Types for Google Cloud Webrisk v1 API¶
- class google.cloud.webrisk_v1.types.CompressionType(value)[source]¶
Bases:
proto.enums.EnumThe ways in which threat entry sets can be compressed.
- Values:
- COMPRESSION_TYPE_UNSPECIFIED (0):
Unknown.
- RAW (1):
Raw, uncompressed data.
- RICE (2):
Rice-Golomb encoded data.
- class google.cloud.webrisk_v1.types.ComputeThreatListDiffRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageDescribes an API diff request.
- threat_type¶
Required. The threat list to update. Only a single ThreatType should be specified per request. If you want to handle multiple ThreatTypes, you must make one request per ThreatType.
- version_token¶
The current version token of the client for the requested list (the client version that was received from the last successful diff). If the client does not have a version token (this is the first time calling ComputeThreatListDiff), this may be left empty and a full database snapshot will be returned.
- Type
- constraints¶
Required. The constraints associated with this request.
- class Constraints(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageThe constraints for this diff.
- max_diff_entries¶
The maximum size in number of entries. The diff will not contain more entries than this value. This should be a power of 2 between 210 and 220. If zero, no diff size limit is set.
- Type
- max_database_entries¶
Sets the maximum number of entries that the client is willing to have in the local database. This should be a power of 2 between 210 and 220. If zero, no database size limit is set.
- Type
- supported_compressions¶
The compression types supported by the client.
- Type
MutableSequence[google.cloud.webrisk_v1.types.CompressionType]
- class google.cloud.webrisk_v1.types.ComputeThreatListDiffResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message- response_type¶
The type of response. This may indicate that an action must be taken by the client when the response is received.
- additions¶
A set of entries to add to a local threat type’s list.
- removals¶
A set of entries to remove from a local threat type’s list. This field may be empty.
- new_version_token¶
The new opaque client version token. This should be retained by the client and passed into the next call of ComputeThreatListDiff as ‘version_token’. A separate version token should be stored and used for each threatList.
- Type
- checksum¶
The expected SHA256 hash of the client state; that is, of the sorted list of all hashes present in the database after applying the provided diff. If the client state doesn’t match the expected state, the client must discard this diff and retry later.
- recommended_next_diff¶
The soonest the client should wait before issuing any diff request. Querying sooner is unlikely to produce a meaningful diff. Waiting longer is acceptable considering the use case. If this field is not set clients may update as soon as they want.
- class Checksum(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageThe expected state of a client’s local database.
- class ResponseType(value)[source]¶
Bases:
proto.enums.EnumThe type of response sent to the client.
- Values:
- RESPONSE_TYPE_UNSPECIFIED (0):
Unknown.
- DIFF (1):
Partial updates are applied to the client’s existing local database.
- RESET (2):
Full updates resets the client’s entire local database. This means that either the client had no state, was seriously out-of-date, or the client is believed to be corrupt.
- class google.cloud.webrisk_v1.types.CreateSubmissionRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest to send a potentially phishy URI to WebRisk.
- parent¶
Required. The name of the project that is making the submission. This string is in the format “projects/{project_number}”.
- Type
- submission¶
Required. The submission that contains the content of the phishing report.
- class google.cloud.webrisk_v1.types.RawHashes(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageThe uncompressed threat entries in hash format. Hashes can be anywhere from 4 to 32 bytes in size. A large majority are 4 bytes, but some hashes are lengthened if they collide with the hash of a popular URI.
Used for sending ThreatEntryAdditons to clients that do not support compression, or when sending non-4-byte hashes to clients that do support compression.
- prefix_size¶
The number of bytes for each prefix encoded below. This field can be anywhere from 4 (shortest prefix) to 32 (full SHA256 hash). In practice this is almost always 4, except in exceptional circumstances.
- Type
- class google.cloud.webrisk_v1.types.RawIndices(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA set of raw indices to remove from a local list.
- class google.cloud.webrisk_v1.types.RiceDeltaEncoding(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageThe Rice-Golomb encoded data. Used for sending compressed 4-byte hashes or compressed removal indices.
- first_value¶
The offset of the first entry in the encoded data, or, if only a single integer was encoded, that single integer’s value. If the field is empty or missing, assume zero.
- Type
- rice_parameter¶
The Golomb-Rice parameter, which is a number between 2 and 28. This field is missing (that is, zero) if
num_entriesis zero.- Type
- entry_count¶
The number of entries that are delta encoded in the encoded data. If only a single integer was encoded, this will be zero and the single value will be stored in
first_value.- Type
- class google.cloud.webrisk_v1.types.SearchHashesRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest to return full hashes matched by the provided hash prefixes.
- hash_prefix¶
A hash prefix, consisting of the most significant 4-32 bytes of a SHA256 hash. For JSON requests, this field is base64-encoded. Note that if this parameter is provided by a URI, it must be encoded using the web safe base64 variant (RFC 4648).
- Type
- threat_types¶
Required. The ThreatLists to search in. Multiple ThreatLists may be specified.
- Type
MutableSequence[google.cloud.webrisk_v1.types.ThreatType]
- class google.cloud.webrisk_v1.types.SearchHashesResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message- threats¶
The full hashes that matched the requested prefixes. The hash will be populated in the key.
- Type
MutableSequence[google.cloud.webrisk_v1.types.SearchHashesResponse.ThreatHash]
- negative_expire_time¶
For requested entities that did not match the threat list, how long to cache the response until.
- class ThreatHash(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContains threat information on a matching hash.
- threat_types¶
The ThreatList this threat belongs to. This must contain at least one entry.
- Type
MutableSequence[google.cloud.webrisk_v1.types.ThreatType]
- hash_¶
A 32 byte SHA256 hash. This field is in binary format. For JSON requests, hashes are base64-encoded.
- Type
- expire_time¶
The cache lifetime for the returned match. Clients must not cache this response past this timestamp to avoid false positives.
- class google.cloud.webrisk_v1.types.SearchUrisRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest to check URI entries against threatLists.
- threat_types¶
Required. The ThreatLists to search in. Multiple ThreatLists may be specified.
- Type
MutableSequence[google.cloud.webrisk_v1.types.ThreatType]
- class google.cloud.webrisk_v1.types.SearchUrisResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.Message- threat¶
The threat list matches. This might be empty if the URI is on no list.
- class ThreatUri(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContains threat information on a matching uri.
- threat_types¶
The ThreatList this threat belongs to.
- Type
MutableSequence[google.cloud.webrisk_v1.types.ThreatType]
- expire_time¶
The cache lifetime for the returned match. Clients must not cache this response past this timestamp to avoid false positives.
- class google.cloud.webrisk_v1.types.Submission(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageWraps a URI that might be displaying malicious content.
- threat_types¶
Output only. ThreatTypes found to be associated with the submitted URI after reviewing it. This might be empty if the URI was not added to any list.
- Type
MutableSequence[google.cloud.webrisk_v1.types.ThreatType]
- class google.cloud.webrisk_v1.types.SubmitUriMetadata(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageMetadata for the Submit URI long-running operation. option (google.api.message_visibility).restriction = “TRUSTED_TESTER”;
- state¶
The state of the operation.
- create_time¶
Creation time of the operation.
- update_time¶
Latest update time of the operation.
- class State(value)[source]¶
Bases:
proto.enums.EnumEnum that represents the state of the long-running operation.
- Values:
- STATE_UNSPECIFIED (0):
Default unspecified state.
- RUNNING (1):
The operation is currently running.
- SUCCEEDED (2):
The operation finished with a success status.
- CANCELLED (3):
The operation was cancelled.
- FAILED (4):
The operation finished with a failure status.
- CLOSED (5):
The operation was closed with no action taken.
- class google.cloud.webrisk_v1.types.SubmitUriRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest to send a potentially malicious URI to WebRisk.
- parent¶
Required. The name of the project that is making the submission. This string is in the format “projects/{project_number}”.
- Type
- submission¶
Required. The submission that contains the URI to be scanned.
- threat_info¶
Provides additional information about the submission.
- threat_discovery¶
Provides additional information about how the submission was discovered.
- class google.cloud.webrisk_v1.types.ThreatDiscovery(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageDetails about how the threat was discovered.
- platform¶
Platform on which the threat was discovered.
- region_codes¶
CLDR region code of the countries/regions the URI poses a threat ordered from most impact to least impact. Example: “US” for United States.
- Type
MutableSequence[str]
- class Platform(value)[source]¶
Bases:
proto.enums.EnumPlatform types.
- Values:
- PLATFORM_UNSPECIFIED (0):
Default.
- ANDROID (1):
General Android platform.
- IOS (2):
General iOS platform.
- MACOS (3):
General macOS platform.
- WINDOWS (4):
General Windows platform.
- class google.cloud.webrisk_v1.types.ThreatEntryAdditions(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContains the set of entries to add to a local database. May contain a combination of compressed and raw data in a single response.
- raw_hashes¶
The raw SHA256-formatted entries. Repeated to allow returning sets of hashes with different prefix sizes.
- Type
MutableSequence[google.cloud.webrisk_v1.types.RawHashes]
- rice_hashes¶
The encoded 4-byte prefixes of SHA256-formatted entries, using a Golomb-Rice encoding. The hashes are converted to uint32, sorted in ascending order, then delta encoded and stored as encoded_data.
- class google.cloud.webrisk_v1.types.ThreatEntryRemovals(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContains the set of entries to remove from a local database.
- raw_indices¶
The raw removal indices for a local list.
- rice_indices¶
The encoded local, lexicographically-sorted list indices, using a Golomb-Rice encoding. Used for sending compressed removal indices. The removal indices (uint32) are sorted in ascending order, then delta encoded and stored as encoded_data.
- class google.cloud.webrisk_v1.types.ThreatInfo(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContext about the submission including the type of abuse found on the URI and supporting details. option (google.api.message_visibility).restriction = “TRUSTED_TESTER”;
- abuse_type¶
The type of abuse.
- threat_confidence¶
Confidence that the URI is unsafe.
- threat_justification¶
Context about why the URI is unsafe.
- class AbuseType(value)[source]¶
Bases:
proto.enums.EnumThe abuse type found on the URI.
- Values:
- ABUSE_TYPE_UNSPECIFIED (0):
Default.
- MALWARE (1):
The URI contains malware.
- SOCIAL_ENGINEERING (2):
The URI contains social engineering.
- UNWANTED_SOFTWARE (3):
The URI contains unwanted software.
- class Confidence(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageConfidence that a URI is unsafe.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- score¶
A decimal representation of confidence in the range of 0 to 1 where 0 indicates no confidence and 1 indicates complete confidence.
This field is a member of oneof
value.- Type
- class ConfidenceLevel(value)[source]¶
Bases:
proto.enums.EnumEnum representation of confidence.
- Values:
- CONFIDENCE_LEVEL_UNSPECIFIED (0):
Default.
- LOW (1):
Less than 60% confidence that the URI is unsafe.
- MEDIUM (2):
Between 60% and 80% confidence that the URI is unsafe.
- HIGH (3):
Greater than 80% confidence that the URI is unsafe.
- class ThreatJustification(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageContext about why the URI is unsafe.
- labels¶
Labels associated with this URI that explain how it was classified.
- Type
MutableSequence[google.cloud.webrisk_v1.types.ThreatInfo.ThreatJustification.JustificationLabel]
- class JustificationLabel(value)[source]¶
Bases:
proto.enums.EnumLabels that explain how the URI was classified.
- Values:
- JUSTIFICATION_LABEL_UNSPECIFIED (0):
Default.
- MANUAL_VERIFICATION (1):
The submitter manually verified that the submission is unsafe.
- USER_REPORT (2):
The submitter received the submission from an end user.
- AUTOMATED_REPORT (3):
The submitter received the submission from an automated system.
- class google.cloud.webrisk_v1.types.ThreatType(value)[source]¶
Bases:
proto.enums.EnumThe type of threat. This maps directly to the threat list a threat may belong to.
- Values:
- THREAT_TYPE_UNSPECIFIED (0):
No entries should match this threat type. This threat type is unused.
- MALWARE (1):
Malware targeting any platform.
- SOCIAL_ENGINEERING (2):
Social engineering targeting any platform.
- UNWANTED_SOFTWARE (3):
Unwanted software targeting any platform.
- SOCIAL_ENGINEERING_EXTENDED_COVERAGE (4):
A list of extended coverage social engineering URIs targeting any platform.
