Class: Google::Apis::GkehubV1::IdentityServiceOidcConfig
- Inherits:
-
Object
- Object
- Google::Apis::GkehubV1::IdentityServiceOidcConfig
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/gkehub_v1/classes.rb,
lib/google/apis/gkehub_v1/representations.rb,
lib/google/apis/gkehub_v1/representations.rb
Overview
Configuration for OIDC Auth flow.
Instance Attribute Summary collapse
-
#certificate_authority_data ⇒ String
PEM-encoded CA for OIDC provider.
-
#client_id ⇒ String
ID for OIDC client application.
-
#client_secret ⇒ String
Input only.
-
#deploy_cloud_console_proxy ⇒ Boolean
(also: #deploy_cloud_console_proxy?)
Flag to denote if reverse proxy is used to connect to auth provider.
-
#enable_access_token ⇒ Boolean
(also: #enable_access_token?)
Enable access token.
-
#encrypted_client_secret ⇒ String
Output only.
-
#extra_params ⇒ String
Comma-separated list of key-value pairs.
-
#group_prefix ⇒ String
Prefix to prepend to group name.
-
#groups_claim ⇒ String
Claim in OIDC ID token that holds group information.
-
#issuer_uri ⇒ String
URI for the OIDC provider.
-
#kubectl_redirect_uri ⇒ String
Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
-
#scopes ⇒ String
Comma-separated list of identifiers.
-
#user_claim ⇒ String
Claim in OIDC ID token that holds username.
-
#user_prefix ⇒ String
Prefix to prepend to user name.
Instance Method Summary collapse
-
#initialize(**args) ⇒ IdentityServiceOidcConfig
constructor
A new instance of IdentityServiceOidcConfig.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ IdentityServiceOidcConfig
Returns a new instance of IdentityServiceOidcConfig.
1950 1951 1952 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1950 def initialize(**args) update!(**args) end |
Instance Attribute Details
#certificate_authority_data ⇒ String
PEM-encoded CA for OIDC provider.
Corresponds to the JSON property certificateAuthorityData
1877 1878 1879 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1877 def @certificate_authority_data end |
#client_id ⇒ String
ID for OIDC client application.
Corresponds to the JSON property clientId
1882 1883 1884 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1882 def client_id @client_id end |
#client_secret ⇒ String
Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
Corresponds to the JSON property clientSecret
1887 1888 1889 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1887 def client_secret @client_secret end |
#deploy_cloud_console_proxy ⇒ Boolean Also known as: deploy_cloud_console_proxy?
Flag to denote if reverse proxy is used to connect to auth provider. This flag
should be set to true when provider is not reachable by Google Cloud Console.
Corresponds to the JSON property deployCloudConsoleProxy
1893 1894 1895 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1893 def deploy_cloud_console_proxy @deploy_cloud_console_proxy end |
#enable_access_token ⇒ Boolean Also known as: enable_access_token?
Enable access token.
Corresponds to the JSON property enableAccessToken
1899 1900 1901 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1899 def enable_access_token @enable_access_token end |
#encrypted_client_secret ⇒ String
Output only. Encrypted OIDC Client secret
Corresponds to the JSON property encryptedClientSecret
NOTE: Values are automatically base64 encoded/decoded in the client library.
1906 1907 1908 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1906 def encrypted_client_secret @encrypted_client_secret end |
#extra_params ⇒ String
Comma-separated list of key-value pairs.
Corresponds to the JSON property extraParams
1911 1912 1913 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1911 def extra_params @extra_params end |
#group_prefix ⇒ String
Prefix to prepend to group name.
Corresponds to the JSON property groupPrefix
1916 1917 1918 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1916 def group_prefix @group_prefix end |
#groups_claim ⇒ String
Claim in OIDC ID token that holds group information.
Corresponds to the JSON property groupsClaim
1921 1922 1923 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1921 def groups_claim @groups_claim end |
#issuer_uri ⇒ String
URI for the OIDC provider. This should point to the level below .well-known/
openid-configuration.
Corresponds to the JSON property issuerUri
1927 1928 1929 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1927 def issuer_uri @issuer_uri end |
#kubectl_redirect_uri ⇒ String
Registered redirect uri to redirect users going through OAuth flow using
kubectl plugin.
Corresponds to the JSON property kubectlRedirectUri
1933 1934 1935 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1933 def kubectl_redirect_uri @kubectl_redirect_uri end |
#scopes ⇒ String
Comma-separated list of identifiers.
Corresponds to the JSON property scopes
1938 1939 1940 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1938 def scopes @scopes end |
#user_claim ⇒ String
Claim in OIDC ID token that holds username.
Corresponds to the JSON property userClaim
1943 1944 1945 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1943 def user_claim @user_claim end |
#user_prefix ⇒ String
Prefix to prepend to user name.
Corresponds to the JSON property userPrefix
1948 1949 1950 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1948 def user_prefix @user_prefix end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
1955 1956 1957 1958 1959 1960 1961 1962 1963 1964 1965 1966 1967 1968 1969 1970 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 1955 def update!(**args) @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data) @client_id = args[:client_id] if args.key?(:client_id) @client_secret = args[:client_secret] if args.key?(:client_secret) @deploy_cloud_console_proxy = args[:deploy_cloud_console_proxy] if args.key?(:deploy_cloud_console_proxy) @enable_access_token = args[:enable_access_token] if args.key?(:enable_access_token) @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret) @extra_params = args[:extra_params] if args.key?(:extra_params) @group_prefix = args[:group_prefix] if args.key?(:group_prefix) @groups_claim = args[:groups_claim] if args.key?(:groups_claim) @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri) @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri) @scopes = args[:scopes] if args.key?(:scopes) @user_claim = args[:user_claim] if args.key?(:user_claim) @user_prefix = args[:user_prefix] if args.key?(:user_prefix) end |