Class: Google::Apis::StsV1::CloudSecurityTokenService
- Inherits:
-
Core::BaseService
- Object
- Core::BaseService
- Google::Apis::StsV1::CloudSecurityTokenService
- Defined in:
- lib/google/apis/sts_v1/service.rb
Overview
Security Token Service API
The Security Token Service exchanges Google or third-party credentials for a short-lived access token to Google Cloud resources.
Constant Summary collapse
- DEFAULT_ENDPOINT_TEMPLATE =
"https://sts.$UNIVERSE_DOMAIN$/"
Instance Attribute Summary collapse
-
#key ⇒ String
API key.
-
#quota_user ⇒ String
Available to use for quota purposes for server-side applications.
Instance Method Summary collapse
-
#get_organization_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517.
-
#get_organization_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification.
-
#get_project_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517.
-
#get_project_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification.
-
#initialize ⇒ CloudSecurityTokenService
constructor
A new instance of CloudSecurityTokenService.
-
#token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse
Exchanges a credential for a Google OAuth 2.0 access token.
Constructor Details
#initialize ⇒ CloudSecurityTokenService
Returns a new instance of CloudSecurityTokenService.
48 49 50 51 52 53 |
# File 'lib/google/apis/sts_v1/service.rb', line 48 def initialize super(DEFAULT_ENDPOINT_TEMPLATE, '', client_name: 'google-apis-sts_v1', client_version: Google::Apis::StsV1::GEM_VERSION) @batch_path = 'batch' end |
Instance Attribute Details
#key ⇒ String
Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
41 42 43 |
# File 'lib/google/apis/sts_v1/service.rb', line 41 def key @key end |
#quota_user ⇒ String
Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
46 47 48 |
# File 'lib/google/apis/sts_v1/service.rb', line 46 def quota_user @quota_user end |
Instance Method Details
#get_organization_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517. For now, only agentic system pools are supported.
83 84 85 86 87 88 89 90 91 |
# File 'lib/google/apis/sts_v1/service.rb', line 83 def get_organization_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/openid/jwks', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1Jwks::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1Jwks command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_organization_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification. For now, only agentic system pools are supported.
122 123 124 125 126 127 128 129 130 |
# File 'lib/google/apis/sts_v1/service.rb', line 122 def get_organization_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/.well-known/openid-configuration', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517. For now, only agentic system pools are supported.
160 161 162 163 164 165 166 167 168 |
# File 'lib/google/apis/sts_v1/service.rb', line 160 def get_project_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/openid/jwks', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1Jwks::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1Jwks command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification. For now, only agentic system pools are supported.
199 200 201 202 203 204 205 206 207 |
# File 'lib/google/apis/sts_v1/service.rb', line 199 def get_project_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/.well-known/openid-configuration', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse
Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
an external identity within an identity pool, or it applies a Credential
Access Boundary to a Google access token. Note that workforce pools do not
support Credential Access Boundaries. When you call this method, do not send
the Authorization HTTP header in the request. This method does not require
the Authorization header, and using the header can cause the request to fail.
233 234 235 236 237 238 239 240 241 242 |
# File 'lib/google/apis/sts_v1/service.rb', line 233 def token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/token', ) command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenRequest::Representation command.request_object = google_identity_sts_v1_exchange_token_request_object command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |