Class: Google::Apis::GkehubV1::IdentityServiceOidcConfig
- Inherits:
-
Object
- Object
- Google::Apis::GkehubV1::IdentityServiceOidcConfig
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/gkehub_v1/classes.rb,
lib/google/apis/gkehub_v1/representations.rb,
lib/google/apis/gkehub_v1/representations.rb
Overview
Configuration for OIDC Auth flow.
Instance Attribute Summary collapse
-
#certificate_authority_data ⇒ String
PEM-encoded CA for OIDC provider.
-
#client_id ⇒ String
ID for OIDC client application.
-
#client_secret ⇒ String
Input only.
-
#deploy_cloud_console_proxy ⇒ Boolean
(also: #deploy_cloud_console_proxy?)
Flag to denote if reverse proxy is used to connect to auth provider.
-
#enable_access_token ⇒ Boolean
(also: #enable_access_token?)
Enable access token.
-
#encrypted_client_secret ⇒ String
Output only.
-
#extra_params ⇒ String
Comma-separated list of key-value pairs.
-
#group_prefix ⇒ String
Prefix to prepend to group name.
-
#groups_claim ⇒ String
Claim in OIDC ID token that holds group information.
-
#issuer_uri ⇒ String
URI for the OIDC provider.
-
#kubectl_redirect_uri ⇒ String
Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
-
#scopes ⇒ String
Comma-separated list of identifiers.
-
#user_claim ⇒ String
Claim in OIDC ID token that holds username.
-
#user_prefix ⇒ String
Prefix to prepend to user name.
Instance Method Summary collapse
-
#initialize(**args) ⇒ IdentityServiceOidcConfig
constructor
A new instance of IdentityServiceOidcConfig.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ IdentityServiceOidcConfig
Returns a new instance of IdentityServiceOidcConfig.
2126 2127 2128 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2126 def initialize(**args) update!(**args) end |
Instance Attribute Details
#certificate_authority_data ⇒ String
PEM-encoded CA for OIDC provider.
Corresponds to the JSON property certificateAuthorityData
2053 2054 2055 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2053 def @certificate_authority_data end |
#client_id ⇒ String
ID for OIDC client application.
Corresponds to the JSON property clientId
2058 2059 2060 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2058 def client_id @client_id end |
#client_secret ⇒ String
Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
Corresponds to the JSON property clientSecret
2063 2064 2065 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2063 def client_secret @client_secret end |
#deploy_cloud_console_proxy ⇒ Boolean Also known as: deploy_cloud_console_proxy?
Flag to denote if reverse proxy is used to connect to auth provider. This flag
should be set to true when provider is not reachable by Google Cloud Console.
Corresponds to the JSON property deployCloudConsoleProxy
2069 2070 2071 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2069 def deploy_cloud_console_proxy @deploy_cloud_console_proxy end |
#enable_access_token ⇒ Boolean Also known as: enable_access_token?
Enable access token.
Corresponds to the JSON property enableAccessToken
2075 2076 2077 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2075 def enable_access_token @enable_access_token end |
#encrypted_client_secret ⇒ String
Output only. Encrypted OIDC Client secret
Corresponds to the JSON property encryptedClientSecret
NOTE: Values are automatically base64 encoded/decoded in the client library.
2082 2083 2084 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2082 def encrypted_client_secret @encrypted_client_secret end |
#extra_params ⇒ String
Comma-separated list of key-value pairs.
Corresponds to the JSON property extraParams
2087 2088 2089 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2087 def extra_params @extra_params end |
#group_prefix ⇒ String
Prefix to prepend to group name.
Corresponds to the JSON property groupPrefix
2092 2093 2094 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2092 def group_prefix @group_prefix end |
#groups_claim ⇒ String
Claim in OIDC ID token that holds group information.
Corresponds to the JSON property groupsClaim
2097 2098 2099 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2097 def groups_claim @groups_claim end |
#issuer_uri ⇒ String
URI for the OIDC provider. This should point to the level below .well-known/
openid-configuration.
Corresponds to the JSON property issuerUri
2103 2104 2105 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2103 def issuer_uri @issuer_uri end |
#kubectl_redirect_uri ⇒ String
Registered redirect uri to redirect users going through OAuth flow using
kubectl plugin.
Corresponds to the JSON property kubectlRedirectUri
2109 2110 2111 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2109 def kubectl_redirect_uri @kubectl_redirect_uri end |
#scopes ⇒ String
Comma-separated list of identifiers.
Corresponds to the JSON property scopes
2114 2115 2116 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2114 def scopes @scopes end |
#user_claim ⇒ String
Claim in OIDC ID token that holds username.
Corresponds to the JSON property userClaim
2119 2120 2121 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2119 def user_claim @user_claim end |
#user_prefix ⇒ String
Prefix to prepend to user name.
Corresponds to the JSON property userPrefix
2124 2125 2126 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2124 def user_prefix @user_prefix end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
2131 2132 2133 2134 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 2131 def update!(**args) @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data) @client_id = args[:client_id] if args.key?(:client_id) @client_secret = args[:client_secret] if args.key?(:client_secret) @deploy_cloud_console_proxy = args[:deploy_cloud_console_proxy] if args.key?(:deploy_cloud_console_proxy) @enable_access_token = args[:enable_access_token] if args.key?(:enable_access_token) @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret) @extra_params = args[:extra_params] if args.key?(:extra_params) @group_prefix = args[:group_prefix] if args.key?(:group_prefix) @groups_claim = args[:groups_claim] if args.key?(:groups_claim) @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri) @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri) @scopes = args[:scopes] if args.key?(:scopes) @user_claim = args[:user_claim] if args.key?(:user_claim) @user_prefix = args[:user_prefix] if args.key?(:user_prefix) end |