Class: Google::Apis::GkehubV1::IdentityServiceOidcConfig
- Inherits:
-
Object
- Object
- Google::Apis::GkehubV1::IdentityServiceOidcConfig
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/gkehub_v1/classes.rb,
lib/google/apis/gkehub_v1/representations.rb,
lib/google/apis/gkehub_v1/representations.rb
Overview
Configuration for OIDC Auth flow.
Instance Attribute Summary collapse
-
#certificate_authority_data ⇒ String
PEM-encoded CA for OIDC provider.
-
#client_id ⇒ String
ID for OIDC client application.
-
#client_secret ⇒ String
Input only.
-
#deploy_cloud_console_proxy ⇒ Boolean
(also: #deploy_cloud_console_proxy?)
Flag to denote if reverse proxy is used to connect to auth provider.
-
#enable_access_token ⇒ Boolean
(also: #enable_access_token?)
Enable access token.
-
#encrypted_client_secret ⇒ String
Output only.
-
#extra_params ⇒ String
Comma-separated list of key-value pairs.
-
#group_prefix ⇒ String
Prefix to prepend to group name.
-
#groups_claim ⇒ String
Claim in OIDC ID token that holds group information.
-
#issuer_uri ⇒ String
URI for the OIDC provider.
-
#kubectl_redirect_uri ⇒ String
Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.
-
#scopes ⇒ String
Comma-separated list of identifiers.
-
#user_claim ⇒ String
Claim in OIDC ID token that holds username.
-
#user_prefix ⇒ String
Prefix to prepend to user name.
Instance Method Summary collapse
-
#initialize(**args) ⇒ IdentityServiceOidcConfig
constructor
A new instance of IdentityServiceOidcConfig.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ IdentityServiceOidcConfig
Returns a new instance of IdentityServiceOidcConfig.
3102 3103 3104 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3102 def initialize(**args) update!(**args) end |
Instance Attribute Details
#certificate_authority_data ⇒ String
PEM-encoded CA for OIDC provider.
Corresponds to the JSON property certificateAuthorityData
3029 3030 3031 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3029 def @certificate_authority_data end |
#client_id ⇒ String
ID for OIDC client application.
Corresponds to the JSON property clientId
3034 3035 3036 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3034 def client_id @client_id end |
#client_secret ⇒ String
Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.
Corresponds to the JSON property clientSecret
3039 3040 3041 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3039 def client_secret @client_secret end |
#deploy_cloud_console_proxy ⇒ Boolean Also known as: deploy_cloud_console_proxy?
Flag to denote if reverse proxy is used to connect to auth provider. This flag
should be set to true when provider is not reachable by Google Cloud Console.
Corresponds to the JSON property deployCloudConsoleProxy
3045 3046 3047 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3045 def deploy_cloud_console_proxy @deploy_cloud_console_proxy end |
#enable_access_token ⇒ Boolean Also known as: enable_access_token?
Enable access token.
Corresponds to the JSON property enableAccessToken
3051 3052 3053 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3051 def enable_access_token @enable_access_token end |
#encrypted_client_secret ⇒ String
Output only. Encrypted OIDC Client secret
Corresponds to the JSON property encryptedClientSecret
NOTE: Values are automatically base64 encoded/decoded in the client library.
3058 3059 3060 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3058 def encrypted_client_secret @encrypted_client_secret end |
#extra_params ⇒ String
Comma-separated list of key-value pairs.
Corresponds to the JSON property extraParams
3063 3064 3065 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3063 def extra_params @extra_params end |
#group_prefix ⇒ String
Prefix to prepend to group name.
Corresponds to the JSON property groupPrefix
3068 3069 3070 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3068 def group_prefix @group_prefix end |
#groups_claim ⇒ String
Claim in OIDC ID token that holds group information.
Corresponds to the JSON property groupsClaim
3073 3074 3075 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3073 def groups_claim @groups_claim end |
#issuer_uri ⇒ String
URI for the OIDC provider. This should point to the level below .well-known/
openid-configuration.
Corresponds to the JSON property issuerUri
3079 3080 3081 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3079 def issuer_uri @issuer_uri end |
#kubectl_redirect_uri ⇒ String
Registered redirect uri to redirect users going through OAuth flow using
kubectl plugin.
Corresponds to the JSON property kubectlRedirectUri
3085 3086 3087 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3085 def kubectl_redirect_uri @kubectl_redirect_uri end |
#scopes ⇒ String
Comma-separated list of identifiers.
Corresponds to the JSON property scopes
3090 3091 3092 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3090 def scopes @scopes end |
#user_claim ⇒ String
Claim in OIDC ID token that holds username.
Corresponds to the JSON property userClaim
3095 3096 3097 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3095 def user_claim @user_claim end |
#user_prefix ⇒ String
Prefix to prepend to user name.
Corresponds to the JSON property userPrefix
3100 3101 3102 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3100 def user_prefix @user_prefix end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
3107 3108 3109 3110 3111 3112 3113 3114 3115 3116 3117 3118 3119 3120 3121 3122 |
# File 'lib/google/apis/gkehub_v1/classes.rb', line 3107 def update!(**args) @certificate_authority_data = args[:certificate_authority_data] if args.key?(:certificate_authority_data) @client_id = args[:client_id] if args.key?(:client_id) @client_secret = args[:client_secret] if args.key?(:client_secret) @deploy_cloud_console_proxy = args[:deploy_cloud_console_proxy] if args.key?(:deploy_cloud_console_proxy) @enable_access_token = args[:enable_access_token] if args.key?(:enable_access_token) @encrypted_client_secret = args[:encrypted_client_secret] if args.key?(:encrypted_client_secret) @extra_params = args[:extra_params] if args.key?(:extra_params) @group_prefix = args[:group_prefix] if args.key?(:group_prefix) @groups_claim = args[:groups_claim] if args.key?(:groups_claim) @issuer_uri = args[:issuer_uri] if args.key?(:issuer_uri) @kubectl_redirect_uri = args[:kubectl_redirect_uri] if args.key?(:kubectl_redirect_uri) @scopes = args[:scopes] if args.key?(:scopes) @user_claim = args[:user_claim] if args.key?(:user_claim) @user_prefix = args[:user_prefix] if args.key?(:user_prefix) end |