googleapis-common-protos-types 1.7.0 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '048944e682d3d7a4a936656e92d314a428559d99666a027cabe020236491462a'
-  data.tar.gz: 79dd8b90c4b118718fd6ba09dbf1a2d8f85dab3733094c06517b197aa011321a
+  metadata.gz: a674dd9ee526c7673bb2d6218b99e2f3c68d554dab8ac3d262c0ac6857132c02
+  data.tar.gz: f7547fee864ad786fddfad84652d199e7d467be17ca76f8b03dd757859213728
 SHA512:
-  metadata.gz: 8cdcb32f1abb6a8e1b4a715e11236804499e78313a9db69033c66d12dd17e5ac583a61c16ec8efb439ea7a5acb0b6b324097a8c5ad9335a6a089e497326636aa
-  data.tar.gz: 5befe9b3896d1b0a4b292c340742707f0409ecb71777034e0288a4cb93089857f2aad917d28aa5bb151a0fba8848ab9fde793664dd8620f1099ad7738feb184f
+  metadata.gz: bb32348a310992d10d738b22ff78fc62605c8eac67119e6916d7d0902631ae7d4d9b55ec4c84225597eba546eab72c431f2ef149b263c4333788358138df4ddf
+  data.tar.gz: 3e6e8196f86a317960602da14ee4c585e6715e2c00c40e27f940981b19791a3bc90c18026063eeac4088d6610b6afdd3d64500acc1d8fb4f8bcf0a5441ad8621

data/CHANGELOG.md

@@ -1,5 +1,12 @@
 # Release History
 
+### 1.8.0 (2023-08-07)
+
+#### Features
+
+* Support for API method policies ([#175](https://github.com/googleapis/common-protos-ruby/issues/175)) 
+* Updated generated protobuf output to use binary descriptors for better future compatibility ([#165](https://github.com/googleapis/common-protos-ruby/issues/165)) 
+
 ### 1.7.0 (2023-07-16)
 
 #### Features

data/lib/google/api/annotations_pb.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/api/annotations.proto
 
@@ -6,12 +7,69 @@ require 'google/protobuf'
 require 'google/api/http_pb'
 require 'google/protobuf/descriptor_pb'
 
-Google::Protobuf::DescriptorPool.generated_pool.build do
-  add_file("google/api/annotations.proto", :syntax => :proto3) do
+
+descriptor_data = "\n\x1cgoogle/api/annotations.proto\x12\ngoogle.api\x1a\x15google/api/http.proto\x1a google/protobuf/descriptor.proto:E\n\x04http\x12\x1e.google.protobuf.MethodOptions\x18\xb0\xca\xbc\" \x01(\x0b\x32\x14.google.api.HttpRuleBn\n\x0e\x63om.google.apiB\x10\x41nnotationsProtoP\x01ZAgoogle.golang.org/genproto/googleapis/api/annotations;annotations\xa2\x02\x04GAPIb\x06proto3"
+
+pool = Google::Protobuf::DescriptorPool.generated_pool
+
+begin
+  pool.add_serialized_file(descriptor_data)
+rescue TypeError => e
+  # Compatibility code: will be removed in the next major version.
+  require 'google/protobuf/descriptor_pb'
+  parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
+  parsed.clear_dependency
+  serialized = parsed.class.encode(parsed)
+  file = pool.add_serialized_file(serialized)
+  warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
+  imports = [
+    ["google.api.HttpRule", "google/api/http.proto"],
+  ]
+  imports.each do |type_name, expected_filename|
+    import_file = pool.lookup(type_name).file_descriptor
+    if import_file.name != expected_filename
+      warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
+    end
   end
+  warn "Each proto file must use a consistent fully-qualified name."
+  warn "This will become an error in the next major version."
 end
 
 module Google
   module Api
   end
 end
+
+#### Source proto file: google/api/annotations.proto ####
+#
+# // Copyright 2015 Google LLC
+# //
+# // Licensed under the Apache License, Version 2.0 (the "License");
+# // you may not use this file except in compliance with the License.
+# // You may obtain a copy of the License at
+# //
+# //     http://www.apache.org/licenses/LICENSE-2.0
+# //
+# // Unless required by applicable law or agreed to in writing, software
+# // distributed under the License is distributed on an "AS IS" BASIS,
+# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# // See the License for the specific language governing permissions and
+# // limitations under the License.
+#
+# syntax = "proto3";
+#
+# package google.api;
+#
+# import "google/api/http.proto";
+# import "google/protobuf/descriptor.proto";
+#
+# option go_package = "google.golang.org/genproto/googleapis/api/annotations;annotations";
+# option java_multiple_files = true;
+# option java_outer_classname = "AnnotationsProto";
+# option java_package = "com.google.api";
+# option objc_class_prefix = "GAPI";
+#
+# extend google.protobuf.MethodOptions {
+#   // See `HttpRule`.
+#   HttpRule http = 72295728;
+# }

data/lib/google/api/auth_pb.rb

@@ -1,44 +1,34 @@
+# frozen_string_literal: true
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/api/auth.proto
 
 require 'google/protobuf'
 
-Google::Protobuf::DescriptorPool.generated_pool.build do
-  add_file("google/api/auth.proto", :syntax => :proto3) do
-    add_message "google.api.Authentication" do
-      repeated :rules, :message, 3, "google.api.AuthenticationRule"
-      repeated :providers, :message, 4, "google.api.AuthProvider"
-    end
-    add_message "google.api.AuthenticationRule" do
-      optional :selector, :string, 1
-      optional :oauth, :message, 2, "google.api.OAuthRequirements"
-      optional :allow_without_credential, :bool, 5
-      repeated :requirements, :message, 7, "google.api.AuthRequirement"
-    end
-    add_message "google.api.JwtLocation" do
-      optional :value_prefix, :string, 3
-      oneof :in do
-        optional :header, :string, 1
-        optional :query, :string, 2
-        optional :cookie, :string, 4
-      end
-    end
-    add_message "google.api.AuthProvider" do
-      optional :id, :string, 1
-      optional :issuer, :string, 2
-      optional :jwks_uri, :string, 3
-      optional :audiences, :string, 4
-      optional :authorization_url, :string, 5
-      repeated :jwt_locations, :message, 6, "google.api.JwtLocation"
-    end
-    add_message "google.api.OAuthRequirements" do
-      optional :canonical_scopes, :string, 1
-    end
-    add_message "google.api.AuthRequirement" do
-      optional :provider_id, :string, 1
-      optional :audiences, :string, 2
+
+descriptor_data = "\n\x15google/api/auth.proto\x12\ngoogle.api\"l\n\x0e\x41uthentication\x12-\n\x05rules\x18\x03 \x03(\x0b\x32\x1e.google.api.AuthenticationRule\x12+\n\tproviders\x18\x04 \x03(\x0b\x32\x18.google.api.AuthProvider\"\xa9\x01\n\x12\x41uthenticationRule\x12\x10\n\x08selector\x18\x01 \x01(\t\x12,\n\x05oauth\x18\x02 \x01(\x0b\x32\x1d.google.api.OAuthRequirements\x12 \n\x18\x61llow_without_credential\x18\x05 \x01(\x08\x12\x31\n\x0crequirements\x18\x07 \x03(\x0b\x32\x1b.google.api.AuthRequirement\"^\n\x0bJwtLocation\x12\x10\n\x06header\x18\x01 \x01(\tH\x00\x12\x0f\n\x05query\x18\x02 \x01(\tH\x00\x12\x10\n\x06\x63ookie\x18\x04 \x01(\tH\x00\x12\x14\n\x0cvalue_prefix\x18\x03 \x01(\tB\x04\n\x02in\"\x9a\x01\n\x0c\x41uthProvider\x12\n\n\x02id\x18\x01 \x01(\t\x12\x0e\n\x06issuer\x18\x02 \x01(\t\x12\x10\n\x08jwks_uri\x18\x03 \x01(\t\x12\x11\n\taudiences\x18\x04 \x01(\t\x12\x19\n\x11\x61uthorization_url\x18\x05 \x01(\t\x12.\n\rjwt_locations\x18\x06 \x03(\x0b\x32\x17.google.api.JwtLocation\"-\n\x11OAuthRequirements\x12\x18\n\x10\x63\x61nonical_scopes\x18\x01 \x01(\t\"9\n\x0f\x41uthRequirement\x12\x13\n\x0bprovider_id\x18\x01 \x01(\t\x12\x11\n\taudiences\x18\x02 \x01(\tBk\n\x0e\x63om.google.apiB\tAuthProtoP\x01ZEgoogle.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig\xa2\x02\x04GAPIb\x06proto3"
+
+pool = Google::Protobuf::DescriptorPool.generated_pool
+
+begin
+  pool.add_serialized_file(descriptor_data)
+rescue TypeError => e
+  # Compatibility code: will be removed in the next major version.
+  require 'google/protobuf/descriptor_pb'
+  parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
+  parsed.clear_dependency
+  serialized = parsed.class.encode(parsed)
+  file = pool.add_serialized_file(serialized)
+  warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
+  imports = [
+  ]
+  imports.each do |type_name, expected_filename|
+    import_file = pool.lookup(type_name).file_descriptor
+    if import_file.name != expected_filename
+      warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
     end
   end
+  warn "Each proto file must use a consistent fully-qualified name."
+  warn "This will become an error in the next major version."
 end
 
 module Google
@@ -51,3 +41,243 @@ module Google
     AuthRequirement = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.api.AuthRequirement").msgclass
   end
 end
+
+#### Source proto file: google/api/auth.proto ####
+#
+# // Copyright 2023 Google LLC
+# //
+# // Licensed under the Apache License, Version 2.0 (the "License");
+# // you may not use this file except in compliance with the License.
+# // You may obtain a copy of the License at
+# //
+# //     http://www.apache.org/licenses/LICENSE-2.0
+# //
+# // Unless required by applicable law or agreed to in writing, software
+# // distributed under the License is distributed on an "AS IS" BASIS,
+# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# // See the License for the specific language governing permissions and
+# // limitations under the License.
+#
+# syntax = "proto3";
+#
+# package google.api;
+#
+# option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig";
+# option java_multiple_files = true;
+# option java_outer_classname = "AuthProto";
+# option java_package = "com.google.api";
+# option objc_class_prefix = "GAPI";
+#
+# // `Authentication` defines the authentication configuration for API methods
+# // provided by an API service.
+# //
+# // Example:
+# //
+# //     name: calendar.googleapis.com
+# //     authentication:
+# //       providers:
+# //       - id: google_calendar_auth
+# //         jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+# //         issuer: https://securetoken.google.com
+# //       rules:
+# //       - selector: "*"
+# //         requirements:
+# //           provider_id: google_calendar_auth
+# //       - selector: google.calendar.Delegate
+# //         oauth:
+# //           canonical_scopes: https://www.googleapis.com/auth/calendar.read
+# message Authentication {
+#   // A list of authentication rules that apply to individual API methods.
+#   //
+#   // **NOTE:** All service configuration rules follow "last one wins" order.
+#   repeated AuthenticationRule rules = 3;
+#
+#   // Defines a set of authentication providers that a service supports.
+#   repeated AuthProvider providers = 4;
+# }
+#
+# // Authentication rules for the service.
+# //
+# // By default, if a method has any authentication requirements, every request
+# // must include a valid credential matching one of the requirements.
+# // It's an error to include more than one kind of credential in a single
+# // request.
+# //
+# // If a method doesn't have any auth requirements, request credentials will be
+# // ignored.
+# message AuthenticationRule {
+#   // Selects the methods to which this rule applies.
+#   //
+#   // Refer to [selector][google.api.DocumentationRule.selector] for syntax
+#   // details.
+#   string selector = 1;
+#
+#   // The requirements for OAuth credentials.
+#   OAuthRequirements oauth = 2;
+#
+#   // If true, the service accepts API keys without any other credential.
+#   // This flag only applies to HTTP and gRPC requests.
+#   bool allow_without_credential = 5;
+#
+#   // Requirements for additional authentication providers.
+#   repeated AuthRequirement requirements = 7;
+# }
+#
+# // Specifies a location to extract JWT from an API request.
+# message JwtLocation {
+#   oneof in {
+#     // Specifies HTTP header name to extract JWT token.
+#     string header = 1;
+#
+#     // Specifies URL query parameter name to extract JWT token.
+#     string query = 2;
+#
+#     // Specifies cookie name to extract JWT token.
+#     string cookie = 4;
+#   }
+#
+#   // The value prefix. The value format is "value_prefix{token}"
+#   // Only applies to "in" header type. Must be empty for "in" query type.
+#   // If not empty, the header value has to match (case sensitive) this prefix.
+#   // If not matched, JWT will not be extracted. If matched, JWT will be
+#   // extracted after the prefix is removed.
+#   //
+#   // For example, for "Authorization: Bearer {JWT}",
+#   // value_prefix="Bearer " with a space at the end.
+#   string value_prefix = 3;
+# }
+#
+# // Configuration for an authentication provider, including support for
+# // [JSON Web Token
+# // (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+# message AuthProvider {
+#   // The unique identifier of the auth provider. It will be referred to by
+#   // `AuthRequirement.provider_id`.
+#   //
+#   // Example: "bookstore_auth".
+#   string id = 1;
+#
+#   // Identifies the principal that issued the JWT. See
+#   // https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+#   // Usually a URL or an email address.
+#   //
+#   // Example: https://securetoken.google.com
+#   // Example: 1234567-compute@developer.gserviceaccount.com
+#   string issuer = 2;
+#
+#   // URL of the provider's public key set to validate signature of the JWT. See
+#   // [OpenID
+#   // Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+#   // Optional if the key set document:
+#   //  - can be retrieved from
+#   //    [OpenID
+#   //    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
+#   //    of the issuer.
+#   //  - can be inferred from the email domain of the issuer (e.g. a Google
+#   //  service account).
+#   //
+#   // Example: https://www.googleapis.com/oauth2/v1/certs
+#   string jwks_uri = 3;
+#
+#   // The list of JWT
+#   // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+#   // that are allowed to access. A JWT containing any of these audiences will
+#   // be accepted. When this setting is absent, JWTs with audiences:
+#   //   - "https://[service.name]/[google.protobuf.Api.name]"
+#   //   - "https://[service.name]/"
+#   // will be accepted.
+#   // For example, if no audiences are in the setting, LibraryService API will
+#   // accept JWTs with the following audiences:
+#   //   -
+#   //   https://library-example.googleapis.com/google.example.library.v1.LibraryService
+#   //   - https://library-example.googleapis.com/
+#   //
+#   // Example:
+#   //
+#   //     audiences: bookstore_android.apps.googleusercontent.com,
+#   //                bookstore_web.apps.googleusercontent.com
+#   string audiences = 4;
+#
+#   // Redirect URL if JWT token is required but not present or is expired.
+#   // Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+#   string authorization_url = 5;
+#
+#   // Defines the locations to extract the JWT.  For now it is only used by the
+#   // Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
+#   // (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
+#   //
+#   // JWT locations can be one of HTTP headers, URL query parameters or
+#   // cookies. The rule is that the first match wins.
+#   //
+#   // If not specified,  default to use following 3 locations:
+#   //    1) Authorization: Bearer
+#   //    2) x-goog-iap-jwt-assertion
+#   //    3) access_token query parameter
+#   //
+#   // Default locations can be specified as followings:
+#   //    jwt_locations:
+#   //    - header: Authorization
+#   //      value_prefix: "Bearer "
+#   //    - header: x-goog-iap-jwt-assertion
+#   //    - query: access_token
+#   repeated JwtLocation jwt_locations = 6;
+# }
+#
+# // OAuth scopes are a way to define data and permissions on data. For example,
+# // there are scopes defined for "Read-only access to Google Calendar" and
+# // "Access to Cloud Platform". Users can consent to a scope for an application,
+# // giving it permission to access that data on their behalf.
+# //
+# // OAuth scope specifications should be fairly coarse grained; a user will need
+# // to see and understand the text description of what your scope means.
+# //
+# // In most cases: use one or at most two OAuth scopes for an entire family of
+# // products. If your product has multiple APIs, you should probably be sharing
+# // the OAuth scope across all of those APIs.
+# //
+# // When you need finer grained OAuth consent screens: talk with your product
+# // management about how developers will use them in practice.
+# //
+# // Please note that even though each of the canonical scopes is enough for a
+# // request to be accepted and passed to the backend, a request can still fail
+# // due to the backend requiring additional scopes or permissions.
+# message OAuthRequirements {
+#   // The list of publicly documented OAuth scopes that are allowed access. An
+#   // OAuth token containing any of these scopes will be accepted.
+#   //
+#   // Example:
+#   //
+#   //      canonical_scopes: https://www.googleapis.com/auth/calendar,
+#   //                        https://www.googleapis.com/auth/calendar.read
+#   string canonical_scopes = 1;
+# }
+#
+# // User-defined authentication requirements, including support for
+# // [JSON Web Token
+# // (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+# message AuthRequirement {
+#   // [id][google.api.AuthProvider.id] from authentication provider.
+#   //
+#   // Example:
+#   //
+#   //     provider_id: bookstore_auth
+#   string provider_id = 1;
+#
+#   // NOTE: This will be deprecated soon, once AuthProvider.audiences is
+#   // implemented and accepted in all the runtime components.
+#   //
+#   // The list of JWT
+#   // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+#   // that are allowed to access. A JWT containing any of these audiences will
+#   // be accepted. When this setting is absent, only JWTs with audience
+#   // "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]"
+#   // will be accepted. For example, if no audiences are in the setting,
+#   // LibraryService API will only accept JWTs with the following audience
+#   // "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+#   //
+#   // Example:
+#   //
+#   //     audiences: bookstore_android.apps.googleusercontent.com,
+#   //                bookstore_web.apps.googleusercontent.com
+#   string audiences = 2;
+# }

data/lib/google/api/backend_pb.rb

@@ -1,33 +1,34 @@
+# frozen_string_literal: true
 # Generated by the protocol buffer compiler.  DO NOT EDIT!
 # source: google/api/backend.proto
 
 require 'google/protobuf'
 
-Google::Protobuf::DescriptorPool.generated_pool.build do
-  add_file("google/api/backend.proto", :syntax => :proto3) do
-    add_message "google.api.Backend" do
-      repeated :rules, :message, 1, "google.api.BackendRule"
-    end
-    add_message "google.api.BackendRule" do
-      optional :selector, :string, 1
-      optional :address, :string, 2
-      optional :deadline, :double, 3
-      optional :min_deadline, :double, 4
-      optional :operation_deadline, :double, 5
-      optional :path_translation, :enum, 6, "google.api.BackendRule.PathTranslation"
-      optional :protocol, :string, 9
-      map :overrides_by_request_protocol, :string, :message, 10, "google.api.BackendRule"
-      oneof :authentication do
-        optional :jwt_audience, :string, 7
-        optional :disable_auth, :bool, 8
-      end
-    end
-    add_enum "google.api.BackendRule.PathTranslation" do
-      value :PATH_TRANSLATION_UNSPECIFIED, 0
-      value :CONSTANT_ADDRESS, 1
-      value :APPEND_PATH_TO_ADDRESS, 2
+
+descriptor_data = "\n\x18google/api/backend.proto\x12\ngoogle.api\"1\n\x07\x42\x61\x63kend\x12&\n\x05rules\x18\x01 \x03(\x0b\x32\x17.google.api.BackendRule\"\xb2\x04\n\x0b\x42\x61\x63kendRule\x12\x10\n\x08selector\x18\x01 \x01(\t\x12\x0f\n\x07\x61\x64\x64ress\x18\x02 \x01(\t\x12\x10\n\x08\x64\x65\x61\x64line\x18\x03 \x01(\x01\x12\x18\n\x0cmin_deadline\x18\x04 \x01(\x01\x42\x02\x18\x01\x12\x1a\n\x12operation_deadline\x18\x05 \x01(\x01\x12\x41\n\x10path_translation\x18\x06 \x01(\x0e\x32\'.google.api.BackendRule.PathTranslation\x12\x16\n\x0cjwt_audience\x18\x07 \x01(\tH\x00\x12\x16\n\x0c\x64isable_auth\x18\x08 \x01(\x08H\x00\x12\x10\n\x08protocol\x18\t \x01(\t\x12^\n\x1doverrides_by_request_protocol\x18\n \x03(\x0b\x32\x37.google.api.BackendRule.OverridesByRequestProtocolEntry\x1aZ\n\x1fOverridesByRequestProtocolEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12&\n\x05value\x18\x02 \x01(\x0b\x32\x17.google.api.BackendRule:\x02\x38\x01\"e\n\x0fPathTranslation\x12 \n\x1cPATH_TRANSLATION_UNSPECIFIED\x10\x00\x12\x14\n\x10\x43ONSTANT_ADDRESS\x10\x01\x12\x1a\n\x16\x41PPEND_PATH_TO_ADDRESS\x10\x02\x42\x10\n\x0e\x61uthenticationBn\n\x0e\x63om.google.apiB\x0c\x42\x61\x63kendProtoP\x01ZEgoogle.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig\xa2\x02\x04GAPIb\x06proto3"
+
+pool = Google::Protobuf::DescriptorPool.generated_pool
+
+begin
+  pool.add_serialized_file(descriptor_data)
+rescue TypeError => e
+  # Compatibility code: will be removed in the next major version.
+  require 'google/protobuf/descriptor_pb'
+  parsed = Google::Protobuf::FileDescriptorProto.decode(descriptor_data)
+  parsed.clear_dependency
+  serialized = parsed.class.encode(parsed)
+  file = pool.add_serialized_file(serialized)
+  warn "Warning: Protobuf detected an import path issue while loading generated file #{__FILE__}"
+  imports = [
+  ]
+  imports.each do |type_name, expected_filename|
+    import_file = pool.lookup(type_name).file_descriptor
+    if import_file.name != expected_filename
+      warn "- #{file.name} imports #{expected_filename}, but that import was loaded as #{import_file.name}"
     end
   end
+  warn "Each proto file must use a consistent fully-qualified name."
+  warn "This will become an error in the next major version."
 end
 
 module Google
@@ -37,3 +38,191 @@ module Google
     BackendRule::PathTranslation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.api.BackendRule.PathTranslation").enummodule
   end
 end
+
+#### Source proto file: google/api/backend.proto ####
+#
+# // Copyright 2023 Google LLC
+# //
+# // Licensed under the Apache License, Version 2.0 (the "License");
+# // you may not use this file except in compliance with the License.
+# // You may obtain a copy of the License at
+# //
+# //     http://www.apache.org/licenses/LICENSE-2.0
+# //
+# // Unless required by applicable law or agreed to in writing, software
+# // distributed under the License is distributed on an "AS IS" BASIS,
+# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# // See the License for the specific language governing permissions and
+# // limitations under the License.
+#
+# syntax = "proto3";
+#
+# package google.api;
+#
+# option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig";
+# option java_multiple_files = true;
+# option java_outer_classname = "BackendProto";
+# option java_package = "com.google.api";
+# option objc_class_prefix = "GAPI";
+#
+# // `Backend` defines the backend configuration for a service.
+# message Backend {
+#   // A list of API backend rules that apply to individual API methods.
+#   //
+#   // **NOTE:** All service configuration rules follow "last one wins" order.
+#   repeated BackendRule rules = 1;
+# }
+#
+# // A backend rule provides configuration for an individual API element.
+# message BackendRule {
+#   // Path Translation specifies how to combine the backend address with the
+#   // request path in order to produce the appropriate forwarding URL for the
+#   // request.
+#   //
+#   // Path Translation is applicable only to HTTP-based backends. Backends which
+#   // do not accept requests over HTTP/HTTPS should leave `path_translation`
+#   // unspecified.
+#   enum PathTranslation {
+#     PATH_TRANSLATION_UNSPECIFIED = 0;
+#
+#     // Use the backend address as-is, with no modification to the path. If the
+#     // URL pattern contains variables, the variable names and values will be
+#     // appended to the query string. If a query string parameter and a URL
+#     // pattern variable have the same name, this may result in duplicate keys in
+#     // the query string.
+#     //
+#     // # Examples
+#     //
+#     // Given the following operation config:
+#     //
+#     //     Method path:        /api/company/{cid}/user/{uid}
+#     //     Backend address:    https://example.cloudfunctions.net/getUser
+#     //
+#     // Requests to the following request paths will call the backend at the
+#     // translated path:
+#     //
+#     //     Request path: /api/company/widgetworks/user/johndoe
+#     //     Translated:
+#     //     https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe
+#     //
+#     //     Request path: /api/company/widgetworks/user/johndoe?timezone=EST
+#     //     Translated:
+#     //     https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe
+#     CONSTANT_ADDRESS = 1;
+#
+#     // The request path will be appended to the backend address.
+#     //
+#     // # Examples
+#     //
+#     // Given the following operation config:
+#     //
+#     //     Method path:        /api/company/{cid}/user/{uid}
+#     //     Backend address:    https://example.appspot.com
+#     //
+#     // Requests to the following request paths will call the backend at the
+#     // translated path:
+#     //
+#     //     Request path: /api/company/widgetworks/user/johndoe
+#     //     Translated:
+#     //     https://example.appspot.com/api/company/widgetworks/user/johndoe
+#     //
+#     //     Request path: /api/company/widgetworks/user/johndoe?timezone=EST
+#     //     Translated:
+#     //     https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST
+#     APPEND_PATH_TO_ADDRESS = 2;
+#   }
+#
+#   // Selects the methods to which this rule applies.
+#   //
+#   // Refer to [selector][google.api.DocumentationRule.selector] for syntax
+#   // details.
+#   string selector = 1;
+#
+#   // The address of the API backend.
+#   //
+#   // The scheme is used to determine the backend protocol and security.
+#   // The following schemes are accepted:
+#   //
+#   //    SCHEME        PROTOCOL    SECURITY
+#   //    http://       HTTP        None
+#   //    https://      HTTP        TLS
+#   //    grpc://       gRPC        None
+#   //    grpcs://      gRPC        TLS
+#   //
+#   // It is recommended to explicitly include a scheme. Leaving out the scheme
+#   // may cause constrasting behaviors across platforms.
+#   //
+#   // If the port is unspecified, the default is:
+#   // - 80 for schemes without TLS
+#   // - 443 for schemes with TLS
+#   //
+#   // For HTTP backends, use [protocol][google.api.BackendRule.protocol]
+#   // to specify the protocol version.
+#   string address = 2;
+#
+#   // The number of seconds to wait for a response from a request. The default
+#   // varies based on the request protocol and deployment environment.
+#   double deadline = 3;
+#
+#   // Deprecated, do not use.
+#   double min_deadline = 4 [deprecated = true];
+#
+#   // The number of seconds to wait for the completion of a long running
+#   // operation. The default is no deadline.
+#   double operation_deadline = 5;
+#
+#   PathTranslation path_translation = 6;
+#
+#   // Authentication settings used by the backend.
+#   //
+#   // These are typically used to provide service management functionality to
+#   // a backend served on a publicly-routable URL. The `authentication`
+#   // details should match the authentication behavior used by the backend.
+#   //
+#   // For example, specifying `jwt_audience` implies that the backend expects
+#   // authentication via a JWT.
+#   //
+#   // When authentication is unspecified, the resulting behavior is the same
+#   // as `disable_auth` set to `true`.
+#   //
+#   // Refer to https://developers.google.com/identity/protocols/OpenIDConnect for
+#   // JWT ID token.
+#   oneof authentication {
+#     // The JWT audience is used when generating a JWT ID token for the backend.
+#     // This ID token will be added in the HTTP "authorization" header, and sent
+#     // to the backend.
+#     string jwt_audience = 7;
+#
+#     // When disable_auth is true, a JWT ID token won't be generated and the
+#     // original "Authorization" HTTP header will be preserved. If the header is
+#     // used to carry the original token and is expected by the backend, this
+#     // field must be set to true to preserve the header.
+#     bool disable_auth = 8;
+#   }
+#
+#   // The protocol used for sending a request to the backend.
+#   // The supported values are "http/1.1" and "h2".
+#   //
+#   // The default value is inferred from the scheme in the
+#   // [address][google.api.BackendRule.address] field:
+#   //
+#   //    SCHEME        PROTOCOL
+#   //    http://       http/1.1
+#   //    https://      http/1.1
+#   //    grpc://       h2
+#   //    grpcs://      h2
+#   //
+#   // For secure HTTP backends (https://) that support HTTP/2, set this field
+#   // to "h2" for improved performance.
+#   //
+#   // Configuring this field to non-default values is only supported for secure
+#   // HTTP backends. This field will be ignored for all other backends.
+#   //
+#   // See
+#   // https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
+#   // for more details on the supported values.
+#   string protocol = 9;
+#
+#   // The map between request protocol and the backend address.
+#   map<string, BackendRule> overrides_by_request_protocol = 10;
+# }