Add sign-in request for authentication token retrieval (#216)

## Release notes: usage and product changes
A new mechanism of authentication tokens has been introduced to replace
the old way of sending usernames and passwords through the network with
every request.

Instead, all user credentials (currently, it's usernames and passwords)
are sent only:
* as a part of `connection_open` request for authentication and
authorization, with a temporary token returned;
* as a part of `sign_in` request for sign ins within an established
connection (to change the user or to get a new authentication token).
Then, all further requests are expected to be authenticated only by
temporary, less sensitive tokens.

The approach is extensible to other credential types that can be
introduced in the future.

## Implementation

Author: farost

grpc/java/BUILD

@@ -16,6 +16,7 @@ java_grpc_library(
         "//proto:answer-proto",
         "//proto:concept-proto",
         "//proto:connection-proto",
+        "//proto:authentication-proto",
         "//proto:logic-proto",
         "//proto:options-proto",
         "//proto:query-proto",

grpc/nodejs/BUILD

@@ -32,6 +32,7 @@ ts_grpc_compile(
         "//proto:answer-proto",
         "//proto:concept-proto",
         "//proto:connection-proto",
+        "//proto:authentication-proto",
         "//proto:logic-proto",
         "//proto:options-proto",
         "//proto:query-proto",

grpc/rust/BUILD

@@ -19,6 +19,7 @@ rust_tonic_compile(
         "//proto:answer-proto",
         "//proto:concept-proto",
         "//proto:connection-proto",
+        "//proto:authentication-proto",
         "//proto:logic-proto",
         "//proto:options-proto",
         "//proto:query-proto",

grpc/rust/build.rs

@@ -5,6 +5,7 @@
 fn main() -> std::io::Result<()> {
     let protos = vec![
         "../../proto/answer.proto",
+        "../../proto/authentication.proto",
         "../../proto/concept.proto",
         "../../proto/connection.proto",
         "../../proto/database.proto",

proto/BUILD

@@ -11,6 +11,7 @@ proto_library(
     srcs = [":typedb-service.proto"],
     deps = [
         ":connection-proto",
+        ":authentication-proto",
         ":server-proto",
         ":user-proto",
         ":database-proto",
@@ -39,6 +40,11 @@ proto_library(
     deps = [":concept-proto"],
 )
 
+proto_library(
+    name = "authentication-proto",
+    srcs = ["authentication.proto"],
+)
+
 proto_library(
     name = "concept-proto",
     srcs = ["concept.proto"],
@@ -48,8 +54,9 @@ proto_library(
     name = "connection-proto",
     srcs = ["connection.proto"],
     deps = [
-        ":version-proto",
-        ":database-proto"
+        ":authentication-proto",
+        ":database-proto",
+        ":version-proto"
     ],
 )
 

proto/authentication.proto

@@ -0,0 +1,29 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+
+syntax = "proto3";
+
+package typedb.protocol;
+
+message Authentication {
+  message Token {
+    message Create {
+      message Req {
+        message Password {
+          string username = 1;
+          string password = 2;
+        }
+
+        oneof credentials {
+          Password password = 1;
+          // extend by other credential kinds
+        }
+      }
+
+      message Res {
+        string token = 1;
+      }
+    }
+  }
+}

proto/connection.proto

@@ -4,8 +4,9 @@
 
 syntax = "proto3";
 
-import "proto/version.proto";
+import "proto/authentication.proto";
 import "proto/database.proto";
+import "proto/version.proto";
 
 package typedb.protocol;
 
@@ -16,16 +17,18 @@ message Connection {
       Version version = 1;
       string driver_lang = 2;
       string driver_version = 3;
+
+      Authentication.Token.Create.Req authentication = 4;
     }
 
     message Res {
       uint64 server_duration_millis = 1;
       ConnectionID connection_id = 2;
 
-      // TODO: initial Token
-
       // pre-send all databases and replica info
       DatabaseManager.All.Res databases_all = 3;
+
+      Authentication.Token.Create.Res authentication = 4;
     }
   }
 }

proto/query.proto

@@ -6,7 +6,6 @@ syntax = "proto3";
 
 import "proto/answer.proto";
 import "proto/options.proto";
-import "proto/concept.proto";
 
 package typedb.protocol;
 

proto/typedb-service.proto

@@ -4,6 +4,7 @@
 
 syntax = "proto3";
 
+import "proto/authentication.proto";
 import "proto/connection.proto";
 import "proto/database.proto";
 import "proto/server.proto";
@@ -17,6 +18,9 @@ service TypeDB {
     // Connection API
     rpc connection_open (Connection.Open.Req) returns (Connection.Open.Res);
 
+    // Authentication API
+    rpc authentication_token_create (Authentication.Token.Create.Req) returns (Authentication.Token.Create.Res);
+
     // Server Manager API
     rpc servers_all (ServerManager.All.Req) returns (ServerManager.All.Res);
 

proto/version.proto

@@ -7,7 +7,7 @@ syntax = "proto3";
 package typedb.protocol;
 
 enum Version {
-  reserved 1, 2, 3; // add past version numbers into the reserved range
+  reserved 1, 2, 3, 4; // add past version numbers into the reserved range
   UNSPECIFIED = 0;
-  VERSION = 4;
+  VERSION = 5;
 }