chore: auto-generate protobuf files [skip ci]

gen/go/sso/auth.pb.go

@@ -913,222 +913,6 @@ func (x *TerminateSessionResponse) GetMessage() string {
 	return ""
 }
 
-type GenerateOauthCodeRequest struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	UserId        string                 `protobuf:"bytes,1,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
-	ClientId      string                 `protobuf:"bytes,2,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
-	RedirectUri   string                 `protobuf:"bytes,3,opt,name=redirect_uri,json=redirectUri,proto3" json:"redirect_uri,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
-}
-
-func (x *GenerateOauthCodeRequest) Reset() {
-	*x = GenerateOauthCodeRequest{}
-	mi := &file_sso_auth_proto_msgTypes[15]
-	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-	ms.StoreMessageInfo(mi)
-}
-
-func (x *GenerateOauthCodeRequest) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*GenerateOauthCodeRequest) ProtoMessage() {}
-
-func (x *GenerateOauthCodeRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[15]
-	if x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use GenerateOauthCodeRequest.ProtoReflect.Descriptor instead.
-func (*GenerateOauthCodeRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{15}
-}
-
-func (x *GenerateOauthCodeRequest) GetUserId() string {
-	if x != nil {
-		return x.UserId
-	}
-	return ""
-}
-
-func (x *GenerateOauthCodeRequest) GetClientId() string {
-	if x != nil {
-		return x.ClientId
-	}
-	return ""
-}
-
-func (x *GenerateOauthCodeRequest) GetRedirectUri() string {
-	if x != nil {
-		return x.RedirectUri
-	}
-	return ""
-}
-
-type GenerateOauthCodeResponse struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	Code          string                 `protobuf:"bytes,1,opt,name=code,proto3" json:"code,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
-}
-
-func (x *GenerateOauthCodeResponse) Reset() {
-	*x = GenerateOauthCodeResponse{}
-	mi := &file_sso_auth_proto_msgTypes[16]
-	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-	ms.StoreMessageInfo(mi)
-}
-
-func (x *GenerateOauthCodeResponse) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*GenerateOauthCodeResponse) ProtoMessage() {}
-
-func (x *GenerateOauthCodeResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[16]
-	if x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use GenerateOauthCodeResponse.ProtoReflect.Descriptor instead.
-func (*GenerateOauthCodeResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{16}
-}
-
-func (x *GenerateOauthCodeResponse) GetCode() string {
-	if x != nil {
-		return x.Code
-	}
-	return ""
-}
-
-type ExchangeOauthCodeRequest struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	Code          string                 `protobuf:"bytes,1,opt,name=code,proto3" json:"code,omitempty"`
-	ClientId      string                 `protobuf:"bytes,2,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
-	ClientSecret  string                 `protobuf:"bytes,3,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
-}
-
-func (x *ExchangeOauthCodeRequest) Reset() {
-	*x = ExchangeOauthCodeRequest{}
-	mi := &file_sso_auth_proto_msgTypes[17]
-	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-	ms.StoreMessageInfo(mi)
-}
-
-func (x *ExchangeOauthCodeRequest) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*ExchangeOauthCodeRequest) ProtoMessage() {}
-
-func (x *ExchangeOauthCodeRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[17]
-	if x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use ExchangeOauthCodeRequest.ProtoReflect.Descriptor instead.
-func (*ExchangeOauthCodeRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{17}
-}
-
-func (x *ExchangeOauthCodeRequest) GetCode() string {
-	if x != nil {
-		return x.Code
-	}
-	return ""
-}
-
-func (x *ExchangeOauthCodeRequest) GetClientId() string {
-	if x != nil {
-		return x.ClientId
-	}
-	return ""
-}
-
-func (x *ExchangeOauthCodeRequest) GetClientSecret() string {
-	if x != nil {
-		return x.ClientSecret
-	}
-	return ""
-}
-
-type ExchangeOauthCodeResponse struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	AccessToken   string                 `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
-	ExpiresIn     int32                  `protobuf:"varint,2,opt,name=expires_in,json=expiresIn,proto3" json:"expires_in,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
-}
-
-func (x *ExchangeOauthCodeResponse) Reset() {
-	*x = ExchangeOauthCodeResponse{}
-	mi := &file_sso_auth_proto_msgTypes[18]
-	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-	ms.StoreMessageInfo(mi)
-}
-
-func (x *ExchangeOauthCodeResponse) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*ExchangeOauthCodeResponse) ProtoMessage() {}
-
-func (x *ExchangeOauthCodeResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[18]
-	if x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use ExchangeOauthCodeResponse.ProtoReflect.Descriptor instead.
-func (*ExchangeOauthCodeResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{18}
-}
-
-func (x *ExchangeOauthCodeResponse) GetAccessToken() string {
-	if x != nil {
-		return x.AccessToken
-	}
-	return ""
-}
-
-func (x *ExchangeOauthCodeResponse) GetExpiresIn() int32 {
-	if x != nil {
-		return x.ExpiresIn
-	}
-	return 0
-}
-
 type SystemCreateAccountRequest struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	Username      string                 `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
@@ -1140,7 +924,7 @@ type SystemCreateAccountRequest struct {
 
 func (x *SystemCreateAccountRequest) Reset() {
 	*x = SystemCreateAccountRequest{}
-	mi := &file_sso_auth_proto_msgTypes[19]
+	mi := &file_sso_auth_proto_msgTypes[15]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1152,7 +936,7 @@ func (x *SystemCreateAccountRequest) String() string {
 func (*SystemCreateAccountRequest) ProtoMessage() {}
 
 func (x *SystemCreateAccountRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[19]
+	mi := &file_sso_auth_proto_msgTypes[15]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1165,7 +949,7 @@ func (x *SystemCreateAccountRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemCreateAccountRequest.ProtoReflect.Descriptor instead.
 func (*SystemCreateAccountRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{19}
+	return file_sso_auth_proto_rawDescGZIP(), []int{15}
 }
 
 func (x *SystemCreateAccountRequest) GetUsername() string {
@@ -1198,7 +982,7 @@ type SystemCreateAccountResponse struct {
 
 func (x *SystemCreateAccountResponse) Reset() {
 	*x = SystemCreateAccountResponse{}
-	mi := &file_sso_auth_proto_msgTypes[20]
+	mi := &file_sso_auth_proto_msgTypes[16]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1210,7 +994,7 @@ func (x *SystemCreateAccountResponse) String() string {
 func (*SystemCreateAccountResponse) ProtoMessage() {}
 
 func (x *SystemCreateAccountResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[20]
+	mi := &file_sso_auth_proto_msgTypes[16]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1223,7 +1007,7 @@ func (x *SystemCreateAccountResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemCreateAccountResponse.ProtoReflect.Descriptor instead.
 func (*SystemCreateAccountResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{20}
+	return file_sso_auth_proto_rawDescGZIP(), []int{16}
 }
 
 func (x *SystemCreateAccountResponse) GetAccountId() string {
@@ -1243,7 +1027,7 @@ type SystemChangeStatusRequest struct {
 
 func (x *SystemChangeStatusRequest) Reset() {
 	*x = SystemChangeStatusRequest{}
-	mi := &file_sso_auth_proto_msgTypes[21]
+	mi := &file_sso_auth_proto_msgTypes[17]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1255,7 +1039,7 @@ func (x *SystemChangeStatusRequest) String() string {
 func (*SystemChangeStatusRequest) ProtoMessage() {}
 
 func (x *SystemChangeStatusRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[21]
+	mi := &file_sso_auth_proto_msgTypes[17]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1268,7 +1052,7 @@ func (x *SystemChangeStatusRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemChangeStatusRequest.ProtoReflect.Descriptor instead.
 func (*SystemChangeStatusRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{21}
+	return file_sso_auth_proto_rawDescGZIP(), []int{17}
 }
 
 func (x *SystemChangeStatusRequest) GetAccountId() string {
@@ -1294,7 +1078,7 @@ type SystemChangeStatusResponse struct {
 
 func (x *SystemChangeStatusResponse) Reset() {
 	*x = SystemChangeStatusResponse{}
-	mi := &file_sso_auth_proto_msgTypes[22]
+	mi := &file_sso_auth_proto_msgTypes[18]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1306,7 +1090,7 @@ func (x *SystemChangeStatusResponse) String() string {
 func (*SystemChangeStatusResponse) ProtoMessage() {}
 
 func (x *SystemChangeStatusResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[22]
+	mi := &file_sso_auth_proto_msgTypes[18]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1319,7 +1103,7 @@ func (x *SystemChangeStatusResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemChangeStatusResponse.ProtoReflect.Descriptor instead.
 func (*SystemChangeStatusResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{22}
+	return file_sso_auth_proto_rawDescGZIP(), []int{18}
 }
 
 func (x *SystemChangeStatusResponse) GetSuccess() bool {
@@ -1339,7 +1123,7 @@ type SystemUpdatePasswordRequest struct {
 
 func (x *SystemUpdatePasswordRequest) Reset() {
 	*x = SystemUpdatePasswordRequest{}
-	mi := &file_sso_auth_proto_msgTypes[23]
+	mi := &file_sso_auth_proto_msgTypes[19]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1351,7 +1135,7 @@ func (x *SystemUpdatePasswordRequest) String() string {
 func (*SystemUpdatePasswordRequest) ProtoMessage() {}
 
 func (x *SystemUpdatePasswordRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[23]
+	mi := &file_sso_auth_proto_msgTypes[19]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1364,7 +1148,7 @@ func (x *SystemUpdatePasswordRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemUpdatePasswordRequest.ProtoReflect.Descriptor instead.
 func (*SystemUpdatePasswordRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{23}
+	return file_sso_auth_proto_rawDescGZIP(), []int{19}
 }
 
 func (x *SystemUpdatePasswordRequest) GetAccountId() string {
@@ -1390,7 +1174,7 @@ type SystemUpdatePasswordResponse struct {
 
 func (x *SystemUpdatePasswordResponse) Reset() {
 	*x = SystemUpdatePasswordResponse{}
-	mi := &file_sso_auth_proto_msgTypes[24]
+	mi := &file_sso_auth_proto_msgTypes[20]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1402,7 +1186,7 @@ func (x *SystemUpdatePasswordResponse) String() string {
 func (*SystemUpdatePasswordResponse) ProtoMessage() {}
 
 func (x *SystemUpdatePasswordResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[24]
+	mi := &file_sso_auth_proto_msgTypes[20]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1415,7 +1199,7 @@ func (x *SystemUpdatePasswordResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemUpdatePasswordResponse.ProtoReflect.Descriptor instead.
 func (*SystemUpdatePasswordResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{24}
+	return file_sso_auth_proto_rawDescGZIP(), []int{20}
 }
 
 func (x *SystemUpdatePasswordResponse) GetSuccess() bool {
@@ -1435,7 +1219,7 @@ type SystemUpdatePinRequest struct {
 
 func (x *SystemUpdatePinRequest) Reset() {
 	*x = SystemUpdatePinRequest{}
-	mi := &file_sso_auth_proto_msgTypes[25]
+	mi := &file_sso_auth_proto_msgTypes[21]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1447,7 +1231,7 @@ func (x *SystemUpdatePinRequest) String() string {
 func (*SystemUpdatePinRequest) ProtoMessage() {}
 
 func (x *SystemUpdatePinRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[25]
+	mi := &file_sso_auth_proto_msgTypes[21]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1460,7 +1244,7 @@ func (x *SystemUpdatePinRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemUpdatePinRequest.ProtoReflect.Descriptor instead.
 func (*SystemUpdatePinRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{25}
+	return file_sso_auth_proto_rawDescGZIP(), []int{21}
 }
 
 func (x *SystemUpdatePinRequest) GetAccountId() string {
@@ -1486,7 +1270,7 @@ type SystemUpdatePinResponse struct {
 
 func (x *SystemUpdatePinResponse) Reset() {
 	*x = SystemUpdatePinResponse{}
-	mi := &file_sso_auth_proto_msgTypes[26]
+	mi := &file_sso_auth_proto_msgTypes[22]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1498,7 +1282,7 @@ func (x *SystemUpdatePinResponse) String() string {
 func (*SystemUpdatePinResponse) ProtoMessage() {}
 
 func (x *SystemUpdatePinResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[26]
+	mi := &file_sso_auth_proto_msgTypes[22]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1511,7 +1295,7 @@ func (x *SystemUpdatePinResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemUpdatePinResponse.ProtoReflect.Descriptor instead.
 func (*SystemUpdatePinResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{26}
+	return file_sso_auth_proto_rawDescGZIP(), []int{22}
 }
 
 func (x *SystemUpdatePinResponse) GetSuccess() bool {
@@ -1532,7 +1316,7 @@ type SystemBlockIpRequest struct {
 
 func (x *SystemBlockIpRequest) Reset() {
 	*x = SystemBlockIpRequest{}
-	mi := &file_sso_auth_proto_msgTypes[27]
+	mi := &file_sso_auth_proto_msgTypes[23]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1544,7 +1328,7 @@ func (x *SystemBlockIpRequest) String() string {
 func (*SystemBlockIpRequest) ProtoMessage() {}
 
 func (x *SystemBlockIpRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[27]
+	mi := &file_sso_auth_proto_msgTypes[23]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1557,7 +1341,7 @@ func (x *SystemBlockIpRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemBlockIpRequest.ProtoReflect.Descriptor instead.
 func (*SystemBlockIpRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{27}
+	return file_sso_auth_proto_rawDescGZIP(), []int{23}
 }
 
 func (x *SystemBlockIpRequest) GetIpAddress() string {
@@ -1590,7 +1374,7 @@ type SystemBlockIpResponse struct {
 
 func (x *SystemBlockIpResponse) Reset() {
 	*x = SystemBlockIpResponse{}
-	mi := &file_sso_auth_proto_msgTypes[28]
+	mi := &file_sso_auth_proto_msgTypes[24]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1602,7 +1386,7 @@ func (x *SystemBlockIpResponse) String() string {
 func (*SystemBlockIpResponse) ProtoMessage() {}
 
 func (x *SystemBlockIpResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[28]
+	mi := &file_sso_auth_proto_msgTypes[24]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1615,7 +1399,7 @@ func (x *SystemBlockIpResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemBlockIpResponse.ProtoReflect.Descriptor instead.
 func (*SystemBlockIpResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{28}
+	return file_sso_auth_proto_rawDescGZIP(), []int{24}
 }
 
 func (x *SystemBlockIpResponse) GetSuccess() bool {
@@ -1634,7 +1418,7 @@ type SystemUnblockIpRequest struct {
 
 func (x *SystemUnblockIpRequest) Reset() {
 	*x = SystemUnblockIpRequest{}
-	mi := &file_sso_auth_proto_msgTypes[29]
+	mi := &file_sso_auth_proto_msgTypes[25]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1646,7 +1430,7 @@ func (x *SystemUnblockIpRequest) String() string {
 func (*SystemUnblockIpRequest) ProtoMessage() {}
 
 func (x *SystemUnblockIpRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[29]
+	mi := &file_sso_auth_proto_msgTypes[25]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1659,7 +1443,7 @@ func (x *SystemUnblockIpRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemUnblockIpRequest.ProtoReflect.Descriptor instead.
 func (*SystemUnblockIpRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{29}
+	return file_sso_auth_proto_rawDescGZIP(), []int{25}
 }
 
 func (x *SystemUnblockIpRequest) GetIpAddress() string {
@@ -1678,7 +1462,7 @@ type SystemUnblockIpResponse struct {
 
 func (x *SystemUnblockIpResponse) Reset() {
 	*x = SystemUnblockIpResponse{}
-	mi := &file_sso_auth_proto_msgTypes[30]
+	mi := &file_sso_auth_proto_msgTypes[26]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1690,7 +1474,7 @@ func (x *SystemUnblockIpResponse) String() string {
 func (*SystemUnblockIpResponse) ProtoMessage() {}
 
 func (x *SystemUnblockIpResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[30]
+	mi := &file_sso_auth_proto_msgTypes[26]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1703,7 +1487,7 @@ func (x *SystemUnblockIpResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemUnblockIpResponse.ProtoReflect.Descriptor instead.
 func (*SystemUnblockIpResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{30}
+	return file_sso_auth_proto_rawDescGZIP(), []int{26}
 }
 
 func (x *SystemUnblockIpResponse) GetSuccess() bool {
@@ -1723,7 +1507,7 @@ type SystemGetAllAccountsRequest struct {
 
 func (x *SystemGetAllAccountsRequest) Reset() {
 	*x = SystemGetAllAccountsRequest{}
-	mi := &file_sso_auth_proto_msgTypes[31]
+	mi := &file_sso_auth_proto_msgTypes[27]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1735,7 +1519,7 @@ func (x *SystemGetAllAccountsRequest) String() string {
 func (*SystemGetAllAccountsRequest) ProtoMessage() {}
 
 func (x *SystemGetAllAccountsRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[31]
+	mi := &file_sso_auth_proto_msgTypes[27]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1748,7 +1532,7 @@ func (x *SystemGetAllAccountsRequest) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemGetAllAccountsRequest.ProtoReflect.Descriptor instead.
 func (*SystemGetAllAccountsRequest) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{31}
+	return file_sso_auth_proto_rawDescGZIP(), []int{27}
 }
 
 func (x *SystemGetAllAccountsRequest) GetLimit() int32 {
@@ -1776,7 +1560,7 @@ type AccountBasicItem struct {
 
 func (x *AccountBasicItem) Reset() {
 	*x = AccountBasicItem{}
-	mi := &file_sso_auth_proto_msgTypes[32]
+	mi := &file_sso_auth_proto_msgTypes[28]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1788,7 +1572,7 @@ func (x *AccountBasicItem) String() string {
 func (*AccountBasicItem) ProtoMessage() {}
 
 func (x *AccountBasicItem) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[32]
+	mi := &file_sso_auth_proto_msgTypes[28]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1801,7 +1585,7 @@ func (x *AccountBasicItem) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use AccountBasicItem.ProtoReflect.Descriptor instead.
 func (*AccountBasicItem) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{32}
+	return file_sso_auth_proto_rawDescGZIP(), []int{28}
 }
 
 func (x *AccountBasicItem) GetId() string {
@@ -1835,7 +1619,7 @@ type SystemGetAllAccountsResponse struct {
 
 func (x *SystemGetAllAccountsResponse) Reset() {
 	*x = SystemGetAllAccountsResponse{}
-	mi := &file_sso_auth_proto_msgTypes[33]
+	mi := &file_sso_auth_proto_msgTypes[29]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -1847,7 +1631,7 @@ func (x *SystemGetAllAccountsResponse) String() string {
 func (*SystemGetAllAccountsResponse) ProtoMessage() {}
 
 func (x *SystemGetAllAccountsResponse) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_auth_proto_msgTypes[33]
+	mi := &file_sso_auth_proto_msgTypes[29]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -1860,7 +1644,7 @@ func (x *SystemGetAllAccountsResponse) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use SystemGetAllAccountsResponse.ProtoReflect.Descriptor instead.
 func (*SystemGetAllAccountsResponse) Descriptor() ([]byte, []int) {
-	return file_sso_auth_proto_rawDescGZIP(), []int{33}
+	return file_sso_auth_proto_rawDescGZIP(), []int{29}
 }
 
 func (x *SystemGetAllAccountsResponse) GetAccounts() []*AccountBasicItem {
@@ -1964,21 +1748,7 @@ const file_sso_auth_proto_rawDesc = "" +
 	"targetHash\"N\n" +
 	"\x18TerminateSessionResponse\x12\x18\n" +
 	"\asuccess\x18\x01 \x01(\bR\asuccess\x12\x18\n" +
-	"\amessage\x18\x02 \x01(\tR\amessage\"s\n" +
+	"\amessage\x18\x02 \x01(\tR\amessage\"v\n" +
-	"\x18GenerateOauthCodeRequest\x12\x17\n" +
-	"\auser_id\x18\x01 \x01(\tR\x06userId\x12\x1b\n" +
-	"\tclient_id\x18\x02 \x01(\tR\bclientId\x12!\n" +
-	"\fredirect_uri\x18\x03 \x01(\tR\vredirectUri\"/\n" +
-	"\x19GenerateOauthCodeResponse\x12\x12\n" +
-	"\x04code\x18\x01 \x01(\tR\x04code\"p\n" +
-	"\x18ExchangeOauthCodeRequest\x12\x12\n" +
-	"\x04code\x18\x01 \x01(\tR\x04code\x12\x1b\n" +
-	"\tclient_id\x18\x02 \x01(\tR\bclientId\x12#\n" +
-	"\rclient_secret\x18\x03 \x01(\tR\fclientSecret\"]\n" +
-	"\x19ExchangeOauthCodeResponse\x12!\n" +
-	"\faccess_token\x18\x01 \x01(\tR\vaccessToken\x12\x1d\n" +
-	"\n" +
-	"expires_in\x18\x02 \x01(\x05R\texpiresIn\"v\n" +
 	"\x1aSystemCreateAccountRequest\x12\x1a\n" +
 	"\busername\x18\x01 \x01(\tR\busername\x12#\n" +
 	"\rpassword_hash\x18\x02 \x01(\tR\fpasswordHash\x12\x17\n" +
@@ -2027,7 +1797,7 @@ const file_sso_auth_proto_rawDesc = "" +
 	"\x06status\x18\x03 \x01(\tR\x06status\"k\n" +
 	"\x1cSystemGetAllAccountsResponse\x125\n" +
 	"\baccounts\x18\x01 \x03(\v2\x19.auth.v1.AccountBasicItemR\baccounts\x12\x14\n" +
-	"\x05total\x18\x02 \x01(\x05R\x05total2\x8b\v\n" +
+	"\x05total\x18\x02 \x01(\x05R\x05total2\xd3\t\n" +
 	"\vAuthService\x126\n" +
 	"\x05Login\x12\x15.auth.v1.LoginRequest\x1a\x16.auth.v1.LoginResponse\x12<\n" +
 	"\aRefresh\x12\x17.auth.v1.RefreshRequest\x1a\x18.auth.v1.RefreshResponse\x12H\n" +
@@ -2036,9 +1806,7 @@ const file_sso_auth_proto_rawDesc = "" +
 	"\x06Logout\x12\x16.auth.v1.LogoutRequest\x1a\x17.auth.v1.LogoutResponse\x12>\n" +
 	"\vLogoutOther\x12\x16.auth.v1.LogoutRequest\x1a\x17.auth.v1.LogoutResponse\x12G\n" +
 	"\vGetSessions\x12\x1a.auth.v1.GetSessionRequest\x1a\x1c.auth.v1.GetSessionsResponse\x12W\n" +
-	"\x10TerminateSession\x12 .auth.v1.TerminateSessionRequest\x1a!.auth.v1.TerminateSessionResponse\x12Z\n" +
+	"\x10TerminateSession\x12 .auth.v1.TerminateSessionRequest\x1a!.auth.v1.TerminateSessionResponse\x12`\n" +
-	"\x11GenerateOauthCode\x12!.auth.v1.GenerateOauthCodeRequest\x1a\".auth.v1.GenerateOauthCodeResponse\x12Z\n" +
-	"\x11ExchangeOauthCode\x12!.auth.v1.ExchangeOauthCodeRequest\x1a\".auth.v1.ExchangeOauthCodeResponse\x12`\n" +
 	"\x13SystemCreateAccount\x12#.auth.v1.SystemCreateAccountRequest\x1a$.auth.v1.SystemCreateAccountResponse\x12]\n" +
 	"\x12SystemChangeStatus\x12\".auth.v1.SystemChangeStatusRequest\x1a#.auth.v1.SystemChangeStatusResponse\x12c\n" +
 	"\x14SystemUpdatePassword\x12$.auth.v1.SystemUpdatePasswordRequest\x1a%.auth.v1.SystemUpdatePasswordResponse\x12T\n" +
@@ -2059,7 +1827,7 @@ func file_sso_auth_proto_rawDescGZIP() []byte {
 	return file_sso_auth_proto_rawDescData
 }
 
-var file_sso_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 34)
+var file_sso_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 30)
 var file_sso_auth_proto_goTypes = []any{
 	(*LoginRequest)(nil),                 // 0: auth.v1.LoginRequest
 	(*LoginResponse)(nil),                // 1: auth.v1.LoginResponse
@@ -2076,29 +1844,25 @@ var file_sso_auth_proto_goTypes = []any{
 	(*GetSessionsResponse)(nil),          // 12: auth.v1.GetSessionsResponse
 	(*TerminateSessionRequest)(nil),      // 13: auth.v1.TerminateSessionRequest
 	(*TerminateSessionResponse)(nil),     // 14: auth.v1.TerminateSessionResponse
-	(*GenerateOauthCodeRequest)(nil),     // 15: auth.v1.GenerateOauthCodeRequest
+	(*SystemCreateAccountRequest)(nil),   // 15: auth.v1.SystemCreateAccountRequest
-	(*GenerateOauthCodeResponse)(nil),    // 16: auth.v1.GenerateOauthCodeResponse
+	(*SystemCreateAccountResponse)(nil),  // 16: auth.v1.SystemCreateAccountResponse
-	(*ExchangeOauthCodeRequest)(nil),     // 17: auth.v1.ExchangeOauthCodeRequest
+	(*SystemChangeStatusRequest)(nil),    // 17: auth.v1.SystemChangeStatusRequest
-	(*ExchangeOauthCodeResponse)(nil),    // 18: auth.v1.ExchangeOauthCodeResponse
+	(*SystemChangeStatusResponse)(nil),   // 18: auth.v1.SystemChangeStatusResponse
-	(*SystemCreateAccountRequest)(nil),   // 19: auth.v1.SystemCreateAccountRequest
+	(*SystemUpdatePasswordRequest)(nil),  // 19: auth.v1.SystemUpdatePasswordRequest
-	(*SystemCreateAccountResponse)(nil),  // 20: auth.v1.SystemCreateAccountResponse
+	(*SystemUpdatePasswordResponse)(nil), // 20: auth.v1.SystemUpdatePasswordResponse
-	(*SystemChangeStatusRequest)(nil),    // 21: auth.v1.SystemChangeStatusRequest
+	(*SystemUpdatePinRequest)(nil),       // 21: auth.v1.SystemUpdatePinRequest
-	(*SystemChangeStatusResponse)(nil),   // 22: auth.v1.SystemChangeStatusResponse
+	(*SystemUpdatePinResponse)(nil),      // 22: auth.v1.SystemUpdatePinResponse
-	(*SystemUpdatePasswordRequest)(nil),  // 23: auth.v1.SystemUpdatePasswordRequest
+	(*SystemBlockIpRequest)(nil),         // 23: auth.v1.SystemBlockIpRequest
-	(*SystemUpdatePasswordResponse)(nil), // 24: auth.v1.SystemUpdatePasswordResponse
+	(*SystemBlockIpResponse)(nil),        // 24: auth.v1.SystemBlockIpResponse
-	(*SystemUpdatePinRequest)(nil),       // 25: auth.v1.SystemUpdatePinRequest
+	(*SystemUnblockIpRequest)(nil),       // 25: auth.v1.SystemUnblockIpRequest
-	(*SystemUpdatePinResponse)(nil),      // 26: auth.v1.SystemUpdatePinResponse
+	(*SystemUnblockIpResponse)(nil),      // 26: auth.v1.SystemUnblockIpResponse
-	(*SystemBlockIpRequest)(nil),         // 27: auth.v1.SystemBlockIpRequest
+	(*SystemGetAllAccountsRequest)(nil),  // 27: auth.v1.SystemGetAllAccountsRequest
-	(*SystemBlockIpResponse)(nil),        // 28: auth.v1.SystemBlockIpResponse
+	(*AccountBasicItem)(nil),             // 28: auth.v1.AccountBasicItem
-	(*SystemUnblockIpRequest)(nil),       // 29: auth.v1.SystemUnblockIpRequest
+	(*SystemGetAllAccountsResponse)(nil), // 29: auth.v1.SystemGetAllAccountsResponse
-	(*SystemUnblockIpResponse)(nil),      // 30: auth.v1.SystemUnblockIpResponse
-	(*SystemGetAllAccountsRequest)(nil),  // 31: auth.v1.SystemGetAllAccountsRequest
-	(*AccountBasicItem)(nil),             // 32: auth.v1.AccountBasicItem
-	(*SystemGetAllAccountsResponse)(nil), // 33: auth.v1.SystemGetAllAccountsResponse
 }
 var file_sso_auth_proto_depIdxs = []int32{
 	11, // 0: auth.v1.GetSessionsResponse.sessions:type_name -> auth.v1.SessionItem
-	32, // 1: auth.v1.SystemGetAllAccountsResponse.accounts:type_name -> auth.v1.AccountBasicItem
+	28, // 1: auth.v1.SystemGetAllAccountsResponse.accounts:type_name -> auth.v1.AccountBasicItem
 	0,  // 2: auth.v1.AuthService.Login:input_type -> auth.v1.LoginRequest
 	2,  // 3: auth.v1.AuthService.Refresh:input_type -> auth.v1.RefreshRequest
 	6,  // 4: auth.v1.AuthService.VerifyToken:input_type -> auth.v1.VerifyTokenRequest
@@ -2107,34 +1871,30 @@ var file_sso_auth_proto_depIdxs = []int32{
 	4,  // 7: auth.v1.AuthService.LogoutOther:input_type -> auth.v1.LogoutRequest
 	10, // 8: auth.v1.AuthService.GetSessions:input_type -> auth.v1.GetSessionRequest
 	13, // 9: auth.v1.AuthService.TerminateSession:input_type -> auth.v1.TerminateSessionRequest
-	15, // 10: auth.v1.AuthService.GenerateOauthCode:input_type -> auth.v1.GenerateOauthCodeRequest
+	15, // 10: auth.v1.AuthService.SystemCreateAccount:input_type -> auth.v1.SystemCreateAccountRequest
-	17, // 11: auth.v1.AuthService.ExchangeOauthCode:input_type -> auth.v1.ExchangeOauthCodeRequest
+	17, // 11: auth.v1.AuthService.SystemChangeStatus:input_type -> auth.v1.SystemChangeStatusRequest
-	19, // 12: auth.v1.AuthService.SystemCreateAccount:input_type -> auth.v1.SystemCreateAccountRequest
+	19, // 12: auth.v1.AuthService.SystemUpdatePassword:input_type -> auth.v1.SystemUpdatePasswordRequest
-	21, // 13: auth.v1.AuthService.SystemChangeStatus:input_type -> auth.v1.SystemChangeStatusRequest
+	21, // 13: auth.v1.AuthService.SystemUpdatePin:input_type -> auth.v1.SystemUpdatePinRequest
-	23, // 14: auth.v1.AuthService.SystemUpdatePassword:input_type -> auth.v1.SystemUpdatePasswordRequest
+	23, // 14: auth.v1.AuthService.SystemBlockIp:input_type -> auth.v1.SystemBlockIpRequest
-	25, // 15: auth.v1.AuthService.SystemUpdatePin:input_type -> auth.v1.SystemUpdatePinRequest
+	25, // 15: auth.v1.AuthService.SystemUnblockIp:input_type -> auth.v1.SystemUnblockIpRequest
-	27, // 16: auth.v1.AuthService.SystemBlockIp:input_type -> auth.v1.SystemBlockIpRequest
+	27, // 16: auth.v1.AuthService.SystemGetAllAccounts:input_type -> auth.v1.SystemGetAllAccountsRequest
-	29, // 17: auth.v1.AuthService.SystemUnblockIp:input_type -> auth.v1.SystemUnblockIpRequest
+	1,  // 17: auth.v1.AuthService.Login:output_type -> auth.v1.LoginResponse
-	31, // 18: auth.v1.AuthService.SystemGetAllAccounts:input_type -> auth.v1.SystemGetAllAccountsRequest
+	3,  // 18: auth.v1.AuthService.Refresh:output_type -> auth.v1.RefreshResponse
-	1,  // 19: auth.v1.AuthService.Login:output_type -> auth.v1.LoginResponse
+	7,  // 19: auth.v1.AuthService.VerifyToken:output_type -> auth.v1.VerifyTokenResponse
-	3,  // 20: auth.v1.AuthService.Refresh:output_type -> auth.v1.RefreshResponse
+	9,  // 20: auth.v1.AuthService.GetAccountRoleLevel:output_type -> auth.v1.GetAccountRoleLevelResponse
-	7,  // 21: auth.v1.AuthService.VerifyToken:output_type -> auth.v1.VerifyTokenResponse
+	5,  // 21: auth.v1.AuthService.Logout:output_type -> auth.v1.LogoutResponse
-	9,  // 22: auth.v1.AuthService.GetAccountRoleLevel:output_type -> auth.v1.GetAccountRoleLevelResponse
+	5,  // 22: auth.v1.AuthService.LogoutOther:output_type -> auth.v1.LogoutResponse
-	5,  // 23: auth.v1.AuthService.Logout:output_type -> auth.v1.LogoutResponse
+	12, // 23: auth.v1.AuthService.GetSessions:output_type -> auth.v1.GetSessionsResponse
-	5,  // 24: auth.v1.AuthService.LogoutOther:output_type -> auth.v1.LogoutResponse
+	14, // 24: auth.v1.AuthService.TerminateSession:output_type -> auth.v1.TerminateSessionResponse
-	12, // 25: auth.v1.AuthService.GetSessions:output_type -> auth.v1.GetSessionsResponse
+	16, // 25: auth.v1.AuthService.SystemCreateAccount:output_type -> auth.v1.SystemCreateAccountResponse
-	14, // 26: auth.v1.AuthService.TerminateSession:output_type -> auth.v1.TerminateSessionResponse
+	18, // 26: auth.v1.AuthService.SystemChangeStatus:output_type -> auth.v1.SystemChangeStatusResponse
-	16, // 27: auth.v1.AuthService.GenerateOauthCode:output_type -> auth.v1.GenerateOauthCodeResponse
+	20, // 27: auth.v1.AuthService.SystemUpdatePassword:output_type -> auth.v1.SystemUpdatePasswordResponse
-	18, // 28: auth.v1.AuthService.ExchangeOauthCode:output_type -> auth.v1.ExchangeOauthCodeResponse
+	22, // 28: auth.v1.AuthService.SystemUpdatePin:output_type -> auth.v1.SystemUpdatePinResponse
-	20, // 29: auth.v1.AuthService.SystemCreateAccount:output_type -> auth.v1.SystemCreateAccountResponse
+	24, // 29: auth.v1.AuthService.SystemBlockIp:output_type -> auth.v1.SystemBlockIpResponse
-	22, // 30: auth.v1.AuthService.SystemChangeStatus:output_type -> auth.v1.SystemChangeStatusResponse
+	26, // 30: auth.v1.AuthService.SystemUnblockIp:output_type -> auth.v1.SystemUnblockIpResponse
-	24, // 31: auth.v1.AuthService.SystemUpdatePassword:output_type -> auth.v1.SystemUpdatePasswordResponse
+	29, // 31: auth.v1.AuthService.SystemGetAllAccounts:output_type -> auth.v1.SystemGetAllAccountsResponse
-	26, // 32: auth.v1.AuthService.SystemUpdatePin:output_type -> auth.v1.SystemUpdatePinResponse
+	17, // [17:32] is the sub-list for method output_type
-	28, // 33: auth.v1.AuthService.SystemBlockIp:output_type -> auth.v1.SystemBlockIpResponse
+	2,  // [2:17] is the sub-list for method input_type
-	30, // 34: auth.v1.AuthService.SystemUnblockIp:output_type -> auth.v1.SystemUnblockIpResponse
-	33, // 35: auth.v1.AuthService.SystemGetAllAccounts:output_type -> auth.v1.SystemGetAllAccountsResponse
-	19, // [19:36] is the sub-list for method output_type
-	2,  // [2:19] is the sub-list for method input_type
 	2,  // [2:2] is the sub-list for extension type_name
 	2,  // [2:2] is the sub-list for extension extendee
 	0,  // [0:2] is the sub-list for field type_name
@@ -2147,15 +1907,15 @@ func file_sso_auth_proto_init() {
 	}
 	file_sso_auth_proto_msgTypes[1].OneofWrappers = []any{}
 	file_sso_auth_proto_msgTypes[7].OneofWrappers = []any{}
-	file_sso_auth_proto_msgTypes[25].OneofWrappers = []any{}
+	file_sso_auth_proto_msgTypes[21].OneofWrappers = []any{}
-	file_sso_auth_proto_msgTypes[27].OneofWrappers = []any{}
+	file_sso_auth_proto_msgTypes[23].OneofWrappers = []any{}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: unsafe.Slice(unsafe.StringData(file_sso_auth_proto_rawDesc), len(file_sso_auth_proto_rawDesc)),
 			NumEnums:      0,
-			NumMessages:   34,
+			NumMessages:   30,
 			NumExtensions: 0,
 			NumServices:   1,
 		},

gen/go/sso/auth_grpc.pb.go

@@ -27,8 +27,6 @@ const (
 	AuthService_LogoutOther_FullMethodName          = "/auth.v1.AuthService/LogoutOther"
 	AuthService_GetSessions_FullMethodName          = "/auth.v1.AuthService/GetSessions"
 	AuthService_TerminateSession_FullMethodName     = "/auth.v1.AuthService/TerminateSession"
-	AuthService_GenerateOauthCode_FullMethodName    = "/auth.v1.AuthService/GenerateOauthCode"
-	AuthService_ExchangeOauthCode_FullMethodName    = "/auth.v1.AuthService/ExchangeOauthCode"
 	AuthService_SystemCreateAccount_FullMethodName  = "/auth.v1.AuthService/SystemCreateAccount"
 	AuthService_SystemChangeStatus_FullMethodName   = "/auth.v1.AuthService/SystemChangeStatus"
 	AuthService_SystemUpdatePassword_FullMethodName = "/auth.v1.AuthService/SystemUpdatePassword"
@@ -50,9 +48,6 @@ type AuthServiceClient interface {
 	LogoutOther(ctx context.Context, in *LogoutRequest, opts ...grpc.CallOption) (*LogoutResponse, error)
 	GetSessions(ctx context.Context, in *GetSessionRequest, opts ...grpc.CallOption) (*GetSessionsResponse, error)
 	TerminateSession(ctx context.Context, in *TerminateSessionRequest, opts ...grpc.CallOption) (*TerminateSessionResponse, error)
-	// === OAuth2 SSO ===
-	GenerateOauthCode(ctx context.Context, in *GenerateOauthCodeRequest, opts ...grpc.CallOption) (*GenerateOauthCodeResponse, error)
-	ExchangeOauthCode(ctx context.Context, in *ExchangeOauthCodeRequest, opts ...grpc.CallOption) (*ExchangeOauthCodeResponse, error)
 	// Системные методы для админа
 	SystemCreateAccount(ctx context.Context, in *SystemCreateAccountRequest, opts ...grpc.CallOption) (*SystemCreateAccountResponse, error)
 	SystemChangeStatus(ctx context.Context, in *SystemChangeStatusRequest, opts ...grpc.CallOption) (*SystemChangeStatusResponse, error)
@@ -151,26 +146,6 @@ func (c *authServiceClient) TerminateSession(ctx context.Context, in *TerminateS
 	return out, nil
 }
 
-func (c *authServiceClient) GenerateOauthCode(ctx context.Context, in *GenerateOauthCodeRequest, opts ...grpc.CallOption) (*GenerateOauthCodeResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(GenerateOauthCodeResponse)
-	err := c.cc.Invoke(ctx, AuthService_GenerateOauthCode_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
-func (c *authServiceClient) ExchangeOauthCode(ctx context.Context, in *ExchangeOauthCodeRequest, opts ...grpc.CallOption) (*ExchangeOauthCodeResponse, error) {
-	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(ExchangeOauthCodeResponse)
-	err := c.cc.Invoke(ctx, AuthService_ExchangeOauthCode_FullMethodName, in, out, cOpts...)
-	if err != nil {
-		return nil, err
-	}
-	return out, nil
-}
-
 func (c *authServiceClient) SystemCreateAccount(ctx context.Context, in *SystemCreateAccountRequest, opts ...grpc.CallOption) (*SystemCreateAccountResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
 	out := new(SystemCreateAccountResponse)
@@ -253,9 +228,6 @@ type AuthServiceServer interface {
 	LogoutOther(context.Context, *LogoutRequest) (*LogoutResponse, error)
 	GetSessions(context.Context, *GetSessionRequest) (*GetSessionsResponse, error)
 	TerminateSession(context.Context, *TerminateSessionRequest) (*TerminateSessionResponse, error)
-	// === OAuth2 SSO ===
-	GenerateOauthCode(context.Context, *GenerateOauthCodeRequest) (*GenerateOauthCodeResponse, error)
-	ExchangeOauthCode(context.Context, *ExchangeOauthCodeRequest) (*ExchangeOauthCodeResponse, error)
 	// Системные методы для админа
 	SystemCreateAccount(context.Context, *SystemCreateAccountRequest) (*SystemCreateAccountResponse, error)
 	SystemChangeStatus(context.Context, *SystemChangeStatusRequest) (*SystemChangeStatusResponse, error)
@@ -298,12 +270,6 @@ func (UnimplementedAuthServiceServer) GetSessions(context.Context, *GetSessionRe
 func (UnimplementedAuthServiceServer) TerminateSession(context.Context, *TerminateSessionRequest) (*TerminateSessionResponse, error) {
 	return nil, status.Error(codes.Unimplemented, "method TerminateSession not implemented")
 }
-func (UnimplementedAuthServiceServer) GenerateOauthCode(context.Context, *GenerateOauthCodeRequest) (*GenerateOauthCodeResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method GenerateOauthCode not implemented")
-}
-func (UnimplementedAuthServiceServer) ExchangeOauthCode(context.Context, *ExchangeOauthCodeRequest) (*ExchangeOauthCodeResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method ExchangeOauthCode not implemented")
-}
 func (UnimplementedAuthServiceServer) SystemCreateAccount(context.Context, *SystemCreateAccountRequest) (*SystemCreateAccountResponse, error) {
 	return nil, status.Error(codes.Unimplemented, "method SystemCreateAccount not implemented")
 }
@@ -490,42 +456,6 @@ func _AuthService_TerminateSession_Handler(srv interface{}, ctx context.Context,
 	return interceptor(ctx, in, info, handler)
 }
 
-func _AuthService_GenerateOauthCode_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(GenerateOauthCodeRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(AuthServiceServer).GenerateOauthCode(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: AuthService_GenerateOauthCode_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(AuthServiceServer).GenerateOauthCode(ctx, req.(*GenerateOauthCodeRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
-func _AuthService_ExchangeOauthCode_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(ExchangeOauthCodeRequest)
-	if err := dec(in); err != nil {
-		return nil, err
-	}
-	if interceptor == nil {
-		return srv.(AuthServiceServer).ExchangeOauthCode(ctx, in)
-	}
-	info := &grpc.UnaryServerInfo{
-		Server:     srv,
-		FullMethod: AuthService_ExchangeOauthCode_FullMethodName,
-	}
-	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(AuthServiceServer).ExchangeOauthCode(ctx, req.(*ExchangeOauthCodeRequest))
-	}
-	return interceptor(ctx, in, info, handler)
-}
-
 func _AuthService_SystemCreateAccount_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
 	in := new(SystemCreateAccountRequest)
 	if err := dec(in); err != nil {
@@ -691,14 +621,6 @@ var AuthService_ServiceDesc = grpc.ServiceDesc{
 			MethodName: "TerminateSession",
 			Handler:    _AuthService_TerminateSession_Handler,
 		},
-		{
-			MethodName: "GenerateOauthCode",
-			Handler:    _AuthService_GenerateOauthCode_Handler,
-		},
-		{
-			MethodName: "ExchangeOauthCode",
-			Handler:    _AuthService_ExchangeOauthCode_Handler,
-		},
 		{
 			MethodName: "SystemCreateAccount",
 			Handler:    _AuthService_SystemCreateAccount_Handler,

gen/go/sso/oauth_grpc.pb.go

@@ -0,0 +1,353 @@
+// Code generated by protoc-gen-go-grpc. DO NOT EDIT.
+// versions:
+// - protoc-gen-go-grpc v1.6.1
+// - protoc             v4.25.9
+// source: sso/oauth.proto
+
+package pb
+
+import (
+	context "context"
+	grpc "google.golang.org/grpc"
+	codes "google.golang.org/grpc/codes"
+	status "google.golang.org/grpc/status"
+)
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the grpc package it is being compiled against.
+// Requires gRPC-Go v1.64.0 or later.
+const _ = grpc.SupportPackageIsVersion9
+
+const (
+	OauthService_GenerateOauthCode_FullMethodName       = "/oauth.v1.OauthService/GenerateOauthCode"
+	OauthService_ExchangeOauthCode_FullMethodName       = "/oauth.v1.OauthService/ExchangeOauthCode"
+	OauthService_SystemCreateOauthClient_FullMethodName = "/oauth.v1.OauthService/SystemCreateOauthClient"
+	OauthService_SystemGetOauthClients_FullMethodName   = "/oauth.v1.OauthService/SystemGetOauthClients"
+	OauthService_SystemUpdateOauthClient_FullMethodName = "/oauth.v1.OauthService/SystemUpdateOauthClient"
+	OauthService_SystemResetOauthSecret_FullMethodName  = "/oauth.v1.OauthService/SystemResetOauthSecret"
+	OauthService_SystemDeleteOauthClient_FullMethodName = "/oauth.v1.OauthService/SystemDeleteOauthClient"
+)
+
+// OauthServiceClient is the client API for OauthService service.
+//
+// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
+type OauthServiceClient interface {
+	// === Базовый SSO (вызывается из Gateway / Графаны) ===
+	GenerateOauthCode(ctx context.Context, in *GenerateOauthCodeRequest, opts ...grpc.CallOption) (*GenerateOauthCodeResponse, error)
+	ExchangeOauthCode(ctx context.Context, in *ExchangeOauthCodeRequest, opts ...grpc.CallOption) (*ExchangeOauthCodeResponse, error)
+	// === Системные методы для Админки (Управление клиентами) ===
+	SystemCreateOauthClient(ctx context.Context, in *SystemCreateOauthClientRequest, opts ...grpc.CallOption) (*SystemCreateOauthClientResponse, error)
+	SystemGetOauthClients(ctx context.Context, in *SystemGetOauthClientsRequest, opts ...grpc.CallOption) (*SystemGetOauthClientsResponse, error)
+	SystemUpdateOauthClient(ctx context.Context, in *SystemUpdateOauthClientRequest, opts ...grpc.CallOption) (*SystemUpdateOauthClientResponse, error)
+	SystemResetOauthSecret(ctx context.Context, in *SystemResetOauthSecretRequest, opts ...grpc.CallOption) (*SystemResetOauthSecretResponse, error)
+	SystemDeleteOauthClient(ctx context.Context, in *SystemDeleteOauthClientRequest, opts ...grpc.CallOption) (*SystemDeleteOauthClientResponse, error)
+}
+
+type oauthServiceClient struct {
+	cc grpc.ClientConnInterface
+}
+
+func NewOauthServiceClient(cc grpc.ClientConnInterface) OauthServiceClient {
+	return &oauthServiceClient{cc}
+}
+
+func (c *oauthServiceClient) GenerateOauthCode(ctx context.Context, in *GenerateOauthCodeRequest, opts ...grpc.CallOption) (*GenerateOauthCodeResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(GenerateOauthCodeResponse)
+	err := c.cc.Invoke(ctx, OauthService_GenerateOauthCode_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *oauthServiceClient) ExchangeOauthCode(ctx context.Context, in *ExchangeOauthCodeRequest, opts ...grpc.CallOption) (*ExchangeOauthCodeResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(ExchangeOauthCodeResponse)
+	err := c.cc.Invoke(ctx, OauthService_ExchangeOauthCode_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *oauthServiceClient) SystemCreateOauthClient(ctx context.Context, in *SystemCreateOauthClientRequest, opts ...grpc.CallOption) (*SystemCreateOauthClientResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(SystemCreateOauthClientResponse)
+	err := c.cc.Invoke(ctx, OauthService_SystemCreateOauthClient_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *oauthServiceClient) SystemGetOauthClients(ctx context.Context, in *SystemGetOauthClientsRequest, opts ...grpc.CallOption) (*SystemGetOauthClientsResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(SystemGetOauthClientsResponse)
+	err := c.cc.Invoke(ctx, OauthService_SystemGetOauthClients_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *oauthServiceClient) SystemUpdateOauthClient(ctx context.Context, in *SystemUpdateOauthClientRequest, opts ...grpc.CallOption) (*SystemUpdateOauthClientResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(SystemUpdateOauthClientResponse)
+	err := c.cc.Invoke(ctx, OauthService_SystemUpdateOauthClient_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *oauthServiceClient) SystemResetOauthSecret(ctx context.Context, in *SystemResetOauthSecretRequest, opts ...grpc.CallOption) (*SystemResetOauthSecretResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(SystemResetOauthSecretResponse)
+	err := c.cc.Invoke(ctx, OauthService_SystemResetOauthSecret_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+func (c *oauthServiceClient) SystemDeleteOauthClient(ctx context.Context, in *SystemDeleteOauthClientRequest, opts ...grpc.CallOption) (*SystemDeleteOauthClientResponse, error) {
+	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
+	out := new(SystemDeleteOauthClientResponse)
+	err := c.cc.Invoke(ctx, OauthService_SystemDeleteOauthClient_FullMethodName, in, out, cOpts...)
+	if err != nil {
+		return nil, err
+	}
+	return out, nil
+}
+
+// OauthServiceServer is the server API for OauthService service.
+// All implementations must embed UnimplementedOauthServiceServer
+// for forward compatibility.
+type OauthServiceServer interface {
+	// === Базовый SSO (вызывается из Gateway / Графаны) ===
+	GenerateOauthCode(context.Context, *GenerateOauthCodeRequest) (*GenerateOauthCodeResponse, error)
+	ExchangeOauthCode(context.Context, *ExchangeOauthCodeRequest) (*ExchangeOauthCodeResponse, error)
+	// === Системные методы для Админки (Управление клиентами) ===
+	SystemCreateOauthClient(context.Context, *SystemCreateOauthClientRequest) (*SystemCreateOauthClientResponse, error)
+	SystemGetOauthClients(context.Context, *SystemGetOauthClientsRequest) (*SystemGetOauthClientsResponse, error)
+	SystemUpdateOauthClient(context.Context, *SystemUpdateOauthClientRequest) (*SystemUpdateOauthClientResponse, error)
+	SystemResetOauthSecret(context.Context, *SystemResetOauthSecretRequest) (*SystemResetOauthSecretResponse, error)
+	SystemDeleteOauthClient(context.Context, *SystemDeleteOauthClientRequest) (*SystemDeleteOauthClientResponse, error)
+	mustEmbedUnimplementedOauthServiceServer()
+}
+
+// UnimplementedOauthServiceServer must be embedded to have
+// forward compatible implementations.
+//
+// NOTE: this should be embedded by value instead of pointer to avoid a nil
+// pointer dereference when methods are called.
+type UnimplementedOauthServiceServer struct{}
+
+func (UnimplementedOauthServiceServer) GenerateOauthCode(context.Context, *GenerateOauthCodeRequest) (*GenerateOauthCodeResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method GenerateOauthCode not implemented")
+}
+func (UnimplementedOauthServiceServer) ExchangeOauthCode(context.Context, *ExchangeOauthCodeRequest) (*ExchangeOauthCodeResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method ExchangeOauthCode not implemented")
+}
+func (UnimplementedOauthServiceServer) SystemCreateOauthClient(context.Context, *SystemCreateOauthClientRequest) (*SystemCreateOauthClientResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method SystemCreateOauthClient not implemented")
+}
+func (UnimplementedOauthServiceServer) SystemGetOauthClients(context.Context, *SystemGetOauthClientsRequest) (*SystemGetOauthClientsResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method SystemGetOauthClients not implemented")
+}
+func (UnimplementedOauthServiceServer) SystemUpdateOauthClient(context.Context, *SystemUpdateOauthClientRequest) (*SystemUpdateOauthClientResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method SystemUpdateOauthClient not implemented")
+}
+func (UnimplementedOauthServiceServer) SystemResetOauthSecret(context.Context, *SystemResetOauthSecretRequest) (*SystemResetOauthSecretResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method SystemResetOauthSecret not implemented")
+}
+func (UnimplementedOauthServiceServer) SystemDeleteOauthClient(context.Context, *SystemDeleteOauthClientRequest) (*SystemDeleteOauthClientResponse, error) {
+	return nil, status.Error(codes.Unimplemented, "method SystemDeleteOauthClient not implemented")
+}
+func (UnimplementedOauthServiceServer) mustEmbedUnimplementedOauthServiceServer() {}
+func (UnimplementedOauthServiceServer) testEmbeddedByValue()                      {}
+
+// UnsafeOauthServiceServer may be embedded to opt out of forward compatibility for this service.
+// Use of this interface is not recommended, as added methods to OauthServiceServer will
+// result in compilation errors.
+type UnsafeOauthServiceServer interface {
+	mustEmbedUnimplementedOauthServiceServer()
+}
+
+func RegisterOauthServiceServer(s grpc.ServiceRegistrar, srv OauthServiceServer) {
+	// If the following call panics, it indicates UnimplementedOauthServiceServer was
+	// embedded by pointer and is nil.  This will cause panics if an
+	// unimplemented method is ever invoked, so we test this at initialization
+	// time to prevent it from happening at runtime later due to I/O.
+	if t, ok := srv.(interface{ testEmbeddedByValue() }); ok {
+		t.testEmbeddedByValue()
+	}
+	s.RegisterService(&OauthService_ServiceDesc, srv)
+}
+
+func _OauthService_GenerateOauthCode_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(GenerateOauthCodeRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).GenerateOauthCode(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_GenerateOauthCode_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).GenerateOauthCode(ctx, req.(*GenerateOauthCodeRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _OauthService_ExchangeOauthCode_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(ExchangeOauthCodeRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).ExchangeOauthCode(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_ExchangeOauthCode_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).ExchangeOauthCode(ctx, req.(*ExchangeOauthCodeRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _OauthService_SystemCreateOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(SystemCreateOauthClientRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).SystemCreateOauthClient(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_SystemCreateOauthClient_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).SystemCreateOauthClient(ctx, req.(*SystemCreateOauthClientRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _OauthService_SystemGetOauthClients_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(SystemGetOauthClientsRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).SystemGetOauthClients(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_SystemGetOauthClients_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).SystemGetOauthClients(ctx, req.(*SystemGetOauthClientsRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _OauthService_SystemUpdateOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(SystemUpdateOauthClientRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).SystemUpdateOauthClient(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_SystemUpdateOauthClient_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).SystemUpdateOauthClient(ctx, req.(*SystemUpdateOauthClientRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _OauthService_SystemResetOauthSecret_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(SystemResetOauthSecretRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).SystemResetOauthSecret(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_SystemResetOauthSecret_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).SystemResetOauthSecret(ctx, req.(*SystemResetOauthSecretRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+func _OauthService_SystemDeleteOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+	in := new(SystemDeleteOauthClientRequest)
+	if err := dec(in); err != nil {
+		return nil, err
+	}
+	if interceptor == nil {
+		return srv.(OauthServiceServer).SystemDeleteOauthClient(ctx, in)
+	}
+	info := &grpc.UnaryServerInfo{
+		Server:     srv,
+		FullMethod: OauthService_SystemDeleteOauthClient_FullMethodName,
+	}
+	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
+		return srv.(OauthServiceServer).SystemDeleteOauthClient(ctx, req.(*SystemDeleteOauthClientRequest))
+	}
+	return interceptor(ctx, in, info, handler)
+}
+
+// OauthService_ServiceDesc is the grpc.ServiceDesc for OauthService service.
+// It's only intended for direct use with grpc.RegisterService,
+// and not to be introspected or modified (even as a copy)
+var OauthService_ServiceDesc = grpc.ServiceDesc{
+	ServiceName: "oauth.v1.OauthService",
+	HandlerType: (*OauthServiceServer)(nil),
+	Methods: []grpc.MethodDesc{
+		{
+			MethodName: "GenerateOauthCode",
+			Handler:    _OauthService_GenerateOauthCode_Handler,
+		},
+		{
+			MethodName: "ExchangeOauthCode",
+			Handler:    _OauthService_ExchangeOauthCode_Handler,
+		},
+		{
+			MethodName: "SystemCreateOauthClient",
+			Handler:    _OauthService_SystemCreateOauthClient_Handler,
+		},
+		{
+			MethodName: "SystemGetOauthClients",
+			Handler:    _OauthService_SystemGetOauthClients_Handler,
+		},
+		{
+			MethodName: "SystemUpdateOauthClient",
+			Handler:    _OauthService_SystemUpdateOauthClient_Handler,
+		},
+		{
+			MethodName: "SystemResetOauthSecret",
+			Handler:    _OauthService_SystemResetOauthSecret_Handler,
+		},
+		{
+			MethodName: "SystemDeleteOauthClient",
+			Handler:    _OauthService_SystemDeleteOauthClient_Handler,
+		},
+	},
+	Streams:  []grpc.StreamDesc{},
+	Metadata: "sso/oauth.proto",
+}

gen/sso/auth.ts

@@ -106,27 +106,6 @@ export interface TerminateSessionResponse {
   message: string;
 }
 
-export interface GenerateOauthCodeRequest {
-  userId: string;
-  clientId: string;
-  redirectUri: string;
-}
-
-export interface GenerateOauthCodeResponse {
-  code: string;
-}
-
-export interface ExchangeOauthCodeRequest {
-  code: string;
-  clientId: string;
-  clientSecret: string;
-}
-
-export interface ExchangeOauthCodeResponse {
-  accessToken: string;
-  expiresIn: number;
-}
-
 export interface SystemCreateAccountRequest {
   username: string;
   /** Хеш пароля генерирует Admin Service и передает сюда */
@@ -223,12 +202,6 @@ export interface AuthServiceClient {
 
   terminateSession(request: TerminateSessionRequest, metadata?: Metadata): Observable<TerminateSessionResponse>;
 
-  /** === OAuth2 SSO === */
-
-  generateOauthCode(request: GenerateOauthCodeRequest, metadata?: Metadata): Observable<GenerateOauthCodeResponse>;
-
-  exchangeOauthCode(request: ExchangeOauthCodeRequest, metadata?: Metadata): Observable<ExchangeOauthCodeResponse>;
-
   /** Системные методы для админа */
 
   systemCreateAccount(
@@ -293,18 +266,6 @@ export interface AuthServiceController {
     metadata?: Metadata,
   ): Promise<TerminateSessionResponse> | Observable<TerminateSessionResponse> | TerminateSessionResponse;
 
-  /** === OAuth2 SSO === */
-
-  generateOauthCode(
-    request: GenerateOauthCodeRequest,
-    metadata?: Metadata,
-  ): Promise<GenerateOauthCodeResponse> | Observable<GenerateOauthCodeResponse> | GenerateOauthCodeResponse;
-
-  exchangeOauthCode(
-    request: ExchangeOauthCodeRequest,
-    metadata?: Metadata,
-  ): Promise<ExchangeOauthCodeResponse> | Observable<ExchangeOauthCodeResponse> | ExchangeOauthCodeResponse;
-
   /** Системные методы для админа */
 
   systemCreateAccount(
@@ -354,8 +315,6 @@ export function AuthServiceControllerMethods() {
       "logoutOther",
       "getSessions",
       "terminateSession",
-      "generateOauthCode",
-      "exchangeOauthCode",
       "systemCreateAccount",
       "systemChangeStatus",
       "systemUpdatePassword",

gen/sso/oauth.ts

@@ -0,0 +1,221 @@
+// Code generated by protoc-gen-ts_proto. DO NOT EDIT.
+// versions:
+//   protoc-gen-ts_proto  v2.11.6
+//   protoc               v4.25.9
+// source: sso/oauth.proto
+
+/* eslint-disable */
+import type { Metadata } from "@grpc/grpc-js";
+import { GrpcMethod, GrpcStreamMethod } from "@nestjs/microservices";
+import { Observable } from "rxjs";
+
+export const protobufPackage = "oauth.v1";
+
+export interface GenerateOauthCodeRequest {
+  userId: string;
+  clientId: string;
+  redirectUri: string;
+}
+
+export interface GenerateOauthCodeResponse {
+  code: string;
+}
+
+export interface ExchangeOauthCodeRequest {
+  code: string;
+  clientId: string;
+  clientSecret: string;
+}
+
+export interface ExchangeOauthCodeResponse {
+  accessToken: string;
+  expiresIn: number;
+}
+
+export interface SystemCreateOauthClientRequest {
+  /** Название приложения (например, "Grafana Analytics") */
+  name: string;
+  /** Список разрешенных коллбеков */
+  redirectUris: string[];
+  /** Описание (для админки) */
+  description?: string | undefined;
+}
+
+export interface SystemCreateOauthClientResponse {
+  /** Внутренний ID в базе */
+  id: string;
+  name: string;
+  /** Публичный ID клиента (app_...) */
+  clientId: string;
+  /** ВАЖНО: Чистый секрет. Отдается ТОЛЬКО здесь один раз! */
+  plainSecret: string;
+  redirectUris: string[];
+}
+
+export interface OauthClientItem {
+  id: string;
+  name: string;
+  clientId: string;
+  redirectUris: string[];
+  description?:
+    | string
+    | undefined;
+  /** Обратите внимание: поля secret здесь нет! Секрет нельзя получить списком. */
+  createdAt: number;
+}
+
+export interface SystemGetOauthClientsRequest {
+  limit: number;
+  offset: number;
+}
+
+export interface SystemGetOauthClientsResponse {
+  clients: OauthClientItem[];
+  total: number;
+}
+
+export interface SystemUpdateOauthClientRequest {
+  clientId: string;
+  name?:
+    | string
+    | undefined;
+  /** Если передано, полностью перезаписывает старые */
+  redirectUris: string[];
+  description?: string | undefined;
+}
+
+export interface SystemUpdateOauthClientResponse {
+  success: boolean;
+}
+
+export interface SystemResetOauthSecretRequest {
+  clientId: string;
+}
+
+export interface SystemResetOauthSecretResponse {
+  /** Возвращаем новый сгенерированный секрет */
+  newPlainSecret: string;
+}
+
+export interface SystemDeleteOauthClientRequest {
+  clientId: string;
+}
+
+export interface SystemDeleteOauthClientResponse {
+  success: boolean;
+}
+
+export const OAUTH_V1_PACKAGE_NAME = "oauth.v1";
+
+export interface OauthServiceClient {
+  /** === Базовый SSO (вызывается из Gateway / Графаны) === */
+
+  generateOauthCode(request: GenerateOauthCodeRequest, metadata?: Metadata): Observable<GenerateOauthCodeResponse>;
+
+  exchangeOauthCode(request: ExchangeOauthCodeRequest, metadata?: Metadata): Observable<ExchangeOauthCodeResponse>;
+
+  /** === Системные методы для Админки (Управление клиентами) === */
+
+  systemCreateOauthClient(
+    request: SystemCreateOauthClientRequest,
+    metadata?: Metadata,
+  ): Observable<SystemCreateOauthClientResponse>;
+
+  systemGetOauthClients(
+    request: SystemGetOauthClientsRequest,
+    metadata?: Metadata,
+  ): Observable<SystemGetOauthClientsResponse>;
+
+  systemUpdateOauthClient(
+    request: SystemUpdateOauthClientRequest,
+    metadata?: Metadata,
+  ): Observable<SystemUpdateOauthClientResponse>;
+
+  systemResetOauthSecret(
+    request: SystemResetOauthSecretRequest,
+    metadata?: Metadata,
+  ): Observable<SystemResetOauthSecretResponse>;
+
+  systemDeleteOauthClient(
+    request: SystemDeleteOauthClientRequest,
+    metadata?: Metadata,
+  ): Observable<SystemDeleteOauthClientResponse>;
+}
+
+export interface OauthServiceController {
+  /** === Базовый SSO (вызывается из Gateway / Графаны) === */
+
+  generateOauthCode(
+    request: GenerateOauthCodeRequest,
+    metadata?: Metadata,
+  ): Promise<GenerateOauthCodeResponse> | Observable<GenerateOauthCodeResponse> | GenerateOauthCodeResponse;
+
+  exchangeOauthCode(
+    request: ExchangeOauthCodeRequest,
+    metadata?: Metadata,
+  ): Promise<ExchangeOauthCodeResponse> | Observable<ExchangeOauthCodeResponse> | ExchangeOauthCodeResponse;
+
+  /** === Системные методы для Админки (Управление клиентами) === */
+
+  systemCreateOauthClient(
+    request: SystemCreateOauthClientRequest,
+    metadata?: Metadata,
+  ):
+    | Promise<SystemCreateOauthClientResponse>
+    | Observable<SystemCreateOauthClientResponse>
+    | SystemCreateOauthClientResponse;
+
+  systemGetOauthClients(
+    request: SystemGetOauthClientsRequest,
+    metadata?: Metadata,
+  ): Promise<SystemGetOauthClientsResponse> | Observable<SystemGetOauthClientsResponse> | SystemGetOauthClientsResponse;
+
+  systemUpdateOauthClient(
+    request: SystemUpdateOauthClientRequest,
+    metadata?: Metadata,
+  ):
+    | Promise<SystemUpdateOauthClientResponse>
+    | Observable<SystemUpdateOauthClientResponse>
+    | SystemUpdateOauthClientResponse;
+
+  systemResetOauthSecret(
+    request: SystemResetOauthSecretRequest,
+    metadata?: Metadata,
+  ):
+    | Promise<SystemResetOauthSecretResponse>
+    | Observable<SystemResetOauthSecretResponse>
+    | SystemResetOauthSecretResponse;
+
+  systemDeleteOauthClient(
+    request: SystemDeleteOauthClientRequest,
+    metadata?: Metadata,
+  ):
+    | Promise<SystemDeleteOauthClientResponse>
+    | Observable<SystemDeleteOauthClientResponse>
+    | SystemDeleteOauthClientResponse;
+}
+
+export function OauthServiceControllerMethods() {
+  return function (constructor: Function) {
+    const grpcMethods: string[] = [
+      "generateOauthCode",
+      "exchangeOauthCode",
+      "systemCreateOauthClient",
+      "systemGetOauthClients",
+      "systemUpdateOauthClient",
+      "systemResetOauthSecret",
+      "systemDeleteOauthClient",
+    ];
+    for (const method of grpcMethods) {
+      const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);
+      GrpcMethod("OauthService", method)(constructor.prototype[method], method, descriptor);
+    }
+    const grpcStreamMethods: string[] = [];
+    for (const method of grpcStreamMethods) {
+      const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);
+      GrpcStreamMethod("OauthService", method)(constructor.prototype[method], method, descriptor);
+    }
+  };
+}
+
+export const OAUTH_SERVICE_NAME = "OauthService";