Class: Google::Apis::ServiceusageV1::AuthProvider

Inherits:
Object
  • Object
show all
Includes:
Core::Hashable, Core::JsonObjectSupport
Defined in:
lib/google/apis/serviceusage_v1/classes.rb,
lib/google/apis/serviceusage_v1/representations.rb,
lib/google/apis/serviceusage_v1/representations.rb

Overview

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(**args) ⇒ AuthProvider

Returns a new instance of AuthProvider.



367
368
369
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 367

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#audiencesString

The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences: - "https://[service.name]/[google.protobuf.Api.name]" - "https://[ service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1. LibraryService - https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps. googleusercontent.com Corresponds to the JSON property audiences

Returns:

  • (String)


322
323
324
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 322

def audiences
  @audiences
end

#authorization_urlString

Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec. Corresponds to the JSON property authorizationUrl

Returns:

  • (String)


328
329
330
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 328

def authorization_url
  @authorization_url
end

#idString

The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id. Example: "bookstore_auth". Corresponds to the JSON property id

Returns:

  • (String)


334
335
336
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 334

def id
  @id
end

#issuerString

Identifies the principal that issued the JWT. See https://tools.ietf.org/html/ draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@ developer.gserviceaccount.com Corresponds to the JSON property issuer

Returns:

  • (String)


342
343
344
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 342

def issuer
  @issuer
end

#jwks_uriString

URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document: - can be retrieved from OpenID Discovery of the issuer. - can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs Corresponds to the JSON property jwksUri

Returns:

  • (String)


352
353
354
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 352

def jwks_uri
  @jwks_uri
end

#jwt_locationsArray<Google::Apis::ServiceusageV1::JwtLocation>

Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt- assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations: - header: Authorization value_prefix: "Bearer " - header: x-goog-iap-jwt-assertion - query: access_token Corresponds to the JSON property jwtLocations



365
366
367
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 365

def jwt_locations
  @jwt_locations
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object



372
373
374
375
376
377
378
379
# File 'lib/google/apis/serviceusage_v1/classes.rb', line 372

def update!(**args)
  @audiences = args[:audiences] if args.key?(:audiences)
  @authorization_url = args[:authorization_url] if args.key?(:authorization_url)
  @id = args[:id] if args.key?(:id)
  @issuer = args[:issuer] if args.key?(:issuer)
  @jwks_uri = args[:jwks_uri] if args.key?(:jwks_uri)
  @jwt_locations = args[:jwt_locations] if args.key?(:jwt_locations)
end