feat: update latest satellite.did with support for google authentication in template

Author: peterpeterparker

templates/eject/rust/src/satellite/satellite.did

@@ -20,8 +20,15 @@ type AssetNoContent = record {
   version : opt nat64;
 };
 type AssetsUpgradeOptions = record { clear_existing_assets : opt bool };
+type AuthenticateResultResponse = variant {
+  Ok : Authentication;
+  Err : AuthenticationError;
+};
+type Authentication = record { doc : Doc; delegation : PreparedDelegation };
+type AuthenticationArgs = variant { OpenId : OpenIdPrepareDelegationArgs };
 type AuthenticationConfig = record {
   updated_at : opt nat64;
+  openid : opt AuthenticationConfigOpenId;
   created_at : opt nat64;
   version : opt nat64;
   internet_identity : opt AuthenticationConfigInternetIdentity;
@@ -31,6 +38,14 @@ type AuthenticationConfigInternetIdentity = record {
   derivation_origin : opt text;
   external_alternative_origins : opt vec text;
 };
+type AuthenticationConfigOpenId = record {
+  observatory_id : opt principal;
+  providers : vec record { OpenIdProvider; OpenIdProviderConfig };
+};
+type AuthenticationError = variant {
+  PrepareDelegation : PrepareDelegationError;
+  RegisterUser : text;
+};
 type AuthenticationRules = record { allowed_callers : vec principal };
 type CollectionType = variant { Db; Storage };
 type CommitBatch = record {
@@ -67,6 +82,11 @@ type DbConfig = record {
 };
 type DelDoc = record { version : opt nat64 };
 type DelRule = record { version : opt nat64 };
+type Delegation = record {
+  pubkey : blob;
+  targets : opt vec principal;
+  expiration : nat64;
+};
 type DeleteControllersArgs = record { controllers : vec principal };
 type DeleteProposalAssets = record { proposal_ids : vec nat };
 type DepositCyclesArgs = record { cycles : nat; destination_id : principal };
@@ -78,6 +98,30 @@ type Doc = record {
   created_at : nat64;
   version : opt nat64;
 };
+type GetDelegationArgs = variant { OpenId : OpenIdGetDelegationArgs };
+type GetDelegationError = variant {
+  JwtFindProvider : JwtFindProviderError;
+  GetCachedJwks;
+  NoSuchDelegation;
+  JwtVerify : JwtVerifyError;
+  GetOrFetchJwks : GetOrRefreshJwksError;
+  DeriveSeedFailed : text;
+};
+type GetDelegationResultResponse = variant {
+  Ok : SignedDelegation;
+  Err : GetDelegationError;
+};
+type GetOrRefreshJwksError = variant {
+  InvalidConfig : text;
+  MissingKid;
+  BadClaim : text;
+  KeyNotFoundCooldown;
+  CertificateNotFound;
+  BadSig : text;
+  MissingLastAttempt : text;
+  KeyNotFound;
+  FetchFailed : text;
+};
 type HttpRequest = record {
   url : text;
   method : text;
@@ -105,6 +149,18 @@ type InitSatelliteArgs = record {
 };
 type InitStorageArgs = record { system_memory : opt Memory };
 type InitUploadResult = record { batch_id : nat };
+type JwtFindProviderError = variant {
+  BadClaim : text;
+  BadSig : text;
+  NoMatchingProvider;
+};
+type JwtVerifyError = variant {
+  WrongKeyType;
+  MissingKid;
+  BadClaim : text;
+  BadSig : text;
+  NoKeyForKid;
+};
 type ListMatcher = record {
   key : opt text;
   updated_at : opt TimestampMatcher;
@@ -154,7 +210,35 @@ type ListRulesResults = record {
 };
 type Memory = variant { Heap; Stable };
 type MemorySize = record { stable : nat64; heap : nat64 };
+type OpenIdGetDelegationArgs = record {
+  jwt : text;
+  session_key : blob;
+  salt : blob;
+  expiration : nat64;
+};
+type OpenIdPrepareDelegationArgs = record {
+  jwt : text;
+  session_key : blob;
+  salt : blob;
+};
+type OpenIdProvider = variant { Google };
+type OpenIdProviderConfig = record {
+  delegation : opt OpenIdProviderDelegationConfig;
+  client_id : text;
+};
+type OpenIdProviderDelegationConfig = record {
+  targets : opt vec principal;
+  max_time_to_live : opt nat64;
+};
 type Permission = variant { Controllers; Private; Public; Managed };
+type PrepareDelegationError = variant {
+  JwtFindProvider : JwtFindProviderError;
+  GetCachedJwks;
+  JwtVerify : JwtVerifyError;
+  GetOrFetchJwks : GetOrRefreshJwksError;
+  DeriveSeedFailed : text;
+};
+type PreparedDelegation = record { user_key : blob; expiration : nat64 };
 type Proposal = record {
   status : ProposalStatus;
   updated_at : nat64;
@@ -198,6 +282,7 @@ type SegmentsDeploymentOptions = record {
   satellite_version : opt text;
 };
 type SetAuthenticationConfig = record {
+  openid : opt AuthenticationConfigOpenId;
   version : opt nat64;
   internet_identity : opt AuthenticationConfigInternetIdentity;
   rules : opt AuthenticationRules;
@@ -240,6 +325,7 @@ type SetStorageConfig = record {
   raw_access : opt StorageConfigRawAccess;
   redirects : opt vec record { text; StorageConfigRedirect };
 };
+type SignedDelegation = record { signature : blob; delegation : Delegation };
 type StorageConfig = record {
   iframe : opt StorageConfigIFrame;
   updated_at : opt nat64;
@@ -286,6 +372,7 @@ type UploadChunk = record {
 };
 type UploadChunkResult = record { chunk_id : nat };
 service : (InitSatelliteArgs) -> {
+  authenticate : (AuthenticationArgs) -> (AuthenticateResultResponse);
   commit_asset_upload : (CommitBatch) -> ();
   commit_proposal : (CommitProposal) -> (null);
   commit_proposal_asset_upload : (CommitBatch) -> ();
@@ -314,6 +401,7 @@ service : (InitSatelliteArgs) -> {
   get_auth_config : () -> (opt AuthenticationConfig) query;
   get_config : () -> (Config);
   get_db_config : () -> (opt DbConfig) query;
+  get_delegation : (GetDelegationArgs) -> (GetDelegationResultResponse) query;
   get_doc : (text, text) -> (opt Doc) query;
   get_many_assets : (vec record { text; text }) -> (
       vec record { text; opt AssetNoContent },