google-apis-sts_v1beta 0.6.0 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -0
- data/lib/google/apis/sts_v1beta/classes.rb +50 -50
- data/lib/google/apis/sts_v1beta/gem_version.rb +3 -3
- metadata +13 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2483a4838e1e17f99ae3a1a3ee9012a9ebb206374d9012110f58d948818a73cd
|
4
|
+
data.tar.gz: fb4968eb4b5f8b645521d6ea63fd8b1ad3554348a52340646dafbc66640f644f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ac35d4af28bafd5e0164e1d17d586f97884164200a26593aeeb42221bceb90acd7da3bef58ae59a93aa3f8ae8cd6617a8de03e430791f701532fccecd74181ba
|
7
|
+
data.tar.gz: 863d83311cecaf5954e028d363d540fd12c9f5d1f5426cb3db64a8a09e01f17ea3ce47183c2e2a90c40a29e3cc048f2c79a6cd8154dd772999eb7ff27d615eec
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,22 @@
|
|
1
1
|
# Release history for google-apis-sts_v1beta
|
2
2
|
|
3
|
+
### v0.10.0 (2021-07-31)
|
4
|
+
|
5
|
+
* Regenerated from discovery document revision 20210723
|
6
|
+
|
7
|
+
### v0.9.0 (2021-07-03)
|
8
|
+
|
9
|
+
* Regenerated from discovery document revision 20210625
|
10
|
+
* Regenerated using generator version 0.4.0
|
11
|
+
|
12
|
+
### v0.8.0 (2021-06-24)
|
13
|
+
|
14
|
+
* Regenerated using generator version 0.3.0
|
15
|
+
|
16
|
+
### v0.7.0 (2021-05-27)
|
17
|
+
|
18
|
+
* Regenerated from discovery document revision 20210517
|
19
|
+
|
3
20
|
### v0.6.0 (2021-05-20)
|
4
21
|
|
5
22
|
* Unspecified changes
|
@@ -27,8 +27,8 @@ module Google
|
|
27
27
|
include Google::Apis::Core::Hashable
|
28
28
|
|
29
29
|
# The full resource name of the identity provider. For example, `//iam.
|
30
|
-
# googleapis.com/projects//workloadIdentityPools//providers/`.
|
31
|
-
# exchanging an external credential for a Google access token.
|
30
|
+
# googleapis.com/projects//locations/global/workloadIdentityPools//providers/`.
|
31
|
+
# Required when exchanging an external credential for a Google access token.
|
32
32
|
# Corresponds to the JSON property `audience`
|
33
33
|
# @return [String]
|
34
34
|
attr_accessor :audience
|
@@ -59,56 +59,56 @@ module Google
|
|
59
59
|
# @return [String]
|
60
60
|
attr_accessor :scope
|
61
61
|
|
62
|
-
# Required. The input token. This token is
|
63
|
-
#
|
64
|
-
#
|
65
|
-
#
|
66
|
-
#
|
67
|
-
# following headers are required: - `kid`: The
|
68
|
-
# securing the JWT. - `alg`: The cryptographic
|
69
|
-
# be `RS256` or `ES256`. The following payload
|
70
|
-
# information, see [RFC 7523, Section 3](https://
|
71
|
-
# section-3): - `iss`: The issuer of the token. The
|
72
|
-
# discovery document at the URL `/.well-known/openid-
|
73
|
-
# the value of this field. The document must be
|
74
|
-
# 2 of the [OIDC 1.0 Discovery specification](
|
75
|
-
# connect-discovery-1_0.html#
|
76
|
-
# time, in seconds, since the
|
77
|
-
#
|
78
|
-
#
|
79
|
-
#
|
80
|
-
#
|
81
|
-
#
|
82
|
-
#
|
83
|
-
# specified. See https://cloud.
|
84
|
-
# locations.workloadIdentityPools.
|
85
|
-
# RS256", "kid": "us-east-11" ` ```
|
86
|
-
# accounts.google.com", "iat": 1517963104,
|
87
|
-
# googleapis.com/projects/1234567890123/
|
88
|
-
# my-pool/providers/my-provider", "sub": "
|
89
|
-
# "additional_claim": "value" ` ` ``` If `
|
90
|
-
# a serialized `GetCallerIdentity` token.
|
91
|
-
# information as a request to the AWS [`
|
92
|
-
# amazon.com/STS/latest/APIReference/
|
93
|
-
# the AWS [signature](https://docs.aws.
|
94
|
-
# signing_aws_api_requests.html) for the request
|
95
|
-
# Version 4. Format the request as URL-encoded JSON,
|
96
|
-
# subject_token_type` parameter to `urn:ietf:params:aws:token-type:
|
97
|
-
# The following parameters are required: - `url`: The URL of the
|
98
|
-
# endpoint for `GetCallerIdentity()`, such as `https://sts.amazonaws.com?
|
99
|
-
# GetCallerIdentity&Version=2011-06-15`. Regional endpoints are also
|
100
|
-
# `method`: The HTTP request method: `POST`. - `headers`: The HTTP
|
101
|
-
# headers, which must include: - `Authorization`: The request signature.
|
102
|
-
# amz-date`: The time you will send the request, formatted as an [ISO8601
|
103
|
-
# https://docs.aws.amazon.com/general/latest/gr/sigv4_elements.html#
|
62
|
+
# Required. The input token. This token is either an external credential issued
|
63
|
+
# by a workload identity pool provider, or a short-lived access token issued by
|
64
|
+
# Google. If the token is an OIDC JWT, it must use the JWT format defined in [
|
65
|
+
# RFC 7523](https://tools.ietf.org/html/rfc7523), and the `subject_token_type`
|
66
|
+
# must be either `urn:ietf:params:oauth:token-type:jwt` or `urn:ietf:params:
|
67
|
+
# oauth:token-type:id_token`. The following headers are required: - `kid`: The
|
68
|
+
# identifier of the signing key securing the JWT. - `alg`: The cryptographic
|
69
|
+
# algorithm securing the JWT. Must be `RS256` or `ES256`. The following payload
|
70
|
+
# fields are required. For more information, see [RFC 7523, Section 3](https://
|
71
|
+
# tools.ietf.org/html/rfc7523#section-3): - `iss`: The issuer of the token. The
|
72
|
+
# issuer must provide a discovery document at the URL `/.well-known/openid-
|
73
|
+
# configuration`, where `` is the value of this field. The document must be
|
74
|
+
# formatted according to section 4.2 of the [OIDC 1.0 Discovery specification](
|
75
|
+
# https://openid.net/specs/openid-connect-discovery-1_0.html#
|
76
|
+
# ProviderConfigurationResponse). - `iat`: The issue time, in seconds, since the
|
77
|
+
# Unix epoch. Must be in the past. - `exp`: The expiration time, in seconds,
|
78
|
+
# since the Unix epoch. Must be less than 48 hours after `iat`. Shorter
|
79
|
+
# expiration times are more secure. If possible, we recommend setting an
|
80
|
+
# expiration time less than 6 hours. - `sub`: The identity asserted in the JWT. -
|
81
|
+
# `aud`: For workload identity pools, this must be a value specified in the
|
82
|
+
# allowed audiences for the workload identity pool provider, or one of the
|
83
|
+
# audiences allowed by default if no audiences were specified. See https://cloud.
|
84
|
+
# google.com/iam/docs/reference/rest/v1/projects.locations.workloadIdentityPools.
|
85
|
+
# providers#oidc Example header: ``` ` "alg": "RS256", "kid": "us-east-11" ` ```
|
86
|
+
# Example payload: ``` ` "iss": "https://accounts.google.com", "iat": 1517963104,
|
87
|
+
# "exp": 1517966704, "aud": "//iam.googleapis.com/projects/1234567890123/
|
88
|
+
# locations/global/workloadIdentityPools/my-pool/providers/my-provider", "sub": "
|
89
|
+
# 113475438248934895348", "my_claims": ` "additional_claim": "value" ` ` ``` If `
|
90
|
+
# subject_token` is for AWS, it must be a serialized `GetCallerIdentity` token.
|
91
|
+
# This token contains the same information as a request to the AWS [`
|
92
|
+
# GetCallerIdentity()`](https://docs.aws.amazon.com/STS/latest/APIReference/
|
93
|
+
# API_GetCallerIdentity) method, as well as the AWS [signature](https://docs.aws.
|
94
|
+
# amazon.com/general/latest/gr/signing_aws_api_requests.html) for the request
|
95
|
+
# information. Use Signature Version 4. Format the request as URL-encoded JSON,
|
96
|
+
# and set the `subject_token_type` parameter to `urn:ietf:params:aws:token-type:
|
97
|
+
# aws4_request`. The following parameters are required: - `url`: The URL of the
|
98
|
+
# AWS STS endpoint for `GetCallerIdentity()`, such as `https://sts.amazonaws.com?
|
99
|
+
# Action=GetCallerIdentity&Version=2011-06-15`. Regional endpoints are also
|
100
|
+
# supported. - `method`: The HTTP request method: `POST`. - `headers`: The HTTP
|
101
|
+
# request headers, which must include: - `Authorization`: The request signature.
|
102
|
+
# - `x-amz-date`: The time you will send the request, formatted as an [ISO8601
|
103
|
+
# Basic](https://docs.aws.amazon.com/general/latest/gr/sigv4_elements.html#
|
104
104
|
# sigv4_elements_date) string. This value is typically set to the current time
|
105
105
|
# and is used to help prevent replay attacks. - `host`: The hostname of the `url`
|
106
106
|
# field; for example, `sts.amazonaws.com`. - `x-goog-cloud-target-resource`:
|
107
107
|
# The full, canonical resource name of the workload identity pool provider, with
|
108
108
|
# or without an `https:` prefix. To help ensure data integrity, we recommend
|
109
109
|
# including this header in the `SignedHeaders` field of the signed request. For
|
110
|
-
# example: //iam.googleapis.com/projects//locations
|
111
|
-
# providers/ https://iam.googleapis.com/projects//locations
|
110
|
+
# example: //iam.googleapis.com/projects//locations/global/workloadIdentityPools/
|
111
|
+
# /providers/ https://iam.googleapis.com/projects//locations/global/
|
112
112
|
# workloadIdentityPools//providers/ If you are using temporary security
|
113
113
|
# credentials provided by AWS, you must also include the header `x-amz-security-
|
114
114
|
# token`, with the value set to the session token. The following example shows a
|
@@ -116,8 +116,8 @@ module Google
|
|
116
116
|
# 20200815T015049Z"`, `"key": "Authorization", "value": "AWS4-HMAC-SHA256+
|
117
117
|
# Credential=$credential,+SignedHeaders=host;x-amz-date;x-goog-cloud-target-
|
118
118
|
# resource,+Signature=$signature"`, `"key": "x-goog-cloud-target-resource", "
|
119
|
-
# value": "//iam.googleapis.com/projects//locations
|
120
|
-
# providers/"`, `"key": "host", "value": "sts.amazonaws.com"` . ], "method": "
|
119
|
+
# value": "//iam.googleapis.com/projects//locations/global/workloadIdentityPools/
|
120
|
+
# /providers/"`, `"key": "host", "value": "sts.amazonaws.com"` . ], "method": "
|
121
121
|
# POST", "url": "https://sts.amazonaws.com?Action=GetCallerIdentity&Version=2011-
|
122
122
|
# 06-15" ` ``` You can also use a Google-issued OAuth 2.0 access token with this
|
123
123
|
# field to obtain an access token with new security attributes applied, such as
|
@@ -130,8 +130,8 @@ module Google
|
|
130
130
|
|
131
131
|
# Required. An identifier that indicates the type of the security token in the `
|
132
132
|
# subject_token` parameter. Supported values are `urn:ietf:params:oauth:token-
|
133
|
-
# type:jwt`, `urn:ietf:params:
|
134
|
-
# oauth:token-type:access_token`.
|
133
|
+
# type:jwt`, `urn:ietf:params:oauth:token-type:id_token`, `urn:ietf:params:aws:
|
134
|
+
# token-type:aws4_request`, and `urn:ietf:params:oauth:token-type:access_token`.
|
135
135
|
# Corresponds to the JSON property `subjectTokenType`
|
136
136
|
# @return [String]
|
137
137
|
attr_accessor :subject_token_type
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module StsV1beta
|
18
18
|
# Version of the google-apis-sts_v1beta gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.10.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
|
-
GENERATOR_VERSION = "0.
|
22
|
+
GENERATOR_VERSION = "0.4.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20210723"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
metadata
CHANGED
@@ -1,29 +1,35 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-sts_v1beta
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.10.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-08-02 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- - "
|
17
|
+
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.4'
|
20
|
+
- - "<"
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: 2.a
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
24
|
-
- - "
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '0.4'
|
30
|
+
- - "<"
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
32
|
+
version: 2.a
|
27
33
|
description: This is the simple REST client for Security Token Service API V1beta.
|
28
34
|
Simple REST clients are Ruby client libraries that provide access to Google services
|
29
35
|
via their HTTP REST API endpoints. These libraries are generated and updated automatically
|
@@ -52,7 +58,7 @@ licenses:
|
|
52
58
|
metadata:
|
53
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
54
60
|
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1beta/CHANGELOG.md
|
55
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1beta/v0.
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-sts_v1beta/v0.10.0
|
56
62
|
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-sts_v1beta
|
57
63
|
post_install_message:
|
58
64
|
rdoc_options: []
|