google-apis-sts_v1 0.3.0 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +22 -0
- data/lib/google/apis/sts_v1/classes.rb +123 -20
- data/lib/google/apis/sts_v1/gem_version.rb +3 -3
- data/lib/google/apis/sts_v1/representations.rb +34 -0
- data/lib/google/apis/sts_v1/service.rb +32 -0
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5efe5029ff15bc1c675500e4a4cc0e5c360e94e7f91853832e6f195a01d5150c
|
4
|
+
data.tar.gz: 295f3441cfe188a80ca51e329b4dc4adeba82f8897dbdaf517b1b936223251ab
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2bcd13791b6dfd047e7542d9d0ab2addd69fdbb18ef85f4eaaed56355f2b91128636ba2e8d2713ee8702ac571a9988e11033c750d9ba9f8b995121dee04d0143
|
7
|
+
data.tar.gz: adb677c08b17f94427277450d1cb5f9151b37cad1194d8c8a92a66426da8bfecf351003a74d66d5f4e69a248126896e2217c5c1baf7606632fb3c9f62d3ac8e3
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,27 @@
|
|
1
1
|
# Release history for google-apis-sts_v1
|
2
2
|
|
3
|
+
### v0.8.0 (2021-06-19)
|
4
|
+
|
5
|
+
* Regenerated from discovery document revision 20210613
|
6
|
+
* Regenerated using generator version 0.3.0
|
7
|
+
|
8
|
+
### v0.7.0 (2021-05-27)
|
9
|
+
|
10
|
+
* Regenerated from discovery document revision 20210517
|
11
|
+
|
12
|
+
### v0.6.0 (2021-05-20)
|
13
|
+
|
14
|
+
* Unspecified changes
|
15
|
+
|
16
|
+
### v0.5.0 (2021-05-15)
|
17
|
+
|
18
|
+
* Regenerated from discovery document revision 20210508
|
19
|
+
* Regenerated using generator version 0.2.0
|
20
|
+
|
21
|
+
### v0.4.0 (2021-03-04)
|
22
|
+
|
23
|
+
* Unspecified changes
|
24
|
+
|
3
25
|
### v0.3.0 (2021-02-12)
|
4
26
|
|
5
27
|
* Regenerated from discovery document revision 20210206
|
@@ -59,28 +59,32 @@ module Google
|
|
59
59
|
# @return [String]
|
60
60
|
attr_accessor :scope
|
61
61
|
|
62
|
-
# Required. The input token. This token is
|
63
|
-
#
|
64
|
-
#
|
65
|
-
#
|
66
|
-
#
|
67
|
-
#
|
68
|
-
#
|
69
|
-
#
|
70
|
-
#
|
71
|
-
#
|
72
|
-
#
|
73
|
-
#
|
74
|
-
#
|
75
|
-
#
|
76
|
-
#
|
77
|
-
#
|
62
|
+
# Required. The input token. This token is either an external credential issued
|
63
|
+
# by a workload identity pool provider, or a short-lived access token issued by
|
64
|
+
# Google. If the token is an OIDC JWT, it must use the JWT format defined in [
|
65
|
+
# RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type`
|
66
|
+
# must be `urn:ietf:params:oauth:token-type:jwt`. The following headers are
|
67
|
+
# required: - `kid`: The identifier of the signing key securing the JWT. - `alg`:
|
68
|
+
# The cryptographic algorithm securing the JWT. Must be `RS256` or `ES256`. The
|
69
|
+
# following payload fields are required. For more information, see [RFC 7523,
|
70
|
+
# Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer
|
71
|
+
# of the token. The issuer must provide a discovery document at the URL `/.well-
|
72
|
+
# known/openid-configuration`, where `` is the value of this field. The document
|
73
|
+
# must be formatted according to section 4.2 of the [OIDC 1.0 Discovery
|
74
|
+
# specification](https://openid.net/specs/openid-connect-discovery-1_0.html#
|
75
|
+
# ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the
|
76
|
+
# Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds,
|
77
|
+
# since the Unix epoch. Must be less than 48 hours after `iat`. Shorter
|
78
78
|
# expiration times are more secure. If possible, we recommend setting an
|
79
79
|
# expiration time less than 6 hours. - `sub`: The identity asserted in the JWT. -
|
80
|
-
# `aud`:
|
81
|
-
#
|
82
|
-
#
|
83
|
-
#
|
80
|
+
# `aud`: For workload identity pools, this must be a value specified in the
|
81
|
+
# allowed audiences for the workload identity pool provider, or one of the
|
82
|
+
# audiences allowed by default if no audiences were specified. See https://cloud.
|
83
|
+
# google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.
|
84
|
+
# providers#oidc Example header: ``` ` "alg": "RS256", "kid": "us-east-11" ` ```
|
85
|
+
# Example payload: ``` ` "iss": "https://accounts.google.com", "iat": 1517963104,
|
86
|
+
# "exp": 1517966704, "aud": "//iam.googleapis.com/projects/1234567890123/
|
87
|
+
# locations/global/workloadIdentityPools/my-pool/providers/my-provider", "sub": "
|
84
88
|
# 113475438248934895348", "my_claims": ` "additional_claim": "value" ` ` ``` If `
|
85
89
|
# subject_token` is for AWS, it must be a serialized `GetCallerIdentity` token.
|
86
90
|
# This token contains the same information as a request to the AWS [`
|
@@ -191,6 +195,105 @@ module Google
|
|
191
195
|
@token_type = args[:token_type] if args.key?(:token_type)
|
192
196
|
end
|
193
197
|
end
|
198
|
+
|
199
|
+
# Request message for IntrospectToken.
|
200
|
+
class GoogleIdentityStsV1IntrospectTokenRequest
|
201
|
+
include Google::Apis::Core::Hashable
|
202
|
+
|
203
|
+
# Required. The OAuth 2.0 security token issued by the Security Token Service
|
204
|
+
# API.
|
205
|
+
# Corresponds to the JSON property `token`
|
206
|
+
# @return [String]
|
207
|
+
attr_accessor :token
|
208
|
+
|
209
|
+
# Optional. The type of the given token. Supported values are `urn:ietf:params:
|
210
|
+
# oauth:token-type:access_token` and `access_token`.
|
211
|
+
# Corresponds to the JSON property `tokenTypeHint`
|
212
|
+
# @return [String]
|
213
|
+
attr_accessor :token_type_hint
|
214
|
+
|
215
|
+
def initialize(**args)
|
216
|
+
update!(**args)
|
217
|
+
end
|
218
|
+
|
219
|
+
# Update properties of this object
|
220
|
+
def update!(**args)
|
221
|
+
@token = args[:token] if args.key?(:token)
|
222
|
+
@token_type_hint = args[:token_type_hint] if args.key?(:token_type_hint)
|
223
|
+
end
|
224
|
+
end
|
225
|
+
|
226
|
+
# Response message for IntrospectToken.
|
227
|
+
class GoogleIdentityStsV1IntrospectTokenResponse
|
228
|
+
include Google::Apis::Core::Hashable
|
229
|
+
|
230
|
+
# A boolean value that indicates whether the provided access token is currently
|
231
|
+
# active.
|
232
|
+
# Corresponds to the JSON property `active`
|
233
|
+
# @return [Boolean]
|
234
|
+
attr_accessor :active
|
235
|
+
alias_method :active?, :active
|
236
|
+
|
237
|
+
# The client identifier for the OAuth 2.0 client that requested the provided
|
238
|
+
# token.
|
239
|
+
# Corresponds to the JSON property `client_id`
|
240
|
+
# @return [String]
|
241
|
+
attr_accessor :client_id
|
242
|
+
|
243
|
+
# The expiration timestamp, measured in the number of seconds since January 1
|
244
|
+
# 1970 UTC, indicating when this token will expire.
|
245
|
+
# Corresponds to the JSON property `exp`
|
246
|
+
# @return [Fixnum]
|
247
|
+
attr_accessor :exp
|
248
|
+
|
249
|
+
# The issued timestamp, measured in the number of seconds since January 1 1970
|
250
|
+
# UTC, indicating when this token was originally issued.
|
251
|
+
# Corresponds to the JSON property `iat`
|
252
|
+
# @return [Fixnum]
|
253
|
+
attr_accessor :iat
|
254
|
+
|
255
|
+
# The issuer of the provided token.
|
256
|
+
# Corresponds to the JSON property `iss`
|
257
|
+
# @return [String]
|
258
|
+
attr_accessor :iss
|
259
|
+
|
260
|
+
# A list of scopes associated with the provided token.
|
261
|
+
# Corresponds to the JSON property `scope`
|
262
|
+
# @return [String]
|
263
|
+
attr_accessor :scope
|
264
|
+
|
265
|
+
# The unique user ID associated with the provided token. For Google Accounts,
|
266
|
+
# this value is based on the Google Account's user ID. For federated identities,
|
267
|
+
# this value is based on the identity pool ID and the value of the mapped `
|
268
|
+
# google.subject` attribute.
|
269
|
+
# Corresponds to the JSON property `sub`
|
270
|
+
# @return [String]
|
271
|
+
attr_accessor :sub
|
272
|
+
|
273
|
+
# The human-readable identifier for the token principal subject. For example, if
|
274
|
+
# the provided token is associated with a workload identity pool, this field
|
275
|
+
# contains a value in the following format: `principal://iam.googleapis.com/
|
276
|
+
# projects//locations//workloadIdentityPools//subject/`
|
277
|
+
# Corresponds to the JSON property `username`
|
278
|
+
# @return [String]
|
279
|
+
attr_accessor :username
|
280
|
+
|
281
|
+
def initialize(**args)
|
282
|
+
update!(**args)
|
283
|
+
end
|
284
|
+
|
285
|
+
# Update properties of this object
|
286
|
+
def update!(**args)
|
287
|
+
@active = args[:active] if args.key?(:active)
|
288
|
+
@client_id = args[:client_id] if args.key?(:client_id)
|
289
|
+
@exp = args[:exp] if args.key?(:exp)
|
290
|
+
@iat = args[:iat] if args.key?(:iat)
|
291
|
+
@iss = args[:iss] if args.key?(:iss)
|
292
|
+
@scope = args[:scope] if args.key?(:scope)
|
293
|
+
@sub = args[:sub] if args.key?(:sub)
|
294
|
+
@username = args[:username] if args.key?(:username)
|
295
|
+
end
|
296
|
+
end
|
194
297
|
end
|
195
298
|
end
|
196
299
|
end
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module StsV1
|
18
18
|
# Version of the google-apis-sts_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.8.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
|
-
GENERATOR_VERSION = "0.
|
22
|
+
GENERATOR_VERSION = "0.3.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20210613"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -34,6 +34,18 @@ module Google
|
|
34
34
|
include Google::Apis::Core::JsonObjectSupport
|
35
35
|
end
|
36
36
|
|
37
|
+
class GoogleIdentityStsV1IntrospectTokenRequest
|
38
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
39
|
+
|
40
|
+
include Google::Apis::Core::JsonObjectSupport
|
41
|
+
end
|
42
|
+
|
43
|
+
class GoogleIdentityStsV1IntrospectTokenResponse
|
44
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
45
|
+
|
46
|
+
include Google::Apis::Core::JsonObjectSupport
|
47
|
+
end
|
48
|
+
|
37
49
|
class GoogleIdentityStsV1ExchangeTokenRequest
|
38
50
|
# @private
|
39
51
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -56,6 +68,28 @@ module Google
|
|
56
68
|
property :token_type, as: 'token_type'
|
57
69
|
end
|
58
70
|
end
|
71
|
+
|
72
|
+
class GoogleIdentityStsV1IntrospectTokenRequest
|
73
|
+
# @private
|
74
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
75
|
+
property :token, as: 'token'
|
76
|
+
property :token_type_hint, as: 'tokenTypeHint'
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
class GoogleIdentityStsV1IntrospectTokenResponse
|
81
|
+
# @private
|
82
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
83
|
+
property :active, as: 'active'
|
84
|
+
property :client_id, as: 'client_id'
|
85
|
+
property :exp, :numeric_string => true, as: 'exp'
|
86
|
+
property :iat, :numeric_string => true, as: 'iat'
|
87
|
+
property :iss, as: 'iss'
|
88
|
+
property :scope, as: 'scope'
|
89
|
+
property :sub, as: 'sub'
|
90
|
+
property :username, as: 'username'
|
91
|
+
end
|
92
|
+
end
|
59
93
|
end
|
60
94
|
end
|
61
95
|
end
|
@@ -50,6 +50,38 @@ module Google
|
|
50
50
|
@batch_path = 'batch'
|
51
51
|
end
|
52
52
|
|
53
|
+
# Gets information about a Google OAuth 2.0 access token issued by the Google
|
54
|
+
# Cloud [Security Token Service API](https://cloud.google.com/iam/docs/reference/
|
55
|
+
# sts/rest).
|
56
|
+
# @param [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest] google_identity_sts_v1_introspect_token_request_object
|
57
|
+
# @param [String] fields
|
58
|
+
# Selector specifying which fields to include in a partial response.
|
59
|
+
# @param [String] quota_user
|
60
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
61
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
62
|
+
# @param [Google::Apis::RequestOptions] options
|
63
|
+
# Request-specific options
|
64
|
+
#
|
65
|
+
# @yield [result, err] Result & error if block supplied
|
66
|
+
# @yieldparam result [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse] parsed result object
|
67
|
+
# @yieldparam err [StandardError] error object if request failed
|
68
|
+
#
|
69
|
+
# @return [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse]
|
70
|
+
#
|
71
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
72
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
73
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
74
|
+
def introspect(google_identity_sts_v1_introspect_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
75
|
+
command = make_simple_command(:post, 'v1/introspect', options)
|
76
|
+
command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest::Representation
|
77
|
+
command.request_object = google_identity_sts_v1_introspect_token_request_object
|
78
|
+
command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse::Representation
|
79
|
+
command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse
|
80
|
+
command.query['fields'] = fields unless fields.nil?
|
81
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
82
|
+
execute_or_queue_command(command, &block)
|
83
|
+
end
|
84
|
+
|
53
85
|
# Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
|
54
86
|
# an external identity within a workload identity pool, or it applies a
|
55
87
|
# Credential Access Boundary to a Google access token. When you call this method,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-sts_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-06-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -52,7 +52,7 @@ licenses:
|
|
52
52
|
metadata:
|
53
53
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
54
54
|
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1/CHANGELOG.md
|
55
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.
|
55
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.8.0
|
56
56
|
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1
|
57
57
|
post_install_message:
|
58
58
|
rdoc_options: []
|
@@ -62,14 +62,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
62
62
|
requirements:
|
63
63
|
- - ">="
|
64
64
|
- !ruby/object:Gem::Version
|
65
|
-
version: '2.
|
65
|
+
version: '2.5'
|
66
66
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
67
67
|
requirements:
|
68
68
|
- - ">="
|
69
69
|
- !ruby/object:Gem::Version
|
70
70
|
version: '0'
|
71
71
|
requirements: []
|
72
|
-
rubygems_version: 3.2.
|
72
|
+
rubygems_version: 3.2.17
|
73
73
|
signing_key:
|
74
74
|
specification_version: 4
|
75
75
|
summary: Simple REST client for Security Token Service API V1
|