Class: Google::Apis::StsV1::CloudSecurityTokenService
- Inherits:
-
Core::BaseService
- Object
- Core::BaseService
- Google::Apis::StsV1::CloudSecurityTokenService
- Defined in:
- lib/google/apis/sts_v1/service.rb
Overview
Security Token Service API
The Security Token Service exchanges Google or third-party credentials for a short-lived access token to Google Cloud resources.
Constant Summary collapse
- DEFAULT_ENDPOINT_TEMPLATE =
"https://sts.$UNIVERSE_DOMAIN$/"
Instance Attribute Summary collapse
-
#key ⇒ String
API key.
-
#quota_user ⇒ String
Available to use for quota purposes for server-side applications.
Instance Method Summary collapse
-
#get_organization_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517.
-
#get_organization_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification.
-
#get_project_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517.
-
#get_project_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification.
-
#initialize ⇒ CloudSecurityTokenService
constructor
A new instance of CloudSecurityTokenService.
-
#token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse
Exchanges a credential for a Google OAuth 2.0 access token.
Constructor Details
#initialize ⇒ CloudSecurityTokenService
Returns a new instance of CloudSecurityTokenService.
48 49 50 51 52 53 |
# File 'lib/google/apis/sts_v1/service.rb', line 48 def initialize super(DEFAULT_ENDPOINT_TEMPLATE, '', client_name: 'google-apis-sts_v1', client_version: Google::Apis::StsV1::GEM_VERSION) @batch_path = 'batch' end |
Instance Attribute Details
#key ⇒ String
Returns API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
41 42 43 |
# File 'lib/google/apis/sts_v1/service.rb', line 41 def key @key end |
#quota_user ⇒ String
Returns Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
46 47 48 |
# File 'lib/google/apis/sts_v1/service.rb', line 46 def quota_user @quota_user end |
Instance Method Details
#get_organization_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517. For now, only agentic system pools are supported. Preview This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms. Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions.
88 89 90 91 92 93 94 95 96 |
# File 'lib/google/apis/sts_v1/service.rb', line 88 def get_organization_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/openid/jwks', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1Jwks::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1Jwks command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_organization_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification. For now, only agentic system pools are supported. Preview This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms . Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions.
132 133 134 135 136 137 138 139 140 |
# File 'lib/google/apis/sts_v1/service.rb', line 132 def get_organization_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/.well-known/openid-configuration', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1Jwks
Fetches the signing keys for an agentic or managed workload identity pool and returns them in JWKs format, defined in RFC 7517. For now, only agentic system pools are supported. Preview This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms. Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions.
175 176 177 178 179 180 181 182 183 |
# File 'lib/google/apis/sts_v1/service.rb', line 175 def get_project_location_workload_identity_pool_openid_jwks(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/openid/jwks', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1Jwks::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1Jwks command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#get_project_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig
Gets the OIDC provider configuration for an agentic or managed workload identity pool following the OIDC 1.0 discovery specification. For now, only agentic system pools are supported. Preview This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms . Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions.
219 220 221 222 223 224 225 226 227 |
# File 'lib/google/apis/sts_v1/service.rb', line 219 def get_project_location_workload_identity_pool_well_known_openid_configuration(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/.well-known/openid-configuration', ) command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1OpenIdProviderConfig command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |
#token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil) {|result, err| ... } ⇒ Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse
Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
an external identity within an identity pool, or it applies a Credential
Access Boundary to a Google access token. Note that workforce pools do not
support Credential Access Boundaries. When you call this method, do not send
the Authorization HTTP header in the request. This method does not require
the Authorization header, and using the header can cause the request to fail.
253 254 255 256 257 258 259 260 261 262 |
# File 'lib/google/apis/sts_v1/service.rb', line 253 def token(google_identity_sts_v1_exchange_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/token', ) command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenRequest::Representation command.request_object = google_identity_sts_v1_exchange_token_request_object command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse::Representation command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenResponse command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end |