google-iam-credentials-v1 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +12 -0
- data/AUTHENTICATION.md +169 -0
- data/LICENSE.md +203 -0
- data/README.md +75 -0
- data/lib/google-iam-credentials-v1.rb +21 -0
- data/lib/google/iam/credentials/v1.rb +38 -0
- data/lib/google/iam/credentials/v1/common_pb.rb +67 -0
- data/lib/google/iam/credentials/v1/iam_credentials.rb +57 -0
- data/lib/google/iam/credentials/v1/iam_credentials/client.rb +704 -0
- data/lib/google/iam/credentials/v1/iam_credentials/credentials.rb +51 -0
- data/lib/google/iam/credentials/v1/iam_credentials/paths.rb +50 -0
- data/lib/google/iam/credentials/v1/iamcredentials_pb.rb +21 -0
- data/lib/google/iam/credentials/v1/iamcredentials_services_pb.rb +59 -0
- data/lib/google/iam/credentials/v1/version.rb +28 -0
- data/proto_docs/README.md +4 -0
- data/proto_docs/google/api/field_behavior.rb +59 -0
- data/proto_docs/google/api/resource.rb +283 -0
- data/proto_docs/google/iam/credentials/v1/common.rb +186 -0
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/timestamp.rb +120 -0
- metadata +205 -0
@@ -0,0 +1,21 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
# This gem does not autoload during Bundler.require. To load this gem,
|
20
|
+
# issue explicit require statements for the packages desired, e.g.:
|
21
|
+
# require "google/iam/credentials/v1"
|
@@ -0,0 +1,38 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
require "google/iam/credentials/v1/iam_credentials"
|
20
|
+
require "google/iam/credentials/v1/version"
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Iam
|
24
|
+
module Credentials
|
25
|
+
##
|
26
|
+
# To load this package, including all its services, and instantiate a client:
|
27
|
+
#
|
28
|
+
# require "google/iam/credentials/v1"
|
29
|
+
# client = ::Google::Iam::Credentials::V1::IAMCredentials::Client.new
|
30
|
+
#
|
31
|
+
module V1
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
|
37
|
+
helper_path = ::File.join __dir__, "v1", "_helpers.rb"
|
38
|
+
require "google/iam/credentials/v1/_helpers" if ::File.file? helper_path
|
@@ -0,0 +1,67 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/iam/credentials/v1/common.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/field_behavior_pb'
|
7
|
+
require 'google/api/resource_pb'
|
8
|
+
require 'google/protobuf/duration_pb'
|
9
|
+
require 'google/protobuf/timestamp_pb'
|
10
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
11
|
+
add_file("google/iam/credentials/v1/common.proto", :syntax => :proto3) do
|
12
|
+
add_message "google.iam.credentials.v1.GenerateAccessTokenRequest" do
|
13
|
+
optional :name, :string, 1
|
14
|
+
repeated :delegates, :string, 2
|
15
|
+
repeated :scope, :string, 4
|
16
|
+
optional :lifetime, :message, 7, "google.protobuf.Duration"
|
17
|
+
end
|
18
|
+
add_message "google.iam.credentials.v1.GenerateAccessTokenResponse" do
|
19
|
+
optional :access_token, :string, 1
|
20
|
+
optional :expire_time, :message, 3, "google.protobuf.Timestamp"
|
21
|
+
end
|
22
|
+
add_message "google.iam.credentials.v1.SignBlobRequest" do
|
23
|
+
optional :name, :string, 1
|
24
|
+
repeated :delegates, :string, 3
|
25
|
+
optional :payload, :bytes, 5
|
26
|
+
end
|
27
|
+
add_message "google.iam.credentials.v1.SignBlobResponse" do
|
28
|
+
optional :key_id, :string, 1
|
29
|
+
optional :signed_blob, :bytes, 4
|
30
|
+
end
|
31
|
+
add_message "google.iam.credentials.v1.SignJwtRequest" do
|
32
|
+
optional :name, :string, 1
|
33
|
+
repeated :delegates, :string, 3
|
34
|
+
optional :payload, :string, 5
|
35
|
+
end
|
36
|
+
add_message "google.iam.credentials.v1.SignJwtResponse" do
|
37
|
+
optional :key_id, :string, 1
|
38
|
+
optional :signed_jwt, :string, 2
|
39
|
+
end
|
40
|
+
add_message "google.iam.credentials.v1.GenerateIdTokenRequest" do
|
41
|
+
optional :name, :string, 1
|
42
|
+
repeated :delegates, :string, 2
|
43
|
+
optional :audience, :string, 3
|
44
|
+
optional :include_email, :bool, 4
|
45
|
+
end
|
46
|
+
add_message "google.iam.credentials.v1.GenerateIdTokenResponse" do
|
47
|
+
optional :token, :string, 1
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
module Google
|
53
|
+
module Iam
|
54
|
+
module Credentials
|
55
|
+
module V1
|
56
|
+
GenerateAccessTokenRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.GenerateAccessTokenRequest").msgclass
|
57
|
+
GenerateAccessTokenResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.GenerateAccessTokenResponse").msgclass
|
58
|
+
SignBlobRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.SignBlobRequest").msgclass
|
59
|
+
SignBlobResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.SignBlobResponse").msgclass
|
60
|
+
SignJwtRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.SignJwtRequest").msgclass
|
61
|
+
SignJwtResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.SignJwtResponse").msgclass
|
62
|
+
GenerateIdTokenRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.GenerateIdTokenRequest").msgclass
|
63
|
+
GenerateIdTokenResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.iam.credentials.v1.GenerateIdTokenResponse").msgclass
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
require "gapic/common"
|
20
|
+
require "gapic/config"
|
21
|
+
require "gapic/config/method"
|
22
|
+
|
23
|
+
require "google/iam/credentials/v1/version"
|
24
|
+
|
25
|
+
require "google/iam/credentials/v1/iam_credentials/credentials"
|
26
|
+
require "google/iam/credentials/v1/iam_credentials/paths"
|
27
|
+
require "google/iam/credentials/v1/iam_credentials/client"
|
28
|
+
|
29
|
+
module Google
|
30
|
+
module Iam
|
31
|
+
module Credentials
|
32
|
+
module V1
|
33
|
+
##
|
34
|
+
# A service account is a special type of Google account that belongs to your
|
35
|
+
# application or a virtual machine (VM), instead of to an individual end user.
|
36
|
+
# Your application assumes the identity of the service account to call Google
|
37
|
+
# APIs, so that the users aren't directly involved.
|
38
|
+
#
|
39
|
+
# Service account credentials are used to temporarily assume the identity
|
40
|
+
# of the service account. Supported credential types include OAuth 2.0 access
|
41
|
+
# tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
|
42
|
+
# more.
|
43
|
+
#
|
44
|
+
# To load this service and instantiate a client:
|
45
|
+
#
|
46
|
+
# require "google/iam/credentials/v1/iam_credentials"
|
47
|
+
# client = ::Google::Iam::Credentials::V1::IAMCredentials::Client.new
|
48
|
+
#
|
49
|
+
module IAMCredentials
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
helper_path = ::File.join __dir__, "iam_credentials", "helpers.rb"
|
57
|
+
require "google/iam/credentials/v1/iam_credentials/helpers" if ::File.file? helper_path
|
@@ -0,0 +1,704 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2020 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
require "google/cloud/errors"
|
20
|
+
require "google/iam/credentials/v1/iamcredentials_pb"
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Iam
|
24
|
+
module Credentials
|
25
|
+
module V1
|
26
|
+
module IAMCredentials
|
27
|
+
##
|
28
|
+
# Client for the IAMCredentials service.
|
29
|
+
#
|
30
|
+
# A service account is a special type of Google account that belongs to your
|
31
|
+
# application or a virtual machine (VM), instead of to an individual end user.
|
32
|
+
# Your application assumes the identity of the service account to call Google
|
33
|
+
# APIs, so that the users aren't directly involved.
|
34
|
+
#
|
35
|
+
# Service account credentials are used to temporarily assume the identity
|
36
|
+
# of the service account. Supported credential types include OAuth 2.0 access
|
37
|
+
# tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
|
38
|
+
# more.
|
39
|
+
#
|
40
|
+
class Client
|
41
|
+
include Paths
|
42
|
+
|
43
|
+
# @private
|
44
|
+
attr_reader :iam_credentials_stub
|
45
|
+
|
46
|
+
##
|
47
|
+
# Configure the IAMCredentials Client class.
|
48
|
+
#
|
49
|
+
# See {::Google::Iam::Credentials::V1::IAMCredentials::Client::Configuration}
|
50
|
+
# for a description of the configuration fields.
|
51
|
+
#
|
52
|
+
# ## Example
|
53
|
+
#
|
54
|
+
# To modify the configuration for all IAMCredentials clients:
|
55
|
+
#
|
56
|
+
# ::Google::Iam::Credentials::V1::IAMCredentials::Client.configure do |config|
|
57
|
+
# config.timeout = 10.0
|
58
|
+
# end
|
59
|
+
#
|
60
|
+
# @yield [config] Configure the Client client.
|
61
|
+
# @yieldparam config [Client::Configuration]
|
62
|
+
#
|
63
|
+
# @return [Client::Configuration]
|
64
|
+
#
|
65
|
+
def self.configure
|
66
|
+
@configure ||= begin
|
67
|
+
namespace = ["Google", "Iam", "Credentials", "V1"]
|
68
|
+
parent_config = while namespace.any?
|
69
|
+
parent_name = namespace.join "::"
|
70
|
+
parent_const = const_get parent_name
|
71
|
+
break parent_const.configure if parent_const&.respond_to? :configure
|
72
|
+
namespace.pop
|
73
|
+
end
|
74
|
+
default_config = Client::Configuration.new parent_config
|
75
|
+
|
76
|
+
default_config.rpcs.generate_access_token.timeout = 60.0
|
77
|
+
default_config.rpcs.generate_access_token.retry_policy = {
|
78
|
+
initial_delay: 0.1,
|
79
|
+
max_delay: 60.0,
|
80
|
+
multiplier: 1.3,
|
81
|
+
retry_codes: [14, 4]
|
82
|
+
}
|
83
|
+
|
84
|
+
default_config.rpcs.generate_id_token.timeout = 60.0
|
85
|
+
default_config.rpcs.generate_id_token.retry_policy = {
|
86
|
+
initial_delay: 0.1,
|
87
|
+
max_delay: 60.0,
|
88
|
+
multiplier: 1.3,
|
89
|
+
retry_codes: [14, 4]
|
90
|
+
}
|
91
|
+
|
92
|
+
default_config.rpcs.sign_blob.timeout = 60.0
|
93
|
+
default_config.rpcs.sign_blob.retry_policy = {
|
94
|
+
initial_delay: 0.1,
|
95
|
+
max_delay: 60.0,
|
96
|
+
multiplier: 1.3,
|
97
|
+
retry_codes: [14, 4]
|
98
|
+
}
|
99
|
+
|
100
|
+
default_config.rpcs.sign_jwt.timeout = 60.0
|
101
|
+
default_config.rpcs.sign_jwt.retry_policy = {
|
102
|
+
initial_delay: 0.1,
|
103
|
+
max_delay: 60.0,
|
104
|
+
multiplier: 1.3,
|
105
|
+
retry_codes: [14, 4]
|
106
|
+
}
|
107
|
+
|
108
|
+
default_config
|
109
|
+
end
|
110
|
+
yield @configure if block_given?
|
111
|
+
@configure
|
112
|
+
end
|
113
|
+
|
114
|
+
##
|
115
|
+
# Configure the IAMCredentials Client instance.
|
116
|
+
#
|
117
|
+
# The configuration is set to the derived mode, meaning that values can be changed,
|
118
|
+
# but structural changes (adding new fields, etc.) are not allowed. Structural changes
|
119
|
+
# should be made on {Client.configure}.
|
120
|
+
#
|
121
|
+
# See {::Google::Iam::Credentials::V1::IAMCredentials::Client::Configuration}
|
122
|
+
# for a description of the configuration fields.
|
123
|
+
#
|
124
|
+
# @yield [config] Configure the Client client.
|
125
|
+
# @yieldparam config [Client::Configuration]
|
126
|
+
#
|
127
|
+
# @return [Client::Configuration]
|
128
|
+
#
|
129
|
+
def configure
|
130
|
+
yield @config if block_given?
|
131
|
+
@config
|
132
|
+
end
|
133
|
+
|
134
|
+
##
|
135
|
+
# Create a new IAMCredentials client object.
|
136
|
+
#
|
137
|
+
# ## Examples
|
138
|
+
#
|
139
|
+
# To create a new IAMCredentials client with the default
|
140
|
+
# configuration:
|
141
|
+
#
|
142
|
+
# client = ::Google::Iam::Credentials::V1::IAMCredentials::Client.new
|
143
|
+
#
|
144
|
+
# To create a new IAMCredentials client with a custom
|
145
|
+
# configuration:
|
146
|
+
#
|
147
|
+
# client = ::Google::Iam::Credentials::V1::IAMCredentials::Client.new do |config|
|
148
|
+
# config.timeout = 10.0
|
149
|
+
# end
|
150
|
+
#
|
151
|
+
# @yield [config] Configure the IAMCredentials client.
|
152
|
+
# @yieldparam config [Client::Configuration]
|
153
|
+
#
|
154
|
+
def initialize
|
155
|
+
# These require statements are intentionally placed here to initialize
|
156
|
+
# the gRPC module only when it's required.
|
157
|
+
# See https://github.com/googleapis/toolkit/issues/446
|
158
|
+
require "gapic/grpc"
|
159
|
+
require "google/iam/credentials/v1/iamcredentials_services_pb"
|
160
|
+
|
161
|
+
# Create the configuration object
|
162
|
+
@config = Configuration.new Client.configure
|
163
|
+
|
164
|
+
# Yield the configuration if needed
|
165
|
+
yield @config if block_given?
|
166
|
+
|
167
|
+
# Create credentials
|
168
|
+
credentials = @config.credentials
|
169
|
+
credentials ||= Credentials.default scope: @config.scope
|
170
|
+
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
171
|
+
credentials = Credentials.new credentials, scope: @config.scope
|
172
|
+
end
|
173
|
+
@quota_project_id = @config.quota_project
|
174
|
+
@quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
|
175
|
+
|
176
|
+
@iam_credentials_stub = ::Gapic::ServiceStub.new(
|
177
|
+
::Google::Iam::Credentials::V1::IAMCredentials::Stub,
|
178
|
+
credentials: credentials,
|
179
|
+
endpoint: @config.endpoint,
|
180
|
+
channel_args: @config.channel_args,
|
181
|
+
interceptors: @config.interceptors
|
182
|
+
)
|
183
|
+
end
|
184
|
+
|
185
|
+
# Service calls
|
186
|
+
|
187
|
+
##
|
188
|
+
# Generates an OAuth 2.0 access token for a service account.
|
189
|
+
#
|
190
|
+
# @overload generate_access_token(request, options = nil)
|
191
|
+
# Pass arguments to `generate_access_token` via a request object, either of type
|
192
|
+
# {::Google::Iam::Credentials::V1::GenerateAccessTokenRequest} or an equivalent Hash.
|
193
|
+
#
|
194
|
+
# @param request [::Google::Iam::Credentials::V1::GenerateAccessTokenRequest, ::Hash]
|
195
|
+
# A request object representing the call parameters. Required. To specify no
|
196
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
197
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
198
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
199
|
+
#
|
200
|
+
# @overload generate_access_token(name: nil, delegates: nil, scope: nil, lifetime: nil)
|
201
|
+
# Pass arguments to `generate_access_token` via keyword arguments. Note that at
|
202
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
203
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
204
|
+
#
|
205
|
+
# @param name [::String]
|
206
|
+
# Required. The resource name of the service account for which the credentials
|
207
|
+
# are requested, in the following format:
|
208
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
209
|
+
# character is required; replacing it with a project ID is invalid.
|
210
|
+
# @param delegates [::Array<::String>]
|
211
|
+
# The sequence of service accounts in a delegation chain. Each service
|
212
|
+
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
213
|
+
# on its next service account in the chain. The last service account in the
|
214
|
+
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
215
|
+
# on the service account that is specified in the `name` field of the
|
216
|
+
# request.
|
217
|
+
#
|
218
|
+
# The delegates must have the following format:
|
219
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
220
|
+
# character is required; replacing it with a project ID is invalid.
|
221
|
+
# @param scope [::Array<::String>]
|
222
|
+
# Required. Code to identify the scopes to be included in the OAuth 2.0 access token.
|
223
|
+
# See https://developers.google.com/identity/protocols/googlescopes for more
|
224
|
+
# information.
|
225
|
+
# At least one value required.
|
226
|
+
# @param lifetime [::Google::Protobuf::Duration, ::Hash]
|
227
|
+
# The desired lifetime duration of the access token in seconds.
|
228
|
+
# Must be set to a value less than or equal to 3600 (1 hour). If a value is
|
229
|
+
# not specified, the token's lifetime will be set to a default value of one
|
230
|
+
# hour.
|
231
|
+
#
|
232
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
233
|
+
# @yieldparam response [::Google::Iam::Credentials::V1::GenerateAccessTokenResponse]
|
234
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
235
|
+
#
|
236
|
+
# @return [::Google::Iam::Credentials::V1::GenerateAccessTokenResponse]
|
237
|
+
#
|
238
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
239
|
+
#
|
240
|
+
def generate_access_token request, options = nil
|
241
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
242
|
+
|
243
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::Credentials::V1::GenerateAccessTokenRequest
|
244
|
+
|
245
|
+
# Converts hash and nil to an options object
|
246
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
247
|
+
|
248
|
+
# Customize the options with defaults
|
249
|
+
metadata = @config.rpcs.generate_access_token.metadata.to_h
|
250
|
+
|
251
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
252
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
253
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
254
|
+
gapic_version: ::Google::Iam::Credentials::V1::VERSION
|
255
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
256
|
+
|
257
|
+
header_params = {
|
258
|
+
"name" => request.name
|
259
|
+
}
|
260
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
261
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
262
|
+
|
263
|
+
options.apply_defaults timeout: @config.rpcs.generate_access_token.timeout,
|
264
|
+
metadata: metadata,
|
265
|
+
retry_policy: @config.rpcs.generate_access_token.retry_policy
|
266
|
+
options.apply_defaults metadata: @config.metadata,
|
267
|
+
retry_policy: @config.retry_policy
|
268
|
+
|
269
|
+
@iam_credentials_stub.call_rpc :generate_access_token, request, options: options do |response, operation|
|
270
|
+
yield response, operation if block_given?
|
271
|
+
return response
|
272
|
+
end
|
273
|
+
rescue ::GRPC::BadStatus => e
|
274
|
+
raise ::Google::Cloud::Error.from_error(e)
|
275
|
+
end
|
276
|
+
|
277
|
+
##
|
278
|
+
# Generates an OpenID Connect ID token for a service account.
|
279
|
+
#
|
280
|
+
# @overload generate_id_token(request, options = nil)
|
281
|
+
# Pass arguments to `generate_id_token` via a request object, either of type
|
282
|
+
# {::Google::Iam::Credentials::V1::GenerateIdTokenRequest} or an equivalent Hash.
|
283
|
+
#
|
284
|
+
# @param request [::Google::Iam::Credentials::V1::GenerateIdTokenRequest, ::Hash]
|
285
|
+
# A request object representing the call parameters. Required. To specify no
|
286
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
287
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
288
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
289
|
+
#
|
290
|
+
# @overload generate_id_token(name: nil, delegates: nil, audience: nil, include_email: nil)
|
291
|
+
# Pass arguments to `generate_id_token` via keyword arguments. Note that at
|
292
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
293
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
294
|
+
#
|
295
|
+
# @param name [::String]
|
296
|
+
# Required. The resource name of the service account for which the credentials
|
297
|
+
# are requested, in the following format:
|
298
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
299
|
+
# character is required; replacing it with a project ID is invalid.
|
300
|
+
# @param delegates [::Array<::String>]
|
301
|
+
# The sequence of service accounts in a delegation chain. Each service
|
302
|
+
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
303
|
+
# on its next service account in the chain. The last service account in the
|
304
|
+
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
305
|
+
# on the service account that is specified in the `name` field of the
|
306
|
+
# request.
|
307
|
+
#
|
308
|
+
# The delegates must have the following format:
|
309
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
310
|
+
# character is required; replacing it with a project ID is invalid.
|
311
|
+
# @param audience [::String]
|
312
|
+
# Required. The audience for the token, such as the API or account that this token
|
313
|
+
# grants access to.
|
314
|
+
# @param include_email [::Boolean]
|
315
|
+
# Include the service account email in the token. If set to `true`, the
|
316
|
+
# token will contain `email` and `email_verified` claims.
|
317
|
+
#
|
318
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
319
|
+
# @yieldparam response [::Google::Iam::Credentials::V1::GenerateIdTokenResponse]
|
320
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
321
|
+
#
|
322
|
+
# @return [::Google::Iam::Credentials::V1::GenerateIdTokenResponse]
|
323
|
+
#
|
324
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
325
|
+
#
|
326
|
+
def generate_id_token request, options = nil
|
327
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
328
|
+
|
329
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::Credentials::V1::GenerateIdTokenRequest
|
330
|
+
|
331
|
+
# Converts hash and nil to an options object
|
332
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
333
|
+
|
334
|
+
# Customize the options with defaults
|
335
|
+
metadata = @config.rpcs.generate_id_token.metadata.to_h
|
336
|
+
|
337
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
338
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
339
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
340
|
+
gapic_version: ::Google::Iam::Credentials::V1::VERSION
|
341
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
342
|
+
|
343
|
+
header_params = {
|
344
|
+
"name" => request.name
|
345
|
+
}
|
346
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
347
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
348
|
+
|
349
|
+
options.apply_defaults timeout: @config.rpcs.generate_id_token.timeout,
|
350
|
+
metadata: metadata,
|
351
|
+
retry_policy: @config.rpcs.generate_id_token.retry_policy
|
352
|
+
options.apply_defaults metadata: @config.metadata,
|
353
|
+
retry_policy: @config.retry_policy
|
354
|
+
|
355
|
+
@iam_credentials_stub.call_rpc :generate_id_token, request, options: options do |response, operation|
|
356
|
+
yield response, operation if block_given?
|
357
|
+
return response
|
358
|
+
end
|
359
|
+
rescue ::GRPC::BadStatus => e
|
360
|
+
raise ::Google::Cloud::Error.from_error(e)
|
361
|
+
end
|
362
|
+
|
363
|
+
##
|
364
|
+
# Signs a blob using a service account's system-managed private key.
|
365
|
+
#
|
366
|
+
# @overload sign_blob(request, options = nil)
|
367
|
+
# Pass arguments to `sign_blob` via a request object, either of type
|
368
|
+
# {::Google::Iam::Credentials::V1::SignBlobRequest} or an equivalent Hash.
|
369
|
+
#
|
370
|
+
# @param request [::Google::Iam::Credentials::V1::SignBlobRequest, ::Hash]
|
371
|
+
# A request object representing the call parameters. Required. To specify no
|
372
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
373
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
374
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
375
|
+
#
|
376
|
+
# @overload sign_blob(name: nil, delegates: nil, payload: nil)
|
377
|
+
# Pass arguments to `sign_blob` via keyword arguments. Note that at
|
378
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
379
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
380
|
+
#
|
381
|
+
# @param name [::String]
|
382
|
+
# Required. The resource name of the service account for which the credentials
|
383
|
+
# are requested, in the following format:
|
384
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
385
|
+
# character is required; replacing it with a project ID is invalid.
|
386
|
+
# @param delegates [::Array<::String>]
|
387
|
+
# The sequence of service accounts in a delegation chain. Each service
|
388
|
+
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
389
|
+
# on its next service account in the chain. The last service account in the
|
390
|
+
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
391
|
+
# on the service account that is specified in the `name` field of the
|
392
|
+
# request.
|
393
|
+
#
|
394
|
+
# The delegates must have the following format:
|
395
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
396
|
+
# character is required; replacing it with a project ID is invalid.
|
397
|
+
# @param payload [::String]
|
398
|
+
# Required. The bytes to sign.
|
399
|
+
#
|
400
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
401
|
+
# @yieldparam response [::Google::Iam::Credentials::V1::SignBlobResponse]
|
402
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
403
|
+
#
|
404
|
+
# @return [::Google::Iam::Credentials::V1::SignBlobResponse]
|
405
|
+
#
|
406
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
407
|
+
#
|
408
|
+
def sign_blob request, options = nil
|
409
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
410
|
+
|
411
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::Credentials::V1::SignBlobRequest
|
412
|
+
|
413
|
+
# Converts hash and nil to an options object
|
414
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
415
|
+
|
416
|
+
# Customize the options with defaults
|
417
|
+
metadata = @config.rpcs.sign_blob.metadata.to_h
|
418
|
+
|
419
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
420
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
421
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
422
|
+
gapic_version: ::Google::Iam::Credentials::V1::VERSION
|
423
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
424
|
+
|
425
|
+
header_params = {
|
426
|
+
"name" => request.name
|
427
|
+
}
|
428
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
429
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
430
|
+
|
431
|
+
options.apply_defaults timeout: @config.rpcs.sign_blob.timeout,
|
432
|
+
metadata: metadata,
|
433
|
+
retry_policy: @config.rpcs.sign_blob.retry_policy
|
434
|
+
options.apply_defaults metadata: @config.metadata,
|
435
|
+
retry_policy: @config.retry_policy
|
436
|
+
|
437
|
+
@iam_credentials_stub.call_rpc :sign_blob, request, options: options do |response, operation|
|
438
|
+
yield response, operation if block_given?
|
439
|
+
return response
|
440
|
+
end
|
441
|
+
rescue ::GRPC::BadStatus => e
|
442
|
+
raise ::Google::Cloud::Error.from_error(e)
|
443
|
+
end
|
444
|
+
|
445
|
+
##
|
446
|
+
# Signs a JWT using a service account's system-managed private key.
|
447
|
+
#
|
448
|
+
# @overload sign_jwt(request, options = nil)
|
449
|
+
# Pass arguments to `sign_jwt` via a request object, either of type
|
450
|
+
# {::Google::Iam::Credentials::V1::SignJwtRequest} or an equivalent Hash.
|
451
|
+
#
|
452
|
+
# @param request [::Google::Iam::Credentials::V1::SignJwtRequest, ::Hash]
|
453
|
+
# A request object representing the call parameters. Required. To specify no
|
454
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
455
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
456
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
457
|
+
#
|
458
|
+
# @overload sign_jwt(name: nil, delegates: nil, payload: nil)
|
459
|
+
# Pass arguments to `sign_jwt` via keyword arguments. Note that at
|
460
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
461
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
462
|
+
#
|
463
|
+
# @param name [::String]
|
464
|
+
# Required. The resource name of the service account for which the credentials
|
465
|
+
# are requested, in the following format:
|
466
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
467
|
+
# character is required; replacing it with a project ID is invalid.
|
468
|
+
# @param delegates [::Array<::String>]
|
469
|
+
# The sequence of service accounts in a delegation chain. Each service
|
470
|
+
# account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
471
|
+
# on its next service account in the chain. The last service account in the
|
472
|
+
# chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
473
|
+
# on the service account that is specified in the `name` field of the
|
474
|
+
# request.
|
475
|
+
#
|
476
|
+
# The delegates must have the following format:
|
477
|
+
# `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
478
|
+
# character is required; replacing it with a project ID is invalid.
|
479
|
+
# @param payload [::String]
|
480
|
+
# Required. The JWT payload to sign: a JSON object that contains a JWT Claims Set.
|
481
|
+
#
|
482
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
483
|
+
# @yieldparam response [::Google::Iam::Credentials::V1::SignJwtResponse]
|
484
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
485
|
+
#
|
486
|
+
# @return [::Google::Iam::Credentials::V1::SignJwtResponse]
|
487
|
+
#
|
488
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
489
|
+
#
|
490
|
+
def sign_jwt request, options = nil
|
491
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
492
|
+
|
493
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Iam::Credentials::V1::SignJwtRequest
|
494
|
+
|
495
|
+
# Converts hash and nil to an options object
|
496
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
497
|
+
|
498
|
+
# Customize the options with defaults
|
499
|
+
metadata = @config.rpcs.sign_jwt.metadata.to_h
|
500
|
+
|
501
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
502
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
503
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
504
|
+
gapic_version: ::Google::Iam::Credentials::V1::VERSION
|
505
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
506
|
+
|
507
|
+
header_params = {
|
508
|
+
"name" => request.name
|
509
|
+
}
|
510
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
511
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
512
|
+
|
513
|
+
options.apply_defaults timeout: @config.rpcs.sign_jwt.timeout,
|
514
|
+
metadata: metadata,
|
515
|
+
retry_policy: @config.rpcs.sign_jwt.retry_policy
|
516
|
+
options.apply_defaults metadata: @config.metadata,
|
517
|
+
retry_policy: @config.retry_policy
|
518
|
+
|
519
|
+
@iam_credentials_stub.call_rpc :sign_jwt, request, options: options do |response, operation|
|
520
|
+
yield response, operation if block_given?
|
521
|
+
return response
|
522
|
+
end
|
523
|
+
rescue ::GRPC::BadStatus => e
|
524
|
+
raise ::Google::Cloud::Error.from_error(e)
|
525
|
+
end
|
526
|
+
|
527
|
+
##
|
528
|
+
# Configuration class for the IAMCredentials API.
|
529
|
+
#
|
530
|
+
# This class represents the configuration for IAMCredentials,
|
531
|
+
# providing control over timeouts, retry behavior, logging, transport
|
532
|
+
# parameters, and other low-level controls. Certain parameters can also be
|
533
|
+
# applied individually to specific RPCs. See
|
534
|
+
# {::Google::Iam::Credentials::V1::IAMCredentials::Client::Configuration::Rpcs}
|
535
|
+
# for a list of RPCs that can be configured independently.
|
536
|
+
#
|
537
|
+
# Configuration can be applied globally to all clients, or to a single client
|
538
|
+
# on construction.
|
539
|
+
#
|
540
|
+
# # Examples
|
541
|
+
#
|
542
|
+
# To modify the global config, setting the timeout for generate_access_token
|
543
|
+
# to 20 seconds, and all remaining timeouts to 10 seconds:
|
544
|
+
#
|
545
|
+
# ::Google::Iam::Credentials::V1::IAMCredentials::Client.configure do |config|
|
546
|
+
# config.timeout = 10.0
|
547
|
+
# config.rpcs.generate_access_token.timeout = 20.0
|
548
|
+
# end
|
549
|
+
#
|
550
|
+
# To apply the above configuration only to a new client:
|
551
|
+
#
|
552
|
+
# client = ::Google::Iam::Credentials::V1::IAMCredentials::Client.new do |config|
|
553
|
+
# config.timeout = 10.0
|
554
|
+
# config.rpcs.generate_access_token.timeout = 20.0
|
555
|
+
# end
|
556
|
+
#
|
557
|
+
# @!attribute [rw] endpoint
|
558
|
+
# The hostname or hostname:port of the service endpoint.
|
559
|
+
# Defaults to `"iamcredentials.googleapis.com"`.
|
560
|
+
# @return [::String]
|
561
|
+
# @!attribute [rw] credentials
|
562
|
+
# Credentials to send with calls. You may provide any of the following types:
|
563
|
+
# * (`String`) The path to a service account key file in JSON format
|
564
|
+
# * (`Hash`) A service account key as a Hash
|
565
|
+
# * (`Google::Auth::Credentials`) A googleauth credentials object
|
566
|
+
# (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
|
567
|
+
# * (`Signet::OAuth2::Client`) A signet oauth2 client object
|
568
|
+
# (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
|
569
|
+
# * (`GRPC::Core::Channel`) a gRPC channel with included credentials
|
570
|
+
# * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
|
571
|
+
# * (`nil`) indicating no credentials
|
572
|
+
# @return [::Object]
|
573
|
+
# @!attribute [rw] scope
|
574
|
+
# The OAuth scopes
|
575
|
+
# @return [::Array<::String>]
|
576
|
+
# @!attribute [rw] lib_name
|
577
|
+
# The library name as recorded in instrumentation and logging
|
578
|
+
# @return [::String]
|
579
|
+
# @!attribute [rw] lib_version
|
580
|
+
# The library version as recorded in instrumentation and logging
|
581
|
+
# @return [::String]
|
582
|
+
# @!attribute [rw] channel_args
|
583
|
+
# Extra parameters passed to the gRPC channel. Note: this is ignored if a
|
584
|
+
# `GRPC::Core::Channel` object is provided as the credential.
|
585
|
+
# @return [::Hash]
|
586
|
+
# @!attribute [rw] interceptors
|
587
|
+
# An array of interceptors that are run before calls are executed.
|
588
|
+
# @return [::Array<::GRPC::ClientInterceptor>]
|
589
|
+
# @!attribute [rw] timeout
|
590
|
+
# The call timeout in seconds.
|
591
|
+
# @return [::Numeric]
|
592
|
+
# @!attribute [rw] metadata
|
593
|
+
# Additional gRPC headers to be sent with the call.
|
594
|
+
# @return [::Hash{::Symbol=>::String}]
|
595
|
+
# @!attribute [rw] retry_policy
|
596
|
+
# The retry policy. The value is a hash with the following keys:
|
597
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
598
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
599
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
600
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
601
|
+
# trigger a retry.
|
602
|
+
# @return [::Hash]
|
603
|
+
# @!attribute [rw] quota_project
|
604
|
+
# A separate project against which to charge quota.
|
605
|
+
# @return [::String]
|
606
|
+
#
|
607
|
+
class Configuration
|
608
|
+
extend ::Gapic::Config
|
609
|
+
|
610
|
+
config_attr :endpoint, "iamcredentials.googleapis.com", ::String
|
611
|
+
config_attr :credentials, nil do |value|
|
612
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
613
|
+
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
614
|
+
allowed.any? { |klass| klass === value }
|
615
|
+
end
|
616
|
+
config_attr :scope, nil, ::String, ::Array, nil
|
617
|
+
config_attr :lib_name, nil, ::String, nil
|
618
|
+
config_attr :lib_version, nil, ::String, nil
|
619
|
+
config_attr(:channel_args, { "grpc.service_config_disable_resolution"=>1 }, ::Hash, nil)
|
620
|
+
config_attr :interceptors, nil, ::Array, nil
|
621
|
+
config_attr :timeout, nil, ::Numeric, nil
|
622
|
+
config_attr :metadata, nil, ::Hash, nil
|
623
|
+
config_attr :retry_policy, nil, ::Hash, ::Proc, nil
|
624
|
+
config_attr :quota_project, nil, ::String, nil
|
625
|
+
|
626
|
+
# @private
|
627
|
+
def initialize parent_config = nil
|
628
|
+
@parent_config = parent_config unless parent_config.nil?
|
629
|
+
|
630
|
+
yield self if block_given?
|
631
|
+
end
|
632
|
+
|
633
|
+
##
|
634
|
+
# Configurations for individual RPCs
|
635
|
+
# @return [Rpcs]
|
636
|
+
#
|
637
|
+
def rpcs
|
638
|
+
@rpcs ||= begin
|
639
|
+
parent_rpcs = nil
|
640
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config&.respond_to?(:rpcs)
|
641
|
+
Rpcs.new parent_rpcs
|
642
|
+
end
|
643
|
+
end
|
644
|
+
|
645
|
+
##
|
646
|
+
# Configuration RPC class for the IAMCredentials API.
|
647
|
+
#
|
648
|
+
# Includes fields providing the configuration for each RPC in this service.
|
649
|
+
# Each configuration object is of type `Gapic::Config::Method` and includes
|
650
|
+
# the following configuration fields:
|
651
|
+
#
|
652
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in milliseconds
|
653
|
+
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers
|
654
|
+
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
655
|
+
# include the following keys:
|
656
|
+
# * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
|
657
|
+
# * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
|
658
|
+
# * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
|
659
|
+
# * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
|
660
|
+
# trigger a retry.
|
661
|
+
#
|
662
|
+
class Rpcs
|
663
|
+
##
|
664
|
+
# RPC-specific configuration for `generate_access_token`
|
665
|
+
# @return [::Gapic::Config::Method]
|
666
|
+
#
|
667
|
+
attr_reader :generate_access_token
|
668
|
+
##
|
669
|
+
# RPC-specific configuration for `generate_id_token`
|
670
|
+
# @return [::Gapic::Config::Method]
|
671
|
+
#
|
672
|
+
attr_reader :generate_id_token
|
673
|
+
##
|
674
|
+
# RPC-specific configuration for `sign_blob`
|
675
|
+
# @return [::Gapic::Config::Method]
|
676
|
+
#
|
677
|
+
attr_reader :sign_blob
|
678
|
+
##
|
679
|
+
# RPC-specific configuration for `sign_jwt`
|
680
|
+
# @return [::Gapic::Config::Method]
|
681
|
+
#
|
682
|
+
attr_reader :sign_jwt
|
683
|
+
|
684
|
+
# @private
|
685
|
+
def initialize parent_rpcs = nil
|
686
|
+
generate_access_token_config = parent_rpcs&.generate_access_token if parent_rpcs&.respond_to? :generate_access_token
|
687
|
+
@generate_access_token = ::Gapic::Config::Method.new generate_access_token_config
|
688
|
+
generate_id_token_config = parent_rpcs&.generate_id_token if parent_rpcs&.respond_to? :generate_id_token
|
689
|
+
@generate_id_token = ::Gapic::Config::Method.new generate_id_token_config
|
690
|
+
sign_blob_config = parent_rpcs&.sign_blob if parent_rpcs&.respond_to? :sign_blob
|
691
|
+
@sign_blob = ::Gapic::Config::Method.new sign_blob_config
|
692
|
+
sign_jwt_config = parent_rpcs&.sign_jwt if parent_rpcs&.respond_to? :sign_jwt
|
693
|
+
@sign_jwt = ::Gapic::Config::Method.new sign_jwt_config
|
694
|
+
|
695
|
+
yield self if block_given?
|
696
|
+
end
|
697
|
+
end
|
698
|
+
end
|
699
|
+
end
|
700
|
+
end
|
701
|
+
end
|
702
|
+
end
|
703
|
+
end
|
704
|
+
end
|