google-cloud-recaptcha_enterprise-v1 0.15.0 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -25,7 +25,7 @@ module Google
25
25
  # @!attribute [rw] parent
26
26
  # @return [::String]
27
27
  # Required. The name of the project in which the assessment will be created,
28
- # in the format "projects/\\{project}".
28
+ # in the format `projects/{project}`.
29
29
  # @!attribute [rw] assessment
30
30
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::Assessment]
31
31
  # Required. The assessment details.
@@ -159,7 +159,7 @@ module Google
159
159
  # @!attribute [rw] name
160
160
  # @return [::String]
161
161
  # Required. The resource name of the Assessment, in the format
162
- # "projects/\\{project}/assessments/\\{assessment}".
162
+ # `projects/{project}/assessments/{assessment}`.
163
163
  # @!attribute [rw] annotation
164
164
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::AnnotateAssessmentRequest::Annotation]
165
165
  # Optional. The annotation that will be assigned to the Event. This field can
@@ -167,15 +167,18 @@ module Google
167
167
  # whether the event is legitimate or fraudulent.
168
168
  # @!attribute [rw] reasons
169
169
  # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::AnnotateAssessmentRequest::Reason>]
170
- # Optional. Optional reasons for the annotation that will be assigned to the
171
- # Event.
170
+ # Optional. Reasons for the annotation that are assigned to the event.
171
+ # @!attribute [rw] account_id
172
+ # @return [::String]
173
+ # Optional. A stable account identifier to apply to the assessment. This is
174
+ # an alternative to setting `account_id` in `CreateAssessment`, for example
175
+ # when a stable account identifier is not yet known in the initial request.
172
176
  # @!attribute [rw] hashed_account_id
173
177
  # @return [::String]
174
- # Optional. Unique stable hashed user identifier to apply to the assessment.
175
- # This is an alternative to setting the hashed_account_id in
176
- # CreateAssessment, for example when the account identifier is not yet known
177
- # in the initial request. It is recommended that the identifier is hashed
178
- # using hmac-sha256 with stable secret.
178
+ # Optional. A stable hashed account identifier to apply to the assessment.
179
+ # This is an alternative to setting `hashed_account_id` in
180
+ # `CreateAssessment`, for example when a stable account identifier is not yet
181
+ # known in the initial request.
179
182
  # @!attribute [rw] transaction_event
180
183
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionEvent]
181
184
  # Optional. If the assessment is part of a payment transaction, provide
@@ -302,11 +305,11 @@ module Google
302
305
  # Information about account verification, used for identity verification.
303
306
  # @!attribute [rw] endpoints
304
307
  # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::EndpointVerificationInfo>]
305
- # Endpoints that can be used for identity verification.
308
+ # Optional. Endpoints that can be used for identity verification.
306
309
  # @!attribute [rw] language_code
307
310
  # @return [::String]
308
- # Language code preference for the verification message, set as a IETF BCP 47
309
- # language code.
311
+ # Optional. Language code preference for the verification message, set as a
312
+ # IETF BCP 47 language code.
310
313
  # @!attribute [r] latest_verification_result
311
314
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::AccountVerificationInfo::Result]
312
315
  # Output only. Result of the latest account verification challenge.
@@ -365,7 +368,7 @@ module Google
365
368
  # Private password leak verification info.
366
369
  # @!attribute [rw] lookup_hash_prefix
367
370
  # @return [::String]
368
- # Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized
371
+ # Required. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized
369
372
  # username. It is used to look up password leaks associated with that hash
370
373
  # prefix.
371
374
  # @!attribute [rw] encrypted_user_credentials_hash
@@ -391,11 +394,11 @@ module Google
391
394
  # A reCAPTCHA Enterprise assessment resource.
392
395
  # @!attribute [r] name
393
396
  # @return [::String]
394
- # Output only. The resource name for the Assessment in the format
395
- # "projects/\\{project}/assessments/\\{assessment}".
397
+ # Output only. Identifier. The resource name for the Assessment in the format
398
+ # `projects/{project}/assessments/{assessment}`.
396
399
  # @!attribute [rw] event
397
400
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::Event]
398
- # The event being assessed.
401
+ # Optional. The event being assessed.
399
402
  # @!attribute [r] risk_analysis
400
403
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::RiskAnalysis]
401
404
  # Output only. The risk analysis result for the event being assessed.
@@ -404,19 +407,29 @@ module Google
404
407
  # Output only. Properties of the provided event token.
405
408
  # @!attribute [rw] account_verification
406
409
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::AccountVerificationInfo]
407
- # Account verification information for identity verification. The assessment
408
- # event must include a token and site key to use this feature.
409
- # @!attribute [rw] account_defender_assessment
410
+ # Optional. Account verification information for identity verification. The
411
+ # assessment event must include a token and site key to use this feature.
412
+ # @!attribute [r] account_defender_assessment
410
413
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::AccountDefenderAssessment]
411
- # Assessment returned by account defender when a hashed_account_id is
412
- # provided.
414
+ # Output only. Assessment returned by account defender when an account
415
+ # identifier is provided.
413
416
  # @!attribute [rw] private_password_leak_verification
414
417
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::PrivatePasswordLeakVerification]
415
- # The private password leak verification field contains the parameters that
416
- # are used to to check for leaks privately without sharing user credentials.
417
- # @!attribute [rw] fraud_prevention_assessment
418
+ # Optional. The private password leak verification field contains the
419
+ # parameters that are used to to check for leaks privately without sharing
420
+ # user credentials.
421
+ # @!attribute [r] firewall_policy_assessment
422
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallPolicyAssessment]
423
+ # Output only. Assessment returned when firewall policies belonging to the
424
+ # project are evaluated using the field firewall_policy_evaluation.
425
+ # @!attribute [r] fraud_prevention_assessment
418
426
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment]
419
- # Assessment returned by Fraud Prevention when TransactionData is provided.
427
+ # Output only. Assessment returned by Fraud Prevention when TransactionData
428
+ # is provided.
429
+ # @!attribute [r] fraud_signals
430
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudSignals]
431
+ # Output only. Fraud Signals specific to the users involved in a payment
432
+ # transaction.
420
433
  class Assessment
421
434
  include ::Google::Protobuf::MessageExts
422
435
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -446,20 +459,50 @@ module Google
446
459
  # already integrated with recaptcha enterprise.
447
460
  # @!attribute [rw] hashed_account_id
448
461
  # @return [::String]
449
- # Optional. Unique stable hashed user identifier for the request. The
450
- # identifier must be hashed using hmac-sha256 with stable secret.
462
+ # Optional. Deprecated: use `user_info.account_id` instead.
463
+ # Unique stable hashed user identifier for the request. The identifier must
464
+ # be hashed using hmac-sha256 with stable secret.
465
+ # @!attribute [rw] express
466
+ # @return [::Boolean]
467
+ # Optional. Flag for a reCAPTCHA express request for an assessment without a
468
+ # token. If enabled, `site_key` must reference a SCORE key with WAF feature
469
+ # set to EXPRESS.
470
+ # @!attribute [rw] requested_uri
471
+ # @return [::String]
472
+ # Optional. The URI resource the user requested that triggered an assessment.
473
+ # @!attribute [rw] waf_token_assessment
474
+ # @return [::Boolean]
475
+ # Optional. Flag for running WAF token assessment.
476
+ # If enabled, the token must be specified, and have been created by a
477
+ # WAF-enabled key.
478
+ # @!attribute [rw] ja3
479
+ # @return [::String]
480
+ # Optional. JA3 fingerprint for SSL clients.
481
+ # @!attribute [rw] headers
482
+ # @return [::Array<::String>]
483
+ # Optional. HTTP header information about the request.
484
+ # @!attribute [rw] firewall_policy_evaluation
485
+ # @return [::Boolean]
486
+ # Optional. Flag for enabling firewall policy config assessment.
487
+ # If this flag is enabled, the firewall policy will be evaluated and a
488
+ # suggested firewall action will be returned in the response.
451
489
  # @!attribute [rw] transaction_data
452
490
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData]
453
491
  # Optional. Data describing a payment transaction to be assessed. Sending
454
492
  # this data enables reCAPTCHA Enterprise Fraud Prevention and the
455
493
  # FraudPreventionAssessment component in the response.
494
+ # @!attribute [rw] user_info
495
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::UserInfo]
496
+ # Optional. Information about the user that generates this event, when they
497
+ # can be identified. They are often identified through the use of an account
498
+ # for logged-in requests or login/registration requests, or by providing user
499
+ # identifiers for guest actions like checkout.
456
500
  class Event
457
501
  include ::Google::Protobuf::MessageExts
458
502
  extend ::Google::Protobuf::MessageExts::ClassMethods
459
503
  end
460
504
 
461
505
  # Transaction data associated with a payment protected by reCAPTCHA Enterprise.
462
- # All fields are optional.
463
506
  # @!attribute [rw] transaction_id
464
507
  # @return [::String]
465
508
  # Unique identifier for the transaction. This custom identifier can be used
@@ -468,7 +511,7 @@ module Google
468
511
  # same transaction id.
469
512
  # @!attribute [rw] payment_method
470
513
  # @return [::String]
471
- # The payment method for the transaction. The allowed values are:
514
+ # Optional. The payment method for the transaction. The allowed values are:
472
515
  #
473
516
  # * credit-card
474
517
  # * debit-card
@@ -479,38 +522,41 @@ module Google
479
522
  # custom-crypto)
480
523
  # @!attribute [rw] card_bin
481
524
  # @return [::String]
482
- # The Bank Identification Number - generally the first 6 or 8 digits of the
483
- # card.
525
+ # Optional. The Bank Identification Number - generally the first 6 or 8
526
+ # digits of the card.
484
527
  # @!attribute [rw] card_last_four
485
528
  # @return [::String]
486
- # The last four digits of the card.
529
+ # Optional. The last four digits of the card.
487
530
  # @!attribute [rw] currency_code
488
531
  # @return [::String]
489
- # The currency code in ISO-4217 format.
532
+ # Optional. The currency code in ISO-4217 format.
490
533
  # @!attribute [rw] value
491
534
  # @return [::Float]
492
- # The decimal value of the transaction in the specified currency.
535
+ # Optional. The decimal value of the transaction in the specified currency.
493
536
  # @!attribute [rw] shipping_value
494
537
  # @return [::Float]
495
- # The value of shipping in the specified currency. 0 for free or no shipping.
538
+ # Optional. The value of shipping in the specified currency. 0 for free or no
539
+ # shipping.
496
540
  # @!attribute [rw] shipping_address
497
541
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::Address]
498
- # Destination address if this transaction involves shipping a physical item.
542
+ # Optional. Destination address if this transaction involves shipping a
543
+ # physical item.
499
544
  # @!attribute [rw] billing_address
500
545
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::Address]
501
- # Address associated with the payment method when applicable.
546
+ # Optional. Address associated with the payment method when applicable.
502
547
  # @!attribute [rw] user
503
548
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::User]
504
- # Information about the user paying/initiating the transaction.
549
+ # Optional. Information about the user paying/initiating the transaction.
505
550
  # @!attribute [rw] merchants
506
551
  # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::User>]
507
- # Information about the user or users fulfilling the transaction.
552
+ # Optional. Information about the user or users fulfilling the transaction.
508
553
  # @!attribute [rw] items
509
554
  # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::Item>]
510
- # Items purchased in this transaction.
555
+ # Optional. Items purchased in this transaction.
511
556
  # @!attribute [rw] gateway_info
512
557
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::GatewayInfo]
513
- # Information about the payment gateway's response to the transaction.
558
+ # Optional. Information about the payment gateway's response to the
559
+ # transaction.
514
560
  class TransactionData
515
561
  include ::Google::Protobuf::MessageExts
516
562
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -518,24 +564,26 @@ module Google
518
564
  # Structured address format for billing and shipping addresses.
519
565
  # @!attribute [rw] recipient
520
566
  # @return [::String]
521
- # The recipient name, potentially including information such as "care of".
567
+ # Optional. The recipient name, potentially including information such as
568
+ # "care of".
522
569
  # @!attribute [rw] address
523
570
  # @return [::Array<::String>]
524
- # The first lines of the address. The first line generally contains the
525
- # street name and number, and further lines may include information such as
526
- # an apartment number.
571
+ # Optional. The first lines of the address. The first line generally
572
+ # contains the street name and number, and further lines may include
573
+ # information such as an apartment number.
527
574
  # @!attribute [rw] locality
528
575
  # @return [::String]
529
- # The town/city of the address.
576
+ # Optional. The town/city of the address.
530
577
  # @!attribute [rw] administrative_area
531
578
  # @return [::String]
532
- # The state, province, or otherwise administrative area of the address.
579
+ # Optional. The state, province, or otherwise administrative area of the
580
+ # address.
533
581
  # @!attribute [rw] region_code
534
582
  # @return [::String]
535
- # The CLDR country/region of the address.
583
+ # Optional. The CLDR country/region of the address.
536
584
  # @!attribute [rw] postal_code
537
585
  # @return [::String]
538
- # The postal or ZIP code of the address.
586
+ # Optional. The postal or ZIP code of the address.
539
587
  class Address
540
588
  include ::Google::Protobuf::MessageExts
541
589
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -544,26 +592,26 @@ module Google
544
592
  # Details about a user's account involved in the transaction.
545
593
  # @!attribute [rw] account_id
546
594
  # @return [::String]
547
- # Unique account identifier for this user. If using account defender,
548
- # this should match the hashed_account_id field. Otherwise, a unique and
549
- # persistent identifier for this account.
595
+ # Optional. Unique account identifier for this user. If using account
596
+ # defender, this should match the hashed_account_id field. Otherwise, a
597
+ # unique and persistent identifier for this account.
550
598
  # @!attribute [rw] creation_ms
551
599
  # @return [::Integer]
552
- # The epoch milliseconds of the user's account creation.
600
+ # Optional. The epoch milliseconds of the user's account creation.
553
601
  # @!attribute [rw] email
554
602
  # @return [::String]
555
- # The email address of the user.
603
+ # Optional. The email address of the user.
556
604
  # @!attribute [rw] email_verified
557
605
  # @return [::Boolean]
558
- # Whether the email has been verified to be accessible by the user (OTP or
559
- # similar).
606
+ # Optional. Whether the email has been verified to be accessible by the
607
+ # user (OTP or similar).
560
608
  # @!attribute [rw] phone_number
561
609
  # @return [::String]
562
- # The phone number of the user, with country code.
610
+ # Optional. The phone number of the user, with country code.
563
611
  # @!attribute [rw] phone_verified
564
612
  # @return [::Boolean]
565
- # Whether the phone number has been verified to be accessible by the user
566
- # (OTP or similar).
613
+ # Optional. Whether the phone number has been verified to be accessible by
614
+ # the user (OTP or similar).
567
615
  class User
568
616
  include ::Google::Protobuf::MessageExts
569
617
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -572,18 +620,18 @@ module Google
572
620
  # Line items being purchased in this transaction.
573
621
  # @!attribute [rw] name
574
622
  # @return [::String]
575
- # The full name of the item.
623
+ # Optional. The full name of the item.
576
624
  # @!attribute [rw] value
577
625
  # @return [::Float]
578
- # The value per item that the user is paying, in the transaction currency,
579
- # after discounts.
626
+ # Optional. The value per item that the user is paying, in the transaction
627
+ # currency, after discounts.
580
628
  # @!attribute [rw] quantity
581
629
  # @return [::Integer]
582
- # The quantity of this item that is being purchased.
630
+ # Optional. The quantity of this item that is being purchased.
583
631
  # @!attribute [rw] merchant_account_id
584
632
  # @return [::String]
585
- # When a merchant is specified, its corresponding account_id. Necessary to
586
- # populate marketplace-style transactions.
633
+ # Optional. When a merchant is specified, its corresponding account_id.
634
+ # Necessary to populate marketplace-style transactions.
587
635
  class Item
588
636
  include ::Google::Protobuf::MessageExts
589
637
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -592,17 +640,18 @@ module Google
592
640
  # Details about the transaction from the gateway.
593
641
  # @!attribute [rw] name
594
642
  # @return [::String]
595
- # Name of the gateway service (for example, stripe, square, paypal).
643
+ # Optional. Name of the gateway service (for example, stripe, square,
644
+ # paypal).
596
645
  # @!attribute [rw] gateway_response_code
597
646
  # @return [::String]
598
- # Gateway response code describing the state of the transaction.
647
+ # Optional. Gateway response code describing the state of the transaction.
599
648
  # @!attribute [rw] avs_response_code
600
649
  # @return [::String]
601
- # AVS response code from the gateway
650
+ # Optional. AVS response code from the gateway
602
651
  # (available only when reCAPTCHA Enterprise is called after authorization).
603
652
  # @!attribute [rw] cvv_response_code
604
653
  # @return [::String]
605
- # CVV response code from the gateway
654
+ # Optional. CVV response code from the gateway
606
655
  # (available only when reCAPTCHA Enterprise is called after authorization).
607
656
  class GatewayInfo
608
657
  include ::Google::Protobuf::MessageExts
@@ -610,15 +659,57 @@ module Google
610
659
  end
611
660
  end
612
661
 
662
+ # User information associated with a request protected by reCAPTCHA Enterprise.
663
+ # @!attribute [rw] create_account_time
664
+ # @return [::Google::Protobuf::Timestamp]
665
+ # Optional. Creation time for this account associated with this user. Leave
666
+ # blank for non logged-in actions, guest checkout, or when there is no
667
+ # account associated with the current user.
668
+ # @!attribute [rw] account_id
669
+ # @return [::String]
670
+ # Optional. For logged-in requests or login/registration requests, the unique
671
+ # account identifier associated with this user. You can use the username if
672
+ # it is stable (meaning it is the same for every request associated with the
673
+ # same user), or any stable user ID of your choice. Leave blank for non
674
+ # logged-in actions or guest checkout.
675
+ # @!attribute [rw] user_ids
676
+ # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::UserId>]
677
+ # Optional. Identifiers associated with this user or request.
678
+ class UserInfo
679
+ include ::Google::Protobuf::MessageExts
680
+ extend ::Google::Protobuf::MessageExts::ClassMethods
681
+ end
682
+
683
+ # An identifier associated with a user.
684
+ # @!attribute [rw] email
685
+ # @return [::String]
686
+ # Optional. An email address.
687
+ # @!attribute [rw] phone_number
688
+ # @return [::String]
689
+ # Optional. A phone number. Should use the E.164 format.
690
+ # @!attribute [rw] username
691
+ # @return [::String]
692
+ # Optional. A unique username, if different from all the other identifiers
693
+ # and `account_id` that are provided. Can be a unique login handle or
694
+ # display name for a user.
695
+ class UserId
696
+ include ::Google::Protobuf::MessageExts
697
+ extend ::Google::Protobuf::MessageExts::ClassMethods
698
+ end
699
+
613
700
  # Risk analysis result for an event.
614
- # @!attribute [rw] score
701
+ # @!attribute [r] score
615
702
  # @return [::Float]
616
- # Legitimate event score from 0.0 to 1.0.
703
+ # Output only. Legitimate event score from 0.0 to 1.0.
617
704
  # (1.0 means very likely legitimate traffic while 0.0 means very likely
618
705
  # non-legitimate traffic).
619
- # @!attribute [rw] reasons
706
+ # @!attribute [r] reasons
620
707
  # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::RiskAnalysis::ClassificationReason>]
621
- # Reasons contributing to the risk analysis verdict.
708
+ # Output only. Reasons contributing to the risk analysis verdict.
709
+ # @!attribute [r] extended_verdict_reasons
710
+ # @return [::Array<::String>]
711
+ # Output only. Extended verdict reasons to be used for experimentation only.
712
+ # The set of possible reasons is subject to change.
622
713
  class RiskAnalysis
623
714
  include ::Google::Protobuf::MessageExts
624
715
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -654,33 +745,34 @@ module Google
654
745
  end
655
746
 
656
747
  # Properties of the provided event token.
657
- # @!attribute [rw] valid
748
+ # @!attribute [r] valid
658
749
  # @return [::Boolean]
659
- # Whether the provided user response token is valid. When valid = false, the
660
- # reason could be specified in invalid_reason or it could also be due to
661
- # a user failing to solve a challenge or a sitekey mismatch (i.e the sitekey
662
- # used to generate the token was different than the one specified in the
663
- # assessment).
664
- # @!attribute [rw] invalid_reason
750
+ # Output only. Whether the provided user response token is valid. When valid
751
+ # = false, the reason could be specified in invalid_reason or it could also
752
+ # be due to a user failing to solve a challenge or a sitekey mismatch (i.e
753
+ # the sitekey used to generate the token was different than the one specified
754
+ # in the assessment).
755
+ # @!attribute [r] invalid_reason
665
756
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TokenProperties::InvalidReason]
666
- # Reason associated with the response when valid = false.
667
- # @!attribute [rw] create_time
757
+ # Output only. Reason associated with the response when valid = false.
758
+ # @!attribute [r] create_time
668
759
  # @return [::Google::Protobuf::Timestamp]
669
- # The timestamp corresponding to the generation of the token.
670
- # @!attribute [rw] hostname
671
- # @return [::String]
672
- # The hostname of the page on which the token was generated (Web keys only).
673
- # @!attribute [rw] android_package_name
760
+ # Output only. The timestamp corresponding to the generation of the token.
761
+ # @!attribute [r] hostname
674
762
  # @return [::String]
675
- # The name of the Android package with which the token was generated (Android
763
+ # Output only. The hostname of the page on which the token was generated (Web
676
764
  # keys only).
677
- # @!attribute [rw] ios_bundle_id
765
+ # @!attribute [r] android_package_name
678
766
  # @return [::String]
679
- # The ID of the iOS bundle with which the token was generated (iOS keys
680
- # only).
681
- # @!attribute [rw] action
767
+ # Output only. The name of the Android package with which the token was
768
+ # generated (Android keys only).
769
+ # @!attribute [r] ios_bundle_id
682
770
  # @return [::String]
683
- # Action name provided at token generation.
771
+ # Output only. The ID of the iOS bundle with which the token was generated
772
+ # (iOS keys only).
773
+ # @!attribute [r] action
774
+ # @return [::String]
775
+ # Output only. Action name provided at token generation.
684
776
  class TokenProperties
685
777
  include ::Google::Protobuf::MessageExts
686
778
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -712,27 +804,32 @@ module Google
712
804
  end
713
805
 
714
806
  # Assessment for Fraud Prevention.
715
- # @!attribute [rw] transaction_risk
807
+ # @!attribute [r] transaction_risk
716
808
  # @return [::Float]
717
- # Probability (0-1) of this transaction being fraudulent. Summarizes the
718
- # combined risk of attack vectors below.
719
- # @!attribute [rw] stolen_instrument_verdict
809
+ # Output only. Probability of this transaction being fraudulent. Summarizes
810
+ # the combined risk of attack vectors below. Values are from 0.0 (lowest)
811
+ # to 1.0 (highest).
812
+ # @!attribute [r] stolen_instrument_verdict
720
813
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment::StolenInstrumentVerdict]
721
- # Assessment of this transaction for risk of a stolen instrument.
722
- # @!attribute [rw] card_testing_verdict
814
+ # Output only. Assessment of this transaction for risk of a stolen
815
+ # instrument.
816
+ # @!attribute [r] card_testing_verdict
723
817
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment::CardTestingVerdict]
724
- # Assessment of this transaction for risk of being part of a card testing
725
- # attack.
818
+ # Output only. Assessment of this transaction for risk of being part of a
819
+ # card testing attack.
820
+ # @!attribute [r] behavioral_trust_verdict
821
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment::BehavioralTrustVerdict]
822
+ # Output only. Assessment of this transaction for behavioral trust.
726
823
  class FraudPreventionAssessment
727
824
  include ::Google::Protobuf::MessageExts
728
825
  extend ::Google::Protobuf::MessageExts::ClassMethods
729
826
 
730
827
  # Information about stolen instrument fraud, where the user is not the
731
828
  # legitimate owner of the instrument being used for the purchase.
732
- # @!attribute [rw] risk
829
+ # @!attribute [r] risk
733
830
  # @return [::Float]
734
- # Probability (0-1) of this transaction being executed with a stolen
735
- # instrument.
831
+ # Output only. Probability of this transaction being executed with a stolen
832
+ # instrument. Values are from 0.0 (lowest) to 1.0 (highest).
736
833
  class StolenInstrumentVerdict
737
834
  include ::Google::Protobuf::MessageExts
738
835
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -740,20 +837,86 @@ module Google
740
837
 
741
838
  # Information about card testing fraud, where an adversary is testing
742
839
  # fraudulently obtained cards or brute forcing their details.
743
- # @!attribute [rw] risk
840
+ # @!attribute [r] risk
744
841
  # @return [::Float]
745
- # Probability (0-1) of this transaction attempt being part of a card
746
- # testing attack.
842
+ # Output only. Probability of this transaction attempt being part of a card
843
+ # testing attack. Values are from 0.0 (lowest) to 1.0 (highest).
747
844
  class CardTestingVerdict
748
845
  include ::Google::Protobuf::MessageExts
749
846
  extend ::Google::Protobuf::MessageExts::ClassMethods
750
847
  end
848
+
849
+ # Information about behavioral trust of the transaction.
850
+ # @!attribute [r] trust
851
+ # @return [::Float]
852
+ # Output only. Probability of this transaction attempt being executed in a
853
+ # behaviorally trustworthy way. Values are from 0.0 (lowest) to 1.0
854
+ # (highest).
855
+ class BehavioralTrustVerdict
856
+ include ::Google::Protobuf::MessageExts
857
+ extend ::Google::Protobuf::MessageExts::ClassMethods
858
+ end
859
+ end
860
+
861
+ # Fraud signals describing users and cards involved in the transaction.
862
+ # @!attribute [r] user_signals
863
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudSignals::UserSignals]
864
+ # Output only. Signals describing the end user in this transaction.
865
+ # @!attribute [r] card_signals
866
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudSignals::CardSignals]
867
+ # Output only. Signals describing the payment card or cards used in this
868
+ # transaction.
869
+ class FraudSignals
870
+ include ::Google::Protobuf::MessageExts
871
+ extend ::Google::Protobuf::MessageExts::ClassMethods
872
+
873
+ # Signals describing the user involved in this transaction.
874
+ # @!attribute [r] active_days_lower_bound
875
+ # @return [::Integer]
876
+ # Output only. This user (based on email, phone, and other identifiers) has
877
+ # been seen on the internet for at least this number of days.
878
+ # @!attribute [r] synthetic_risk
879
+ # @return [::Float]
880
+ # Output only. Likelihood (from 0.0 to 1.0) this user includes synthetic
881
+ # components in their identity, such as a randomly generated email address,
882
+ # temporary phone number, or fake shipping address.
883
+ class UserSignals
884
+ include ::Google::Protobuf::MessageExts
885
+ extend ::Google::Protobuf::MessageExts::ClassMethods
886
+ end
887
+
888
+ # Signals describing the payment card used in this transaction.
889
+ # @!attribute [r] card_labels
890
+ # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::FraudSignals::CardSignals::CardLabel>]
891
+ # Output only. The labels for the payment card in this transaction.
892
+ class CardSignals
893
+ include ::Google::Protobuf::MessageExts
894
+ extend ::Google::Protobuf::MessageExts::ClassMethods
895
+
896
+ # Risk labels describing the card being assessed, such as its funding
897
+ # mechanism.
898
+ module CardLabel
899
+ # No label specified.
900
+ CARD_LABEL_UNSPECIFIED = 0
901
+
902
+ # This card has been detected as prepaid.
903
+ PREPAID = 1
904
+
905
+ # This card has been detected as virtual, such as a card number generated
906
+ # for a single transaction or merchant.
907
+ VIRTUAL = 2
908
+
909
+ # This card has been detected as being used in an unexpected geographic
910
+ # location.
911
+ UNEXPECTED_LOCATION = 3
912
+ end
913
+ end
751
914
  end
752
915
 
753
916
  # Account defender risk assessment.
754
- # @!attribute [rw] labels
917
+ # @!attribute [r] labels
755
918
  # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::AccountDefenderAssessment::AccountDefenderLabel>]
756
- # Labels for this request.
919
+ # Output only. Labels for this request.
757
920
  class AccountDefenderAssessment
758
921
  include ::Google::Protobuf::MessageExts
759
922
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -785,7 +948,7 @@ module Google
785
948
  # @!attribute [rw] parent
786
949
  # @return [::String]
787
950
  # Required. The name of the project in which the key will be created, in the
788
- # format "projects/\\{project}".
951
+ # format `projects/{project}`.
789
952
  # @!attribute [rw] key
790
953
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::Key]
791
954
  # Required. Information to create a reCAPTCHA Enterprise key.
@@ -798,7 +961,7 @@ module Google
798
961
  # @!attribute [rw] parent
799
962
  # @return [::String]
800
963
  # Required. The name of the project that contains the keys that will be
801
- # listed, in the format "projects/\\{project}".
964
+ # listed, in the format `projects/{project}`.
802
965
  # @!attribute [rw] page_size
803
966
  # @return [::Integer]
804
967
  # Optional. The maximum number of keys to return. Default is 10. Max limit is
@@ -829,7 +992,7 @@ module Google
829
992
  # @!attribute [rw] key
830
993
  # @return [::String]
831
994
  # Required. The public key name linked to the requested secret key in the
832
- # format "projects/\\{project}/keys/\\{key}".
995
+ # format `projects/{project}/keys/{key}`.
833
996
  class RetrieveLegacySecretKeyRequest
834
997
  include ::Google::Protobuf::MessageExts
835
998
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -839,7 +1002,7 @@ module Google
839
1002
  # @!attribute [rw] name
840
1003
  # @return [::String]
841
1004
  # Required. The name of the requested key, in the format
842
- # "projects/\\{project}/keys/\\{key}".
1005
+ # `projects/{project}/keys/{key}`.
843
1006
  class GetKeyRequest
844
1007
  include ::Google::Protobuf::MessageExts
845
1008
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -862,17 +1025,94 @@ module Google
862
1025
  # @!attribute [rw] name
863
1026
  # @return [::String]
864
1027
  # Required. The name of the key to be deleted, in the format
865
- # "projects/\\{project}/keys/\\{key}".
1028
+ # `projects/{project}/keys/{key}`.
866
1029
  class DeleteKeyRequest
867
1030
  include ::Google::Protobuf::MessageExts
868
1031
  extend ::Google::Protobuf::MessageExts::ClassMethods
869
1032
  end
870
1033
 
1034
+ # The create firewall policy request message.
1035
+ # @!attribute [rw] parent
1036
+ # @return [::String]
1037
+ # Required. The name of the project this policy will apply to, in the format
1038
+ # `projects/{project}`.
1039
+ # @!attribute [rw] firewall_policy
1040
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallPolicy]
1041
+ # Required. Information to create the policy.
1042
+ class CreateFirewallPolicyRequest
1043
+ include ::Google::Protobuf::MessageExts
1044
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1045
+ end
1046
+
1047
+ # The list firewall policies request message.
1048
+ # @!attribute [rw] parent
1049
+ # @return [::String]
1050
+ # Required. The name of the project to list the policies for, in the format
1051
+ # `projects/{project}`.
1052
+ # @!attribute [rw] page_size
1053
+ # @return [::Integer]
1054
+ # Optional. The maximum number of policies to return. Default is 10. Max
1055
+ # limit is 1000.
1056
+ # @!attribute [rw] page_token
1057
+ # @return [::String]
1058
+ # Optional. The next_page_token value returned from a previous.
1059
+ # ListFirewallPoliciesRequest, if any.
1060
+ class ListFirewallPoliciesRequest
1061
+ include ::Google::Protobuf::MessageExts
1062
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1063
+ end
1064
+
1065
+ # Response to request to list firewall policies belonging to a key.
1066
+ # @!attribute [rw] firewall_policies
1067
+ # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::FirewallPolicy>]
1068
+ # Policy details.
1069
+ # @!attribute [rw] next_page_token
1070
+ # @return [::String]
1071
+ # Token to retrieve the next page of results. It is set to empty if no
1072
+ # policies remain in results.
1073
+ class ListFirewallPoliciesResponse
1074
+ include ::Google::Protobuf::MessageExts
1075
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1076
+ end
1077
+
1078
+ # The get firewall policy request message.
1079
+ # @!attribute [rw] name
1080
+ # @return [::String]
1081
+ # Required. The name of the requested policy, in the format
1082
+ # `projects/{project}/firewallpolicies/{firewallpolicy}`.
1083
+ class GetFirewallPolicyRequest
1084
+ include ::Google::Protobuf::MessageExts
1085
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1086
+ end
1087
+
1088
+ # The update firewall policy request message.
1089
+ # @!attribute [rw] firewall_policy
1090
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallPolicy]
1091
+ # Required. The policy to update.
1092
+ # @!attribute [rw] update_mask
1093
+ # @return [::Google::Protobuf::FieldMask]
1094
+ # Optional. The mask to control which fields of the policy get updated. If
1095
+ # the mask is not present, all fields will be updated.
1096
+ class UpdateFirewallPolicyRequest
1097
+ include ::Google::Protobuf::MessageExts
1098
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1099
+ end
1100
+
1101
+ # The delete firewall policy request message.
1102
+ # @!attribute [rw] name
1103
+ # @return [::String]
1104
+ # Required. The name of the policy to be deleted, in the format
1105
+ # `projects/{project}/firewallpolicies/{firewallpolicy}`.
1106
+ class DeleteFirewallPolicyRequest
1107
+ include ::Google::Protobuf::MessageExts
1108
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1109
+ end
1110
+
871
1111
  # The migrate key request message.
872
1112
  # @!attribute [rw] name
873
1113
  # @return [::String]
874
1114
  # Required. The name of the key to be migrated, in the format
875
- # "projects/\\{project}/keys/\\{key}".
1115
+ # `projects/{project}/keys/{key}`.
876
1116
  # @!attribute [rw] skip_billing_check
877
1117
  # @return [::Boolean]
878
1118
  # Optional. If true, skips the billing check.
@@ -892,7 +1132,7 @@ module Google
892
1132
  # @!attribute [rw] name
893
1133
  # @return [::String]
894
1134
  # Required. The name of the requested metrics, in the format
895
- # "projects/\\{project}/keys/\\{key}/metrics".
1135
+ # `projects/{project}/keys/{key}/metrics`.
896
1136
  class GetMetricsRequest
897
1137
  include ::Google::Protobuf::MessageExts
898
1138
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -901,8 +1141,8 @@ module Google
901
1141
  # Metrics for a single Key.
902
1142
  # @!attribute [r] name
903
1143
  # @return [::String]
904
- # Output only. The name of the metrics, in the format
905
- # "projects/\\{project}/keys/\\{key}/metrics".
1144
+ # Output only. Identifier. The name of the metrics, in the format
1145
+ # `projects/{project}/keys/{key}/metrics`.
906
1146
  # @!attribute [rw] start_time
907
1147
  # @return [::Google::Protobuf::Timestamp]
908
1148
  # Inclusive start time aligned to a day (UTC).
@@ -937,11 +1177,11 @@ module Google
937
1177
  # use reCAPTCHA Enterprise.
938
1178
  # @!attribute [rw] name
939
1179
  # @return [::String]
940
- # The resource name for the Key in the format
941
- # "projects/\\{project}/keys/\\{key}".
1180
+ # Identifier. The resource name for the Key in the format
1181
+ # `projects/{project}/keys/{key}`.
942
1182
  # @!attribute [rw] display_name
943
1183
  # @return [::String]
944
- # Human-readable display name of this key. Modifiable by user.
1184
+ # Required. Human-readable display name of this key. Modifiable by user.
945
1185
  # @!attribute [rw] web_settings
946
1186
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::WebKeySettings]
947
1187
  # Settings for keys that can be used by websites.
@@ -953,17 +1193,17 @@ module Google
953
1193
  # Settings for keys that can be used by iOS apps.
954
1194
  # @!attribute [rw] labels
955
1195
  # @return [::Google::Protobuf::Map{::String => ::String}]
956
- # See <a href="https://cloud.google.com/recaptcha-enterprise/docs/labels">
957
- # Creating and managing labels</a>.
1196
+ # Optional. See [Creating and managing labels]
1197
+ # (https://cloud.google.com/recaptcha-enterprise/docs/labels).
958
1198
  # @!attribute [r] create_time
959
1199
  # @return [::Google::Protobuf::Timestamp]
960
- # Output only. The timestamp corresponding to the creation of this Key.
1200
+ # Output only. The timestamp corresponding to the creation of this key.
961
1201
  # @!attribute [rw] testing_options
962
1202
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TestingOptions]
963
- # Options for user acceptance testing.
1203
+ # Optional. Options for user acceptance testing.
964
1204
  # @!attribute [rw] waf_settings
965
1205
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::WafSettings]
966
- # Settings for WAF
1206
+ # Optional. Settings for WAF
967
1207
  class Key
968
1208
  include ::Google::Protobuf::MessageExts
969
1209
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -981,13 +1221,13 @@ module Google
981
1221
  # Options for user acceptance testing.
982
1222
  # @!attribute [rw] testing_score
983
1223
  # @return [::Float]
984
- # All assessments for this Key will return this score. Must be between 0
985
- # (likely not legitimate) and 1 (likely legitimate) inclusive.
1224
+ # Optional. All assessments for this Key will return this score. Must be
1225
+ # between 0 (likely not legitimate) and 1 (likely legitimate) inclusive.
986
1226
  # @!attribute [rw] testing_challenge
987
1227
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::TestingOptions::TestingChallenge]
988
- # For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests
989
- # for this site will return nocaptcha if NOCAPTCHA, or an unsolvable
990
- # challenge if CHALLENGE.
1228
+ # Optional. For challenge-based keys only (CHECKBOX, INVISIBLE), all
1229
+ # challenge requests for this site will return nocaptcha if NOCAPTCHA, or an
1230
+ # unsolvable challenge if CHALLENGE.
991
1231
  class TestingOptions
992
1232
  include ::Google::Protobuf::MessageExts
993
1233
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1012,25 +1252,25 @@ module Google
1012
1252
  # Settings specific to keys that can be used by websites.
1013
1253
  # @!attribute [rw] allow_all_domains
1014
1254
  # @return [::Boolean]
1015
- # If set to true, it means allowed_domains will not be enforced.
1255
+ # Optional. If set to true, it means allowed_domains will not be enforced.
1016
1256
  # @!attribute [rw] allowed_domains
1017
1257
  # @return [::Array<::String>]
1018
- # Domains or subdomains of websites allowed to use the key. All subdomains
1019
- # of an allowed domain are automatically allowed. A valid domain requires a
1020
- # host and must not include any path, port, query or fragment.
1258
+ # Optional. Domains or subdomains of websites allowed to use the key. All
1259
+ # subdomains of an allowed domain are automatically allowed. A valid domain
1260
+ # requires a host and must not include any path, port, query or fragment.
1021
1261
  # Examples: 'example.com' or 'subdomain.example.com'
1022
1262
  # @!attribute [rw] allow_amp_traffic
1023
1263
  # @return [::Boolean]
1024
- # If set to true, the key can be used on AMP (Accelerated Mobile Pages)
1025
- # websites. This is supported only for the SCORE integration type.
1264
+ # Optional. If set to true, the key can be used on AMP (Accelerated Mobile
1265
+ # Pages) websites. This is supported only for the SCORE integration type.
1026
1266
  # @!attribute [rw] integration_type
1027
1267
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::WebKeySettings::IntegrationType]
1028
1268
  # Required. Describes how this key is integrated with the website.
1029
1269
  # @!attribute [rw] challenge_security_preference
1030
1270
  # @return [::Google::Cloud::RecaptchaEnterprise::V1::WebKeySettings::ChallengeSecurityPreference]
1031
- # Settings for the frequency and difficulty at which this key triggers
1032
- # captcha challenges. This should only be specified for IntegrationTypes
1033
- # CHECKBOX and INVISIBLE.
1271
+ # Optional. Settings for the frequency and difficulty at which this key
1272
+ # triggers captcha challenges. This should only be specified for
1273
+ # IntegrationTypes CHECKBOX and INVISIBLE.
1034
1274
  class WebKeySettings
1035
1275
  include ::Google::Protobuf::MessageExts
1036
1276
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1075,11 +1315,16 @@ module Google
1075
1315
  # Settings specific to keys that can be used by Android apps.
1076
1316
  # @!attribute [rw] allow_all_package_names
1077
1317
  # @return [::Boolean]
1078
- # If set to true, allowed_package_names are not enforced.
1318
+ # Optional. If set to true, allowed_package_names are not enforced.
1079
1319
  # @!attribute [rw] allowed_package_names
1080
1320
  # @return [::Array<::String>]
1081
- # Android package names of apps allowed to use the key.
1321
+ # Optional. Android package names of apps allowed to use the key.
1082
1322
  # Example: 'com.companyname.appname'
1323
+ # @!attribute [rw] support_non_google_app_store_distribution
1324
+ # @return [::Boolean]
1325
+ # Optional. Set to true for keys that are used in an Android application that
1326
+ # is available for download in app stores in addition to the Google Play
1327
+ # Store.
1083
1328
  class AndroidKeySettings
1084
1329
  include ::Google::Protobuf::MessageExts
1085
1330
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1088,16 +1333,41 @@ module Google
1088
1333
  # Settings specific to keys that can be used by iOS apps.
1089
1334
  # @!attribute [rw] allow_all_bundle_ids
1090
1335
  # @return [::Boolean]
1091
- # If set to true, allowed_bundle_ids are not enforced.
1336
+ # Optional. If set to true, allowed_bundle_ids are not enforced.
1092
1337
  # @!attribute [rw] allowed_bundle_ids
1093
1338
  # @return [::Array<::String>]
1094
- # iOS bundle ids of apps allowed to use the key.
1339
+ # Optional. iOS bundle ids of apps allowed to use the key.
1095
1340
  # Example: 'com.companyname.productname.appname'
1341
+ # @!attribute [rw] apple_developer_id
1342
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::AppleDeveloperId]
1343
+ # Optional. Apple Developer account details for the app that is protected by
1344
+ # the reCAPTCHA Key. reCAPTCHA Enterprise leverages platform-specific checks
1345
+ # like Apple App Attest and Apple DeviceCheck to protect your app from abuse.
1346
+ # Providing these fields allows reCAPTCHA Enterprise to get a better
1347
+ # assessment of the integrity of your app.
1096
1348
  class IOSKeySettings
1097
1349
  include ::Google::Protobuf::MessageExts
1098
1350
  extend ::Google::Protobuf::MessageExts::ClassMethods
1099
1351
  end
1100
1352
 
1353
+ # Contains fields that are required to perform Apple-specific integrity checks.
1354
+ # @!attribute [rw] private_key
1355
+ # @return [::String]
1356
+ # Required. Input only. A private key (downloaded as a text file with a .p8
1357
+ # file extension) generated for your Apple Developer account. Ensure that
1358
+ # Apple DeviceCheck is enabled for the private key.
1359
+ # @!attribute [rw] key_id
1360
+ # @return [::String]
1361
+ # Required. The Apple developer key ID (10-character string).
1362
+ # @!attribute [rw] team_id
1363
+ # @return [::String]
1364
+ # Required. The Apple team ID (10-character string) owning the provisioning
1365
+ # profile used to build your application.
1366
+ class AppleDeveloperId
1367
+ include ::Google::Protobuf::MessageExts
1368
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1369
+ end
1370
+
1101
1371
  # Score distribution.
1102
1372
  # @!attribute [rw] score_buckets
1103
1373
  # @return [::Google::Protobuf::Map{::Integer => ::Integer}]
@@ -1162,6 +1432,134 @@ module Google
1162
1432
  extend ::Google::Protobuf::MessageExts::ClassMethods
1163
1433
  end
1164
1434
 
1435
+ # Policy config assessment.
1436
+ # @!attribute [r] error
1437
+ # @return [::Google::Rpc::Status]
1438
+ # Output only. If the processing of a policy config fails, an error will be
1439
+ # populated and the firewall_policy will be left empty.
1440
+ # @!attribute [r] firewall_policy
1441
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallPolicy]
1442
+ # Output only. The policy that matched the request. If more than one policy
1443
+ # may match, this is the first match. If no policy matches the incoming
1444
+ # request, the policy field will be left empty.
1445
+ class FirewallPolicyAssessment
1446
+ include ::Google::Protobuf::MessageExts
1447
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1448
+ end
1449
+
1450
+ # An individual action. Each action represents what to do if a policy
1451
+ # matches.
1452
+ # @!attribute [rw] allow
1453
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallAction::AllowAction]
1454
+ # The user request did not match any policy and should be allowed
1455
+ # access to the requested resource.
1456
+ # @!attribute [rw] block
1457
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallAction::BlockAction]
1458
+ # This action will deny access to a given page. The user will get an HTTP
1459
+ # error code.
1460
+ # @!attribute [rw] redirect
1461
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallAction::RedirectAction]
1462
+ # This action will redirect the request to a ReCaptcha interstitial to
1463
+ # attach a token.
1464
+ # @!attribute [rw] substitute
1465
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallAction::SubstituteAction]
1466
+ # This action will transparently serve a different page to an offending
1467
+ # user.
1468
+ # @!attribute [rw] set_header
1469
+ # @return [::Google::Cloud::RecaptchaEnterprise::V1::FirewallAction::SetHeaderAction]
1470
+ # This action will set a custom header but allow the request to continue
1471
+ # to the customer backend.
1472
+ class FirewallAction
1473
+ include ::Google::Protobuf::MessageExts
1474
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1475
+
1476
+ # An allow action continues processing a request unimpeded.
1477
+ class AllowAction
1478
+ include ::Google::Protobuf::MessageExts
1479
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1480
+ end
1481
+
1482
+ # A block action serves an HTTP error code a prevents the request from
1483
+ # hitting the backend.
1484
+ class BlockAction
1485
+ include ::Google::Protobuf::MessageExts
1486
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1487
+ end
1488
+
1489
+ # A redirect action returns a 307 (temporary redirect) response, pointing
1490
+ # the user to a ReCaptcha interstitial page to attach a token.
1491
+ class RedirectAction
1492
+ include ::Google::Protobuf::MessageExts
1493
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1494
+ end
1495
+
1496
+ # A substitute action transparently serves a different page than the one
1497
+ # requested.
1498
+ # @!attribute [rw] path
1499
+ # @return [::String]
1500
+ # Optional. The address to redirect to. The target is a relative path in
1501
+ # the current host. Example: "/blog/404.html".
1502
+ class SubstituteAction
1503
+ include ::Google::Protobuf::MessageExts
1504
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1505
+ end
1506
+
1507
+ # A set header action sets a header and forwards the request to the
1508
+ # backend. This can be used to trigger custom protection implemented on the
1509
+ # backend.
1510
+ # @!attribute [rw] key
1511
+ # @return [::String]
1512
+ # Optional. The header key to set in the request to the backend server.
1513
+ # @!attribute [rw] value
1514
+ # @return [::String]
1515
+ # Optional. The header value to set in the request to the backend server.
1516
+ class SetHeaderAction
1517
+ include ::Google::Protobuf::MessageExts
1518
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1519
+ end
1520
+ end
1521
+
1522
+ # A FirewallPolicy represents a single matching pattern and resulting actions
1523
+ # to take.
1524
+ # @!attribute [rw] name
1525
+ # @return [::String]
1526
+ # Identifier. The resource name for the FirewallPolicy in the format
1527
+ # `projects/{project}/firewallpolicies/{firewallpolicy}`.
1528
+ # @!attribute [rw] description
1529
+ # @return [::String]
1530
+ # Optional. A description of what this policy aims to achieve, for
1531
+ # convenience purposes. The description can at most include 256 UTF-8
1532
+ # characters.
1533
+ # @!attribute [rw] path
1534
+ # @return [::String]
1535
+ # Optional. The path for which this policy applies, specified as a glob
1536
+ # pattern. For more information on glob, see the [manual
1537
+ # page](https://man7.org/linux/man-pages/man7/glob.7.html).
1538
+ # A path has a max length of 200 characters.
1539
+ # @!attribute [rw] condition
1540
+ # @return [::String]
1541
+ # Optional. A CEL (Common Expression Language) conditional expression that
1542
+ # specifies if this policy applies to an incoming user request. If this
1543
+ # condition evaluates to true and the requested path matched the path
1544
+ # pattern, the associated actions should be executed by the caller. The
1545
+ # condition string is checked for CEL syntax correctness on creation. For
1546
+ # more information, see the [CEL spec](https://github.com/google/cel-spec)
1547
+ # and its [language
1548
+ # definition](https://github.com/google/cel-spec/blob/master/doc/langdef.md).
1549
+ # A condition has a max length of 500 characters.
1550
+ # @!attribute [rw] actions
1551
+ # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::FirewallAction>]
1552
+ # Optional. The actions that the caller should take regarding user access.
1553
+ # There should be at most one terminal action. A terminal action is any
1554
+ # action that forces a response, such as `AllowAction`,
1555
+ # `BlockAction` or `SubstituteAction`.
1556
+ # Zero or more non-terminal actions such as `SetHeader` might be
1557
+ # specified. A single policy can contain up to 16 actions.
1558
+ class FirewallPolicy
1559
+ include ::Google::Protobuf::MessageExts
1560
+ extend ::Google::Protobuf::MessageExts::ClassMethods
1561
+ end
1562
+
1165
1563
  # The request message to list memberships in a related account group.
1166
1564
  # @!attribute [rw] parent
1167
1565
  # @return [::String]
@@ -1202,7 +1600,7 @@ module Google
1202
1600
  # @!attribute [rw] parent
1203
1601
  # @return [::String]
1204
1602
  # Required. The name of the project to list related account groups from, in
1205
- # the format "projects/\\{project}".
1603
+ # the format `projects/{project}`.
1206
1604
  # @!attribute [rw] page_size
1207
1605
  # @return [::Integer]
1208
1606
  # Optional. The maximum number of groups to return. The service might return
@@ -1239,12 +1637,20 @@ module Google
1239
1637
  # @return [::String]
1240
1638
  # Required. The name of the project to search related account group
1241
1639
  # memberships from. Specify the project name in the following format:
1242
- # "projects/\\{project}".
1640
+ # `projects/{project}`.
1641
+ # @!attribute [rw] account_id
1642
+ # @return [::String]
1643
+ # Optional. The unique stable account identifier used to search connections.
1644
+ # The identifier should correspond to an `account_id` provided in a previous
1645
+ # `CreateAssessment` or `AnnotateAssessment` call. Either hashed_account_id
1646
+ # or account_id must be set, but not both.
1243
1647
  # @!attribute [rw] hashed_account_id
1244
1648
  # @return [::String]
1245
- # Optional. The unique stable hashed user identifier we should search
1246
- # connections to. The identifier should correspond to a `hashed_account_id`
1247
- # provided in a previous `CreateAssessment` or `AnnotateAssessment` call.
1649
+ # Optional. Deprecated: use `account_id` instead.
1650
+ # The unique stable hashed account identifier used to search connections. The
1651
+ # identifier should correspond to a `hashed_account_id` provided in a
1652
+ # previous `CreateAssessment` or `AnnotateAssessment` call. Either
1653
+ # hashed_account_id or account_id must be set, but not both.
1248
1654
  # @!attribute [rw] page_size
1249
1655
  # @return [::Integer]
1250
1656
  # Optional. The maximum number of groups to return. The service might return
@@ -1280,11 +1686,17 @@ module Google
1280
1686
  # A membership in a group of related accounts.
1281
1687
  # @!attribute [rw] name
1282
1688
  # @return [::String]
1283
- # Required. The resource name for this membership in the format
1689
+ # Required. Identifier. The resource name for this membership in the format
1284
1690
  # `projects/{project}/relatedaccountgroups/{relatedaccountgroup}/memberships/{membership}`.
1691
+ # @!attribute [rw] account_id
1692
+ # @return [::String]
1693
+ # The unique stable account identifier of the member. The identifier
1694
+ # corresponds to an `account_id` provided in a previous `CreateAssessment` or
1695
+ # `AnnotateAssessment` call.
1285
1696
  # @!attribute [rw] hashed_account_id
1286
1697
  # @return [::String]
1287
- # The unique stable hashed user identifier of the member. The identifier
1698
+ # Deprecated: use `account_id` instead.
1699
+ # The unique stable hashed account identifier of the member. The identifier
1288
1700
  # corresponds to a `hashed_account_id` provided in a previous
1289
1701
  # `CreateAssessment` or `AnnotateAssessment` call.
1290
1702
  class RelatedAccountGroupMembership
@@ -1295,7 +1707,8 @@ module Google
1295
1707
  # A group of related accounts.
1296
1708
  # @!attribute [rw] name
1297
1709
  # @return [::String]
1298
- # Required. The resource name for the related account group in the format
1710
+ # Required. Identifier. The resource name for the related account group in
1711
+ # the format
1299
1712
  # `projects/{project}/relatedaccountgroups/{related_account_group}`.
1300
1713
  class RelatedAccountGroup
1301
1714
  include ::Google::Protobuf::MessageExts
@@ -1329,6 +1742,10 @@ module Google
1329
1742
 
1330
1743
  # Use reCAPTCHA action-tokens to protect user actions.
1331
1744
  ACTION_TOKEN = 3
1745
+
1746
+ # Use reCAPTCHA WAF express protection to protect any content other than
1747
+ # web pages, like APIs and IoT devices.
1748
+ EXPRESS = 5
1332
1749
  end
1333
1750
 
1334
1751
  # Web Application Firewalls supported by reCAPTCHA Enterprise.
@@ -1338,6 +1755,9 @@ module Google
1338
1755
 
1339
1756
  # Cloud Armor
1340
1757
  CA = 1
1758
+
1759
+ # Fastly
1760
+ FASTLY = 3
1341
1761
  end
1342
1762
  end
1343
1763
  end