public interface AuthProviderOrBuilder extends MessageOrBuilder
Implements
MessageOrBuilderMethods
getAudiences()
public abstract String getAudiences()
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Type | Description |
String | The audiences. |
getAudiencesBytes()
public abstract ByteString getAudiencesBytes()
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Type | Description |
ByteString | The bytes for audiences. |
getAuthorizationUrl()
public abstract String getAuthorizationUrl()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Type | Description |
String | The authorizationUrl. |
getAuthorizationUrlBytes()
public abstract ByteString getAuthorizationUrlBytes()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Type | Description |
ByteString | The bytes for authorizationUrl. |
getId()
public abstract String getId()
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Type | Description |
String | The id. |
getIdBytes()
public abstract ByteString getIdBytes()
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Type | Description |
ByteString | The bytes for id. |
getIssuer()
public abstract String getIssuer()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Type | Description |
String | The issuer. |
getIssuerBytes()
public abstract ByteString getIssuerBytes()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Type | Description |
ByteString | The bytes for issuer. |
getJwksUri()
public abstract String getJwksUri()
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Type | Description |
String | The jwksUri. |
getJwksUriBytes()
public abstract ByteString getJwksUriBytes()
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Type | Description |
ByteString | The bytes for jwksUri. |
getJwtLocations(int index)
public abstract JwtLocation getJwtLocations(int index)
Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
JwtLocation |
getJwtLocationsCount()
public abstract int getJwtLocationsCount()
Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
int |
getJwtLocationsList()
public abstract List<JwtLocation> getJwtLocationsList()
Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
List<JwtLocation> |
getJwtLocationsOrBuilder(int index)
public abstract JwtLocationOrBuilder getJwtLocationsOrBuilder(int index)
Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
JwtLocationOrBuilder |
getJwtLocationsOrBuilderList()
public abstract List<? extends JwtLocationOrBuilder> getJwtLocationsOrBuilderList()
Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
List<? extends com.google.api.JwtLocationOrBuilder> |