Google Cloud Confidential Computing V1 Client - Class ConfidentialComputingClient (0.3.0)

Reference documentation and code samples for the Google Cloud Confidential Computing V1 Client class ConfidentialComputingClient.

Service Description: Service describing handlers for resources

This class is currently experimental and may be subject to changes.

Namespace

Google \ Cloud \ ConfidentialComputing \ V1 \ Client

Methods

__construct

Constructor.

Parameters
NameDescription
options array

Optional. Options for configuring the service API wrapper.

↳ apiEndpoint string

The address of the API remote host. May optionally include the port, formatted as "

↳ credentials string|array|FetchAuthTokenInterface|CredentialsWrapper

The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored.

↳ credentialsConfig array

Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() .

↳ disableRetries bool

Determines whether or not retries defined by the client configuration should be disabled. Defaults to false.

↳ clientConfig string|array

Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder.

↳ transport string|TransportInterface

The transport used for executing network requests. May be either the string rest or grpc. Defaults to grpc if gRPC support is detected on the system. Advanced usage: Additionally, it is possible to pass in an already instantiated Google\ApiCore\Transport\TransportInterface object. Note that when this object is provided, any settings in $transportConfig, and any $apiEndpoint setting, will be ignored.

↳ transportConfig array

Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options.

↳ clientCertSource callable

A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS.

createChallenge

Creates a new Challenge in a given project and location.

The async variant is Google\Cloud\ConfidentialComputing\V1\Client\BaseClient\self::createChallengeAsync() .

Parameters
NameDescription
request Google\Cloud\ConfidentialComputing\V1\CreateChallengeRequest

A request to house fields associated with the call.

callOptions array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\ConfidentialComputing\V1\Challenge
Example
use Google\ApiCore\ApiException;
use Google\Cloud\ConfidentialComputing\V1\Challenge;
use Google\Cloud\ConfidentialComputing\V1\Client\ConfidentialComputingClient;
use Google\Cloud\ConfidentialComputing\V1\CreateChallengeRequest;

/**
 * @param string $formattedParent The resource name of the location where the Challenge will be
 *                                used, in the format `projects/*/locations/*`. Please see
 *                                {@see ConfidentialComputingClient::locationName()} for help formatting this field.
 */
function create_challenge_sample(string $formattedParent): void
{
    // Create a client.
    $confidentialComputingClient = new ConfidentialComputingClient();

    // Prepare the request message.
    $challenge = new Challenge();
    $request = (new CreateChallengeRequest())
        ->setParent($formattedParent)
        ->setChallenge($challenge);

    // Call the API and handle any network failures.
    try {
        /** @var Challenge $response */
        $response = $confidentialComputingClient->createChallenge($request);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * Helper to execute the sample.
 *
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedParent = ConfidentialComputingClient::locationName('[PROJECT]', '[LOCATION]');

    create_challenge_sample($formattedParent);
}

verifyAttestation

Verifies the provided attestation info, returning a signed OIDC token.

The async variant is Google\Cloud\ConfidentialComputing\V1\Client\BaseClient\self::verifyAttestationAsync() .

Parameters
NameDescription
request Google\Cloud\ConfidentialComputing\V1\VerifyAttestationRequest

A request to house fields associated with the call.

callOptions array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\ConfidentialComputing\V1\VerifyAttestationResponse
Example
use Google\ApiCore\ApiException;
use Google\Cloud\ConfidentialComputing\V1\Client\ConfidentialComputingClient;
use Google\Cloud\ConfidentialComputing\V1\TpmAttestation;
use Google\Cloud\ConfidentialComputing\V1\VerifyAttestationRequest;
use Google\Cloud\ConfidentialComputing\V1\VerifyAttestationResponse;

/**
 * @param string $formattedChallenge The name of the Challenge whose nonce was used to generate the
 *                                   attestation, in the format `projects/*/locations/*/challenges/*`. The
 *                                   provided Challenge will be consumed, and cannot be used again. Please see
 *                                   {@see ConfidentialComputingClient::challengeName()} for help formatting this field.
 */
function verify_attestation_sample(string $formattedChallenge): void
{
    // Create a client.
    $confidentialComputingClient = new ConfidentialComputingClient();

    // Prepare the request message.
    $tpmAttestation = new TpmAttestation();
    $request = (new VerifyAttestationRequest())
        ->setChallenge($formattedChallenge)
        ->setTpmAttestation($tpmAttestation);

    // Call the API and handle any network failures.
    try {
        /** @var VerifyAttestationResponse $response */
        $response = $confidentialComputingClient->verifyAttestation($request);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

/**
 * Helper to execute the sample.
 *
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function callSample(): void
{
    $formattedChallenge = ConfidentialComputingClient::challengeName(
        '[PROJECT]',
        '[LOCATION]',
        '[UUID]'
    );

    verify_attestation_sample($formattedChallenge);
}

getLocation

Gets information about a location.

The async variant is Google\Cloud\ConfidentialComputing\V1\Client\BaseClient\self::getLocationAsync() .

Parameters
NameDescription
request Google\Cloud\Location\GetLocationRequest

A request to house fields associated with the call.

callOptions array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\Cloud\Location\Location
Example
use Google\ApiCore\ApiException;
use Google\Cloud\ConfidentialComputing\V1\Client\ConfidentialComputingClient;
use Google\Cloud\Location\GetLocationRequest;
use Google\Cloud\Location\Location;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function get_location_sample(): void
{
    // Create a client.
    $confidentialComputingClient = new ConfidentialComputingClient();

    // Prepare the request message.
    $request = new GetLocationRequest();

    // Call the API and handle any network failures.
    try {
        /** @var Location $response */
        $response = $confidentialComputingClient->getLocation($request);
        printf('Response data: %s' . PHP_EOL, $response->serializeToJsonString());
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

listLocations

Lists information about the supported locations for this service.

The async variant is Google\Cloud\ConfidentialComputing\V1\Client\BaseClient\self::listLocationsAsync() .

Parameters
NameDescription
request Google\Cloud\Location\ListLocationsRequest

A request to house fields associated with the call.

callOptions array

Optional.

↳ retrySettings RetrySettings|array

Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
TypeDescription
Google\ApiCore\PagedListResponse
Example
use Google\ApiCore\ApiException;
use Google\ApiCore\PagedListResponse;
use Google\Cloud\ConfidentialComputing\V1\Client\ConfidentialComputingClient;
use Google\Cloud\Location\ListLocationsRequest;
use Google\Cloud\Location\Location;

/**
 * This sample has been automatically generated and should be regarded as a code
 * template only. It will require modifications to work:
 *  - It may require correct/in-range values for request initialization.
 *  - It may require specifying regional endpoints when creating the service client,
 *    please see the apiEndpoint client configuration option for more details.
 */
function list_locations_sample(): void
{
    // Create a client.
    $confidentialComputingClient = new ConfidentialComputingClient();

    // Prepare the request message.
    $request = new ListLocationsRequest();

    // Call the API and handle any network failures.
    try {
        /** @var PagedListResponse $response */
        $response = $confidentialComputingClient->listLocations($request);

        /** @var Location $element */
        foreach ($response as $element) {
            printf('Element data: %s' . PHP_EOL, $element->serializeToJsonString());
        }
    } catch (ApiException $ex) {
        printf('Call failed with message: %s' . PHP_EOL, $ex->getMessage());
    }
}

createChallengeAsync

Parameters
NameDescription
request Google\Cloud\ConfidentialComputing\V1\CreateChallengeRequest
optionalArgs = [] array
Returns
TypeDescription
GuzzleHttp\Promise\PromiseInterface

verifyAttestationAsync

Parameters
NameDescription
request Google\Cloud\ConfidentialComputing\V1\VerifyAttestationRequest
optionalArgs = [] array
Returns
TypeDescription
GuzzleHttp\Promise\PromiseInterface

getLocationAsync

Parameters
NameDescription
request Google\Cloud\Location\GetLocationRequest
optionalArgs = [] array
Returns
TypeDescription
GuzzleHttp\Promise\PromiseInterface

listLocationsAsync

Parameters
NameDescription
request Google\Cloud\Location\ListLocationsRequest
optionalArgs = [] array
Returns
TypeDescription
GuzzleHttp\Promise\PromiseInterface

static::challengeName

Formats a string containing the fully-qualified path to represent a challenge resource.

Parameters
NameDescription
project string
location string
uuid string
Returns
TypeDescription
stringThe formatted challenge resource.

static::locationName

Formats a string containing the fully-qualified path to represent a location resource.

Parameters
NameDescription
project string
location string
Returns
TypeDescription
stringThe formatted location resource.

static::parseName

Parses a formatted name string and returns an associative array of the components in the name.

The following name formats are supported: Template: Pattern

  • challenge: projects/{project}/locations/{location}/challenges/{uuid}
  • location: projects/{project}/locations/{location}

The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.

Parameters
NameDescription
formattedName string

The formatted name string

template string

Optional name of template to match

Returns
TypeDescription
arrayAn associative array from name component IDs to component values.