diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 4dce397804..abb3632248 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,5 +1,5 @@ [versions] -middlewareVersion = "v0.39.0-rc07" +middlewareVersion = "v0.39.0-rc08" kotlinVersion = '2.0.21' kspVersion = "2.0.21-1.0.25" diff --git a/protocol/src/main/proto/commands.proto b/protocol/src/main/proto/commands.proto index 5781ff69cb..67d12b83f4 100644 --- a/protocol/src/main/proto/commands.proto +++ b/protocol/src/main/proto/commands.proto @@ -703,6 +703,7 @@ message Rpc { NetworkMode networkMode = 6; // optional, default is DefaultConfig string networkCustomConfigFilePath = 7; // config path for the custom network mode } bool preferYamuxTransport = 8; // optional, default is false, recommended in case of problems with QUIC transport + string jsonApiListenAddr = 9; // optional, if empty json api will not be started; 127.0.0.1:31009 should be the default one } /** * Middleware-to-front-end response for an account creation request, that can contain a NULL error and created account or a non-NULL error and an empty account @@ -824,6 +825,7 @@ message Rpc { NetworkMode networkMode = 4; // optional, default is DefaultConfig string networkCustomConfigFilePath = 5; // config path for the custom network mode bool preferYamuxTransport = 6; // optional, default is false, recommended in case of problems with QUIC transport + string jsonApiListenAddr = 7; // optional, if empty json api will not be started; 127.0.0.1:31009 should be the default one } /** @@ -1033,6 +1035,28 @@ message Rpc { } + message ChangeJsonApiAddr { + message Request { + string listenAddr = 1; // make sure to use 127.0.0.1:x to not listen on all interfaces; recommended value is 127.0.0.1:31009 + } + message Response { + Error error = 2; + + message Error { + Code code = 1; + string description = 2; + + enum Code { + NULL = 0; + UNKNOWN_ERROR = 1; + BAD_INPUT = 2; + ACCOUNT_IS_NOT_RUNNING = 4; + } + } + } + + } + message ChangeNetworkConfigAndRestart { message Request { NetworkMode networkMode = 1; @@ -1073,6 +1097,7 @@ message Rpc { message Request { option (no_auth) = true; string appName = 1; // just for info, not secure to rely on + model.Account.Auth.LocalApiScope scope = 2; } message Response { @@ -7852,8 +7877,6 @@ message Rpc { } } - - message Empty { } diff --git a/protocol/src/main/proto/events.proto b/protocol/src/main/proto/events.proto index bb3ea18d9a..d2f121ac90 100644 --- a/protocol/src/main/proto/events.proto +++ b/protocol/src/main/proto/events.proto @@ -22,6 +22,7 @@ message Event { Account.Config.Update accountConfigUpdate = 202; Account.Update accountUpdate = 203; Account.LinkChallenge accountLinkChallenge = 204; + Account.LinkChallengeHide accountLinkChallengeHide = 205; Object.Details.Set objectDetailsSet = 16; Object.Details.Amend objectDetailsAmend = 50; @@ -172,6 +173,11 @@ message Event { } string challenge = 1; ClientInfo clientInfo = 2; + model.Account.Auth.LocalApiScope scope = 3; + } + + message LinkChallengeHide { + string challenge = 1; // verify code before hiding to protect from MITM attacks } } diff --git a/protocol/src/main/proto/models.proto b/protocol/src/main/proto/models.proto index 9cb7d05039..955f6546b4 100644 --- a/protocol/src/main/proto/models.proto +++ b/protocol/src/main/proto/models.proto @@ -674,6 +674,14 @@ message Account { string networkId = 106; // network id to which anytype is connected } + message Auth { + enum LocalApiScope { + Limited = 0; // Used in WebClipper; AccountSelect(to be deprecated), ObjectSearch, ObjectShow, ObjectCreate, ObjectCreateFromURL, BlockPreview, BlockPaste, BroadcastPayloadEvent + JsonAPI = 1; // JSON API only, no direct grpc api calls allowed + Full = 2; // Full access, not available via LocalLink + } + } + } message LinkPreview { @@ -886,6 +894,7 @@ enum ObjectOrigin { usecase = 6; builtin = 7; bookmark = 8; + api = 9; } message RelationLink {