Service Management V1 API - Class Google::Api::AuthProvider (v0.3.10)

Reference documentation and code samples for the Service Management V1 API class Google::Api::AuthProvider.

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#audiences

def audiences() -> ::String
Returns
  • (::String) —

    The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

    • "https://[service.name]/[google.protobuf.Api.name]"
    • "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
    • https://library-example.googleapis.com/

    Example:

    audiences: bookstore_android.apps.googleusercontent.com,
               bookstore_web.apps.googleusercontent.com
    

#audiences=

def audiences=(value) -> ::String
Parameter
  • value (::String) —

    The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

    • "https://[service.name]/[google.protobuf.Api.name]"
    • "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
    • https://library-example.googleapis.com/

    Example:

    audiences: bookstore_android.apps.googleusercontent.com,
               bookstore_web.apps.googleusercontent.com
    
Returns
  • (::String) —

    The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

    • "https://[service.name]/[google.protobuf.Api.name]"
    • "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
    • https://library-example.googleapis.com/

    Example:

    audiences: bookstore_android.apps.googleusercontent.com,
               bookstore_web.apps.googleusercontent.com
    

#authorization_url

def authorization_url() -> ::String
Returns
  • (::String) — Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.

#authorization_url=

def authorization_url=(value) -> ::String
Parameter
  • value (::String) — Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
Returns
  • (::String) — Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.

#id

def id() -> ::String
Returns
  • (::String) — The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".

#id=

def id=(value) -> ::String
Parameter
  • value (::String) — The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".

Returns
  • (::String) — The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".

#issuer

def issuer() -> ::String
Returns
  • (::String) — Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

    Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

#issuer=

def issuer=(value) -> ::String
Parameter
  • value (::String) — Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

    Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

Returns
  • (::String) — Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

    Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

#jwks_uri

def jwks_uri() -> ::String
Returns
  • (::String) — URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

    • can be retrieved from OpenID Discovery of the issuer.
    • can be inferred from the email domain of the issuer (e.g. a Google service account).

    Example: https://www.googleapis.com/oauth2/v1/certs

#jwks_uri=

def jwks_uri=(value) -> ::String
Parameter
  • value (::String) — URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

    • can be retrieved from OpenID Discovery of the issuer.
    • can be inferred from the email domain of the issuer (e.g. a Google service account).

    Example: https://www.googleapis.com/oauth2/v1/certs

Returns
  • (::String) — URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

    • can be retrieved from OpenID Discovery of the issuer.
    • can be inferred from the email domain of the issuer (e.g. a Google service account).

    Example: https://www.googleapis.com/oauth2/v1/certs

#jwt_locations

def jwt_locations() -> ::Array<::Google::Api::JwtLocation>
Returns
  • (::Array<::Google::Api::JwtLocation>) —

    Defines the locations to extract the JWT.

    JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token

#jwt_locations=

def jwt_locations=(value) -> ::Array<::Google::Api::JwtLocation>
Parameter
  • value (::Array<::Google::Api::JwtLocation>) —

    Defines the locations to extract the JWT.

    JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token
Returns
  • (::Array<::Google::Api::JwtLocation>) —

    Defines the locations to extract the JWT.

    JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token