Service Usage V1 API - Class Google::Api::AuthProvider (v1.0.0)

Reference documentation and code samples for the Service Usage V1 API class Google::Api::AuthProvider.

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#audiences

def audiences() -> ::String
Returns
  • (::String) —

    The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

    • "https://[service.name]/[google.protobuf.Api.name]"
    • "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
    • https://library-example.googleapis.com/

    Example:

    audiences: bookstore_android.apps.googleusercontent.com,
           bookstore_web.apps.googleusercontent.com

#audiences=

def audiences=(value) -> ::String
Parameter
  • value (::String) —

    The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

    • "https://[service.name]/[google.protobuf.Api.name]"
    • "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
    • https://library-example.googleapis.com/

    Example:

    audiences: bookstore_android.apps.googleusercontent.com,
           bookstore_web.apps.googleusercontent.com
Returns
  • (::String) —

    The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

    • "https://[service.name]/[google.protobuf.Api.name]"
    • "https://[service.name]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService
    • https://library-example.googleapis.com/

    Example:

    audiences: bookstore_android.apps.googleusercontent.com,
           bookstore_web.apps.googleusercontent.com

#authorization_url

def authorization_url() -> ::String
Returns
  • (::String) — Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.

#authorization_url=

def authorization_url=(value) -> ::String
Parameter
  • value (::String) — Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
Returns
  • (::String) — Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.

#id

def id() -> ::String
Returns
  • (::String) — The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".

#id=

def id=(value) -> ::String
Parameter
  • value (::String) — The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".

Returns
  • (::String) — The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".

#issuer

def issuer() -> ::String
Returns
  • (::String) — Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

    Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

#issuer=

def issuer=(value) -> ::String
Parameter
  • value (::String) — Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

    Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

Returns
  • (::String) — Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

    Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

#jwks_uri

def jwks_uri() -> ::String
Returns
  • (::String) — URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

    • can be retrieved from OpenID Discovery of the issuer.
    • can be inferred from the email domain of the issuer (e.g. a Google service account).

    Example: https://www.googleapis.com/oauth2/v1/certs

#jwks_uri=

def jwks_uri=(value) -> ::String
Parameter
  • value (::String) — URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

    • can be retrieved from OpenID Discovery of the issuer.
    • can be inferred from the email domain of the issuer (e.g. a Google service account).

    Example: https://www.googleapis.com/oauth2/v1/certs

Returns
  • (::String) — URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

    • can be retrieved from OpenID Discovery of the issuer.
    • can be inferred from the email domain of the issuer (e.g. a Google service account).

    Example: https://www.googleapis.com/oauth2/v1/certs

#jwt_locations

def jwt_locations() -> ::Array<::Google::Api::JwtLocation>
Returns
  • (::Array<::Google::Api::JwtLocation>) —

    Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations

    JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token

#jwt_locations=

def jwt_locations=(value) -> ::Array<::Google::Api::JwtLocation>
Parameter
  • value (::Array<::Google::Api::JwtLocation>) —

    Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations

    JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token
Returns
  • (::Array<::Google::Api::JwtLocation>) —

    Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations

    JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token