feat(proto): add separate client/user-agent gRPC services

protobufs/arbiter.proto

@@ -4,20 +4,35 @@ package arbiter;
 
 import "auth.proto";
 
-message ClientMessage {
-    oneof payload {
-        arbiter.auth.AuthChallengeRequest auth_challenge_request = 1;
-        arbiter.auth.AuthChallengeSolution auth_challenge_solution = 2;
-    }
+message ClientRequest {
+  oneof payload {
+    arbiter.auth.ClientMessage auth_message = 1;
+  }
 }
 
-message ServerMessage {
-    oneof payload {
-        arbiter.auth.AuthChallenge auth_challenge = 1;
-        arbiter.auth.AuthResponse auth_response = 2;
-    }
+message ClientResponse {
+  oneof payload {
+    arbiter.auth.ServerMessage auth_message = 1;
+  }
 }
 
-service Server {
-    rpc Communicate(stream ClientMessage) returns (stream ServerMessage);
+message UserAgentRequest {
+  oneof payload {
+    arbiter.auth.ClientMessage auth_message = 1;
+  }
+}
+message UserAgentResponse {
+  oneof payload {
+    arbiter.auth.ServerMessage auth_message = 1;
+  }
+}
+
+message ServerInfo {
+  string version = 1;
+  bytes cert_public_key = 2;
+}
+
+service ArbiterService {
+  rpc Client(stream ClientRequest) returns (stream ClientResponse);
+  rpc UserAgent(stream UserAgentRequest) returns (stream UserAgentResponse);
 }

protobufs/auth.proto

@@ -5,23 +5,37 @@ package arbiter.auth;
 import "google/protobuf/timestamp.proto";
 
 message AuthChallengeRequest {
-    bytes pubkey = 1;
+  bytes pubkey = 1;
 }
 
 message AuthChallenge {
-    bytes pubkey = 1;
-    bytes nonce = 2;
-    google.protobuf.Timestamp minted = 3 ; 
+  bytes pubkey = 1;
+  bytes nonce = 2;
+  google.protobuf.Timestamp minted = 3;
 }
 
 message AuthChallengeSolution {
-    AuthChallenge challenge = 1 ;
-    bytes signature = 2;
+  AuthChallenge challenge = 1;
+  bytes signature = 2;
 }
 
 message AuthResponse {
-    string token = 1;
-    string refresh_token = 2;
-    google.protobuf.Timestamp expires_at = 3 ;
-    google.protobuf.Timestamp refresh_expires_at = 4 ;
-}
+  string token = 1;
+  string refresh_token = 2;
+  google.protobuf.Timestamp expires_at = 3;
+  google.protobuf.Timestamp refresh_expires_at = 4;
+}
+
+message ClientMessage {
+  oneof payload {
+    AuthChallengeRequest auth_challenge_request = 1;
+    AuthChallengeSolution auth_challenge_solution = 2;
+  }
+}
+
+message ServerMessage {
+  oneof payload {
+    AuthChallenge auth_challenge = 1;
+    AuthResponse auth_response = 2;
+  }
+}

protobufs/unseal.proto

@@ -0,0 +1,14 @@
+syntax = "proto3";
+
+package arbiter.auth;
+
+message UserAgentKeyRequest {}
+
+message ServerKeyResponse {
+  bytes pubkey = 1;
+}
+message UserAgentSealedKey {
+  bytes sealed_key = 1;
+  bytes pubkey = 2;
+  bytes nonce = 3;
+}