google-apis-sts_v1 0.8.0 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5efe5029ff15bc1c675500e4a4cc0e5c360e94e7f91853832e6f195a01d5150c
-  data.tar.gz: 295f3441cfe188a80ca51e329b4dc4adeba82f8897dbdaf517b1b936223251ab
+  metadata.gz: 971ef463a731e1e7f25c970b4383f02a60246ae28b41b6d72b895cb7a505d032
+  data.tar.gz: d3b560eeae4c7c819f6c002f6fb2db7a21cfdd2bd36b8b78650ea18e07e342f7
 SHA512:
-  metadata.gz: 2bcd13791b6dfd047e7542d9d0ab2addd69fdbb18ef85f4eaaed56355f2b91128636ba2e8d2713ee8702ac571a9988e11033c750d9ba9f8b995121dee04d0143
-  data.tar.gz: adb677c08b17f94427277450d1cb5f9151b37cad1194d8c8a92a66426da8bfecf351003a74d66d5f4e69a248126896e2217c5c1baf7606632fb3c9f62d3ac8e3
+  metadata.gz: ef27a26cc2bcc19c72506e4dad4c641b84090333495a7a959c7fda721af76174e8b5237da07f9175751dfc8dec972203614f4cbe9d43279b474f92eb8b91cb5f
+  data.tar.gz: 5bc59713e741271d653df347bf7a4ed8c98bd9234c431999bf6c0583ab3ec883dde9b627862cab3ac5d0af97ddbc4bab64d4bd9f4577d34b6262ebf6fed45778

data/CHANGELOG.md

@@ -1,5 +1,22 @@
 # Release history for google-apis-sts_v1
 
+### v0.12.0 (2021-09-01)
+
+* Regenerated from discovery document revision 20210822
+
+### v0.11.0 (2021-07-31)
+
+* Regenerated from discovery document revision 20210723
+
+### v0.10.0 (2021-07-03)
+
+* Regenerated from discovery document revision 20210625
+* Regenerated using generator version 0.4.0
+
+### v0.9.0 (2021-06-24)
+
+* Unspecified changes
+
 ### v0.8.0 (2021-06-19)
 
 * Regenerated from discovery document revision 20210613

data/lib/google/apis/sts_v1/classes.rb

@@ -22,13 +22,160 @@ module Google
   module Apis
     module StsV1
       
+      # Associates `members` with a `role`.
+      class GoogleIamV1Binding
+        include Google::Apis::Core::Hashable
+      
+        # Represents a textual expression in the Common Expression Language (CEL) syntax.
+        # CEL is a C-like expression language. The syntax and semantics of CEL are
+        # documented at https://github.com/google/cel-spec. Example (Comparison): title:
+        # "Summary size limit" description: "Determines if a summary is less than 100
+        # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
+        # Requestor is owner" description: "Determines if requestor is the document
+        # owner" expression: "document.owner == request.auth.claims.email" Example (
+        # Logic): title: "Public documents" description: "Determine whether the document
+        # should be publicly visible" expression: "document.type != 'private' &&
+        # document.type != 'internal'" Example (Data Manipulation): title: "Notification
+        # string" description: "Create a notification string with a timestamp."
+        # expression: "'New message received at ' + string(document.create_time)" The
+        # exact variables and functions that may be referenced within an expression are
+        # determined by the service that evaluates it. See the service documentation for
+        # additional information.
+        # Corresponds to the JSON property `condition`
+        # @return [Google::Apis::StsV1::GoogleTypeExpr]
+        attr_accessor :condition
+      
+        # Specifies the identities requesting access for a Cloud Platform resource. `
+        # members` can have the following values: * `allUsers`: A special identifier
+        # that represents anyone who is on the internet; with or without a Google
+        # account. * `allAuthenticatedUsers`: A special identifier that represents
+        # anyone who is authenticated with a Google account or a service account. * `
+        # user:`emailid``: An email address that represents a specific Google account.
+        # For example, `alice@example.com` . * `serviceAccount:`emailid``: An email
+        # address that represents a service account. For example, `my-other-app@appspot.
+        # gserviceaccount.com`. * `group:`emailid``: An email address that represents a
+        # Google group. For example, `admins@example.com`. * `deleted:user:`emailid`?uid=
+        # `uniqueid``: An email address (plus unique identifier) representing a user
+        # that has been recently deleted. For example, `alice@example.com?uid=
+        # 123456789012345678901`. If the user is recovered, this value reverts to `user:`
+        # emailid`` and the recovered user retains the role in the binding. * `deleted:
+        # serviceAccount:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a service account that has been recently deleted. For
+        # example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`.
+        # If the service account is undeleted, this value reverts to `serviceAccount:`
+        # emailid`` and the undeleted service account retains the role in the binding. *
+        # `deleted:group:`emailid`?uid=`uniqueid``: An email address (plus unique
+        # identifier) representing a Google group that has been recently deleted. For
+        # example, `admins@example.com?uid=123456789012345678901`. If the group is
+        # recovered, this value reverts to `group:`emailid`` and the recovered group
+        # retains the role in the binding. * `domain:`domain``: The G Suite domain (
+        # primary) that represents all the users of that domain. For example, `google.
+        # com` or `example.com`.
+        # Corresponds to the JSON property `members`
+        # @return [Array<String>]
+        attr_accessor :members
+      
+        # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`
+        # , or `roles/owner`.
+        # Corresponds to the JSON property `role`
+        # @return [String]
+        attr_accessor :role
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @condition = args[:condition] if args.key?(:condition)
+          @members = args[:members] if args.key?(:members)
+          @role = args[:role] if args.key?(:role)
+        end
+      end
+      
+      # An access boundary defines the upper bound of what a principal may access. It
+      # includes a list of access boundary rules that each defines the resource that
+      # may be allowed as well as permissions that may be used on those resources.
+      class GoogleIdentityStsV1AccessBoundary
+        include Google::Apis::Core::Hashable
+      
+        # A list of access boundary rules which defines the upper bound of the
+        # permission a principal may carry. If multiple rules are specified, the
+        # effective access boundary is the union of all the access boundary rules
+        # attached. One access boundary can contain at most 10 rules.
+        # Corresponds to the JSON property `accessBoundaryRules`
+        # @return [Array<Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundaryRule>]
+        attr_accessor :access_boundary_rules
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @access_boundary_rules = args[:access_boundary_rules] if args.key?(:access_boundary_rules)
+        end
+      end
+      
+      # An access boundary rule defines an upper bound of IAM permissions on a single
+      # resource.
+      class GoogleIdentityStsV1AccessBoundaryRule
+        include Google::Apis::Core::Hashable
+      
+        # Represents a textual expression in the Common Expression Language (CEL) syntax.
+        # CEL is a C-like expression language. The syntax and semantics of CEL are
+        # documented at https://github.com/google/cel-spec. Example (Comparison): title:
+        # "Summary size limit" description: "Determines if a summary is less than 100
+        # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
+        # Requestor is owner" description: "Determines if requestor is the document
+        # owner" expression: "document.owner == request.auth.claims.email" Example (
+        # Logic): title: "Public documents" description: "Determine whether the document
+        # should be publicly visible" expression: "document.type != 'private' &&
+        # document.type != 'internal'" Example (Data Manipulation): title: "Notification
+        # string" description: "Create a notification string with a timestamp."
+        # expression: "'New message received at ' + string(document.create_time)" The
+        # exact variables and functions that may be referenced within an expression are
+        # determined by the service that evaluates it. See the service documentation for
+        # additional information.
+        # Corresponds to the JSON property `availabilityCondition`
+        # @return [Google::Apis::StsV1::GoogleTypeExpr]
+        attr_accessor :availability_condition
+      
+        # A list of permissions that may be allowed for use on the specified resource.
+        # The only supported values in the list are IAM roles, following the format of
+        # google.iam.v1.Binding.role. Example value: `inRole:roles/logging.viewer` for
+        # predefined roles and `inRole:organizations/`ORGANIZATION_ID`/roles/logging.
+        # viewer` for custom roles.
+        # Corresponds to the JSON property `availablePermissions`
+        # @return [Array<String>]
+        attr_accessor :available_permissions
+      
+        # The full resource name of a Google Cloud resource entity. The format
+        # definition is at https://cloud.google.com/apis/design/resource_names. Example
+        # value: `//cloudresourcemanager.googleapis.com/projects/my-project`.
+        # Corresponds to the JSON property `availableResource`
+        # @return [String]
+        attr_accessor :available_resource
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
+          @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
+          @available_resource = args[:available_resource] if args.key?(:available_resource)
+        end
+      end
+      
       # Request message for ExchangeToken.
       class GoogleIdentityStsV1ExchangeTokenRequest
         include Google::Apis::Core::Hashable
       
         # The full resource name of the identity provider; for example: `//iam.
-        # googleapis.com/projects//workloadIdentityPools//providers/`. Required when
-        # exchanging an external credential for a Google access token.
+        # googleapis.com/projects//locations/global/workloadIdentityPools//providers/`.
+        # Required when exchanging an external credential for a Google access token.
         # Corresponds to the JSON property `audience`
         # @return [String]
         attr_accessor :audience
@@ -63,15 +210,16 @@ module Google
         # by a workload identity pool provider, or a short-lived access token issued by
         # Google. If the token is an OIDC JWT, it must use the JWT format defined in [
         # RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type`
-        # must be `urn:ietf:params:oauth:token-type:jwt`. The following headers are
-        # required: - `kid`: The identifier of the signing key securing the JWT. - `alg`:
-        # The cryptographic algorithm securing the JWT. Must be `RS256` or `ES256`. The
-        # following payload fields are required. For more information, see [RFC 7523,
-        # Section 3](https://tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer
-        # of the token. The issuer must provide a discovery document at the URL `/.well-
-        # known/openid-configuration`, where `` is the value of this field. The document
-        # must be formatted according to section 4.2 of the [OIDC 1.0 Discovery
-        # specification](https://openid.net/specs/openid-connect-discovery-1_0.html#
+        # must be either `urn:ietf:params:oauth:token-type:jwt` or `urn:ietf:params:
+        # oauth:token-type:id_token`. The following headers are required: - `kid`: The
+        # identifier of the signing key securing the JWT. - `alg`: The cryptographic
+        # algorithm securing the JWT. Must be `RS256` or `ES256`. The following payload
+        # fields are required. For more information, see [RFC 7523, Section 3](https://
+        # tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer of the token. The
+        # issuer must provide a discovery document at the URL `/.well-known/openid-
+        # configuration`, where `` is the value of this field. The document must be
+        # formatted according to section 4.2 of the [OIDC 1.0 Discovery specification](
+        # https://openid.net/specs/openid-connect-discovery-1_0.html#
         # ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the
         # Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds,
         # since the Unix epoch. Must be less than 48 hours after `iat`. Shorter
@@ -106,8 +254,8 @@ module Google
         # The full, canonical resource name of the workload identity pool provider, with
         # or without an `https:` prefix. To help ensure data integrity, we recommend
         # including this header in the `SignedHeaders` field of the signed request. For
-        # example: //iam.googleapis.com/projects//locations//workloadIdentityPools//
-        # providers/ https://iam.googleapis.com/projects//locations//
+        # example: //iam.googleapis.com/projects//locations/global/workloadIdentityPools/
+        # /providers/ https://iam.googleapis.com/projects//locations/global/
         # workloadIdentityPools//providers/ If you are using temporary security
         # credentials provided by AWS, you must also include the header `x-amz-security-
         # token`, with the value set to the session token. The following example shows a
@@ -115,8 +263,8 @@ module Google
         # 20200815T015049Z"`, `"key": "Authorization", "value": "AWS4-HMAC-SHA256+
         # Credential=$credential,+SignedHeaders=host;x-amz-date;x-goog-cloud-target-
         # resource,+Signature=$signature"`, `"key": "x-goog-cloud-target-resource", "
-        # value": "//iam.googleapis.com/projects//locations//workloadIdentityPools//
-        # providers/"`, `"key": "host", "value": "sts.amazonaws.com"` . ], "method": "
+        # value": "//iam.googleapis.com/projects//locations/global/workloadIdentityPools/
+        # /providers/"`, `"key": "host", "value": "sts.amazonaws.com"` . ], "method": "
         # POST", "url": "https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-
         # 06-15" ` ``` You can also use a Google-issued OAuth 2.0 access token with this
         # field to obtain an access token with new security attributes applied, such as
@@ -129,8 +277,8 @@ module Google
       
         # Required. An identifier that indicates the type of the security token in the `
         # subject_token` parameter. Supported values are `urn:ietf:params:oauth:token-
-        # type:jwt`, `urn:ietf:params:aws:token-type:aws4_request`, and `urn:ietf:params:
-        # oauth:token-type:access_token`.
+        # type:jwt`, `urn:ietf:params:oauth:token-type:id_token`, `urn:ietf:params:aws:
+        # token-type:aws4_request`, and `urn:ietf:params:oauth:token-type:access_token`.
         # Corresponds to the JSON property `subjectTokenType`
         # @return [String]
         attr_accessor :subject_token_type
@@ -196,21 +344,61 @@ module Google
         end
       end
       
-      # Request message for IntrospectToken.
-      class GoogleIdentityStsV1IntrospectTokenRequest
+      # An `Options` object configures features that the Security Token Service
+      # supports, but that are not supported by standard OAuth 2.0 token exchange
+      # endpoints, as defined in https://tools.ietf.org/html/rfc8693.
+      class GoogleIdentityStsV1Options
         include Google::Apis::Core::Hashable
       
-        # Required. The OAuth 2.0 security token issued by the Security Token Service
-        # API.
-        # Corresponds to the JSON property `token`
+        # An access boundary defines the upper bound of what a principal may access. It
+        # includes a list of access boundary rules that each defines the resource that
+        # may be allowed as well as permissions that may be used on those resources.
+        # Corresponds to the JSON property `accessBoundary`
+        # @return [Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundary]
+        attr_accessor :access_boundary
+      
+        # The intended audience(s) of the credential. The audience value(s) should be
+        # the name(s) of services intended to receive the credential. Example: `["https:/
+        # /pubsub.googleapis.com/", "https://storage.googleapis.com/"]`. A maximum of 5
+        # audiences can be included. For each provided audience, the maximum length is
+        # 262 characters.
+        # Corresponds to the JSON property `audiences`
+        # @return [Array<String>]
+        attr_accessor :audiences
+      
+        # A Google project used for quota and billing purposes when the credential is
+        # used to access Google APIs. The provided project overrides the project bound
+        # to the credential. The value must be a project number or a project ID. Example:
+        # `my-sample-project-191923`. The maximum length is 32 characters.
+        # Corresponds to the JSON property `userProject`
         # @return [String]
-        attr_accessor :token
+        attr_accessor :user_project
       
-        # Optional. The type of the given token. Supported values are `urn:ietf:params:
-        # oauth:token-type:access_token` and `access_token`.
-        # Corresponds to the JSON property `tokenTypeHint`
-        # @return [String]
-        attr_accessor :token_type_hint
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @access_boundary = args[:access_boundary] if args.key?(:access_boundary)
+          @audiences = args[:audiences] if args.key?(:audiences)
+          @user_project = args[:user_project] if args.key?(:user_project)
+        end
+      end
+      
+      # An access boundary defines the upper bound of what a principal may access. It
+      # includes a list of access boundary rules that each defines the resource that
+      # may be allowed as well as permissions that may be used on those resources.
+      class GoogleIdentityStsV1betaAccessBoundary
+        include Google::Apis::Core::Hashable
+      
+        # A list of access boundary rules which defines the upper bound of the
+        # permission a principal may carry. If multiple rules are specified, the
+        # effective access boundary is the union of all the access boundary rules
+        # attached. One access boundary can contain at most 10 rules.
+        # Corresponds to the JSON property `accessBoundaryRules`
+        # @return [Array<Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundaryRule>]
+        attr_accessor :access_boundary_rules
       
         def initialize(**args)
            update!(**args)
@@ -218,65 +406,144 @@ module Google
       
         # Update properties of this object
         def update!(**args)
-          @token = args[:token] if args.key?(:token)
-          @token_type_hint = args[:token_type_hint] if args.key?(:token_type_hint)
+          @access_boundary_rules = args[:access_boundary_rules] if args.key?(:access_boundary_rules)
         end
       end
       
-      # Response message for IntrospectToken.
-      class GoogleIdentityStsV1IntrospectTokenResponse
+      # An access boundary rule defines an upper bound of IAM permissions on a single
+      # resource.
+      class GoogleIdentityStsV1betaAccessBoundaryRule
         include Google::Apis::Core::Hashable
       
-        # A boolean value that indicates whether the provided access token is currently
-        # active.
-        # Corresponds to the JSON property `active`
-        # @return [Boolean]
-        attr_accessor :active
-        alias_method :active?, :active
+        # Represents a textual expression in the Common Expression Language (CEL) syntax.
+        # CEL is a C-like expression language. The syntax and semantics of CEL are
+        # documented at https://github.com/google/cel-spec. Example (Comparison): title:
+        # "Summary size limit" description: "Determines if a summary is less than 100
+        # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
+        # Requestor is owner" description: "Determines if requestor is the document
+        # owner" expression: "document.owner == request.auth.claims.email" Example (
+        # Logic): title: "Public documents" description: "Determine whether the document
+        # should be publicly visible" expression: "document.type != 'private' &&
+        # document.type != 'internal'" Example (Data Manipulation): title: "Notification
+        # string" description: "Create a notification string with a timestamp."
+        # expression: "'New message received at ' + string(document.create_time)" The
+        # exact variables and functions that may be referenced within an expression are
+        # determined by the service that evaluates it. See the service documentation for
+        # additional information.
+        # Corresponds to the JSON property `availabilityCondition`
+        # @return [Google::Apis::StsV1::GoogleTypeExpr]
+        attr_accessor :availability_condition
+      
+        # A list of permissions that may be allowed for use on the specified resource.
+        # The only supported values in the list are IAM roles, following the format of
+        # google.iam.v1.Binding.role. Example value: `inRole:roles/logging.viewer` for
+        # predefined roles and `inRole:organizations/`ORGANIZATION_ID`/roles/logging.
+        # viewer` for custom roles.
+        # Corresponds to the JSON property `availablePermissions`
+        # @return [Array<String>]
+        attr_accessor :available_permissions
+      
+        # The full resource name of a Google Cloud resource entity. The format
+        # definition is at https://cloud.google.com/apis/design/resource_names. Example
+        # value: `//cloudresourcemanager.googleapis.com/projects/my-project`.
+        # Corresponds to the JSON property `availableResource`
+        # @return [String]
+        attr_accessor :available_resource
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @availability_condition = args[:availability_condition] if args.key?(:availability_condition)
+          @available_permissions = args[:available_permissions] if args.key?(:available_permissions)
+          @available_resource = args[:available_resource] if args.key?(:available_resource)
+        end
+      end
+      
+      # An `Options` object configures features that the Security Token Service
+      # supports, but that are not supported by standard OAuth 2.0 token exchange
+      # endpoints, as defined in https://tools.ietf.org/html/rfc8693.
+      class GoogleIdentityStsV1betaOptions
+        include Google::Apis::Core::Hashable
       
-        # The client identifier for the OAuth 2.0 client that requested the provided
-        # token.
-        # Corresponds to the JSON property `client_id`
+        # An access boundary defines the upper bound of what a principal may access. It
+        # includes a list of access boundary rules that each defines the resource that
+        # may be allowed as well as permissions that may be used on those resources.
+        # Corresponds to the JSON property `accessBoundary`
+        # @return [Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundary]
+        attr_accessor :access_boundary
+      
+        # The intended audience(s) of the credential. The audience value(s) should be
+        # the name(s) of services intended to receive the credential. Example: `["https:/
+        # /pubsub.googleapis.com/", "https://storage.googleapis.com/"]`. A maximum of 5
+        # audiences can be included. For each provided audience, the maximum length is
+        # 262 characters.
+        # Corresponds to the JSON property `audiences`
+        # @return [Array<String>]
+        attr_accessor :audiences
+      
+        # A Google project used for quota and billing purposes when the credential is
+        # used to access Google APIs. The provided project overrides the project bound
+        # to the credential. The value must be a project number or a project ID. Example:
+        # `my-sample-project-191923`. The maximum length is 32 characters.
+        # Corresponds to the JSON property `userProject`
         # @return [String]
-        attr_accessor :client_id
+        attr_accessor :user_project
       
-        # The expiration timestamp, measured in the number of seconds since January 1
-        # 1970 UTC, indicating when this token will expire.
-        # Corresponds to the JSON property `exp`
-        # @return [Fixnum]
-        attr_accessor :exp
+        def initialize(**args)
+           update!(**args)
+        end
       
-        # The issued timestamp, measured in the number of seconds since January 1 1970
-        # UTC, indicating when this token was originally issued.
-        # Corresponds to the JSON property `iat`
-        # @return [Fixnum]
-        attr_accessor :iat
+        # Update properties of this object
+        def update!(**args)
+          @access_boundary = args[:access_boundary] if args.key?(:access_boundary)
+          @audiences = args[:audiences] if args.key?(:audiences)
+          @user_project = args[:user_project] if args.key?(:user_project)
+        end
+      end
       
-        # The issuer of the provided token.
-        # Corresponds to the JSON property `iss`
+      # Represents a textual expression in the Common Expression Language (CEL) syntax.
+      # CEL is a C-like expression language. The syntax and semantics of CEL are
+      # documented at https://github.com/google/cel-spec. Example (Comparison): title:
+      # "Summary size limit" description: "Determines if a summary is less than 100
+      # chars" expression: "document.summary.size() < 100" Example (Equality): title: "
+      # Requestor is owner" description: "Determines if requestor is the document
+      # owner" expression: "document.owner == request.auth.claims.email" Example (
+      # Logic): title: "Public documents" description: "Determine whether the document
+      # should be publicly visible" expression: "document.type != 'private' &&
+      # document.type != 'internal'" Example (Data Manipulation): title: "Notification
+      # string" description: "Create a notification string with a timestamp."
+      # expression: "'New message received at ' + string(document.create_time)" The
+      # exact variables and functions that may be referenced within an expression are
+      # determined by the service that evaluates it. See the service documentation for
+      # additional information.
+      class GoogleTypeExpr
+        include Google::Apis::Core::Hashable
+      
+        # Optional. Description of the expression. This is a longer text which describes
+        # the expression, e.g. when hovered over it in a UI.
+        # Corresponds to the JSON property `description`
         # @return [String]
-        attr_accessor :iss
+        attr_accessor :description
       
-        # A list of scopes associated with the provided token.
-        # Corresponds to the JSON property `scope`
+        # Textual representation of an expression in Common Expression Language syntax.
+        # Corresponds to the JSON property `expression`
         # @return [String]
-        attr_accessor :scope
+        attr_accessor :expression
       
-        # The unique user ID associated with the provided token. For Google Accounts,
-        # this value is based on the Google Account's user ID. For federated identities,
-        # this value is based on the identity pool ID and the value of the mapped `
-        # google.subject` attribute.
-        # Corresponds to the JSON property `sub`
+        # Optional. String indicating the location of the expression for error reporting,
+        # e.g. a file name and a position in the file.
+        # Corresponds to the JSON property `location`
         # @return [String]
-        attr_accessor :sub
+        attr_accessor :location
       
-        # The human-readable identifier for the token principal subject. For example, if
-        # the provided token is associated with a workload identity pool, this field
-        # contains a value in the following format: `principal://iam.googleapis.com/
-        # projects//locations//workloadIdentityPools//subject/`
-        # Corresponds to the JSON property `username`
+        # Optional. Title for the expression, i.e. a short string describing its purpose.
+        # This can be used e.g. in UIs which allow to enter the expression.
+        # Corresponds to the JSON property `title`
         # @return [String]
-        attr_accessor :username
+        attr_accessor :title
       
         def initialize(**args)
            update!(**args)
@@ -284,14 +551,10 @@ module Google
       
         # Update properties of this object
         def update!(**args)
-          @active = args[:active] if args.key?(:active)
-          @client_id = args[:client_id] if args.key?(:client_id)
-          @exp = args[:exp] if args.key?(:exp)
-          @iat = args[:iat] if args.key?(:iat)
-          @iss = args[:iss] if args.key?(:iss)
-          @scope = args[:scope] if args.key?(:scope)
-          @sub = args[:sub] if args.key?(:sub)
-          @username = args[:username] if args.key?(:username)
+          @description = args[:description] if args.key?(:description)
+          @expression = args[:expression] if args.key?(:expression)
+          @location = args[:location] if args.key?(:location)
+          @title = args[:title] if args.key?(:title)
         end
       end
     end

data/lib/google/apis/sts_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module StsV1
       # Version of the google-apis-sts_v1 gem
-      GEM_VERSION = "0.8.0"
+      GEM_VERSION = "0.12.0"
 
       # Version of the code generator used to generate this client
-      GENERATOR_VERSION = "0.3.0"
+      GENERATOR_VERSION = "0.4.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20210613"
+      REVISION = "20210822"
     end
   end
 end

data/lib/google/apis/sts_v1/representations.rb

@@ -22,6 +22,24 @@ module Google
   module Apis
     module StsV1
       
+      class GoogleIamV1Binding
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityStsV1AccessBoundary
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityStsV1AccessBoundaryRule
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class GoogleIdentityStsV1ExchangeTokenRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -34,18 +52,64 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
-      class GoogleIdentityStsV1IntrospectTokenRequest
+      class GoogleIdentityStsV1Options
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIdentityStsV1betaAccessBoundary
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
         include Google::Apis::Core::JsonObjectSupport
       end
       
-      class GoogleIdentityStsV1IntrospectTokenResponse
+      class GoogleIdentityStsV1betaAccessBoundaryRule
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GoogleIdentityStsV1betaOptions
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleTypeExpr
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GoogleIamV1Binding
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :condition, as: 'condition', class: Google::Apis::StsV1::GoogleTypeExpr, decorator: Google::Apis::StsV1::GoogleTypeExpr::Representation
+      
+          collection :members, as: 'members'
+          property :role, as: 'role'
+        end
+      end
+      
+      class GoogleIdentityStsV1AccessBoundary
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          collection :access_boundary_rules, as: 'accessBoundaryRules', class: Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundaryRule, decorator: Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundaryRule::Representation
+      
+        end
+      end
+      
+      class GoogleIdentityStsV1AccessBoundaryRule
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :availability_condition, as: 'availabilityCondition', class: Google::Apis::StsV1::GoogleTypeExpr, decorator: Google::Apis::StsV1::GoogleTypeExpr::Representation
+      
+          collection :available_permissions, as: 'availablePermissions'
+          property :available_resource, as: 'availableResource'
+        end
+      end
+      
       class GoogleIdentityStsV1ExchangeTokenRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -69,25 +133,51 @@ module Google
         end
       end
       
-      class GoogleIdentityStsV1IntrospectTokenRequest
+      class GoogleIdentityStsV1Options
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
-          property :token, as: 'token'
-          property :token_type_hint, as: 'tokenTypeHint'
+          property :access_boundary, as: 'accessBoundary', class: Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundary, decorator: Google::Apis::StsV1::GoogleIdentityStsV1AccessBoundary::Representation
+      
+          collection :audiences, as: 'audiences'
+          property :user_project, as: 'userProject'
         end
       end
       
-      class GoogleIdentityStsV1IntrospectTokenResponse
+      class GoogleIdentityStsV1betaAccessBoundary
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
-          property :active, as: 'active'
-          property :client_id, as: 'client_id'
-          property :exp, :numeric_string => true, as: 'exp'
-          property :iat, :numeric_string => true, as: 'iat'
-          property :iss, as: 'iss'
-          property :scope, as: 'scope'
-          property :sub, as: 'sub'
-          property :username, as: 'username'
+          collection :access_boundary_rules, as: 'accessBoundaryRules', class: Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundaryRule, decorator: Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundaryRule::Representation
+      
+        end
+      end
+      
+      class GoogleIdentityStsV1betaAccessBoundaryRule
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :availability_condition, as: 'availabilityCondition', class: Google::Apis::StsV1::GoogleTypeExpr, decorator: Google::Apis::StsV1::GoogleTypeExpr::Representation
+      
+          collection :available_permissions, as: 'availablePermissions'
+          property :available_resource, as: 'availableResource'
+        end
+      end
+      
+      class GoogleIdentityStsV1betaOptions
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :access_boundary, as: 'accessBoundary', class: Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundary, decorator: Google::Apis::StsV1::GoogleIdentityStsV1betaAccessBoundary::Representation
+      
+          collection :audiences, as: 'audiences'
+          property :user_project, as: 'userProject'
+        end
+      end
+      
+      class GoogleTypeExpr
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :description, as: 'description'
+          property :expression, as: 'expression'
+          property :location, as: 'location'
+          property :title, as: 'title'
         end
       end
     end

data/lib/google/apis/sts_v1/service.rb

@@ -50,38 +50,6 @@ module Google
           @batch_path = 'batch'
         end
         
-        # Gets information about a Google OAuth 2.0 access token issued by the Google
-        # Cloud [Security Token Service API](https://cloud.google.com/iam/docs/reference/
-        # sts/rest).
-        # @param [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest] google_identity_sts_v1_introspect_token_request_object
-        # @param [String] fields
-        #   Selector specifying which fields to include in a partial response.
-        # @param [String] quota_user
-        #   Available to use for quota purposes for server-side applications. Can be any
-        #   arbitrary string assigned to a user, but should not exceed 40 characters.
-        # @param [Google::Apis::RequestOptions] options
-        #   Request-specific options
-        #
-        # @yield [result, err] Result & error if block supplied
-        # @yieldparam result [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse] parsed result object
-        # @yieldparam err [StandardError] error object if request failed
-        #
-        # @return [Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse]
-        #
-        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
-        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
-        # @raise [Google::Apis::AuthorizationError] Authorization is required
-        def introspect(google_identity_sts_v1_introspect_token_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
-          command = make_simple_command(:post, 'v1/introspect', options)
-          command.request_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenRequest::Representation
-          command.request_object = google_identity_sts_v1_introspect_token_request_object
-          command.response_representation = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse::Representation
-          command.response_class = Google::Apis::StsV1::GoogleIdentityStsV1IntrospectTokenResponse
-          command.query['fields'] = fields unless fields.nil?
-          command.query['quotaUser'] = quota_user unless quota_user.nil?
-          execute_or_queue_command(command, &block)
-        end
-        
         # Exchanges a credential for a Google OAuth 2.0 access token. The token asserts
         # an external identity within a workload identity pool, or it applies a
         # Credential Access Boundary to a Google access token. When you call this method,

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-sts_v1
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.12.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-21 00:00:00.000000000 Z
+date: 2021-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '0.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 2.a
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.4'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: 2.a
 description: This is the simple REST client for Security Token Service API V1. Simple
   REST clients are Ruby client libraries that provide access to Google services via
   their HTTP REST API endpoints. These libraries are generated and updated automatically
@@ -52,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.8.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1/v0.12.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1
 post_install_message: 
 rdoc_options: []