diff --git a/cs/src/Contracts/TunnelServiceProperties.cs b/cs/src/Contracts/TunnelServiceProperties.cs index 093cce4f..c4cc2c81 100644 --- a/cs/src/Contracts/TunnelServiceProperties.cs +++ b/cs/src/Contracts/TunnelServiceProperties.cs @@ -27,6 +27,11 @@ public class TunnelServiceProperties /// internal const string DevDnsName = "global.ci.tunnels.dev.api.visualstudio.com"; + /// + /// Default host name for the local tunnel service. + /// + internal const string LocalDnsName = "tunnels.local.api.visualstudio.com:9901"; + /// /// First-party app ID: `Visual Studio Tunnel Service` /// @@ -95,10 +100,28 @@ public class TunnelServiceProperties /// GitHub App Client ID for 'Visual Studio Tunnel Service - Test' /// /// - /// Used by client apps that authenticate tunnel users with GitHub, in the PPE and DEV - /// service environments. + /// Used by client apps that authenticate tunnel users with GitHub, in the PPE + /// service environment. + /// + internal const string PpeGitHubAppClientId = "Iv1.b231c327f1eaa229"; + + /// + /// GitHub App Client ID for 'Dev Tunnels Service - Dev' + /// + /// + /// Used by client apps that authenticate tunnel users with GitHub, in the DEV + /// service environment. + /// + internal const string DevGitHubAppClientId = "Iv23ctTiak9wLCiTcEbr"; + + /// + /// GitHub App Client ID for 'Dev Tunnels Service - Local' + /// + /// + /// Used by client apps that authenticate tunnel users with GitHub, when running + /// the service locally. /// - internal const string NonProdGitHubAppClientId = "Iv1.b231c327f1eaa229"; + internal const string LocalGitHubAppClientId = "Iv23cttBYzKThF88PiPR"; private TunnelServiceProperties( string serviceUri, @@ -128,7 +151,7 @@ private TunnelServiceProperties( $"https://{PpeDnsName}/", PpeFirstPartyAppId, PpeThirdPartyAppId, - NonProdGitHubAppClientId); + PpeGitHubAppClientId); /// /// Gets properties for the service in the development environment. @@ -137,7 +160,20 @@ private TunnelServiceProperties( $"https://{DevDnsName}/", DevFirstPartyAppId, DevThirdPartyAppId, - NonProdGitHubAppClientId); + DevGitHubAppClientId); + + /// + /// Gets properties for the service when running locally. + /// + /// + /// Uses the same service app IDs as the development environment, but a different + /// GitHub app with localhost callback URLs. + /// + public static TunnelServiceProperties Local { get; } = new TunnelServiceProperties( + $"https://{LocalDnsName}/", + DevFirstPartyAppId, + DevThirdPartyAppId, + LocalGitHubAppClientId); /// /// Gets properties for the service in the specified environment. @@ -157,6 +193,7 @@ public static TunnelServiceProperties Environment(string environmentName) "prod" or "production" => TunnelServiceProperties.Production, "ppe" or "preprod" or "staging" => TunnelServiceProperties.Staging, "dev" or "development" => TunnelServiceProperties.Development, + "local" => TunnelServiceProperties.Local, _ => throw new ArgumentException($"Invalid service environment: {environmentName}"), }; } diff --git a/go/tunnels/cluster_details.go b/go/tunnels/cluster_details.go index 147db70a..f2bddce9 100644 --- a/go/tunnels/cluster_details.go +++ b/go/tunnels/cluster_details.go @@ -1,19 +1,19 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ClusterDetails.cs - -package tunnels - -// Details of a tunneling service cluster. Each cluster represents an instance of the -// tunneling service running in a particular Azure region. New tunnels are created in the -// current region unless otherwise specified. -type ClusterDetails struct { - // A cluster identifier based on its region. - ClusterID string `json:"clusterId"` - - // The URI of the service cluster. - URI string `json:"uri"` - - // The Azure location of the cluster. - AzureLocation string `json:"azureLocation"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ClusterDetails.cs + +package tunnels + +// Details of a tunneling service cluster. Each cluster represents an instance of the +// tunneling service running in a particular Azure region. New tunnels are created in the +// current region unless otherwise specified. +type ClusterDetails struct { + // A cluster identifier based on its region. + ClusterID string `json:"clusterId"` + + // The URI of the service cluster. + URI string `json:"uri"` + + // The Azure location of the cluster. + AzureLocation string `json:"azureLocation"` +} diff --git a/go/tunnels/error_codes.go b/go/tunnels/error_codes.go index 48b475ff..580b53f2 100644 --- a/go/tunnels/error_codes.go +++ b/go/tunnels/error_codes.go @@ -1,20 +1,20 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ErrorCodes.cs - -package tunnels - -// Error codes for ErrorDetail.Code and `x-ms-error-code` header. -type ErrorCodes []ErrorCode -type ErrorCode string - -const ( - // Operation timed out. - ErrorCodeTimeout ErrorCode = "Timeout" - - // Operation cannot be performed because the service is not available. - ErrorCodeServiceUnavailable ErrorCode = "ServiceUnavailable" - - // Internal error. - ErrorCodeInternalError ErrorCode = "InternalError" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ErrorCodes.cs + +package tunnels + +// Error codes for ErrorDetail.Code and `x-ms-error-code` header. +type ErrorCodes []ErrorCode +type ErrorCode string + +const ( + // Operation timed out. + ErrorCodeTimeout ErrorCode = "Timeout" + + // Operation cannot be performed because the service is not available. + ErrorCodeServiceUnavailable ErrorCode = "ServiceUnavailable" + + // Internal error. + ErrorCodeInternalError ErrorCode = "InternalError" +) diff --git a/go/tunnels/error_detail.go b/go/tunnels/error_detail.go index 6d85d839..93d7329f 100644 --- a/go/tunnels/error_detail.go +++ b/go/tunnels/error_detail.go @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ErrorDetail.cs - -package tunnels - -// The top-level error object whose code matches the x-ms-error-code response header -type ErrorDetail struct { - // One of a server-defined set of error codes defined in `ErrorCodes`. - Code string `json:"code"` - - // A human-readable representation of the error. - Message string `json:"message"` - - // The target of the error. - Target string `json:"target,omitempty"` - - // An array of details about specific errors that led to this reported error. - Details []ErrorDetail `json:"details,omitempty"` - - // An object containing more specific information than the current object about the - // error. - InnerError *InnerErrorDetail `json:"innererror,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ErrorDetail.cs + +package tunnels + +// The top-level error object whose code matches the x-ms-error-code response header +type ErrorDetail struct { + // One of a server-defined set of error codes defined in `ErrorCodes`. + Code string `json:"code"` + + // A human-readable representation of the error. + Message string `json:"message"` + + // The target of the error. + Target string `json:"target,omitempty"` + + // An array of details about specific errors that led to this reported error. + Details []ErrorDetail `json:"details,omitempty"` + + // An object containing more specific information than the current object about the + // error. + InnerError *InnerErrorDetail `json:"innererror,omitempty"` +} diff --git a/go/tunnels/inner_error_detail.go b/go/tunnels/inner_error_detail.go index 86ece992..e27d0a6d 100644 --- a/go/tunnels/inner_error_detail.go +++ b/go/tunnels/inner_error_detail.go @@ -1,16 +1,16 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/InnerErrorDetail.cs - -package tunnels - -// An object containing more specific information than the current object about the error. -type InnerErrorDetail struct { - // A more specific error code than was provided by the containing error. One of a - // server-defined set of error codes in `ErrorCodes`. - Code string `json:"code"` - - // An object containing more specific information than the current object about the - // error. - InnerError *InnerErrorDetail `json:"innererror,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/InnerErrorDetail.cs + +package tunnels + +// An object containing more specific information than the current object about the error. +type InnerErrorDetail struct { + // A more specific error code than was provided by the containing error. One of a + // server-defined set of error codes in `ErrorCodes`. + Code string `json:"code"` + + // An object containing more specific information than the current object about the + // error. + InnerError *InnerErrorDetail `json:"innererror,omitempty"` +} diff --git a/go/tunnels/manager.go b/go/tunnels/manager.go index 3ea47475..05fbeaef 100644 --- a/go/tunnels/manager.go +++ b/go/tunnels/manager.go @@ -28,14 +28,21 @@ var PpeServiceProperties = TunnelServiceProperties{ ServiceURI: fmt.Sprintf("https://%s/", ppeDnsName), ServiceAppID: ppeFirstPartyAppID, ServiceInternalAppID: ppeThirdPartyAppID, - GitHubAppClientID: nonProdGitHubAppClientID, + GitHubAppClientID: ppeGitHubAppClientID, } var DevServiceProperties = TunnelServiceProperties{ ServiceURI: fmt.Sprintf("https://%s/", devDnsName), ServiceAppID: devFirstPartyAppID, ServiceInternalAppID: devThirdPartyAppID, - GitHubAppClientID: nonProdGitHubAppClientID, + GitHubAppClientID: devGitHubAppClientID, +} + +var LocalServiceProperties = TunnelServiceProperties{ + ServiceURI: fmt.Sprintf("https://%s/", localDnsName), + ServiceAppID: devFirstPartyAppID, + ServiceInternalAppID: devThirdPartyAppID, + GitHubAppClientID: localGitHubAppClientID, } type tokenProviderfn func() string diff --git a/go/tunnels/problem_details.go b/go/tunnels/problem_details.go index c7751d80..c84fe582 100644 --- a/go/tunnels/problem_details.go +++ b/go/tunnels/problem_details.go @@ -1,22 +1,22 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ProblemDetails.cs - -package tunnels - -// Structure of error details returned by the tunnel service, including validation errors. -// -// This object may be returned with a response status code of 400 (or other 4xx code). It -// is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and -// https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but -// doesn't require adding a dependency on that package. -type ProblemDetails struct { - // Gets or sets the error title. - Title string `json:"title,omitempty"` - - // Gets or sets the error detail. - Detail string `json:"detail,omitempty"` - - // Gets or sets additional details about individual request properties. - Errors map[string][]string `json:"errors,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ProblemDetails.cs + +package tunnels + +// Structure of error details returned by the tunnel service, including validation errors. +// +// This object may be returned with a response status code of 400 (or other 4xx code). It +// is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and +// https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but +// doesn't require adding a dependency on that package. +type ProblemDetails struct { + // Gets or sets the error title. + Title string `json:"title,omitempty"` + + // Gets or sets the error detail. + Detail string `json:"detail,omitempty"` + + // Gets or sets additional details about individual request properties. + Errors map[string][]string `json:"errors,omitempty"` +} diff --git a/go/tunnels/resource_status.go b/go/tunnels/resource_status.go index b5e141eb..77df6c82 100644 --- a/go/tunnels/resource_status.go +++ b/go/tunnels/resource_status.go @@ -1,45 +1,45 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ResourceStatus.cs - -package tunnels - -// Current value and limit for a limited resource related to a tunnel or tunnel port. -type ResourceStatus struct { - // Gets or sets the current value. - Current uint64 `json:"current"` - - // Gets or sets the limit enforced by the service, or null if there is no limit. - // - // Any requests that would cause the limit to be exceeded may be denied by the service. - // For HTTP requests, the response is generally a 403 Forbidden status, with details - // about the limit in the response body. - Limit uint64 `json:"limit,omitempty"` - - // Gets or sets an optional source of the `ResourceStatus.Limit`, or null if there is no - // limit. - LimitSource string `json:"limitSource,omitempty"` - - RateStatus -} - -// Current value and limit information for a rate-limited operation related to a tunnel or -// port. -type RateStatus struct { - // Gets or sets the length of each period, in seconds, over which the rate is measured. - // - // For rates that are limited by month (or billing period), this value may represent an - // estimate, since the actual duration may vary by the calendar. - PeriodSeconds uint32 `json:"periodSeconds,omitempty"` - - // Gets or sets the unix time in seconds when this status will be reset. - ResetTime int64 `json:"resetTime,omitempty"` - - NamedRateStatus -} - -// A named `RateStatus`. -type NamedRateStatus struct { - // The name of the rate status. - Name string `json:"name"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ResourceStatus.cs + +package tunnels + +// Current value and limit for a limited resource related to a tunnel or tunnel port. +type ResourceStatus struct { + // Gets or sets the current value. + Current uint64 `json:"current"` + + // Gets or sets the limit enforced by the service, or null if there is no limit. + // + // Any requests that would cause the limit to be exceeded may be denied by the service. + // For HTTP requests, the response is generally a 403 Forbidden status, with details + // about the limit in the response body. + Limit uint64 `json:"limit,omitempty"` + + // Gets or sets an optional source of the `ResourceStatus.Limit`, or null if there is no + // limit. + LimitSource string `json:"limitSource,omitempty"` + + RateStatus +} + +// Current value and limit information for a rate-limited operation related to a tunnel or +// port. +type RateStatus struct { + // Gets or sets the length of each period, in seconds, over which the rate is measured. + // + // For rates that are limited by month (or billing period), this value may represent an + // estimate, since the actual duration may vary by the calendar. + PeriodSeconds uint32 `json:"periodSeconds,omitempty"` + + // Gets or sets the unix time in seconds when this status will be reset. + ResetTime int64 `json:"resetTime,omitempty"` + + NamedRateStatus +} + +// A named `RateStatus`. +type NamedRateStatus struct { + // The name of the rate status. + Name string `json:"name"` +} diff --git a/go/tunnels/service_version_details.go b/go/tunnels/service_version_details.go index c7494c23..a7d50e4a 100644 --- a/go/tunnels/service_version_details.go +++ b/go/tunnels/service_version_details.go @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ServiceVersionDetails.cs - -package tunnels - -// Data contract for service version details. -type ServiceVersionDetails struct { - // Gets or sets the version of the service. E.g. "1.0.6615.53976". The version - // corresponds to the build number. - Version string `json:"version"` - - // Gets or sets the commit ID of the service. - CommitID string `json:"commitId"` - - // Gets or sets the commit date of the service. - CommitDate string `json:"commitDate"` - - // Gets or sets the cluster ID of the service that handled the request. - ClusterID string `json:"clusterId"` - - // Gets or sets the Azure location of the service that handled the request. - AzureLocation string `json:"azureLocation"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ServiceVersionDetails.cs + +package tunnels + +// Data contract for service version details. +type ServiceVersionDetails struct { + // Gets or sets the version of the service. E.g. "1.0.6615.53976". The version + // corresponds to the build number. + Version string `json:"version"` + + // Gets or sets the commit ID of the service. + CommitID string `json:"commitId"` + + // Gets or sets the commit date of the service. + CommitDate string `json:"commitDate"` + + // Gets or sets the cluster ID of the service that handled the request. + ClusterID string `json:"clusterId"` + + // Gets or sets the Azure location of the service that handled the request. + AzureLocation string `json:"azureLocation"` +} diff --git a/go/tunnels/tunnel.go b/go/tunnels/tunnel.go index 6e188dca..9523edef 100644 --- a/go/tunnels/tunnel.go +++ b/go/tunnels/tunnel.go @@ -1,71 +1,71 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/Tunnel.cs - -package tunnels - -import ( - "time" -) - -// Data contract for tunnel objects managed through the tunnel service REST API. -type Tunnel struct { - // Gets or sets the ID of the cluster the tunnel was created in. - ClusterID string `json:"clusterId,omitempty"` - - // Gets or sets the generated ID of the tunnel, unique within the cluster. - TunnelID string `json:"tunnelId,omitempty"` - - // Gets or sets the optional short name (alias) of the tunnel. - // - // The name must be globally unique within the parent domain, and must be a valid - // subdomain. - Name string `json:"name,omitempty"` - - // Gets or sets the description of the tunnel. - Description string `json:"description,omitempty"` - - // Gets or sets the labels of the tunnel. - Labels []string `json:"labels,omitempty"` - - // Gets or sets the optional parent domain of the tunnel, if it is not using the default - // parent domain. - Domain string `json:"domain,omitempty"` - - // Gets or sets a dictionary mapping from scopes to tunnel access tokens. - AccessTokens map[TunnelAccessScope]string `json:"accessTokens,omitempty"` - - // Gets or sets access control settings for the tunnel. - // - // See `TunnelAccessControl` documentation for details about the access control model. - AccessControl *TunnelAccessControl `json:"accessControl,omitempty"` - - // Gets or sets default options for the tunnel. - Options *TunnelOptions `json:"options,omitempty"` - - // Gets or sets current connection status of the tunnel. - Status *TunnelStatus `json:"status,omitempty"` - - // Gets or sets an array of endpoints where hosts are currently accepting client - // connections to the tunnel. - Endpoints []TunnelEndpoint `json:"endpoints,omitempty"` - - // Gets or sets a list of ports in the tunnel. - // - // This optional property enables getting info about all ports in a tunnel at the same - // time as getting tunnel info, or creating one or more ports at the same time as - // creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating - // tunnel properties. (For the latter, use APIs to create/update/delete individual ports - // instead.) - Ports []TunnelPort `json:"ports,omitempty"` - - // Gets or sets the time in UTC of tunnel creation. - Created *time.Time `json:"created,omitempty"` - - // Gets or the time the tunnel will be deleted if it is not used or updated. - Expiration *time.Time `json:"expiration,omitempty"` - - // Gets or the custom amount of time the tunnel will be valid if it is not used or - // updated in seconds. - CustomExpiration uint32 `json:"customExpiration,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/Tunnel.cs + +package tunnels + +import ( + "time" +) + +// Data contract for tunnel objects managed through the tunnel service REST API. +type Tunnel struct { + // Gets or sets the ID of the cluster the tunnel was created in. + ClusterID string `json:"clusterId,omitempty"` + + // Gets or sets the generated ID of the tunnel, unique within the cluster. + TunnelID string `json:"tunnelId,omitempty"` + + // Gets or sets the optional short name (alias) of the tunnel. + // + // The name must be globally unique within the parent domain, and must be a valid + // subdomain. + Name string `json:"name,omitempty"` + + // Gets or sets the description of the tunnel. + Description string `json:"description,omitempty"` + + // Gets or sets the labels of the tunnel. + Labels []string `json:"labels,omitempty"` + + // Gets or sets the optional parent domain of the tunnel, if it is not using the default + // parent domain. + Domain string `json:"domain,omitempty"` + + // Gets or sets a dictionary mapping from scopes to tunnel access tokens. + AccessTokens map[TunnelAccessScope]string `json:"accessTokens,omitempty"` + + // Gets or sets access control settings for the tunnel. + // + // See `TunnelAccessControl` documentation for details about the access control model. + AccessControl *TunnelAccessControl `json:"accessControl,omitempty"` + + // Gets or sets default options for the tunnel. + Options *TunnelOptions `json:"options,omitempty"` + + // Gets or sets current connection status of the tunnel. + Status *TunnelStatus `json:"status,omitempty"` + + // Gets or sets an array of endpoints where hosts are currently accepting client + // connections to the tunnel. + Endpoints []TunnelEndpoint `json:"endpoints,omitempty"` + + // Gets or sets a list of ports in the tunnel. + // + // This optional property enables getting info about all ports in a tunnel at the same + // time as getting tunnel info, or creating one or more ports at the same time as + // creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating + // tunnel properties. (For the latter, use APIs to create/update/delete individual ports + // instead.) + Ports []TunnelPort `json:"ports,omitempty"` + + // Gets or sets the time in UTC of tunnel creation. + Created *time.Time `json:"created,omitempty"` + + // Gets or the time the tunnel will be deleted if it is not used or updated. + Expiration *time.Time `json:"expiration,omitempty"` + + // Gets or the custom amount of time the tunnel will be valid if it is not used or + // updated in seconds. + CustomExpiration uint32 `json:"customExpiration,omitempty"` +} diff --git a/go/tunnels/tunnel_access_control.go b/go/tunnels/tunnel_access_control.go index dc3be33a..2caef2d0 100644 --- a/go/tunnels/tunnel_access_control.go +++ b/go/tunnels/tunnel_access_control.go @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControl.cs - -package tunnels - -// Data contract for access control on a `Tunnel` or `TunnelPort`. -// -// Tunnels and tunnel ports can each optionally have an access-control property set on -// them. An access-control object contains a list (ACL) of entries (ACEs) that specify the -// access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the -// tunnel, though ports may include ACEs that augment or override the inherited rules. -// Currently there is no capability to define "roles" for tunnel access (where a role -// specifies a set of related access scopes), and assign roles to users. That feature may -// be added in the future. (It should be represented as a separate `RoleAssignments` -// property on this class.) -type TunnelAccessControl struct { - // Gets or sets the list of access control entries. - // - // The order of entries is significant: later entries override earlier entries that apply - // to the same subject. However, deny rules are always processed after allow rules, - // therefore an allow rule cannot override a deny rule for the same subject. - Entries []TunnelAccessControlEntry `json:"entries"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControl.cs + +package tunnels + +// Data contract for access control on a `Tunnel` or `TunnelPort`. +// +// Tunnels and tunnel ports can each optionally have an access-control property set on +// them. An access-control object contains a list (ACL) of entries (ACEs) that specify the +// access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the +// tunnel, though ports may include ACEs that augment or override the inherited rules. +// Currently there is no capability to define "roles" for tunnel access (where a role +// specifies a set of related access scopes), and assign roles to users. That feature may +// be added in the future. (It should be represented as a separate `RoleAssignments` +// property on this class.) +type TunnelAccessControl struct { + // Gets or sets the list of access control entries. + // + // The order of entries is significant: later entries override earlier entries that apply + // to the same subject. However, deny rules are always processed after allow rules, + // therefore an allow rule cannot override a deny rule for the same subject. + Entries []TunnelAccessControlEntry `json:"entries"` +} diff --git a/go/tunnels/tunnel_access_control_entry.go b/go/tunnels/tunnel_access_control_entry.go index cf9b6f0d..d540d4e9 100644 --- a/go/tunnels/tunnel_access_control_entry.go +++ b/go/tunnels/tunnel_access_control_entry.go @@ -1,104 +1,104 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntry.cs - -package tunnels - -import ( - "time" -) - -// Data contract for an access control entry on a `Tunnel` or `TunnelPort`. -// -// An access control entry (ACE) grants or denies one or more access scopes to one or more -// subjects. Tunnel ports inherit access control entries from their tunnel, and they may -// have additional port-specific entries that augment or override those access rules. -type TunnelAccessControlEntry struct { - // Gets or sets the access control entry type. - Type TunnelAccessControlEntryType `json:"type"` - - // Gets or sets the provider of the subjects in this access control entry. The provider - // impacts how the subject identifiers are resolved and displayed. The provider may be an - // identity provider such as AAD, or a system or standard such as "ssh" or "ipv4". - // - // For user, group, or org ACEs, this value is the name of the identity provider of the - // user/group/org IDs. It may be one of the well-known provider names in - // `TunnelAccessControlEntry.Providers`, or (in the future) a custom identity provider. - // For public key ACEs, this value is the type of public key, e.g. "ssh". For IP address - // range ACEs, this value is the IP address version, "ipv4" or "ipv6", or "service-tag" - // if the range is defined by an Azure service tag. For anonymous ACEs, this value is - // null. - Provider string `json:"provider,omitempty"` - - // Gets or sets a value indicating whether this is an access control entry on a tunnel - // port that is inherited from the tunnel's access control list. - IsInherited bool `json:"isInherited,omitempty"` - - // Gets or sets a value indicating whether this entry is a deny rule that blocks access - // to the specified users. Otherwise it is an allow rule. - // - // All deny rules (including inherited rules) are processed after all allow rules. - // Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list or - // on a more-specific resource. In other words, inherited deny ACEs cannot be overridden. - IsDeny bool `json:"isDeny,omitempty"` - - // Gets or sets a value indicating whether this entry applies to all subjects that are - // NOT in the `TunnelAccessControlEntry.Subjects` list. - // - // Examples: an inverse organizations ACE applies to all users who are not members of the - // listed organization(s); an inverse anonymous ACE applies to all authenticated users; - // an inverse IP address ranges ACE applies to all clients that are not within any of the - // listed IP address ranges. The inverse option is often useful in policies in - // combination with `TunnelAccessControlEntry.IsDeny`, for example a policy could deny - // access to users who are not members of an organization or are outside of an IP address - // range, effectively blocking any tunnels from allowing outside access (because - // inherited deny ACEs cannot be overridden). - IsInverse bool `json:"isInverse,omitempty"` - - // Gets or sets an optional organization context for all subjects of this entry. The use - // and meaning of this value depends on the `TunnelAccessControlEntry.Type` and - // `TunnelAccessControlEntry.Provider` of this entry. - // - // For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently - // used with any other types of ACEs. - Organization string `json:"organization,omitempty"` - - // Gets or sets the subjects for the entry, such as user or group IDs. The format of the - // values depends on the `TunnelAccessControlEntry.Type` and - // `TunnelAccessControlEntry.Provider` of this entry. - Subjects []string `json:"subjects"` - - // Gets or sets the access scopes that this entry grants or denies to the subjects. - // - // These must be one or more values from `TunnelAccessScopes`. - Scopes []string `json:"scopes"` - - // Gets or sets the expiration for an access control entry. - // - // If no value is set then this value is null. - Expiration *time.Time `json:"expiration,omitempty"` -} - -// Constants for well-known identity providers. -type TunnelAccessControlEntryProviders []TunnelAccessControlEntryProvider -type TunnelAccessControlEntryProvider string - -const ( - // Microsoft (AAD) identity provider. - TunnelAccessControlEntryProviderMicrosoft TunnelAccessControlEntryProvider = "microsoft" - - // GitHub identity provider. - TunnelAccessControlEntryProviderGitHub TunnelAccessControlEntryProvider = "github" - - // SSH public keys. - TunnelAccessControlEntryProviderSsh TunnelAccessControlEntryProvider = "ssh" - - // IPv4 addresses. - TunnelAccessControlEntryProviderIPv4 TunnelAccessControlEntryProvider = "ipv4" - - // IPv6 addresses. - TunnelAccessControlEntryProviderIPv6 TunnelAccessControlEntryProvider = "ipv6" - - // Service tags. - TunnelAccessControlEntryProviderServiceTag TunnelAccessControlEntryProvider = "service-tag" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntry.cs + +package tunnels + +import ( + "time" +) + +// Data contract for an access control entry on a `Tunnel` or `TunnelPort`. +// +// An access control entry (ACE) grants or denies one or more access scopes to one or more +// subjects. Tunnel ports inherit access control entries from their tunnel, and they may +// have additional port-specific entries that augment or override those access rules. +type TunnelAccessControlEntry struct { + // Gets or sets the access control entry type. + Type TunnelAccessControlEntryType `json:"type"` + + // Gets or sets the provider of the subjects in this access control entry. The provider + // impacts how the subject identifiers are resolved and displayed. The provider may be an + // identity provider such as AAD, or a system or standard such as "ssh" or "ipv4". + // + // For user, group, or org ACEs, this value is the name of the identity provider of the + // user/group/org IDs. It may be one of the well-known provider names in + // `TunnelAccessControlEntry.Providers`, or (in the future) a custom identity provider. + // For public key ACEs, this value is the type of public key, e.g. "ssh". For IP address + // range ACEs, this value is the IP address version, "ipv4" or "ipv6", or "service-tag" + // if the range is defined by an Azure service tag. For anonymous ACEs, this value is + // null. + Provider string `json:"provider,omitempty"` + + // Gets or sets a value indicating whether this is an access control entry on a tunnel + // port that is inherited from the tunnel's access control list. + IsInherited bool `json:"isInherited,omitempty"` + + // Gets or sets a value indicating whether this entry is a deny rule that blocks access + // to the specified users. Otherwise it is an allow rule. + // + // All deny rules (including inherited rules) are processed after all allow rules. + // Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list or + // on a more-specific resource. In other words, inherited deny ACEs cannot be overridden. + IsDeny bool `json:"isDeny,omitempty"` + + // Gets or sets a value indicating whether this entry applies to all subjects that are + // NOT in the `TunnelAccessControlEntry.Subjects` list. + // + // Examples: an inverse organizations ACE applies to all users who are not members of the + // listed organization(s); an inverse anonymous ACE applies to all authenticated users; + // an inverse IP address ranges ACE applies to all clients that are not within any of the + // listed IP address ranges. The inverse option is often useful in policies in + // combination with `TunnelAccessControlEntry.IsDeny`, for example a policy could deny + // access to users who are not members of an organization or are outside of an IP address + // range, effectively blocking any tunnels from allowing outside access (because + // inherited deny ACEs cannot be overridden). + IsInverse bool `json:"isInverse,omitempty"` + + // Gets or sets an optional organization context for all subjects of this entry. The use + // and meaning of this value depends on the `TunnelAccessControlEntry.Type` and + // `TunnelAccessControlEntry.Provider` of this entry. + // + // For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently + // used with any other types of ACEs. + Organization string `json:"organization,omitempty"` + + // Gets or sets the subjects for the entry, such as user or group IDs. The format of the + // values depends on the `TunnelAccessControlEntry.Type` and + // `TunnelAccessControlEntry.Provider` of this entry. + Subjects []string `json:"subjects"` + + // Gets or sets the access scopes that this entry grants or denies to the subjects. + // + // These must be one or more values from `TunnelAccessScopes`. + Scopes []string `json:"scopes"` + + // Gets or sets the expiration for an access control entry. + // + // If no value is set then this value is null. + Expiration *time.Time `json:"expiration,omitempty"` +} + +// Constants for well-known identity providers. +type TunnelAccessControlEntryProviders []TunnelAccessControlEntryProvider +type TunnelAccessControlEntryProvider string + +const ( + // Microsoft (AAD) identity provider. + TunnelAccessControlEntryProviderMicrosoft TunnelAccessControlEntryProvider = "microsoft" + + // GitHub identity provider. + TunnelAccessControlEntryProviderGitHub TunnelAccessControlEntryProvider = "github" + + // SSH public keys. + TunnelAccessControlEntryProviderSsh TunnelAccessControlEntryProvider = "ssh" + + // IPv4 addresses. + TunnelAccessControlEntryProviderIPv4 TunnelAccessControlEntryProvider = "ipv4" + + // IPv6 addresses. + TunnelAccessControlEntryProviderIPv6 TunnelAccessControlEntryProvider = "ipv6" + + // Service tags. + TunnelAccessControlEntryProviderServiceTag TunnelAccessControlEntryProvider = "service-tag" +) diff --git a/go/tunnels/tunnel_access_control_entry_type.go b/go/tunnels/tunnel_access_control_entry_type.go index 3f335b21..6e9893c2 100644 --- a/go/tunnels/tunnel_access_control_entry_type.go +++ b/go/tunnels/tunnel_access_control_entry_type.go @@ -1,41 +1,41 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntryType.cs - -package tunnels - -// Specifies the type of `TunnelAccessControlEntry`. -type TunnelAccessControlEntryType string - -const ( - // Uninitialized access control entry type. - TunnelAccessControlEntryTypeNone TunnelAccessControlEntryType = "None" - - // The access control entry refers to all anonymous users. - TunnelAccessControlEntryTypeAnonymous TunnelAccessControlEntryType = "Anonymous" - - // The access control entry is a list of user IDs that are allowed (or denied) access. - TunnelAccessControlEntryTypeUsers TunnelAccessControlEntryType = "Users" - - // The access control entry is a list of groups IDs that are allowed (or denied) access. - TunnelAccessControlEntryTypeGroups TunnelAccessControlEntryType = "Groups" - - // The access control entry is a list of organization IDs that are allowed (or denied) - // access. - // - // All users in the organizations are allowed (or denied) access, unless overridden by - // following group or user rules. - TunnelAccessControlEntryTypeOrganizations TunnelAccessControlEntryType = "Organizations" - - // The access control entry is a list of repositories. Users are allowed access to the - // tunnel if they have access to the repo. - TunnelAccessControlEntryTypeRepositories TunnelAccessControlEntryType = "Repositories" - - // The access control entry is a list of public keys. Users are allowed access if they - // can authenticate using a private key corresponding to one of the public keys. - TunnelAccessControlEntryTypePublicKeys TunnelAccessControlEntryType = "PublicKeys" - - // The access control entry is a list of IP address ranges that are allowed (or denied) - // access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. - TunnelAccessControlEntryTypeIPAddressRanges TunnelAccessControlEntryType = "IPAddressRanges" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntryType.cs + +package tunnels + +// Specifies the type of `TunnelAccessControlEntry`. +type TunnelAccessControlEntryType string + +const ( + // Uninitialized access control entry type. + TunnelAccessControlEntryTypeNone TunnelAccessControlEntryType = "None" + + // The access control entry refers to all anonymous users. + TunnelAccessControlEntryTypeAnonymous TunnelAccessControlEntryType = "Anonymous" + + // The access control entry is a list of user IDs that are allowed (or denied) access. + TunnelAccessControlEntryTypeUsers TunnelAccessControlEntryType = "Users" + + // The access control entry is a list of groups IDs that are allowed (or denied) access. + TunnelAccessControlEntryTypeGroups TunnelAccessControlEntryType = "Groups" + + // The access control entry is a list of organization IDs that are allowed (or denied) + // access. + // + // All users in the organizations are allowed (or denied) access, unless overridden by + // following group or user rules. + TunnelAccessControlEntryTypeOrganizations TunnelAccessControlEntryType = "Organizations" + + // The access control entry is a list of repositories. Users are allowed access to the + // tunnel if they have access to the repo. + TunnelAccessControlEntryTypeRepositories TunnelAccessControlEntryType = "Repositories" + + // The access control entry is a list of public keys. Users are allowed access if they + // can authenticate using a private key corresponding to one of the public keys. + TunnelAccessControlEntryTypePublicKeys TunnelAccessControlEntryType = "PublicKeys" + + // The access control entry is a list of IP address ranges that are allowed (or denied) + // access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. + TunnelAccessControlEntryTypeIPAddressRanges TunnelAccessControlEntryType = "IPAddressRanges" +) diff --git a/go/tunnels/tunnel_access_scopes.go b/go/tunnels/tunnel_access_scopes.go index c70a33c1..9a119b9b 100644 --- a/go/tunnels/tunnel_access_scopes.go +++ b/go/tunnels/tunnel_access_scopes.go @@ -1,38 +1,38 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessScopes.cs - -package tunnels - -// Defines scopes for tunnel access tokens. -// -// A tunnel access token with one or more of these scopes typically also has cluster ID -// and tunnel ID claims that limit the access scope to a specific tunnel, and may also -// have one or more port claims that further limit the access to particular ports of the -// tunnel. -type TunnelAccessScopes []TunnelAccessScope -type TunnelAccessScope string - -const ( - // Allows creating tunnels. This scope is valid only in policies at the global, domain, - // or organization level; it is not relevant to an already-created tunnel or tunnel port. - // (Creation of ports requires "manage" or "host" access to the tunnel.) - TunnelAccessScopeCreate TunnelAccessScope = "create" - - // Allows management operations on tunnels and tunnel ports. - TunnelAccessScopeManage TunnelAccessScope = "manage" - - // Allows management operations on all ports of a tunnel, but does not allow updating any - // other tunnel properties or deleting the tunnel. - TunnelAccessScopeManagePorts TunnelAccessScope = "manage:ports" - - // Allows accepting connections on tunnels as a host. Includes access to update tunnel - // endpoints and ports. - TunnelAccessScopeHost TunnelAccessScope = "host" - - // Allows inspecting tunnel connection activity and data. - TunnelAccessScopeInspect TunnelAccessScope = "inspect" - - // Allows connecting to tunnels or ports as a client. - TunnelAccessScopeConnect TunnelAccessScope = "connect" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessScopes.cs + +package tunnels + +// Defines scopes for tunnel access tokens. +// +// A tunnel access token with one or more of these scopes typically also has cluster ID +// and tunnel ID claims that limit the access scope to a specific tunnel, and may also +// have one or more port claims that further limit the access to particular ports of the +// tunnel. +type TunnelAccessScopes []TunnelAccessScope +type TunnelAccessScope string + +const ( + // Allows creating tunnels. This scope is valid only in policies at the global, domain, + // or organization level; it is not relevant to an already-created tunnel or tunnel port. + // (Creation of ports requires "manage" or "host" access to the tunnel.) + TunnelAccessScopeCreate TunnelAccessScope = "create" + + // Allows management operations on tunnels and tunnel ports. + TunnelAccessScopeManage TunnelAccessScope = "manage" + + // Allows management operations on all ports of a tunnel, but does not allow updating any + // other tunnel properties or deleting the tunnel. + TunnelAccessScopeManagePorts TunnelAccessScope = "manage:ports" + + // Allows accepting connections on tunnels as a host. Includes access to update tunnel + // endpoints and ports. + TunnelAccessScopeHost TunnelAccessScope = "host" + + // Allows inspecting tunnel connection activity and data. + TunnelAccessScopeInspect TunnelAccessScope = "inspect" + + // Allows connecting to tunnels or ports as a client. + TunnelAccessScopeConnect TunnelAccessScope = "connect" +) diff --git a/go/tunnels/tunnel_access_subject.go b/go/tunnels/tunnel_access_subject.go index 5fc7c5d5..aa40dec9 100644 --- a/go/tunnels/tunnel_access_subject.go +++ b/go/tunnels/tunnel_access_subject.go @@ -1,36 +1,36 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessSubject.cs - -package tunnels - -// Properties about a subject of a tunnel access control entry (ACE), used when resolving -// subject names to IDs when creating new ACEs, or formatting subject IDs to names when -// displaying existing ACEs. -type TunnelAccessSubject struct { - // Gets or sets the type of subject, e.g. user, group, or organization. - Type TunnelAccessControlEntryType `json:"type"` - - // Gets or sets the subject ID. - // - // The ID is typically a guid or integer that is unique within the scope of the identity - // provider or organization, and never changes for that subject. - ID string `json:"id,omitempty"` - - // Gets or sets the subject organization ID, which may be required if an organization is - // not implied by the authentication context. - OrganizationID string `json:"organizationId,omitempty"` - - // Gets or sets the partial or full subject name. - // - // When resolving a subject name to ID, a partial name may be provided, and the full name - // is returned if the partial name was successfully resolved. When formatting a subject - // ID to name, the full name is returned if the ID was found. - Name string `json:"name,omitempty"` - - // Gets or sets an array of possible subject matches, if a partial name was provided and - // did not resolve to a single subject. - // - // This property applies only when resolving subject names to IDs. - Matches []TunnelAccessSubject `json:"matches,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessSubject.cs + +package tunnels + +// Properties about a subject of a tunnel access control entry (ACE), used when resolving +// subject names to IDs when creating new ACEs, or formatting subject IDs to names when +// displaying existing ACEs. +type TunnelAccessSubject struct { + // Gets or sets the type of subject, e.g. user, group, or organization. + Type TunnelAccessControlEntryType `json:"type"` + + // Gets or sets the subject ID. + // + // The ID is typically a guid or integer that is unique within the scope of the identity + // provider or organization, and never changes for that subject. + ID string `json:"id,omitempty"` + + // Gets or sets the subject organization ID, which may be required if an organization is + // not implied by the authentication context. + OrganizationID string `json:"organizationId,omitempty"` + + // Gets or sets the partial or full subject name. + // + // When resolving a subject name to ID, a partial name may be provided, and the full name + // is returned if the partial name was successfully resolved. When formatting a subject + // ID to name, the full name is returned if the ID was found. + Name string `json:"name,omitempty"` + + // Gets or sets an array of possible subject matches, if a partial name was provided and + // did not resolve to a single subject. + // + // This property applies only when resolving subject names to IDs. + Matches []TunnelAccessSubject `json:"matches,omitempty"` +} diff --git a/go/tunnels/tunnel_authentication_schemes.go b/go/tunnels/tunnel_authentication_schemes.go index 7fd122b4..2290fd4c 100644 --- a/go/tunnels/tunnel_authentication_schemes.go +++ b/go/tunnels/tunnel_authentication_schemes.go @@ -1,23 +1,23 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs - -package tunnels - -// Defines string constants for authentication schemes supported by tunnel service APIs. -type TunnelAuthenticationSchemes []TunnelAuthenticationScheme -type TunnelAuthenticationScheme string - -const ( - // Authentication scheme for AAD (or Microsoft account) access tokens. - TunnelAuthenticationSchemeAad TunnelAuthenticationScheme = "aad" - - // Authentication scheme for GitHub access tokens. - TunnelAuthenticationSchemeGitHub TunnelAuthenticationScheme = "github" - - // Authentication scheme for tunnel access tokens. - TunnelAuthenticationSchemeTunnel TunnelAuthenticationScheme = "tunnel" - - // Authentication scheme for tunnelPlan access tokens. - TunnelAuthenticationSchemeTunnelPlan TunnelAuthenticationScheme = "tunnelplan" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs + +package tunnels + +// Defines string constants for authentication schemes supported by tunnel service APIs. +type TunnelAuthenticationSchemes []TunnelAuthenticationScheme +type TunnelAuthenticationScheme string + +const ( + // Authentication scheme for AAD (or Microsoft account) access tokens. + TunnelAuthenticationSchemeAad TunnelAuthenticationScheme = "aad" + + // Authentication scheme for GitHub access tokens. + TunnelAuthenticationSchemeGitHub TunnelAuthenticationScheme = "github" + + // Authentication scheme for tunnel access tokens. + TunnelAuthenticationSchemeTunnel TunnelAuthenticationScheme = "tunnel" + + // Authentication scheme for tunnelPlan access tokens. + TunnelAuthenticationSchemeTunnelPlan TunnelAuthenticationScheme = "tunnelplan" +) diff --git a/go/tunnels/tunnel_connection_mode.go b/go/tunnels/tunnel_connection_mode.go index d2dd18db..74cba9f8 100644 --- a/go/tunnels/tunnel_connection_mode.go +++ b/go/tunnels/tunnel_connection_mode.go @@ -1,22 +1,22 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelConnectionMode.cs - -package tunnels - -// Specifies the connection protocol / implementation for a tunnel. -// -// Depending on the connection mode, hosts or clients might need to use different -// authentication and connection protocols. -type TunnelConnectionMode string - -const ( - // Connect directly to the host over the local network. - // - // While it's technically not "tunneling", this mode may be combined with others to - // enable choosing the most efficient connection mode available. - TunnelConnectionModeLocalNetwork TunnelConnectionMode = "LocalNetwork" - - // Use the tunnel service's integrated relay function. - TunnelConnectionModeTunnelRelay TunnelConnectionMode = "TunnelRelay" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelConnectionMode.cs + +package tunnels + +// Specifies the connection protocol / implementation for a tunnel. +// +// Depending on the connection mode, hosts or clients might need to use different +// authentication and connection protocols. +type TunnelConnectionMode string + +const ( + // Connect directly to the host over the local network. + // + // While it's technically not "tunneling", this mode may be combined with others to + // enable choosing the most efficient connection mode available. + TunnelConnectionModeLocalNetwork TunnelConnectionMode = "LocalNetwork" + + // Use the tunnel service's integrated relay function. + TunnelConnectionModeTunnelRelay TunnelConnectionMode = "TunnelRelay" +) diff --git a/go/tunnels/tunnel_constraints.go b/go/tunnels/tunnel_constraints.go index de833be0..c09d565b 100644 --- a/go/tunnels/tunnel_constraints.go +++ b/go/tunnels/tunnel_constraints.go @@ -1,226 +1,226 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelConstraints.cs - -package tunnels - -import ( - "regexp" - "strings" -) - -const ( - // Min length of tunnel cluster ID. - TunnelConstraintsClusterIDMinLength = 3 - - // Max length of tunnel cluster ID. - TunnelConstraintsClusterIDMaxLength = 12 - - // Length of V1 tunnel id. - TunnelConstraintsOldTunnelIDLength = 8 - - // Min length of V2 tunnelId. - TunnelConstraintsNewTunnelIDMinLength = 3 - - // Max length of V2 tunnelId. - // - // Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes - // (-<port>-inspect) remain within the DNS label limit of 63 characters. - TunnelConstraintsNewTunnelIDMaxLength = 49 - - // Length of a tunnel alias. - TunnelConstraintsTunnelAliasLength = 8 - - // Min length of tunnel name. - TunnelConstraintsTunnelNameMinLength = 3 - - // Max length of tunnel name. - // - // Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes - // (-<port>-inspect) remain within the DNS label limit of 63 characters. - TunnelConstraintsTunnelNameMaxLength = 49 - - // Max length of SSH username. - TunnelConstraintsSshUserMaxLength = 60 - - // Max length of tunnel or port description. - TunnelConstraintsDescriptionMaxLength = 400 - - // Max length of tunnel event details. - TunnelConstraintsEventDetailsMaxLength = 4000 - - // Max number of properties in a tunnel event. - TunnelConstraintsMaxEventProperties = 100 - - // Max length of a single tunnel event property value. - TunnelConstraintsEventPropertyValueMaxLength = 4000 - - // Min length of a single tunnel or port tag. - TunnelConstraintsLabelMinLength = 1 - - // Max length of a single tunnel or port tag. - TunnelConstraintsLabelMaxLength = 50 - - // Maximum number of labels that can be applied to a tunnel or port. - TunnelConstraintsMaxLabels = 100 - - // Min length of a tunnel domain. - TunnelConstraintsTunnelDomainMinLength = 4 - - // Max length of a tunnel domain. - TunnelConstraintsTunnelDomainMaxLength = 180 - - // Maximum number of items allowed in the tunnel ports array. The actual limit on number - // of ports that can be created may be much lower, and may depend on various resource - // limitations or policies. - TunnelConstraintsTunnelMaxPorts = 1000 - - // Maximum number of access control entries (ACEs) in a tunnel or tunnel port access - // control list (ACL). - TunnelConstraintsAccessControlMaxEntries = 40 - - // Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access - // control entry (ACE). - TunnelConstraintsAccessControlMaxSubjects = 100 - - // Max length of an access control subject or organization ID. - TunnelConstraintsAccessControlSubjectMaxLength = 200 - - // Max length of an access control subject name, when resolving names to IDs. - TunnelConstraintsAccessControlSubjectNameMaxLength = 200 - - // Maximum number of scopes in an access control entry. - TunnelConstraintsAccessControlMaxScopes = 10 - - // Regular expression that can match or validate tunnel event name strings. - TunnelConstraintsEventNamePattern = "^[a-z0-9_]{3,80}$" - - // Regular expression that can match or validate tunnel event severity strings. - TunnelConstraintsEventSeverityPattern = "^(info)|(warning)|(error)$" - - // Regular expression that can match or validate tunnel event property name strings. - TunnelConstraintsEventPropertyNamePattern = "^[a-zA-Z0-9_.]{3,200}$" - - // Regular expression that can match or validate tunnel cluster ID strings. - // - // Cluster IDs are alphanumeric; hyphens are not permitted. - TunnelConstraintsClusterIDPattern = "^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$" - - // Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - // excluding vowels and 'y' (to avoid accidentally generating any random words). - TunnelConstraintsOldTunnelIDChars = "0123456789bcdfghjklmnpqrstvwxz" - - // Regular expression that can match or validate tunnel ID strings. - // - // Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase - // letters (minus vowels and y). - TunnelConstraintsOldTunnelIDPattern = "[" + TunnelConstraintsOldTunnelIDChars + "]{8}" - - // Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - // excluding vowels and 'y' (to avoid accidentally generating any random words). - TunnelConstraintsNewTunnelIDChars = "0123456789abcdefghijklmnopqrstuvwxyz-" - - // Regular expression that can match or validate tunnel ID strings. - // - // Tunnel IDs have a limited character set of numbers and lowercase letters. Limited to - // 49 characters to ensure tunnel URIs with ports and inspection suffixes remain within - // the DNS label limit of 63 characters. - TunnelConstraintsNewTunnelIDPattern = "[a-z0-9][a-z0-9-]{1,47}[a-z0-9]" - - // Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - // excluding vowels and 'y' (to avoid accidentally generating any random words). - TunnelConstraintsTunnelAliasChars = "0123456789bcdfghjklmnpqrstvwxz" - - // Regular expression that can match or validate tunnel alias strings. - // - // Tunnel Aliases are fixed-length and have a limited character set of numbers and - // lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel URIs - // with ports and inspection suffixes remain within the DNS label limit of 63 characters. - TunnelConstraintsTunnelAliasPattern = "[" + TunnelConstraintsTunnelAliasChars + "]{3,49}" - - // Regular expression that can match or validate tunnel names. - // - // Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an - // empty string because tunnels may be unnamed. Limited to 49 characters to ensure tunnel - // URIs with ports and inspection suffixes remain within the DNS label limit of 63 - // characters. - TunnelConstraintsTunnelNamePattern = "([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)" - - // Regular expression that can match or validate tunnel or port labels. - TunnelConstraintsLabelPattern = "[\\w-=]{1,50}" - - // Regular expression that can match or validate tunnel domains. - // - // The tunnel service may perform additional contextual validation at the time the domain - // is registered. - TunnelConstraintsTunnelDomainPattern = "[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)" - - // Regular expression that can match or validate an access control subject or - // organization ID. - // - // The : and / characters are allowed because subjects may include IP addresses and - // ranges. The @ character is allowed because MSA subjects may be identified by email - // address. - TunnelConstraintsAccessControlSubjectPattern = "[0-9a-zA-Z-._:/@]{0,200}" - - // Regular expression that can match or validate an access control subject name, when - // resolving subject names to IDs. - // - // Note angle-brackets are only allowed when they wrap an email address as part of a - // formatted name with email. The service will block any other use of angle-brackets, to - // avoid any XSS risks. - TunnelConstraintsAccessControlSubjectNamePattern = "[ \\w\\d-.,/:'\"_@()<>]{0,200}" -) -var ( - // Regular expression that can match or validate tunnel cluster ID strings. - // - // Cluster IDs are alphanumeric; hyphens are not permitted. - TunnelConstraintsClusterIDRegex = regexp.MustCompile(TunnelConstraintsClusterIDPattern) - - // Regular expression that can match or validate a tunnel cluster ID as a hostname - // prefix. - // - // Cluster IDs are alphanumeric; hyphens are not permitted. - TunnelConstraintsClusterIDPrefixRegex = regexp.MustCompile(strings.Replace(TunnelConstraintsClusterIDPattern, "$", "\\.", -1)) - - // Regular expression that can match or validate tunnel ID strings. - // - // Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase - // letters (minus vowels and y). - TunnelConstraintsOldTunnelIDRegex = regexp.MustCompile(TunnelConstraintsOldTunnelIDPattern) - - // Regular expression that can match or validate tunnel ID strings. - // - // Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase - // letters (minus vowels and y). - TunnelConstraintsNewTunnelIDRegex = regexp.MustCompile(TunnelConstraintsNewTunnelIDPattern) - - // Regular expression that can match or validate tunnel alias strings. - // - // Tunnel Aliases are fixed-length and have a limited character set of numbers and - // lowercase letters (minus vowels and y). - TunnelConstraintsTunnelAliasRegex = regexp.MustCompile(TunnelConstraintsTunnelAliasPattern) - - // Regular expression that can match or validate tunnel names. - // - // Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an - // empty string because tunnels may be unnamed. - TunnelConstraintsTunnelNameRegex = regexp.MustCompile(TunnelConstraintsTunnelNamePattern) - - // Regular expression that can match or validate tunnel or port labels. - TunnelConstraintsLabelRegex = regexp.MustCompile(TunnelConstraintsLabelPattern) - - // Regular expression that can match or validate tunnel domains. - // - // The tunnel service may perform additional contextual validation at the time the domain - // is registered. - TunnelConstraintsTunnelDomainRegex = regexp.MustCompile(TunnelConstraintsTunnelDomainPattern) - - // Regular expression that can match or validate an access control subject or - // organization ID. - TunnelConstraintsAccessControlSubjectRegex = regexp.MustCompile(TunnelConstraintsAccessControlSubjectPattern) - - // Regular expression that can match or validate an access control subject name, when - // resolving subject names to IDs. - TunnelConstraintsAccessControlSubjectNameRegex = regexp.MustCompile(TunnelConstraintsAccessControlSubjectNamePattern) -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelConstraints.cs + +package tunnels + +import ( + "regexp" + "strings" +) + +const ( + // Min length of tunnel cluster ID. + TunnelConstraintsClusterIDMinLength = 3 + + // Max length of tunnel cluster ID. + TunnelConstraintsClusterIDMaxLength = 12 + + // Length of V1 tunnel id. + TunnelConstraintsOldTunnelIDLength = 8 + + // Min length of V2 tunnelId. + TunnelConstraintsNewTunnelIDMinLength = 3 + + // Max length of V2 tunnelId. + // + // Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes + // (-<port>-inspect) remain within the DNS label limit of 63 characters. + TunnelConstraintsNewTunnelIDMaxLength = 49 + + // Length of a tunnel alias. + TunnelConstraintsTunnelAliasLength = 8 + + // Min length of tunnel name. + TunnelConstraintsTunnelNameMinLength = 3 + + // Max length of tunnel name. + // + // Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes + // (-<port>-inspect) remain within the DNS label limit of 63 characters. + TunnelConstraintsTunnelNameMaxLength = 49 + + // Max length of SSH username. + TunnelConstraintsSshUserMaxLength = 60 + + // Max length of tunnel or port description. + TunnelConstraintsDescriptionMaxLength = 400 + + // Max length of tunnel event details. + TunnelConstraintsEventDetailsMaxLength = 4000 + + // Max number of properties in a tunnel event. + TunnelConstraintsMaxEventProperties = 100 + + // Max length of a single tunnel event property value. + TunnelConstraintsEventPropertyValueMaxLength = 4000 + + // Min length of a single tunnel or port tag. + TunnelConstraintsLabelMinLength = 1 + + // Max length of a single tunnel or port tag. + TunnelConstraintsLabelMaxLength = 50 + + // Maximum number of labels that can be applied to a tunnel or port. + TunnelConstraintsMaxLabels = 100 + + // Min length of a tunnel domain. + TunnelConstraintsTunnelDomainMinLength = 4 + + // Max length of a tunnel domain. + TunnelConstraintsTunnelDomainMaxLength = 180 + + // Maximum number of items allowed in the tunnel ports array. The actual limit on number + // of ports that can be created may be much lower, and may depend on various resource + // limitations or policies. + TunnelConstraintsTunnelMaxPorts = 1000 + + // Maximum number of access control entries (ACEs) in a tunnel or tunnel port access + // control list (ACL). + TunnelConstraintsAccessControlMaxEntries = 40 + + // Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access + // control entry (ACE). + TunnelConstraintsAccessControlMaxSubjects = 100 + + // Max length of an access control subject or organization ID. + TunnelConstraintsAccessControlSubjectMaxLength = 200 + + // Max length of an access control subject name, when resolving names to IDs. + TunnelConstraintsAccessControlSubjectNameMaxLength = 200 + + // Maximum number of scopes in an access control entry. + TunnelConstraintsAccessControlMaxScopes = 10 + + // Regular expression that can match or validate tunnel event name strings. + TunnelConstraintsEventNamePattern = "^[a-z0-9_]{3,80}$" + + // Regular expression that can match or validate tunnel event severity strings. + TunnelConstraintsEventSeverityPattern = "^(info)|(warning)|(error)$" + + // Regular expression that can match or validate tunnel event property name strings. + TunnelConstraintsEventPropertyNamePattern = "^[a-zA-Z0-9_.]{3,200}$" + + // Regular expression that can match or validate tunnel cluster ID strings. + // + // Cluster IDs are alphanumeric; hyphens are not permitted. + TunnelConstraintsClusterIDPattern = "^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$" + + // Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + // excluding vowels and 'y' (to avoid accidentally generating any random words). + TunnelConstraintsOldTunnelIDChars = "0123456789bcdfghjklmnpqrstvwxz" + + // Regular expression that can match or validate tunnel ID strings. + // + // Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase + // letters (minus vowels and y). + TunnelConstraintsOldTunnelIDPattern = "[" + TunnelConstraintsOldTunnelIDChars + "]{8}" + + // Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + // excluding vowels and 'y' (to avoid accidentally generating any random words). + TunnelConstraintsNewTunnelIDChars = "0123456789abcdefghijklmnopqrstuvwxyz-" + + // Regular expression that can match or validate tunnel ID strings. + // + // Tunnel IDs have a limited character set of numbers and lowercase letters. Limited to + // 49 characters to ensure tunnel URIs with ports and inspection suffixes remain within + // the DNS label limit of 63 characters. + TunnelConstraintsNewTunnelIDPattern = "[a-z0-9][a-z0-9-]{1,47}[a-z0-9]" + + // Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + // excluding vowels and 'y' (to avoid accidentally generating any random words). + TunnelConstraintsTunnelAliasChars = "0123456789bcdfghjklmnpqrstvwxz" + + // Regular expression that can match or validate tunnel alias strings. + // + // Tunnel Aliases are fixed-length and have a limited character set of numbers and + // lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel URIs + // with ports and inspection suffixes remain within the DNS label limit of 63 characters. + TunnelConstraintsTunnelAliasPattern = "[" + TunnelConstraintsTunnelAliasChars + "]{3,49}" + + // Regular expression that can match or validate tunnel names. + // + // Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an + // empty string because tunnels may be unnamed. Limited to 49 characters to ensure tunnel + // URIs with ports and inspection suffixes remain within the DNS label limit of 63 + // characters. + TunnelConstraintsTunnelNamePattern = "([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)" + + // Regular expression that can match or validate tunnel or port labels. + TunnelConstraintsLabelPattern = "[\\w-=]{1,50}" + + // Regular expression that can match or validate tunnel domains. + // + // The tunnel service may perform additional contextual validation at the time the domain + // is registered. + TunnelConstraintsTunnelDomainPattern = "[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)" + + // Regular expression that can match or validate an access control subject or + // organization ID. + // + // The : and / characters are allowed because subjects may include IP addresses and + // ranges. The @ character is allowed because MSA subjects may be identified by email + // address. + TunnelConstraintsAccessControlSubjectPattern = "[0-9a-zA-Z-._:/@]{0,200}" + + // Regular expression that can match or validate an access control subject name, when + // resolving subject names to IDs. + // + // Note angle-brackets are only allowed when they wrap an email address as part of a + // formatted name with email. The service will block any other use of angle-brackets, to + // avoid any XSS risks. + TunnelConstraintsAccessControlSubjectNamePattern = "[ \\w\\d-.,/:'\"_@()<>]{0,200}" +) +var ( + // Regular expression that can match or validate tunnel cluster ID strings. + // + // Cluster IDs are alphanumeric; hyphens are not permitted. + TunnelConstraintsClusterIDRegex = regexp.MustCompile(TunnelConstraintsClusterIDPattern) + + // Regular expression that can match or validate a tunnel cluster ID as a hostname + // prefix. + // + // Cluster IDs are alphanumeric; hyphens are not permitted. + TunnelConstraintsClusterIDPrefixRegex = regexp.MustCompile(strings.Replace(TunnelConstraintsClusterIDPattern, "$", "\\.", -1)) + + // Regular expression that can match or validate tunnel ID strings. + // + // Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase + // letters (minus vowels and y). + TunnelConstraintsOldTunnelIDRegex = regexp.MustCompile(TunnelConstraintsOldTunnelIDPattern) + + // Regular expression that can match or validate tunnel ID strings. + // + // Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase + // letters (minus vowels and y). + TunnelConstraintsNewTunnelIDRegex = regexp.MustCompile(TunnelConstraintsNewTunnelIDPattern) + + // Regular expression that can match or validate tunnel alias strings. + // + // Tunnel Aliases are fixed-length and have a limited character set of numbers and + // lowercase letters (minus vowels and y). + TunnelConstraintsTunnelAliasRegex = regexp.MustCompile(TunnelConstraintsTunnelAliasPattern) + + // Regular expression that can match or validate tunnel names. + // + // Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an + // empty string because tunnels may be unnamed. + TunnelConstraintsTunnelNameRegex = regexp.MustCompile(TunnelConstraintsTunnelNamePattern) + + // Regular expression that can match or validate tunnel or port labels. + TunnelConstraintsLabelRegex = regexp.MustCompile(TunnelConstraintsLabelPattern) + + // Regular expression that can match or validate tunnel domains. + // + // The tunnel service may perform additional contextual validation at the time the domain + // is registered. + TunnelConstraintsTunnelDomainRegex = regexp.MustCompile(TunnelConstraintsTunnelDomainPattern) + + // Regular expression that can match or validate an access control subject or + // organization ID. + TunnelConstraintsAccessControlSubjectRegex = regexp.MustCompile(TunnelConstraintsAccessControlSubjectPattern) + + // Regular expression that can match or validate an access control subject name, when + // resolving subject names to IDs. + TunnelConstraintsAccessControlSubjectNameRegex = regexp.MustCompile(TunnelConstraintsAccessControlSubjectNamePattern) +) diff --git a/go/tunnels/tunnel_endpoint.go b/go/tunnels/tunnel_endpoint.go index e7758d9f..4357b9b4 100644 --- a/go/tunnels/tunnel_endpoint.go +++ b/go/tunnels/tunnel_endpoint.go @@ -1,90 +1,90 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelEndpoint.cs - -package tunnels - -// Base class for tunnel connection parameters. -// -// A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. -// There is a subclass for each connection mode, each having different connection -// parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and -// clients can select their preferred endpoint(s) from those depending on network -// environment or client capabilities. -type TunnelEndpoint struct { - // Gets or sets the ID of this endpoint. - ID string `json:"id,omitempty"` - - // Gets or sets the connection mode of the endpoint. - // - // This property is required when creating or updating an endpoint. The subclass type is - // also an indication of the connection mode, but this property is necessary to determine - // the subclass type when deserializing. - ConnectionMode TunnelConnectionMode `json:"connectionMode"` - - // Gets or sets the ID of the host that is listening on this endpoint. - // - // This property is required when creating or updating an endpoint. If the host supports - // multiple connection modes, the host's ID is the same for all the endpoints it - // supports. However different hosts may simultaneously accept connections at different - // endpoints for the same tunnel, if enabled in tunnel options. - HostID string `json:"hostId"` - - // Gets or sets an array of public keys, which can be used by clients to authenticate the - // host. - HostPublicKeys []string `json:"hostPublicKeys,omitempty"` - - // Gets or sets a string used to format URIs where a web client can connect to ports of - // the tunnel. The string includes a `TunnelEndpoint.PortToken` that must be replaced - // with the actual port number. - PortURIFormat string `json:"portUriFormat,omitempty"` - - // Gets or sets the URI where a web client can connect to the default port of the tunnel. - TunnelURI string `json:"tunnelUri,omitempty"` - - // Gets or sets a string used to format ssh command where ssh client can connect to - // shared ssh port of the tunnel. The string includes a `TunnelEndpoint.PortToken` that - // must be replaced with the actual port number. - PortSshCommandFormat string `json:"portSshCommandFormat,omitempty"` - - // Gets or sets the Ssh command where the Ssh client can connect to the default ssh port - // of the tunnel. - TunnelSshCommand string `json:"tunnelSshCommand,omitempty"` - - // Gets or sets the Ssh gateway public key which should be added to the authorized_keys - // file so that tunnel service can connect to the shared ssh server. - SshGatewayPublicKey string `json:"sshGatewayPublicKey,omitempty"` - - LocalNetworkTunnelEndpoint - TunnelRelayTunnelEndpoint -} - -// Parameters for connecting to a tunnel via a local network connection. -// -// While a direct connection is technically not "tunneling", tunnel hosts may accept -// connections via the local network as an optional more-efficient alternative to a relay. -type LocalNetworkTunnelEndpoint struct { - // Gets or sets a list of IP endpoints where the host may accept connections. - // - // A host may accept connections on multiple IP endpoints simultaneously if there are - // multiple network interfaces on the host system and/or if the host supports both IPv4 - // and IPv6. Each item in the list is a URI consisting of a scheme (which gives an - // indication of the network connection protocol), an IP address (IPv4 or IPv6) and a - // port number. The URIs do not typically include any paths, because the connection is - // not normally HTTP-based. - HostEndpoints []string `json:"hostEndpoints"` -} - -// Parameters for connecting to a tunnel via the tunnel service's built-in relay function. -type TunnelRelayTunnelEndpoint struct { - // Gets or sets the host URI. - HostRelayURI string `json:"hostRelayUri,omitempty"` - - // Gets or sets the client URI. - ClientRelayURI string `json:"clientRelayUri,omitempty"` -} - -// Token included in `TunnelEndpoint.PortUriFormat` and -// `TunnelEndpoint.PortSshCommandFormat` that is to be replaced by a specified port -// number. -var PortToken = "{port}" +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelEndpoint.cs + +package tunnels + +// Base class for tunnel connection parameters. +// +// A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. +// There is a subclass for each connection mode, each having different connection +// parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and +// clients can select their preferred endpoint(s) from those depending on network +// environment or client capabilities. +type TunnelEndpoint struct { + // Gets or sets the ID of this endpoint. + ID string `json:"id,omitempty"` + + // Gets or sets the connection mode of the endpoint. + // + // This property is required when creating or updating an endpoint. The subclass type is + // also an indication of the connection mode, but this property is necessary to determine + // the subclass type when deserializing. + ConnectionMode TunnelConnectionMode `json:"connectionMode"` + + // Gets or sets the ID of the host that is listening on this endpoint. + // + // This property is required when creating or updating an endpoint. If the host supports + // multiple connection modes, the host's ID is the same for all the endpoints it + // supports. However different hosts may simultaneously accept connections at different + // endpoints for the same tunnel, if enabled in tunnel options. + HostID string `json:"hostId"` + + // Gets or sets an array of public keys, which can be used by clients to authenticate the + // host. + HostPublicKeys []string `json:"hostPublicKeys,omitempty"` + + // Gets or sets a string used to format URIs where a web client can connect to ports of + // the tunnel. The string includes a `TunnelEndpoint.PortToken` that must be replaced + // with the actual port number. + PortURIFormat string `json:"portUriFormat,omitempty"` + + // Gets or sets the URI where a web client can connect to the default port of the tunnel. + TunnelURI string `json:"tunnelUri,omitempty"` + + // Gets or sets a string used to format ssh command where ssh client can connect to + // shared ssh port of the tunnel. The string includes a `TunnelEndpoint.PortToken` that + // must be replaced with the actual port number. + PortSshCommandFormat string `json:"portSshCommandFormat,omitempty"` + + // Gets or sets the Ssh command where the Ssh client can connect to the default ssh port + // of the tunnel. + TunnelSshCommand string `json:"tunnelSshCommand,omitempty"` + + // Gets or sets the Ssh gateway public key which should be added to the authorized_keys + // file so that tunnel service can connect to the shared ssh server. + SshGatewayPublicKey string `json:"sshGatewayPublicKey,omitempty"` + + LocalNetworkTunnelEndpoint + TunnelRelayTunnelEndpoint +} + +// Parameters for connecting to a tunnel via a local network connection. +// +// While a direct connection is technically not "tunneling", tunnel hosts may accept +// connections via the local network as an optional more-efficient alternative to a relay. +type LocalNetworkTunnelEndpoint struct { + // Gets or sets a list of IP endpoints where the host may accept connections. + // + // A host may accept connections on multiple IP endpoints simultaneously if there are + // multiple network interfaces on the host system and/or if the host supports both IPv4 + // and IPv6. Each item in the list is a URI consisting of a scheme (which gives an + // indication of the network connection protocol), an IP address (IPv4 or IPv6) and a + // port number. The URIs do not typically include any paths, because the connection is + // not normally HTTP-based. + HostEndpoints []string `json:"hostEndpoints"` +} + +// Parameters for connecting to a tunnel via the tunnel service's built-in relay function. +type TunnelRelayTunnelEndpoint struct { + // Gets or sets the host URI. + HostRelayURI string `json:"hostRelayUri,omitempty"` + + // Gets or sets the client URI. + ClientRelayURI string `json:"clientRelayUri,omitempty"` +} + +// Token included in `TunnelEndpoint.PortUriFormat` and +// `TunnelEndpoint.PortSshCommandFormat` that is to be replaced by a specified port +// number. +var PortToken = "{port}" diff --git a/go/tunnels/tunnel_event.go b/go/tunnels/tunnel_event.go index 69bc6441..e5cabd75 100644 --- a/go/tunnels/tunnel_event.go +++ b/go/tunnels/tunnel_event.go @@ -1,40 +1,40 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelEvent.cs - -package tunnels - -import ( - "time" -) - -// Data contract for tunnel client events reported to the tunnel service. -type TunnelEvent struct { - // Gets or sets the UTC timestamp of the event (using the client's clock). - Timestamp *time.Time `json:"timestamp,omitempty"` - - // Gets or sets name of the event. This should be a short descriptive identifier. - Name string `json:"name"` - - // Gets or sets the severity of the event, such as `TunnelEvent.Info`, - // `TunnelEvent.Warning`, or `TunnelEvent.Error`. - // - // If not specified, the default severity is "info". - Severity string `json:"severity,omitempty"` - - // Gets or sets optional unstructured details about the event, such as a message or - // description. For warning or error events this may include a stack trace. - Details string `json:"details,omitempty"` - - // Gets or sets semi-structured event properties. - Properties map[string]string `json:"properties,omitempty"` -} - -// Default event severity. -var Info = "info" - -// Warning event severity. -var Warning = "warning" - -// Error event severity. -var Error = "error" +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelEvent.cs + +package tunnels + +import ( + "time" +) + +// Data contract for tunnel client events reported to the tunnel service. +type TunnelEvent struct { + // Gets or sets the UTC timestamp of the event (using the client's clock). + Timestamp *time.Time `json:"timestamp,omitempty"` + + // Gets or sets name of the event. This should be a short descriptive identifier. + Name string `json:"name"` + + // Gets or sets the severity of the event, such as `TunnelEvent.Info`, + // `TunnelEvent.Warning`, or `TunnelEvent.Error`. + // + // If not specified, the default severity is "info". + Severity string `json:"severity,omitempty"` + + // Gets or sets optional unstructured details about the event, such as a message or + // description. For warning or error events this may include a stack trace. + Details string `json:"details,omitempty"` + + // Gets or sets semi-structured event properties. + Properties map[string]string `json:"properties,omitempty"` +} + +// Default event severity. +var Info = "info" + +// Warning event severity. +var Warning = "warning" + +// Error event severity. +var Error = "error" diff --git a/go/tunnels/tunnel_header_names.go b/go/tunnels/tunnel_header_names.go index 8845f43d..fa13d71e 100644 --- a/go/tunnels/tunnel_header_names.go +++ b/go/tunnels/tunnel_header_names.go @@ -1,28 +1,28 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelHeaderNames.cs - -package tunnels - -// Header names for http requests that Tunnel Service can handle -type TunnelHeaderNames []TunnelHeaderName -type TunnelHeaderName string - -const ( - // Additional authorization header that can be passed to tunnel web forwarding to - // authenticate and authorize the client. The format of the value is the same as - // Authorization header that is sent to the Tunnel service by the tunnel SDK. Supported - // schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. - TunnelHeaderNameXTunnelAuthorization TunnelHeaderName = "X-Tunnel-Authorization" - - // Request ID header that nginx ingress controller adds to all requests if it's not - // there. - TunnelHeaderNameXRequestID TunnelHeaderName = "X-Request-ID" - - // Github Ssh public key which can be used to validate if it belongs to tunnel's owner. - TunnelHeaderNameXGithubSshKey TunnelHeaderName = "X-Github-Ssh-Key" - - // Header that will skip the antiphishing page when connection to a tunnel through web - // forwarding. - TunnelHeaderNameXTunnelSkipAntiPhishingPage TunnelHeaderName = "X-Tunnel-Skip-AntiPhishing-Page" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelHeaderNames.cs + +package tunnels + +// Header names for http requests that Tunnel Service can handle +type TunnelHeaderNames []TunnelHeaderName +type TunnelHeaderName string + +const ( + // Additional authorization header that can be passed to tunnel web forwarding to + // authenticate and authorize the client. The format of the value is the same as + // Authorization header that is sent to the Tunnel service by the tunnel SDK. Supported + // schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. + TunnelHeaderNameXTunnelAuthorization TunnelHeaderName = "X-Tunnel-Authorization" + + // Request ID header that nginx ingress controller adds to all requests if it's not + // there. + TunnelHeaderNameXRequestID TunnelHeaderName = "X-Request-ID" + + // Github Ssh public key which can be used to validate if it belongs to tunnel's owner. + TunnelHeaderNameXGithubSshKey TunnelHeaderName = "X-Github-Ssh-Key" + + // Header that will skip the antiphishing page when connection to a tunnel through web + // forwarding. + TunnelHeaderNameXTunnelSkipAntiPhishingPage TunnelHeaderName = "X-Tunnel-Skip-AntiPhishing-Page" +) diff --git a/go/tunnels/tunnel_list_by_region.go b/go/tunnels/tunnel_list_by_region.go index a2db664a..1a1283cc 100644 --- a/go/tunnels/tunnel_list_by_region.go +++ b/go/tunnels/tunnel_list_by_region.go @@ -1,20 +1,20 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelListByRegion.cs - -package tunnels - -// Tunnel list by region. -type TunnelListByRegion struct { - // Azure region name. - RegionName string `json:"regionName,omitempty"` - - // Cluster id in the region. - ClusterID string `json:"clusterId,omitempty"` - - // List of tunnels. - Value []Tunnel `json:"value,omitempty"` - - // Error detail if getting list of tunnels in the region failed. - Error *ErrorDetail `json:"error,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelListByRegion.cs + +package tunnels + +// Tunnel list by region. +type TunnelListByRegion struct { + // Azure region name. + RegionName string `json:"regionName,omitempty"` + + // Cluster id in the region. + ClusterID string `json:"clusterId,omitempty"` + + // List of tunnels. + Value []Tunnel `json:"value,omitempty"` + + // Error detail if getting list of tunnels in the region failed. + Error *ErrorDetail `json:"error,omitempty"` +} diff --git a/go/tunnels/tunnel_list_by_region_response.go b/go/tunnels/tunnel_list_by_region_response.go index 596001c8..2cd4a35a 100644 --- a/go/tunnels/tunnel_list_by_region_response.go +++ b/go/tunnels/tunnel_list_by_region_response.go @@ -1,14 +1,14 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelListByRegionResponse.cs - -package tunnels - -// Data contract for response of a list tunnel by region call. -type TunnelListByRegionResponse struct { - // List of tunnels - Value []TunnelListByRegion `json:"value,omitempty"` - - // Link to get next page of results. - NextLink string `json:"nextLink,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelListByRegionResponse.cs + +package tunnels + +// Data contract for response of a list tunnel by region call. +type TunnelListByRegionResponse struct { + // List of tunnels + Value []TunnelListByRegion `json:"value,omitempty"` + + // Link to get next page of results. + NextLink string `json:"nextLink,omitempty"` +} diff --git a/go/tunnels/tunnel_options.go b/go/tunnels/tunnel_options.go index b887d171..e6857735 100644 --- a/go/tunnels/tunnel_options.go +++ b/go/tunnels/tunnel_options.go @@ -1,91 +1,91 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelOptions.cs - -package tunnels - -// Data contract for `Tunnel` or `TunnelPort` options. -type TunnelOptions struct { - // Gets or sets a value indicating whether web-forwarding of this tunnel can run on any - // cluster (region) without redirecting to the home cluster. This is only applicable if - // the tunnel has a name and web-forwarding uses it. - IsGloballyAvailable bool `json:"isGloballyAvailable,omitempty"` - - // Gets or sets a value for `Host` header rewriting to use in web-forwarding of this - // tunnel or port. By default, with this property null or empty, web-forwarding uses - // "localhost" to rewrite the header. Web-fowarding will use this property instead if it - // is not null or empty. Port-level option, if set, takes precedence over this option on - // the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. - HostHeader string `json:"hostHeader,omitempty"` - - // Gets or sets a value indicating whether `Host` header is rewritten or the header value - // stays intact. By default, if false, web-forwarding rewrites the host header with the - // value from HostHeader property or "localhost". If true, the host header will be - // whatever the tunnel's web-forwarding host is, e.g. tunnel-name-8080.devtunnels.ms. - // Port-level option, if set, takes precedence over this option on the tunnel level. - IsHostHeaderUnchanged bool `json:"isHostHeaderUnchanged,omitempty"` - - // Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this - // tunnel or port. By default, with this property null or empty, web-forwarding uses - // "http(s)://localhost" to rewrite the header. Web-fowarding will use this property - // instead if it is not null or empty. Port-level option, if set, takes precedence over - // this option on the tunnel level. The option is ignored if IsOriginHeaderUnchanged is - // true. - OriginHeader string `json:"originHeader,omitempty"` - - // Gets or sets a value indicating whether `Origin` header is rewritten or the header - // value stays intact. By default, if false, web-forwarding rewrites the origin header - // with the value from OriginHeader property or "http(s)://localhost". If true, the - // Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. - // https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence - // over this option on the tunnel level. - IsOriginHeaderUnchanged bool `json:"isOriginHeaderUnchanged,omitempty"` - - // Gets or sets if inspection is enabled for the tunnel. - IsInspectionEnabled bool `json:"isInspectionEnabled,omitempty"` - - // Gets or sets a value indicating whether web requests to a tunnel can use the tunnel - // web authentication cookie if they come from a different site. Specifically, this - // controls whether the tunnel web-forwarding authentication cookie is marked as - // SameSite=None. The default is false, which means the cookie is marked as SameSite=Lax. - // This only applies to tunnels that require authentication. - IsCrossSiteAuthenticationEnabled bool `json:"isCrossSiteAuthenticationEnabled,omitempty"` - - // Gets or sets a value indicating whether the tunnel web-forwarding authentication - // cookie is set as Partitioned (CHIPS). The default is false. This only applies to - // tunnels that require authentication. - // - // A partitioned cookie always also has SameSite=None for compatbility with browsers that - // do not support partitioning. - IsPartitionedSiteAuthenticationEnabled bool `json:"isPartitionedSiteAuthenticationEnabled,omitempty"` - - // Gets or sets a value indicating whether web requests to the tunnel or port can be - // directly authenticated with bearer token authentication by supplying an - // `Authorization` header with an Entra ID or GitHub token of a user with access to the - // tunnel. The default is false, which means only the tunnel web authentication cookie or - // `X-Tunnel-Authorization` header can be used for authenticating web requests to the - // tunnel. - // - // When this option is enabled, AND neither a tunnel web authentication cookie nor an - // `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will - // attempt to authenticate the request using the `Authorization` header with Entra ID or - // GitHub credentials. In that case the `Authorization` header will be stripped from the - // request before it is forwarded to the host application. Enabling this option may be - // desirable for API tunnels, where clients are likely to have better support for bearer - // token authentication using the `Authorization` header. However, interception of that - // header could block host applications which themselves implement bearer token - // authentication, which is why this option is disabled by default. This option does not - // apply to the tunnel management API, which always supports bearer token authentication - // using the `Authorization` header. - IsBearerTokenAuthenticationEnabled bool `json:"isBearerTokenAuthenticationEnabled,omitempty"` - - // Gets or sets the timeout for HTTP requests to the tunnel or port. - // - // The default timeout is 100 seconds. Set this to 0 to disable the timeout. The timeout - // will reset when response headers are received or after successfully reading or writing - // any request, response, or streaming data like gRPC or WebSockets. TCP keep-alives and - // HTTP/2 protocol pings will not reset the timeout, but WebSocket pings will. When a - // request times out, the tunnel relay aborts the request and returns 504 Gateway - // Timeout. - RequestTimeoutSeconds int32 `json:"requestTimeoutSeconds,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelOptions.cs + +package tunnels + +// Data contract for `Tunnel` or `TunnelPort` options. +type TunnelOptions struct { + // Gets or sets a value indicating whether web-forwarding of this tunnel can run on any + // cluster (region) without redirecting to the home cluster. This is only applicable if + // the tunnel has a name and web-forwarding uses it. + IsGloballyAvailable bool `json:"isGloballyAvailable,omitempty"` + + // Gets or sets a value for `Host` header rewriting to use in web-forwarding of this + // tunnel or port. By default, with this property null or empty, web-forwarding uses + // "localhost" to rewrite the header. Web-fowarding will use this property instead if it + // is not null or empty. Port-level option, if set, takes precedence over this option on + // the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. + HostHeader string `json:"hostHeader,omitempty"` + + // Gets or sets a value indicating whether `Host` header is rewritten or the header value + // stays intact. By default, if false, web-forwarding rewrites the host header with the + // value from HostHeader property or "localhost". If true, the host header will be + // whatever the tunnel's web-forwarding host is, e.g. tunnel-name-8080.devtunnels.ms. + // Port-level option, if set, takes precedence over this option on the tunnel level. + IsHostHeaderUnchanged bool `json:"isHostHeaderUnchanged,omitempty"` + + // Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this + // tunnel or port. By default, with this property null or empty, web-forwarding uses + // "http(s)://localhost" to rewrite the header. Web-fowarding will use this property + // instead if it is not null or empty. Port-level option, if set, takes precedence over + // this option on the tunnel level. The option is ignored if IsOriginHeaderUnchanged is + // true. + OriginHeader string `json:"originHeader,omitempty"` + + // Gets or sets a value indicating whether `Origin` header is rewritten or the header + // value stays intact. By default, if false, web-forwarding rewrites the origin header + // with the value from OriginHeader property or "http(s)://localhost". If true, the + // Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. + // https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence + // over this option on the tunnel level. + IsOriginHeaderUnchanged bool `json:"isOriginHeaderUnchanged,omitempty"` + + // Gets or sets if inspection is enabled for the tunnel. + IsInspectionEnabled bool `json:"isInspectionEnabled,omitempty"` + + // Gets or sets a value indicating whether web requests to a tunnel can use the tunnel + // web authentication cookie if they come from a different site. Specifically, this + // controls whether the tunnel web-forwarding authentication cookie is marked as + // SameSite=None. The default is false, which means the cookie is marked as SameSite=Lax. + // This only applies to tunnels that require authentication. + IsCrossSiteAuthenticationEnabled bool `json:"isCrossSiteAuthenticationEnabled,omitempty"` + + // Gets or sets a value indicating whether the tunnel web-forwarding authentication + // cookie is set as Partitioned (CHIPS). The default is false. This only applies to + // tunnels that require authentication. + // + // A partitioned cookie always also has SameSite=None for compatbility with browsers that + // do not support partitioning. + IsPartitionedSiteAuthenticationEnabled bool `json:"isPartitionedSiteAuthenticationEnabled,omitempty"` + + // Gets or sets a value indicating whether web requests to the tunnel or port can be + // directly authenticated with bearer token authentication by supplying an + // `Authorization` header with an Entra ID or GitHub token of a user with access to the + // tunnel. The default is false, which means only the tunnel web authentication cookie or + // `X-Tunnel-Authorization` header can be used for authenticating web requests to the + // tunnel. + // + // When this option is enabled, AND neither a tunnel web authentication cookie nor an + // `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will + // attempt to authenticate the request using the `Authorization` header with Entra ID or + // GitHub credentials. In that case the `Authorization` header will be stripped from the + // request before it is forwarded to the host application. Enabling this option may be + // desirable for API tunnels, where clients are likely to have better support for bearer + // token authentication using the `Authorization` header. However, interception of that + // header could block host applications which themselves implement bearer token + // authentication, which is why this option is disabled by default. This option does not + // apply to the tunnel management API, which always supports bearer token authentication + // using the `Authorization` header. + IsBearerTokenAuthenticationEnabled bool `json:"isBearerTokenAuthenticationEnabled,omitempty"` + + // Gets or sets the timeout for HTTP requests to the tunnel or port. + // + // The default timeout is 100 seconds. Set this to 0 to disable the timeout. The timeout + // will reset when response headers are received or after successfully reading or writing + // any request, response, or streaming data like gRPC or WebSockets. TCP keep-alives and + // HTTP/2 protocol pings will not reset the timeout, but WebSocket pings will. When a + // request times out, the tunnel relay aborts the request and returns 504 Gateway + // Timeout. + RequestTimeoutSeconds int32 `json:"requestTimeoutSeconds,omitempty"` +} diff --git a/go/tunnels/tunnel_port.go b/go/tunnels/tunnel_port.go index da25d172..44689b33 100644 --- a/go/tunnels/tunnel_port.go +++ b/go/tunnels/tunnel_port.go @@ -1,74 +1,74 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPort.cs - -package tunnels - -// Data contract for tunnel port objects managed through the tunnel service REST API. -type TunnelPort struct { - // Gets or sets the ID of the cluster the tunnel was created in. - ClusterID string `json:"clusterId,omitempty"` - - // Gets or sets the generated ID of the tunnel, unique within the cluster. - TunnelID string `json:"tunnelId,omitempty"` - - // Gets or sets the IP port number of the tunnel port. - PortNumber uint16 `json:"portNumber"` - - // Gets or sets the optional short name of the port. - // - // The name must be unique among named ports of the same tunnel. - Name string `json:"name,omitempty"` - - // Gets or sets the optional description of the port. - Description string `json:"description,omitempty"` - - // Gets or sets the labels of the port. - Labels []string `json:"labels,omitempty"` - - // Gets or sets the protocol of the tunnel port. - // - // Should be one of the string constants from `TunnelProtocol`. - Protocol string `json:"protocol,omitempty"` - - // Gets or sets a value indicating whether this port is a default port for the tunnel. - // - // A client that connects to a tunnel (by ID or name) without specifying a port number - // will connect to the default port for the tunnel, if a default is configured. Or if the - // tunnel has only one port then the single port is the implicit default. - // - // Selection of a default port for a connection also depends on matching the connection - // to the port `TunnelPort.Protocol`, so it is possible to configure separate defaults - // for distinct protocols like `TunnelProtocol.Http` and `TunnelProtocol.Ssh`. - IsDefault bool `json:"isDefault,omitempty"` - - // Gets or sets a dictionary mapping from scopes to tunnel access tokens. - // - // Unlike the tokens in `Tunnel.AccessTokens`, these tokens are restricted to the - // individual port. - AccessTokens map[TunnelAccessScope]string `json:"accessTokens,omitempty"` - - // Gets or sets access control settings for the tunnel port. - // - // See `TunnelAccessControl` documentation for details about the access control model. - AccessControl *TunnelAccessControl `json:"accessControl,omitempty"` - - // Gets or sets options for the tunnel port. - Options *TunnelOptions `json:"options,omitempty"` - - // Gets or sets current connection status of the tunnel port. - Status *TunnelPortStatus `json:"status,omitempty"` - - // Gets or sets the username for the ssh service user is trying to forward. - // - // Should be provided if the `TunnelProtocol` is Ssh. - SshUser string `json:"sshUser,omitempty"` - - // Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the port - // can be accessed with web forwarding. - PortForwardingURIs []string `json:"portForwardingUris"` - - // Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic - // can be inspected. - InspectionURI string `json:"inspectionUri"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPort.cs + +package tunnels + +// Data contract for tunnel port objects managed through the tunnel service REST API. +type TunnelPort struct { + // Gets or sets the ID of the cluster the tunnel was created in. + ClusterID string `json:"clusterId,omitempty"` + + // Gets or sets the generated ID of the tunnel, unique within the cluster. + TunnelID string `json:"tunnelId,omitempty"` + + // Gets or sets the IP port number of the tunnel port. + PortNumber uint16 `json:"portNumber"` + + // Gets or sets the optional short name of the port. + // + // The name must be unique among named ports of the same tunnel. + Name string `json:"name,omitempty"` + + // Gets or sets the optional description of the port. + Description string `json:"description,omitempty"` + + // Gets or sets the labels of the port. + Labels []string `json:"labels,omitempty"` + + // Gets or sets the protocol of the tunnel port. + // + // Should be one of the string constants from `TunnelProtocol`. + Protocol string `json:"protocol,omitempty"` + + // Gets or sets a value indicating whether this port is a default port for the tunnel. + // + // A client that connects to a tunnel (by ID or name) without specifying a port number + // will connect to the default port for the tunnel, if a default is configured. Or if the + // tunnel has only one port then the single port is the implicit default. + // + // Selection of a default port for a connection also depends on matching the connection + // to the port `TunnelPort.Protocol`, so it is possible to configure separate defaults + // for distinct protocols like `TunnelProtocol.Http` and `TunnelProtocol.Ssh`. + IsDefault bool `json:"isDefault,omitempty"` + + // Gets or sets a dictionary mapping from scopes to tunnel access tokens. + // + // Unlike the tokens in `Tunnel.AccessTokens`, these tokens are restricted to the + // individual port. + AccessTokens map[TunnelAccessScope]string `json:"accessTokens,omitempty"` + + // Gets or sets access control settings for the tunnel port. + // + // See `TunnelAccessControl` documentation for details about the access control model. + AccessControl *TunnelAccessControl `json:"accessControl,omitempty"` + + // Gets or sets options for the tunnel port. + Options *TunnelOptions `json:"options,omitempty"` + + // Gets or sets current connection status of the tunnel port. + Status *TunnelPortStatus `json:"status,omitempty"` + + // Gets or sets the username for the ssh service user is trying to forward. + // + // Should be provided if the `TunnelProtocol` is Ssh. + SshUser string `json:"sshUser,omitempty"` + + // Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the port + // can be accessed with web forwarding. + PortForwardingURIs []string `json:"portForwardingUris"` + + // Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic + // can be inspected. + InspectionURI string `json:"inspectionUri"` +} diff --git a/go/tunnels/tunnel_port_list_response.go b/go/tunnels/tunnel_port_list_response.go index a0d5a37b..79baf514 100644 --- a/go/tunnels/tunnel_port_list_response.go +++ b/go/tunnels/tunnel_port_list_response.go @@ -1,14 +1,14 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPortListResponse.cs - -package tunnels - -// Data contract for response of a list tunnel ports call. -type TunnelPortListResponse struct { - // List of tunnels - Value []TunnelPort `json:"value,omitempty"` - - // Link to get next page of results - NextLink string `json:"nextLink,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPortListResponse.cs + +package tunnels + +// Data contract for response of a list tunnel ports call. +type TunnelPortListResponse struct { + // List of tunnels + Value []TunnelPort `json:"value,omitempty"` + + // Link to get next page of results + NextLink string `json:"nextLink,omitempty"` +} diff --git a/go/tunnels/tunnel_port_status.go b/go/tunnels/tunnel_port_status.go index 8ab7d39e..50ce7ec0 100644 --- a/go/tunnels/tunnel_port_status.go +++ b/go/tunnels/tunnel_port_status.go @@ -1,40 +1,40 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPortStatus.cs - -package tunnels - -import ( - "time" -) - -// Data contract for `TunnelPort` status. -type TunnelPortStatus struct { - // Gets or sets the current value and limit for the number of clients connected to the - // port. - // - // This client connection count does not include non-port-specific connections such as - // SDK and SSH clients. See `TunnelStatus.ClientConnectionCount` for status of those - // connections. This count also does not include HTTP client connections, unless they - // are upgraded to websockets. HTTP connections are counted per-request rather than - // per-connection: see `TunnelPortStatus.HttpRequestRate`. - ClientConnectionCount *ResourceStatus `json:"clientConnectionCount,omitempty"` - - // Gets or sets the UTC date time when a client was last connected to the port, or null - // if a client has never connected. - LastClientConnectionTime *time.Time `json:"lastClientConnectionTime,omitempty"` - - // Gets or sets the current value and limit for the rate of client connections to the - // tunnel port. - // - // This client connection rate does not count non-port-specific connections such as SDK - // and SSH clients. See `TunnelStatus.ClientConnectionRate` for those connection types. - // This also does not include HTTP connections, unless they are upgraded to websockets. - // HTTP connections are counted per-request rather than per-connection: see - // `TunnelPortStatus.HttpRequestRate`. - ClientConnectionRate *RateStatus `json:"clientConnectionRate,omitempty"` - - // Gets or sets the current value and limit for the rate of HTTP requests to the tunnel - // port. - HttpRequestRate *RateStatus `json:"httpRequestRate,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPortStatus.cs + +package tunnels + +import ( + "time" +) + +// Data contract for `TunnelPort` status. +type TunnelPortStatus struct { + // Gets or sets the current value and limit for the number of clients connected to the + // port. + // + // This client connection count does not include non-port-specific connections such as + // SDK and SSH clients. See `TunnelStatus.ClientConnectionCount` for status of those + // connections. This count also does not include HTTP client connections, unless they + // are upgraded to websockets. HTTP connections are counted per-request rather than + // per-connection: see `TunnelPortStatus.HttpRequestRate`. + ClientConnectionCount *ResourceStatus `json:"clientConnectionCount,omitempty"` + + // Gets or sets the UTC date time when a client was last connected to the port, or null + // if a client has never connected. + LastClientConnectionTime *time.Time `json:"lastClientConnectionTime,omitempty"` + + // Gets or sets the current value and limit for the rate of client connections to the + // tunnel port. + // + // This client connection rate does not count non-port-specific connections such as SDK + // and SSH clients. See `TunnelStatus.ClientConnectionRate` for those connection types. + // This also does not include HTTP connections, unless they are upgraded to websockets. + // HTTP connections are counted per-request rather than per-connection: see + // `TunnelPortStatus.HttpRequestRate`. + ClientConnectionRate *RateStatus `json:"clientConnectionRate,omitempty"` + + // Gets or sets the current value and limit for the rate of HTTP requests to the tunnel + // port. + HttpRequestRate *RateStatus `json:"httpRequestRate,omitempty"` +} diff --git a/go/tunnels/tunnel_progress.go b/go/tunnels/tunnel_progress.go index 1454922b..bc9942bb 100644 --- a/go/tunnels/tunnel_progress.go +++ b/go/tunnels/tunnel_progress.go @@ -1,41 +1,41 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs - -package tunnels - -// Specifies the tunnel progress events that are reported. -type TunnelProgress []TunnelProgres -type TunnelProgres string - -const ( - // Starting refresh ports. - TunnelProgresStartingRefreshPorts TunnelProgres = "StartingRefreshPorts" - - // Completed refresh ports. - TunnelProgresCompletedRefreshPorts TunnelProgres = "CompletedRefreshPorts" - - // Starting request uri for a tunnel service request. - TunnelProgresStartingRequestUri TunnelProgres = "StartingRequestUri" - - // Starting request configuration for a tunnel service request. - TunnelProgresStartingRequestConfig TunnelProgres = "StartingRequestConfig" - - // Starting to send tunnel service request. - TunnelProgresStartingSendTunnelRequest TunnelProgres = "StartingSendTunnelRequest" - - // Completed sending a tunnel service request. - TunnelProgresCompletedSendTunnelRequest TunnelProgres = "CompletedSendTunnelRequest" - - // Starting create tunnel port. - TunnelProgresStartingCreateTunnelPort TunnelProgres = "StartingCreateTunnelPort" - - // Completed create tunnel port. - TunnelProgresCompletedCreateTunnelPort TunnelProgres = "CompletedCreateTunnelPort" - - // Starting get tunnel port. - TunnelProgresStartingGetTunnelPort TunnelProgres = "StartingGetTunnelPort" - - // Completed get tunnel port. - TunnelProgresCompletedGetTunnelPort TunnelProgres = "CompletedGetTunnelPort" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs + +package tunnels + +// Specifies the tunnel progress events that are reported. +type TunnelProgress []TunnelProgres +type TunnelProgres string + +const ( + // Starting refresh ports. + TunnelProgresStartingRefreshPorts TunnelProgres = "StartingRefreshPorts" + + // Completed refresh ports. + TunnelProgresCompletedRefreshPorts TunnelProgres = "CompletedRefreshPorts" + + // Starting request uri for a tunnel service request. + TunnelProgresStartingRequestUri TunnelProgres = "StartingRequestUri" + + // Starting request configuration for a tunnel service request. + TunnelProgresStartingRequestConfig TunnelProgres = "StartingRequestConfig" + + // Starting to send tunnel service request. + TunnelProgresStartingSendTunnelRequest TunnelProgres = "StartingSendTunnelRequest" + + // Completed sending a tunnel service request. + TunnelProgresCompletedSendTunnelRequest TunnelProgres = "CompletedSendTunnelRequest" + + // Starting create tunnel port. + TunnelProgresStartingCreateTunnelPort TunnelProgres = "StartingCreateTunnelPort" + + // Completed create tunnel port. + TunnelProgresCompletedCreateTunnelPort TunnelProgres = "CompletedCreateTunnelPort" + + // Starting get tunnel port. + TunnelProgresStartingGetTunnelPort TunnelProgres = "StartingGetTunnelPort" + + // Completed get tunnel port. + TunnelProgresCompletedGetTunnelPort TunnelProgres = "CompletedGetTunnelPort" +) diff --git a/go/tunnels/tunnel_protocol.go b/go/tunnels/tunnel_protocol.go index d68c4058..1847a24f 100644 --- a/go/tunnels/tunnel_protocol.go +++ b/go/tunnels/tunnel_protocol.go @@ -1,31 +1,31 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelProtocol.cs - -package tunnels - -// Defines possible values for the protocol of a `TunnelPort`. -type TunnelProtocol string - -const ( - // The protocol is automatically detected. (TODO: Define detection semantics.) - TunnelProtocolAuto TunnelProtocol = "auto" - - // Unknown TCP protocol. - TunnelProtocolTcp TunnelProtocol = "tcp" - - // Unknown UDP protocol. - TunnelProtocolUdp TunnelProtocol = "udp" - - // SSH protocol. - TunnelProtocolSsh TunnelProtocol = "ssh" - - // Remote desktop protocol. - TunnelProtocolRdp TunnelProtocol = "rdp" - - // HTTP protocol. - TunnelProtocolHttp TunnelProtocol = "http" - - // HTTPS protocol. - TunnelProtocolHttps TunnelProtocol = "https" -) +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelProtocol.cs + +package tunnels + +// Defines possible values for the protocol of a `TunnelPort`. +type TunnelProtocol string + +const ( + // The protocol is automatically detected. (TODO: Define detection semantics.) + TunnelProtocolAuto TunnelProtocol = "auto" + + // Unknown TCP protocol. + TunnelProtocolTcp TunnelProtocol = "tcp" + + // Unknown UDP protocol. + TunnelProtocolUdp TunnelProtocol = "udp" + + // SSH protocol. + TunnelProtocolSsh TunnelProtocol = "ssh" + + // Remote desktop protocol. + TunnelProtocolRdp TunnelProtocol = "rdp" + + // HTTP protocol. + TunnelProtocolHttp TunnelProtocol = "http" + + // HTTPS protocol. + TunnelProtocolHttps TunnelProtocol = "https" +) diff --git a/go/tunnels/tunnel_report_progress_event_args.go b/go/tunnels/tunnel_report_progress_event_args.go index 923986f4..8db47227 100644 --- a/go/tunnels/tunnel_report_progress_event_args.go +++ b/go/tunnels/tunnel_report_progress_event_args.go @@ -1,15 +1,15 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs - -package tunnels - -// Event args for the tunnel report progress event. -type TunnelReportProgressEventArgs struct { - // Specifies the progress event that is being reported. See `TunnelProgress` and - // Ssh.Progress for a description of the different progress events that can be reported. - Progress string `json:"progress"` - - // The session number associated with an SSH session progress event. - SessionNumber int32 `json:"sessionNumber"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs + +package tunnels + +// Event args for the tunnel report progress event. +type TunnelReportProgressEventArgs struct { + // Specifies the progress event that is being reported. See `TunnelProgress` and + // Ssh.Progress for a description of the different progress events that can be reported. + Progress string `json:"progress"` + + // The session number associated with an SSH session progress event. + SessionNumber int32 `json:"sessionNumber"` +} diff --git a/go/tunnels/tunnel_service_properties.go b/go/tunnels/tunnel_service_properties.go index bc2a59d0..7cb8626d 100644 --- a/go/tunnels/tunnel_service_properties.go +++ b/go/tunnels/tunnel_service_properties.go @@ -1,88 +1,103 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelServiceProperties.cs - -package tunnels - -// Provides environment-dependent properties about the service. -type TunnelServiceProperties struct { - // Gets the base URI of the service. - ServiceURI string `json:"serviceUri"` - - // Gets the public AAD AppId for the service. - // - // Clients specify this AppId as the audience property when authenticating to the - // service. - ServiceAppID string `json:"serviceAppId"` - - // Gets the internal AAD AppId for the service. - // - // Other internal services specify this AppId as the audience property when - // authenticating to the tunnel service. Production services must be in the AME tenant to - // use this appid. - ServiceInternalAppID string `json:"serviceInternalAppId"` - - // Gets the client ID for the service's GitHub app. - // - // Clients apps that authenticate tunnel users with GitHub specify this as the client ID - // when requesting a user token. - GitHubAppClientID string `json:"gitHubAppClientId"` -} - -// Global DNS name of the production tunnel service. -var prodDnsName = "global.rel.tunnels.api.visualstudio.com" - -// Global DNS name of the pre-production tunnel service. -var ppeDnsName = "global.rel.tunnels.ppe.api.visualstudio.com" - -// Global DNS name of the development tunnel service. -var devDnsName = "global.ci.tunnels.dev.api.visualstudio.com" - -// First-party app ID: `Visual Studio Tunnel Service` -// -// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, -// in the PROD service environment. -var prodFirstPartyAppID = "46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2" - -// First-party app ID: `Visual Studio Tunnel Service - Test` -// -// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, -// in the PPE service environments. -var ppeFirstPartyAppID = "54c45752-bacd-424a-b928-652f3eca2b18" - -// Third-party app ID: `DEV-VSTunnelService-3P` -// -// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, -// in the DEV service environment. This is a 3P app registration in the Microsoft corp -// tenant, replacing the former 1P FPA. -var devFirstPartyAppID = "906ce216-6f2e-40be-875d-7fe1a9bc288a" - -// Third-party app ID: `tunnels-prod-app-sp` -// -// Used for authenticating internal AAD service principals in the AME tenant, in the PROD -// service environment. -var prodThirdPartyAppID = "ce65d243-a913-4cae-a7dd-cb52e9f77647" - -// Third-party app ID: `tunnels-ppe-app-sp` -// -// Used for authenticating internal AAD service principals in the AME tenant, in the PPE -// service environment. -var ppeThirdPartyAppID = "544167a6-f431-4518-aac6-2fd50071928e" - -// Third-party app ID: `tunnels-dev-app-sp` -// -// Used for authenticating internal AAD service principals in the corp tenant (not AME!), -// in the DEV service environment. -var devThirdPartyAppID = "a118c979-0249-44bb-8f95-eb0457127aeb" - -// GitHub App Client ID for 'Visual Studio Tunnel Service' -// -// Used by client apps that authenticate tunnel users with GitHub, in the PROD service -// environment. -var prodGitHubAppClientID = "Iv1.e7b89e013f801f03" - -// GitHub App Client ID for 'Visual Studio Tunnel Service - Test' -// -// Used by client apps that authenticate tunnel users with GitHub, in the PPE and DEV -// service environments. -var nonProdGitHubAppClientID = "Iv1.b231c327f1eaa229" +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelServiceProperties.cs + +package tunnels + +// Provides environment-dependent properties about the service. +type TunnelServiceProperties struct { + // Gets the base URI of the service. + ServiceURI string `json:"serviceUri"` + + // Gets the public AAD AppId for the service. + // + // Clients specify this AppId as the audience property when authenticating to the + // service. + ServiceAppID string `json:"serviceAppId"` + + // Gets the internal AAD AppId for the service. + // + // Other internal services specify this AppId as the audience property when + // authenticating to the tunnel service. Production services must be in the AME tenant to + // use this appid. + ServiceInternalAppID string `json:"serviceInternalAppId"` + + // Gets the client ID for the service's GitHub app. + // + // Clients apps that authenticate tunnel users with GitHub specify this as the client ID + // when requesting a user token. + GitHubAppClientID string `json:"gitHubAppClientId"` +} + +// Global DNS name of the production tunnel service. +var prodDnsName = "global.rel.tunnels.api.visualstudio.com" + +// Global DNS name of the pre-production tunnel service. +var ppeDnsName = "global.rel.tunnels.ppe.api.visualstudio.com" + +// Global DNS name of the development tunnel service. +var devDnsName = "global.ci.tunnels.dev.api.visualstudio.com" + +// Default host name for the local tunnel service. +var localDnsName = "tunnels.local.api.visualstudio.com:9901" + +// First-party app ID: `Visual Studio Tunnel Service` +// +// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, +// in the PROD service environment. +var prodFirstPartyAppID = "46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2" + +// First-party app ID: `Visual Studio Tunnel Service - Test` +// +// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, +// in the PPE service environments. +var ppeFirstPartyAppID = "54c45752-bacd-424a-b928-652f3eca2b18" + +// Third-party app ID: `DEV-VSTunnelService-3P` +// +// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, +// in the DEV service environment. This is a 3P app registration in the Microsoft corp +// tenant, replacing the former 1P FPA. +var devFirstPartyAppID = "906ce216-6f2e-40be-875d-7fe1a9bc288a" + +// Third-party app ID: `tunnels-prod-app-sp` +// +// Used for authenticating internal AAD service principals in the AME tenant, in the PROD +// service environment. +var prodThirdPartyAppID = "ce65d243-a913-4cae-a7dd-cb52e9f77647" + +// Third-party app ID: `tunnels-ppe-app-sp` +// +// Used for authenticating internal AAD service principals in the AME tenant, in the PPE +// service environment. +var ppeThirdPartyAppID = "544167a6-f431-4518-aac6-2fd50071928e" + +// Third-party app ID: `tunnels-dev-app-sp` +// +// Used for authenticating internal AAD service principals in the corp tenant (not AME!), +// in the DEV service environment. +var devThirdPartyAppID = "a118c979-0249-44bb-8f95-eb0457127aeb" + +// GitHub App Client ID for 'Visual Studio Tunnel Service' +// +// Used by client apps that authenticate tunnel users with GitHub, in the PROD service +// environment. +var prodGitHubAppClientID = "Iv1.e7b89e013f801f03" + +// GitHub App Client ID for 'Visual Studio Tunnel Service - Test' +// +// Used by client apps that authenticate tunnel users with GitHub, in the PPE service +// environment. +var ppeGitHubAppClientID = "Iv1.b231c327f1eaa229" + +// GitHub App Client ID for 'Dev Tunnels Service - Dev' +// +// Used by client apps that authenticate tunnel users with GitHub, in the DEV service +// environment. +var devGitHubAppClientID = "Iv23ctTiak9wLCiTcEbr" + +// GitHub App Client ID for 'Dev Tunnels Service - Local' +// +// Used by client apps that authenticate tunnel users with GitHub, when running the +// service locally. +var localGitHubAppClientID = "Iv23cttBYzKThF88PiPR" diff --git a/go/tunnels/tunnel_status.go b/go/tunnels/tunnel_status.go index e386ec3f..7df6446a 100644 --- a/go/tunnels/tunnel_status.go +++ b/go/tunnels/tunnel_status.go @@ -1,93 +1,93 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelStatus.cs - -package tunnels - -import ( - "time" -) - -// Data contract for `Tunnel` status. -type TunnelStatus struct { - // Gets or sets the current value and limit for the number of ports on the tunnel. - PortCount *ResourceStatus `json:"portCount,omitempty"` - - // Gets or sets the current value and limit for the number of hosts currently accepting - // connections to the tunnel. - // - // This is typically 0 or 1, but may be more than 1 if the tunnel options allow multiple - // hosts. - HostConnectionCount *ResourceStatus `json:"hostConnectionCount,omitempty"` - - // Gets or sets the UTC time when a host was last accepting connections to the tunnel, or - // null if a host has never connected. - LastHostConnectionTime *time.Time `json:"lastHostConnectionTime,omitempty"` - - // Gets or sets the current value and limit for the number of clients connected to the - // tunnel. - // - // This counts non-port-specific client connections, which is SDK and SSH clients. See - // `TunnelPortStatus` for status of per-port client connections. - ClientConnectionCount *ResourceStatus `json:"clientConnectionCount,omitempty"` - - // Gets or sets the UTC time when a client last connected to the tunnel, or null if a - // client has never connected. - // - // This reports times for non-port-specific client connections, which is SDK client and - // SSH clients. See `TunnelPortStatus` for per-port client connections. - LastClientConnectionTime *time.Time `json:"lastClientConnectionTime,omitempty"` - - // Gets or sets the current value and limit for the rate of client connections to the - // tunnel. - // - // This counts non-port-specific client connections, which is SDK client and SSH clients. - // See `TunnelPortStatus` for status of per-port client connections. - ClientConnectionRate *RateStatus `json:"clientConnectionRate,omitempty"` - - // Gets or sets the current value and limit for the rate of bytes being received by the - // tunnel host and uploaded by tunnel clients. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this rate. The reported rate may differ slightly from the rate - // measurable by applications, due to protocol overhead. Data rate status reporting is - // delayed by a few seconds, so this value is a snapshot of the data transfer rate from a - // few seconds earlier. - UploadRate *RateStatus `json:"uploadRate,omitempty"` - - // Gets or sets the current value and limit for the rate of bytes being sent by the - // tunnel host and downloaded by tunnel clients. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this rate. The reported rate may differ slightly from the rate - // measurable by applications, due to protocol overhead. Data rate status reporting is - // delayed by a few seconds, so this value is a snapshot of the data transfer rate from a - // few seconds earlier. - DownloadRate *RateStatus `json:"downloadRate,omitempty"` - - // Gets or sets the total number of bytes received by the tunnel host and uploaded by - // tunnel clients, over the lifetime of the tunnel. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this total. The reported value may differ slightly from the value - // measurable by applications, due to protocol overhead. Data transfer status reporting - // is delayed by a few seconds. - UploadTotal uint64 `json:"uploadTotal,omitempty"` - - // Gets or sets the total number of bytes sent by the tunnel host and downloaded by - // tunnel clients, over the lifetime of the tunnel. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this total. The reported value may differ slightly from the value - // measurable by applications, due to protocol overhead. Data transfer status reporting - // is delayed by a few seconds. - DownloadTotal uint64 `json:"downloadTotal,omitempty"` - - // Gets or sets the current value and limit for the rate of management API read - // operations for the tunnel or tunnel ports. - ApiReadRate *RateStatus `json:"apiReadRate,omitempty"` - - // Gets or sets the current value and limit for the rate of management API update - // operations for the tunnel or tunnel ports. - ApiUpdateRate *RateStatus `json:"apiUpdateRate,omitempty"` -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelStatus.cs + +package tunnels + +import ( + "time" +) + +// Data contract for `Tunnel` status. +type TunnelStatus struct { + // Gets or sets the current value and limit for the number of ports on the tunnel. + PortCount *ResourceStatus `json:"portCount,omitempty"` + + // Gets or sets the current value and limit for the number of hosts currently accepting + // connections to the tunnel. + // + // This is typically 0 or 1, but may be more than 1 if the tunnel options allow multiple + // hosts. + HostConnectionCount *ResourceStatus `json:"hostConnectionCount,omitempty"` + + // Gets or sets the UTC time when a host was last accepting connections to the tunnel, or + // null if a host has never connected. + LastHostConnectionTime *time.Time `json:"lastHostConnectionTime,omitempty"` + + // Gets or sets the current value and limit for the number of clients connected to the + // tunnel. + // + // This counts non-port-specific client connections, which is SDK and SSH clients. See + // `TunnelPortStatus` for status of per-port client connections. + ClientConnectionCount *ResourceStatus `json:"clientConnectionCount,omitempty"` + + // Gets or sets the UTC time when a client last connected to the tunnel, or null if a + // client has never connected. + // + // This reports times for non-port-specific client connections, which is SDK client and + // SSH clients. See `TunnelPortStatus` for per-port client connections. + LastClientConnectionTime *time.Time `json:"lastClientConnectionTime,omitempty"` + + // Gets or sets the current value and limit for the rate of client connections to the + // tunnel. + // + // This counts non-port-specific client connections, which is SDK client and SSH clients. + // See `TunnelPortStatus` for status of per-port client connections. + ClientConnectionRate *RateStatus `json:"clientConnectionRate,omitempty"` + + // Gets or sets the current value and limit for the rate of bytes being received by the + // tunnel host and uploaded by tunnel clients. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this rate. The reported rate may differ slightly from the rate + // measurable by applications, due to protocol overhead. Data rate status reporting is + // delayed by a few seconds, so this value is a snapshot of the data transfer rate from a + // few seconds earlier. + UploadRate *RateStatus `json:"uploadRate,omitempty"` + + // Gets or sets the current value and limit for the rate of bytes being sent by the + // tunnel host and downloaded by tunnel clients. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this rate. The reported rate may differ slightly from the rate + // measurable by applications, due to protocol overhead. Data rate status reporting is + // delayed by a few seconds, so this value is a snapshot of the data transfer rate from a + // few seconds earlier. + DownloadRate *RateStatus `json:"downloadRate,omitempty"` + + // Gets or sets the total number of bytes received by the tunnel host and uploaded by + // tunnel clients, over the lifetime of the tunnel. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this total. The reported value may differ slightly from the value + // measurable by applications, due to protocol overhead. Data transfer status reporting + // is delayed by a few seconds. + UploadTotal uint64 `json:"uploadTotal,omitempty"` + + // Gets or sets the total number of bytes sent by the tunnel host and downloaded by + // tunnel clients, over the lifetime of the tunnel. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this total. The reported value may differ slightly from the value + // measurable by applications, due to protocol overhead. Data transfer status reporting + // is delayed by a few seconds. + DownloadTotal uint64 `json:"downloadTotal,omitempty"` + + // Gets or sets the current value and limit for the rate of management API read + // operations for the tunnel or tunnel ports. + ApiReadRate *RateStatus `json:"apiReadRate,omitempty"` + + // Gets or sets the current value and limit for the rate of management API update + // operations for the tunnel or tunnel ports. + ApiUpdateRate *RateStatus `json:"apiUpdateRate,omitempty"` +} diff --git a/go/tunnels/tunnels.go b/go/tunnels/tunnels.go index fc6953f2..2d8c7ee8 100644 --- a/go/tunnels/tunnels.go +++ b/go/tunnels/tunnels.go @@ -10,7 +10,7 @@ import ( "github.com/rodaine/table" ) -const PackageVersion = "0.1.23" +const PackageVersion = "0.1.24" func (tunnel *Tunnel) requestObject() (*Tunnel, error) { convertedTunnel := &Tunnel{ diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/ClusterDetails.java b/java/src/main/java/com/microsoft/tunnels/contracts/ClusterDetails.java index d12220bd..6985a23d 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/ClusterDetails.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/ClusterDetails.java @@ -1,38 +1,38 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/ClusterDetails.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Details of a tunneling service cluster. Each cluster represents an instance of the - * tunneling service running in a particular Azure region. New tunnels are created in the - * current region unless otherwise specified. - */ -public class ClusterDetails { - ClusterDetails (String clusterId, String uri, String azureLocation) { - this.clusterId = clusterId; - this.uri = uri; - this.azureLocation = azureLocation; - } - - /** - * A cluster identifier based on its region. - */ - @Expose - public final String clusterId; - - /** - * The URI of the service cluster. - */ - @Expose - public final String uri; - - /** - * The Azure location of the cluster. - */ - @Expose - public final String azureLocation; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/ClusterDetails.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Details of a tunneling service cluster. Each cluster represents an instance of the + * tunneling service running in a particular Azure region. New tunnels are created in the + * current region unless otherwise specified. + */ +public class ClusterDetails { + ClusterDetails (String clusterId, String uri, String azureLocation) { + this.clusterId = clusterId; + this.uri = uri; + this.azureLocation = azureLocation; + } + + /** + * A cluster identifier based on its region. + */ + @Expose + public final String clusterId; + + /** + * The URI of the service cluster. + */ + @Expose + public final String uri; + + /** + * The Azure location of the cluster. + */ + @Expose + public final String azureLocation; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/ErrorCodes.java b/java/src/main/java/com/microsoft/tunnels/contracts/ErrorCodes.java index fa18c555..34ba1044 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/ErrorCodes.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/ErrorCodes.java @@ -1,25 +1,25 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/ErrorCodes.cs - -package com.microsoft.tunnels.contracts; - -/** - * Error codes for ErrorDetail.Code and `x-ms-error-code` header. - */ -public class ErrorCodes { - /** - * Operation timed out. - */ - public static final String timeout = "Timeout"; - - /** - * Operation cannot be performed because the service is not available. - */ - public static final String serviceUnavailable = "ServiceUnavailable"; - - /** - * Internal error. - */ - public static final String internalError = "InternalError"; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/ErrorCodes.cs + +package com.microsoft.tunnels.contracts; + +/** + * Error codes for ErrorDetail.Code and `x-ms-error-code` header. + */ +public class ErrorCodes { + /** + * Operation timed out. + */ + public static final String timeout = "Timeout"; + + /** + * Operation cannot be performed because the service is not available. + */ + public static final String serviceUnavailable = "ServiceUnavailable"; + + /** + * Internal error. + */ + public static final String internalError = "InternalError"; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/ErrorDetail.java b/java/src/main/java/com/microsoft/tunnels/contracts/ErrorDetail.java index 16dbccd3..f94f1a7d 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/ErrorDetail.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/ErrorDetail.java @@ -1,45 +1,45 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/ErrorDetail.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import com.google.gson.annotations.SerializedName; - -/** - * The top-level error object whose code matches the x-ms-error-code response header - */ -public class ErrorDetail { - /** - * One of a server-defined set of error codes defined in {@link ErrorCodes}. - */ - @Expose - public String code; - - /** - * A human-readable representation of the error. - */ - @Expose - public String message; - - /** - * The target of the error. - */ - @Expose - public String target; - - /** - * An array of details about specific errors that led to this reported error. - */ - @Expose - public ErrorDetail[] details; - - /** - * An object containing more specific information than the current object about the - * error. - */ - @SerializedName("innererror") - @Expose - public InnerErrorDetail innerError; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/ErrorDetail.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import com.google.gson.annotations.SerializedName; + +/** + * The top-level error object whose code matches the x-ms-error-code response header + */ +public class ErrorDetail { + /** + * One of a server-defined set of error codes defined in {@link ErrorCodes}. + */ + @Expose + public String code; + + /** + * A human-readable representation of the error. + */ + @Expose + public String message; + + /** + * The target of the error. + */ + @Expose + public String target; + + /** + * An array of details about specific errors that led to this reported error. + */ + @Expose + public ErrorDetail[] details; + + /** + * An object containing more specific information than the current object about the + * error. + */ + @SerializedName("innererror") + @Expose + public InnerErrorDetail innerError; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/InnerErrorDetail.java b/java/src/main/java/com/microsoft/tunnels/contracts/InnerErrorDetail.java index 457ce880..a36777d6 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/InnerErrorDetail.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/InnerErrorDetail.java @@ -1,28 +1,28 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/InnerErrorDetail.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import com.google.gson.annotations.SerializedName; - -/** - * An object containing more specific information than the current object about the error. - */ -public class InnerErrorDetail { - /** - * A more specific error code than was provided by the containing error. One of a - * server-defined set of error codes in {@link ErrorCodes}. - */ - @Expose - public String code; - - /** - * An object containing more specific information than the current object about the - * error. - */ - @SerializedName("innererror") - @Expose - public InnerErrorDetail innerError; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/InnerErrorDetail.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import com.google.gson.annotations.SerializedName; + +/** + * An object containing more specific information than the current object about the error. + */ +public class InnerErrorDetail { + /** + * A more specific error code than was provided by the containing error. One of a + * server-defined set of error codes in {@link ErrorCodes}. + */ + @Expose + public String code; + + /** + * An object containing more specific information than the current object about the + * error. + */ + @SerializedName("innererror") + @Expose + public InnerErrorDetail innerError; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/LocalNetworkTunnelEndpoint.java b/java/src/main/java/com/microsoft/tunnels/contracts/LocalNetworkTunnelEndpoint.java index bd8d9f42..14b3490e 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/LocalNetworkTunnelEndpoint.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/LocalNetworkTunnelEndpoint.java @@ -1,28 +1,28 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/LocalNetworkTunnelEndpoint.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Parameters for connecting to a tunnel via a local network connection. - * - * While a direct connection is technically not "tunneling", tunnel hosts may accept - * connections via the local network as an optional more-efficient alternative to a relay. - */ -public class LocalNetworkTunnelEndpoint extends TunnelEndpoint { - /** - * Gets or sets a list of IP endpoints where the host may accept connections. - * - * A host may accept connections on multiple IP endpoints simultaneously if there are - * multiple network interfaces on the host system and/or if the host supports both - * IPv4 and IPv6. Each item in the list is a URI consisting of a scheme (which gives - * an indication of the network connection protocol), an IP address (IPv4 or IPv6) and - * a port number. The URIs do not typically include any paths, because the connection - * is not normally HTTP-based. - */ - @Expose - public String[] hostEndpoints; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/LocalNetworkTunnelEndpoint.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Parameters for connecting to a tunnel via a local network connection. + * + * While a direct connection is technically not "tunneling", tunnel hosts may accept + * connections via the local network as an optional more-efficient alternative to a relay. + */ +public class LocalNetworkTunnelEndpoint extends TunnelEndpoint { + /** + * Gets or sets a list of IP endpoints where the host may accept connections. + * + * A host may accept connections on multiple IP endpoints simultaneously if there are + * multiple network interfaces on the host system and/or if the host supports both + * IPv4 and IPv6. Each item in the list is a URI consisting of a scheme (which gives + * an indication of the network connection protocol), an IP address (IPv4 or IPv6) and + * a port number. The URIs do not typically include any paths, because the connection + * is not normally HTTP-based. + */ + @Expose + public String[] hostEndpoints; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/NamedRateStatus.java b/java/src/main/java/com/microsoft/tunnels/contracts/NamedRateStatus.java index 26078542..b969a9d8 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/NamedRateStatus.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/NamedRateStatus.java @@ -1,18 +1,18 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/NamedRateStatus.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * A named {@link RateStatus}. - */ -public class NamedRateStatus extends RateStatus { - /** - * The name of the rate status. - */ - @Expose - public String name; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/NamedRateStatus.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * A named {@link RateStatus}. + */ +public class NamedRateStatus extends RateStatus { + /** + * The name of the rate status. + */ + @Expose + public String name; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/ProblemDetails.java b/java/src/main/java/com/microsoft/tunnels/contracts/ProblemDetails.java index dc7ab9b6..2fcc6b51 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/ProblemDetails.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/ProblemDetails.java @@ -1,36 +1,36 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/ProblemDetails.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Map; - -/** - * Structure of error details returned by the tunnel service, including validation errors. - * - * This object may be returned with a response status code of 400 (or other 4xx code). It - * is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and - * https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but - * doesn't require adding a dependency on that package. - */ -public class ProblemDetails { - /** - * Gets or sets the error title. - */ - @Expose - public String title; - - /** - * Gets or sets the error detail. - */ - @Expose - public String detail; - - /** - * Gets or sets additional details about individual request properties. - */ - @Expose - public Map errors; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/ProblemDetails.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Map; + +/** + * Structure of error details returned by the tunnel service, including validation errors. + * + * This object may be returned with a response status code of 400 (or other 4xx code). It + * is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and + * https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but + * doesn't require adding a dependency on that package. + */ +public class ProblemDetails { + /** + * Gets or sets the error title. + */ + @Expose + public String title; + + /** + * Gets or sets the error detail. + */ + @Expose + public String detail; + + /** + * Gets or sets additional details about individual request properties. + */ + @Expose + public Map errors; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/RateStatus.java b/java/src/main/java/com/microsoft/tunnels/contracts/RateStatus.java index 7b1366b3..b8d55641 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/RateStatus.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/RateStatus.java @@ -1,29 +1,29 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/RateStatus.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Current value and limit information for a rate-limited operation related to a tunnel or - * port. - */ -public class RateStatus extends ResourceStatus { - /** - * Gets or sets the length of each period, in seconds, over which the rate is - * measured. - * - * For rates that are limited by month (or billing period), this value may represent - * an estimate, since the actual duration may vary by the calendar. - */ - @Expose - public int periodSeconds; - - /** - * Gets or sets the unix time in seconds when this status will be reset. - */ - @Expose - public long resetTime; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/RateStatus.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Current value and limit information for a rate-limited operation related to a tunnel or + * port. + */ +public class RateStatus extends ResourceStatus { + /** + * Gets or sets the length of each period, in seconds, over which the rate is + * measured. + * + * For rates that are limited by month (or billing period), this value may represent + * an estimate, since the actual duration may vary by the calendar. + */ + @Expose + public int periodSeconds; + + /** + * Gets or sets the unix time in seconds when this status will be reset. + */ + @Expose + public long resetTime; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/ResourceStatus.java b/java/src/main/java/com/microsoft/tunnels/contracts/ResourceStatus.java index 85619d8d..0cb98644 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/ResourceStatus.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/ResourceStatus.java @@ -1,35 +1,35 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/ResourceStatus.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Current value and limit for a limited resource related to a tunnel or tunnel port. - */ -public class ResourceStatus { - /** - * Gets or sets the current value. - */ - @Expose - public long current; - - /** - * Gets or sets the limit enforced by the service, or null if there is no limit. - * - * Any requests that would cause the limit to be exceeded may be denied by the - * service. For HTTP requests, the response is generally a 403 Forbidden status, with - * details about the limit in the response body. - */ - @Expose - public long limit; - - /** - * Gets or sets an optional source of the {@link ResourceStatus#limit}, or null if - * there is no limit. - */ - @Expose - public String limitSource; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/ResourceStatus.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Current value and limit for a limited resource related to a tunnel or tunnel port. + */ +public class ResourceStatus { + /** + * Gets or sets the current value. + */ + @Expose + public long current; + + /** + * Gets or sets the limit enforced by the service, or null if there is no limit. + * + * Any requests that would cause the limit to be exceeded may be denied by the + * service. For HTTP requests, the response is generally a 403 Forbidden status, with + * details about the limit in the response body. + */ + @Expose + public long limit; + + /** + * Gets or sets an optional source of the {@link ResourceStatus#limit}, or null if + * there is no limit. + */ + @Expose + public String limitSource; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/ServiceVersionDetails.java b/java/src/main/java/com/microsoft/tunnels/contracts/ServiceVersionDetails.java index e57173b3..cbb1b9f9 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/ServiceVersionDetails.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/ServiceVersionDetails.java @@ -1,43 +1,43 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/ServiceVersionDetails.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Data contract for service version details. - */ -public class ServiceVersionDetails { - /** - * Gets or sets the version of the service. E.g. "1.0.6615.53976". The version - * corresponds to the build number. - */ - @Expose - public String version; - - /** - * Gets or sets the commit ID of the service. - */ - @Expose - public String commitId; - - /** - * Gets or sets the commit date of the service. - */ - @Expose - public String commitDate; - - /** - * Gets or sets the cluster ID of the service that handled the request. - */ - @Expose - public String clusterId; - - /** - * Gets or sets the Azure location of the service that handled the request. - */ - @Expose - public String azureLocation; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/ServiceVersionDetails.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Data contract for service version details. + */ +public class ServiceVersionDetails { + /** + * Gets or sets the version of the service. E.g. "1.0.6615.53976". The version + * corresponds to the build number. + */ + @Expose + public String version; + + /** + * Gets or sets the commit ID of the service. + */ + @Expose + public String commitId; + + /** + * Gets or sets the commit date of the service. + */ + @Expose + public String commitDate; + + /** + * Gets or sets the cluster ID of the service that handled the request. + */ + @Expose + public String clusterId; + + /** + * Gets or sets the Azure location of the service that handled the request. + */ + @Expose + public String azureLocation; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/Tunnel.java b/java/src/main/java/com/microsoft/tunnels/contracts/Tunnel.java index f913704b..78fa0e87 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/Tunnel.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/Tunnel.java @@ -1,119 +1,119 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/Tunnel.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Date; -import java.util.Map; - -/** - * Data contract for tunnel objects managed through the tunnel service REST API. - */ -public class Tunnel { - /** - * Gets or sets the ID of the cluster the tunnel was created in. - */ - @Expose - public String clusterId; - - /** - * Gets or sets the generated ID of the tunnel, unique within the cluster. - */ - @Expose - public String tunnelId; - - /** - * Gets or sets the optional short name (alias) of the tunnel. - * - * The name must be globally unique within the parent domain, and must be a valid - * subdomain. - */ - @Expose - public String name; - - /** - * Gets or sets the description of the tunnel. - */ - @Expose - public String description; - - /** - * Gets or sets the labels of the tunnel. - */ - @Expose - public String[] labels; - - /** - * Gets or sets the optional parent domain of the tunnel, if it is not using the - * default parent domain. - */ - @Expose - public String domain; - - /** - * Gets or sets a dictionary mapping from scopes to tunnel access tokens. - */ - @Expose - public Map accessTokens; - - /** - * Gets or sets access control settings for the tunnel. - * - * See {@link TunnelAccessControl} documentation for details about the access control - * model. - */ - @Expose - public TunnelAccessControl accessControl; - - /** - * Gets or sets default options for the tunnel. - */ - @Expose - public TunnelOptions options; - - /** - * Gets or sets current connection status of the tunnel. - */ - @Expose - public TunnelStatus status; - - /** - * Gets or sets an array of endpoints where hosts are currently accepting client - * connections to the tunnel. - */ - @Expose - public TunnelEndpoint[] endpoints; - - /** - * Gets or sets a list of ports in the tunnel. - * - * This optional property enables getting info about all ports in a tunnel at the same - * time as getting tunnel info, or creating one or more ports at the same time as - * creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating - * tunnel properties. (For the latter, use APIs to create/update/delete individual - * ports instead.) - */ - @Expose - public TunnelPort[] ports; - - /** - * Gets or sets the time in UTC of tunnel creation. - */ - @Expose - public Date created; - - /** - * Gets or the time the tunnel will be deleted if it is not used or updated. - */ - @Expose - public Date expiration; - - /** - * Gets or the custom amount of time the tunnel will be valid if it is not used or - * updated in seconds. - */ - @Expose - public int customExpiration; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/Tunnel.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Date; +import java.util.Map; + +/** + * Data contract for tunnel objects managed through the tunnel service REST API. + */ +public class Tunnel { + /** + * Gets or sets the ID of the cluster the tunnel was created in. + */ + @Expose + public String clusterId; + + /** + * Gets or sets the generated ID of the tunnel, unique within the cluster. + */ + @Expose + public String tunnelId; + + /** + * Gets or sets the optional short name (alias) of the tunnel. + * + * The name must be globally unique within the parent domain, and must be a valid + * subdomain. + */ + @Expose + public String name; + + /** + * Gets or sets the description of the tunnel. + */ + @Expose + public String description; + + /** + * Gets or sets the labels of the tunnel. + */ + @Expose + public String[] labels; + + /** + * Gets or sets the optional parent domain of the tunnel, if it is not using the + * default parent domain. + */ + @Expose + public String domain; + + /** + * Gets or sets a dictionary mapping from scopes to tunnel access tokens. + */ + @Expose + public Map accessTokens; + + /** + * Gets or sets access control settings for the tunnel. + * + * See {@link TunnelAccessControl} documentation for details about the access control + * model. + */ + @Expose + public TunnelAccessControl accessControl; + + /** + * Gets or sets default options for the tunnel. + */ + @Expose + public TunnelOptions options; + + /** + * Gets or sets current connection status of the tunnel. + */ + @Expose + public TunnelStatus status; + + /** + * Gets or sets an array of endpoints where hosts are currently accepting client + * connections to the tunnel. + */ + @Expose + public TunnelEndpoint[] endpoints; + + /** + * Gets or sets a list of ports in the tunnel. + * + * This optional property enables getting info about all ports in a tunnel at the same + * time as getting tunnel info, or creating one or more ports at the same time as + * creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating + * tunnel properties. (For the latter, use APIs to create/update/delete individual + * ports instead.) + */ + @Expose + public TunnelPort[] ports; + + /** + * Gets or sets the time in UTC of tunnel creation. + */ + @Expose + public Date created; + + /** + * Gets or the time the tunnel will be deleted if it is not used or updated. + */ + @Expose + public Date expiration; + + /** + * Gets or the custom amount of time the tunnel will be valid if it is not used or + * updated in seconds. + */ + @Expose + public int customExpiration; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControl.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControl.java index 5325e0f0..86c50d82 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControl.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControl.java @@ -1,39 +1,39 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessControl.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Collection; - -/** - * Data contract for access control on a {@link Tunnel} or {@link TunnelPort}. - * - * Tunnels and tunnel ports can each optionally have an access-control property set on - * them. An access-control object contains a list (ACL) of entries (ACEs) that specify the - * access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the - * tunnel, though ports may include ACEs that augment or override the inherited rules. - * Currently there is no capability to define "roles" for tunnel access (where a role - * specifies a set of related access scopes), and assign roles to users. That feature may - * be added in the future. (It should be represented as a separate `RoleAssignments` - * property on this class.) - */ -public class TunnelAccessControl { - /** - * Gets or sets the list of access control entries. - * - * The order of entries is significant: later entries override earlier entries that - * apply to the same subject. However, deny rules are always processed after allow - * rules, therefore an allow rule cannot override a deny rule for the same subject. - */ - @Expose - public TunnelAccessControlEntry[] entries; - - /** - * Checks that all items in an array of scopes are valid. - */ - public static void validateScopes(Collection scopes, Collection validScopes, boolean allowMultiple) { - TunnelAccessControlStatics.validateScopes(scopes, validScopes, allowMultiple); - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessControl.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Collection; + +/** + * Data contract for access control on a {@link Tunnel} or {@link TunnelPort}. + * + * Tunnels and tunnel ports can each optionally have an access-control property set on + * them. An access-control object contains a list (ACL) of entries (ACEs) that specify the + * access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the + * tunnel, though ports may include ACEs that augment or override the inherited rules. + * Currently there is no capability to define "roles" for tunnel access (where a role + * specifies a set of related access scopes), and assign roles to users. That feature may + * be added in the future. (It should be represented as a separate `RoleAssignments` + * property on this class.) + */ +public class TunnelAccessControl { + /** + * Gets or sets the list of access control entries. + * + * The order of entries is significant: later entries override earlier entries that + * apply to the same subject. However, deny rules are always processed after allow + * rules, therefore an allow rule cannot override a deny rule for the same subject. + */ + @Expose + public TunnelAccessControlEntry[] entries; + + /** + * Checks that all items in an array of scopes are valid. + */ + public static void validateScopes(Collection scopes, Collection validScopes, boolean allowMultiple) { + TunnelAccessControlStatics.validateScopes(scopes, validScopes, allowMultiple); + } +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntry.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntry.java index 9d020566..c1f3685f 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntry.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntry.java @@ -1,145 +1,145 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessControlEntry.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Date; - -/** - * Data contract for an access control entry on a {@link Tunnel} or {@link TunnelPort}. - * - * An access control entry (ACE) grants or denies one or more access scopes to one or more - * subjects. Tunnel ports inherit access control entries from their tunnel, and they may - * have additional port-specific entries that augment or override those access rules. - */ -public class TunnelAccessControlEntry { - /** - * Gets or sets the access control entry type. - */ - @Expose - public TunnelAccessControlEntryType type; - - /** - * Gets or sets the provider of the subjects in this access control entry. The - * provider impacts how the subject identifiers are resolved and displayed. The - * provider may be an identity provider such as AAD, or a system or standard such as - * "ssh" or "ipv4". - * - * For user, group, or org ACEs, this value is the name of the identity provider of - * the user/group/org IDs. It may be one of the well-known provider names in {@link - * TunnelAccessControlEntry#providers}, or (in the future) a custom identity provider. - * For public key ACEs, this value is the type of public key, e.g. "ssh". For IP - * address range ACEs, this value is the IP address version, "ipv4" or "ipv6", or - * "service-tag" if the range is defined by an Azure service tag. For anonymous ACEs, - * this value is null. - */ - @Expose - public String provider; - - /** - * Gets or sets a value indicating whether this is an access control entry on a tunnel - * port that is inherited from the tunnel's access control list. - */ - @Expose - public boolean isInherited; - - /** - * Gets or sets a value indicating whether this entry is a deny rule that blocks - * access to the specified users. Otherwise it is an allow rule. - * - * All deny rules (including inherited rules) are processed after all allow rules. - * Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list - * or on a more-specific resource. In other words, inherited deny ACEs cannot be - * overridden. - */ - @Expose - public boolean isDeny; - - /** - * Gets or sets a value indicating whether this entry applies to all subjects that are - * NOT in the {@link TunnelAccessControlEntry#subjects} list. - * - * Examples: an inverse organizations ACE applies to all users who are not members of - * the listed organization(s); an inverse anonymous ACE applies to all authenticated - * users; an inverse IP address ranges ACE applies to all clients that are not within - * any of the listed IP address ranges. The inverse option is often useful in policies - * in combination with {@link TunnelAccessControlEntry#isDeny}, for example a policy - * could deny access to users who are not members of an organization or are outside of - * an IP address range, effectively blocking any tunnels from allowing outside access - * (because inherited deny ACEs cannot be overridden). - */ - @Expose - public boolean isInverse; - - /** - * Gets or sets an optional organization context for all subjects of this entry. The - * use and meaning of this value depends on the {@link TunnelAccessControlEntry#type} - * and {@link TunnelAccessControlEntry#provider} of this entry. - * - * For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently - * used with any other types of ACEs. - */ - @Expose - public String organization; - - /** - * Gets or sets the subjects for the entry, such as user or group IDs. The format of - * the values depends on the {@link TunnelAccessControlEntry#type} and {@link - * TunnelAccessControlEntry#provider} of this entry. - */ - @Expose - public String[] subjects; - - /** - * Gets or sets the access scopes that this entry grants or denies to the subjects. - * - * These must be one or more values from {@link TunnelAccessScopes}. - */ - @Expose - public String[] scopes; - - /** - * Gets or sets the expiration for an access control entry. - * - * If no value is set then this value is null. - */ - @Expose - public Date expiration; - - /** - * Constants for well-known identity providers. - */ - public static class Providers { - /** - * Microsoft (AAD) identity provider. - */ - public static final String microsoft = "microsoft"; - - /** - * GitHub identity provider. - */ - public static final String gitHub = "github"; - - /** - * SSH public keys. - */ - public static final String ssh = "ssh"; - - /** - * IPv4 addresses. - */ - public static final String iPv4 = "ipv4"; - - /** - * IPv6 addresses. - */ - public static final String iPv6 = "ipv6"; - - /** - * Service tags. - */ - public static final String serviceTag = "service-tag"; - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessControlEntry.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Date; + +/** + * Data contract for an access control entry on a {@link Tunnel} or {@link TunnelPort}. + * + * An access control entry (ACE) grants or denies one or more access scopes to one or more + * subjects. Tunnel ports inherit access control entries from their tunnel, and they may + * have additional port-specific entries that augment or override those access rules. + */ +public class TunnelAccessControlEntry { + /** + * Gets or sets the access control entry type. + */ + @Expose + public TunnelAccessControlEntryType type; + + /** + * Gets or sets the provider of the subjects in this access control entry. The + * provider impacts how the subject identifiers are resolved and displayed. The + * provider may be an identity provider such as AAD, or a system or standard such as + * "ssh" or "ipv4". + * + * For user, group, or org ACEs, this value is the name of the identity provider of + * the user/group/org IDs. It may be one of the well-known provider names in {@link + * TunnelAccessControlEntry#providers}, or (in the future) a custom identity provider. + * For public key ACEs, this value is the type of public key, e.g. "ssh". For IP + * address range ACEs, this value is the IP address version, "ipv4" or "ipv6", or + * "service-tag" if the range is defined by an Azure service tag. For anonymous ACEs, + * this value is null. + */ + @Expose + public String provider; + + /** + * Gets or sets a value indicating whether this is an access control entry on a tunnel + * port that is inherited from the tunnel's access control list. + */ + @Expose + public boolean isInherited; + + /** + * Gets or sets a value indicating whether this entry is a deny rule that blocks + * access to the specified users. Otherwise it is an allow rule. + * + * All deny rules (including inherited rules) are processed after all allow rules. + * Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list + * or on a more-specific resource. In other words, inherited deny ACEs cannot be + * overridden. + */ + @Expose + public boolean isDeny; + + /** + * Gets or sets a value indicating whether this entry applies to all subjects that are + * NOT in the {@link TunnelAccessControlEntry#subjects} list. + * + * Examples: an inverse organizations ACE applies to all users who are not members of + * the listed organization(s); an inverse anonymous ACE applies to all authenticated + * users; an inverse IP address ranges ACE applies to all clients that are not within + * any of the listed IP address ranges. The inverse option is often useful in policies + * in combination with {@link TunnelAccessControlEntry#isDeny}, for example a policy + * could deny access to users who are not members of an organization or are outside of + * an IP address range, effectively blocking any tunnels from allowing outside access + * (because inherited deny ACEs cannot be overridden). + */ + @Expose + public boolean isInverse; + + /** + * Gets or sets an optional organization context for all subjects of this entry. The + * use and meaning of this value depends on the {@link TunnelAccessControlEntry#type} + * and {@link TunnelAccessControlEntry#provider} of this entry. + * + * For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently + * used with any other types of ACEs. + */ + @Expose + public String organization; + + /** + * Gets or sets the subjects for the entry, such as user or group IDs. The format of + * the values depends on the {@link TunnelAccessControlEntry#type} and {@link + * TunnelAccessControlEntry#provider} of this entry. + */ + @Expose + public String[] subjects; + + /** + * Gets or sets the access scopes that this entry grants or denies to the subjects. + * + * These must be one or more values from {@link TunnelAccessScopes}. + */ + @Expose + public String[] scopes; + + /** + * Gets or sets the expiration for an access control entry. + * + * If no value is set then this value is null. + */ + @Expose + public Date expiration; + + /** + * Constants for well-known identity providers. + */ + public static class Providers { + /** + * Microsoft (AAD) identity provider. + */ + public static final String microsoft = "microsoft"; + + /** + * GitHub identity provider. + */ + public static final String gitHub = "github"; + + /** + * SSH public keys. + */ + public static final String ssh = "ssh"; + + /** + * IPv4 addresses. + */ + public static final String iPv4 = "ipv4"; + + /** + * IPv6 addresses. + */ + public static final String iPv6 = "ipv6"; + + /** + * Service tags. + */ + public static final String serviceTag = "service-tag"; + } +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntryType.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntryType.java index 45035ba4..d532249f 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntryType.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessControlEntryType.java @@ -1,68 +1,68 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessControlEntryType.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.SerializedName; - -/** - * Specifies the type of {@link TunnelAccessControlEntry}. - */ -public enum TunnelAccessControlEntryType { - /** - * Uninitialized access control entry type. - */ - @SerializedName("None") - None, - - /** - * The access control entry refers to all anonymous users. - */ - @SerializedName("Anonymous") - Anonymous, - - /** - * The access control entry is a list of user IDs that are allowed (or denied) access. - */ - @SerializedName("Users") - Users, - - /** - * The access control entry is a list of groups IDs that are allowed (or denied) - * access. - */ - @SerializedName("Groups") - Groups, - - /** - * The access control entry is a list of organization IDs that are allowed (or denied) - * access. - * - * All users in the organizations are allowed (or denied) access, unless overridden by - * following group or user rules. - */ - @SerializedName("Organizations") - Organizations, - - /** - * The access control entry is a list of repositories. Users are allowed access to the - * tunnel if they have access to the repo. - */ - @SerializedName("Repositories") - Repositories, - - /** - * The access control entry is a list of public keys. Users are allowed access if they - * can authenticate using a private key corresponding to one of the public keys. - */ - @SerializedName("PublicKeys") - PublicKeys, - - /** - * The access control entry is a list of IP address ranges that are allowed (or - * denied) access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. - */ - @SerializedName("IPAddressRanges") - IPAddressRanges, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessControlEntryType.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.SerializedName; + +/** + * Specifies the type of {@link TunnelAccessControlEntry}. + */ +public enum TunnelAccessControlEntryType { + /** + * Uninitialized access control entry type. + */ + @SerializedName("None") + None, + + /** + * The access control entry refers to all anonymous users. + */ + @SerializedName("Anonymous") + Anonymous, + + /** + * The access control entry is a list of user IDs that are allowed (or denied) access. + */ + @SerializedName("Users") + Users, + + /** + * The access control entry is a list of groups IDs that are allowed (or denied) + * access. + */ + @SerializedName("Groups") + Groups, + + /** + * The access control entry is a list of organization IDs that are allowed (or denied) + * access. + * + * All users in the organizations are allowed (or denied) access, unless overridden by + * following group or user rules. + */ + @SerializedName("Organizations") + Organizations, + + /** + * The access control entry is a list of repositories. Users are allowed access to the + * tunnel if they have access to the repo. + */ + @SerializedName("Repositories") + Repositories, + + /** + * The access control entry is a list of public keys. Users are allowed access if they + * can authenticate using a private key corresponding to one of the public keys. + */ + @SerializedName("PublicKeys") + PublicKeys, + + /** + * The access control entry is a list of IP address ranges that are allowed (or + * denied) access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. + */ + @SerializedName("IPAddressRanges") + IPAddressRanges, +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessScopes.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessScopes.java index 1b8b47af..ada0039e 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessScopes.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessScopes.java @@ -1,49 +1,49 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessScopes.cs - -package com.microsoft.tunnels.contracts; - -/** - * Defines scopes for tunnel access tokens. - * - * A tunnel access token with one or more of these scopes typically also has cluster ID - * and tunnel ID claims that limit the access scope to a specific tunnel, and may also - * have one or more port claims that further limit the access to particular ports of the - * tunnel. - */ -public class TunnelAccessScopes { - /** - * Allows creating tunnels. This scope is valid only in policies at the global, - * domain, or organization level; it is not relevant to an already-created tunnel or - * tunnel port. (Creation of ports requires "manage" or "host" access to the tunnel.) - */ - public static final String create = "create"; - - /** - * Allows management operations on tunnels and tunnel ports. - */ - public static final String manage = "manage"; - - /** - * Allows management operations on all ports of a tunnel, but does not allow updating - * any other tunnel properties or deleting the tunnel. - */ - public static final String managePorts = "manage:ports"; - - /** - * Allows accepting connections on tunnels as a host. Includes access to update tunnel - * endpoints and ports. - */ - public static final String host = "host"; - - /** - * Allows inspecting tunnel connection activity and data. - */ - public static final String inspect = "inspect"; - - /** - * Allows connecting to tunnels or ports as a client. - */ - public static final String connect = "connect"; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessScopes.cs + +package com.microsoft.tunnels.contracts; + +/** + * Defines scopes for tunnel access tokens. + * + * A tunnel access token with one or more of these scopes typically also has cluster ID + * and tunnel ID claims that limit the access scope to a specific tunnel, and may also + * have one or more port claims that further limit the access to particular ports of the + * tunnel. + */ +public class TunnelAccessScopes { + /** + * Allows creating tunnels. This scope is valid only in policies at the global, + * domain, or organization level; it is not relevant to an already-created tunnel or + * tunnel port. (Creation of ports requires "manage" or "host" access to the tunnel.) + */ + public static final String create = "create"; + + /** + * Allows management operations on tunnels and tunnel ports. + */ + public static final String manage = "manage"; + + /** + * Allows management operations on all ports of a tunnel, but does not allow updating + * any other tunnel properties or deleting the tunnel. + */ + public static final String managePorts = "manage:ports"; + + /** + * Allows accepting connections on tunnels as a host. Includes access to update tunnel + * endpoints and ports. + */ + public static final String host = "host"; + + /** + * Allows inspecting tunnel connection activity and data. + */ + public static final String inspect = "inspect"; + + /** + * Allows connecting to tunnels or ports as a client. + */ + public static final String connect = "connect"; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessSubject.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessSubject.java index 0dc9f52f..6d1f556e 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessSubject.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAccessSubject.java @@ -1,55 +1,55 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessSubject.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Properties about a subject of a tunnel access control entry (ACE), used when resolving - * subject names to IDs when creating new ACEs, or formatting subject IDs to names when - * displaying existing ACEs. - */ -public class TunnelAccessSubject { - /** - * Gets or sets the type of subject, e.g. user, group, or organization. - */ - @Expose - public TunnelAccessControlEntryType type; - - /** - * Gets or sets the subject ID. - * - * The ID is typically a guid or integer that is unique within the scope of the - * identity provider or organization, and never changes for that subject. - */ - @Expose - public String id; - - /** - * Gets or sets the subject organization ID, which may be required if an organization - * is not implied by the authentication context. - */ - @Expose - public String organizationId; - - /** - * Gets or sets the partial or full subject name. - * - * When resolving a subject name to ID, a partial name may be provided, and the full - * name is returned if the partial name was successfully resolved. When formatting a - * subject ID to name, the full name is returned if the ID was found. - */ - @Expose - public String name; - - /** - * Gets or sets an array of possible subject matches, if a partial name was provided - * and did not resolve to a single subject. - * - * This property applies only when resolving subject names to IDs. - */ - @Expose - public TunnelAccessSubject[] matches; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelAccessSubject.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Properties about a subject of a tunnel access control entry (ACE), used when resolving + * subject names to IDs when creating new ACEs, or formatting subject IDs to names when + * displaying existing ACEs. + */ +public class TunnelAccessSubject { + /** + * Gets or sets the type of subject, e.g. user, group, or organization. + */ + @Expose + public TunnelAccessControlEntryType type; + + /** + * Gets or sets the subject ID. + * + * The ID is typically a guid or integer that is unique within the scope of the + * identity provider or organization, and never changes for that subject. + */ + @Expose + public String id; + + /** + * Gets or sets the subject organization ID, which may be required if an organization + * is not implied by the authentication context. + */ + @Expose + public String organizationId; + + /** + * Gets or sets the partial or full subject name. + * + * When resolving a subject name to ID, a partial name may be provided, and the full + * name is returned if the partial name was successfully resolved. When formatting a + * subject ID to name, the full name is returned if the ID was found. + */ + @Expose + public String name; + + /** + * Gets or sets an array of possible subject matches, if a partial name was provided + * and did not resolve to a single subject. + * + * This property applies only when resolving subject names to IDs. + */ + @Expose + public TunnelAccessSubject[] matches; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAuthenticationSchemes.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAuthenticationSchemes.java index a32ff826..8ed37d28 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAuthenticationSchemes.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelAuthenticationSchemes.java @@ -1,30 +1,30 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs - -package com.microsoft.tunnels.contracts; - -/** - * Defines string constants for authentication schemes supported by tunnel service APIs. - */ -public class TunnelAuthenticationSchemes { - /** - * Authentication scheme for AAD (or Microsoft account) access tokens. - */ - public static final String aad = "aad"; - - /** - * Authentication scheme for GitHub access tokens. - */ - public static final String gitHub = "github"; - - /** - * Authentication scheme for tunnel access tokens. - */ - public static final String tunnel = "tunnel"; - - /** - * Authentication scheme for tunnelPlan access tokens. - */ - public static final String tunnelPlan = "tunnelplan"; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs + +package com.microsoft.tunnels.contracts; + +/** + * Defines string constants for authentication schemes supported by tunnel service APIs. + */ +public class TunnelAuthenticationSchemes { + /** + * Authentication scheme for AAD (or Microsoft account) access tokens. + */ + public static final String aad = "aad"; + + /** + * Authentication scheme for GitHub access tokens. + */ + public static final String gitHub = "github"; + + /** + * Authentication scheme for tunnel access tokens. + */ + public static final String tunnel = "tunnel"; + + /** + * Authentication scheme for tunnelPlan access tokens. + */ + public static final String tunnelPlan = "tunnelplan"; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConnectionMode.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConnectionMode.java index d82af7ef..70a7bc48 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConnectionMode.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConnectionMode.java @@ -1,30 +1,30 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelConnectionMode.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.SerializedName; - -/** - * Specifies the connection protocol / implementation for a tunnel. - * - * Depending on the connection mode, hosts or clients might need to use different - * authentication and connection protocols. - */ -public enum TunnelConnectionMode { - /** - * Connect directly to the host over the local network. - * - * While it's technically not "tunneling", this mode may be combined with others to - * enable choosing the most efficient connection mode available. - */ - @SerializedName("LocalNetwork") - LocalNetwork, - - /** - * Use the tunnel service's integrated relay function. - */ - @SerializedName("TunnelRelay") - TunnelRelay, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelConnectionMode.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.SerializedName; + +/** + * Specifies the connection protocol / implementation for a tunnel. + * + * Depending on the connection mode, hosts or clients might need to use different + * authentication and connection protocols. + */ +public enum TunnelConnectionMode { + /** + * Connect directly to the host over the local network. + * + * While it's technically not "tunneling", this mode may be combined with others to + * enable choosing the most efficient connection mode available. + */ + @SerializedName("LocalNetwork") + LocalNetwork, + + /** + * Use the tunnel service's integrated relay function. + */ + @SerializedName("TunnelRelay") + TunnelRelay, +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConstraints.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConstraints.java index 666b888b..97c3cfbc 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConstraints.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelConstraints.java @@ -1,425 +1,425 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelConstraints.cs - -package com.microsoft.tunnels.contracts; - -import java.util.regex.Pattern; - -/** - * Tunnel constraints. - */ -public class TunnelConstraints { - /** - * Min length of tunnel cluster ID. - */ - public static final int clusterIdMinLength = 3; - - /** - * Max length of tunnel cluster ID. - */ - public static final int clusterIdMaxLength = 12; - - /** - * Length of V1 tunnel id. - */ - public static final int oldTunnelIdLength = 8; - - /** - * Min length of V2 tunnelId. - */ - public static final int newTunnelIdMinLength = 3; - - /** - * Max length of V2 tunnelId. - * - * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes - * (-<port>-inspect) remain within the DNS label limit of 63 characters. - */ - public static final int newTunnelIdMaxLength = 49; - - /** - * Length of a tunnel alias. - */ - public static final int tunnelAliasLength = 8; - - /** - * Min length of tunnel name. - */ - public static final int tunnelNameMinLength = 3; - - /** - * Max length of tunnel name. - * - * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes - * (-<port>-inspect) remain within the DNS label limit of 63 characters. - */ - public static final int tunnelNameMaxLength = 49; - - /** - * Max length of SSH username. - */ - public static final int sshUserMaxLength = 60; - - /** - * Max length of tunnel or port description. - */ - public static final int descriptionMaxLength = 400; - - /** - * Max length of tunnel event details. - */ - public static final int eventDetailsMaxLength = 4000; - - /** - * Max number of properties in a tunnel event. - */ - public static final int maxEventProperties = 100; - - /** - * Max length of a single tunnel event property value. - */ - public static final int eventPropertyValueMaxLength = 4000; - - /** - * Min length of a single tunnel or port tag. - */ - public static final int labelMinLength = 1; - - /** - * Max length of a single tunnel or port tag. - */ - public static final int labelMaxLength = 50; - - /** - * Maximum number of labels that can be applied to a tunnel or port. - */ - public static final int maxLabels = 100; - - /** - * Min length of a tunnel domain. - */ - public static final int tunnelDomainMinLength = 4; - - /** - * Max length of a tunnel domain. - */ - public static final int tunnelDomainMaxLength = 180; - - /** - * Maximum number of items allowed in the tunnel ports array. The actual limit on - * number of ports that can be created may be much lower, and may depend on various - * resource limitations or policies. - */ - public static final int tunnelMaxPorts = 1000; - - /** - * Maximum number of access control entries (ACEs) in a tunnel or tunnel port access - * control list (ACL). - */ - public static final int accessControlMaxEntries = 40; - - /** - * Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access - * control entry (ACE). - */ - public static final int accessControlMaxSubjects = 100; - - /** - * Max length of an access control subject or organization ID. - */ - public static final int accessControlSubjectMaxLength = 200; - - /** - * Max length of an access control subject name, when resolving names to IDs. - */ - public static final int accessControlSubjectNameMaxLength = 200; - - /** - * Maximum number of scopes in an access control entry. - */ - public static final int accessControlMaxScopes = 10; - - /** - * Regular expression that can match or validate tunnel event name strings. - */ - public static final String eventNamePattern = "^[a-z0-9_]{3,80}$"; - - /** - * Regular expression that can match or validate tunnel event severity strings. - */ - public static final String eventSeverityPattern = "^(info)|(warning)|(error)$"; - - /** - * Regular expression that can match or validate tunnel event property name strings. - */ - public static final String eventPropertyNamePattern = "^[a-zA-Z0-9_.]{3,200}$"; - - /** - * Regular expression that can match or validate tunnel cluster ID strings. - * - * Cluster IDs are alphanumeric; hyphens are not permitted. - */ - public static final String clusterIdPattern = "^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$"; - - /** - * Regular expression that can match or validate tunnel cluster ID strings. - * - * Cluster IDs are alphanumeric; hyphens are not permitted. - */ - public static final Pattern clusterIdRegex = java.util.regex.Pattern.compile(TunnelConstraints.clusterIdPattern); - - /** - * Regular expression that can match or validate a tunnel cluster ID as a hostname - * prefix. - * - * Cluster IDs are alphanumeric; hyphens are not permitted. - */ - public static final Pattern clusterIdPrefixRegex = java.util.regex.Pattern.compile(TunnelConstraints.clusterIdPattern.replace("$", "\\.")); - - /** - * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - * excluding vowels and 'y' (to avoid accidentally generating any random words). - */ - public static final String oldTunnelIdChars = "0123456789bcdfghjklmnpqrstvwxz"; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - public static final String oldTunnelIdPattern = "[" + TunnelConstraints.oldTunnelIdChars + "]{8}"; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - public static final Pattern oldTunnelIdRegex = java.util.regex.Pattern.compile(TunnelConstraints.oldTunnelIdPattern); - - /** - * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - * excluding vowels and 'y' (to avoid accidentally generating any random words). - */ - public static final String newTunnelIdChars = "0123456789abcdefghijklmnopqrstuvwxyz-"; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs have a limited character set of numbers and lowercase letters. Limited - * to 49 characters to ensure tunnel URIs with ports and inspection suffixes remain - * within the DNS label limit of 63 characters. - */ - public static final String newTunnelIdPattern = "[a-z0-9][a-z0-9-]{1,47}[a-z0-9]"; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - public static final Pattern newTunnelIdRegex = java.util.regex.Pattern.compile(TunnelConstraints.newTunnelIdPattern); - - /** - * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - * excluding vowels and 'y' (to avoid accidentally generating any random words). - */ - public static final String tunnelAliasChars = "0123456789bcdfghjklmnpqrstvwxz"; - - /** - * Regular expression that can match or validate tunnel alias strings. - * - * Tunnel Aliases are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel - * URIs with ports and inspection suffixes remain within the DNS label limit of 63 - * characters. - */ - public static final String tunnelAliasPattern = "[" + TunnelConstraints.tunnelAliasChars + "]{3,49}"; - - /** - * Regular expression that can match or validate tunnel alias strings. - * - * Tunnel Aliases are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - public static final Pattern tunnelAliasRegex = java.util.regex.Pattern.compile(TunnelConstraints.tunnelAliasPattern); - - /** - * Regular expression that can match or validate tunnel names. - * - * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an - * empty string because tunnels may be unnamed. Limited to 49 characters to ensure - * tunnel URIs with ports and inspection suffixes remain within the DNS label limit of - * 63 characters. - */ - public static final String tunnelNamePattern = "([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)"; - - /** - * Regular expression that can match or validate tunnel names. - * - * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an - * empty string because tunnels may be unnamed. - */ - public static final Pattern tunnelNameRegex = java.util.regex.Pattern.compile(TunnelConstraints.tunnelNamePattern); - - /** - * Regular expression that can match or validate tunnel or port labels. - */ - public static final String labelPattern = "[\\w-=]{1,50}"; - - /** - * Regular expression that can match or validate tunnel or port labels. - */ - public static final Pattern labelRegex = java.util.regex.Pattern.compile(TunnelConstraints.labelPattern); - - /** - * Regular expression that can match or validate tunnel domains. - * - * The tunnel service may perform additional contextual validation at the time the - * domain is registered. - */ - public static final String tunnelDomainPattern = "[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)"; - - /** - * Regular expression that can match or validate tunnel domains. - * - * The tunnel service may perform additional contextual validation at the time the - * domain is registered. - */ - public static final Pattern tunnelDomainRegex = java.util.regex.Pattern.compile(TunnelConstraints.tunnelDomainPattern); - - /** - * Regular expression that can match or validate an access control subject or - * organization ID. - * - * The : and / characters are allowed because subjects may include IP addresses and - * ranges. The @ character is allowed because MSA subjects may be identified by email - * address. - */ - public static final String accessControlSubjectPattern = "[0-9a-zA-Z-._:/@]{0,200}"; - - /** - * Regular expression that can match or validate an access control subject or - * organization ID. - */ - public static final Pattern accessControlSubjectRegex = java.util.regex.Pattern.compile(TunnelConstraints.accessControlSubjectPattern); - - /** - * Regular expression that can match or validate an access control subject name, when - * resolving subject names to IDs. - * - * Note angle-brackets are only allowed when they wrap an email address as part of a - * formatted name with email. The service will block any other use of angle-brackets, - * to avoid any XSS risks. - */ - public static final String accessControlSubjectNamePattern = "[ \\w\\d-.,/:'\"_@()<>]{0,200}"; - - /** - * Regular expression that can match or validate an access control subject name, when - * resolving subject names to IDs. - */ - public static final Pattern accessControlSubjectNameRegex = java.util.regex.Pattern.compile(TunnelConstraints.accessControlSubjectNamePattern); - - /** - * Validates and returns true if it is a valid cluster - * ID, otherwise false. - */ - public static boolean isValidClusterId(String clusterId) { - return TunnelConstraintsStatics.isValidClusterId(clusterId); - } - - /** - * Validates and returns true if it is a valid tunnel id, - * otherwise, false. - */ - public static boolean isValidOldTunnelId(String tunnelId) { - return TunnelConstraintsStatics.isValidOldTunnelId(tunnelId); - } - - /** - * Validates and returns true if it is a valid tunnel id, - * otherwise, false. - */ - public static boolean isValidNewTunnelId(String tunnelId) { - return TunnelConstraintsStatics.isValidNewTunnelId(tunnelId); - } - - /** - * Validates and returns true if it is a valid tunnel alias, - * otherwise, false. - */ - public static boolean isValidTunnelAlias(String alias) { - return TunnelConstraintsStatics.isValidTunnelAlias(alias); - } - - /** - * Validates and returns true if it is a valid tunnel - * name, otherwise, false. - */ - public static boolean isValidTunnelName(String tunnelName) { - return TunnelConstraintsStatics.isValidTunnelName(tunnelName); - } - - /** - * Validates and returns true if it is a valid tunnel tag, - * otherwise, false. - */ - public static boolean isValidTag(String tag) { - return TunnelConstraintsStatics.isValidTag(tag); - } - - /** - * Validates and returns true if it is a valid - * tunnel id or name. - */ - public static boolean isValidTunnelIdOrName(String tunnelIdOrName) { - return TunnelConstraintsStatics.isValidTunnelIdOrName(tunnelIdOrName); - } - - /** - * Validates and throws exception if it is null or not a - * valid tunnel id. Returns back if it's a valid tunnel - * id. - */ - public static String validateOldTunnelId(String tunnelId, String paramName) { - return TunnelConstraintsStatics.validateOldTunnelId(tunnelId, paramName); - } - - /** - * Validates and throws exception if it is null or not a - * valid tunnel id. Returns back if it's a valid tunnel - * id. - */ - public static String validateNewOrOldTunnelId(String tunnelId, String paramName) { - return TunnelConstraintsStatics.validateNewOrOldTunnelId(tunnelId, paramName); - } - - /** - * Validates and throws exception if it is null or not a - * valid tunnel id. Returns back if it's a valid tunnel - * id. - */ - public static String validateNewTunnelId(String tunnelId, String paramName) { - return TunnelConstraintsStatics.validateNewTunnelId(tunnelId, paramName); - } - - /** - * Validates and throws exception if it is null or not - * a valid tunnel id. Returns back if it's a valid - * tunnel id. - */ - public static String validateTunnelAlias(String tunnelAlias, String paramName) { - return TunnelConstraintsStatics.validateTunnelAlias(tunnelAlias, paramName); - } - - /** - * Validates and throws exception if it is null or - * not a valid tunnel id or name. Returns back if - * it's a valid tunnel id. - */ - public static String validateTunnelIdOrName(String tunnelIdOrName, String paramName) { - return TunnelConstraintsStatics.validateTunnelIdOrName(tunnelIdOrName, paramName); - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelConstraints.cs + +package com.microsoft.tunnels.contracts; + +import java.util.regex.Pattern; + +/** + * Tunnel constraints. + */ +public class TunnelConstraints { + /** + * Min length of tunnel cluster ID. + */ + public static final int clusterIdMinLength = 3; + + /** + * Max length of tunnel cluster ID. + */ + public static final int clusterIdMaxLength = 12; + + /** + * Length of V1 tunnel id. + */ + public static final int oldTunnelIdLength = 8; + + /** + * Min length of V2 tunnelId. + */ + public static final int newTunnelIdMinLength = 3; + + /** + * Max length of V2 tunnelId. + * + * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes + * (-<port>-inspect) remain within the DNS label limit of 63 characters. + */ + public static final int newTunnelIdMaxLength = 49; + + /** + * Length of a tunnel alias. + */ + public static final int tunnelAliasLength = 8; + + /** + * Min length of tunnel name. + */ + public static final int tunnelNameMinLength = 3; + + /** + * Max length of tunnel name. + * + * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes + * (-<port>-inspect) remain within the DNS label limit of 63 characters. + */ + public static final int tunnelNameMaxLength = 49; + + /** + * Max length of SSH username. + */ + public static final int sshUserMaxLength = 60; + + /** + * Max length of tunnel or port description. + */ + public static final int descriptionMaxLength = 400; + + /** + * Max length of tunnel event details. + */ + public static final int eventDetailsMaxLength = 4000; + + /** + * Max number of properties in a tunnel event. + */ + public static final int maxEventProperties = 100; + + /** + * Max length of a single tunnel event property value. + */ + public static final int eventPropertyValueMaxLength = 4000; + + /** + * Min length of a single tunnel or port tag. + */ + public static final int labelMinLength = 1; + + /** + * Max length of a single tunnel or port tag. + */ + public static final int labelMaxLength = 50; + + /** + * Maximum number of labels that can be applied to a tunnel or port. + */ + public static final int maxLabels = 100; + + /** + * Min length of a tunnel domain. + */ + public static final int tunnelDomainMinLength = 4; + + /** + * Max length of a tunnel domain. + */ + public static final int tunnelDomainMaxLength = 180; + + /** + * Maximum number of items allowed in the tunnel ports array. The actual limit on + * number of ports that can be created may be much lower, and may depend on various + * resource limitations or policies. + */ + public static final int tunnelMaxPorts = 1000; + + /** + * Maximum number of access control entries (ACEs) in a tunnel or tunnel port access + * control list (ACL). + */ + public static final int accessControlMaxEntries = 40; + + /** + * Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access + * control entry (ACE). + */ + public static final int accessControlMaxSubjects = 100; + + /** + * Max length of an access control subject or organization ID. + */ + public static final int accessControlSubjectMaxLength = 200; + + /** + * Max length of an access control subject name, when resolving names to IDs. + */ + public static final int accessControlSubjectNameMaxLength = 200; + + /** + * Maximum number of scopes in an access control entry. + */ + public static final int accessControlMaxScopes = 10; + + /** + * Regular expression that can match or validate tunnel event name strings. + */ + public static final String eventNamePattern = "^[a-z0-9_]{3,80}$"; + + /** + * Regular expression that can match or validate tunnel event severity strings. + */ + public static final String eventSeverityPattern = "^(info)|(warning)|(error)$"; + + /** + * Regular expression that can match or validate tunnel event property name strings. + */ + public static final String eventPropertyNamePattern = "^[a-zA-Z0-9_.]{3,200}$"; + + /** + * Regular expression that can match or validate tunnel cluster ID strings. + * + * Cluster IDs are alphanumeric; hyphens are not permitted. + */ + public static final String clusterIdPattern = "^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$"; + + /** + * Regular expression that can match or validate tunnel cluster ID strings. + * + * Cluster IDs are alphanumeric; hyphens are not permitted. + */ + public static final Pattern clusterIdRegex = java.util.regex.Pattern.compile(TunnelConstraints.clusterIdPattern); + + /** + * Regular expression that can match or validate a tunnel cluster ID as a hostname + * prefix. + * + * Cluster IDs are alphanumeric; hyphens are not permitted. + */ + public static final Pattern clusterIdPrefixRegex = java.util.regex.Pattern.compile(TunnelConstraints.clusterIdPattern.replace("$", "\\.")); + + /** + * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + * excluding vowels and 'y' (to avoid accidentally generating any random words). + */ + public static final String oldTunnelIdChars = "0123456789bcdfghjklmnpqrstvwxz"; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + public static final String oldTunnelIdPattern = "[" + TunnelConstraints.oldTunnelIdChars + "]{8}"; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + public static final Pattern oldTunnelIdRegex = java.util.regex.Pattern.compile(TunnelConstraints.oldTunnelIdPattern); + + /** + * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + * excluding vowels and 'y' (to avoid accidentally generating any random words). + */ + public static final String newTunnelIdChars = "0123456789abcdefghijklmnopqrstuvwxyz-"; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs have a limited character set of numbers and lowercase letters. Limited + * to 49 characters to ensure tunnel URIs with ports and inspection suffixes remain + * within the DNS label limit of 63 characters. + */ + public static final String newTunnelIdPattern = "[a-z0-9][a-z0-9-]{1,47}[a-z0-9]"; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + public static final Pattern newTunnelIdRegex = java.util.regex.Pattern.compile(TunnelConstraints.newTunnelIdPattern); + + /** + * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + * excluding vowels and 'y' (to avoid accidentally generating any random words). + */ + public static final String tunnelAliasChars = "0123456789bcdfghjklmnpqrstvwxz"; + + /** + * Regular expression that can match or validate tunnel alias strings. + * + * Tunnel Aliases are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel + * URIs with ports and inspection suffixes remain within the DNS label limit of 63 + * characters. + */ + public static final String tunnelAliasPattern = "[" + TunnelConstraints.tunnelAliasChars + "]{3,49}"; + + /** + * Regular expression that can match or validate tunnel alias strings. + * + * Tunnel Aliases are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + public static final Pattern tunnelAliasRegex = java.util.regex.Pattern.compile(TunnelConstraints.tunnelAliasPattern); + + /** + * Regular expression that can match or validate tunnel names. + * + * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an + * empty string because tunnels may be unnamed. Limited to 49 characters to ensure + * tunnel URIs with ports and inspection suffixes remain within the DNS label limit of + * 63 characters. + */ + public static final String tunnelNamePattern = "([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)"; + + /** + * Regular expression that can match or validate tunnel names. + * + * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an + * empty string because tunnels may be unnamed. + */ + public static final Pattern tunnelNameRegex = java.util.regex.Pattern.compile(TunnelConstraints.tunnelNamePattern); + + /** + * Regular expression that can match or validate tunnel or port labels. + */ + public static final String labelPattern = "[\\w-=]{1,50}"; + + /** + * Regular expression that can match or validate tunnel or port labels. + */ + public static final Pattern labelRegex = java.util.regex.Pattern.compile(TunnelConstraints.labelPattern); + + /** + * Regular expression that can match or validate tunnel domains. + * + * The tunnel service may perform additional contextual validation at the time the + * domain is registered. + */ + public static final String tunnelDomainPattern = "[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)"; + + /** + * Regular expression that can match or validate tunnel domains. + * + * The tunnel service may perform additional contextual validation at the time the + * domain is registered. + */ + public static final Pattern tunnelDomainRegex = java.util.regex.Pattern.compile(TunnelConstraints.tunnelDomainPattern); + + /** + * Regular expression that can match or validate an access control subject or + * organization ID. + * + * The : and / characters are allowed because subjects may include IP addresses and + * ranges. The @ character is allowed because MSA subjects may be identified by email + * address. + */ + public static final String accessControlSubjectPattern = "[0-9a-zA-Z-._:/@]{0,200}"; + + /** + * Regular expression that can match or validate an access control subject or + * organization ID. + */ + public static final Pattern accessControlSubjectRegex = java.util.regex.Pattern.compile(TunnelConstraints.accessControlSubjectPattern); + + /** + * Regular expression that can match or validate an access control subject name, when + * resolving subject names to IDs. + * + * Note angle-brackets are only allowed when they wrap an email address as part of a + * formatted name with email. The service will block any other use of angle-brackets, + * to avoid any XSS risks. + */ + public static final String accessControlSubjectNamePattern = "[ \\w\\d-.,/:'\"_@()<>]{0,200}"; + + /** + * Regular expression that can match or validate an access control subject name, when + * resolving subject names to IDs. + */ + public static final Pattern accessControlSubjectNameRegex = java.util.regex.Pattern.compile(TunnelConstraints.accessControlSubjectNamePattern); + + /** + * Validates and returns true if it is a valid cluster + * ID, otherwise false. + */ + public static boolean isValidClusterId(String clusterId) { + return TunnelConstraintsStatics.isValidClusterId(clusterId); + } + + /** + * Validates and returns true if it is a valid tunnel id, + * otherwise, false. + */ + public static boolean isValidOldTunnelId(String tunnelId) { + return TunnelConstraintsStatics.isValidOldTunnelId(tunnelId); + } + + /** + * Validates and returns true if it is a valid tunnel id, + * otherwise, false. + */ + public static boolean isValidNewTunnelId(String tunnelId) { + return TunnelConstraintsStatics.isValidNewTunnelId(tunnelId); + } + + /** + * Validates and returns true if it is a valid tunnel alias, + * otherwise, false. + */ + public static boolean isValidTunnelAlias(String alias) { + return TunnelConstraintsStatics.isValidTunnelAlias(alias); + } + + /** + * Validates and returns true if it is a valid tunnel + * name, otherwise, false. + */ + public static boolean isValidTunnelName(String tunnelName) { + return TunnelConstraintsStatics.isValidTunnelName(tunnelName); + } + + /** + * Validates and returns true if it is a valid tunnel tag, + * otherwise, false. + */ + public static boolean isValidTag(String tag) { + return TunnelConstraintsStatics.isValidTag(tag); + } + + /** + * Validates and returns true if it is a valid + * tunnel id or name. + */ + public static boolean isValidTunnelIdOrName(String tunnelIdOrName) { + return TunnelConstraintsStatics.isValidTunnelIdOrName(tunnelIdOrName); + } + + /** + * Validates and throws exception if it is null or not a + * valid tunnel id. Returns back if it's a valid tunnel + * id. + */ + public static String validateOldTunnelId(String tunnelId, String paramName) { + return TunnelConstraintsStatics.validateOldTunnelId(tunnelId, paramName); + } + + /** + * Validates and throws exception if it is null or not a + * valid tunnel id. Returns back if it's a valid tunnel + * id. + */ + public static String validateNewOrOldTunnelId(String tunnelId, String paramName) { + return TunnelConstraintsStatics.validateNewOrOldTunnelId(tunnelId, paramName); + } + + /** + * Validates and throws exception if it is null or not a + * valid tunnel id. Returns back if it's a valid tunnel + * id. + */ + public static String validateNewTunnelId(String tunnelId, String paramName) { + return TunnelConstraintsStatics.validateNewTunnelId(tunnelId, paramName); + } + + /** + * Validates and throws exception if it is null or not + * a valid tunnel id. Returns back if it's a valid + * tunnel id. + */ + public static String validateTunnelAlias(String tunnelAlias, String paramName) { + return TunnelConstraintsStatics.validateTunnelAlias(tunnelAlias, paramName); + } + + /** + * Validates and throws exception if it is null or + * not a valid tunnel id or name. Returns back if + * it's a valid tunnel id. + */ + public static String validateTunnelIdOrName(String tunnelIdOrName, String paramName) { + return TunnelConstraintsStatics.validateTunnelIdOrName(tunnelIdOrName, paramName); + } +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEndpoint.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEndpoint.java index 0dba38aa..634bc5d4 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEndpoint.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEndpoint.java @@ -1,123 +1,123 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelEndpoint.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.net.URI; - -/** - * Base class for tunnel connection parameters. - * - * A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. - * There is a subclass for each connection mode, each having different connection - * parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and - * clients can select their preferred endpoint(s) from those depending on network - * environment or client capabilities. - */ -public class TunnelEndpoint { - /** - * Gets or sets the ID of this endpoint. - */ - @Expose - public String id; - - /** - * Gets or sets the connection mode of the endpoint. - * - * This property is required when creating or updating an endpoint. The subclass type - * is also an indication of the connection mode, but this property is necessary to - * determine the subclass type when deserializing. - */ - @Expose - public TunnelConnectionMode connectionMode; - - /** - * Gets or sets the ID of the host that is listening on this endpoint. - * - * This property is required when creating or updating an endpoint. If the host - * supports multiple connection modes, the host's ID is the same for all the endpoints - * it supports. However different hosts may simultaneously accept connections at - * different endpoints for the same tunnel, if enabled in tunnel options. - */ - @Expose - public String hostId; - - /** - * Gets or sets an array of public keys, which can be used by clients to authenticate - * the host. - */ - @Expose - public String[] hostPublicKeys; - - /** - * Gets or sets a string used to format URIs where a web client can connect to ports - * of the tunnel. The string includes a {@link TunnelEndpoint#portToken} that must be - * replaced with the actual port number. - */ - @Expose - public String portUriFormat; - - /** - * Gets or sets the URI where a web client can connect to the default port of the - * tunnel. - */ - @Expose - public String tunnelUri; - - /** - * Gets or sets a string used to format ssh command where ssh client can connect to - * shared ssh port of the tunnel. The string includes a {@link - * TunnelEndpoint#portToken} that must be replaced with the actual port number. - */ - @Expose - public String portSshCommandFormat; - - /** - * Gets or sets the Ssh command where the Ssh client can connect to the default ssh - * port of the tunnel. - */ - @Expose - public String tunnelSshCommand; - - /** - * Gets or sets the Ssh gateway public key which should be added to the - * authorized_keys file so that tunnel service can connect to the shared ssh server. - */ - @Expose - public String sshGatewayPublicKey; - - /** - * Token included in {@link TunnelEndpoint#portUriFormat} and {@link - * TunnelEndpoint#portSshCommandFormat} that is to be replaced by a specified port - * number. - */ - public static final String portToken = "{port}"; - - /** - * Gets a URI where a web client can connect to a tunnel port. - * - * Requests to the URI may result in HTTP 307 redirections, so the client may need to - * follow the redirection in order to connect to the port. - * - * If the port is not currently shared via the tunnel, or if a host is not currently - * connected to the tunnel, then requests to the port URI may result in a 502 Bad - * Gateway response. - */ - public static URI getPortUri(TunnelEndpoint endpoint, int portNumber) { - return TunnelEndpointStatics.getPortUri(endpoint, portNumber); - } - - /** - * Gets a ssh command which can be used to connect to a tunnel ssh port. - * - * SSH client on Windows/Linux/MacOS are supported. - * - * If the port is not currently shared via the tunnel, or if a host is not currently - * connected to the tunnel, then ssh connection might fail. - */ - public static String getPortSshCommand(TunnelEndpoint endpoint, int portNumber) { - return TunnelEndpointStatics.getPortSshCommand(endpoint, portNumber); - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelEndpoint.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.net.URI; + +/** + * Base class for tunnel connection parameters. + * + * A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. + * There is a subclass for each connection mode, each having different connection + * parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and + * clients can select their preferred endpoint(s) from those depending on network + * environment or client capabilities. + */ +public class TunnelEndpoint { + /** + * Gets or sets the ID of this endpoint. + */ + @Expose + public String id; + + /** + * Gets or sets the connection mode of the endpoint. + * + * This property is required when creating or updating an endpoint. The subclass type + * is also an indication of the connection mode, but this property is necessary to + * determine the subclass type when deserializing. + */ + @Expose + public TunnelConnectionMode connectionMode; + + /** + * Gets or sets the ID of the host that is listening on this endpoint. + * + * This property is required when creating or updating an endpoint. If the host + * supports multiple connection modes, the host's ID is the same for all the endpoints + * it supports. However different hosts may simultaneously accept connections at + * different endpoints for the same tunnel, if enabled in tunnel options. + */ + @Expose + public String hostId; + + /** + * Gets or sets an array of public keys, which can be used by clients to authenticate + * the host. + */ + @Expose + public String[] hostPublicKeys; + + /** + * Gets or sets a string used to format URIs where a web client can connect to ports + * of the tunnel. The string includes a {@link TunnelEndpoint#portToken} that must be + * replaced with the actual port number. + */ + @Expose + public String portUriFormat; + + /** + * Gets or sets the URI where a web client can connect to the default port of the + * tunnel. + */ + @Expose + public String tunnelUri; + + /** + * Gets or sets a string used to format ssh command where ssh client can connect to + * shared ssh port of the tunnel. The string includes a {@link + * TunnelEndpoint#portToken} that must be replaced with the actual port number. + */ + @Expose + public String portSshCommandFormat; + + /** + * Gets or sets the Ssh command where the Ssh client can connect to the default ssh + * port of the tunnel. + */ + @Expose + public String tunnelSshCommand; + + /** + * Gets or sets the Ssh gateway public key which should be added to the + * authorized_keys file so that tunnel service can connect to the shared ssh server. + */ + @Expose + public String sshGatewayPublicKey; + + /** + * Token included in {@link TunnelEndpoint#portUriFormat} and {@link + * TunnelEndpoint#portSshCommandFormat} that is to be replaced by a specified port + * number. + */ + public static final String portToken = "{port}"; + + /** + * Gets a URI where a web client can connect to a tunnel port. + * + * Requests to the URI may result in HTTP 307 redirections, so the client may need to + * follow the redirection in order to connect to the port. + * + * If the port is not currently shared via the tunnel, or if a host is not currently + * connected to the tunnel, then requests to the port URI may result in a 502 Bad + * Gateway response. + */ + public static URI getPortUri(TunnelEndpoint endpoint, int portNumber) { + return TunnelEndpointStatics.getPortUri(endpoint, portNumber); + } + + /** + * Gets a ssh command which can be used to connect to a tunnel ssh port. + * + * SSH client on Windows/Linux/MacOS are supported. + * + * If the port is not currently shared via the tunnel, or if a host is not currently + * connected to the tunnel, then ssh connection might fail. + */ + public static String getPortSshCommand(TunnelEndpoint endpoint, int portNumber) { + return TunnelEndpointStatics.getPortSshCommand(endpoint, portNumber); + } +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEvent.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEvent.java index 29171d74..f30ce44a 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEvent.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelEvent.java @@ -1,63 +1,63 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelEvent.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Date; -import java.util.Map; - -/** - * Data contract for tunnel client events reported to the tunnel service. - */ -public class TunnelEvent { - /** - * Default event severity. - */ - public static final String info = "info"; - - /** - * Warning event severity. - */ - public static final String warning = "warning"; - - /** - * Error event severity. - */ - public static final String error = "error"; - - /** - * Gets or sets the UTC timestamp of the event (using the client's clock). - */ - @Expose - public Date timestamp; - - /** - * Gets or sets name of the event. This should be a short descriptive identifier. - */ - @Expose - public String name; - - /** - * Gets or sets the severity of the event, such as {@link TunnelEvent#info}, {@link - * TunnelEvent#warning}, or {@link TunnelEvent#error}. - * - * If not specified, the default severity is "info". - */ - @Expose - public String severity; - - /** - * Gets or sets optional unstructured details about the event, such as a message or - * description. For warning or error events this may include a stack trace. - */ - @Expose - public String details; - - /** - * Gets or sets semi-structured event properties. - */ - @Expose - public Map properties; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelEvent.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Date; +import java.util.Map; + +/** + * Data contract for tunnel client events reported to the tunnel service. + */ +public class TunnelEvent { + /** + * Default event severity. + */ + public static final String info = "info"; + + /** + * Warning event severity. + */ + public static final String warning = "warning"; + + /** + * Error event severity. + */ + public static final String error = "error"; + + /** + * Gets or sets the UTC timestamp of the event (using the client's clock). + */ + @Expose + public Date timestamp; + + /** + * Gets or sets name of the event. This should be a short descriptive identifier. + */ + @Expose + public String name; + + /** + * Gets or sets the severity of the event, such as {@link TunnelEvent#info}, {@link + * TunnelEvent#warning}, or {@link TunnelEvent#error}. + * + * If not specified, the default severity is "info". + */ + @Expose + public String severity; + + /** + * Gets or sets optional unstructured details about the event, such as a message or + * description. For warning or error events this may include a stack trace. + */ + @Expose + public String details; + + /** + * Gets or sets semi-structured event properties. + */ + @Expose + public Map properties; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelHeaderNames.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelHeaderNames.java index e3a7753f..45138347 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelHeaderNames.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelHeaderNames.java @@ -1,36 +1,36 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelHeaderNames.cs - -package com.microsoft.tunnels.contracts; - -/** - * Header names for http requests that Tunnel Service can handle - */ -public class TunnelHeaderNames { - /** - * Additional authorization header that can be passed to tunnel web forwarding to - * authenticate and authorize the client. The format of the value is the same as - * Authorization header that is sent to the Tunnel service by the tunnel SDK. - * Supported schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. - */ - public static final String xTunnelAuthorization = "X-Tunnel-Authorization"; - - /** - * Request ID header that nginx ingress controller adds to all requests if it's not - * there. - */ - public static final String xRequestID = "X-Request-ID"; - - /** - * Github Ssh public key which can be used to validate if it belongs to tunnel's - * owner. - */ - public static final String xGithubSshKey = "X-Github-Ssh-Key"; - - /** - * Header that will skip the antiphishing page when connection to a tunnel through web - * forwarding. - */ - public static final String xTunnelSkipAntiPhishingPage = "X-Tunnel-Skip-AntiPhishing-Page"; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelHeaderNames.cs + +package com.microsoft.tunnels.contracts; + +/** + * Header names for http requests that Tunnel Service can handle + */ +public class TunnelHeaderNames { + /** + * Additional authorization header that can be passed to tunnel web forwarding to + * authenticate and authorize the client. The format of the value is the same as + * Authorization header that is sent to the Tunnel service by the tunnel SDK. + * Supported schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. + */ + public static final String xTunnelAuthorization = "X-Tunnel-Authorization"; + + /** + * Request ID header that nginx ingress controller adds to all requests if it's not + * there. + */ + public static final String xRequestID = "X-Request-ID"; + + /** + * Github Ssh public key which can be used to validate if it belongs to tunnel's + * owner. + */ + public static final String xGithubSshKey = "X-Github-Ssh-Key"; + + /** + * Header that will skip the antiphishing page when connection to a tunnel through web + * forwarding. + */ + public static final String xTunnelSkipAntiPhishingPage = "X-Tunnel-Skip-AntiPhishing-Page"; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegion.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegion.java index eafd495b..202113df 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegion.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegion.java @@ -1,36 +1,36 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelListByRegion.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Tunnel list by region. - */ -public class TunnelListByRegion { - /** - * Azure region name. - */ - @Expose - public String regionName; - - /** - * Cluster id in the region. - */ - @Expose - public String clusterId; - - /** - * List of tunnels. - */ - @Expose - public Tunnel[] value; - - /** - * Error detail if getting list of tunnels in the region failed. - */ - @Expose - public ErrorDetail error; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelListByRegion.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Tunnel list by region. + */ +public class TunnelListByRegion { + /** + * Azure region name. + */ + @Expose + public String regionName; + + /** + * Cluster id in the region. + */ + @Expose + public String clusterId; + + /** + * List of tunnels. + */ + @Expose + public Tunnel[] value; + + /** + * Error detail if getting list of tunnels in the region failed. + */ + @Expose + public ErrorDetail error; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegionResponse.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegionResponse.java index 82ca655c..5bfcce45 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegionResponse.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelListByRegionResponse.java @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelListByRegionResponse.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Data contract for response of a list tunnel by region call. - */ -public class TunnelListByRegionResponse { - /** - * List of tunnels - */ - @Expose - public TunnelListByRegion[] value; - - /** - * Link to get next page of results. - */ - @Expose - public String nextLink; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelListByRegionResponse.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Data contract for response of a list tunnel by region call. + */ +public class TunnelListByRegionResponse { + /** + * List of tunnels + */ + @Expose + public TunnelListByRegion[] value; + + /** + * Link to get next page of results. + */ + @Expose + public String nextLink; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelOptions.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelOptions.java index a0b0a224..36051a06 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelOptions.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelOptions.java @@ -1,126 +1,126 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelOptions.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Data contract for {@link Tunnel} or {@link TunnelPort} options. - */ -public class TunnelOptions { - /** - * Gets or sets a value indicating whether web-forwarding of this tunnel can run on - * any cluster (region) without redirecting to the home cluster. This is only - * applicable if the tunnel has a name and web-forwarding uses it. - */ - @Expose - public boolean isGloballyAvailable; - - /** - * Gets or sets a value for `Host` header rewriting to use in web-forwarding of this - * tunnel or port. By default, with this property null or empty, web-forwarding uses - * "localhost" to rewrite the header. Web-fowarding will use this property instead if - * it is not null or empty. Port-level option, if set, takes precedence over this - * option on the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. - */ - @Expose - public String hostHeader; - - /** - * Gets or sets a value indicating whether `Host` header is rewritten or the header - * value stays intact. By default, if false, web-forwarding rewrites the host header - * with the value from HostHeader property or "localhost". If true, the host header - * will be whatever the tunnel's web-forwarding host is, e.g. - * tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence over - * this option on the tunnel level. - */ - @Expose - public boolean isHostHeaderUnchanged; - - /** - * Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this - * tunnel or port. By default, with this property null or empty, web-forwarding uses - * "http(s)://localhost" to rewrite the header. Web-fowarding will use this property - * instead if it is not null or empty. Port-level option, if set, takes precedence - * over this option on the tunnel level. The option is ignored if - * IsOriginHeaderUnchanged is true. - */ - @Expose - public String originHeader; - - /** - * Gets or sets a value indicating whether `Origin` header is rewritten or the header - * value stays intact. By default, if false, web-forwarding rewrites the origin header - * with the value from OriginHeader property or "http(s)://localhost". If true, the - * Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. - * https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence - * over this option on the tunnel level. - */ - @Expose - public boolean isOriginHeaderUnchanged; - - /** - * Gets or sets if inspection is enabled for the tunnel. - */ - @Expose - public boolean isInspectionEnabled; - - /** - * Gets or sets a value indicating whether web requests to a tunnel can use the tunnel - * web authentication cookie if they come from a different site. Specifically, this - * controls whether the tunnel web-forwarding authentication cookie is marked as - * SameSite=None. The default is false, which means the cookie is marked as - * SameSite=Lax. This only applies to tunnels that require authentication. - */ - @Expose - public boolean isCrossSiteAuthenticationEnabled; - - /** - * Gets or sets a value indicating whether the tunnel web-forwarding authentication - * cookie is set as Partitioned (CHIPS). The default is false. This only applies to - * tunnels that require authentication. - * - * A partitioned cookie always also has SameSite=None for compatbility with browsers - * that do not support partitioning. - */ - @Expose - public boolean isPartitionedSiteAuthenticationEnabled; - - /** - * Gets or sets a value indicating whether web requests to the tunnel or port can be - * directly authenticated with bearer token authentication by supplying an - * `Authorization` header with an Entra ID or GitHub token of a user with access to - * the tunnel. The default is false, which means only the tunnel web authentication - * cookie or `X-Tunnel-Authorization` header can be used for authenticating web - * requests to the tunnel. - * - * When this option is enabled, AND neither a tunnel web authentication cookie nor an - * `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will - * attempt to authenticate the request using the `Authorization` header with Entra ID - * or GitHub credentials. In that case the `Authorization` header will be stripped - * from the request before it is forwarded to the host application. Enabling this - * option may be desirable for API tunnels, where clients are likely to have better - * support for bearer token authentication using the `Authorization` header. However, - * interception of that header could block host applications which themselves - * implement bearer token authentication, which is why this option is disabled by - * default. This option does not apply to the tunnel management API, which always - * supports bearer token authentication using the `Authorization` header. - */ - @Expose - public boolean isBearerTokenAuthenticationEnabled; - - /** - * Gets or sets the timeout for HTTP requests to the tunnel or port. - * - * The default timeout is 100 seconds. Set this to 0 to disable the timeout. The - * timeout will reset when response headers are received or after successfully reading - * or writing any request, response, or streaming data like gRPC or WebSockets. TCP - * keep-alives and HTTP/2 protocol pings will not reset the timeout, but WebSocket - * pings will. When a request times out, the tunnel relay aborts the request and - * returns 504 Gateway Timeout. - */ - @Expose - public int requestTimeoutSeconds; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelOptions.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Data contract for {@link Tunnel} or {@link TunnelPort} options. + */ +public class TunnelOptions { + /** + * Gets or sets a value indicating whether web-forwarding of this tunnel can run on + * any cluster (region) without redirecting to the home cluster. This is only + * applicable if the tunnel has a name and web-forwarding uses it. + */ + @Expose + public boolean isGloballyAvailable; + + /** + * Gets or sets a value for `Host` header rewriting to use in web-forwarding of this + * tunnel or port. By default, with this property null or empty, web-forwarding uses + * "localhost" to rewrite the header. Web-fowarding will use this property instead if + * it is not null or empty. Port-level option, if set, takes precedence over this + * option on the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. + */ + @Expose + public String hostHeader; + + /** + * Gets or sets a value indicating whether `Host` header is rewritten or the header + * value stays intact. By default, if false, web-forwarding rewrites the host header + * with the value from HostHeader property or "localhost". If true, the host header + * will be whatever the tunnel's web-forwarding host is, e.g. + * tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence over + * this option on the tunnel level. + */ + @Expose + public boolean isHostHeaderUnchanged; + + /** + * Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this + * tunnel or port. By default, with this property null or empty, web-forwarding uses + * "http(s)://localhost" to rewrite the header. Web-fowarding will use this property + * instead if it is not null or empty. Port-level option, if set, takes precedence + * over this option on the tunnel level. The option is ignored if + * IsOriginHeaderUnchanged is true. + */ + @Expose + public String originHeader; + + /** + * Gets or sets a value indicating whether `Origin` header is rewritten or the header + * value stays intact. By default, if false, web-forwarding rewrites the origin header + * with the value from OriginHeader property or "http(s)://localhost". If true, the + * Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. + * https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence + * over this option on the tunnel level. + */ + @Expose + public boolean isOriginHeaderUnchanged; + + /** + * Gets or sets if inspection is enabled for the tunnel. + */ + @Expose + public boolean isInspectionEnabled; + + /** + * Gets or sets a value indicating whether web requests to a tunnel can use the tunnel + * web authentication cookie if they come from a different site. Specifically, this + * controls whether the tunnel web-forwarding authentication cookie is marked as + * SameSite=None. The default is false, which means the cookie is marked as + * SameSite=Lax. This only applies to tunnels that require authentication. + */ + @Expose + public boolean isCrossSiteAuthenticationEnabled; + + /** + * Gets or sets a value indicating whether the tunnel web-forwarding authentication + * cookie is set as Partitioned (CHIPS). The default is false. This only applies to + * tunnels that require authentication. + * + * A partitioned cookie always also has SameSite=None for compatbility with browsers + * that do not support partitioning. + */ + @Expose + public boolean isPartitionedSiteAuthenticationEnabled; + + /** + * Gets or sets a value indicating whether web requests to the tunnel or port can be + * directly authenticated with bearer token authentication by supplying an + * `Authorization` header with an Entra ID or GitHub token of a user with access to + * the tunnel. The default is false, which means only the tunnel web authentication + * cookie or `X-Tunnel-Authorization` header can be used for authenticating web + * requests to the tunnel. + * + * When this option is enabled, AND neither a tunnel web authentication cookie nor an + * `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will + * attempt to authenticate the request using the `Authorization` header with Entra ID + * or GitHub credentials. In that case the `Authorization` header will be stripped + * from the request before it is forwarded to the host application. Enabling this + * option may be desirable for API tunnels, where clients are likely to have better + * support for bearer token authentication using the `Authorization` header. However, + * interception of that header could block host applications which themselves + * implement bearer token authentication, which is why this option is disabled by + * default. This option does not apply to the tunnel management API, which always + * supports bearer token authentication using the `Authorization` header. + */ + @Expose + public boolean isBearerTokenAuthenticationEnabled; + + /** + * Gets or sets the timeout for HTTP requests to the tunnel or port. + * + * The default timeout is 100 seconds. Set this to 0 to disable the timeout. The + * timeout will reset when response headers are received or after successfully reading + * or writing any request, response, or streaming data like gRPC or WebSockets. TCP + * keep-alives and HTTP/2 protocol pings will not reset the timeout, but WebSocket + * pings will. When a request times out, the tunnel relay aborts the request and + * returns 504 Gateway Timeout. + */ + @Expose + public int requestTimeoutSeconds; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPort.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPort.java index 51f2a4e1..0c359ea5 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPort.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPort.java @@ -1,126 +1,126 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelPort.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Map; - -/** - * Data contract for tunnel port objects managed through the tunnel service REST API. - */ -public class TunnelPort { - /** - * Gets or sets the ID of the cluster the tunnel was created in. - */ - @Expose - public String clusterId; - - /** - * Gets or sets the generated ID of the tunnel, unique within the cluster. - */ - @Expose - public String tunnelId; - - /** - * Gets or sets the IP port number of the tunnel port. - */ - @Expose - public int portNumber; - - /** - * Gets or sets the optional short name of the port. - * - * The name must be unique among named ports of the same tunnel. - */ - @Expose - public String name; - - /** - * Gets or sets the optional description of the port. - */ - @Expose - public String description; - - /** - * Gets or sets the labels of the port. - */ - @Expose - public String[] labels; - - /** - * Gets or sets the protocol of the tunnel port. - * - * Should be one of the string constants from {@link TunnelProtocol}. - */ - @Expose - public String protocol; - - /** - * Gets or sets a value indicating whether this port is a default port for the tunnel. - * - * A client that connects to a tunnel (by ID or name) without specifying a port number - * will connect to the default port for the tunnel, if a default is configured. Or if - * the tunnel has only one port then the single port is the implicit default. - * - * Selection of a default port for a connection also depends on matching the - * connection to the port {@link TunnelPort#protocol}, so it is possible to configure - * separate defaults for distinct protocols like {@link TunnelProtocol#http} and - * {@link TunnelProtocol#ssh}. - */ - @Expose - public boolean isDefault; - - /** - * Gets or sets a dictionary mapping from scopes to tunnel access tokens. - * - * Unlike the tokens in {@link Tunnel#accessTokens}, these tokens are restricted to - * the individual port. - */ - @Expose - public Map accessTokens; - - /** - * Gets or sets access control settings for the tunnel port. - * - * See {@link TunnelAccessControl} documentation for details about the access control - * model. - */ - @Expose - public TunnelAccessControl accessControl; - - /** - * Gets or sets options for the tunnel port. - */ - @Expose - public TunnelOptions options; - - /** - * Gets or sets current connection status of the tunnel port. - */ - @Expose - public TunnelPortStatus status; - - /** - * Gets or sets the username for the ssh service user is trying to forward. - * - * Should be provided if the {@link TunnelProtocol} is Ssh. - */ - @Expose - public String sshUser; - - /** - * Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the - * port can be accessed with web forwarding. - */ - @Expose - public String[] portForwardingUris; - - /** - * Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic - * can be inspected. - */ - @Expose - public String inspectionUri; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelPort.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Map; + +/** + * Data contract for tunnel port objects managed through the tunnel service REST API. + */ +public class TunnelPort { + /** + * Gets or sets the ID of the cluster the tunnel was created in. + */ + @Expose + public String clusterId; + + /** + * Gets or sets the generated ID of the tunnel, unique within the cluster. + */ + @Expose + public String tunnelId; + + /** + * Gets or sets the IP port number of the tunnel port. + */ + @Expose + public int portNumber; + + /** + * Gets or sets the optional short name of the port. + * + * The name must be unique among named ports of the same tunnel. + */ + @Expose + public String name; + + /** + * Gets or sets the optional description of the port. + */ + @Expose + public String description; + + /** + * Gets or sets the labels of the port. + */ + @Expose + public String[] labels; + + /** + * Gets or sets the protocol of the tunnel port. + * + * Should be one of the string constants from {@link TunnelProtocol}. + */ + @Expose + public String protocol; + + /** + * Gets or sets a value indicating whether this port is a default port for the tunnel. + * + * A client that connects to a tunnel (by ID or name) without specifying a port number + * will connect to the default port for the tunnel, if a default is configured. Or if + * the tunnel has only one port then the single port is the implicit default. + * + * Selection of a default port for a connection also depends on matching the + * connection to the port {@link TunnelPort#protocol}, so it is possible to configure + * separate defaults for distinct protocols like {@link TunnelProtocol#http} and + * {@link TunnelProtocol#ssh}. + */ + @Expose + public boolean isDefault; + + /** + * Gets or sets a dictionary mapping from scopes to tunnel access tokens. + * + * Unlike the tokens in {@link Tunnel#accessTokens}, these tokens are restricted to + * the individual port. + */ + @Expose + public Map accessTokens; + + /** + * Gets or sets access control settings for the tunnel port. + * + * See {@link TunnelAccessControl} documentation for details about the access control + * model. + */ + @Expose + public TunnelAccessControl accessControl; + + /** + * Gets or sets options for the tunnel port. + */ + @Expose + public TunnelOptions options; + + /** + * Gets or sets current connection status of the tunnel port. + */ + @Expose + public TunnelPortStatus status; + + /** + * Gets or sets the username for the ssh service user is trying to forward. + * + * Should be provided if the {@link TunnelProtocol} is Ssh. + */ + @Expose + public String sshUser; + + /** + * Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the + * port can be accessed with web forwarding. + */ + @Expose + public String[] portForwardingUris; + + /** + * Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic + * can be inspected. + */ + @Expose + public String inspectionUri; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortListResponse.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortListResponse.java index d0a6ffb5..313ba0bc 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortListResponse.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortListResponse.java @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelPortListResponse.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Data contract for response of a list tunnel ports call. - */ -public class TunnelPortListResponse { - /** - * List of tunnels - */ - @Expose - public TunnelPort[] value; - - /** - * Link to get next page of results - */ - @Expose - public String nextLink; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelPortListResponse.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Data contract for response of a list tunnel ports call. + */ +public class TunnelPortListResponse { + /** + * List of tunnels + */ + @Expose + public TunnelPort[] value; + + /** + * Link to get next page of results + */ + @Expose + public String nextLink; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortStatus.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortStatus.java index da71384c..4758f50b 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortStatus.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelPortStatus.java @@ -1,53 +1,53 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelPortStatus.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Date; - -/** - * Data contract for {@link TunnelPort} status. - */ -public class TunnelPortStatus { - /** - * Gets or sets the current value and limit for the number of clients connected to the - * port. - * - * This client connection count does not include non-port-specific connections such as - * SDK and SSH clients. See {@link TunnelStatus#clientConnectionCount} for status of - * those connections. This count also does not include HTTP client connections, - * unless they are upgraded to websockets. HTTP connections are counted per-request - * rather than per-connection: see {@link TunnelPortStatus#httpRequestRate}. - */ - @Expose - public ResourceStatus clientConnectionCount; - - /** - * Gets or sets the UTC date time when a client was last connected to the port, or - * null if a client has never connected. - */ - @Expose - public Date lastClientConnectionTime; - - /** - * Gets or sets the current value and limit for the rate of client connections to the - * tunnel port. - * - * This client connection rate does not count non-port-specific connections such as - * SDK and SSH clients. See {@link TunnelStatus#clientConnectionRate} for those - * connection types. This also does not include HTTP connections, unless they are - * upgraded to websockets. HTTP connections are counted per-request rather than - * per-connection: see {@link TunnelPortStatus#httpRequestRate}. - */ - @Expose - public RateStatus clientConnectionRate; - - /** - * Gets or sets the current value and limit for the rate of HTTP requests to the - * tunnel port. - */ - @Expose - public RateStatus httpRequestRate; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelPortStatus.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Date; + +/** + * Data contract for {@link TunnelPort} status. + */ +public class TunnelPortStatus { + /** + * Gets or sets the current value and limit for the number of clients connected to the + * port. + * + * This client connection count does not include non-port-specific connections such as + * SDK and SSH clients. See {@link TunnelStatus#clientConnectionCount} for status of + * those connections. This count also does not include HTTP client connections, + * unless they are upgraded to websockets. HTTP connections are counted per-request + * rather than per-connection: see {@link TunnelPortStatus#httpRequestRate}. + */ + @Expose + public ResourceStatus clientConnectionCount; + + /** + * Gets or sets the UTC date time when a client was last connected to the port, or + * null if a client has never connected. + */ + @Expose + public Date lastClientConnectionTime; + + /** + * Gets or sets the current value and limit for the rate of client connections to the + * tunnel port. + * + * This client connection rate does not count non-port-specific connections such as + * SDK and SSH clients. See {@link TunnelStatus#clientConnectionRate} for those + * connection types. This also does not include HTTP connections, unless they are + * upgraded to websockets. HTTP connections are counted per-request rather than + * per-connection: see {@link TunnelPortStatus#httpRequestRate}. + */ + @Expose + public RateStatus clientConnectionRate; + + /** + * Gets or sets the current value and limit for the rate of HTTP requests to the + * tunnel port. + */ + @Expose + public RateStatus httpRequestRate; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProgress.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProgress.java index 46215795..0e2a7988 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProgress.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProgress.java @@ -1,72 +1,72 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.SerializedName; - -/** - * Specifies the tunnel progress events that are reported. - */ -public enum TunnelProgress { - /** - * Starting refresh ports. - */ - @SerializedName("StartingRefreshPorts") - StartingRefreshPorts, - - /** - * Completed refresh ports. - */ - @SerializedName("CompletedRefreshPorts") - CompletedRefreshPorts, - - /** - * Starting request uri for a tunnel service request. - */ - @SerializedName("StartingRequestUri") - StartingRequestUri, - - /** - * Starting request configuration for a tunnel service request. - */ - @SerializedName("StartingRequestConfig") - StartingRequestConfig, - - /** - * Starting to send tunnel service request. - */ - @SerializedName("StartingSendTunnelRequest") - StartingSendTunnelRequest, - - /** - * Completed sending a tunnel service request. - */ - @SerializedName("CompletedSendTunnelRequest") - CompletedSendTunnelRequest, - - /** - * Starting create tunnel port. - */ - @SerializedName("StartingCreateTunnelPort") - StartingCreateTunnelPort, - - /** - * Completed create tunnel port. - */ - @SerializedName("CompletedCreateTunnelPort") - CompletedCreateTunnelPort, - - /** - * Starting get tunnel port. - */ - @SerializedName("StartingGetTunnelPort") - StartingGetTunnelPort, - - /** - * Completed get tunnel port. - */ - @SerializedName("CompletedGetTunnelPort") - CompletedGetTunnelPort, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.SerializedName; + +/** + * Specifies the tunnel progress events that are reported. + */ +public enum TunnelProgress { + /** + * Starting refresh ports. + */ + @SerializedName("StartingRefreshPorts") + StartingRefreshPorts, + + /** + * Completed refresh ports. + */ + @SerializedName("CompletedRefreshPorts") + CompletedRefreshPorts, + + /** + * Starting request uri for a tunnel service request. + */ + @SerializedName("StartingRequestUri") + StartingRequestUri, + + /** + * Starting request configuration for a tunnel service request. + */ + @SerializedName("StartingRequestConfig") + StartingRequestConfig, + + /** + * Starting to send tunnel service request. + */ + @SerializedName("StartingSendTunnelRequest") + StartingSendTunnelRequest, + + /** + * Completed sending a tunnel service request. + */ + @SerializedName("CompletedSendTunnelRequest") + CompletedSendTunnelRequest, + + /** + * Starting create tunnel port. + */ + @SerializedName("StartingCreateTunnelPort") + StartingCreateTunnelPort, + + /** + * Completed create tunnel port. + */ + @SerializedName("CompletedCreateTunnelPort") + CompletedCreateTunnelPort, + + /** + * Starting get tunnel port. + */ + @SerializedName("StartingGetTunnelPort") + StartingGetTunnelPort, + + /** + * Completed get tunnel port. + */ + @SerializedName("CompletedGetTunnelPort") + CompletedGetTunnelPort, +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProtocol.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProtocol.java index 483e2f64..0d2746cc 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProtocol.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelProtocol.java @@ -1,45 +1,45 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelProtocol.cs - -package com.microsoft.tunnels.contracts; - -/** - * Defines possible values for the protocol of a {@link TunnelPort}. - */ -public class TunnelProtocol { - /** - * The protocol is automatically detected. (TODO: Define detection semantics.) - */ - public static final String auto = "auto"; - - /** - * Unknown TCP protocol. - */ - public static final String tcp = "tcp"; - - /** - * Unknown UDP protocol. - */ - public static final String udp = "udp"; - - /** - * SSH protocol. - */ - public static final String ssh = "ssh"; - - /** - * Remote desktop protocol. - */ - public static final String rdp = "rdp"; - - /** - * HTTP protocol. - */ - public static final String http = "http"; - - /** - * HTTPS protocol. - */ - public static final String https = "https"; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelProtocol.cs + +package com.microsoft.tunnels.contracts; + +/** + * Defines possible values for the protocol of a {@link TunnelPort}. + */ +public class TunnelProtocol { + /** + * The protocol is automatically detected. (TODO: Define detection semantics.) + */ + public static final String auto = "auto"; + + /** + * Unknown TCP protocol. + */ + public static final String tcp = "tcp"; + + /** + * Unknown UDP protocol. + */ + public static final String udp = "udp"; + + /** + * SSH protocol. + */ + public static final String ssh = "ssh"; + + /** + * Remote desktop protocol. + */ + public static final String rdp = "rdp"; + + /** + * HTTP protocol. + */ + public static final String http = "http"; + + /** + * HTTPS protocol. + */ + public static final String https = "https"; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelRelayTunnelEndpoint.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelRelayTunnelEndpoint.java index 72c26c4b..eb5b7dba 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelRelayTunnelEndpoint.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelRelayTunnelEndpoint.java @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelRelayTunnelEndpoint.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Parameters for connecting to a tunnel via the tunnel service's built-in relay function. - */ -public class TunnelRelayTunnelEndpoint extends TunnelEndpoint { - /** - * Gets or sets the host URI. - */ - @Expose - public String hostRelayUri; - - /** - * Gets or sets the client URI. - */ - @Expose - public String clientRelayUri; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelRelayTunnelEndpoint.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Parameters for connecting to a tunnel via the tunnel service's built-in relay function. + */ +public class TunnelRelayTunnelEndpoint extends TunnelEndpoint { + /** + * Gets or sets the host URI. + */ + @Expose + public String hostRelayUri; + + /** + * Gets or sets the client URI. + */ + @Expose + public String clientRelayUri; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelReportProgressEventArgs.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelReportProgressEventArgs.java index e9e6e0b5..1909167e 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelReportProgressEventArgs.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelReportProgressEventArgs.java @@ -1,31 +1,31 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Event args for the tunnel report progress event. - */ -public class TunnelReportProgressEventArgs { - TunnelReportProgressEventArgs (String progress, int sessionNumber) { - this.progress = progress; - this.sessionNumber = sessionNumber; - } - - /** - * Specifies the progress event that is being reported. See {@link TunnelProgress} and - * Ssh.Progress for a description of the different progress events that can be - * reported. - */ - @Expose - public final String progress; - - /** - * The session number associated with an SSH session progress event. - */ - @Expose - public final int sessionNumber; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Event args for the tunnel report progress event. + */ +public class TunnelReportProgressEventArgs { + TunnelReportProgressEventArgs (String progress, int sessionNumber) { + this.progress = progress; + this.sessionNumber = sessionNumber; + } + + /** + * Specifies the progress event that is being reported. See {@link TunnelProgress} and + * Ssh.Progress for a description of the different progress events that can be + * reported. + */ + @Expose + public final String progress; + + /** + * The session number associated with an SSH session progress event. + */ + @Expose + public final int sessionNumber; +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServiceProperties.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServiceProperties.java index 9eec5cda..d1b5d44e 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServiceProperties.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServiceProperties.java @@ -1,155 +1,184 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelServiceProperties.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; - -/** - * Provides environment-dependent properties about the service. - */ -public class TunnelServiceProperties { - TunnelServiceProperties (String serviceUri, String serviceAppId, String serviceInternalAppId, String gitHubAppClientId) { - this.serviceUri = serviceUri; - this.serviceAppId = serviceAppId; - this.serviceInternalAppId = serviceInternalAppId; - this.gitHubAppClientId = gitHubAppClientId; - } - - /** - * Global DNS name of the production tunnel service. - */ - static final String prodDnsName = "global.rel.tunnels.api.visualstudio.com"; - - /** - * Global DNS name of the pre-production tunnel service. - */ - static final String ppeDnsName = "global.rel.tunnels.ppe.api.visualstudio.com"; - - /** - * Global DNS name of the development tunnel service. - */ - static final String devDnsName = "global.ci.tunnels.dev.api.visualstudio.com"; - - /** - * First-party app ID: `Visual Studio Tunnel Service` - * - * Used for authenticating AAD/MSA users, and service principals outside the AME - * tenant, in the PROD service environment. - */ - static final String prodFirstPartyAppId = "46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2"; - - /** - * First-party app ID: `Visual Studio Tunnel Service - Test` - * - * Used for authenticating AAD/MSA users, and service principals outside the AME - * tenant, in the PPE service environments. - */ - static final String ppeFirstPartyAppId = "54c45752-bacd-424a-b928-652f3eca2b18"; - - /** - * Third-party app ID: `DEV-VSTunnelService-3P` - * - * Used for authenticating AAD/MSA users, and service principals outside the AME - * tenant, in the DEV service environment. This is a 3P app registration in the - * Microsoft corp tenant, replacing the former 1P FPA. - */ - static final String devFirstPartyAppId = "906ce216-6f2e-40be-875d-7fe1a9bc288a"; - - /** - * Third-party app ID: `tunnels-prod-app-sp` - * - * Used for authenticating internal AAD service principals in the AME tenant, in the - * PROD service environment. - */ - static final String prodThirdPartyAppId = "ce65d243-a913-4cae-a7dd-cb52e9f77647"; - - /** - * Third-party app ID: `tunnels-ppe-app-sp` - * - * Used for authenticating internal AAD service principals in the AME tenant, in the - * PPE service environment. - */ - static final String ppeThirdPartyAppId = "544167a6-f431-4518-aac6-2fd50071928e"; - - /** - * Third-party app ID: `tunnels-dev-app-sp` - * - * Used for authenticating internal AAD service principals in the corp tenant (not - * AME!), in the DEV service environment. - */ - static final String devThirdPartyAppId = "a118c979-0249-44bb-8f95-eb0457127aeb"; - - /** - * GitHub App Client ID for 'Visual Studio Tunnel Service' - * - * Used by client apps that authenticate tunnel users with GitHub, in the PROD service - * environment. - */ - static final String prodGitHubAppClientId = "Iv1.e7b89e013f801f03"; - - /** - * GitHub App Client ID for 'Visual Studio Tunnel Service - Test' - * - * Used by client apps that authenticate tunnel users with GitHub, in the PPE and DEV - * service environments. - */ - static final String nonProdGitHubAppClientId = "Iv1.b231c327f1eaa229"; - - /** - * Gets production service properties. - */ - public static final TunnelServiceProperties production = TunnelServicePropertiesStatics.production; - - /** - * Gets properties for the service in the staging environment (PPE). - */ - public static final TunnelServiceProperties staging = TunnelServicePropertiesStatics.staging; - - /** - * Gets properties for the service in the development environment. - */ - public static final TunnelServiceProperties development = TunnelServicePropertiesStatics.development; - - /** - * Gets the base URI of the service. - */ - @Expose - public final String serviceUri; - - /** - * Gets the public AAD AppId for the service. - * - * Clients specify this AppId as the audience property when authenticating to the - * service. - */ - @Expose - public final String serviceAppId; - - /** - * Gets the internal AAD AppId for the service. - * - * Other internal services specify this AppId as the audience property when - * authenticating to the tunnel service. Production services must be in the AME tenant - * to use this appid. - */ - @Expose - public final String serviceInternalAppId; - - /** - * Gets the client ID for the service's GitHub app. - * - * Clients apps that authenticate tunnel users with GitHub specify this as the client - * ID when requesting a user token. - */ - @Expose - public final String gitHubAppClientId; - - /** - * Gets properties for the service in the specified environment. - */ - public static TunnelServiceProperties environment(String environmentName) { - return TunnelServicePropertiesStatics.environment(environmentName); - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelServiceProperties.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; + +/** + * Provides environment-dependent properties about the service. + */ +public class TunnelServiceProperties { + TunnelServiceProperties (String serviceUri, String serviceAppId, String serviceInternalAppId, String gitHubAppClientId) { + this.serviceUri = serviceUri; + this.serviceAppId = serviceAppId; + this.serviceInternalAppId = serviceInternalAppId; + this.gitHubAppClientId = gitHubAppClientId; + } + + /** + * Global DNS name of the production tunnel service. + */ + static final String prodDnsName = "global.rel.tunnels.api.visualstudio.com"; + + /** + * Global DNS name of the pre-production tunnel service. + */ + static final String ppeDnsName = "global.rel.tunnels.ppe.api.visualstudio.com"; + + /** + * Global DNS name of the development tunnel service. + */ + static final String devDnsName = "global.ci.tunnels.dev.api.visualstudio.com"; + + /** + * Default host name for the local tunnel service. + */ + static final String localDnsName = "tunnels.local.api.visualstudio.com:9901"; + + /** + * First-party app ID: `Visual Studio Tunnel Service` + * + * Used for authenticating AAD/MSA users, and service principals outside the AME + * tenant, in the PROD service environment. + */ + static final String prodFirstPartyAppId = "46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2"; + + /** + * First-party app ID: `Visual Studio Tunnel Service - Test` + * + * Used for authenticating AAD/MSA users, and service principals outside the AME + * tenant, in the PPE service environments. + */ + static final String ppeFirstPartyAppId = "54c45752-bacd-424a-b928-652f3eca2b18"; + + /** + * Third-party app ID: `DEV-VSTunnelService-3P` + * + * Used for authenticating AAD/MSA users, and service principals outside the AME + * tenant, in the DEV service environment. This is a 3P app registration in the + * Microsoft corp tenant, replacing the former 1P FPA. + */ + static final String devFirstPartyAppId = "906ce216-6f2e-40be-875d-7fe1a9bc288a"; + + /** + * Third-party app ID: `tunnels-prod-app-sp` + * + * Used for authenticating internal AAD service principals in the AME tenant, in the + * PROD service environment. + */ + static final String prodThirdPartyAppId = "ce65d243-a913-4cae-a7dd-cb52e9f77647"; + + /** + * Third-party app ID: `tunnels-ppe-app-sp` + * + * Used for authenticating internal AAD service principals in the AME tenant, in the + * PPE service environment. + */ + static final String ppeThirdPartyAppId = "544167a6-f431-4518-aac6-2fd50071928e"; + + /** + * Third-party app ID: `tunnels-dev-app-sp` + * + * Used for authenticating internal AAD service principals in the corp tenant (not + * AME!), in the DEV service environment. + */ + static final String devThirdPartyAppId = "a118c979-0249-44bb-8f95-eb0457127aeb"; + + /** + * GitHub App Client ID for 'Visual Studio Tunnel Service' + * + * Used by client apps that authenticate tunnel users with GitHub, in the PROD service + * environment. + */ + static final String prodGitHubAppClientId = "Iv1.e7b89e013f801f03"; + + /** + * GitHub App Client ID for 'Visual Studio Tunnel Service - Test' + * + * Used by client apps that authenticate tunnel users with GitHub, in the PPE service + * environment. + */ + static final String ppeGitHubAppClientId = "Iv1.b231c327f1eaa229"; + + /** + * GitHub App Client ID for 'Dev Tunnels Service - Dev' + * + * Used by client apps that authenticate tunnel users with GitHub, in the DEV service + * environment. + */ + static final String devGitHubAppClientId = "Iv23ctTiak9wLCiTcEbr"; + + /** + * GitHub App Client ID for 'Dev Tunnels Service - Local' + * + * Used by client apps that authenticate tunnel users with GitHub, when running the + * service locally. + */ + static final String localGitHubAppClientId = "Iv23cttBYzKThF88PiPR"; + + /** + * Gets production service properties. + */ + public static final TunnelServiceProperties production = TunnelServicePropertiesStatics.production; + + /** + * Gets properties for the service in the staging environment (PPE). + */ + public static final TunnelServiceProperties staging = TunnelServicePropertiesStatics.staging; + + /** + * Gets properties for the service in the development environment. + */ + public static final TunnelServiceProperties development = TunnelServicePropertiesStatics.development; + + /** + * Gets properties for the service when running locally. + * + * Uses the same service app IDs as the development environment, but a different + * GitHub app with localhost callback URLs. + */ + public static final TunnelServiceProperties local = TunnelServicePropertiesStatics.local; + + /** + * Gets the base URI of the service. + */ + @Expose + public final String serviceUri; + + /** + * Gets the public AAD AppId for the service. + * + * Clients specify this AppId as the audience property when authenticating to the + * service. + */ + @Expose + public final String serviceAppId; + + /** + * Gets the internal AAD AppId for the service. + * + * Other internal services specify this AppId as the audience property when + * authenticating to the tunnel service. Production services must be in the AME tenant + * to use this appid. + */ + @Expose + public final String serviceInternalAppId; + + /** + * Gets the client ID for the service's GitHub app. + * + * Clients apps that authenticate tunnel users with GitHub specify this as the client + * ID when requesting a user token. + */ + @Expose + public final String gitHubAppClientId; + + /** + * Gets properties for the service in the specified environment. + */ + public static TunnelServiceProperties environment(String environmentName) { + return TunnelServicePropertiesStatics.environment(environmentName); + } +} diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServicePropertiesStatics.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServicePropertiesStatics.java index 1ce3c514..8ecf8ad7 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServicePropertiesStatics.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelServicePropertiesStatics.java @@ -24,7 +24,7 @@ class TunnelServicePropertiesStatics { "https://" + TunnelServiceProperties.ppeDnsName + "/", TunnelServiceProperties.ppeFirstPartyAppId, TunnelServiceProperties.ppeThirdPartyAppId, - TunnelServiceProperties.nonProdGitHubAppClientId); + TunnelServiceProperties.ppeGitHubAppClientId); /** * Gets properties for the service in the development environment. @@ -33,7 +33,16 @@ class TunnelServicePropertiesStatics { "https://" + TunnelServiceProperties.devDnsName + "/", TunnelServiceProperties.devFirstPartyAppId, TunnelServiceProperties.devThirdPartyAppId, - TunnelServiceProperties.nonProdGitHubAppClientId); + TunnelServiceProperties.devGitHubAppClientId); + + /** + * Gets properties for the service when running locally. + */ + static final TunnelServiceProperties local = new TunnelServiceProperties( + "https://" + TunnelServiceProperties.localDnsName + "/", + TunnelServiceProperties.devFirstPartyAppId, + TunnelServiceProperties.devThirdPartyAppId, + TunnelServiceProperties.localGitHubAppClientId); public static TunnelServiceProperties environment(String environmentName) { if (StringUtils.isBlank(environmentName)) { @@ -51,6 +60,8 @@ public static TunnelServiceProperties environment(String environmentName) { case "dev": case "development": return TunnelServiceProperties.development; + case "local": + return TunnelServiceProperties.local; default: throw new IllegalArgumentException("Invalid service environment: " + environmentName); } diff --git a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelStatus.java b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelStatus.java index bb96796b..2bf2c9d4 100644 --- a/java/src/main/java/com/microsoft/tunnels/contracts/TunnelStatus.java +++ b/java/src/main/java/com/microsoft/tunnels/contracts/TunnelStatus.java @@ -1,130 +1,130 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../../../../../../cs/src/Contracts/TunnelStatus.cs - -package com.microsoft.tunnels.contracts; - -import com.google.gson.annotations.Expose; -import java.util.Date; - -/** - * Data contract for {@link Tunnel} status. - */ -public class TunnelStatus { - /** - * Gets or sets the current value and limit for the number of ports on the tunnel. - */ - @Expose - public ResourceStatus portCount; - - /** - * Gets or sets the current value and limit for the number of hosts currently - * accepting connections to the tunnel. - * - * This is typically 0 or 1, but may be more than 1 if the tunnel options allow - * multiple hosts. - */ - @Expose - public ResourceStatus hostConnectionCount; - - /** - * Gets or sets the UTC time when a host was last accepting connections to the tunnel, - * or null if a host has never connected. - */ - @Expose - public Date lastHostConnectionTime; - - /** - * Gets or sets the current value and limit for the number of clients connected to the - * tunnel. - * - * This counts non-port-specific client connections, which is SDK and SSH clients. See - * {@link TunnelPortStatus} for status of per-port client connections. - */ - @Expose - public ResourceStatus clientConnectionCount; - - /** - * Gets or sets the UTC time when a client last connected to the tunnel, or null if a - * client has never connected. - * - * This reports times for non-port-specific client connections, which is SDK client - * and SSH clients. See {@link TunnelPortStatus} for per-port client connections. - */ - @Expose - public Date lastClientConnectionTime; - - /** - * Gets or sets the current value and limit for the rate of client connections to the - * tunnel. - * - * This counts non-port-specific client connections, which is SDK client and SSH - * clients. See {@link TunnelPortStatus} for status of per-port client connections. - */ - @Expose - public RateStatus clientConnectionRate; - - /** - * Gets or sets the current value and limit for the rate of bytes being received by - * the tunnel host and uploaded by tunnel clients. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this rate. The reported rate may differ slightly from the rate - * measurable by applications, due to protocol overhead. Data rate status reporting is - * delayed by a few seconds, so this value is a snapshot of the data transfer rate - * from a few seconds earlier. - */ - @Expose - public RateStatus uploadRate; - - /** - * Gets or sets the current value and limit for the rate of bytes being sent by the - * tunnel host and downloaded by tunnel clients. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this rate. The reported rate may differ slightly from the rate - * measurable by applications, due to protocol overhead. Data rate status reporting is - * delayed by a few seconds, so this value is a snapshot of the data transfer rate - * from a few seconds earlier. - */ - @Expose - public RateStatus downloadRate; - - /** - * Gets or sets the total number of bytes received by the tunnel host and uploaded by - * tunnel clients, over the lifetime of the tunnel. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this total. The reported value may differ slightly from the value - * measurable by applications, due to protocol overhead. Data transfer status - * reporting is delayed by a few seconds. - */ - @Expose - public long uploadTotal; - - /** - * Gets or sets the total number of bytes sent by the tunnel host and downloaded by - * tunnel clients, over the lifetime of the tunnel. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this total. The reported value may differ slightly from the value - * measurable by applications, due to protocol overhead. Data transfer status - * reporting is delayed by a few seconds. - */ - @Expose - public long downloadTotal; - - /** - * Gets or sets the current value and limit for the rate of management API read - * operations for the tunnel or tunnel ports. - */ - @Expose - public RateStatus apiReadRate; - - /** - * Gets or sets the current value and limit for the rate of management API update - * operations for the tunnel or tunnel ports. - */ - @Expose - public RateStatus apiUpdateRate; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../../../../../../cs/src/Contracts/TunnelStatus.cs + +package com.microsoft.tunnels.contracts; + +import com.google.gson.annotations.Expose; +import java.util.Date; + +/** + * Data contract for {@link Tunnel} status. + */ +public class TunnelStatus { + /** + * Gets or sets the current value and limit for the number of ports on the tunnel. + */ + @Expose + public ResourceStatus portCount; + + /** + * Gets or sets the current value and limit for the number of hosts currently + * accepting connections to the tunnel. + * + * This is typically 0 or 1, but may be more than 1 if the tunnel options allow + * multiple hosts. + */ + @Expose + public ResourceStatus hostConnectionCount; + + /** + * Gets or sets the UTC time when a host was last accepting connections to the tunnel, + * or null if a host has never connected. + */ + @Expose + public Date lastHostConnectionTime; + + /** + * Gets or sets the current value and limit for the number of clients connected to the + * tunnel. + * + * This counts non-port-specific client connections, which is SDK and SSH clients. See + * {@link TunnelPortStatus} for status of per-port client connections. + */ + @Expose + public ResourceStatus clientConnectionCount; + + /** + * Gets or sets the UTC time when a client last connected to the tunnel, or null if a + * client has never connected. + * + * This reports times for non-port-specific client connections, which is SDK client + * and SSH clients. See {@link TunnelPortStatus} for per-port client connections. + */ + @Expose + public Date lastClientConnectionTime; + + /** + * Gets or sets the current value and limit for the rate of client connections to the + * tunnel. + * + * This counts non-port-specific client connections, which is SDK client and SSH + * clients. See {@link TunnelPortStatus} for status of per-port client connections. + */ + @Expose + public RateStatus clientConnectionRate; + + /** + * Gets or sets the current value and limit for the rate of bytes being received by + * the tunnel host and uploaded by tunnel clients. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this rate. The reported rate may differ slightly from the rate + * measurable by applications, due to protocol overhead. Data rate status reporting is + * delayed by a few seconds, so this value is a snapshot of the data transfer rate + * from a few seconds earlier. + */ + @Expose + public RateStatus uploadRate; + + /** + * Gets or sets the current value and limit for the rate of bytes being sent by the + * tunnel host and downloaded by tunnel clients. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this rate. The reported rate may differ slightly from the rate + * measurable by applications, due to protocol overhead. Data rate status reporting is + * delayed by a few seconds, so this value is a snapshot of the data transfer rate + * from a few seconds earlier. + */ + @Expose + public RateStatus downloadRate; + + /** + * Gets or sets the total number of bytes received by the tunnel host and uploaded by + * tunnel clients, over the lifetime of the tunnel. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this total. The reported value may differ slightly from the value + * measurable by applications, due to protocol overhead. Data transfer status + * reporting is delayed by a few seconds. + */ + @Expose + public long uploadTotal; + + /** + * Gets or sets the total number of bytes sent by the tunnel host and downloaded by + * tunnel clients, over the lifetime of the tunnel. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this total. The reported value may differ slightly from the value + * measurable by applications, due to protocol overhead. Data transfer status + * reporting is delayed by a few seconds. + */ + @Expose + public long downloadTotal; + + /** + * Gets or sets the current value and limit for the rate of management API read + * operations for the tunnel or tunnel ports. + */ + @Expose + public RateStatus apiReadRate; + + /** + * Gets or sets the current value and limit for the rate of management API update + * operations for the tunnel or tunnel ports. + */ + @Expose + public RateStatus apiUpdateRate; +} diff --git a/rs/src/contracts/cluster_details.rs b/rs/src/contracts/cluster_details.rs index 08da167a..7a9eb372 100644 --- a/rs/src/contracts/cluster_details.rs +++ b/rs/src/contracts/cluster_details.rs @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ClusterDetails.cs - -use serde::{Deserialize, Serialize}; - -// Details of a tunneling service cluster. Each cluster represents an instance of the -// tunneling service running in a particular Azure region. New tunnels are created in the -// current region unless otherwise specified. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct ClusterDetails { - // A cluster identifier based on its region. - pub cluster_id: String, - - // The URI of the service cluster. - pub uri: String, - - // The Azure location of the cluster. - pub azure_location: String, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ClusterDetails.cs + +use serde::{Deserialize, Serialize}; + +// Details of a tunneling service cluster. Each cluster represents an instance of the +// tunneling service running in a particular Azure region. New tunnels are created in the +// current region unless otherwise specified. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct ClusterDetails { + // A cluster identifier based on its region. + pub cluster_id: String, + + // The URI of the service cluster. + pub uri: String, + + // The Azure location of the cluster. + pub azure_location: String, +} diff --git a/rs/src/contracts/error_codes.rs b/rs/src/contracts/error_codes.rs index cdadc47f..50528725 100644 --- a/rs/src/contracts/error_codes.rs +++ b/rs/src/contracts/error_codes.rs @@ -1,14 +1,14 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ErrorCodes.cs - -// Error codes for ErrorDetail.Code and `x-ms-error-code` header. - -// Operation timed out. -pub const ERROR_CODES_TIMEOUT: &str = r#"Timeout"#; - -// Operation cannot be performed because the service is not available. -pub const ERROR_CODES_SERVICE_UNAVAILABLE: &str = r#"ServiceUnavailable"#; - -// Internal error. -pub const ERROR_CODES_INTERNAL_ERROR: &str = r#"InternalError"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ErrorCodes.cs + +// Error codes for ErrorDetail.Code and `x-ms-error-code` header. + +// Operation timed out. +pub const ERROR_CODES_TIMEOUT: &str = r#"Timeout"#; + +// Operation cannot be performed because the service is not available. +pub const ERROR_CODES_SERVICE_UNAVAILABLE: &str = r#"ServiceUnavailable"#; + +// Internal error. +pub const ERROR_CODES_INTERNAL_ERROR: &str = r#"InternalError"#; diff --git a/rs/src/contracts/error_detail.rs b/rs/src/contracts/error_detail.rs index 23853d16..a5cce3dd 100644 --- a/rs/src/contracts/error_detail.rs +++ b/rs/src/contracts/error_detail.rs @@ -1,29 +1,29 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ErrorDetail.cs - -use crate::contracts::InnerErrorDetail; -use serde::{Deserialize, Serialize}; - -// The top-level error object whose code matches the x-ms-error-code response header -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct ErrorDetail { - // One of a server-defined set of error codes defined in `ErrorCodes`. - pub code: String, - - // A human-readable representation of the error. - pub message: String, - - // The target of the error. - pub target: Option, - - // An array of details about specific errors that led to this reported error. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub details: Vec, - - // An object containing more specific information than the current object about the - // error. - #[serde(rename = "innererror")] - pub inner_error: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ErrorDetail.cs + +use crate::contracts::InnerErrorDetail; +use serde::{Deserialize, Serialize}; + +// The top-level error object whose code matches the x-ms-error-code response header +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct ErrorDetail { + // One of a server-defined set of error codes defined in `ErrorCodes`. + pub code: String, + + // A human-readable representation of the error. + pub message: String, + + // The target of the error. + pub target: Option, + + // An array of details about specific errors that led to this reported error. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub details: Vec, + + // An object containing more specific information than the current object about the + // error. + #[serde(rename = "innererror")] + pub inner_error: Option, +} diff --git a/rs/src/contracts/inner_error_detail.rs b/rs/src/contracts/inner_error_detail.rs index eb445a27..b48edebc 100644 --- a/rs/src/contracts/inner_error_detail.rs +++ b/rs/src/contracts/inner_error_detail.rs @@ -1,19 +1,19 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/InnerErrorDetail.cs - -use serde::{Deserialize, Serialize}; - -// An object containing more specific information than the current object about the error. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct InnerErrorDetail { - // A more specific error code than was provided by the containing error. One of a - // server-defined set of error codes in `ErrorCodes`. - pub code: String, - - // An object containing more specific information than the current object about the - // error. - #[serde(rename = "innererror")] - pub inner_error: Option>, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/InnerErrorDetail.cs + +use serde::{Deserialize, Serialize}; + +// An object containing more specific information than the current object about the error. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct InnerErrorDetail { + // A more specific error code than was provided by the containing error. One of a + // server-defined set of error codes in `ErrorCodes`. + pub code: String, + + // An object containing more specific information than the current object about the + // error. + #[serde(rename = "innererror")] + pub inner_error: Option>, +} diff --git a/rs/src/contracts/local_network_tunnel_endpoint.rs b/rs/src/contracts/local_network_tunnel_endpoint.rs index 976ed83d..bd24219a 100644 --- a/rs/src/contracts/local_network_tunnel_endpoint.rs +++ b/rs/src/contracts/local_network_tunnel_endpoint.rs @@ -1,27 +1,27 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/LocalNetworkTunnelEndpoint.cs - -use crate::contracts::TunnelEndpoint; -use serde::{Deserialize, Serialize}; - -// Parameters for connecting to a tunnel via a local network connection. -// -// While a direct connection is technically not "tunneling", tunnel hosts may accept -// connections via the local network as an optional more-efficient alternative to a relay. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct LocalNetworkTunnelEndpoint { - #[serde(flatten)] - pub base: TunnelEndpoint, - - // Gets or sets a list of IP endpoints where the host may accept connections. - // - // A host may accept connections on multiple IP endpoints simultaneously if there are - // multiple network interfaces on the host system and/or if the host supports both - // IPv4 and IPv6. Each item in the list is a URI consisting of a scheme (which gives - // an indication of the network connection protocol), an IP address (IPv4 or IPv6) and - // a port number. The URIs do not typically include any paths, because the connection - // is not normally HTTP-based. - pub host_endpoints: Vec, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/LocalNetworkTunnelEndpoint.cs + +use crate::contracts::TunnelEndpoint; +use serde::{Deserialize, Serialize}; + +// Parameters for connecting to a tunnel via a local network connection. +// +// While a direct connection is technically not "tunneling", tunnel hosts may accept +// connections via the local network as an optional more-efficient alternative to a relay. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct LocalNetworkTunnelEndpoint { + #[serde(flatten)] + pub base: TunnelEndpoint, + + // Gets or sets a list of IP endpoints where the host may accept connections. + // + // A host may accept connections on multiple IP endpoints simultaneously if there are + // multiple network interfaces on the host system and/or if the host supports both + // IPv4 and IPv6. Each item in the list is a URI consisting of a scheme (which gives + // an indication of the network connection protocol), an IP address (IPv4 or IPv6) and + // a port number. The URIs do not typically include any paths, because the connection + // is not normally HTTP-based. + pub host_endpoints: Vec, +} diff --git a/rs/src/contracts/mod.rs b/rs/src/contracts/mod.rs index ac7b445c..87752404 100644 --- a/rs/src/contracts/mod.rs +++ b/rs/src/contracts/mod.rs @@ -1,75 +1,75 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from RustContractWriter.cs - -mod cluster_details; -mod error_codes; -mod error_detail; -mod inner_error_detail; -mod local_network_tunnel_endpoint; -mod named_rate_status; -mod problem_details; -mod rate_status; -mod resource_status; -mod service_version_details; -mod tunnel; -mod tunnel_access_control; -mod tunnel_access_control_entry; -mod tunnel_access_control_entry_type; -mod tunnel_access_scopes; -mod tunnel_access_subject; -mod tunnel_authentication_schemes; -mod tunnel_connection_mode; -mod tunnel_constraints; -mod tunnel_endpoint; -mod tunnel_environments; -mod tunnel_event; -mod tunnel_header_names; -mod tunnel_list_by_region; -mod tunnel_list_by_region_response; -mod tunnel_options; -mod tunnel_port; -mod tunnel_port_list_response; -mod tunnel_port_status; -mod tunnel_progress; -mod tunnel_protocol; -mod tunnel_relay_tunnel_endpoint; -mod tunnel_report_progress_event_args; -mod tunnel_service_properties; -mod tunnel_status; - -pub use cluster_details::*; -pub use error_codes::*; -pub use error_detail::*; -pub use inner_error_detail::*; -pub use local_network_tunnel_endpoint::*; -pub use named_rate_status::*; -pub use problem_details::*; -pub use rate_status::*; -pub use resource_status::*; -pub use service_version_details::*; -pub use tunnel::*; -pub use tunnel_access_control::*; -pub use tunnel_access_control_entry::*; -pub use tunnel_access_control_entry_type::*; -pub use tunnel_access_scopes::*; -pub use tunnel_access_subject::*; -pub use tunnel_authentication_schemes::*; -pub use tunnel_connection_mode::*; -pub use tunnel_constraints::*; -pub use tunnel_endpoint::*; -pub use tunnel_environments::*; -pub use tunnel_event::*; -pub use tunnel_header_names::*; -pub use tunnel_list_by_region::*; -pub use tunnel_list_by_region_response::*; -pub use tunnel_options::*; -pub use tunnel_port::*; -pub use tunnel_port_list_response::*; -pub use tunnel_port_status::*; -pub use tunnel_progress::*; -pub use tunnel_protocol::*; -pub use tunnel_relay_tunnel_endpoint::*; -pub use tunnel_report_progress_event_args::*; -pub use tunnel_service_properties::*; -pub use tunnel_status::*; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from RustContractWriter.cs + +mod cluster_details; +mod error_codes; +mod error_detail; +mod inner_error_detail; +mod local_network_tunnel_endpoint; +mod named_rate_status; +mod problem_details; +mod rate_status; +mod resource_status; +mod service_version_details; +mod tunnel; +mod tunnel_access_control; +mod tunnel_access_control_entry; +mod tunnel_access_control_entry_type; +mod tunnel_access_scopes; +mod tunnel_access_subject; +mod tunnel_authentication_schemes; +mod tunnel_connection_mode; +mod tunnel_constraints; +mod tunnel_endpoint; +mod tunnel_environments; +mod tunnel_event; +mod tunnel_header_names; +mod tunnel_list_by_region; +mod tunnel_list_by_region_response; +mod tunnel_options; +mod tunnel_port; +mod tunnel_port_list_response; +mod tunnel_port_status; +mod tunnel_progress; +mod tunnel_protocol; +mod tunnel_relay_tunnel_endpoint; +mod tunnel_report_progress_event_args; +mod tunnel_service_properties; +mod tunnel_status; + +pub use cluster_details::*; +pub use error_codes::*; +pub use error_detail::*; +pub use inner_error_detail::*; +pub use local_network_tunnel_endpoint::*; +pub use named_rate_status::*; +pub use problem_details::*; +pub use rate_status::*; +pub use resource_status::*; +pub use service_version_details::*; +pub use tunnel::*; +pub use tunnel_access_control::*; +pub use tunnel_access_control_entry::*; +pub use tunnel_access_control_entry_type::*; +pub use tunnel_access_scopes::*; +pub use tunnel_access_subject::*; +pub use tunnel_authentication_schemes::*; +pub use tunnel_connection_mode::*; +pub use tunnel_constraints::*; +pub use tunnel_endpoint::*; +pub use tunnel_environments::*; +pub use tunnel_event::*; +pub use tunnel_header_names::*; +pub use tunnel_list_by_region::*; +pub use tunnel_list_by_region_response::*; +pub use tunnel_options::*; +pub use tunnel_port::*; +pub use tunnel_port_list_response::*; +pub use tunnel_port_status::*; +pub use tunnel_progress::*; +pub use tunnel_protocol::*; +pub use tunnel_relay_tunnel_endpoint::*; +pub use tunnel_report_progress_event_args::*; +pub use tunnel_service_properties::*; +pub use tunnel_status::*; diff --git a/rs/src/contracts/named_rate_status.rs b/rs/src/contracts/named_rate_status.rs index 0986ef3c..7157cfe7 100644 --- a/rs/src/contracts/named_rate_status.rs +++ b/rs/src/contracts/named_rate_status.rs @@ -1,17 +1,17 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/NamedRateStatus.cs - -use crate::contracts::RateStatus; -use serde::{Deserialize, Serialize}; - -// A named `RateStatus`. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct NamedRateStatus { - #[serde(flatten)] - pub base: RateStatus, - - // The name of the rate status. - pub name: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/NamedRateStatus.cs + +use crate::contracts::RateStatus; +use serde::{Deserialize, Serialize}; + +// A named `RateStatus`. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct NamedRateStatus { + #[serde(flatten)] + pub base: RateStatus, + + // The name of the rate status. + pub name: Option, +} diff --git a/rs/src/contracts/problem_details.rs b/rs/src/contracts/problem_details.rs index ccff3bc1..2d2a26bd 100644 --- a/rs/src/contracts/problem_details.rs +++ b/rs/src/contracts/problem_details.rs @@ -1,25 +1,25 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ProblemDetails.cs - -use serde::{Deserialize, Serialize}; -use std::collections::HashMap; - -// Structure of error details returned by the tunnel service, including validation errors. -// -// This object may be returned with a response status code of 400 (or other 4xx code). It -// is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and -// https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but -// doesn't require adding a dependency on that package. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct ProblemDetails { - // Gets or sets the error title. - pub title: Option, - - // Gets or sets the error detail. - pub detail: Option, - - // Gets or sets additional details about individual request properties. - pub errors: Option>>, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ProblemDetails.cs + +use serde::{Deserialize, Serialize}; +use std::collections::HashMap; + +// Structure of error details returned by the tunnel service, including validation errors. +// +// This object may be returned with a response status code of 400 (or other 4xx code). It +// is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and +// https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but +// doesn't require adding a dependency on that package. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct ProblemDetails { + // Gets or sets the error title. + pub title: Option, + + // Gets or sets the error detail. + pub detail: Option, + + // Gets or sets additional details about individual request properties. + pub errors: Option>>, +} diff --git a/rs/src/contracts/rate_status.rs b/rs/src/contracts/rate_status.rs index 7bc9a397..df6543e9 100644 --- a/rs/src/contracts/rate_status.rs +++ b/rs/src/contracts/rate_status.rs @@ -1,25 +1,25 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/RateStatus.cs - -use crate::contracts::ResourceStatus; -use serde::{Deserialize, Serialize}; - -// Current value and limit information for a rate-limited operation related to a tunnel or -// port. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct RateStatus { - #[serde(flatten)] - pub base: ResourceStatus, - - // Gets or sets the length of each period, in seconds, over which the rate is - // measured. - // - // For rates that are limited by month (or billing period), this value may represent - // an estimate, since the actual duration may vary by the calendar. - pub period_seconds: Option, - - // Gets or sets the unix time in seconds when this status will be reset. - pub reset_time: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/RateStatus.cs + +use crate::contracts::ResourceStatus; +use serde::{Deserialize, Serialize}; + +// Current value and limit information for a rate-limited operation related to a tunnel or +// port. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct RateStatus { + #[serde(flatten)] + pub base: ResourceStatus, + + // Gets or sets the length of each period, in seconds, over which the rate is + // measured. + // + // For rates that are limited by month (or billing period), this value may represent + // an estimate, since the actual duration may vary by the calendar. + pub period_seconds: Option, + + // Gets or sets the unix time in seconds when this status will be reset. + pub reset_time: Option, +} diff --git a/rs/src/contracts/resource_status.rs b/rs/src/contracts/resource_status.rs index 9f01a395..d8780cc3 100644 --- a/rs/src/contracts/resource_status.rs +++ b/rs/src/contracts/resource_status.rs @@ -1,38 +1,38 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ResourceStatus.cs - -use serde::{Deserialize, Serialize}; - -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(untagged)] -pub enum ResourceStatus { - Detailed(DetailedResourceStatus), - Count(u32), -} -impl ResourceStatus { - pub fn get_count(&self) -> u64 { - match self { - ResourceStatus::Detailed(d) => d.current, - ResourceStatus::Count(c) => (*c).into(), - } - } -} -// Current value and limit for a limited resource related to a tunnel or tunnel port. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct DetailedResourceStatus { - // Gets or sets the current value. - pub current: u64, - - // Gets or sets the limit enforced by the service, or null if there is no limit. - // - // Any requests that would cause the limit to be exceeded may be denied by the - // service. For HTTP requests, the response is generally a 403 Forbidden status, with - // details about the limit in the response body. - pub limit: Option, - - // Gets or sets an optional source of the `ResourceStatus.Limit`, or null if there is - // no limit. - pub limit_source: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ResourceStatus.cs + +use serde::{Deserialize, Serialize}; + +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(untagged)] +pub enum ResourceStatus { + Detailed(DetailedResourceStatus), + Count(u32), +} +impl ResourceStatus { + pub fn get_count(&self) -> u64 { + match self { + ResourceStatus::Detailed(d) => d.current, + ResourceStatus::Count(c) => (*c).into(), + } + } +} +// Current value and limit for a limited resource related to a tunnel or tunnel port. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct DetailedResourceStatus { + // Gets or sets the current value. + pub current: u64, + + // Gets or sets the limit enforced by the service, or null if there is no limit. + // + // Any requests that would cause the limit to be exceeded may be denied by the + // service. For HTTP requests, the response is generally a 403 Forbidden status, with + // details about the limit in the response body. + pub limit: Option, + + // Gets or sets an optional source of the `ResourceStatus.Limit`, or null if there is + // no limit. + pub limit_source: Option, +} diff --git a/rs/src/contracts/service_version_details.rs b/rs/src/contracts/service_version_details.rs index b7b132c2..8dee27a1 100644 --- a/rs/src/contracts/service_version_details.rs +++ b/rs/src/contracts/service_version_details.rs @@ -1,26 +1,26 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ServiceVersionDetails.cs - -use serde::{Deserialize, Serialize}; - -// Data contract for service version details. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct ServiceVersionDetails { - // Gets or sets the version of the service. E.g. "1.0.6615.53976". The version - // corresponds to the build number. - pub version: Option, - - // Gets or sets the commit ID of the service. - pub commit_id: Option, - - // Gets or sets the commit date of the service. - pub commit_date: Option, - - // Gets or sets the cluster ID of the service that handled the request. - pub cluster_id: Option, - - // Gets or sets the Azure location of the service that handled the request. - pub azure_location: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ServiceVersionDetails.cs + +use serde::{Deserialize, Serialize}; + +// Data contract for service version details. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct ServiceVersionDetails { + // Gets or sets the version of the service. E.g. "1.0.6615.53976". The version + // corresponds to the build number. + pub version: Option, + + // Gets or sets the commit ID of the service. + pub commit_id: Option, + + // Gets or sets the commit date of the service. + pub commit_date: Option, + + // Gets or sets the cluster ID of the service that handled the request. + pub cluster_id: Option, + + // Gets or sets the Azure location of the service that handled the request. + pub azure_location: Option, +} diff --git a/rs/src/contracts/tunnel.rs b/rs/src/contracts/tunnel.rs index 16a78133..716e943e 100644 --- a/rs/src/contracts/tunnel.rs +++ b/rs/src/contracts/tunnel.rs @@ -1,79 +1,79 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/Tunnel.cs - -use chrono::{DateTime, Utc}; -use crate::contracts::TunnelAccessControl; -use crate::contracts::TunnelEndpoint; -use crate::contracts::TunnelOptions; -use crate::contracts::TunnelPort; -use crate::contracts::TunnelStatus; -use serde::{Deserialize, Serialize}; -use std::collections::HashMap; - -// Data contract for tunnel objects managed through the tunnel service REST API. -#[derive(Clone, Debug, Deserialize, Serialize, Default)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct Tunnel { - // Gets or sets the ID of the cluster the tunnel was created in. - pub cluster_id: Option, - - // Gets or sets the generated ID of the tunnel, unique within the cluster. - pub tunnel_id: Option, - - // Gets or sets the optional short name (alias) of the tunnel. - // - // The name must be globally unique within the parent domain, and must be a valid - // subdomain. - pub name: Option, - - // Gets or sets the description of the tunnel. - pub description: Option, - - // Gets or sets the labels of the tunnel. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub labels: Vec, - - // Gets or sets the optional parent domain of the tunnel, if it is not using the - // default parent domain. - pub domain: Option, - - // Gets or sets a dictionary mapping from scopes to tunnel access tokens. - pub access_tokens: Option>, - - // Gets or sets access control settings for the tunnel. - // - // See `TunnelAccessControl` documentation for details about the access control model. - pub access_control: Option, - - // Gets or sets default options for the tunnel. - pub options: Option, - - // Gets or sets current connection status of the tunnel. - pub status: Option, - - // Gets or sets an array of endpoints where hosts are currently accepting client - // connections to the tunnel. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub endpoints: Vec, - - // Gets or sets a list of ports in the tunnel. - // - // This optional property enables getting info about all ports in a tunnel at the same - // time as getting tunnel info, or creating one or more ports at the same time as - // creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating - // tunnel properties. (For the latter, use APIs to create/update/delete individual - // ports instead.) - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub ports: Vec, - - // Gets or sets the time in UTC of tunnel creation. - pub created: Option>, - - // Gets or the time the tunnel will be deleted if it is not used or updated. - pub expiration: Option>, - - // Gets or the custom amount of time the tunnel will be valid if it is not used or - // updated in seconds. - pub custom_expiration: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/Tunnel.cs + +use chrono::{DateTime, Utc}; +use crate::contracts::TunnelAccessControl; +use crate::contracts::TunnelEndpoint; +use crate::contracts::TunnelOptions; +use crate::contracts::TunnelPort; +use crate::contracts::TunnelStatus; +use serde::{Deserialize, Serialize}; +use std::collections::HashMap; + +// Data contract for tunnel objects managed through the tunnel service REST API. +#[derive(Clone, Debug, Deserialize, Serialize, Default)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct Tunnel { + // Gets or sets the ID of the cluster the tunnel was created in. + pub cluster_id: Option, + + // Gets or sets the generated ID of the tunnel, unique within the cluster. + pub tunnel_id: Option, + + // Gets or sets the optional short name (alias) of the tunnel. + // + // The name must be globally unique within the parent domain, and must be a valid + // subdomain. + pub name: Option, + + // Gets or sets the description of the tunnel. + pub description: Option, + + // Gets or sets the labels of the tunnel. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub labels: Vec, + + // Gets or sets the optional parent domain of the tunnel, if it is not using the + // default parent domain. + pub domain: Option, + + // Gets or sets a dictionary mapping from scopes to tunnel access tokens. + pub access_tokens: Option>, + + // Gets or sets access control settings for the tunnel. + // + // See `TunnelAccessControl` documentation for details about the access control model. + pub access_control: Option, + + // Gets or sets default options for the tunnel. + pub options: Option, + + // Gets or sets current connection status of the tunnel. + pub status: Option, + + // Gets or sets an array of endpoints where hosts are currently accepting client + // connections to the tunnel. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub endpoints: Vec, + + // Gets or sets a list of ports in the tunnel. + // + // This optional property enables getting info about all ports in a tunnel at the same + // time as getting tunnel info, or creating one or more ports at the same time as + // creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating + // tunnel properties. (For the latter, use APIs to create/update/delete individual + // ports instead.) + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub ports: Vec, + + // Gets or sets the time in UTC of tunnel creation. + pub created: Option>, + + // Gets or the time the tunnel will be deleted if it is not used or updated. + pub expiration: Option>, + + // Gets or the custom amount of time the tunnel will be valid if it is not used or + // updated in seconds. + pub custom_expiration: Option, +} diff --git a/rs/src/contracts/tunnel_access_control.rs b/rs/src/contracts/tunnel_access_control.rs index a01a4526..f537393e 100644 --- a/rs/src/contracts/tunnel_access_control.rs +++ b/rs/src/contracts/tunnel_access_control.rs @@ -1,27 +1,27 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControl.cs - -use crate::contracts::TunnelAccessControlEntry; -use serde::{Deserialize, Serialize}; - -// Data contract for access control on a `Tunnel` or `TunnelPort`. -// -// Tunnels and tunnel ports can each optionally have an access-control property set on -// them. An access-control object contains a list (ACL) of entries (ACEs) that specify the -// access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the -// tunnel, though ports may include ACEs that augment or override the inherited rules. -// Currently there is no capability to define "roles" for tunnel access (where a role -// specifies a set of related access scopes), and assign roles to users. That feature may -// be added in the future. (It should be represented as a separate `RoleAssignments` -// property on this class.) -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelAccessControl { - // Gets or sets the list of access control entries. - // - // The order of entries is significant: later entries override earlier entries that - // apply to the same subject. However, deny rules are always processed after allow - // rules, therefore an allow rule cannot override a deny rule for the same subject. - pub entries: Vec, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControl.cs + +use crate::contracts::TunnelAccessControlEntry; +use serde::{Deserialize, Serialize}; + +// Data contract for access control on a `Tunnel` or `TunnelPort`. +// +// Tunnels and tunnel ports can each optionally have an access-control property set on +// them. An access-control object contains a list (ACL) of entries (ACEs) that specify the +// access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the +// tunnel, though ports may include ACEs that augment or override the inherited rules. +// Currently there is no capability to define "roles" for tunnel access (where a role +// specifies a set of related access scopes), and assign roles to users. That feature may +// be added in the future. (It should be represented as a separate `RoleAssignments` +// property on this class.) +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelAccessControl { + // Gets or sets the list of access control entries. + // + // The order of entries is significant: later entries override earlier entries that + // apply to the same subject. However, deny rules are always processed after allow + // rules, therefore an allow rule cannot override a deny rule for the same subject. + pub entries: Vec, +} diff --git a/rs/src/contracts/tunnel_access_control_entry.rs b/rs/src/contracts/tunnel_access_control_entry.rs index b36863a9..4cebaeac 100644 --- a/rs/src/contracts/tunnel_access_control_entry.rs +++ b/rs/src/contracts/tunnel_access_control_entry.rs @@ -1,106 +1,106 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntry.cs - -use chrono::{DateTime, Utc}; -use crate::contracts::TunnelAccessControlEntryType; -use serde::{Deserialize, Serialize}; - -// Data contract for an access control entry on a `Tunnel` or `TunnelPort`. -// -// An access control entry (ACE) grants or denies one or more access scopes to one or more -// subjects. Tunnel ports inherit access control entries from their tunnel, and they may -// have additional port-specific entries that augment or override those access rules. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelAccessControlEntry { - // Gets or sets the access control entry type. - #[serde(rename = "type")] - pub kind: TunnelAccessControlEntryType, - - // Gets or sets the provider of the subjects in this access control entry. The - // provider impacts how the subject identifiers are resolved and displayed. The - // provider may be an identity provider such as AAD, or a system or standard such as - // "ssh" or "ipv4". - // - // For user, group, or org ACEs, this value is the name of the identity provider of - // the user/group/org IDs. It may be one of the well-known provider names in - // `TunnelAccessControlEntry.Providers`, or (in the future) a custom identity - // provider. For public key ACEs, this value is the type of public key, e.g. "ssh". - // For IP address range ACEs, this value is the IP address version, "ipv4" or "ipv6", - // or "service-tag" if the range is defined by an Azure service tag. For anonymous - // ACEs, this value is null. - pub provider: Option, - - // Gets or sets a value indicating whether this is an access control entry on a tunnel - // port that is inherited from the tunnel's access control list. - #[serde(default)] - pub is_inherited: bool, - - // Gets or sets a value indicating whether this entry is a deny rule that blocks - // access to the specified users. Otherwise it is an allow rule. - // - // All deny rules (including inherited rules) are processed after all allow rules. - // Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list - // or on a more-specific resource. In other words, inherited deny ACEs cannot be - // overridden. - #[serde(default)] - pub is_deny: bool, - - // Gets or sets a value indicating whether this entry applies to all subjects that are - // NOT in the `TunnelAccessControlEntry.Subjects` list. - // - // Examples: an inverse organizations ACE applies to all users who are not members of - // the listed organization(s); an inverse anonymous ACE applies to all authenticated - // users; an inverse IP address ranges ACE applies to all clients that are not within - // any of the listed IP address ranges. The inverse option is often useful in policies - // in combination with `TunnelAccessControlEntry.IsDeny`, for example a policy could - // deny access to users who are not members of an organization or are outside of an IP - // address range, effectively blocking any tunnels from allowing outside access - // (because inherited deny ACEs cannot be overridden). - #[serde(default)] - pub is_inverse: bool, - - // Gets or sets an optional organization context for all subjects of this entry. The - // use and meaning of this value depends on the `TunnelAccessControlEntry.Type` and - // `TunnelAccessControlEntry.Provider` of this entry. - // - // For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently - // used with any other types of ACEs. - pub organization: Option, - - // Gets or sets the subjects for the entry, such as user or group IDs. The format of - // the values depends on the `TunnelAccessControlEntry.Type` and - // `TunnelAccessControlEntry.Provider` of this entry. - pub subjects: Vec, - - // Gets or sets the access scopes that this entry grants or denies to the subjects. - // - // These must be one or more values from `TunnelAccessScopes`. - pub scopes: Vec, - - // Gets or sets the expiration for an access control entry. - // - // If no value is set then this value is null. - pub expiration: Option>, -} - -// Constants for well-known identity providers. - -// Microsoft (AAD) identity provider. -pub const PROVIDERS_MICROSOFT: &str = r#"microsoft"#; - -// GitHub identity provider. -pub const PROVIDERS_GITHUB: &str = r#"github"#; - -// SSH public keys. -pub const PROVIDERS_SSH: &str = r#"ssh"#; - -// IPv4 addresses. -pub const PROVIDERS_IPV4: &str = r#"ipv4"#; - -// IPv6 addresses. -pub const PROVIDERS_IPV6: &str = r#"ipv6"#; - -// Service tags. -pub const PROVIDERS_SERVICE_TAG: &str = r#"service-tag"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntry.cs + +use chrono::{DateTime, Utc}; +use crate::contracts::TunnelAccessControlEntryType; +use serde::{Deserialize, Serialize}; + +// Data contract for an access control entry on a `Tunnel` or `TunnelPort`. +// +// An access control entry (ACE) grants or denies one or more access scopes to one or more +// subjects. Tunnel ports inherit access control entries from their tunnel, and they may +// have additional port-specific entries that augment or override those access rules. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelAccessControlEntry { + // Gets or sets the access control entry type. + #[serde(rename = "type")] + pub kind: TunnelAccessControlEntryType, + + // Gets or sets the provider of the subjects in this access control entry. The + // provider impacts how the subject identifiers are resolved and displayed. The + // provider may be an identity provider such as AAD, or a system or standard such as + // "ssh" or "ipv4". + // + // For user, group, or org ACEs, this value is the name of the identity provider of + // the user/group/org IDs. It may be one of the well-known provider names in + // `TunnelAccessControlEntry.Providers`, or (in the future) a custom identity + // provider. For public key ACEs, this value is the type of public key, e.g. "ssh". + // For IP address range ACEs, this value is the IP address version, "ipv4" or "ipv6", + // or "service-tag" if the range is defined by an Azure service tag. For anonymous + // ACEs, this value is null. + pub provider: Option, + + // Gets or sets a value indicating whether this is an access control entry on a tunnel + // port that is inherited from the tunnel's access control list. + #[serde(default)] + pub is_inherited: bool, + + // Gets or sets a value indicating whether this entry is a deny rule that blocks + // access to the specified users. Otherwise it is an allow rule. + // + // All deny rules (including inherited rules) are processed after all allow rules. + // Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list + // or on a more-specific resource. In other words, inherited deny ACEs cannot be + // overridden. + #[serde(default)] + pub is_deny: bool, + + // Gets or sets a value indicating whether this entry applies to all subjects that are + // NOT in the `TunnelAccessControlEntry.Subjects` list. + // + // Examples: an inverse organizations ACE applies to all users who are not members of + // the listed organization(s); an inverse anonymous ACE applies to all authenticated + // users; an inverse IP address ranges ACE applies to all clients that are not within + // any of the listed IP address ranges. The inverse option is often useful in policies + // in combination with `TunnelAccessControlEntry.IsDeny`, for example a policy could + // deny access to users who are not members of an organization or are outside of an IP + // address range, effectively blocking any tunnels from allowing outside access + // (because inherited deny ACEs cannot be overridden). + #[serde(default)] + pub is_inverse: bool, + + // Gets or sets an optional organization context for all subjects of this entry. The + // use and meaning of this value depends on the `TunnelAccessControlEntry.Type` and + // `TunnelAccessControlEntry.Provider` of this entry. + // + // For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently + // used with any other types of ACEs. + pub organization: Option, + + // Gets or sets the subjects for the entry, such as user or group IDs. The format of + // the values depends on the `TunnelAccessControlEntry.Type` and + // `TunnelAccessControlEntry.Provider` of this entry. + pub subjects: Vec, + + // Gets or sets the access scopes that this entry grants or denies to the subjects. + // + // These must be one or more values from `TunnelAccessScopes`. + pub scopes: Vec, + + // Gets or sets the expiration for an access control entry. + // + // If no value is set then this value is null. + pub expiration: Option>, +} + +// Constants for well-known identity providers. + +// Microsoft (AAD) identity provider. +pub const PROVIDERS_MICROSOFT: &str = r#"microsoft"#; + +// GitHub identity provider. +pub const PROVIDERS_GITHUB: &str = r#"github"#; + +// SSH public keys. +pub const PROVIDERS_SSH: &str = r#"ssh"#; + +// IPv4 addresses. +pub const PROVIDERS_IPV4: &str = r#"ipv4"#; + +// IPv6 addresses. +pub const PROVIDERS_IPV6: &str = r#"ipv6"#; + +// Service tags. +pub const PROVIDERS_SERVICE_TAG: &str = r#"service-tag"#; diff --git a/rs/src/contracts/tunnel_access_control_entry_type.rs b/rs/src/contracts/tunnel_access_control_entry_type.rs index bd8fd0d9..cb515d48 100644 --- a/rs/src/contracts/tunnel_access_control_entry_type.rs +++ b/rs/src/contracts/tunnel_access_control_entry_type.rs @@ -1,57 +1,57 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntryType.cs - -use serde::{Deserialize, Serialize}; -use std::fmt; - -// Specifies the type of `TunnelAccessControlEntry`. -#[derive(Clone, Debug, Deserialize, Serialize)] -pub enum TunnelAccessControlEntryType { - // Uninitialized access control entry type. - None, - - // The access control entry refers to all anonymous users. - Anonymous, - - // The access control entry is a list of user IDs that are allowed (or denied) access. - Users, - - // The access control entry is a list of groups IDs that are allowed (or denied) - // access. - Groups, - - // The access control entry is a list of organization IDs that are allowed (or denied) - // access. - // - // All users in the organizations are allowed (or denied) access, unless overridden by - // following group or user rules. - Organizations, - - // The access control entry is a list of repositories. Users are allowed access to the - // tunnel if they have access to the repo. - Repositories, - - // The access control entry is a list of public keys. Users are allowed access if they - // can authenticate using a private key corresponding to one of the public keys. - PublicKeys, - - // The access control entry is a list of IP address ranges that are allowed (or - // denied) access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. - IPAddressRanges, -} - -impl fmt::Display for TunnelAccessControlEntryType { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - match *self { - TunnelAccessControlEntryType::None => write!(f, "None"), - TunnelAccessControlEntryType::Anonymous => write!(f, "Anonymous"), - TunnelAccessControlEntryType::Users => write!(f, "Users"), - TunnelAccessControlEntryType::Groups => write!(f, "Groups"), - TunnelAccessControlEntryType::Organizations => write!(f, "Organizations"), - TunnelAccessControlEntryType::Repositories => write!(f, "Repositories"), - TunnelAccessControlEntryType::PublicKeys => write!(f, "PublicKeys"), - TunnelAccessControlEntryType::IPAddressRanges => write!(f, "IPAddressRanges"), - } - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntryType.cs + +use serde::{Deserialize, Serialize}; +use std::fmt; + +// Specifies the type of `TunnelAccessControlEntry`. +#[derive(Clone, Debug, Deserialize, Serialize)] +pub enum TunnelAccessControlEntryType { + // Uninitialized access control entry type. + None, + + // The access control entry refers to all anonymous users. + Anonymous, + + // The access control entry is a list of user IDs that are allowed (or denied) access. + Users, + + // The access control entry is a list of groups IDs that are allowed (or denied) + // access. + Groups, + + // The access control entry is a list of organization IDs that are allowed (or denied) + // access. + // + // All users in the organizations are allowed (or denied) access, unless overridden by + // following group or user rules. + Organizations, + + // The access control entry is a list of repositories. Users are allowed access to the + // tunnel if they have access to the repo. + Repositories, + + // The access control entry is a list of public keys. Users are allowed access if they + // can authenticate using a private key corresponding to one of the public keys. + PublicKeys, + + // The access control entry is a list of IP address ranges that are allowed (or + // denied) access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. + IPAddressRanges, +} + +impl fmt::Display for TunnelAccessControlEntryType { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + match *self { + TunnelAccessControlEntryType::None => write!(f, "None"), + TunnelAccessControlEntryType::Anonymous => write!(f, "Anonymous"), + TunnelAccessControlEntryType::Users => write!(f, "Users"), + TunnelAccessControlEntryType::Groups => write!(f, "Groups"), + TunnelAccessControlEntryType::Organizations => write!(f, "Organizations"), + TunnelAccessControlEntryType::Repositories => write!(f, "Repositories"), + TunnelAccessControlEntryType::PublicKeys => write!(f, "PublicKeys"), + TunnelAccessControlEntryType::IPAddressRanges => write!(f, "IPAddressRanges"), + } + } +} diff --git a/rs/src/contracts/tunnel_access_scopes.rs b/rs/src/contracts/tunnel_access_scopes.rs index e32ca805..3669da2c 100644 --- a/rs/src/contracts/tunnel_access_scopes.rs +++ b/rs/src/contracts/tunnel_access_scopes.rs @@ -1,32 +1,32 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessScopes.cs - -// Defines scopes for tunnel access tokens. -// -// A tunnel access token with one or more of these scopes typically also has cluster ID -// and tunnel ID claims that limit the access scope to a specific tunnel, and may also -// have one or more port claims that further limit the access to particular ports of the -// tunnel. - -// Allows creating tunnels. This scope is valid only in policies at the global, domain, or -// organization level; it is not relevant to an already-created tunnel or tunnel port. -// (Creation of ports requires "manage" or "host" access to the tunnel.) -pub const TUNNEL_ACCESS_SCOPES_CREATE: &str = r#"create"#; - -// Allows management operations on tunnels and tunnel ports. -pub const TUNNEL_ACCESS_SCOPES_MANAGE: &str = r#"manage"#; - -// Allows management operations on all ports of a tunnel, but does not allow updating any -// other tunnel properties or deleting the tunnel. -pub const TUNNEL_ACCESS_SCOPES_MANAGE_PORTS: &str = r#"manage:ports"#; - -// Allows accepting connections on tunnels as a host. Includes access to update tunnel -// endpoints and ports. -pub const TUNNEL_ACCESS_SCOPES_HOST: &str = r#"host"#; - -// Allows inspecting tunnel connection activity and data. -pub const TUNNEL_ACCESS_SCOPES_INSPECT: &str = r#"inspect"#; - -// Allows connecting to tunnels or ports as a client. -pub const TUNNEL_ACCESS_SCOPES_CONNECT: &str = r#"connect"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessScopes.cs + +// Defines scopes for tunnel access tokens. +// +// A tunnel access token with one or more of these scopes typically also has cluster ID +// and tunnel ID claims that limit the access scope to a specific tunnel, and may also +// have one or more port claims that further limit the access to particular ports of the +// tunnel. + +// Allows creating tunnels. This scope is valid only in policies at the global, domain, or +// organization level; it is not relevant to an already-created tunnel or tunnel port. +// (Creation of ports requires "manage" or "host" access to the tunnel.) +pub const TUNNEL_ACCESS_SCOPES_CREATE: &str = r#"create"#; + +// Allows management operations on tunnels and tunnel ports. +pub const TUNNEL_ACCESS_SCOPES_MANAGE: &str = r#"manage"#; + +// Allows management operations on all ports of a tunnel, but does not allow updating any +// other tunnel properties or deleting the tunnel. +pub const TUNNEL_ACCESS_SCOPES_MANAGE_PORTS: &str = r#"manage:ports"#; + +// Allows accepting connections on tunnels as a host. Includes access to update tunnel +// endpoints and ports. +pub const TUNNEL_ACCESS_SCOPES_HOST: &str = r#"host"#; + +// Allows inspecting tunnel connection activity and data. +pub const TUNNEL_ACCESS_SCOPES_INSPECT: &str = r#"inspect"#; + +// Allows connecting to tunnels or ports as a client. +pub const TUNNEL_ACCESS_SCOPES_CONNECT: &str = r#"connect"#; diff --git a/rs/src/contracts/tunnel_access_subject.rs b/rs/src/contracts/tunnel_access_subject.rs index 1188604b..c24ad907 100644 --- a/rs/src/contracts/tunnel_access_subject.rs +++ b/rs/src/contracts/tunnel_access_subject.rs @@ -1,41 +1,41 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessSubject.cs - -use crate::contracts::TunnelAccessControlEntryType; -use serde::{Deserialize, Serialize}; - -// Properties about a subject of a tunnel access control entry (ACE), used when resolving -// subject names to IDs when creating new ACEs, or formatting subject IDs to names when -// displaying existing ACEs. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelAccessSubject { - // Gets or sets the type of subject, e.g. user, group, or organization. - #[serde(rename = "type")] - pub kind: TunnelAccessControlEntryType, - - // Gets or sets the subject ID. - // - // The ID is typically a guid or integer that is unique within the scope of the - // identity provider or organization, and never changes for that subject. - pub id: Option, - - // Gets or sets the subject organization ID, which may be required if an organization - // is not implied by the authentication context. - pub organization_id: Option, - - // Gets or sets the partial or full subject name. - // - // When resolving a subject name to ID, a partial name may be provided, and the full - // name is returned if the partial name was successfully resolved. When formatting a - // subject ID to name, the full name is returned if the ID was found. - pub name: Option, - - // Gets or sets an array of possible subject matches, if a partial name was provided - // and did not resolve to a single subject. - // - // This property applies only when resolving subject names to IDs. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub matches: Vec, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessSubject.cs + +use crate::contracts::TunnelAccessControlEntryType; +use serde::{Deserialize, Serialize}; + +// Properties about a subject of a tunnel access control entry (ACE), used when resolving +// subject names to IDs when creating new ACEs, or formatting subject IDs to names when +// displaying existing ACEs. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelAccessSubject { + // Gets or sets the type of subject, e.g. user, group, or organization. + #[serde(rename = "type")] + pub kind: TunnelAccessControlEntryType, + + // Gets or sets the subject ID. + // + // The ID is typically a guid or integer that is unique within the scope of the + // identity provider or organization, and never changes for that subject. + pub id: Option, + + // Gets or sets the subject organization ID, which may be required if an organization + // is not implied by the authentication context. + pub organization_id: Option, + + // Gets or sets the partial or full subject name. + // + // When resolving a subject name to ID, a partial name may be provided, and the full + // name is returned if the partial name was successfully resolved. When formatting a + // subject ID to name, the full name is returned if the ID was found. + pub name: Option, + + // Gets or sets an array of possible subject matches, if a partial name was provided + // and did not resolve to a single subject. + // + // This property applies only when resolving subject names to IDs. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub matches: Vec, +} diff --git a/rs/src/contracts/tunnel_authentication_schemes.rs b/rs/src/contracts/tunnel_authentication_schemes.rs index 40bd24ee..3a7ea3c4 100644 --- a/rs/src/contracts/tunnel_authentication_schemes.rs +++ b/rs/src/contracts/tunnel_authentication_schemes.rs @@ -1,17 +1,17 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs - -// Defines string constants for authentication schemes supported by tunnel service APIs. - -// Authentication scheme for AAD (or Microsoft account) access tokens. -pub const TUNNEL_AUTHENTICATION_SCHEMES_AAD: &str = r#"aad"#; - -// Authentication scheme for GitHub access tokens. -pub const TUNNEL_AUTHENTICATION_SCHEMES_GITHUB: &str = r#"github"#; - -// Authentication scheme for tunnel access tokens. -pub const TUNNEL_AUTHENTICATION_SCHEMES_TUNNEL: &str = r#"tunnel"#; - -// Authentication scheme for tunnelPlan access tokens. -pub const TUNNEL_AUTHENTICATION_SCHEMES_TUNNEL_PLAN: &str = r#"tunnelplan"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs + +// Defines string constants for authentication schemes supported by tunnel service APIs. + +// Authentication scheme for AAD (or Microsoft account) access tokens. +pub const TUNNEL_AUTHENTICATION_SCHEMES_AAD: &str = r#"aad"#; + +// Authentication scheme for GitHub access tokens. +pub const TUNNEL_AUTHENTICATION_SCHEMES_GITHUB: &str = r#"github"#; + +// Authentication scheme for tunnel access tokens. +pub const TUNNEL_AUTHENTICATION_SCHEMES_TUNNEL: &str = r#"tunnel"#; + +// Authentication scheme for tunnelPlan access tokens. +pub const TUNNEL_AUTHENTICATION_SCHEMES_TUNNEL_PLAN: &str = r#"tunnelplan"#; diff --git a/rs/src/contracts/tunnel_connection_mode.rs b/rs/src/contracts/tunnel_connection_mode.rs index b4634476..b594c575 100644 --- a/rs/src/contracts/tunnel_connection_mode.rs +++ b/rs/src/contracts/tunnel_connection_mode.rs @@ -1,31 +1,31 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelConnectionMode.cs - -use serde::{Deserialize, Serialize}; -use std::fmt; - -// Specifies the connection protocol / implementation for a tunnel. -// -// Depending on the connection mode, hosts or clients might need to use different -// authentication and connection protocols. -#[derive(Clone, Debug, Deserialize, Serialize)] -pub enum TunnelConnectionMode { - // Connect directly to the host over the local network. - // - // While it's technically not "tunneling", this mode may be combined with others to - // enable choosing the most efficient connection mode available. - LocalNetwork, - - // Use the tunnel service's integrated relay function. - TunnelRelay, -} - -impl fmt::Display for TunnelConnectionMode { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - match *self { - TunnelConnectionMode::LocalNetwork => write!(f, "LocalNetwork"), - TunnelConnectionMode::TunnelRelay => write!(f, "TunnelRelay"), - } - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelConnectionMode.cs + +use serde::{Deserialize, Serialize}; +use std::fmt; + +// Specifies the connection protocol / implementation for a tunnel. +// +// Depending on the connection mode, hosts or clients might need to use different +// authentication and connection protocols. +#[derive(Clone, Debug, Deserialize, Serialize)] +pub enum TunnelConnectionMode { + // Connect directly to the host over the local network. + // + // While it's technically not "tunneling", this mode may be combined with others to + // enable choosing the most efficient connection mode available. + LocalNetwork, + + // Use the tunnel service's integrated relay function. + TunnelRelay, +} + +impl fmt::Display for TunnelConnectionMode { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + match *self { + TunnelConnectionMode::LocalNetwork => write!(f, "LocalNetwork"), + TunnelConnectionMode::TunnelRelay => write!(f, "TunnelRelay"), + } + } +} diff --git a/rs/src/contracts/tunnel_constraints.rs b/rs/src/contracts/tunnel_constraints.rs index 942f59c3..bd1e7099 100644 --- a/rs/src/contracts/tunnel_constraints.rs +++ b/rs/src/contracts/tunnel_constraints.rs @@ -1,165 +1,165 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelConstraints.cs - -// Tunnel constraints. - -// Min length of tunnel cluster ID. -pub const CLUSTER_ID_MIN_LENGTH: i32 = 3; - -// Max length of tunnel cluster ID. -pub const CLUSTER_ID_MAX_LENGTH: i32 = 12; - -// Length of V1 tunnel id. -pub const OLD_TUNNEL_ID_LENGTH: i32 = 8; - -// Min length of V2 tunnelId. -pub const NEW_TUNNEL_ID_MIN_LENGTH: i32 = 3; - -// Max length of V2 tunnelId. -// -// Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes -// (-<port>-inspect) remain within the DNS label limit of 63 characters. -pub const NEW_TUNNEL_ID_MAX_LENGTH: i32 = 49; - -// Length of a tunnel alias. -pub const TUNNEL_ALIAS_LENGTH: i32 = 8; - -// Min length of tunnel name. -pub const TUNNEL_NAME_MIN_LENGTH: i32 = 3; - -// Max length of tunnel name. -// -// Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes -// (-<port>-inspect) remain within the DNS label limit of 63 characters. -pub const TUNNEL_NAME_MAX_LENGTH: i32 = 49; - -// Max length of SSH username. -pub const SSH_USER_MAX_LENGTH: i32 = 60; - -// Max length of tunnel or port description. -pub const DESCRIPTION_MAX_LENGTH: i32 = 400; - -// Max length of tunnel event details. -pub const EVENT_DETAILS_MAX_LENGTH: i32 = 4000; - -// Max number of properties in a tunnel event. -pub const MAX_EVENT_PROPERTIES: i32 = 100; - -// Max length of a single tunnel event property value. -pub const EVENT_PROPERTY_VALUE_MAX_LENGTH: i32 = 4000; - -// Min length of a single tunnel or port tag. -pub const LABEL_MIN_LENGTH: i32 = 1; - -// Max length of a single tunnel or port tag. -pub const LABEL_MAX_LENGTH: i32 = 50; - -// Maximum number of labels that can be applied to a tunnel or port. -pub const MAX_LABELS: i32 = 100; - -// Min length of a tunnel domain. -pub const TUNNEL_DOMAIN_MIN_LENGTH: i32 = 4; - -// Max length of a tunnel domain. -pub const TUNNEL_DOMAIN_MAX_LENGTH: i32 = 180; - -// Maximum number of items allowed in the tunnel ports array. The actual limit on number -// of ports that can be created may be much lower, and may depend on various resource -// limitations or policies. -pub const TUNNEL_MAX_PORTS: i32 = 1000; - -// Maximum number of access control entries (ACEs) in a tunnel or tunnel port access -// control list (ACL). -pub const ACCESS_CONTROL_MAX_ENTRIES: i32 = 40; - -// Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access control -// entry (ACE). -pub const ACCESS_CONTROL_MAX_SUBJECTS: i32 = 100; - -// Max length of an access control subject or organization ID. -pub const ACCESS_CONTROL_SUBJECT_MAX_LENGTH: i32 = 200; - -// Max length of an access control subject name, when resolving names to IDs. -pub const ACCESS_CONTROL_SUBJECT_NAME_MAX_LENGTH: i32 = 200; - -// Maximum number of scopes in an access control entry. -pub const ACCESS_CONTROL_MAX_SCOPES: i32 = 10; - -// Regular expression that can match or validate tunnel event name strings. -pub const EVENT_NAME_PATTERN: &str = r#"^[a-z0-9_]{3,80}$"#; - -// Regular expression that can match or validate tunnel event severity strings. -pub const EVENT_SEVERITY_PATTERN: &str = r#"^(info)|(warning)|(error)$"#; - -// Regular expression that can match or validate tunnel event property name strings. -pub const EVENT_PROPERTY_NAME_PATTERN: &str = r#"^[a-zA-Z0-9_.]{3,200}$"#; - -// Regular expression that can match or validate tunnel cluster ID strings. -// -// Cluster IDs are alphanumeric; hyphens are not permitted. -pub const CLUSTER_ID_PATTERN: &str = r#"^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$"#; - -// Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, -// excluding vowels and 'y' (to avoid accidentally generating any random words). -pub const OLD_TUNNEL_ID_CHARS: &str = r#"0123456789bcdfghjklmnpqrstvwxz"#; - -// Regular expression that can match or validate tunnel ID strings. -// -// Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase -// letters (minus vowels and y). -pub const OLD_TUNNEL_ID_PATTERN: &str = r#"[0123456789bcdfghjklmnpqrstvwxz]{8}"#; - -// Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, -// excluding vowels and 'y' (to avoid accidentally generating any random words). -pub const NEW_TUNNEL_ID_CHARS: &str = r#"0123456789abcdefghijklmnopqrstuvwxyz-"#; - -// Regular expression that can match or validate tunnel ID strings. -// -// Tunnel IDs have a limited character set of numbers and lowercase letters. Limited to 49 -// characters to ensure tunnel URIs with ports and inspection suffixes remain within the -// DNS label limit of 63 characters. -pub const NEW_TUNNEL_ID_PATTERN: &str = r#"[a-z0-9][a-z0-9-]{1,47}[a-z0-9]"#; - -// Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, -// excluding vowels and 'y' (to avoid accidentally generating any random words). -pub const TUNNEL_ALIAS_CHARS: &str = r#"0123456789bcdfghjklmnpqrstvwxz"#; - -// Regular expression that can match or validate tunnel alias strings. -// -// Tunnel Aliases are fixed-length and have a limited character set of numbers and -// lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel URIs -// with ports and inspection suffixes remain within the DNS label limit of 63 characters. -pub const TUNNEL_ALIAS_PATTERN: &str = r#"[0123456789bcdfghjklmnpqrstvwxz]{3,49}"#; - -// Regular expression that can match or validate tunnel names. -// -// Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an empty -// string because tunnels may be unnamed. Limited to 49 characters to ensure tunnel URIs -// with ports and inspection suffixes remain within the DNS label limit of 63 characters. -pub const TUNNEL_NAME_PATTERN: &str = r#"([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)"#; - -// Regular expression that can match or validate tunnel or port labels. -pub const LABEL_PATTERN: &str = r#"[\w-=]{1,50}"#; - -// Regular expression that can match or validate tunnel domains. -// -// The tunnel service may perform additional contextual validation at the time the domain -// is registered. -pub const TUNNEL_DOMAIN_PATTERN: &str = r#"[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)"#; - -// Regular expression that can match or validate an access control subject or organization -// ID. -// -// The : and / characters are allowed because subjects may include IP addresses and -// ranges. The @ character is allowed because MSA subjects may be identified by email -// address. -pub const ACCESS_CONTROL_SUBJECT_PATTERN: &str = r#"[0-9a-zA-Z-._:/@]{0,200}"#; - -// Regular expression that can match or validate an access control subject name, when -// resolving subject names to IDs. -// -// Note angle-brackets are only allowed when they wrap an email address as part of a -// formatted name with email. The service will block any other use of angle-brackets, to -// avoid any XSS risks. -pub const ACCESS_CONTROL_SUBJECT_NAME_PATTERN: &str = r#"[ \w\d-.,/:'"_@()<>]{0,200}"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelConstraints.cs + +// Tunnel constraints. + +// Min length of tunnel cluster ID. +pub const CLUSTER_ID_MIN_LENGTH: i32 = 3; + +// Max length of tunnel cluster ID. +pub const CLUSTER_ID_MAX_LENGTH: i32 = 12; + +// Length of V1 tunnel id. +pub const OLD_TUNNEL_ID_LENGTH: i32 = 8; + +// Min length of V2 tunnelId. +pub const NEW_TUNNEL_ID_MIN_LENGTH: i32 = 3; + +// Max length of V2 tunnelId. +// +// Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes +// (-<port>-inspect) remain within the DNS label limit of 63 characters. +pub const NEW_TUNNEL_ID_MAX_LENGTH: i32 = 49; + +// Length of a tunnel alias. +pub const TUNNEL_ALIAS_LENGTH: i32 = 8; + +// Min length of tunnel name. +pub const TUNNEL_NAME_MIN_LENGTH: i32 = 3; + +// Max length of tunnel name. +// +// Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes +// (-<port>-inspect) remain within the DNS label limit of 63 characters. +pub const TUNNEL_NAME_MAX_LENGTH: i32 = 49; + +// Max length of SSH username. +pub const SSH_USER_MAX_LENGTH: i32 = 60; + +// Max length of tunnel or port description. +pub const DESCRIPTION_MAX_LENGTH: i32 = 400; + +// Max length of tunnel event details. +pub const EVENT_DETAILS_MAX_LENGTH: i32 = 4000; + +// Max number of properties in a tunnel event. +pub const MAX_EVENT_PROPERTIES: i32 = 100; + +// Max length of a single tunnel event property value. +pub const EVENT_PROPERTY_VALUE_MAX_LENGTH: i32 = 4000; + +// Min length of a single tunnel or port tag. +pub const LABEL_MIN_LENGTH: i32 = 1; + +// Max length of a single tunnel or port tag. +pub const LABEL_MAX_LENGTH: i32 = 50; + +// Maximum number of labels that can be applied to a tunnel or port. +pub const MAX_LABELS: i32 = 100; + +// Min length of a tunnel domain. +pub const TUNNEL_DOMAIN_MIN_LENGTH: i32 = 4; + +// Max length of a tunnel domain. +pub const TUNNEL_DOMAIN_MAX_LENGTH: i32 = 180; + +// Maximum number of items allowed in the tunnel ports array. The actual limit on number +// of ports that can be created may be much lower, and may depend on various resource +// limitations or policies. +pub const TUNNEL_MAX_PORTS: i32 = 1000; + +// Maximum number of access control entries (ACEs) in a tunnel or tunnel port access +// control list (ACL). +pub const ACCESS_CONTROL_MAX_ENTRIES: i32 = 40; + +// Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access control +// entry (ACE). +pub const ACCESS_CONTROL_MAX_SUBJECTS: i32 = 100; + +// Max length of an access control subject or organization ID. +pub const ACCESS_CONTROL_SUBJECT_MAX_LENGTH: i32 = 200; + +// Max length of an access control subject name, when resolving names to IDs. +pub const ACCESS_CONTROL_SUBJECT_NAME_MAX_LENGTH: i32 = 200; + +// Maximum number of scopes in an access control entry. +pub const ACCESS_CONTROL_MAX_SCOPES: i32 = 10; + +// Regular expression that can match or validate tunnel event name strings. +pub const EVENT_NAME_PATTERN: &str = r#"^[a-z0-9_]{3,80}$"#; + +// Regular expression that can match or validate tunnel event severity strings. +pub const EVENT_SEVERITY_PATTERN: &str = r#"^(info)|(warning)|(error)$"#; + +// Regular expression that can match or validate tunnel event property name strings. +pub const EVENT_PROPERTY_NAME_PATTERN: &str = r#"^[a-zA-Z0-9_.]{3,200}$"#; + +// Regular expression that can match or validate tunnel cluster ID strings. +// +// Cluster IDs are alphanumeric; hyphens are not permitted. +pub const CLUSTER_ID_PATTERN: &str = r#"^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$"#; + +// Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, +// excluding vowels and 'y' (to avoid accidentally generating any random words). +pub const OLD_TUNNEL_ID_CHARS: &str = r#"0123456789bcdfghjklmnpqrstvwxz"#; + +// Regular expression that can match or validate tunnel ID strings. +// +// Tunnel IDs are fixed-length and have a limited character set of numbers and lowercase +// letters (minus vowels and y). +pub const OLD_TUNNEL_ID_PATTERN: &str = r#"[0123456789bcdfghjklmnpqrstvwxz]{8}"#; + +// Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, +// excluding vowels and 'y' (to avoid accidentally generating any random words). +pub const NEW_TUNNEL_ID_CHARS: &str = r#"0123456789abcdefghijklmnopqrstuvwxyz-"#; + +// Regular expression that can match or validate tunnel ID strings. +// +// Tunnel IDs have a limited character set of numbers and lowercase letters. Limited to 49 +// characters to ensure tunnel URIs with ports and inspection suffixes remain within the +// DNS label limit of 63 characters. +pub const NEW_TUNNEL_ID_PATTERN: &str = r#"[a-z0-9][a-z0-9-]{1,47}[a-z0-9]"#; + +// Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, +// excluding vowels and 'y' (to avoid accidentally generating any random words). +pub const TUNNEL_ALIAS_CHARS: &str = r#"0123456789bcdfghjklmnpqrstvwxz"#; + +// Regular expression that can match or validate tunnel alias strings. +// +// Tunnel Aliases are fixed-length and have a limited character set of numbers and +// lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel URIs +// with ports and inspection suffixes remain within the DNS label limit of 63 characters. +pub const TUNNEL_ALIAS_PATTERN: &str = r#"[0123456789bcdfghjklmnpqrstvwxz]{3,49}"#; + +// Regular expression that can match or validate tunnel names. +// +// Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an empty +// string because tunnels may be unnamed. Limited to 49 characters to ensure tunnel URIs +// with ports and inspection suffixes remain within the DNS label limit of 63 characters. +pub const TUNNEL_NAME_PATTERN: &str = r#"([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)"#; + +// Regular expression that can match or validate tunnel or port labels. +pub const LABEL_PATTERN: &str = r#"[\w-=]{1,50}"#; + +// Regular expression that can match or validate tunnel domains. +// +// The tunnel service may perform additional contextual validation at the time the domain +// is registered. +pub const TUNNEL_DOMAIN_PATTERN: &str = r#"[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)"#; + +// Regular expression that can match or validate an access control subject or organization +// ID. +// +// The : and / characters are allowed because subjects may include IP addresses and +// ranges. The @ character is allowed because MSA subjects may be identified by email +// address. +pub const ACCESS_CONTROL_SUBJECT_PATTERN: &str = r#"[0-9a-zA-Z-._:/@]{0,200}"#; + +// Regular expression that can match or validate an access control subject name, when +// resolving subject names to IDs. +// +// Note angle-brackets are only allowed when they wrap an email address as part of a +// formatted name with email. The service will block any other use of angle-brackets, to +// avoid any XSS risks. +pub const ACCESS_CONTROL_SUBJECT_NAME_PATTERN: &str = r#"[ \w\d-.,/:'"_@()<>]{0,200}"#; diff --git a/rs/src/contracts/tunnel_endpoint.rs b/rs/src/contracts/tunnel_endpoint.rs index aef96832..d975c97e 100644 --- a/rs/src/contracts/tunnel_endpoint.rs +++ b/rs/src/contracts/tunnel_endpoint.rs @@ -1,67 +1,67 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelEndpoint.cs - -use crate::contracts::TunnelConnectionMode; -use serde::{Deserialize, Serialize}; - -// Base class for tunnel connection parameters. -// -// A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. -// There is a subclass for each connection mode, each having different connection -// parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and -// clients can select their preferred endpoint(s) from those depending on network -// environment or client capabilities. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelEndpoint { - // Gets or sets the ID of this endpoint. - pub id: Option, - - // Gets or sets the connection mode of the endpoint. - // - // This property is required when creating or updating an endpoint. The subclass type - // is also an indication of the connection mode, but this property is necessary to - // determine the subclass type when deserializing. - pub connection_mode: TunnelConnectionMode, - - // Gets or sets the ID of the host that is listening on this endpoint. - // - // This property is required when creating or updating an endpoint. If the host - // supports multiple connection modes, the host's ID is the same for all the endpoints - // it supports. However different hosts may simultaneously accept connections at - // different endpoints for the same tunnel, if enabled in tunnel options. - pub host_id: String, - - // Gets or sets an array of public keys, which can be used by clients to authenticate - // the host. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub host_public_keys: Vec, - - // Gets or sets a string used to format URIs where a web client can connect to ports - // of the tunnel. The string includes a `TunnelEndpoint.PortToken` that must be - // replaced with the actual port number. - pub port_uri_format: Option, - - // Gets or sets the URI where a web client can connect to the default port of the - // tunnel. - pub tunnel_uri: Option, - - // Gets or sets a string used to format ssh command where ssh client can connect to - // shared ssh port of the tunnel. The string includes a `TunnelEndpoint.PortToken` - // that must be replaced with the actual port number. - pub port_ssh_command_format: Option, - - // Gets or sets the Ssh command where the Ssh client can connect to the default ssh - // port of the tunnel. - pub tunnel_ssh_command: Option, - - // Gets or sets the Ssh gateway public key which should be added to the - // authorized_keys file so that tunnel service can connect to the shared ssh server. - pub ssh_gateway_public_key: Option, -} - -// Token included in `TunnelEndpoint.PortUriFormat` and -// `TunnelEndpoint.PortSshCommandFormat` that is to be replaced by a specified port -// number. -pub const PORT_TOKEN: &str = "{port}"; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelEndpoint.cs + +use crate::contracts::TunnelConnectionMode; +use serde::{Deserialize, Serialize}; + +// Base class for tunnel connection parameters. +// +// A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. +// There is a subclass for each connection mode, each having different connection +// parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and +// clients can select their preferred endpoint(s) from those depending on network +// environment or client capabilities. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelEndpoint { + // Gets or sets the ID of this endpoint. + pub id: Option, + + // Gets or sets the connection mode of the endpoint. + // + // This property is required when creating or updating an endpoint. The subclass type + // is also an indication of the connection mode, but this property is necessary to + // determine the subclass type when deserializing. + pub connection_mode: TunnelConnectionMode, + + // Gets or sets the ID of the host that is listening on this endpoint. + // + // This property is required when creating or updating an endpoint. If the host + // supports multiple connection modes, the host's ID is the same for all the endpoints + // it supports. However different hosts may simultaneously accept connections at + // different endpoints for the same tunnel, if enabled in tunnel options. + pub host_id: String, + + // Gets or sets an array of public keys, which can be used by clients to authenticate + // the host. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub host_public_keys: Vec, + + // Gets or sets a string used to format URIs where a web client can connect to ports + // of the tunnel. The string includes a `TunnelEndpoint.PortToken` that must be + // replaced with the actual port number. + pub port_uri_format: Option, + + // Gets or sets the URI where a web client can connect to the default port of the + // tunnel. + pub tunnel_uri: Option, + + // Gets or sets a string used to format ssh command where ssh client can connect to + // shared ssh port of the tunnel. The string includes a `TunnelEndpoint.PortToken` + // that must be replaced with the actual port number. + pub port_ssh_command_format: Option, + + // Gets or sets the Ssh command where the Ssh client can connect to the default ssh + // port of the tunnel. + pub tunnel_ssh_command: Option, + + // Gets or sets the Ssh gateway public key which should be added to the + // authorized_keys file so that tunnel service can connect to the shared ssh server. + pub ssh_gateway_public_key: Option, +} + +// Token included in `TunnelEndpoint.PortUriFormat` and +// `TunnelEndpoint.PortSshCommandFormat` that is to be replaced by a specified port +// number. +pub const PORT_TOKEN: &str = "{port}"; diff --git a/rs/src/contracts/tunnel_environments.rs b/rs/src/contracts/tunnel_environments.rs index cfd00c0f..65e034ff 100644 --- a/rs/src/contracts/tunnel_environments.rs +++ b/rs/src/contracts/tunnel_environments.rs @@ -17,7 +17,7 @@ pub fn env_staging() -> TunnelServiceProperties { service_uri: format!("https://{}", PPE_DNS_NAME), service_app_id: PROD_FIRST_PARTY_APP_ID.to_owned(), service_internal_app_id: PPE_THIRD_PARTY_APP_ID.to_owned(), - github_app_client_id: NON_PROD_GITHUB_APP_CLIENT_ID.to_owned(), + github_app_client_id: PPE_GITHUB_APP_CLIENT_ID.to_owned(), } } @@ -26,6 +26,15 @@ pub fn env_development() -> TunnelServiceProperties { service_uri: format!("https://{}", DEV_DNS_NAME), service_app_id: DEV_FIRST_PARTY_APP_ID.to_owned(), service_internal_app_id: DEV_THIRD_PARTY_APP_ID.to_owned(), - github_app_client_id: NON_PROD_GITHUB_APP_CLIENT_ID.to_owned(), + github_app_client_id: DEV_GITHUB_APP_CLIENT_ID.to_owned(), + } +} + +pub fn env_local() -> TunnelServiceProperties { + TunnelServiceProperties { + service_uri: format!("https://{}", LOCAL_DNS_NAME), + service_app_id: DEV_FIRST_PARTY_APP_ID.to_owned(), + service_internal_app_id: DEV_THIRD_PARTY_APP_ID.to_owned(), + github_app_client_id: LOCAL_GITHUB_APP_CLIENT_ID.to_owned(), } } diff --git a/rs/src/contracts/tunnel_event.rs b/rs/src/contracts/tunnel_event.rs index 1d43890b..055d5950 100644 --- a/rs/src/contracts/tunnel_event.rs +++ b/rs/src/contracts/tunnel_event.rs @@ -1,40 +1,40 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelEvent.cs - -use chrono::{DateTime, Utc}; -use serde::{Deserialize, Serialize}; -use std::collections::HashMap; - -// Data contract for tunnel client events reported to the tunnel service. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelEvent { - // Gets or sets the UTC timestamp of the event (using the client's clock). - pub timestamp: Option>, - - // Gets or sets name of the event. This should be a short descriptive identifier. - pub name: String, - - // Gets or sets the severity of the event, such as `TunnelEvent.Info`, - // `TunnelEvent.Warning`, or `TunnelEvent.Error`. - // - // If not specified, the default severity is "info". - pub severity: Option, - - // Gets or sets optional unstructured details about the event, such as a message or - // description. For warning or error events this may include a stack trace. - pub details: Option, - - // Gets or sets semi-structured event properties. - pub properties: Option>, -} - -// Default event severity. -pub const INFO: &str = "info"; - -// Warning event severity. -pub const WARNING: &str = "warning"; - -// Error event severity. -pub const ERROR: &str = "error"; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelEvent.cs + +use chrono::{DateTime, Utc}; +use serde::{Deserialize, Serialize}; +use std::collections::HashMap; + +// Data contract for tunnel client events reported to the tunnel service. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelEvent { + // Gets or sets the UTC timestamp of the event (using the client's clock). + pub timestamp: Option>, + + // Gets or sets name of the event. This should be a short descriptive identifier. + pub name: String, + + // Gets or sets the severity of the event, such as `TunnelEvent.Info`, + // `TunnelEvent.Warning`, or `TunnelEvent.Error`. + // + // If not specified, the default severity is "info". + pub severity: Option, + + // Gets or sets optional unstructured details about the event, such as a message or + // description. For warning or error events this may include a stack trace. + pub details: Option, + + // Gets or sets semi-structured event properties. + pub properties: Option>, +} + +// Default event severity. +pub const INFO: &str = "info"; + +// Warning event severity. +pub const WARNING: &str = "warning"; + +// Error event severity. +pub const ERROR: &str = "error"; diff --git a/rs/src/contracts/tunnel_header_names.rs b/rs/src/contracts/tunnel_header_names.rs index adb4da49..cd64c29d 100644 --- a/rs/src/contracts/tunnel_header_names.rs +++ b/rs/src/contracts/tunnel_header_names.rs @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelHeaderNames.cs - -// Header names for http requests that Tunnel Service can handle - -// Additional authorization header that can be passed to tunnel web forwarding to -// authenticate and authorize the client. The format of the value is the same as -// Authorization header that is sent to the Tunnel service by the tunnel SDK. Supported -// schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. -pub const X_TUNNEL_AUTHORIZATION: &str = r#"X-Tunnel-Authorization"#; - -// Request ID header that nginx ingress controller adds to all requests if it's not there. -pub const X_REQUEST_ID: &str = r#"X-Request-ID"#; - -// Github Ssh public key which can be used to validate if it belongs to tunnel's owner. -pub const X_GITHUB_SSH_KEY: &str = r#"X-Github-Ssh-Key"#; - -// Header that will skip the antiphishing page when connection to a tunnel through web -// forwarding. -pub const X_TUNNEL_SKIP_ANTIPHISHING_PAGE: &str = r#"X-Tunnel-Skip-AntiPhishing-Page"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelHeaderNames.cs + +// Header names for http requests that Tunnel Service can handle + +// Additional authorization header that can be passed to tunnel web forwarding to +// authenticate and authorize the client. The format of the value is the same as +// Authorization header that is sent to the Tunnel service by the tunnel SDK. Supported +// schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. +pub const X_TUNNEL_AUTHORIZATION: &str = r#"X-Tunnel-Authorization"#; + +// Request ID header that nginx ingress controller adds to all requests if it's not there. +pub const X_REQUEST_ID: &str = r#"X-Request-ID"#; + +// Github Ssh public key which can be used to validate if it belongs to tunnel's owner. +pub const X_GITHUB_SSH_KEY: &str = r#"X-Github-Ssh-Key"#; + +// Header that will skip the antiphishing page when connection to a tunnel through web +// forwarding. +pub const X_TUNNEL_SKIP_ANTIPHISHING_PAGE: &str = r#"X-Tunnel-Skip-AntiPhishing-Page"#; diff --git a/rs/src/contracts/tunnel_list_by_region.rs b/rs/src/contracts/tunnel_list_by_region.rs index 9cd3b8d2..d9f4a7b1 100644 --- a/rs/src/contracts/tunnel_list_by_region.rs +++ b/rs/src/contracts/tunnel_list_by_region.rs @@ -1,25 +1,25 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelListByRegion.cs - -use crate::contracts::ErrorDetail; -use crate::contracts::Tunnel; -use serde::{Deserialize, Serialize}; - -// Tunnel list by region. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelListByRegion { - // Azure region name. - pub region_name: Option, - - // Cluster id in the region. - pub cluster_id: Option, - - // List of tunnels. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub value: Vec, - - // Error detail if getting list of tunnels in the region failed. - pub error: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelListByRegion.cs + +use crate::contracts::ErrorDetail; +use crate::contracts::Tunnel; +use serde::{Deserialize, Serialize}; + +// Tunnel list by region. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelListByRegion { + // Azure region name. + pub region_name: Option, + + // Cluster id in the region. + pub cluster_id: Option, + + // List of tunnels. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub value: Vec, + + // Error detail if getting list of tunnels in the region failed. + pub error: Option, +} diff --git a/rs/src/contracts/tunnel_list_by_region_response.rs b/rs/src/contracts/tunnel_list_by_region_response.rs index a74b971b..ade3f90e 100644 --- a/rs/src/contracts/tunnel_list_by_region_response.rs +++ b/rs/src/contracts/tunnel_list_by_region_response.rs @@ -1,18 +1,18 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelListByRegionResponse.cs - -use crate::contracts::TunnelListByRegion; -use serde::{Deserialize, Serialize}; - -// Data contract for response of a list tunnel by region call. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelListByRegionResponse { - // List of tunnels - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub value: Vec, - - // Link to get next page of results. - pub next_link: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelListByRegionResponse.cs + +use crate::contracts::TunnelListByRegion; +use serde::{Deserialize, Serialize}; + +// Data contract for response of a list tunnel by region call. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelListByRegionResponse { + // List of tunnels + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub value: Vec, + + // Link to get next page of results. + pub next_link: Option, +} diff --git a/rs/src/contracts/tunnel_options.rs b/rs/src/contracts/tunnel_options.rs index 64df7139..ed283721 100644 --- a/rs/src/contracts/tunnel_options.rs +++ b/rs/src/contracts/tunnel_options.rs @@ -1,104 +1,104 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelOptions.cs - -use serde::{Deserialize, Serialize}; - -// Data contract for `Tunnel` or `TunnelPort` options. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelOptions { - // Gets or sets a value indicating whether web-forwarding of this tunnel can run on - // any cluster (region) without redirecting to the home cluster. This is only - // applicable if the tunnel has a name and web-forwarding uses it. - #[serde(default)] - pub is_globally_available: bool, - - // Gets or sets a value for `Host` header rewriting to use in web-forwarding of this - // tunnel or port. By default, with this property null or empty, web-forwarding uses - // "localhost" to rewrite the header. Web-fowarding will use this property instead if - // it is not null or empty. Port-level option, if set, takes precedence over this - // option on the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. - #[serde(default)] - pub host_header: Option, - - // Gets or sets a value indicating whether `Host` header is rewritten or the header - // value stays intact. By default, if false, web-forwarding rewrites the host header - // with the value from HostHeader property or "localhost". If true, the host header - // will be whatever the tunnel's web-forwarding host is, e.g. - // tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence over - // this option on the tunnel level. - #[serde(default)] - pub is_host_header_unchanged: bool, - - // Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this - // tunnel or port. By default, with this property null or empty, web-forwarding uses - // "http(s)://localhost" to rewrite the header. Web-fowarding will use this property - // instead if it is not null or empty. Port-level option, if set, takes precedence - // over this option on the tunnel level. The option is ignored if - // IsOriginHeaderUnchanged is true. - #[serde(default)] - pub origin_header: Option, - - // Gets or sets a value indicating whether `Origin` header is rewritten or the header - // value stays intact. By default, if false, web-forwarding rewrites the origin header - // with the value from OriginHeader property or "http(s)://localhost". If true, the - // Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. - // https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence - // over this option on the tunnel level. - #[serde(default)] - pub is_origin_header_unchanged: bool, - - // Gets or sets if inspection is enabled for the tunnel. - #[serde(default)] - pub is_inspection_enabled: bool, - - // Gets or sets a value indicating whether web requests to a tunnel can use the tunnel - // web authentication cookie if they come from a different site. Specifically, this - // controls whether the tunnel web-forwarding authentication cookie is marked as - // SameSite=None. The default is false, which means the cookie is marked as - // SameSite=Lax. This only applies to tunnels that require authentication. - #[serde(default)] - pub is_cross_site_authentication_enabled: Option, - - // Gets or sets a value indicating whether the tunnel web-forwarding authentication - // cookie is set as Partitioned (CHIPS). The default is false. This only applies to - // tunnels that require authentication. - // - // A partitioned cookie always also has SameSite=None for compatbility with browsers - // that do not support partitioning. - #[serde(default)] - pub is_partitioned_site_authentication_enabled: Option, - - // Gets or sets a value indicating whether web requests to the tunnel or port can be - // directly authenticated with bearer token authentication by supplying an - // `Authorization` header with an Entra ID or GitHub token of a user with access to - // the tunnel. The default is false, which means only the tunnel web authentication - // cookie or `X-Tunnel-Authorization` header can be used for authenticating web - // requests to the tunnel. - // - // When this option is enabled, AND neither a tunnel web authentication cookie nor an - // `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will - // attempt to authenticate the request using the `Authorization` header with Entra ID - // or GitHub credentials. In that case the `Authorization` header will be stripped - // from the request before it is forwarded to the host application. Enabling this - // option may be desirable for API tunnels, where clients are likely to have better - // support for bearer token authentication using the `Authorization` header. However, - // interception of that header could block host applications which themselves - // implement bearer token authentication, which is why this option is disabled by - // default. This option does not apply to the tunnel management API, which always - // supports bearer token authentication using the `Authorization` header. - #[serde(default)] - pub is_bearer_token_authentication_enabled: Option, - - // Gets or sets the timeout for HTTP requests to the tunnel or port. - // - // The default timeout is 100 seconds. Set this to 0 to disable the timeout. The - // timeout will reset when response headers are received or after successfully reading - // or writing any request, response, or streaming data like gRPC or WebSockets. TCP - // keep-alives and HTTP/2 protocol pings will not reset the timeout, but WebSocket - // pings will. When a request times out, the tunnel relay aborts the request and - // returns 504 Gateway Timeout. - #[serde(default)] - pub request_timeout_seconds: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelOptions.cs + +use serde::{Deserialize, Serialize}; + +// Data contract for `Tunnel` or `TunnelPort` options. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelOptions { + // Gets or sets a value indicating whether web-forwarding of this tunnel can run on + // any cluster (region) without redirecting to the home cluster. This is only + // applicable if the tunnel has a name and web-forwarding uses it. + #[serde(default)] + pub is_globally_available: bool, + + // Gets or sets a value for `Host` header rewriting to use in web-forwarding of this + // tunnel or port. By default, with this property null or empty, web-forwarding uses + // "localhost" to rewrite the header. Web-fowarding will use this property instead if + // it is not null or empty. Port-level option, if set, takes precedence over this + // option on the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. + #[serde(default)] + pub host_header: Option, + + // Gets or sets a value indicating whether `Host` header is rewritten or the header + // value stays intact. By default, if false, web-forwarding rewrites the host header + // with the value from HostHeader property or "localhost". If true, the host header + // will be whatever the tunnel's web-forwarding host is, e.g. + // tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence over + // this option on the tunnel level. + #[serde(default)] + pub is_host_header_unchanged: bool, + + // Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this + // tunnel or port. By default, with this property null or empty, web-forwarding uses + // "http(s)://localhost" to rewrite the header. Web-fowarding will use this property + // instead if it is not null or empty. Port-level option, if set, takes precedence + // over this option on the tunnel level. The option is ignored if + // IsOriginHeaderUnchanged is true. + #[serde(default)] + pub origin_header: Option, + + // Gets or sets a value indicating whether `Origin` header is rewritten or the header + // value stays intact. By default, if false, web-forwarding rewrites the origin header + // with the value from OriginHeader property or "http(s)://localhost". If true, the + // Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. + // https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence + // over this option on the tunnel level. + #[serde(default)] + pub is_origin_header_unchanged: bool, + + // Gets or sets if inspection is enabled for the tunnel. + #[serde(default)] + pub is_inspection_enabled: bool, + + // Gets or sets a value indicating whether web requests to a tunnel can use the tunnel + // web authentication cookie if they come from a different site. Specifically, this + // controls whether the tunnel web-forwarding authentication cookie is marked as + // SameSite=None. The default is false, which means the cookie is marked as + // SameSite=Lax. This only applies to tunnels that require authentication. + #[serde(default)] + pub is_cross_site_authentication_enabled: Option, + + // Gets or sets a value indicating whether the tunnel web-forwarding authentication + // cookie is set as Partitioned (CHIPS). The default is false. This only applies to + // tunnels that require authentication. + // + // A partitioned cookie always also has SameSite=None for compatbility with browsers + // that do not support partitioning. + #[serde(default)] + pub is_partitioned_site_authentication_enabled: Option, + + // Gets or sets a value indicating whether web requests to the tunnel or port can be + // directly authenticated with bearer token authentication by supplying an + // `Authorization` header with an Entra ID or GitHub token of a user with access to + // the tunnel. The default is false, which means only the tunnel web authentication + // cookie or `X-Tunnel-Authorization` header can be used for authenticating web + // requests to the tunnel. + // + // When this option is enabled, AND neither a tunnel web authentication cookie nor an + // `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will + // attempt to authenticate the request using the `Authorization` header with Entra ID + // or GitHub credentials. In that case the `Authorization` header will be stripped + // from the request before it is forwarded to the host application. Enabling this + // option may be desirable for API tunnels, where clients are likely to have better + // support for bearer token authentication using the `Authorization` header. However, + // interception of that header could block host applications which themselves + // implement bearer token authentication, which is why this option is disabled by + // default. This option does not apply to the tunnel management API, which always + // supports bearer token authentication using the `Authorization` header. + #[serde(default)] + pub is_bearer_token_authentication_enabled: Option, + + // Gets or sets the timeout for HTTP requests to the tunnel or port. + // + // The default timeout is 100 seconds. Set this to 0 to disable the timeout. The + // timeout will reset when response headers are received or after successfully reading + // or writing any request, response, or streaming data like gRPC or WebSockets. TCP + // keep-alives and HTTP/2 protocol pings will not reset the timeout, but WebSocket + // pings will. When a request times out, the tunnel relay aborts the request and + // returns 504 Gateway Timeout. + #[serde(default)] + pub request_timeout_seconds: Option, +} diff --git a/rs/src/contracts/tunnel_port.rs b/rs/src/contracts/tunnel_port.rs index 1fd3e41a..1d9c170e 100644 --- a/rs/src/contracts/tunnel_port.rs +++ b/rs/src/contracts/tunnel_port.rs @@ -1,84 +1,84 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPort.cs - -use crate::contracts::TunnelAccessControl; -use crate::contracts::TunnelOptions; -use crate::contracts::TunnelPortStatus; -use serde::{Deserialize, Serialize}; -use std::collections::HashMap; - -// Data contract for tunnel port objects managed through the tunnel service REST API. -#[derive(Clone, Debug, Deserialize, Serialize, Default)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelPort { - // Gets or sets the ID of the cluster the tunnel was created in. - pub cluster_id: Option, - - // Gets or sets the generated ID of the tunnel, unique within the cluster. - pub tunnel_id: Option, - - // Gets or sets the IP port number of the tunnel port. - pub port_number: u16, - - // Gets or sets the optional short name of the port. - // - // The name must be unique among named ports of the same tunnel. - pub name: Option, - - // Gets or sets the optional description of the port. - pub description: Option, - - // Gets or sets the labels of the port. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub labels: Vec, - - // Gets or sets the protocol of the tunnel port. - // - // Should be one of the string constants from `TunnelProtocol`. - pub protocol: Option, - - // Gets or sets a value indicating whether this port is a default port for the tunnel. - // - // A client that connects to a tunnel (by ID or name) without specifying a port number - // will connect to the default port for the tunnel, if a default is configured. Or if - // the tunnel has only one port then the single port is the implicit default. - // - // Selection of a default port for a connection also depends on matching the - // connection to the port `TunnelPort.Protocol`, so it is possible to configure - // separate defaults for distinct protocols like `TunnelProtocol.Http` and - // `TunnelProtocol.Ssh`. - #[serde(default)] - pub is_default: bool, - - // Gets or sets a dictionary mapping from scopes to tunnel access tokens. - // - // Unlike the tokens in `Tunnel.AccessTokens`, these tokens are restricted to the - // individual port. - pub access_tokens: Option>, - - // Gets or sets access control settings for the tunnel port. - // - // See `TunnelAccessControl` documentation for details about the access control model. - pub access_control: Option, - - // Gets or sets options for the tunnel port. - pub options: Option, - - // Gets or sets current connection status of the tunnel port. - pub status: Option, - - // Gets or sets the username for the ssh service user is trying to forward. - // - // Should be provided if the `TunnelProtocol` is Ssh. - pub ssh_user: Option, - - // Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the - // port can be accessed with web forwarding. - #[serde(skip_serializing_if = "Vec::is_empty", default)] - pub port_forwarding_uris: Vec, - - // Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic - // can be inspected. - pub inspection_uri: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPort.cs + +use crate::contracts::TunnelAccessControl; +use crate::contracts::TunnelOptions; +use crate::contracts::TunnelPortStatus; +use serde::{Deserialize, Serialize}; +use std::collections::HashMap; + +// Data contract for tunnel port objects managed through the tunnel service REST API. +#[derive(Clone, Debug, Deserialize, Serialize, Default)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelPort { + // Gets or sets the ID of the cluster the tunnel was created in. + pub cluster_id: Option, + + // Gets or sets the generated ID of the tunnel, unique within the cluster. + pub tunnel_id: Option, + + // Gets or sets the IP port number of the tunnel port. + pub port_number: u16, + + // Gets or sets the optional short name of the port. + // + // The name must be unique among named ports of the same tunnel. + pub name: Option, + + // Gets or sets the optional description of the port. + pub description: Option, + + // Gets or sets the labels of the port. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub labels: Vec, + + // Gets or sets the protocol of the tunnel port. + // + // Should be one of the string constants from `TunnelProtocol`. + pub protocol: Option, + + // Gets or sets a value indicating whether this port is a default port for the tunnel. + // + // A client that connects to a tunnel (by ID or name) without specifying a port number + // will connect to the default port for the tunnel, if a default is configured. Or if + // the tunnel has only one port then the single port is the implicit default. + // + // Selection of a default port for a connection also depends on matching the + // connection to the port `TunnelPort.Protocol`, so it is possible to configure + // separate defaults for distinct protocols like `TunnelProtocol.Http` and + // `TunnelProtocol.Ssh`. + #[serde(default)] + pub is_default: bool, + + // Gets or sets a dictionary mapping from scopes to tunnel access tokens. + // + // Unlike the tokens in `Tunnel.AccessTokens`, these tokens are restricted to the + // individual port. + pub access_tokens: Option>, + + // Gets or sets access control settings for the tunnel port. + // + // See `TunnelAccessControl` documentation for details about the access control model. + pub access_control: Option, + + // Gets or sets options for the tunnel port. + pub options: Option, + + // Gets or sets current connection status of the tunnel port. + pub status: Option, + + // Gets or sets the username for the ssh service user is trying to forward. + // + // Should be provided if the `TunnelProtocol` is Ssh. + pub ssh_user: Option, + + // Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the + // port can be accessed with web forwarding. + #[serde(skip_serializing_if = "Vec::is_empty", default)] + pub port_forwarding_uris: Vec, + + // Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic + // can be inspected. + pub inspection_uri: Option, +} diff --git a/rs/src/contracts/tunnel_port_list_response.rs b/rs/src/contracts/tunnel_port_list_response.rs index a92a4043..328f5908 100644 --- a/rs/src/contracts/tunnel_port_list_response.rs +++ b/rs/src/contracts/tunnel_port_list_response.rs @@ -1,17 +1,17 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPortListResponse.cs - -use crate::contracts::TunnelPort; -use serde::{Deserialize, Serialize}; - -// Data contract for response of a list tunnel ports call. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelPortListResponse { - // List of tunnels - pub value: Vec, - - // Link to get next page of results - pub next_link: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPortListResponse.cs + +use crate::contracts::TunnelPort; +use serde::{Deserialize, Serialize}; + +// Data contract for response of a list tunnel ports call. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelPortListResponse { + // List of tunnels + pub value: Vec, + + // Link to get next page of results + pub next_link: Option, +} diff --git a/rs/src/contracts/tunnel_port_status.rs b/rs/src/contracts/tunnel_port_status.rs index 6b5a6699..4ab55a94 100644 --- a/rs/src/contracts/tunnel_port_status.rs +++ b/rs/src/contracts/tunnel_port_status.rs @@ -1,40 +1,40 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPortStatus.cs - -use crate::contracts::RateStatus; -use crate::contracts::ResourceStatus; -use serde::{Deserialize, Serialize}; - -// Data contract for `TunnelPort` status. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelPortStatus { - // Gets or sets the current value and limit for the number of clients connected to the - // port. - // - // This client connection count does not include non-port-specific connections such as - // SDK and SSH clients. See `TunnelStatus.ClientConnectionCount` for status of those - // connections. This count also does not include HTTP client connections, unless they - // are upgraded to websockets. HTTP connections are counted per-request rather than - // per-connection: see `TunnelPortStatus.HttpRequestRate`. - pub client_connection_count: Option, - - // Gets or sets the UTC date time when a client was last connected to the port, or - // null if a client has never connected. - pub last_client_connection_time: Option, - - // Gets or sets the current value and limit for the rate of client connections to the - // tunnel port. - // - // This client connection rate does not count non-port-specific connections such as - // SDK and SSH clients. See `TunnelStatus.ClientConnectionRate` for those connection - // types. This also does not include HTTP connections, unless they are upgraded to - // websockets. HTTP connections are counted per-request rather than per-connection: - // see `TunnelPortStatus.HttpRequestRate`. - pub client_connection_rate: Option, - - // Gets or sets the current value and limit for the rate of HTTP requests to the - // tunnel port. - pub http_request_rate: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPortStatus.cs + +use crate::contracts::RateStatus; +use crate::contracts::ResourceStatus; +use serde::{Deserialize, Serialize}; + +// Data contract for `TunnelPort` status. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelPortStatus { + // Gets or sets the current value and limit for the number of clients connected to the + // port. + // + // This client connection count does not include non-port-specific connections such as + // SDK and SSH clients. See `TunnelStatus.ClientConnectionCount` for status of those + // connections. This count also does not include HTTP client connections, unless they + // are upgraded to websockets. HTTP connections are counted per-request rather than + // per-connection: see `TunnelPortStatus.HttpRequestRate`. + pub client_connection_count: Option, + + // Gets or sets the UTC date time when a client was last connected to the port, or + // null if a client has never connected. + pub last_client_connection_time: Option, + + // Gets or sets the current value and limit for the rate of client connections to the + // tunnel port. + // + // This client connection rate does not count non-port-specific connections such as + // SDK and SSH clients. See `TunnelStatus.ClientConnectionRate` for those connection + // types. This also does not include HTTP connections, unless they are upgraded to + // websockets. HTTP connections are counted per-request rather than per-connection: + // see `TunnelPortStatus.HttpRequestRate`. + pub client_connection_rate: Option, + + // Gets or sets the current value and limit for the rate of HTTP requests to the + // tunnel port. + pub http_request_rate: Option, +} diff --git a/rs/src/contracts/tunnel_progress.rs b/rs/src/contracts/tunnel_progress.rs index 44ffb2d0..974c181f 100644 --- a/rs/src/contracts/tunnel_progress.rs +++ b/rs/src/contracts/tunnel_progress.rs @@ -1,57 +1,57 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs - -use serde::{Deserialize, Serialize}; -use std::fmt; - -// Specifies the tunnel progress events that are reported. -#[derive(Clone, Debug, Deserialize, Serialize)] -pub enum TunnelProgress { - // Starting refresh ports. - StartingRefreshPorts, - - // Completed refresh ports. - CompletedRefreshPorts, - - // Starting request uri for a tunnel service request. - StartingRequestUri, - - // Starting request configuration for a tunnel service request. - StartingRequestConfig, - - // Starting to send tunnel service request. - StartingSendTunnelRequest, - - // Completed sending a tunnel service request. - CompletedSendTunnelRequest, - - // Starting create tunnel port. - StartingCreateTunnelPort, - - // Completed create tunnel port. - CompletedCreateTunnelPort, - - // Starting get tunnel port. - StartingGetTunnelPort, - - // Completed get tunnel port. - CompletedGetTunnelPort, -} - -impl fmt::Display for TunnelProgress { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - match *self { - TunnelProgress::StartingRefreshPorts => write!(f, "StartingRefreshPorts"), - TunnelProgress::CompletedRefreshPorts => write!(f, "CompletedRefreshPorts"), - TunnelProgress::StartingRequestUri => write!(f, "StartingRequestUri"), - TunnelProgress::StartingRequestConfig => write!(f, "StartingRequestConfig"), - TunnelProgress::StartingSendTunnelRequest => write!(f, "StartingSendTunnelRequest"), - TunnelProgress::CompletedSendTunnelRequest => write!(f, "CompletedSendTunnelRequest"), - TunnelProgress::StartingCreateTunnelPort => write!(f, "StartingCreateTunnelPort"), - TunnelProgress::CompletedCreateTunnelPort => write!(f, "CompletedCreateTunnelPort"), - TunnelProgress::StartingGetTunnelPort => write!(f, "StartingGetTunnelPort"), - TunnelProgress::CompletedGetTunnelPort => write!(f, "CompletedGetTunnelPort"), - } - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs + +use serde::{Deserialize, Serialize}; +use std::fmt; + +// Specifies the tunnel progress events that are reported. +#[derive(Clone, Debug, Deserialize, Serialize)] +pub enum TunnelProgress { + // Starting refresh ports. + StartingRefreshPorts, + + // Completed refresh ports. + CompletedRefreshPorts, + + // Starting request uri for a tunnel service request. + StartingRequestUri, + + // Starting request configuration for a tunnel service request. + StartingRequestConfig, + + // Starting to send tunnel service request. + StartingSendTunnelRequest, + + // Completed sending a tunnel service request. + CompletedSendTunnelRequest, + + // Starting create tunnel port. + StartingCreateTunnelPort, + + // Completed create tunnel port. + CompletedCreateTunnelPort, + + // Starting get tunnel port. + StartingGetTunnelPort, + + // Completed get tunnel port. + CompletedGetTunnelPort, +} + +impl fmt::Display for TunnelProgress { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + match *self { + TunnelProgress::StartingRefreshPorts => write!(f, "StartingRefreshPorts"), + TunnelProgress::CompletedRefreshPorts => write!(f, "CompletedRefreshPorts"), + TunnelProgress::StartingRequestUri => write!(f, "StartingRequestUri"), + TunnelProgress::StartingRequestConfig => write!(f, "StartingRequestConfig"), + TunnelProgress::StartingSendTunnelRequest => write!(f, "StartingSendTunnelRequest"), + TunnelProgress::CompletedSendTunnelRequest => write!(f, "CompletedSendTunnelRequest"), + TunnelProgress::StartingCreateTunnelPort => write!(f, "StartingCreateTunnelPort"), + TunnelProgress::CompletedCreateTunnelPort => write!(f, "CompletedCreateTunnelPort"), + TunnelProgress::StartingGetTunnelPort => write!(f, "StartingGetTunnelPort"), + TunnelProgress::CompletedGetTunnelPort => write!(f, "CompletedGetTunnelPort"), + } + } +} diff --git a/rs/src/contracts/tunnel_protocol.rs b/rs/src/contracts/tunnel_protocol.rs index d0ca39a8..8c8e2f34 100644 --- a/rs/src/contracts/tunnel_protocol.rs +++ b/rs/src/contracts/tunnel_protocol.rs @@ -1,26 +1,26 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelProtocol.cs - -// Defines possible values for the protocol of a `TunnelPort`. - -// The protocol is automatically detected. (TODO: Define detection semantics.) -pub const TUNNEL_PROTOCOL_AUTO: &str = r#"auto"#; - -// Unknown TCP protocol. -pub const TUNNEL_PROTOCOL_TCP: &str = r#"tcp"#; - -// Unknown UDP protocol. -pub const TUNNEL_PROTOCOL_UDP: &str = r#"udp"#; - -// SSH protocol. -pub const TUNNEL_PROTOCOL_SSH: &str = r#"ssh"#; - -// Remote desktop protocol. -pub const TUNNEL_PROTOCOL_RDP: &str = r#"rdp"#; - -// HTTP protocol. -pub const TUNNEL_PROTOCOL_HTTP: &str = r#"http"#; - -// HTTPS protocol. -pub const TUNNEL_PROTOCOL_HTTPS: &str = r#"https"#; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelProtocol.cs + +// Defines possible values for the protocol of a `TunnelPort`. + +// The protocol is automatically detected. (TODO: Define detection semantics.) +pub const TUNNEL_PROTOCOL_AUTO: &str = r#"auto"#; + +// Unknown TCP protocol. +pub const TUNNEL_PROTOCOL_TCP: &str = r#"tcp"#; + +// Unknown UDP protocol. +pub const TUNNEL_PROTOCOL_UDP: &str = r#"udp"#; + +// SSH protocol. +pub const TUNNEL_PROTOCOL_SSH: &str = r#"ssh"#; + +// Remote desktop protocol. +pub const TUNNEL_PROTOCOL_RDP: &str = r#"rdp"#; + +// HTTP protocol. +pub const TUNNEL_PROTOCOL_HTTP: &str = r#"http"#; + +// HTTPS protocol. +pub const TUNNEL_PROTOCOL_HTTPS: &str = r#"https"#; diff --git a/rs/src/contracts/tunnel_relay_tunnel_endpoint.rs b/rs/src/contracts/tunnel_relay_tunnel_endpoint.rs index cb6e8029..b1c969ed 100644 --- a/rs/src/contracts/tunnel_relay_tunnel_endpoint.rs +++ b/rs/src/contracts/tunnel_relay_tunnel_endpoint.rs @@ -1,20 +1,20 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelRelayTunnelEndpoint.cs - -use crate::contracts::TunnelEndpoint; -use serde::{Deserialize, Serialize}; - -// Parameters for connecting to a tunnel via the tunnel service's built-in relay function. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelRelayTunnelEndpoint { - #[serde(flatten)] - pub base: TunnelEndpoint, - - // Gets or sets the host URI. - pub host_relay_uri: Option, - - // Gets or sets the client URI. - pub client_relay_uri: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelRelayTunnelEndpoint.cs + +use crate::contracts::TunnelEndpoint; +use serde::{Deserialize, Serialize}; + +// Parameters for connecting to a tunnel via the tunnel service's built-in relay function. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelRelayTunnelEndpoint { + #[serde(flatten)] + pub base: TunnelEndpoint, + + // Gets or sets the host URI. + pub host_relay_uri: Option, + + // Gets or sets the client URI. + pub client_relay_uri: Option, +} diff --git a/rs/src/contracts/tunnel_report_progress_event_args.rs b/rs/src/contracts/tunnel_report_progress_event_args.rs index 8df88a94..f48a50a7 100644 --- a/rs/src/contracts/tunnel_report_progress_event_args.rs +++ b/rs/src/contracts/tunnel_report_progress_event_args.rs @@ -1,18 +1,18 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs - -use serde::{Deserialize, Serialize}; - -// Event args for the tunnel report progress event. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelReportProgressEventArgs { - // Specifies the progress event that is being reported. See `TunnelProgress` and - // Ssh.Progress for a description of the different progress events that can be - // reported. - pub progress: String, - - // The session number associated with an SSH session progress event. - pub session_number: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs + +use serde::{Deserialize, Serialize}; + +// Event args for the tunnel report progress event. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelReportProgressEventArgs { + // Specifies the progress event that is being reported. See `TunnelProgress` and + // Ssh.Progress for a description of the different progress events that can be + // reported. + pub progress: String, + + // The session number associated with an SSH session progress event. + pub session_number: Option, +} diff --git a/rs/src/contracts/tunnel_service_properties.rs b/rs/src/contracts/tunnel_service_properties.rs index 529cb049..920bf301 100644 --- a/rs/src/contracts/tunnel_service_properties.rs +++ b/rs/src/contracts/tunnel_service_properties.rs @@ -1,90 +1,105 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelServiceProperties.cs - -use serde::{Deserialize, Serialize}; - -// Provides environment-dependent properties about the service. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelServiceProperties { - // Gets the base URI of the service. - pub service_uri: String, - - // Gets the public AAD AppId for the service. - // - // Clients specify this AppId as the audience property when authenticating to the - // service. - pub service_app_id: String, - - // Gets the internal AAD AppId for the service. - // - // Other internal services specify this AppId as the audience property when - // authenticating to the tunnel service. Production services must be in the AME tenant - // to use this appid. - pub service_internal_app_id: String, - - // Gets the client ID for the service's GitHub app. - // - // Clients apps that authenticate tunnel users with GitHub specify this as the client - // ID when requesting a user token. - pub github_app_client_id: String, -} - -// Global DNS name of the production tunnel service. -pub const PROD_DNS_NAME: &str = "global.rel.tunnels.api.visualstudio.com"; - -// Global DNS name of the pre-production tunnel service. -pub const PPE_DNS_NAME: &str = "global.rel.tunnels.ppe.api.visualstudio.com"; - -// Global DNS name of the development tunnel service. -pub const DEV_DNS_NAME: &str = "global.ci.tunnels.dev.api.visualstudio.com"; - -// First-party app ID: `Visual Studio Tunnel Service` -// -// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, -// in the PROD service environment. -pub const PROD_FIRST_PARTY_APP_ID: &str = "46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2"; - -// First-party app ID: `Visual Studio Tunnel Service - Test` -// -// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, -// in the PPE service environments. -pub const PPE_FIRST_PARTY_APP_ID: &str = "54c45752-bacd-424a-b928-652f3eca2b18"; - -// Third-party app ID: `DEV-VSTunnelService-3P` -// -// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, -// in the DEV service environment. This is a 3P app registration in the Microsoft corp -// tenant, replacing the former 1P FPA. -pub const DEV_FIRST_PARTY_APP_ID: &str = "906ce216-6f2e-40be-875d-7fe1a9bc288a"; - -// Third-party app ID: `tunnels-prod-app-sp` -// -// Used for authenticating internal AAD service principals in the AME tenant, in the PROD -// service environment. -pub const PROD_THIRD_PARTY_APP_ID: &str = "ce65d243-a913-4cae-a7dd-cb52e9f77647"; - -// Third-party app ID: `tunnels-ppe-app-sp` -// -// Used for authenticating internal AAD service principals in the AME tenant, in the PPE -// service environment. -pub const PPE_THIRD_PARTY_APP_ID: &str = "544167a6-f431-4518-aac6-2fd50071928e"; - -// Third-party app ID: `tunnels-dev-app-sp` -// -// Used for authenticating internal AAD service principals in the corp tenant (not AME!), -// in the DEV service environment. -pub const DEV_THIRD_PARTY_APP_ID: &str = "a118c979-0249-44bb-8f95-eb0457127aeb"; - -// GitHub App Client ID for 'Visual Studio Tunnel Service' -// -// Used by client apps that authenticate tunnel users with GitHub, in the PROD service -// environment. -pub const PROD_GITHUB_APP_CLIENT_ID: &str = "Iv1.e7b89e013f801f03"; - -// GitHub App Client ID for 'Visual Studio Tunnel Service - Test' -// -// Used by client apps that authenticate tunnel users with GitHub, in the PPE and DEV -// service environments. -pub const NON_PROD_GITHUB_APP_CLIENT_ID: &str = "Iv1.b231c327f1eaa229"; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelServiceProperties.cs + +use serde::{Deserialize, Serialize}; + +// Provides environment-dependent properties about the service. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelServiceProperties { + // Gets the base URI of the service. + pub service_uri: String, + + // Gets the public AAD AppId for the service. + // + // Clients specify this AppId as the audience property when authenticating to the + // service. + pub service_app_id: String, + + // Gets the internal AAD AppId for the service. + // + // Other internal services specify this AppId as the audience property when + // authenticating to the tunnel service. Production services must be in the AME tenant + // to use this appid. + pub service_internal_app_id: String, + + // Gets the client ID for the service's GitHub app. + // + // Clients apps that authenticate tunnel users with GitHub specify this as the client + // ID when requesting a user token. + pub github_app_client_id: String, +} + +// Global DNS name of the production tunnel service. +pub const PROD_DNS_NAME: &str = "global.rel.tunnels.api.visualstudio.com"; + +// Global DNS name of the pre-production tunnel service. +pub const PPE_DNS_NAME: &str = "global.rel.tunnels.ppe.api.visualstudio.com"; + +// Global DNS name of the development tunnel service. +pub const DEV_DNS_NAME: &str = "global.ci.tunnels.dev.api.visualstudio.com"; + +// Default host name for the local tunnel service. +pub const LOCAL_DNS_NAME: &str = "tunnels.local.api.visualstudio.com:9901"; + +// First-party app ID: `Visual Studio Tunnel Service` +// +// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, +// in the PROD service environment. +pub const PROD_FIRST_PARTY_APP_ID: &str = "46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2"; + +// First-party app ID: `Visual Studio Tunnel Service - Test` +// +// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, +// in the PPE service environments. +pub const PPE_FIRST_PARTY_APP_ID: &str = "54c45752-bacd-424a-b928-652f3eca2b18"; + +// Third-party app ID: `DEV-VSTunnelService-3P` +// +// Used for authenticating AAD/MSA users, and service principals outside the AME tenant, +// in the DEV service environment. This is a 3P app registration in the Microsoft corp +// tenant, replacing the former 1P FPA. +pub const DEV_FIRST_PARTY_APP_ID: &str = "906ce216-6f2e-40be-875d-7fe1a9bc288a"; + +// Third-party app ID: `tunnels-prod-app-sp` +// +// Used for authenticating internal AAD service principals in the AME tenant, in the PROD +// service environment. +pub const PROD_THIRD_PARTY_APP_ID: &str = "ce65d243-a913-4cae-a7dd-cb52e9f77647"; + +// Third-party app ID: `tunnels-ppe-app-sp` +// +// Used for authenticating internal AAD service principals in the AME tenant, in the PPE +// service environment. +pub const PPE_THIRD_PARTY_APP_ID: &str = "544167a6-f431-4518-aac6-2fd50071928e"; + +// Third-party app ID: `tunnels-dev-app-sp` +// +// Used for authenticating internal AAD service principals in the corp tenant (not AME!), +// in the DEV service environment. +pub const DEV_THIRD_PARTY_APP_ID: &str = "a118c979-0249-44bb-8f95-eb0457127aeb"; + +// GitHub App Client ID for 'Visual Studio Tunnel Service' +// +// Used by client apps that authenticate tunnel users with GitHub, in the PROD service +// environment. +pub const PROD_GITHUB_APP_CLIENT_ID: &str = "Iv1.e7b89e013f801f03"; + +// GitHub App Client ID for 'Visual Studio Tunnel Service - Test' +// +// Used by client apps that authenticate tunnel users with GitHub, in the PPE service +// environment. +pub const PPE_GITHUB_APP_CLIENT_ID: &str = "Iv1.b231c327f1eaa229"; + +// GitHub App Client ID for 'Dev Tunnels Service - Dev' +// +// Used by client apps that authenticate tunnel users with GitHub, in the DEV service +// environment. +pub const DEV_GITHUB_APP_CLIENT_ID: &str = "Iv23ctTiak9wLCiTcEbr"; + +// GitHub App Client ID for 'Dev Tunnels Service - Local' +// +// Used by client apps that authenticate tunnel users with GitHub, when running the +// service locally. +pub const LOCAL_GITHUB_APP_CLIENT_ID: &str = "Iv23cttBYzKThF88PiPR"; diff --git a/rs/src/contracts/tunnel_status.rs b/rs/src/contracts/tunnel_status.rs index 6e6b7d89..f165743e 100644 --- a/rs/src/contracts/tunnel_status.rs +++ b/rs/src/contracts/tunnel_status.rs @@ -1,93 +1,93 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelStatus.cs - -use crate::contracts::RateStatus; -use crate::contracts::ResourceStatus; -use serde::{Deserialize, Serialize}; - -// Data contract for `Tunnel` status. -#[derive(Clone, Debug, Deserialize, Serialize)] -#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] -pub struct TunnelStatus { - // Gets or sets the current value and limit for the number of ports on the tunnel. - pub port_count: Option, - - // Gets or sets the current value and limit for the number of hosts currently - // accepting connections to the tunnel. - // - // This is typically 0 or 1, but may be more than 1 if the tunnel options allow - // multiple hosts. - pub host_connection_count: Option, - - // Gets or sets the UTC time when a host was last accepting connections to the tunnel, - // or null if a host has never connected. - pub last_host_connection_time: Option, - - // Gets or sets the current value and limit for the number of clients connected to the - // tunnel. - // - // This counts non-port-specific client connections, which is SDK and SSH clients. See - // `TunnelPortStatus` for status of per-port client connections. - pub client_connection_count: Option, - - // Gets or sets the UTC time when a client last connected to the tunnel, or null if a - // client has never connected. - // - // This reports times for non-port-specific client connections, which is SDK client - // and SSH clients. See `TunnelPortStatus` for per-port client connections. - pub last_client_connection_time: Option, - - // Gets or sets the current value and limit for the rate of client connections to the - // tunnel. - // - // This counts non-port-specific client connections, which is SDK client and SSH - // clients. See `TunnelPortStatus` for status of per-port client connections. - pub client_connection_rate: Option, - - // Gets or sets the current value and limit for the rate of bytes being received by - // the tunnel host and uploaded by tunnel clients. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this rate. The reported rate may differ slightly from the rate - // measurable by applications, due to protocol overhead. Data rate status reporting is - // delayed by a few seconds, so this value is a snapshot of the data transfer rate - // from a few seconds earlier. - pub upload_rate: Option, - - // Gets or sets the current value and limit for the rate of bytes being sent by the - // tunnel host and downloaded by tunnel clients. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this rate. The reported rate may differ slightly from the rate - // measurable by applications, due to protocol overhead. Data rate status reporting is - // delayed by a few seconds, so this value is a snapshot of the data transfer rate - // from a few seconds earlier. - pub download_rate: Option, - - // Gets or sets the total number of bytes received by the tunnel host and uploaded by - // tunnel clients, over the lifetime of the tunnel. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this total. The reported value may differ slightly from the value - // measurable by applications, due to protocol overhead. Data transfer status - // reporting is delayed by a few seconds. - pub upload_total: Option, - - // Gets or sets the total number of bytes sent by the tunnel host and downloaded by - // tunnel clients, over the lifetime of the tunnel. - // - // All types of tunnel and port connections, from potentially multiple clients, can - // contribute to this total. The reported value may differ slightly from the value - // measurable by applications, due to protocol overhead. Data transfer status - // reporting is delayed by a few seconds. - pub download_total: Option, - - // Gets or sets the current value and limit for the rate of management API read - // operations for the tunnel or tunnel ports. - pub api_read_rate: Option, - - // Gets or sets the current value and limit for the rate of management API update - // operations for the tunnel or tunnel ports. - pub api_update_rate: Option, -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelStatus.cs + +use crate::contracts::RateStatus; +use crate::contracts::ResourceStatus; +use serde::{Deserialize, Serialize}; + +// Data contract for `Tunnel` status. +#[derive(Clone, Debug, Deserialize, Serialize)] +#[serde(rename_all(serialize = "camelCase", deserialize = "camelCase"))] +pub struct TunnelStatus { + // Gets or sets the current value and limit for the number of ports on the tunnel. + pub port_count: Option, + + // Gets or sets the current value and limit for the number of hosts currently + // accepting connections to the tunnel. + // + // This is typically 0 or 1, but may be more than 1 if the tunnel options allow + // multiple hosts. + pub host_connection_count: Option, + + // Gets or sets the UTC time when a host was last accepting connections to the tunnel, + // or null if a host has never connected. + pub last_host_connection_time: Option, + + // Gets or sets the current value and limit for the number of clients connected to the + // tunnel. + // + // This counts non-port-specific client connections, which is SDK and SSH clients. See + // `TunnelPortStatus` for status of per-port client connections. + pub client_connection_count: Option, + + // Gets or sets the UTC time when a client last connected to the tunnel, or null if a + // client has never connected. + // + // This reports times for non-port-specific client connections, which is SDK client + // and SSH clients. See `TunnelPortStatus` for per-port client connections. + pub last_client_connection_time: Option, + + // Gets or sets the current value and limit for the rate of client connections to the + // tunnel. + // + // This counts non-port-specific client connections, which is SDK client and SSH + // clients. See `TunnelPortStatus` for status of per-port client connections. + pub client_connection_rate: Option, + + // Gets or sets the current value and limit for the rate of bytes being received by + // the tunnel host and uploaded by tunnel clients. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this rate. The reported rate may differ slightly from the rate + // measurable by applications, due to protocol overhead. Data rate status reporting is + // delayed by a few seconds, so this value is a snapshot of the data transfer rate + // from a few seconds earlier. + pub upload_rate: Option, + + // Gets or sets the current value and limit for the rate of bytes being sent by the + // tunnel host and downloaded by tunnel clients. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this rate. The reported rate may differ slightly from the rate + // measurable by applications, due to protocol overhead. Data rate status reporting is + // delayed by a few seconds, so this value is a snapshot of the data transfer rate + // from a few seconds earlier. + pub download_rate: Option, + + // Gets or sets the total number of bytes received by the tunnel host and uploaded by + // tunnel clients, over the lifetime of the tunnel. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this total. The reported value may differ slightly from the value + // measurable by applications, due to protocol overhead. Data transfer status + // reporting is delayed by a few seconds. + pub upload_total: Option, + + // Gets or sets the total number of bytes sent by the tunnel host and downloaded by + // tunnel clients, over the lifetime of the tunnel. + // + // All types of tunnel and port connections, from potentially multiple clients, can + // contribute to this total. The reported value may differ slightly from the value + // measurable by applications, due to protocol overhead. Data transfer status + // reporting is delayed by a few seconds. + pub download_total: Option, + + // Gets or sets the current value and limit for the rate of management API read + // operations for the tunnel or tunnel ports. + pub api_read_rate: Option, + + // Gets or sets the current value and limit for the rate of management API update + // operations for the tunnel or tunnel ports. + pub api_update_rate: Option, +} diff --git a/ts/src/contracts/clusterDetails.ts b/ts/src/contracts/clusterDetails.ts index 8f821d98..088665b1 100644 --- a/ts/src/contracts/clusterDetails.ts +++ b/ts/src/contracts/clusterDetails.ts @@ -1,26 +1,26 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ClusterDetails.cs -/* eslint-disable */ - -/** - * Details of a tunneling service cluster. Each cluster represents an instance of the - * tunneling service running in a particular Azure region. New tunnels are created in the - * current region unless otherwise specified. - */ -export interface ClusterDetails { - /** - * A cluster identifier based on its region. - */ - clusterId: string; - - /** - * The URI of the service cluster. - */ - uri: string; - - /** - * The Azure location of the cluster. - */ - azureLocation: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ClusterDetails.cs +/* eslint-disable */ + +/** + * Details of a tunneling service cluster. Each cluster represents an instance of the + * tunneling service running in a particular Azure region. New tunnels are created in the + * current region unless otherwise specified. + */ +export interface ClusterDetails { + /** + * A cluster identifier based on its region. + */ + clusterId: string; + + /** + * The URI of the service cluster. + */ + uri: string; + + /** + * The Azure location of the cluster. + */ + azureLocation: string; +} diff --git a/ts/src/contracts/errorCodes.ts b/ts/src/contracts/errorCodes.ts index 7eff68b0..139b7c38 100644 --- a/ts/src/contracts/errorCodes.ts +++ b/ts/src/contracts/errorCodes.ts @@ -1,24 +1,24 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ErrorCodes.cs -/* eslint-disable */ - -/** - * Error codes for ErrorDetail.Code and `x-ms-error-code` header. - */ -export enum ErrorCodes { - /** - * Operation timed out. - */ - Timeout = 'Timeout', - - /** - * Operation cannot be performed because the service is not available. - */ - ServiceUnavailable = 'ServiceUnavailable', - - /** - * Internal error. - */ - InternalError = 'InternalError', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ErrorCodes.cs +/* eslint-disable */ + +/** + * Error codes for ErrorDetail.Code and `x-ms-error-code` header. + */ +export enum ErrorCodes { + /** + * Operation timed out. + */ + Timeout = 'Timeout', + + /** + * Operation cannot be performed because the service is not available. + */ + ServiceUnavailable = 'ServiceUnavailable', + + /** + * Internal error. + */ + InternalError = 'InternalError', +} diff --git a/ts/src/contracts/errorDetail.ts b/ts/src/contracts/errorDetail.ts index 16ef1b44..91282c06 100644 --- a/ts/src/contracts/errorDetail.ts +++ b/ts/src/contracts/errorDetail.ts @@ -1,37 +1,37 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ErrorDetail.cs -/* eslint-disable */ - -import { InnerErrorDetail } from './innerErrorDetail'; - -/** - * The top-level error object whose code matches the x-ms-error-code response header - */ -export interface ErrorDetail { - /** - * One of a server-defined set of error codes defined in {@link ErrorCodes}. - */ - code: string; - - /** - * A human-readable representation of the error. - */ - message: string; - - /** - * The target of the error. - */ - target?: string; - - /** - * An array of details about specific errors that led to this reported error. - */ - details?: ErrorDetail[]; - - /** - * An object containing more specific information than the current object about the - * error. - */ - innererror?: InnerErrorDetail; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ErrorDetail.cs +/* eslint-disable */ + +import { InnerErrorDetail } from './innerErrorDetail'; + +/** + * The top-level error object whose code matches the x-ms-error-code response header + */ +export interface ErrorDetail { + /** + * One of a server-defined set of error codes defined in {@link ErrorCodes}. + */ + code: string; + + /** + * A human-readable representation of the error. + */ + message: string; + + /** + * The target of the error. + */ + target?: string; + + /** + * An array of details about specific errors that led to this reported error. + */ + details?: ErrorDetail[]; + + /** + * An object containing more specific information than the current object about the + * error. + */ + innererror?: InnerErrorDetail; +} diff --git a/ts/src/contracts/innerErrorDetail.ts b/ts/src/contracts/innerErrorDetail.ts index f38fabd7..af8dd9bd 100644 --- a/ts/src/contracts/innerErrorDetail.ts +++ b/ts/src/contracts/innerErrorDetail.ts @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/InnerErrorDetail.cs -/* eslint-disable */ - -/** - * An object containing more specific information than the current object about the error. - */ -export interface InnerErrorDetail { - /** - * A more specific error code than was provided by the containing error. One of a - * server-defined set of error codes in {@link ErrorCodes}. - */ - code: string; - - /** - * An object containing more specific information than the current object about the - * error. - */ - innererror?: InnerErrorDetail; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/InnerErrorDetail.cs +/* eslint-disable */ + +/** + * An object containing more specific information than the current object about the error. + */ +export interface InnerErrorDetail { + /** + * A more specific error code than was provided by the containing error. One of a + * server-defined set of error codes in {@link ErrorCodes}. + */ + code: string; + + /** + * An object containing more specific information than the current object about the + * error. + */ + innererror?: InnerErrorDetail; +} diff --git a/ts/src/contracts/localNetworkTunnelEndpoint.ts b/ts/src/contracts/localNetworkTunnelEndpoint.ts index 189fbdc1..adfcf5e8 100644 --- a/ts/src/contracts/localNetworkTunnelEndpoint.ts +++ b/ts/src/contracts/localNetworkTunnelEndpoint.ts @@ -1,26 +1,26 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/LocalNetworkTunnelEndpoint.cs -/* eslint-disable */ - -import { TunnelEndpoint } from './tunnelEndpoint'; - -/** - * Parameters for connecting to a tunnel via a local network connection. - * - * While a direct connection is technically not "tunneling", tunnel hosts may accept - * connections via the local network as an optional more-efficient alternative to a relay. - */ -export interface LocalNetworkTunnelEndpoint extends TunnelEndpoint { - /** - * Gets or sets a list of IP endpoints where the host may accept connections. - * - * A host may accept connections on multiple IP endpoints simultaneously if there are - * multiple network interfaces on the host system and/or if the host supports both - * IPv4 and IPv6. Each item in the list is a URI consisting of a scheme (which gives - * an indication of the network connection protocol), an IP address (IPv4 or IPv6) and - * a port number. The URIs do not typically include any paths, because the connection - * is not normally HTTP-based. - */ - hostEndpoints: string[]; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/LocalNetworkTunnelEndpoint.cs +/* eslint-disable */ + +import { TunnelEndpoint } from './tunnelEndpoint'; + +/** + * Parameters for connecting to a tunnel via a local network connection. + * + * While a direct connection is technically not "tunneling", tunnel hosts may accept + * connections via the local network as an optional more-efficient alternative to a relay. + */ +export interface LocalNetworkTunnelEndpoint extends TunnelEndpoint { + /** + * Gets or sets a list of IP endpoints where the host may accept connections. + * + * A host may accept connections on multiple IP endpoints simultaneously if there are + * multiple network interfaces on the host system and/or if the host supports both + * IPv4 and IPv6. Each item in the list is a URI consisting of a scheme (which gives + * an indication of the network connection protocol), an IP address (IPv4 or IPv6) and + * a port number. The URIs do not typically include any paths, because the connection + * is not normally HTTP-based. + */ + hostEndpoints: string[]; +} diff --git a/ts/src/contracts/namedRateStatus.ts b/ts/src/contracts/namedRateStatus.ts index 0debe257..0cd6b22a 100644 --- a/ts/src/contracts/namedRateStatus.ts +++ b/ts/src/contracts/namedRateStatus.ts @@ -1,16 +1,16 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/NamedRateStatus.cs -/* eslint-disable */ - -import { RateStatus } from './rateStatus'; - -/** - * A named {@link RateStatus}. - */ -export interface NamedRateStatus extends RateStatus { - /** - * The name of the rate status. - */ - name?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/NamedRateStatus.cs +/* eslint-disable */ + +import { RateStatus } from './rateStatus'; + +/** + * A named {@link RateStatus}. + */ +export interface NamedRateStatus extends RateStatus { + /** + * The name of the rate status. + */ + name?: string; +} diff --git a/ts/src/contracts/problemDetails.ts b/ts/src/contracts/problemDetails.ts index c51d3baa..f4f9c7df 100644 --- a/ts/src/contracts/problemDetails.ts +++ b/ts/src/contracts/problemDetails.ts @@ -1,29 +1,29 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ProblemDetails.cs -/* eslint-disable */ - -/** - * Structure of error details returned by the tunnel service, including validation errors. - * - * This object may be returned with a response status code of 400 (or other 4xx code). It - * is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and - * https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but - * doesn't require adding a dependency on that package. - */ -export interface ProblemDetails { - /** - * Gets or sets the error title. - */ - title?: string; - - /** - * Gets or sets the error detail. - */ - detail?: string; - - /** - * Gets or sets additional details about individual request properties. - */ - errors?: { [property: string]: string[] }; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ProblemDetails.cs +/* eslint-disable */ + +/** + * Structure of error details returned by the tunnel service, including validation errors. + * + * This object may be returned with a response status code of 400 (or other 4xx code). It + * is compatible with RFC 7807 Problem Details (https://tools.ietf.org/html/rfc7807) and + * https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.mvc.problemdetails but + * doesn't require adding a dependency on that package. + */ +export interface ProblemDetails { + /** + * Gets or sets the error title. + */ + title?: string; + + /** + * Gets or sets the error detail. + */ + detail?: string; + + /** + * Gets or sets additional details about individual request properties. + */ + errors?: { [property: string]: string[] }; +} diff --git a/ts/src/contracts/rateStatus.ts b/ts/src/contracts/rateStatus.ts index ba1edab0..ce8d2c6e 100644 --- a/ts/src/contracts/rateStatus.ts +++ b/ts/src/contracts/rateStatus.ts @@ -1,26 +1,26 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/RateStatus.cs -/* eslint-disable */ - -import { ResourceStatus } from './resourceStatus'; - -/** - * Current value and limit information for a rate-limited operation related to a tunnel or - * port. - */ -export interface RateStatus extends ResourceStatus { - /** - * Gets or sets the length of each period, in seconds, over which the rate is - * measured. - * - * For rates that are limited by month (or billing period), this value may represent - * an estimate, since the actual duration may vary by the calendar. - */ - periodSeconds?: number; - - /** - * Gets or sets the unix time in seconds when this status will be reset. - */ - resetTime?: number; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/RateStatus.cs +/* eslint-disable */ + +import { ResourceStatus } from './resourceStatus'; + +/** + * Current value and limit information for a rate-limited operation related to a tunnel or + * port. + */ +export interface RateStatus extends ResourceStatus { + /** + * Gets or sets the length of each period, in seconds, over which the rate is + * measured. + * + * For rates that are limited by month (or billing period), this value may represent + * an estimate, since the actual duration may vary by the calendar. + */ + periodSeconds?: number; + + /** + * Gets or sets the unix time in seconds when this status will be reset. + */ + resetTime?: number; +} diff --git a/ts/src/contracts/resourceStatus.ts b/ts/src/contracts/resourceStatus.ts index 16a35f67..1f91ce68 100644 --- a/ts/src/contracts/resourceStatus.ts +++ b/ts/src/contracts/resourceStatus.ts @@ -1,29 +1,29 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ResourceStatus.cs -/* eslint-disable */ - -/** - * Current value and limit for a limited resource related to a tunnel or tunnel port. - */ -export interface ResourceStatus { - /** - * Gets or sets the current value. - */ - current: number; - - /** - * Gets or sets the limit enforced by the service, or null if there is no limit. - * - * Any requests that would cause the limit to be exceeded may be denied by the - * service. For HTTP requests, the response is generally a 403 Forbidden status, with - * details about the limit in the response body. - */ - limit?: number; - - /** - * Gets or sets an optional source of the {@link ResourceStatus.limit}, or null if - * there is no limit. - */ - limitSource?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ResourceStatus.cs +/* eslint-disable */ + +/** + * Current value and limit for a limited resource related to a tunnel or tunnel port. + */ +export interface ResourceStatus { + /** + * Gets or sets the current value. + */ + current: number; + + /** + * Gets or sets the limit enforced by the service, or null if there is no limit. + * + * Any requests that would cause the limit to be exceeded may be denied by the + * service. For HTTP requests, the response is generally a 403 Forbidden status, with + * details about the limit in the response body. + */ + limit?: number; + + /** + * Gets or sets an optional source of the {@link ResourceStatus.limit}, or null if + * there is no limit. + */ + limitSource?: string; +} diff --git a/ts/src/contracts/serviceVersionDetails.ts b/ts/src/contracts/serviceVersionDetails.ts index 313dde97..3331f981 100644 --- a/ts/src/contracts/serviceVersionDetails.ts +++ b/ts/src/contracts/serviceVersionDetails.ts @@ -1,35 +1,35 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/ServiceVersionDetails.cs -/* eslint-disable */ - -/** - * Data contract for service version details. - */ -export interface ServiceVersionDetails { - /** - * Gets or sets the version of the service. E.g. "1.0.6615.53976". The version - * corresponds to the build number. - */ - version?: string; - - /** - * Gets or sets the commit ID of the service. - */ - commitId?: string; - - /** - * Gets or sets the commit date of the service. - */ - commitDate?: string; - - /** - * Gets or sets the cluster ID of the service that handled the request. - */ - clusterId?: string; - - /** - * Gets or sets the Azure location of the service that handled the request. - */ - azureLocation?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/ServiceVersionDetails.cs +/* eslint-disable */ + +/** + * Data contract for service version details. + */ +export interface ServiceVersionDetails { + /** + * Gets or sets the version of the service. E.g. "1.0.6615.53976". The version + * corresponds to the build number. + */ + version?: string; + + /** + * Gets or sets the commit ID of the service. + */ + commitId?: string; + + /** + * Gets or sets the commit date of the service. + */ + commitDate?: string; + + /** + * Gets or sets the cluster ID of the service that handled the request. + */ + clusterId?: string; + + /** + * Gets or sets the Azure location of the service that handled the request. + */ + azureLocation?: string; +} diff --git a/ts/src/contracts/tunnel.ts b/ts/src/contracts/tunnel.ts index d34f1c90..746f9115 100644 --- a/ts/src/contracts/tunnel.ts +++ b/ts/src/contracts/tunnel.ts @@ -1,105 +1,105 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/Tunnel.cs -/* eslint-disable */ - -import { TunnelAccessControl } from './tunnelAccessControl'; -import { TunnelEndpoint } from './tunnelEndpoint'; -import { TunnelOptions } from './tunnelOptions'; -import { TunnelPort } from './tunnelPort'; -import { TunnelStatus } from './tunnelStatus'; - -/** - * Data contract for tunnel objects managed through the tunnel service REST API. - */ -export interface Tunnel { - /** - * Gets or sets the ID of the cluster the tunnel was created in. - */ - clusterId?: string; - - /** - * Gets or sets the generated ID of the tunnel, unique within the cluster. - */ - tunnelId?: string; - - /** - * Gets or sets the optional short name (alias) of the tunnel. - * - * The name must be globally unique within the parent domain, and must be a valid - * subdomain. - */ - name?: string; - - /** - * Gets or sets the description of the tunnel. - */ - description?: string; - - /** - * Gets or sets the labels of the tunnel. - */ - labels?: string[]; - - /** - * Gets or sets the optional parent domain of the tunnel, if it is not using the - * default parent domain. - */ - domain?: string; - - /** - * Gets or sets a dictionary mapping from scopes to tunnel access tokens. - */ - accessTokens?: { [scope: string]: string }; - - /** - * Gets or sets access control settings for the tunnel. - * - * See {@link TunnelAccessControl} documentation for details about the access control - * model. - */ - accessControl?: TunnelAccessControl; - - /** - * Gets or sets default options for the tunnel. - */ - options?: TunnelOptions; - - /** - * Gets or sets current connection status of the tunnel. - */ - status?: TunnelStatus; - - /** - * Gets or sets an array of endpoints where hosts are currently accepting client - * connections to the tunnel. - */ - endpoints?: TunnelEndpoint[]; - - /** - * Gets or sets a list of ports in the tunnel. - * - * This optional property enables getting info about all ports in a tunnel at the same - * time as getting tunnel info, or creating one or more ports at the same time as - * creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating - * tunnel properties. (For the latter, use APIs to create/update/delete individual - * ports instead.) - */ - ports?: TunnelPort[]; - - /** - * Gets or sets the time in UTC of tunnel creation. - */ - created?: Date; - - /** - * Gets or the time the tunnel will be deleted if it is not used or updated. - */ - expiration?: Date; - - /** - * Gets or the custom amount of time the tunnel will be valid if it is not used or - * updated in seconds. - */ - customExpiration?: number; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/Tunnel.cs +/* eslint-disable */ + +import { TunnelAccessControl } from './tunnelAccessControl'; +import { TunnelEndpoint } from './tunnelEndpoint'; +import { TunnelOptions } from './tunnelOptions'; +import { TunnelPort } from './tunnelPort'; +import { TunnelStatus } from './tunnelStatus'; + +/** + * Data contract for tunnel objects managed through the tunnel service REST API. + */ +export interface Tunnel { + /** + * Gets or sets the ID of the cluster the tunnel was created in. + */ + clusterId?: string; + + /** + * Gets or sets the generated ID of the tunnel, unique within the cluster. + */ + tunnelId?: string; + + /** + * Gets or sets the optional short name (alias) of the tunnel. + * + * The name must be globally unique within the parent domain, and must be a valid + * subdomain. + */ + name?: string; + + /** + * Gets or sets the description of the tunnel. + */ + description?: string; + + /** + * Gets or sets the labels of the tunnel. + */ + labels?: string[]; + + /** + * Gets or sets the optional parent domain of the tunnel, if it is not using the + * default parent domain. + */ + domain?: string; + + /** + * Gets or sets a dictionary mapping from scopes to tunnel access tokens. + */ + accessTokens?: { [scope: string]: string }; + + /** + * Gets or sets access control settings for the tunnel. + * + * See {@link TunnelAccessControl} documentation for details about the access control + * model. + */ + accessControl?: TunnelAccessControl; + + /** + * Gets or sets default options for the tunnel. + */ + options?: TunnelOptions; + + /** + * Gets or sets current connection status of the tunnel. + */ + status?: TunnelStatus; + + /** + * Gets or sets an array of endpoints where hosts are currently accepting client + * connections to the tunnel. + */ + endpoints?: TunnelEndpoint[]; + + /** + * Gets or sets a list of ports in the tunnel. + * + * This optional property enables getting info about all ports in a tunnel at the same + * time as getting tunnel info, or creating one or more ports at the same time as + * creating a tunnel. It is omitted when listing (multiple) tunnels, or when updating + * tunnel properties. (For the latter, use APIs to create/update/delete individual + * ports instead.) + */ + ports?: TunnelPort[]; + + /** + * Gets or sets the time in UTC of tunnel creation. + */ + created?: Date; + + /** + * Gets or the time the tunnel will be deleted if it is not used or updated. + */ + expiration?: Date; + + /** + * Gets or the custom amount of time the tunnel will be valid if it is not used or + * updated in seconds. + */ + customExpiration?: number; +} diff --git a/ts/src/contracts/tunnelAccessControl.ts b/ts/src/contracts/tunnelAccessControl.ts index 5f922719..68919ffe 100644 --- a/ts/src/contracts/tunnelAccessControl.ts +++ b/ts/src/contracts/tunnelAccessControl.ts @@ -1,39 +1,39 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControl.cs -/* eslint-disable */ - -import { TunnelAccessControlEntry } from './tunnelAccessControlEntry'; - -/** - * Data contract for access control on a {@link Tunnel} or {@link TunnelPort}. - * - * Tunnels and tunnel ports can each optionally have an access-control property set on - * them. An access-control object contains a list (ACL) of entries (ACEs) that specify the - * access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the - * tunnel, though ports may include ACEs that augment or override the inherited rules. - * Currently there is no capability to define "roles" for tunnel access (where a role - * specifies a set of related access scopes), and assign roles to users. That feature may - * be added in the future. (It should be represented as a separate `RoleAssignments` - * property on this class.) - */ -export interface TunnelAccessControl { - /** - * Gets or sets the list of access control entries. - * - * The order of entries is significant: later entries override earlier entries that - * apply to the same subject. However, deny rules are always processed after allow - * rules, therefore an allow rule cannot override a deny rule for the same subject. - */ - entries: TunnelAccessControlEntry[]; -} - -// Import static members from a non-generated file, -// and re-export them as an object with the same name as the interface. -import { - validateScopes, -} from './tunnelAccessControlStatics'; - -export const TunnelAccessControl = { - validateScopes, -}; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControl.cs +/* eslint-disable */ + +import { TunnelAccessControlEntry } from './tunnelAccessControlEntry'; + +/** + * Data contract for access control on a {@link Tunnel} or {@link TunnelPort}. + * + * Tunnels and tunnel ports can each optionally have an access-control property set on + * them. An access-control object contains a list (ACL) of entries (ACEs) that specify the + * access scopes granted or denied to some subjects. Tunnel ports inherit the ACL from the + * tunnel, though ports may include ACEs that augment or override the inherited rules. + * Currently there is no capability to define "roles" for tunnel access (where a role + * specifies a set of related access scopes), and assign roles to users. That feature may + * be added in the future. (It should be represented as a separate `RoleAssignments` + * property on this class.) + */ +export interface TunnelAccessControl { + /** + * Gets or sets the list of access control entries. + * + * The order of entries is significant: later entries override earlier entries that + * apply to the same subject. However, deny rules are always processed after allow + * rules, therefore an allow rule cannot override a deny rule for the same subject. + */ + entries: TunnelAccessControlEntry[]; +} + +// Import static members from a non-generated file, +// and re-export them as an object with the same name as the interface. +import { + validateScopes, +} from './tunnelAccessControlStatics'; + +export const TunnelAccessControl = { + validateScopes, +}; diff --git a/ts/src/contracts/tunnelAccessControlEntry.ts b/ts/src/contracts/tunnelAccessControlEntry.ts index ea1bdd34..a098e1c7 100644 --- a/ts/src/contracts/tunnelAccessControlEntry.ts +++ b/ts/src/contracts/tunnelAccessControlEntry.ts @@ -1,136 +1,136 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntry.cs -/* eslint-disable */ - -import { TunnelAccessControlEntryType } from './tunnelAccessControlEntryType'; - -/** - * Data contract for an access control entry on a {@link Tunnel} or {@link TunnelPort}. - * - * An access control entry (ACE) grants or denies one or more access scopes to one or more - * subjects. Tunnel ports inherit access control entries from their tunnel, and they may - * have additional port-specific entries that augment or override those access rules. - */ -export interface TunnelAccessControlEntry { - /** - * Gets or sets the access control entry type. - */ - type: TunnelAccessControlEntryType; - - /** - * Gets or sets the provider of the subjects in this access control entry. The - * provider impacts how the subject identifiers are resolved and displayed. The - * provider may be an identity provider such as AAD, or a system or standard such as - * "ssh" or "ipv4". - * - * For user, group, or org ACEs, this value is the name of the identity provider of - * the user/group/org IDs. It may be one of the well-known provider names in {@link - * TunnelAccessControlEntry.providers}, or (in the future) a custom identity provider. - * For public key ACEs, this value is the type of public key, e.g. "ssh". For IP - * address range ACEs, this value is the IP address version, "ipv4" or "ipv6", or - * "service-tag" if the range is defined by an Azure service tag. For anonymous ACEs, - * this value is null. - */ - provider?: string; - - /** - * Gets or sets a value indicating whether this is an access control entry on a tunnel - * port that is inherited from the tunnel's access control list. - */ - isInherited?: boolean; - - /** - * Gets or sets a value indicating whether this entry is a deny rule that blocks - * access to the specified users. Otherwise it is an allow rule. - * - * All deny rules (including inherited rules) are processed after all allow rules. - * Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list - * or on a more-specific resource. In other words, inherited deny ACEs cannot be - * overridden. - */ - isDeny?: boolean; - - /** - * Gets or sets a value indicating whether this entry applies to all subjects that are - * NOT in the {@link TunnelAccessControlEntry.subjects} list. - * - * Examples: an inverse organizations ACE applies to all users who are not members of - * the listed organization(s); an inverse anonymous ACE applies to all authenticated - * users; an inverse IP address ranges ACE applies to all clients that are not within - * any of the listed IP address ranges. The inverse option is often useful in policies - * in combination with {@link TunnelAccessControlEntry.isDeny}, for example a policy - * could deny access to users who are not members of an organization or are outside of - * an IP address range, effectively blocking any tunnels from allowing outside access - * (because inherited deny ACEs cannot be overridden). - */ - isInverse?: boolean; - - /** - * Gets or sets an optional organization context for all subjects of this entry. The - * use and meaning of this value depends on the {@link TunnelAccessControlEntry.type} - * and {@link TunnelAccessControlEntry.provider} of this entry. - * - * For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently - * used with any other types of ACEs. - */ - organization?: string; - - /** - * Gets or sets the subjects for the entry, such as user or group IDs. The format of - * the values depends on the {@link TunnelAccessControlEntry.type} and {@link - * TunnelAccessControlEntry.provider} of this entry. - */ - subjects: string[]; - - /** - * Gets or sets the access scopes that this entry grants or denies to the subjects. - * - * These must be one or more values from {@link TunnelAccessScopes}. - */ - scopes: string[]; - - /** - * Gets or sets the expiration for an access control entry. - * - * If no value is set then this value is null. - */ - expiration?: Date; -} - -export namespace TunnelAccessControlEntry { - /** - * Constants for well-known identity providers. - */ - export enum Providers { - /** - * Microsoft (AAD) identity provider. - */ - Microsoft = 'microsoft', - - /** - * GitHub identity provider. - */ - GitHub = 'github', - - /** - * SSH public keys. - */ - Ssh = 'ssh', - - /** - * IPv4 addresses. - */ - IPv4 = 'ipv4', - - /** - * IPv6 addresses. - */ - IPv6 = 'ipv6', - - /** - * Service tags. - */ - ServiceTag = 'service-tag', - } -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntry.cs +/* eslint-disable */ + +import { TunnelAccessControlEntryType } from './tunnelAccessControlEntryType'; + +/** + * Data contract for an access control entry on a {@link Tunnel} or {@link TunnelPort}. + * + * An access control entry (ACE) grants or denies one or more access scopes to one or more + * subjects. Tunnel ports inherit access control entries from their tunnel, and they may + * have additional port-specific entries that augment or override those access rules. + */ +export interface TunnelAccessControlEntry { + /** + * Gets or sets the access control entry type. + */ + type: TunnelAccessControlEntryType; + + /** + * Gets or sets the provider of the subjects in this access control entry. The + * provider impacts how the subject identifiers are resolved and displayed. The + * provider may be an identity provider such as AAD, or a system or standard such as + * "ssh" or "ipv4". + * + * For user, group, or org ACEs, this value is the name of the identity provider of + * the user/group/org IDs. It may be one of the well-known provider names in {@link + * TunnelAccessControlEntry.providers}, or (in the future) a custom identity provider. + * For public key ACEs, this value is the type of public key, e.g. "ssh". For IP + * address range ACEs, this value is the IP address version, "ipv4" or "ipv6", or + * "service-tag" if the range is defined by an Azure service tag. For anonymous ACEs, + * this value is null. + */ + provider?: string; + + /** + * Gets or sets a value indicating whether this is an access control entry on a tunnel + * port that is inherited from the tunnel's access control list. + */ + isInherited?: boolean; + + /** + * Gets or sets a value indicating whether this entry is a deny rule that blocks + * access to the specified users. Otherwise it is an allow rule. + * + * All deny rules (including inherited rules) are processed after all allow rules. + * Therefore a deny ACE cannot be overridden by an allow ACE that is later in the list + * or on a more-specific resource. In other words, inherited deny ACEs cannot be + * overridden. + */ + isDeny?: boolean; + + /** + * Gets or sets a value indicating whether this entry applies to all subjects that are + * NOT in the {@link TunnelAccessControlEntry.subjects} list. + * + * Examples: an inverse organizations ACE applies to all users who are not members of + * the listed organization(s); an inverse anonymous ACE applies to all authenticated + * users; an inverse IP address ranges ACE applies to all clients that are not within + * any of the listed IP address ranges. The inverse option is often useful in policies + * in combination with {@link TunnelAccessControlEntry.isDeny}, for example a policy + * could deny access to users who are not members of an organization or are outside of + * an IP address range, effectively blocking any tunnels from allowing outside access + * (because inherited deny ACEs cannot be overridden). + */ + isInverse?: boolean; + + /** + * Gets or sets an optional organization context for all subjects of this entry. The + * use and meaning of this value depends on the {@link TunnelAccessControlEntry.type} + * and {@link TunnelAccessControlEntry.provider} of this entry. + * + * For AAD users and group ACEs, this value is the AAD tenant ID. It is not currently + * used with any other types of ACEs. + */ + organization?: string; + + /** + * Gets or sets the subjects for the entry, such as user or group IDs. The format of + * the values depends on the {@link TunnelAccessControlEntry.type} and {@link + * TunnelAccessControlEntry.provider} of this entry. + */ + subjects: string[]; + + /** + * Gets or sets the access scopes that this entry grants or denies to the subjects. + * + * These must be one or more values from {@link TunnelAccessScopes}. + */ + scopes: string[]; + + /** + * Gets or sets the expiration for an access control entry. + * + * If no value is set then this value is null. + */ + expiration?: Date; +} + +export namespace TunnelAccessControlEntry { + /** + * Constants for well-known identity providers. + */ + export enum Providers { + /** + * Microsoft (AAD) identity provider. + */ + Microsoft = 'microsoft', + + /** + * GitHub identity provider. + */ + GitHub = 'github', + + /** + * SSH public keys. + */ + Ssh = 'ssh', + + /** + * IPv4 addresses. + */ + IPv4 = 'ipv4', + + /** + * IPv6 addresses. + */ + IPv6 = 'ipv6', + + /** + * Service tags. + */ + ServiceTag = 'service-tag', + } +} diff --git a/ts/src/contracts/tunnelAccessControlEntryType.ts b/ts/src/contracts/tunnelAccessControlEntryType.ts index 351dbf5e..6ca228e0 100644 --- a/ts/src/contracts/tunnelAccessControlEntryType.ts +++ b/ts/src/contracts/tunnelAccessControlEntryType.ts @@ -1,57 +1,57 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntryType.cs -/* eslint-disable */ - -/** - * Specifies the type of {@link TunnelAccessControlEntry}. - */ -export enum TunnelAccessControlEntryType { - /** - * Uninitialized access control entry type. - */ - None = 'None', - - /** - * The access control entry refers to all anonymous users. - */ - Anonymous = 'Anonymous', - - /** - * The access control entry is a list of user IDs that are allowed (or denied) access. - */ - Users = 'Users', - - /** - * The access control entry is a list of groups IDs that are allowed (or denied) - * access. - */ - Groups = 'Groups', - - /** - * The access control entry is a list of organization IDs that are allowed (or denied) - * access. - * - * All users in the organizations are allowed (or denied) access, unless overridden by - * following group or user rules. - */ - Organizations = 'Organizations', - - /** - * The access control entry is a list of repositories. Users are allowed access to the - * tunnel if they have access to the repo. - */ - Repositories = 'Repositories', - - /** - * The access control entry is a list of public keys. Users are allowed access if they - * can authenticate using a private key corresponding to one of the public keys. - */ - PublicKeys = 'PublicKeys', - - /** - * The access control entry is a list of IP address ranges that are allowed (or - * denied) access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. - */ - IPAddressRanges = 'IPAddressRanges', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessControlEntryType.cs +/* eslint-disable */ + +/** + * Specifies the type of {@link TunnelAccessControlEntry}. + */ +export enum TunnelAccessControlEntryType { + /** + * Uninitialized access control entry type. + */ + None = 'None', + + /** + * The access control entry refers to all anonymous users. + */ + Anonymous = 'Anonymous', + + /** + * The access control entry is a list of user IDs that are allowed (or denied) access. + */ + Users = 'Users', + + /** + * The access control entry is a list of groups IDs that are allowed (or denied) + * access. + */ + Groups = 'Groups', + + /** + * The access control entry is a list of organization IDs that are allowed (or denied) + * access. + * + * All users in the organizations are allowed (or denied) access, unless overridden by + * following group or user rules. + */ + Organizations = 'Organizations', + + /** + * The access control entry is a list of repositories. Users are allowed access to the + * tunnel if they have access to the repo. + */ + Repositories = 'Repositories', + + /** + * The access control entry is a list of public keys. Users are allowed access if they + * can authenticate using a private key corresponding to one of the public keys. + */ + PublicKeys = 'PublicKeys', + + /** + * The access control entry is a list of IP address ranges that are allowed (or + * denied) access to the tunnel. Ranges can be IPv4, IPv6, or Azure service tags. + */ + IPAddressRanges = 'IPAddressRanges', +} diff --git a/ts/src/contracts/tunnelAccessScopes.ts b/ts/src/contracts/tunnelAccessScopes.ts index 6aa5371f..a6e0b101 100644 --- a/ts/src/contracts/tunnelAccessScopes.ts +++ b/ts/src/contracts/tunnelAccessScopes.ts @@ -1,48 +1,48 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessScopes.cs -/* eslint-disable */ - -/** - * Defines scopes for tunnel access tokens. - * - * A tunnel access token with one or more of these scopes typically also has cluster ID - * and tunnel ID claims that limit the access scope to a specific tunnel, and may also - * have one or more port claims that further limit the access to particular ports of the - * tunnel. - */ -export enum TunnelAccessScopes { - /** - * Allows creating tunnels. This scope is valid only in policies at the global, - * domain, or organization level; it is not relevant to an already-created tunnel or - * tunnel port. (Creation of ports requires "manage" or "host" access to the tunnel.) - */ - Create = 'create', - - /** - * Allows management operations on tunnels and tunnel ports. - */ - Manage = 'manage', - - /** - * Allows management operations on all ports of a tunnel, but does not allow updating - * any other tunnel properties or deleting the tunnel. - */ - ManagePorts = 'manage:ports', - - /** - * Allows accepting connections on tunnels as a host. Includes access to update tunnel - * endpoints and ports. - */ - Host = 'host', - - /** - * Allows inspecting tunnel connection activity and data. - */ - Inspect = 'inspect', - - /** - * Allows connecting to tunnels or ports as a client. - */ - Connect = 'connect', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessScopes.cs +/* eslint-disable */ + +/** + * Defines scopes for tunnel access tokens. + * + * A tunnel access token with one or more of these scopes typically also has cluster ID + * and tunnel ID claims that limit the access scope to a specific tunnel, and may also + * have one or more port claims that further limit the access to particular ports of the + * tunnel. + */ +export enum TunnelAccessScopes { + /** + * Allows creating tunnels. This scope is valid only in policies at the global, + * domain, or organization level; it is not relevant to an already-created tunnel or + * tunnel port. (Creation of ports requires "manage" or "host" access to the tunnel.) + */ + Create = 'create', + + /** + * Allows management operations on tunnels and tunnel ports. + */ + Manage = 'manage', + + /** + * Allows management operations on all ports of a tunnel, but does not allow updating + * any other tunnel properties or deleting the tunnel. + */ + ManagePorts = 'manage:ports', + + /** + * Allows accepting connections on tunnels as a host. Includes access to update tunnel + * endpoints and ports. + */ + Host = 'host', + + /** + * Allows inspecting tunnel connection activity and data. + */ + Inspect = 'inspect', + + /** + * Allows connecting to tunnels or ports as a client. + */ + Connect = 'connect', +} diff --git a/ts/src/contracts/tunnelAccessSubject.ts b/ts/src/contracts/tunnelAccessSubject.ts index e2730dbc..45b9ad97 100644 --- a/ts/src/contracts/tunnelAccessSubject.ts +++ b/ts/src/contracts/tunnelAccessSubject.ts @@ -1,49 +1,49 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAccessSubject.cs -/* eslint-disable */ - -import { TunnelAccessControlEntryType } from './tunnelAccessControlEntryType'; - -/** - * Properties about a subject of a tunnel access control entry (ACE), used when resolving - * subject names to IDs when creating new ACEs, or formatting subject IDs to names when - * displaying existing ACEs. - */ -export interface TunnelAccessSubject { - /** - * Gets or sets the type of subject, e.g. user, group, or organization. - */ - type: TunnelAccessControlEntryType; - - /** - * Gets or sets the subject ID. - * - * The ID is typically a guid or integer that is unique within the scope of the - * identity provider or organization, and never changes for that subject. - */ - id?: string; - - /** - * Gets or sets the subject organization ID, which may be required if an organization - * is not implied by the authentication context. - */ - organizationId?: string; - - /** - * Gets or sets the partial or full subject name. - * - * When resolving a subject name to ID, a partial name may be provided, and the full - * name is returned if the partial name was successfully resolved. When formatting a - * subject ID to name, the full name is returned if the ID was found. - */ - name?: string; - - /** - * Gets or sets an array of possible subject matches, if a partial name was provided - * and did not resolve to a single subject. - * - * This property applies only when resolving subject names to IDs. - */ - matches?: TunnelAccessSubject[]; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAccessSubject.cs +/* eslint-disable */ + +import { TunnelAccessControlEntryType } from './tunnelAccessControlEntryType'; + +/** + * Properties about a subject of a tunnel access control entry (ACE), used when resolving + * subject names to IDs when creating new ACEs, or formatting subject IDs to names when + * displaying existing ACEs. + */ +export interface TunnelAccessSubject { + /** + * Gets or sets the type of subject, e.g. user, group, or organization. + */ + type: TunnelAccessControlEntryType; + + /** + * Gets or sets the subject ID. + * + * The ID is typically a guid or integer that is unique within the scope of the + * identity provider or organization, and never changes for that subject. + */ + id?: string; + + /** + * Gets or sets the subject organization ID, which may be required if an organization + * is not implied by the authentication context. + */ + organizationId?: string; + + /** + * Gets or sets the partial or full subject name. + * + * When resolving a subject name to ID, a partial name may be provided, and the full + * name is returned if the partial name was successfully resolved. When formatting a + * subject ID to name, the full name is returned if the ID was found. + */ + name?: string; + + /** + * Gets or sets an array of possible subject matches, if a partial name was provided + * and did not resolve to a single subject. + * + * This property applies only when resolving subject names to IDs. + */ + matches?: TunnelAccessSubject[]; +} diff --git a/ts/src/contracts/tunnelAuthenticationSchemes.ts b/ts/src/contracts/tunnelAuthenticationSchemes.ts index ff87edea..92f3c5d5 100644 --- a/ts/src/contracts/tunnelAuthenticationSchemes.ts +++ b/ts/src/contracts/tunnelAuthenticationSchemes.ts @@ -1,29 +1,29 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs -/* eslint-disable */ - -/** - * Defines string constants for authentication schemes supported by tunnel service APIs. - */ -export enum TunnelAuthenticationSchemes { - /** - * Authentication scheme for AAD (or Microsoft account) access tokens. - */ - Aad = 'aad', - - /** - * Authentication scheme for GitHub access tokens. - */ - GitHub = 'github', - - /** - * Authentication scheme for tunnel access tokens. - */ - Tunnel = 'tunnel', - - /** - * Authentication scheme for tunnelPlan access tokens. - */ - TunnelPlan = 'tunnelplan', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelAuthenticationSchemes.cs +/* eslint-disable */ + +/** + * Defines string constants for authentication schemes supported by tunnel service APIs. + */ +export enum TunnelAuthenticationSchemes { + /** + * Authentication scheme for AAD (or Microsoft account) access tokens. + */ + Aad = 'aad', + + /** + * Authentication scheme for GitHub access tokens. + */ + GitHub = 'github', + + /** + * Authentication scheme for tunnel access tokens. + */ + Tunnel = 'tunnel', + + /** + * Authentication scheme for tunnelPlan access tokens. + */ + TunnelPlan = 'tunnelplan', +} diff --git a/ts/src/contracts/tunnelConnectionMode.ts b/ts/src/contracts/tunnelConnectionMode.ts index 3e6ce905..788f2697 100644 --- a/ts/src/contracts/tunnelConnectionMode.ts +++ b/ts/src/contracts/tunnelConnectionMode.ts @@ -1,25 +1,25 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelConnectionMode.cs -/* eslint-disable */ - -/** - * Specifies the connection protocol / implementation for a tunnel. - * - * Depending on the connection mode, hosts or clients might need to use different - * authentication and connection protocols. - */ -export enum TunnelConnectionMode { - /** - * Connect directly to the host over the local network. - * - * While it's technically not "tunneling", this mode may be combined with others to - * enable choosing the most efficient connection mode available. - */ - LocalNetwork = 'LocalNetwork', - - /** - * Use the tunnel service's integrated relay function. - */ - TunnelRelay = 'TunnelRelay', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelConnectionMode.cs +/* eslint-disable */ + +/** + * Specifies the connection protocol / implementation for a tunnel. + * + * Depending on the connection mode, hosts or clients might need to use different + * authentication and connection protocols. + */ +export enum TunnelConnectionMode { + /** + * Connect directly to the host over the local network. + * + * While it's technically not "tunneling", this mode may be combined with others to + * enable choosing the most efficient connection mode available. + */ + LocalNetwork = 'LocalNetwork', + + /** + * Use the tunnel service's integrated relay function. + */ + TunnelRelay = 'TunnelRelay', +} diff --git a/ts/src/contracts/tunnelConstraints.ts b/ts/src/contracts/tunnelConstraints.ts index 527f0c61..02f68a7a 100644 --- a/ts/src/contracts/tunnelConstraints.ts +++ b/ts/src/contracts/tunnelConstraints.ts @@ -1,321 +1,321 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelConstraints.cs -/* eslint-disable */ - -/** - * Tunnel constraints. - */ -export namespace TunnelConstraints { - /** - * Min length of tunnel cluster ID. - */ - export const clusterIdMinLength: number = 3; - - /** - * Max length of tunnel cluster ID. - */ - export const clusterIdMaxLength: number = 12; - - /** - * Length of V1 tunnel id. - */ - export const oldTunnelIdLength: number = 8; - - /** - * Min length of V2 tunnelId. - */ - export const newTunnelIdMinLength: number = 3; - - /** - * Max length of V2 tunnelId. - * - * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes - * (-<port>-inspect) remain within the DNS label limit of 63 characters. - */ - export const newTunnelIdMaxLength: number = 49; - - /** - * Length of a tunnel alias. - */ - export const tunnelAliasLength: number = 8; - - /** - * Min length of tunnel name. - */ - export const tunnelNameMinLength: number = 3; - - /** - * Max length of tunnel name. - * - * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes - * (-<port>-inspect) remain within the DNS label limit of 63 characters. - */ - export const tunnelNameMaxLength: number = 49; - - /** - * Max length of SSH username. - */ - export const sshUserMaxLength: number = 60; - - /** - * Max length of tunnel or port description. - */ - export const descriptionMaxLength: number = 400; - - /** - * Max length of tunnel event details. - */ - export const eventDetailsMaxLength: number = 4000; - - /** - * Max number of properties in a tunnel event. - */ - export const maxEventProperties: number = 100; - - /** - * Max length of a single tunnel event property value. - */ - export const eventPropertyValueMaxLength: number = 4000; - - /** - * Min length of a single tunnel or port tag. - */ - export const labelMinLength: number = 1; - - /** - * Max length of a single tunnel or port tag. - */ - export const labelMaxLength: number = 50; - - /** - * Maximum number of labels that can be applied to a tunnel or port. - */ - export const maxLabels: number = 100; - - /** - * Min length of a tunnel domain. - */ - export const tunnelDomainMinLength: number = 4; - - /** - * Max length of a tunnel domain. - */ - export const tunnelDomainMaxLength: number = 180; - - /** - * Maximum number of items allowed in the tunnel ports array. The actual limit on - * number of ports that can be created may be much lower, and may depend on various - * resource limitations or policies. - */ - export const tunnelMaxPorts: number = 1000; - - /** - * Maximum number of access control entries (ACEs) in a tunnel or tunnel port access - * control list (ACL). - */ - export const accessControlMaxEntries: number = 40; - - /** - * Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access - * control entry (ACE). - */ - export const accessControlMaxSubjects: number = 100; - - /** - * Max length of an access control subject or organization ID. - */ - export const accessControlSubjectMaxLength: number = 200; - - /** - * Max length of an access control subject name, when resolving names to IDs. - */ - export const accessControlSubjectNameMaxLength: number = 200; - - /** - * Maximum number of scopes in an access control entry. - */ - export const accessControlMaxScopes: number = 10; - - /** - * Regular expression that can match or validate tunnel event name strings. - */ - export const eventNamePattern: string = '^[a-z0-9_]{3,80}$'; - - /** - * Regular expression that can match or validate tunnel event severity strings. - */ - export const eventSeverityPattern: string = '^(info)|(warning)|(error)$'; - - /** - * Regular expression that can match or validate tunnel event property name strings. - */ - export const eventPropertyNamePattern: string = '^[a-zA-Z0-9_.]{3,200}$'; - - /** - * Regular expression that can match or validate tunnel cluster ID strings. - * - * Cluster IDs are alphanumeric; hyphens are not permitted. - */ - export const clusterIdPattern: string = '^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$'; - - /** - * Regular expression that can match or validate tunnel cluster ID strings. - * - * Cluster IDs are alphanumeric; hyphens are not permitted. - */ - export const clusterIdRegex: RegExp = new RegExp(TunnelConstraints.clusterIdPattern); - - /** - * Regular expression that can match or validate a tunnel cluster ID as a hostname - * prefix. - * - * Cluster IDs are alphanumeric; hyphens are not permitted. - */ - export const clusterIdPrefixRegex: RegExp = new RegExp(TunnelConstraints.clusterIdPattern.replace('$', '\\.')); - - /** - * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - * excluding vowels and 'y' (to avoid accidentally generating any random words). - */ - export const oldTunnelIdChars: string = '0123456789bcdfghjklmnpqrstvwxz'; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - export const oldTunnelIdPattern: string = '[' + TunnelConstraints.oldTunnelIdChars + ']{8}'; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - export const oldTunnelIdRegex: RegExp = new RegExp(TunnelConstraints.oldTunnelIdPattern); - - /** - * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - * excluding vowels and 'y' (to avoid accidentally generating any random words). - */ - export const newTunnelIdChars: string = '0123456789abcdefghijklmnopqrstuvwxyz-'; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs have a limited character set of numbers and lowercase letters. Limited - * to 49 characters to ensure tunnel URIs with ports and inspection suffixes remain - * within the DNS label limit of 63 characters. - */ - export const newTunnelIdPattern: string = '[a-z0-9][a-z0-9-]{1,47}[a-z0-9]'; - - /** - * Regular expression that can match or validate tunnel ID strings. - * - * Tunnel IDs are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - export const newTunnelIdRegex: RegExp = new RegExp(TunnelConstraints.newTunnelIdPattern); - - /** - * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, - * excluding vowels and 'y' (to avoid accidentally generating any random words). - */ - export const tunnelAliasChars: string = '0123456789bcdfghjklmnpqrstvwxz'; - - /** - * Regular expression that can match or validate tunnel alias strings. - * - * Tunnel Aliases are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel - * URIs with ports and inspection suffixes remain within the DNS label limit of 63 - * characters. - */ - export const tunnelAliasPattern: string = '[' + TunnelConstraints.tunnelAliasChars + ']{3,49}'; - - /** - * Regular expression that can match or validate tunnel alias strings. - * - * Tunnel Aliases are fixed-length and have a limited character set of numbers and - * lowercase letters (minus vowels and y). - */ - export const tunnelAliasRegex: RegExp = new RegExp(TunnelConstraints.tunnelAliasPattern); - - /** - * Regular expression that can match or validate tunnel names. - * - * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an - * empty string because tunnels may be unnamed. Limited to 49 characters to ensure - * tunnel URIs with ports and inspection suffixes remain within the DNS label limit of - * 63 characters. - */ - export const tunnelNamePattern: string = '([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)'; - - /** - * Regular expression that can match or validate tunnel names. - * - * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an - * empty string because tunnels may be unnamed. - */ - export const tunnelNameRegex: RegExp = new RegExp(TunnelConstraints.tunnelNamePattern); - - /** - * Regular expression that can match or validate tunnel or port labels. - */ - export const labelPattern: string = '[\\w-=]{1,50}'; - - /** - * Regular expression that can match or validate tunnel or port labels. - */ - export const labelRegex: RegExp = new RegExp(TunnelConstraints.labelPattern); - - /** - * Regular expression that can match or validate tunnel domains. - * - * The tunnel service may perform additional contextual validation at the time the - * domain is registered. - */ - export const tunnelDomainPattern: string = '[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)'; - - /** - * Regular expression that can match or validate tunnel domains. - * - * The tunnel service may perform additional contextual validation at the time the - * domain is registered. - */ - export const tunnelDomainRegex: RegExp = new RegExp(TunnelConstraints.tunnelDomainPattern); - - /** - * Regular expression that can match or validate an access control subject or - * organization ID. - * - * The : and / characters are allowed because subjects may include IP addresses and - * ranges. The @ character is allowed because MSA subjects may be identified by email - * address. - */ - export const accessControlSubjectPattern: string = '[0-9a-zA-Z-._:/@]{0,200}'; - - /** - * Regular expression that can match or validate an access control subject or - * organization ID. - */ - export const accessControlSubjectRegex: RegExp = new RegExp(TunnelConstraints.accessControlSubjectPattern); - - /** - * Regular expression that can match or validate an access control subject name, when - * resolving subject names to IDs. - * - * Note angle-brackets are only allowed when they wrap an email address as part of a - * formatted name with email. The service will block any other use of angle-brackets, - * to avoid any XSS risks. - */ - export const accessControlSubjectNamePattern: string = '[ \\w\\d-.,/:\'"_@()<>]{0,200}'; - - /** - * Regular expression that can match or validate an access control subject name, when - * resolving subject names to IDs. - */ - export const accessControlSubjectNameRegex: RegExp = new RegExp(TunnelConstraints.accessControlSubjectNamePattern); -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelConstraints.cs +/* eslint-disable */ + +/** + * Tunnel constraints. + */ +export namespace TunnelConstraints { + /** + * Min length of tunnel cluster ID. + */ + export const clusterIdMinLength: number = 3; + + /** + * Max length of tunnel cluster ID. + */ + export const clusterIdMaxLength: number = 12; + + /** + * Length of V1 tunnel id. + */ + export const oldTunnelIdLength: number = 8; + + /** + * Min length of V2 tunnelId. + */ + export const newTunnelIdMinLength: number = 3; + + /** + * Max length of V2 tunnelId. + * + * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes + * (-<port>-inspect) remain within the DNS label limit of 63 characters. + */ + export const newTunnelIdMaxLength: number = 49; + + /** + * Length of a tunnel alias. + */ + export const tunnelAliasLength: number = 8; + + /** + * Min length of tunnel name. + */ + export const tunnelNameMinLength: number = 3; + + /** + * Max length of tunnel name. + * + * Limited to 49 characters to ensure tunnel URIs with ports and inspection suffixes + * (-<port>-inspect) remain within the DNS label limit of 63 characters. + */ + export const tunnelNameMaxLength: number = 49; + + /** + * Max length of SSH username. + */ + export const sshUserMaxLength: number = 60; + + /** + * Max length of tunnel or port description. + */ + export const descriptionMaxLength: number = 400; + + /** + * Max length of tunnel event details. + */ + export const eventDetailsMaxLength: number = 4000; + + /** + * Max number of properties in a tunnel event. + */ + export const maxEventProperties: number = 100; + + /** + * Max length of a single tunnel event property value. + */ + export const eventPropertyValueMaxLength: number = 4000; + + /** + * Min length of a single tunnel or port tag. + */ + export const labelMinLength: number = 1; + + /** + * Max length of a single tunnel or port tag. + */ + export const labelMaxLength: number = 50; + + /** + * Maximum number of labels that can be applied to a tunnel or port. + */ + export const maxLabels: number = 100; + + /** + * Min length of a tunnel domain. + */ + export const tunnelDomainMinLength: number = 4; + + /** + * Max length of a tunnel domain. + */ + export const tunnelDomainMaxLength: number = 180; + + /** + * Maximum number of items allowed in the tunnel ports array. The actual limit on + * number of ports that can be created may be much lower, and may depend on various + * resource limitations or policies. + */ + export const tunnelMaxPorts: number = 1000; + + /** + * Maximum number of access control entries (ACEs) in a tunnel or tunnel port access + * control list (ACL). + */ + export const accessControlMaxEntries: number = 40; + + /** + * Maximum number of subjects (such as user IDs) in a tunnel or tunnel port access + * control entry (ACE). + */ + export const accessControlMaxSubjects: number = 100; + + /** + * Max length of an access control subject or organization ID. + */ + export const accessControlSubjectMaxLength: number = 200; + + /** + * Max length of an access control subject name, when resolving names to IDs. + */ + export const accessControlSubjectNameMaxLength: number = 200; + + /** + * Maximum number of scopes in an access control entry. + */ + export const accessControlMaxScopes: number = 10; + + /** + * Regular expression that can match or validate tunnel event name strings. + */ + export const eventNamePattern: string = '^[a-z0-9_]{3,80}$'; + + /** + * Regular expression that can match or validate tunnel event severity strings. + */ + export const eventSeverityPattern: string = '^(info)|(warning)|(error)$'; + + /** + * Regular expression that can match or validate tunnel event property name strings. + */ + export const eventPropertyNamePattern: string = '^[a-zA-Z0-9_.]{3,200}$'; + + /** + * Regular expression that can match or validate tunnel cluster ID strings. + * + * Cluster IDs are alphanumeric; hyphens are not permitted. + */ + export const clusterIdPattern: string = '^(([a-z]{3,4}[0-9]{1,3})|asse|aue|brs|euw|use)$'; + + /** + * Regular expression that can match or validate tunnel cluster ID strings. + * + * Cluster IDs are alphanumeric; hyphens are not permitted. + */ + export const clusterIdRegex: RegExp = new RegExp(TunnelConstraints.clusterIdPattern); + + /** + * Regular expression that can match or validate a tunnel cluster ID as a hostname + * prefix. + * + * Cluster IDs are alphanumeric; hyphens are not permitted. + */ + export const clusterIdPrefixRegex: RegExp = new RegExp(TunnelConstraints.clusterIdPattern.replace('$', '\\.')); + + /** + * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + * excluding vowels and 'y' (to avoid accidentally generating any random words). + */ + export const oldTunnelIdChars: string = '0123456789bcdfghjklmnpqrstvwxz'; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + export const oldTunnelIdPattern: string = '[' + TunnelConstraints.oldTunnelIdChars + ']{8}'; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + export const oldTunnelIdRegex: RegExp = new RegExp(TunnelConstraints.oldTunnelIdPattern); + + /** + * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + * excluding vowels and 'y' (to avoid accidentally generating any random words). + */ + export const newTunnelIdChars: string = '0123456789abcdefghijklmnopqrstuvwxyz-'; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs have a limited character set of numbers and lowercase letters. Limited + * to 49 characters to ensure tunnel URIs with ports and inspection suffixes remain + * within the DNS label limit of 63 characters. + */ + export const newTunnelIdPattern: string = '[a-z0-9][a-z0-9-]{1,47}[a-z0-9]'; + + /** + * Regular expression that can match or validate tunnel ID strings. + * + * Tunnel IDs are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + export const newTunnelIdRegex: RegExp = new RegExp(TunnelConstraints.newTunnelIdPattern); + + /** + * Characters that are valid in tunnel IDs. Includes numbers and lowercase letters, + * excluding vowels and 'y' (to avoid accidentally generating any random words). + */ + export const tunnelAliasChars: string = '0123456789bcdfghjklmnpqrstvwxz'; + + /** + * Regular expression that can match or validate tunnel alias strings. + * + * Tunnel Aliases are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). Limited to 49 characters to ensure tunnel + * URIs with ports and inspection suffixes remain within the DNS label limit of 63 + * characters. + */ + export const tunnelAliasPattern: string = '[' + TunnelConstraints.tunnelAliasChars + ']{3,49}'; + + /** + * Regular expression that can match or validate tunnel alias strings. + * + * Tunnel Aliases are fixed-length and have a limited character set of numbers and + * lowercase letters (minus vowels and y). + */ + export const tunnelAliasRegex: RegExp = new RegExp(TunnelConstraints.tunnelAliasPattern); + + /** + * Regular expression that can match or validate tunnel names. + * + * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an + * empty string because tunnels may be unnamed. Limited to 49 characters to ensure + * tunnel URIs with ports and inspection suffixes remain within the DNS label limit of + * 63 characters. + */ + export const tunnelNamePattern: string = '([a-z0-9][a-z0-9-]{1,47}[a-z0-9])|(^$)'; + + /** + * Regular expression that can match or validate tunnel names. + * + * Tunnel names are alphanumeric and may contain hyphens. The pattern also allows an + * empty string because tunnels may be unnamed. + */ + export const tunnelNameRegex: RegExp = new RegExp(TunnelConstraints.tunnelNamePattern); + + /** + * Regular expression that can match or validate tunnel or port labels. + */ + export const labelPattern: string = '[\\w-=]{1,50}'; + + /** + * Regular expression that can match or validate tunnel or port labels. + */ + export const labelRegex: RegExp = new RegExp(TunnelConstraints.labelPattern); + + /** + * Regular expression that can match or validate tunnel domains. + * + * The tunnel service may perform additional contextual validation at the time the + * domain is registered. + */ + export const tunnelDomainPattern: string = '[0-9a-z][0-9a-z-.]{1,158}[0-9a-z]|(^$)'; + + /** + * Regular expression that can match or validate tunnel domains. + * + * The tunnel service may perform additional contextual validation at the time the + * domain is registered. + */ + export const tunnelDomainRegex: RegExp = new RegExp(TunnelConstraints.tunnelDomainPattern); + + /** + * Regular expression that can match or validate an access control subject or + * organization ID. + * + * The : and / characters are allowed because subjects may include IP addresses and + * ranges. The @ character is allowed because MSA subjects may be identified by email + * address. + */ + export const accessControlSubjectPattern: string = '[0-9a-zA-Z-._:/@]{0,200}'; + + /** + * Regular expression that can match or validate an access control subject or + * organization ID. + */ + export const accessControlSubjectRegex: RegExp = new RegExp(TunnelConstraints.accessControlSubjectPattern); + + /** + * Regular expression that can match or validate an access control subject name, when + * resolving subject names to IDs. + * + * Note angle-brackets are only allowed when they wrap an email address as part of a + * formatted name with email. The service will block any other use of angle-brackets, + * to avoid any XSS risks. + */ + export const accessControlSubjectNamePattern: string = '[ \\w\\d-.,/:\'"_@()<>]{0,200}'; + + /** + * Regular expression that can match or validate an access control subject name, when + * resolving subject names to IDs. + */ + export const accessControlSubjectNameRegex: RegExp = new RegExp(TunnelConstraints.accessControlSubjectNamePattern); +} diff --git a/ts/src/contracts/tunnelEndpoint.ts b/ts/src/contracts/tunnelEndpoint.ts index ecf8cfbf..fd900c6e 100644 --- a/ts/src/contracts/tunnelEndpoint.ts +++ b/ts/src/contracts/tunnelEndpoint.ts @@ -1,98 +1,98 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelEndpoint.cs -/* eslint-disable */ - -import { TunnelConnectionMode } from './tunnelConnectionMode'; - -/** - * Base class for tunnel connection parameters. - * - * A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. - * There is a subclass for each connection mode, each having different connection - * parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and - * clients can select their preferred endpoint(s) from those depending on network - * environment or client capabilities. - */ -export interface TunnelEndpoint { - /** - * Gets or sets the ID of this endpoint. - */ - id?: string; - - /** - * Gets or sets the connection mode of the endpoint. - * - * This property is required when creating or updating an endpoint. The subclass type - * is also an indication of the connection mode, but this property is necessary to - * determine the subclass type when deserializing. - */ - connectionMode: TunnelConnectionMode; - - /** - * Gets or sets the ID of the host that is listening on this endpoint. - * - * This property is required when creating or updating an endpoint. If the host - * supports multiple connection modes, the host's ID is the same for all the endpoints - * it supports. However different hosts may simultaneously accept connections at - * different endpoints for the same tunnel, if enabled in tunnel options. - */ - hostId: string; - - /** - * Gets or sets an array of public keys, which can be used by clients to authenticate - * the host. - */ - hostPublicKeys?: string[]; - - /** - * Gets or sets a string used to format URIs where a web client can connect to ports - * of the tunnel. The string includes a {@link TunnelEndpoint.portToken} that must be - * replaced with the actual port number. - */ - portUriFormat?: string; - - /** - * Gets or sets the URI where a web client can connect to the default port of the - * tunnel. - */ - tunnelUri?: string; - - /** - * Gets or sets a string used to format ssh command where ssh client can connect to - * shared ssh port of the tunnel. The string includes a {@link - * TunnelEndpoint.portToken} that must be replaced with the actual port number. - */ - portSshCommandFormat?: string; - - /** - * Gets or sets the Ssh command where the Ssh client can connect to the default ssh - * port of the tunnel. - */ - tunnelSshCommand?: string; - - /** - * Gets or sets the Ssh gateway public key which should be added to the - * authorized_keys file so that tunnel service can connect to the shared ssh server. - */ - sshGatewayPublicKey?: string; -} - -/** - * Token included in {@link TunnelEndpoint.portUriFormat} and {@link - * TunnelEndpoint.portSshCommandFormat} that is to be replaced by a specified port number. - */ -export const portToken = '{port}'; - -// Import static members from a non-generated file, -// and re-export them as an object with the same name as the interface. -import { - getPortUri, - getPortSshCommand, -} from './tunnelEndpointStatics'; - -export const TunnelEndpoint = { - portToken, - getPortUri, - getPortSshCommand, -}; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelEndpoint.cs +/* eslint-disable */ + +import { TunnelConnectionMode } from './tunnelConnectionMode'; + +/** + * Base class for tunnel connection parameters. + * + * A tunnel endpoint specifies how and where hosts and clients can connect to a tunnel. + * There is a subclass for each connection mode, each having different connection + * parameters. A tunnel may have multiple endpoints for one host (or multiple hosts), and + * clients can select their preferred endpoint(s) from those depending on network + * environment or client capabilities. + */ +export interface TunnelEndpoint { + /** + * Gets or sets the ID of this endpoint. + */ + id?: string; + + /** + * Gets or sets the connection mode of the endpoint. + * + * This property is required when creating or updating an endpoint. The subclass type + * is also an indication of the connection mode, but this property is necessary to + * determine the subclass type when deserializing. + */ + connectionMode: TunnelConnectionMode; + + /** + * Gets or sets the ID of the host that is listening on this endpoint. + * + * This property is required when creating or updating an endpoint. If the host + * supports multiple connection modes, the host's ID is the same for all the endpoints + * it supports. However different hosts may simultaneously accept connections at + * different endpoints for the same tunnel, if enabled in tunnel options. + */ + hostId: string; + + /** + * Gets or sets an array of public keys, which can be used by clients to authenticate + * the host. + */ + hostPublicKeys?: string[]; + + /** + * Gets or sets a string used to format URIs where a web client can connect to ports + * of the tunnel. The string includes a {@link TunnelEndpoint.portToken} that must be + * replaced with the actual port number. + */ + portUriFormat?: string; + + /** + * Gets or sets the URI where a web client can connect to the default port of the + * tunnel. + */ + tunnelUri?: string; + + /** + * Gets or sets a string used to format ssh command where ssh client can connect to + * shared ssh port of the tunnel. The string includes a {@link + * TunnelEndpoint.portToken} that must be replaced with the actual port number. + */ + portSshCommandFormat?: string; + + /** + * Gets or sets the Ssh command where the Ssh client can connect to the default ssh + * port of the tunnel. + */ + tunnelSshCommand?: string; + + /** + * Gets or sets the Ssh gateway public key which should be added to the + * authorized_keys file so that tunnel service can connect to the shared ssh server. + */ + sshGatewayPublicKey?: string; +} + +/** + * Token included in {@link TunnelEndpoint.portUriFormat} and {@link + * TunnelEndpoint.portSshCommandFormat} that is to be replaced by a specified port number. + */ +export const portToken = '{port}'; + +// Import static members from a non-generated file, +// and re-export them as an object with the same name as the interface. +import { + getPortUri, + getPortSshCommand, +} from './tunnelEndpointStatics'; + +export const TunnelEndpoint = { + portToken, + getPortUri, + getPortSshCommand, +}; diff --git a/ts/src/contracts/tunnelEvent.ts b/ts/src/contracts/tunnelEvent.ts index dcb4c01e..f4915ad2 100644 --- a/ts/src/contracts/tunnelEvent.ts +++ b/ts/src/contracts/tunnelEvent.ts @@ -1,59 +1,59 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelEvent.cs -/* eslint-disable */ - -/** - * Data contract for tunnel client events reported to the tunnel service. - */ -export interface TunnelEvent { - /** - * Gets or sets the UTC timestamp of the event (using the client's clock). - */ - timestamp?: Date; - - /** - * Gets or sets name of the event. This should be a short descriptive identifier. - */ - name: string; - - /** - * Gets or sets the severity of the event, such as {@link TunnelEvent.info}, {@link - * TunnelEvent.warning}, or {@link TunnelEvent.error}. - * - * If not specified, the default severity is "info". - */ - severity?: string; - - /** - * Gets or sets optional unstructured details about the event, such as a message or - * description. For warning or error events this may include a stack trace. - */ - details?: string; - - /** - * Gets or sets semi-structured event properties. - */ - properties?: { [key: string]: string }; -} - -/** - * Default event severity. - */ -export const info = 'info'; - -/** - * Warning event severity. - */ -export const warning = 'warning'; - -/** - * Error event severity. - */ -export const error = 'error'; - -export const TunnelEvent = { - info, - warning, - error, -}; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelEvent.cs +/* eslint-disable */ + +/** + * Data contract for tunnel client events reported to the tunnel service. + */ +export interface TunnelEvent { + /** + * Gets or sets the UTC timestamp of the event (using the client's clock). + */ + timestamp?: Date; + + /** + * Gets or sets name of the event. This should be a short descriptive identifier. + */ + name: string; + + /** + * Gets or sets the severity of the event, such as {@link TunnelEvent.info}, {@link + * TunnelEvent.warning}, or {@link TunnelEvent.error}. + * + * If not specified, the default severity is "info". + */ + severity?: string; + + /** + * Gets or sets optional unstructured details about the event, such as a message or + * description. For warning or error events this may include a stack trace. + */ + details?: string; + + /** + * Gets or sets semi-structured event properties. + */ + properties?: { [key: string]: string }; +} + +/** + * Default event severity. + */ +export const info = 'info'; + +/** + * Warning event severity. + */ +export const warning = 'warning'; + +/** + * Error event severity. + */ +export const error = 'error'; + +export const TunnelEvent = { + info, + warning, + error, +}; diff --git a/ts/src/contracts/tunnelHeaderNames.ts b/ts/src/contracts/tunnelHeaderNames.ts index 2735f975..a69dd3c9 100644 --- a/ts/src/contracts/tunnelHeaderNames.ts +++ b/ts/src/contracts/tunnelHeaderNames.ts @@ -1,35 +1,35 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelHeaderNames.cs -/* eslint-disable */ - -/** - * Header names for http requests that Tunnel Service can handle - */ -export enum TunnelHeaderNames { - /** - * Additional authorization header that can be passed to tunnel web forwarding to - * authenticate and authorize the client. The format of the value is the same as - * Authorization header that is sent to the Tunnel service by the tunnel SDK. - * Supported schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. - */ - XTunnelAuthorization = 'X-Tunnel-Authorization', - - /** - * Request ID header that nginx ingress controller adds to all requests if it's not - * there. - */ - XRequestID = 'X-Request-ID', - - /** - * Github Ssh public key which can be used to validate if it belongs to tunnel's - * owner. - */ - XGithubSshKey = 'X-Github-Ssh-Key', - - /** - * Header that will skip the antiphishing page when connection to a tunnel through web - * forwarding. - */ - XTunnelSkipAntiPhishingPage = 'X-Tunnel-Skip-AntiPhishing-Page', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelHeaderNames.cs +/* eslint-disable */ + +/** + * Header names for http requests that Tunnel Service can handle + */ +export enum TunnelHeaderNames { + /** + * Additional authorization header that can be passed to tunnel web forwarding to + * authenticate and authorize the client. The format of the value is the same as + * Authorization header that is sent to the Tunnel service by the tunnel SDK. + * Supported schemes: "tunnel" with the tunnel access JWT good for 'Connect' scope. + */ + XTunnelAuthorization = 'X-Tunnel-Authorization', + + /** + * Request ID header that nginx ingress controller adds to all requests if it's not + * there. + */ + XRequestID = 'X-Request-ID', + + /** + * Github Ssh public key which can be used to validate if it belongs to tunnel's + * owner. + */ + XGithubSshKey = 'X-Github-Ssh-Key', + + /** + * Header that will skip the antiphishing page when connection to a tunnel through web + * forwarding. + */ + XTunnelSkipAntiPhishingPage = 'X-Tunnel-Skip-AntiPhishing-Page', +} diff --git a/ts/src/contracts/tunnelListByRegion.ts b/ts/src/contracts/tunnelListByRegion.ts index 397155f9..32cc80ad 100644 --- a/ts/src/contracts/tunnelListByRegion.ts +++ b/ts/src/contracts/tunnelListByRegion.ts @@ -1,32 +1,32 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelListByRegion.cs -/* eslint-disable */ - -import { ErrorDetail } from './errorDetail'; -import { Tunnel } from './tunnel'; - -/** - * Tunnel list by region. - */ -export interface TunnelListByRegion { - /** - * Azure region name. - */ - regionName?: string; - - /** - * Cluster id in the region. - */ - clusterId?: string; - - /** - * List of tunnels. - */ - value?: Tunnel[]; - - /** - * Error detail if getting list of tunnels in the region failed. - */ - error?: ErrorDetail; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelListByRegion.cs +/* eslint-disable */ + +import { ErrorDetail } from './errorDetail'; +import { Tunnel } from './tunnel'; + +/** + * Tunnel list by region. + */ +export interface TunnelListByRegion { + /** + * Azure region name. + */ + regionName?: string; + + /** + * Cluster id in the region. + */ + clusterId?: string; + + /** + * List of tunnels. + */ + value?: Tunnel[]; + + /** + * Error detail if getting list of tunnels in the region failed. + */ + error?: ErrorDetail; +} diff --git a/ts/src/contracts/tunnelListByRegionResponse.ts b/ts/src/contracts/tunnelListByRegionResponse.ts index ff6e8664..d76e24ea 100644 --- a/ts/src/contracts/tunnelListByRegionResponse.ts +++ b/ts/src/contracts/tunnelListByRegionResponse.ts @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelListByRegionResponse.cs -/* eslint-disable */ - -import { TunnelListByRegion } from './tunnelListByRegion'; - -/** - * Data contract for response of a list tunnel by region call. - */ -export interface TunnelListByRegionResponse { - /** - * List of tunnels - */ - value?: TunnelListByRegion[]; - - /** - * Link to get next page of results. - */ - nextLink?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelListByRegionResponse.cs +/* eslint-disable */ + +import { TunnelListByRegion } from './tunnelListByRegion'; + +/** + * Data contract for response of a list tunnel by region call. + */ +export interface TunnelListByRegionResponse { + /** + * List of tunnels + */ + value?: TunnelListByRegion[]; + + /** + * Link to get next page of results. + */ + nextLink?: string; +} diff --git a/ts/src/contracts/tunnelOptions.ts b/ts/src/contracts/tunnelOptions.ts index ddec8445..80993810 100644 --- a/ts/src/contracts/tunnelOptions.ts +++ b/ts/src/contracts/tunnelOptions.ts @@ -1,113 +1,113 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelOptions.cs -/* eslint-disable */ - -/** - * Data contract for {@link Tunnel} or {@link TunnelPort} options. - */ -export interface TunnelOptions { - /** - * Gets or sets a value indicating whether web-forwarding of this tunnel can run on - * any cluster (region) without redirecting to the home cluster. This is only - * applicable if the tunnel has a name and web-forwarding uses it. - */ - isGloballyAvailable?: boolean; - - /** - * Gets or sets a value for `Host` header rewriting to use in web-forwarding of this - * tunnel or port. By default, with this property null or empty, web-forwarding uses - * "localhost" to rewrite the header. Web-fowarding will use this property instead if - * it is not null or empty. Port-level option, if set, takes precedence over this - * option on the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. - */ - hostHeader?: string; - - /** - * Gets or sets a value indicating whether `Host` header is rewritten or the header - * value stays intact. By default, if false, web-forwarding rewrites the host header - * with the value from HostHeader property or "localhost". If true, the host header - * will be whatever the tunnel's web-forwarding host is, e.g. - * tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence over - * this option on the tunnel level. - */ - isHostHeaderUnchanged?: boolean; - - /** - * Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this - * tunnel or port. By default, with this property null or empty, web-forwarding uses - * "http(s)://localhost" to rewrite the header. Web-fowarding will use this property - * instead if it is not null or empty. Port-level option, if set, takes precedence - * over this option on the tunnel level. The option is ignored if - * IsOriginHeaderUnchanged is true. - */ - originHeader?: string; - - /** - * Gets or sets a value indicating whether `Origin` header is rewritten or the header - * value stays intact. By default, if false, web-forwarding rewrites the origin header - * with the value from OriginHeader property or "http(s)://localhost". If true, the - * Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. - * https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence - * over this option on the tunnel level. - */ - isOriginHeaderUnchanged?: boolean; - - /** - * Gets or sets if inspection is enabled for the tunnel. - */ - isInspectionEnabled?: boolean; - - /** - * Gets or sets a value indicating whether web requests to a tunnel can use the tunnel - * web authentication cookie if they come from a different site. Specifically, this - * controls whether the tunnel web-forwarding authentication cookie is marked as - * SameSite=None. The default is false, which means the cookie is marked as - * SameSite=Lax. This only applies to tunnels that require authentication. - */ - isCrossSiteAuthenticationEnabled?: boolean; - - /** - * Gets or sets a value indicating whether the tunnel web-forwarding authentication - * cookie is set as Partitioned (CHIPS). The default is false. This only applies to - * tunnels that require authentication. - * - * A partitioned cookie always also has SameSite=None for compatbility with browsers - * that do not support partitioning. - */ - isPartitionedSiteAuthenticationEnabled?: boolean; - - /** - * Gets or sets a value indicating whether web requests to the tunnel or port can be - * directly authenticated with bearer token authentication by supplying an - * `Authorization` header with an Entra ID or GitHub token of a user with access to - * the tunnel. The default is false, which means only the tunnel web authentication - * cookie or `X-Tunnel-Authorization` header can be used for authenticating web - * requests to the tunnel. - * - * When this option is enabled, AND neither a tunnel web authentication cookie nor an - * `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will - * attempt to authenticate the request using the `Authorization` header with Entra ID - * or GitHub credentials. In that case the `Authorization` header will be stripped - * from the request before it is forwarded to the host application. Enabling this - * option may be desirable for API tunnels, where clients are likely to have better - * support for bearer token authentication using the `Authorization` header. However, - * interception of that header could block host applications which themselves - * implement bearer token authentication, which is why this option is disabled by - * default. This option does not apply to the tunnel management API, which always - * supports bearer token authentication using the `Authorization` header. - */ - isBearerTokenAuthenticationEnabled?: boolean; - - /** - * Gets or sets the timeout for HTTP requests to the tunnel or port. - * - * The default timeout is 100 seconds. Set this to 0 to disable the timeout. The - * timeout will reset when response headers are received or after successfully reading - * or writing any request, response, or streaming data like gRPC or WebSockets. TCP - * keep-alives and HTTP/2 protocol pings will not reset the timeout, but WebSocket - * pings will. When a request times out, the tunnel relay aborts the request and - * returns 504 Gateway Timeout. - */ - requestTimeoutSeconds?: number; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelOptions.cs +/* eslint-disable */ + +/** + * Data contract for {@link Tunnel} or {@link TunnelPort} options. + */ +export interface TunnelOptions { + /** + * Gets or sets a value indicating whether web-forwarding of this tunnel can run on + * any cluster (region) without redirecting to the home cluster. This is only + * applicable if the tunnel has a name and web-forwarding uses it. + */ + isGloballyAvailable?: boolean; + + /** + * Gets or sets a value for `Host` header rewriting to use in web-forwarding of this + * tunnel or port. By default, with this property null or empty, web-forwarding uses + * "localhost" to rewrite the header. Web-fowarding will use this property instead if + * it is not null or empty. Port-level option, if set, takes precedence over this + * option on the tunnel level. The option is ignored if IsHostHeaderUnchanged is true. + */ + hostHeader?: string; + + /** + * Gets or sets a value indicating whether `Host` header is rewritten or the header + * value stays intact. By default, if false, web-forwarding rewrites the host header + * with the value from HostHeader property or "localhost". If true, the host header + * will be whatever the tunnel's web-forwarding host is, e.g. + * tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence over + * this option on the tunnel level. + */ + isHostHeaderUnchanged?: boolean; + + /** + * Gets or sets a value for `Origin` header rewriting to use in web-forwarding of this + * tunnel or port. By default, with this property null or empty, web-forwarding uses + * "http(s)://localhost" to rewrite the header. Web-fowarding will use this property + * instead if it is not null or empty. Port-level option, if set, takes precedence + * over this option on the tunnel level. The option is ignored if + * IsOriginHeaderUnchanged is true. + */ + originHeader?: string; + + /** + * Gets or sets a value indicating whether `Origin` header is rewritten or the header + * value stays intact. By default, if false, web-forwarding rewrites the origin header + * with the value from OriginHeader property or "http(s)://localhost". If true, the + * Origin header will be whatever the tunnel's web-forwarding Origin is, e.g. + * https://tunnel-name-8080.devtunnels.ms. Port-level option, if set, takes precedence + * over this option on the tunnel level. + */ + isOriginHeaderUnchanged?: boolean; + + /** + * Gets or sets if inspection is enabled for the tunnel. + */ + isInspectionEnabled?: boolean; + + /** + * Gets or sets a value indicating whether web requests to a tunnel can use the tunnel + * web authentication cookie if they come from a different site. Specifically, this + * controls whether the tunnel web-forwarding authentication cookie is marked as + * SameSite=None. The default is false, which means the cookie is marked as + * SameSite=Lax. This only applies to tunnels that require authentication. + */ + isCrossSiteAuthenticationEnabled?: boolean; + + /** + * Gets or sets a value indicating whether the tunnel web-forwarding authentication + * cookie is set as Partitioned (CHIPS). The default is false. This only applies to + * tunnels that require authentication. + * + * A partitioned cookie always also has SameSite=None for compatbility with browsers + * that do not support partitioning. + */ + isPartitionedSiteAuthenticationEnabled?: boolean; + + /** + * Gets or sets a value indicating whether web requests to the tunnel or port can be + * directly authenticated with bearer token authentication by supplying an + * `Authorization` header with an Entra ID or GitHub token of a user with access to + * the tunnel. The default is false, which means only the tunnel web authentication + * cookie or `X-Tunnel-Authorization` header can be used for authenticating web + * requests to the tunnel. + * + * When this option is enabled, AND neither a tunnel web authentication cookie nor an + * `X-Tunnel-Authorization` header is present in a web request, the tunnel relay will + * attempt to authenticate the request using the `Authorization` header with Entra ID + * or GitHub credentials. In that case the `Authorization` header will be stripped + * from the request before it is forwarded to the host application. Enabling this + * option may be desirable for API tunnels, where clients are likely to have better + * support for bearer token authentication using the `Authorization` header. However, + * interception of that header could block host applications which themselves + * implement bearer token authentication, which is why this option is disabled by + * default. This option does not apply to the tunnel management API, which always + * supports bearer token authentication using the `Authorization` header. + */ + isBearerTokenAuthenticationEnabled?: boolean; + + /** + * Gets or sets the timeout for HTTP requests to the tunnel or port. + * + * The default timeout is 100 seconds. Set this to 0 to disable the timeout. The + * timeout will reset when response headers are received or after successfully reading + * or writing any request, response, or streaming data like gRPC or WebSockets. TCP + * keep-alives and HTTP/2 protocol pings will not reset the timeout, but WebSocket + * pings will. When a request times out, the tunnel relay aborts the request and + * returns 504 Gateway Timeout. + */ + requestTimeoutSeconds?: number; +} diff --git a/ts/src/contracts/tunnelPort.ts b/ts/src/contracts/tunnelPort.ts index 4c5080c2..92427684 100644 --- a/ts/src/contracts/tunnelPort.ts +++ b/ts/src/contracts/tunnelPort.ts @@ -1,111 +1,111 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPort.cs -/* eslint-disable */ - -import { TunnelAccessControl } from './tunnelAccessControl'; -import { TunnelOptions } from './tunnelOptions'; -import { TunnelPortStatus } from './tunnelPortStatus'; - -/** - * Data contract for tunnel port objects managed through the tunnel service REST API. - */ -export interface TunnelPort { - /** - * Gets or sets the ID of the cluster the tunnel was created in. - */ - clusterId?: string; - - /** - * Gets or sets the generated ID of the tunnel, unique within the cluster. - */ - tunnelId?: string; - - /** - * Gets or sets the IP port number of the tunnel port. - */ - portNumber: number; - - /** - * Gets or sets the optional short name of the port. - * - * The name must be unique among named ports of the same tunnel. - */ - name?: string; - - /** - * Gets or sets the optional description of the port. - */ - description?: string; - - /** - * Gets or sets the labels of the port. - */ - labels?: string[]; - - /** - * Gets or sets the protocol of the tunnel port. - * - * Should be one of the string constants from {@link TunnelProtocol}. - */ - protocol?: string; - - /** - * Gets or sets a value indicating whether this port is a default port for the tunnel. - * - * A client that connects to a tunnel (by ID or name) without specifying a port number - * will connect to the default port for the tunnel, if a default is configured. Or if - * the tunnel has only one port then the single port is the implicit default. - * - * Selection of a default port for a connection also depends on matching the - * connection to the port {@link TunnelPort.protocol}, so it is possible to configure - * separate defaults for distinct protocols like {@link TunnelProtocol.http} and - * {@link TunnelProtocol.ssh}. - */ - isDefault?: boolean; - - /** - * Gets or sets a dictionary mapping from scopes to tunnel access tokens. - * - * Unlike the tokens in {@link Tunnel.accessTokens}, these tokens are restricted to - * the individual port. - */ - accessTokens?: { [scope: string]: string }; - - /** - * Gets or sets access control settings for the tunnel port. - * - * See {@link TunnelAccessControl} documentation for details about the access control - * model. - */ - accessControl?: TunnelAccessControl; - - /** - * Gets or sets options for the tunnel port. - */ - options?: TunnelOptions; - - /** - * Gets or sets current connection status of the tunnel port. - */ - status?: TunnelPortStatus; - - /** - * Gets or sets the username for the ssh service user is trying to forward. - * - * Should be provided if the {@link TunnelProtocol} is Ssh. - */ - sshUser?: string; - - /** - * Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the - * port can be accessed with web forwarding. - */ - portForwardingUris?: string[]; - - /** - * Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic - * can be inspected. - */ - inspectionUri?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPort.cs +/* eslint-disable */ + +import { TunnelAccessControl } from './tunnelAccessControl'; +import { TunnelOptions } from './tunnelOptions'; +import { TunnelPortStatus } from './tunnelPortStatus'; + +/** + * Data contract for tunnel port objects managed through the tunnel service REST API. + */ +export interface TunnelPort { + /** + * Gets or sets the ID of the cluster the tunnel was created in. + */ + clusterId?: string; + + /** + * Gets or sets the generated ID of the tunnel, unique within the cluster. + */ + tunnelId?: string; + + /** + * Gets or sets the IP port number of the tunnel port. + */ + portNumber: number; + + /** + * Gets or sets the optional short name of the port. + * + * The name must be unique among named ports of the same tunnel. + */ + name?: string; + + /** + * Gets or sets the optional description of the port. + */ + description?: string; + + /** + * Gets or sets the labels of the port. + */ + labels?: string[]; + + /** + * Gets or sets the protocol of the tunnel port. + * + * Should be one of the string constants from {@link TunnelProtocol}. + */ + protocol?: string; + + /** + * Gets or sets a value indicating whether this port is a default port for the tunnel. + * + * A client that connects to a tunnel (by ID or name) without specifying a port number + * will connect to the default port for the tunnel, if a default is configured. Or if + * the tunnel has only one port then the single port is the implicit default. + * + * Selection of a default port for a connection also depends on matching the + * connection to the port {@link TunnelPort.protocol}, so it is possible to configure + * separate defaults for distinct protocols like {@link TunnelProtocol.http} and + * {@link TunnelProtocol.ssh}. + */ + isDefault?: boolean; + + /** + * Gets or sets a dictionary mapping from scopes to tunnel access tokens. + * + * Unlike the tokens in {@link Tunnel.accessTokens}, these tokens are restricted to + * the individual port. + */ + accessTokens?: { [scope: string]: string }; + + /** + * Gets or sets access control settings for the tunnel port. + * + * See {@link TunnelAccessControl} documentation for details about the access control + * model. + */ + accessControl?: TunnelAccessControl; + + /** + * Gets or sets options for the tunnel port. + */ + options?: TunnelOptions; + + /** + * Gets or sets current connection status of the tunnel port. + */ + status?: TunnelPortStatus; + + /** + * Gets or sets the username for the ssh service user is trying to forward. + * + * Should be provided if the {@link TunnelProtocol} is Ssh. + */ + sshUser?: string; + + /** + * Gets or sets web forwarding URIs. If set, it's a list of absolute URIs where the + * port can be accessed with web forwarding. + */ + portForwardingUris?: string[]; + + /** + * Gets or sets inspection URI. If set, it's an absolute URIs where the port's traffic + * can be inspected. + */ + inspectionUri?: string; +} diff --git a/ts/src/contracts/tunnelPortListResponse.ts b/ts/src/contracts/tunnelPortListResponse.ts index ed62eccc..cea9c3e1 100644 --- a/ts/src/contracts/tunnelPortListResponse.ts +++ b/ts/src/contracts/tunnelPortListResponse.ts @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPortListResponse.cs -/* eslint-disable */ - -import { TunnelPort } from './tunnelPort'; - -/** - * Data contract for response of a list tunnel ports call. - */ -export interface TunnelPortListResponse { - /** - * List of tunnels - */ - value: TunnelPort[]; - - /** - * Link to get next page of results - */ - nextLink?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPortListResponse.cs +/* eslint-disable */ + +import { TunnelPort } from './tunnelPort'; + +/** + * Data contract for response of a list tunnel ports call. + */ +export interface TunnelPortListResponse { + /** + * List of tunnels + */ + value: TunnelPort[]; + + /** + * Link to get next page of results + */ + nextLink?: string; +} diff --git a/ts/src/contracts/tunnelPortStatus.ts b/ts/src/contracts/tunnelPortStatus.ts index 55fd3943..cac58a44 100644 --- a/ts/src/contracts/tunnelPortStatus.ts +++ b/ts/src/contracts/tunnelPortStatus.ts @@ -1,48 +1,48 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelPortStatus.cs -/* eslint-disable */ - -import { RateStatus } from './rateStatus'; -import { ResourceStatus } from './resourceStatus'; - -/** - * Data contract for {@link TunnelPort} status. - */ -export interface TunnelPortStatus { - /** - * Gets or sets the current value and limit for the number of clients connected to the - * port. - * - * This client connection count does not include non-port-specific connections such as - * SDK and SSH clients. See {@link TunnelStatus.clientConnectionCount} for status of - * those connections. This count also does not include HTTP client connections, - * unless they are upgraded to websockets. HTTP connections are counted per-request - * rather than per-connection: see {@link TunnelPortStatus.httpRequestRate}. - */ - clientConnectionCount?: number | ResourceStatus; - - /** - * Gets or sets the UTC date time when a client was last connected to the port, or - * null if a client has never connected. - */ - lastClientConnectionTime?: Date; - - /** - * Gets or sets the current value and limit for the rate of client connections to the - * tunnel port. - * - * This client connection rate does not count non-port-specific connections such as - * SDK and SSH clients. See {@link TunnelStatus.clientConnectionRate} for those - * connection types. This also does not include HTTP connections, unless they are - * upgraded to websockets. HTTP connections are counted per-request rather than - * per-connection: see {@link TunnelPortStatus.httpRequestRate}. - */ - clientConnectionRate?: RateStatus; - - /** - * Gets or sets the current value and limit for the rate of HTTP requests to the - * tunnel port. - */ - httpRequestRate?: RateStatus; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelPortStatus.cs +/* eslint-disable */ + +import { RateStatus } from './rateStatus'; +import { ResourceStatus } from './resourceStatus'; + +/** + * Data contract for {@link TunnelPort} status. + */ +export interface TunnelPortStatus { + /** + * Gets or sets the current value and limit for the number of clients connected to the + * port. + * + * This client connection count does not include non-port-specific connections such as + * SDK and SSH clients. See {@link TunnelStatus.clientConnectionCount} for status of + * those connections. This count also does not include HTTP client connections, + * unless they are upgraded to websockets. HTTP connections are counted per-request + * rather than per-connection: see {@link TunnelPortStatus.httpRequestRate}. + */ + clientConnectionCount?: number | ResourceStatus; + + /** + * Gets or sets the UTC date time when a client was last connected to the port, or + * null if a client has never connected. + */ + lastClientConnectionTime?: Date; + + /** + * Gets or sets the current value and limit for the rate of client connections to the + * tunnel port. + * + * This client connection rate does not count non-port-specific connections such as + * SDK and SSH clients. See {@link TunnelStatus.clientConnectionRate} for those + * connection types. This also does not include HTTP connections, unless they are + * upgraded to websockets. HTTP connections are counted per-request rather than + * per-connection: see {@link TunnelPortStatus.httpRequestRate}. + */ + clientConnectionRate?: RateStatus; + + /** + * Gets or sets the current value and limit for the rate of HTTP requests to the + * tunnel port. + */ + httpRequestRate?: RateStatus; +} diff --git a/ts/src/contracts/tunnelProgress.ts b/ts/src/contracts/tunnelProgress.ts index e5ba8f5e..c96dc63e 100644 --- a/ts/src/contracts/tunnelProgress.ts +++ b/ts/src/contracts/tunnelProgress.ts @@ -1,59 +1,59 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs -/* eslint-disable */ - -/** - * Specifies the tunnel progress events that are reported. - */ -export enum TunnelProgress { - /** - * Starting refresh ports. - */ - StartingRefreshPorts = 'StartingRefreshPorts', - - /** - * Completed refresh ports. - */ - CompletedRefreshPorts = 'CompletedRefreshPorts', - - /** - * Starting request uri for a tunnel service request. - */ - StartingRequestUri = 'StartingRequestUri', - - /** - * Starting request configuration for a tunnel service request. - */ - StartingRequestConfig = 'StartingRequestConfig', - - /** - * Starting to send tunnel service request. - */ - StartingSendTunnelRequest = 'StartingSendTunnelRequest', - - /** - * Completed sending a tunnel service request. - */ - CompletedSendTunnelRequest = 'CompletedSendTunnelRequest', - - /** - * Starting create tunnel port. - */ - StartingCreateTunnelPort = 'StartingCreateTunnelPort', - - /** - * Completed create tunnel port. - */ - CompletedCreateTunnelPort = 'CompletedCreateTunnelPort', - - /** - * Starting get tunnel port. - */ - StartingGetTunnelPort = 'StartingGetTunnelPort', - - /** - * Completed get tunnel port. - */ - CompletedGetTunnelPort = 'CompletedGetTunnelPort', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs +/* eslint-disable */ + +/** + * Specifies the tunnel progress events that are reported. + */ +export enum TunnelProgress { + /** + * Starting refresh ports. + */ + StartingRefreshPorts = 'StartingRefreshPorts', + + /** + * Completed refresh ports. + */ + CompletedRefreshPorts = 'CompletedRefreshPorts', + + /** + * Starting request uri for a tunnel service request. + */ + StartingRequestUri = 'StartingRequestUri', + + /** + * Starting request configuration for a tunnel service request. + */ + StartingRequestConfig = 'StartingRequestConfig', + + /** + * Starting to send tunnel service request. + */ + StartingSendTunnelRequest = 'StartingSendTunnelRequest', + + /** + * Completed sending a tunnel service request. + */ + CompletedSendTunnelRequest = 'CompletedSendTunnelRequest', + + /** + * Starting create tunnel port. + */ + StartingCreateTunnelPort = 'StartingCreateTunnelPort', + + /** + * Completed create tunnel port. + */ + CompletedCreateTunnelPort = 'CompletedCreateTunnelPort', + + /** + * Starting get tunnel port. + */ + StartingGetTunnelPort = 'StartingGetTunnelPort', + + /** + * Completed get tunnel port. + */ + CompletedGetTunnelPort = 'CompletedGetTunnelPort', +} diff --git a/ts/src/contracts/tunnelProtocol.ts b/ts/src/contracts/tunnelProtocol.ts index 3a414704..25276229 100644 --- a/ts/src/contracts/tunnelProtocol.ts +++ b/ts/src/contracts/tunnelProtocol.ts @@ -1,44 +1,44 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelProtocol.cs -/* eslint-disable */ - -/** - * Defines possible values for the protocol of a {@link TunnelPort}. - */ -export enum TunnelProtocol { - /** - * The protocol is automatically detected. (TODO: Define detection semantics.) - */ - Auto = 'auto', - - /** - * Unknown TCP protocol. - */ - Tcp = 'tcp', - - /** - * Unknown UDP protocol. - */ - Udp = 'udp', - - /** - * SSH protocol. - */ - Ssh = 'ssh', - - /** - * Remote desktop protocol. - */ - Rdp = 'rdp', - - /** - * HTTP protocol. - */ - Http = 'http', - - /** - * HTTPS protocol. - */ - Https = 'https', -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelProtocol.cs +/* eslint-disable */ + +/** + * Defines possible values for the protocol of a {@link TunnelPort}. + */ +export enum TunnelProtocol { + /** + * The protocol is automatically detected. (TODO: Define detection semantics.) + */ + Auto = 'auto', + + /** + * Unknown TCP protocol. + */ + Tcp = 'tcp', + + /** + * Unknown UDP protocol. + */ + Udp = 'udp', + + /** + * SSH protocol. + */ + Ssh = 'ssh', + + /** + * Remote desktop protocol. + */ + Rdp = 'rdp', + + /** + * HTTP protocol. + */ + Http = 'http', + + /** + * HTTPS protocol. + */ + Https = 'https', +} diff --git a/ts/src/contracts/tunnelRelayTunnelEndpoint.ts b/ts/src/contracts/tunnelRelayTunnelEndpoint.ts index 235ab2ae..8391a773 100644 --- a/ts/src/contracts/tunnelRelayTunnelEndpoint.ts +++ b/ts/src/contracts/tunnelRelayTunnelEndpoint.ts @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelRelayTunnelEndpoint.cs -/* eslint-disable */ - -import { TunnelEndpoint } from './tunnelEndpoint'; - -/** - * Parameters for connecting to a tunnel via the tunnel service's built-in relay function. - */ -export interface TunnelRelayTunnelEndpoint extends TunnelEndpoint { - /** - * Gets or sets the host URI. - */ - hostRelayUri?: string; - - /** - * Gets or sets the client URI. - */ - clientRelayUri?: string; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelRelayTunnelEndpoint.cs +/* eslint-disable */ + +import { TunnelEndpoint } from './tunnelEndpoint'; + +/** + * Parameters for connecting to a tunnel via the tunnel service's built-in relay function. + */ +export interface TunnelRelayTunnelEndpoint extends TunnelEndpoint { + /** + * Gets or sets the host URI. + */ + hostRelayUri?: string; + + /** + * Gets or sets the client URI. + */ + clientRelayUri?: string; +} diff --git a/ts/src/contracts/tunnelReportProgressEventArgs.ts b/ts/src/contracts/tunnelReportProgressEventArgs.ts index 5b9f2714..f4efc279 100644 --- a/ts/src/contracts/tunnelReportProgressEventArgs.ts +++ b/ts/src/contracts/tunnelReportProgressEventArgs.ts @@ -1,21 +1,21 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs -/* eslint-disable */ - -/** - * Event args for the tunnel report progress event. - */ -export interface TunnelReportProgressEventArgs { - /** - * Specifies the progress event that is being reported. See {@link TunnelProgress} and - * Ssh.Progress for a description of the different progress events that can be - * reported. - */ - progress: string; - - /** - * The session number associated with an SSH session progress event. - */ - sessionNumber?: number; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelReportProgressEventArgs.cs +/* eslint-disable */ + +/** + * Event args for the tunnel report progress event. + */ +export interface TunnelReportProgressEventArgs { + /** + * Specifies the progress event that is being reported. See {@link TunnelProgress} and + * Ssh.Progress for a description of the different progress events that can be + * reported. + */ + progress: string; + + /** + * The session number associated with an SSH session progress event. + */ + sessionNumber?: number; +} diff --git a/ts/src/contracts/tunnelServiceProperties.ts b/ts/src/contracts/tunnelServiceProperties.ts index 379ec3f6..da67dbbc 100644 --- a/ts/src/contracts/tunnelServiceProperties.ts +++ b/ts/src/contracts/tunnelServiceProperties.ts @@ -1,135 +1,158 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelServiceProperties.cs -/* eslint-disable */ - -/** - * Provides environment-dependent properties about the service. - */ -export interface TunnelServiceProperties { - /** - * Gets the base URI of the service. - */ - serviceUri: string; - - /** - * Gets the public AAD AppId for the service. - * - * Clients specify this AppId as the audience property when authenticating to the - * service. - */ - serviceAppId: string; - - /** - * Gets the internal AAD AppId for the service. - * - * Other internal services specify this AppId as the audience property when - * authenticating to the tunnel service. Production services must be in the AME tenant - * to use this appid. - */ - serviceInternalAppId: string; - - /** - * Gets the client ID for the service's GitHub app. - * - * Clients apps that authenticate tunnel users with GitHub specify this as the client - * ID when requesting a user token. - */ - gitHubAppClientId: string; -} - -/** - * Global DNS name of the production tunnel service. - */ -export const prodDnsName = 'global.rel.tunnels.api.visualstudio.com'; - -/** - * Global DNS name of the pre-production tunnel service. - */ -export const ppeDnsName = 'global.rel.tunnels.ppe.api.visualstudio.com'; - -/** - * Global DNS name of the development tunnel service. - */ -export const devDnsName = 'global.ci.tunnels.dev.api.visualstudio.com'; - -/** - * First-party app ID: `Visual Studio Tunnel Service` - * - * Used for authenticating AAD/MSA users, and service principals outside the AME tenant, - * in the PROD service environment. - */ -export const prodFirstPartyAppId = '46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2'; - -/** - * First-party app ID: `Visual Studio Tunnel Service - Test` - * - * Used for authenticating AAD/MSA users, and service principals outside the AME tenant, - * in the PPE service environments. - */ -export const ppeFirstPartyAppId = '54c45752-bacd-424a-b928-652f3eca2b18'; - -/** - * Third-party app ID: `DEV-VSTunnelService-3P` - * - * Used for authenticating AAD/MSA users, and service principals outside the AME tenant, - * in the DEV service environment. This is a 3P app registration in the Microsoft corp - * tenant, replacing the former 1P FPA. - */ -export const devFirstPartyAppId = '906ce216-6f2e-40be-875d-7fe1a9bc288a'; - -/** - * Third-party app ID: `tunnels-prod-app-sp` - * - * Used for authenticating internal AAD service principals in the AME tenant, in the PROD - * service environment. - */ -export const prodThirdPartyAppId = 'ce65d243-a913-4cae-a7dd-cb52e9f77647'; - -/** - * Third-party app ID: `tunnels-ppe-app-sp` - * - * Used for authenticating internal AAD service principals in the AME tenant, in the PPE - * service environment. - */ -export const ppeThirdPartyAppId = '544167a6-f431-4518-aac6-2fd50071928e'; - -/** - * Third-party app ID: `tunnels-dev-app-sp` - * - * Used for authenticating internal AAD service principals in the corp tenant (not AME!), - * in the DEV service environment. - */ -export const devThirdPartyAppId = 'a118c979-0249-44bb-8f95-eb0457127aeb'; - -/** - * GitHub App Client ID for 'Visual Studio Tunnel Service' - * - * Used by client apps that authenticate tunnel users with GitHub, in the PROD service - * environment. - */ -export const prodGitHubAppClientId = 'Iv1.e7b89e013f801f03'; - -/** - * GitHub App Client ID for 'Visual Studio Tunnel Service - Test' - * - * Used by client apps that authenticate tunnel users with GitHub, in the PPE and DEV - * service environments. - */ -export const nonProdGitHubAppClientId = 'Iv1.b231c327f1eaa229'; - -// Import static members from a non-generated file, -// and re-export them as an object with the same name as the interface. -import { - production, - staging, - development, - environment, -} from './tunnelServicePropertiesStatics'; - -export const TunnelServiceProperties = { - production, - staging, - development, - environment, -}; +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelServiceProperties.cs +/* eslint-disable */ + +/** + * Provides environment-dependent properties about the service. + */ +export interface TunnelServiceProperties { + /** + * Gets the base URI of the service. + */ + serviceUri: string; + + /** + * Gets the public AAD AppId for the service. + * + * Clients specify this AppId as the audience property when authenticating to the + * service. + */ + serviceAppId: string; + + /** + * Gets the internal AAD AppId for the service. + * + * Other internal services specify this AppId as the audience property when + * authenticating to the tunnel service. Production services must be in the AME tenant + * to use this appid. + */ + serviceInternalAppId: string; + + /** + * Gets the client ID for the service's GitHub app. + * + * Clients apps that authenticate tunnel users with GitHub specify this as the client + * ID when requesting a user token. + */ + gitHubAppClientId: string; +} + +/** + * Global DNS name of the production tunnel service. + */ +export const prodDnsName = 'global.rel.tunnels.api.visualstudio.com'; + +/** + * Global DNS name of the pre-production tunnel service. + */ +export const ppeDnsName = 'global.rel.tunnels.ppe.api.visualstudio.com'; + +/** + * Global DNS name of the development tunnel service. + */ +export const devDnsName = 'global.ci.tunnels.dev.api.visualstudio.com'; + +/** + * Default host name for the local tunnel service. + */ +export const localDnsName = 'tunnels.local.api.visualstudio.com:9901'; + +/** + * First-party app ID: `Visual Studio Tunnel Service` + * + * Used for authenticating AAD/MSA users, and service principals outside the AME tenant, + * in the PROD service environment. + */ +export const prodFirstPartyAppId = '46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2'; + +/** + * First-party app ID: `Visual Studio Tunnel Service - Test` + * + * Used for authenticating AAD/MSA users, and service principals outside the AME tenant, + * in the PPE service environments. + */ +export const ppeFirstPartyAppId = '54c45752-bacd-424a-b928-652f3eca2b18'; + +/** + * Third-party app ID: `DEV-VSTunnelService-3P` + * + * Used for authenticating AAD/MSA users, and service principals outside the AME tenant, + * in the DEV service environment. This is a 3P app registration in the Microsoft corp + * tenant, replacing the former 1P FPA. + */ +export const devFirstPartyAppId = '906ce216-6f2e-40be-875d-7fe1a9bc288a'; + +/** + * Third-party app ID: `tunnels-prod-app-sp` + * + * Used for authenticating internal AAD service principals in the AME tenant, in the PROD + * service environment. + */ +export const prodThirdPartyAppId = 'ce65d243-a913-4cae-a7dd-cb52e9f77647'; + +/** + * Third-party app ID: `tunnels-ppe-app-sp` + * + * Used for authenticating internal AAD service principals in the AME tenant, in the PPE + * service environment. + */ +export const ppeThirdPartyAppId = '544167a6-f431-4518-aac6-2fd50071928e'; + +/** + * Third-party app ID: `tunnels-dev-app-sp` + * + * Used for authenticating internal AAD service principals in the corp tenant (not AME!), + * in the DEV service environment. + */ +export const devThirdPartyAppId = 'a118c979-0249-44bb-8f95-eb0457127aeb'; + +/** + * GitHub App Client ID for 'Visual Studio Tunnel Service' + * + * Used by client apps that authenticate tunnel users with GitHub, in the PROD service + * environment. + */ +export const prodGitHubAppClientId = 'Iv1.e7b89e013f801f03'; + +/** + * GitHub App Client ID for 'Visual Studio Tunnel Service - Test' + * + * Used by client apps that authenticate tunnel users with GitHub, in the PPE service + * environment. + */ +export const ppeGitHubAppClientId = 'Iv1.b231c327f1eaa229'; + +/** + * GitHub App Client ID for 'Dev Tunnels Service - Dev' + * + * Used by client apps that authenticate tunnel users with GitHub, in the DEV service + * environment. + */ +export const devGitHubAppClientId = 'Iv23ctTiak9wLCiTcEbr'; + +/** + * GitHub App Client ID for 'Dev Tunnels Service - Local' + * + * Used by client apps that authenticate tunnel users with GitHub, when running the + * service locally. + */ +export const localGitHubAppClientId = 'Iv23cttBYzKThF88PiPR'; + +// Import static members from a non-generated file, +// and re-export them as an object with the same name as the interface. +import { + production, + staging, + development, + local, + environment, +} from './tunnelServicePropertiesStatics'; + +export const TunnelServiceProperties = { + production, + staging, + development, + local, + environment, +}; diff --git a/ts/src/contracts/tunnelServicePropertiesStatics.ts b/ts/src/contracts/tunnelServicePropertiesStatics.ts index 2f715fcc..4d8404bb 100644 --- a/ts/src/contracts/tunnelServicePropertiesStatics.ts +++ b/ts/src/contracts/tunnelServicePropertiesStatics.ts @@ -10,10 +10,13 @@ import { ppeThirdPartyAppId, devThirdPartyAppId, prodGitHubAppClientId, - nonProdGitHubAppClientId, + ppeGitHubAppClientId, + devGitHubAppClientId, + localGitHubAppClientId, prodDnsName, ppeDnsName, devDnsName, + localDnsName, } from './tunnelServiceProperties'; /** @@ -33,7 +36,7 @@ export const staging = { serviceUri: `https://${ppeDnsName}/`, serviceAppId: ppeFirstPartyAppId, serviceInternalAppId: ppeThirdPartyAppId, - gitHubAppClientId: nonProdGitHubAppClientId, + gitHubAppClientId: ppeGitHubAppClientId, }; /** @@ -43,7 +46,17 @@ export const development = { serviceUri: `https://${devDnsName}/`, serviceAppId: devFirstPartyAppId, serviceInternalAppId: devThirdPartyAppId, - gitHubAppClientId: nonProdGitHubAppClientId, + gitHubAppClientId: devGitHubAppClientId, +}; + +/** + * Gets properties for the service when running locally. + */ +export const local = { + serviceUri: `https://${localDnsName}/`, + serviceAppId: devFirstPartyAppId, + serviceInternalAppId: devThirdPartyAppId, + gitHubAppClientId: localGitHubAppClientId, }; /** @@ -64,6 +77,8 @@ export function environment(environmentName: string): ITunnelServiceProperties { case 'dev': case 'development': return development; + case 'local': + return local; default: throw new Error(`Invalid service environment: ${environmentName}`); } diff --git a/ts/src/contracts/tunnelStatus.ts b/ts/src/contracts/tunnelStatus.ts index 1006012c..95fd139d 100644 --- a/ts/src/contracts/tunnelStatus.ts +++ b/ts/src/contracts/tunnelStatus.ts @@ -1,117 +1,117 @@ -// Copyright (c) Microsoft Corporation. -// Licensed under the MIT license. -// Generated from ../../../cs/src/Contracts/TunnelStatus.cs -/* eslint-disable */ - -import { RateStatus } from './rateStatus'; -import { ResourceStatus } from './resourceStatus'; - -/** - * Data contract for {@link Tunnel} status. - */ -export interface TunnelStatus { - /** - * Gets or sets the current value and limit for the number of ports on the tunnel. - */ - portCount?: number | ResourceStatus; - - /** - * Gets or sets the current value and limit for the number of hosts currently - * accepting connections to the tunnel. - * - * This is typically 0 or 1, but may be more than 1 if the tunnel options allow - * multiple hosts. - */ - hostConnectionCount?: number | ResourceStatus; - - /** - * Gets or sets the UTC time when a host was last accepting connections to the tunnel, - * or null if a host has never connected. - */ - lastHostConnectionTime?: Date; - - /** - * Gets or sets the current value and limit for the number of clients connected to the - * tunnel. - * - * This counts non-port-specific client connections, which is SDK and SSH clients. See - * {@link TunnelPortStatus} for status of per-port client connections. - */ - clientConnectionCount?: number | ResourceStatus; - - /** - * Gets or sets the UTC time when a client last connected to the tunnel, or null if a - * client has never connected. - * - * This reports times for non-port-specific client connections, which is SDK client - * and SSH clients. See {@link TunnelPortStatus} for per-port client connections. - */ - lastClientConnectionTime?: Date; - - /** - * Gets or sets the current value and limit for the rate of client connections to the - * tunnel. - * - * This counts non-port-specific client connections, which is SDK client and SSH - * clients. See {@link TunnelPortStatus} for status of per-port client connections. - */ - clientConnectionRate?: RateStatus; - - /** - * Gets or sets the current value and limit for the rate of bytes being received by - * the tunnel host and uploaded by tunnel clients. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this rate. The reported rate may differ slightly from the rate - * measurable by applications, due to protocol overhead. Data rate status reporting is - * delayed by a few seconds, so this value is a snapshot of the data transfer rate - * from a few seconds earlier. - */ - uploadRate?: RateStatus; - - /** - * Gets or sets the current value and limit for the rate of bytes being sent by the - * tunnel host and downloaded by tunnel clients. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this rate. The reported rate may differ slightly from the rate - * measurable by applications, due to protocol overhead. Data rate status reporting is - * delayed by a few seconds, so this value is a snapshot of the data transfer rate - * from a few seconds earlier. - */ - downloadRate?: RateStatus; - - /** - * Gets or sets the total number of bytes received by the tunnel host and uploaded by - * tunnel clients, over the lifetime of the tunnel. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this total. The reported value may differ slightly from the value - * measurable by applications, due to protocol overhead. Data transfer status - * reporting is delayed by a few seconds. - */ - uploadTotal?: number; - - /** - * Gets or sets the total number of bytes sent by the tunnel host and downloaded by - * tunnel clients, over the lifetime of the tunnel. - * - * All types of tunnel and port connections, from potentially multiple clients, can - * contribute to this total. The reported value may differ slightly from the value - * measurable by applications, due to protocol overhead. Data transfer status - * reporting is delayed by a few seconds. - */ - downloadTotal?: number; - - /** - * Gets or sets the current value and limit for the rate of management API read - * operations for the tunnel or tunnel ports. - */ - apiReadRate?: RateStatus; - - /** - * Gets or sets the current value and limit for the rate of management API update - * operations for the tunnel or tunnel ports. - */ - apiUpdateRate?: RateStatus; -} +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. +// Generated from ../../../cs/src/Contracts/TunnelStatus.cs +/* eslint-disable */ + +import { RateStatus } from './rateStatus'; +import { ResourceStatus } from './resourceStatus'; + +/** + * Data contract for {@link Tunnel} status. + */ +export interface TunnelStatus { + /** + * Gets or sets the current value and limit for the number of ports on the tunnel. + */ + portCount?: number | ResourceStatus; + + /** + * Gets or sets the current value and limit for the number of hosts currently + * accepting connections to the tunnel. + * + * This is typically 0 or 1, but may be more than 1 if the tunnel options allow + * multiple hosts. + */ + hostConnectionCount?: number | ResourceStatus; + + /** + * Gets or sets the UTC time when a host was last accepting connections to the tunnel, + * or null if a host has never connected. + */ + lastHostConnectionTime?: Date; + + /** + * Gets or sets the current value and limit for the number of clients connected to the + * tunnel. + * + * This counts non-port-specific client connections, which is SDK and SSH clients. See + * {@link TunnelPortStatus} for status of per-port client connections. + */ + clientConnectionCount?: number | ResourceStatus; + + /** + * Gets or sets the UTC time when a client last connected to the tunnel, or null if a + * client has never connected. + * + * This reports times for non-port-specific client connections, which is SDK client + * and SSH clients. See {@link TunnelPortStatus} for per-port client connections. + */ + lastClientConnectionTime?: Date; + + /** + * Gets or sets the current value and limit for the rate of client connections to the + * tunnel. + * + * This counts non-port-specific client connections, which is SDK client and SSH + * clients. See {@link TunnelPortStatus} for status of per-port client connections. + */ + clientConnectionRate?: RateStatus; + + /** + * Gets or sets the current value and limit for the rate of bytes being received by + * the tunnel host and uploaded by tunnel clients. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this rate. The reported rate may differ slightly from the rate + * measurable by applications, due to protocol overhead. Data rate status reporting is + * delayed by a few seconds, so this value is a snapshot of the data transfer rate + * from a few seconds earlier. + */ + uploadRate?: RateStatus; + + /** + * Gets or sets the current value and limit for the rate of bytes being sent by the + * tunnel host and downloaded by tunnel clients. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this rate. The reported rate may differ slightly from the rate + * measurable by applications, due to protocol overhead. Data rate status reporting is + * delayed by a few seconds, so this value is a snapshot of the data transfer rate + * from a few seconds earlier. + */ + downloadRate?: RateStatus; + + /** + * Gets or sets the total number of bytes received by the tunnel host and uploaded by + * tunnel clients, over the lifetime of the tunnel. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this total. The reported value may differ slightly from the value + * measurable by applications, due to protocol overhead. Data transfer status + * reporting is delayed by a few seconds. + */ + uploadTotal?: number; + + /** + * Gets or sets the total number of bytes sent by the tunnel host and downloaded by + * tunnel clients, over the lifetime of the tunnel. + * + * All types of tunnel and port connections, from potentially multiple clients, can + * contribute to this total. The reported value may differ slightly from the value + * measurable by applications, due to protocol overhead. Data transfer status + * reporting is delayed by a few seconds. + */ + downloadTotal?: number; + + /** + * Gets or sets the current value and limit for the rate of management API read + * operations for the tunnel or tunnel ports. + */ + apiReadRate?: RateStatus; + + /** + * Gets or sets the current value and limit for the rate of management API update + * operations for the tunnel or tunnel ports. + */ + apiUpdateRate?: RateStatus; +}