Class: Google::Apis::ServiceconsumermanagementV1::AuthProvider

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
generated/google/apis/serviceconsumermanagement_v1/classes.rb,
generated/google/apis/serviceconsumermanagement_v1/representations.rb,
generated/google/apis/serviceconsumermanagement_v1/representations.rb

Overview

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Core::JsonObjectSupport

#to_json

Methods included from Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ AuthProvider

Returns a new instance of AuthProvider.



282
283
284
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 282

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#audiencesString

The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

Returns:

  • (String)


224
225
226
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 224

def audiences
  @audiences
end

#authorization_urlString

Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec. Corresponds to the JSON property authorizationUrl

Returns:

  • (String)


230
231
232
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 230

def authorization_url
  @authorization_url
end

#idString

The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id. Example: "bookstore_auth". Corresponds to the JSON property id

Returns:

  • (String)


237
238
239
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 237

def id
  @id
end

#issuerString

Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com Corresponds to the JSON property issuer

Returns:

  • (String)


246
247
248
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 246

def issuer
  @issuer
end

#jwks_uriString

URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

Returns:

  • (String)


262
263
264
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 262

def jwks_uri
  @jwks_uri
end

#jwt_locationsArray<Google::Apis::ServiceconsumermanagementV1::JwtLocation>

Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:

  • header: Authorization value_prefix: "Bearer "
  • header: x-goog-iap-jwt-assertion
  • query: access_token Corresponds to the JSON property jwtLocations


280
281
282
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 280

def jwt_locations
  @jwt_locations
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



287
288
289
290
291
292
293
294
# File 'generated/google/apis/serviceconsumermanagement_v1/classes.rb', line 287

def update!(**args)
  @audiences = args[:audiences] if args.key?(:audiences)
  @authorization_url = args[:authorization_url] if args.key?(:authorization_url)
  @id = args[:id] if args.key?(:id)
  @issuer = args[:issuer] if args.key?(:issuer)
  @jwks_uri = args[:jwks_uri] if args.key?(:jwks_uri)
  @jwt_locations = args[:jwt_locations] if args.key?(:jwt_locations)
end