diff --git a/api/types/session.go b/api/types/session.go index cf20486e533..5155e3612b4 100644 --- a/api/types/session.go +++ b/api/types/session.go @@ -82,6 +82,10 @@ type WebSession interface { GetBearerTokenExpiryTime() time.Time // GetExpiryTime - absolute time when web session expires GetExpiryTime() time.Time + // GetLoginTime returns the time this user recently logged in. + GetLoginTime() time.Time + // SetLoginTime sets when this user logged in. + SetLoginTime(time.Time) // WithoutSecrets returns copy of the web session but without private keys WithoutSecrets() WebSession // CheckAndSetDefaults checks and set default values for any missing fields. @@ -252,6 +256,16 @@ func (ws *WebSessionV2) GetExpiryTime() time.Time { return ws.Spec.Expires } +// GetLoginTime returns the time this user recently logged in. +func (ws *WebSessionV2) GetLoginTime() time.Time { + return ws.Spec.LoginTime +} + +// SetLoginTime sets when this user logged in. +func (ws *WebSessionV2) SetLoginTime(loginTime time.Time) { + ws.Spec.LoginTime = loginTime +} + // GetAppSessionRequest contains the parameters to request an application // web session. type GetAppSessionRequest struct { @@ -490,6 +504,8 @@ type NewWebSessionRequest struct { // SessionTTL optionally specifies the session time-to-live. // If left unspecified, the default certificate duration is used. SessionTTL time.Duration + // LoginTime is the time that this user recently logged in. + LoginTime time.Time } // Check validates the request. diff --git a/api/types/types.pb.go b/api/types/types.pb.go index 974fe4ccd9e..13265b62c46 100644 --- a/api/types/types.pb.go +++ b/api/types/types.pb.go @@ -4379,7 +4379,9 @@ type WebSessionSpecV2 struct { // BearerTokenExpires is the absolute time when the token expires. BearerTokenExpires time.Time `protobuf:"bytes,6,opt,name=BearerTokenExpires,proto3,stdtime" json:"bearer_token_expires"` // Expires is the absolute time when the session expires. - Expires time.Time `protobuf:"bytes,7,opt,name=Expires,proto3,stdtime" json:"expires"` + Expires time.Time `protobuf:"bytes,7,opt,name=Expires,proto3,stdtime" json:"expires"` + // LoginTime is the time this user recently logged in. + LoginTime time.Time `protobuf:"bytes,8,opt,name=LoginTime,proto3,stdtime" json:"login_time"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -5891,14 +5893,14 @@ func init() { func init() { proto.RegisterFile("types.proto", fileDescriptor_d938547f84707355) } var fileDescriptor_d938547f84707355 = []byte{ - // 7845 bytes of a gzipped FileDescriptorProto + // 7866 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xdc, 0x7d, 0x6d, 0x6c, 0x24, 0x47, 0x76, 0x98, 0xe6, 0x83, 0xe4, 0xcc, 0x1b, 0x92, 0x3b, 0x2c, 0x2e, 0x77, 0x67, 0xa9, 0xd5, 0xce, 0xaa, 0xf5, 0xb5, 0xab, 0x5b, 0x91, 0xb7, 0xd4, 0x49, 0x67, 0x49, 0x2b, 0xad, 0x67, 0x48, 0xee, 0x2e, 0x4d, 0xee, 0x92, 0xea, 0xe1, 0xee, 0x5a, 0xbe, 0x93, 0x3b, 0x3d, 0xd3, 0xb5, 0x64, 0x9b, - 0x33, 0xd3, 0x7d, 0xdd, 0x3d, 0x5c, 0x32, 0x09, 0x60, 0x27, 0xc0, 0xc5, 0x30, 0x0c, 0x4b, 0xb1, - 0xe1, 0x83, 0xcf, 0x40, 0x82, 0x18, 0x06, 0x02, 0x1b, 0x49, 0xee, 0x57, 0x02, 0xe4, 0x57, 0x10, - 0x04, 0x08, 0x02, 0x21, 0xc8, 0x0f, 0xff, 0x0b, 0x62, 0x24, 0x93, 0xe4, 0x9c, 0x3f, 0x61, 0xfe, + 0x33, 0xd3, 0x7d, 0xdd, 0x3d, 0x5c, 0x32, 0x09, 0x60, 0x27, 0xc0, 0xc5, 0x30, 0x0c, 0x4b, 0x71, + 0xe0, 0x83, 0xcf, 0x40, 0x82, 0x18, 0x06, 0x02, 0x1b, 0x49, 0xee, 0x57, 0x02, 0xe4, 0x57, 0x10, + 0x04, 0x08, 0x02, 0x21, 0xc8, 0x0f, 0xff, 0x0b, 0x62, 0x24, 0x93, 0xe4, 0xec, 0x3f, 0x61, 0xfe, 0xe6, 0x4f, 0x84, 0x18, 0x30, 0xea, 0x55, 0x55, 0x77, 0x75, 0x4f, 0x0f, 0x39, 0x94, 0x28, 0xe0, 0xa8, 0x5f, 0x9c, 0x7e, 0xf5, 0xde, 0xab, 0xaa, 0x57, 0x55, 0xaf, 0xde, 0x7b, 0xf5, 0xaa, 0x08, 0xa5, 0xe0, 0xd0, 0xa5, 0xfe, 0x82, 0xeb, 0x39, 0x81, 0x43, 0xc6, 0xf0, 0x63, 0xfe, 0xe2, 0x8e, @@ -5914,7 +5916,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x56, 0x2a, 0xb9, 0xeb, 0x99, 0x1b, 0xb9, 0xfa, 0xe4, 0x51, 0xbf, 0x5a, 0x68, 0x33, 0x90, 0x61, 0x5b, 0xba, 0x2c, 0x24, 0x6b, 0x30, 0xb1, 0x7a, 0xe0, 0xda, 0x1e, 0xf5, 0x2b, 0xf9, 0xeb, 0x99, 0x1b, 0xa5, 0xa5, 0xf9, 0x05, 0xde, 0xff, 0x05, 0xd9, 0xff, 0x85, 0x6d, 0xd9, 0xff, 0xfa, 0xec, - 0x17, 0xfd, 0xea, 0x0b, 0x47, 0xfd, 0xea, 0x04, 0xe5, 0x24, 0xff, 0xf0, 0xbf, 0x57, 0x33, 0xba, + 0x17, 0xfd, 0xea, 0x0b, 0x47, 0xfd, 0xea, 0x04, 0xe5, 0x24, 0xff, 0xf0, 0x7f, 0x54, 0x33, 0xba, 0xa4, 0x27, 0x77, 0x20, 0xbf, 0x7d, 0xe8, 0xd2, 0x4a, 0xf1, 0x7a, 0xe6, 0xc6, 0xf4, 0xd2, 0xb5, 0x05, 0x2e, 0xf1, 0xb0, 0x93, 0xd1, 0x2f, 0x86, 0x55, 0x2f, 0x1c, 0xf5, 0xab, 0x79, 0x86, 0xa2, 0x23, 0x15, 0x79, 0x0b, 0xc6, 0x1f, 0x38, 0x7e, 0xb0, 0xb6, 0x52, 0x01, 0xec, 0xda, 0xdc, 0x51, @@ -5932,25 +5934,25 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x8c, 0xf8, 0xc5, 0x07, 0xf6, 0x3a, 0x64, 0xd7, 0x56, 0x2a, 0x13, 0x38, 0x8d, 0xca, 0x47, 0xfd, 0xea, 0x64, 0x6c, 0x44, 0xb2, 0x6b, 0x2b, 0xf3, 0xef, 0x41, 0x49, 0x69, 0x23, 0x29, 0x43, 0x6e, 0x8f, 0x1e, 0x72, 0x79, 0xea, 0xec, 0x27, 0xb9, 0x08, 0x63, 0xfb, 0x66, 0xbb, 0x27, 0x04, 0xa8, - 0xf3, 0x8f, 0xf7, 0xb3, 0xbf, 0x94, 0xd1, 0xfe, 0x20, 0x0f, 0x05, 0xdd, 0xe1, 0x4b, 0x88, 0xdc, - 0x84, 0xb1, 0x46, 0x60, 0x06, 0x72, 0x28, 0x66, 0x8f, 0xfa, 0xd5, 0x0b, 0x3e, 0x03, 0x28, 0xf5, - 0x71, 0x0c, 0x86, 0xba, 0xb5, 0x6b, 0xfa, 0x72, 0x48, 0x10, 0xd5, 0x65, 0x00, 0x15, 0x15, 0x31, - 0xc8, 0xeb, 0x90, 0x7f, 0xe8, 0x58, 0x54, 0x8c, 0x0a, 0x39, 0xea, 0x57, 0xa7, 0x3b, 0x8e, 0xa5, - 0x22, 0x62, 0x39, 0xb9, 0x05, 0xc5, 0xe5, 0x9e, 0xe7, 0xd1, 0x2e, 0x9b, 0x85, 0x79, 0x44, 0x9e, - 0x3e, 0xea, 0x57, 0xa1, 0xc5, 0x81, 0x6c, 0xdd, 0x44, 0x08, 0x4c, 0xd4, 0x8d, 0xc0, 0xf4, 0x02, - 0x6a, 0x55, 0xc6, 0x46, 0x12, 0x35, 0x5b, 0x39, 0x33, 0x3e, 0x27, 0x49, 0x8a, 0x5a, 0x70, 0x22, - 0x0f, 0xa0, 0x74, 0xdf, 0x33, 0x5b, 0x74, 0x8b, 0x7a, 0xb6, 0x63, 0xe1, 0x18, 0xe6, 0xea, 0xaf, - 0x1f, 0xf5, 0xab, 0x97, 0x76, 0x18, 0xd8, 0x70, 0x11, 0x1e, 0x51, 0x7f, 0xd9, 0xaf, 0x16, 0x56, - 0x7a, 0x1e, 0x4a, 0x4f, 0x57, 0x49, 0xc9, 0xdf, 0x62, 0x43, 0xe2, 0x07, 0x28, 0x5a, 0x6a, 0xe1, - 0xe8, 0x1d, 0xdf, 0x44, 0x4d, 0x34, 0xf1, 0x52, 0xdb, 0xf4, 0x03, 0xc3, 0xe3, 0x74, 0x89, 0x76, - 0xaa, 0x2c, 0xc9, 0x26, 0x14, 0x1a, 0xad, 0x5d, 0x6a, 0xf5, 0xda, 0xb4, 0x52, 0x40, 0xf6, 0x97, - 0xc5, 0xc4, 0x95, 0xe3, 0x29, 0x8b, 0xeb, 0xf3, 0x82, 0x37, 0xf1, 0x05, 0x44, 0x91, 0x7d, 0xc8, - 0xe4, 0xfd, 0xc2, 0x4f, 0xff, 0xa4, 0xfa, 0xc2, 0x6f, 0xfd, 0xd7, 0xeb, 0x2f, 0x68, 0xff, 0x3a, - 0x0b, 0xe5, 0x24, 0x13, 0xf2, 0x0c, 0xa6, 0x1e, 0xbb, 0x96, 0x19, 0xd0, 0xe5, 0xb6, 0x4d, 0xbb, - 0x81, 0x8f, 0x93, 0xe4, 0xf8, 0x3e, 0xbd, 0x2a, 0xea, 0xad, 0xf4, 0x90, 0xd0, 0x68, 0x71, 0xca, - 0x44, 0xaf, 0xe2, 0x6c, 0xa3, 0x7a, 0x1a, 0xa8, 0x82, 0x7d, 0x9c, 0x61, 0xa7, 0xab, 0x87, 0x2b, - 0xef, 0x21, 0xf5, 0x08, 0xb6, 0x62, 0x02, 0x75, 0xad, 0xe6, 0x21, 0xce, 0xcc, 0xd1, 0x27, 0x10, - 0x23, 0x49, 0x99, 0x40, 0x0c, 0xac, 0xfd, 0xaf, 0x0c, 0x4c, 0xeb, 0xd4, 0x77, 0x7a, 0x5e, 0x8b, + 0xf3, 0x8f, 0xf7, 0xb3, 0xbf, 0x94, 0xd1, 0xfe, 0x51, 0x1e, 0x0a, 0xba, 0xc3, 0x97, 0x10, 0xb9, + 0x09, 0x63, 0x8d, 0xc0, 0x0c, 0xe4, 0x50, 0xcc, 0x1e, 0xf5, 0xab, 0x17, 0x7c, 0x06, 0x50, 0xea, + 0xe3, 0x18, 0x0c, 0x75, 0x6b, 0xd7, 0xf4, 0xe5, 0x90, 0x20, 0xaa, 0xcb, 0x00, 0x2a, 0x2a, 0x62, + 0x90, 0xd7, 0x21, 0xff, 0xd0, 0xb1, 0xa8, 0x18, 0x15, 0x72, 0xd4, 0xaf, 0x4e, 0x77, 0x1c, 0x4b, + 0x45, 0xc4, 0x72, 0x72, 0x0b, 0x8a, 0xcb, 0x3d, 0xcf, 0xa3, 0x5d, 0x36, 0x0b, 0xf3, 0x88, 0x3c, + 0x7d, 0xd4, 0xaf, 0x42, 0x8b, 0x03, 0xd9, 0xba, 0x89, 0x10, 0x98, 0xa8, 0x1b, 0x81, 0xe9, 0x05, + 0xd4, 0xaa, 0x8c, 0x8d, 0x24, 0x6a, 0xb6, 0x72, 0x66, 0x7c, 0x4e, 0x92, 0x14, 0xb5, 0xe0, 0x44, + 0x1e, 0x40, 0xe9, 0xbe, 0x67, 0xb6, 0xe8, 0x16, 0xf5, 0x6c, 0xc7, 0xc2, 0x31, 0xcc, 0xd5, 0x5f, + 0x3f, 0xea, 0x57, 0x2f, 0xed, 0x30, 0xb0, 0xe1, 0x22, 0x3c, 0xa2, 0xfe, 0xb2, 0x5f, 0x2d, 0xac, + 0xf4, 0x3c, 0x94, 0x9e, 0xae, 0x92, 0x92, 0xbf, 0xc5, 0x86, 0xc4, 0x0f, 0x50, 0xb4, 0xd4, 0xc2, + 0xd1, 0x3b, 0xbe, 0x89, 0x9a, 0x68, 0xe2, 0xa5, 0xb6, 0xe9, 0x07, 0x86, 0xc7, 0xe9, 0x12, 0xed, + 0x54, 0x59, 0x92, 0x4d, 0x28, 0x34, 0x5a, 0xbb, 0xd4, 0xea, 0xb5, 0x69, 0xa5, 0x80, 0xec, 0x2f, + 0x8b, 0x89, 0x2b, 0xc7, 0x53, 0x16, 0xd7, 0xe7, 0x05, 0x6f, 0xe2, 0x0b, 0x88, 0x22, 0xfb, 0x90, + 0xc9, 0xfb, 0x85, 0x9f, 0xfe, 0x71, 0xf5, 0x85, 0xdf, 0xfa, 0x6f, 0xd7, 0x5f, 0xd0, 0xfe, 0x4d, + 0x16, 0xca, 0x49, 0x26, 0xe4, 0x19, 0x4c, 0x3d, 0x76, 0x2d, 0x33, 0xa0, 0xcb, 0x6d, 0x9b, 0x76, + 0x03, 0x1f, 0x27, 0xc9, 0xf1, 0x7d, 0x7a, 0x55, 0xd4, 0x5b, 0xe9, 0x21, 0xa1, 0xd1, 0xe2, 0x94, + 0x89, 0x5e, 0xc5, 0xd9, 0x46, 0xf5, 0x34, 0x50, 0x05, 0xfb, 0x38, 0xc3, 0x4e, 0x57, 0x0f, 0x57, + 0xde, 0x43, 0xea, 0x11, 0x6c, 0xc5, 0x04, 0xea, 0x5a, 0xcd, 0x43, 0x9c, 0x99, 0xa3, 0x4f, 0x20, + 0x46, 0x92, 0x32, 0x81, 0x18, 0x58, 0xfb, 0xab, 0x0c, 0x4c, 0xeb, 0xd4, 0x77, 0x7a, 0x5e, 0x8b, 0x3e, 0xa0, 0xa6, 0x45, 0x3d, 0x36, 0xfd, 0xd7, 0xed, 0xae, 0x25, 0xd6, 0x14, 0x4e, 0xff, 0x3d, 0xbb, 0xab, 0x2e, 0x61, 0x2c, 0x27, 0xdf, 0x85, 0x89, 0x46, 0xaf, 0x89, 0xa8, 0x7c, 0x4d, 0x5d, 0xc2, 0x11, 0xeb, 0x35, 0x8d, 0x04, 0xba, 0x44, 0x23, 0x8b, 0x30, 0xf1, 0x84, 0x7a, 0x7e, 0xa4, @@ -5960,7 +5962,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0xe3, 0xac, 0xe5, 0x5f, 0xb9, 0x7b, 0xaf, 0x25, 0xbb, 0x57, 0x62, 0x7b, 0x9f, 0xe8, 0x5e, 0xd4, 0xa9, 0x0f, 0x4f, 0xee, 0x54, 0x59, 0x74, 0xaa, 0x20, 0x3b, 0x15, 0x75, 0x85, 0x7c, 0x08, 0xf9, 0x86, 0x4b, 0x5b, 0x42, 0x89, 0x48, 0xdd, 0x1f, 0xef, 0x1c, 0x43, 0x78, 0xf2, 0x76, 0x7d, 0x52, - 0xb0, 0xc9, 0xfb, 0x2e, 0x6d, 0xe9, 0x48, 0xa6, 0x2c, 0x9a, 0x7f, 0x3b, 0x06, 0x17, 0xd3, 0xc8, + 0xb0, 0xc9, 0xfb, 0x2e, 0x6d, 0xe9, 0x48, 0xa6, 0x2c, 0x9a, 0x7f, 0x37, 0x06, 0x17, 0xd3, 0xc8, 0x92, 0x9b, 0x53, 0xe6, 0x54, 0x9b, 0xd3, 0x0d, 0x28, 0x6c, 0xb1, 0xe9, 0xd8, 0x72, 0xda, 0x42, 0x6e, 0x68, 0x49, 0xb8, 0x02, 0xa6, 0x87, 0xa5, 0xe4, 0x0a, 0xe4, 0x1e, 0xeb, 0x6b, 0x42, 0x54, 0x13, 0x47, 0xfd, 0x6a, 0xae, 0xe7, 0xd9, 0x3a, 0x83, 0xb1, 0xcd, 0x7d, 0xb9, 0xb6, 0x4c, 0xbd, @@ -5993,7 +5995,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0xef, 0x35, 0xa9, 0xd7, 0xa5, 0x01, 0xf5, 0x97, 0xdb, 0x3d, 0x3f, 0x60, 0xa6, 0x10, 0x20, 0x87, 0x8a, 0xf4, 0xed, 0x92, 0x08, 0xf5, 0x17, 0x8f, 0xfa, 0xd5, 0xcb, 0x7b, 0xbd, 0x26, 0x33, 0xb5, 0x38, 0x89, 0xc2, 0x38, 0x85, 0xe1, 0x7c, 0x03, 0xa6, 0xe3, 0xd2, 0x3f, 0x03, 0x3d, 0xf2, 0x2b, - 0xf9, 0x42, 0xa1, 0x5c, 0xd4, 0xfe, 0x70, 0x0c, 0x72, 0x35, 0xd7, 0x3d, 0xc1, 0xbd, 0x13, 0xbb, + 0xf9, 0x42, 0xa1, 0x5c, 0xd4, 0xfe, 0x60, 0x0c, 0x72, 0x35, 0xd7, 0x3d, 0xc1, 0xbd, 0x13, 0xbb, 0x56, 0x36, 0x65, 0xd7, 0x8a, 0xcf, 0xd1, 0xdc, 0x69, 0xe6, 0xe8, 0x13, 0x98, 0x64, 0x6e, 0x4a, 0xb8, 0x3f, 0xf0, 0xc9, 0x77, 0x35, 0x92, 0xfc, 0x82, 0x5a, 0x7c, 0x9c, 0x67, 0x17, 0xe3, 0x43, 0x8c, 0xe4, 0xc6, 0xc3, 0x3d, 0xc6, 0x97, 0x14, 0xc6, 0x29, 0xfb, 0x4c, 0x38, 0x09, 0x5b, 0x5c, @@ -6014,7 +6016,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x71, 0xfa, 0x08, 0x15, 0x57, 0xae, 0x67, 0xef, 0x9b, 0x01, 0x8d, 0x6a, 0xe4, 0x2b, 0x97, 0x43, 0x13, 0x94, 0x0a, 0xb2, 0xf6, 0x79, 0x16, 0x2e, 0xb0, 0xe6, 0xd6, 0x7a, 0xc1, 0xae, 0xe3, 0xd9, 0xc1, 0xe1, 0xb9, 0xdd, 0xd2, 0xef, 0xc4, 0xb6, 0xf4, 0x79, 0x39, 0x31, 0xd5, 0xbe, 0x8d, 0xb4, - 0xb3, 0xff, 0xd1, 0x38, 0xcc, 0xa6, 0x50, 0x91, 0x5b, 0x22, 0xde, 0x17, 0xd9, 0x58, 0x18, 0xcf, + 0xb3, 0xff, 0xe1, 0x38, 0xcc, 0xa6, 0x50, 0x91, 0x5b, 0x22, 0xde, 0x17, 0xd9, 0x58, 0x18, 0xcf, 0xfb, 0xb2, 0x5f, 0x9d, 0x94, 0xe8, 0xdb, 0x51, 0x7c, 0x6f, 0x09, 0x4a, 0x42, 0xe9, 0xa3, 0x32, 0xe6, 0x92, 0xc2, 0x68, 0x92, 0xd8, 0x29, 0x78, 0xa8, 0x53, 0x45, 0x22, 0x77, 0x61, 0x72, 0x79, 0x97, 0xb6, 0xf6, 0xec, 0xee, 0xce, 0x3a, 0x3d, 0xf4, 0x2b, 0xb9, 0xeb, 0xb9, 0x1b, 0x93, 0x7c, @@ -6033,7 +6035,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0xf1, 0xb5, 0x64, 0x2c, 0xbd, 0xf3, 0x6e, 0x39, 0x1b, 0x83, 0xbc, 0x73, 0x7b, 0xa9, 0x9c, 0xd3, 0x74, 0x28, 0x29, 0xe3, 0xcb, 0x55, 0x67, 0xc7, 0x09, 0xc3, 0x97, 0x42, 0x75, 0x32, 0x88, 0x2e, 0x4a, 0x48, 0x15, 0xc6, 0x36, 0x9c, 0x96, 0xd9, 0x16, 0x3a, 0xb8, 0x78, 0xd4, 0xaf, 0x8e, 0xb5, - 0x19, 0x40, 0xe7, 0x70, 0xed, 0xdf, 0x65, 0xa0, 0xbc, 0xe5, 0x39, 0xfb, 0x36, 0x53, 0x01, 0xdb, + 0x19, 0x40, 0xe7, 0x70, 0xed, 0xdf, 0x67, 0xa0, 0xbc, 0xe5, 0x39, 0xfb, 0x36, 0x53, 0x01, 0xdb, 0xce, 0x1e, 0xed, 0x3e, 0xb9, 0x4d, 0xde, 0x92, 0x33, 0x91, 0xef, 0x12, 0x97, 0x19, 0x15, 0xce, 0xc4, 0x2f, 0xfb, 0x55, 0x68, 0x1c, 0xfa, 0x01, 0xed, 0xb0, 0x72, 0x39, 0x1b, 0x95, 0x28, 0x70, 0x76, 0xf4, 0xc8, 0xd2, 0x09, 0x51, 0xe0, 0x2a, 0x8c, 0x61, 0x73, 0x84, 0xca, 0xc2, 0x96, 0x07, @@ -6068,9 +6070,9 @@ var fileDescriptor_d938547f84707355 = []byte{ 0xbc, 0x00, 0x25, 0x65, 0x0e, 0x30, 0x47, 0x55, 0x71, 0x58, 0xd0, 0x51, 0x65, 0x13, 0x45, 0x75, 0x54, 0xd1, 0x2a, 0x8c, 0xe2, 0xcf, 0xd9, 0x93, 0xe3, 0xcf, 0x64, 0x03, 0xca, 0x58, 0x89, 0x68, 0x83, 0x1f, 0x9d, 0x81, 0x5c, 0x3f, 0xea, 0x57, 0xaf, 0xe2, 0x7c, 0x33, 0x44, 0x2f, 0x7c, 0xa3, - 0xe7, 0xd9, 0x0a, 0x8f, 0x01, 0x4a, 0xf2, 0xa7, 0x19, 0x98, 0x46, 0xe0, 0xea, 0x3e, 0xed, 0x06, + 0xe7, 0xd9, 0x0a, 0x8f, 0x01, 0x4a, 0xf2, 0x27, 0x19, 0x98, 0x46, 0xe0, 0xea, 0x3e, 0xed, 0x06, 0xc8, 0x8c, 0x4f, 0xea, 0x4b, 0x0b, 0x61, 0x06, 0x49, 0x23, 0xf0, 0xec, 0xee, 0xce, 0x13, 0xb3, - 0xdd, 0xa3, 0x7e, 0xbd, 0xc9, 0x26, 0xf6, 0x5f, 0xf6, 0xab, 0x77, 0xbe, 0x4a, 0x56, 0x8a, 0x60, + 0xdd, 0xa3, 0x7e, 0xbd, 0xc9, 0x26, 0xf6, 0x5f, 0xf4, 0xab, 0x77, 0xbe, 0x4a, 0x56, 0x8a, 0x60, 0xe5, 0x1f, 0xf5, 0xab, 0xf3, 0xbc, 0xa1, 0x14, 0xab, 0x4d, 0x34, 0x33, 0xd1, 0x22, 0x72, 0x4f, 0xb4, 0x71, 0xdb, 0x6c, 0xb6, 0x29, 0xea, 0xe3, 0x31, 0xec, 0xf0, 0xb5, 0x88, 0x4f, 0xc0, 0x8a, 0x50, 0x27, 0x0f, 0xf0, 0x09, 0xa9, 0xc8, 0xaf, 0xc1, 0xe5, 0xd5, 0x2e, 0xfb, 0x62, 0x03, 0x67, @@ -6086,18 +6088,18 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x46, 0xdc, 0x94, 0x4e, 0x4e, 0x0e, 0x70, 0x4b, 0xef, 0xe5, 0x00, 0x65, 0xc8, 0x4d, 0xed, 0xe7, 0x14, 0xf6, 0x53, 0xe1, 0x36, 0xa4, 0xa3, 0x03, 0x94, 0xda, 0xff, 0xcb, 0x28, 0xc9, 0x3c, 0xe7, 0xd4, 0x16, 0x78, 0x37, 0x66, 0x0b, 0x5c, 0x14, 0xa4, 0x61, 0xaf, 0x58, 0x59, 0x9a, 0x15, 0xa0, - 0x5d, 0x80, 0xa9, 0x18, 0x92, 0xf6, 0xc7, 0x59, 0xb8, 0xa8, 0x53, 0x9f, 0x06, 0x5b, 0xa6, 0xef, + 0x5d, 0x80, 0xa9, 0x18, 0x92, 0xf6, 0x47, 0x59, 0xb8, 0xa8, 0x53, 0x9f, 0x06, 0x5b, 0xa6, 0xef, 0x3f, 0x77, 0x3c, 0x8b, 0xdb, 0xac, 0xe7, 0xd5, 0x46, 0xaa, 0xc5, 0xe4, 0x52, 0x0d, 0x83, 0xcd, - 0xc9, 0x0e, 0x8e, 0x64, 0x28, 0xfd, 0x79, 0x06, 0x2a, 0xc3, 0x48, 0x99, 0x7c, 0x1e, 0xfb, 0x34, + 0xc9, 0x0e, 0x8e, 0x64, 0x28, 0xfd, 0x59, 0x06, 0x2a, 0xc3, 0x48, 0x99, 0x7c, 0x1e, 0xfb, 0x34, 0x76, 0xb2, 0xd5, 0xf3, 0xa9, 0xa7, 0x23, 0x94, 0x1f, 0x28, 0x6c, 0xc4, 0x0f, 0x14, 0xda, 0x3a, 0x83, 0x31, 0xbf, 0x7c, 0xd9, 0xa3, 0x98, 0x8f, 0x93, 0x1f, 0xdd, 0x2f, 0x6f, 0x71, 0x92, 0xa4, - 0x5f, 0x2e, 0x38, 0x69, 0x7f, 0x96, 0x85, 0x17, 0x53, 0x9a, 0x4a, 0x5b, 0x1e, 0x0d, 0xfc, 0x73, - 0x3b, 0x9a, 0x0f, 0x62, 0xa3, 0xf9, 0xfa, 0xf0, 0xd1, 0xe4, 0xfd, 0x1c, 0x69, 0x50, 0xff, 0x63, + 0x5f, 0x2e, 0x38, 0x69, 0x7f, 0x9a, 0x85, 0x17, 0x53, 0x9a, 0x4a, 0x5b, 0x1e, 0x0d, 0xfc, 0x73, + 0x3b, 0x9a, 0x0f, 0x62, 0xa3, 0xf9, 0xfa, 0xf0, 0xd1, 0xe4, 0xfd, 0x1c, 0x69, 0x50, 0xff, 0x53, 0x06, 0xaa, 0x27, 0x70, 0x20, 0xaf, 0xc0, 0xf8, 0xe6, 0xf6, 0x96, 0x0c, 0x37, 0x8b, 0xce, 0x39, 0x2e, 0x5a, 0x9f, 0xba, 0x28, 0x22, 0x6f, 0xc1, 0xf8, 0xc7, 0xfa, 0xb2, 0x63, 0xc9, 0x30, 0x26, 0x1a, 0xc9, 0x3f, 0xf2, 0x8c, 0x56, 0x3c, 0xab, 0x4c, 0x20, 0xa9, 0xc3, 0x9e, 0x3b, 0xb3, 0x61, 0x67, 0xce, 0x4d, 0xad, 0xd5, 0xa2, 0xbe, 0xaf, 0xd3, 0x1f, 0xf5, 0xa8, 0x1f, 0x7c, 0xcb, 0x9c, - 0x9b, 0x58, 0xdf, 0x46, 0x1a, 0xde, 0xff, 0x90, 0x81, 0x39, 0x49, 0xb5, 0x6f, 0xd3, 0xe7, 0xdb, + 0x9b, 0x58, 0xdf, 0x46, 0x1a, 0xde, 0xff, 0x98, 0x81, 0x39, 0x49, 0xb5, 0x6f, 0xd3, 0xe7, 0xdb, 0xbb, 0x1e, 0xf5, 0x77, 0x9d, 0xb6, 0xc5, 0x0c, 0x3f, 0xc5, 0x6b, 0x44, 0xc3, 0x2f, 0x61, 0x99, 0xf0, 0xb3, 0xc0, 0x5b, 0x30, 0x7e, 0xcf, 0x6e, 0x07, 0xd4, 0x53, 0x0d, 0xbf, 0x67, 0x08, 0x51, 0x87, 0x95, 0xe3, 0x90, 0x45, 0x98, 0xa8, 0xb9, 0xae, 0xe7, 0xec, 0xf3, 0x63, 0xe8, 0x29, 0x3e, @@ -6122,8 +6124,8 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x63, 0x96, 0xca, 0x71, 0xd9, 0xca, 0xdf, 0xc4, 0xce, 0xaf, 0x86, 0xf9, 0xc7, 0xce, 0x2c, 0xcc, 0x5f, 0x87, 0x29, 0xd1, 0x2b, 0xb1, 0x94, 0x79, 0x5a, 0x1d, 0xea, 0x01, 0x8f, 0x17, 0x18, 0x03, 0x4b, 0x3a, 0x4e, 0xc2, 0x79, 0xf8, 0x4e, 0x7b, 0x9f, 0x0a, 0x1e, 0x13, 0x2a, 0x0f, 0x2c, 0x48, - 0xe5, 0xa1, 0x90, 0x90, 0x7f, 0x9e, 0x01, 0x22, 0x20, 0xea, 0x7a, 0x2e, 0x1c, 0xb7, 0x9e, 0xad, - 0xb3, 0x59, 0xcf, 0x2f, 0xc9, 0x36, 0xa6, 0xaf, 0xeb, 0x94, 0x66, 0x91, 0x3f, 0xcf, 0xc0, 0x0c, + 0xe5, 0xa1, 0x90, 0x90, 0x7f, 0x91, 0x01, 0x22, 0x20, 0xea, 0x7a, 0x2e, 0x1c, 0xb7, 0x9e, 0xad, + 0xb3, 0x59, 0xcf, 0x2f, 0xc9, 0x36, 0xa6, 0xaf, 0xeb, 0x94, 0x66, 0x91, 0x3f, 0xcb, 0xc0, 0x0c, 0x8f, 0xa8, 0xab, 0x8d, 0x2d, 0x1e, 0xd7, 0xd8, 0xd6, 0xd9, 0x34, 0xf6, 0xaa, 0x8f, 0xd5, 0x0e, 0x69, 0xeb, 0x60, 0xa3, 0xc8, 0xaf, 0x01, 0x84, 0x2b, 0x4a, 0x1e, 0xad, 0x5d, 0x4d, 0xd1, 0x02, 0x21, 0x52, 0x94, 0x0f, 0x15, 0x84, 0x74, 0xea, 0xb9, 0x5d, 0xc4, 0x8d, 0xfc, 0x26, 0x5c, 0x64, @@ -6133,23 +6135,23 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x4f, 0x10, 0x44, 0x3e, 0x06, 0xd2, 0xe8, 0xed, 0xec, 0x50, 0x3f, 0xa0, 0x16, 0x87, 0x51, 0xcf, 0xaf, 0x4c, 0xa1, 0x7e, 0x78, 0x99, 0x4d, 0x12, 0x5f, 0x96, 0x1a, 0x9e, 0x2c, 0x56, 0x27, 0xc9, 0x20, 0xf1, 0x7c, 0x13, 0xae, 0x0c, 0xed, 0x66, 0x4a, 0x66, 0xc9, 0x62, 0x3c, 0xb3, 0xe4, 0xca, - 0x30, 0x75, 0xe8, 0xab, 0xd9, 0x25, 0xff, 0x24, 0x93, 0xd0, 0x7f, 0xc2, 0x58, 0xe1, 0x77, 0x38, + 0x30, 0x75, 0xe8, 0xab, 0xd9, 0x25, 0xff, 0x34, 0x93, 0xd0, 0x7f, 0xc2, 0x58, 0xe1, 0x77, 0x38, 0x86, 0x6d, 0x10, 0xd9, 0xb5, 0x15, 0x66, 0x9d, 0xa0, 0x86, 0xcc, 0x46, 0x46, 0x12, 0xd3, 0x90, - 0xaa, 0x86, 0x45, 0x5d, 0xf9, 0x35, 0x55, 0xa1, 0xf6, 0xaf, 0x32, 0x40, 0x78, 0x0b, 0x99, 0x93, + 0xaa, 0x86, 0x45, 0x5d, 0xf9, 0x35, 0x55, 0xa1, 0xf6, 0xaf, 0x33, 0x40, 0x78, 0x0b, 0x99, 0x93, 0xdf, 0xb4, 0xdb, 0x76, 0x60, 0x53, 0x9f, 0xac, 0x43, 0x59, 0xb0, 0x30, 0x9b, 0x6d, 0xaa, 0x9e, 0x5b, 0x89, 0x80, 0x46, 0x58, 0x66, 0x24, 0xcd, 0x9a, 0x01, 0xc2, 0x21, 0x83, 0x97, 0xfd, 0x1a, - 0x83, 0xa7, 0xfd, 0x55, 0x06, 0xae, 0x0c, 0x36, 0x5b, 0xd4, 0x1c, 0x0a, 0x2f, 0x73, 0x82, 0xf0, + 0x83, 0xa7, 0xfd, 0x65, 0x06, 0xae, 0x0c, 0x36, 0x5b, 0xd4, 0x1c, 0x0a, 0x2f, 0x73, 0x82, 0xf0, 0xd2, 0x7a, 0x99, 0xc5, 0xa0, 0xd4, 0x99, 0xf5, 0x32, 0x87, 0xec, 0xbe, 0x62, 0x2f, 0x7f, 0x27, 0x0b, 0x93, 0x5b, 0xed, 0xde, 0x8e, 0xdd, 0x5d, 0x31, 0x03, 0xf3, 0xdc, 0xba, 0x14, 0xef, 0xc5, - 0x5c, 0x8a, 0xf0, 0x70, 0x2e, 0xec, 0xd8, 0x48, 0xfe, 0xc4, 0x1f, 0x66, 0xe0, 0x42, 0x44, 0xc2, + 0x5c, 0x8a, 0xf0, 0x70, 0x2e, 0xec, 0xd8, 0x48, 0xfe, 0xc4, 0x1f, 0x64, 0xe0, 0x42, 0x44, 0xc2, 0x57, 0xe9, 0x03, 0xc8, 0xb3, 0x0f, 0x61, 0xa1, 0x5c, 0x1f, 0x60, 0x8c, 0x58, 0x0b, 0xe1, 0x2f, 0x61, 0xe4, 0xc7, 0x6f, 0x31, 0x20, 0x87, 0xf9, 0xef, 0x43, 0x31, 0x62, 0x7b, 0x9a, 0x0b, 0x53, - 0xff, 0x32, 0x03, 0xe5, 0x64, 0x4f, 0xc8, 0x3a, 0x4c, 0x30, 0x4e, 0x36, 0x95, 0xc6, 0xd3, 0xab, + 0xff, 0x2a, 0x03, 0xe5, 0x64, 0x4f, 0xc8, 0x3a, 0x4c, 0x30, 0x4e, 0x36, 0x95, 0xc6, 0xd3, 0xab, 0x43, 0xfa, 0xbc, 0x20, 0xd0, 0x78, 0xf3, 0x50, 0xf8, 0x94, 0x43, 0x74, 0xc9, 0x61, 0x5e, 0x87, - 0x49, 0x15, 0x2b, 0xa5, 0x75, 0xb7, 0xe2, 0xaa, 0xe9, 0x52, 0xba, 0x1c, 0xd4, 0x56, 0xff, 0xa3, + 0x49, 0x15, 0x2b, 0xa5, 0x75, 0xb7, 0xe2, 0xaa, 0xe9, 0x52, 0xba, 0x1c, 0xd4, 0x56, 0xff, 0xe3, 0x58, 0xab, 0x85, 0x52, 0x1a, 0xf5, 0x66, 0xca, 0x12, 0x14, 0xe4, 0x9d, 0x16, 0x75, 0x9e, 0x79, 0x02, 0x16, 0x4b, 0x54, 0x11, 0x30, 0xe6, 0x8b, 0xf0, 0xfa, 0xc4, 0x3c, 0x43, 0x5f, 0xc4, 0x45, - 0x88, 0x6a, 0xcf, 0x72, 0x1c, 0xed, 0x1f, 0xe7, 0xe0, 0x52, 0xd4, 0x3c, 0x7e, 0x4f, 0x67, 0xcb, + 0x88, 0x6a, 0xcf, 0x72, 0x1c, 0xed, 0x9f, 0xe4, 0xe0, 0x52, 0xd4, 0x3c, 0x7e, 0x4f, 0x67, 0xcb, 0xf4, 0xcc, 0x8e, 0x7f, 0xc2, 0x0a, 0xb8, 0x31, 0xd0, 0x34, 0x91, 0xc2, 0xc7, 0x61, 0x4a, 0x83, 0xb4, 0x44, 0x83, 0xd0, 0x89, 0xe3, 0x0d, 0x92, 0xcd, 0x20, 0xeb, 0x90, 0x6b, 0xd0, 0x40, 0x64, 0x8b, 0xbe, 0x3e, 0x20, 0x55, 0xb5, 0x5d, 0x0b, 0x0d, 0x1a, 0xf0, 0x41, 0xc4, 0x54, 0x3a, 0x9f, @@ -6167,7 +6169,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x1e, 0x88, 0x83, 0xb5, 0xed, 0x6d, 0x1e, 0x8e, 0xcd, 0xd5, 0x6f, 0x1e, 0xf5, 0xab, 0x57, 0x3a, 0xe6, 0x81, 0x3c, 0x8f, 0x33, 0x82, 0xa0, 0x3d, 0xe4, 0x32, 0x65, 0x9c, 0x9e, 0xd8, 0x30, 0xbd, 0xe5, 0x78, 0x81, 0xa8, 0x84, 0xd9, 0xb4, 0xbc, 0xb3, 0x65, 0xd1, 0x59, 0xd6, 0x06, 0x34, 0xec, - 0xeb, 0x8b, 0x5f, 0xf4, 0xab, 0x99, 0xbf, 0xec, 0x57, 0x81, 0x81, 0x78, 0x77, 0x58, 0xad, 0xcc, + 0xeb, 0x8b, 0x5f, 0xf4, 0xab, 0x99, 0xbf, 0xe8, 0x57, 0x81, 0x81, 0x78, 0x77, 0x58, 0xad, 0xcc, 0x90, 0x37, 0x9e, 0x85, 0xe4, 0xea, 0xa9, 0x58, 0x9c, 0x31, 0xf9, 0x10, 0x66, 0x96, 0xa9, 0x17, 0xd8, 0xcf, 0xec, 0x96, 0x19, 0xd0, 0x7b, 0x8e, 0xd7, 0x31, 0x03, 0x11, 0x50, 0x41, 0x87, 0xba, 0x45, 0x39, 0xa7, 0x8e, 0x19, 0xe8, 0x83, 0x98, 0xe4, 0x07, 0xc3, 0xcf, 0xb4, 0xdf, 0x62, 0x46, @@ -6183,7 +6185,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0xc4, 0xba, 0x75, 0x21, 0x34, 0xd1, 0x3d, 0x33, 0xa0, 0x3b, 0x91, 0xd7, 0xce, 0xb9, 0x28, 0x9e, 0xff, 0x96, 0xe7, 0x74, 0xdc, 0x00, 0x4f, 0xed, 0x12, 0x9e, 0xbf, 0x8b, 0x25, 0x29, 0x9e, 0x3f, 0x27, 0x21, 0x9b, 0x30, 0xc3, 0x00, 0xb6, 0x47, 0x45, 0x6b, 0x1f, 0xde, 0xab, 0xe1, 0x79, 0x9d, - 0xb0, 0x48, 0x3d, 0x5e, 0x18, 0xae, 0xbf, 0xce, 0x33, 0xd5, 0x32, 0x1a, 0xa4, 0xd5, 0xfe, 0x45, + 0xb0, 0x48, 0x3d, 0x5e, 0x18, 0xae, 0xbf, 0xce, 0x33, 0xd5, 0x32, 0x1a, 0xa4, 0xd5, 0xfe, 0x65, 0x11, 0xa6, 0xe3, 0x8a, 0x84, 0xed, 0xec, 0x1b, 0xce, 0x8e, 0xdd, 0x95, 0xfe, 0x01, 0xbf, 0x37, 0x81, 0x90, 0xd8, 0x8d, 0x78, 0x84, 0x90, 0xd7, 0x00, 0xc2, 0x63, 0x2f, 0xe9, 0x02, 0x88, 0xfb, 0xfb, 0x4a, 0x01, 0xf9, 0x75, 0x80, 0x47, 0x8e, 0x45, 0xc5, 0xad, 0x8a, 0xdc, 0x71, 0x8e, 0xfb, @@ -6209,18 +6211,18 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x0f, 0xd9, 0x24, 0x36, 0xed, 0x8e, 0xbf, 0xed, 0x44, 0x71, 0xe9, 0x28, 0x98, 0x85, 0x65, 0xf2, 0x56, 0xc1, 0xcb, 0x42, 0x7b, 0x5c, 0x69, 0x21, 0x85, 0x11, 0x38, 0x03, 0xa1, 0x83, 0x38, 0xb3, 0x81, 0x33, 0x92, 0xdc, 0x2f, 0xc8, 0x19, 0x49, 0x3c, 0x32, 0x99, 0x3f, 0xd3, 0xc8, 0x64, 0x7a, - 0xac, 0x64, 0xec, 0xeb, 0x44, 0x84, 0xfe, 0x53, 0xe2, 0x54, 0xe6, 0x17, 0x71, 0xa8, 0x6f, 0xc2, + 0xac, 0x64, 0xec, 0xeb, 0x44, 0x84, 0xfe, 0x73, 0xe2, 0x54, 0xe6, 0x17, 0x71, 0xa8, 0x6f, 0xc2, 0xd8, 0xd3, 0x5d, 0xea, 0xc9, 0x8b, 0xb2, 0xd8, 0x90, 0xe7, 0x0c, 0xa0, 0x36, 0x04, 0x31, 0xb4, 0xbf, 0x03, 0x93, 0x6a, 0x65, 0xa4, 0x0a, 0x63, 0xf8, 0x2d, 0x1c, 0x2d, 0x3c, 0x13, 0xc1, 0x7a, 0x75, 0x0e, 0x67, 0x08, 0x4f, 0x22, 0x6f, 0x8d, 0x23, 0xa0, 0xc7, 0xa6, 0x73, 0x78, 0x24, 0x85, - 0xdc, 0x49, 0x52, 0xd0, 0xfe, 0x7d, 0x06, 0xf2, 0x6c, 0xb3, 0x23, 0xef, 0x40, 0x51, 0x7a, 0xcc, + 0xdc, 0x49, 0x52, 0xd0, 0xfe, 0x43, 0x06, 0xf2, 0x6c, 0xb3, 0x23, 0xef, 0x40, 0x51, 0x7a, 0xcc, 0x6a, 0xde, 0xfa, 0xac, 0x74, 0xa8, 0xfd, 0xf8, 0xb1, 0x96, 0x00, 0xb2, 0xaa, 0x9e, 0x50, 0xaf, 0x19, 0x3b, 0xfd, 0xdc, 0x67, 0x00, 0xb5, 0x2a, 0xc4, 0x38, 0x85, 0x48, 0xf0, 0x84, 0x57, 0x98, 0x79, 0x79, 0xe4, 0xcb, 0x4f, 0x78, 0x07, 0xcc, 0x3b, 0x89, 0xa5, 0xfd, 0x34, 0x03, 0x73, 0xa9, 0x6a, 0x8a, 0xd5, 0xca, 0xf5, 0xa1, 0x32, 0x23, 0x92, 0xca, 0x90, 0x63, 0x9c, 0xe6, 0x24, 0xf7, 0x14, 0xc3, 0xfb, 0x32, 0x14, 0x43, 0x1f, 0x85, 0x39, 0xda, 0x7c, 0xe8, 0xd0, 0xad, 0x12, 0xe3, 0x85, 0x4e, 0x36, 0x6b, 0xc2, 0xb9, 0xcd, 0x3f, 0x4f, 0x77, 0xb2, 0x59, 0x97, 0x46, 0x4a, 0x3c, - 0xff, 0xd3, 0x71, 0x80, 0x08, 0x99, 0x34, 0x61, 0x7a, 0x73, 0x6d, 0x65, 0x79, 0xcd, 0xa2, 0xdd, + 0xff, 0x93, 0x71, 0x80, 0x08, 0x99, 0x34, 0x61, 0x7a, 0x73, 0x6d, 0x65, 0x79, 0xcd, 0xa2, 0xdd, 0x00, 0x83, 0xbd, 0x89, 0x5c, 0xff, 0xd5, 0x83, 0x80, 0x7a, 0x5d, 0xb3, 0x2d, 0x10, 0x0e, 0xa3, 0xe5, 0xe9, 0xd8, 0x56, 0xcb, 0xb0, 0x43, 0x3a, 0x75, 0xbf, 0x88, 0x73, 0x64, 0x75, 0x34, 0x6a, 0x0f, 0x37, 0x94, 0x3a, 0xb2, 0x23, 0xd6, 0xe1, 0x9b, 0x9d, 0xf6, 0x90, 0x3a, 0xe2, 0x1c, 0xc9, @@ -6234,13 +6236,13 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x47, 0xa3, 0x1e, 0xc2, 0x45, 0x06, 0x14, 0xcf, 0xf8, 0x8e, 0x32, 0xb6, 0x55, 0x86, 0x21, 0xae, 0xf6, 0x59, 0x06, 0xca, 0xc9, 0xf9, 0xc2, 0xfc, 0x59, 0xe1, 0xde, 0x3a, 0x5e, 0x78, 0xcc, 0x84, 0xfe, 0x6c, 0x4b, 0x82, 0xe3, 0xaf, 0x67, 0xa8, 0xe8, 0x64, 0x09, 0x0a, 0x6c, 0xd9, 0x75, 0xa3, - 0x7b, 0xa1, 0xa8, 0x4f, 0x7a, 0x02, 0xa6, 0x86, 0x77, 0x25, 0x9e, 0xb2, 0x6a, 0xff, 0x4d, 0x16, + 0x7b, 0xa1, 0xa8, 0x4f, 0x7a, 0x02, 0xa6, 0x86, 0x77, 0x25, 0x9e, 0xb2, 0x6a, 0xff, 0x6d, 0x16, 0x4a, 0xca, 0x60, 0x91, 0x9b, 0x50, 0x58, 0xf3, 0x37, 0x9c, 0xd6, 0x1e, 0xb5, 0x44, 0xd4, 0x08, 0x5f, 0xc9, 0xb3, 0x7d, 0xa3, 0x8d, 0x40, 0x3d, 0x2c, 0x66, 0x1e, 0x2f, 0xff, 0xf5, 0x90, 0xfa, 0xbe, 0xb9, 0x23, 0x6b, 0x47, 0x8f, 0x97, 0x23, 0x1b, 0x1d, 0x5e, 0xa2, 0xee, 0xb0, 0x31, 0x12, 0xf2, 0x29, 0x00, 0x07, 0xb0, 0xf1, 0x1d, 0x21, 0xbf, 0x4b, 0x2e, 0xe0, 0x39, 0x51, 0x41, 0x60, 0xab, 0x3d, 0xc4, 0xa9, 0xa0, 0x30, 0xc4, 0x67, 0xbc, 0x9c, 0xd6, 0xde, 0xe8, 0x6f, 0xf4, 0x45, - 0xcf, 0x78, 0x39, 0xad, 0x3d, 0x23, 0xfd, 0xb0, 0x5f, 0x65, 0xa9, 0xfd, 0x97, 0x8c, 0x32, 0xe1, + 0xcf, 0x78, 0x39, 0xad, 0x3d, 0x23, 0xfd, 0xb0, 0x5f, 0x65, 0xa9, 0xfd, 0xd7, 0x8c, 0x32, 0xe1, 0xc8, 0x23, 0x28, 0x86, 0x43, 0x23, 0x62, 0x8b, 0xa1, 0x29, 0x22, 0xe1, 0x3a, 0x7d, 0x56, 0x7f, 0x51, 0x84, 0x53, 0x66, 0xc3, 0x01, 0x8e, 0xcd, 0x3f, 0x09, 0x24, 0xbf, 0x0c, 0x79, 0x14, 0xcc, 0xc9, 0xf7, 0x10, 0xa5, 0x62, 0xcf, 0x33, 0x89, 0x60, 0x33, 0x91, 0x92, 0x7c, 0x57, 0x1c, 0xad, @@ -6249,7 +6251,7 @@ var fileDescriptor_d938547f84707355 = []byte{ 0xe4, 0x0a, 0xe4, 0x74, 0xf3, 0xb9, 0xb8, 0x51, 0x8e, 0x39, 0x9a, 0x9e, 0xf9, 0x5c, 0x67, 0x30, 0x72, 0x0b, 0x8a, 0xeb, 0xf4, 0xf0, 0x81, 0xd9, 0xb5, 0xda, 0x54, 0xdc, 0x1c, 0xc7, 0x7b, 0x2c, 0x7b, 0xf4, 0xd0, 0xd8, 0x45, 0xa8, 0x1e, 0x21, 0x60, 0x50, 0xbf, 0xd7, 0x5c, 0xa7, 0x3c, 0xf6, - 0x39, 0x29, 0x82, 0xfa, 0xbd, 0x26, 0x66, 0x0b, 0xf2, 0x12, 0xed, 0xbf, 0x65, 0xa1, 0x9c, 0x5c, + 0x39, 0x29, 0x82, 0xfa, 0xbd, 0x26, 0x66, 0x0b, 0xf2, 0x12, 0xed, 0xbf, 0x67, 0xa1, 0x9c, 0x5c, 0x6b, 0xe4, 0x2e, 0x4c, 0xca, 0x2c, 0xc4, 0x07, 0xa6, 0xbf, 0x2b, 0x9a, 0x82, 0x57, 0x9b, 0x5d, 0x01, 0x37, 0x76, 0x4d, 0x5f, 0x5d, 0x84, 0x31, 0x02, 0xb6, 0x07, 0x6f, 0x8b, 0x4c, 0x45, 0x65, 0xcd, 0x04, 0x4e, 0xe0, 0x26, 0x2e, 0xb7, 0x4b, 0x34, 0x62, 0xc1, 0x85, 0x84, 0x2c, 0xc2, 0xe9, @@ -6283,106 +6285,107 @@ var fileDescriptor_d938547f84707355 = []byte{ 0x50, 0xd3, 0x0b, 0x9a, 0xd4, 0x0c, 0x46, 0x30, 0xb0, 0xc2, 0xb7, 0x38, 0x51, 0x73, 0xee, 0x4a, 0xca, 0xe4, 0x5b, 0x9c, 0x31, 0xb6, 0xe1, 0x44, 0xc9, 0x8f, 0x30, 0x51, 0x7e, 0x04, 0x17, 0x1a, 0xb4, 0x63, 0xba, 0xbb, 0x8e, 0x47, 0x45, 0x22, 0xc3, 0x02, 0x4c, 0x85, 0xa0, 0xd4, 0xd9, 0x12, - 0x2f, 0x8e, 0xe1, 0x2b, 0x82, 0x88, 0x54, 0x49, 0xbc, 0x58, 0xfb, 0xe3, 0x2c, 0x5c, 0xae, 0xb5, + 0x2f, 0x8e, 0xe1, 0x2b, 0x82, 0x88, 0x54, 0x49, 0xbc, 0x58, 0xfb, 0xa3, 0x2c, 0x5c, 0xae, 0xb5, 0xc4, 0xd9, 0x88, 0x28, 0x90, 0xb1, 0xf8, 0x6f, 0xb8, 0x6e, 0xb2, 0x08, 0xc5, 0x87, 0xe6, 0x01, 0xbe, 0x17, 0xed, 0x8b, 0xb7, 0xa4, 0xf9, 0x4e, 0x6c, 0x1e, 0x18, 0x61, 0x54, 0x46, 0x8f, 0x70, 0xce, 0xf2, 0x49, 0x69, 0x0d, 0xc6, 0x1f, 0x38, 0x6d, 0x8b, 0x7a, 0xe2, 0x82, 0x21, 0x9a, 0x57, - 0xbb, 0x08, 0xd1, 0x45, 0x89, 0xf6, 0x57, 0x19, 0x98, 0x0e, 0x5b, 0x8c, 0x4d, 0xf8, 0xc6, 0x45, - 0x92, 0x78, 0x5c, 0xbb, 0x38, 0xc2, 0xe3, 0xda, 0x63, 0x5f, 0x4f, 0x12, 0xda, 0x3f, 0xcb, 0xc0, + 0xbb, 0x08, 0xd1, 0x45, 0x89, 0xf6, 0x97, 0x19, 0x98, 0x0e, 0x5b, 0x8c, 0x4d, 0xf8, 0xc6, 0x45, + 0x92, 0x78, 0x5c, 0xbb, 0x38, 0xc2, 0xe3, 0xda, 0x63, 0x5f, 0x4f, 0x12, 0xda, 0x3f, 0xcf, 0xc0, 0x4c, 0xbc, 0x97, 0x6c, 0x27, 0x52, 0x1a, 0x92, 0x19, 0xb1, 0x21, 0xd9, 0x33, 0x1b, 0x92, 0xdc, 0xd0, 0x21, 0xf9, 0xed, 0x2c, 0x94, 0xc2, 0xc6, 0x9e, 0xdb, 0x94, 0x8d, 0x5f, 0x8a, 0xe9, 0xd0, 0x4b, 0xe1, 0xc3, 0x81, 0xa2, 0x5f, 0x23, 0xe5, 0x6d, 0x34, 0x14, 0x5d, 0x21, 0x72, 0x37, 0x7e, 0x19, 0xc6, 0xc5, 0x62, 0x8a, 0xa7, 0xb9, 0x0f, 0x8c, 0x6e, 0x7d, 0x5a, 0xb0, 0x1e, 0xc7, 0x01, 0xf5, 0x75, 0x41, 0x87, 0x49, 0x7a, 0x4f, 0x69, 0x53, 0x9c, 0x92, 0x9e, 0xdb, 0x3d, 0x2a, 0x3d, - 0x49, 0x2f, 0xea, 0xd8, 0x48, 0xbb, 0xd3, 0x1f, 0xe4, 0xa0, 0x9c, 0x24, 0x39, 0xf9, 0x82, 0xde, + 0x49, 0x2f, 0xea, 0xd8, 0x48, 0xbb, 0xd3, 0x5f, 0xe5, 0xa0, 0x9c, 0x24, 0x39, 0xf9, 0x82, 0xde, 0x56, 0xaf, 0x29, 0x7c, 0x3b, 0x74, 0xfe, 0xdc, 0x5e, 0x53, 0x67, 0x30, 0xf2, 0x3a, 0xe4, 0xb7, 0x3c, 0x7b, 0x5f, 0x38, 0x73, 0x98, 0x90, 0xe6, 0x7a, 0xf6, 0xbe, 0x9a, 0xad, 0xc2, 0xca, 0xd1, 0xf9, 0xda, 0x68, 0x28, 0x0f, 0xda, 0x72, 0xe7, 0xab, 0xed, 0x27, 0x5f, 0xb4, 0x95, 0x68, 0x6c, 0xab, 0xac, 0x53, 0xd3, 0xa3, 0x1e, 0x7f, 0x43, 0x67, 0x2c, 0xda, 0x2a, 0x9b, 0x08, 0xe6, 0x0f, 0x83, 0xe8, 0x2a, 0x12, 0x69, 0x03, 0x51, 0x3e, 0x47, 0x7f, 0xd7, 0x5d, 0x3e, 0x2b, 0x7b, 0x51, - 0x65, 0x6d, 0xa8, 0xab, 0x39, 0x85, 0xef, 0x19, 0x86, 0xb0, 0xb4, 0xef, 0xaa, 0x63, 0x22, 0xb6, - 0xc8, 0x63, 0xc7, 0x44, 0xfb, 0x23, 0x34, 0x9a, 0x3b, 0x4e, 0x40, 0x85, 0xad, 0x70, 0x6e, 0xb5, - 0x46, 0x14, 0x4f, 0x1c, 0x8b, 0x9d, 0x5e, 0xc6, 0x7a, 0xc7, 0x31, 0x9e, 0xbc, 0x1d, 0x2d, 0x71, - 0x1e, 0x59, 0x94, 0xf1, 0x44, 0x65, 0x82, 0xff, 0xd3, 0x0c, 0xcc, 0xa5, 0xd2, 0x92, 0x05, 0x80, - 0xc8, 0x22, 0x13, 0x52, 0xe2, 0x4f, 0x6e, 0x84, 0x50, 0x5d, 0xc1, 0x20, 0x3f, 0x4c, 0xda, 0x52, - 0x27, 0x6f, 0x05, 0xf2, 0xc5, 0xb2, 0xe9, 0xb8, 0x2d, 0x95, 0x62, 0x41, 0x69, 0x3f, 0xcb, 0xc1, - 0xcc, 0xc0, 0xfb, 0x9e, 0x27, 0xbc, 0xbd, 0xb9, 0x97, 0x78, 0x25, 0x93, 0xc7, 0xbe, 0xdf, 0x1c, - 0xf6, 0xba, 0x68, 0xca, 0x9b, 0x99, 0x18, 0x30, 0x11, 0x4f, 0xeb, 0x9c, 0xf0, 0x74, 0xa6, 0x9f, - 0x7c, 0x3a, 0x93, 0xc7, 0xc0, 0xbf, 0x33, 0xb4, 0xb6, 0x33, 0x78, 0xb0, 0xf9, 0x17, 0xf8, 0x19, - 0xca, 0x1f, 0x67, 0x01, 0x9e, 0xd2, 0xe6, 0xf9, 0xbe, 0xf3, 0xfd, 0xfd, 0xd8, 0x16, 0x32, 0x17, - 0x6d, 0x21, 0xa3, 0xdf, 0xf4, 0xde, 0x84, 0xe9, 0x38, 0xfe, 0xc9, 0x57, 0xc5, 0xb8, 0x0a, 0xcf, - 0xa6, 0x3f, 0x83, 0xa6, 0x35, 0xe1, 0xe2, 0x7d, 0x1a, 0x44, 0xfa, 0x4f, 0xda, 0xe9, 0xc7, 0xb3, - 0xbd, 0x05, 0x45, 0x81, 0x1f, 0x7f, 0x3e, 0x47, 0x26, 0x4a, 0xd9, 0x96, 0x1e, 0x21, 0x68, 0x14, - 0x2e, 0xaf, 0xd0, 0x36, 0x0d, 0xe8, 0x37, 0x5b, 0x4d, 0x03, 0x08, 0xef, 0x0a, 0xf6, 0x6c, 0xb4, - 0x1a, 0x4e, 0x94, 0xcf, 0x13, 0x98, 0x0b, 0xdb, 0x7e, 0x96, 0x7c, 0x17, 0xd9, 0x0e, 0x22, 0xb2, - 0xae, 0x23, 0x8e, 0xc7, 0x04, 0x6a, 0x0e, 0x60, 0x5e, 0x12, 0x3c, 0xb5, 0xc3, 0xc8, 0xec, 0x48, - 0xb4, 0xe4, 0x0e, 0x94, 0x14, 0x1a, 0x71, 0x85, 0x03, 0x0f, 0x3c, 0x9e, 0xdb, 0xc1, 0xae, 0xe1, - 0x73, 0xb8, 0x7a, 0xe0, 0xa1, 0xa0, 0x6b, 0x3f, 0xc0, 0x1b, 0xfb, 0xdc, 0x73, 0x4a, 0xa9, 0x3a, - 0xc1, 0x3c, 0x73, 0x3a, 0xe6, 0x3f, 0xce, 0xc2, 0x85, 0xcd, 0xb5, 0x95, 0xe5, 0x30, 0x3a, 0xf6, - 0x2d, 0x8b, 0x3f, 0xc5, 0xfa, 0x76, 0x4c, 0xfc, 0xe9, 0x31, 0xcc, 0x26, 0xc4, 0x80, 0xef, 0xed, - 0x7d, 0xc4, 0x4f, 0x75, 0x43, 0xb0, 0x34, 0xc3, 0x2f, 0xa5, 0xb1, 0x7f, 0xb2, 0xa4, 0x27, 0xb0, - 0xb5, 0x9f, 0x8d, 0x27, 0xf8, 0x86, 0xaf, 0xa1, 0x16, 0xd7, 0x7c, 0xbf, 0x47, 0xbd, 0xc7, 0xfa, - 0x86, 0xba, 0x19, 0xdb, 0x08, 0x34, 0x7a, 0x5e, 0x5b, 0x8f, 0x10, 0xc8, 0x4d, 0x28, 0x88, 0xe4, - 0xda, 0x15, 0xf5, 0x5f, 0x39, 0x85, 0xb9, 0xb9, 0x7a, 0x58, 0x4c, 0xde, 0x81, 0x49, 0xfe, 0x9b, - 0x0f, 0xb0, 0x10, 0x38, 0xba, 0xe0, 0x02, 0x9d, 0x4f, 0x08, 0x3d, 0x86, 0xc6, 0x0c, 0x4e, 0xf9, - 0x7a, 0x30, 0x6b, 0x51, 0x3e, 0x32, 0x38, 0xe5, 0xf3, 0xc2, 0xd8, 0x26, 0x15, 0x89, 0xbc, 0x09, - 0xb9, 0xda, 0xb2, 0x2e, 0x8c, 0x53, 0x0c, 0xb0, 0x99, 0x2d, 0x8f, 0x3f, 0xab, 0xa2, 0x4e, 0x37, - 0x86, 0x44, 0x96, 0xf0, 0xff, 0x42, 0xec, 0xdb, 0xcc, 0x13, 0x1c, 0x8f, 0x66, 0x8d, 0x2b, 0x60, - 0xea, 0xa1, 0x9d, 0xc4, 0x23, 0x8b, 0x30, 0xb1, 0x62, 0xfb, 0x6e, 0xdb, 0x3c, 0x14, 0x37, 0x42, - 0x31, 0x9f, 0xc2, 0xe2, 0x20, 0x75, 0x9e, 0x09, 0x2c, 0xfc, 0x7f, 0x40, 0x2d, 0xc7, 0xa5, 0x95, - 0x42, 0x74, 0xa0, 0xec, 0x33, 0x40, 0xec, 0x5a, 0x19, 0x03, 0xe0, 0x7d, 0x0f, 0x9e, 0xb6, 0x5a, - 0x54, 0xee, 0x7b, 0x24, 0xd3, 0x55, 0x05, 0xce, 0x60, 0xd6, 0x0d, 0x9c, 0x65, 0xd6, 0x4d, 0x13, - 0x2e, 0xdf, 0x47, 0x9b, 0xaa, 0x41, 0xbd, 0x7d, 0xbb, 0x45, 0x6b, 0x2d, 0x8c, 0x5a, 0x3f, 0xd6, - 0xd7, 0x44, 0xaa, 0xee, 0x8d, 0xa3, 0x7e, 0xf5, 0x55, 0x6e, 0x76, 0xe1, 0xff, 0x8a, 0xb1, 0x5b, - 0xd4, 0x30, 0x39, 0x52, 0xe2, 0xe9, 0xa5, 0x61, 0x8c, 0xc8, 0xaf, 0xc2, 0xc5, 0xb4, 0x22, 0x91, - 0xb4, 0xfb, 0xea, 0x51, 0xbf, 0x7a, 0x3d, 0xbd, 0x02, 0xf5, 0x0e, 0x65, 0x1a, 0x07, 0xb2, 0x01, - 0x65, 0x0e, 0xaf, 0x59, 0x1d, 0xbb, 0xbb, 0xda, 0x31, 0xed, 0x36, 0xa6, 0xf0, 0x8a, 0x3c, 0x6c, - 0xc1, 0xd5, 0x64, 0x85, 0x06, 0x65, 0xa5, 0xb1, 0x9c, 0x80, 0x04, 0x25, 0xaa, 0xa3, 0x46, 0xed, - 0xe1, 0xc6, 0xb7, 0x55, 0x1d, 0xc5, 0xfa, 0x76, 0xbc, 0x3a, 0x4a, 0x88, 0x41, 0xaa, 0xa3, 0x18, - 0x38, 0xa9, 0x8e, 0x12, 0x34, 0x7a, 0x02, 0x5b, 0xfb, 0xcf, 0xe3, 0x09, 0xbe, 0x42, 0x1d, 0x69, - 0x30, 0xce, 0xb5, 0x8d, 0xfa, 0x64, 0x04, 0xd7, 0x45, 0xba, 0x28, 0x61, 0x8e, 0x70, 0xa3, 0xb1, - 0xa9, 0xbe, 0x54, 0xe3, 0xfb, 0x8e, 0xce, 0x60, 0x6c, 0x84, 0xd0, 0xbb, 0xcd, 0x45, 0x23, 0xc4, - 0x3c, 0x5b, 0xf1, 0x92, 0xf7, 0x6b, 0xd1, 0x3a, 0xce, 0x47, 0xf2, 0x16, 0xeb, 0x38, 0x5a, 0xbd, - 0xcb, 0x50, 0xa9, 0xf9, 0x3e, 0xf5, 0x02, 0xfe, 0x34, 0x9b, 0xdf, 0xeb, 0x50, 0x4f, 0xcc, 0x35, - 0xa1, 0x63, 0xb0, 0x52, 0xb3, 0xe5, 0xeb, 0x43, 0x11, 0xc9, 0x0d, 0x28, 0xd4, 0x7a, 0x96, 0x4d, - 0xbb, 0x2d, 0x2a, 0xf4, 0x0c, 0xc6, 0xb8, 0x4c, 0x01, 0xd3, 0xc3, 0x52, 0xf2, 0x31, 0xcc, 0x09, - 0x22, 0xa9, 0x70, 0x84, 0x04, 0xb8, 0xae, 0xe1, 0xae, 0x82, 0x58, 0x0b, 0x52, 0x4d, 0x19, 0x42, - 0x24, 0xe9, 0x94, 0xa4, 0x06, 0xe5, 0x55, 0x3c, 0xfe, 0x91, 0x4f, 0xcb, 0x3b, 0x9e, 0x78, 0x87, - 0x1e, 0x35, 0x17, 0x3f, 0x1a, 0x32, 0xac, 0xb0, 0x50, 0x1f, 0x40, 0x27, 0xeb, 0x30, 0x9b, 0x84, - 0x31, 0x7d, 0x5c, 0x8c, 0x5e, 0xb3, 0x1f, 0xe0, 0x82, 0x8a, 0x39, 0x8d, 0x8a, 0x34, 0x61, 0xa6, - 0x16, 0x04, 0x9e, 0xdd, 0xec, 0x05, 0x34, 0xa1, 0xba, 0x64, 0xfc, 0x24, 0x2c, 0x97, 0xea, 0xeb, - 0x45, 0x31, 0x19, 0x67, 0xcd, 0x90, 0x32, 0x54, 0x61, 0xfa, 0x20, 0x3b, 0x62, 0x85, 0xaf, 0x24, - 0x8b, 0x87, 0x93, 0x45, 0x96, 0xb1, 0x8c, 0x53, 0xd5, 0xfc, 0xc3, 0x4e, 0x87, 0x06, 0x1e, 0xbe, - 0xb4, 0x8e, 0xaf, 0x30, 0x6b, 0x22, 0x17, 0x60, 0x5e, 0x79, 0x54, 0x1b, 0x5f, 0x62, 0x8e, 0x25, - 0x25, 0xc5, 0x78, 0xc6, 0xb6, 0x8f, 0xc9, 0x11, 0xb7, 0x8f, 0x36, 0xcc, 0xac, 0x76, 0x5b, 0xde, - 0x21, 0xde, 0xa9, 0x91, 0x8d, 0x9b, 0x3a, 0xa1, 0x71, 0xaf, 0x8a, 0xc6, 0x5d, 0x35, 0xe5, 0x0c, - 0x4b, 0x6b, 0xde, 0x20, 0x63, 0xed, 0xef, 0x42, 0x39, 0x29, 0xcb, 0x13, 0x8c, 0xc2, 0xb3, 0x4c, - 0x88, 0x64, 0x23, 0x9d, 0xec, 0x0b, 0x59, 0x8c, 0x3d, 0x6b, 0xaf, 0xfc, 0xb3, 0x48, 0xe5, 0x59, - 0x7b, 0xf5, 0x31, 0xfb, 0x70, 0x19, 0x67, 0xd3, 0x96, 0xb1, 0xf6, 0x3b, 0x59, 0x98, 0xe1, 0x39, - 0x5c, 0x91, 0x86, 0x39, 0xaf, 0x9e, 0xe0, 0x47, 0x31, 0xe5, 0x2c, 0x83, 0x2e, 0x89, 0xde, 0x0d, - 0x77, 0x08, 0xb5, 0x4f, 0x61, 0x6e, 0x40, 0x14, 0xa8, 0xa0, 0x57, 0x64, 0xf6, 0xdc, 0x80, 0x8a, - 0xae, 0xa4, 0x57, 0xf2, 0xe4, 0x6d, 0x7d, 0x80, 0x42, 0xfb, 0xb3, 0xec, 0x00, 0x7f, 0xe1, 0x6d, - 0xaa, 0x96, 0x60, 0xe6, 0x74, 0x96, 0x60, 0xf6, 0x2b, 0x59, 0x82, 0xb9, 0x51, 0x2c, 0xc1, 0x8f, - 0x61, 0x6a, 0x9b, 0x9a, 0xcc, 0xa2, 0x11, 0x57, 0x6d, 0xf2, 0xb1, 0x57, 0xed, 0x59, 0x99, 0xd4, - 0x2f, 0xe1, 0xed, 0x95, 0x80, 0x11, 0x30, 0xd5, 0xc2, 0xef, 0xe2, 0xe8, 0x71, 0x0e, 0xea, 0xa6, - 0x31, 0x36, 0x7c, 0xd3, 0xd0, 0x3e, 0xcb, 0x42, 0x49, 0x61, 0x4f, 0xbe, 0x07, 0x93, 0x9b, 0xde, - 0x8e, 0xd9, 0xb5, 0xff, 0xb6, 0xa9, 0xc4, 0xb9, 0xb0, 0xf9, 0x8e, 0x02, 0xd7, 0x63, 0x58, 0x98, - 0x0d, 0x40, 0xcd, 0x8e, 0x3a, 0xf1, 0x59, 0xf3, 0x74, 0x84, 0x2a, 0x37, 0x88, 0x72, 0x23, 0xdc, - 0x20, 0x8a, 0x5f, 0xbf, 0xc9, 0x9f, 0xfe, 0xfa, 0x4d, 0xec, 0xb6, 0xcc, 0xd8, 0x29, 0x6f, 0xcb, - 0x68, 0xbf, 0x97, 0x85, 0xf2, 0xb6, 0xd7, 0xf3, 0x03, 0x6a, 0xc9, 0xd8, 0xe8, 0xb7, 0xeb, 0x31, - 0xf5, 0x78, 0xe7, 0x8e, 0x89, 0xfa, 0xe7, 0x7f, 0xfa, 0x27, 0x55, 0x7c, 0x48, 0x3d, 0x29, 0x0e, - 0xf9, 0x90, 0x7a, 0x1c, 0x9e, 0xcc, 0xd7, 0x4d, 0x52, 0xe9, 0x49, 0x7c, 0xed, 0x2f, 0xb2, 0x49, - 0xde, 0xc2, 0x9a, 0x7a, 0x0d, 0x26, 0xf8, 0xbb, 0xa0, 0x32, 0xa5, 0x50, 0x5c, 0x9c, 0x47, 0x90, - 0x2e, 0xcb, 0x4e, 0x93, 0xb9, 0x7d, 0xd2, 0x6b, 0xfa, 0xe4, 0x5d, 0x98, 0xc4, 0x63, 0xf0, 0x9a, - 0x65, 0x79, 0xd4, 0xf7, 0x85, 0xa1, 0x85, 0x47, 0x12, 0xcf, 0x69, 0xd3, 0xe0, 0xc7, 0xe5, 0xf8, - 0x0f, 0xb5, 0x62, 0x78, 0x64, 0x19, 0x2e, 0xc6, 0xb2, 0x2e, 0x24, 0xfd, 0x58, 0xb4, 0x5b, 0xf0, - 0xff, 0x28, 0xc5, 0x89, 0x53, 0x91, 0xcf, 0xee, 0xdf, 0x59, 0xbc, 0x79, 0x17, 0x26, 0xd5, 0x97, - 0x41, 0xf8, 0x7f, 0xe6, 0x7d, 0xb4, 0x5a, 0x7e, 0x81, 0x94, 0x60, 0x62, 0x6b, 0xf5, 0xd1, 0xca, - 0xda, 0xa3, 0xfb, 0xe5, 0x0c, 0x99, 0x84, 0x42, 0x6d, 0x6b, 0x4b, 0xdf, 0x7c, 0xb2, 0xba, 0x52, - 0xce, 0x12, 0x80, 0xf1, 0x95, 0xd5, 0x47, 0x6b, 0xab, 0x2b, 0xe5, 0x5c, 0xbd, 0xfc, 0xc5, 0xff, - 0xbc, 0xf6, 0xc2, 0x17, 0x3f, 0xbf, 0x96, 0xf9, 0x8b, 0x9f, 0x5f, 0xcb, 0xfc, 0x8f, 0x9f, 0x5f, - 0xcb, 0x34, 0xc7, 0x31, 0x50, 0xfd, 0xf6, 0xdf, 0x04, 0x00, 0x00, 0xff, 0xff, 0x83, 0x0b, 0xd5, - 0xe0, 0xd3, 0x79, 0x00, 0x00, + 0x65, 0x6d, 0xa8, 0xab, 0x39, 0x85, 0xef, 0x59, 0x86, 0xb0, 0xb6, 0xa0, 0x88, 0x11, 0x19, 0xf4, + 0xfc, 0x0b, 0x27, 0x32, 0x93, 0x99, 0x41, 0x80, 0x87, 0xf8, 0x46, 0xe8, 0xff, 0x47, 0x4c, 0xb4, + 0xef, 0xaa, 0xa3, 0x2c, 0x36, 0xdd, 0x63, 0x47, 0x59, 0xfb, 0x43, 0x34, 0xc3, 0x3b, 0x4e, 0x40, + 0x85, 0xf5, 0x71, 0x6e, 0xf5, 0x50, 0x14, 0xa1, 0x1c, 0x8b, 0x9d, 0x87, 0xc6, 0x7a, 0xc7, 0x31, + 0x9e, 0xbc, 0x1d, 0x29, 0x0d, 0x1e, 0xab, 0x94, 0x11, 0x4a, 0x65, 0xc9, 0xfc, 0xb3, 0x0c, 0xcc, + 0xa5, 0xd2, 0x92, 0x05, 0x80, 0xc8, 0xc6, 0x13, 0x52, 0xe2, 0x8f, 0x78, 0x84, 0x50, 0x5d, 0xc1, + 0x20, 0x3f, 0x4c, 0x5a, 0x67, 0x27, 0x6f, 0x2e, 0xf2, 0x0d, 0xb4, 0xe9, 0xb8, 0x75, 0x96, 0x62, + 0x93, 0x69, 0x3f, 0xcb, 0xc1, 0xcc, 0xc0, 0x8b, 0xa1, 0x27, 0xbc, 0xe6, 0xb9, 0x97, 0x78, 0x77, + 0x93, 0x47, 0xd3, 0xdf, 0x1c, 0xf6, 0x5e, 0x69, 0xca, 0x2b, 0x9c, 0x18, 0x82, 0x11, 0x8f, 0xf5, + 0x9c, 0xf0, 0x18, 0xa7, 0x9f, 0x7c, 0x8c, 0x93, 0x47, 0xd5, 0xbf, 0x33, 0xb4, 0xb6, 0x33, 0x78, + 0x02, 0xfa, 0x17, 0xf8, 0x61, 0xcb, 0x1f, 0x67, 0x01, 0x9e, 0xd2, 0xe6, 0xf9, 0xbe, 0x45, 0xfe, + 0xfd, 0xd8, 0xa6, 0x34, 0x17, 0x6d, 0x4a, 0xa3, 0xdf, 0x1d, 0xdf, 0x84, 0xe9, 0x38, 0xfe, 0xc9, + 0x97, 0xcf, 0xf8, 0xa6, 0x90, 0x4d, 0x7f, 0x58, 0x4d, 0x6b, 0xc2, 0xc5, 0xfb, 0x34, 0x88, 0xf4, + 0x9f, 0xb4, 0xfc, 0x8f, 0x67, 0x7b, 0x0b, 0x8a, 0x02, 0x3f, 0xfe, 0x20, 0x8f, 0x4c, 0xbd, 0xb2, + 0x2d, 0x3d, 0x42, 0xd0, 0x28, 0x5c, 0x5e, 0xa1, 0x6d, 0x1a, 0xd0, 0x6f, 0xb6, 0x9a, 0x06, 0x10, + 0xde, 0x15, 0xec, 0xd9, 0x68, 0x35, 0x9c, 0x28, 0x9f, 0x27, 0x30, 0x17, 0xb6, 0xfd, 0x2c, 0xf9, + 0x2e, 0xb2, 0x1d, 0x44, 0xe4, 0x71, 0x47, 0x1c, 0x8f, 0x09, 0xfd, 0x1c, 0xc0, 0xbc, 0x24, 0x78, + 0x6a, 0x87, 0xb1, 0xde, 0x91, 0x68, 0xc9, 0x1d, 0x28, 0x29, 0x34, 0xe2, 0x52, 0x08, 0x1e, 0xa1, + 0x3c, 0xb7, 0x83, 0x5d, 0xc3, 0xe7, 0x70, 0xf5, 0x08, 0x45, 0x41, 0xd7, 0x7e, 0x80, 0x6f, 0x00, + 0x70, 0x5f, 0x2c, 0xa5, 0xea, 0x04, 0xf3, 0xcc, 0xe9, 0x98, 0xff, 0x38, 0x0b, 0x17, 0x36, 0xd7, + 0x56, 0x96, 0xc3, 0x78, 0xdb, 0xb7, 0x2c, 0xa2, 0x15, 0xeb, 0xdb, 0x31, 0x11, 0xad, 0xc7, 0x30, + 0x9b, 0x10, 0x03, 0xbe, 0xe0, 0xf7, 0x11, 0x3f, 0x27, 0x0e, 0xc1, 0xd2, 0xb0, 0xbf, 0x94, 0xc6, + 0xfe, 0xc9, 0x92, 0x9e, 0xc0, 0xd6, 0x7e, 0x36, 0x9e, 0xe0, 0x1b, 0xbe, 0xaf, 0x5a, 0x5c, 0xf3, + 0xfd, 0x1e, 0xf5, 0x1e, 0xeb, 0x1b, 0xea, 0x66, 0x6c, 0x23, 0xd0, 0xe8, 0x79, 0x6d, 0x3d, 0x42, + 0x20, 0x37, 0xa1, 0x20, 0xd2, 0x75, 0x57, 0xd4, 0x7f, 0x0e, 0x15, 0x66, 0xfb, 0xea, 0x61, 0x31, + 0x79, 0x07, 0x26, 0xf9, 0x6f, 0x3e, 0xc0, 0x42, 0xe0, 0xe8, 0xd4, 0x0b, 0x74, 0x3e, 0x21, 0xf4, + 0x18, 0x1a, 0x33, 0x61, 0xe5, 0x7b, 0xc4, 0xac, 0x45, 0xf9, 0xc8, 0x84, 0x95, 0x0f, 0x16, 0x63, + 0x9b, 0x54, 0x24, 0xf2, 0x26, 0xe4, 0x6a, 0xcb, 0xba, 0x30, 0x77, 0x31, 0x64, 0x67, 0xb6, 0x3c, + 0xfe, 0x50, 0x8b, 0x3a, 0xdd, 0x18, 0x12, 0x59, 0xc2, 0xff, 0x34, 0xb1, 0x6f, 0x33, 0xdf, 0x72, + 0x3c, 0x9a, 0x35, 0xae, 0x80, 0xa9, 0xc7, 0x80, 0x12, 0x8f, 0x2c, 0xc2, 0xc4, 0x8a, 0xed, 0xbb, + 0x6d, 0xf3, 0x50, 0xdc, 0x31, 0xc5, 0x0c, 0x0d, 0x8b, 0x83, 0xd4, 0x79, 0x26, 0xb0, 0xf0, 0x3f, + 0x0c, 0xb5, 0x1c, 0x97, 0x99, 0xa5, 0xe1, 0x11, 0xb5, 0xcf, 0x00, 0xb1, 0x8b, 0x6a, 0x0c, 0x80, + 0x37, 0x48, 0x78, 0x22, 0x6c, 0x51, 0xb9, 0x41, 0x92, 0x4c, 0x80, 0x15, 0x38, 0x83, 0x79, 0x3c, + 0x70, 0x96, 0x79, 0x3c, 0x4d, 0xb8, 0x7c, 0x1f, 0x6d, 0xaa, 0x06, 0xf5, 0xf6, 0xed, 0x16, 0xad, + 0xb5, 0x30, 0x0e, 0xfe, 0x58, 0x5f, 0x13, 0xc9, 0xbf, 0x37, 0x8e, 0xfa, 0xd5, 0x57, 0xb9, 0xd9, + 0x85, 0xff, 0x7d, 0xc6, 0x6e, 0x51, 0xc3, 0xe4, 0x48, 0x89, 0xc7, 0x9c, 0x86, 0x31, 0x22, 0xbf, + 0x0a, 0x17, 0xd3, 0x8a, 0x44, 0x1a, 0xf0, 0xab, 0x47, 0xfd, 0xea, 0xf5, 0xf4, 0x0a, 0xd4, 0x5b, + 0x99, 0x69, 0x1c, 0xc8, 0x06, 0x94, 0x39, 0xbc, 0x66, 0x75, 0xec, 0xee, 0x6a, 0xc7, 0xb4, 0xdb, + 0x98, 0x14, 0x2c, 0x32, 0xbb, 0x05, 0x57, 0x93, 0x15, 0x1a, 0x94, 0x95, 0xc6, 0xb2, 0x0c, 0x12, + 0x94, 0xa8, 0x8e, 0x1a, 0xb5, 0x87, 0x1b, 0xdf, 0x56, 0x75, 0x14, 0xeb, 0xdb, 0xf1, 0xea, 0x28, + 0x21, 0x06, 0xa9, 0x8e, 0x62, 0xe0, 0xa4, 0x3a, 0x4a, 0xd0, 0xe8, 0x09, 0x6c, 0xed, 0xbf, 0x8c, + 0x27, 0xf8, 0x0a, 0x75, 0xa4, 0xc1, 0x38, 0xd7, 0x36, 0xea, 0x23, 0x14, 0x5c, 0x17, 0xe9, 0xa2, + 0x84, 0xb9, 0xd6, 0x8d, 0xc6, 0xa6, 0xfa, 0xf6, 0x8d, 0xef, 0x3b, 0x3a, 0x83, 0xb1, 0x11, 0x42, + 0x7f, 0x39, 0x17, 0x8d, 0x10, 0xf3, 0x95, 0xc5, 0xdb, 0xe0, 0xaf, 0x45, 0xeb, 0x38, 0x1f, 0xc9, + 0x5b, 0xac, 0xe3, 0x68, 0xf5, 0x2e, 0x43, 0xa5, 0xe6, 0xfb, 0xd4, 0x0b, 0xf8, 0x63, 0x6f, 0x7e, + 0xaf, 0x43, 0x3d, 0x31, 0xd7, 0x84, 0x8e, 0xc1, 0x4a, 0xcd, 0x96, 0xaf, 0x0f, 0x45, 0x24, 0x37, + 0xa0, 0x50, 0xeb, 0x59, 0x36, 0xed, 0xb6, 0xa8, 0xd0, 0x33, 0x18, 0x35, 0x33, 0x05, 0x4c, 0x0f, + 0x4b, 0xc9, 0xc7, 0x30, 0x27, 0x88, 0xa4, 0xc2, 0x11, 0x12, 0xe0, 0xba, 0x86, 0xbb, 0x0a, 0x62, + 0x2d, 0x48, 0x35, 0x65, 0x08, 0x91, 0xa4, 0x53, 0x92, 0x1a, 0x94, 0x57, 0xf1, 0x40, 0x49, 0x3e, + 0x56, 0xef, 0x78, 0xe2, 0x65, 0x7b, 0xd4, 0x5c, 0xfc, 0xb0, 0xc9, 0xb0, 0xc2, 0x42, 0x7d, 0x00, + 0x9d, 0xac, 0xc3, 0x6c, 0x12, 0xc6, 0xf4, 0x71, 0x31, 0x7a, 0x1f, 0x7f, 0x80, 0x0b, 0x2a, 0xe6, + 0x34, 0x2a, 0xd2, 0x84, 0x99, 0x5a, 0x10, 0x78, 0x76, 0xb3, 0x17, 0xd0, 0x84, 0xea, 0x92, 0x11, + 0x99, 0xb0, 0x5c, 0xaa, 0xaf, 0x17, 0xc5, 0x64, 0x9c, 0x35, 0x43, 0xca, 0x50, 0x85, 0xe9, 0x83, + 0xec, 0x88, 0x15, 0xbe, 0xbb, 0x2c, 0x9e, 0x62, 0x16, 0x79, 0xcb, 0x32, 0xf2, 0x55, 0xf3, 0x0f, + 0x3b, 0x1d, 0x1a, 0x78, 0xf8, 0x76, 0x3b, 0xbe, 0xeb, 0xac, 0x89, 0xec, 0x82, 0x79, 0xe5, 0x99, + 0x6e, 0x7c, 0xdb, 0x39, 0x96, 0xe6, 0x14, 0xe3, 0x19, 0xdb, 0x3e, 0x26, 0x47, 0xdc, 0x3e, 0xda, + 0x30, 0xb3, 0xda, 0x6d, 0x79, 0x87, 0x78, 0x4b, 0x47, 0x36, 0x6e, 0xea, 0x84, 0xc6, 0xbd, 0x2a, + 0x1a, 0x77, 0xd5, 0x94, 0x33, 0x2c, 0xad, 0x79, 0x83, 0x8c, 0xb5, 0xbf, 0x0b, 0xe5, 0xa4, 0x2c, + 0x4f, 0x30, 0x0a, 0xcf, 0x32, 0xc5, 0x92, 0x8d, 0x74, 0xb2, 0x2f, 0x64, 0x31, 0xf6, 0x50, 0xbe, + 0xf2, 0xef, 0x27, 0x95, 0x87, 0xf2, 0xd5, 0xe7, 0xf1, 0xc3, 0x65, 0x9c, 0x4d, 0x5b, 0xc6, 0xda, + 0xef, 0x64, 0x61, 0x86, 0x67, 0x85, 0x45, 0x1a, 0xe6, 0xbc, 0x7a, 0x82, 0x1f, 0xc5, 0x94, 0xb3, + 0x0c, 0xba, 0x24, 0x7a, 0x37, 0xdc, 0x21, 0xd4, 0x3e, 0x85, 0xb9, 0x01, 0x51, 0xa0, 0x82, 0x5e, + 0x91, 0xf9, 0x78, 0x03, 0x2a, 0xba, 0x92, 0x5e, 0xc9, 0x93, 0xb7, 0xf5, 0x01, 0x0a, 0xed, 0x4f, + 0xb3, 0x03, 0xfc, 0x85, 0xb7, 0xa9, 0x5a, 0x82, 0x99, 0xd3, 0x59, 0x82, 0xd9, 0xaf, 0x64, 0x09, + 0xe6, 0x46, 0xb1, 0x04, 0x3f, 0x86, 0xa9, 0x6d, 0x6a, 0x32, 0x8b, 0x46, 0x5c, 0xde, 0xc9, 0xc7, + 0xde, 0xc9, 0x67, 0x65, 0x52, 0xbf, 0x84, 0xf7, 0x61, 0x02, 0x46, 0xc0, 0x54, 0x0b, 0xbf, 0xdd, + 0xa3, 0xc7, 0x39, 0xa8, 0x9b, 0xc6, 0xd8, 0xf0, 0x4d, 0x43, 0xfb, 0x2c, 0x0b, 0x25, 0x85, 0x3d, + 0xf9, 0x1e, 0x4c, 0x6e, 0x7a, 0x3b, 0x66, 0xd7, 0xfe, 0xdb, 0xa6, 0x12, 0xe7, 0xc2, 0xe6, 0x3b, + 0x0a, 0x5c, 0x8f, 0x61, 0x61, 0x7e, 0x01, 0x35, 0x3b, 0xea, 0xc4, 0x67, 0xcd, 0xd3, 0x11, 0xaa, + 0xdc, 0x49, 0xca, 0x8d, 0x70, 0x27, 0x29, 0x7e, 0xa1, 0x27, 0x7f, 0xfa, 0x0b, 0x3d, 0xb1, 0xfb, + 0x37, 0x63, 0xa7, 0xbc, 0x7f, 0xa3, 0xfd, 0x5e, 0x16, 0xca, 0xdb, 0x5e, 0xcf, 0x0f, 0xa8, 0x25, + 0x63, 0xa3, 0xdf, 0xae, 0xe7, 0xd9, 0xe3, 0x9d, 0x3b, 0xe6, 0x1c, 0x21, 0xff, 0xd3, 0x3f, 0xae, + 0xe2, 0xd3, 0xec, 0x49, 0x71, 0xc8, 0xa7, 0xd9, 0xe3, 0xf0, 0x64, 0x06, 0x70, 0x92, 0x4a, 0x4f, + 0xe2, 0x6b, 0x7f, 0x9e, 0x4d, 0xf2, 0x16, 0xd6, 0xd4, 0x6b, 0x30, 0xc1, 0x5f, 0x1a, 0x95, 0x49, + 0x8a, 0xe2, 0x2a, 0x3e, 0x82, 0x74, 0x59, 0x76, 0x9a, 0x5c, 0xf0, 0x93, 0xde, 0xe7, 0x27, 0xef, + 0xc2, 0x24, 0x1e, 0xac, 0xd7, 0x2c, 0xcb, 0xa3, 0xbe, 0x2f, 0x0c, 0x2d, 0x3c, 0xe4, 0x78, 0x4e, + 0x9b, 0x06, 0x3f, 0x80, 0xc7, 0x7f, 0xd1, 0x15, 0xc3, 0x23, 0xcb, 0x70, 0x31, 0x96, 0xc7, 0x21, + 0xe9, 0xc7, 0xa2, 0xdd, 0x82, 0xff, 0x8f, 0x2a, 0x4e, 0x9c, 0x8a, 0x7c, 0x76, 0xff, 0x20, 0xe3, + 0xcd, 0xbb, 0x30, 0xa9, 0xbe, 0x35, 0xc2, 0xff, 0xd7, 0xef, 0xa3, 0xd5, 0xf2, 0x0b, 0xa4, 0x04, + 0x13, 0x5b, 0xab, 0x8f, 0x56, 0xd6, 0x1e, 0xdd, 0x2f, 0x67, 0xc8, 0x24, 0x14, 0x6a, 0x5b, 0x5b, + 0xfa, 0xe6, 0x93, 0xd5, 0x95, 0x72, 0x96, 0x00, 0x8c, 0xaf, 0xac, 0x3e, 0x5a, 0x5b, 0x5d, 0x29, + 0xe7, 0xea, 0xe5, 0x2f, 0xfe, 0xd7, 0xb5, 0x17, 0xbe, 0xf8, 0xf9, 0xb5, 0xcc, 0x9f, 0xff, 0xfc, + 0x5a, 0xe6, 0x7f, 0xfe, 0xfc, 0x5a, 0xa6, 0x39, 0x8e, 0x81, 0xea, 0xb7, 0xff, 0x26, 0x00, 0x00, + 0xff, 0xff, 0x78, 0x41, 0xe3, 0x85, 0x25, 0x7a, 0x00, 0x00, } func (m *KeepAlive) Marshal() (dAtA []byte, err error) { @@ -11877,21 +11880,29 @@ func (m *WebSessionSpecV2) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - n106, err106 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.Expires, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.Expires):]) + n106, err106 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.LoginTime, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.LoginTime):]) if err106 != nil { return 0, err106 } i -= n106 i = encodeVarintTypes(dAtA, i, uint64(n106)) i-- - dAtA[i] = 0x3a - n107, err107 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.BearerTokenExpires, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.BearerTokenExpires):]) + dAtA[i] = 0x42 + n107, err107 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.Expires, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.Expires):]) if err107 != nil { return 0, err107 } i -= n107 i = encodeVarintTypes(dAtA, i, uint64(n107)) i-- + dAtA[i] = 0x3a + n108, err108 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.BearerTokenExpires, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.BearerTokenExpires):]) + if err108 != nil { + return 0, err108 + } + i -= n108 + i = encodeVarintTypes(dAtA, i, uint64(n108)) + i-- dAtA[i] = 0x32 if len(m.BearerToken) > 0 { i -= len(m.BearerToken) @@ -12057,12 +12068,12 @@ func (m *RemoteClusterStatusV3) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } - n110, err110 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.LastHeartbeat, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.LastHeartbeat):]) - if err110 != nil { - return 0, err110 + n111, err111 := github_com_gogo_protobuf_types.StdTimeMarshalTo(m.LastHeartbeat, dAtA[i-github_com_gogo_protobuf_types.SizeOfStdTime(m.LastHeartbeat):]) + if err111 != nil { + return 0, err111 } - i -= n110 - i = encodeVarintTypes(dAtA, i, uint64(n110)) + i -= n111 + i = encodeVarintTypes(dAtA, i, uint64(n111)) i-- dAtA[i] = 0x12 if len(m.Connection) > 0 { @@ -16020,6 +16031,8 @@ func (m *WebSessionSpecV2) Size() (n int) { n += 1 + l + sovTypes(uint64(l)) l = github_com_gogo_protobuf_types.SizeOfStdTime(m.Expires) n += 1 + l + sovTypes(uint64(l)) + l = github_com_gogo_protobuf_types.SizeOfStdTime(m.LoginTime) + n += 1 + l + sovTypes(uint64(l)) if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -33695,6 +33708,39 @@ func (m *WebSessionSpecV2) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 8: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field LoginTime", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTypes + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthTypes + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthTypes + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if err := github_com_gogo_protobuf_types.StdTimeUnmarshal(&m.LoginTime, dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipTypes(dAtA[iNdEx:]) diff --git a/api/types/types.proto b/api/types/types.proto index ab49f494c44..7f57d6349f7 100644 --- a/api/types/types.proto +++ b/api/types/types.proto @@ -1564,6 +1564,12 @@ message WebSessionSpecV2 { (gogoproto.nullable) = false, (gogoproto.jsontag) = "expires" ]; + // LoginTime is the time this user recently logged in. + google.protobuf.Timestamp LoginTime = 8 [ + (gogoproto.stdtime) = true, + (gogoproto.nullable) = false, + (gogoproto.jsontag) = "login_time" + ]; } // WebSessionFilter encodes cache watch parameters for filtering web sessions. @@ -1921,4 +1927,4 @@ message TrustedClusterSpecV2 { // RoleMap specifies role mappings to remote roles. repeated RoleMapping RoleMap = 6 [ (gogoproto.nullable) = false, (gogoproto.jsontag) = "role_map,omitempty" ]; -} \ No newline at end of file +} diff --git a/lib/auth/apiserver.go b/lib/auth/apiserver.go index b8fb82f8b98..1f0bc434423 100644 --- a/lib/auth/apiserver.go +++ b/lib/auth/apiserver.go @@ -760,25 +760,39 @@ func (s *APIServer) u2fSignRequest(auth ClientI, w http.ResponseWriter, r *http. return u2fSignReq, nil } -type createWebSessionReq struct { - PrevSessionID string `json:"prev_session_id"` +type WebSessionReq struct { + // User is the user name associated with the session id. + User string `json:"user"` + // PrevSessionID is the id of current session. + PrevSessionID string `json:"prev_session_id"` + // AccessRequestID is an optional field that holds the id of an approved access request. AccessRequestID string `json:"access_request_id"` + // Switchback is a flag to indicate if user is wanting to switchback from an assumed role + // back to their default role. + Switchback bool `json:"switchback"` } func (s *APIServer) createWebSession(auth ClientI, w http.ResponseWriter, r *http.Request, p httprouter.Params, version string) (interface{}, error) { - var req *createWebSessionReq + var req WebSessionReq if err := httplib.ReadJSON(r, &req); err != nil { return nil, trace.Wrap(err) } - user := p.ByName("user") + + // DELETE IN 8.0: proxy v5 sends request with no user field. + // And since proxy v6, request will come with user field set, so grabbing user + // by param is not required. + if req.User == "" { + req.User = p.ByName("user") + } + if req.PrevSessionID != "" { - sess, err := auth.ExtendWebSession(user, req.PrevSessionID, req.AccessRequestID) + sess, err := auth.ExtendWebSession(req) if err != nil { return nil, trace.Wrap(err) } return sess, nil } - sess, err := auth.CreateWebSession(user) + sess, err := auth.CreateWebSession(req.User) if err != nil { return nil, trace.Wrap(err) } diff --git a/lib/auth/auth.go b/lib/auth/auth.go index bf242cd9ef0..f2c65af5c40 100644 --- a/lib/auth/auth.go +++ b/lib/auth/auth.go @@ -955,13 +955,18 @@ func (a *Server) CheckU2FSignResponse(ctx context.Context, user string, response return a.checkU2F(ctx, user, *response, a.Identity) } -// ExtendWebSession creates a new web session for a user based on a valid previous session. -// Additional roles are appended to initial roles if there is an approved access request. -// The new session expiration time will not exceed the expiration time of the old session. -func (a *Server) ExtendWebSession(user, prevSessionID, accessRequestID string, identity tlsca.Identity) (services.WebSession, error) { +// ExtendWebSession creates a new web session for a user based on a valid previous (current) session. +// +// If there is an approved access request, additional roles are appended to the roles that were +// extracted from identity. The new session expiration time will not exceed the expiration time +// of the previous session. +// +// If there is a switchback request, the roles will switchback to user's default roles and +// the expiration time is derived from users recently logged in time. +func (a *Server) ExtendWebSession(req WebSessionReq, identity tlsca.Identity) (services.WebSession, error) { prevSession, err := a.GetWebSession(context.TODO(), types.GetWebSessionRequest{ - User: user, - SessionID: prevSessionID, + User: req.User, + SessionID: req.PrevSessionID, }) if err != nil { return nil, trace.Wrap(err) @@ -980,8 +985,8 @@ func (a *Server) ExtendWebSession(user, prevSessionID, accessRequestID string, i return nil, trace.Wrap(err) } - if accessRequestID != "" { - newRoles, requestExpiry, err := a.getRolesAndExpiryFromAccessRequest(user, accessRequestID) + if req.AccessRequestID != "" { + newRoles, requestExpiry, err := a.getRolesAndExpiryFromAccessRequest(req.User, req.AccessRequestID) if err != nil { return nil, trace.Wrap(err) } @@ -995,9 +1000,33 @@ func (a *Server) ExtendWebSession(user, prevSessionID, accessRequestID string, i } } + if req.Switchback { + if prevSession.GetLoginTime().IsZero() { + return nil, trace.BadParameter("Unable to switchback, log in time was not recorded.") + } + + // Get default/static roles. + user, err := a.GetUser(req.User, false) + if err != nil { + return nil, trace.Wrap(err, "failed to switchback") + } + + // Calculate expiry time. + roleSet, err := services.FetchRoles(user.GetRoles(), a.Access, user.GetTraits()) + if err != nil { + return nil, trace.Wrap(err) + } + + sessionTTL := roleSet.AdjustSessionTTL(defaults.CertDuration) + + // Set default roles and expiration. + expiresAt = prevSession.GetLoginTime().UTC().Add(sessionTTL) + roles = user.GetRoles() + } + sessionTTL := utils.ToTTL(a.clock, expiresAt) sess, err := a.NewWebSession(types.NewWebSessionRequest{ - User: user, + User: req.User, Roles: roles, Traits: traits, SessionTTL: sessionTTL, @@ -1006,7 +1035,10 @@ func (a *Server) ExtendWebSession(user, prevSessionID, accessRequestID string, i return nil, trace.Wrap(err) } - if err := a.upsertWebSession(context.TODO(), user, sess); err != nil { + // Keep preserving the login time. + sess.SetLoginTime(prevSession.GetLoginTime()) + + if err := a.upsertWebSession(context.TODO(), req.User, sess); err != nil { return nil, trace.Wrap(err) } @@ -1061,9 +1093,10 @@ func (a *Server) CreateWebSession(user string) (services.WebSession, error) { return nil, trace.Wrap(err) } sess, err := a.NewWebSession(types.NewWebSessionRequest{ - User: user, - Roles: u.GetRoles(), - Traits: u.GetTraits(), + User: user, + Roles: u.GetRoles(), + Traits: u.GetTraits(), + LoginTime: a.clock.Now().UTC(), }) if err != nil { return nil, trace.Wrap(err) @@ -1613,15 +1646,24 @@ func (a *Server) NewWebSession(req types.NewWebSessionRequest) (services.WebSess return nil, trace.Wrap(err) } bearerTokenTTL := utils.MinTTL(sessionTTL, BearerTokenTTL) - return services.NewWebSession(token, services.KindWebSession, services.KindWebSession, services.WebSessionSpecV2{ + + startTime := a.clock.Now() + if !req.LoginTime.IsZero() { + startTime = req.LoginTime + } + + sessionSpec := services.WebSessionSpecV2{ User: req.User, Priv: priv, Pub: certs.ssh, TLSCert: certs.tls, - Expires: a.clock.Now().UTC().Add(sessionTTL), + Expires: startTime.UTC().Add(sessionTTL), BearerToken: bearerToken, - BearerTokenExpires: a.clock.Now().UTC().Add(bearerTokenTTL), - }), nil + BearerTokenExpires: startTime.UTC().Add(bearerTokenTTL), + LoginTime: req.LoginTime, + } + + return services.NewWebSession(token, services.KindWebSession, services.KindWebSession, sessionSpec), nil } // GetWebSessionInfo returns the web session specified with sessionID for the given user. diff --git a/lib/auth/auth_with_roles.go b/lib/auth/auth_with_roles.go index a7d4850cd56..b4b757255d9 100644 --- a/lib/auth/auth_with_roles.go +++ b/lib/auth/auth_with_roles.go @@ -825,11 +825,11 @@ func (a *ServerWithRoles) CreateWebSession(user string) (services.WebSession, er // ExtendWebSession creates a new web session for a user based on a valid previous session. // Additional roles are appended to initial roles if there is an approved access request. // The new session expiration time will not exceed the expiration time of the old session. -func (a *ServerWithRoles) ExtendWebSession(user, prevSessionID, accessRequestID string) (services.WebSession, error) { - if err := a.currentUserAction(user); err != nil { +func (a *ServerWithRoles) ExtendWebSession(req WebSessionReq) (services.WebSession, error) { + if err := a.currentUserAction(req.User); err != nil { return nil, trace.Wrap(err) } - return a.authServer.ExtendWebSession(user, prevSessionID, accessRequestID, a.context.Identity.GetIdentity()) + return a.authServer.ExtendWebSession(req, a.context.Identity.GetIdentity()) } // GetWebSessionInfo returns the web session for the given user specified with sid. diff --git a/lib/auth/clt.go b/lib/auth/clt.go index 8c49ddd82ba..182649307f2 100644 --- a/lib/auth/clt.go +++ b/lib/auth/clt.go @@ -1170,14 +1170,9 @@ func (c *Client) GetMFAAuthenticateChallenge(user string, password []byte) (*MFA // ExtendWebSession creates a new web session for a user based on another // valid web session -func (c *Client) ExtendWebSession(user string, prevSessionID string, accessRequestID string) (services.WebSession, error) { +func (c *Client) ExtendWebSession(req WebSessionReq) (services.WebSession, error) { out, err := c.PostJSON( - c.Endpoint("users", user, "web", "sessions"), - createWebSessionReq{ - PrevSessionID: prevSessionID, - AccessRequestID: accessRequestID, - }, - ) + c.Endpoint("users", req.User, "web", "sessions"), req) if err != nil { return nil, trace.Wrap(err) } @@ -1188,7 +1183,7 @@ func (c *Client) ExtendWebSession(user string, prevSessionID string, accessReque func (c *Client) CreateWebSession(user string) (services.WebSession, error) { out, err := c.PostJSON( c.Endpoint("users", user, "web", "sessions"), - createWebSessionReq{}, + WebSessionReq{User: user}, ) if err != nil { return nil, trace.Wrap(err) @@ -2442,7 +2437,7 @@ type WebService interface { GetWebSessionInfo(ctx context.Context, user, sessionID string) (types.WebSession, error) // ExtendWebSession creates a new web session for a user based on another // valid web session - ExtendWebSession(user, prevSessionID, accessRequestID string) (types.WebSession, error) + ExtendWebSession(req WebSessionReq) (types.WebSession, error) // CreateWebSession creates a new web session for a user CreateWebSession(user string) (types.WebSession, error) diff --git a/lib/auth/github.go b/lib/auth/github.go index c8e20fbcc33..30664b325d9 100644 --- a/lib/auth/github.go +++ b/lib/auth/github.go @@ -271,6 +271,7 @@ func (a *Server) validateGithubAuthCallback(q url.Values) (*githubAuthResponse, Roles: user.GetRoles(), Traits: user.GetTraits(), SessionTTL: params.sessionTTL, + LoginTime: a.clock.Now().UTC(), }) if err != nil { return nil, trace.Wrap(err) @@ -308,49 +309,6 @@ func (a *Server) validateGithubAuthCallback(q url.Values) (*githubAuthResponse, return re, nil } -func (a *Server) createWebSession(ctx context.Context, req types.NewWebSessionRequest) (services.WebSession, error) { - // It's safe to extract the roles and traits directly from services.User - // because this occurs during the user creation process and services.User - // is not fetched from the backend. - session, err := a.NewWebSession(req) - if err != nil { - return nil, trace.Wrap(err) - } - - err = a.upsertWebSession(ctx, req.User, session) - if err != nil { - return nil, trace.Wrap(err) - } - - return session, nil -} - -func (a *Server) createSessionCert(user services.User, sessionTTL time.Duration, publicKey []byte, compatibility, routeToCluster, kubernetesCluster string) ([]byte, []byte, error) { - // It's safe to extract the roles and traits directly from services.User - // because this occurs during the user creation process and services.User - // is not fetched from the backend. - checker, err := services.FetchRoles(user.GetRoles(), a.Access, user.GetTraits()) - if err != nil { - return nil, nil, trace.Wrap(err) - } - - certs, err := a.generateUserCert(certRequest{ - user: user, - ttl: sessionTTL, - publicKey: publicKey, - compatibility: compatibility, - checker: checker, - traits: user.GetTraits(), - routeToCluster: routeToCluster, - kubernetesCluster: kubernetesCluster, - }) - if err != nil { - return nil, nil, trace.Wrap(err) - } - - return certs.ssh, certs.tls, nil -} - // createUserParams is a set of parameters used to create a user for an // external identity provider. type createUserParams struct { diff --git a/lib/auth/methods.go b/lib/auth/methods.go index ecf6a581d63..e810bb52955 100644 --- a/lib/auth/methods.go +++ b/lib/auth/methods.go @@ -424,9 +424,10 @@ func (s *Server) createUserWebSession(ctx context.Context, user services.User) ( // It's safe to extract the roles and traits directly from services.User as this method // is only used for local accounts. return s.createWebSession(ctx, types.NewWebSessionRequest{ - User: user.GetName(), - Roles: user.GetRoles(), - Traits: user.GetTraits(), + User: user.GetName(), + Roles: user.GetRoles(), + Traits: user.GetTraits(), + LoginTime: s.clock.Now().UTC(), }) } diff --git a/lib/auth/oidc.go b/lib/auth/oidc.go index 866d9167336..03892184640 100644 --- a/lib/auth/oidc.go +++ b/lib/auth/oidc.go @@ -374,6 +374,7 @@ func (a *Server) validateOIDCAuthCallback(q url.Values) (*oidcAuthResponse, erro Roles: user.GetRoles(), Traits: user.GetTraits(), SessionTTL: params.sessionTTL, + LoginTime: a.clock.Now().UTC(), }) if err != nil { return nil, trace.Wrap(err) diff --git a/lib/auth/saml.go b/lib/auth/saml.go index fa23f2766f4..b459608eab1 100644 --- a/lib/auth/saml.go +++ b/lib/auth/saml.go @@ -418,6 +418,7 @@ func (a *Server) validateSAMLResponse(samlResponse string) (*samlAuthResponse, e Roles: user.GetRoles(), Traits: user.GetTraits(), SessionTTL: params.sessionTTL, + LoginTime: a.clock.Now().UTC(), }) if err != nil { return re, trace.Wrap(err) diff --git a/lib/auth/sessions.go b/lib/auth/sessions.go index bc4ab23bfce..4c19130aace 100644 --- a/lib/auth/sessions.go +++ b/lib/auth/sessions.go @@ -182,3 +182,46 @@ func (s *Server) generateAppToken(username string, roles []string, uri string, e return token, nil } + +func (s *Server) createWebSession(ctx context.Context, req types.NewWebSessionRequest) (services.WebSession, error) { + // It's safe to extract the roles and traits directly from services.User + // because this occurs during the user creation process and services.User + // is not fetched from the backend. + session, err := s.NewWebSession(req) + if err != nil { + return nil, trace.Wrap(err) + } + + err = s.upsertWebSession(ctx, req.User, session) + if err != nil { + return nil, trace.Wrap(err) + } + + return session, nil +} + +func (s *Server) createSessionCert(user services.User, sessionTTL time.Duration, publicKey []byte, compatibility, routeToCluster, kubernetesCluster string) ([]byte, []byte, error) { + // It's safe to extract the roles and traits directly from services.User + // because this occurs during the user creation process and services.User + // is not fetched from the backend. + checker, err := services.FetchRoles(user.GetRoles(), s.Access, user.GetTraits()) + if err != nil { + return nil, nil, trace.Wrap(err) + } + + certs, err := s.generateUserCert(certRequest{ + user: user, + ttl: sessionTTL, + publicKey: publicKey, + compatibility: compatibility, + checker: checker, + traits: user.GetTraits(), + routeToCluster: routeToCluster, + kubernetesCluster: kubernetesCluster, + }) + if err != nil { + return nil, nil, trace.Wrap(err) + } + + return certs.ssh, certs.tls, nil +} diff --git a/lib/auth/tls_test.go b/lib/auth/tls_test.go index 42d6ab4334b..6b452593604 100644 --- a/lib/auth/tls_test.go +++ b/lib/auth/tls_test.go @@ -1442,7 +1442,10 @@ func (s *TLSSuite) TestWebSessionWithoutAccessRequest(c *check.C) { _, err = web.GetWebSessionInfo(context.TODO(), user, ws.GetName()) c.Assert(err, check.IsNil) - new, err := web.ExtendWebSession(user, ws.GetName(), "") + new, err := web.ExtendWebSession(WebSessionReq{ + User: user, + PrevSessionID: ws.GetName(), + }) c.Assert(err, check.IsNil) c.Assert(new, check.NotNil) @@ -1456,11 +1459,14 @@ func (s *TLSSuite) TestWebSessionWithoutAccessRequest(c *check.C) { _, err = web.GetWebSessionInfo(context.TODO(), user, ws.GetName()) c.Assert(err, check.NotNil) - _, err = web.ExtendWebSession(user, ws.GetName(), "") + _, err = web.ExtendWebSession(WebSessionReq{ + User: user, + PrevSessionID: ws.GetName(), + }) c.Assert(err, check.NotNil) } -func (s *TLSSuite) TestWebSessionWithApprovedAccessRequest(c *check.C) { +func (s *TLSSuite) TestWebSessionWithApprovedAccessRequestAndSwitchback(c *check.C) { clt, err := s.server.NewClient(TestAdmin()) c.Assert(err, check.IsNil) @@ -1470,8 +1476,6 @@ func (s *TLSSuite) TestWebSessionWithApprovedAccessRequest(c *check.C) { newUser, err := CreateUserRoleAndRequestable(clt, user, "test-request-role") c.Assert(err, check.IsNil) c.Assert(newUser.GetRoles(), check.HasLen, 1) - - initialRole := newUser.GetRoles()[0] c.Assert(newUser.GetRoles(), check.DeepEquals, []string{"user:user2"}) proxy, err := s.server.NewClient(TestBuiltin(teleport.RoleProxy)) @@ -1494,19 +1498,31 @@ func (s *TLSSuite) TestWebSessionWithApprovedAccessRequest(c *check.C) { web, err := s.server.NewClientFromWebSession(ws) c.Assert(err, check.IsNil) + initialRole := newUser.GetRoles()[0] + initialSession, err := web.GetWebSessionInfo(context.TODO(), user, ws.GetName()) + c.Assert(err, check.IsNil) + // Create a approved access request. accessReq, err := services.NewAccessRequest(user, []string{"test-request-role"}...) c.Assert(err, check.IsNil) + // Set a lesser expiry date, to test switching back to default expiration later. + accessReq.SetAccessExpiry(s.clock.Now().Add(time.Minute * 10)) accessReq.SetState(services.RequestState_APPROVED) err = clt.CreateAccessRequest(context.Background(), accessReq) c.Assert(err, check.IsNil) - sess, err := web.ExtendWebSession(user, ws.GetName(), accessReq.GetMetadata().Name) + sess1, err := web.ExtendWebSession(WebSessionReq{ + User: user, + PrevSessionID: ws.GetName(), + AccessRequestID: accessReq.GetMetadata().Name, + }) c.Assert(err, check.IsNil) + c.Assert(sess1.Expiry(), check.Equals, s.clock.Now().Add(time.Minute*10)) + c.Assert(sess1.GetLoginTime(), check.Equals, initialSession.GetLoginTime()) - sshcert, err := sshutils.ParseCertificate(sess.GetPub()) + sshcert, err := sshutils.ParseCertificate(sess1.GetPub()) c.Assert(err, check.IsNil) // Roles extracted from cert should contain the initial role and the role assigned with access request. @@ -1524,6 +1540,23 @@ func (s *TLSSuite) TestWebSessionWithApprovedAccessRequest(c *check.C) { _, hasRole = mappedRole["test-request-role"] c.Assert(hasRole, check.Equals, true) + + // Test switch back to default role and expiry. + sess2, err := web.ExtendWebSession(WebSessionReq{ + User: user, + PrevSessionID: ws.GetName(), + Switchback: true, + }) + c.Assert(err, check.IsNil) + c.Assert(sess2.GetExpiryTime(), check.Equals, initialSession.GetExpiryTime()) + c.Assert(sess2.GetLoginTime(), check.Equals, initialSession.GetLoginTime()) + + sshcert, err = sshutils.ParseCertificate(sess2.GetPub()) + c.Assert(err, check.IsNil) + + roles, _, err = services.ExtractFromCertificate(clt, sshcert) + c.Assert(err, check.IsNil) + c.Assert(roles, check.DeepEquals, []string{initialRole}) } // TestGetCertAuthority tests certificate authority permissions diff --git a/lib/services/session.go b/lib/services/session.go index 04bac9bf1d3..a976e21f562 100644 --- a/lib/services/session.go +++ b/lib/services/session.go @@ -38,7 +38,8 @@ const WebSessionSpecV2Schema = `{ "tls_cert": {"type": "string"}, "bearer_token": {"type": "string"}, "bearer_token_expires": {"type": "string"}, - "expires": {"type": "string"}%v + "expires": {"type": "string"}, + "login_time": {"type": "string"}%v } }` diff --git a/lib/web/apiserver.go b/lib/web/apiserver.go index 67c03159e94..69e7ac47921 100644 --- a/lib/web/apiserver.go +++ b/lib/web/apiserver.go @@ -258,7 +258,6 @@ func NewHandler(cfg Config, opts ...HandlerOption) (*RewritingHandler, error) { h.POST("/webapi/sessions/app", h.WithAuth(h.createAppSession)) h.DELETE("/webapi/sessions", h.WithAuth(h.deleteSession)) h.POST("/webapi/sessions/renew", h.WithAuth(h.renewSession)) - h.POST("/webapi/sessions/renew/:requestId", h.WithAuth(h.renewSession)) h.POST("/webapi/users", h.WithAuth(h.createUserHandle)) h.PUT("/webapi/users", h.WithAuth(h.updateUserHandle)) @@ -1199,18 +1198,20 @@ type CreateSessionReq struct { // String returns text description of this response func (r *CreateSessionResponse) String() string { return fmt.Sprintf("WebSession(type=%v,token=%v,expires=%vs)", - r.Type, r.Token, r.ExpiresIn) + r.TokenType, r.Token, r.TokenExpiresIn) } // CreateSessionResponse returns OAuth compabible data about // access token: https://tools.ietf.org/html/rfc6749 type CreateSessionResponse struct { - // Type is token type (bearer) - Type string `json:"type"` + // TokenType is token type (bearer) + TokenType string `json:"type"` // Token value Token string `json:"token"` - // ExpiresIn sets seconds before this token is not valid - ExpiresIn int `json:"expires_in"` + // TokenExpiresIn sets seconds before this token is not valid + TokenExpiresIn int `json:"expires_in"` + // SessionExpires is when this session expires. + SessionExpires time.Time `json:"sessionExpires,omitempty"` } func newSessionResponse(ctx *SessionContext) (*CreateSessionResponse, error) { @@ -1235,10 +1236,11 @@ func newSessionResponse(ctx *SessionContext) (*CreateSessionResponse, error) { if err != nil { return nil, trace.Wrap(err) } + return &CreateSessionResponse{ - Type: roundtrip.AuthBearer, - Token: token.GetName(), - ExpiresIn: int(token.Expiry().Sub(ctx.parent.clock.Now()) / time.Second), + TokenType: roundtrip.AuthBearer, + Token: token.GetName(), + TokenExpiresIn: int(token.Expiry().Sub(ctx.parent.clock.Now()) / time.Second), }, nil } @@ -1337,13 +1339,32 @@ func (h *Handler) logout(w http.ResponseWriter, ctx *SessionContext) error { return nil } -// renewSession is called in two ways: -// - Without requestId: Updates the existing session about to expire. -// - With requestId: Updates existing session with additional roles assigned with approving access request. -func (h *Handler) renewSession(w http.ResponseWriter, r *http.Request, params httprouter.Params, ctx *SessionContext) (interface{}, error) { - requestID := params.ByName("requestId") +type renewSessionRequest struct { + // AccessRequestID is the id of an approved access request. + AccessRequestID string `json:"requestId"` + // Switchback indicates switching back to default roles when creating new session. + Switchback bool `json:"switchback"` +} - newSession, err := ctx.extendWebSession(requestID) +// renewSession updates this existing session with a new session. +// +// Depending on request fields sent in for extension, the new session creation can vary depending on: +// - requestId (opt): appends roles approved from access request to currently assigned roles or, +// - switchback (opt): roles stacked with assuming approved access requests, will revert to user's default roles +// - default (none set): create new session with currently assigned roles +func (h *Handler) renewSession(w http.ResponseWriter, r *http.Request, params httprouter.Params, ctx *SessionContext) (interface{}, error) { + req := renewSessionRequest{} + if r.Body != http.NoBody { + if err := httplib.ReadJSON(r, &req); err != nil { + return nil, trace.Wrap(err) + } + } + + if req.AccessRequestID != "" && req.Switchback { + return nil, trace.BadParameter("Failed to renew session: fields 'AccessRequestID' and 'Switchback' cannot be both set") + } + + newSession, err := ctx.extendWebSession(req.AccessRequestID, req.Switchback) if err != nil { return nil, trace.Wrap(err) } @@ -1354,7 +1375,14 @@ func (h *Handler) renewSession(w http.ResponseWriter, r *http.Request, params ht if err := SetSessionCookie(w, newSession.GetUser(), newSession.GetName()); err != nil { return nil, trace.Wrap(err) } - return newSessionResponse(newContext) + + res, err := newSessionResponse(newContext) + if err != nil { + return nil, trace.Wrap(err) + } + res.SessionExpires = newSession.GetExpiryTime() + + return res, nil } func (h *Handler) changePasswordWithToken(w http.ResponseWriter, r *http.Request, p httprouter.Params) (interface{}, error) { diff --git a/lib/web/apiserver_test.go b/lib/web/apiserver_test.go index ffa173c6504..6be98f407a6 100644 --- a/lib/web/apiserver_test.go +++ b/lib/web/apiserver_test.go @@ -2354,7 +2354,7 @@ func decodeSessionCookie(t *testing.T, value string) (sessionID string) { } func (r CreateSessionResponse) response() (*CreateSessionResponse, error) { - return &CreateSessionResponse{Type: r.Type, Token: r.Token, ExpiresIn: r.ExpiresIn}, nil + return &CreateSessionResponse{TokenType: r.TokenType, Token: r.Token, TokenExpiresIn: r.TokenExpiresIn}, nil } func newWebPack(t *testing.T, numProxies int) *webPack { @@ -2662,8 +2662,8 @@ func (r *proxy) authPackFromResponse(t *testing.T, httpResp *roundtrip.Response) session, err := resp.response() require.NoError(t, err) - if session.ExpiresIn < 0 { - t.Errorf("Expected expiry time to be in the future but got %v", session.ExpiresIn) + if session.TokenExpiresIn < 0 { + t.Errorf("Expected expiry time to be in the future but got %v", session.TokenExpiresIn) } return &authPack{ session: session, diff --git a/lib/web/sessions.go b/lib/web/sessions.go index 3e1df875fff..aeca21918e2 100644 --- a/lib/web/sessions.go +++ b/lib/web/sessions.go @@ -253,8 +253,13 @@ func (c *SessionContext) GetUser() string { // extendWebSession creates a new web session for this user // based on the previous session -func (c *SessionContext) extendWebSession(accessRequestID string) (services.WebSession, error) { - session, err := c.clt.ExtendWebSession(c.user, c.session.GetName(), accessRequestID) +func (c *SessionContext) extendWebSession(accessRequestID string, switchback bool) (services.WebSession, error) { + session, err := c.clt.ExtendWebSession(auth.WebSessionReq{ + User: c.user, + PrevSessionID: c.session.GetName(), + AccessRequestID: accessRequestID, + Switchback: switchback, + }) if err != nil { return nil, trace.Wrap(err) }