Google API Common Protos Client - Class Auth (4.8.1)

Reference documentation and code samples for the Google API Common Protos Client class Auth.

This message defines request authentication attributes. Terminology is based on the JSON Web Token (JWT) standard, but the terms also correlate to concepts in other standards.

Generated from protobuf message google.rpc.context.AttributeContext.Auth

Namespace

Google \ Rpc \ Context \ AttributeContext

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ principal string

The authenticated principal. Reflects the issuer (iss) and subject (sub) claims within a JWT. The issuer and subject should be / delimited, with / percent-encoded within the subject fragment. For Google accounts, the principal format is: "https://accounts.google.com/{id}"

↳ audiences array

The intended audience(s) for this authentication information. Reflects the audience (aud) claim within a JWT. The audience value(s) depends on the issuer, but typically include one or more of the following pieces of information: * The services intended to receive the credential. For example, ["https://pubsub.googleapis.com/", "https://storage.googleapis.com/"]. * A set of service-based scopes. For example, ["https://www.googleapis.com/auth/cloud-platform"]. * The client id of an app, such as the Firebase project id for JWTs from Firebase Auth. Consult the documentation for the credential issuer to determine the information provided.

↳ presenter string

The authorized presenter of the credential. Reflects the optional Authorized Presenter (azp) claim within a JWT or the OAuth client id. For example, a Google Cloud Platform client id looks as follows: "123456789012.apps.googleusercontent.com".

↳ claims Google\Protobuf\Struct

Structured claims presented with the credential. JWTs include {key: value} pairs for standard and private claims. The following is a subset of the standard required and optional claims that would typically be presented for a Google-based JWT: {'iss': 'accounts.google.com', 'sub': '113289723416554971153', 'aud': ['123456789012', 'pubsub.googleapis.com'], 'azp': '123456789012.apps.googleusercontent.com', 'email': 'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML assertions are similarly specified, but with an identity provider dependent structure.

↳ access_levels array

A list of access level resource names that allow resources to be accessed by authenticated requester. It is part of Secure GCP processing for the incoming request. An access level string has the format: "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" Example: "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL"

getPrincipal

The authenticated principal. Reflects the issuer (iss) and subject (sub) claims within a JWT. The issuer and subject should be / delimited, with / percent-encoded within the subject fragment. For Google accounts, the principal format is: "https://accounts.google.com/{id}"

Returns
Type Description
string

setPrincipal

The authenticated principal. Reflects the issuer (iss) and subject (sub) claims within a JWT. The issuer and subject should be / delimited, with / percent-encoded within the subject fragment. For Google accounts, the principal format is: "https://accounts.google.com/{id}"

Parameter
Name Description
var string
Returns
Type Description
$this

getAudiences

The intended audience(s) for this authentication information. Reflects the audience (aud) claim within a JWT. The audience value(s) depends on the issuer, but typically include one or more of the following pieces of information:

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setAudiences

The intended audience(s) for this authentication information. Reflects the audience (aud) claim within a JWT. The audience value(s) depends on the issuer, but typically include one or more of the following pieces of information:

Parameter
Name Description
var string[]
Returns
Type Description
$this

getPresenter

The authorized presenter of the credential. Reflects the optional Authorized Presenter (azp) claim within a JWT or the OAuth client id. For example, a Google Cloud Platform client id looks as follows: "123456789012.apps.googleusercontent.com".

Returns
Type Description
string

setPresenter

The authorized presenter of the credential. Reflects the optional Authorized Presenter (azp) claim within a JWT or the OAuth client id. For example, a Google Cloud Platform client id looks as follows: "123456789012.apps.googleusercontent.com".

Parameter
Name Description
var string
Returns
Type Description
$this

getClaims

Structured claims presented with the credential. JWTs include {key: value} pairs for standard and private claims. The following is a subset of the standard required and optional claims that would typically be presented for a Google-based JWT: {'iss': 'accounts.google.com', 'sub': '113289723416554971153', 'aud': ['123456789012', 'pubsub.googleapis.com'], 'azp': '123456789012.apps.googleusercontent.com', 'email': 'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML assertions are similarly specified, but with an identity provider dependent structure.

Returns
Type Description
Google\Protobuf\Struct|null

hasClaims

clearClaims

setClaims

Structured claims presented with the credential. JWTs include {key: value} pairs for standard and private claims. The following is a subset of the standard required and optional claims that would typically be presented for a Google-based JWT: {'iss': 'accounts.google.com', 'sub': '113289723416554971153', 'aud': ['123456789012', 'pubsub.googleapis.com'], 'azp': '123456789012.apps.googleusercontent.com', 'email': 'jsmith@example.com', 'iat': 1353601026, 'exp': 1353604926} SAML assertions are similarly specified, but with an identity provider dependent structure.

Parameter
Name Description
var Google\Protobuf\Struct
Returns
Type Description
$this

getAccessLevels

A list of access level resource names that allow resources to be accessed by authenticated requester. It is part of Secure GCP processing for the incoming request. An access level string has the format: "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" Example: "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL"

Returns
Type Description
Google\Protobuf\Internal\RepeatedField

setAccessLevels

A list of access level resource names that allow resources to be accessed by authenticated requester. It is part of Secure GCP processing for the incoming request. An access level string has the format: "//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}" Example: "//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL"

Parameter
Name Description
var string[]
Returns
Type Description
$this