google-apis-sts_v1 0.3.0 → 0.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 56ac51449e0acb3dbff11f11a22053cb7278ef40ffbc053625b3c89c3565b433
-  data.tar.gz: a6148ba0c033f2b47237fc1c377bcca7bc796b7ba3b84e34b6b2285c8412c936
+  metadata.gz: 5efe5029ff15bc1c675500e4a4cc0e5c360e94e7f91853832e6f195a01d5150c
+  data.tar.gz: 295f3441cfe188a80ca51e329b4dc4adeba82f8897dbdaf517b1b936223251ab
 SHA512:
-  metadata.gz: ced8373b31291feac41c16c49a5dce5800187ffc1b9ddf5aac618706d1e2bfaaecc136d6d0698d9fedf1a6a6907fdccc8b80e0d9a99375a62b24e939c5191b8c
-  data.tar.gz: a174d58e54c9110c0f9b7bddbd18be2513d7f2f0217708203e4f9ac49566a89d6a0f3c699f85861d24125f1acb1a62df863a6a90c098e59f6a13dcaa410ec936
+  metadata.gz: 2bcd13791b6dfd047e7542d9d0ab2addd69fdbb18ef85f4eaaed56355f2b91128636ba2e8d2713ee8702ac571a9988e11033c750d9ba9f8b995121dee04d0143
+  data.tar.gz: adb677c08b17f94427277450d1cb5f9151b37cad1194d8c8a92a66426da8bfecf351003a74d66d5f4e69a248126896e2217c5c1baf7606632fb3c9f62d3ac8e3

data/CHANGELOG.md

@@ -1,5 +1,27 @@
 # Release history for google-apis-sts_v1
 
+### v0.8.0 (2021-06-19)
+
+* Regenerated from discovery document revision 20210613
+* Regenerated using generator version 0.3.0
+
+### v0.7.0 (2021-05-27)
+
+* Regenerated from discovery document revision 20210517
+
+### v0.6.0 (2021-05-20)
+
+* Unspecified changes
+
+### v0.5.0 (2021-05-15)
+
+* Regenerated from discovery document revision 20210508
+* Regenerated using generator version 0.2.0
+
+### v0.4.0 (2021-03-04)
+
+* Unspecified changes
+
 ### v0.3.0 (2021-02-12)
 
 * Regenerated from discovery document revision 20210206

data/lib/google/apis/sts_v1/classes.rb

@@ -59,28 +59,32 @@ module Google
         # @return [String]
         attr_accessor :scope
       
-        # Required. The input token. This token is a either an external credential
-        # issued by a workload identity pool provider, or a short-lived access token
-        # issued by Google. If the token is an OIDC JWT, it must use the JWT format
-        # defined in [RFC 7523](https://tools.ietf.org/html/rfc7523), and the `
-        # subject_token_type` must be `urn:ietf:params:oauth:token-type:jwt`. The
-        # following headers are required: - `kid`: The identifier of the signing key
-        # securing the JWT. - `alg`: The cryptographic algorithm securing the JWT. Must
-        # be `RS256`. The following payload fields are required. For more information,
-        # see [RFC 7523, Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `
-        # iss`: The issuer of the token. The issuer must provide a discovery document at
-        # the URL `/.well-known/openid-configuration`, where `` is the value of this
-        # field. The document must be formatted according to section 4.2 of the [OIDC 1.
-        # 0 Discovery specification](https://openid.net/specs/openid-connect-discovery-
-        # 1_0.html#ProviderConfigurationResponse). - `iat`: The issue time, in seconds,
-        # since the Unix epoch. Must be in the past. - `exp`: The expiration time, in
-        # seconds, since the Unix epoch. Must be less than 48 hours after `iat`. Shorter
+        # Required. The input token. This token is either an external credential issued
+        # by a workload identity pool provider, or a short-lived access token issued by
+        # Google. If the token is an OIDC JWT, it must use the JWT format defined in [
+        # RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type`
+        # must be `urn:ietf:params:oauth:token-type:jwt`. The following headers are
+        # required: - `kid`: The identifier of the signing key securing the JWT. - `alg`:
+        # The cryptographic algorithm securing the JWT. Must be `RS256` or `ES256`. The
+        # following payload fields are required. For more information, see [RFC 7523,
+        # Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer
+        # of the token. The issuer must provide a discovery document at the URL `/.well-
+        # known/openid-configuration`, where `` is the value of this field. The document
+        # must be formatted according to section 4.2 of the [OIDC 1.0 Discovery
+        # specification](https://openid.net/specs/openid-connect-discovery-1_0.html#
+        # ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the
+        # Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds,
+        # since the Unix epoch. Must be less than 48 hours after `iat`. Shorter
         # expiration times are more secure. If possible, we recommend setting an
         # expiration time less than 6 hours. - `sub`: The identity asserted in the JWT. -
-        # `aud`: Configured by the mapper policy. The default value is the service
-        # account's unique ID. Example header: ``` ` "alg": "RS256", "kid": "us-east-11"
-        # ` ``` Example payload: ``` ` "iss": "https://accounts.google.com", "iat":
-        # 1517963104, "exp": 1517966704, "aud": "113475438248934895348", "sub": "
+        # `aud`: For workload identity pools, this must be a value specified in the
+        # allowed audiences for the workload identity pool provider, or one of the
+        # audiences allowed by default if no audiences were specified. See https://cloud.
+        # google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.
+        # providers#oidc Example header: ``` ` "alg": "RS256", "kid": "us-east-11" ` ```
+        # Example payload: ``` ` "iss": "https://accounts.google.com", "iat": 1517963104,
+        # "exp": 1517966704, "aud": "//iam.googleapis.com/projects/1234567890123/
+        # locations/global/workloadIdentityPools/my-pool/providers/my-provider", "sub": "
         # 113475438248934895348", "my_claims": ` "additional_claim": "value" ` ` ``` If `
         # subject_token` is for AWS, it must be a serialized `GetCallerIdentity` token.
         # This token contains the same information as a request to the AWS [`
@@ -191,6 +195,105 @@ module Google
           @token_type = args[:token_type] if args.key?(:token_type)
         end
       end
+      
+      # Request message for IntrospectToken.
+      class GoogleIdentityStsV1IntrospectTokenRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The OAuth 2.0 security token issued by the Security Token Service
+        # API.
+        # Corresponds to the JSON property `token`
+        # @return [String]
+        attr_accessor :token
+      
+        # Optional. The type of the given token. Supported values are `urn:ietf:params:
+        # oauth:token-type:access_token` and `access_token`.
+        # Corresponds to the JSON property `tokenTypeHint`
+        # @return [String]
+        attr_accessor :token_type_hint
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @token = args[:token] if args.key?(:token)
+          @token_type_hint = args[:token_type_hint] if args.key?(:token_type_hint)
+        end
+      end
+      
+      # Response message for IntrospectToken.
+      class GoogleIdentityStsV1IntrospectTokenResponse
+        include Google::Apis::Core::Hashable
+      
+        # A boolean value that indicates whether the provided access token is currently
+        # active.
+        # Corresponds to the JSON property `active`
+        # @return [Boolean]
+        attr_accessor :active
+        alias_method :active?, :active
+      
+        # The client identifier for the OAuth 2.0 client that requested the provided
+        # token.
+        # Corresponds to the JSON property `client_id`
+        # @return [String]
+        attr_accessor :client_id
+      
+        # The expiration timestamp, measured in the number of seconds since January 1
+        # 1970 UTC, indicating when this token will expire.
+        # Corresponds to the JSON property `exp`
+        # @return [Fixnum]
+        attr_accessor :exp
+      
+        # The issued timestamp, measured in the number of seconds since January 1 1970
+        # UTC, indicating when this token was originally issued.
+        # Corresponds to the JSON property `iat`
+        # @return [Fixnum]
+        attr_accessor :iat
+      
+        # The issuer of the provided token.
+        # Corresponds to the JSON property `iss`
+        # @return [String]
+        attr_accessor :iss
+      
+        # A list of scopes associated with the provided token.
+        # Corresponds to the JSON property `scope`
+        # @return [String]
+        attr_accessor :scope
+      
+        # The unique user ID associated with the provided token. For Google Accounts,
+        # this value is based on the Google Account's user ID. For federated identities,
+        # this value is based on the identity pool ID and the value of the mapped `
+        # google.subject` attribute.
+        # Corresponds to the JSON property `sub`
+        # @return [String]
+        attr_accessor :sub
+      
+        # The human-readable identifier for the token principal subject. For example, if
+        # the provided token is associated with a workload identity pool, this field
+        # contains a value in the following format: `principal://iam.googleapis.com/
+        # projects//locations//workloadIdentityPools//subject/`
+        # Corresponds to the JSON property `username`
+        # @return [String]
+        attr_accessor :username
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @active = args[:active] if args.key?(:active)
+          @client_id = args[:client_id] if args.key?(:client_id)
+          @exp = args[:exp] if args.key?(:exp)
+          @iat = args[:iat] if args.key?(:iat)
+          @iss = args[:iss] if args.key?(:iss)
+          @scope = args[:scope] if args.key?(:scope)
+          @sub = args[:sub] if args.key?(:sub)
+          @username = args[:username] if args.key?(:username)
+        end
+      end
     end
   end
 end

data/lib/google/apis/sts_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module StsV1
       # Version of the google-apis-sts_v1 gem
-      GEM_VERSION = "0.3.0"
+      GEM_VERSION = "0.8.0"
 
       # Version of the code generator used to generate this client
-      GENERATOR_VERSION = "0.1.2"
+      GENERATOR_VERSION = "0.3.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20210206"
+      REVISION = "20210613"
     end
   end
 end

data/lib/google/apis/sts_v1/representations.rb

@@ -34,6 +34,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityStsV1IntrospectTokenRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityStsV1IntrospectTokenResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class GoogleIdentityStsV1ExchangeTokenRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -56,6 +68,28 @@ module Google
           property :token_type, as: 'token_type'
         end
       end
+      
+      class GoogleIdentityStsV1IntrospectTokenRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :token, as: 'token'
+          property :token_type_hint, as: 'tokenTypeHint'
+        end
+      end
+      
+      class GoogleIdentityStsV1IntrospectTokenResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :active, as: 'active'
+          property :client_id, as: 'client_id'
+          property :exp, :numeric_string => true, as: 'exp'
+          property :iat, :numeric_string => true, as: 'iat'
+          property :iss, as: 'iss'
+          property :scope, as: 'scope'
+          property :sub, as: 'sub'
+          property :username, as: 'username'
+        end
+      end
     end
   end
 end

data/lib/google/apis/sts_v1/service.rb

@@ -50,6 +50,38 @@ module Google
           @batch_path = 'batch'
         end
         
+        # Gets information about a Google OAuth 2.0 access token issued by the Google
+        # Cloud [Security Token Service API](https://cloud.google.com/iam/docs/reference/
+        # sts/rest).
+        # @param [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest] google_identity_sts_v1_introspect_token_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def introspect(google_identity_sts_v1_introspect_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/introspect', options)
+          command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest::Representation
+          command.request_object = google_identity_sts_v1_introspect_token_request_object
+          command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse::Representation
+          command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
         # an external identity within a workload identity pool, or it applies a
         # Credential Access Boundary to a Google access token. When you call this method,

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-sts_v1
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.8.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-02-15 00:00:00.000000000 Z
+date: 2021-06-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -52,7 +52,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.3.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.8.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1
 post_install_message: 
 rdoc_options: []
@@ -62,14 +62,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.6
+rubygems_version: 3.2.17
 signing_key: 
 specification_version: 4
 summary: Simple REST client for Security Token Service API V1