Class: Google::Apis::ServiceconsumermanagementV1::AuthProvider
- Inherits:
-
Object
- Object
- Google::Apis::ServiceconsumermanagementV1::AuthProvider
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/serviceconsumermanagement_v1/classes.rb,
lib/google/apis/serviceconsumermanagement_v1/representations.rb,
lib/google/apis/serviceconsumermanagement_v1/representations.rb
Overview
Configuration for an authentication provider, including support for JSON Web Token (JWT).
Instance Attribute Summary collapse
-
#audiences ⇒ String
The list of JWT audiences.
-
#authorization_url ⇒ String
Redirect URL if JWT token is required but not present or is expired.
-
#id ⇒ String
The unique identifier of the auth provider.
-
#issuer ⇒ String
Identifies the principal that issued the JWT.
-
#jwks_uri ⇒ String
URL of the provider's public key set to validate signature of the JWT.
-
#jwt_locations ⇒ Array<Google::Apis::ServiceconsumermanagementV1::JwtLocation>
Defines the locations to extract the JWT.
Instance Method Summary collapse
-
#initialize(**args) ⇒ AuthProvider
constructor
A new instance of AuthProvider.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ AuthProvider
Returns a new instance of AuthProvider.
254 255 256 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 254 def initialize(**args) update!(**args) end |
Instance Attribute Details
#audiences ⇒ String
The list of JWT audiences. that are allowed to access. A JWT containing any
of these audiences will be accepted. When this setting is absent, JWTs with
audiences: - "https://[service.name]/[google.protobuf.Api.name]" - "https://[
service.name]/" will be accepted. For example, if no audiences are in the
setting, LibraryService API will accept JWTs with the following audiences: -
https://library-example.googleapis.com/google.example.library.v1.
LibraryService - https://library-example.googleapis.com/ Example: audiences:
bookstore_android.apps.googleusercontent.com, bookstore_web.apps.
googleusercontent.com
Corresponds to the JSON property audiences
209 210 211 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 209 def audiences @audiences end |
#authorization_url ⇒ String
Redirect URL if JWT token is required but not present or is expired. Implement
authorizationUrl of securityDefinitions in OpenAPI spec.
Corresponds to the JSON property authorizationUrl
215 216 217 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 215 def @authorization_url end |
#id ⇒ String
The unique identifier of the auth provider. It will be referred to by
AuthRequirement.provider_id
. Example: "bookstore_auth".
Corresponds to the JSON property id
221 222 223 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 221 def id @id end |
#issuer ⇒ String
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/
draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email
address. Example: https://securetoken.google.com Example: 1234567-compute@
developer.gserviceaccount.com
Corresponds to the JSON property issuer
229 230 231 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 229 def issuer @issuer end |
#jwks_uri ⇒ String
URL of the provider's public key set to validate signature of the JWT. See
OpenID Discovery. Optional if the key set document: - can be retrieved from
OpenID Discovery
of the issuer. - can be inferred from the email domain of the issuer (e.g. a
Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
Corresponds to the JSON property jwksUri
239 240 241 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 239 def jwks_uri @jwks_uri end |
#jwt_locations ⇒ Array<Google::Apis::ServiceconsumermanagementV1::JwtLocation>
Defines the locations to extract the JWT. For now it is only used by the Cloud
Endpoints to store the OpenAPI extension x-google-jwt-locations JWT locations can be one of HTTP headers, URL query parameters or
cookies. The rule is that the first match wins. If not specified, default to
use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-
assertion 3) access_token query parameter Default locations can be specified
as followings: jwt_locations: - header: Authorization value_prefix: "Bearer " -
header: x-goog-iap-jwt-assertion - query: access_token
Corresponds to the JSON property jwtLocations
252 253 254 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 252 def jwt_locations @jwt_locations end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
259 260 261 262 263 264 265 266 |
# File 'lib/google/apis/serviceconsumermanagement_v1/classes.rb', line 259 def update!(**args) @audiences = args[:audiences] if args.key?(:audiences) @authorization_url = args[:authorization_url] if args.key?(:authorization_url) @id = args[:id] if args.key?(:id) @issuer = args[:issuer] if args.key?(:issuer) @jwks_uri = args[:jwks_uri] if args.key?(:jwks_uri) @jwt_locations = args[:jwt_locations] if args.key?(:jwt_locations) end |