diff --git a/cs3/sharing/link/v1beta1/link_api.proto b/cs3/sharing/link/v1beta1/link_api.proto
index 81b469dc..8fbbb9ec 100644
--- a/cs3/sharing/link/v1beta1/link_api.proto
+++ b/cs3/sharing/link/v1beta1/link_api.proto
@@ -173,6 +173,9 @@ message ListPublicSharesRequest {
// OPTIONAL.
// The list of filters to apply if any.
repeated Filter filters = 2;
+ // OPTIONAL.
+ // If a signature should be included in the share.
+ bool sign = 3;
}
message ListPublicSharesResponse {
@@ -212,6 +215,9 @@ message GetPublicShareRequest {
// REQUIRED.
// The reference to which the action should be performed.
PublicShareReference ref = 2;
+ // OPTIONAL.
+ // If a signature should be included in the share.
+ bool sign = 3;
}
message GetPublicShareResponse {
@@ -224,9 +230,6 @@ message GetPublicShareResponse {
// REQUIRED.
// The share.
PublicShare share = 3;
- // OPTIONAL.
- // The share password hash.
- string password_hash = 4;
}
message GetPublicShareByTokenRequest {
@@ -237,8 +240,11 @@ message GetPublicShareByTokenRequest {
// The unlisted token to identify the public share.
string token = 2;
// OPTIONAL.
- // The public link can be password protected.
- string password = 3;
+ // The public link can require authentication.
+ PublicShareAuthentication authentication = 3;
+ // OPTIONAL.
+ // If a signature should be included in the share.
+ bool sign = 4;
}
message GetPublicShareByTokenResponse {
@@ -253,5 +259,5 @@ message GetPublicShareByTokenResponse {
PublicShare share = 3;
// OPTIONAL.
// The share password hash.
- string password_hash = 4;
+ string password_hash = 4 [deprecated = true];
}
diff --git a/cs3/sharing/link/v1beta1/resources.proto b/cs3/sharing/link/v1beta1/resources.proto
index 8f2d9f7a..37db210b 100644
--- a/cs3/sharing/link/v1beta1/resources.proto
+++ b/cs3/sharing/link/v1beta1/resources.proto
@@ -98,6 +98,11 @@ message PublicShare {
// This field is only useful for informational purposes, like for example,
// setting the window title in a public share HTML page.
string display_name = 11;
+ // OPTIONAL.
+ // A time constrained token with which
+ // GetPublicSharebyToken requests can be
+ // authenticated.
+ ShareSignature signature = 12;
}
// The permissions for a share.
@@ -130,6 +135,28 @@ message PublicShareReference {
}
}
+// The mechanism to authenticate a request to
+// GetPublicShareByToken.
+message PublicShareAuthentication {
+ oneof spec {
+ // The password of the share.
+ string password = 1;
+ // The signature issued by GetPublicShareByToken.
+ ShareSignature signature = 2;
+ }
+}
+
+// A time constrained token which can be used to
+// authenticate link share requests.
+message ShareSignature {
+ // REQUIRED.
+ // The signature value.
+ string signature = 1;
+ // REQUIRED.
+ // The time until the signature becomes invalid.
+ cs3.types.v1beta1.Timestamp signature_expiration = 2;
+}
+
// Defines the restrictions for the public share.
message Grant {
// REQUIRED.
diff --git a/docs/index.html b/docs/index.html
index 0a218d2d..7e87f54d 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -1103,6 +1103,10 @@ Table of Contents
MPublicShare
+
+ MPublicShareAuthentication
+
+
MPublicShareId
@@ -1115,6 +1119,10 @@ Table of Contents
MPublicShareReference
+
+ MShareSignature
+
+
@@ -8482,11 +8490,19 @@ GetPublicShareByT
- | password |
- string |
+ authentication |
+ PublicShareAuthentication |
+ |
+ OPTIONAL.
+The public link can require authentication. |
+
+
+
+ | sign |
+ bool |
|
OPTIONAL.
-The public link can be password protected. |
+If a signature should be included in the share.
@@ -8542,6 +8558,27 @@ GetPublicShareBy
+
+
+ Fields with deprecated option
+
+
+
+ | Name |
+ Option |
+
+
+
+
+
+ | password_hash |
+ true |
+
+
+
+
+
+
@@ -8571,6 +8608,14 @@ GetPublicShareRequest
+
+ | sign |
+ bool |
+ |
+ OPTIONAL.
+If a signature should be included in the share. |
+
+
@@ -8612,14 +8657,6 @@ GetPublicShareResponse<
The share.
-
- | password_hash |
- string |
- |
- OPTIONAL.
-The share password hash. |
-
-
@@ -8653,6 +8690,14 @@ ListPublicSharesReques
The list of filters to apply if any.
+
+ | sign |
+ bool |
+ |
+ OPTIONAL.
+If a signature should be included in the share. |
+
+
@@ -9243,6 +9288,47 @@ PublicShare
setting the window title in a public share HTML page.
+
+ | signature |
+ ShareSignature |
+ |
+ OPTIONAL.
+A time constrained token with which
+GetPublicSharebyToken requests can be
+authenticated. |
+
+
+
+
+
+
+
+
+
+ PublicShareAuthentication
+
The mechanism to authenticate a request to
GetPublicShareByToken.
+
+
+
+
+ | Field | Type | Label | Description |
+
+
+
+
+ | password |
+ string |
+ |
+ The password of the share. |
+
+
+
+ | signature |
+ ShareSignature |
+ |
+ The signature issued by GetPublicShareByToken. |
+
+
@@ -9332,6 +9418,39 @@ PublicShareReference
+ ShareSignature
+ A time constrained token which can be used to
authenticate link share requests.
+
+
+
+
+ | Field | Type | Label | Description |
+
+
+
+
+ | signature |
+ string |
+ |
+ REQUIRED.
+The signature value. |
+
+
+
+ | signature_expiration |
+ cs3.types.v1beta1.Timestamp |
+ |
+ REQUIRED.
+The time until the signature becomes invalid. |
+
+
+
+
+
+
+
+
+
diff --git a/proto.lock b/proto.lock
index 7a236817..87da1c3f 100644
--- a/proto.lock
+++ b/proto.lock
@@ -3279,6 +3279,10 @@
{
"name": "CODE_REDIRECTION",
"integer": 18
+ },
+ {
+ "name": "CODE_INSUFFICIENT_STORAGE",
+ "integer": 19
}
]
}
@@ -4225,6 +4229,11 @@
"name": "filters",
"type": "Filter",
"is_repeated": true
+ },
+ {
+ "id": 3,
+ "name": "sign",
+ "type": "bool"
}
],
"messages": [
@@ -4318,6 +4327,11 @@
"id": 2,
"name": "ref",
"type": "PublicShareReference"
+ },
+ {
+ "id": 3,
+ "name": "sign",
+ "type": "bool"
}
]
},
@@ -4338,11 +4352,6 @@
"id": 3,
"name": "share",
"type": "PublicShare"
- },
- {
- "id": 4,
- "name": "password_hash",
- "type": "string"
}
]
},
@@ -4361,8 +4370,13 @@
},
{
"id": 3,
- "name": "password",
- "type": "string"
+ "name": "authentication",
+ "type": "PublicShareAuthentication"
+ },
+ {
+ "id": 4,
+ "name": "sign",
+ "type": "bool"
}
]
},
@@ -4387,7 +4401,13 @@
{
"id": 4,
"name": "password_hash",
- "type": "string"
+ "type": "string",
+ "options": [
+ {
+ "name": "deprecated",
+ "value": "true"
+ }
+ ]
}
]
}
@@ -4542,6 +4562,11 @@
"id": 11,
"name": "display_name",
"type": "string"
+ },
+ {
+ "id": 12,
+ "name": "signature",
+ "type": "ShareSignature"
}
]
},
@@ -4580,6 +4605,36 @@
}
]
},
+ {
+ "name": "PublicShareAuthentication",
+ "fields": [
+ {
+ "id": 1,
+ "name": "password",
+ "type": "string"
+ },
+ {
+ "id": 2,
+ "name": "signature",
+ "type": "ShareSignature"
+ }
+ ]
+ },
+ {
+ "name": "ShareSignature",
+ "fields": [
+ {
+ "id": 1,
+ "name": "signature",
+ "type": "string"
+ },
+ {
+ "id": 2,
+ "name": "signature_expiration",
+ "type": "cs3.types.v1beta1.Timestamp"
+ }
+ ]
+ },
{
"name": "Grant",
"fields": [