google-api-ruby-client/generated/google/apis/iamcredentials_v1/classes.rb

374 lines
14 KiB
Ruby
Raw Normal View History

# Copyright 2015 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
require 'date'
require 'google/apis/core/base_service'
require 'google/apis/core/json_representation'
require 'google/apis/core/hashable'
require 'google/apis/errors'
module Google
module Apis
module IamcredentialsV1
#
class GenerateAccessTokenRequest
include Google::Apis::Core::Hashable
# The sequence of service accounts in a delegation chain. Each service
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
# on its next service account in the chain. The last service account in the
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
# on the service account that is specified in the `name` field of the
# request.
# The delegates must have the following format:
# `projects/-/serviceAccounts/`ACCOUNT_EMAIL_OR_UNIQUEID``. The `-` wildcard
# character is required; replacing it with a project ID is invalid.
# Corresponds to the JSON property `delegates`
# @return [Array<String>]
attr_accessor :delegates
# The desired lifetime duration of the access token in seconds.
# Must be set to a value less than or equal to 3600 (1 hour). If a value is
# not specified, the token's lifetime will be set to a default value of one
# hour.
# Corresponds to the JSON property `lifetime`
# @return [String]
attr_accessor :lifetime
Autogenerated update (2018-08-22) Delete: - spectrum_v1explorer Update: - abusiveexperiencereport_v1 - adexchangebuyer2_v2beta1 - adexchangebuyer_v1_2 - adexchangebuyer_v1_3 - adexchangebuyer_v1_4 - adexchangeseller_v1 - adexchangeseller_v1_1 - adexchangeseller_v2_0 - adexperiencereport_v1 - admin_datatransfer_v1 - admin_directory_v1 - admin_reports_v1 - adsense_v1_4 - adsensehost_v4_1 - analytics_v2_4 - analytics_v3 - analyticsreporting_v4 - androiddeviceprovisioning_v1 - androidenterprise_v1 - androidmanagement_v1 - androidpublisher_v1 - androidpublisher_v1_1 - androidpublisher_v2 - androidpublisher_v3 - appengine_v1 - appengine_v1beta - appsactivity_v1 - appsmarket_v2 - appstate_v1 - bigquery_v2 - bigquerydatatransfer_v1 - blogger_v2 - blogger_v3 - books_v1 - calendar_v3 - chat_v1 - civicinfo_v2 - classroom_v1 - cloudbilling_v1 - cloudbuild_v1 - clouddebugger_v2 - clouderrorreporting_v1beta1 - cloudiot_v1 - cloudkms_v1 - cloudprofiler_v2 - cloudresourcemanager_v1 - cloudresourcemanager_v1beta1 - cloudresourcemanager_v2 - cloudresourcemanager_v2beta1 - cloudshell_v1alpha1 - cloudtasks_v2beta2 - cloudtrace_v1 - cloudtrace_v2 - composer_v1beta1 - compute_alpha - compute_beta - compute_v1 - container_v1 - container_v1beta1 - content_v2 - content_v2sandbox - customsearch_v1 - dataproc_v1beta2 - datastore_v1 - datastore_v1beta1 - datastore_v1beta3 - deploymentmanager_alpha - deploymentmanager_v2 - deploymentmanager_v2beta - dfareporting_v2_8 - dfareporting_v3_0 - dfareporting_v3_1 - dialogflow_v2 - dialogflow_v2beta1 - discovery_v1 - dlp_v2 - dns_v1 - dns_v1beta2 - dns_v2beta1 - doubleclickbidmanager_v1 - doubleclicksearch_v2 - drive_v2 - drive_v3 - firestore_v1beta1 - fitness_v1 - fusiontables_v1 - fusiontables_v2 - games_configuration_v1configuration - games_management_v1management - games_v1 - genomics_v1 - genomics_v1alpha2 - genomics_v2alpha1 - gmail_v1 - groupsmigration_v1 - groupssettings_v1 - iam_v1 - iamcredentials_v1 - identitytoolkit_v3 - jobs_v2 - licensing_v1 - logging_v2 - logging_v2beta1 - mirror_v1 - ml_v1 - monitoring_v3 - oauth2_v1 - oauth2_v2 - pagespeedonline_v1 - pagespeedonline_v2 - pagespeedonline_v4 - playcustomapp_v1 - plus_domains_v1 - plus_v1 - poly_v1 - pubsub_v1 - pubsub_v1beta2 - redis_v1beta1 - replicapool_v1beta1 - replicapoolupdater_v1beta1 - reseller_v1 - runtimeconfig_v1beta1 - script_v1 - servicebroker_v1 - servicebroker_v1alpha1 - servicebroker_v1beta1 - serviceconsumermanagement_v1 - servicecontrol_v1 - servicemanagement_v1 - serviceusage_v1 - serviceusage_v1beta1 - serviceuser_v1 - sheets_v4 - site_verification_v1 - slides_v1 - sourcerepo_v1 - sqladmin_v1beta4 - storage_v1 - storage_v1beta1 - storage_v1beta2 - surveys_v2 - tagmanager_v1 - tagmanager_v2 - tasks_v1 - testing_v1 - texttospeech_v1beta1 - toolresults_v1beta3 - tpu_v1 - tpu_v1alpha1 - urlshortener_v1 - vault_v1 - vision_v1 - vision_v1p1beta1 - vision_v1p2beta1 - webfonts_v1 - webmasters_v3 - websecurityscanner_v1alpha - youtube_analytics_v1 - youtube_analytics_v1beta1 - youtube_partner_v1 - youtube_v3
2018-08-22 21:14:52 +00:00
# Code to identify the scopes to be included in the OAuth 2.0 access token.
# See https://developers.google.com/identity/protocols/googlescopes for more
# information.
# At least one value required.
# Corresponds to the JSON property `scope`
# @return [Array<String>]
attr_accessor :scope
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@delegates = args[:delegates] if args.key?(:delegates)
@lifetime = args[:lifetime] if args.key?(:lifetime)
@scope = args[:scope] if args.key?(:scope)
end
end
#
class GenerateAccessTokenResponse
include Google::Apis::Core::Hashable
# The OAuth 2.0 access token.
# Corresponds to the JSON property `accessToken`
# @return [String]
attr_accessor :access_token
# Token expiration time.
Autogenerated update (2018-08-22) Delete: - spectrum_v1explorer Update: - abusiveexperiencereport_v1 - adexchangebuyer2_v2beta1 - adexchangebuyer_v1_2 - adexchangebuyer_v1_3 - adexchangebuyer_v1_4 - adexchangeseller_v1 - adexchangeseller_v1_1 - adexchangeseller_v2_0 - adexperiencereport_v1 - admin_datatransfer_v1 - admin_directory_v1 - admin_reports_v1 - adsense_v1_4 - adsensehost_v4_1 - analytics_v2_4 - analytics_v3 - analyticsreporting_v4 - androiddeviceprovisioning_v1 - androidenterprise_v1 - androidmanagement_v1 - androidpublisher_v1 - androidpublisher_v1_1 - androidpublisher_v2 - androidpublisher_v3 - appengine_v1 - appengine_v1beta - appsactivity_v1 - appsmarket_v2 - appstate_v1 - bigquery_v2 - bigquerydatatransfer_v1 - blogger_v2 - blogger_v3 - books_v1 - calendar_v3 - chat_v1 - civicinfo_v2 - classroom_v1 - cloudbilling_v1 - cloudbuild_v1 - clouddebugger_v2 - clouderrorreporting_v1beta1 - cloudiot_v1 - cloudkms_v1 - cloudprofiler_v2 - cloudresourcemanager_v1 - cloudresourcemanager_v1beta1 - cloudresourcemanager_v2 - cloudresourcemanager_v2beta1 - cloudshell_v1alpha1 - cloudtasks_v2beta2 - cloudtrace_v1 - cloudtrace_v2 - composer_v1beta1 - compute_alpha - compute_beta - compute_v1 - container_v1 - container_v1beta1 - content_v2 - content_v2sandbox - customsearch_v1 - dataproc_v1beta2 - datastore_v1 - datastore_v1beta1 - datastore_v1beta3 - deploymentmanager_alpha - deploymentmanager_v2 - deploymentmanager_v2beta - dfareporting_v2_8 - dfareporting_v3_0 - dfareporting_v3_1 - dialogflow_v2 - dialogflow_v2beta1 - discovery_v1 - dlp_v2 - dns_v1 - dns_v1beta2 - dns_v2beta1 - doubleclickbidmanager_v1 - doubleclicksearch_v2 - drive_v2 - drive_v3 - firestore_v1beta1 - fitness_v1 - fusiontables_v1 - fusiontables_v2 - games_configuration_v1configuration - games_management_v1management - games_v1 - genomics_v1 - genomics_v1alpha2 - genomics_v2alpha1 - gmail_v1 - groupsmigration_v1 - groupssettings_v1 - iam_v1 - iamcredentials_v1 - identitytoolkit_v3 - jobs_v2 - licensing_v1 - logging_v2 - logging_v2beta1 - mirror_v1 - ml_v1 - monitoring_v3 - oauth2_v1 - oauth2_v2 - pagespeedonline_v1 - pagespeedonline_v2 - pagespeedonline_v4 - playcustomapp_v1 - plus_domains_v1 - plus_v1 - poly_v1 - pubsub_v1 - pubsub_v1beta2 - redis_v1beta1 - replicapool_v1beta1 - replicapoolupdater_v1beta1 - reseller_v1 - runtimeconfig_v1beta1 - script_v1 - servicebroker_v1 - servicebroker_v1alpha1 - servicebroker_v1beta1 - serviceconsumermanagement_v1 - servicecontrol_v1 - servicemanagement_v1 - serviceusage_v1 - serviceusage_v1beta1 - serviceuser_v1 - sheets_v4 - site_verification_v1 - slides_v1 - sourcerepo_v1 - sqladmin_v1beta4 - storage_v1 - storage_v1beta1 - storage_v1beta2 - surveys_v2 - tagmanager_v1 - tagmanager_v2 - tasks_v1 - testing_v1 - texttospeech_v1beta1 - toolresults_v1beta3 - tpu_v1 - tpu_v1alpha1 - urlshortener_v1 - vault_v1 - vision_v1 - vision_v1p1beta1 - vision_v1p2beta1 - webfonts_v1 - webmasters_v3 - websecurityscanner_v1alpha - youtube_analytics_v1 - youtube_analytics_v1beta1 - youtube_partner_v1 - youtube_v3
2018-08-22 21:14:52 +00:00
# The expiration time is always set.
# Corresponds to the JSON property `expireTime`
# @return [String]
attr_accessor :expire_time
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@access_token = args[:access_token] if args.key?(:access_token)
@expire_time = args[:expire_time] if args.key?(:expire_time)
end
end
#
class GenerateIdTokenRequest
include Google::Apis::Core::Hashable
# The audience for the token, such as the API or account that this token
# grants access to.
# Corresponds to the JSON property `audience`
# @return [String]
attr_accessor :audience
# The sequence of service accounts in a delegation chain. Each service
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
# on its next service account in the chain. The last service account in the
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
# on the service account that is specified in the `name` field of the
# request.
# The delegates must have the following format:
# `projects/-/serviceAccounts/`ACCOUNT_EMAIL_OR_UNIQUEID``. The `-` wildcard
# character is required; replacing it with a project ID is invalid.
# Corresponds to the JSON property `delegates`
# @return [Array<String>]
attr_accessor :delegates
# Include the service account email in the token. If set to `true`, the
# token will contain `email` and `email_verified` claims.
# Corresponds to the JSON property `includeEmail`
# @return [Boolean]
attr_accessor :include_email
alias_method :include_email?, :include_email
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@audience = args[:audience] if args.key?(:audience)
@delegates = args[:delegates] if args.key?(:delegates)
@include_email = args[:include_email] if args.key?(:include_email)
end
end
#
class GenerateIdTokenResponse
include Google::Apis::Core::Hashable
# The OpenId Connect ID token.
# Corresponds to the JSON property `token`
# @return [String]
attr_accessor :token
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@token = args[:token] if args.key?(:token)
end
end
#
class GenerateIdentityBindingAccessTokenRequest
include Google::Apis::Core::Hashable
# Required. Input token.
# Must be in JWT format according to
# RFC7523 (https://tools.ietf.org/html/rfc7523)
# and must have 'kid' field in the header.
# Supported signing algorithms: RS256 (RS512, ES256, ES512 coming soon).
# Mandatory payload fields (along the lines of RFC 7523, section 3):
# - iss: issuer of the token. Must provide a discovery document at
# $iss/.well-known/openid-configuration . The document needs to be
# formatted according to section 4.2 of the OpenID Connect Discovery
# 1.0 specification.
# - iat: Issue time in seconds since epoch. Must be in the past.
# - exp: Expiration time in seconds since epoch. Must be less than 48 hours
# after iat. We recommend to create tokens that last shorter than 6
# hours to improve security unless business reasons mandate longer
# expiration times. Shorter token lifetimes are generally more secure
# since tokens that have been exfiltrated by attackers can be used for
# a shorter time. you can configure the maximum lifetime of the
# incoming token in the configuration of the mapper.
# The resulting Google token will expire within an hour or at "exp",
# whichever is earlier.
# - sub: JWT subject, identity asserted in the JWT.
# - aud: Configured in the mapper policy. By default the service account
# email.
# Claims from the incoming token can be transferred into the output token
# accoding to the mapper configuration. The outgoing claim size is limited.
# Outgoing claims size must be less than 4kB serialized as JSON without
# whitespace.
# Example header:
# `
# "alg": "RS256",
# "kid": "92a4265e14ab04d4d228a48d10d4ca31610936f8"
# `
# Example payload:
# `
# "iss": "https://accounts.google.com",
# "iat": 1517963104,
# "exp": 1517966704,
# "aud":
# "https://iamcredentials.googleapis.com/google.iam.credentials.v1.CloudGaia",
# "sub": "113475438248934895348",
# "my_claims": `
# "additional_claim": "value"
# `
# `
# Corresponds to the JSON property `jwt`
# @return [String]
attr_accessor :jwt
# Code to identify the scopes to be included in the OAuth 2.0 access token.
# See https://developers.google.com/identity/protocols/googlescopes for more
# information.
# At least one value required.
# Corresponds to the JSON property `scope`
# @return [Array<String>]
attr_accessor :scope
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@jwt = args[:jwt] if args.key?(:jwt)
@scope = args[:scope] if args.key?(:scope)
end
end
#
class GenerateIdentityBindingAccessTokenResponse
include Google::Apis::Core::Hashable
# The OAuth 2.0 access token.
# Corresponds to the JSON property `accessToken`
# @return [String]
attr_accessor :access_token
# Token expiration time.
# The expiration time is always set.
# Corresponds to the JSON property `expireTime`
# @return [String]
attr_accessor :expire_time
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@access_token = args[:access_token] if args.key?(:access_token)
@expire_time = args[:expire_time] if args.key?(:expire_time)
end
end
#
class SignBlobRequest
include Google::Apis::Core::Hashable
# The sequence of service accounts in a delegation chain. Each service
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
# on its next service account in the chain. The last service account in the
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
# on the service account that is specified in the `name` field of the
# request.
# The delegates must have the following format:
# `projects/-/serviceAccounts/`ACCOUNT_EMAIL_OR_UNIQUEID``. The `-` wildcard
# character is required; replacing it with a project ID is invalid.
# Corresponds to the JSON property `delegates`
# @return [Array<String>]
attr_accessor :delegates
# The bytes to sign.
# Corresponds to the JSON property `payload`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
attr_accessor :payload
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@delegates = args[:delegates] if args.key?(:delegates)
@payload = args[:payload] if args.key?(:payload)
end
end
#
class SignBlobResponse
include Google::Apis::Core::Hashable
# The ID of the key used to sign the blob.
# Corresponds to the JSON property `keyId`
# @return [String]
attr_accessor :key_id
# The signed blob.
# Corresponds to the JSON property `signedBlob`
# NOTE: Values are automatically base64 encoded/decoded in the client library.
# @return [String]
attr_accessor :signed_blob
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@key_id = args[:key_id] if args.key?(:key_id)
@signed_blob = args[:signed_blob] if args.key?(:signed_blob)
end
end
#
class SignJwtRequest
include Google::Apis::Core::Hashable
# The sequence of service accounts in a delegation chain. Each service
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
# on its next service account in the chain. The last service account in the
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
# on the service account that is specified in the `name` field of the
# request.
# The delegates must have the following format:
# `projects/-/serviceAccounts/`ACCOUNT_EMAIL_OR_UNIQUEID``. The `-` wildcard
# character is required; replacing it with a project ID is invalid.
# Corresponds to the JSON property `delegates`
# @return [Array<String>]
attr_accessor :delegates
# The JWT payload to sign: a JSON object that contains a JWT Claims Set.
# Corresponds to the JSON property `payload`
# @return [String]
attr_accessor :payload
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@delegates = args[:delegates] if args.key?(:delegates)
@payload = args[:payload] if args.key?(:payload)
end
end
#
class SignJwtResponse
include Google::Apis::Core::Hashable
# The ID of the key used to sign the JWT.
# Corresponds to the JSON property `keyId`
# @return [String]
attr_accessor :key_id
# The signed JWT.
# Corresponds to the JSON property `signedJwt`
# @return [String]
attr_accessor :signed_jwt
def initialize(**args)
update!(**args)
end
# Update properties of this object
def update!(**args)
@key_id = args[:key_id] if args.key?(:key_id)
@signed_jwt = args[:signed_jwt] if args.key?(:signed_jwt)
end
end
end
end
end