chore: auto-generate protobuf files [skip ci]

gen/go/sso/oauth.pb.go

@@ -21,6 +21,7 @@ const (
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 
+// --- Сообщения для базового SSO ---
 type GenerateOauthCodeRequest struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	UserId        string                 `protobuf:"bytes,1,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"`
@@ -237,29 +238,31 @@ func (x *ExchangeOauthCodeResponse) GetExpiresIn() int32 {
 	return 0
 }
 
-type SystemCreateOauthClientRequest struct {
+// --- Сообщения для управления клиентами ---
+type CreateOauthClientRequest struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
-	Name          string                 `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`                                     // Название приложения (например, "Grafana Analytics")
+	OwnerId       string                 `protobuf:"bytes,1,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
-	RedirectUris  []string               `protobuf:"bytes,2,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"` // Список разрешенных коллбеков
+	Name          string                 `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
-	Description   *string                `protobuf:"bytes,3,opt,name=description,proto3,oneof" json:"description,omitempty"`                 // Описание (для админки)
+	RedirectUris  []string               `protobuf:"bytes,3,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
+	Description   *string                `protobuf:"bytes,4,opt,name=description,proto3,oneof" json:"description,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemCreateOauthClientRequest) Reset() {
+func (x *CreateOauthClientRequest) Reset() {
-	*x = SystemCreateOauthClientRequest{}
+	*x = CreateOauthClientRequest{}
 	mi := &file_sso_oauth_proto_msgTypes[4]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemCreateOauthClientRequest) String() string {
+func (x *CreateOauthClientRequest) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemCreateOauthClientRequest) ProtoMessage() {}
+func (*CreateOauthClientRequest) ProtoMessage() {}
 
-func (x *SystemCreateOauthClientRequest) ProtoReflect() protoreflect.Message {
+func (x *CreateOauthClientRequest) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[4]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -271,57 +274,65 @@ func (x *SystemCreateOauthClientRequest) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemCreateOauthClientRequest.ProtoReflect.Descriptor instead.
+// Deprecated: Use CreateOauthClientRequest.ProtoReflect.Descriptor instead.
-func (*SystemCreateOauthClientRequest) Descriptor() ([]byte, []int) {
+func (*CreateOauthClientRequest) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{4}
 }
 
-func (x *SystemCreateOauthClientRequest) GetName() string {
+func (x *CreateOauthClientRequest) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
+func (x *CreateOauthClientRequest) GetName() string {
 	if x != nil {
 		return x.Name
 	}
 	return ""
 }
 
-func (x *SystemCreateOauthClientRequest) GetRedirectUris() []string {
+func (x *CreateOauthClientRequest) GetRedirectUris() []string {
 	if x != nil {
 		return x.RedirectUris
 	}
 	return nil
 }
 
-func (x *SystemCreateOauthClientRequest) GetDescription() string {
+func (x *CreateOauthClientRequest) GetDescription() string {
 	if x != nil && x.Description != nil {
 		return *x.Description
 	}
 	return ""
 }
 
-type SystemCreateOauthClientResponse struct {
+type CreateOauthClientResponse struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
-	Id            string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // Внутренний ID в базе
+	Id            string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
 	Name          string                 `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"`
-	ClientId      string                 `protobuf:"bytes,3,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`          // Публичный ID клиента (app_...)
+	ClientId      string                 `protobuf:"bytes,3,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
-	PlainSecret   string                 `protobuf:"bytes,4,opt,name=plain_secret,json=plainSecret,proto3" json:"plain_secret,omitempty"` // ВАЖНО: Чистый секрет. Отдается ТОЛЬКО здесь один раз!
+	PlainSecret   string                 `protobuf:"bytes,4,opt,name=plain_secret,json=plainSecret,proto3" json:"plain_secret,omitempty"` // Отдается ТОЛЬКО здесь один раз
 	RedirectUris  []string               `protobuf:"bytes,5,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
+	OwnerId       string                 `protobuf:"bytes,6,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemCreateOauthClientResponse) Reset() {
+func (x *CreateOauthClientResponse) Reset() {
-	*x = SystemCreateOauthClientResponse{}
+	*x = CreateOauthClientResponse{}
 	mi := &file_sso_oauth_proto_msgTypes[5]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemCreateOauthClientResponse) String() string {
+func (x *CreateOauthClientResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemCreateOauthClientResponse) ProtoMessage() {}
+func (*CreateOauthClientResponse) ProtoMessage() {}
 
-func (x *SystemCreateOauthClientResponse) ProtoReflect() protoreflect.Message {
+func (x *CreateOauthClientResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[5]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -333,46 +344,121 @@ func (x *SystemCreateOauthClientResponse) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemCreateOauthClientResponse.ProtoReflect.Descriptor instead.
+// Deprecated: Use CreateOauthClientResponse.ProtoReflect.Descriptor instead.
-func (*SystemCreateOauthClientResponse) Descriptor() ([]byte, []int) {
+func (*CreateOauthClientResponse) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{5}
 }
 
-func (x *SystemCreateOauthClientResponse) GetId() string {
+func (x *CreateOauthClientResponse) GetId() string {
 	if x != nil {
 		return x.Id
 	}
 	return ""
 }
 
-func (x *SystemCreateOauthClientResponse) GetName() string {
+func (x *CreateOauthClientResponse) GetName() string {
 	if x != nil {
 		return x.Name
 	}
 	return ""
 }
 
-func (x *SystemCreateOauthClientResponse) GetClientId() string {
+func (x *CreateOauthClientResponse) GetClientId() string {
 	if x != nil {
 		return x.ClientId
 	}
 	return ""
 }
 
-func (x *SystemCreateOauthClientResponse) GetPlainSecret() string {
+func (x *CreateOauthClientResponse) GetPlainSecret() string {
 	if x != nil {
 		return x.PlainSecret
 	}
 	return ""
 }
 
-func (x *SystemCreateOauthClientResponse) GetRedirectUris() []string {
+func (x *CreateOauthClientResponse) GetRedirectUris() []string {
 	if x != nil {
 		return x.RedirectUris
 	}
 	return nil
 }
 
+func (x *CreateOauthClientResponse) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
+type GetOauthClientsRequest struct {
+	state         protoimpl.MessageState `protogen:"open.v1"`
+	OwnerId       string                 `protobuf:"bytes,1,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
+	IsAdmin       bool                   `protobuf:"varint,2,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"` // Если true, owner_id игнорируется, выдаются все клиенты
+	Limit         int32                  `protobuf:"varint,3,opt,name=limit,proto3" json:"limit,omitempty"`
+	Offset        int32                  `protobuf:"varint,4,opt,name=offset,proto3" json:"offset,omitempty"`
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
+}
+
+func (x *GetOauthClientsRequest) Reset() {
+	*x = GetOauthClientsRequest{}
+	mi := &file_sso_oauth_proto_msgTypes[6]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
+}
+
+func (x *GetOauthClientsRequest) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*GetOauthClientsRequest) ProtoMessage() {}
+
+func (x *GetOauthClientsRequest) ProtoReflect() protoreflect.Message {
+	mi := &file_sso_oauth_proto_msgTypes[6]
+	if x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use GetOauthClientsRequest.ProtoReflect.Descriptor instead.
+func (*GetOauthClientsRequest) Descriptor() ([]byte, []int) {
+	return file_sso_oauth_proto_rawDescGZIP(), []int{6}
+}
+
+func (x *GetOauthClientsRequest) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
+func (x *GetOauthClientsRequest) GetIsAdmin() bool {
+	if x != nil {
+		return x.IsAdmin
+	}
+	return false
+}
+
+func (x *GetOauthClientsRequest) GetLimit() int32 {
+	if x != nil {
+		return x.Limit
+	}
+	return 0
+}
+
+func (x *GetOauthClientsRequest) GetOffset() int32 {
+	if x != nil {
+		return x.Offset
+	}
+	return 0
+}
+
 type OauthClientItem struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	Id            string                 `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
@@ -380,14 +466,15 @@ type OauthClientItem struct {
 	ClientId      string                 `protobuf:"bytes,3,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
 	RedirectUris  []string               `protobuf:"bytes,4,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
 	Description   *string                `protobuf:"bytes,5,opt,name=description,proto3,oneof" json:"description,omitempty"`
-	CreatedAt     int64                  `protobuf:"varint,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` // Обратите внимание: поля secret здесь нет! Секрет нельзя получить списком.
+	OwnerId       string                 `protobuf:"bytes,6,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
+	CreatedAt     int64                  `protobuf:"varint,7,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
 func (x *OauthClientItem) Reset() {
 	*x = OauthClientItem{}
-	mi := &file_sso_oauth_proto_msgTypes[6]
+	mi := &file_sso_oauth_proto_msgTypes[7]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
@@ -399,7 +486,7 @@ func (x *OauthClientItem) String() string {
 func (*OauthClientItem) ProtoMessage() {}
 
 func (x *OauthClientItem) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_oauth_proto_msgTypes[6]
+	mi := &file_sso_oauth_proto_msgTypes[7]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -412,7 +499,7 @@ func (x *OauthClientItem) ProtoReflect() protoreflect.Message {
 
 // Deprecated: Use OauthClientItem.ProtoReflect.Descriptor instead.
 func (*OauthClientItem) Descriptor() ([]byte, []int) {
-	return file_sso_oauth_proto_rawDescGZIP(), []int{6}
+	return file_sso_oauth_proto_rawDescGZIP(), []int{7}
 }
 
 func (x *OauthClientItem) GetId() string {
@@ -450,6 +537,13 @@ func (x *OauthClientItem) GetDescription() string {
 	return ""
 }
 
+func (x *OauthClientItem) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
 func (x *OauthClientItem) GetCreatedAt() int64 {
 	if x != nil {
 		return x.CreatedAt
@@ -457,59 +551,7 @@ func (x *OauthClientItem) GetCreatedAt() int64 {
 	return 0
 }
 
-type SystemGetOauthClientsRequest struct {
+type GetOauthClientsResponse struct {
-	state         protoimpl.MessageState `protogen:"open.v1"`
-	Limit         int32                  `protobuf:"varint,1,opt,name=limit,proto3" json:"limit,omitempty"`
-	Offset        int32                  `protobuf:"varint,2,opt,name=offset,proto3" json:"offset,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
-}
-
-func (x *SystemGetOauthClientsRequest) Reset() {
-	*x = SystemGetOauthClientsRequest{}
-	mi := &file_sso_oauth_proto_msgTypes[7]
-	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-	ms.StoreMessageInfo(mi)
-}
-
-func (x *SystemGetOauthClientsRequest) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*SystemGetOauthClientsRequest) ProtoMessage() {}
-
-func (x *SystemGetOauthClientsRequest) ProtoReflect() protoreflect.Message {
-	mi := &file_sso_oauth_proto_msgTypes[7]
-	if x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use SystemGetOauthClientsRequest.ProtoReflect.Descriptor instead.
-func (*SystemGetOauthClientsRequest) Descriptor() ([]byte, []int) {
-	return file_sso_oauth_proto_rawDescGZIP(), []int{7}
-}
-
-func (x *SystemGetOauthClientsRequest) GetLimit() int32 {
-	if x != nil {
-		return x.Limit
-	}
-	return 0
-}
-
-func (x *SystemGetOauthClientsRequest) GetOffset() int32 {
-	if x != nil {
-		return x.Offset
-	}
-	return 0
-}
-
-type SystemGetOauthClientsResponse struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	Clients       []*OauthClientItem     `protobuf:"bytes,1,rep,name=clients,proto3" json:"clients,omitempty"`
 	Total         int32                  `protobuf:"varint,2,opt,name=total,proto3" json:"total,omitempty"`
@@ -517,20 +559,20 @@ type SystemGetOauthClientsResponse struct {
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemGetOauthClientsResponse) Reset() {
+func (x *GetOauthClientsResponse) Reset() {
-	*x = SystemGetOauthClientsResponse{}
+	*x = GetOauthClientsResponse{}
 	mi := &file_sso_oauth_proto_msgTypes[8]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemGetOauthClientsResponse) String() string {
+func (x *GetOauthClientsResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemGetOauthClientsResponse) ProtoMessage() {}
+func (*GetOauthClientsResponse) ProtoMessage() {}
 
-func (x *SystemGetOauthClientsResponse) ProtoReflect() protoreflect.Message {
+func (x *GetOauthClientsResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[8]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -542,49 +584,51 @@ func (x *SystemGetOauthClientsResponse) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemGetOauthClientsResponse.ProtoReflect.Descriptor instead.
+// Deprecated: Use GetOauthClientsResponse.ProtoReflect.Descriptor instead.
-func (*SystemGetOauthClientsResponse) Descriptor() ([]byte, []int) {
+func (*GetOauthClientsResponse) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{8}
 }
 
-func (x *SystemGetOauthClientsResponse) GetClients() []*OauthClientItem {
+func (x *GetOauthClientsResponse) GetClients() []*OauthClientItem {
 	if x != nil {
 		return x.Clients
 	}
 	return nil
 }
 
-func (x *SystemGetOauthClientsResponse) GetTotal() int32 {
+func (x *GetOauthClientsResponse) GetTotal() int32 {
 	if x != nil {
 		return x.Total
 	}
 	return 0
 }
 
-type SystemUpdateOauthClientRequest struct {
+type UpdateOauthClientRequest struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	ClientId      string                 `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
-	Name          *string                `protobuf:"bytes,2,opt,name=name,proto3,oneof" json:"name,omitempty"`
+	OwnerId       string                 `protobuf:"bytes,2,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"` // ID того, кто делает запрос
-	RedirectUris  []string               `protobuf:"bytes,3,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"` // Если передано, полностью перезаписывает старые
+	IsAdmin       bool                   `protobuf:"varint,3,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"`
-	Description   *string                `protobuf:"bytes,4,opt,name=description,proto3,oneof" json:"description,omitempty"`
+	Name          *string                `protobuf:"bytes,4,opt,name=name,proto3,oneof" json:"name,omitempty"`
+	RedirectUris  []string               `protobuf:"bytes,5,rep,name=redirect_uris,json=redirectUris,proto3" json:"redirect_uris,omitempty"`
+	Description   *string                `protobuf:"bytes,6,opt,name=description,proto3,oneof" json:"description,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemUpdateOauthClientRequest) Reset() {
+func (x *UpdateOauthClientRequest) Reset() {
-	*x = SystemUpdateOauthClientRequest{}
+	*x = UpdateOauthClientRequest{}
 	mi := &file_sso_oauth_proto_msgTypes[9]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemUpdateOauthClientRequest) String() string {
+func (x *UpdateOauthClientRequest) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemUpdateOauthClientRequest) ProtoMessage() {}
+func (*UpdateOauthClientRequest) ProtoMessage() {}
 
-func (x *SystemUpdateOauthClientRequest) ProtoReflect() protoreflect.Message {
+func (x *UpdateOauthClientRequest) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[9]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -596,60 +640,74 @@ func (x *SystemUpdateOauthClientRequest) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemUpdateOauthClientRequest.ProtoReflect.Descriptor instead.
+// Deprecated: Use UpdateOauthClientRequest.ProtoReflect.Descriptor instead.
-func (*SystemUpdateOauthClientRequest) Descriptor() ([]byte, []int) {
+func (*UpdateOauthClientRequest) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{9}
 }
 
-func (x *SystemUpdateOauthClientRequest) GetClientId() string {
+func (x *UpdateOauthClientRequest) GetClientId() string {
 	if x != nil {
 		return x.ClientId
 	}
 	return ""
 }
 
-func (x *SystemUpdateOauthClientRequest) GetName() string {
+func (x *UpdateOauthClientRequest) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
+func (x *UpdateOauthClientRequest) GetIsAdmin() bool {
+	if x != nil {
+		return x.IsAdmin
+	}
+	return false
+}
+
+func (x *UpdateOauthClientRequest) GetName() string {
 	if x != nil && x.Name != nil {
 		return *x.Name
 	}
 	return ""
 }
 
-func (x *SystemUpdateOauthClientRequest) GetRedirectUris() []string {
+func (x *UpdateOauthClientRequest) GetRedirectUris() []string {
 	if x != nil {
 		return x.RedirectUris
 	}
 	return nil
 }
 
-func (x *SystemUpdateOauthClientRequest) GetDescription() string {
+func (x *UpdateOauthClientRequest) GetDescription() string {
 	if x != nil && x.Description != nil {
 		return *x.Description
 	}
 	return ""
 }
 
-type SystemUpdateOauthClientResponse struct {
+type UpdateOauthClientResponse struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	Success       bool                   `protobuf:"varint,1,opt,name=success,proto3" json:"success,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemUpdateOauthClientResponse) Reset() {
+func (x *UpdateOauthClientResponse) Reset() {
-	*x = SystemUpdateOauthClientResponse{}
+	*x = UpdateOauthClientResponse{}
 	mi := &file_sso_oauth_proto_msgTypes[10]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemUpdateOauthClientResponse) String() string {
+func (x *UpdateOauthClientResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemUpdateOauthClientResponse) ProtoMessage() {}
+func (*UpdateOauthClientResponse) ProtoMessage() {}
 
-func (x *SystemUpdateOauthClientResponse) ProtoReflect() protoreflect.Message {
+func (x *UpdateOauthClientResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[10]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -661,39 +719,41 @@ func (x *SystemUpdateOauthClientResponse) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemUpdateOauthClientResponse.ProtoReflect.Descriptor instead.
+// Deprecated: Use UpdateOauthClientResponse.ProtoReflect.Descriptor instead.
-func (*SystemUpdateOauthClientResponse) Descriptor() ([]byte, []int) {
+func (*UpdateOauthClientResponse) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{10}
 }
 
-func (x *SystemUpdateOauthClientResponse) GetSuccess() bool {
+func (x *UpdateOauthClientResponse) GetSuccess() bool {
 	if x != nil {
 		return x.Success
 	}
 	return false
 }
 
-type SystemResetOauthSecretRequest struct {
+type ResetOauthSecretRequest struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	ClientId      string                 `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
+	OwnerId       string                 `protobuf:"bytes,2,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
+	IsAdmin       bool                   `protobuf:"varint,3,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemResetOauthSecretRequest) Reset() {
+func (x *ResetOauthSecretRequest) Reset() {
-	*x = SystemResetOauthSecretRequest{}
+	*x = ResetOauthSecretRequest{}
 	mi := &file_sso_oauth_proto_msgTypes[11]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemResetOauthSecretRequest) String() string {
+func (x *ResetOauthSecretRequest) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemResetOauthSecretRequest) ProtoMessage() {}
+func (*ResetOauthSecretRequest) ProtoMessage() {}
 
-func (x *SystemResetOauthSecretRequest) ProtoReflect() protoreflect.Message {
+func (x *ResetOauthSecretRequest) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[11]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -705,39 +765,53 @@ func (x *SystemResetOauthSecretRequest) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemResetOauthSecretRequest.ProtoReflect.Descriptor instead.
+// Deprecated: Use ResetOauthSecretRequest.ProtoReflect.Descriptor instead.
-func (*SystemResetOauthSecretRequest) Descriptor() ([]byte, []int) {
+func (*ResetOauthSecretRequest) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{11}
 }
 
-func (x *SystemResetOauthSecretRequest) GetClientId() string {
+func (x *ResetOauthSecretRequest) GetClientId() string {
 	if x != nil {
 		return x.ClientId
 	}
 	return ""
 }
 
-type SystemResetOauthSecretResponse struct {
+func (x *ResetOauthSecretRequest) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
+func (x *ResetOauthSecretRequest) GetIsAdmin() bool {
+	if x != nil {
+		return x.IsAdmin
+	}
+	return false
+}
+
+type ResetOauthSecretResponse struct {
 	state          protoimpl.MessageState `protogen:"open.v1"`
-	NewPlainSecret string                 `protobuf:"bytes,1,opt,name=new_plain_secret,json=newPlainSecret,proto3" json:"new_plain_secret,omitempty"` // Возвращаем новый сгенерированный секрет
+	NewPlainSecret string                 `protobuf:"bytes,1,opt,name=new_plain_secret,json=newPlainSecret,proto3" json:"new_plain_secret,omitempty"`
 	unknownFields  protoimpl.UnknownFields
 	sizeCache      protoimpl.SizeCache
 }
 
-func (x *SystemResetOauthSecretResponse) Reset() {
+func (x *ResetOauthSecretResponse) Reset() {
-	*x = SystemResetOauthSecretResponse{}
+	*x = ResetOauthSecretResponse{}
 	mi := &file_sso_oauth_proto_msgTypes[12]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemResetOauthSecretResponse) String() string {
+func (x *ResetOauthSecretResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemResetOauthSecretResponse) ProtoMessage() {}
+func (*ResetOauthSecretResponse) ProtoMessage() {}
 
-func (x *SystemResetOauthSecretResponse) ProtoReflect() protoreflect.Message {
+func (x *ResetOauthSecretResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[12]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -749,39 +823,41 @@ func (x *SystemResetOauthSecretResponse) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemResetOauthSecretResponse.ProtoReflect.Descriptor instead.
+// Deprecated: Use ResetOauthSecretResponse.ProtoReflect.Descriptor instead.
-func (*SystemResetOauthSecretResponse) Descriptor() ([]byte, []int) {
+func (*ResetOauthSecretResponse) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{12}
 }
 
-func (x *SystemResetOauthSecretResponse) GetNewPlainSecret() string {
+func (x *ResetOauthSecretResponse) GetNewPlainSecret() string {
 	if x != nil {
 		return x.NewPlainSecret
 	}
 	return ""
 }
 
-type SystemDeleteOauthClientRequest struct {
+type DeleteOauthClientRequest struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	ClientId      string                 `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
+	OwnerId       string                 `protobuf:"bytes,2,opt,name=owner_id,json=ownerId,proto3" json:"owner_id,omitempty"`
+	IsAdmin       bool                   `protobuf:"varint,3,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemDeleteOauthClientRequest) Reset() {
+func (x *DeleteOauthClientRequest) Reset() {
-	*x = SystemDeleteOauthClientRequest{}
+	*x = DeleteOauthClientRequest{}
 	mi := &file_sso_oauth_proto_msgTypes[13]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemDeleteOauthClientRequest) String() string {
+func (x *DeleteOauthClientRequest) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemDeleteOauthClientRequest) ProtoMessage() {}
+func (*DeleteOauthClientRequest) ProtoMessage() {}
 
-func (x *SystemDeleteOauthClientRequest) ProtoReflect() protoreflect.Message {
+func (x *DeleteOauthClientRequest) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[13]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -793,39 +869,53 @@ func (x *SystemDeleteOauthClientRequest) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemDeleteOauthClientRequest.ProtoReflect.Descriptor instead.
+// Deprecated: Use DeleteOauthClientRequest.ProtoReflect.Descriptor instead.
-func (*SystemDeleteOauthClientRequest) Descriptor() ([]byte, []int) {
+func (*DeleteOauthClientRequest) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{13}
 }
 
-func (x *SystemDeleteOauthClientRequest) GetClientId() string {
+func (x *DeleteOauthClientRequest) GetClientId() string {
 	if x != nil {
 		return x.ClientId
 	}
 	return ""
 }
 
-type SystemDeleteOauthClientResponse struct {
+func (x *DeleteOauthClientRequest) GetOwnerId() string {
+	if x != nil {
+		return x.OwnerId
+	}
+	return ""
+}
+
+func (x *DeleteOauthClientRequest) GetIsAdmin() bool {
+	if x != nil {
+		return x.IsAdmin
+	}
+	return false
+}
+
+type DeleteOauthClientResponse struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	Success       bool                   `protobuf:"varint,1,opt,name=success,proto3" json:"success,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
 
-func (x *SystemDeleteOauthClientResponse) Reset() {
+func (x *DeleteOauthClientResponse) Reset() {
-	*x = SystemDeleteOauthClientResponse{}
+	*x = DeleteOauthClientResponse{}
 	mi := &file_sso_oauth_proto_msgTypes[14]
 	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 	ms.StoreMessageInfo(mi)
 }
 
-func (x *SystemDeleteOauthClientResponse) String() string {
+func (x *DeleteOauthClientResponse) String() string {
 	return protoimpl.X.MessageStringOf(x)
 }
 
-func (*SystemDeleteOauthClientResponse) ProtoMessage() {}
+func (*DeleteOauthClientResponse) ProtoMessage() {}
 
-func (x *SystemDeleteOauthClientResponse) ProtoReflect() protoreflect.Message {
+func (x *DeleteOauthClientResponse) ProtoReflect() protoreflect.Message {
 	mi := &file_sso_oauth_proto_msgTypes[14]
 	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
@@ -837,12 +927,12 @@ func (x *SystemDeleteOauthClientResponse) ProtoReflect() protoreflect.Message {
 	return mi.MessageOf(x)
 }
 
-// Deprecated: Use SystemDeleteOauthClientResponse.ProtoReflect.Descriptor instead.
+// Deprecated: Use DeleteOauthClientResponse.ProtoReflect.Descriptor instead.
-func (*SystemDeleteOauthClientResponse) Descriptor() ([]byte, []int) {
+func (*DeleteOauthClientResponse) Descriptor() ([]byte, []int) {
 	return file_sso_oauth_proto_rawDescGZIP(), []int{14}
 }
 
-func (x *SystemDeleteOauthClientResponse) GetSuccess() bool {
+func (x *DeleteOauthClientResponse) GetSuccess() bool {
 	if x != nil {
 		return x.Success
 	}
@@ -867,58 +957,69 @@ const file_sso_oauth_proto_rawDesc = "" +
 	"\x19ExchangeOauthCodeResponse\x12!\n" +
 	"\faccess_token\x18\x01 \x01(\tR\vaccessToken\x12\x1d\n" +
 	"\n" +
-	"expires_in\x18\x02 \x01(\x05R\texpiresIn\"\x90\x01\n" +
+	"expires_in\x18\x02 \x01(\x05R\texpiresIn\"\xa5\x01\n" +
-	"\x1eSystemCreateOauthClientRequest\x12\x12\n" +
+	"\x18CreateOauthClientRequest\x12\x19\n" +
-	"\x04name\x18\x01 \x01(\tR\x04name\x12#\n" +
+	"\bowner_id\x18\x01 \x01(\tR\aownerId\x12\x12\n" +
-	"\rredirect_uris\x18\x02 \x03(\tR\fredirectUris\x12%\n" +
+	"\x04name\x18\x02 \x01(\tR\x04name\x12#\n" +
-	"\vdescription\x18\x03 \x01(\tH\x00R\vdescription\x88\x01\x01B\x0e\n" +
+	"\rredirect_uris\x18\x03 \x03(\tR\fredirectUris\x12%\n" +
-	"\f_description\"\xaa\x01\n" +
+	"\vdescription\x18\x04 \x01(\tH\x00R\vdescription\x88\x01\x01B\x0e\n" +
-	"\x1fSystemCreateOauthClientResponse\x12\x0e\n" +
+	"\f_description\"\xbf\x01\n" +
+	"\x19CreateOauthClientResponse\x12\x0e\n" +
 	"\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n" +
 	"\x04name\x18\x02 \x01(\tR\x04name\x12\x1b\n" +
 	"\tclient_id\x18\x03 \x01(\tR\bclientId\x12!\n" +
 	"\fplain_secret\x18\x04 \x01(\tR\vplainSecret\x12#\n" +
-	"\rredirect_uris\x18\x05 \x03(\tR\fredirectUris\"\xcd\x01\n" +
+	"\rredirect_uris\x18\x05 \x03(\tR\fredirectUris\x12\x19\n" +
+	"\bowner_id\x18\x06 \x01(\tR\aownerId\"|\n" +
+	"\x16GetOauthClientsRequest\x12\x19\n" +
+	"\bowner_id\x18\x01 \x01(\tR\aownerId\x12\x19\n" +
+	"\bis_admin\x18\x02 \x01(\bR\aisAdmin\x12\x14\n" +
+	"\x05limit\x18\x03 \x01(\x05R\x05limit\x12\x16\n" +
+	"\x06offset\x18\x04 \x01(\x05R\x06offset\"\xe8\x01\n" +
 	"\x0fOauthClientItem\x12\x0e\n" +
 	"\x02id\x18\x01 \x01(\tR\x02id\x12\x12\n" +
 	"\x04name\x18\x02 \x01(\tR\x04name\x12\x1b\n" +
 	"\tclient_id\x18\x03 \x01(\tR\bclientId\x12#\n" +
 	"\rredirect_uris\x18\x04 \x03(\tR\fredirectUris\x12%\n" +
-	"\vdescription\x18\x05 \x01(\tH\x00R\vdescription\x88\x01\x01\x12\x1d\n" +
+	"\vdescription\x18\x05 \x01(\tH\x00R\vdescription\x88\x01\x01\x12\x19\n" +
+	"\bowner_id\x18\x06 \x01(\tR\aownerId\x12\x1d\n" +
 	"\n" +
-	"created_at\x18\x06 \x01(\x03R\tcreatedAtB\x0e\n" +
+	"created_at\x18\a \x01(\x03R\tcreatedAtB\x0e\n" +
-	"\f_description\"L\n" +
+	"\f_description\"d\n" +
-	"\x1cSystemGetOauthClientsRequest\x12\x14\n" +
+	"\x17GetOauthClientsResponse\x123\n" +
-	"\x05limit\x18\x01 \x01(\x05R\x05limit\x12\x16\n" +
-	"\x06offset\x18\x02 \x01(\x05R\x06offset\"j\n" +
-	"\x1dSystemGetOauthClientsResponse\x123\n" +
 	"\aclients\x18\x01 \x03(\v2\x19.oauth.v1.OauthClientItemR\aclients\x12\x14\n" +
-	"\x05total\x18\x02 \x01(\x05R\x05total\"\xbb\x01\n" +
+	"\x05total\x18\x02 \x01(\x05R\x05total\"\xeb\x01\n" +
-	"\x1eSystemUpdateOauthClientRequest\x12\x1b\n" +
+	"\x18UpdateOauthClientRequest\x12\x1b\n" +
-	"\tclient_id\x18\x01 \x01(\tR\bclientId\x12\x17\n" +
+	"\tclient_id\x18\x01 \x01(\tR\bclientId\x12\x19\n" +
-	"\x04name\x18\x02 \x01(\tH\x00R\x04name\x88\x01\x01\x12#\n" +
+	"\bowner_id\x18\x02 \x01(\tR\aownerId\x12\x19\n" +
-	"\rredirect_uris\x18\x03 \x03(\tR\fredirectUris\x12%\n" +
+	"\bis_admin\x18\x03 \x01(\bR\aisAdmin\x12\x17\n" +
-	"\vdescription\x18\x04 \x01(\tH\x01R\vdescription\x88\x01\x01B\a\n" +
+	"\x04name\x18\x04 \x01(\tH\x00R\x04name\x88\x01\x01\x12#\n" +
+	"\rredirect_uris\x18\x05 \x03(\tR\fredirectUris\x12%\n" +
+	"\vdescription\x18\x06 \x01(\tH\x01R\vdescription\x88\x01\x01B\a\n" +
 	"\x05_nameB\x0e\n" +
-	"\f_description\";\n" +
+	"\f_description\"5\n" +
-	"\x1fSystemUpdateOauthClientResponse\x12\x18\n" +
+	"\x19UpdateOauthClientResponse\x12\x18\n" +
-	"\asuccess\x18\x01 \x01(\bR\asuccess\"<\n" +
+	"\asuccess\x18\x01 \x01(\bR\asuccess\"l\n" +
-	"\x1dSystemResetOauthSecretRequest\x12\x1b\n" +
+	"\x17ResetOauthSecretRequest\x12\x1b\n" +
-	"\tclient_id\x18\x01 \x01(\tR\bclientId\"J\n" +
+	"\tclient_id\x18\x01 \x01(\tR\bclientId\x12\x19\n" +
-	"\x1eSystemResetOauthSecretResponse\x12(\n" +
+	"\bowner_id\x18\x02 \x01(\tR\aownerId\x12\x19\n" +
-	"\x10new_plain_secret\x18\x01 \x01(\tR\x0enewPlainSecret\"=\n" +
+	"\bis_admin\x18\x03 \x01(\bR\aisAdmin\"D\n" +
-	"\x1eSystemDeleteOauthClientRequest\x12\x1b\n" +
+	"\x18ResetOauthSecretResponse\x12(\n" +
-	"\tclient_id\x18\x01 \x01(\tR\bclientId\";\n" +
+	"\x10new_plain_secret\x18\x01 \x01(\tR\x0enewPlainSecret\"m\n" +
-	"\x1fSystemDeleteOauthClientResponse\x12\x18\n" +
+	"\x18DeleteOauthClientRequest\x12\x1b\n" +
-	"\asuccess\x18\x01 \x01(\bR\asuccess2\xf1\x05\n" +
+	"\tclient_id\x18\x01 \x01(\tR\bclientId\x12\x19\n" +
+	"\bowner_id\x18\x02 \x01(\tR\aownerId\x12\x19\n" +
+	"\bis_admin\x18\x03 \x01(\bR\aisAdmin\"5\n" +
+	"\x19DeleteOauthClientResponse\x12\x18\n" +
+	"\asuccess\x18\x01 \x01(\bR\asuccess2\x97\x05\n" +
 	"\fOauthService\x12\\\n" +
 	"\x11GenerateOauthCode\x12\".oauth.v1.GenerateOauthCodeRequest\x1a#.oauth.v1.GenerateOauthCodeResponse\x12\\\n" +
-	"\x11ExchangeOauthCode\x12\".oauth.v1.ExchangeOauthCodeRequest\x1a#.oauth.v1.ExchangeOauthCodeResponse\x12n\n" +
+	"\x11ExchangeOauthCode\x12\".oauth.v1.ExchangeOauthCodeRequest\x1a#.oauth.v1.ExchangeOauthCodeResponse\x12\\\n" +
-	"\x17SystemCreateOauthClient\x12(.oauth.v1.SystemCreateOauthClientRequest\x1a).oauth.v1.SystemCreateOauthClientResponse\x12h\n" +
+	"\x11CreateOauthClient\x12\".oauth.v1.CreateOauthClientRequest\x1a#.oauth.v1.CreateOauthClientResponse\x12V\n" +
-	"\x15SystemGetOauthClients\x12&.oauth.v1.SystemGetOauthClientsRequest\x1a'.oauth.v1.SystemGetOauthClientsResponse\x12n\n" +
+	"\x0fGetOauthClients\x12 .oauth.v1.GetOauthClientsRequest\x1a!.oauth.v1.GetOauthClientsResponse\x12\\\n" +
-	"\x17SystemUpdateOauthClient\x12(.oauth.v1.SystemUpdateOauthClientRequest\x1a).oauth.v1.SystemUpdateOauthClientResponse\x12k\n" +
+	"\x11UpdateOauthClient\x12\".oauth.v1.UpdateOauthClientRequest\x1a#.oauth.v1.UpdateOauthClientResponse\x12Y\n" +
-	"\x16SystemResetOauthSecret\x12'.oauth.v1.SystemResetOauthSecretRequest\x1a(.oauth.v1.SystemResetOauthSecretResponse\x12n\n" +
+	"\x10ResetOauthSecret\x12!.oauth.v1.ResetOauthSecretRequest\x1a\".oauth.v1.ResetOauthSecretResponse\x12\\\n" +
-	"\x17SystemDeleteOauthClient\x12(.oauth.v1.SystemDeleteOauthClientRequest\x1a).oauth.v1.SystemDeleteOauthClientResponseB*Z(git.lendry.ru/lendry-erp/proto.git/go;pbb\x06proto3"
+	"\x11DeleteOauthClient\x12\".oauth.v1.DeleteOauthClientRequest\x1a#.oauth.v1.DeleteOauthClientResponseB*Z(git.lendry.ru/lendry-erp/proto.git/go;pbb\x06proto3"
 
 var (
 	file_sso_oauth_proto_rawDescOnce sync.Once
@@ -934,38 +1035,38 @@ func file_sso_oauth_proto_rawDescGZIP() []byte {
 
 var file_sso_oauth_proto_msgTypes = make([]protoimpl.MessageInfo, 15)
 var file_sso_oauth_proto_goTypes = []any{
-	(*GenerateOauthCodeRequest)(nil),        // 0: oauth.v1.GenerateOauthCodeRequest
+	(*GenerateOauthCodeRequest)(nil),  // 0: oauth.v1.GenerateOauthCodeRequest
-	(*GenerateOauthCodeResponse)(nil),       // 1: oauth.v1.GenerateOauthCodeResponse
+	(*GenerateOauthCodeResponse)(nil), // 1: oauth.v1.GenerateOauthCodeResponse
-	(*ExchangeOauthCodeRequest)(nil),        // 2: oauth.v1.ExchangeOauthCodeRequest
+	(*ExchangeOauthCodeRequest)(nil),  // 2: oauth.v1.ExchangeOauthCodeRequest
-	(*ExchangeOauthCodeResponse)(nil),       // 3: oauth.v1.ExchangeOauthCodeResponse
+	(*ExchangeOauthCodeResponse)(nil), // 3: oauth.v1.ExchangeOauthCodeResponse
-	(*SystemCreateOauthClientRequest)(nil),  // 4: oauth.v1.SystemCreateOauthClientRequest
+	(*CreateOauthClientRequest)(nil),  // 4: oauth.v1.CreateOauthClientRequest
-	(*SystemCreateOauthClientResponse)(nil), // 5: oauth.v1.SystemCreateOauthClientResponse
+	(*CreateOauthClientResponse)(nil), // 5: oauth.v1.CreateOauthClientResponse
-	(*OauthClientItem)(nil),                 // 6: oauth.v1.OauthClientItem
+	(*GetOauthClientsRequest)(nil),    // 6: oauth.v1.GetOauthClientsRequest
-	(*SystemGetOauthClientsRequest)(nil),    // 7: oauth.v1.SystemGetOauthClientsRequest
+	(*OauthClientItem)(nil),           // 7: oauth.v1.OauthClientItem
-	(*SystemGetOauthClientsResponse)(nil),   // 8: oauth.v1.SystemGetOauthClientsResponse
+	(*GetOauthClientsResponse)(nil),   // 8: oauth.v1.GetOauthClientsResponse
-	(*SystemUpdateOauthClientRequest)(nil),  // 9: oauth.v1.SystemUpdateOauthClientRequest
+	(*UpdateOauthClientRequest)(nil),  // 9: oauth.v1.UpdateOauthClientRequest
-	(*SystemUpdateOauthClientResponse)(nil), // 10: oauth.v1.SystemUpdateOauthClientResponse
+	(*UpdateOauthClientResponse)(nil), // 10: oauth.v1.UpdateOauthClientResponse
-	(*SystemResetOauthSecretRequest)(nil),   // 11: oauth.v1.SystemResetOauthSecretRequest
+	(*ResetOauthSecretRequest)(nil),   // 11: oauth.v1.ResetOauthSecretRequest
-	(*SystemResetOauthSecretResponse)(nil),  // 12: oauth.v1.SystemResetOauthSecretResponse
+	(*ResetOauthSecretResponse)(nil),  // 12: oauth.v1.ResetOauthSecretResponse
-	(*SystemDeleteOauthClientRequest)(nil),  // 13: oauth.v1.SystemDeleteOauthClientRequest
+	(*DeleteOauthClientRequest)(nil),  // 13: oauth.v1.DeleteOauthClientRequest
-	(*SystemDeleteOauthClientResponse)(nil), // 14: oauth.v1.SystemDeleteOauthClientResponse
+	(*DeleteOauthClientResponse)(nil), // 14: oauth.v1.DeleteOauthClientResponse
 }
 var file_sso_oauth_proto_depIdxs = []int32{
-	6,  // 0: oauth.v1.SystemGetOauthClientsResponse.clients:type_name -> oauth.v1.OauthClientItem
+	7,  // 0: oauth.v1.GetOauthClientsResponse.clients:type_name -> oauth.v1.OauthClientItem
 	0,  // 1: oauth.v1.OauthService.GenerateOauthCode:input_type -> oauth.v1.GenerateOauthCodeRequest
 	2,  // 2: oauth.v1.OauthService.ExchangeOauthCode:input_type -> oauth.v1.ExchangeOauthCodeRequest
-	4,  // 3: oauth.v1.OauthService.SystemCreateOauthClient:input_type -> oauth.v1.SystemCreateOauthClientRequest
+	4,  // 3: oauth.v1.OauthService.CreateOauthClient:input_type -> oauth.v1.CreateOauthClientRequest
-	7,  // 4: oauth.v1.OauthService.SystemGetOauthClients:input_type -> oauth.v1.SystemGetOauthClientsRequest
+	6,  // 4: oauth.v1.OauthService.GetOauthClients:input_type -> oauth.v1.GetOauthClientsRequest
-	9,  // 5: oauth.v1.OauthService.SystemUpdateOauthClient:input_type -> oauth.v1.SystemUpdateOauthClientRequest
+	9,  // 5: oauth.v1.OauthService.UpdateOauthClient:input_type -> oauth.v1.UpdateOauthClientRequest
-	11, // 6: oauth.v1.OauthService.SystemResetOauthSecret:input_type -> oauth.v1.SystemResetOauthSecretRequest
+	11, // 6: oauth.v1.OauthService.ResetOauthSecret:input_type -> oauth.v1.ResetOauthSecretRequest
-	13, // 7: oauth.v1.OauthService.SystemDeleteOauthClient:input_type -> oauth.v1.SystemDeleteOauthClientRequest
+	13, // 7: oauth.v1.OauthService.DeleteOauthClient:input_type -> oauth.v1.DeleteOauthClientRequest
 	1,  // 8: oauth.v1.OauthService.GenerateOauthCode:output_type -> oauth.v1.GenerateOauthCodeResponse
 	3,  // 9: oauth.v1.OauthService.ExchangeOauthCode:output_type -> oauth.v1.ExchangeOauthCodeResponse
-	5,  // 10: oauth.v1.OauthService.SystemCreateOauthClient:output_type -> oauth.v1.SystemCreateOauthClientResponse
+	5,  // 10: oauth.v1.OauthService.CreateOauthClient:output_type -> oauth.v1.CreateOauthClientResponse
-	8,  // 11: oauth.v1.OauthService.SystemGetOauthClients:output_type -> oauth.v1.SystemGetOauthClientsResponse
+	8,  // 11: oauth.v1.OauthService.GetOauthClients:output_type -> oauth.v1.GetOauthClientsResponse
-	10, // 12: oauth.v1.OauthService.SystemUpdateOauthClient:output_type -> oauth.v1.SystemUpdateOauthClientResponse
+	10, // 12: oauth.v1.OauthService.UpdateOauthClient:output_type -> oauth.v1.UpdateOauthClientResponse
-	12, // 13: oauth.v1.OauthService.SystemResetOauthSecret:output_type -> oauth.v1.SystemResetOauthSecretResponse
+	12, // 13: oauth.v1.OauthService.ResetOauthSecret:output_type -> oauth.v1.ResetOauthSecretResponse
-	14, // 14: oauth.v1.OauthService.SystemDeleteOauthClient:output_type -> oauth.v1.SystemDeleteOauthClientResponse
+	14, // 14: oauth.v1.OauthService.DeleteOauthClient:output_type -> oauth.v1.DeleteOauthClientResponse
 	8,  // [8:15] is the sub-list for method output_type
 	1,  // [1:8] is the sub-list for method input_type
 	1,  // [1:1] is the sub-list for extension type_name
@@ -979,7 +1080,7 @@ func file_sso_oauth_proto_init() {
 		return
 	}
 	file_sso_oauth_proto_msgTypes[4].OneofWrappers = []any{}
-	file_sso_oauth_proto_msgTypes[6].OneofWrappers = []any{}
+	file_sso_oauth_proto_msgTypes[7].OneofWrappers = []any{}
 	file_sso_oauth_proto_msgTypes[9].OneofWrappers = []any{}
 	type x struct{}
 	out := protoimpl.TypeBuilder{

gen/go/sso/oauth_grpc.pb.go

@@ -19,13 +19,13 @@ import (
 const _ = grpc.SupportPackageIsVersion9
 
 const (
-	OauthService_GenerateOauthCode_FullMethodName       = "/oauth.v1.OauthService/GenerateOauthCode"
+	OauthService_GenerateOauthCode_FullMethodName = "/oauth.v1.OauthService/GenerateOauthCode"
-	OauthService_ExchangeOauthCode_FullMethodName       = "/oauth.v1.OauthService/ExchangeOauthCode"
+	OauthService_ExchangeOauthCode_FullMethodName = "/oauth.v1.OauthService/ExchangeOauthCode"
-	OauthService_SystemCreateOauthClient_FullMethodName = "/oauth.v1.OauthService/SystemCreateOauthClient"
+	OauthService_CreateOauthClient_FullMethodName = "/oauth.v1.OauthService/CreateOauthClient"
-	OauthService_SystemGetOauthClients_FullMethodName   = "/oauth.v1.OauthService/SystemGetOauthClients"
+	OauthService_GetOauthClients_FullMethodName   = "/oauth.v1.OauthService/GetOauthClients"
-	OauthService_SystemUpdateOauthClient_FullMethodName = "/oauth.v1.OauthService/SystemUpdateOauthClient"
+	OauthService_UpdateOauthClient_FullMethodName = "/oauth.v1.OauthService/UpdateOauthClient"
-	OauthService_SystemResetOauthSecret_FullMethodName  = "/oauth.v1.OauthService/SystemResetOauthSecret"
+	OauthService_ResetOauthSecret_FullMethodName  = "/oauth.v1.OauthService/ResetOauthSecret"
-	OauthService_SystemDeleteOauthClient_FullMethodName = "/oauth.v1.OauthService/SystemDeleteOauthClient"
+	OauthService_DeleteOauthClient_FullMethodName = "/oauth.v1.OauthService/DeleteOauthClient"
 )
 
 // OauthServiceClient is the client API for OauthService service.
@@ -35,12 +35,12 @@ type OauthServiceClient interface {
 	// === Базовый SSO (вызывается из Gateway / Графаны) ===
 	GenerateOauthCode(ctx context.Context, in *GenerateOauthCodeRequest, opts ...grpc.CallOption) (*GenerateOauthCodeResponse, error)
 	ExchangeOauthCode(ctx context.Context, in *ExchangeOauthCodeRequest, opts ...grpc.CallOption) (*ExchangeOauthCodeResponse, error)
-	// === Системные методы для Админки (Управление клиентами) ===
+	// === Системные методы (Консоль Разработчика / Админка) ===
-	SystemCreateOauthClient(ctx context.Context, in *SystemCreateOauthClientRequest, opts ...grpc.CallOption) (*SystemCreateOauthClientResponse, error)
+	CreateOauthClient(ctx context.Context, in *CreateOauthClientRequest, opts ...grpc.CallOption) (*CreateOauthClientResponse, error)
-	SystemGetOauthClients(ctx context.Context, in *SystemGetOauthClientsRequest, opts ...grpc.CallOption) (*SystemGetOauthClientsResponse, error)
+	GetOauthClients(ctx context.Context, in *GetOauthClientsRequest, opts ...grpc.CallOption) (*GetOauthClientsResponse, error)
-	SystemUpdateOauthClient(ctx context.Context, in *SystemUpdateOauthClientRequest, opts ...grpc.CallOption) (*SystemUpdateOauthClientResponse, error)
+	UpdateOauthClient(ctx context.Context, in *UpdateOauthClientRequest, opts ...grpc.CallOption) (*UpdateOauthClientResponse, error)
-	SystemResetOauthSecret(ctx context.Context, in *SystemResetOauthSecretRequest, opts ...grpc.CallOption) (*SystemResetOauthSecretResponse, error)
+	ResetOauthSecret(ctx context.Context, in *ResetOauthSecretRequest, opts ...grpc.CallOption) (*ResetOauthSecretResponse, error)
-	SystemDeleteOauthClient(ctx context.Context, in *SystemDeleteOauthClientRequest, opts ...grpc.CallOption) (*SystemDeleteOauthClientResponse, error)
+	DeleteOauthClient(ctx context.Context, in *DeleteOauthClientRequest, opts ...grpc.CallOption) (*DeleteOauthClientResponse, error)
 }
 
 type oauthServiceClient struct {
@@ -71,50 +71,50 @@ func (c *oauthServiceClient) ExchangeOauthCode(ctx context.Context, in *Exchange
 	return out, nil
 }
 
-func (c *oauthServiceClient) SystemCreateOauthClient(ctx context.Context, in *SystemCreateOauthClientRequest, opts ...grpc.CallOption) (*SystemCreateOauthClientResponse, error) {
+func (c *oauthServiceClient) CreateOauthClient(ctx context.Context, in *CreateOauthClientRequest, opts ...grpc.CallOption) (*CreateOauthClientResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SystemCreateOauthClientResponse)
+	out := new(CreateOauthClientResponse)
-	err := c.cc.Invoke(ctx, OauthService_SystemCreateOauthClient_FullMethodName, in, out, cOpts...)
+	err := c.cc.Invoke(ctx, OauthService_CreateOauthClient_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *oauthServiceClient) SystemGetOauthClients(ctx context.Context, in *SystemGetOauthClientsRequest, opts ...grpc.CallOption) (*SystemGetOauthClientsResponse, error) {
+func (c *oauthServiceClient) GetOauthClients(ctx context.Context, in *GetOauthClientsRequest, opts ...grpc.CallOption) (*GetOauthClientsResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SystemGetOauthClientsResponse)
+	out := new(GetOauthClientsResponse)
-	err := c.cc.Invoke(ctx, OauthService_SystemGetOauthClients_FullMethodName, in, out, cOpts...)
+	err := c.cc.Invoke(ctx, OauthService_GetOauthClients_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *oauthServiceClient) SystemUpdateOauthClient(ctx context.Context, in *SystemUpdateOauthClientRequest, opts ...grpc.CallOption) (*SystemUpdateOauthClientResponse, error) {
+func (c *oauthServiceClient) UpdateOauthClient(ctx context.Context, in *UpdateOauthClientRequest, opts ...grpc.CallOption) (*UpdateOauthClientResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SystemUpdateOauthClientResponse)
+	out := new(UpdateOauthClientResponse)
-	err := c.cc.Invoke(ctx, OauthService_SystemUpdateOauthClient_FullMethodName, in, out, cOpts...)
+	err := c.cc.Invoke(ctx, OauthService_UpdateOauthClient_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *oauthServiceClient) SystemResetOauthSecret(ctx context.Context, in *SystemResetOauthSecretRequest, opts ...grpc.CallOption) (*SystemResetOauthSecretResponse, error) {
+func (c *oauthServiceClient) ResetOauthSecret(ctx context.Context, in *ResetOauthSecretRequest, opts ...grpc.CallOption) (*ResetOauthSecretResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SystemResetOauthSecretResponse)
+	out := new(ResetOauthSecretResponse)
-	err := c.cc.Invoke(ctx, OauthService_SystemResetOauthSecret_FullMethodName, in, out, cOpts...)
+	err := c.cc.Invoke(ctx, OauthService_ResetOauthSecret_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
 	return out, nil
 }
 
-func (c *oauthServiceClient) SystemDeleteOauthClient(ctx context.Context, in *SystemDeleteOauthClientRequest, opts ...grpc.CallOption) (*SystemDeleteOauthClientResponse, error) {
+func (c *oauthServiceClient) DeleteOauthClient(ctx context.Context, in *DeleteOauthClientRequest, opts ...grpc.CallOption) (*DeleteOauthClientResponse, error) {
 	cOpts := append([]grpc.CallOption{grpc.StaticMethod()}, opts...)
-	out := new(SystemDeleteOauthClientResponse)
+	out := new(DeleteOauthClientResponse)
-	err := c.cc.Invoke(ctx, OauthService_SystemDeleteOauthClient_FullMethodName, in, out, cOpts...)
+	err := c.cc.Invoke(ctx, OauthService_DeleteOauthClient_FullMethodName, in, out, cOpts...)
 	if err != nil {
 		return nil, err
 	}
@@ -128,12 +128,12 @@ type OauthServiceServer interface {
 	// === Базовый SSO (вызывается из Gateway / Графаны) ===
 	GenerateOauthCode(context.Context, *GenerateOauthCodeRequest) (*GenerateOauthCodeResponse, error)
 	ExchangeOauthCode(context.Context, *ExchangeOauthCodeRequest) (*ExchangeOauthCodeResponse, error)
-	// === Системные методы для Админки (Управление клиентами) ===
+	// === Системные методы (Консоль Разработчика / Админка) ===
-	SystemCreateOauthClient(context.Context, *SystemCreateOauthClientRequest) (*SystemCreateOauthClientResponse, error)
+	CreateOauthClient(context.Context, *CreateOauthClientRequest) (*CreateOauthClientResponse, error)
-	SystemGetOauthClients(context.Context, *SystemGetOauthClientsRequest) (*SystemGetOauthClientsResponse, error)
+	GetOauthClients(context.Context, *GetOauthClientsRequest) (*GetOauthClientsResponse, error)
-	SystemUpdateOauthClient(context.Context, *SystemUpdateOauthClientRequest) (*SystemUpdateOauthClientResponse, error)
+	UpdateOauthClient(context.Context, *UpdateOauthClientRequest) (*UpdateOauthClientResponse, error)
-	SystemResetOauthSecret(context.Context, *SystemResetOauthSecretRequest) (*SystemResetOauthSecretResponse, error)
+	ResetOauthSecret(context.Context, *ResetOauthSecretRequest) (*ResetOauthSecretResponse, error)
-	SystemDeleteOauthClient(context.Context, *SystemDeleteOauthClientRequest) (*SystemDeleteOauthClientResponse, error)
+	DeleteOauthClient(context.Context, *DeleteOauthClientRequest) (*DeleteOauthClientResponse, error)
 	mustEmbedUnimplementedOauthServiceServer()
 }
 
@@ -150,20 +150,20 @@ func (UnimplementedOauthServiceServer) GenerateOauthCode(context.Context, *Gener
 func (UnimplementedOauthServiceServer) ExchangeOauthCode(context.Context, *ExchangeOauthCodeRequest) (*ExchangeOauthCodeResponse, error) {
 	return nil, status.Error(codes.Unimplemented, "method ExchangeOauthCode not implemented")
 }
-func (UnimplementedOauthServiceServer) SystemCreateOauthClient(context.Context, *SystemCreateOauthClientRequest) (*SystemCreateOauthClientResponse, error) {
+func (UnimplementedOauthServiceServer) CreateOauthClient(context.Context, *CreateOauthClientRequest) (*CreateOauthClientResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SystemCreateOauthClient not implemented")
+	return nil, status.Error(codes.Unimplemented, "method CreateOauthClient not implemented")
 }
-func (UnimplementedOauthServiceServer) SystemGetOauthClients(context.Context, *SystemGetOauthClientsRequest) (*SystemGetOauthClientsResponse, error) {
+func (UnimplementedOauthServiceServer) GetOauthClients(context.Context, *GetOauthClientsRequest) (*GetOauthClientsResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SystemGetOauthClients not implemented")
+	return nil, status.Error(codes.Unimplemented, "method GetOauthClients not implemented")
 }
-func (UnimplementedOauthServiceServer) SystemUpdateOauthClient(context.Context, *SystemUpdateOauthClientRequest) (*SystemUpdateOauthClientResponse, error) {
+func (UnimplementedOauthServiceServer) UpdateOauthClient(context.Context, *UpdateOauthClientRequest) (*UpdateOauthClientResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SystemUpdateOauthClient not implemented")
+	return nil, status.Error(codes.Unimplemented, "method UpdateOauthClient not implemented")
 }
-func (UnimplementedOauthServiceServer) SystemResetOauthSecret(context.Context, *SystemResetOauthSecretRequest) (*SystemResetOauthSecretResponse, error) {
+func (UnimplementedOauthServiceServer) ResetOauthSecret(context.Context, *ResetOauthSecretRequest) (*ResetOauthSecretResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SystemResetOauthSecret not implemented")
+	return nil, status.Error(codes.Unimplemented, "method ResetOauthSecret not implemented")
 }
-func (UnimplementedOauthServiceServer) SystemDeleteOauthClient(context.Context, *SystemDeleteOauthClientRequest) (*SystemDeleteOauthClientResponse, error) {
+func (UnimplementedOauthServiceServer) DeleteOauthClient(context.Context, *DeleteOauthClientRequest) (*DeleteOauthClientResponse, error) {
-	return nil, status.Error(codes.Unimplemented, "method SystemDeleteOauthClient not implemented")
+	return nil, status.Error(codes.Unimplemented, "method DeleteOauthClient not implemented")
 }
 func (UnimplementedOauthServiceServer) mustEmbedUnimplementedOauthServiceServer() {}
 func (UnimplementedOauthServiceServer) testEmbeddedByValue()                      {}
@@ -222,92 +222,92 @@ func _OauthService_ExchangeOauthCode_Handler(srv interface{}, ctx context.Contex
 	return interceptor(ctx, in, info, handler)
 }
 
-func _OauthService_SystemCreateOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+func _OauthService_CreateOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SystemCreateOauthClientRequest)
+	in := new(CreateOauthClientRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(OauthServiceServer).SystemCreateOauthClient(ctx, in)
+		return srv.(OauthServiceServer).CreateOauthClient(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: OauthService_SystemCreateOauthClient_FullMethodName,
+		FullMethod: OauthService_CreateOauthClient_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(OauthServiceServer).SystemCreateOauthClient(ctx, req.(*SystemCreateOauthClientRequest))
+		return srv.(OauthServiceServer).CreateOauthClient(ctx, req.(*CreateOauthClientRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _OauthService_SystemGetOauthClients_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+func _OauthService_GetOauthClients_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SystemGetOauthClientsRequest)
+	in := new(GetOauthClientsRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(OauthServiceServer).SystemGetOauthClients(ctx, in)
+		return srv.(OauthServiceServer).GetOauthClients(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: OauthService_SystemGetOauthClients_FullMethodName,
+		FullMethod: OauthService_GetOauthClients_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(OauthServiceServer).SystemGetOauthClients(ctx, req.(*SystemGetOauthClientsRequest))
+		return srv.(OauthServiceServer).GetOauthClients(ctx, req.(*GetOauthClientsRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _OauthService_SystemUpdateOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+func _OauthService_UpdateOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SystemUpdateOauthClientRequest)
+	in := new(UpdateOauthClientRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(OauthServiceServer).SystemUpdateOauthClient(ctx, in)
+		return srv.(OauthServiceServer).UpdateOauthClient(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: OauthService_SystemUpdateOauthClient_FullMethodName,
+		FullMethod: OauthService_UpdateOauthClient_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(OauthServiceServer).SystemUpdateOauthClient(ctx, req.(*SystemUpdateOauthClientRequest))
+		return srv.(OauthServiceServer).UpdateOauthClient(ctx, req.(*UpdateOauthClientRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _OauthService_SystemResetOauthSecret_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+func _OauthService_ResetOauthSecret_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SystemResetOauthSecretRequest)
+	in := new(ResetOauthSecretRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(OauthServiceServer).SystemResetOauthSecret(ctx, in)
+		return srv.(OauthServiceServer).ResetOauthSecret(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: OauthService_SystemResetOauthSecret_FullMethodName,
+		FullMethod: OauthService_ResetOauthSecret_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(OauthServiceServer).SystemResetOauthSecret(ctx, req.(*SystemResetOauthSecretRequest))
+		return srv.(OauthServiceServer).ResetOauthSecret(ctx, req.(*ResetOauthSecretRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
 
-func _OauthService_SystemDeleteOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
+func _OauthService_DeleteOauthClient_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
-	in := new(SystemDeleteOauthClientRequest)
+	in := new(DeleteOauthClientRequest)
 	if err := dec(in); err != nil {
 		return nil, err
 	}
 	if interceptor == nil {
-		return srv.(OauthServiceServer).SystemDeleteOauthClient(ctx, in)
+		return srv.(OauthServiceServer).DeleteOauthClient(ctx, in)
 	}
 	info := &grpc.UnaryServerInfo{
 		Server:     srv,
-		FullMethod: OauthService_SystemDeleteOauthClient_FullMethodName,
+		FullMethod: OauthService_DeleteOauthClient_FullMethodName,
 	}
 	handler := func(ctx context.Context, req interface{}) (interface{}, error) {
-		return srv.(OauthServiceServer).SystemDeleteOauthClient(ctx, req.(*SystemDeleteOauthClientRequest))
+		return srv.(OauthServiceServer).DeleteOauthClient(ctx, req.(*DeleteOauthClientRequest))
 	}
 	return interceptor(ctx, in, info, handler)
 }
@@ -328,24 +328,24 @@ var OauthService_ServiceDesc = grpc.ServiceDesc{
 			Handler:    _OauthService_ExchangeOauthCode_Handler,
 		},
 		{
-			MethodName: "SystemCreateOauthClient",
+			MethodName: "CreateOauthClient",
-			Handler:    _OauthService_SystemCreateOauthClient_Handler,
+			Handler:    _OauthService_CreateOauthClient_Handler,
 		},
 		{
-			MethodName: "SystemGetOauthClients",
+			MethodName: "GetOauthClients",
-			Handler:    _OauthService_SystemGetOauthClients_Handler,
+			Handler:    _OauthService_GetOauthClients_Handler,
 		},
 		{
-			MethodName: "SystemUpdateOauthClient",
+			MethodName: "UpdateOauthClient",
-			Handler:    _OauthService_SystemUpdateOauthClient_Handler,
+			Handler:    _OauthService_UpdateOauthClient_Handler,
 		},
 		{
-			MethodName: "SystemResetOauthSecret",
+			MethodName: "ResetOauthSecret",
-			Handler:    _OauthService_SystemResetOauthSecret_Handler,
+			Handler:    _OauthService_ResetOauthSecret_Handler,
 		},
 		{
-			MethodName: "SystemDeleteOauthClient",
+			MethodName: "DeleteOauthClient",
-			Handler:    _OauthService_SystemDeleteOauthClient_Handler,
+			Handler:    _OauthService_DeleteOauthClient_Handler,
 		},
 	},
 	Streams:  []grpc.StreamDesc{},

gen/sso/oauth.ts

@@ -11,6 +11,7 @@ import { Observable } from "rxjs";
 
 export const protobufPackage = "oauth.v1";
 
+/** --- Сообщения для базового SSO --- */
 export interface GenerateOauthCodeRequest {
   userId: string;
   clientId: string;
@@ -32,24 +33,30 @@ export interface ExchangeOauthCodeResponse {
   expiresIn: number;
 }
 
-export interface SystemCreateOauthClientRequest {
+/** --- Сообщения для управления клиентами --- */
-  /** Название приложения (например, "Grafana Analytics") */
+export interface CreateOauthClientRequest {
+  ownerId: string;
   name: string;
-  /** Список разрешенных коллбеков */
   redirectUris: string[];
-  /** Описание (для админки) */
   description?: string | undefined;
 }
 
-export interface SystemCreateOauthClientResponse {
+export interface CreateOauthClientResponse {
-  /** Внутренний ID в базе */
   id: string;
   name: string;
-  /** Публичный ID клиента (app_...) */
   clientId: string;
-  /** ВАЖНО: Чистый секрет. Отдается ТОЛЬКО здесь один раз! */
+  /** Отдается ТОЛЬКО здесь один раз */
   plainSecret: string;
   redirectUris: string[];
+  ownerId: string;
+}
+
+export interface GetOauthClientsRequest {
+  ownerId: string;
+  /** Если true, owner_id игнорируется, выдаются все клиенты */
+  isAdmin: boolean;
+  limit: number;
+  offset: number;
 }
 
 export interface OauthClientItem {
@@ -57,51 +64,47 @@ export interface OauthClientItem {
   name: string;
   clientId: string;
   redirectUris: string[];
-  description?:
+  description?: string | undefined;
-    | string
+  ownerId: string;
-    | undefined;
-  /** Обратите внимание: поля secret здесь нет! Секрет нельзя получить списком. */
   createdAt: number;
 }
 
-export interface SystemGetOauthClientsRequest {
+export interface GetOauthClientsResponse {
-  limit: number;
-  offset: number;
-}
-
-export interface SystemGetOauthClientsResponse {
   clients: OauthClientItem[];
   total: number;
 }
 
-export interface SystemUpdateOauthClientRequest {
+export interface UpdateOauthClientRequest {
   clientId: string;
-  name?:
+  /** ID того, кто делает запрос */
-    | string
+  ownerId: string;
-    | undefined;
+  isAdmin: boolean;
-  /** Если передано, полностью перезаписывает старые */
+  name?: string | undefined;
   redirectUris: string[];
   description?: string | undefined;
 }
 
-export interface SystemUpdateOauthClientResponse {
+export interface UpdateOauthClientResponse {
   success: boolean;
 }
 
-export interface SystemResetOauthSecretRequest {
+export interface ResetOauthSecretRequest {
   clientId: string;
+  ownerId: string;
+  isAdmin: boolean;
 }
 
-export interface SystemResetOauthSecretResponse {
+export interface ResetOauthSecretResponse {
-  /** Возвращаем новый сгенерированный секрет */
   newPlainSecret: string;
 }
 
-export interface SystemDeleteOauthClientRequest {
+export interface DeleteOauthClientRequest {
   clientId: string;
+  ownerId: string;
+  isAdmin: boolean;
 }
 
-export interface SystemDeleteOauthClientResponse {
+export interface DeleteOauthClientResponse {
   success: boolean;
 }
 
@@ -114,32 +117,17 @@ export interface OauthServiceClient {
 
   exchangeOauthCode(request: ExchangeOauthCodeRequest, metadata?: Metadata): Observable<ExchangeOauthCodeResponse>;
 
-  /** === Системные методы для Админки (Управление клиентами) === */
+  /** === Системные методы (Консоль Разработчика / Админка) === */
 
-  systemCreateOauthClient(
+  createOauthClient(request: CreateOauthClientRequest, metadata?: Metadata): Observable<CreateOauthClientResponse>;
-    request: SystemCreateOauthClientRequest,
-    metadata?: Metadata,
-  ): Observable<SystemCreateOauthClientResponse>;
 
-  systemGetOauthClients(
+  getOauthClients(request: GetOauthClientsRequest, metadata?: Metadata): Observable<GetOauthClientsResponse>;
-    request: SystemGetOauthClientsRequest,
-    metadata?: Metadata,
-  ): Observable<SystemGetOauthClientsResponse>;
 
-  systemUpdateOauthClient(
+  updateOauthClient(request: UpdateOauthClientRequest, metadata?: Metadata): Observable<UpdateOauthClientResponse>;
-    request: SystemUpdateOauthClientRequest,
-    metadata?: Metadata,
-  ): Observable<SystemUpdateOauthClientResponse>;
 
-  systemResetOauthSecret(
+  resetOauthSecret(request: ResetOauthSecretRequest, metadata?: Metadata): Observable<ResetOauthSecretResponse>;
-    request: SystemResetOauthSecretRequest,
-    metadata?: Metadata,
-  ): Observable<SystemResetOauthSecretResponse>;
 
-  systemDeleteOauthClient(
+  deleteOauthClient(request: DeleteOauthClientRequest, metadata?: Metadata): Observable<DeleteOauthClientResponse>;
-    request: SystemDeleteOauthClientRequest,
-    metadata?: Metadata,
-  ): Observable<SystemDeleteOauthClientResponse>;
 }
 
 export interface OauthServiceController {
@@ -155,44 +143,32 @@ export interface OauthServiceController {
     metadata?: Metadata,
   ): Promise<ExchangeOauthCodeResponse> | Observable<ExchangeOauthCodeResponse> | ExchangeOauthCodeResponse;
 
-  /** === Системные методы для Админки (Управление клиентами) === */
+  /** === Системные методы (Консоль Разработчика / Админка) === */
 
-  systemCreateOauthClient(
+  createOauthClient(
-    request: SystemCreateOauthClientRequest,
+    request: CreateOauthClientRequest,
     metadata?: Metadata,
-  ):
+  ): Promise<CreateOauthClientResponse> | Observable<CreateOauthClientResponse> | CreateOauthClientResponse;
-    | Promise<SystemCreateOauthClientResponse>
-    | Observable<SystemCreateOauthClientResponse>
-    | SystemCreateOauthClientResponse;
 
-  systemGetOauthClients(
+  getOauthClients(
-    request: SystemGetOauthClientsRequest,
+    request: GetOauthClientsRequest,
     metadata?: Metadata,
-  ): Promise<SystemGetOauthClientsResponse> | Observable<SystemGetOauthClientsResponse> | SystemGetOauthClientsResponse;
+  ): Promise<GetOauthClientsResponse> | Observable<GetOauthClientsResponse> | GetOauthClientsResponse;
 
-  systemUpdateOauthClient(
+  updateOauthClient(
-    request: SystemUpdateOauthClientRequest,
+    request: UpdateOauthClientRequest,
     metadata?: Metadata,
-  ):
+  ): Promise<UpdateOauthClientResponse> | Observable<UpdateOauthClientResponse> | UpdateOauthClientResponse;
-    | Promise<SystemUpdateOauthClientResponse>
-    | Observable<SystemUpdateOauthClientResponse>
-    | SystemUpdateOauthClientResponse;
 
-  systemResetOauthSecret(
+  resetOauthSecret(
-    request: SystemResetOauthSecretRequest,
+    request: ResetOauthSecretRequest,
     metadata?: Metadata,
-  ):
+  ): Promise<ResetOauthSecretResponse> | Observable<ResetOauthSecretResponse> | ResetOauthSecretResponse;
-    | Promise<SystemResetOauthSecretResponse>
-    | Observable<SystemResetOauthSecretResponse>
-    | SystemResetOauthSecretResponse;
 
-  systemDeleteOauthClient(
+  deleteOauthClient(
-    request: SystemDeleteOauthClientRequest,
+    request: DeleteOauthClientRequest,
     metadata?: Metadata,
-  ):
+  ): Promise<DeleteOauthClientResponse> | Observable<DeleteOauthClientResponse> | DeleteOauthClientResponse;
-    | Promise<SystemDeleteOauthClientResponse>
-    | Observable<SystemDeleteOauthClientResponse>
-    | SystemDeleteOauthClientResponse;
 }
 
 export function OauthServiceControllerMethods() {
@@ -200,11 +176,11 @@ export function OauthServiceControllerMethods() {
     const grpcMethods: string[] = [
       "generateOauthCode",
       "exchangeOauthCode",
-      "systemCreateOauthClient",
+      "createOauthClient",
-      "systemGetOauthClients",
+      "getOauthClients",
-      "systemUpdateOauthClient",
+      "updateOauthClient",
-      "systemResetOauthSecret",
+      "resetOauthSecret",
-      "systemDeleteOauthClient",
+      "deleteOauthClient",
     ];
     for (const method of grpcMethods) {
       const descriptor: any = Reflect.getOwnPropertyDescriptor(constructor.prototype, method);