common.eidas
io.token.proto.common.eidas common/src/main/proto/eidas.proto
syntax = "proto3";
package io.token.proto.common.eidas;
option java_outer_classname = "EidasProtos";
option csharp_namespace = "Tokenio.Proto.Common.EidasProtos";
import "alias.proto";
import "security.proto";
message VerifyEidasPayload {
string member_id = 1; // member ID of the TPP
io.token.proto.common.alias.Alias alias = 2; // eIDAS alias to be verified
string certificate = 3; // serialized eIDAS certificate
io.token.proto.common.security.Key.Algorithm algorithm = 4; // signing algorithm of the eIDAS certificate
}
message RegisterWithEidasPayload {
string bank_id = 1; // ID of the bank under whose realm a member should be created (e.g. "wood")
string certificate = 2; // serialized eIDAS certificate
}
message EidasRecoveryPayload {
string member_id = 1; // ID of the member to be recovered
string certificate = 2; // serialized eIDAS certificate that was used to verify the member
io.token.proto.common.security.Key.Algorithm algorithm = 3; // signing algorithm of the eIDAS certificate
io.token.proto.common.security.Key key = 4; // new privileged key to add to the member
}
// When a TPP verifies an eIDAS alias by providing a certificate (and all preconditions are met on
// our side) the verification may succeed or fail on the verification service side in two different
// ways: certificate is invalid or an error response from the service
enum KonsentusVerificationStatus {
option deprecated = true; // EidasVerificationStatus is used instead
INVALID = 0;
SUCCESS = 1;
FAILURE_EIDAS_INVALID = 2; // The request has succeeded (code 200), but at least one eIDAS.validity field in the response body is false
FAILURE_ERROR_RESPONSE = 3; // Konsentus returned an error response (codes 4xx and 5xx)
FAILURE_ERROR = 4; // an error happened during the verification process
IN_PROGRESS = 5; // certificate validation has not finished yet, use getEidasVerificationStatus() to get the result later
}
enum EidasVerificationStatus {
INVALID_EIDAS_STATUS = 0;
EIDAS_STATUS_SUCCESS = 1; // The certificate has been verified
EIDAS_STATUS_FAILURE = 2; // The certificate has failed verification
// 3 is skipped for backward compatibility: 3 and 4 from KonsentusVerificationStatus are now mapped to 4)
EIDAS_STATUS_ERROR = 4; // Unable to validate the certificate due to an error
EIDAS_STATUS_PENDING = 5; // The certificate is pending verification
// next id should be 6
}
enum EidasCertificateStatus {
INVALID_CERTIFICATE_STATUS = 0;
CERTIFICATE_VALID = 1;
CERTIFICATE_INVALID = 2;
CERTIFICATE_NOT_FOUND = 3;
}