google-apis-sts_v1 0.7.0 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f700bd301750dcd980d291a558f5fc8daa7c3c7943ae74d4799608c45c8d7994
-  data.tar.gz: 817f5bfa83addd48afcaeb49e0a9cb6ee384359cfa596e08864af107309a81aa
+  metadata.gz: 4ec378c3f28e48d4d14908b20bd73da1b7143686f9e9bac0d033cc64f84ae83a
+  data.tar.gz: f0b43011036af601ec975bc7850591a60a616d0c4d4565ee15a4dd73a498574e
 SHA512:
-  metadata.gz: 1276f68c158b1d755438ff73a204c35e053af2ee3e35b71c1f12f13ff5483d25528fbb49ee01b74a7acab5d4673966069a10333680314557bac87fe64ddb48a9
-  data.tar.gz: 0ffd3a004ad9b95141a39ed5211375b6edccf458670f10bf838a225548404153ce4757bc0c1ed895b56370c7a5f42d69f43c525ac248bff2cb1633d5094df9c7
+  metadata.gz: 110bec876f174f7f85a9e3288a4a60f2cf3557b9ed4df505a041c0c8bde2ccd46e87fe5787fd7f8cbb569c2f0241e4cc8d3b8b25371dabb0cda328c2cd96b18a
+  data.tar.gz: c29b6d2ec46fe33ab4bfc22d71cc0d0160b31c8368e69ed4c64c54d02b63f481c36720456ad422ba72ec0e62be6e96cf4169cc922ae424eaa235dfc6c30b5747

data/CHANGELOG.md

@@ -1,5 +1,23 @@
 # Release history for google-apis-sts_v1
 
+### v0.11.0 (2021-07-31)
+
+* Regenerated from discovery document revision 20210723
+
+### v0.10.0 (2021-07-03)
+
+* Regenerated from discovery document revision 20210625
+* Regenerated using generator version 0.4.0
+
+### v0.9.0 (2021-06-24)
+
+* Unspecified changes
+
+### v0.8.0 (2021-06-19)
+
+* Regenerated from discovery document revision 20210613
+* Regenerated using generator version 0.3.0
+
 ### v0.7.0 (2021-05-27)
 
 * Regenerated from discovery document revision 20210517

data/lib/google/apis/sts_v1/classes.rb

@@ -27,8 +27,8 @@ module Google
         include Google::Apis::Core::Hashable
       
         # The full resource name of the identity provider; for example: `//iam.
-        # googleapis.com/projects//workloadIdentityPools//providers/`. Required when
-        # exchanging an external credential for a Google access token.
+        # googleapis.com/projects//locations/global/workloadIdentityPools//providers/`.
+        # Required when exchanging an external credential for a Google access token.
         # Corresponds to the JSON property `audience`
         # @return [String]
         attr_accessor :audience
@@ -63,15 +63,16 @@ module Google
         # by a workload identity pool provider, or a short-lived access token issued by
         # Google. If the token is an OIDC JWT, it must use the JWT format defined in [
         # RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type`
-        # must be `urn:ietf:params:oauth:token-type:jwt`. The following headers are
-        # required: - `kid`: The identifier of the signing key securing the JWT. - `alg`:
-        # The cryptographic algorithm securing the JWT. Must be `RS256` or `ES256`. The
-        # following payload fields are required. For more information, see [RFC 7523,
-        # Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer
-        # of the token. The issuer must provide a discovery document at the URL `/.well-
-        # known/openid-configuration`, where `` is the value of this field. The document
-        # must be formatted according to section 4.2 of the [OIDC 1.0 Discovery
-        # specification](https://openid.net/specs/openid-connect-discovery-1_0.html#
+        # must be either `urn:ietf:params:oauth:token-type:jwt` or `urn:ietf:params:
+        # oauth:token-type:id_token`. The following headers are required: - `kid`: The
+        # identifier of the signing key securing the JWT. - `alg`: The cryptographic
+        # algorithm securing the JWT. Must be `RS256` or `ES256`. The following payload
+        # fields are required. For more information, see [RFC 7523, Section 3](https://
+        # tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer of the token. The
+        # issuer must provide a discovery document at the URL `/.well-known/openid-
+        # configuration`, where `` is the value of this field. The document must be
+        # formatted according to section 4.2 of the [OIDC 1.0 Discovery specification](
+        # https://openid.net/specs/openid-connect-discovery-1_0.html#
         # ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the
         # Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds,
         # since the Unix epoch. Must be less than 48 hours after `iat`. Shorter
@@ -106,8 +107,8 @@ module Google
         # The full, canonical resource name of the workload identity pool provider, with
         # or without an `https:` prefix. To help ensure data integrity, we recommend
         # including this header in the `SignedHeaders` field of the signed request. For
-        # example: //iam.googleapis.com/projects//locations//workloadIdentityPools//
-        # providers/ https://iam.googleapis.com/projects//locations//
+        # example: //iam.googleapis.com/projects//locations/global/workloadIdentityPools/
+        # /providers/ https://iam.googleapis.com/projects//locations/global/
         # workloadIdentityPools//providers/ If you are using temporary security
         # credentials provided by AWS, you must also include the header `x-amz-security-
         # token`, with the value set to the session token. The following example shows a
@@ -115,8 +116,8 @@ module Google
         # 20200815T015049Z"`, `"key": "Authorization", "value": "AWS4-HMAC-SHA256+
         # Credential=$credential,+SignedHeaders=host;x-amz-date;x-goog-cloud-target-
         # resource,+Signature=$signature"`, `"key": "x-goog-cloud-target-resource", "
-        # value": "//iam.googleapis.com/projects//locations//workloadIdentityPools//
-        # providers/"`, `"key": "host", "value": "sts.amazonaws.com"` . ], "method": "
+        # value": "//iam.googleapis.com/projects//locations/global/workloadIdentityPools/
+        # /providers/"`, `"key": "host", "value": "sts.amazonaws.com"` . ], "method": "
         # POST", "url": "https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-
         # 06-15" ` ``` You can also use a Google-issued OAuth 2.0 access token with this
         # field to obtain an access token with new security attributes applied, such as
@@ -129,8 +130,8 @@ module Google
       
         # Required. An identifier that indicates the type of the security token in the `
         # subject_token` parameter. Supported values are `urn:ietf:params:oauth:token-
-        # type:jwt`, `urn:ietf:params:aws:token-type:aws4_request`, and `urn:ietf:params:
-        # oauth:token-type:access_token`.
+        # type:jwt`, `urn:ietf:params:oauth:token-type:id_token`, `urn:ietf:params:aws:
+        # token-type:aws4_request`, and `urn:ietf:params:oauth:token-type:access_token`.
         # Corresponds to the JSON property `subjectTokenType`
         # @return [String]
         attr_accessor :subject_token_type
@@ -195,6 +196,105 @@ module Google
           @token_type = args[:token_type] if args.key?(:token_type)
         end
       end
+      
+      # Request message for IntrospectToken.
+      class GoogleIdentityStsV1IntrospectTokenRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The OAuth 2.0 security token issued by the Security Token Service
+        # API.
+        # Corresponds to the JSON property `token`
+        # @return [String]
+        attr_accessor :token
+      
+        # Optional. The type of the given token. Supported values are `urn:ietf:params:
+        # oauth:token-type:access_token` and `access_token`.
+        # Corresponds to the JSON property `tokenTypeHint`
+        # @return [String]
+        attr_accessor :token_type_hint
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @token = args[:token] if args.key?(:token)
+          @token_type_hint = args[:token_type_hint] if args.key?(:token_type_hint)
+        end
+      end
+      
+      # Response message for IntrospectToken.
+      class GoogleIdentityStsV1IntrospectTokenResponse
+        include Google::Apis::Core::Hashable
+      
+        # A boolean value that indicates whether the provided access token is currently
+        # active.
+        # Corresponds to the JSON property `active`
+        # @return [Boolean]
+        attr_accessor :active
+        alias_method :active?, :active
+      
+        # The client identifier for the OAuth 2.0 client that requested the provided
+        # token.
+        # Corresponds to the JSON property `client_id`
+        # @return [String]
+        attr_accessor :client_id
+      
+        # The expiration timestamp, measured in the number of seconds since January 1
+        # 1970 UTC, indicating when this token will expire.
+        # Corresponds to the JSON property `exp`
+        # @return [Fixnum]
+        attr_accessor :exp
+      
+        # The issued timestamp, measured in the number of seconds since January 1 1970
+        # UTC, indicating when this token was originally issued.
+        # Corresponds to the JSON property `iat`
+        # @return [Fixnum]
+        attr_accessor :iat
+      
+        # The issuer of the provided token.
+        # Corresponds to the JSON property `iss`
+        # @return [String]
+        attr_accessor :iss
+      
+        # A list of scopes associated with the provided token.
+        # Corresponds to the JSON property `scope`
+        # @return [String]
+        attr_accessor :scope
+      
+        # The unique user ID associated with the provided token. For Google Accounts,
+        # this value is based on the Google Account's user ID. For federated identities,
+        # this value is based on the identity pool ID and the value of the mapped `
+        # google.subject` attribute.
+        # Corresponds to the JSON property `sub`
+        # @return [String]
+        attr_accessor :sub
+      
+        # The human-readable identifier for the token principal subject. For example, if
+        # the provided token is associated with a workload identity pool, this field
+        # contains a value in the following format: `principal://iam.googleapis.com/
+        # projects//locations/global/workloadIdentityPools//subject/`
+        # Corresponds to the JSON property `username`
+        # @return [String]
+        attr_accessor :username
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @active = args[:active] if args.key?(:active)
+          @client_id = args[:client_id] if args.key?(:client_id)
+          @exp = args[:exp] if args.key?(:exp)
+          @iat = args[:iat] if args.key?(:iat)
+          @iss = args[:iss] if args.key?(:iss)
+          @scope = args[:scope] if args.key?(:scope)
+          @sub = args[:sub] if args.key?(:sub)
+          @username = args[:username] if args.key?(:username)
+        end
+      end
     end
   end
 end

data/lib/google/apis/sts_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module StsV1
       # Version of the google-apis-sts_v1 gem
-      GEM_VERSION = "0.7.0"
+      GEM_VERSION = "0.11.0"
 
       # Version of the code generator used to generate this client
-      GENERATOR_VERSION = "0.2.0"
+      GENERATOR_VERSION = "0.4.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20210517"
+      REVISION = "20210723"
     end
   end
 end

data/lib/google/apis/sts_v1/representations.rb

@@ -34,6 +34,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityStsV1IntrospectTokenRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityStsV1IntrospectTokenResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class GoogleIdentityStsV1ExchangeTokenRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -56,6 +68,28 @@ module Google
           property :token_type, as: 'token_type'
         end
       end
+      
+      class GoogleIdentityStsV1IntrospectTokenRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :token, as: 'token'
+          property :token_type_hint, as: 'tokenTypeHint'
+        end
+      end
+      
+      class GoogleIdentityStsV1IntrospectTokenResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :active, as: 'active'
+          property :client_id, as: 'client_id'
+          property :exp, :numeric_string => true, as: 'exp'
+          property :iat, :numeric_string => true, as: 'iat'
+          property :iss, as: 'iss'
+          property :scope, as: 'scope'
+          property :sub, as: 'sub'
+          property :username, as: 'username'
+        end
+      end
     end
   end
 end

data/lib/google/apis/sts_v1/service.rb

@@ -50,6 +50,38 @@ module Google
           @batch_path = 'batch'
         end
         
+        # Gets information about a Google OAuth 2.0 access token issued by the Google
+        # Cloud [Security Token Service API](https://cloud.google.com/iam/docs/reference/
+        # sts/rest).
+        # @param [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest] google_identity_sts_v1_introspect_token_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def introspect(google_identity_sts_v1_introspect_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/introspect', options)
+          command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest::Representation
+          command.request_object = google_identity_sts_v1_introspect_token_request_object
+          command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse::Representation
+          command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
         # an external identity within a workload identity pool, or it applies a
         # Credential Access Boundary to a Google access token. When you call this method,

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-sts_v1
 version: !ruby/object:Gem::Version
-  version: 0.7.0
+  version: 0.11.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-05-31 00:00:00.000000000 Z
+date: 2021-08-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '0.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 2.a
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.4'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: 2.a
 description: This is the simple REST client for Security Token Service API V1. Simple
   REST clients are Ruby client libraries that provide access to Google services via
   their HTTP REST API endpoints. These libraries are generated and updated automatically
@@ -52,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.7.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.11.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1
 post_install_message: 
 rdoc_options: []