google-cloud-os_login-v1beta 0.12.0 → 0.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +72 -101
- data/lib/google/cloud/os_login/v1beta/os_login_service/client.rb +36 -9
- data/lib/google/cloud/os_login/v1beta/os_login_service/rest/client.rb +38 -8
- data/lib/google/cloud/os_login/v1beta/os_login_service/rest/service_stub.rb +14 -2
- data/lib/google/cloud/os_login/v1beta/version.rb +1 -1
- data/lib/google/cloud/oslogin/v1beta/oslogin_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +14 -0
- data/proto_docs/google/cloud/oslogin/v1beta/oslogin.rb +5 -0
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b2622e4e7db1424146be8807ad9b75f2cd188d5e3a0457c739abdf97c7c1b329
|
|
4
|
+
data.tar.gz: ed97e769edc7e14c9c1396033a75b067c384b57315efb90dd798c7b071867598
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 796dcadb7af531639c7d2a1585c1a814cf5f8754b7b83c6ef55da58f3019d682de733c2bd84adfe267d3883125d8f95c780f45d225e1711c3879b3e8c124518e
|
|
7
|
+
data.tar.gz: 4872a40abdf5989a37ec29ec85a3b10102453edfeabb604b620494540d96a097e7ebcc3ac7d51db6e21ab1191172717d152ad92359bcc86388cb65e94f550969
|
data/AUTHENTICATION.md
CHANGED
|
@@ -1,151 +1,122 @@
|
|
|
1
1
|
# Authentication
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
[
|
|
5
|
-
|
|
6
|
-
[Google Cloud Platform environments](#google-cloud-platform-environments) the
|
|
7
|
-
credentials will be discovered automatically. When running on other
|
|
8
|
-
environments, the Service Account credentials can be specified by providing the
|
|
9
|
-
path to the
|
|
10
|
-
[JSON keyfile](https://cloud.google.com/iam/docs/managing-service-account-keys)
|
|
11
|
-
for the account (or the JSON itself) in
|
|
12
|
-
[environment variables](#environment-variables). Additionally, Cloud SDK
|
|
13
|
-
credentials can also be discovered automatically, but this is only recommended
|
|
14
|
-
during development.
|
|
3
|
+
The recommended way to authenticate to the google-cloud-os_login-v1beta library is to use
|
|
4
|
+
[Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials).
|
|
5
|
+
To review all of your authentication options, see [Credentials lookup](#credential-lookup).
|
|
15
6
|
|
|
16
7
|
## Quickstart
|
|
17
8
|
|
|
18
|
-
|
|
19
|
-
|
|
9
|
+
The following example shows how to set up authentication for a local development
|
|
10
|
+
environment with your user credentials.
|
|
20
11
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
```
|
|
24
|
-
|
|
25
|
-
3. Initialize the client.
|
|
12
|
+
**NOTE:** This method is _not_ recommended for running in production. User credentials
|
|
13
|
+
should be used only during development.
|
|
26
14
|
|
|
27
|
-
|
|
28
|
-
|
|
15
|
+
1. [Download and install the Google Cloud CLI](https://cloud.google.com/sdk).
|
|
16
|
+
2. Set up a local ADC file with your user credentials:
|
|
29
17
|
|
|
30
|
-
|
|
18
|
+
```sh
|
|
19
|
+
gcloud auth application-default login
|
|
31
20
|
```
|
|
32
21
|
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
The google-cloud-os_login-v1beta library aims to make authentication
|
|
36
|
-
as simple as possible, and provides several mechanisms to configure your system
|
|
37
|
-
without requiring **Service Account Credentials** directly in code.
|
|
38
|
-
|
|
39
|
-
**Credentials** are discovered in the following order:
|
|
40
|
-
|
|
41
|
-
1. Specify credentials in method arguments
|
|
42
|
-
2. Specify credentials in configuration
|
|
43
|
-
3. Discover credentials path in environment variables
|
|
44
|
-
4. Discover credentials JSON in environment variables
|
|
45
|
-
5. Discover credentials file in the Cloud SDK's path
|
|
46
|
-
6. Discover GCP credentials
|
|
47
|
-
|
|
48
|
-
### Google Cloud Platform environments
|
|
22
|
+
3. Write code as if already authenticated.
|
|
49
23
|
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
Functions (GCF) and Cloud Run, **Credentials** are discovered automatically.
|
|
53
|
-
Code should be written as if already authenticated.
|
|
24
|
+
For more information about setting up authentication for a local development environment, see
|
|
25
|
+
[Set up Application Default Credentials](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-dev).
|
|
54
26
|
|
|
55
|
-
|
|
27
|
+
## Credential Lookup
|
|
56
28
|
|
|
57
|
-
The
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
**Credentials JSON** file can be stored in the environment variable, or the
|
|
62
|
-
**Credentials JSON** itself can be stored for environments such as Docker
|
|
63
|
-
containers where writing files is difficult or not encouraged.
|
|
29
|
+
The google-cloud-os_login-v1beta library provides several mechanisms to configure your system.
|
|
30
|
+
Generally, using Application Default Credentials to facilitate automatic
|
|
31
|
+
credentials discovery is the easist method. But if you need to explicitly specify
|
|
32
|
+
credentials, there are several methods available to you.
|
|
64
33
|
|
|
65
|
-
|
|
66
|
-
checks for credentials are configured on the service Credentials class (such as
|
|
67
|
-
{::Google::Cloud::OsLogin::V1beta::OsLoginService::Credentials}):
|
|
34
|
+
Credentials are accepted in the following ways, in the following order or precedence:
|
|
68
35
|
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
36
|
+
1. Credentials specified in method arguments
|
|
37
|
+
2. Credentials specified in configuration
|
|
38
|
+
3. Credentials pointed to or included in environment variables
|
|
39
|
+
4. Credentials found in local ADC file
|
|
40
|
+
5. Credentials returned by the metadata server for the attached service account (GCP)
|
|
74
41
|
|
|
75
|
-
|
|
76
|
-
require "google/cloud/os_login/v1beta"
|
|
77
|
-
|
|
78
|
-
ENV["OS_LOGIN_CREDENTIALS"] = "path/to/keyfile.json"
|
|
42
|
+
### Configuration
|
|
79
43
|
|
|
80
|
-
client
|
|
81
|
-
|
|
44
|
+
You can configure a path to a JSON credentials file, either for an individual client object or
|
|
45
|
+
globally, for all client objects. The JSON file can contain credentials created for
|
|
46
|
+
[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
|
|
47
|
+
[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
|
|
48
|
+
[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
|
|
82
49
|
|
|
83
|
-
|
|
50
|
+
Note: Service account keys are a security risk if not managed correctly. You should
|
|
51
|
+
[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
|
|
52
|
+
whenever possible.
|
|
84
53
|
|
|
85
|
-
|
|
86
|
-
it in an environment variable. Either on an individual client initialization:
|
|
54
|
+
To configure a credentials file for an individual client initialization:
|
|
87
55
|
|
|
88
56
|
```ruby
|
|
89
57
|
require "google/cloud/os_login/v1beta"
|
|
90
58
|
|
|
91
59
|
client = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.new do |config|
|
|
92
|
-
config.credentials = "path/to/
|
|
60
|
+
config.credentials = "path/to/credentialfile.json"
|
|
93
61
|
end
|
|
94
62
|
```
|
|
95
63
|
|
|
96
|
-
|
|
64
|
+
To configure a credentials file globally for all clients:
|
|
97
65
|
|
|
98
66
|
```ruby
|
|
99
67
|
require "google/cloud/os_login/v1beta"
|
|
100
68
|
|
|
101
69
|
::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.configure do |config|
|
|
102
|
-
config.credentials = "path/to/
|
|
70
|
+
config.credentials = "path/to/credentialfile.json"
|
|
103
71
|
end
|
|
104
72
|
|
|
105
73
|
client = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.new
|
|
106
74
|
```
|
|
107
75
|
|
|
108
|
-
###
|
|
76
|
+
### Environment Variables
|
|
109
77
|
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
78
|
+
You can also use an environment variable to provide a JSON credentials file.
|
|
79
|
+
The environment variable can contain a path to the credentials file or, for
|
|
80
|
+
environments such as Docker containers where writing files is not encouraged,
|
|
81
|
+
you can include the credentials file itself.
|
|
113
82
|
|
|
114
|
-
|
|
83
|
+
The JSON file can contain credentials created for
|
|
84
|
+
[workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation),
|
|
85
|
+
[workforce identity federation](https://cloud.google.com/iam/docs/workforce-identity-federation), or a
|
|
86
|
+
[service account key](https://cloud.google.com/docs/authentication/provide-credentials-adc#local-key).
|
|
115
87
|
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
88
|
+
Note: Service account keys are a security risk if not managed correctly. You should
|
|
89
|
+
[choose a more secure alternative to service account keys](https://cloud.google.com/docs/authentication#auth-decision-tree)
|
|
90
|
+
whenever possible.
|
|
91
|
+
|
|
92
|
+
The environment variables that google-cloud-os_login-v1beta
|
|
93
|
+
checks for credentials are:
|
|
119
94
|
|
|
120
|
-
|
|
121
|
-
*
|
|
95
|
+
* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
|
|
96
|
+
* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
|
|
122
97
|
|
|
123
|
-
|
|
98
|
+
```ruby
|
|
99
|
+
require "google/cloud/os_login/v1beta"
|
|
124
100
|
|
|
125
|
-
|
|
126
|
-
connect to the APIs. You will use the **JSON key file** to
|
|
127
|
-
connect to most services with google-cloud-os_login-v1beta.
|
|
101
|
+
ENV["GOOGLE_APPLICATION_CREDENTIALS"] = "path/to/credentialfile.json"
|
|
128
102
|
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
need a Google Developers service account.
|
|
103
|
+
client = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Client.new
|
|
104
|
+
```
|
|
132
105
|
|
|
133
|
-
|
|
134
|
-
2. Create a new project or click on an existing project.
|
|
135
|
-
3. Activate the menu in the upper left and select **APIs & Services**. From
|
|
136
|
-
here, you will enable the APIs that your application requires.
|
|
106
|
+
### Local ADC file
|
|
137
107
|
|
|
138
|
-
|
|
108
|
+
You can set up a local ADC file with your user credentials for authentication during
|
|
109
|
+
development. If credentials are not provided in code or in environment variables,
|
|
110
|
+
then the local ADC credentials are discovered.
|
|
139
111
|
|
|
140
|
-
|
|
112
|
+
Follow the steps in [Quickstart](#quickstart) to set up a local ADC file.
|
|
141
113
|
|
|
142
|
-
|
|
143
|
-
"Service account" to be guided through downloading a new JSON key file.
|
|
114
|
+
### Google Cloud Platform environments
|
|
144
115
|
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
116
|
+
When running on Google Cloud Platform (GCP), including Google Compute Engine
|
|
117
|
+
(GCE), Google Kubernetes Engine (GKE), Google App Engine (GAE), Google Cloud
|
|
118
|
+
Functions (GCF) and Cloud Run, credentials are retrieved from the attached
|
|
119
|
+
service account automatically. Code should be written as if already authenticated.
|
|
149
120
|
|
|
150
|
-
|
|
151
|
-
|
|
121
|
+
For more information, see
|
|
122
|
+
[Set up ADC for Google Cloud services](https://cloud.google.com/docs/authentication/provide-credentials-adc#attached-sa).
|
|
@@ -33,6 +33,9 @@ module Google
|
|
|
33
33
|
# public keys for logging into virtual machines on Google Cloud Platform.
|
|
34
34
|
#
|
|
35
35
|
class Client
|
|
36
|
+
# @private
|
|
37
|
+
DEFAULT_ENDPOINT_TEMPLATE = "oslogin.$UNIVERSE_DOMAIN$"
|
|
38
|
+
|
|
36
39
|
include Paths
|
|
37
40
|
|
|
38
41
|
# @private
|
|
@@ -123,6 +126,15 @@ module Google
|
|
|
123
126
|
@config
|
|
124
127
|
end
|
|
125
128
|
|
|
129
|
+
##
|
|
130
|
+
# The effective universe domain
|
|
131
|
+
#
|
|
132
|
+
# @return [String]
|
|
133
|
+
#
|
|
134
|
+
def universe_domain
|
|
135
|
+
@os_login_service_stub.universe_domain
|
|
136
|
+
end
|
|
137
|
+
|
|
126
138
|
##
|
|
127
139
|
# Create a new OsLoginService client object.
|
|
128
140
|
#
|
|
@@ -156,8 +168,9 @@ module Google
|
|
|
156
168
|
credentials = @config.credentials
|
|
157
169
|
# Use self-signed JWT if the endpoint is unchanged from default,
|
|
158
170
|
# but only if the default endpoint does not have a region prefix.
|
|
159
|
-
enable_self_signed_jwt = @config.endpoint
|
|
160
|
-
|
|
171
|
+
enable_self_signed_jwt = @config.endpoint.nil? ||
|
|
172
|
+
(@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
|
|
173
|
+
!@config.endpoint.split(".").first.include?("-"))
|
|
161
174
|
credentials ||= Credentials.default scope: @config.scope,
|
|
162
175
|
enable_self_signed_jwt: enable_self_signed_jwt
|
|
163
176
|
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
|
@@ -168,8 +181,10 @@ module Google
|
|
|
168
181
|
|
|
169
182
|
@os_login_service_stub = ::Gapic::ServiceStub.new(
|
|
170
183
|
::Google::Cloud::OsLogin::V1beta::OsLoginService::Stub,
|
|
171
|
-
credentials:
|
|
172
|
-
endpoint:
|
|
184
|
+
credentials: credentials,
|
|
185
|
+
endpoint: @config.endpoint,
|
|
186
|
+
endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
|
|
187
|
+
universe_domain: @config.universe_domain,
|
|
173
188
|
channel_args: @config.channel_args,
|
|
174
189
|
interceptors: @config.interceptors,
|
|
175
190
|
channel_pool_config: @config.channel_pool
|
|
@@ -633,7 +648,7 @@ module Google
|
|
|
633
648
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
634
649
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
635
650
|
#
|
|
636
|
-
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil)
|
|
651
|
+
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil, regions: nil)
|
|
637
652
|
# Pass arguments to `import_ssh_public_key` via keyword arguments. Note that at
|
|
638
653
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
639
654
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -646,6 +661,10 @@ module Google
|
|
|
646
661
|
# The project ID of the Google Cloud Platform project.
|
|
647
662
|
# @param view [::Google::Cloud::OsLogin::V1beta::LoginProfileView]
|
|
648
663
|
# The view configures whether to retrieve security keys information.
|
|
664
|
+
# @param regions [::Array<::String>]
|
|
665
|
+
# Optional. The regions to which to assert that the key was written.
|
|
666
|
+
# If unspecified, defaults to all regions.
|
|
667
|
+
# Regions are listed at https://cloud.google.com/about/locations#region.
|
|
649
668
|
#
|
|
650
669
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
651
670
|
# @yieldparam response [::Google::Cloud::OsLogin::V1beta::ImportSshPublicKeyResponse]
|
|
@@ -923,9 +942,9 @@ module Google
|
|
|
923
942
|
# end
|
|
924
943
|
#
|
|
925
944
|
# @!attribute [rw] endpoint
|
|
926
|
-
#
|
|
927
|
-
#
|
|
928
|
-
# @return [::String]
|
|
945
|
+
# A custom service endpoint, as a hostname or hostname:port. The default is
|
|
946
|
+
# nil, indicating to use the default endpoint in the current universe domain.
|
|
947
|
+
# @return [::String,nil]
|
|
929
948
|
# @!attribute [rw] credentials
|
|
930
949
|
# Credentials to send with calls. You may provide any of the following types:
|
|
931
950
|
# * (`String`) The path to a service account key file in JSON format
|
|
@@ -971,13 +990,20 @@ module Google
|
|
|
971
990
|
# @!attribute [rw] quota_project
|
|
972
991
|
# A separate project against which to charge quota.
|
|
973
992
|
# @return [::String]
|
|
993
|
+
# @!attribute [rw] universe_domain
|
|
994
|
+
# The universe domain within which to make requests. This determines the
|
|
995
|
+
# default endpoint URL. The default value of nil uses the environment
|
|
996
|
+
# universe (usually the default "googleapis.com" universe).
|
|
997
|
+
# @return [::String,nil]
|
|
974
998
|
#
|
|
975
999
|
class Configuration
|
|
976
1000
|
extend ::Gapic::Config
|
|
977
1001
|
|
|
1002
|
+
# @private
|
|
1003
|
+
# The endpoint specific to the default "googleapis.com" universe. Deprecated.
|
|
978
1004
|
DEFAULT_ENDPOINT = "oslogin.googleapis.com"
|
|
979
1005
|
|
|
980
|
-
config_attr :endpoint,
|
|
1006
|
+
config_attr :endpoint, nil, ::String, nil
|
|
981
1007
|
config_attr :credentials, nil do |value|
|
|
982
1008
|
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
|
983
1009
|
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
|
@@ -992,6 +1018,7 @@ module Google
|
|
|
992
1018
|
config_attr :metadata, nil, ::Hash, nil
|
|
993
1019
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
994
1020
|
config_attr :quota_project, nil, ::String, nil
|
|
1021
|
+
config_attr :universe_domain, nil, ::String, nil
|
|
995
1022
|
|
|
996
1023
|
# @private
|
|
997
1024
|
def initialize parent_config = nil
|
|
@@ -35,6 +35,9 @@ module Google
|
|
|
35
35
|
# public keys for logging into virtual machines on Google Cloud Platform.
|
|
36
36
|
#
|
|
37
37
|
class Client
|
|
38
|
+
# @private
|
|
39
|
+
DEFAULT_ENDPOINT_TEMPLATE = "oslogin.$UNIVERSE_DOMAIN$"
|
|
40
|
+
|
|
38
41
|
include Paths
|
|
39
42
|
|
|
40
43
|
# @private
|
|
@@ -125,6 +128,15 @@ module Google
|
|
|
125
128
|
@config
|
|
126
129
|
end
|
|
127
130
|
|
|
131
|
+
##
|
|
132
|
+
# The effective universe domain
|
|
133
|
+
#
|
|
134
|
+
# @return [String]
|
|
135
|
+
#
|
|
136
|
+
def universe_domain
|
|
137
|
+
@os_login_service_stub.universe_domain
|
|
138
|
+
end
|
|
139
|
+
|
|
128
140
|
##
|
|
129
141
|
# Create a new OsLoginService REST client object.
|
|
130
142
|
#
|
|
@@ -152,8 +164,9 @@ module Google
|
|
|
152
164
|
credentials = @config.credentials
|
|
153
165
|
# Use self-signed JWT if the endpoint is unchanged from default,
|
|
154
166
|
# but only if the default endpoint does not have a region prefix.
|
|
155
|
-
enable_self_signed_jwt = @config.endpoint
|
|
156
|
-
|
|
167
|
+
enable_self_signed_jwt = @config.endpoint.nil? ||
|
|
168
|
+
(@config.endpoint == Configuration::DEFAULT_ENDPOINT &&
|
|
169
|
+
!@config.endpoint.split(".").first.include?("-"))
|
|
157
170
|
credentials ||= Credentials.default scope: @config.scope,
|
|
158
171
|
enable_self_signed_jwt: enable_self_signed_jwt
|
|
159
172
|
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
|
@@ -163,7 +176,12 @@ module Google
|
|
|
163
176
|
@quota_project_id = @config.quota_project
|
|
164
177
|
@quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
|
|
165
178
|
|
|
166
|
-
@os_login_service_stub = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Rest::ServiceStub.new
|
|
179
|
+
@os_login_service_stub = ::Google::Cloud::OsLogin::V1beta::OsLoginService::Rest::ServiceStub.new(
|
|
180
|
+
endpoint: @config.endpoint,
|
|
181
|
+
endpoint_template: DEFAULT_ENDPOINT_TEMPLATE,
|
|
182
|
+
universe_domain: @config.universe_domain,
|
|
183
|
+
credentials: credentials
|
|
184
|
+
)
|
|
167
185
|
end
|
|
168
186
|
|
|
169
187
|
# Service calls
|
|
@@ -588,7 +606,7 @@ module Google
|
|
|
588
606
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
589
607
|
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
590
608
|
#
|
|
591
|
-
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil)
|
|
609
|
+
# @overload import_ssh_public_key(parent: nil, ssh_public_key: nil, project_id: nil, view: nil, regions: nil)
|
|
592
610
|
# Pass arguments to `import_ssh_public_key` via keyword arguments. Note that at
|
|
593
611
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
594
612
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -601,6 +619,10 @@ module Google
|
|
|
601
619
|
# The project ID of the Google Cloud Platform project.
|
|
602
620
|
# @param view [::Google::Cloud::OsLogin::V1beta::LoginProfileView]
|
|
603
621
|
# The view configures whether to retrieve security keys information.
|
|
622
|
+
# @param regions [::Array<::String>]
|
|
623
|
+
# Optional. The regions to which to assert that the key was written.
|
|
624
|
+
# If unspecified, defaults to all regions.
|
|
625
|
+
# Regions are listed at https://cloud.google.com/about/locations#region.
|
|
604
626
|
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
605
627
|
# @yieldparam result [::Google::Cloud::OsLogin::V1beta::ImportSshPublicKeyResponse]
|
|
606
628
|
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
@@ -857,9 +879,9 @@ module Google
|
|
|
857
879
|
# end
|
|
858
880
|
#
|
|
859
881
|
# @!attribute [rw] endpoint
|
|
860
|
-
#
|
|
861
|
-
#
|
|
862
|
-
# @return [::String]
|
|
882
|
+
# A custom service endpoint, as a hostname or hostname:port. The default is
|
|
883
|
+
# nil, indicating to use the default endpoint in the current universe domain.
|
|
884
|
+
# @return [::String,nil]
|
|
863
885
|
# @!attribute [rw] credentials
|
|
864
886
|
# Credentials to send with calls. You may provide any of the following types:
|
|
865
887
|
# * (`String`) The path to a service account key file in JSON format
|
|
@@ -896,13 +918,20 @@ module Google
|
|
|
896
918
|
# @!attribute [rw] quota_project
|
|
897
919
|
# A separate project against which to charge quota.
|
|
898
920
|
# @return [::String]
|
|
921
|
+
# @!attribute [rw] universe_domain
|
|
922
|
+
# The universe domain within which to make requests. This determines the
|
|
923
|
+
# default endpoint URL. The default value of nil uses the environment
|
|
924
|
+
# universe (usually the default "googleapis.com" universe).
|
|
925
|
+
# @return [::String,nil]
|
|
899
926
|
#
|
|
900
927
|
class Configuration
|
|
901
928
|
extend ::Gapic::Config
|
|
902
929
|
|
|
930
|
+
# @private
|
|
931
|
+
# The endpoint specific to the default "googleapis.com" universe. Deprecated.
|
|
903
932
|
DEFAULT_ENDPOINT = "oslogin.googleapis.com"
|
|
904
933
|
|
|
905
|
-
config_attr :endpoint,
|
|
934
|
+
config_attr :endpoint, nil, ::String, nil
|
|
906
935
|
config_attr :credentials, nil do |value|
|
|
907
936
|
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
|
908
937
|
allowed.any? { |klass| klass === value }
|
|
@@ -914,6 +943,7 @@ module Google
|
|
|
914
943
|
config_attr :metadata, nil, ::Hash, nil
|
|
915
944
|
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
|
916
945
|
config_attr :quota_project, nil, ::String, nil
|
|
946
|
+
config_attr :universe_domain, nil, ::String, nil
|
|
917
947
|
|
|
918
948
|
# @private
|
|
919
949
|
def initialize parent_config = nil
|
|
@@ -30,16 +30,28 @@ module Google
|
|
|
30
30
|
# including transcoding, making the REST call, and deserialing the response.
|
|
31
31
|
#
|
|
32
32
|
class ServiceStub
|
|
33
|
-
def initialize endpoint:, credentials:
|
|
33
|
+
def initialize endpoint:, endpoint_template:, universe_domain:, credentials:
|
|
34
34
|
# These require statements are intentionally placed here to initialize
|
|
35
35
|
# the REST modules only when it's required.
|
|
36
36
|
require "gapic/rest"
|
|
37
37
|
|
|
38
|
-
@client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
|
|
38
|
+
@client_stub = ::Gapic::Rest::ClientStub.new endpoint: endpoint,
|
|
39
|
+
endpoint_template: endpoint_template,
|
|
40
|
+
universe_domain: universe_domain,
|
|
41
|
+
credentials: credentials,
|
|
39
42
|
numeric_enums: true,
|
|
40
43
|
raise_faraday_errors: false
|
|
41
44
|
end
|
|
42
45
|
|
|
46
|
+
##
|
|
47
|
+
# The effective universe domain
|
|
48
|
+
#
|
|
49
|
+
# @return [String]
|
|
50
|
+
#
|
|
51
|
+
def universe_domain
|
|
52
|
+
@client_stub.universe_domain
|
|
53
|
+
end
|
|
54
|
+
|
|
43
55
|
##
|
|
44
56
|
# Baseline implementation for the create_ssh_public_key REST call
|
|
45
57
|
#
|
|
@@ -13,7 +13,7 @@ require 'google/protobuf/empty_pb'
|
|
|
13
13
|
require 'google/protobuf/field_mask_pb'
|
|
14
14
|
|
|
15
15
|
|
|
16
|
-
descriptor_data = "\n)google/cloud/oslogin/v1beta/oslogin.proto\x12\x1bgoogle.cloud.oslogin.v1beta\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a(google/cloud/oslogin/common/common.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\"\xdd\x02\n\x0cLoginProfile\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x41\n\x0eposix_accounts\x18\x02 \x03(\x0b\x32).google.cloud.oslogin.common.PosixAccount\x12U\n\x0fssh_public_keys\x18\x03 \x03(\x0b\x32<.google.cloud.oslogin.v1beta.LoginProfile.SshPublicKeysEntry\x12?\n\rsecurity_keys\x18\x05 \x03(\x0b\x32(.google.cloud.oslogin.v1beta.SecurityKey\x1a_\n\x12SshPublicKeysEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x38\n\x05value\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKey:\x02\x38\x01\"\xa0\x01\n\x19\x43reateSshPublicKeyRequest\x12;\n\x06parent\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\x12#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\"V\n\x19\x44\x65letePosixAccountRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/PosixAccount\"V\n\x19\x44\x65leteSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\xaf\x01\n\x16GetLoginProfileRequest\x12\x31\n\x04name\x18\x01 \x01(\tB#\xe0\x41\x02\xfa\x41\x1d\n\x1boslogin.googleapis.com/User\x12\x12\n\nproject_id\x18\x02 \x01(\t\x12\x11\n\tsystem_id\x18\x03 \x01(\t\x12;\n\x04view\x18\x04 \x01(\x0e\x32-.google.cloud.oslogin.v1beta.LoginProfileView\"S\n\x16GetSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\
|
|
16
|
+
descriptor_data = "\n)google/cloud/oslogin/v1beta/oslogin.proto\x12\x1bgoogle.cloud.oslogin.v1beta\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a(google/cloud/oslogin/common/common.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\"\xdd\x02\n\x0cLoginProfile\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x41\n\x0eposix_accounts\x18\x02 \x03(\x0b\x32).google.cloud.oslogin.common.PosixAccount\x12U\n\x0fssh_public_keys\x18\x03 \x03(\x0b\x32<.google.cloud.oslogin.v1beta.LoginProfile.SshPublicKeysEntry\x12?\n\rsecurity_keys\x18\x05 \x03(\x0b\x32(.google.cloud.oslogin.v1beta.SecurityKey\x1a_\n\x12SshPublicKeysEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\x38\n\x05value\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKey:\x02\x38\x01\"\xa0\x01\n\x19\x43reateSshPublicKeyRequest\x12;\n\x06parent\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\x12#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\"V\n\x19\x44\x65letePosixAccountRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/PosixAccount\"V\n\x19\x44\x65leteSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\xaf\x01\n\x16GetLoginProfileRequest\x12\x31\n\x04name\x18\x01 \x01(\tB#\xe0\x41\x02\xfa\x41\x1d\n\x1boslogin.googleapis.com/User\x12\x12\n\nproject_id\x18\x02 \x01(\t\x12\x11\n\tsystem_id\x18\x03 \x01(\t\x12;\n\x04view\x18\x04 \x01(\x0e\x32-.google.cloud.oslogin.v1beta.LoginProfileView\"S\n\x16GetSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\"\x84\x02\n\x19ImportSshPublicKeyRequest\x12\x38\n\x06parent\x18\x01 \x01(\tB(\xfa\x41%\x12#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\x12\x12\n\nproject_id\x18\x03 \x01(\t\x12;\n\x04view\x18\x04 \x01(\x0e\x32-.google.cloud.oslogin.v1beta.LoginProfileView\x12\x14\n\x07regions\x18\x05 \x03(\tB\x03\xe0\x41\x01\"o\n\x1aImportSshPublicKeyResponse\x12@\n\rlogin_profile\x18\x01 \x01(\x0b\x32).google.cloud.oslogin.v1beta.LoginProfile\x12\x0f\n\x07\x64\x65tails\x18\x02 \x01(\t\"\xcf\x01\n\x19UpdateSshPublicKeyRequest\x12\x39\n\x04name\x18\x01 \x01(\tB+\xe0\x41\x02\xfa\x41%\n#oslogin.googleapis.com/SshPublicKey\x12\x46\n\x0essh_public_key\x18\x02 \x01(\x0b\x32).google.cloud.oslogin.common.SshPublicKeyB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\"\x86\x02\n\x0bSecurityKey\x12\x12\n\npublic_key\x18\x01 \x01(\t\x12\x13\n\x0bprivate_key\x18\x02 \x01(\t\x12O\n\x14universal_two_factor\x18\x03 \x01(\x0b\x32/.google.cloud.oslogin.v1beta.UniversalTwoFactorH\x00\x12:\n\tweb_authn\x18\x04 \x01(\x0b\x32%.google.cloud.oslogin.v1beta.WebAuthnH\x00\x12\x1c\n\x0f\x64\x65vice_nickname\x18\x05 \x01(\tH\x01\x88\x01\x01\x42\x0f\n\rprotocol_typeB\x12\n\x10_device_nickname\"$\n\x12UniversalTwoFactor\x12\x0e\n\x06\x61pp_id\x18\x01 \x01(\t\"\x19\n\x08WebAuthn\x12\r\n\x05rp_id\x18\x01 \x01(\t\"A\n\x17SignSshPublicKeyRequest\x12\x16\n\x0essh_public_key\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\"9\n\x18SignSshPublicKeyResponse\x12\x1d\n\x15signed_ssh_public_key\x18\x01 \x01(\t*S\n\x10LoginProfileView\x12\"\n\x1eLOGIN_PROFILE_VIEW_UNSPECIFIED\x10\x00\x12\t\n\x05\x42\x41SIC\x10\x01\x12\x10\n\x0cSECURITY_KEY\x10\x02\x32\xf2\x0e\n\x0eOsLoginService\x12\xcf\x01\n\x12\x43reateSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.CreateSshPublicKeyRequest\x1a).google.cloud.oslogin.common.SshPublicKey\"V\x82\xd3\xe4\x93\x02\x38\"&/v1beta/{parent=users/*}/sshPublicKeys:\x0essh_public_key\xda\x41\x15parent,ssh_public_key\x12\x96\x01\n\x12\x44\x65letePosixAccount\x12\x36.google.cloud.oslogin.v1beta.DeletePosixAccountRequest\x1a\x16.google.protobuf.Empty\"0\x82\xd3\xe4\x93\x02#*!/v1beta/{name=users/*/projects/*}\xda\x41\x04name\x12\x9b\x01\n\x12\x44\x65leteSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.DeleteSshPublicKeyRequest\x1a\x16.google.protobuf.Empty\"5\x82\xd3\xe4\x93\x02(*&/v1beta/{name=users/*/sshPublicKeys/*}\xda\x41\x04name\x12\xa5\x01\n\x0fGetLoginProfile\x12\x33.google.cloud.oslogin.v1beta.GetLoginProfileRequest\x1a).google.cloud.oslogin.v1beta.LoginProfile\"2\x82\xd3\xe4\x93\x02%\x12#/v1beta/{name=users/*}/loginProfile\xda\x41\x04name\x12\xa8\x01\n\x0fGetSshPublicKey\x12\x33.google.cloud.oslogin.v1beta.GetSshPublicKeyRequest\x1a).google.cloud.oslogin.common.SshPublicKey\"5\x82\xd3\xe4\x93\x02(\x12&/v1beta/{name=users/*/sshPublicKeys/*}\xda\x41\x04name\x12\x85\x02\n\x12ImportSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.ImportSshPublicKeyRequest\x1a\x37.google.cloud.oslogin.v1beta.ImportSshPublicKeyResponse\"~\x82\xd3\xe4\x93\x02=\"+/v1beta/{parent=users/*}:importSshPublicKey:\x0essh_public_key\xda\x41\x15parent,ssh_public_key\xda\x41 parent,ssh_public_key,project_id\x12\xef\x01\n\x12UpdateSshPublicKey\x12\x36.google.cloud.oslogin.v1beta.UpdateSshPublicKeyRequest\x1a).google.cloud.oslogin.common.SshPublicKey\"v\x82\xd3\xe4\x93\x02\x38\x32&/v1beta/{name=users/*/sshPublicKeys/*}:\x0essh_public_key\xda\x41\x13name,ssh_public_key\xda\x41\x1fname,ssh_public_key,update_mask\x12\xa9\x02\n\x10SignSshPublicKey\x12\x34.google.cloud.oslogin.v1beta.SignSshPublicKeyRequest\x1a\x35.google.cloud.oslogin.v1beta.SignSshPublicKeyResponse\"\xa7\x01\x82\xd3\xe4\x93\x02\x88\x01\"</v1beta/{parent=users/*/projects/*/zones/*}:signSshPublicKey:\x01*ZE\"@/v1beta/{parent=users/*/projects/*/locations/*}:signSshPublicKey:\x01*\xda\x41\x15parent,ssh_public_key\x1a\xdd\x01\xca\x41\x16oslogin.googleapis.com\xd2\x41\xc0\x01https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/cloud-platform.read-only,https://www.googleapis.com/auth/compute,https://www.googleapis.com/auth/compute.readonlyB\xc9\x01\n\x1f\x63om.google.cloud.oslogin.v1betaB\x0cOsLoginProtoP\x01Z9cloud.google.com/go/oslogin/apiv1beta/osloginpb;osloginpb\xaa\x02\x1bGoogle.Cloud.OsLogin.V1Beta\xca\x02\x1bGoogle\\Cloud\\OsLogin\\V1beta\xea\x02\x1eGoogle::Cloud::OsLogin::V1betab\x06proto3"
|
|
17
17
|
|
|
18
18
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
19
19
|
|
|
@@ -21,6 +21,7 @@ module Google
|
|
|
21
21
|
module Api
|
|
22
22
|
# Required information for every language.
|
|
23
23
|
# @!attribute [rw] reference_docs_uri
|
|
24
|
+
# @deprecated This field is deprecated and may be removed in the next major version update.
|
|
24
25
|
# @return [::String]
|
|
25
26
|
# Link to automatically generated reference documentation. Example:
|
|
26
27
|
# https://cloud.google.com/nodejs/docs/reference/asset/latest
|
|
@@ -304,6 +305,19 @@ module Google
|
|
|
304
305
|
# seconds: 360 # 6 minutes
|
|
305
306
|
# total_poll_timeout:
|
|
306
307
|
# seconds: 54000 # 90 minutes
|
|
308
|
+
# @!attribute [rw] auto_populated_fields
|
|
309
|
+
# @return [::Array<::String>]
|
|
310
|
+
# List of top-level fields of the request message, that should be
|
|
311
|
+
# automatically populated by the client libraries based on their
|
|
312
|
+
# (google.api.field_info).format. Currently supported format: UUID4.
|
|
313
|
+
#
|
|
314
|
+
# Example of a YAML configuration:
|
|
315
|
+
#
|
|
316
|
+
# publishing:
|
|
317
|
+
# method_settings:
|
|
318
|
+
# - selector: google.example.v1.ExampleService.CreateExample
|
|
319
|
+
# auto_populated_fields:
|
|
320
|
+
# - request_id
|
|
307
321
|
class MethodSettings
|
|
308
322
|
include ::Google::Protobuf::MessageExts
|
|
309
323
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -125,6 +125,11 @@ module Google
|
|
|
125
125
|
# @!attribute [rw] view
|
|
126
126
|
# @return [::Google::Cloud::OsLogin::V1beta::LoginProfileView]
|
|
127
127
|
# The view configures whether to retrieve security keys information.
|
|
128
|
+
# @!attribute [rw] regions
|
|
129
|
+
# @return [::Array<::String>]
|
|
130
|
+
# Optional. The regions to which to assert that the key was written.
|
|
131
|
+
# If unspecified, defaults to all regions.
|
|
132
|
+
# Regions are listed at https://cloud.google.com/about/locations#region.
|
|
128
133
|
class ImportSshPublicKeyRequest
|
|
129
134
|
include ::Google::Protobuf::MessageExts
|
|
130
135
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: google-cloud-os_login-v1beta
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.14.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Google LLC
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: gapic-common
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.21.1
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: 2.a
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: 0.
|
|
29
|
+
version: 0.21.1
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 2.a
|
|
@@ -214,7 +214,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
214
214
|
- !ruby/object:Gem::Version
|
|
215
215
|
version: '0'
|
|
216
216
|
requirements: []
|
|
217
|
-
rubygems_version: 3.
|
|
217
|
+
rubygems_version: 3.5.3
|
|
218
218
|
signing_key:
|
|
219
219
|
specification_version: 4
|
|
220
220
|
summary: You can use OS Login to manage access to your VM instances using IAM roles.
|