268 lines
18 KiB
Ruby
268 lines
18 KiB
Ruby
# Copyright 2020 Google LLC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
require 'google/apis/core/base_service'
|
|
require 'google/apis/core/json_representation'
|
|
require 'google/apis/core/hashable'
|
|
require 'google/apis/errors'
|
|
|
|
module Google
|
|
module Apis
|
|
module DigitalassetlinksV1
|
|
# Digital Asset Links API
|
|
#
|
|
# Discovers relationships between online assets such as websites or mobile apps.
|
|
#
|
|
# @example
|
|
# require 'google/apis/digitalassetlinks_v1'
|
|
#
|
|
# Digitalassetlinks = Google::Apis::DigitalassetlinksV1 # Alias the module
|
|
# service = Digitalassetlinks::DigitalassetlinksService.new
|
|
#
|
|
# @see https://developers.google.com/digital-asset-links/
|
|
class DigitalassetlinksService < Google::Apis::Core::BaseService
|
|
# @return [String]
|
|
# API key. Your API key identifies your project and provides you with API access,
|
|
# quota, and reports. Required unless you provide an OAuth 2.0 token.
|
|
attr_accessor :key
|
|
|
|
# @return [String]
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
attr_accessor :quota_user
|
|
|
|
def initialize
|
|
super('https://digitalassetlinks.googleapis.com/', '')
|
|
@batch_path = 'batch'
|
|
end
|
|
|
|
# Determines whether the specified (directional) relationship exists between the
|
|
# specified source and target assets. The relation describes the intent of the
|
|
# link between the two assets as claimed by the source asset. An example for
|
|
# such relationships is the delegation of privileges or permissions. This
|
|
# command is most often used by infrastructure systems to check preconditions
|
|
# for an action. For example, a client may want to know if it is OK to send a
|
|
# web URL to a particular mobile app instead. The client can check for the
|
|
# relevant asset link from the website to the mobile app to decide if the
|
|
# operation should be allowed. A note about security: if you specify a secure
|
|
# asset as the source, such as an HTTPS website or an Android app, the API will
|
|
# ensure that any statements used to generate the response have been made in a
|
|
# secure way by the owner of that asset. Conversely, if the source asset is an
|
|
# insecure HTTP website (that is, the URL starts with `http://` instead of `
|
|
# https://`), the API cannot verify its statements securely, and it is not
|
|
# possible to ensure that the website's statements have not been altered by a
|
|
# third party. For more information, see the [Digital Asset Links technical
|
|
# design specification](https://github.com/google/digitalassetlinks/blob/master/
|
|
# well-known/details.md).
|
|
# @param [String] relation
|
|
# Query string for the relation. We identify relations with strings of the
|
|
# format `/`, where `` must be one of a set of pre-defined purpose categories,
|
|
# and `` is a free-form lowercase alphanumeric string that describes the
|
|
# specific use case of the statement. Refer to [our API documentation](/digital-
|
|
# asset-links/v1/relation-strings) for the current list of supported relations.
|
|
# For a query to match an asset link, both the query's and the asset link's
|
|
# relation strings must match exactly. Example: A query with relation `
|
|
# delegate_permission/common.handle_all_urls` matches an asset link with
|
|
# relation `delegate_permission/common.handle_all_urls`.
|
|
# @param [String] source_android_app_certificate_sha256_fingerprint
|
|
# The uppercase SHA-265 fingerprint of the certificate. From the PEM certificate,
|
|
# it can be acquired like this: $ keytool -printcert -file $CERTFILE | grep
|
|
# SHA256: SHA256: 14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83: \ 42:
|
|
# E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5 or like this: $ openssl x509 -in $CERTFILE
|
|
# -noout -fingerprint -sha256 SHA256 Fingerprint=14:6D:E9:83:C5:73:06:50:D8:EE:
|
|
# B9:95:2F:34:FC:64: \ 16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5 In this
|
|
# example, the contents of this field would be `14:6D:E9:83:C5:73: 06:50:D8:EE:
|
|
# B9:95:2F:34:FC:64:16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF: 44:E5`. If these
|
|
# tools are not available to you, you can convert the PEM certificate into the
|
|
# DER format, compute the SHA-256 hash of that string and represent the result
|
|
# as a hexstring (that is, uppercase hexadecimal representations of each octet,
|
|
# separated by colons).
|
|
# @param [String] source_android_app_package_name
|
|
# Android App assets are naturally identified by their Java package name. For
|
|
# example, the Google Maps app uses the package name `com.google.android.apps.
|
|
# maps`. REQUIRED
|
|
# @param [String] source_web_site
|
|
# Web assets are identified by a URL that contains only the scheme, hostname and
|
|
# port parts. The format is http[s]://[:] Hostnames must be fully qualified:
|
|
# they must end in a single period ("`.`"). Only the schemes "http" and "https"
|
|
# are currently allowed. Port numbers are given as a decimal number, and they
|
|
# must be omitted if the standard port numbers are used: 80 for http and 443 for
|
|
# https. We call this limited URL the "site". All URLs that share the same
|
|
# scheme, hostname and port are considered to be a part of the site and thus
|
|
# belong to the web asset. Example: the asset with the site `https://www.google.
|
|
# com` contains all these URLs: * `https://www.google.com/` * `https://www.
|
|
# google.com:443/` * `https://www.google.com/foo` * `https://www.google.com/foo?
|
|
# bar` * `https://www.google.com/foo#bar` * `https://user@password:www.google.
|
|
# com/` But it does not contain these URLs: * `http://www.google.com/` (wrong
|
|
# scheme) * `https://google.com/` (hostname does not match) * `https://www.
|
|
# google.com:444/` (port does not match) REQUIRED
|
|
# @param [String] target_android_app_certificate_sha256_fingerprint
|
|
# The uppercase SHA-265 fingerprint of the certificate. From the PEM certificate,
|
|
# it can be acquired like this: $ keytool -printcert -file $CERTFILE | grep
|
|
# SHA256: SHA256: 14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83: \ 42:
|
|
# E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5 or like this: $ openssl x509 -in $CERTFILE
|
|
# -noout -fingerprint -sha256 SHA256 Fingerprint=14:6D:E9:83:C5:73:06:50:D8:EE:
|
|
# B9:95:2F:34:FC:64: \ 16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5 In this
|
|
# example, the contents of this field would be `14:6D:E9:83:C5:73: 06:50:D8:EE:
|
|
# B9:95:2F:34:FC:64:16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF: 44:E5`. If these
|
|
# tools are not available to you, you can convert the PEM certificate into the
|
|
# DER format, compute the SHA-256 hash of that string and represent the result
|
|
# as a hexstring (that is, uppercase hexadecimal representations of each octet,
|
|
# separated by colons).
|
|
# @param [String] target_android_app_package_name
|
|
# Android App assets are naturally identified by their Java package name. For
|
|
# example, the Google Maps app uses the package name `com.google.android.apps.
|
|
# maps`. REQUIRED
|
|
# @param [String] target_web_site
|
|
# Web assets are identified by a URL that contains only the scheme, hostname and
|
|
# port parts. The format is http[s]://[:] Hostnames must be fully qualified:
|
|
# they must end in a single period ("`.`"). Only the schemes "http" and "https"
|
|
# are currently allowed. Port numbers are given as a decimal number, and they
|
|
# must be omitted if the standard port numbers are used: 80 for http and 443 for
|
|
# https. We call this limited URL the "site". All URLs that share the same
|
|
# scheme, hostname and port are considered to be a part of the site and thus
|
|
# belong to the web asset. Example: the asset with the site `https://www.google.
|
|
# com` contains all these URLs: * `https://www.google.com/` * `https://www.
|
|
# google.com:443/` * `https://www.google.com/foo` * `https://www.google.com/foo?
|
|
# bar` * `https://www.google.com/foo#bar` * `https://user@password:www.google.
|
|
# com/` But it does not contain these URLs: * `http://www.google.com/` (wrong
|
|
# scheme) * `https://google.com/` (hostname does not match) * `https://www.
|
|
# google.com:444/` (port does not match) REQUIRED
|
|
# @param [String] fields
|
|
# Selector specifying which fields to include in a partial response.
|
|
# @param [String] quota_user
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
# @param [Google::Apis::RequestOptions] options
|
|
# Request-specific options
|
|
#
|
|
# @yield [result, err] Result & error if block supplied
|
|
# @yieldparam result [Google::Apis::DigitalassetlinksV1::CheckResponse] parsed result object
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
#
|
|
# @return [Google::Apis::DigitalassetlinksV1::CheckResponse]
|
|
#
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
def check_assetlink(relation: nil, source_android_app_certificate_sha256_fingerprint: nil, source_android_app_package_name: nil, source_web_site: nil, target_android_app_certificate_sha256_fingerprint: nil, target_android_app_package_name: nil, target_web_site: nil, fields: nil, quota_user: nil, options: nil, &block)
|
|
command = make_simple_command(:get, 'v1/assetlinks:check', options)
|
|
command.response_representation = Google::Apis::DigitalassetlinksV1::CheckResponse::Representation
|
|
command.response_class = Google::Apis::DigitalassetlinksV1::CheckResponse
|
|
command.query['relation'] = relation unless relation.nil?
|
|
command.query['source.androidApp.certificate.sha256Fingerprint'] = source_android_app_certificate_sha256_fingerprint unless source_android_app_certificate_sha256_fingerprint.nil?
|
|
command.query['source.androidApp.packageName'] = source_android_app_package_name unless source_android_app_package_name.nil?
|
|
command.query['source.web.site'] = source_web_site unless source_web_site.nil?
|
|
command.query['target.androidApp.certificate.sha256Fingerprint'] = target_android_app_certificate_sha256_fingerprint unless target_android_app_certificate_sha256_fingerprint.nil?
|
|
command.query['target.androidApp.packageName'] = target_android_app_package_name unless target_android_app_package_name.nil?
|
|
command.query['target.web.site'] = target_web_site unless target_web_site.nil?
|
|
command.query['fields'] = fields unless fields.nil?
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
execute_or_queue_command(command, &block)
|
|
end
|
|
|
|
# Retrieves a list of all statements from a given source that match the
|
|
# specified target and statement string. The API guarantees that all statements
|
|
# with secure source assets, such as HTTPS websites or Android apps, have been
|
|
# made in a secure way by the owner of those assets, as described in the [
|
|
# Digital Asset Links technical design specification](https://github.com/google/
|
|
# digitalassetlinks/blob/master/well-known/details.md). Specifically, you should
|
|
# consider that for insecure websites (that is, where the URL starts with `http:/
|
|
# /` instead of `https://`), this guarantee cannot be made. The `List` command
|
|
# is most useful in cases where the API client wants to know all the ways in
|
|
# which two assets are related, or enumerate all the relationships from a
|
|
# particular source asset. Example: a feature that helps users navigate to
|
|
# related items. When a mobile app is running on a device, the feature would
|
|
# make it easy to navigate to the corresponding web site or Google+ profile.
|
|
# @param [String] relation
|
|
# Use only associations that match the specified relation. See the [`Statement`](
|
|
# #Statement) message for a detailed definition of relation strings. For a query
|
|
# to match a statement, one of the following must be true: * both the query's
|
|
# and the statement's relation strings match exactly, or * the query's relation
|
|
# string is empty or missing. Example: A query with relation `
|
|
# delegate_permission/common.handle_all_urls` matches an asset link with
|
|
# relation `delegate_permission/common.handle_all_urls`.
|
|
# @param [String] source_android_app_certificate_sha256_fingerprint
|
|
# The uppercase SHA-265 fingerprint of the certificate. From the PEM certificate,
|
|
# it can be acquired like this: $ keytool -printcert -file $CERTFILE | grep
|
|
# SHA256: SHA256: 14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83: \ 42:
|
|
# E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5 or like this: $ openssl x509 -in $CERTFILE
|
|
# -noout -fingerprint -sha256 SHA256 Fingerprint=14:6D:E9:83:C5:73:06:50:D8:EE:
|
|
# B9:95:2F:34:FC:64: \ 16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5 In this
|
|
# example, the contents of this field would be `14:6D:E9:83:C5:73: 06:50:D8:EE:
|
|
# B9:95:2F:34:FC:64:16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF: 44:E5`. If these
|
|
# tools are not available to you, you can convert the PEM certificate into the
|
|
# DER format, compute the SHA-256 hash of that string and represent the result
|
|
# as a hexstring (that is, uppercase hexadecimal representations of each octet,
|
|
# separated by colons).
|
|
# @param [String] source_android_app_package_name
|
|
# Android App assets are naturally identified by their Java package name. For
|
|
# example, the Google Maps app uses the package name `com.google.android.apps.
|
|
# maps`. REQUIRED
|
|
# @param [String] source_web_site
|
|
# Web assets are identified by a URL that contains only the scheme, hostname and
|
|
# port parts. The format is http[s]://[:] Hostnames must be fully qualified:
|
|
# they must end in a single period ("`.`"). Only the schemes "http" and "https"
|
|
# are currently allowed. Port numbers are given as a decimal number, and they
|
|
# must be omitted if the standard port numbers are used: 80 for http and 443 for
|
|
# https. We call this limited URL the "site". All URLs that share the same
|
|
# scheme, hostname and port are considered to be a part of the site and thus
|
|
# belong to the web asset. Example: the asset with the site `https://www.google.
|
|
# com` contains all these URLs: * `https://www.google.com/` * `https://www.
|
|
# google.com:443/` * `https://www.google.com/foo` * `https://www.google.com/foo?
|
|
# bar` * `https://www.google.com/foo#bar` * `https://user@password:www.google.
|
|
# com/` But it does not contain these URLs: * `http://www.google.com/` (wrong
|
|
# scheme) * `https://google.com/` (hostname does not match) * `https://www.
|
|
# google.com:444/` (port does not match) REQUIRED
|
|
# @param [String] fields
|
|
# Selector specifying which fields to include in a partial response.
|
|
# @param [String] quota_user
|
|
# Available to use for quota purposes for server-side applications. Can be any
|
|
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
|
# @param [Google::Apis::RequestOptions] options
|
|
# Request-specific options
|
|
#
|
|
# @yield [result, err] Result & error if block supplied
|
|
# @yieldparam result [Google::Apis::DigitalassetlinksV1::ListResponse] parsed result object
|
|
# @yieldparam err [StandardError] error object if request failed
|
|
#
|
|
# @return [Google::Apis::DigitalassetlinksV1::ListResponse]
|
|
#
|
|
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
|
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
|
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
|
def list_statements(relation: nil, source_android_app_certificate_sha256_fingerprint: nil, source_android_app_package_name: nil, source_web_site: nil, fields: nil, quota_user: nil, options: nil, &block)
|
|
command = make_simple_command(:get, 'v1/statements:list', options)
|
|
command.response_representation = Google::Apis::DigitalassetlinksV1::ListResponse::Representation
|
|
command.response_class = Google::Apis::DigitalassetlinksV1::ListResponse
|
|
command.query['relation'] = relation unless relation.nil?
|
|
command.query['source.androidApp.certificate.sha256Fingerprint'] = source_android_app_certificate_sha256_fingerprint unless source_android_app_certificate_sha256_fingerprint.nil?
|
|
command.query['source.androidApp.packageName'] = source_android_app_package_name unless source_android_app_package_name.nil?
|
|
command.query['source.web.site'] = source_web_site unless source_web_site.nil?
|
|
command.query['fields'] = fields unless fields.nil?
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
execute_or_queue_command(command, &block)
|
|
end
|
|
|
|
protected
|
|
|
|
def apply_command_defaults(command)
|
|
command.query['key'] = key unless key.nil?
|
|
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|