Class: Google::Apis::StsV1::CloudSecurityTokenService

Inherits:

Core::BaseService

• Object
• Core::BaseService
• Google::Apis::StsV1::CloudSecurityTokenService

Defined in:

lib/google/apis/sts_v1/service.rb

Overview

Security Token Service API

The Security Token Service exchanges Google or third-party credentials for a short-lived access token to Google Cloud resources.

Examples:

require 'google/apis/sts_v1'

Sts = Google::Apis::StsV1 # Alias the module
service = Sts::CloudSecurityTokenService.new

See Also:

• http://cloud.google.com/iam/docs/workload-identity-federation

Constant Summary

DEFAULT_ENDPOINT_TEMPLATE =

"https://sts.$UNIVERSE_DOMAIN$/"

Instance Attribute Summary

• #key ⇒ String

  API key.

• #quota_user ⇒ String

  Available to use for quota purposes for server-side applications.

Instance Method Summary

• #initialize ⇒ CloudSecurityTokenService constructor

  A new instance of CloudSecurityTokenService.

• #token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse

  Exchanges a credential for a Google OAuth 2.0 access token.

Constructor Details

#initialize ⇒ CloudSecurityTokenService

Returns a new instance of CloudSecurityTokenService.

# File 'lib/google/apis/sts_v1/service.rb', line 48

def initialize
  super(DEFAULT_ENDPOINT_TEMPLATE, '',
        client_name: 'google-apis-sts_v1',
        client_version: Google::Apis::StsV1::GEM_VERSION)
  @batch_path = 'batch'
end

Instance Attribute Details

#key ⇒ String

Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

Returns:

• (String) —

  API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.

# File 'lib/google/apis/sts_v1/service.rb', line 41

def key
  @key
end

#quota_user ⇒ String

Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

Returns:

• (String) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

# File 'lib/google/apis/sts_v1/service.rb', line 46

def quota_user
  @quota_user
end

Instance Method Details

#token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse

Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within an identity pool, or it applies a Credential Access Boundary to a Google access token. Note that workforce pools do not support Credential Access Boundaries. When you call this method, do not send the Authorization HTTP header in the request. This method does not require the Authorization header, and using the header can cause the request to fail.

Parameters:

• google_identity_sts_v1_exchange_token_request_object (Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenRequest) (defaults to: nil)
• fields (String) (defaults to: nil) —

  Selector specifying which fields to include in a partial response.

• quota_user (String) (defaults to: nil) —

  Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.

• options (Google::Apis::RequestOptions) (defaults to: nil) —

  Request-specific options

Yields:

• (result, err) —

  Result & error if block supplied

Yield Parameters:

• result (Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse) —

  parsed result object

• err (StandardError) —

  error object if request failed

Returns:

• (Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse)

Raises:

• (Google::Apis::ServerError) —

  An error occurred on the server and the request can be retried

• (Google::Apis::ClientError) —

  The request is invalid and should not be retried without modification

• (Google::Apis::AuthorizationError) —

  Authorization is required

# File 'lib/google/apis/sts_v1/service.rb', line 79

def token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
  command = make_simple_command(:post, 'v1/token', options)
  command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenRequest::Representation
  command.request_object = google_identity_sts_v1_exchange_token_request_object
  command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse::Representation
  command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse
  command.query['fields'] = fields unless fields.nil?
  command.query['quotaUser'] = quota_user unless quota_user.nil?
  execute_or_queue_command(command, &block)
end