Class: Google::Apis::ServicecontrolV2::Auth
- Inherits:
-
Object
- Object
- Google::Apis::ServicecontrolV2::Auth
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- lib/google/apis/servicecontrol_v2/classes.rb,
lib/google/apis/servicecontrol_v2/representations.rb,
lib/google/apis/servicecontrol_v2/representations.rb
Overview
This message defines request authentication attributes. Terminology is based on the JSON Web Token (JWT) standard, but the terms also correlate to concepts in other standards.
Instance Attribute Summary collapse
-
#access_levels ⇒ Array<String>
A list of access level resource names that allow resources to be accessed by authenticated requester.
-
#audiences ⇒ Array<String>
The intended audience(s) for this authentication information.
-
#claims ⇒ Hash<String,Object>
Structured claims presented with the credential.
-
#credential_id ⇒ String
Identifies the client credential id used for authentication.
-
#presenter ⇒ String
The authorized presenter of the credential.
-
#principal ⇒ String
The authenticated principal.
Instance Method Summary collapse
-
#initialize(**args) ⇒ Auth
constructor
A new instance of Auth.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ Auth
Returns a new instance of Auth.
352 353 354 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 352 def initialize(**args) update!(**args) end |
Instance Attribute Details
#access_levels ⇒ Array<String>
A list of access level resource names that allow resources to be accessed by
authenticated requester. It is part of Secure GCP processing for the incoming
request. An access level string has the format: "//api_service_name
/
accessPolicies/policy_id
/accessLevels/short_name
" Example: "//
accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/
MY_LEVEL"
Corresponds to the JSON property accessLevels
302 303 304 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 302 def access_levels @access_levels end |
#audiences ⇒ Array<String>
The intended audience(s) for this authentication information. Reflects the
audience (aud
) claim within a JWT. The audience value(s) depends on the
issuer
, but typically include one or more of the following pieces of
information: * The services intended to receive the credential. For example, ["
https://pubsub.googleapis.com/", "https://storage.googleapis.com/"]. * A set
of service-based scopes. For example, ["https://www.googleapis.com/auth/cloud-
platform"]. * The client id of an app, such as the Firebase project id for
JWTs from Firebase Auth. Consult the documentation for the credential issuer
to determine the information provided.
Corresponds to the JSON property audiences
315 316 317 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 315 def audiences @audiences end |
#claims ⇒ Hash<String,Object>
Structured claims presented with the credential. JWTs include key: value
pairs for standard and private claims. The following is a subset of the
standard required and optional claims that would typically be presented for a
Google-based JWT: 'iss': 'accounts.google.com', 'sub': '113289723416554971153'
, 'aud': ['123456789012', 'pubsub.googleapis.com'], 'azp': '123456789012.apps.
googleusercontent.com', 'email': 'jsmith@example.com', 'iat': 1353601026, 'exp'
: 1353604926
SAML assertions are similarly specified, but with an identity
provider dependent structure.
Corresponds to the JSON property claims
327 328 329 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 327 def claims @claims end |
#credential_id ⇒ String
Identifies the client credential id used for authentication. credential_id is
in the format of AUTH_METHOD:IDENTIFIER, e.g. "serviceaccount:XXXXX, apikey:
XXXXX" where the format of the IDENTIFIER can vary for different AUTH_METHODs.
Corresponds to the JSON property credentialId
334 335 336 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 334 def credential_id @credential_id end |
#presenter ⇒ String
The authorized presenter of the credential. Reflects the optional Authorized
Presenter (azp
) claim within a JWT or the OAuth client id. For example, a
Google Cloud Platform client id looks as follows: "123456789012.apps.
googleusercontent.com".
Corresponds to the JSON property presenter
342 343 344 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 342 def presenter @presenter end |
#principal ⇒ String
The authenticated principal. Reflects the issuer (iss
) and subject (sub
)
claims within a JWT. The issuer and subject should be /
delimited, with /
percent-encoded within the subject fragment. For Google accounts, the
principal format is: "https://accounts.google.com/`id`"
Corresponds to the JSON property principal
350 351 352 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 350 def principal @principal end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
357 358 359 360 361 362 363 364 |
# File 'lib/google/apis/servicecontrol_v2/classes.rb', line 357 def update!(**args) @access_levels = args[:access_levels] if args.key?(:access_levels) @audiences = args[:audiences] if args.key?(:audiences) @claims = args[:claims] if args.key?(:claims) @credential_id = args[:credential_id] if args.key?(:credential_id) @presenter = args[:presenter] if args.key?(:presenter) @principal = args[:principal] if args.key?(:principal) end |