public static final class AuthProvider.Builder extends GeneratedMessageV3.Builder<AuthProvider.Builder> implements AuthProviderOrBuilder
Configuration for an authentication provider, including support for JSON Web Token (JWT).
Protobuf type google.api.AuthProvider
Inheritance
Object > AbstractMessageLite.Builder<MessageType,BuilderType> > AbstractMessage.Builder<BuilderType> > GeneratedMessageV3.Builder > AuthProvider.BuilderImplements
AuthProviderOrBuilderStatic Methods
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Type | Description |
Descriptor |
Methods
addAllJwtLocations(Iterable<? extends JwtLocation> values)
public AuthProvider.Builder addAllJwtLocations(Iterable<? extends JwtLocation> values)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
values | Iterable<? extends com.google.api.JwtLocation> |
Type | Description |
AuthProvider.Builder |
addJwtLocations(JwtLocation value)
public AuthProvider.Builder addJwtLocations(JwtLocation value)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
value | JwtLocation |
Type | Description |
AuthProvider.Builder |
addJwtLocations(JwtLocation.Builder builderForValue)
public AuthProvider.Builder addJwtLocations(JwtLocation.Builder builderForValue)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
builderForValue | JwtLocation.Builder |
Type | Description |
AuthProvider.Builder |
addJwtLocations(int index, JwtLocation value)
public AuthProvider.Builder addJwtLocations(int index, JwtLocation value)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
value | JwtLocation |
Type | Description |
AuthProvider.Builder |
addJwtLocations(int index, JwtLocation.Builder builderForValue)
public AuthProvider.Builder addJwtLocations(int index, JwtLocation.Builder builderForValue)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
builderForValue | JwtLocation.Builder |
Type | Description |
AuthProvider.Builder |
addJwtLocationsBuilder()
public JwtLocation.Builder addJwtLocationsBuilder()
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
JwtLocation.Builder |
addJwtLocationsBuilder(int index)
public JwtLocation.Builder addJwtLocationsBuilder(int index)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
JwtLocation.Builder |
addRepeatedField(Descriptors.FieldDescriptor field, Object value)
public AuthProvider.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Name | Description |
field | FieldDescriptor |
value | Object |
Type | Description |
AuthProvider.Builder |
build()
public AuthProvider build()
Type | Description |
AuthProvider |
buildPartial()
public AuthProvider buildPartial()
Type | Description |
AuthProvider |
clear()
public AuthProvider.Builder clear()
Type | Description |
AuthProvider.Builder |
clearAudiences()
public AuthProvider.Builder clearAudiences()
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Type | Description |
AuthProvider.Builder | This builder for chaining. |
clearAuthorizationUrl()
public AuthProvider.Builder clearAuthorizationUrl()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Type | Description |
AuthProvider.Builder | This builder for chaining. |
clearField(Descriptors.FieldDescriptor field)
public AuthProvider.Builder clearField(Descriptors.FieldDescriptor field)
Name | Description |
field | FieldDescriptor |
Type | Description |
AuthProvider.Builder |
clearId()
public AuthProvider.Builder clearId()
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Type | Description |
AuthProvider.Builder | This builder for chaining. |
clearIssuer()
public AuthProvider.Builder clearIssuer()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Type | Description |
AuthProvider.Builder | This builder for chaining. |
clearJwksUri()
public AuthProvider.Builder clearJwksUri()
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Type | Description |
AuthProvider.Builder | This builder for chaining. |
clearJwtLocations()
public AuthProvider.Builder clearJwtLocations()
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
AuthProvider.Builder |
clearOneof(Descriptors.OneofDescriptor oneof)
public AuthProvider.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Name | Description |
oneof | OneofDescriptor |
Type | Description |
AuthProvider.Builder |
clone()
public AuthProvider.Builder clone()
Type | Description |
AuthProvider.Builder |
getAudiences()
public String getAudiences()
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Type | Description |
String | The audiences. |
getAudiencesBytes()
public ByteString getAudiencesBytes()
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Type | Description |
ByteString | The bytes for audiences. |
getAuthorizationUrl()
public String getAuthorizationUrl()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Type | Description |
String | The authorizationUrl. |
getAuthorizationUrlBytes()
public ByteString getAuthorizationUrlBytes()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Type | Description |
ByteString | The bytes for authorizationUrl. |
getDefaultInstanceForType()
public AuthProvider getDefaultInstanceForType()
Type | Description |
AuthProvider |
getDescriptorForType()
public Descriptors.Descriptor getDescriptorForType()
Type | Description |
Descriptor |
getId()
public String getId()
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Type | Description |
String | The id. |
getIdBytes()
public ByteString getIdBytes()
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Type | Description |
ByteString | The bytes for id. |
getIssuer()
public String getIssuer()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Type | Description |
String | The issuer. |
getIssuerBytes()
public ByteString getIssuerBytes()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Type | Description |
ByteString | The bytes for issuer. |
getJwksUri()
public String getJwksUri()
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Type | Description |
String | The jwksUri. |
getJwksUriBytes()
public ByteString getJwksUriBytes()
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Type | Description |
ByteString | The bytes for jwksUri. |
getJwtLocations(int index)
public JwtLocation getJwtLocations(int index)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
JwtLocation |
getJwtLocationsBuilder(int index)
public JwtLocation.Builder getJwtLocationsBuilder(int index)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
JwtLocation.Builder |
getJwtLocationsBuilderList()
public List<JwtLocation.Builder> getJwtLocationsBuilderList()
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
List<Builder> |
getJwtLocationsCount()
public int getJwtLocationsCount()
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
int |
getJwtLocationsList()
public List<JwtLocation> getJwtLocationsList()
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
List<JwtLocation> |
getJwtLocationsOrBuilder(int index)
public JwtLocationOrBuilder getJwtLocationsOrBuilder(int index)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
JwtLocationOrBuilder |
getJwtLocationsOrBuilderList()
public List<? extends JwtLocationOrBuilder> getJwtLocationsOrBuilderList()
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Type | Description |
List<? extends com.google.api.JwtLocationOrBuilder> |
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Type | Description |
FieldAccessorTable |
isInitialized()
public final boolean isInitialized()
Type | Description |
boolean |
mergeFrom(AuthProvider other)
public AuthProvider.Builder mergeFrom(AuthProvider other)
Name | Description |
other | AuthProvider |
Type | Description |
AuthProvider.Builder |
mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public AuthProvider.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Name | Description |
input | CodedInputStream |
extensionRegistry | ExtensionRegistryLite |
Type | Description |
AuthProvider.Builder |
Type | Description |
IOException |
mergeFrom(Message other)
public AuthProvider.Builder mergeFrom(Message other)
Name | Description |
other | Message |
Type | Description |
AuthProvider.Builder |
mergeUnknownFields(UnknownFieldSet unknownFields)
public final AuthProvider.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Name | Description |
unknownFields | UnknownFieldSet |
Type | Description |
AuthProvider.Builder |
removeJwtLocations(int index)
public AuthProvider.Builder removeJwtLocations(int index)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
Type | Description |
AuthProvider.Builder |
setAudiences(String value)
public AuthProvider.Builder setAudiences(String value)
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Name | Description |
value | String The audiences to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setAudiencesBytes(ByteString value)
public AuthProvider.Builder setAudiencesBytes(ByteString value)
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/ Example: audiences: bookstore_android.apps.googleusercontent.com, bookstore_web.apps.googleusercontent.com
string audiences = 4;
Name | Description |
value | ByteString The bytes for audiences to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setAuthorizationUrl(String value)
public AuthProvider.Builder setAuthorizationUrl(String value)
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Name | Description |
value | String The authorizationUrl to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setAuthorizationUrlBytes(ByteString value)
public AuthProvider.Builder setAuthorizationUrlBytes(ByteString value)
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;
Name | Description |
value | ByteString The bytes for authorizationUrl to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setField(Descriptors.FieldDescriptor field, Object value)
public AuthProvider.Builder setField(Descriptors.FieldDescriptor field, Object value)
Name | Description |
field | FieldDescriptor |
value | Object |
Type | Description |
AuthProvider.Builder |
setId(String value)
public AuthProvider.Builder setId(String value)
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Name | Description |
value | String The id to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setIdBytes(ByteString value)
public AuthProvider.Builder setIdBytes(ByteString value)
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
.
Example: "bookstore_auth".
string id = 1;
Name | Description |
value | ByteString The bytes for id to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setIssuer(String value)
public AuthProvider.Builder setIssuer(String value)
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Name | Description |
value | String The issuer to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setIssuerBytes(ByteString value)
public AuthProvider.Builder setIssuerBytes(ByteString value)
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;
Name | Description |
value | ByteString The bytes for issuer to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setJwksUri(String value)
public AuthProvider.Builder setJwksUri(String value)
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Name | Description |
value | String The jwksUri to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setJwksUriBytes(ByteString value)
public AuthProvider.Builder setJwksUriBytes(ByteString value)
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:
- can be retrieved from OpenID Discovery of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;
Name | Description |
value | ByteString The bytes for jwksUri to set. |
Type | Description |
AuthProvider.Builder | This builder for chaining. |
setJwtLocations(int index, JwtLocation value)
public AuthProvider.Builder setJwtLocations(int index, JwtLocation value)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
value | JwtLocation |
Type | Description |
AuthProvider.Builder |
setJwtLocations(int index, JwtLocation.Builder builderForValue)
public AuthProvider.Builder setJwtLocations(int index, JwtLocation.Builder builderForValue)
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations:
- header: Authorization value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;
Name | Description |
index | int |
builderForValue | JwtLocation.Builder |
Type | Description |
AuthProvider.Builder |
setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
public AuthProvider.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Name | Description |
field | FieldDescriptor |
index | int |
value | Object |
Type | Description |
AuthProvider.Builder |
setUnknownFields(UnknownFieldSet unknownFields)
public final AuthProvider.Builder setUnknownFields(UnknownFieldSet unknownFields)
Name | Description |
unknownFields | UnknownFieldSet |
Type | Description |
AuthProvider.Builder |