google-apis-sts_v1 0.22.0 → 0.24.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b0820fc2312867ed0a37f13ba9925e05dacda2212d89b81e097125c8effabd00
-  data.tar.gz: 55a66de4acd84564664ffc130982b300523e95f56670558fd94e1c3e12d7d86c
+  metadata.gz: c26262bf9f498de00ffd81c80f9a3aa843771615d43531ff1e1fe0c33735c7b6
+  data.tar.gz: be24c02ca1f42fca2ec9a6470981b77d4b85ab9845d34b39263d5c6a49301cc8
 SHA512:
-  metadata.gz: c23f1784ac3775caa70609758b18f18ec5735784f2de7b330b21227550668ba349fe10ad17f71332ac1b4de9657edc64d3c792cab7409af9aa3767bbb2b474ab
-  data.tar.gz: 65338f2dbf90969ee6aebae95e17325dc5fc911390078c2fe0978cb027d23f06c91166295cc4153e1f389c1260640d95eb2b545dbde562951860a0c4510de486
+  metadata.gz: 49049c1b6bec51dcaf8a70e94783e118874add546db44be5b913499935b51c90ea1329b0d5f3f3123a20660a51fdb33e8c9f851c42a95400235b820b672f175e
+  data.tar.gz: 2040b3162ca4b4ae4c2f48787e4a55cc9b9c9ad9a151e249596600790f3cc2f11f1da532143bbdea7fc8351b25b4c1145eb624ed115cd5f7186b0705bf3dea89

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Release history for google-apis-sts_v1
 
+### v0.24.0 (2022-09-28)
+
+* Regenerated from discovery document revision 20220916
+* Regenerated using generator version 0.10.0
+
+### v0.23.0 (2022-09-02)
+
+* Regenerated from discovery document revision 20220826
+
 ### v0.22.0 (2022-08-13)
 
 * Regenerated from discovery document revision 20220806

data/lib/google/apis/sts_v1/classes.rb

@@ -49,31 +49,33 @@ module Google
         # members` can have the following values: * `allUsers`: A special identifier
         # that represents anyone who is on the internet; with or without a Google
         # account. * `allAuthenticatedUsers`: A special identifier that represents
-        # anyone who is authenticated with a Google account or a service account. * `
-        # user:`emailid``: An email address that represents a specific Google account.
-        # For example, `alice@example.com` . * `serviceAccount:`emailid``: An email
-        # address that represents a Google service account. For example, `my-other-app@
-        # appspot.gserviceaccount.com`. * `serviceAccount:`projectid`.svc.id.goog[`
-        # namespace`/`kubernetes-sa`]`: An identifier for a [Kubernetes service account](
-        # https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-
-        # accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`
-        # . * `group:`emailid``: An email address that represents a Google group. For
-        # example, `admins@example.com`. * `deleted:user:`emailid`?uid=`uniqueid``: An
-        # email address (plus unique identifier) representing a user that has been
-        # recently deleted. For example, `alice@example.com?uid=123456789012345678901`.
-        # If the user is recovered, this value reverts to `user:`emailid`` and the
-        # recovered user retains the role in the binding. * `deleted:serviceAccount:`
-        # emailid`?uid=`uniqueid``: An email address (plus unique identifier)
-        # representing a service account that has been recently deleted. For example, `
-        # my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the
-        # service account is undeleted, this value reverts to `serviceAccount:`emailid``
-        # and the undeleted service account retains the role in the binding. * `deleted:
-        # group:`emailid`?uid=`uniqueid``: An email address (plus unique identifier)
-        # representing a Google group that has been recently deleted. For example, `
-        # admins@example.com?uid=123456789012345678901`. If the group is recovered, this
-        # value reverts to `group:`emailid`` and the recovered group retains the role in
-        # the binding. * `domain:`domain``: The G Suite domain (primary) that represents
-        # all the users of that domain. For example, `google.com` or `example.com`.
+        # anyone who is authenticated with a Google account or a service account. Does
+        # not include identities that come from external identity providers (IdPs)
+        # through identity federation. * `user:`emailid``: An email address that
+        # represents a specific Google account. For example, `alice@example.com` . * `
+        # serviceAccount:`emailid``: An email address that represents a Google service
+        # account. For example, `my-other-app@appspot.gserviceaccount.com`. * `
+        # serviceAccount:`projectid`.svc.id.goog[`namespace`/`kubernetes-sa`]`: An
+        # identifier for a [Kubernetes service account](https://cloud.google.com/
+        # kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-
+        # project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:`emailid``: An
+        # email address that represents a Google group. For example, `admins@example.com`
+        # . * `deleted:user:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a user that has been recently deleted. For example, `
+        # alice@example.com?uid=123456789012345678901`. If the user is recovered, this
+        # value reverts to `user:`emailid`` and the recovered user retains the role in
+        # the binding. * `deleted:serviceAccount:`emailid`?uid=`uniqueid``: An email
+        # address (plus unique identifier) representing a service account that has been
+        # recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=
+        # 123456789012345678901`. If the service account is undeleted, this value
+        # reverts to `serviceAccount:`emailid`` and the undeleted service account
+        # retains the role in the binding. * `deleted:group:`emailid`?uid=`uniqueid``:
+        # An email address (plus unique identifier) representing a Google group that has
+        # been recently deleted. For example, `admins@example.com?uid=
+        # 123456789012345678901`. If the group is recovered, this value reverts to `
+        # group:`emailid`` and the recovered group retains the role in the binding. * `
+        # domain:`domain``: The G Suite domain (primary) that represents all the users
+        # of that domain. For example, `google.com` or `example.com`.
         # Corresponds to the JSON property `members`
         # @return [Array<String>]
         attr_accessor :members
@@ -177,8 +179,10 @@ module Google
         include Google::Apis::Core::Hashable
       
         # The full resource name of the identity provider; for example: `//iam.
-        # googleapis.com/projects//locations/global/workloadIdentityPools//providers/`.
-        # Required when exchanging an external credential for a Google access token.
+        # googleapis.com/projects//locations/global/workloadIdentityPools//providers/`
+        # for workload identity pool providers, or `//iam.googleapis.com/locations/
+        # global/workforcePools//providers/` for workforce pool providers. Required when
+        # exchanging an external credential for a Google access token.
         # Corresponds to the JSON property `audience`
         # @return [String]
         attr_accessor :audience
@@ -232,25 +236,28 @@ module Google
         # allowed audiences for the workload identity pool provider, or one of the
         # audiences allowed by default if no audiences were specified. See https://cloud.
         # google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.
-        # providers#oidc Example header: ``` ` "alg": "RS256", "kid": "us-east-11" ` ```
-        # Example payload: ``` ` "iss": "https://accounts.google.com", "iat": 1517963104,
-        # "exp": 1517966704, "aud": "//iam.googleapis.com/projects/1234567890123/
-        # locations/global/workloadIdentityPools/my-pool/providers/my-provider", "sub": "
-        # 113475438248934895348", "my_claims": ` "additional_claim": "value" ` ` ``` If `
-        # subject_token` is for AWS, it must be a serialized `GetCallerIdentity` token.
-        # This token contains the same information as a request to the AWS [`
-        # GetCallerIdentity()`](https://docs.aws.amazon.com/STS/latest/APIReference/
-        # API_GetCallerIdentity) method, as well as the AWS [signature](https://docs.aws.
-        # amazon.com/general/latest/gr/signing_aws_api_requests.html) for the request
-        # information. Use Signature Version 4. Format the request as URL-encoded JSON,
-        # and set the `subject_token_type` parameter to `urn:ietf:params:aws:token-type:
-        # aws4_request`. The following parameters are required: - `url`: The URL of the
-        # AWS STS endpoint for `GetCallerIdentity()`, such as `https://sts.amazonaws.com?
-        # Action=GetCallerIdentity&Version=2011-06-15`. Regional endpoints are also
-        # supported. - `method`: The HTTP request method: `POST`. - `headers`: The HTTP
-        # request headers, which must include: - `Authorization`: The request signature.
-        # - `x-amz-date`: The time you will send the request, formatted as an [ISO8601
-        # Basic](https://docs.aws.amazon.com/general/latest/gr/sigv4_elements.html#
+        # providers#oidc. For workforce pools, this must match the client ID specified
+        # in the provider configuration. See https://cloud.google.com/iam/docs/reference/
+        # rest/v1/locations.workforcePools.providers#oidc. Example header: ``` ` "alg": "
+        # RS256", "kid": "us-east-11" ` ``` Example payload: ``` ` "iss": "https://
+        # accounts.google.com", "iat": 1517963104, "exp": 1517966704, "aud": "//iam.
+        # googleapis.com/projects/1234567890123/locations/global/workloadIdentityPools/
+        # my-pool/providers/my-provider", "sub": "113475438248934895348", "my_claims": `
+        # "additional_claim": "value" ` ` ``` If `subject_token` is for AWS, it must be
+        # a serialized `GetCallerIdentity` token. This token contains the same
+        # information as a request to the AWS [`GetCallerIdentity()`](https://docs.aws.
+        # amazon.com/STS/latest/APIReference/API_GetCallerIdentity) method, as well as
+        # the AWS [signature](https://docs.aws.amazon.com/general/latest/gr/
+        # signing_aws_api_requests.html) for the request information. Use Signature
+        # Version 4. Format the request as URL-encoded JSON, and set the `
+        # subject_token_type` parameter to `urn:ietf:params:aws:token-type:aws4_request`.
+        # The following parameters are required: - `url`: The URL of the AWS STS
+        # endpoint for `GetCallerIdentity()`, such as `https://sts.amazonaws.com?Action=
+        # GetCallerIdentity&Version=2011-06-15`. Regional endpoints are also supported. -
+        # `method`: The HTTP request method: `POST`. - `headers`: The HTTP request
+        # headers, which must include: - `Authorization`: The request signature. - `x-
+        # amz-date`: The time you will send the request, formatted as an [ISO8601 Basic](
+        # https://docs.aws.amazon.com/general/latest/gr/sigv4_elements.html#
         # sigv4_elements_date) string. This value is typically set to the current time
         # and is used to help prevent replay attacks. - `host`: The hostname of the `url`
         # field; for example, `sts.amazonaws.com`. - `x-goog-cloud-target-resource`:
@@ -432,7 +439,10 @@ module Google
         # The human-readable identifier for the token principal subject. For example, if
         # the provided token is associated with a workload identity pool, this field
         # contains a value in the following format: `principal://iam.googleapis.com/
-        # projects//locations/global/workloadIdentityPools//subject/`
+        # projects//locations/global/workloadIdentityPools//subject/`. If the provided
+        # token is associated with a workforce pool, this field contains a value in the
+        # following format: `principal://iam.googleapis.com/locations/global/
+        # workforcePools//subject/`.
         # Corresponds to the JSON property `username`
         # @return [String]
         attr_accessor :username

data/lib/google/apis/sts_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module StsV1
       # Version of the google-apis-sts_v1 gem
-      GEM_VERSION = "0.22.0"
+      GEM_VERSION = "0.24.0"
 
       # Version of the code generator used to generate this client
-      GENERATOR_VERSION = "0.9.0"
+      GENERATOR_VERSION = "0.10.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20220806"
+      REVISION = "20220916"
     end
   end
 end

data/lib/google/apis/sts_v1/service.rb

@@ -84,10 +84,11 @@ module Google
         
         # Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
         # an external identity within an identity pool, or it applies a Credential
-        # Access Boundary to a Google access token. When you call this method, do not
-        # send the `Authorization` HTTP header in the request. This method does not
-        # require the `Authorization` header, and using the header can cause the request
-        # to fail.
+        # Access Boundary to a Google access token. Note that workforce pools do not
+        # support Credential Access Boundary at the moment. When you call this method,
+        # do not send the `Authorization` HTTP header in the request. This method does
+        # not require the `Authorization` header, and using the header can cause the
+        # request to fail.
         # @param [Google::Apis::StsV1::GoogleIdentityStsV1ExchangeTokenRequest] google_identity_sts_v1_exchange_token_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-sts_v1
 version: !ruby/object:Gem::Version
-  version: 0.22.0
+  version: 0.24.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-15 00:00:00.000000000 Z
+date: 2022-10-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: 0.9.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.7'
+        version: 0.9.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-sts_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.22.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.24.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-sts_v1
 post_install_message: 
 rdoc_options: []