google-cloud-os_login-v1beta 0.12.0 → 0.14.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +72 -101
- data/lib/google/cloud/os_login/v1beta/os_login_service/client.rb +36 -9
- data/lib/google/cloud/os_login/v1beta/os_login_service/rest/client.rb +38 -8
- data/lib/google/cloud/os_login/v1beta/os_login_service/rest/service_stub.rb +14 -2
- data/lib/google/cloud/os_login/v1beta/version.rb +1 -1
- data/lib/google/cloud/oslogin/v1beta/oslogin_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +14 -0
- data/proto_docs/google/cloud/oslogin/v1beta/oslogin.rb +5 -0
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b2622e4e7db1424146be8807ad9b75f2cd188d5e3a0457c739abdf97c7c1b329
|
4
|
+
data.tar.gz: ed97e769edc7e14c9c1396033a75b067c384b57315efb90dd798c7b071867598
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 796dcadb7af531639c7d2a1585c1a814cf5f8754b7b83c6ef55da58f3019d682de733c2bd84adfe267d3883125d8f95c780f45d225e1711c3879b3e8c124518e
|
7
|
+
data.tar.gz: 4872a40abdf5989a37ec29ec85a3b10102453edfeabb604b620494540d96a097e7ebcc3ac7d51db6e21ab1191172717d152ad92359bcc86388cb65e94f550969
|
data/AUTHENTICATION.md
CHANGED
@@ -1,151 +1,122 @@
|
|
1
1
|
# Authentication
|
2
2
|
|
3
|
-
|
4
|
-
[
|
5
|
-
|
6
|
-
[Google Cloud Platform environments](#google-cloud-platform-environments) the
|
7
|
-
credentials will be discovered automatically. When running on other
|
8
|
-
environments, the Service Account credentials can be specified by providing the
|
9
|
-
path to the
|
10
|
-
[JSON keyfile](https://cloud.google.com/iam/docs/managing-service-account-keys)
|
11
|
-
for the account (or the JSON itself) in
|
12
|
-
[environment variables](#environment-variables). Additionally, Cloud SDK
|
13
|
-
credentials can also be discovered automatically, but this is only recommended
|
14
|
-
during development.
|
3
|
+
The recommended way to authenticate to the google-cloud-os_login-v1beta library is to use
|
4
|
+
[Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials).
|
5
|
+
To review all of your authentication options, see [Credentials lookup](#credential-lookup).
|
15
6
|
|
16
7
|
## Quickstart
|
17
8
|
|
18
|
-
|
19
|
-
|
9
|
+
The following example shows how to set up authentication for a local development
|
10
|
+
environment with your user credentials.
|
20
11
|
|
21
|
-
|
22
|
-
|
23
|
-
```
|
24
|
-
|
25
|
-
3. Initialize the client.
|
12
|
+
**NOTE:** This method is _not_ recommended for running in production. User credentials
|
13
|
+
should be used only during development.
|
26
14
|
|
27
|
-
|
28
|
-
|
15
|
+
1. [Download and install the Google Cloud CLI](https://cloud.google.com/sdk).
|
16
|
+
2. Set up a local ADC file with your user credentials:
|
29
17
|
|
30
|
-
|
18
|
+
```sh
|
19
|
+
gcloud auth application-default login
|
31
20
|
```
|
32
21
|
|
33
|
-
|
34
|
-
|
35
|
-
The google-cloud-os_login-v1beta library aims to make authentication
|
36
|
-
as simple as possible, and provides several mechanisms to configure your system
|
37
|
-
without requiring **Service Account Credentials** directly in code.
|
38
|
-
|
39
|
-
**Credentials** are discovered in the following order:
|
40
|
-
|
41
|
-
1. Specify credentials in method arguments
|
42
|
-
2. Specify credentials in configuration
|
43
|
-
3. Discover credentials path in environment variables
|
44
|
-
4. Discover credentials JSON in environment variables
|
45
|
-
5. Discover credentials file in the Cloud SDK's path
|
46
|
-
6. Discover GCP credentials
|
47
|
-
|
48
|
-
### Google Cloud Platform environments
|
22
|
+
3. Write code as if already authenticated.
|
49
23
|
|
50
|
-
|
51
|
-
|
52
|
-
Functions (GCF) and Cloud Run, **Credentials** are discovered automatically.
|
53
|
-
Code should be written as if already authenticated.
|
24
|
+
For more information about setting up authentication for a local development environment, see
|
25
|
+
[Set up Application Default Credentials](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-dev).
|
54
26
|
|
55
|
-
|
27
|
+
## Credential Lookup
|
56
28
|
|
57
|
-
The
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
**Credentials JSON** file can be stored in the environment variable, or the
|
62
|
-
**Credentials JSON** itself can be stored for environments such as Docker
|
63
|
-
containers where writing files is difficult or not encouraged.
|
29
|
+
The google-cloud-os_login-v1beta library provides several mechanisms to configure your system.
|
30
|
+
Generally, using Application Default Credentials to facilitate automatic
|
31
|
+
credentials discovery is the easist method. But if you need to explicitly specify
|
32
|
+
credentials, there are several methods available to you.
|
64
33
|
|
65
|
-
|
66
|
-
checks for credentials are configured on the service Credentials class (such as
|
67
|
-
{::Google::Cloud::OsLogin::V1beta::OsLoginService::Credentials}):
|
34
|
+
Credentials are accepted in the following ways, in the following order or precedence:
|
68
35
|
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
36
|
+
1. Credentials specified in method arguments
|
37
|
+
2. Credentials specified in configuration
|
38
|
+
3. Credentials pointed to or included in environment variables
|
39
|
+
4. Credentials found in local ADC file
|
40
|
+
5. Credentials returned by the metadata server for the attached service account (GCP)
|
74
41
|
|
75
|
-
|
76
|
-
require "google/cloud/os_login/v1beta"
|
77
|
-
|
78
|
-
ENV["OS_LOGIN_CREDENTIALS"] = "path/to/keyfile.json"
|
42
|
+
### Configuration
|
79
43
|
|
80
|
-
client
|
81
|
-
|
44
|
+
You can configure a path to a JSON credentials file, either for an individual client object or
|
45
|
+
globally, for all client objects. The JSON file can contain credentials created for
|
46
|
+
[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
|
47
|
+
[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
|
48
|
+
[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
|
82
49
|
|
83
|
-
|
50
|
+
Note: Service account keys are a security risk if not managed correctly. You should
|
51
|
+
[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
|
52
|
+
whenever possible.
|
84
53
|
|
85
|
-
|
86
|
-
it in an environment variable. Either on an individual client initialization:
|
54
|
+
To configure a credentials file for an individual client initialization:
|
87
55
|
|
88
56
|
```ruby
|
89
57
|
require "google/cloud/os_login/v1beta"
|
90
58
|
|
91
59
|
client = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.new do |config|
|
92
|
-
config.credentials = "path/to/
|
60
|
+
config.credentials = "path/to/credentialfile.json"
|
93
61
|
end
|
94
62
|
```
|
95
63
|
|
96
|
-
|
64
|
+
To configure a credentials file globally for all clients:
|
97
65
|
|
98
66
|
```ruby
|
99
67
|
require "google/cloud/os_login/v1beta"
|
100
68
|
|
101
69
|
::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.configure do |config|
|
102
|
-
config.credentials = "path/to/
|
70
|
+
config.credentials = "path/to/credentialfile.json"
|
103
71
|
end
|
104
72
|
|
105
73
|
client = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.new
|
106
74
|
```
|
107
75
|
|
108
|
-
###
|
76
|
+
### Environment Variables
|
109
77
|
|
110
|
-
|
111
|
-
|
112
|
-
|
78
|
+
You can also use an environment variable to provide a JSON credentials file.
|
79
|
+
The environment variable can contain a path to the credentials file or, for
|
80
|
+
environments such as Docker containers where writing files is not encouraged,
|
81
|
+
you can include the credentials file itself.
|
113
82
|
|
114
|
-
|
83
|
+
The JSON file can contain credentials created for
|
84
|
+
[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
|
85
|
+
[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
|
86
|
+
[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
|
115
87
|
|
116
|
-
|
117
|
-
|
118
|
-
|
88
|
+
Note: Service account keys are a security risk if not managed correctly. You should
|
89
|
+
[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
|
90
|
+
whenever possible.
|
91
|
+
|
92
|
+
The environment variables that google-cloud-os_login-v1beta
|
93
|
+
checks for credentials are:
|
119
94
|
|
120
|
-
|
121
|
-
*
|
95
|
+
* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
|
96
|
+
* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
|
122
97
|
|
123
|
-
|
98
|
+
```ruby
|
99
|
+
require "google/cloud/os_login/v1beta"
|
124
100
|
|
125
|
-
|
126
|
-
connect to the APIs. You will use the **JSON key file** to
|
127
|
-
connect to most services with google-cloud-os_login-v1beta.
|
101
|
+
ENV["GOOGLE_APPLICATION_CREDENTIALS"] = "path/to/credentialfile.json"
|
128
102
|
|
129
|
-
|
130
|
-
|
131
|
-
need a Google Developers service account.
|
103
|
+
client = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.new
|
104
|
+
```
|
132
105
|
|
133
|
-
|
134
|
-
2. Create a new project or click on an existing project.
|
135
|
-
3. Activate the menu in the upper left and select **APIs & Services**. From
|
136
|
-
here, you will enable the APIs that your application requires.
|
106
|
+
### Local ADC file
|
137
107
|
|
138
|
-
|
108
|
+
You can set up a local ADC file with your user credentials for authentication during
|
109
|
+
development. If credentials are not provided in code or in environment variables,
|
110
|
+
then the local ADC credentials are discovered.
|
139
111
|
|
140
|
-
|
112
|
+
Follow the steps in [Quickstart](#quickstart) to set up a local ADC file.
|
141
113
|
|
142
|
-
|
143
|
-
"Service account" to be guided through downloading a new JSON key file.
|
114
|
+
### Google Cloud Platform environments
|
144
115
|
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
116
|
+
When running on Google Cloud Platform (GCP), including Google Compute Engine
|
117
|
+
(GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud
|
118
|
+
Functions (GCF) and Cloud Run, credentials are retrieved from the attached
|
119
|
+
service account automatically. Code should be written as if already authenticated.
|
149
120
|
|
150
|
-
|
151
|
-
|
121
|
+
For more information, see
|
122
|
+
[Set up ADC for Google Cloud services](https://cloud.google.com/docs/authentication/provide-credentials-adc#attached-sa).
|
@@ -33,6 +33,9 @@ module Google
|
|
33
33
|
# public keys for logging into virtual machines on Google Cloud Platform.
|
34
34
|
#
|
35
35
|
class Client
|
36
|
+
# @private
|
37
|
+
DEFAULT_ENDPOINT_TEMPLATE = "oslogin.$UNIVERSE_DOMAIN$"
|
38
|
+
|
36
39
|
include Paths
|
37
40
|
|
38
41
|
# @private
|
@@ -123,6 +126,15 @@ module Google
|
|
123
126
|
@config
|
124
127
|
end
|
125
128
|
|
129
|
+
##
|
130
|
+
# The effective universe domain
|
131
|
+
#
|
132
|
+
# @return [String]
|
133
|
+
#
|
134
|
+
def universe_domain
|
135
|
+
@os_login_service_stub.universe_domain
|
136
|
+
end
|
137
|
+
|
126
138
|
##
|
127
139
|
# Create a new OsLoginService client object.
|
128
140
|
#
|
@@ -156,8 +168,9 @@ module Google
|
|
156
168
|
credentials = @config.credentials
|
157
169
|
# Use self-signed JWT if the endpoint is unchanged from default,
|
158
170
|
# but only if the default endpoint does not have a region prefix.
|
159
|
-
enable_self_signed_jwt = @config.endpoint
|
160
|
-
|
171
|
+
enable_self_signed_jwt = @config.endpoint.nil? ||
|
172
|
+
(@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
|
173
|
+
!@config.endpoint.split(".").first.include?("-"))
|
161
174
|
credentials ||= Credentials.default scope: @config.scope,
|
162
175
|
enable_self_signed_jwt: enable_self_signed_jwt
|
163
176
|
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
@@ -168,8 +181,10 @@ module Google
|
|
168
181
|
|
169
182
|
@os_login_service_stub = ::Gapic::ServiceStub.new(
|
170
183
|
::Google::Cloud::OsLogin::V1beta::OsLoginService::Stub,
|
171
|
-
credentials:
|
172
|
-
endpoint:
|
184
|
+
credentials: credentials,
|
185
|
+
endpoint: @config.endpoint,
|
186
|
+
endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
|
187
|
+
universe_domain: @config.universe_domain,
|
173
188
|
channel_args: @config.channel_args,
|
174
189
|
interceptors: @config.interceptors,
|
175
190
|
channel_pool_config: @config.channel_pool
|
@@ -633,7 +648,7 @@ module Google
|
|
633
648
|
# @param options [::Gapic::CallOptions, ::Hash]
|
634
649
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
635
650
|
#
|
636
|
-
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil)
|
651
|
+
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil, regions: nil)
|
637
652
|
# Pass arguments to `import_ssh_public_key` via keyword arguments. Note that at
|
638
653
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
639
654
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -646,6 +661,10 @@ module Google
|
|
646
661
|
# The project ID of the Google Cloud Platform project.
|
647
662
|
# @param view [::Google::Cloud::OsLogin::V1beta::LoginProfileView]
|
648
663
|
# The view configures whether to retrieve security keys information.
|
664
|
+
# @param regions [::Array<::String>]
|
665
|
+
# Optional. The regions to which to assert that the key was written.
|
666
|
+
# If unspecified, defaults to all regions.
|
667
|
+
# Regions are listed at https://cloud.google.com/about/locations#region.
|
649
668
|
#
|
650
669
|
# @yield [response, operation] Access the result along with the RPC operation
|
651
670
|
# @yieldparam response [::Google::Cloud::OsLogin::V1beta::ImportSshPublicKeyResponse]
|
@@ -923,9 +942,9 @@ module Google
|
|
923
942
|
# end
|
924
943
|
#
|
925
944
|
# @!attribute [rw] endpoint
|
926
|
-
#
|
927
|
-
#
|
928
|
-
# @return [::String]
|
945
|
+
# A custom service endpoint, as a hostname or hostname:port. The default is
|
946
|
+
# nil, indicating to use the default endpoint in the current universe domain.
|
947
|
+
# @return [::String,nil]
|
929
948
|
# @!attribute [rw] credentials
|
930
949
|
# Credentials to send with calls. You may provide any of the following types:
|
931
950
|
# * (`String`) The path to a service account key file in JSON format
|
@@ -971,13 +990,20 @@ module Google
|
|
971
990
|
# @!attribute [rw] quota_project
|
972
991
|
# A separate project against which to charge quota.
|
973
992
|
# @return [::String]
|
993
|
+
# @!attribute [rw] universe_domain
|
994
|
+
# The universe domain within which to make requests. This determines the
|
995
|
+
# default endpoint URL. The default value of nil uses the environment
|
996
|
+
# universe (usually the default "googleapis.com" universe).
|
997
|
+
# @return [::String,nil]
|
974
998
|
#
|
975
999
|
class Configuration
|
976
1000
|
extend ::Gapic::Config
|
977
1001
|
|
1002
|
+
# @private
|
1003
|
+
# The endpoint specific to the default "googleapis.com" universe. Deprecated.
|
978
1004
|
DEFAULT_ENDPOINT = "oslogin.googleapis.com"
|
979
1005
|
|
980
|
-
config_attr :endpoint,
|
1006
|
+
config_attr :endpoint, nil, ::String, nil
|
981
1007
|
config_attr :credentials, nil do |value|
|
982
1008
|
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
983
1009
|
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
@@ -992,6 +1018,7 @@ module Google
|
|
992
1018
|
config_attr :metadata, nil, ::Hash, nil
|
993
1019
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
994
1020
|
config_attr :quota_project, nil, ::String, nil
|
1021
|
+
config_attr :universe_domain, nil, ::String, nil
|
995
1022
|
|
996
1023
|
# @private
|
997
1024
|
def initialize parent_config = nil
|
@@ -35,6 +35,9 @@ module Google
|
|
35
35
|
# public keys for logging into virtual machines on Google Cloud Platform.
|
36
36
|
#
|
37
37
|
class Client
|
38
|
+
# @private
|
39
|
+
DEFAULT_ENDPOINT_TEMPLATE = "oslogin.$UNIVERSE_DOMAIN$"
|
40
|
+
|
38
41
|
include Paths
|
39
42
|
|
40
43
|
# @private
|
@@ -125,6 +128,15 @@ module Google
|
|
125
128
|
@config
|
126
129
|
end
|
127
130
|
|
131
|
+
##
|
132
|
+
# The effective universe domain
|
133
|
+
#
|
134
|
+
# @return [String]
|
135
|
+
#
|
136
|
+
def universe_domain
|
137
|
+
@os_login_service_stub.universe_domain
|
138
|
+
end
|
139
|
+
|
128
140
|
##
|
129
141
|
# Create a new OsLoginService REST client object.
|
130
142
|
#
|
@@ -152,8 +164,9 @@ module Google
|
|
152
164
|
credentials = @config.credentials
|
153
165
|
# Use self-signed JWT if the endpoint is unchanged from default,
|
154
166
|
# but only if the default endpoint does not have a region prefix.
|
155
|
-
enable_self_signed_jwt = @config.endpoint
|
156
|
-
|
167
|
+
enable_self_signed_jwt = @config.endpoint.nil? ||
|
168
|
+
(@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
|
169
|
+
!@config.endpoint.split(".").first.include?("-"))
|
157
170
|
credentials ||= Credentials.default scope: @config.scope,
|
158
171
|
enable_self_signed_jwt: enable_self_signed_jwt
|
159
172
|
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
@@ -163,7 +176,12 @@ module Google
|
|
163
176
|
@quota_project_id = @config.quota_project
|
164
177
|
@quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
|
165
178
|
|
166
|
-
@os_login_service_stub = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Rest::ServiceStub.new
|
179
|
+
@os_login_service_stub = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Rest::ServiceStub.new(
|
180
|
+
endpoint: @config.endpoint,
|
181
|
+
endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
|
182
|
+
universe_domain: @config.universe_domain,
|
183
|
+
credentials: credentials
|
184
|
+
)
|
167
185
|
end
|
168
186
|
|
169
187
|
# Service calls
|
@@ -588,7 +606,7 @@ module Google
|
|
588
606
|
# @param options [::Gapic::CallOptions, ::Hash]
|
589
607
|
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
590
608
|
#
|
591
|
-
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil)
|
609
|
+
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil, regions: nil)
|
592
610
|
# Pass arguments to `import_ssh_public_key` via keyword arguments. Note that at
|
593
611
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
594
612
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -601,6 +619,10 @@ module Google
|
|
601
619
|
# The project ID of the Google Cloud Platform project.
|
602
620
|
# @param view [::Google::Cloud::OsLogin::V1beta::LoginProfileView]
|
603
621
|
# The view configures whether to retrieve security keys information.
|
622
|
+
# @param regions [::Array<::String>]
|
623
|
+
# Optional. The regions to which to assert that the key was written.
|
624
|
+
# If unspecified, defaults to all regions.
|
625
|
+
# Regions are listed at https://cloud.google.com/about/locations#region.
|
604
626
|
# @yield [result, operation] Access the result along with the TransportOperation object
|
605
627
|
# @yieldparam result [::Google::Cloud::OsLogin::V1beta::ImportSshPublicKeyResponse]
|
606
628
|
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
@@ -857,9 +879,9 @@ module Google
|
|
857
879
|
# end
|
858
880
|
#
|
859
881
|
# @!attribute [rw] endpoint
|
860
|
-
#
|
861
|
-
#
|
862
|
-
# @return [::String]
|
882
|
+
# A custom service endpoint, as a hostname or hostname:port. The default is
|
883
|
+
# nil, indicating to use the default endpoint in the current universe domain.
|
884
|
+
# @return [::String,nil]
|
863
885
|
# @!attribute [rw] credentials
|
864
886
|
# Credentials to send with calls. You may provide any of the following types:
|
865
887
|
# * (`String`) The path to a service account key file in JSON format
|
@@ -896,13 +918,20 @@ module Google
|
|
896
918
|
# @!attribute [rw] quota_project
|
897
919
|
# A separate project against which to charge quota.
|
898
920
|
# @return [::String]
|
921
|
+
# @!attribute [rw] universe_domain
|
922
|
+
# The universe domain within which to make requests. This determines the
|
923
|
+
# default endpoint URL. The default value of nil uses the environment
|
924
|
+
# universe (usually the default "googleapis.com" universe).
|
925
|
+
# @return [::String,nil]
|
899
926
|
#
|
900
927
|
class Configuration
|
901
928
|
extend ::Gapic::Config
|
902
929
|
|
930
|
+
# @private
|
931
|
+
# The endpoint specific to the default "googleapis.com" universe. Deprecated.
|
903
932
|
DEFAULT_ENDPOINT = "oslogin.googleapis.com"
|
904
933
|
|
905
|
-
config_attr :endpoint,
|
934
|
+
config_attr :endpoint, nil, ::String, nil
|
906
935
|
config_attr :credentials, nil do |value|
|
907
936
|
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
908
937
|
allowed.any? { |klass| klass === value }
|
@@ -914,6 +943,7 @@ module Google
|
|
914
943
|
config_attr :metadata, nil, ::Hash, nil
|
915
944
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
916
945
|
config_attr :quota_project, nil, ::String, nil
|
946
|
+
config_attr :universe_domain, nil, ::String, nil
|
917
947
|
|
918
948
|
# @private
|
919
949
|
def initialize parent_config = nil
|
@@ -30,16 +30,28 @@ module Google
|
|
30
30
|
# including transcoding, making the REST call, and deserialing the response.
|
31
31
|
#
|
32
32
|
class ServiceStub
|
33
|
-
def initialize endpoint:, credentials:
|
33
|
+
def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
|
34
34
|
# These require statements are intentionally placed here to initialize
|
35
35
|
# the REST modules only when it's required.
|
36
36
|
require "gapic/rest"
|
37
37
|
|
38
|
-
@client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
|
38
|
+
@client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
|
39
|
+
endpoint_template: endpoint_template,
|
40
|
+
universe_domain: universe_domain,
|
41
|
+
credentials: credentials,
|
39
42
|
numeric_enums: true,
|
40
43
|
raise_faraday_errors: false
|
41
44
|
end
|
42
45
|
|
46
|
+
##
|
47
|
+
# The effective universe domain
|
48
|
+
#
|
49
|
+
# @return [String]
|
50
|
+
#
|
51
|
+
def universe_domain
|
52
|
+
@client_stub.universe_domain
|
53
|
+
end
|
54
|
+
|
43
55
|
##
|
44
56
|
# Baseline implementation for the create_ssh_public_key REST call
|
45
57
|
#
|
@@ -13,7 +13,7 @@ require 'google/protobuf/empty_pb'
|
|
13
13
|
require 'google/protobuf/field_mask_pb'
|
14
14
|
|
15
15
|
|
16
|
-
descriptor_data = "\n)google/cloud/oslogin/v1beta/oslogin.proto\x12\x1bgoogle.cloud.oslogin.v1beta\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a(google/cloud/oslogin/common/common.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\"\xdd\x02\n\x0cLoginProfile\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x41\n\x0eposix_accounts\x18\x02 \x03(\x0b\x32).google.cloud.oslogin.common.PosixAccount\x12U\n\x0fssh_public_keys\x18\x03 \x03(\x0b\x32<.google.cloud.oslogin.v1beta.LoginProfile.SshPublicKeysEntry\x12?\n\rsecurity_keys\x18\x05 \x03(\x0b\x32(.google.cloud.oslogin.v1beta.SecurityKey\x1a_\n\x12SshPublicKeysEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x38\n\x05value\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKey:\x02\x38\x01\"\xa0\x01\n\x19\x43reateSshPublicKeyRequest\x12;\n\x06parent\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\x12#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\"V\n\x19\x44\x65letePosixAccountRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/PosixAccount\"V\n\x19\x44\x65leteSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\xaf\x01\n\x16GetLoginProfileRequest\x12\x31\n\x04name\x18\x01 \x01(\tB#\xe0\x41\x02\xfa\x41\x1d\n\x1boslogin.googleapis.com/User\x12\x12\n\nproject_id\x18\x02 \x01(\t\x12\x11\n\tsystem_id\x18\x03 \x01(\t\x12;\n\x04view\x18\x04 \x01(\x0e\x32-.google.cloud.oslogin.v1beta.LoginProfileView\"S\n\x16GetSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\
|
16
|
+
descriptor_data = "\n)google/cloud/oslogin/v1beta/oslogin.proto\x12\x1bgoogle.cloud.oslogin.v1beta\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a(google/cloud/oslogin/common/common.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\"\xdd\x02\n\x0cLoginProfile\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x41\n\x0eposix_accounts\x18\x02 \x03(\x0b\x32).google.cloud.oslogin.common.PosixAccount\x12U\n\x0fssh_public_keys\x18\x03 \x03(\x0b\x32<.google.cloud.oslogin.v1beta.LoginProfile.SshPublicKeysEntry\x12?\n\rsecurity_keys\x18\x05 \x03(\x0b\x32(.google.cloud.oslogin.v1beta.SecurityKey\x1a_\n\x12SshPublicKeysEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x38\n\x05value\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKey:\x02\x38\x01\"\xa0\x01\n\x19\x43reateSshPublicKeyRequest\x12;\n\x06parent\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\x12#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\"V\n\x19\x44\x65letePosixAccountRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/PosixAccount\"V\n\x19\x44\x65leteSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\xaf\x01\n\x16GetLoginProfileRequest\x12\x31\n\x04name\x18\x01 \x01(\tB#\xe0\x41\x02\xfa\x41\x1d\n\x1boslogin.googleapis.com/User\x12\x12\n\nproject_id\x18\x02 \x01(\t\x12\x11\n\tsystem_id\x18\x03 \x01(\t\x12;\n\x04view\x18\x04 \x01(\x0e\x32-.google.cloud.oslogin.v1beta.LoginProfileView\"S\n\x16GetSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\x84\x02\n\x19ImportSshPublicKeyRequest\x12\x38\n\x06parent\x18\x01 \x01(\tB(\xfa\x41%\x12#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\x12\x12\n\nproject_id\x18\x03 \x01(\t\x12;\n\x04view\x18\x04 \x01(\x0e\x32-.google.cloud.oslogin.v1beta.LoginProfileView\x12\x14\n\x07regions\x18\x05 \x03(\tB\x03\xe0\x41\x01\"o\n\x1aImportSshPublicKeyResponse\x12@\n\rlogin_profile\x18\x01 \x01(\x0b\x32).google.cloud.oslogin.v1beta.LoginProfile\x12\x0f\n\x07\x64\x65tails\x18\x02 \x01(\t\"\xcf\x01\n\x19UpdateSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\"\x86\x02\n\x0bSecurityKey\x12\x12\n\npublic_key\x18\x01 \x01(\t\x12\x13\n\x0bprivate_key\x18\x02 \x01(\t\x12O\n\x14universal_two_factor\x18\x03 \x01(\x0b\x32/.google.cloud.oslogin.v1beta.UniversalTwoFactorH\x00\x12:\n\tweb_authn\x18\x04 \x01(\x0b\x32%.google.cloud.oslogin.v1beta.WebAuthnH\x00\x12\x1c\n\x0f\x64\x65vice_nickname\x18\x05 \x01(\tH\x01\x88\x01\x01\x42\x0f\n\rprotocol_typeB\x12\n\x10_device_nickname\"$\n\x12UniversalTwoFactor\x12\x0e\n\x06\x61pp_id\x18\x01 \x01(\t\"\x19\n\x08WebAuthn\x12\r\n\x05rp_id\x18\x01 \x01(\t\"A\n\x17SignSshPublicKeyRequest\x12\x16\n\x0essh_public_key\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\"9\n\x18SignSshPublicKeyResponse\x12\x1d\n\x15signed_ssh_public_key\x18\x01 \x01(\t*S\n\x10LoginProfileView\x12\"\n\x1eLOGIN_PROFILE_VIEW_UNSPECIFIED\x10\x00\x12\t\n\x05\x42\x41SIC\x10\x01\x12\x10\n\x0cSECURITY_KEY\x10\x02\x32\xf2\x0e\n\x0eOsLoginService\x12\xcf\x01\n\x12\x43reateSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.CreateSshPublicKeyRequest\x1a).google.cloud.oslogin.common.SshPublicKey\"V\x82\xd3\xe4\x93\x02\x38\"&/v1beta/{parent=users/*}/sshPublicKeys:\x0essh_public_key\xda\x41\x15parent,ssh_public_key\x12\x96\x01\n\x12\x44\x65letePosixAccount\x12\x36.google.cloud.oslogin.v1beta.DeletePosixAccountRequest\x1a\x16.google.protobuf.Empty\"0\x82\xd3\xe4\x93\x02#*!/v1beta/{name=users/*/projects/*}\xda\x41\x04name\x12\x9b\x01\n\x12\x44\x65leteSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.DeleteSshPublicKeyRequest\x1a\x16.google.protobuf.Empty\"5\x82\xd3\xe4\x93\x02(*&/v1beta/{name=users/*/sshPublicKeys/*}\xda\x41\x04name\x12\xa5\x01\n\x0fGetLoginProfile\x12\x33.google.cloud.oslogin.v1beta.GetLoginProfileRequest\x1a).google.cloud.oslogin.v1beta.LoginProfile\"2\x82\xd3\xe4\x93\x02%\x12#/v1beta/{name=users/*}/loginProfile\xda\x41\x04name\x12\xa8\x01\n\x0fGetSshPublicKey\x12\x33.google.cloud.oslogin.v1beta.GetSshPublicKeyRequest\x1a).google.cloud.oslogin.common.SshPublicKey\"5\x82\xd3\xe4\x93\x02(\x12&/v1beta/{name=users/*/sshPublicKeys/*}\xda\x41\x04name\x12\x85\x02\n\x12ImportSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.ImportSshPublicKeyRequest\x1a\x37.google.cloud.oslogin.v1beta.ImportSshPublicKeyResponse\"~\x82\xd3\xe4\x93\x02=\"+/v1beta/{parent=users/*}:importSshPublicKey:\x0essh_public_key\xda\x41\x15parent,ssh_public_key\xda\x41 parent,ssh_public_key,project_id\x12\xef\x01\n\x12UpdateSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.UpdateSshPublicKeyRequest\x1a).google.cloud.oslogin.common.SshPublicKey\"v\x82\xd3\xe4\x93\x02\x38\x32&/v1beta/{name=users/*/sshPublicKeys/*}:\x0essh_public_key\xda\x41\x13name,ssh_public_key\xda\x41\x1fname,ssh_public_key,update_mask\x12\xa9\x02\n\x10SignSshPublicKey\x12\x34.google.cloud.oslogin.v1beta.SignSshPublicKeyRequest\x1a\x35.google.cloud.oslogin.v1beta.SignSshPublicKeyResponse\"\xa7\x01\x82\xd3\xe4\x93\x02\x88\x01\"</v1beta/{parent=users/*/projects/*/zones/*}:signSshPublicKey:\x01*ZE\"@/v1beta/{parent=users/*/projects/*/locations/*}:signSshPublicKey:\x01*\xda\x41\x15parent,ssh_public_key\x1a\xdd\x01\xca\x41\x16oslogin.googleapis.com\xd2\x41\xc0\x01https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/cloud-platform.read-only,https://www.googleapis.com/auth/compute,https://www.googleapis.com/auth/compute.readonlyB\xc9\x01\n\x1f\x63om.google.cloud.oslogin.v1betaB\x0cOsLoginProtoP\x01Z9cloud.google.com/go/oslogin/apiv1beta/osloginpb;osloginpb\xaa\x02\x1bGoogle.Cloud.OsLogin.V1Beta\xca\x02\x1bGoogle\\Cloud\\OsLogin\\V1beta\xea\x02\x1eGoogle::Cloud::OsLogin::V1betab\x06proto3"
|
17
17
|
|
18
18
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
19
19
|
|
@@ -21,6 +21,7 @@ module Google
|
|
21
21
|
module Api
|
22
22
|
# Required information for every language.
|
23
23
|
# @!attribute [rw] reference_docs_uri
|
24
|
+
# @deprecated This field is deprecated and may be removed in the next major version update.
|
24
25
|
# @return [::String]
|
25
26
|
# Link to automatically generated reference documentation. Example:
|
26
27
|
# https://cloud.google.com/nodejs/docs/reference/asset/latest
|
@@ -304,6 +305,19 @@ module Google
|
|
304
305
|
# seconds: 360 # 6 minutes
|
305
306
|
# total_poll_timeout:
|
306
307
|
# seconds: 54000 # 90 minutes
|
308
|
+
# @!attribute [rw] auto_populated_fields
|
309
|
+
# @return [::Array<::String>]
|
310
|
+
# List of top-level fields of the request message, that should be
|
311
|
+
# automatically populated by the client libraries based on their
|
312
|
+
# (google.api.field_info).format. Currently supported format: UUID4.
|
313
|
+
#
|
314
|
+
# Example of a YAML configuration:
|
315
|
+
#
|
316
|
+
# publishing:
|
317
|
+
# method_settings:
|
318
|
+
# - selector: google.example.v1.ExampleService.CreateExample
|
319
|
+
# auto_populated_fields:
|
320
|
+
# - request_id
|
307
321
|
class MethodSettings
|
308
322
|
include ::Google::Protobuf::MessageExts
|
309
323
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -125,6 +125,11 @@ module Google
|
|
125
125
|
# @!attribute [rw] view
|
126
126
|
# @return [::Google::Cloud::OsLogin::V1beta::LoginProfileView]
|
127
127
|
# The view configures whether to retrieve security keys information.
|
128
|
+
# @!attribute [rw] regions
|
129
|
+
# @return [::Array<::String>]
|
130
|
+
# Optional. The regions to which to assert that the key was written.
|
131
|
+
# If unspecified, defaults to all regions.
|
132
|
+
# Regions are listed at https://cloud.google.com/about/locations#region.
|
128
133
|
class ImportSshPublicKeyRequest
|
129
134
|
include ::Google::Protobuf::MessageExts
|
130
135
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-os_login-v1beta
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.14.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-01-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.21.1
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: 0.
|
29
|
+
version: 0.21.1
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -214,7 +214,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
214
214
|
- !ruby/object:Gem::Version
|
215
215
|
version: '0'
|
216
216
|
requirements: []
|
217
|
-
rubygems_version: 3.
|
217
|
+
rubygems_version: 3.5.3
|
218
218
|
signing_key:
|
219
219
|
specification_version: 4
|
220
220
|
summary: You can use OS Login to manage access to your VM instances using IAM roles.
|