08\x12\x0e\n\x06roleId\x18\x0b \x01(\x03\"\x9b\x01\n\x1a\x45nterpriseUsersAddResponse\x12\x35\n\x07results\x18\x01 \x03(\x0b\x32$.Enterprise.EnterpriseUsersAddResult\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x0c\n\x04\x63ode\x18\x03 \x01(\t\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x05 \x01(\t\"\x96\x01\n\x18\x45nterpriseUsersAddResult\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x18\n\x10verificationCode\x18\x03 \x01(\t\x12\x0c\n\x04\x63ode\x18\x04 \x01(\t\x12\x0f\n\x07message\x18\x05 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x06 \x01(\t\"\xb9\x01\n\x17UpdateMSPPermitsRequest\x12\x17\n\x0fmspEnterpriseId\x18\x01 \x01(\x05\x12\x1a\n\x12maxAllowedLicenses\x18\x02 \x01(\x05\x12\x19\n\x11\x61llowedMcProducts\x18\x03 \x03(\t\x12\x15\n\rallowedAddOns\x18\x04 \x03(\t\x12\x17\n\x0fmaxFilePlanType\x18\x05 \x01(\t\x12\x1e\n\x16\x61llowUnlimitedLicenses\x18\x06 \x01(\x08\"9\n\x1c\x44\x65leteEnterpriseUsersRequest\x12\x19\n\x11\x65nterpriseUserIds\x18\x01 \x03(\x03\"o\n\x1a\x44\x65leteEnterpriseUserStatus\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x37\n\x06status\x18\x02 \x01(\x0e\x32\'.Enterprise.DeleteEnterpriseUsersResult\"]\n\x1d\x44\x65leteEnterpriseUsersResponse\x12<\n\x0c\x64\x65leteStatus\x18\x01 \x03(\x0b\x32&.Enterprise.DeleteEnterpriseUserStatus\"w\n\x18\x43learSecurityDataRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x03(\x03\x12\x10\n\x08\x61llUsers\x18\x02 \x01(\x08\x12/\n\x04type\x18\x03 \x01(\x0e\x32!.Enterprise.ClearSecurityDataType*\x1b\n\x07KeyType\x12\x07\n\x03RSA\x10\x00\x12\x07\n\x03\x45\x43\x43\x10\x01*\xe6\x01\n\x14RoleUserModifyStatus\x12\x0f\n\x0bROLE_EXISTS\x10\x00\x12\x14\n\x10MISSING_TREE_KEY\x10\x01\x12\x14\n\x10MISSING_ROLE_KEY\x10\x02\x12\x1e\n\x1aINVALID_ENTERPRISE_USER_ID\x10\x03\x12\x1b\n\x17PENDING_ENTERPRISE_USER\x10\x04\x12\x13\n\x0fINVALID_NODE_ID\x10\x05\x12!\n\x1dMAY_NOT_REMOVE_SELF_FROM_ROLE\x10\x06\x12\x1c\n\x18MUST_HAVE_ONE_USER_ADMIN\x10\x07*=\n\x0e\x45nterpriseType\x12\x17\n\x13\x45NTERPRISE_STANDARD\x10\x00\x12\x12\n\x0e\x45NTERPRISE_MSP\x10\x01*s\n\x18TransferAcceptanceStatus\x12\r\n\tUNDEFINED\x10\x00\x12\x10\n\x0cNOT_REQUIRED\x10\x01\x12\x10\n\x0cNOT_ACCEPTED\x10\x02\x12\x16\n\x12PARTIALLY_ACCEPTED\x10\x03\x12\x0c\n\x08\x41\x43\x43\x45PTED\x10\x04*\x8a\x04\n\x14\x45nterpriseDataEntity\x12\x0b\n\x07UNKNOWN\x10\x00\x12\t\n\x05NODES\x10\x01\x12\t\n\x05ROLES\x10\x02\x12\t\n\x05USERS\x10\x03\x12\t\n\x05TEAMS\x10\x04\x12\x0e\n\nTEAM_USERS\x10\x05\x12\x0e\n\nROLE_USERS\x10\x06\x12\x13\n\x0fROLE_PRIVILEGES\x10\x07\x12\x15\n\x11ROLE_ENFORCEMENTS\x10\x08\x12\x0e\n\nROLE_TEAMS\x10\t\x12\x0c\n\x08LICENSES\x10\n\x12\x11\n\rMANAGED_NODES\x10\x0b\x12\x15\n\x11MANAGED_COMPANIES\x10\x0c\x12\x0b\n\x07\x42RIDGES\x10\r\x12\t\n\x05SCIMS\x10\x0e\x12\x13\n\x0f\x45MAIL_PROVISION\x10\x0f\x12\x10\n\x0cQUEUED_TEAMS\x10\x10\x12\x15\n\x11QUEUED_TEAM_USERS\x10\x11\x12\x10\n\x0cSSO_SERVICES\x10\x12\x12\x17\n\x13REPORT_FILTER_USERS\x10\x13\x12&\n\"DEVICES_REQUEST_FOR_ADMIN_APPROVAL\x10\x14\x12\x10\n\x0cUSER_ALIASES\x10\x15\x12)\n%COMPLIANCE_REPORT_CRITERIA_AND_FILTER\x10\x16\x12\x16\n\x12\x43OMPLIANCE_REPORTS\x10\x17\x12\'\n#QUEUED_TEAM_USERS_INCLUDING_PENDING\x10\x18*\"\n\x0b\x43\x61\x63heStatus\x12\x08\n\x04KEEP\x10\x00\x12\t\n\x05\x43LEAR\x10\x01*\x93\x01\n\rBackupKeyType\x12\n\n\x06NO_KEY\x10\x00\x12\x19\n\x15\x45NCRYPTED_BY_DATA_KEY\x10\x01\x12\x1b\n\x17\x45NCRYPTED_BY_PUBLIC_KEY\x10\x02\x12\x1d\n\x19\x45NCRYPTED_BY_DATA_KEY_GCM\x10\x03\x12\x1f\n\x1b\x45NCRYPTED_BY_PUBLIC_KEY_ECC\x10\x04*:\n\x15\x42\x61\x63kupUserDataKeyType\x12\x07\n\x03OWN\x10\x00\x12\x18\n\x14SHARED_TO_ENTERPRISE\x10\x01*\xa5\x01\n\x10\x45ncryptedKeyType\x12\r\n\tKT_NO_KEY\x10\x00\x12\x1c\n\x18KT_ENCRYPTED_BY_DATA_KEY\x10\x01\x12\x1e\n\x1aKT_ENCRYPTED_BY_PUBLIC_KEY\x10\x02\x12 \n\x1cKT_ENCRYPTED_BY_DATA_KEY_GCM\x10\x03\x12\"\n\x1eKT_ENCRYPTED_BY_PUBLIC_KEY_ECC\x10\x04*\x8e\x02\n\x12\x45nterpriseFlagType\x12\x0b\n\x07INVALID\x10\x00\x12\x1a\n\x16\x41LLOW_PERSONAL_LICENSE\x10\x01\x12\x18\n\x14SPECIAL_PROVISIONING\x10\x02\x12\x10\n\x0cRECORD_TYPES\x10\x03\x12\x13\n\x0fSECRETS_MANAGER\x10\x04\x12\x15\n\x11\x45NTERPRISE_LOCKED\x10\x05\x12\x15\n\x11\x46ORBID_KEY_TYPE_2\x10\x06\x12\x15\n\x11\x43ONSOLE_ONBOARDED\x10\x07\x12\x1b\n\x17\x46ORBID_ACCOUNT_TRANSFER\x10\x08\x12\x15\n\x11NPS_POPUP_OPT_OUT\x10\t\x12\x15\n\x11SHOW_USER_ONBOARD\x10\n*E\n\x10UserUpdateStatus\x12\x12\n\x0eUSER_UPDATE_OK\x10\x00\x12\x1d\n\x19USER_UPDATE_ACCESS_DENIED\x10\x01*I\n\x0f\x41uditUserStatus\x12\x06\n\x02OK\x10\x00\x12\x11\n\rACCESS_DENIED\x10\x01\x12\x1b\n\x17NO_LONGER_IN_ENTERPRISE\x10\x02*3\n\x0cTeamUserType\x12\x08\n\x04USER\x10\x00\x12\t\n\x05\x41\x44MIN\x10\x01\x12\x0e\n\nADMIN_ONLY\x10\x02*x\n\rAppClientType\x12\x0c\n\x08NOT_USED\x10\x00\x12\x0b\n\x07GENERAL\x10\x01\x12%\n!DISCOVERY_AND_ROTATION_CONTROLLER\x10\x02\x12\x12\n\x0eKCM_CONTROLLER\x10\x03\x12\x11\n\rSELF_DESTRUCT\x10\x04*\x8f\x01\n\x1b\x44\x65leteEnterpriseUsersResult\x12\x0b\n\x07SUCCESS\x10\x00\x12\x1a\n\x16NOT_AN_ENTERPRISE_USER\x10\x01\x12\x16\n\x12\x43\x41NNOT_DELETE_SELF\x10\x02\x12$\n BRIDGE_CANNOT_DELETE_ACTIVE_USER\x10\x03\x12\t\n\x05\x45RROR\x10\x04*\x87\x01\n\x15\x43learSecurityDataType\x12\x1e\n\x1aRECALCULATE_SUMMARY_REPORT\x10\x00\x12\'\n#FORCE_CLIENT_CHECK_FOR_MISSING_DATA\x10\x01\x12%\n!FORCE_CLIENT_RESEND_SECURITY_DATA\x10\x02\x42&\n\x18\x63om.keepersecurity.protoB\nEnterpriseb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x10\x65nterprise.proto\x12\nEnterprise\"\x84\x01\n\x18\x45nterpriseKeyPairRequest\x12\x1b\n\x13\x65nterprisePublicKey\x18\x01 \x01(\x0c\x12%\n\x1d\x65ncryptedEnterprisePrivateKey\x18\x02 \x01(\x0c\x12$\n\x07keyType\x18\x03 \x01(\x0e\x32\x13.Enterprise.KeyType\"\'\n\x14GetTeamMemberRequest\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\"}\n\x0e\x45nterpriseUser\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\r\n\x05\x65mail\x18\x02 \x01(\t\x12\x1a\n\x12\x65nterpriseUsername\x18\x03 \x01(\t\x12\x14\n\x0cisShareAdmin\x18\x04 \x01(\x08\x12\x10\n\x08username\x18\x05 \x01(\t\"K\n\x15GetTeamMemberResponse\x12\x32\n\x0e\x65nterpriseUser\x18\x01 \x03(\x0b\x32\x1a.Enterprise.EnterpriseUser\"-\n\x11\x45nterpriseUserIds\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x03(\x03\"B\n\x19\x45nterprisePersonalAccount\x12\r\n\x05\x65mail\x18\x01 \x01(\t\x12\x16\n\x0eOBSOLETE_FIELD\x18\x02 \x01(\x0c\"S\n\x17\x45ncryptedTeamKeyRequest\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x65ncryptedTeamKey\x18\x02 \x01(\x0c\x12\r\n\x05\x66orce\x18\x03 \x01(\x08\"+\n\x0fReEncryptedData\x12\n\n\x02id\x18\x01 \x01(\x03\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\t\"?\n\x12ReEncryptedRoleKey\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x18\n\x10\x65ncryptedRoleKey\x18\x02 \x01(\x0c\"P\n\x16ReEncryptedUserDataKey\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14userEncryptedDataKey\x18\x02 \x01(\x0c\"\xd8\x02\n\x1bNodeToManagedCompanyRequest\x12\x11\n\tcompanyId\x18\x01 \x01(\x05\x12*\n\x05nodes\x18\x02 \x03(\x0b\x32\x1b.Enterprise.ReEncryptedData\x12*\n\x05roles\x18\x03 \x03(\x0b\x32\x1b.Enterprise.ReEncryptedData\x12*\n\x05users\x18\x04 \x03(\x0b\x32\x1b.Enterprise.ReEncryptedData\x12\x30\n\x08roleKeys\x18\x05 \x03(\x0b\x32\x1e.Enterprise.ReEncryptedRoleKey\x12\x35\n\x08teamKeys\x18\x06 \x03(\x0b\x32#.Enterprise.EncryptedTeamKeyRequest\x12\x39\n\rusersDataKeys\x18\x07 \x03(\x0b\x32\".Enterprise.ReEncryptedUserDataKey\",\n\x08RoleTeam\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x0f\n\x07teamUid\x18\x02 \x01(\x0c\"4\n\tRoleTeams\x12\'\n\trole_team\x18\x01 \x03(\x0b\x32\x14.Enterprise.RoleTeam\"/\n\x0bTeamsByRole\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x0f\n\x07teamUid\x18\x02 \x03(\x0c\"<\n\x12ManagedNodesByRole\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x15\n\rmanagedNodeId\x18\x02 \x03(\x03\"R\n\x0fRoleUserAddKeys\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0f\n\x07treeKey\x18\x02 \x01(\t\x12\x14\n\x0croleAdminKey\x18\x03 \x01(\t\"T\n\x0bRoleUserAdd\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x34\n\x0froleUserAddKeys\x18\x02 \x03(\x0b\x32\x1b.Enterprise.RoleUserAddKeys\"D\n\x13RoleUsersAddRequest\x12-\n\x0croleUserAdds\x18\x01 \x03(\x0b\x32\x17.Enterprise.RoleUserAdd\"\x80\x01\n\x11RoleUserAddResult\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x30\n\x06status\x18\x03 \x01(\x0e\x32 .Enterprise.RoleUserModifyStatus\x12\x0f\n\x07message\x18\x04 \x01(\t\"F\n\x14RoleUsersAddResponse\x12.\n\x07results\x18\x01 \x03(\x0b\x32\x1d.Enterprise.RoleUserAddResult\"<\n\x0eRoleUserRemove\x12\x0f\n\x07role_id\x18\x01 \x01(\x03\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\"M\n\x16RoleUsersRemoveRequest\x12\x33\n\x0froleUserRemoves\x18\x01 \x03(\x0b\x32\x1a.Enterprise.RoleUserRemove\"\x83\x01\n\x14RoleUserRemoveResult\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x30\n\x06status\x18\x03 \x01(\x0e\x32 .Enterprise.RoleUserModifyStatus\x12\x0f\n\x07message\x18\x04 \x01(\t\"L\n\x17RoleUsersRemoveResponse\x12\x31\n\x07results\x18\x01 \x03(\x0b\x32 .Enterprise.RoleUserRemoveResult\"\xa0\x04\n\x16\x45nterpriseRegistration\x12\x18\n\x10\x65ncryptedTreeKey\x18\x01 \x01(\x0c\x12\x16\n\x0e\x65nterpriseName\x18\x02 \x01(\t\x12\x14\n\x0crootNodeData\x18\x03 \x01(\x0c\x12\x15\n\radminUserData\x18\x04 \x01(\x0c\x12\x11\n\tadminName\x18\x05 \x01(\t\x12\x10\n\x08roleData\x18\x06 \x01(\x0c\x12\x38\n\nrsaKeyPair\x18\x07 \x01(\x0b\x32$.Enterprise.EnterpriseKeyPairRequest\x12\x13\n\x0bnumberSeats\x18\x08 \x01(\x05\x12\x32\n\x0e\x65nterpriseType\x18\t \x01(\x0e\x32\x1a.Enterprise.EnterpriseType\x12\x15\n\rrolePublicKey\x18\n \x01(\x0c\x12*\n\"rolePrivateKeyEncryptedWithRoleKey\x18\x0b \x01(\x0c\x12#\n\x1broleKeyEncryptedWithTreeKey\x18\x0c \x01(\x0c\x12\x38\n\neccKeyPair\x18\r \x01(\x0b\x32$.Enterprise.EnterpriseKeyPairRequest\x12\x18\n\x10\x61llUsersRoleData\x18\x0e \x01(\x0c\x12)\n!roleKeyEncryptedWithUserPublicKey\x18\x0f \x01(\x0c\x12\x18\n\x10\x61pproverRoleData\x18\x10 \x01(\x0c\"H\n\x1a\x44omainPasswordRulesRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x18\n\x10verificationCode\x18\x02 \x01(\t\"\\\n\x19\x44omainPasswordRulesFields\x12\x0c\n\x04type\x18\x01 \x01(\t\x12\x0f\n\x07minimum\x18\x02 \x01(\x05\x12\x0f\n\x07maximum\x18\x03 \x01(\x05\x12\x0f\n\x07\x61llowed\x18\x04 \x01(\x08\"E\n\x10LoginToMcRequest\x12\x16\n\x0emcEnterpriseId\x18\x01 \x01(\x05\x12\x19\n\x11messageSessionUid\x18\x02 \x01(\x0c\"L\n\x11LoginToMcResponse\x12\x1d\n\x15\x65ncryptedSessionToken\x18\x01 \x01(\x0c\x12\x18\n\x10\x65ncryptedTreeKey\x18\x02 \x01(\t\"g\n\x1b\x44omainPasswordRulesResponse\x12H\n\x19\x64omainPasswordRulesFields\x18\x01 \x03(\x0b\x32%.Enterprise.DomainPasswordRulesFields\"\x88\x01\n\x18\x41pproveUserDeviceRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x02 \x01(\x0c\x12\x1e\n\x16\x65ncryptedDeviceDataKey\x18\x03 \x01(\x0c\x12\x14\n\x0c\x64\x65nyApproval\x18\x04 \x01(\x08\"t\n\x19\x41pproveUserDeviceResponse\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x02 \x01(\x0c\x12\x0e\n\x06\x66\x61iled\x18\x03 \x01(\x08\x12\x0f\n\x07message\x18\x04 \x01(\t\"Y\n\x19\x41pproveUserDevicesRequest\x12<\n\x0e\x64\x65viceRequests\x18\x01 \x03(\x0b\x32$.Enterprise.ApproveUserDeviceRequest\"\\\n\x1a\x41pproveUserDevicesResponse\x12>\n\x0f\x64\x65viceResponses\x18\x01 \x03(\x0b\x32%.Enterprise.ApproveUserDeviceResponse\"\x87\x01\n\x15\x45nterpriseUserDataKey\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14userEncryptedDataKey\x18\x02 \x01(\x0c\x12\x11\n\tkeyTypeId\x18\x03 \x01(\x05\x12\x0f\n\x07roleKey\x18\x04 \x01(\x0c\x12\x12\n\nprivateKey\x18\x05 \x01(\x0c\"I\n\x16\x45nterpriseUserDataKeys\x12/\n\x04keys\x18\x01 \x03(\x0b\x32!.Enterprise.EnterpriseUserDataKey\"g\n\x1a\x45nterpriseUserDataKeyLight\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1c\n\x14userEncryptedDataKey\x18\x02 \x01(\x0c\x12\x11\n\tkeyTypeId\x18\x03 \x01(\x05\"d\n\x1c\x45nterpriseUserDataKeysByNode\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x34\n\x04keys\x18\x02 \x03(\x0b\x32&.Enterprise.EnterpriseUserDataKeyLight\"^\n$EnterpriseUserDataKeysByNodeResponse\x12\x36\n\x04keys\x18\x01 \x03(\x0b\x32(.Enterprise.EnterpriseUserDataKeysByNode\"2\n\x15\x45nterpriseDataRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"0\n\x13SpecialProvisioning\x12\x0b\n\x03url\x18\x01 \x01(\t\x12\x0c\n\x04name\x18\x02 \x01(\t\"\x84\x02\n\x11GeneralDataEntity\x12\x16\n\x0e\x65nterpriseName\x18\x01 \x01(\t\x12\x1a\n\x12restrictVisibility\x18\x02 \x01(\x08\x12<\n\x13specialProvisioning\x18\x04 \x01(\x0b\x32\x1f.Enterprise.SpecialProvisioning\x12\x30\n\ruserPrivilege\x18\x07 \x01(\x0b\x32\x19.Enterprise.UserPrivilege\x12\x13\n\x0b\x64istributor\x18\x08 \x01(\x08\x12\x1d\n\x15\x66orbidAccountTransfer\x18\t \x01(\x08\x12\x17\n\x0fshowUserOnboard\x18\n \x01(\x08\"\xfd\x01\n\x04Node\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x10\n\x08parentId\x18\x02 \x01(\x03\x12\x10\n\x08\x62ridgeId\x18\x03 \x01(\x03\x12\x0e\n\x06scimId\x18\x04 \x01(\x03\x12\x11\n\tlicenseId\x18\x05 \x01(\x03\x12\x15\n\rencryptedData\x18\x06 \x01(\t\x12\x12\n\nduoEnabled\x18\x07 \x01(\x08\x12\x12\n\nrsaEnabled\x18\x08 \x01(\x08\x12 \n\x14ssoServiceProviderId\x18\t \x01(\x03\x42\x02\x18\x01\x12\x1a\n\x12restrictVisibility\x18\n \x01(\x08\x12!\n\x15ssoServiceProviderIds\x18\x0b \x03(\x03\x42\x02\x10\x01\"\x8e\x01\n\x04Role\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\t\x12\x0f\n\x07keyType\x18\x04 \x01(\t\x12\x14\n\x0cvisibleBelow\x18\x05 \x01(\x08\x12\x16\n\x0enewUserInherit\x18\x06 \x01(\x08\x12\x10\n\x08roleType\x18\x07 \x01(\t\"\xb8\x02\n\x04User\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\t\x12\x0f\n\x07keyType\x18\x04 \x01(\t\x12\x10\n\x08username\x18\x05 \x01(\t\x12\x0e\n\x06status\x18\x06 \x01(\t\x12\x0c\n\x04lock\x18\x07 \x01(\x05\x12\x0e\n\x06userId\x18\x08 \x01(\x05\x12\x1e\n\x16\x61\x63\x63ountShareExpiration\x18\t \x01(\x03\x12\x10\n\x08\x66ullName\x18\n \x01(\t\x12\x10\n\x08jobTitle\x18\x0b \x01(\t\x12\x12\n\ntfaEnabled\x18\x0c \x01(\x08\x12\x46\n\x18transferAcceptanceStatus\x18\r \x01(\x0e\x32$.Enterprise.TransferAcceptanceStatus\"7\n\tUserAlias\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08username\x18\x02 \x01(\t\"\xac\x01\n\x18\x43omplianceReportMetaData\x12\x11\n\treportUid\x18\x01 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x12\n\nreportName\x18\x03 \x01(\t\x12\x15\n\rdateGenerated\x18\x04 \x01(\x03\x12\x11\n\trunByName\x18\x05 \x01(\t\x12\x16\n\x0enumberOfOwners\x18\x07 \x01(\x05\x12\x17\n\x0fnumberOfRecords\x18\x08 \x01(\x05\"S\n\x0bManagedNode\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x15\n\rmanagedNodeId\x18\x02 \x01(\x03\x12\x1d\n\x15\x63\x61scadeNodeManagement\x18\x03 \x01(\x08\"T\n\x0fUserManagedNode\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x1d\n\x15\x63\x61scadeNodeManagement\x18\x02 \x01(\x08\x12\x12\n\nprivileges\x18\x03 \x03(\t\"w\n\rUserPrivilege\x12\x35\n\x10userManagedNodes\x18\x01 \x03(\x0b\x32\x1b.Enterprise.UserManagedNode\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\t\"4\n\x08RoleUser\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\"M\n\rRolePrivilege\x12\x15\n\rmanagedNodeId\x18\x01 \x01(\x03\x12\x0e\n\x06roleId\x18\x02 \x01(\x03\x12\x15\n\rprivilegeType\x18\x03 \x01(\t\"I\n\x0fRoleEnforcement\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x17\n\x0f\x65nforcementType\x18\x02 \x01(\t\x12\r\n\x05value\x18\x03 \x01(\t\"\xa9\x01\n\x04Team\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x14\n\x0crestrictEdit\x18\x04 \x01(\x08\x12\x15\n\rrestrictShare\x18\x05 \x01(\x08\x12\x14\n\x0crestrictView\x18\x06 \x01(\x08\x12\x15\n\rencryptedData\x18\x07 \x01(\t\x12\x18\n\x10\x65ncryptedTeamKey\x18\x08 \x01(\t\"G\n\x08TeamUser\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x10\n\x08userType\x18\x03 \x01(\t\"K\n\x1aGetDistributorInfoResponse\x12-\n\x0c\x64istributors\x18\x01 \x03(\x0b\x32\x17.Enterprise.Distributor\"B\n\x0b\x44istributor\x12\x0c\n\x04name\x18\x01 \x01(\t\x12%\n\x08mspInfos\x18\x02 \x03(\x0b\x32\x13.Enterprise.MspInfo\"\x9d\x02\n\x07MspInfo\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x16\n\x0e\x65nterpriseName\x18\x02 \x01(\t\x12\x19\n\x11\x61llocatedLicenses\x18\x03 \x01(\x05\x12\x19\n\x11\x61llowedMcProducts\x18\x04 \x03(\t\x12\x15\n\rallowedAddOns\x18\x05 \x03(\t\x12\x17\n\x0fmaxFilePlanType\x18\x06 \x01(\t\x12\x34\n\x10managedCompanies\x18\x07 \x03(\x0b\x32\x1a.Enterprise.ManagedCompany\x12\x1e\n\x16\x61llowUnlimitedLicenses\x18\x08 \x01(\x08\x12(\n\x06\x61\x64\x64Ons\x18\t \x03(\x0b\x32\x18.Enterprise.LicenseAddOn\"\x91\x02\n\x0eManagedCompany\x12\x16\n\x0emcEnterpriseId\x18\x01 \x01(\x05\x12\x18\n\x10mcEnterpriseName\x18\x02 \x01(\t\x12\x11\n\tmspNodeId\x18\x03 \x01(\x03\x12\x15\n\rnumberOfSeats\x18\x04 \x01(\x05\x12\x15\n\rnumberOfUsers\x18\x05 \x01(\x05\x12\x11\n\tproductId\x18\x06 \x01(\t\x12\x11\n\tisExpired\x18\x07 \x01(\x08\x12\x0f\n\x07treeKey\x18\x08 \x01(\t\x12\x15\n\rtree_key_role\x18\t \x01(\x03\x12\x14\n\x0c\x66ilePlanType\x18\n \x01(\t\x12(\n\x06\x61\x64\x64Ons\x18\x0b \x03(\x0b\x32\x18.Enterprise.LicenseAddOn\"R\n\x07MSPPool\x12\x11\n\tproductId\x18\x01 \x01(\t\x12\r\n\x05seats\x18\x02 \x01(\x05\x12\x16\n\x0e\x61vailableSeats\x18\x03 \x01(\x05\x12\r\n\x05stash\x18\x04 \x01(\x05\":\n\nMSPContact\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x16\n\x0e\x65nterpriseName\x18\x02 \x01(\t\"\xec\x01\n\x0cLicenseAddOn\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0f\n\x07\x65nabled\x18\x02 \x01(\x08\x12\x0f\n\x07isTrial\x18\x03 \x01(\x08\x12\x12\n\nexpiration\x18\x04 \x01(\x03\x12\x0f\n\x07\x63reated\x18\x05 \x01(\x03\x12\r\n\x05seats\x18\x06 \x01(\x05\x12\x16\n\x0e\x61\x63tivationTime\x18\x07 \x01(\x03\x12\x19\n\x11includedInProduct\x18\x08 \x01(\x08\x12\x14\n\x0c\x61piCallCount\x18\t \x01(\x05\x12\x17\n\x0ftierDescription\x18\n \x01(\t\x12\x16\n\x0eseatsAllocated\x18\x0b \x01(\x05\"s\n\tMCDefault\x12\x11\n\tmcProduct\x18\x01 \x01(\t\x12\x0e\n\x06\x61\x64\x64Ons\x18\x02 \x03(\t\x12\x14\n\x0c\x66ilePlanType\x18\x03 \x01(\t\x12\x13\n\x0bmaxLicenses\x18\x04 \x01(\x05\x12\x18\n\x10\x66ixedMaxLicenses\x18\x05 \x01(\x08\"\xd2\x01\n\nMSPPermits\x12\x12\n\nrestricted\x18\x01 \x01(\x08\x12\x1a\n\x12maxAllowedLicenses\x18\x02 \x01(\x05\x12\x19\n\x11\x61llowedMcProducts\x18\x03 \x03(\t\x12\x15\n\rallowedAddOns\x18\x04 \x03(\t\x12\x17\n\x0fmaxFilePlanType\x18\x05 \x01(\t\x12\x1e\n\x16\x61llowUnlimitedLicenses\x18\x06 \x01(\x08\x12)\n\nmcDefaults\x18\x07 \x03(\x0b\x32\x15.Enterprise.MCDefault\"\xa0\x04\n\x07License\x12\x0c\n\x04paid\x18\x01 \x01(\x08\x12\x15\n\rnumberOfSeats\x18\x02 \x01(\x05\x12\x12\n\nexpiration\x18\x03 \x01(\x03\x12\x14\n\x0clicenseKeyId\x18\x04 \x01(\x05\x12\x15\n\rproductTypeId\x18\x05 \x01(\x05\x12\x0c\n\x04name\x18\x06 \x01(\t\x12\x1b\n\x13\x65nterpriseLicenseId\x18\x07 \x01(\x03\x12\x16\n\x0eseatsAllocated\x18\x08 \x01(\x05\x12\x14\n\x0cseatsPending\x18\t \x01(\x05\x12\x0c\n\x04tier\x18\n \x01(\x05\x12\x16\n\x0e\x66ilePlanTypeId\x18\x0b \x01(\x05\x12\x10\n\x08maxBytes\x18\x0c \x01(\x03\x12\x19\n\x11storageExpiration\x18\r \x01(\x03\x12\x15\n\rlicenseStatus\x18\x0e \x01(\t\x12$\n\x07mspPool\x18\x0f \x03(\x0b\x32\x13.Enterprise.MSPPool\x12)\n\tmanagedBy\x18\x10 \x01(\x0b\x32\x16.Enterprise.MSPContact\x12(\n\x06\x61\x64\x64Ons\x18\x11 \x03(\x0b\x32\x18.Enterprise.LicenseAddOn\x12\x17\n\x0fnextBillingDate\x18\x12 \x01(\x03\x12\x17\n\x0fhasMSPLegacyLog\x18\x13 \x01(\x08\x12*\n\nmspPermits\x18\x14 \x01(\x0b\x32\x16.Enterprise.MSPPermits\x12\x13\n\x0b\x64istributor\x18\x15 \x01(\x08\"n\n\x06\x42ridge\x12\x10\n\x08\x62ridgeId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x18\n\x10wanIpEnforcement\x18\x03 \x01(\t\x12\x18\n\x10lanIpEnforcement\x18\x04 \x01(\t\x12\x0e\n\x06status\x18\x05 \x01(\t\"t\n\x04Scim\x12\x0e\n\x06scimId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x0e\n\x06status\x18\x03 \x01(\t\x12\x12\n\nlastSynced\x18\x04 \x01(\x03\x12\x12\n\nrolePrefix\x18\x05 \x01(\t\x12\x14\n\x0cuniqueGroups\x18\x06 \x01(\x08\"L\n\x0e\x45mailProvision\x12\n\n\x02id\x18\x01 \x01(\x05\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x0e\n\x06\x64omain\x18\x03 \x01(\t\x12\x0e\n\x06method\x18\x04 \x01(\t\"R\n\nQueuedTeam\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x0c\n\x04name\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x15\n\rencryptedData\x18\x04 \x01(\t\"0\n\x0eQueuedTeamUser\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\r\n\x05users\x18\x02 \x03(\x03\"\xa4\x01\n\x0eTeamsAddResult\x12\x34\n\x11successfulTeamAdd\x18\x01 \x03(\x0b\x32\x19.Enterprise.TeamAddResult\x12\x36\n\x13unsuccessfulTeamAdd\x18\x02 \x03(\x0b\x32\x19.Enterprise.TeamAddResult\x12\x0e\n\x06result\x18\x03 \x01(\t\x12\x14\n\x0c\x65rrorMessage\x18\x04 \x01(\t\"U\n\rTeamAddResult\x12\x1e\n\x04team\x18\x01 \x01(\x0b\x32\x10.Enterprise.Team\x12\x0e\n\x06result\x18\x02 \x01(\t\x12\x14\n\x0c\x65rrorMessage\x18\x03 \x01(\t\"\x91\x01\n\nSsoService\x12\x1c\n\x14ssoServiceProviderId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x0c\n\x04name\x18\x03 \x01(\t\x12\x0e\n\x06sp_url\x18\x04 \x01(\t\x12\x16\n\x0einviteNewUsers\x18\x05 \x01(\x08\x12\x0e\n\x06\x61\x63tive\x18\x06 \x01(\x08\x12\x0f\n\x07isCloud\x18\x07 \x01(\x08\"1\n\x10ReportFilterUser\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\r\n\x05\x65mail\x18\x02 \x01(\t\"\x97\x02\n\x1d\x44\x65viceRequestForAdminApproval\x12\x10\n\x08\x64\x65viceId\x18\x01 \x01(\x03\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x03 \x01(\x0c\x12\x17\n\x0f\x64\x65vicePublicKey\x18\x04 \x01(\x0c\x12\x12\n\ndeviceName\x18\x05 \x01(\t\x12\x15\n\rclientVersion\x18\x06 \x01(\t\x12\x12\n\ndeviceType\x18\x07 \x01(\t\x12\x0c\n\x04\x64\x61te\x18\x08 \x01(\x03\x12\x11\n\tipAddress\x18\t \x01(\t\x12\x10\n\x08location\x18\n \x01(\t\x12\r\n\x05\x65mail\x18\x0b \x01(\t\x12\x12\n\naccountUid\x18\x0c \x01(\x0c\"`\n\x0e\x45nterpriseData\x12\x30\n\x06\x65ntity\x18\x01 \x01(\x0e\x32 .Enterprise.EnterpriseDataEntity\x12\x0e\n\x06\x64\x65lete\x18\x02 \x01(\x08\x12\x0c\n\x04\x64\x61ta\x18\x03 \x03(\x0c\"\xd0\x01\n\x16\x45nterpriseDataResponse\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\x12,\n\x0b\x63\x61\x63heStatus\x18\x03 \x01(\x0e\x32\x17.Enterprise.CacheStatus\x12(\n\x04\x64\x61ta\x18\x04 \x03(\x0b\x32\x1a.Enterprise.EnterpriseData\x12\x32\n\x0bgeneralData\x18\x05 \x01(\x0b\x32\x1d.Enterprise.GeneralDataEntity\"*\n\rBackupRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"\x98\x01\n\x0c\x42\x61\x63kupRecord\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x0b\n\x03key\x18\x03 \x01(\x0c\x12*\n\x07keyType\x18\x04 \x01(\x0e\x32\x19.Enterprise.BackupKeyType\x12\x0f\n\x07version\x18\x05 \x01(\x05\x12\x0c\n\x04\x64\x61ta\x18\x06 \x01(\x0c\x12\r\n\x05\x65xtra\x18\x07 \x01(\x0c\".\n\tBackupKey\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x11\n\tbackupKey\x18\x02 \x01(\x0c\"\x8d\x02\n\nBackupUser\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x10\n\x08userName\x18\x02 \x01(\t\x12\x0f\n\x07\x64\x61taKey\x18\x03 \x01(\x0c\x12\x36\n\x0b\x64\x61taKeyType\x18\x04 \x01(\x0e\x32!.Enterprise.BackupUserDataKeyType\x12\x12\n\nprivateKey\x18\x05 \x01(\x0c\x12\x0f\n\x07treeKey\x18\x06 \x01(\x0c\x12.\n\x0btreeKeyType\x18\x07 \x01(\x0e\x32\x19.Enterprise.BackupKeyType\x12)\n\nbackupKeys\x18\x08 \x03(\x0b\x32\x15.Enterprise.BackupKey\x12\x14\n\x0cprivateECKey\x18\t \x01(\x0c\"\x9e\x01\n\x0e\x42\x61\x63kupResponse\x12\x1f\n\x17\x65nterpriseEccPrivateKey\x18\x01 \x01(\x0c\x12%\n\x05users\x18\x02 \x03(\x0b\x32\x16.Enterprise.BackupUser\x12)\n\x07records\x18\x03 \x03(\x0b\x32\x18.Enterprise.BackupRecord\x12\x19\n\x11\x63ontinuationToken\x18\x04 \x01(\x0c\"e\n\nBackupFile\x12\x0c\n\x04user\x18\x01 \x01(\t\x12\x11\n\tbackupUid\x18\x02 \x01(\x0c\x12\x10\n\x08\x66ileName\x18\x03 \x01(\t\x12\x0f\n\x07\x63reated\x18\x04 \x01(\x03\x12\x13\n\x0b\x64ownloadUrl\x18\x05 \x01(\t\"8\n\x0f\x42\x61\x63kupsResponse\x12%\n\x05\x66iles\x18\x01 \x03(\x0b\x32\x16.Enterprise.BackupFile\".\n\x1cGetEnterpriseDataKeysRequest\x12\x0e\n\x06roleId\x18\x01 \x03(\x03\"\xff\x01\n\x1dGetEnterpriseDataKeysResponse\x12:\n\x12reEncryptedRoleKey\x18\x01 \x03(\x0b\x32\x1e.Enterprise.ReEncryptedRoleKey\x12$\n\x07roleKey\x18\x02 \x03(\x0b\x32\x13.Enterprise.RoleKey\x12\"\n\x06mspKey\x18\x03 \x01(\x0b\x32\x12.Enterprise.MspKey\x12\x32\n\x0e\x65nterpriseKeys\x18\x04 \x01(\x0b\x32\x1a.Enterprise.EnterpriseKeys\x12$\n\x07treeKey\x18\x05 \x01(\x0b\x32\x13.Enterprise.TreeKey\"^\n\x07RoleKey\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x14\n\x0c\x65ncryptedKey\x18\x02 \x01(\t\x12-\n\x07keyType\x18\x03 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"d\n\x06MspKey\x12\x1b\n\x13\x65ncryptedMspTreeKey\x18\x01 \x01(\t\x12=\n\x17\x65ncryptedMspTreeKeyType\x18\x02 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"|\n\x0e\x45nterpriseKeys\x12\x14\n\x0crsaPublicKey\x18\x01 \x01(\x0c\x12\x1e\n\x16rsaEncryptedPrivateKey\x18\x02 \x01(\x0c\x12\x14\n\x0c\x65\x63\x63PublicKey\x18\x03 \x01(\x0c\x12\x1e\n\x16\x65\x63\x63\x45ncryptedPrivateKey\x18\x04 \x01(\x0c\"H\n\x07TreeKey\x12\x0f\n\x07treeKey\x18\x01 \x01(\t\x12,\n\tkeyTypeId\x18\x02 \x01(\x0e\x32\x19.Enterprise.BackupKeyType\"E\n\x14SharedRecordResponse\x12-\n\x06\x65vents\x18\x01 \x03(\x0b\x32\x1d.Enterprise.SharedRecordEvent\"p\n\x11SharedRecordEvent\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08userName\x18\x02 \x01(\t\x12\x0f\n\x07\x63\x61nEdit\x18\x03 \x01(\x08\x12\x12\n\ncanReshare\x18\x04 \x01(\x08\x12\x11\n\tshareFrom\x18\x05 \x01(\x05\".\n\x1cSetRestrictVisibilityRequest\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\"\xd0\x01\n\x0eUserAddRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12-\n\x07keyType\x18\x04 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x05 \x01(\t\x12\x10\n\x08jobTitle\x18\x06 \x01(\t\x12\r\n\x05\x65mail\x18\x07 \x01(\t\x12\x1b\n\x13suppressEmailInvite\x18\x08 \x01(\x08\":\n\x11UserUpdateRequest\x12%\n\x05users\x18\x01 \x03(\x0b\x32\x16.Enterprise.UserUpdate\"\xaf\x01\n\nUserUpdate\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12-\n\x07keyType\x18\x04 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x05 \x01(\t\x12\x10\n\x08jobTitle\x18\x06 \x01(\t\x12\r\n\x05\x65mail\x18\x07 \x01(\t\"A\n\x12UserUpdateResponse\x12+\n\x05users\x18\x01 \x03(\x0b\x32\x1c.Enterprise.UserUpdateResult\"Z\n\x10UserUpdateResult\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12,\n\x06status\x18\x02 \x01(\x0e\x32\x1c.Enterprise.UserUpdateStatus\"J\n\x1d\x43omplianceRecordOwnersRequest\x12\x0f\n\x07nodeIds\x18\x01 \x03(\x03\x12\x18\n\x10includeNonShared\x18\x02 \x01(\x08\"O\n\x1e\x43omplianceRecordOwnersResponse\x12-\n\x0crecordOwners\x18\x01 \x03(\x0b\x32\x17.Enterprise.RecordOwner\"7\n\x0bRecordOwner\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0e\n\x06shared\x18\x02 \x01(\x08\"\xa6\x01\n PreliminaryComplianceDataRequest\x12\x19\n\x11\x65nterpriseUserIds\x18\x01 \x03(\x03\x12\x18\n\x10includeNonShared\x18\x02 \x01(\x08\x12\x19\n\x11\x63ontinuationToken\x18\x03 \x01(\x0c\x12\x32\n*includeTotalMatchingRecordsInFirstResponse\x18\x04 \x01(\x08\"\x9f\x01\n!PreliminaryComplianceDataResponse\x12\x30\n\rauditUserData\x18\x01 \x03(\x0b\x32\x19.Enterprise.AuditUserData\x12\x19\n\x11\x63ontinuationToken\x18\x02 \x01(\x0c\x12\x0f\n\x07hasMore\x18\x03 \x01(\x08\x12\x1c\n\x14totalMatchingRecords\x18\x04 \x01(\x05\"K\n\x0f\x41uditUserRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x15\n\rencryptedData\x18\x02 \x01(\x0c\x12\x0e\n\x06shared\x18\x03 \x01(\x08\"\x8d\x01\n\rAuditUserData\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x35\n\x10\x61uditUserRecords\x18\x02 \x03(\x0b\x32\x1b.Enterprise.AuditUserRecord\x12+\n\x06status\x18\x03 \x01(\x0e\x32\x1b.Enterprise.AuditUserStatus\"\x7f\n\x17\x43omplianceReportFilters\x12\x14\n\x0crecordTitles\x18\x01 \x03(\t\x12\x12\n\nrecordUids\x18\x02 \x03(\x0c\x12\x11\n\tjobTitles\x18\x03 \x03(\x03\x12\x0c\n\x04urls\x18\x04 \x03(\t\x12\x19\n\x11\x65nterpriseUserIds\x18\x05 \x03(\x03\"\x7f\n\x17\x43omplianceReportRequest\x12<\n\x13\x63omplianceReportRun\x18\x01 \x01(\x0b\x32\x1f.Enterprise.ComplianceReportRun\x12\x12\n\nreportName\x18\x02 \x01(\t\x12\x12\n\nsaveReport\x18\x03 \x01(\x08\"\x85\x01\n\x13\x43omplianceReportRun\x12N\n\x17reportCriteriaAndFilter\x18\x01 \x01(\x0b\x32-.Enterprise.ComplianceReportCriteriaAndFilter\x12\r\n\x05users\x18\x02 \x03(\x03\x12\x0f\n\x07records\x18\x03 \x03(\x0c\"\xfc\x01\n!ComplianceReportCriteriaAndFilter\x12\x0e\n\x06nodeId\x18\x01 \x01(\x03\x12\x13\n\x0b\x63riteriaUid\x18\x02 \x01(\x0c\x12\x14\n\x0c\x63riteriaName\x18\x03 \x01(\t\x12\x36\n\x08\x63riteria\x18\x04 \x01(\x0b\x32$.Enterprise.ComplianceReportCriteria\x12\x33\n\x07\x66ilters\x18\x05 \x03(\x0b\x32\".Enterprise.ComplianceReportFilter\x12\x14\n\x0clastModified\x18\x06 \x01(\x03\x12\x19\n\x11nodeEncryptedData\x18\x07 \x01(\x0c\"b\n\x18\x43omplianceReportCriteria\x12\x11\n\tjobTitles\x18\x01 \x03(\t\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\x12\x18\n\x10includeNonShared\x18\x03 \x01(\x08\"x\n\x16\x43omplianceReportFilter\x12\x14\n\x0crecordTitles\x18\x01 \x03(\t\x12\x12\n\nrecordUids\x18\x02 \x03(\x0c\x12\x11\n\tjobTitles\x18\x03 \x03(\t\x12\x0c\n\x04urls\x18\x04 \x03(\t\x12\x13\n\x0brecordTypes\x18\x05 \x03(\t\"\xa1\x05\n\x18\x43omplianceReportResponse\x12\x15\n\rdateGenerated\x18\x01 \x01(\x03\x12\x15\n\rrunByUserName\x18\x02 \x01(\t\x12\x12\n\nreportName\x18\x03 \x01(\t\x12\x11\n\treportUid\x18\x04 \x01(\x0c\x12<\n\x13\x63omplianceReportRun\x18\x05 \x01(\x0b\x32\x1f.Enterprise.ComplianceReportRun\x12-\n\x0cuserProfiles\x18\x06 \x03(\x0b\x32\x17.Enterprise.UserProfile\x12)\n\nauditTeams\x18\x07 \x03(\x0b\x32\x15.Enterprise.AuditTeam\x12-\n\x0c\x61uditRecords\x18\x08 \x03(\x0b\x32\x17.Enterprise.AuditRecord\x12+\n\x0buserRecords\x18\t \x03(\x0b\x32\x16.Enterprise.UserRecord\x12;\n\x13sharedFolderRecords\x18\n \x03(\x0b\x32\x1e.Enterprise.SharedFolderRecord\x12\x37\n\x11sharedFolderUsers\x18\x0b \x03(\x0b\x32\x1c.Enterprise.SharedFolderUser\x12\x37\n\x11sharedFolderTeams\x18\x0c \x03(\x0b\x32\x1c.Enterprise.SharedFolderTeam\x12\x31\n\x0e\x61uditTeamUsers\x18\r \x03(\x0b\x32\x19.Enterprise.AuditTeamUser\x12)\n\nauditRoles\x18\x0e \x03(\x0b\x32\x15.Enterprise.AuditRole\x12/\n\rlinkedRecords\x18\x0f \x03(\x0b\x32\x18.Enterprise.LinkedRecord\"\x81\x01\n\x0b\x41uditRecord\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x11\n\tauditData\x18\x02 \x01(\x0c\x12\x16\n\x0ehasAttachments\x18\x03 \x01(\x08\x12\x0f\n\x07inTrash\x18\x04 \x01(\x08\x12\x10\n\x08treeLeft\x18\x05 \x01(\x05\x12\x11\n\ttreeRight\x18\x06 \x01(\x05\"\x80\x02\n\tAuditRole\x12\x0e\n\x06roleId\x18\x01 \x01(\x03\x12\x15\n\rencryptedData\x18\x02 \x01(\x0c\x12&\n\x1erestrictShareOutsideEnterprise\x18\x03 \x01(\x08\x12\x18\n\x10restrictShareAll\x18\x04 \x01(\x08\x12\"\n\x1arestrictShareOfAttachments\x18\x05 \x01(\x08\x12)\n!restrictMaskPasswordsWhileEditing\x18\x06 \x01(\x08\x12;\n\x13roleNodeManagements\x18\x07 \x03(\x0b\x32\x1e.Enterprise.RoleNodeManagement\"^\n\x12RoleNodeManagement\x12\x10\n\x08treeLeft\x18\x01 \x01(\x05\x12\x11\n\ttreeRight\x18\x02 \x01(\x05\x12\x0f\n\x07\x63\x61scade\x18\x03 \x01(\x08\x12\x12\n\nprivileges\x18\x04 \x01(\x05\"k\n\x0bUserProfile\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08\x66ullName\x18\x02 \x01(\t\x12\x10\n\x08jobTitle\x18\x03 \x01(\t\x12\r\n\x05\x65mail\x18\x04 \x01(\t\x12\x0f\n\x07roleIds\x18\x05 \x03(\x03\"=\n\x10RecordPermission\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x16\n\x0epermissionBits\x18\x02 \x01(\x05\"_\n\nUserRecord\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x37\n\x11recordPermissions\x18\x02 \x03(\x0b\x32\x1c.Enterprise.RecordPermission\"[\n\tAuditTeam\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x10\n\x08teamName\x18\x02 \x01(\t\x12\x14\n\x0crestrictEdit\x18\x03 \x01(\x08\x12\x15\n\rrestrictShare\x18\x04 \x01(\x08\";\n\rAuditTeamUser\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\"\x9f\x01\n\x12SharedFolderRecord\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x37\n\x11recordPermissions\x18\x02 \x03(\x0b\x32\x1c.Enterprise.RecordPermission\x12\x37\n\x11shareAdminRecords\x18\x03 \x03(\x0b\x32\x1c.Enterprise.ShareAdminRecord\"M\n\x10ShareAdminRecord\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x1f\n\x17recordPermissionIndexes\x18\x02 \x03(\x05\"F\n\x10SharedFolderUser\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x19\n\x11\x65nterpriseUserIds\x18\x02 \x03(\x03\"=\n\x10SharedFolderTeam\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x10\n\x08teamUids\x18\x02 \x03(\x0c\"/\n\x1aGetComplianceReportRequest\x12\x11\n\treportUid\x18\x01 \x01(\x0c\"2\n\x1bGetComplianceReportResponse\x12\x13\n\x0b\x64ownloadUrl\x18\x01 \x01(\t\"6\n\x1f\x43omplianceReportCriteriaRequest\x12\x13\n\x0b\x63riteriaUid\x18\x01 \x01(\x0c\";\n$SaveComplianceReportCriteriaResponse\x12\x13\n\x0b\x63riteriaUid\x18\x01 \x01(\x0c\"4\n\x0cLinkedRecord\x12\x10\n\x08ownerUid\x18\x01 \x01(\x0c\x12\x12\n\nrecordUids\x18\x02 \x03(\x0c\"W\n\x17GetSharingAdminsRequest\x12\x17\n\x0fsharedFolderUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x10\n\x08username\x18\x03 \x01(\t\"\xe0\x01\n\x0eUserProfileExt\x12\r\n\x05\x65mail\x18\x01 \x01(\t\x12\x10\n\x08\x66ullName\x18\x02 \x01(\t\x12\x10\n\x08jobTitle\x18\x03 \x01(\t\x12\x14\n\x0cisMSPMCAdmin\x18\x04 \x01(\x08\x12\x18\n\x10isInSharedFolder\x18\x05 \x01(\x08\x12&\n\x1eisShareAdminForRequestedObject\x18\x06 \x01(\x08\x12(\n isShareAdminForSharedFolderOwner\x18\x07 \x01(\x08\x12\x19\n\x11hasAccessToObject\x18\x08 \x01(\x08\"O\n\x18GetSharingAdminsResponse\x12\x33\n\x0fuserProfileExts\x18\x01 \x03(\x0b\x32\x1a.Enterprise.UserProfileExt\"_\n\x1eTeamsEnterpriseUsersAddRequest\x12=\n\x05teams\x18\x01 \x03(\x0b\x32..Enterprise.TeamsEnterpriseUsersAddTeamRequest\"t\n\"TeamsEnterpriseUsersAddTeamRequest\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12=\n\x05users\x18\x02 \x03(\x0b\x32..Enterprise.TeamsEnterpriseUsersAddUserRequest\"\xab\x01\n\"TeamsEnterpriseUsersAddUserRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12*\n\x08userType\x18\x02 \x01(\x0e\x32\x18.Enterprise.TeamUserType\x12\x13\n\x07teamKey\x18\x03 \x01(\tB\x02\x18\x01\x12*\n\x0ctypedTeamKey\x18\x04 \x01(\x0b\x32\x14.Enterprise.TypedKey\"F\n\x08TypedKey\x12\x0b\n\x03key\x18\x01 \x01(\x0c\x12-\n\x07keyType\x18\x02 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\"s\n\x1fTeamsEnterpriseUsersAddResponse\x12>\n\x05teams\x18\x01 \x03(\x0b\x32/.Enterprise.TeamsEnterpriseUsersAddTeamResponse\x12\x10\n\x08revision\x18\x02 \x01(\x03\"\xc4\x01\n#TeamsEnterpriseUsersAddTeamResponse\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12>\n\x05users\x18\x02 \x03(\x0b\x32/.Enterprise.TeamsEnterpriseUsersAddUserResponse\x12\x0f\n\x07success\x18\x03 \x01(\x08\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x12\n\nresultCode\x18\x05 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x06 \x01(\t\"\x9f\x01\n#TeamsEnterpriseUsersAddUserResponse\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x0f\n\x07success\x18\x03 \x01(\x08\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x12\n\nresultCode\x18\x05 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x06 \x01(\t\"E\n\x18TeamEnterpriseUserRemove\x12\x0f\n\x07teamUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x65nterpriseUserId\x18\x02 \x01(\x03\"j\n TeamEnterpriseUserRemovesRequest\x12\x46\n\x18teamEnterpriseUserRemove\x18\x01 \x03(\x0b\x32$.Enterprise.TeamEnterpriseUserRemove\"{\n!TeamEnterpriseUserRemovesResponse\x12V\n teamEnterpriseUserRemoveResponse\x18\x01 \x03(\x0b\x32,.Enterprise.TeamEnterpriseUserRemoveResponse\"\xb8\x01\n TeamEnterpriseUserRemoveResponse\x12\x46\n\x18teamEnterpriseUserRemove\x18\x01 \x01(\x0b\x32$.Enterprise.TeamEnterpriseUserRemove\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x12\n\nresultCode\x18\x03 \x01(\t\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x05 \x01(\t\"M\n\x0b\x44omainAlias\x12\x0e\n\x06\x64omain\x18\x01 \x01(\t\x12\r\n\x05\x61lias\x18\x02 \x01(\t\x12\x0e\n\x06status\x18\x03 \x01(\x05\x12\x0f\n\x07message\x18\x04 \x01(\t\"B\n\x12\x44omainAliasRequest\x12,\n\x0b\x64omainAlias\x18\x01 \x03(\x0b\x32\x17.Enterprise.DomainAlias\"C\n\x13\x44omainAliasResponse\x12,\n\x0b\x64omainAlias\x18\x01 \x03(\x0b\x32\x17.Enterprise.DomainAlias\"m\n\x1f\x45nterpriseUsersProvisionRequest\x12\x33\n\x05users\x18\x01 \x03(\x0b\x32$.Enterprise.EnterpriseUsersProvision\x12\x15\n\rclientVersion\x18\x02 \x01(\t\"\xb6\x03\n\x18\x45nterpriseUsersProvision\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x15\n\rencryptedData\x18\x04 \x01(\t\x12-\n\x07keyType\x18\x05 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x06 \x01(\t\x12\x10\n\x08jobTitle\x18\x07 \x01(\t\x12\x1e\n\x16\x65nterpriseUsersDataKey\x18\x08 \x01(\x0c\x12\x14\n\x0c\x61uthVerifier\x18\t \x01(\x0c\x12\x18\n\x10\x65ncryptionParams\x18\n \x01(\x0c\x12\x14\n\x0crsaPublicKey\x18\x0b \x01(\x0c\x12\x1e\n\x16rsaEncryptedPrivateKey\x18\x0c \x01(\x0c\x12\x14\n\x0c\x65\x63\x63PublicKey\x18\r \x01(\x0c\x12\x1e\n\x16\x65\x63\x63\x45ncryptedPrivateKey\x18\x0e \x01(\x0c\x12\x1c\n\x14\x65ncryptedDeviceToken\x18\x0f \x01(\x0c\x12\x1a\n\x12\x65ncryptedClientKey\x18\x10 \x01(\x0c\"_\n EnterpriseUsersProvisionResponse\x12;\n\x07results\x18\x01 \x03(\x0b\x32*.Enterprise.EnterpriseUsersProvisionResult\"q\n\x1e\x45nterpriseUsersProvisionResult\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0c\n\x04\x63ode\x18\x02 \x01(\t\x12\x0f\n\x07message\x18\x03 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x04 \x01(\t\"a\n\x19\x45nterpriseUsersAddRequest\x12-\n\x05users\x18\x01 \x03(\x0b\x32\x1e.Enterprise.EnterpriseUsersAdd\x12\x15\n\rclientVersion\x18\x02 \x01(\t\"\x8c\x02\n\x12\x45nterpriseUsersAdd\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x10\n\x08username\x18\x02 \x01(\t\x12\x0e\n\x06nodeId\x18\x03 \x01(\x03\x12\x15\n\rencryptedData\x18\x04 \x01(\t\x12-\n\x07keyType\x18\x05 \x01(\x0e\x32\x1c.Enterprise.EncryptedKeyType\x12\x10\n\x08\x66ullName\x18\x06 \x01(\t\x12\x10\n\x08jobTitle\x18\x07 \x01(\t\x12\x1b\n\x13suppressEmailInvite\x18\x08 \x01(\x08\x12\x15\n\rinviteeLocale\x18\t \x01(\t\x12\x0c\n\x04move\x18\n \x01(\x08\x12\x0e\n\x06roleId\x18\x0b \x01(\x03\"\x9b\x01\n\x1a\x45nterpriseUsersAddResponse\x12\x35\n\x07results\x18\x01 \x03(\x0b\x32$.Enterprise.EnterpriseUsersAddResult\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x0c\n\x04\x63ode\x18\x03 \x01(\t\x12\x0f\n\x07message\x18\x04 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x05 \x01(\t\"\x96\x01\n\x18\x45nterpriseUsersAddResult\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x18\n\x10verificationCode\x18\x03 \x01(\t\x12\x0c\n\x04\x63ode\x18\x04 \x01(\t\x12\x0f\n\x07message\x18\x05 \x01(\t\x12\x16\n\x0e\x61\x64\x64itionalInfo\x18\x06 \x01(\t\"\xb9\x01\n\x17UpdateMSPPermitsRequest\x12\x17\n\x0fmspEnterpriseId\x18\x01 \x01(\x05\x12\x1a\n\x12maxAllowedLicenses\x18\x02 \x01(\x05\x12\x19\n\x11\x61llowedMcProducts\x18\x03 \x03(\t\x12\x15\n\rallowedAddOns\x18\x04 \x03(\t\x12\x17\n\x0fmaxFilePlanType\x18\x05 \x01(\t\x12\x1e\n\x16\x61llowUnlimitedLicenses\x18\x06 \x01(\x08\"9\n\x1c\x44\x65leteEnterpriseUsersRequest\x12\x19\n\x11\x65nterpriseUserIds\x18\x01 \x03(\x03\"o\n\x1a\x44\x65leteEnterpriseUserStatus\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\x12\x37\n\x06status\x18\x02 \x01(\x0e\x32\'.Enterprise.DeleteEnterpriseUsersResult\"]\n\x1d\x44\x65leteEnterpriseUsersResponse\x12<\n\x0c\x64\x65leteStatus\x18\x01 \x03(\x0b\x32&.Enterprise.DeleteEnterpriseUserStatus\"w\n\x18\x43learSecurityDataRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x03(\x03\x12\x10\n\x08\x61llUsers\x18\x02 \x01(\x08\x12/\n\x04type\x18\x03 \x01(\x0e\x32!.Enterprise.ClearSecurityDataType*\x1b\n\x07KeyType\x12\x07\n\x03RSA\x10\x00\x12\x07\n\x03\x45\x43\x43\x10\x01*\x9a\x02\n\x14RoleUserModifyStatus\x12\x0f\n\x0bROLE_EXISTS\x10\x00\x12\x14\n\x10MISSING_TREE_KEY\x10\x01\x12\x14\n\x10MISSING_ROLE_KEY\x10\x02\x12\x1e\n\x1aINVALID_ENTERPRISE_USER_ID\x10\x03\x12\x1b\n\x17PENDING_ENTERPRISE_USER\x10\x04\x12\x13\n\x0fINVALID_NODE_ID\x10\x05\x12!\n\x1dMAY_NOT_REMOVE_SELF_FROM_ROLE\x10\x06\x12\x1c\n\x18MUST_HAVE_ONE_USER_ADMIN\x10\x07\x12\x13\n\x0fINVALID_ROLE_ID\x10\x08\x12\x1d\n\x19PAM_LICENSE_SEAT_EXCEEDED\x10\t*=\n\x0e\x45nterpriseType\x12\x17\n\x13\x45NTERPRISE_STANDARD\x10\x00\x12\x12\n\x0e\x45NTERPRISE_MSP\x10\x01*s\n\x18TransferAcceptanceStatus\x12\r\n\tUNDEFINED\x10\x00\x12\x10\n\x0cNOT_REQUIRED\x10\x01\x12\x10\n\x0cNOT_ACCEPTED\x10\x02\x12\x16\n\x12PARTIALLY_ACCEPTED\x10\x03\x12\x0c\n\x08\x41\x43\x43\x45PTED\x10\x04*\xe1\x03\n\x14\x45nterpriseDataEntity\x12\x0b\n\x07UNKNOWN\x10\x00\x12\t\n\x05NODES\x10\x01\x12\t\n\x05ROLES\x10\x02\x12\t\n\x05USERS\x10\x03\x12\t\n\x05TEAMS\x10\x04\x12\x0e\n\nTEAM_USERS\x10\x05\x12\x0e\n\nROLE_USERS\x10\x06\x12\x13\n\x0fROLE_PRIVILEGES\x10\x07\x12\x15\n\x11ROLE_ENFORCEMENTS\x10\x08\x12\x0e\n\nROLE_TEAMS\x10\t\x12\x0c\n\x08LICENSES\x10\n\x12\x11\n\rMANAGED_NODES\x10\x0b\x12\x15\n\x11MANAGED_COMPANIES\x10\x0c\x12\x0b\n\x07\x42RIDGES\x10\r\x12\t\n\x05SCIMS\x10\x0e\x12\x13\n\x0f\x45MAIL_PROVISION\x10\x0f\x12\x10\n\x0cQUEUED_TEAMS\x10\x10\x12\x15\n\x11QUEUED_TEAM_USERS\x10\x11\x12\x10\n\x0cSSO_SERVICES\x10\x12\x12\x17\n\x13REPORT_FILTER_USERS\x10\x13\x12&\n\"DEVICES_REQUEST_FOR_ADMIN_APPROVAL\x10\x14\x12\x10\n\x0cUSER_ALIASES\x10\x15\x12)\n%COMPLIANCE_REPORT_CRITERIA_AND_FILTER\x10\x16\x12\x16\n\x12\x43OMPLIANCE_REPORTS\x10\x17*\"\n\x0b\x43\x61\x63heStatus\x12\x08\n\x04KEEP\x10\x00\x12\t\n\x05\x43LEAR\x10\x01*\x93\x01\n\rBackupKeyType\x12\n\n\x06NO_KEY\x10\x00\x12\x19\n\x15\x45NCRYPTED_BY_DATA_KEY\x10\x01\x12\x1b\n\x17\x45NCRYPTED_BY_PUBLIC_KEY\x10\x02\x12\x1d\n\x19\x45NCRYPTED_BY_DATA_KEY_GCM\x10\x03\x12\x1f\n\x1b\x45NCRYPTED_BY_PUBLIC_KEY_ECC\x10\x04*:\n\x15\x42\x61\x63kupUserDataKeyType\x12\x07\n\x03OWN\x10\x00\x12\x18\n\x14SHARED_TO_ENTERPRISE\x10\x01*\xa5\x01\n\x10\x45ncryptedKeyType\x12\r\n\tKT_NO_KEY\x10\x00\x12\x1c\n\x18KT_ENCRYPTED_BY_DATA_KEY\x10\x01\x12\x1e\n\x1aKT_ENCRYPTED_BY_PUBLIC_KEY\x10\x02\x12 \n\x1cKT_ENCRYPTED_BY_DATA_KEY_GCM\x10\x03\x12\"\n\x1eKT_ENCRYPTED_BY_PUBLIC_KEY_ECC\x10\x04*\x8e\x02\n\x12\x45nterpriseFlagType\x12\x0b\n\x07INVALID\x10\x00\x12\x1a\n\x16\x41LLOW_PERSONAL_LICENSE\x10\x01\x12\x18\n\x14SPECIAL_PROVISIONING\x10\x02\x12\x10\n\x0cRECORD_TYPES\x10\x03\x12\x13\n\x0fSECRETS_MANAGER\x10\x04\x12\x15\n\x11\x45NTERPRISE_LOCKED\x10\x05\x12\x15\n\x11\x46ORBID_KEY_TYPE_2\x10\x06\x12\x15\n\x11\x43ONSOLE_ONBOARDED\x10\x07\x12\x1b\n\x17\x46ORBID_ACCOUNT_TRANSFER\x10\x08\x12\x15\n\x11NPS_POPUP_OPT_OUT\x10\t\x12\x15\n\x11SHOW_USER_ONBOARD\x10\n*E\n\x10UserUpdateStatus\x12\x12\n\x0eUSER_UPDATE_OK\x10\x00\x12\x1d\n\x19USER_UPDATE_ACCESS_DENIED\x10\x01*I\n\x0f\x41uditUserStatus\x12\x06\n\x02OK\x10\x00\x12\x11\n\rACCESS_DENIED\x10\x01\x12\x1b\n\x17NO_LONGER_IN_ENTERPRISE\x10\x02*3\n\x0cTeamUserType\x12\x08\n\x04USER\x10\x00\x12\t\n\x05\x41\x44MIN\x10\x01\x12\x0e\n\nADMIN_ONLY\x10\x02*x\n\rAppClientType\x12\x0c\n\x08NOT_USED\x10\x00\x12\x0b\n\x07GENERAL\x10\x01\x12%\n!DISCOVERY_AND_ROTATION_CONTROLLER\x10\x02\x12\x12\n\x0eKCM_CONTROLLER\x10\x03\x12\x11\n\rSELF_DESTRUCT\x10\x04*\x8f\x01\n\x1b\x44\x65leteEnterpriseUsersResult\x12\x0b\n\x07SUCCESS\x10\x00\x12\x1a\n\x16NOT_AN_ENTERPRISE_USER\x10\x01\x12\x16\n\x12\x43\x41NNOT_DELETE_SELF\x10\x02\x12$\n BRIDGE_CANNOT_DELETE_ACTIVE_USER\x10\x03\x12\t\n\x05\x45RROR\x10\x04*\x87\x01\n\x15\x43learSecurityDataType\x12\x1e\n\x1aRECALCULATE_SUMMARY_REPORT\x10\x00\x12\'\n#FORCE_CLIENT_CHECK_FOR_MISSING_DATA\x10\x01\x12%\n!FORCE_CLIENT_RESEND_SECURITY_DATA\x10\x02\x42&\n\x18\x63om.keepersecurity.protoB\nEnterpriseb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -30,38 +38,38 @@ _globals['_NODE'].fields_by_name['ssoServiceProviderIds']._serialized_options = b'\020\001' _globals['_TEAMSENTERPRISEUSERSADDUSERREQUEST'].fields_by_name['teamKey']._loaded_options = None _globals['_TEAMSENTERPRISEUSERSADDUSERREQUEST'].fields_by_name['teamKey']._serialized_options = b'\030\001' - _globals['_KEYTYPE']._serialized_start=19317 - _globals['_KEYTYPE']._serialized_end=19344 - _globals['_ROLEUSERMODIFYSTATUS']._serialized_start=19347 - _globals['_ROLEUSERMODIFYSTATUS']._serialized_end=19577 - _globals['_ENTERPRISETYPE']._serialized_start=19579 - _globals['_ENTERPRISETYPE']._serialized_end=19640 - _globals['_TRANSFERACCEPTANCESTATUS']._serialized_start=19642 - _globals['_TRANSFERACCEPTANCESTATUS']._serialized_end=19757 - _globals['_ENTERPRISEDATAENTITY']._serialized_start=19760 - _globals['_ENTERPRISEDATAENTITY']._serialized_end=20282 - _globals['_CACHESTATUS']._serialized_start=20284 - _globals['_CACHESTATUS']._serialized_end=20318 - _globals['_BACKUPKEYTYPE']._serialized_start=20321 - _globals['_BACKUPKEYTYPE']._serialized_end=20468 - _globals['_BACKUPUSERDATAKEYTYPE']._serialized_start=20470 - _globals['_BACKUPUSERDATAKEYTYPE']._serialized_end=20528 - _globals['_ENCRYPTEDKEYTYPE']._serialized_start=20531 - _globals['_ENCRYPTEDKEYTYPE']._serialized_end=20696 - _globals['_ENTERPRISEFLAGTYPE']._serialized_start=20699 - _globals['_ENTERPRISEFLAGTYPE']._serialized_end=20969 - _globals['_USERUPDATESTATUS']._serialized_start=20971 - _globals['_USERUPDATESTATUS']._serialized_end=21040 - _globals['_AUDITUSERSTATUS']._serialized_start=21042 - _globals['_AUDITUSERSTATUS']._serialized_end=21115 - _globals['_TEAMUSERTYPE']._serialized_start=21117 - _globals['_TEAMUSERTYPE']._serialized_end=21168 - _globals['_APPCLIENTTYPE']._serialized_start=21170 - _globals['_APPCLIENTTYPE']._serialized_end=21290 - _globals['_DELETEENTERPRISEUSERSRESULT']._serialized_start=21293 - _globals['_DELETEENTERPRISEUSERSRESULT']._serialized_end=21436 - _globals['_CLEARSECURITYDATATYPE']._serialized_start=21439 - _globals['_CLEARSECURITYDATATYPE']._serialized_end=21574 + _globals['_KEYTYPE']._serialized_start=19919 + _globals['_KEYTYPE']._serialized_end=19946 + _globals['_ROLEUSERMODIFYSTATUS']._serialized_start=19949 + _globals['_ROLEUSERMODIFYSTATUS']._serialized_end=20231 + _globals['_ENTERPRISETYPE']._serialized_start=20233 + _globals['_ENTERPRISETYPE']._serialized_end=20294 + _globals['_TRANSFERACCEPTANCESTATUS']._serialized_start=20296 + _globals['_TRANSFERACCEPTANCESTATUS']._serialized_end=20411 + _globals['_ENTERPRISEDATAENTITY']._serialized_start=20414 + _globals['_ENTERPRISEDATAENTITY']._serialized_end=20895 + _globals['_CACHESTATUS']._serialized_start=20897 + _globals['_CACHESTATUS']._serialized_end=20931 + _globals['_BACKUPKEYTYPE']._serialized_start=20934 + _globals['_BACKUPKEYTYPE']._serialized_end=21081 + _globals['_BACKUPUSERDATAKEYTYPE']._serialized_start=21083 + _globals['_BACKUPUSERDATAKEYTYPE']._serialized_end=21141 + _globals['_ENCRYPTEDKEYTYPE']._serialized_start=21144 + _globals['_ENCRYPTEDKEYTYPE']._serialized_end=21309 + _globals['_ENTERPRISEFLAGTYPE']._serialized_start=21312 + _globals['_ENTERPRISEFLAGTYPE']._serialized_end=21582 + _globals['_USERUPDATESTATUS']._serialized_start=21584 + _globals['_USERUPDATESTATUS']._serialized_end=21653 + _globals['_AUDITUSERSTATUS']._serialized_start=21655 + _globals['_AUDITUSERSTATUS']._serialized_end=21728 + _globals['_TEAMUSERTYPE']._serialized_start=21730 + _globals['_TEAMUSERTYPE']._serialized_end=21781 + _globals['_APPCLIENTTYPE']._serialized_start=21783 + _globals['_APPCLIENTTYPE']._serialized_end=21903 + _globals['_DELETEENTERPRISEUSERSRESULT']._serialized_start=21906 + _globals['_DELETEENTERPRISEUSERSRESULT']._serialized_end=22049 + _globals['_CLEARSECURITYDATATYPE']._serialized_start=22052 + _globals['_CLEARSECURITYDATATYPE']._serialized_end=22187 _globals['_ENTERPRISEKEYPAIRREQUEST']._serialized_start=33 _globals['_ENTERPRISEKEYPAIRREQUEST']._serialized_end=165 _globals['_GETTEAMMEMBERREQUEST']._serialized_start=167 @@ -88,284 +96,296 @@ _globals['_ROLETEAM']._serialized_end=1195 _globals['_ROLETEAMS']._serialized_start=1197 _globals['_ROLETEAMS']._serialized_end=1249 - _globals['_ROLEUSERADDKEYS']._serialized_start=1251 - _globals['_ROLEUSERADDKEYS']._serialized_end=1333 - _globals['_ROLEUSERADD']._serialized_start=1335 - _globals['_ROLEUSERADD']._serialized_end=1419 - _globals['_ROLEUSERSADDREQUEST']._serialized_start=1421 - _globals['_ROLEUSERSADDREQUEST']._serialized_end=1489 - _globals['_ROLEUSERADDRESULT']._serialized_start=1492 - _globals['_ROLEUSERADDRESULT']._serialized_end=1620 - _globals['_ROLEUSERSADDRESPONSE']._serialized_start=1622 - _globals['_ROLEUSERSADDRESPONSE']._serialized_end=1692 - _globals['_ROLEUSERREMOVE']._serialized_start=1694 - _globals['_ROLEUSERREMOVE']._serialized_end=1754 - _globals['_ROLEUSERSREMOVEREQUEST']._serialized_start=1756 - _globals['_ROLEUSERSREMOVEREQUEST']._serialized_end=1833 - _globals['_ROLEUSERREMOVERESULT']._serialized_start=1836 - _globals['_ROLEUSERREMOVERESULT']._serialized_end=1967 - _globals['_ROLEUSERSREMOVERESPONSE']._serialized_start=1969 - _globals['_ROLEUSERSREMOVERESPONSE']._serialized_end=2045 - _globals['_ENTERPRISEREGISTRATION']._serialized_start=2048 - _globals['_ENTERPRISEREGISTRATION']._serialized_end=2592 - _globals['_DOMAINPASSWORDRULESREQUEST']._serialized_start=2594 - _globals['_DOMAINPASSWORDRULESREQUEST']._serialized_end=2666 - _globals['_DOMAINPASSWORDRULESFIELDS']._serialized_start=2668 - _globals['_DOMAINPASSWORDRULESFIELDS']._serialized_end=2760 - _globals['_LOGINTOMCREQUEST']._serialized_start=2762 - _globals['_LOGINTOMCREQUEST']._serialized_end=2831 - _globals['_LOGINTOMCRESPONSE']._serialized_start=2833 - _globals['_LOGINTOMCRESPONSE']._serialized_end=2909 - _globals['_DOMAINPASSWORDRULESRESPONSE']._serialized_start=2911 - _globals['_DOMAINPASSWORDRULESRESPONSE']._serialized_end=3014 - _globals['_APPROVEUSERDEVICEREQUEST']._serialized_start=3017 - _globals['_APPROVEUSERDEVICEREQUEST']._serialized_end=3153 - _globals['_APPROVEUSERDEVICERESPONSE']._serialized_start=3155 - _globals['_APPROVEUSERDEVICERESPONSE']._serialized_end=3271 - _globals['_APPROVEUSERDEVICESREQUEST']._serialized_start=3273 - _globals['_APPROVEUSERDEVICESREQUEST']._serialized_end=3362 - _globals['_APPROVEUSERDEVICESRESPONSE']._serialized_start=3364 - _globals['_APPROVEUSERDEVICESRESPONSE']._serialized_end=3456 - _globals['_ENTERPRISEUSERDATAKEY']._serialized_start=3459 - _globals['_ENTERPRISEUSERDATAKEY']._serialized_end=3594 - _globals['_ENTERPRISEUSERDATAKEYS']._serialized_start=3596 - _globals['_ENTERPRISEUSERDATAKEYS']._serialized_end=3669 - _globals['_ENTERPRISEUSERDATAKEYLIGHT']._serialized_start=3671 - _globals['_ENTERPRISEUSERDATAKEYLIGHT']._serialized_end=3774 - _globals['_ENTERPRISEUSERDATAKEYSBYNODE']._serialized_start=3776 - _globals['_ENTERPRISEUSERDATAKEYSBYNODE']._serialized_end=3876 - _globals['_ENTERPRISEUSERDATAKEYSBYNODERESPONSE']._serialized_start=3878 - _globals['_ENTERPRISEUSERDATAKEYSBYNODERESPONSE']._serialized_end=3972 - _globals['_ENTERPRISEDATAREQUEST']._serialized_start=3974 - _globals['_ENTERPRISEDATAREQUEST']._serialized_end=4024 - _globals['_SPECIALPROVISIONING']._serialized_start=4026 - _globals['_SPECIALPROVISIONING']._serialized_end=4074 - _globals['_GENERALDATAENTITY']._serialized_start=4077 - _globals['_GENERALDATAENTITY']._serialized_end=4337 - _globals['_NODE']._serialized_start=4340 - _globals['_NODE']._serialized_end=4593 - _globals['_ROLE']._serialized_start=4596 - _globals['_ROLE']._serialized_end=4738 - _globals['_USER']._serialized_start=4741 - _globals['_USER']._serialized_end=5053 - _globals['_USERALIAS']._serialized_start=5055 - _globals['_USERALIAS']._serialized_end=5110 - _globals['_COMPLIANCEREPORTMETADATA']._serialized_start=5113 - _globals['_COMPLIANCEREPORTMETADATA']._serialized_end=5285 - _globals['_MANAGEDNODE']._serialized_start=5287 - _globals['_MANAGEDNODE']._serialized_end=5370 - _globals['_USERMANAGEDNODE']._serialized_start=5372 - _globals['_USERMANAGEDNODE']._serialized_end=5456 - _globals['_USERPRIVILEGE']._serialized_start=5458 - _globals['_USERPRIVILEGE']._serialized_end=5577 - _globals['_ROLEUSER']._serialized_start=5579 - _globals['_ROLEUSER']._serialized_end=5631 - _globals['_ROLEPRIVILEGE']._serialized_start=5633 - _globals['_ROLEPRIVILEGE']._serialized_end=5710 - _globals['_ROLEENFORCEMENT']._serialized_start=5712 - _globals['_ROLEENFORCEMENT']._serialized_end=5785 - _globals['_TEAM']._serialized_start=5788 - _globals['_TEAM']._serialized_end=5957 - _globals['_TEAMUSER']._serialized_start=5959 - _globals['_TEAMUSER']._serialized_end=6030 - _globals['_GETDISTRIBUTORINFORESPONSE']._serialized_start=6032 - _globals['_GETDISTRIBUTORINFORESPONSE']._serialized_end=6107 - _globals['_DISTRIBUTOR']._serialized_start=6109 - _globals['_DISTRIBUTOR']._serialized_end=6175 - _globals['_MSPINFO']._serialized_start=6178 - _globals['_MSPINFO']._serialized_end=6463 - _globals['_MANAGEDCOMPANY']._serialized_start=6466 - _globals['_MANAGEDCOMPANY']._serialized_end=6739 - _globals['_MSPPOOL']._serialized_start=6741 - _globals['_MSPPOOL']._serialized_end=6823 - _globals['_MSPCONTACT']._serialized_start=6825 - _globals['_MSPCONTACT']._serialized_end=6883 - _globals['_LICENSEADDON']._serialized_start=6886 - _globals['_LICENSEADDON']._serialized_end=7122 - _globals['_MCDEFAULT']._serialized_start=7124 - _globals['_MCDEFAULT']._serialized_end=7239 - _globals['_MSPPERMITS']._serialized_start=7242 - _globals['_MSPPERMITS']._serialized_end=7452 - _globals['_LICENSE']._serialized_start=7455 - _globals['_LICENSE']._serialized_end=7999 - _globals['_BRIDGE']._serialized_start=8001 - _globals['_BRIDGE']._serialized_end=8111 - _globals['_SCIM']._serialized_start=8113 - _globals['_SCIM']._serialized_end=8229 - _globals['_EMAILPROVISION']._serialized_start=8231 - _globals['_EMAILPROVISION']._serialized_end=8307 - _globals['_QUEUEDTEAM']._serialized_start=8309 - _globals['_QUEUEDTEAM']._serialized_end=8391 - _globals['_QUEUEDTEAMUSER']._serialized_start=8393 - _globals['_QUEUEDTEAMUSER']._serialized_end=8441 - _globals['_TEAMSADDRESULT']._serialized_start=8444 - _globals['_TEAMSADDRESULT']._serialized_end=8608 - _globals['_TEAMADDRESULT']._serialized_start=8610 - _globals['_TEAMADDRESULT']._serialized_end=8695 - _globals['_SSOSERVICE']._serialized_start=8698 - _globals['_SSOSERVICE']._serialized_end=8843 - _globals['_REPORTFILTERUSER']._serialized_start=8845 - _globals['_REPORTFILTERUSER']._serialized_end=8894 - _globals['_DEVICEREQUESTFORADMINAPPROVAL']._serialized_start=8897 - _globals['_DEVICEREQUESTFORADMINAPPROVAL']._serialized_end=9176 - _globals['_ENTERPRISEDATA']._serialized_start=9178 - _globals['_ENTERPRISEDATA']._serialized_end=9274 - _globals['_ENTERPRISEDATARESPONSE']._serialized_start=9277 - _globals['_ENTERPRISEDATARESPONSE']._serialized_end=9485 - _globals['_BACKUPREQUEST']._serialized_start=9487 - _globals['_BACKUPREQUEST']._serialized_end=9529 - _globals['_BACKUPRECORD']._serialized_start=9532 - _globals['_BACKUPRECORD']._serialized_end=9684 - _globals['_BACKUPKEY']._serialized_start=9686 - _globals['_BACKUPKEY']._serialized_end=9732 - _globals['_BACKUPUSER']._serialized_start=9735 - _globals['_BACKUPUSER']._serialized_end=10004 - _globals['_BACKUPRESPONSE']._serialized_start=10007 - _globals['_BACKUPRESPONSE']._serialized_end=10165 - _globals['_BACKUPFILE']._serialized_start=10167 - _globals['_BACKUPFILE']._serialized_end=10268 - _globals['_BACKUPSRESPONSE']._serialized_start=10270 - _globals['_BACKUPSRESPONSE']._serialized_end=10326 - _globals['_GETENTERPRISEDATAKEYSREQUEST']._serialized_start=10328 - _globals['_GETENTERPRISEDATAKEYSREQUEST']._serialized_end=10374 - _globals['_GETENTERPRISEDATAKEYSRESPONSE']._serialized_start=10377 - _globals['_GETENTERPRISEDATAKEYSRESPONSE']._serialized_end=10632 - _globals['_ROLEKEY']._serialized_start=10634 - _globals['_ROLEKEY']._serialized_end=10728 - _globals['_MSPKEY']._serialized_start=10730 - _globals['_MSPKEY']._serialized_end=10830 - _globals['_ENTERPRISEKEYS']._serialized_start=10832 - _globals['_ENTERPRISEKEYS']._serialized_end=10956 - _globals['_TREEKEY']._serialized_start=10958 - _globals['_TREEKEY']._serialized_end=11030 - _globals['_SHAREDRECORDRESPONSE']._serialized_start=11032 - _globals['_SHAREDRECORDRESPONSE']._serialized_end=11101 - _globals['_SHAREDRECORDEVENT']._serialized_start=11103 - _globals['_SHAREDRECORDEVENT']._serialized_end=11215 - _globals['_SETRESTRICTVISIBILITYREQUEST']._serialized_start=11217 - _globals['_SETRESTRICTVISIBILITYREQUEST']._serialized_end=11263 - _globals['_USERADDREQUEST']._serialized_start=11266 - _globals['_USERADDREQUEST']._serialized_end=11474 - _globals['_USERUPDATEREQUEST']._serialized_start=11476 - _globals['_USERUPDATEREQUEST']._serialized_end=11534 - _globals['_USERUPDATE']._serialized_start=11537 - _globals['_USERUPDATE']._serialized_end=11712 - _globals['_USERUPDATERESPONSE']._serialized_start=11714 - _globals['_USERUPDATERESPONSE']._serialized_end=11779 - _globals['_USERUPDATERESULT']._serialized_start=11781 - _globals['_USERUPDATERESULT']._serialized_end=11871 - _globals['_COMPLIANCERECORDOWNERSREQUEST']._serialized_start=11873 - _globals['_COMPLIANCERECORDOWNERSREQUEST']._serialized_end=11947 - _globals['_COMPLIANCERECORDOWNERSRESPONSE']._serialized_start=11949 - _globals['_COMPLIANCERECORDOWNERSRESPONSE']._serialized_end=12028 - _globals['_RECORDOWNER']._serialized_start=12030 - _globals['_RECORDOWNER']._serialized_end=12085 - _globals['_PRELIMINARYCOMPLIANCEDATAREQUEST']._serialized_start=12088 - _globals['_PRELIMINARYCOMPLIANCEDATAREQUEST']._serialized_end=12254 - _globals['_PRELIMINARYCOMPLIANCEDATARESPONSE']._serialized_start=12257 - _globals['_PRELIMINARYCOMPLIANCEDATARESPONSE']._serialized_end=12416 - _globals['_AUDITUSERRECORD']._serialized_start=12418 - _globals['_AUDITUSERRECORD']._serialized_end=12493 - _globals['_AUDITUSERDATA']._serialized_start=12496 - _globals['_AUDITUSERDATA']._serialized_end=12637 - _globals['_COMPLIANCEREPORTFILTERS']._serialized_start=12639 - _globals['_COMPLIANCEREPORTFILTERS']._serialized_end=12766 - _globals['_COMPLIANCEREPORTREQUEST']._serialized_start=12768 - _globals['_COMPLIANCEREPORTREQUEST']._serialized_end=12895 - _globals['_COMPLIANCEREPORTRUN']._serialized_start=12898 - _globals['_COMPLIANCEREPORTRUN']._serialized_end=13031 - _globals['_COMPLIANCEREPORTCRITERIAANDFILTER']._serialized_start=13034 - _globals['_COMPLIANCEREPORTCRITERIAANDFILTER']._serialized_end=13286 - _globals['_COMPLIANCEREPORTCRITERIA']._serialized_start=13288 - _globals['_COMPLIANCEREPORTCRITERIA']._serialized_end=13386 - _globals['_COMPLIANCEREPORTFILTER']._serialized_start=13388 - _globals['_COMPLIANCEREPORTFILTER']._serialized_end=13508 - _globals['_COMPLIANCEREPORTRESPONSE']._serialized_start=13511 - _globals['_COMPLIANCEREPORTRESPONSE']._serialized_end=14184 - _globals['_AUDITRECORD']._serialized_start=14187 - _globals['_AUDITRECORD']._serialized_end=14316 - _globals['_AUDITROLE']._serialized_start=14319 - _globals['_AUDITROLE']._serialized_end=14575 - _globals['_ROLENODEMANAGEMENT']._serialized_start=14577 - _globals['_ROLENODEMANAGEMENT']._serialized_end=14671 - _globals['_USERPROFILE']._serialized_start=14673 - _globals['_USERPROFILE']._serialized_end=14780 - _globals['_RECORDPERMISSION']._serialized_start=14782 - _globals['_RECORDPERMISSION']._serialized_end=14843 - _globals['_USERRECORD']._serialized_start=14845 - _globals['_USERRECORD']._serialized_end=14940 - _globals['_AUDITTEAM']._serialized_start=14942 - _globals['_AUDITTEAM']._serialized_end=15033 - _globals['_AUDITTEAMUSER']._serialized_start=15035 - _globals['_AUDITTEAMUSER']._serialized_end=15094 - _globals['_SHAREDFOLDERRECORD']._serialized_start=15097 - _globals['_SHAREDFOLDERRECORD']._serialized_end=15256 - _globals['_SHAREADMINRECORD']._serialized_start=15258 - _globals['_SHAREADMINRECORD']._serialized_end=15335 - _globals['_SHAREDFOLDERUSER']._serialized_start=15337 - _globals['_SHAREDFOLDERUSER']._serialized_end=15407 - _globals['_SHAREDFOLDERTEAM']._serialized_start=15409 - _globals['_SHAREDFOLDERTEAM']._serialized_end=15470 - _globals['_GETCOMPLIANCEREPORTREQUEST']._serialized_start=15472 - _globals['_GETCOMPLIANCEREPORTREQUEST']._serialized_end=15519 - _globals['_GETCOMPLIANCEREPORTRESPONSE']._serialized_start=15521 - _globals['_GETCOMPLIANCEREPORTRESPONSE']._serialized_end=15571 - _globals['_COMPLIANCEREPORTCRITERIAREQUEST']._serialized_start=15573 - _globals['_COMPLIANCEREPORTCRITERIAREQUEST']._serialized_end=15627 - _globals['_SAVECOMPLIANCEREPORTCRITERIARESPONSE']._serialized_start=15629 - _globals['_SAVECOMPLIANCEREPORTCRITERIARESPONSE']._serialized_end=15688 - _globals['_LINKEDRECORD']._serialized_start=15690 - _globals['_LINKEDRECORD']._serialized_end=15742 - _globals['_GETSHARINGADMINSREQUEST']._serialized_start=15744 - _globals['_GETSHARINGADMINSREQUEST']._serialized_end=15831 - _globals['_USERPROFILEEXT']._serialized_start=15834 - _globals['_USERPROFILEEXT']._serialized_end=16058 - _globals['_GETSHARINGADMINSRESPONSE']._serialized_start=16060 - _globals['_GETSHARINGADMINSRESPONSE']._serialized_end=16139 - _globals['_TEAMSENTERPRISEUSERSADDREQUEST']._serialized_start=16141 - _globals['_TEAMSENTERPRISEUSERSADDREQUEST']._serialized_end=16236 - _globals['_TEAMSENTERPRISEUSERSADDTEAMREQUEST']._serialized_start=16238 - _globals['_TEAMSENTERPRISEUSERSADDTEAMREQUEST']._serialized_end=16354 - _globals['_TEAMSENTERPRISEUSERSADDUSERREQUEST']._serialized_start=16357 - _globals['_TEAMSENTERPRISEUSERSADDUSERREQUEST']._serialized_end=16528 - _globals['_TYPEDKEY']._serialized_start=16530 - _globals['_TYPEDKEY']._serialized_end=16600 - _globals['_TEAMSENTERPRISEUSERSADDRESPONSE']._serialized_start=16602 - _globals['_TEAMSENTERPRISEUSERSADDRESPONSE']._serialized_end=16717 - _globals['_TEAMSENTERPRISEUSERSADDTEAMRESPONSE']._serialized_start=16720 - _globals['_TEAMSENTERPRISEUSERSADDTEAMRESPONSE']._serialized_end=16916 - _globals['_TEAMSENTERPRISEUSERSADDUSERRESPONSE']._serialized_start=16919 - _globals['_TEAMSENTERPRISEUSERSADDUSERRESPONSE']._serialized_end=17078 - _globals['_DOMAINALIAS']._serialized_start=17080 - _globals['_DOMAINALIAS']._serialized_end=17157 - _globals['_DOMAINALIASREQUEST']._serialized_start=17159 - _globals['_DOMAINALIASREQUEST']._serialized_end=17225 - _globals['_DOMAINALIASRESPONSE']._serialized_start=17227 - _globals['_DOMAINALIASRESPONSE']._serialized_end=17294 - _globals['_ENTERPRISEUSERSPROVISIONREQUEST']._serialized_start=17296 - _globals['_ENTERPRISEUSERSPROVISIONREQUEST']._serialized_end=17405 - _globals['_ENTERPRISEUSERSPROVISION']._serialized_start=17408 - _globals['_ENTERPRISEUSERSPROVISION']._serialized_end=17846 - _globals['_ENTERPRISEUSERSPROVISIONRESPONSE']._serialized_start=17848 - _globals['_ENTERPRISEUSERSPROVISIONRESPONSE']._serialized_end=17943 - _globals['_ENTERPRISEUSERSPROVISIONRESULT']._serialized_start=17945 - _globals['_ENTERPRISEUSERSPROVISIONRESULT']._serialized_end=18058 - _globals['_ENTERPRISEUSERSADDREQUEST']._serialized_start=18060 - _globals['_ENTERPRISEUSERSADDREQUEST']._serialized_end=18157 - _globals['_ENTERPRISEUSERSADD']._serialized_start=18160 - _globals['_ENTERPRISEUSERSADD']._serialized_end=18428 - _globals['_ENTERPRISEUSERSADDRESPONSE']._serialized_start=18431 - _globals['_ENTERPRISEUSERSADDRESPONSE']._serialized_end=18586 - _globals['_ENTERPRISEUSERSADDRESULT']._serialized_start=18589 - _globals['_ENTERPRISEUSERSADDRESULT']._serialized_end=18739 - _globals['_UPDATEMSPPERMITSREQUEST']._serialized_start=18742 - _globals['_UPDATEMSPPERMITSREQUEST']._serialized_end=18927 - _globals['_DELETEENTERPRISEUSERSREQUEST']._serialized_start=18929 - _globals['_DELETEENTERPRISEUSERSREQUEST']._serialized_end=18986 - _globals['_DELETEENTERPRISEUSERSTATUS']._serialized_start=18988 - _globals['_DELETEENTERPRISEUSERSTATUS']._serialized_end=19099 - _globals['_DELETEENTERPRISEUSERSRESPONSE']._serialized_start=19101 - _globals['_DELETEENTERPRISEUSERSRESPONSE']._serialized_end=19194 - _globals['_CLEARSECURITYDATAREQUEST']._serialized_start=19196 - _globals['_CLEARSECURITYDATAREQUEST']._serialized_end=19315 + _globals['_TEAMSBYROLE']._serialized_start=1251 + _globals['_TEAMSBYROLE']._serialized_end=1298 + _globals['_MANAGEDNODESBYROLE']._serialized_start=1300 + _globals['_MANAGEDNODESBYROLE']._serialized_end=1360 + _globals['_ROLEUSERADDKEYS']._serialized_start=1362 + _globals['_ROLEUSERADDKEYS']._serialized_end=1444 + _globals['_ROLEUSERADD']._serialized_start=1446 + _globals['_ROLEUSERADD']._serialized_end=1530 + _globals['_ROLEUSERSADDREQUEST']._serialized_start=1532 + _globals['_ROLEUSERSADDREQUEST']._serialized_end=1600 + _globals['_ROLEUSERADDRESULT']._serialized_start=1603 + _globals['_ROLEUSERADDRESULT']._serialized_end=1731 + _globals['_ROLEUSERSADDRESPONSE']._serialized_start=1733 + _globals['_ROLEUSERSADDRESPONSE']._serialized_end=1803 + _globals['_ROLEUSERREMOVE']._serialized_start=1805 + _globals['_ROLEUSERREMOVE']._serialized_end=1865 + _globals['_ROLEUSERSREMOVEREQUEST']._serialized_start=1867 + _globals['_ROLEUSERSREMOVEREQUEST']._serialized_end=1944 + _globals['_ROLEUSERREMOVERESULT']._serialized_start=1947 + _globals['_ROLEUSERREMOVERESULT']._serialized_end=2078 + _globals['_ROLEUSERSREMOVERESPONSE']._serialized_start=2080 + _globals['_ROLEUSERSREMOVERESPONSE']._serialized_end=2156 + _globals['_ENTERPRISEREGISTRATION']._serialized_start=2159 + _globals['_ENTERPRISEREGISTRATION']._serialized_end=2703 + _globals['_DOMAINPASSWORDRULESREQUEST']._serialized_start=2705 + _globals['_DOMAINPASSWORDRULESREQUEST']._serialized_end=2777 + _globals['_DOMAINPASSWORDRULESFIELDS']._serialized_start=2779 + _globals['_DOMAINPASSWORDRULESFIELDS']._serialized_end=2871 + _globals['_LOGINTOMCREQUEST']._serialized_start=2873 + _globals['_LOGINTOMCREQUEST']._serialized_end=2942 + _globals['_LOGINTOMCRESPONSE']._serialized_start=2944 + _globals['_LOGINTOMCRESPONSE']._serialized_end=3020 + _globals['_DOMAINPASSWORDRULESRESPONSE']._serialized_start=3022 + _globals['_DOMAINPASSWORDRULESRESPONSE']._serialized_end=3125 + _globals['_APPROVEUSERDEVICEREQUEST']._serialized_start=3128 + _globals['_APPROVEUSERDEVICEREQUEST']._serialized_end=3264 + _globals['_APPROVEUSERDEVICERESPONSE']._serialized_start=3266 + _globals['_APPROVEUSERDEVICERESPONSE']._serialized_end=3382 + _globals['_APPROVEUSERDEVICESREQUEST']._serialized_start=3384 + _globals['_APPROVEUSERDEVICESREQUEST']._serialized_end=3473 + _globals['_APPROVEUSERDEVICESRESPONSE']._serialized_start=3475 + _globals['_APPROVEUSERDEVICESRESPONSE']._serialized_end=3567 + _globals['_ENTERPRISEUSERDATAKEY']._serialized_start=3570 + _globals['_ENTERPRISEUSERDATAKEY']._serialized_end=3705 + _globals['_ENTERPRISEUSERDATAKEYS']._serialized_start=3707 + _globals['_ENTERPRISEUSERDATAKEYS']._serialized_end=3780 + _globals['_ENTERPRISEUSERDATAKEYLIGHT']._serialized_start=3782 + _globals['_ENTERPRISEUSERDATAKEYLIGHT']._serialized_end=3885 + _globals['_ENTERPRISEUSERDATAKEYSBYNODE']._serialized_start=3887 + _globals['_ENTERPRISEUSERDATAKEYSBYNODE']._serialized_end=3987 + _globals['_ENTERPRISEUSERDATAKEYSBYNODERESPONSE']._serialized_start=3989 + _globals['_ENTERPRISEUSERDATAKEYSBYNODERESPONSE']._serialized_end=4083 + _globals['_ENTERPRISEDATAREQUEST']._serialized_start=4085 + _globals['_ENTERPRISEDATAREQUEST']._serialized_end=4135 + _globals['_SPECIALPROVISIONING']._serialized_start=4137 + _globals['_SPECIALPROVISIONING']._serialized_end=4185 + _globals['_GENERALDATAENTITY']._serialized_start=4188 + _globals['_GENERALDATAENTITY']._serialized_end=4448 + _globals['_NODE']._serialized_start=4451 + _globals['_NODE']._serialized_end=4704 + _globals['_ROLE']._serialized_start=4707 + _globals['_ROLE']._serialized_end=4849 + _globals['_USER']._serialized_start=4852 + _globals['_USER']._serialized_end=5164 + _globals['_USERALIAS']._serialized_start=5166 + _globals['_USERALIAS']._serialized_end=5221 + _globals['_COMPLIANCEREPORTMETADATA']._serialized_start=5224 + _globals['_COMPLIANCEREPORTMETADATA']._serialized_end=5396 + _globals['_MANAGEDNODE']._serialized_start=5398 + _globals['_MANAGEDNODE']._serialized_end=5481 + _globals['_USERMANAGEDNODE']._serialized_start=5483 + _globals['_USERMANAGEDNODE']._serialized_end=5567 + _globals['_USERPRIVILEGE']._serialized_start=5569 + _globals['_USERPRIVILEGE']._serialized_end=5688 + _globals['_ROLEUSER']._serialized_start=5690 + _globals['_ROLEUSER']._serialized_end=5742 + _globals['_ROLEPRIVILEGE']._serialized_start=5744 + _globals['_ROLEPRIVILEGE']._serialized_end=5821 + _globals['_ROLEENFORCEMENT']._serialized_start=5823 + _globals['_ROLEENFORCEMENT']._serialized_end=5896 + _globals['_TEAM']._serialized_start=5899 + _globals['_TEAM']._serialized_end=6068 + _globals['_TEAMUSER']._serialized_start=6070 + _globals['_TEAMUSER']._serialized_end=6141 + _globals['_GETDISTRIBUTORINFORESPONSE']._serialized_start=6143 + _globals['_GETDISTRIBUTORINFORESPONSE']._serialized_end=6218 + _globals['_DISTRIBUTOR']._serialized_start=6220 + _globals['_DISTRIBUTOR']._serialized_end=6286 + _globals['_MSPINFO']._serialized_start=6289 + _globals['_MSPINFO']._serialized_end=6574 + _globals['_MANAGEDCOMPANY']._serialized_start=6577 + _globals['_MANAGEDCOMPANY']._serialized_end=6850 + _globals['_MSPPOOL']._serialized_start=6852 + _globals['_MSPPOOL']._serialized_end=6934 + _globals['_MSPCONTACT']._serialized_start=6936 + _globals['_MSPCONTACT']._serialized_end=6994 + _globals['_LICENSEADDON']._serialized_start=6997 + _globals['_LICENSEADDON']._serialized_end=7233 + _globals['_MCDEFAULT']._serialized_start=7235 + _globals['_MCDEFAULT']._serialized_end=7350 + _globals['_MSPPERMITS']._serialized_start=7353 + _globals['_MSPPERMITS']._serialized_end=7563 + _globals['_LICENSE']._serialized_start=7566 + _globals['_LICENSE']._serialized_end=8110 + _globals['_BRIDGE']._serialized_start=8112 + _globals['_BRIDGE']._serialized_end=8222 + _globals['_SCIM']._serialized_start=8224 + _globals['_SCIM']._serialized_end=8340 + _globals['_EMAILPROVISION']._serialized_start=8342 + _globals['_EMAILPROVISION']._serialized_end=8418 + _globals['_QUEUEDTEAM']._serialized_start=8420 + _globals['_QUEUEDTEAM']._serialized_end=8502 + _globals['_QUEUEDTEAMUSER']._serialized_start=8504 + _globals['_QUEUEDTEAMUSER']._serialized_end=8552 + _globals['_TEAMSADDRESULT']._serialized_start=8555 + _globals['_TEAMSADDRESULT']._serialized_end=8719 + _globals['_TEAMADDRESULT']._serialized_start=8721 + _globals['_TEAMADDRESULT']._serialized_end=8806 + _globals['_SSOSERVICE']._serialized_start=8809 + _globals['_SSOSERVICE']._serialized_end=8954 + _globals['_REPORTFILTERUSER']._serialized_start=8956 + _globals['_REPORTFILTERUSER']._serialized_end=9005 + _globals['_DEVICEREQUESTFORADMINAPPROVAL']._serialized_start=9008 + _globals['_DEVICEREQUESTFORADMINAPPROVAL']._serialized_end=9287 + _globals['_ENTERPRISEDATA']._serialized_start=9289 + _globals['_ENTERPRISEDATA']._serialized_end=9385 + _globals['_ENTERPRISEDATARESPONSE']._serialized_start=9388 + _globals['_ENTERPRISEDATARESPONSE']._serialized_end=9596 + _globals['_BACKUPREQUEST']._serialized_start=9598 + _globals['_BACKUPREQUEST']._serialized_end=9640 + _globals['_BACKUPRECORD']._serialized_start=9643 + _globals['_BACKUPRECORD']._serialized_end=9795 + _globals['_BACKUPKEY']._serialized_start=9797 + _globals['_BACKUPKEY']._serialized_end=9843 + _globals['_BACKUPUSER']._serialized_start=9846 + _globals['_BACKUPUSER']._serialized_end=10115 + _globals['_BACKUPRESPONSE']._serialized_start=10118 + _globals['_BACKUPRESPONSE']._serialized_end=10276 + _globals['_BACKUPFILE']._serialized_start=10278 + _globals['_BACKUPFILE']._serialized_end=10379 + _globals['_BACKUPSRESPONSE']._serialized_start=10381 + _globals['_BACKUPSRESPONSE']._serialized_end=10437 + _globals['_GETENTERPRISEDATAKEYSREQUEST']._serialized_start=10439 + _globals['_GETENTERPRISEDATAKEYSREQUEST']._serialized_end=10485 + _globals['_GETENTERPRISEDATAKEYSRESPONSE']._serialized_start=10488 + _globals['_GETENTERPRISEDATAKEYSRESPONSE']._serialized_end=10743 + _globals['_ROLEKEY']._serialized_start=10745 + _globals['_ROLEKEY']._serialized_end=10839 + _globals['_MSPKEY']._serialized_start=10841 + _globals['_MSPKEY']._serialized_end=10941 + _globals['_ENTERPRISEKEYS']._serialized_start=10943 + _globals['_ENTERPRISEKEYS']._serialized_end=11067 + _globals['_TREEKEY']._serialized_start=11069 + _globals['_TREEKEY']._serialized_end=11141 + _globals['_SHAREDRECORDRESPONSE']._serialized_start=11143 + _globals['_SHAREDRECORDRESPONSE']._serialized_end=11212 + _globals['_SHAREDRECORDEVENT']._serialized_start=11214 + _globals['_SHAREDRECORDEVENT']._serialized_end=11326 + _globals['_SETRESTRICTVISIBILITYREQUEST']._serialized_start=11328 + _globals['_SETRESTRICTVISIBILITYREQUEST']._serialized_end=11374 + _globals['_USERADDREQUEST']._serialized_start=11377 + _globals['_USERADDREQUEST']._serialized_end=11585 + _globals['_USERUPDATEREQUEST']._serialized_start=11587 + _globals['_USERUPDATEREQUEST']._serialized_end=11645 + _globals['_USERUPDATE']._serialized_start=11648 + _globals['_USERUPDATE']._serialized_end=11823 + _globals['_USERUPDATERESPONSE']._serialized_start=11825 + _globals['_USERUPDATERESPONSE']._serialized_end=11890 + _globals['_USERUPDATERESULT']._serialized_start=11892 + _globals['_USERUPDATERESULT']._serialized_end=11982 + _globals['_COMPLIANCERECORDOWNERSREQUEST']._serialized_start=11984 + _globals['_COMPLIANCERECORDOWNERSREQUEST']._serialized_end=12058 + _globals['_COMPLIANCERECORDOWNERSRESPONSE']._serialized_start=12060 + _globals['_COMPLIANCERECORDOWNERSRESPONSE']._serialized_end=12139 + _globals['_RECORDOWNER']._serialized_start=12141 + _globals['_RECORDOWNER']._serialized_end=12196 + _globals['_PRELIMINARYCOMPLIANCEDATAREQUEST']._serialized_start=12199 + _globals['_PRELIMINARYCOMPLIANCEDATAREQUEST']._serialized_end=12365 + _globals['_PRELIMINARYCOMPLIANCEDATARESPONSE']._serialized_start=12368 + _globals['_PRELIMINARYCOMPLIANCEDATARESPONSE']._serialized_end=12527 + _globals['_AUDITUSERRECORD']._serialized_start=12529 + _globals['_AUDITUSERRECORD']._serialized_end=12604 + _globals['_AUDITUSERDATA']._serialized_start=12607 + _globals['_AUDITUSERDATA']._serialized_end=12748 + _globals['_COMPLIANCEREPORTFILTERS']._serialized_start=12750 + _globals['_COMPLIANCEREPORTFILTERS']._serialized_end=12877 + _globals['_COMPLIANCEREPORTREQUEST']._serialized_start=12879 + _globals['_COMPLIANCEREPORTREQUEST']._serialized_end=13006 + _globals['_COMPLIANCEREPORTRUN']._serialized_start=13009 + _globals['_COMPLIANCEREPORTRUN']._serialized_end=13142 + _globals['_COMPLIANCEREPORTCRITERIAANDFILTER']._serialized_start=13145 + _globals['_COMPLIANCEREPORTCRITERIAANDFILTER']._serialized_end=13397 + _globals['_COMPLIANCEREPORTCRITERIA']._serialized_start=13399 + _globals['_COMPLIANCEREPORTCRITERIA']._serialized_end=13497 + _globals['_COMPLIANCEREPORTFILTER']._serialized_start=13499 + _globals['_COMPLIANCEREPORTFILTER']._serialized_end=13619 + _globals['_COMPLIANCEREPORTRESPONSE']._serialized_start=13622 + _globals['_COMPLIANCEREPORTRESPONSE']._serialized_end=14295 + _globals['_AUDITRECORD']._serialized_start=14298 + _globals['_AUDITRECORD']._serialized_end=14427 + _globals['_AUDITROLE']._serialized_start=14430 + _globals['_AUDITROLE']._serialized_end=14686 + _globals['_ROLENODEMANAGEMENT']._serialized_start=14688 + _globals['_ROLENODEMANAGEMENT']._serialized_end=14782 + _globals['_USERPROFILE']._serialized_start=14784 + _globals['_USERPROFILE']._serialized_end=14891 + _globals['_RECORDPERMISSION']._serialized_start=14893 + _globals['_RECORDPERMISSION']._serialized_end=14954 + _globals['_USERRECORD']._serialized_start=14956 + _globals['_USERRECORD']._serialized_end=15051 + _globals['_AUDITTEAM']._serialized_start=15053 + _globals['_AUDITTEAM']._serialized_end=15144 + _globals['_AUDITTEAMUSER']._serialized_start=15146 + _globals['_AUDITTEAMUSER']._serialized_end=15205 + _globals['_SHAREDFOLDERRECORD']._serialized_start=15208 + _globals['_SHAREDFOLDERRECORD']._serialized_end=15367 + _globals['_SHAREADMINRECORD']._serialized_start=15369 + _globals['_SHAREADMINRECORD']._serialized_end=15446 + _globals['_SHAREDFOLDERUSER']._serialized_start=15448 + _globals['_SHAREDFOLDERUSER']._serialized_end=15518 + _globals['_SHAREDFOLDERTEAM']._serialized_start=15520 + _globals['_SHAREDFOLDERTEAM']._serialized_end=15581 + _globals['_GETCOMPLIANCEREPORTREQUEST']._serialized_start=15583 + _globals['_GETCOMPLIANCEREPORTREQUEST']._serialized_end=15630 + _globals['_GETCOMPLIANCEREPORTRESPONSE']._serialized_start=15632 + _globals['_GETCOMPLIANCEREPORTRESPONSE']._serialized_end=15682 + _globals['_COMPLIANCEREPORTCRITERIAREQUEST']._serialized_start=15684 + _globals['_COMPLIANCEREPORTCRITERIAREQUEST']._serialized_end=15738 + _globals['_SAVECOMPLIANCEREPORTCRITERIARESPONSE']._serialized_start=15740 + _globals['_SAVECOMPLIANCEREPORTCRITERIARESPONSE']._serialized_end=15799 + _globals['_LINKEDRECORD']._serialized_start=15801 + _globals['_LINKEDRECORD']._serialized_end=15853 + _globals['_GETSHARINGADMINSREQUEST']._serialized_start=15855 + _globals['_GETSHARINGADMINSREQUEST']._serialized_end=15942 + _globals['_USERPROFILEEXT']._serialized_start=15945 + _globals['_USERPROFILEEXT']._serialized_end=16169 + _globals['_GETSHARINGADMINSRESPONSE']._serialized_start=16171 + _globals['_GETSHARINGADMINSRESPONSE']._serialized_end=16250 + _globals['_TEAMSENTERPRISEUSERSADDREQUEST']._serialized_start=16252 + _globals['_TEAMSENTERPRISEUSERSADDREQUEST']._serialized_end=16347 + _globals['_TEAMSENTERPRISEUSERSADDTEAMREQUEST']._serialized_start=16349 + _globals['_TEAMSENTERPRISEUSERSADDTEAMREQUEST']._serialized_end=16465 + _globals['_TEAMSENTERPRISEUSERSADDUSERREQUEST']._serialized_start=16468 + _globals['_TEAMSENTERPRISEUSERSADDUSERREQUEST']._serialized_end=16639 + _globals['_TYPEDKEY']._serialized_start=16641 + _globals['_TYPEDKEY']._serialized_end=16711 + _globals['_TEAMSENTERPRISEUSERSADDRESPONSE']._serialized_start=16713 + _globals['_TEAMSENTERPRISEUSERSADDRESPONSE']._serialized_end=16828 + _globals['_TEAMSENTERPRISEUSERSADDTEAMRESPONSE']._serialized_start=16831 + _globals['_TEAMSENTERPRISEUSERSADDTEAMRESPONSE']._serialized_end=17027 + _globals['_TEAMSENTERPRISEUSERSADDUSERRESPONSE']._serialized_start=17030 + _globals['_TEAMSENTERPRISEUSERSADDUSERRESPONSE']._serialized_end=17189 + _globals['_TEAMENTERPRISEUSERREMOVE']._serialized_start=17191 + _globals['_TEAMENTERPRISEUSERREMOVE']._serialized_end=17260 + _globals['_TEAMENTERPRISEUSERREMOVESREQUEST']._serialized_start=17262 + _globals['_TEAMENTERPRISEUSERREMOVESREQUEST']._serialized_end=17368 + _globals['_TEAMENTERPRISEUSERREMOVESRESPONSE']._serialized_start=17370 + _globals['_TEAMENTERPRISEUSERREMOVESRESPONSE']._serialized_end=17493 + _globals['_TEAMENTERPRISEUSERREMOVERESPONSE']._serialized_start=17496 + _globals['_TEAMENTERPRISEUSERREMOVERESPONSE']._serialized_end=17680 + _globals['_DOMAINALIAS']._serialized_start=17682 + _globals['_DOMAINALIAS']._serialized_end=17759 + _globals['_DOMAINALIASREQUEST']._serialized_start=17761 + _globals['_DOMAINALIASREQUEST']._serialized_end=17827 + _globals['_DOMAINALIASRESPONSE']._serialized_start=17829 + _globals['_DOMAINALIASRESPONSE']._serialized_end=17896 + _globals['_ENTERPRISEUSERSPROVISIONREQUEST']._serialized_start=17898 + _globals['_ENTERPRISEUSERSPROVISIONREQUEST']._serialized_end=18007 + _globals['_ENTERPRISEUSERSPROVISION']._serialized_start=18010 + _globals['_ENTERPRISEUSERSPROVISION']._serialized_end=18448 + _globals['_ENTERPRISEUSERSPROVISIONRESPONSE']._serialized_start=18450 + _globals['_ENTERPRISEUSERSPROVISIONRESPONSE']._serialized_end=18545 + _globals['_ENTERPRISEUSERSPROVISIONRESULT']._serialized_start=18547 + _globals['_ENTERPRISEUSERSPROVISIONRESULT']._serialized_end=18660 + _globals['_ENTERPRISEUSERSADDREQUEST']._serialized_start=18662 + _globals['_ENTERPRISEUSERSADDREQUEST']._serialized_end=18759 + _globals['_ENTERPRISEUSERSADD']._serialized_start=18762 + _globals['_ENTERPRISEUSERSADD']._serialized_end=19030 + _globals['_ENTERPRISEUSERSADDRESPONSE']._serialized_start=19033 + _globals['_ENTERPRISEUSERSADDRESPONSE']._serialized_end=19188 + _globals['_ENTERPRISEUSERSADDRESULT']._serialized_start=19191 + _globals['_ENTERPRISEUSERSADDRESULT']._serialized_end=19341 + _globals['_UPDATEMSPPERMITSREQUEST']._serialized_start=19344 + _globals['_UPDATEMSPPERMITSREQUEST']._serialized_end=19529 + _globals['_DELETEENTERPRISEUSERSREQUEST']._serialized_start=19531 + _globals['_DELETEENTERPRISEUSERSREQUEST']._serialized_end=19588 + _globals['_DELETEENTERPRISEUSERSTATUS']._serialized_start=19590 + _globals['_DELETEENTERPRISEUSERSTATUS']._serialized_end=19701 + _globals['_DELETEENTERPRISEUSERSRESPONSE']._serialized_start=19703 + _globals['_DELETEENTERPRISEUSERSRESPONSE']._serialized_end=19796 + _globals['_CLEARSECURITYDATAREQUEST']._serialized_start=19798 + _globals['_CLEARSECURITYDATAREQUEST']._serialized_end=19917 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/enterprise_pb2.pyi b/keepersdk-package/src/keepersdk/proto/enterprise_pb2.pyi index 3cf20bc2..172e2eee 100644 --- a/keepersdk-package/src/keepersdk/proto/enterprise_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/enterprise_pb2.pyi @@ -21,6 +21,8 @@ class RoleUserModifyStatus(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): INVALID_NODE_ID: _ClassVar[RoleUserModifyStatus] MAY_NOT_REMOVE_SELF_FROM_ROLE: _ClassVar[RoleUserModifyStatus] MUST_HAVE_ONE_USER_ADMIN: _ClassVar[RoleUserModifyStatus] + INVALID_ROLE_ID: _ClassVar[RoleUserModifyStatus] + PAM_LICENSE_SEAT_EXCEEDED: _ClassVar[RoleUserModifyStatus] class EnterpriseType(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): __slots__ = () @@ -61,7 +63,6 @@ class EnterpriseDataEntity(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): USER_ALIASES: _ClassVar[EnterpriseDataEntity] COMPLIANCE_REPORT_CRITERIA_AND_FILTER: _ClassVar[EnterpriseDataEntity] COMPLIANCE_REPORTS: _ClassVar[EnterpriseDataEntity] - QUEUED_TEAM_USERS_INCLUDING_PENDING: _ClassVar[EnterpriseDataEntity] class CacheStatus(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): __slots__ = () @@ -151,6 +152,8 @@ PENDING_ENTERPRISE_USER: RoleUserModifyStatus INVALID_NODE_ID: RoleUserModifyStatus MAY_NOT_REMOVE_SELF_FROM_ROLE: RoleUserModifyStatus MUST_HAVE_ONE_USER_ADMIN: RoleUserModifyStatus +INVALID_ROLE_ID: RoleUserModifyStatus +PAM_LICENSE_SEAT_EXCEEDED: RoleUserModifyStatus ENTERPRISE_STANDARD: EnterpriseType ENTERPRISE_MSP: EnterpriseType UNDEFINED: TransferAcceptanceStatus @@ -182,7 +185,6 @@ DEVICES_REQUEST_FOR_ADMIN_APPROVAL: EnterpriseDataEntity USER_ALIASES: EnterpriseDataEntity COMPLIANCE_REPORT_CRITERIA_AND_FILTER: EnterpriseDataEntity COMPLIANCE_REPORTS: EnterpriseDataEntity -QUEUED_TEAM_USERS_INCLUDING_PENDING: EnterpriseDataEntity KEEP: CacheStatus CLEAR: CacheStatus NO_KEY: BackupKeyType @@ -346,6 +348,22 @@ class RoleTeams(_message.Message): role_team: _containers.RepeatedCompositeFieldContainer[RoleTeam] def __init__(self, role_team: _Optional[_Iterable[_Union[RoleTeam, _Mapping]]] = ...) -> None: ... +class TeamsByRole(_message.Message): + __slots__ = ("role_id", "teamUid") + ROLE_ID_FIELD_NUMBER: _ClassVar[int] + TEAMUID_FIELD_NUMBER: _ClassVar[int] + role_id: int + teamUid: _containers.RepeatedScalarFieldContainer[bytes] + def __init__(self, role_id: _Optional[int] = ..., teamUid: _Optional[_Iterable[bytes]] = ...) -> None: ... + +class ManagedNodesByRole(_message.Message): + __slots__ = ("role_id", "managedNodeId") + ROLE_ID_FIELD_NUMBER: _ClassVar[int] + MANAGEDNODEID_FIELD_NUMBER: _ClassVar[int] + role_id: int + managedNodeId: _containers.RepeatedScalarFieldContainer[int] + def __init__(self, role_id: _Optional[int] = ..., managedNodeId: _Optional[_Iterable[int]] = ...) -> None: ... + class RoleUserAddKeys(_message.Message): __slots__ = ("enterpriseUserId", "treeKey", "roleAdminKey") ENTERPRISEUSERID_FIELD_NUMBER: _ClassVar[int] @@ -1822,6 +1840,40 @@ class TeamsEnterpriseUsersAddUserResponse(_message.Message): additionalInfo: str def __init__(self, enterpriseUserId: _Optional[int] = ..., revision: _Optional[int] = ..., success: bool = ..., message: _Optional[str] = ..., resultCode: _Optional[str] = ..., additionalInfo: _Optional[str] = ...) -> None: ... +class TeamEnterpriseUserRemove(_message.Message): + __slots__ = ("teamUid", "enterpriseUserId") + TEAMUID_FIELD_NUMBER: _ClassVar[int] + ENTERPRISEUSERID_FIELD_NUMBER: _ClassVar[int] + teamUid: bytes + enterpriseUserId: int + def __init__(self, teamUid: _Optional[bytes] = ..., enterpriseUserId: _Optional[int] = ...) -> None: ... + +class TeamEnterpriseUserRemovesRequest(_message.Message): + __slots__ = ("teamEnterpriseUserRemove",) + TEAMENTERPRISEUSERREMOVE_FIELD_NUMBER: _ClassVar[int] + teamEnterpriseUserRemove: _containers.RepeatedCompositeFieldContainer[TeamEnterpriseUserRemove] + def __init__(self, teamEnterpriseUserRemove: _Optional[_Iterable[_Union[TeamEnterpriseUserRemove, _Mapping]]] = ...) -> None: ... + +class TeamEnterpriseUserRemovesResponse(_message.Message): + __slots__ = ("teamEnterpriseUserRemoveResponse",) + TEAMENTERPRISEUSERREMOVERESPONSE_FIELD_NUMBER: _ClassVar[int] + teamEnterpriseUserRemoveResponse: _containers.RepeatedCompositeFieldContainer[TeamEnterpriseUserRemoveResponse] + def __init__(self, teamEnterpriseUserRemoveResponse: _Optional[_Iterable[_Union[TeamEnterpriseUserRemoveResponse, _Mapping]]] = ...) -> None: ... + +class TeamEnterpriseUserRemoveResponse(_message.Message): + __slots__ = ("teamEnterpriseUserRemove", "success", "resultCode", "message", "additionalInfo") + TEAMENTERPRISEUSERREMOVE_FIELD_NUMBER: _ClassVar[int] + SUCCESS_FIELD_NUMBER: _ClassVar[int] + RESULTCODE_FIELD_NUMBER: _ClassVar[int] + MESSAGE_FIELD_NUMBER: _ClassVar[int] + ADDITIONALINFO_FIELD_NUMBER: _ClassVar[int] + teamEnterpriseUserRemove: TeamEnterpriseUserRemove + success: bool + resultCode: str + message: str + additionalInfo: str + def __init__(self, teamEnterpriseUserRemove: _Optional[_Union[TeamEnterpriseUserRemove, _Mapping]] = ..., success: bool = ..., resultCode: _Optional[str] = ..., message: _Optional[str] = ..., additionalInfo: _Optional[str] = ...) -> None: ... + class DomainAlias(_message.Message): __slots__ = ("domain", "alias", "status", "message") DOMAIN_FIELD_NUMBER: _ClassVar[int] diff --git a/keepersdk-package/src/keepersdk/proto/folder_pb2.py b/keepersdk-package/src/keepersdk/proto/folder_pb2.py index ac2705f6..7543a01b 100644 --- a/keepersdk-package/src/keepersdk/proto/folder_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/folder_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: folder.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'folder.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() diff --git a/keepersdk-package/src/keepersdk/proto/pam_pb2.py b/keepersdk-package/src/keepersdk/proto/pam_pb2.py index 9d7bd4b1..1aae1ed0 100644 --- a/keepersdk-package/src/keepersdk/proto/pam_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/pam_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: pam.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'pam.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -18,7 +26,7 @@ from . import record_pb2 as record__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\tpam.proto\x12\x03PAM\x1a\x10\x65nterprise.proto\x1a\x0crecord.proto\"\x83\x01\n\x13PAMRotationSchedule\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x63onfigurationUid\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x14\n\x0cscheduleData\x18\x04 \x01(\t\x12\x12\n\nnoSchedule\x18\x05 \x01(\x08\"K\n\x1cPAMRotationSchedulesResponse\x12+\n\tschedules\x18\x01 \x03(\x0b\x32\x18.PAM.PAMRotationSchedule\"\x94\x01\n\x13PAMOnlineController\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x13\n\x0b\x63onnectedOn\x18\x02 \x01(\x03\x12\x11\n\tipAddress\x18\x03 \x01(\t\x12\x0f\n\x07version\x18\x04 \x01(\t\x12-\n\x0b\x63onnections\x18\x05 \x03(\x0b\x32\x18.PAM.PAMWebRtcConnection\"\xa7\x01\n\x13PAMWebRtcConnection\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12\'\n\x04type\x18\x02 \x01(\x0e\x32\x19.PAM.WebRtcConnectionType\x12\x11\n\trecordUid\x18\x03 \x01(\x0c\x12\x10\n\x08userName\x18\x04 \x01(\t\x12\x11\n\tstartedOn\x18\x05 \x01(\x03\x12\x18\n\x10\x63onfigurationUid\x18\x06 \x01(\x0c\"Y\n\x14PAMOnlineControllers\x12\x12\n\ndeprecated\x18\x01 \x03(\x0c\x12-\n\x0b\x63ontrollers\x18\x02 \x03(\x0b\x32\x18.PAM.PAMOnlineController\"9\n\x10PAMRotateRequest\x12\x12\n\nrequestUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\"A\n\x16PAMControllersResponse\x12\'\n\x0b\x63ontrollers\x18\x01 \x03(\x0b\x32\x12.PAM.PAMController\"=\n\x13PAMRemoveController\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x0f\n\x07message\x18\x02 \x01(\t\"L\n\x1bPAMRemoveControllerResponse\x12-\n\x0b\x63ontrollers\x18\x01 \x03(\x0b\x32\x18.PAM.PAMRemoveController\"=\n\x10PAMModifyRequest\x12)\n\noperations\x18\x01 \x03(\x0b\x32\x15.PAM.PAMDataOperation\"\x98\x01\n\x10PAMDataOperation\x12,\n\roperationType\x18\x01 \x01(\x0e\x32\x15.PAM.PAMOperationType\x12\x30\n\rconfiguration\x18\x02 \x01(\x0b\x32\x19.PAM.PAMConfigurationData\x12$\n\x07\x65lement\x18\x03 \x01(\x0b\x32\x13.PAM.PAMElementData\"e\n\x14PAMConfigurationData\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x04 \x01(\x0c\"E\n\x0ePAMElementData\x12\x12\n\nelementUid\x18\x01 \x01(\x0c\x12\x11\n\tparentUid\x18\x02 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x03 \x01(\x0c\"m\n\x19PAMElementOperationResult\x12\x12\n\nelementUid\x18\x01 \x01(\x0c\x12+\n\x06result\x18\x02 \x01(\x0e\x32\x1b.PAM.PAMOperationResultType\x12\x0f\n\x07message\x18\x03 \x01(\t\"B\n\x0fPAMModifyResult\x12/\n\x07results\x18\x01 \x03(\x0b\x32\x1e.PAM.PAMElementOperationResult\"x\n\nPAMElement\x12\x12\n\nelementUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x03 \x01(\x03\x12\x14\n\x0clastModified\x18\x04 \x01(\x03\x12!\n\x08\x63hildren\x18\x05 \x03(\x0b\x32\x0f.PAM.PAMElement\"#\n\x14PAMGenericUidRequest\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\"%\n\x15PAMGenericUidsRequest\x12\x0c\n\x04uids\x18\x01 \x03(\x0c\"\xab\x01\n\x10PAMConfiguration\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x04 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x05 \x01(\x03\x12\x14\n\x0clastModified\x18\x06 \x01(\x03\x12!\n\x08\x63hildren\x18\x07 \x03(\x0b\x32\x0f.PAM.PAMElement\"B\n\x11PAMConfigurations\x12-\n\x0e\x63onfigurations\x18\x01 \x03(\x0b\x32\x15.PAM.PAMConfiguration\"\xff\x01\n\rPAMController\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63ontrollerName\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65viceToken\x18\x03 \x01(\t\x12\x12\n\ndeviceName\x18\x04 \x01(\t\x12\x0e\n\x06nodeId\x18\x05 \x01(\x03\x12\x0f\n\x07\x63reated\x18\x06 \x01(\x03\x12\x14\n\x0clastModified\x18\x07 \x01(\x03\x12\x16\n\x0e\x61pplicationUid\x18\x08 \x01(\x0c\x12\x30\n\rappClientType\x18\t \x01(\x0e\x32\x19.Enterprise.AppClientType\x12\x15\n\risInitialized\x18\n \x01(\x08\"%\n\x12\x43ontrollerResponse\x12\x0f\n\x07payload\x18\x01 \x01(\t\"M\n\x1aPAMConfigurationController\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x02 \x01(\x0c\"\xa3\x01\n\x17\x43onfigurationAddRequest\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x11\n\trecordKey\x18\x02 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x03 \x01(\x0c\x12(\n\x0brecordLinks\x18\x04 \x03(\x0b\x32\x13.Records.RecordLink\x12#\n\x05\x61udit\x18\x05 \x01(\x0b\x32\x14.Records.RecordAudit\"J\n\x10RelayAccessCreds\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x10\n\x08password\x18\x02 \x01(\t\x12\x12\n\nserverTime\x18\x03 \x01(\x03\"\xbf\x01\n\x0cPAMRecording\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12,\n\rrecordingType\x18\x02 \x01(\x0e\x32\x15.PAM.PAMRecordingType\x12\x11\n\trecordUid\x18\x03 \x01(\x0c\x12\x10\n\x08userName\x18\x04 \x01(\t\x12\x11\n\tstartedOn\x18\x05 \x01(\x03\x12\x0e\n\x06length\x18\x06 \x01(\x05\x12\x10\n\x08\x66ileSize\x18\x07 \x01(\x03\x12\x10\n\x08protocol\x18\x08 \x01(\t\">\n\x15PAMRecordingsResponse\x12%\n\nrecordings\x18\x01 \x03(\x0b\x32\x11.PAM.PAMRecording\"*\n\x07PAMData\x12\x0e\n\x06vertex\x18\x01 \x01(\x0c\x12\x0f\n\x07\x63ontent\x18\x02 \x01(\x0c\"\x17\n\x07UidList\x12\x0c\n\x04uids\x18\x01 \x03(\x0c\"\xd0\x02\n\x11PAMResourceConfig\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x17\n\nnetworkUid\x18\x02 \x01(\x0cH\x00\x88\x01\x01\x12\x15\n\x08\x61\x64minUid\x18\x03 \x01(\x0cH\x01\x88\x01\x01\x12\x11\n\x04meta\x18\x04 \x01(\x0cH\x02\x88\x01\x01\x12\x1f\n\x12\x63onnectionSettings\x18\x05 \x01(\x0cH\x03\x88\x01\x01\x12\'\n\x0c\x63onnectUsers\x18\x06 \x01(\x0b\x32\x0c.PAM.UidListH\x04\x88\x01\x01\x12\x16\n\tdomainUid\x18\x07 \x01(\x0cH\x05\x88\x01\x01\x12\x18\n\x0bjitSettings\x18\x08 \x01(\x0cH\x06\x88\x01\x01\x42\r\n\x0b_networkUidB\x0b\n\t_adminUidB\x07\n\x05_metaB\x15\n\x13_connectionSettingsB\x0f\n\r_connectUsersB\x0c\n\n_domainUidB\x0e\n\x0c_jitSettings*\x8e\x01\n\x14WebRtcConnectionType\x12\x0e\n\nCONNECTION\x10\x00\x12\n\n\x06TUNNEL\x10\x01\x12\x07\n\x03SSH\x10\x02\x12\x07\n\x03RDP\x10\x03\x12\x08\n\x04HTTP\x10\x04\x12\x07\n\x03VNC\x10\x05\x12\n\n\x06TELNET\x10\x06\x12\t\n\x05MYSQL\x10\x07\x12\x0e\n\nSQL_SERVER\x10\x08\x12\x0e\n\nPOSTGRESQL\x10\t*@\n\x10PAMOperationType\x12\x07\n\x03\x41\x44\x44\x10\x00\x12\n\n\x06UPDATE\x10\x01\x12\x0b\n\x07REPLACE\x10\x02\x12\n\n\x06\x44\x45LETE\x10\x03*p\n\x16PAMOperationResultType\x12\x0f\n\x0bPOT_SUCCESS\x10\x00\x12\x15\n\x11POT_UNKNOWN_ERROR\x10\x01\x12\x16\n\x12POT_ALREADY_EXISTS\x10\x02\x12\x16\n\x12POT_DOES_NOT_EXIST\x10\x03*\\\n\x15\x43ontrollerMessageType\x12\x0f\n\x0b\x43MT_GENERAL\x10\x00\x12\x0e\n\nCMT_ROTATE\x10\x01\x12\x11\n\rCMT_DISCOVERY\x10\x02\x12\x0f\n\x0b\x43MT_CONNECT\x10\x03*E\n\x10PAMRecordingType\x12\x0f\n\x0bPRT_SESSION\x10\x00\x12\x12\n\x0ePRT_TYPESCRIPT\x10\x01\x12\x0c\n\x08PRT_TIME\x10\x02\x42\x1f\n\x18\x63om.keepersecurity.protoB\x03PAMb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\tpam.proto\x12\x03PAM\x1a\x10\x65nterprise.proto\x1a\x0crecord.proto\"\x83\x01\n\x13PAMRotationSchedule\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x63onfigurationUid\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x14\n\x0cscheduleData\x18\x04 \x01(\t\x12\x12\n\nnoSchedule\x18\x05 \x01(\x08\"K\n\x1cPAMRotationSchedulesResponse\x12+\n\tschedules\x18\x01 \x03(\x0b\x32\x18.PAM.PAMRotationSchedule\"\x94\x01\n\x13PAMOnlineController\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x13\n\x0b\x63onnectedOn\x18\x02 \x01(\x03\x12\x11\n\tipAddress\x18\x03 \x01(\t\x12\x0f\n\x07version\x18\x04 \x01(\t\x12-\n\x0b\x63onnections\x18\x05 \x03(\x0b\x32\x18.PAM.PAMWebRtcConnection\"\xa7\x01\n\x13PAMWebRtcConnection\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12\'\n\x04type\x18\x02 \x01(\x0e\x32\x19.PAM.WebRtcConnectionType\x12\x11\n\trecordUid\x18\x03 \x01(\x0c\x12\x10\n\x08userName\x18\x04 \x01(\t\x12\x11\n\tstartedOn\x18\x05 \x01(\x03\x12\x18\n\x10\x63onfigurationUid\x18\x06 \x01(\x0c\"Y\n\x14PAMOnlineControllers\x12\x12\n\ndeprecated\x18\x01 \x03(\x0c\x12-\n\x0b\x63ontrollers\x18\x02 \x03(\x0b\x32\x18.PAM.PAMOnlineController\"9\n\x10PAMRotateRequest\x12\x12\n\nrequestUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\"A\n\x16PAMControllersResponse\x12\'\n\x0b\x63ontrollers\x18\x01 \x03(\x0b\x32\x12.PAM.PAMController\"=\n\x13PAMRemoveController\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x0f\n\x07message\x18\x02 \x01(\t\"L\n\x1bPAMRemoveControllerResponse\x12-\n\x0b\x63ontrollers\x18\x01 \x03(\x0b\x32\x18.PAM.PAMRemoveController\"=\n\x10PAMModifyRequest\x12)\n\noperations\x18\x01 \x03(\x0b\x32\x15.PAM.PAMDataOperation\"\x98\x01\n\x10PAMDataOperation\x12,\n\roperationType\x18\x01 \x01(\x0e\x32\x15.PAM.PAMOperationType\x12\x30\n\rconfiguration\x18\x02 \x01(\x0b\x32\x19.PAM.PAMConfigurationData\x12$\n\x07\x65lement\x18\x03 \x01(\x0b\x32\x13.PAM.PAMElementData\"e\n\x14PAMConfigurationData\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x04 \x01(\x0c\"E\n\x0ePAMElementData\x12\x12\n\nelementUid\x18\x01 \x01(\x0c\x12\x11\n\tparentUid\x18\x02 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x03 \x01(\x0c\"m\n\x19PAMElementOperationResult\x12\x12\n\nelementUid\x18\x01 \x01(\x0c\x12+\n\x06result\x18\x02 \x01(\x0e\x32\x1b.PAM.PAMOperationResultType\x12\x0f\n\x07message\x18\x03 \x01(\t\"B\n\x0fPAMModifyResult\x12/\n\x07results\x18\x01 \x03(\x0b\x32\x1e.PAM.PAMElementOperationResult\"x\n\nPAMElement\x12\x12\n\nelementUid\x18\x01 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x03 \x01(\x03\x12\x14\n\x0clastModified\x18\x04 \x01(\x03\x12!\n\x08\x63hildren\x18\x05 \x03(\x0b\x32\x0f.PAM.PAMElement\"#\n\x14PAMGenericUidRequest\x12\x0b\n\x03uid\x18\x01 \x01(\x0c\"%\n\x15PAMGenericUidsRequest\x12\x0c\n\x04uids\x18\x01 \x03(\x0c\"\xab\x01\n\x10PAMConfiguration\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x02 \x01(\x03\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x04 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x05 \x01(\x03\x12\x14\n\x0clastModified\x18\x06 \x01(\x03\x12!\n\x08\x63hildren\x18\x07 \x03(\x0b\x32\x0f.PAM.PAMElement\"B\n\x11PAMConfigurations\x12-\n\x0e\x63onfigurations\x18\x01 \x03(\x0b\x32\x15.PAM.PAMConfiguration\"\xff\x01\n\rPAMController\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63ontrollerName\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65viceToken\x18\x03 \x01(\t\x12\x12\n\ndeviceName\x18\x04 \x01(\t\x12\x0e\n\x06nodeId\x18\x05 \x01(\x03\x12\x0f\n\x07\x63reated\x18\x06 \x01(\x03\x12\x14\n\x0clastModified\x18\x07 \x01(\x03\x12\x16\n\x0e\x61pplicationUid\x18\x08 \x01(\x0c\x12\x30\n\rappClientType\x18\t \x01(\x0e\x32\x19.Enterprise.AppClientType\x12\x15\n\risInitialized\x18\n \x01(\x08\"P\n\x1dPAMSetMaxInstanceCountRequest\x12\x15\n\rcontrollerUid\x18\x01 \x01(\x0c\x12\x18\n\x10maxInstanceCount\x18\x02 \x01(\x05\"%\n\x12\x43ontrollerResponse\x12\x0f\n\x07payload\x18\x01 \x01(\t\"M\n\x1aPAMConfigurationController\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x02 \x01(\x0c\"\xa3\x01\n\x17\x43onfigurationAddRequest\x12\x18\n\x10\x63onfigurationUid\x18\x01 \x01(\x0c\x12\x11\n\trecordKey\x18\x02 \x01(\x0c\x12\x0c\n\x04\x64\x61ta\x18\x03 \x01(\x0c\x12(\n\x0brecordLinks\x18\x04 \x03(\x0b\x32\x13.Records.RecordLink\x12#\n\x05\x61udit\x18\x05 \x01(\x0b\x32\x14.Records.RecordAudit\"J\n\x10RelayAccessCreds\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x10\n\x08password\x18\x02 \x01(\t\x12\x12\n\nserverTime\x18\x03 \x01(\x03\"\x81\x02\n\x14PAMRecordingsRequest\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08maxCount\x18\x02 \x01(\x05\x12\x17\n\nrangeStart\x18\x03 \x01(\x03H\x00\x88\x01\x01\x12\x15\n\x08rangeEnd\x18\x04 \x01(\x03H\x01\x88\x01\x01\x12$\n\x05types\x18\x05 \x03(\x0e\x32\x15.PAM.PAMRecordingType\x12)\n\x05risks\x18\x06 \x03(\x0e\x32\x1a.PAM.PAMRecordingRiskLevel\x12\x11\n\tprotocols\x18\x07 \x03(\t\x12\x14\n\x0c\x63loseReasons\x18\x08 \x03(\x05\x42\r\n\x0b_rangeStartB\x0b\n\t_rangeEnd\"\xd4\x02\n\x0cPAMRecording\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12,\n\rrecordingType\x18\x02 \x01(\x0e\x32\x15.PAM.PAMRecordingType\x12\x11\n\trecordUid\x18\x03 \x01(\x0c\x12\x10\n\x08userName\x18\x04 \x01(\t\x12\x11\n\tstartedOn\x18\x05 \x01(\x03\x12\x0e\n\x06length\x18\x06 \x01(\x05\x12\x10\n\x08\x66ileSize\x18\x07 \x01(\x03\x12\x11\n\tcreatedOn\x18\x08 \x01(\x03\x12\x10\n\x08protocol\x18\t \x01(\t\x12\x13\n\x0b\x63loseReason\x18\n \x01(\x05\x12\x19\n\x11recordingDuration\x18\x0b \x01(\x05\x12\x36\n\x12\x61iOverallRiskLevel\x18\x0c \x01(\x0e\x32\x1a.PAM.PAMRecordingRiskLevel\x12\x18\n\x10\x61iOverallSummary\x18\r \x01(\x0c\"O\n\x15PAMRecordingsResponse\x12%\n\nrecordings\x18\x01 \x03(\x0b\x32\x11.PAM.PAMRecording\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\"*\n\x07PAMData\x12\x0e\n\x06vertex\x18\x01 \x01(\x0c\x12\x0f\n\x07\x63ontent\x18\x02 \x01(\x0c\"\x17\n\x07UidList\x12\x0c\n\x04uids\x18\x01 \x03(\x0c\"\x84\x03\n\x11PAMResourceConfig\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x17\n\nnetworkUid\x18\x02 \x01(\x0cH\x00\x88\x01\x01\x12\x15\n\x08\x61\x64minUid\x18\x03 \x01(\x0cH\x01\x88\x01\x01\x12\x11\n\x04meta\x18\x04 \x01(\x0cH\x02\x88\x01\x01\x12\x1f\n\x12\x63onnectionSettings\x18\x05 \x01(\x0cH\x03\x88\x01\x01\x12\'\n\x0c\x63onnectUsers\x18\x06 \x01(\x0b\x32\x0c.PAM.UidListH\x04\x88\x01\x01\x12\x16\n\tdomainUid\x18\x07 \x01(\x0cH\x05\x88\x01\x01\x12\x18\n\x0bjitSettings\x18\x08 \x01(\x0cH\x06\x88\x01\x01\x12\x1d\n\x10keeperAiSettings\x18\t \x01(\x0cH\x07\x88\x01\x01\x42\r\n\x0b_networkUidB\x0b\n\t_adminUidB\x07\n\x05_metaB\x15\n\x13_connectionSettingsB\x0f\n\r_connectUsersB\x0c\n\n_domainUidB\x0e\n\x0c_jitSettingsB\x13\n\x11_keeperAiSettings*\x8e\x01\n\x14WebRtcConnectionType\x12\x0e\n\nCONNECTION\x10\x00\x12\n\n\x06TUNNEL\x10\x01\x12\x07\n\x03SSH\x10\x02\x12\x07\n\x03RDP\x10\x03\x12\x08\n\x04HTTP\x10\x04\x12\x07\n\x03VNC\x10\x05\x12\n\n\x06TELNET\x10\x06\x12\t\n\x05MYSQL\x10\x07\x12\x0e\n\nSQL_SERVER\x10\x08\x12\x0e\n\nPOSTGRESQL\x10\t*@\n\x10PAMOperationType\x12\x07\n\x03\x41\x44\x44\x10\x00\x12\n\n\x06UPDATE\x10\x01\x12\x0b\n\x07REPLACE\x10\x02\x12\n\n\x06\x44\x45LETE\x10\x03*p\n\x16PAMOperationResultType\x12\x0f\n\x0bPOT_SUCCESS\x10\x00\x12\x15\n\x11POT_UNKNOWN_ERROR\x10\x01\x12\x16\n\x12POT_ALREADY_EXISTS\x10\x02\x12\x16\n\x12POT_DOES_NOT_EXIST\x10\x03*\\\n\x15\x43ontrollerMessageType\x12\x0f\n\x0b\x43MT_GENERAL\x10\x00\x12\x0e\n\nCMT_ROTATE\x10\x01\x12\x11\n\rCMT_DISCOVERY\x10\x02\x12\x0f\n\x0b\x43MT_CONNECT\x10\x03*V\n\x10PAMRecordingType\x12\x0f\n\x0bPRT_SESSION\x10\x00\x12\x12\n\x0ePRT_TYPESCRIPT\x10\x01\x12\x0c\n\x08PRT_TIME\x10\x02\x12\x0f\n\x0bPRT_SUMMARY\x10\x03*i\n\x15PAMRecordingRiskLevel\x12\x13\n\x0fPRR_UNSPECIFIED\x10\x00\x12\x0b\n\x07PRR_LOW\x10\x01\x12\x0e\n\nPRR_MEDIUM\x10\x02\x12\x0c\n\x08PRR_HIGH\x10\x03\x12\x10\n\x0cPRR_CRITICAL\x10\x04\x42\x1f\n\x18\x63om.keepersecurity.protoB\x03PAMb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -26,16 +34,18 @@ if not _descriptor._USE_C_DESCRIPTORS: _globals['DESCRIPTOR']._loaded_options = None _globals['DESCRIPTOR']._serialized_options = b'\n\030com.keepersecurity.protoB\003PAM' - _globals['_WEBRTCCONNECTIONTYPE']._serialized_start=3236 - _globals['_WEBRTCCONNECTIONTYPE']._serialized_end=3378 - _globals['_PAMOPERATIONTYPE']._serialized_start=3380 - _globals['_PAMOPERATIONTYPE']._serialized_end=3444 - _globals['_PAMOPERATIONRESULTTYPE']._serialized_start=3446 - _globals['_PAMOPERATIONRESULTTYPE']._serialized_end=3558 - _globals['_CONTROLLERMESSAGETYPE']._serialized_start=3560 - _globals['_CONTROLLERMESSAGETYPE']._serialized_end=3652 - _globals['_PAMRECORDINGTYPE']._serialized_start=3654 - _globals['_PAMRECORDINGTYPE']._serialized_end=3723 + _globals['_WEBRTCCONNECTIONTYPE']._serialized_start=3796 + _globals['_WEBRTCCONNECTIONTYPE']._serialized_end=3938 + _globals['_PAMOPERATIONTYPE']._serialized_start=3940 + _globals['_PAMOPERATIONTYPE']._serialized_end=4004 + _globals['_PAMOPERATIONRESULTTYPE']._serialized_start=4006 + _globals['_PAMOPERATIONRESULTTYPE']._serialized_end=4118 + _globals['_CONTROLLERMESSAGETYPE']._serialized_start=4120 + _globals['_CONTROLLERMESSAGETYPE']._serialized_end=4212 + _globals['_PAMRECORDINGTYPE']._serialized_start=4214 + _globals['_PAMRECORDINGTYPE']._serialized_end=4300 + _globals['_PAMRECORDINGRISKLEVEL']._serialized_start=4302 + _globals['_PAMRECORDINGRISKLEVEL']._serialized_end=4407 _globals['_PAMROTATIONSCHEDULE']._serialized_start=51 _globals['_PAMROTATIONSCHEDULE']._serialized_end=182 _globals['_PAMROTATIONSCHEDULESRESPONSE']._serialized_start=184 @@ -78,22 +88,26 @@ _globals['_PAMCONFIGURATIONS']._serialized_end=1949 _globals['_PAMCONTROLLER']._serialized_start=1952 _globals['_PAMCONTROLLER']._serialized_end=2207 - _globals['_CONTROLLERRESPONSE']._serialized_start=2209 - _globals['_CONTROLLERRESPONSE']._serialized_end=2246 - _globals['_PAMCONFIGURATIONCONTROLLER']._serialized_start=2248 - _globals['_PAMCONFIGURATIONCONTROLLER']._serialized_end=2325 - _globals['_CONFIGURATIONADDREQUEST']._serialized_start=2328 - _globals['_CONFIGURATIONADDREQUEST']._serialized_end=2491 - _globals['_RELAYACCESSCREDS']._serialized_start=2493 - _globals['_RELAYACCESSCREDS']._serialized_end=2567 - _globals['_PAMRECORDING']._serialized_start=2570 - _globals['_PAMRECORDING']._serialized_end=2761 - _globals['_PAMRECORDINGSRESPONSE']._serialized_start=2763 - _globals['_PAMRECORDINGSRESPONSE']._serialized_end=2825 - _globals['_PAMDATA']._serialized_start=2827 - _globals['_PAMDATA']._serialized_end=2869 - _globals['_UIDLIST']._serialized_start=2871 - _globals['_UIDLIST']._serialized_end=2894 - _globals['_PAMRESOURCECONFIG']._serialized_start=2897 - _globals['_PAMRESOURCECONFIG']._serialized_end=3233 + _globals['_PAMSETMAXINSTANCECOUNTREQUEST']._serialized_start=2209 + _globals['_PAMSETMAXINSTANCECOUNTREQUEST']._serialized_end=2289 + _globals['_CONTROLLERRESPONSE']._serialized_start=2291 + _globals['_CONTROLLERRESPONSE']._serialized_end=2328 + _globals['_PAMCONFIGURATIONCONTROLLER']._serialized_start=2330 + _globals['_PAMCONFIGURATIONCONTROLLER']._serialized_end=2407 + _globals['_CONFIGURATIONADDREQUEST']._serialized_start=2410 + _globals['_CONFIGURATIONADDREQUEST']._serialized_end=2573 + _globals['_RELAYACCESSCREDS']._serialized_start=2575 + _globals['_RELAYACCESSCREDS']._serialized_end=2649 + _globals['_PAMRECORDINGSREQUEST']._serialized_start=2652 + _globals['_PAMRECORDINGSREQUEST']._serialized_end=2909 + _globals['_PAMRECORDING']._serialized_start=2912 + _globals['_PAMRECORDING']._serialized_end=3252 + _globals['_PAMRECORDINGSRESPONSE']._serialized_start=3254 + _globals['_PAMRECORDINGSRESPONSE']._serialized_end=3333 + _globals['_PAMDATA']._serialized_start=3335 + _globals['_PAMDATA']._serialized_end=3377 + _globals['_UIDLIST']._serialized_start=3379 + _globals['_UIDLIST']._serialized_end=3402 + _globals['_PAMRESOURCECONFIG']._serialized_start=3405 + _globals['_PAMRESOURCECONFIG']._serialized_end=3793 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/pam_pb2.pyi b/keepersdk-package/src/keepersdk/proto/pam_pb2.pyi index ff7dbed7..e7a5ffc3 100644 --- a/keepersdk-package/src/keepersdk/proto/pam_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/pam_pb2.pyi @@ -47,6 +47,15 @@ class PAMRecordingType(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): PRT_SESSION: _ClassVar[PAMRecordingType] PRT_TYPESCRIPT: _ClassVar[PAMRecordingType] PRT_TIME: _ClassVar[PAMRecordingType] + PRT_SUMMARY: _ClassVar[PAMRecordingType] + +class PAMRecordingRiskLevel(int, metaclass=_enum_type_wrapper.EnumTypeWrapper): + __slots__ = () + PRR_UNSPECIFIED: _ClassVar[PAMRecordingRiskLevel] + PRR_LOW: _ClassVar[PAMRecordingRiskLevel] + PRR_MEDIUM: _ClassVar[PAMRecordingRiskLevel] + PRR_HIGH: _ClassVar[PAMRecordingRiskLevel] + PRR_CRITICAL: _ClassVar[PAMRecordingRiskLevel] CONNECTION: WebRtcConnectionType TUNNEL: WebRtcConnectionType SSH: WebRtcConnectionType @@ -72,6 +81,12 @@ CMT_CONNECT: ControllerMessageType PRT_SESSION: PAMRecordingType PRT_TYPESCRIPT: PAMRecordingType PRT_TIME: PAMRecordingType +PRT_SUMMARY: PAMRecordingType +PRR_UNSPECIFIED: PAMRecordingRiskLevel +PRR_LOW: PAMRecordingRiskLevel +PRR_MEDIUM: PAMRecordingRiskLevel +PRR_HIGH: PAMRecordingRiskLevel +PRR_CRITICAL: PAMRecordingRiskLevel class PAMRotationSchedule(_message.Message): __slots__ = ("recordUid", "configurationUid", "controllerUid", "scheduleData", "noSchedule") @@ -287,6 +302,14 @@ class PAMController(_message.Message): isInitialized: bool def __init__(self, controllerUid: _Optional[bytes] = ..., controllerName: _Optional[str] = ..., deviceToken: _Optional[str] = ..., deviceName: _Optional[str] = ..., nodeId: _Optional[int] = ..., created: _Optional[int] = ..., lastModified: _Optional[int] = ..., applicationUid: _Optional[bytes] = ..., appClientType: _Optional[_Union[_enterprise_pb2.AppClientType, str]] = ..., isInitialized: bool = ...) -> None: ... +class PAMSetMaxInstanceCountRequest(_message.Message): + __slots__ = ("controllerUid", "maxInstanceCount") + CONTROLLERUID_FIELD_NUMBER: _ClassVar[int] + MAXINSTANCECOUNT_FIELD_NUMBER: _ClassVar[int] + controllerUid: bytes + maxInstanceCount: int + def __init__(self, controllerUid: _Optional[bytes] = ..., maxInstanceCount: _Optional[int] = ...) -> None: ... + class ControllerResponse(_message.Message): __slots__ = ("payload",) PAYLOAD_FIELD_NUMBER: _ClassVar[int] @@ -325,8 +348,28 @@ class RelayAccessCreds(_message.Message): serverTime: int def __init__(self, username: _Optional[str] = ..., password: _Optional[str] = ..., serverTime: _Optional[int] = ...) -> None: ... +class PAMRecordingsRequest(_message.Message): + __slots__ = ("recordUid", "maxCount", "rangeStart", "rangeEnd", "types", "risks", "protocols", "closeReasons") + RECORDUID_FIELD_NUMBER: _ClassVar[int] + MAXCOUNT_FIELD_NUMBER: _ClassVar[int] + RANGESTART_FIELD_NUMBER: _ClassVar[int] + RANGEEND_FIELD_NUMBER: _ClassVar[int] + TYPES_FIELD_NUMBER: _ClassVar[int] + RISKS_FIELD_NUMBER: _ClassVar[int] + PROTOCOLS_FIELD_NUMBER: _ClassVar[int] + CLOSEREASONS_FIELD_NUMBER: _ClassVar[int] + recordUid: bytes + maxCount: int + rangeStart: int + rangeEnd: int + types: _containers.RepeatedScalarFieldContainer[PAMRecordingType] + risks: _containers.RepeatedScalarFieldContainer[PAMRecordingRiskLevel] + protocols: _containers.RepeatedScalarFieldContainer[str] + closeReasons: _containers.RepeatedScalarFieldContainer[int] + def __init__(self, recordUid: _Optional[bytes] = ..., maxCount: _Optional[int] = ..., rangeStart: _Optional[int] = ..., rangeEnd: _Optional[int] = ..., types: _Optional[_Iterable[_Union[PAMRecordingType, str]]] = ..., risks: _Optional[_Iterable[_Union[PAMRecordingRiskLevel, str]]] = ..., protocols: _Optional[_Iterable[str]] = ..., closeReasons: _Optional[_Iterable[int]] = ...) -> None: ... + class PAMRecording(_message.Message): - __slots__ = ("connectionUid", "recordingType", "recordUid", "userName", "startedOn", "length", "fileSize", "protocol") + __slots__ = ("connectionUid", "recordingType", "recordUid", "userName", "startedOn", "length", "fileSize", "createdOn", "protocol", "closeReason", "recordingDuration", "aiOverallRiskLevel", "aiOverallSummary") CONNECTIONUID_FIELD_NUMBER: _ClassVar[int] RECORDINGTYPE_FIELD_NUMBER: _ClassVar[int] RECORDUID_FIELD_NUMBER: _ClassVar[int] @@ -334,7 +377,12 @@ class PAMRecording(_message.Message): STARTEDON_FIELD_NUMBER: _ClassVar[int] LENGTH_FIELD_NUMBER: _ClassVar[int] FILESIZE_FIELD_NUMBER: _ClassVar[int] + CREATEDON_FIELD_NUMBER: _ClassVar[int] PROTOCOL_FIELD_NUMBER: _ClassVar[int] + CLOSEREASON_FIELD_NUMBER: _ClassVar[int] + RECORDINGDURATION_FIELD_NUMBER: _ClassVar[int] + AIOVERALLRISKLEVEL_FIELD_NUMBER: _ClassVar[int] + AIOVERALLSUMMARY_FIELD_NUMBER: _ClassVar[int] connectionUid: bytes recordingType: PAMRecordingType recordUid: bytes @@ -342,14 +390,21 @@ class PAMRecording(_message.Message): startedOn: int length: int fileSize: int + createdOn: int protocol: str - def __init__(self, connectionUid: _Optional[bytes] = ..., recordingType: _Optional[_Union[PAMRecordingType, str]] = ..., recordUid: _Optional[bytes] = ..., userName: _Optional[str] = ..., startedOn: _Optional[int] = ..., length: _Optional[int] = ..., fileSize: _Optional[int] = ..., protocol: _Optional[str] = ...) -> None: ... + closeReason: int + recordingDuration: int + aiOverallRiskLevel: PAMRecordingRiskLevel + aiOverallSummary: bytes + def __init__(self, connectionUid: _Optional[bytes] = ..., recordingType: _Optional[_Union[PAMRecordingType, str]] = ..., recordUid: _Optional[bytes] = ..., userName: _Optional[str] = ..., startedOn: _Optional[int] = ..., length: _Optional[int] = ..., fileSize: _Optional[int] = ..., createdOn: _Optional[int] = ..., protocol: _Optional[str] = ..., closeReason: _Optional[int] = ..., recordingDuration: _Optional[int] = ..., aiOverallRiskLevel: _Optional[_Union[PAMRecordingRiskLevel, str]] = ..., aiOverallSummary: _Optional[bytes] = ...) -> None: ... class PAMRecordingsResponse(_message.Message): - __slots__ = ("recordings",) + __slots__ = ("recordings", "hasMore") RECORDINGS_FIELD_NUMBER: _ClassVar[int] + HASMORE_FIELD_NUMBER: _ClassVar[int] recordings: _containers.RepeatedCompositeFieldContainer[PAMRecording] - def __init__(self, recordings: _Optional[_Iterable[_Union[PAMRecording, _Mapping]]] = ...) -> None: ... + hasMore: bool + def __init__(self, recordings: _Optional[_Iterable[_Union[PAMRecording, _Mapping]]] = ..., hasMore: bool = ...) -> None: ... class PAMData(_message.Message): __slots__ = ("vertex", "content") @@ -366,7 +421,7 @@ class UidList(_message.Message): def __init__(self, uids: _Optional[_Iterable[bytes]] = ...) -> None: ... class PAMResourceConfig(_message.Message): - __slots__ = ("recordUid", "networkUid", "adminUid", "meta", "connectionSettings", "connectUsers", "domainUid", "jitSettings") + __slots__ = ("recordUid", "networkUid", "adminUid", "meta", "connectionSettings", "connectUsers", "domainUid", "jitSettings", "keeperAiSettings") RECORDUID_FIELD_NUMBER: _ClassVar[int] NETWORKUID_FIELD_NUMBER: _ClassVar[int] ADMINUID_FIELD_NUMBER: _ClassVar[int] @@ -375,6 +430,7 @@ class PAMResourceConfig(_message.Message): CONNECTUSERS_FIELD_NUMBER: _ClassVar[int] DOMAINUID_FIELD_NUMBER: _ClassVar[int] JITSETTINGS_FIELD_NUMBER: _ClassVar[int] + KEEPERAISETTINGS_FIELD_NUMBER: _ClassVar[int] recordUid: bytes networkUid: bytes adminUid: bytes @@ -383,4 +439,5 @@ class PAMResourceConfig(_message.Message): connectUsers: UidList domainUid: bytes jitSettings: bytes - def __init__(self, recordUid: _Optional[bytes] = ..., networkUid: _Optional[bytes] = ..., adminUid: _Optional[bytes] = ..., meta: _Optional[bytes] = ..., connectionSettings: _Optional[bytes] = ..., connectUsers: _Optional[_Union[UidList, _Mapping]] = ..., domainUid: _Optional[bytes] = ..., jitSettings: _Optional[bytes] = ...) -> None: ... + keeperAiSettings: bytes + def __init__(self, recordUid: _Optional[bytes] = ..., networkUid: _Optional[bytes] = ..., adminUid: _Optional[bytes] = ..., meta: _Optional[bytes] = ..., connectionSettings: _Optional[bytes] = ..., connectUsers: _Optional[_Union[UidList, _Mapping]] = ..., domainUid: _Optional[bytes] = ..., jitSettings: _Optional[bytes] = ..., keeperAiSettings: _Optional[bytes] = ...) -> None: ... diff --git a/keepersdk-package/src/keepersdk/proto/pedm_pb2.py b/keepersdk-package/src/keepersdk/proto/pedm_pb2.py index c8177338..840a83a1 100644 --- a/keepersdk-package/src/keepersdk/proto/pedm_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/pedm_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: pedm.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'pedm.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -18,7 +26,7 @@ from . import NotificationCenter_pb2 as NotificationCenter__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\npedm.proto\x12\x04PEDM\x1a\x0c\x66older.proto\x1a\x18NotificationCenter.proto\"O\n\x17PEDMTOTPValidateRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x14\n\x0c\x65nterpriseId\x18\x02 \x01(\x05\x12\x0c\n\x04\x63ode\x18\x03 \x01(\x05\";\n\nPedmStatus\x12\x0b\n\x03key\x18\x01 \x03(\x0c\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x0f\n\x07message\x18\x03 \x01(\t\"\x89\x01\n\x12PedmStatusResponse\x12#\n\taddStatus\x18\x01 \x03(\x0b\x32\x10.PEDM.PedmStatus\x12&\n\x0cupdateStatus\x18\x02 \x03(\x0b\x32\x10.PEDM.PedmStatus\x12&\n\x0cremoveStatus\x18\x03 \x03(\x0b\x32\x10.PEDM.PedmStatus\"4\n\x0e\x44\x65ploymentData\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x65\x63PrivateKey\x18\x02 \x01(\x0c\"\x9a\x01\n\x17\x44\x65ploymentCreateRequest\x12\x15\n\rdeploymentUid\x18\x01 \x01(\x0c\x12\x0e\n\x06\x61\x65sKey\x18\x02 \x01(\x0c\x12\x13\n\x0b\x65\x63PublicKey\x18\x03 \x01(\x0c\x12\x19\n\x11spiffeCertificate\x18\x04 \x01(\x0c\x12\x15\n\rencryptedData\x18\x05 \x01(\x0c\x12\x11\n\tagentData\x18\x06 \x01(\x0c\"\x8d\x01\n\x17\x44\x65ploymentUpdateRequest\x12\x15\n\rdeploymentUid\x18\x01 \x01(\x0c\x12\x15\n\rencryptedData\x18\x02 \x01(\x0c\x12)\n\x08\x64isabled\x18\x03 \x01(\x0e\x32\x17.Folder.SetBooleanValue\x12\x19\n\x11spiffeCertificate\x18\x04 \x01(\x0c\"\xa2\x01\n\x17ModifyDeploymentRequest\x12\x34\n\raddDeployment\x18\x01 \x03(\x0b\x32\x1d.PEDM.DeploymentCreateRequest\x12\x37\n\x10updateDeployment\x18\x02 \x03(\x0b\x32\x1d.PEDM.DeploymentUpdateRequest\x12\x18\n\x10removeDeployment\x18\x03 \x03(\x0c\"a\n\x0b\x41gentUpdate\x12\x10\n\x08\x61gentUid\x18\x01 \x01(\x0c\x12)\n\x08\x64isabled\x18\x02 \x01(\x0e\x32\x17.Folder.SetBooleanValue\x12\x15\n\rdeploymentUid\x18\x03 \x01(\x0c\"Q\n\x12ModifyAgentRequest\x12&\n\x0bupdateAgent\x18\x02 \x03(\x0b\x32\x11.PEDM.AgentUpdate\x12\x13\n\x0bremoveAgent\x18\x03 \x03(\x0c\"^\n\tPolicyAdd\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x11\n\tplainData\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x14\n\x0c\x65ncryptedKey\x18\x04 \x01(\x0c\"K\n\x0cPolicyUpdate\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x11\n\tplainData\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\"s\n\rPolicyRequest\x12\"\n\taddPolicy\x18\x01 \x03(\x0b\x32\x0f.PEDM.PolicyAdd\x12(\n\x0cupdatePolicy\x18\x02 \x03(\x0b\x32\x12.PEDM.PolicyUpdate\x12\x14\n\x0cremovePolicy\x18\x03 \x03(\x0c\"6\n\nPolicyLink\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x15\n\rcollectionUid\x18\x02 \x03(\x0c\"E\n\x1aSetPolicyCollectionRequest\x12\'\n\rsetCollection\x18\x01 \x03(\x0b\x32\x10.PEDM.PolicyLink\"L\n\x1bSetPolicyCollectionResponse\x12-\n\x13setCollectionStatus\x18\x01 \x03(\x0b\x32\x10.PEDM.PedmStatus\"W\n\x0f\x43ollectionValue\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63ollectionType\x18\x02 \x01(\x05\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\"z\n\x12\x43ollectionLinkData\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x0f\n\x07linkUid\x18\x02 \x01(\x0c\x12*\n\x08linkType\x18\x03 \x01(\x0e\x32\x18.PEDM.CollectionLinkType\x12\x10\n\x08linkData\x18\x04 \x01(\x0c\"\x8c\x01\n\x11\x43ollectionRequest\x12,\n\raddCollection\x18\x01 \x03(\x0b\x32\x15.PEDM.CollectionValue\x12/\n\x10updateCollection\x18\x02 \x03(\x0b\x32\x15.PEDM.CollectionValue\x12\x18\n\x10removeCollection\x18\x03 \x03(\x0c\"{\n\x18SetCollectionLinkRequest\x12/\n\raddCollection\x18\x01 \x03(\x0b\x32\x18.PEDM.CollectionLinkData\x12.\n\x10removeCollection\x18\x02 \x03(\x0b\x32\x14.PEDM.CollectionLink\"F\n\x15\x41pprovalActionRequest\x12\x0f\n\x07\x61pprove\x18\x01 \x03(\x0c\x12\x0c\n\x04\x64\x65ny\x18\x02 \x03(\x0c\x12\x0e\n\x06remove\x18\x03 \x03(\x0c\"}\n\x16\x41pprovalActionResponse\x12!\n\x07\x61pprove\x18\x01 \x03(\x0b\x32\x10.PEDM.PedmStatus\x12\x1e\n\x04\x64\x65ny\x18\x02 \x03(\x0b\x32\x10.PEDM.PedmStatus\x12 \n\x06remove\x18\x03 \x03(\x0b\x32\x10.PEDM.PedmStatus\"\xab\x01\n\x0e\x44\x65ploymentNode\x12\x15\n\rdeploymentUid\x18\x01 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x02 \x01(\x08\x12\x0e\n\x06\x61\x65sKey\x18\x03 \x01(\x0c\x12\x13\n\x0b\x65\x63PublicKey\x18\x04 \x01(\x0c\x12\x15\n\rencryptedData\x18\x05 \x01(\x0c\x12\x11\n\tagentData\x18\x06 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x07 \x01(\x03\x12\x10\n\x08modified\x18\x08 \x01(\x03\"\xa8\x01\n\tAgentNode\x12\x10\n\x08\x61gentUid\x18\x01 \x01(\x0c\x12\x11\n\tmachineId\x18\x02 \x01(\t\x12\x15\n\rdeploymentUid\x18\x03 \x01(\x0c\x12\x13\n\x0b\x65\x63PublicKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x05 \x01(\x08\x12\x15\n\rencryptedData\x18\x06 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x07 \x01(\x03\x12\x10\n\x08modified\x18\x08 \x01(\x03\"\x82\x01\n\nPolicyNode\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x11\n\tplainData\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x14\n\x0c\x65ncryptedKey\x18\x04 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x05 \x01(\x03\x12\x10\n\x08modified\x18\x06 \x01(\x03\"g\n\x0e\x43ollectionNode\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63ollectionType\x18\x02 \x01(\x05\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x04 \x01(\x03\"d\n\x0e\x43ollectionLink\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x0f\n\x07linkUid\x18\x02 \x01(\x0c\x12*\n\x08linkType\x18\x03 \x01(\x0e\x32\x18.PEDM.CollectionLinkType\"\x9d\x01\n\x12\x41pprovalStatusNode\x12\x13\n\x0b\x61pprovalUid\x18\x01 \x01(\x0c\x12\x46\n\x0e\x61pprovalStatus\x18\x02 \x01(\x0e\x32..NotificationCenter.NotificationApprovalStatus\x12\x18\n\x10\x65nterpriseUserId\x18\x03 \x01(\x03\x12\x10\n\x08modified\x18\n \x01(\x03\"\xb3\x01\n\x0c\x41pprovalNode\x12\x13\n\x0b\x61pprovalUid\x18\x01 \x01(\x0c\x12\x14\n\x0c\x61pprovalType\x18\x02 \x01(\x05\x12\x10\n\x08\x61gentUid\x18\x03 \x01(\x0c\x12\x13\n\x0b\x61\x63\x63ountInfo\x18\x04 \x01(\x0c\x12\x17\n\x0f\x61pplicationInfo\x18\x05 \x01(\x0c\x12\x15\n\rjustification\x18\x06 \x01(\x0c\x12\x10\n\x08\x65xpireIn\x18\x07 \x01(\x05\x12\x0f\n\x07\x63reated\x18\n \x01(\x03\"C\n\rFullSyncToken\x12\x15\n\rstartRevision\x18\x01 \x01(\x03\x12\x0e\n\x06\x65ntity\x18\x02 \x01(\x05\x12\x0b\n\x03key\x18\x03 \x03(\x0c\"$\n\x0cIncSyncToken\x12\x14\n\x0clastRevision\x18\x02 \x01(\x03\"h\n\rPedmSyncToken\x12\'\n\x08\x66ullSync\x18\x02 \x01(\x0b\x32\x13.PEDM.FullSyncTokenH\x00\x12%\n\x07incSync\x18\x03 \x01(\x0b\x32\x12.PEDM.IncSyncTokenH\x00\x42\x07\n\x05token\"/\n\x12GetPedmDataRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"\xad\x04\n\x13GetPedmDataResponse\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x12\n\nresetCache\x18\x02 \x01(\x08\x12\x0f\n\x07hasMore\x18\x03 \x01(\x08\x12\x1a\n\x12removedDeployments\x18\n \x03(\x0c\x12\x15\n\rremovedAgents\x18\x0b \x03(\x0c\x12\x17\n\x0fremovedPolicies\x18\x0c \x03(\x0c\x12\x19\n\x11removedCollection\x18\r \x03(\x0c\x12\x33\n\x15removedCollectionLink\x18\x0e \x03(\x0b\x32\x14.PEDM.CollectionLink\x12\x18\n\x10removedApprovals\x18\x0f \x03(\x0c\x12)\n\x0b\x64\x65ployments\x18\x14 \x03(\x0b\x32\x14.PEDM.DeploymentNode\x12\x1f\n\x06\x61gents\x18\x15 \x03(\x0b\x32\x0f.PEDM.AgentNode\x12\"\n\x08policies\x18\x16 \x03(\x0b\x32\x10.PEDM.PolicyNode\x12)\n\x0b\x63ollections\x18\x17 \x03(\x0b\x32\x14.PEDM.CollectionNode\x12,\n\x0e\x63ollectionLink\x18\x18 \x03(\x0b\x32\x14.PEDM.CollectionLink\x12%\n\tapprovals\x18\x19 \x03(\x0b\x32\x12.PEDM.ApprovalNode\x12\x30\n\x0e\x61pprovalStatus\x18\x1a \x03(\x0b\x32\x18.PEDM.ApprovalStatusNode\"]\n\x16\x41uditCollectionRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x10\n\x08valueUid\x18\x02 \x03(\x0c\x12\x16\n\x0e\x63ollectionName\x18\x03 \x03(\t\"h\n\x14\x41uditCollectionValue\x12\x16\n\x0e\x63ollectionName\x18\x01 \x01(\t\x12\x10\n\x08valueUid\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x04 \x01(\x03\"q\n\x17\x41uditCollectionResponse\x12*\n\x06values\x18\x01 \x03(\x0b\x32\x1a.PEDM.AuditCollectionValue\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\x12\x19\n\x11\x63ontinuationToken\x18\x03 \x01(\x0c*j\n\x12\x43ollectionLinkType\x12\r\n\tCLT_OTHER\x10\x00\x12\r\n\tCLT_AGENT\x10\x01\x12\x0e\n\nCLT_POLICY\x10\x02\x12\x12\n\x0e\x43LT_COLLECTION\x10\x03\x12\x12\n\x0e\x43LT_DEPLOYMENT\x10\x04\x42 \n\x18\x63om.keepersecurity.protoB\x04PEDMb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\npedm.proto\x12\x04PEDM\x1a\x0c\x66older.proto\x1a\x18NotificationCenter.proto\"O\n\x17PEDMTOTPValidateRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x14\n\x0c\x65nterpriseId\x18\x02 \x01(\x05\x12\x0c\n\x04\x63ode\x18\x03 \x01(\x05\";\n\nPedmStatus\x12\x0b\n\x03key\x18\x01 \x03(\x0c\x12\x0f\n\x07success\x18\x02 \x01(\x08\x12\x0f\n\x07message\x18\x03 \x01(\t\"\x89\x01\n\x12PedmStatusResponse\x12#\n\taddStatus\x18\x01 \x03(\x0b\x32\x10.PEDM.PedmStatus\x12&\n\x0cupdateStatus\x18\x02 \x03(\x0b\x32\x10.PEDM.PedmStatus\x12&\n\x0cremoveStatus\x18\x03 \x03(\x0b\x32\x10.PEDM.PedmStatus\"4\n\x0e\x44\x65ploymentData\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x65\x63PrivateKey\x18\x02 \x01(\x0c\"\x9a\x01\n\x17\x44\x65ploymentCreateRequest\x12\x15\n\rdeploymentUid\x18\x01 \x01(\x0c\x12\x0e\n\x06\x61\x65sKey\x18\x02 \x01(\x0c\x12\x13\n\x0b\x65\x63PublicKey\x18\x03 \x01(\x0c\x12\x19\n\x11spiffeCertificate\x18\x04 \x01(\x0c\x12\x15\n\rencryptedData\x18\x05 \x01(\x0c\x12\x11\n\tagentData\x18\x06 \x01(\x0c\"\x8d\x01\n\x17\x44\x65ploymentUpdateRequest\x12\x15\n\rdeploymentUid\x18\x01 \x01(\x0c\x12\x15\n\rencryptedData\x18\x02 \x01(\x0c\x12)\n\x08\x64isabled\x18\x03 \x01(\x0e\x32\x17.Folder.SetBooleanValue\x12\x19\n\x11spiffeCertificate\x18\x04 \x01(\x0c\"\xa2\x01\n\x17ModifyDeploymentRequest\x12\x34\n\raddDeployment\x18\x01 \x03(\x0b\x32\x1d.PEDM.DeploymentCreateRequest\x12\x37\n\x10updateDeployment\x18\x02 \x03(\x0b\x32\x1d.PEDM.DeploymentUpdateRequest\x12\x18\n\x10removeDeployment\x18\x03 \x03(\x0c\"a\n\x0b\x41gentUpdate\x12\x10\n\x08\x61gentUid\x18\x01 \x01(\x0c\x12)\n\x08\x64isabled\x18\x02 \x01(\x0e\x32\x17.Folder.SetBooleanValue\x12\x15\n\rdeploymentUid\x18\x03 \x01(\x0c\"Q\n\x12ModifyAgentRequest\x12&\n\x0bupdateAgent\x18\x02 \x03(\x0b\x32\x11.PEDM.AgentUpdate\x12\x13\n\x0bremoveAgent\x18\x03 \x03(\x0c\"p\n\tPolicyAdd\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x11\n\tplainData\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x14\n\x0c\x65ncryptedKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x05 \x01(\x08\"v\n\x0cPolicyUpdate\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x11\n\tplainData\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12)\n\x08\x64isabled\x18\x04 \x01(\x0e\x32\x17.Folder.SetBooleanValue\"s\n\rPolicyRequest\x12\"\n\taddPolicy\x18\x01 \x03(\x0b\x32\x0f.PEDM.PolicyAdd\x12(\n\x0cupdatePolicy\x18\x02 \x03(\x0b\x32\x12.PEDM.PolicyUpdate\x12\x14\n\x0cremovePolicy\x18\x03 \x03(\x0c\"6\n\nPolicyLink\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x15\n\rcollectionUid\x18\x02 \x03(\x0c\"E\n\x1aSetPolicyCollectionRequest\x12\'\n\rsetCollection\x18\x01 \x03(\x0b\x32\x10.PEDM.PolicyLink\"W\n\x0f\x43ollectionValue\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63ollectionType\x18\x02 \x01(\x05\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\"z\n\x12\x43ollectionLinkData\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x0f\n\x07linkUid\x18\x02 \x01(\x0c\x12*\n\x08linkType\x18\x03 \x01(\x0e\x32\x18.PEDM.CollectionLinkType\x12\x10\n\x08linkData\x18\x04 \x01(\x0c\"\x8c\x01\n\x11\x43ollectionRequest\x12,\n\raddCollection\x18\x01 \x03(\x0b\x32\x15.PEDM.CollectionValue\x12/\n\x10updateCollection\x18\x02 \x03(\x0b\x32\x15.PEDM.CollectionValue\x12\x18\n\x10removeCollection\x18\x03 \x03(\x0c\"{\n\x18SetCollectionLinkRequest\x12/\n\raddCollection\x18\x01 \x03(\x0b\x32\x18.PEDM.CollectionLinkData\x12.\n\x10removeCollection\x18\x02 \x03(\x0b\x32\x14.PEDM.CollectionLink\"F\n\x15\x41pprovalActionRequest\x12\x0f\n\x07\x61pprove\x18\x01 \x03(\x0c\x12\x0c\n\x04\x64\x65ny\x18\x02 \x03(\x0c\x12\x0e\n\x06remove\x18\x03 \x03(\x0c\"\xab\x01\n\x0e\x44\x65ploymentNode\x12\x15\n\rdeploymentUid\x18\x01 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x02 \x01(\x08\x12\x0e\n\x06\x61\x65sKey\x18\x03 \x01(\x0c\x12\x13\n\x0b\x65\x63PublicKey\x18\x04 \x01(\x0c\x12\x15\n\rencryptedData\x18\x05 \x01(\x0c\x12\x11\n\tagentData\x18\x06 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x07 \x01(\x03\x12\x10\n\x08modified\x18\x08 \x01(\x03\"\xa8\x01\n\tAgentNode\x12\x10\n\x08\x61gentUid\x18\x01 \x01(\x0c\x12\x11\n\tmachineId\x18\x02 \x01(\t\x12\x15\n\rdeploymentUid\x18\x03 \x01(\x0c\x12\x13\n\x0b\x65\x63PublicKey\x18\x04 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x05 \x01(\x08\x12\x15\n\rencryptedData\x18\x06 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x07 \x01(\x03\x12\x10\n\x08modified\x18\x08 \x01(\x03\"\x94\x01\n\nPolicyNode\x12\x11\n\tpolicyUid\x18\x01 \x01(\x0c\x12\x11\n\tplainData\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x14\n\x0c\x65ncryptedKey\x18\x04 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x05 \x01(\x03\x12\x10\n\x08modified\x18\x06 \x01(\x03\x12\x10\n\x08\x64isabled\x18\x07 \x01(\x08\"g\n\x0e\x43ollectionNode\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x16\n\x0e\x63ollectionType\x18\x02 \x01(\x05\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x04 \x01(\x03\"d\n\x0e\x43ollectionLink\x12\x15\n\rcollectionUid\x18\x01 \x01(\x0c\x12\x0f\n\x07linkUid\x18\x02 \x01(\x0c\x12*\n\x08linkType\x18\x03 \x01(\x0e\x32\x18.PEDM.CollectionLinkType\"\x9d\x01\n\x12\x41pprovalStatusNode\x12\x13\n\x0b\x61pprovalUid\x18\x01 \x01(\x0c\x12\x46\n\x0e\x61pprovalStatus\x18\x02 \x01(\x0e\x32..NotificationCenter.NotificationApprovalStatus\x12\x18\n\x10\x65nterpriseUserId\x18\x03 \x01(\x03\x12\x10\n\x08modified\x18\n \x01(\x03\"\xb3\x01\n\x0c\x41pprovalNode\x12\x13\n\x0b\x61pprovalUid\x18\x01 \x01(\x0c\x12\x14\n\x0c\x61pprovalType\x18\x02 \x01(\x05\x12\x10\n\x08\x61gentUid\x18\x03 \x01(\x0c\x12\x13\n\x0b\x61\x63\x63ountInfo\x18\x04 \x01(\x0c\x12\x17\n\x0f\x61pplicationInfo\x18\x05 \x01(\x0c\x12\x15\n\rjustification\x18\x06 \x01(\x0c\x12\x10\n\x08\x65xpireIn\x18\x07 \x01(\x05\x12\x0f\n\x07\x63reated\x18\n \x01(\x03\"C\n\rFullSyncToken\x12\x15\n\rstartRevision\x18\x01 \x01(\x03\x12\x0e\n\x06\x65ntity\x18\x02 \x01(\x05\x12\x0b\n\x03key\x18\x03 \x03(\x0c\"$\n\x0cIncSyncToken\x12\x14\n\x0clastRevision\x18\x02 \x01(\x03\"h\n\rPedmSyncToken\x12\'\n\x08\x66ullSync\x18\x02 \x01(\x0b\x32\x13.PEDM.FullSyncTokenH\x00\x12%\n\x07incSync\x18\x03 \x01(\x0b\x32\x12.PEDM.IncSyncTokenH\x00\x42\x07\n\x05token\"/\n\x12GetPedmDataRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\"\xad\x04\n\x13GetPedmDataResponse\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x12\n\nresetCache\x18\x02 \x01(\x08\x12\x0f\n\x07hasMore\x18\x03 \x01(\x08\x12\x1a\n\x12removedDeployments\x18\n \x03(\x0c\x12\x15\n\rremovedAgents\x18\x0b \x03(\x0c\x12\x17\n\x0fremovedPolicies\x18\x0c \x03(\x0c\x12\x19\n\x11removedCollection\x18\r \x03(\x0c\x12\x33\n\x15removedCollectionLink\x18\x0e \x03(\x0b\x32\x14.PEDM.CollectionLink\x12\x18\n\x10removedApprovals\x18\x0f \x03(\x0c\x12)\n\x0b\x64\x65ployments\x18\x14 \x03(\x0b\x32\x14.PEDM.DeploymentNode\x12\x1f\n\x06\x61gents\x18\x15 \x03(\x0b\x32\x0f.PEDM.AgentNode\x12\"\n\x08policies\x18\x16 \x03(\x0b\x32\x10.PEDM.PolicyNode\x12)\n\x0b\x63ollections\x18\x17 \x03(\x0b\x32\x14.PEDM.CollectionNode\x12,\n\x0e\x63ollectionLink\x18\x18 \x03(\x0b\x32\x14.PEDM.CollectionLink\x12%\n\tapprovals\x18\x19 \x03(\x0b\x32\x12.PEDM.ApprovalNode\x12\x30\n\x0e\x61pprovalStatus\x18\x1a \x03(\x0b\x32\x18.PEDM.ApprovalStatusNode\"<\n\x12PolicyAgentRequest\x12\x11\n\tpolicyUid\x18\x01 \x03(\x0c\x12\x13\n\x0bsummaryOnly\x18\x02 \x01(\x08\";\n\x13PolicyAgentResponse\x12\x12\n\nagentCount\x18\x01 \x01(\x05\x12\x10\n\x08\x61gentUid\x18\x02 \x03(\x0c\"]\n\x16\x41uditCollectionRequest\x12\x19\n\x11\x63ontinuationToken\x18\x01 \x01(\x0c\x12\x10\n\x08valueUid\x18\x02 \x03(\x0c\x12\x16\n\x0e\x63ollectionName\x18\x03 \x03(\t\"h\n\x14\x41uditCollectionValue\x12\x16\n\x0e\x63ollectionName\x18\x01 \x01(\t\x12\x10\n\x08valueUid\x18\x02 \x01(\x0c\x12\x15\n\rencryptedData\x18\x03 \x01(\x0c\x12\x0f\n\x07\x63reated\x18\x04 \x01(\x03\"q\n\x17\x41uditCollectionResponse\x12*\n\x06values\x18\x01 \x03(\x0b\x32\x1a.PEDM.AuditCollectionValue\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\x12\x19\n\x11\x63ontinuationToken\x18\x03 \x01(\x0c\"H\n\x18GetCollectionLinkRequest\x12,\n\x0e\x63ollectionLink\x18\x01 \x03(\x0b\x32\x14.PEDM.CollectionLink\"Q\n\x19GetCollectionLinkResponse\x12\x34\n\x12\x63ollectionLinkData\x18\x01 \x03(\x0b\x32\x18.PEDM.CollectionLinkData\"2\n\x1aGetActiveAgentCountRequest\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x03(\x05\">\n\x10\x41\x63tiveAgentCount\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x14\n\x0c\x61\x63tiveAgents\x18\x02 \x01(\x05\";\n\x12\x41\x63tiveAgentFailure\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x0f\n\x07message\x18\x02 \x01(\t\"x\n\x1bGetActiveAgentCountResponse\x12*\n\nagentCount\x18\x01 \x03(\x0b\x32\x16.PEDM.ActiveAgentCount\x12-\n\x0b\x66\x61iledCount\x18\x02 \x03(\x0b\x32\x18.PEDM.ActiveAgentFailure\"\x87\x01\n\x19GetAgentDailyCountRequest\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x03(\x05\x12$\n\tmonthYear\x18\x02 \x01(\x0b\x32\x0f.PEDM.MonthYearH\x00\x12$\n\tdateRange\x18\x03 \x01(\x0b\x32\x0f.PEDM.DateRangeH\x00\x42\x08\n\x06period\"(\n\tMonthYear\x12\r\n\x05month\x18\x01 \x01(\x05\x12\x0c\n\x04year\x18\x02 \x01(\x05\"\'\n\tDateRange\x12\r\n\x05start\x18\x01 \x01(\x03\x12\x0b\n\x03\x65nd\x18\x02 \x01(\x03\"3\n\x0f\x41gentDailyCount\x12\x0c\n\x04\x64\x61te\x18\x01 \x01(\x03\x12\x12\n\nagentCount\x18\x02 \x01(\x05\"V\n\x17\x41gentCountForEnterprise\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12%\n\x06\x63ounts\x18\x02 \x03(\x0b\x32\x15.PEDM.AgentDailyCount\"U\n\x1aGetAgentDailyCountResponse\x12\x37\n\x10\x65nterpriseCounts\x18\x01 \x03(\x0b\x32\x1d.PEDM.AgentCountForEnterprise*j\n\x12\x43ollectionLinkType\x12\r\n\tCLT_OTHER\x10\x00\x12\r\n\tCLT_AGENT\x10\x01\x12\x0e\n\nCLT_POLICY\x10\x02\x12\x12\n\x0e\x43LT_COLLECTION\x10\x03\x12\x12\n\x0e\x43LT_DEPLOYMENT\x10\x04\x42 \n\x18\x63om.keepersecurity.protoB\x04PEDMb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -26,8 +34,8 @@ if not _descriptor._USE_C_DESCRIPTORS: _globals['DESCRIPTOR']._loaded_options = None _globals['DESCRIPTOR']._serialized_options = b'\n\030com.keepersecurity.protoB\004PEDM' - _globals['_COLLECTIONLINKTYPE']._serialized_start=4384 - _globals['_COLLECTIONLINKTYPE']._serialized_end=4490 + _globals['_COLLECTIONLINKTYPE']._serialized_start=5286 + _globals['_COLLECTIONLINKTYPE']._serialized_end=5392 _globals['_PEDMTOTPVALIDATEREQUEST']._serialized_start=60 _globals['_PEDMTOTPVALIDATEREQUEST']._serialized_end=139 _globals['_PEDMSTATUS']._serialized_start=141 @@ -47,57 +55,81 @@ _globals['_MODIFYAGENTREQUEST']._serialized_start=961 _globals['_MODIFYAGENTREQUEST']._serialized_end=1042 _globals['_POLICYADD']._serialized_start=1044 - _globals['_POLICYADD']._serialized_end=1138 - _globals['_POLICYUPDATE']._serialized_start=1140 - _globals['_POLICYUPDATE']._serialized_end=1215 - _globals['_POLICYREQUEST']._serialized_start=1217 - _globals['_POLICYREQUEST']._serialized_end=1332 - _globals['_POLICYLINK']._serialized_start=1334 - _globals['_POLICYLINK']._serialized_end=1388 - _globals['_SETPOLICYCOLLECTIONREQUEST']._serialized_start=1390 - _globals['_SETPOLICYCOLLECTIONREQUEST']._serialized_end=1459 - _globals['_SETPOLICYCOLLECTIONRESPONSE']._serialized_start=1461 - _globals['_SETPOLICYCOLLECTIONRESPONSE']._serialized_end=1537 - _globals['_COLLECTIONVALUE']._serialized_start=1539 - _globals['_COLLECTIONVALUE']._serialized_end=1626 - _globals['_COLLECTIONLINKDATA']._serialized_start=1628 - _globals['_COLLECTIONLINKDATA']._serialized_end=1750 - _globals['_COLLECTIONREQUEST']._serialized_start=1753 - _globals['_COLLECTIONREQUEST']._serialized_end=1893 - _globals['_SETCOLLECTIONLINKREQUEST']._serialized_start=1895 - _globals['_SETCOLLECTIONLINKREQUEST']._serialized_end=2018 - _globals['_APPROVALACTIONREQUEST']._serialized_start=2020 - _globals['_APPROVALACTIONREQUEST']._serialized_end=2090 - _globals['_APPROVALACTIONRESPONSE']._serialized_start=2092 - _globals['_APPROVALACTIONRESPONSE']._serialized_end=2217 - _globals['_DEPLOYMENTNODE']._serialized_start=2220 - _globals['_DEPLOYMENTNODE']._serialized_end=2391 - _globals['_AGENTNODE']._serialized_start=2394 - _globals['_AGENTNODE']._serialized_end=2562 - _globals['_POLICYNODE']._serialized_start=2565 - _globals['_POLICYNODE']._serialized_end=2695 - _globals['_COLLECTIONNODE']._serialized_start=2697 - _globals['_COLLECTIONNODE']._serialized_end=2800 - _globals['_COLLECTIONLINK']._serialized_start=2802 - _globals['_COLLECTIONLINK']._serialized_end=2902 - _globals['_APPROVALSTATUSNODE']._serialized_start=2905 - _globals['_APPROVALSTATUSNODE']._serialized_end=3062 - _globals['_APPROVALNODE']._serialized_start=3065 - _globals['_APPROVALNODE']._serialized_end=3244 - _globals['_FULLSYNCTOKEN']._serialized_start=3246 - _globals['_FULLSYNCTOKEN']._serialized_end=3313 - _globals['_INCSYNCTOKEN']._serialized_start=3315 - _globals['_INCSYNCTOKEN']._serialized_end=3351 - _globals['_PEDMSYNCTOKEN']._serialized_start=3353 - _globals['_PEDMSYNCTOKEN']._serialized_end=3457 - _globals['_GETPEDMDATAREQUEST']._serialized_start=3459 - _globals['_GETPEDMDATAREQUEST']._serialized_end=3506 - _globals['_GETPEDMDATARESPONSE']._serialized_start=3509 - _globals['_GETPEDMDATARESPONSE']._serialized_end=4066 - _globals['_AUDITCOLLECTIONREQUEST']._serialized_start=4068 - _globals['_AUDITCOLLECTIONREQUEST']._serialized_end=4161 - _globals['_AUDITCOLLECTIONVALUE']._serialized_start=4163 - _globals['_AUDITCOLLECTIONVALUE']._serialized_end=4267 - _globals['_AUDITCOLLECTIONRESPONSE']._serialized_start=4269 - _globals['_AUDITCOLLECTIONRESPONSE']._serialized_end=4382 + _globals['_POLICYADD']._serialized_end=1156 + _globals['_POLICYUPDATE']._serialized_start=1158 + _globals['_POLICYUPDATE']._serialized_end=1276 + _globals['_POLICYREQUEST']._serialized_start=1278 + _globals['_POLICYREQUEST']._serialized_end=1393 + _globals['_POLICYLINK']._serialized_start=1395 + _globals['_POLICYLINK']._serialized_end=1449 + _globals['_SETPOLICYCOLLECTIONREQUEST']._serialized_start=1451 + _globals['_SETPOLICYCOLLECTIONREQUEST']._serialized_end=1520 + _globals['_COLLECTIONVALUE']._serialized_start=1522 + _globals['_COLLECTIONVALUE']._serialized_end=1609 + _globals['_COLLECTIONLINKDATA']._serialized_start=1611 + _globals['_COLLECTIONLINKDATA']._serialized_end=1733 + _globals['_COLLECTIONREQUEST']._serialized_start=1736 + _globals['_COLLECTIONREQUEST']._serialized_end=1876 + _globals['_SETCOLLECTIONLINKREQUEST']._serialized_start=1878 + _globals['_SETCOLLECTIONLINKREQUEST']._serialized_end=2001 + _globals['_APPROVALACTIONREQUEST']._serialized_start=2003 + _globals['_APPROVALACTIONREQUEST']._serialized_end=2073 + _globals['_DEPLOYMENTNODE']._serialized_start=2076 + _globals['_DEPLOYMENTNODE']._serialized_end=2247 + _globals['_AGENTNODE']._serialized_start=2250 + _globals['_AGENTNODE']._serialized_end=2418 + _globals['_POLICYNODE']._serialized_start=2421 + _globals['_POLICYNODE']._serialized_end=2569 + _globals['_COLLECTIONNODE']._serialized_start=2571 + _globals['_COLLECTIONNODE']._serialized_end=2674 + _globals['_COLLECTIONLINK']._serialized_start=2676 + _globals['_COLLECTIONLINK']._serialized_end=2776 + _globals['_APPROVALSTATUSNODE']._serialized_start=2779 + _globals['_APPROVALSTATUSNODE']._serialized_end=2936 + _globals['_APPROVALNODE']._serialized_start=2939 + _globals['_APPROVALNODE']._serialized_end=3118 + _globals['_FULLSYNCTOKEN']._serialized_start=3120 + _globals['_FULLSYNCTOKEN']._serialized_end=3187 + _globals['_INCSYNCTOKEN']._serialized_start=3189 + _globals['_INCSYNCTOKEN']._serialized_end=3225 + _globals['_PEDMSYNCTOKEN']._serialized_start=3227 + _globals['_PEDMSYNCTOKEN']._serialized_end=3331 + _globals['_GETPEDMDATAREQUEST']._serialized_start=3333 + _globals['_GETPEDMDATAREQUEST']._serialized_end=3380 + _globals['_GETPEDMDATARESPONSE']._serialized_start=3383 + _globals['_GETPEDMDATARESPONSE']._serialized_end=3940 + _globals['_POLICYAGENTREQUEST']._serialized_start=3942 + _globals['_POLICYAGENTREQUEST']._serialized_end=4002 + _globals['_POLICYAGENTRESPONSE']._serialized_start=4004 + _globals['_POLICYAGENTRESPONSE']._serialized_end=4063 + _globals['_AUDITCOLLECTIONREQUEST']._serialized_start=4065 + _globals['_AUDITCOLLECTIONREQUEST']._serialized_end=4158 + _globals['_AUDITCOLLECTIONVALUE']._serialized_start=4160 + _globals['_AUDITCOLLECTIONVALUE']._serialized_end=4264 + _globals['_AUDITCOLLECTIONRESPONSE']._serialized_start=4266 + _globals['_AUDITCOLLECTIONRESPONSE']._serialized_end=4379 + _globals['_GETCOLLECTIONLINKREQUEST']._serialized_start=4381 + _globals['_GETCOLLECTIONLINKREQUEST']._serialized_end=4453 + _globals['_GETCOLLECTIONLINKRESPONSE']._serialized_start=4455 + _globals['_GETCOLLECTIONLINKRESPONSE']._serialized_end=4536 + _globals['_GETACTIVEAGENTCOUNTREQUEST']._serialized_start=4538 + _globals['_GETACTIVEAGENTCOUNTREQUEST']._serialized_end=4588 + _globals['_ACTIVEAGENTCOUNT']._serialized_start=4590 + _globals['_ACTIVEAGENTCOUNT']._serialized_end=4652 + _globals['_ACTIVEAGENTFAILURE']._serialized_start=4654 + _globals['_ACTIVEAGENTFAILURE']._serialized_end=4713 + _globals['_GETACTIVEAGENTCOUNTRESPONSE']._serialized_start=4715 + _globals['_GETACTIVEAGENTCOUNTRESPONSE']._serialized_end=4835 + _globals['_GETAGENTDAILYCOUNTREQUEST']._serialized_start=4838 + _globals['_GETAGENTDAILYCOUNTREQUEST']._serialized_end=4973 + _globals['_MONTHYEAR']._serialized_start=4975 + _globals['_MONTHYEAR']._serialized_end=5015 + _globals['_DATERANGE']._serialized_start=5017 + _globals['_DATERANGE']._serialized_end=5056 + _globals['_AGENTDAILYCOUNT']._serialized_start=5058 + _globals['_AGENTDAILYCOUNT']._serialized_end=5109 + _globals['_AGENTCOUNTFORENTERPRISE']._serialized_start=5111 + _globals['_AGENTCOUNTFORENTERPRISE']._serialized_end=5197 + _globals['_GETAGENTDAILYCOUNTRESPONSE']._serialized_start=5199 + _globals['_GETAGENTDAILYCOUNTRESPONSE']._serialized_end=5284 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/pedm_pb2.pyi b/keepersdk-package/src/keepersdk/proto/pedm_pb2.pyi index 7aeeac6e..f38615bf 100644 --- a/keepersdk-package/src/keepersdk/proto/pedm_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/pedm_pb2.pyi @@ -116,26 +116,30 @@ class ModifyAgentRequest(_message.Message): def __init__(self, updateAgent: _Optional[_Iterable[_Union[AgentUpdate, _Mapping]]] = ..., removeAgent: _Optional[_Iterable[bytes]] = ...) -> None: ... class PolicyAdd(_message.Message): - __slots__ = ("policyUid", "plainData", "encryptedData", "encryptedKey") + __slots__ = ("policyUid", "plainData", "encryptedData", "encryptedKey", "disabled") POLICYUID_FIELD_NUMBER: _ClassVar[int] PLAINDATA_FIELD_NUMBER: _ClassVar[int] ENCRYPTEDDATA_FIELD_NUMBER: _ClassVar[int] ENCRYPTEDKEY_FIELD_NUMBER: _ClassVar[int] + DISABLED_FIELD_NUMBER: _ClassVar[int] policyUid: bytes plainData: bytes encryptedData: bytes encryptedKey: bytes - def __init__(self, policyUid: _Optional[bytes] = ..., plainData: _Optional[bytes] = ..., encryptedData: _Optional[bytes] = ..., encryptedKey: _Optional[bytes] = ...) -> None: ... + disabled: bool + def __init__(self, policyUid: _Optional[bytes] = ..., plainData: _Optional[bytes] = ..., encryptedData: _Optional[bytes] = ..., encryptedKey: _Optional[bytes] = ..., disabled: bool = ...) -> None: ... class PolicyUpdate(_message.Message): - __slots__ = ("policyUid", "plainData", "encryptedData") + __slots__ = ("policyUid", "plainData", "encryptedData", "disabled") POLICYUID_FIELD_NUMBER: _ClassVar[int] PLAINDATA_FIELD_NUMBER: _ClassVar[int] ENCRYPTEDDATA_FIELD_NUMBER: _ClassVar[int] + DISABLED_FIELD_NUMBER: _ClassVar[int] policyUid: bytes plainData: bytes encryptedData: bytes - def __init__(self, policyUid: _Optional[bytes] = ..., plainData: _Optional[bytes] = ..., encryptedData: _Optional[bytes] = ...) -> None: ... + disabled: _folder_pb2.SetBooleanValue + def __init__(self, policyUid: _Optional[bytes] = ..., plainData: _Optional[bytes] = ..., encryptedData: _Optional[bytes] = ..., disabled: _Optional[_Union[_folder_pb2.SetBooleanValue, str]] = ...) -> None: ... class PolicyRequest(_message.Message): __slots__ = ("addPolicy", "updatePolicy", "removePolicy") @@ -161,12 +165,6 @@ class SetPolicyCollectionRequest(_message.Message): setCollection: _containers.RepeatedCompositeFieldContainer[PolicyLink] def __init__(self, setCollection: _Optional[_Iterable[_Union[PolicyLink, _Mapping]]] = ...) -> None: ... -class SetPolicyCollectionResponse(_message.Message): - __slots__ = ("setCollectionStatus",) - SETCOLLECTIONSTATUS_FIELD_NUMBER: _ClassVar[int] - setCollectionStatus: _containers.RepeatedCompositeFieldContainer[PedmStatus] - def __init__(self, setCollectionStatus: _Optional[_Iterable[_Union[PedmStatus, _Mapping]]] = ...) -> None: ... - class CollectionValue(_message.Message): __slots__ = ("collectionUid", "collectionType", "encryptedData") COLLECTIONUID_FIELD_NUMBER: _ClassVar[int] @@ -217,16 +215,6 @@ class ApprovalActionRequest(_message.Message): remove: _containers.RepeatedScalarFieldContainer[bytes] def __init__(self, approve: _Optional[_Iterable[bytes]] = ..., deny: _Optional[_Iterable[bytes]] = ..., remove: _Optional[_Iterable[bytes]] = ...) -> None: ... -class ApprovalActionResponse(_message.Message): - __slots__ = ("approve", "deny", "remove") - APPROVE_FIELD_NUMBER: _ClassVar[int] - DENY_FIELD_NUMBER: _ClassVar[int] - REMOVE_FIELD_NUMBER: _ClassVar[int] - approve: _containers.RepeatedCompositeFieldContainer[PedmStatus] - deny: _containers.RepeatedCompositeFieldContainer[PedmStatus] - remove: _containers.RepeatedCompositeFieldContainer[PedmStatus] - def __init__(self, approve: _Optional[_Iterable[_Union[PedmStatus, _Mapping]]] = ..., deny: _Optional[_Iterable[_Union[PedmStatus, _Mapping]]] = ..., remove: _Optional[_Iterable[_Union[PedmStatus, _Mapping]]] = ...) -> None: ... - class DeploymentNode(_message.Message): __slots__ = ("deploymentUid", "disabled", "aesKey", "ecPublicKey", "encryptedData", "agentData", "created", "modified") DEPLOYMENTUID_FIELD_NUMBER: _ClassVar[int] @@ -268,20 +256,22 @@ class AgentNode(_message.Message): def __init__(self, agentUid: _Optional[bytes] = ..., machineId: _Optional[str] = ..., deploymentUid: _Optional[bytes] = ..., ecPublicKey: _Optional[bytes] = ..., disabled: bool = ..., encryptedData: _Optional[bytes] = ..., created: _Optional[int] = ..., modified: _Optional[int] = ...) -> None: ... class PolicyNode(_message.Message): - __slots__ = ("policyUid", "plainData", "encryptedData", "encryptedKey", "created", "modified") + __slots__ = ("policyUid", "plainData", "encryptedData", "encryptedKey", "created", "modified", "disabled") POLICYUID_FIELD_NUMBER: _ClassVar[int] PLAINDATA_FIELD_NUMBER: _ClassVar[int] ENCRYPTEDDATA_FIELD_NUMBER: _ClassVar[int] ENCRYPTEDKEY_FIELD_NUMBER: _ClassVar[int] CREATED_FIELD_NUMBER: _ClassVar[int] MODIFIED_FIELD_NUMBER: _ClassVar[int] + DISABLED_FIELD_NUMBER: _ClassVar[int] policyUid: bytes plainData: bytes encryptedData: bytes encryptedKey: bytes created: int modified: int - def __init__(self, policyUid: _Optional[bytes] = ..., plainData: _Optional[bytes] = ..., encryptedData: _Optional[bytes] = ..., encryptedKey: _Optional[bytes] = ..., created: _Optional[int] = ..., modified: _Optional[int] = ...) -> None: ... + disabled: bool + def __init__(self, policyUid: _Optional[bytes] = ..., plainData: _Optional[bytes] = ..., encryptedData: _Optional[bytes] = ..., encryptedKey: _Optional[bytes] = ..., created: _Optional[int] = ..., modified: _Optional[int] = ..., disabled: bool = ...) -> None: ... class CollectionNode(_message.Message): __slots__ = ("collectionUid", "collectionType", "encryptedData", "created") @@ -403,6 +393,22 @@ class GetPedmDataResponse(_message.Message): approvalStatus: _containers.RepeatedCompositeFieldContainer[ApprovalStatusNode] def __init__(self, continuationToken: _Optional[bytes] = ..., resetCache: bool = ..., hasMore: bool = ..., removedDeployments: _Optional[_Iterable[bytes]] = ..., removedAgents: _Optional[_Iterable[bytes]] = ..., removedPolicies: _Optional[_Iterable[bytes]] = ..., removedCollection: _Optional[_Iterable[bytes]] = ..., removedCollectionLink: _Optional[_Iterable[_Union[CollectionLink, _Mapping]]] = ..., removedApprovals: _Optional[_Iterable[bytes]] = ..., deployments: _Optional[_Iterable[_Union[DeploymentNode, _Mapping]]] = ..., agents: _Optional[_Iterable[_Union[AgentNode, _Mapping]]] = ..., policies: _Optional[_Iterable[_Union[PolicyNode, _Mapping]]] = ..., collections: _Optional[_Iterable[_Union[CollectionNode, _Mapping]]] = ..., collectionLink: _Optional[_Iterable[_Union[CollectionLink, _Mapping]]] = ..., approvals: _Optional[_Iterable[_Union[ApprovalNode, _Mapping]]] = ..., approvalStatus: _Optional[_Iterable[_Union[ApprovalStatusNode, _Mapping]]] = ...) -> None: ... +class PolicyAgentRequest(_message.Message): + __slots__ = ("policyUid", "summaryOnly") + POLICYUID_FIELD_NUMBER: _ClassVar[int] + SUMMARYONLY_FIELD_NUMBER: _ClassVar[int] + policyUid: _containers.RepeatedScalarFieldContainer[bytes] + summaryOnly: bool + def __init__(self, policyUid: _Optional[_Iterable[bytes]] = ..., summaryOnly: bool = ...) -> None: ... + +class PolicyAgentResponse(_message.Message): + __slots__ = ("agentCount", "agentUid") + AGENTCOUNT_FIELD_NUMBER: _ClassVar[int] + AGENTUID_FIELD_NUMBER: _ClassVar[int] + agentCount: int + agentUid: _containers.RepeatedScalarFieldContainer[bytes] + def __init__(self, agentCount: _Optional[int] = ..., agentUid: _Optional[_Iterable[bytes]] = ...) -> None: ... + class AuditCollectionRequest(_message.Message): __slots__ = ("continuationToken", "valueUid", "collectionName") CONTINUATIONTOKEN_FIELD_NUMBER: _ClassVar[int] @@ -434,3 +440,93 @@ class AuditCollectionResponse(_message.Message): hasMore: bool continuationToken: bytes def __init__(self, values: _Optional[_Iterable[_Union[AuditCollectionValue, _Mapping]]] = ..., hasMore: bool = ..., continuationToken: _Optional[bytes] = ...) -> None: ... + +class GetCollectionLinkRequest(_message.Message): + __slots__ = ("collectionLink",) + COLLECTIONLINK_FIELD_NUMBER: _ClassVar[int] + collectionLink: _containers.RepeatedCompositeFieldContainer[CollectionLink] + def __init__(self, collectionLink: _Optional[_Iterable[_Union[CollectionLink, _Mapping]]] = ...) -> None: ... + +class GetCollectionLinkResponse(_message.Message): + __slots__ = ("collectionLinkData",) + COLLECTIONLINKDATA_FIELD_NUMBER: _ClassVar[int] + collectionLinkData: _containers.RepeatedCompositeFieldContainer[CollectionLinkData] + def __init__(self, collectionLinkData: _Optional[_Iterable[_Union[CollectionLinkData, _Mapping]]] = ...) -> None: ... + +class GetActiveAgentCountRequest(_message.Message): + __slots__ = ("enterpriseId",) + ENTERPRISEID_FIELD_NUMBER: _ClassVar[int] + enterpriseId: _containers.RepeatedScalarFieldContainer[int] + def __init__(self, enterpriseId: _Optional[_Iterable[int]] = ...) -> None: ... + +class ActiveAgentCount(_message.Message): + __slots__ = ("enterpriseId", "activeAgents") + ENTERPRISEID_FIELD_NUMBER: _ClassVar[int] + ACTIVEAGENTS_FIELD_NUMBER: _ClassVar[int] + enterpriseId: int + activeAgents: int + def __init__(self, enterpriseId: _Optional[int] = ..., activeAgents: _Optional[int] = ...) -> None: ... + +class ActiveAgentFailure(_message.Message): + __slots__ = ("enterpriseId", "message") + ENTERPRISEID_FIELD_NUMBER: _ClassVar[int] + MESSAGE_FIELD_NUMBER: _ClassVar[int] + enterpriseId: int + message: str + def __init__(self, enterpriseId: _Optional[int] = ..., message: _Optional[str] = ...) -> None: ... + +class GetActiveAgentCountResponse(_message.Message): + __slots__ = ("agentCount", "failedCount") + AGENTCOUNT_FIELD_NUMBER: _ClassVar[int] + FAILEDCOUNT_FIELD_NUMBER: _ClassVar[int] + agentCount: _containers.RepeatedCompositeFieldContainer[ActiveAgentCount] + failedCount: _containers.RepeatedCompositeFieldContainer[ActiveAgentFailure] + def __init__(self, agentCount: _Optional[_Iterable[_Union[ActiveAgentCount, _Mapping]]] = ..., failedCount: _Optional[_Iterable[_Union[ActiveAgentFailure, _Mapping]]] = ...) -> None: ... + +class GetAgentDailyCountRequest(_message.Message): + __slots__ = ("enterpriseId", "monthYear", "dateRange") + ENTERPRISEID_FIELD_NUMBER: _ClassVar[int] + MONTHYEAR_FIELD_NUMBER: _ClassVar[int] + DATERANGE_FIELD_NUMBER: _ClassVar[int] + enterpriseId: _containers.RepeatedScalarFieldContainer[int] + monthYear: MonthYear + dateRange: DateRange + def __init__(self, enterpriseId: _Optional[_Iterable[int]] = ..., monthYear: _Optional[_Union[MonthYear, _Mapping]] = ..., dateRange: _Optional[_Union[DateRange, _Mapping]] = ...) -> None: ... + +class MonthYear(_message.Message): + __slots__ = ("month", "year") + MONTH_FIELD_NUMBER: _ClassVar[int] + YEAR_FIELD_NUMBER: _ClassVar[int] + month: int + year: int + def __init__(self, month: _Optional[int] = ..., year: _Optional[int] = ...) -> None: ... + +class DateRange(_message.Message): + __slots__ = ("start", "end") + START_FIELD_NUMBER: _ClassVar[int] + END_FIELD_NUMBER: _ClassVar[int] + start: int + end: int + def __init__(self, start: _Optional[int] = ..., end: _Optional[int] = ...) -> None: ... + +class AgentDailyCount(_message.Message): + __slots__ = ("date", "agentCount") + DATE_FIELD_NUMBER: _ClassVar[int] + AGENTCOUNT_FIELD_NUMBER: _ClassVar[int] + date: int + agentCount: int + def __init__(self, date: _Optional[int] = ..., agentCount: _Optional[int] = ...) -> None: ... + +class AgentCountForEnterprise(_message.Message): + __slots__ = ("enterpriseId", "counts") + ENTERPRISEID_FIELD_NUMBER: _ClassVar[int] + COUNTS_FIELD_NUMBER: _ClassVar[int] + enterpriseId: int + counts: _containers.RepeatedCompositeFieldContainer[AgentDailyCount] + def __init__(self, enterpriseId: _Optional[int] = ..., counts: _Optional[_Iterable[_Union[AgentDailyCount, _Mapping]]] = ...) -> None: ... + +class GetAgentDailyCountResponse(_message.Message): + __slots__ = ("enterpriseCounts",) + ENTERPRISECOUNTS_FIELD_NUMBER: _ClassVar[int] + enterpriseCounts: _containers.RepeatedCompositeFieldContainer[AgentCountForEnterprise] + def __init__(self, enterpriseCounts: _Optional[_Iterable[_Union[AgentCountForEnterprise, _Mapping]]] = ...) -> None: ... diff --git a/keepersdk-package/src/keepersdk/proto/record_pb2.py b/keepersdk-package/src/keepersdk/proto/record_pb2.py index d908a34c..f32a5415 100644 --- a/keepersdk-package/src/keepersdk/proto/record_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/record_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: record.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'record.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() diff --git a/keepersdk-package/src/keepersdk/proto/router_pb2.py b/keepersdk-package/src/keepersdk/proto/router_pb2.py index 2b1c2837..d98e1ae9 100644 --- a/keepersdk-package/src/keepersdk/proto/router_pb2.py +++ b/keepersdk-package/src/keepersdk/proto/router_pb2.py @@ -2,13 +2,21 @@ # Generated by the protocol buffer compiler. DO NOT EDIT! # NO CHECKED-IN PROTOBUF GENCODE # source: router.proto -# Protobuf Python Version: 5.29.3 +# Protobuf Python Version: 5.29.5 """Generated protocol buffer code.""" from google.protobuf import descriptor as _descriptor from google.protobuf import descriptor_pool as _descriptor_pool +from google.protobuf import runtime_version as _runtime_version from google.protobuf import symbol_database as _symbol_database from google.protobuf.internal import builder as _builder - +_runtime_version.ValidateProtobufRuntimeVersion( + _runtime_version.Domain.PUBLIC, + 5, + 29, + 5, + '', + 'router.proto' +) # @@protoc_insertion_point(imports) _sym_db = _symbol_database.Default() @@ -17,7 +25,7 @@ from . import pam_pb2 as pam__pb2 -DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0crouter.proto\x12\x06Router\x1a\tpam.proto\"r\n\x0eRouterResponse\x12\x30\n\x0cresponseCode\x18\x01 \x01(\x0e\x32\x1a.Router.RouterResponseCode\x12\x14\n\x0c\x65rrorMessage\x18\x02 \x01(\t\x12\x18\n\x10\x65ncryptedPayload\x18\x03 \x01(\x0c\"\xaf\x01\n\x17RouterControllerMessage\x12/\n\x0bmessageType\x18\x01 \x01(\x0e\x32\x1a.PAM.ControllerMessageType\x12\x12\n\nmessageUid\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x16\n\x0estreamResponse\x18\x04 \x01(\x08\x12\x0f\n\x07payload\x18\x05 \x01(\x0c\x12\x0f\n\x07timeout\x18\x06 \x01(\x05\"\x99\x02\n\x0eRouterUserAuth\x12\x17\n\x0ftransmissionKey\x18\x01 \x01(\x0c\x12\x14\n\x0csessionToken\x18\x02 \x01(\x0c\x12\x0e\n\x06userId\x18\x03 \x01(\x05\x12\x18\n\x10\x65nterpriseUserId\x18\x04 \x01(\x03\x12\x12\n\ndeviceName\x18\x05 \x01(\t\x12\x13\n\x0b\x64\x65viceToken\x18\x06 \x01(\x0c\x12\x17\n\x0f\x63lientVersionId\x18\x07 \x01(\x05\x12\x14\n\x0cneedUsername\x18\x08 \x01(\x08\x12\x10\n\x08username\x18\t \x01(\t\x12\x17\n\x0fmspEnterpriseId\x18\n \x01(\x05\x12\x13\n\x0bisPedmAdmin\x18\x0b \x01(\x08\x12\x16\n\x0emcEnterpriseId\x18\x0c \x01(\x05\"\x83\x02\n\x10RouterDeviceAuth\x12\x10\n\x08\x63lientId\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x11\n\tsignature\x18\x03 \x01(\x0c\x12\x14\n\x0c\x65nterpriseId\x18\x04 \x01(\x05\x12\x0e\n\x06nodeId\x18\x05 \x01(\x03\x12\x12\n\ndeviceName\x18\x06 \x01(\t\x12\x13\n\x0b\x64\x65viceToken\x18\x07 \x01(\x0c\x12\x16\n\x0e\x63ontrollerName\x18\x08 \x01(\t\x12\x15\n\rcontrollerUid\x18\t \x01(\x0c\x12\x11\n\townerUser\x18\n \x01(\t\x12\x11\n\tchallenge\x18\x0b \x01(\t\x12\x0f\n\x07ownerId\x18\x0c \x01(\x05\"\x83\x01\n\x14RouterRecordRotation\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x63onfigurationUid\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x13\n\x0bresourceUid\x18\x04 \x01(\x0c\x12\x12\n\nnoSchedule\x18\x05 \x01(\x08\"E\n\x1cRouterRecordRotationsRequest\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x0f\n\x07records\x18\x02 \x03(\x0c\"a\n\x1dRouterRecordRotationsResponse\x12/\n\trotations\x18\x01 \x03(\x0b\x32\x1c.Router.RouterRecordRotation\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\"\xed\x01\n\x12RouterRotationInfo\x12,\n\x06status\x18\x01 \x01(\x0e\x32\x1c.Router.RouterRotationStatus\x12\x18\n\x10\x63onfigurationUid\x18\x02 \x01(\x0c\x12\x13\n\x0bresourceUid\x18\x03 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x04 \x01(\x03\x12\x15\n\rcontrollerUid\x18\x05 \x01(\x0c\x12\x16\n\x0e\x63ontrollerName\x18\x06 \x01(\t\x12\x12\n\nscriptName\x18\x07 \x01(\t\x12\x15\n\rpwdComplexity\x18\x08 \x01(\t\x12\x10\n\x08\x64isabled\x18\t \x01(\x08\"\x84\x02\n\x1bRouterRecordRotationRequest\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x18\n\x10\x63onfigurationUid\x18\x03 \x01(\x0c\x12\x13\n\x0bresourceUid\x18\x04 \x01(\x0c\x12\x10\n\x08schedule\x18\x05 \x01(\t\x12\x18\n\x10\x65nterpriseUserId\x18\x06 \x01(\x03\x12\x15\n\rpwdComplexity\x18\x07 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x08 \x01(\x08\x12\x15\n\rremoteAddress\x18\t \x01(\t\x12\x17\n\x0f\x63lientVersionId\x18\n \x01(\x05\x12\x0c\n\x04noop\x18\x0b \x01(\x08\"<\n\x17UserRecordAccessRequest\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\"a\n\x18UserRecordAccessResponse\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x32\n\x0b\x61\x63\x63\x65ssLevel\x18\x02 \x01(\x0e\x32\x1d.Router.UserRecordAccessLevel\"8\n\x10RotationSchedule\x12\x12\n\nrecord_uid\x18\x01 \x01(\x0c\x12\x10\n\x08schedule\x18\x02 \x01(\t\"\x90\x01\n\x12\x41piCallbackRequest\x12\x13\n\x0bresourceUid\x18\x01 \x01(\x0c\x12.\n\tschedules\x18\x02 \x03(\x0b\x32\x1b.Router.ApiCallbackSchedule\x12\x0b\n\x03url\x18\x03 \x01(\t\x12(\n\x0bserviceType\x18\x04 \x01(\x0e\x32\x13.Router.ServiceType\"5\n\x13\x41piCallbackSchedule\x12\x10\n\x08schedule\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"@\n\x16RouterScheduledActions\x12\x10\n\x08schedule\x18\x01 \x01(\t\x12\x14\n\x0cresourceUids\x18\x02 \x03(\x0c\"Y\n\x1cRouterRecordsRotationRequest\x12\x39\n\x11rotationSchedules\x18\x01 \x03(\x0b\x32\x1e.Router.RouterScheduledActions\"\x85\x01\n\x14\x43onnectionParameters\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x0e\n\x06userId\x18\x03 \x01(\x05\x12\x15\n\rcontrollerUid\x18\x04 \x01(\x0c\x12\x1c\n\x14\x63redentialsRecordUid\x18\x05 \x01(\x0c\"O\n\x1aValidateConnectionsRequest\x12\x31\n\x0b\x63onnections\x18\x01 \x03(\x0b\x32\x1c.Router.ConnectionParameters\"J\n\x1b\x43onnectionValidationFailure\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12\x14\n\x0c\x65rrorMessage\x18\x02 \x01(\t\"]\n\x1bValidateConnectionsResponse\x12>\n\x11\x66\x61iledConnections\x18\x01 \x03(\x0b\x32#.Router.ConnectionValidationFailure\"1\n\x15GetEnforcementRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\";\n\x0f\x45nforcementType\x12\x19\n\x11\x65nforcementTypeId\x18\x01 \x01(\x05\x12\r\n\x05value\x18\x02 \x01(\t\"p\n\x16GetEnforcementResponse\x12\x31\n\x10\x65nforcementTypes\x18\x01 \x03(\x0b\x32\x17.Router.EnforcementType\x12\x10\n\x08\x61\x64\x64OnIds\x18\x02 \x03(\x05\x12\x11\n\tisInTrial\x18\x03 \x01(\x08\"O\n\x17PEDMTOTPValidateRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x14\n\x0c\x65nterpriseId\x18\x02 \x01(\x05\x12\x0c\n\x04\x63ode\x18\x03 \x01(\x05*\x98\x02\n\x12RouterResponseCode\x12\n\n\x06RRC_OK\x10\x00\x12\x15\n\x11RRC_GENERAL_ERROR\x10\x01\x12\x13\n\x0fRRC_NOT_ALLOWED\x10\x02\x12\x13\n\x0fRRC_BAD_REQUEST\x10\x03\x12\x0f\n\x0bRRC_TIMEOUT\x10\x04\x12\x11\n\rRRC_BAD_STATE\x10\x05\x12\x17\n\x13RRC_CONTROLLER_DOWN\x10\x06\x12\x16\n\x12RRC_WRONG_INSTANCE\x10\x07\x12+\n\'RRC_NOT_ALLOWED_ENFORCEMENT_NOT_ENABLED\x10\x08\x12\x33\n/RRC_NOT_ALLOWED_PAM_CONFIG_FEATURES_NOT_ENABLED\x10\t*k\n\x14RouterRotationStatus\x12\x0e\n\nRRS_ONLINE\x10\x00\x12\x13\n\x0fRRS_NO_ROTATION\x10\x01\x12\x15\n\x11RRS_NO_CONTROLLER\x10\x02\x12\x17\n\x13RRS_CONTROLLER_DOWN\x10\x03*}\n\x15UserRecordAccessLevel\x12\r\n\tRRAL_NONE\x10\x00\x12\r\n\tRRAL_READ\x10\x01\x12\x0e\n\nRRAL_SHARE\x10\x02\x12\r\n\tRRAL_EDIT\x10\x03\x12\x17\n\x13RRAL_EDIT_AND_SHARE\x10\x04\x12\x0e\n\nRRAL_OWNER\x10\x05*.\n\x0bServiceType\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x06\n\x02KA\x10\x01\x12\x06\n\x02\x42I\x10\x02\x42\"\n\x18\x63om.keepersecurity.protoB\x06Routerb\x06proto3') +DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x0crouter.proto\x12\x06Router\x1a\tpam.proto\"r\n\x0eRouterResponse\x12\x30\n\x0cresponseCode\x18\x01 \x01(\x0e\x32\x1a.Router.RouterResponseCode\x12\x14\n\x0c\x65rrorMessage\x18\x02 \x01(\t\x12\x18\n\x10\x65ncryptedPayload\x18\x03 \x01(\x0c\"\xaf\x01\n\x17RouterControllerMessage\x12/\n\x0bmessageType\x18\x01 \x01(\x0e\x32\x1a.PAM.ControllerMessageType\x12\x12\n\nmessageUid\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x16\n\x0estreamResponse\x18\x04 \x01(\x08\x12\x0f\n\x07payload\x18\x05 \x01(\x0c\x12\x0f\n\x07timeout\x18\x06 \x01(\x05\"\x99\x02\n\x0eRouterUserAuth\x12\x17\n\x0ftransmissionKey\x18\x01 \x01(\x0c\x12\x14\n\x0csessionToken\x18\x02 \x01(\x0c\x12\x0e\n\x06userId\x18\x03 \x01(\x05\x12\x18\n\x10\x65nterpriseUserId\x18\x04 \x01(\x03\x12\x12\n\ndeviceName\x18\x05 \x01(\t\x12\x13\n\x0b\x64\x65viceToken\x18\x06 \x01(\x0c\x12\x17\n\x0f\x63lientVersionId\x18\x07 \x01(\x05\x12\x14\n\x0cneedUsername\x18\x08 \x01(\x08\x12\x10\n\x08username\x18\t \x01(\t\x12\x17\n\x0fmspEnterpriseId\x18\n \x01(\x05\x12\x13\n\x0bisPedmAdmin\x18\x0b \x01(\x08\x12\x16\n\x0emcEnterpriseId\x18\x0c \x01(\x05\"\x9d\x02\n\x10RouterDeviceAuth\x12\x10\n\x08\x63lientId\x18\x01 \x01(\t\x12\x15\n\rclientVersion\x18\x02 \x01(\t\x12\x11\n\tsignature\x18\x03 \x01(\x0c\x12\x14\n\x0c\x65nterpriseId\x18\x04 \x01(\x05\x12\x0e\n\x06nodeId\x18\x05 \x01(\x03\x12\x12\n\ndeviceName\x18\x06 \x01(\t\x12\x13\n\x0b\x64\x65viceToken\x18\x07 \x01(\x0c\x12\x16\n\x0e\x63ontrollerName\x18\x08 \x01(\t\x12\x15\n\rcontrollerUid\x18\t \x01(\x0c\x12\x11\n\townerUser\x18\n \x01(\t\x12\x11\n\tchallenge\x18\x0b \x01(\t\x12\x0f\n\x07ownerId\x18\x0c \x01(\x05\x12\x18\n\x10maxInstanceCount\x18\r \x01(\x05\"\x83\x01\n\x14RouterRecordRotation\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x18\n\x10\x63onfigurationUid\x18\x02 \x01(\x0c\x12\x15\n\rcontrollerUid\x18\x03 \x01(\x0c\x12\x13\n\x0bresourceUid\x18\x04 \x01(\x0c\x12\x12\n\nnoSchedule\x18\x05 \x01(\x08\"E\n\x1cRouterRecordRotationsRequest\x12\x14\n\x0c\x65nterpriseId\x18\x01 \x01(\x05\x12\x0f\n\x07records\x18\x02 \x03(\x0c\"a\n\x1dRouterRecordRotationsResponse\x12/\n\trotations\x18\x01 \x03(\x0b\x32\x1c.Router.RouterRecordRotation\x12\x0f\n\x07hasMore\x18\x02 \x01(\x08\"\xed\x01\n\x12RouterRotationInfo\x12,\n\x06status\x18\x01 \x01(\x0e\x32\x1c.Router.RouterRotationStatus\x12\x18\n\x10\x63onfigurationUid\x18\x02 \x01(\x0c\x12\x13\n\x0bresourceUid\x18\x03 \x01(\x0c\x12\x0e\n\x06nodeId\x18\x04 \x01(\x03\x12\x15\n\rcontrollerUid\x18\x05 \x01(\x0c\x12\x16\n\x0e\x63ontrollerName\x18\x06 \x01(\t\x12\x12\n\nscriptName\x18\x07 \x01(\t\x12\x15\n\rpwdComplexity\x18\x08 \x01(\t\x12\x10\n\x08\x64isabled\x18\t \x01(\x08\"\x84\x02\n\x1bRouterRecordRotationRequest\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x10\n\x08revision\x18\x02 \x01(\x03\x12\x18\n\x10\x63onfigurationUid\x18\x03 \x01(\x0c\x12\x13\n\x0bresourceUid\x18\x04 \x01(\x0c\x12\x10\n\x08schedule\x18\x05 \x01(\t\x12\x18\n\x10\x65nterpriseUserId\x18\x06 \x01(\x03\x12\x15\n\rpwdComplexity\x18\x07 \x01(\x0c\x12\x10\n\x08\x64isabled\x18\x08 \x01(\x08\x12\x15\n\rremoteAddress\x18\t \x01(\t\x12\x17\n\x0f\x63lientVersionId\x18\n \x01(\x05\x12\x0c\n\x04noop\x18\x0b \x01(\x08\"<\n\x17UserRecordAccessRequest\x12\x0e\n\x06userId\x18\x01 \x01(\x05\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\"a\n\x18UserRecordAccessResponse\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x32\n\x0b\x61\x63\x63\x65ssLevel\x18\x02 \x01(\x0e\x32\x1d.Router.UserRecordAccessLevel\"M\n\x18UserRecordAccessRequests\x12\x31\n\x08requests\x18\x01 \x03(\x0b\x32\x1f.Router.UserRecordAccessRequest\"P\n\x19UserRecordAccessResponses\x12\x33\n\tresponses\x18\x01 \x03(\x0b\x32 .Router.UserRecordAccessResponse\"8\n\x10RotationSchedule\x12\x12\n\nrecord_uid\x18\x01 \x01(\x0c\x12\x10\n\x08schedule\x18\x02 \x01(\t\"\x90\x01\n\x12\x41piCallbackRequest\x12\x13\n\x0bresourceUid\x18\x01 \x01(\x0c\x12.\n\tschedules\x18\x02 \x03(\x0b\x32\x1b.Router.ApiCallbackSchedule\x12\x0b\n\x03url\x18\x03 \x01(\t\x12(\n\x0bserviceType\x18\x04 \x01(\x0e\x32\x13.Router.ServiceType\"5\n\x13\x41piCallbackSchedule\x12\x10\n\x08schedule\x18\x01 \x01(\t\x12\x0c\n\x04\x64\x61ta\x18\x02 \x01(\x0c\"@\n\x16RouterScheduledActions\x12\x10\n\x08schedule\x18\x01 \x01(\t\x12\x14\n\x0cresourceUids\x18\x02 \x03(\x0c\"Y\n\x1cRouterRecordsRotationRequest\x12\x39\n\x11rotationSchedules\x18\x01 \x03(\x0b\x32\x1e.Router.RouterScheduledActions\"\x85\x01\n\x14\x43onnectionParameters\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12\x11\n\trecordUid\x18\x02 \x01(\x0c\x12\x0e\n\x06userId\x18\x03 \x01(\x05\x12\x15\n\rcontrollerUid\x18\x04 \x01(\x0c\x12\x1c\n\x14\x63redentialsRecordUid\x18\x05 \x01(\x0c\"O\n\x1aValidateConnectionsRequest\x12\x31\n\x0b\x63onnections\x18\x01 \x03(\x0b\x32\x1c.Router.ConnectionParameters\"J\n\x1b\x43onnectionValidationFailure\x12\x15\n\rconnectionUid\x18\x01 \x01(\x0c\x12\x14\n\x0c\x65rrorMessage\x18\x02 \x01(\t\"]\n\x1bValidateConnectionsResponse\x12>\n\x11\x66\x61iledConnections\x18\x01 \x03(\x0b\x32#.Router.ConnectionValidationFailure\"1\n\x15GetEnforcementRequest\x12\x18\n\x10\x65nterpriseUserId\x18\x01 \x01(\x03\";\n\x0f\x45nforcementType\x12\x19\n\x11\x65nforcementTypeId\x18\x01 \x01(\x05\x12\r\n\x05value\x18\x02 \x01(\t\"p\n\x16GetEnforcementResponse\x12\x31\n\x10\x65nforcementTypes\x18\x01 \x03(\x0b\x32\x17.Router.EnforcementType\x12\x10\n\x08\x61\x64\x64OnIds\x18\x02 \x03(\x05\x12\x11\n\tisInTrial\x18\x03 \x01(\x08\"O\n\x17PEDMTOTPValidateRequest\x12\x10\n\x08username\x18\x01 \x01(\t\x12\x14\n\x0c\x65nterpriseId\x18\x02 \x01(\x05\x12\x0c\n\x04\x63ode\x18\x03 \x01(\x05\"H\n\x18GetPEDMAdminInfoResponse\x12\x13\n\x0bisPedmAdmin\x18\x01 \x01(\x08\x12\x17\n\x0fpedmAddonActive\x18\x02 \x01(\x08\"-\n\x12PAMNetworkSettings\x12\x17\n\x0f\x61llowedSettings\x18\x01 \x01(\x0c\"\xe4\x01\n\x1ePAMNetworkConfigurationRequest\x12\x11\n\trecordUid\x18\x01 \x01(\x0c\x12\x38\n\x0fnetworkSettings\x18\x02 \x01(\x0b\x32\x1a.Router.PAMNetworkSettingsH\x00\x88\x01\x01\x12)\n\tresources\x18\x03 \x03(\x0b\x32\x16.PAM.PAMResourceConfig\x12\x36\n\trotations\x18\x04 \x03(\x0b\x32#.Router.RouterRecordRotationRequestB\x12\n\x10_networkSettings*\x98\x02\n\x12RouterResponseCode\x12\n\n\x06RRC_OK\x10\x00\x12\x15\n\x11RRC_GENERAL_ERROR\x10\x01\x12\x13\n\x0fRRC_NOT_ALLOWED\x10\x02\x12\x13\n\x0fRRC_BAD_REQUEST\x10\x03\x12\x0f\n\x0bRRC_TIMEOUT\x10\x04\x12\x11\n\rRRC_BAD_STATE\x10\x05\x12\x17\n\x13RRC_CONTROLLER_DOWN\x10\x06\x12\x16\n\x12RRC_WRONG_INSTANCE\x10\x07\x12+\n\'RRC_NOT_ALLOWED_ENFORCEMENT_NOT_ENABLED\x10\x08\x12\x33\n/RRC_NOT_ALLOWED_PAM_CONFIG_FEATURES_NOT_ENABLED\x10\t*k\n\x14RouterRotationStatus\x12\x0e\n\nRRS_ONLINE\x10\x00\x12\x13\n\x0fRRS_NO_ROTATION\x10\x01\x12\x15\n\x11RRS_NO_CONTROLLER\x10\x02\x12\x17\n\x13RRS_CONTROLLER_DOWN\x10\x03*}\n\x15UserRecordAccessLevel\x12\r\n\tRRAL_NONE\x10\x00\x12\r\n\tRRAL_READ\x10\x01\x12\x0e\n\nRRAL_SHARE\x10\x02\x12\r\n\tRRAL_EDIT\x10\x03\x12\x17\n\x13RRAL_EDIT_AND_SHARE\x10\x04\x12\x0e\n\nRRAL_OWNER\x10\x05*.\n\x0bServiceType\x12\x0f\n\x0bUNSPECIFIED\x10\x00\x12\x06\n\x02KA\x10\x01\x12\x06\n\x02\x42I\x10\x02\x42\"\n\x18\x63om.keepersecurity.protoB\x06Routerb\x06proto3') _globals = globals() _builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, _globals) @@ -25,14 +33,14 @@ if not _descriptor._USE_C_DESCRIPTORS: _globals['DESCRIPTOR']._loaded_options = None _globals['DESCRIPTOR']._serialized_options = b'\n\030com.keepersecurity.protoB\006Router' - _globals['_ROUTERRESPONSECODE']._serialized_start=2956 - _globals['_ROUTERRESPONSECODE']._serialized_end=3236 - _globals['_ROUTERROTATIONSTATUS']._serialized_start=3238 - _globals['_ROUTERROTATIONSTATUS']._serialized_end=3345 - _globals['_USERRECORDACCESSLEVEL']._serialized_start=3347 - _globals['_USERRECORDACCESSLEVEL']._serialized_end=3472 - _globals['_SERVICETYPE']._serialized_start=3474 - _globals['_SERVICETYPE']._serialized_end=3520 + _globals['_ROUTERRESPONSECODE']._serialized_start=3495 + _globals['_ROUTERRESPONSECODE']._serialized_end=3775 + _globals['_ROUTERROTATIONSTATUS']._serialized_start=3777 + _globals['_ROUTERROTATIONSTATUS']._serialized_end=3884 + _globals['_USERRECORDACCESSLEVEL']._serialized_start=3886 + _globals['_USERRECORDACCESSLEVEL']._serialized_end=4011 + _globals['_SERVICETYPE']._serialized_start=4013 + _globals['_SERVICETYPE']._serialized_end=4059 _globals['_ROUTERRESPONSE']._serialized_start=35 _globals['_ROUTERRESPONSE']._serialized_end=149 _globals['_ROUTERCONTROLLERMESSAGE']._serialized_start=152 @@ -40,45 +48,55 @@ _globals['_ROUTERUSERAUTH']._serialized_start=330 _globals['_ROUTERUSERAUTH']._serialized_end=611 _globals['_ROUTERDEVICEAUTH']._serialized_start=614 - _globals['_ROUTERDEVICEAUTH']._serialized_end=873 - _globals['_ROUTERRECORDROTATION']._serialized_start=876 - _globals['_ROUTERRECORDROTATION']._serialized_end=1007 - _globals['_ROUTERRECORDROTATIONSREQUEST']._serialized_start=1009 - _globals['_ROUTERRECORDROTATIONSREQUEST']._serialized_end=1078 - _globals['_ROUTERRECORDROTATIONSRESPONSE']._serialized_start=1080 - _globals['_ROUTERRECORDROTATIONSRESPONSE']._serialized_end=1177 - _globals['_ROUTERROTATIONINFO']._serialized_start=1180 - _globals['_ROUTERROTATIONINFO']._serialized_end=1417 - _globals['_ROUTERRECORDROTATIONREQUEST']._serialized_start=1420 - _globals['_ROUTERRECORDROTATIONREQUEST']._serialized_end=1680 - _globals['_USERRECORDACCESSREQUEST']._serialized_start=1682 - _globals['_USERRECORDACCESSREQUEST']._serialized_end=1742 - _globals['_USERRECORDACCESSRESPONSE']._serialized_start=1744 - _globals['_USERRECORDACCESSRESPONSE']._serialized_end=1841 - _globals['_ROTATIONSCHEDULE']._serialized_start=1843 - _globals['_ROTATIONSCHEDULE']._serialized_end=1899 - _globals['_APICALLBACKREQUEST']._serialized_start=1902 - _globals['_APICALLBACKREQUEST']._serialized_end=2046 - _globals['_APICALLBACKSCHEDULE']._serialized_start=2048 - _globals['_APICALLBACKSCHEDULE']._serialized_end=2101 - _globals['_ROUTERSCHEDULEDACTIONS']._serialized_start=2103 - _globals['_ROUTERSCHEDULEDACTIONS']._serialized_end=2167 - _globals['_ROUTERRECORDSROTATIONREQUEST']._serialized_start=2169 - _globals['_ROUTERRECORDSROTATIONREQUEST']._serialized_end=2258 - _globals['_CONNECTIONPARAMETERS']._serialized_start=2261 - _globals['_CONNECTIONPARAMETERS']._serialized_end=2394 - _globals['_VALIDATECONNECTIONSREQUEST']._serialized_start=2396 - _globals['_VALIDATECONNECTIONSREQUEST']._serialized_end=2475 - _globals['_CONNECTIONVALIDATIONFAILURE']._serialized_start=2477 - _globals['_CONNECTIONVALIDATIONFAILURE']._serialized_end=2551 - _globals['_VALIDATECONNECTIONSRESPONSE']._serialized_start=2553 - _globals['_VALIDATECONNECTIONSRESPONSE']._serialized_end=2646 - _globals['_GETENFORCEMENTREQUEST']._serialized_start=2648 - _globals['_GETENFORCEMENTREQUEST']._serialized_end=2697 - _globals['_ENFORCEMENTTYPE']._serialized_start=2699 - _globals['_ENFORCEMENTTYPE']._serialized_end=2758 - _globals['_GETENFORCEMENTRESPONSE']._serialized_start=2760 - _globals['_GETENFORCEMENTRESPONSE']._serialized_end=2872 - _globals['_PEDMTOTPVALIDATEREQUEST']._serialized_start=2874 - _globals['_PEDMTOTPVALIDATEREQUEST']._serialized_end=2953 + _globals['_ROUTERDEVICEAUTH']._serialized_end=899 + _globals['_ROUTERRECORDROTATION']._serialized_start=902 + _globals['_ROUTERRECORDROTATION']._serialized_end=1033 + _globals['_ROUTERRECORDROTATIONSREQUEST']._serialized_start=1035 + _globals['_ROUTERRECORDROTATIONSREQUEST']._serialized_end=1104 + _globals['_ROUTERRECORDROTATIONSRESPONSE']._serialized_start=1106 + _globals['_ROUTERRECORDROTATIONSRESPONSE']._serialized_end=1203 + _globals['_ROUTERROTATIONINFO']._serialized_start=1206 + _globals['_ROUTERROTATIONINFO']._serialized_end=1443 + _globals['_ROUTERRECORDROTATIONREQUEST']._serialized_start=1446 + _globals['_ROUTERRECORDROTATIONREQUEST']._serialized_end=1706 + _globals['_USERRECORDACCESSREQUEST']._serialized_start=1708 + _globals['_USERRECORDACCESSREQUEST']._serialized_end=1768 + _globals['_USERRECORDACCESSRESPONSE']._serialized_start=1770 + _globals['_USERRECORDACCESSRESPONSE']._serialized_end=1867 + _globals['_USERRECORDACCESSREQUESTS']._serialized_start=1869 + _globals['_USERRECORDACCESSREQUESTS']._serialized_end=1946 + _globals['_USERRECORDACCESSRESPONSES']._serialized_start=1948 + _globals['_USERRECORDACCESSRESPONSES']._serialized_end=2028 + _globals['_ROTATIONSCHEDULE']._serialized_start=2030 + _globals['_ROTATIONSCHEDULE']._serialized_end=2086 + _globals['_APICALLBACKREQUEST']._serialized_start=2089 + _globals['_APICALLBACKREQUEST']._serialized_end=2233 + _globals['_APICALLBACKSCHEDULE']._serialized_start=2235 + _globals['_APICALLBACKSCHEDULE']._serialized_end=2288 + _globals['_ROUTERSCHEDULEDACTIONS']._serialized_start=2290 + _globals['_ROUTERSCHEDULEDACTIONS']._serialized_end=2354 + _globals['_ROUTERRECORDSROTATIONREQUEST']._serialized_start=2356 + _globals['_ROUTERRECORDSROTATIONREQUEST']._serialized_end=2445 + _globals['_CONNECTIONPARAMETERS']._serialized_start=2448 + _globals['_CONNECTIONPARAMETERS']._serialized_end=2581 + _globals['_VALIDATECONNECTIONSREQUEST']._serialized_start=2583 + _globals['_VALIDATECONNECTIONSREQUEST']._serialized_end=2662 + _globals['_CONNECTIONVALIDATIONFAILURE']._serialized_start=2664 + _globals['_CONNECTIONVALIDATIONFAILURE']._serialized_end=2738 + _globals['_VALIDATECONNECTIONSRESPONSE']._serialized_start=2740 + _globals['_VALIDATECONNECTIONSRESPONSE']._serialized_end=2833 + _globals['_GETENFORCEMENTREQUEST']._serialized_start=2835 + _globals['_GETENFORCEMENTREQUEST']._serialized_end=2884 + _globals['_ENFORCEMENTTYPE']._serialized_start=2886 + _globals['_ENFORCEMENTTYPE']._serialized_end=2945 + _globals['_GETENFORCEMENTRESPONSE']._serialized_start=2947 + _globals['_GETENFORCEMENTRESPONSE']._serialized_end=3059 + _globals['_PEDMTOTPVALIDATEREQUEST']._serialized_start=3061 + _globals['_PEDMTOTPVALIDATEREQUEST']._serialized_end=3140 + _globals['_GETPEDMADMININFORESPONSE']._serialized_start=3142 + _globals['_GETPEDMADMININFORESPONSE']._serialized_end=3214 + _globals['_PAMNETWORKSETTINGS']._serialized_start=3216 + _globals['_PAMNETWORKSETTINGS']._serialized_end=3261 + _globals['_PAMNETWORKCONFIGURATIONREQUEST']._serialized_start=3264 + _globals['_PAMNETWORKCONFIGURATIONREQUEST']._serialized_end=3492 # @@protoc_insertion_point(module_scope) diff --git a/keepersdk-package/src/keepersdk/proto/router_pb2.pyi b/keepersdk-package/src/keepersdk/proto/router_pb2.pyi index b5e2d325..b91019d5 100644 --- a/keepersdk-package/src/keepersdk/proto/router_pb2.pyi +++ b/keepersdk-package/src/keepersdk/proto/router_pb2.pyi @@ -120,7 +120,7 @@ class RouterUserAuth(_message.Message): def __init__(self, transmissionKey: _Optional[bytes] = ..., sessionToken: _Optional[bytes] = ..., userId: _Optional[int] = ..., enterpriseUserId: _Optional[int] = ..., deviceName: _Optional[str] = ..., deviceToken: _Optional[bytes] = ..., clientVersionId: _Optional[int] = ..., needUsername: bool = ..., username: _Optional[str] = ..., mspEnterpriseId: _Optional[int] = ..., isPedmAdmin: bool = ..., mcEnterpriseId: _Optional[int] = ...) -> None: ... class RouterDeviceAuth(_message.Message): - __slots__ = ("clientId", "clientVersion", "signature", "enterpriseId", "nodeId", "deviceName", "deviceToken", "controllerName", "controllerUid", "ownerUser", "challenge", "ownerId") + __slots__ = ("clientId", "clientVersion", "signature", "enterpriseId", "nodeId", "deviceName", "deviceToken", "controllerName", "controllerUid", "ownerUser", "challenge", "ownerId", "maxInstanceCount") CLIENTID_FIELD_NUMBER: _ClassVar[int] CLIENTVERSION_FIELD_NUMBER: _ClassVar[int] SIGNATURE_FIELD_NUMBER: _ClassVar[int] @@ -133,6 +133,7 @@ class RouterDeviceAuth(_message.Message): OWNERUSER_FIELD_NUMBER: _ClassVar[int] CHALLENGE_FIELD_NUMBER: _ClassVar[int] OWNERID_FIELD_NUMBER: _ClassVar[int] + MAXINSTANCECOUNT_FIELD_NUMBER: _ClassVar[int] clientId: str clientVersion: str signature: bytes @@ -145,7 +146,8 @@ class RouterDeviceAuth(_message.Message): ownerUser: str challenge: str ownerId: int - def __init__(self, clientId: _Optional[str] = ..., clientVersion: _Optional[str] = ..., signature: _Optional[bytes] = ..., enterpriseId: _Optional[int] = ..., nodeId: _Optional[int] = ..., deviceName: _Optional[str] = ..., deviceToken: _Optional[bytes] = ..., controllerName: _Optional[str] = ..., controllerUid: _Optional[bytes] = ..., ownerUser: _Optional[str] = ..., challenge: _Optional[str] = ..., ownerId: _Optional[int] = ...) -> None: ... + maxInstanceCount: int + def __init__(self, clientId: _Optional[str] = ..., clientVersion: _Optional[str] = ..., signature: _Optional[bytes] = ..., enterpriseId: _Optional[int] = ..., nodeId: _Optional[int] = ..., deviceName: _Optional[str] = ..., deviceToken: _Optional[bytes] = ..., controllerName: _Optional[str] = ..., controllerUid: _Optional[bytes] = ..., ownerUser: _Optional[str] = ..., challenge: _Optional[str] = ..., ownerId: _Optional[int] = ..., maxInstanceCount: _Optional[int] = ...) -> None: ... class RouterRecordRotation(_message.Message): __slots__ = ("recordUid", "configurationUid", "controllerUid", "resourceUid", "noSchedule") @@ -241,6 +243,18 @@ class UserRecordAccessResponse(_message.Message): accessLevel: UserRecordAccessLevel def __init__(self, recordUid: _Optional[bytes] = ..., accessLevel: _Optional[_Union[UserRecordAccessLevel, str]] = ...) -> None: ... +class UserRecordAccessRequests(_message.Message): + __slots__ = ("requests",) + REQUESTS_FIELD_NUMBER: _ClassVar[int] + requests: _containers.RepeatedCompositeFieldContainer[UserRecordAccessRequest] + def __init__(self, requests: _Optional[_Iterable[_Union[UserRecordAccessRequest, _Mapping]]] = ...) -> None: ... + +class UserRecordAccessResponses(_message.Message): + __slots__ = ("responses",) + RESPONSES_FIELD_NUMBER: _ClassVar[int] + responses: _containers.RepeatedCompositeFieldContainer[UserRecordAccessResponse] + def __init__(self, responses: _Optional[_Iterable[_Union[UserRecordAccessResponse, _Mapping]]] = ...) -> None: ... + class RotationSchedule(_message.Message): __slots__ = ("record_uid", "schedule") RECORD_UID_FIELD_NUMBER: _ClassVar[int] @@ -350,3 +364,29 @@ class PEDMTOTPValidateRequest(_message.Message): enterpriseId: int code: int def __init__(self, username: _Optional[str] = ..., enterpriseId: _Optional[int] = ..., code: _Optional[int] = ...) -> None: ... + +class GetPEDMAdminInfoResponse(_message.Message): + __slots__ = ("isPedmAdmin", "pedmAddonActive") + ISPEDMADMIN_FIELD_NUMBER: _ClassVar[int] + PEDMADDONACTIVE_FIELD_NUMBER: _ClassVar[int] + isPedmAdmin: bool + pedmAddonActive: bool + def __init__(self, isPedmAdmin: bool = ..., pedmAddonActive: bool = ...) -> None: ... + +class PAMNetworkSettings(_message.Message): + __slots__ = ("allowedSettings",) + ALLOWEDSETTINGS_FIELD_NUMBER: _ClassVar[int] + allowedSettings: bytes + def __init__(self, allowedSettings: _Optional[bytes] = ...) -> None: ... + +class PAMNetworkConfigurationRequest(_message.Message): + __slots__ = ("recordUid", "networkSettings", "resources", "rotations") + RECORDUID_FIELD_NUMBER: _ClassVar[int] + NETWORKSETTINGS_FIELD_NUMBER: _ClassVar[int] + RESOURCES_FIELD_NUMBER: _ClassVar[int] + ROTATIONS_FIELD_NUMBER: _ClassVar[int] + recordUid: bytes + networkSettings: PAMNetworkSettings + resources: _containers.RepeatedCompositeFieldContainer[_pam_pb2.PAMResourceConfig] + rotations: _containers.RepeatedCompositeFieldContainer[RouterRecordRotationRequest] + def __init__(self, recordUid: _Optional[bytes] = ..., networkSettings: _Optional[_Union[PAMNetworkSettings, _Mapping]] = ..., resources: _Optional[_Iterable[_Union[_pam_pb2.PAMResourceConfig, _Mapping]]] = ..., rotations: _Optional[_Iterable[_Union[RouterRecordRotationRequest, _Mapping]]] = ...) -> None: ... diff --git a/keepersdk-package/src/keepersdk/storage/dag.py b/keepersdk-package/src/keepersdk/storage/dag.py index 10d6c676..10ca79f7 100644 --- a/keepersdk-package/src/keepersdk/storage/dag.py +++ b/keepersdk-package/src/keepersdk/storage/dag.py @@ -110,7 +110,7 @@ def parse(value: Any) -> Optional[Ref]: ref_type = RefType.parse(value.get('type')) or RefType.GENERAL ref_value: Optional[str] = value.get('value') if not ref_value: - raise ValueError(f'Parse DAG "Ref": value is empty') + raise ValueError('Parse DAG "Ref": value is empty') return Ref(type=ref_type, value=ref_value, name=value.get('name')) raise ValueError(f'Parse DAG "Ref": value is invalid: {value}') @@ -181,11 +181,11 @@ def parse(data: Any) -> Optional[DagActor]: if isinstance(data, dict): a_type = ActorType.parse(data.get('type')) if a_type is None: - raise ValueError(f'Parse DAG "DagActor": "type" is empty') + raise ValueError('Parse DAG "DagActor": "type" is empty') actor_id: Optional[str] = data.get('id') if not actor_id: - raise ValueError(f'Parse DAG "DagActor": "id" is empty') + raise ValueError('Parse DAG "DagActor": "id" is empty') if not isinstance(actor_id, str): raise ValueError(f'Parse DAG "DagActor": "id" is invalid: {actor_id}') diff --git a/keepersdk-package/src/keepersdk/storage/in_memory.py b/keepersdk-package/src/keepersdk/storage/in_memory.py index 626e09c5..c45f353d 100644 --- a/keepersdk-package/src/keepersdk/storage/in_memory.py +++ b/keepersdk-package/src/keepersdk/storage/in_memory.py @@ -1,5 +1,5 @@ from typing import Dict, Any, Callable, Optional, Generic, Iterable -from .storage_types import IEntityStorage, ILinkStorage, IRecordStorage, IUidLink, IUid, T, K, KS, KO +from .storage_types import IEntityReaderStorage, ILinkReaderStorage, IRecordStorage, IUidLink, IUid, T, K, KS, KO class InMemoryRecordStorage(Generic[T], IRecordStorage[T]): @@ -16,7 +16,7 @@ def delete(self): GetUid = Callable[[Any], K] -class InMemoryEntityStorage(Generic[T, K], IEntityStorage[T, K]): +class InMemoryEntityStorage(Generic[T, K], IEntityReaderStorage[T, K]): def __init__(self, get_uid: Optional[GetUid]=None) -> None: self._items: Dict[K, T] = {} self.get_uid = get_uid @@ -51,7 +51,7 @@ def clear(self): self._items.clear() -class InMemoryLinkStorage(Generic[T, KS, KO], ILinkStorage[T, KS, KO]): +class InMemoryLinkStorage(Generic[T, KS, KO], ILinkReaderStorage[T, KS, KO]): def __init__(self, get_subject: Optional[GetUid]=None, get_object: Optional[GetUid]=None) -> None: self.get_subject = get_subject self.get_object = get_object diff --git a/keepersdk-package/src/keepersdk/storage/sqlite.py b/keepersdk-package/src/keepersdk/storage/sqlite.py index 43bba0b2..eb91cdf3 100644 --- a/keepersdk-package/src/keepersdk/storage/sqlite.py +++ b/keepersdk-package/src/keepersdk/storage/sqlite.py @@ -5,7 +5,7 @@ from .. import sqlite_dao -class SqliteEntityStorage(sqlite_dao.SqliteStorage, storage_types.IEntityStorage): +class SqliteEntityStorage(sqlite_dao.SqliteStorage, storage_types.IEntityReaderStorage): def __init__(self, get_connection: Callable[[], sqlite3.Connection], schema: sqlite_dao.TableSchema, owner: Optional[sqlite_dao.KeyTypes]=None) -> None: super(SqliteEntityStorage, self).__init__(get_connection, schema, owner) @@ -27,7 +27,7 @@ def delete_uids(self, uids): self.delete_by_filter(self.schema.primary_key, uids, multiple_criteria=True) -class SqliteLinkStorage(sqlite_dao.SqliteStorage, storage_types.ILinkStorage): +class SqliteLinkStorage(sqlite_dao.SqliteStorage, storage_types.ILinkReaderStorage): def __init__(self, get_connection: Callable[[], sqlite3.Connection], schema: sqlite_dao.TableSchema, owner: Optional[sqlite_dao.KeyTypes]=None) -> None: super(SqliteLinkStorage, self).__init__(get_connection, schema, owner) diff --git a/keepersdk-package/src/keepersdk/storage/storage_types.py b/keepersdk-package/src/keepersdk/storage/storage_types.py index bb42239d..129ffa4a 100644 --- a/keepersdk-package/src/keepersdk/storage/storage_types.py +++ b/keepersdk-package/src/keepersdk/storage/storage_types.py @@ -56,7 +56,7 @@ def delete(self): pass -class IEntity(Generic[T, K], abc.ABC): +class IEntityReader(Generic[T, K], abc.ABC): @abc.abstractmethod def get_all_entities(self) -> Iterable[T]: pass @@ -66,7 +66,7 @@ def get_entity(self, key: K) -> Optional[T]: pass -class ILink(Generic[T, KS, KO], abc.ABC): +class ILinkReader(Generic[T, KS, KO], abc.ABC): @abc.abstractmethod def get_link(self, subject_id: KS, object_id: KO) -> Optional[T]: pass @@ -84,7 +84,7 @@ def get_all_links(self) -> Iterable[T]: pass -class IEntityStorage(IEntity[T, K]): +class IEntityReaderStorage(IEntityReader[T, K]): @abc.abstractmethod def put_entities(self, entities: Iterable[T]) -> None: pass @@ -94,7 +94,7 @@ def delete_uids(self, uids: Iterable[K]) -> None: pass -class ILinkStorage(Generic[T, KS, KO], ILink[T, KS, KO]): +class ILinkReaderStorage(Generic[T, KS, KO], ILinkReader[T, KS, KO]): @abc.abstractmethod def put_links(self, links: Iterable[T]): pass @@ -108,5 +108,5 @@ def delete_links_by_subjects(self, subject_uids: Iterable[KS]): pass @abc.abstractmethod - def delete_links_by_objects(self, object_uids: Iterable[KS]): + def delete_links_by_objects(self, object_uids: Iterable[KO]): pass diff --git a/keepersdk-package/src/keepersdk/vault/batch_operations.py b/keepersdk-package/src/keepersdk/vault/batch_operations.py index 341439c4..e7356b81 100644 --- a/keepersdk-package/src/keepersdk/vault/batch_operations.py +++ b/keepersdk-package/src/keepersdk/vault/batch_operations.py @@ -326,7 +326,7 @@ def add_record(self, folder: Optional[FolderNode] = None, ) -> Optional[Union[vault_record.TypedRecord, vault_record.PasswordRecord]]: if not isinstance(record, (vault_record.TypedRecord, vault_record.PasswordRecord)): - self._batch_logger.record_status (record.title, BatchStatus.Failed, f'Record type is not supported') + self._batch_logger.record_status (record.title, BatchStatus.Failed, 'Record type is not supported') return None hasher = hashlib.sha256() @@ -334,7 +334,7 @@ def add_record(self, hasher.update(token.encode('utf-8', errors='ignore')) full_hash = hasher.digest() if full_hash in self._record_full_hashes: - self._batch_logger.record_status(record.title, BatchStatus.Skipped , f'A full record match already exists') + self._batch_logger.record_status(record.title, BatchStatus.Skipped , 'A full record match already exists') record_uids: Optional[Set[str]] = self._record_full_hashes[full_hash] if record_uids and len(record_uids) > 0: record_uid = next(iter(record_uids)) diff --git a/keepersdk-package/src/keepersdk/vault/record_management.py b/keepersdk-package/src/keepersdk/vault/record_management.py index 6a698180..77ee1d16 100644 --- a/keepersdk-package/src/keepersdk/vault/record_management.py +++ b/keepersdk-package/src/keepersdk/vault/record_management.py @@ -300,18 +300,20 @@ def delete_vault_objects(vault: vault_online.VaultOnline, objects.append(obj) else: record = vault.vault_data.get_record(to_delete) - folders = vault_utils.get_folders_for_record(vault.vault_data, record.record_uid) - if folders: - folder = folders[0] if record: - obj = { - 'object_uid': record.record_uid, - 'object_type': 'record', - 'delete_resolution': 'unlink', - 'from_type': 'user_folder', - 'from_uid': folder.folder_uid, - } - objects.append(obj) + folders = vault_utils.get_folders_for_record(vault.vault_data, record.record_uid) + if folders: + folder = folders[0] + if record: + obj = { + 'object_uid': record.record_uid, + 'object_type': 'record', + 'delete_resolution': 'unlink', + 'from_type': 'user_folder' + } + if folder: + obj['from_uid'] = folder.folder_uid + objects.append(obj) elif isinstance(to_delete, vault_types.RecordPath): if not to_delete.record_uid: raise ValueError('record UID cannot be empy') diff --git a/keepersdk-package/src/keepersdk/vault/vault_online.py b/keepersdk-package/src/keepersdk/vault/vault_online.py index 6af28bb2..03b11169 100644 --- a/keepersdk-package/src/keepersdk/vault/vault_online.py +++ b/keepersdk-package/src/keepersdk/vault/vault_online.py @@ -89,6 +89,7 @@ def on_notification_received(self, event: Dict[str, Any]) -> Optional[bool]: with self._lock: self.sync_requested = True return False + return None def sync_down(self, force=False): if force: diff --git a/keepersdk-package/src/keepersdk/vault/vault_record.py b/keepersdk-package/src/keepersdk/vault/vault_record.py index 8762b50f..12557e4f 100644 --- a/keepersdk-package/src/keepersdk/vault/vault_record.py +++ b/keepersdk-package/src/keepersdk/vault/vault_record.py @@ -10,12 +10,16 @@ def sanitize_str_field_value(value: Any) -> str: + if not value: + return '' if not isinstance(value, str): value = str(value) if value else '' return value def sanitize_int_field_value(value: Any, *, default:int=0) -> int: + if not value: + return default if not isinstance(value, int): try: value = int(value) @@ -28,6 +32,8 @@ def sanitize_int_field_value(value: Any, *, default:int=0) -> int: def sanitize_bool_field_value(value: Any) -> bool: + if not value: + return False if not isinstance(value, bool): if isinstance(value, int): value = value != 0 @@ -43,6 +49,7 @@ class RecordFlags(enum.IntFlag): HasPassword = 1 << 3 HasUrl = 1 << 4 + @dataclass(frozen=True) class KeeperRecordInfo: record_uid: str diff --git a/keepersdk-package/src/keepersdk/vault/vault_storage.py b/keepersdk-package/src/keepersdk/vault/vault_storage.py index 4bd71df4..0bb605f9 100644 --- a/keepersdk-package/src/keepersdk/vault/vault_storage.py +++ b/keepersdk-package/src/keepersdk/vault/vault_storage.py @@ -1,6 +1,6 @@ import abc -from ..storage.storage_types import IEntityStorage, ILinkStorage, IRecordStorage +from ..storage.storage_types import IEntityReaderStorage, ILinkReaderStorage, IRecordStorage from . import storage_types @@ -17,72 +17,72 @@ def personal_scope_uid(self) -> str: @property @abc.abstractmethod - def records(self) -> IEntityStorage[storage_types.StorageRecord, str]: + def records(self) -> IEntityReaderStorage[storage_types.StorageRecord, str]: pass @property @abc.abstractmethod - def record_types(self) -> IEntityStorage[storage_types.StorageRecordType, int]: + def record_types(self) -> IEntityReaderStorage[storage_types.StorageRecordType, int]: pass @property @abc.abstractmethod - def shared_folders(self) -> IEntityStorage[storage_types.StorageSharedFolder, str]: + def shared_folders(self) -> IEntityReaderStorage[storage_types.StorageSharedFolder, str]: pass @property @abc.abstractmethod - def user_emails(self) -> ILinkStorage[storage_types.StorageUserEmail, str, str]: + def user_emails(self) -> ILinkReaderStorage[storage_types.StorageUserEmail, str, str]: pass @property @abc.abstractmethod - def teams(self) -> IEntityStorage[storage_types.StorageTeam, str]: + def teams(self) -> IEntityReaderStorage[storage_types.StorageTeam, str]: pass @property @abc.abstractmethod - def non_shared_data(self) -> IEntityStorage[storage_types.StorageNonSharedData, str]: + def non_shared_data(self) -> IEntityReaderStorage[storage_types.StorageNonSharedData, str]: pass @property @abc.abstractmethod - def record_keys(self) -> ILinkStorage[storage_types.StorageRecordKey, str, str]: + def record_keys(self) -> ILinkReaderStorage[storage_types.StorageRecordKey, str, str]: pass @property @abc.abstractmethod - def shared_folder_keys(self) -> ILinkStorage[storage_types.StorageSharedFolderKey, str, str]: + def shared_folder_keys(self) -> ILinkReaderStorage[storage_types.StorageSharedFolderKey, str, str]: pass @property @abc.abstractmethod - def shared_folder_permissions(self) -> ILinkStorage[storage_types.StorageSharedFolderPermission, str, str]: + def shared_folder_permissions(self) -> ILinkReaderStorage[storage_types.StorageSharedFolderPermission, str, str]: pass @property @abc.abstractmethod - def folders(self) -> IEntityStorage[storage_types.StorageFolder, str]: + def folders(self) -> IEntityReaderStorage[storage_types.StorageFolder, str]: pass @property @abc.abstractmethod - def folder_records(self) -> ILinkStorage[storage_types.StorageFolderRecord, str, str]: + def folder_records(self) -> ILinkReaderStorage[storage_types.StorageFolderRecord, str, str]: pass @property @abc.abstractmethod - def breach_watch_records(self) -> IEntityStorage[storage_types.BreachWatchRecord, str]: + def breach_watch_records(self) -> IEntityReaderStorage[storage_types.BreachWatchRecord, str]: pass @property @abc.abstractmethod - def breach_watch_security_data(self) -> IEntityStorage[storage_types.BreachWatchSecurityData, str]: + def breach_watch_security_data(self) -> IEntityReaderStorage[storage_types.BreachWatchSecurityData, str]: pass @property @abc.abstractmethod - def notifications(self) -> IEntityStorage[storage_types.StorageNotification, str]: + def notifications(self) -> IEntityReaderStorage[storage_types.StorageNotification, str]: pass @abc.abstractmethod diff --git a/keepersdk-package/unit_tests/data_vault.py b/keepersdk-package/unit_tests/data_vault.py index b3ae66eb..25f089d4 100644 --- a/keepersdk-package/unit_tests/data_vault.py +++ b/keepersdk-package/unit_tests/data_vault.py @@ -400,7 +400,7 @@ def get_connected_auth() -> keeper_auth.KeeperAuth: return keeper_auth.KeeperAuth(keeper_endpoint, auth_context) -TestClientVersion = 'c16.8.0' +TestClientVersion = 'c17.0.0' DefaultEnvironment = 'env.company.com' AccountUid = crypto.get_random_bytes(16) UserName = 'some_fake_user@company.com' diff --git a/keepersdk-package/unit_tests/test_memory_storage.py b/keepersdk-package/unit_tests/test_memory_storage.py index 3a093c2a..5b15f0ea 100644 --- a/keepersdk-package/unit_tests/test_memory_storage.py +++ b/keepersdk-package/unit_tests/test_memory_storage.py @@ -7,9 +7,9 @@ class TestMemoryStorage(TestCase): def test_entity_storage(self) -> None: - record_storage: storage_types.IEntityStorage[vault_storage_types.StorageRecord, str] + record_storage: storage_types.IEntityReaderStorage[vault_storage_types.StorageRecord, str] record_storage = memory_storage.InMemoryEntityStorage() - record_key_storage: storage_types.ILinkStorage[ + record_key_storage: storage_types.ILinkReaderStorage[ vault_storage_types.StorageRecordKey, str, str] = memory_storage.InMemoryLinkStorage() record = vault_storage_types.StorageRecord() record.record_uid = utils.generate_uid() diff --git a/keepersdk-package/unit_tests/test_sqlite_dao.py b/keepersdk-package/unit_tests/test_sqlite_dao.py index 0495b8d6..ff03827b 100644 --- a/keepersdk-package/unit_tests/test_sqlite_dao.py +++ b/keepersdk-package/unit_tests/test_sqlite_dao.py @@ -7,6 +7,7 @@ from keepersdk.storage import sqlite, storage_types from keepersdk.vault import storage_types as vault_storage_types from keepersdk.proto import enterprise_pb2 +from keepersdk.plugins.pedm import admin_storage @dataclass @@ -26,7 +27,7 @@ def test_proto(self) -> None: queries = sqlite_dao.verify_database(connection, (settings_table,), apply_changes=True) self.assertTrue(len(queries) == 0) - settings_storage: storage_types.IEntityStorage[enterprise_pb2.Node, int] = \ + settings_storage: storage_types.IEntityReaderStorage[enterprise_pb2.Node, int] = \ sqlite.SqliteEntityStorage(lambda: connection, settings_table, 191) s = enterprise_pb2.Node() s.nodeId = 3432423432 @@ -79,9 +80,9 @@ def test_entity_storage(self) -> None: sqlite_dao.verify_database(connection, (record_table, record_key_table, settings_table), apply_changes=True) - record_storage: storage_types.IEntityStorage[vault_storage_types.StorageRecord, str] = \ + record_storage: storage_types.IEntityReaderStorage[vault_storage_types.StorageRecord, str] = \ sqlite.SqliteEntityStorage(lambda: connection, record_table, 'user@company.com') - record_key_storage: storage_types.ILinkStorage[vault_storage_types.StorageRecordKey, str, str] = \ + record_key_storage: storage_types.ILinkReaderStorage[vault_storage_types.StorageRecordKey, str, str] = \ sqlite.SqliteLinkStorage(lambda: connection, record_key_table, 'user@company.com') settings_storage: storage_types.IRecordStorage[Settings] = \ sqlite.SqliteRecordStorage(lambda: connection, settings_table, 'user@company.com') @@ -127,3 +128,25 @@ def test_entity_storage(self) -> None: links = list(record_key_storage.get_links_by_subject(record.record_uid)) self.assertEqual(len(links), 1) self.assertEqual(link.record_uid, links[0].record_uid) + + + def test_link_storage(self) -> None: + connection = sqlite3.Connection(':memory:') + owner_column = 'enterprise_id' + + collection_link_schema = sqlite_dao.TableSchema.load_schema( + admin_storage.PedmStorageCollectionLink, primary_key=['collection_uid', 'link_uid'], indexes={'Link': 'link_uid'}, + owner_column=owner_column, owner_type=int) + sqlite_dao.verify_database(connection, (collection_link_schema,), apply_changes=True) + + link_storage: storage_types.ILinkReaderStorage[admin_storage.PedmStorageCollectionLink, str, str] = \ + sqlite.SqliteLinkStorage(lambda: connection, collection_link_schema, 1000) + + link_storage.put_links([admin_storage.PedmStorageCollectionLink( + collection_uid='CollectionUid', + link_uid='LinkUid', + link_type=2 + )]) + + l = link_storage.get_link('CollectionUid', 'LinkUid') + self.assertIsNotNone(l)