@alis-build/common-es 1.0.3

package/google/api/auth_pb.d.ts

@@ -0,0 +1,380 @@
+// Copyright 2015 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// @generated by protoc-gen-es v2.11.0 with parameter "target=js+dts"
+// @generated from file google/api/auth.proto (package google.api, syntax proto3)
+/* eslint-disable */
+
+import type { GenFile, GenMessage } from "@bufbuild/protobuf/codegenv2";
+import type { Message } from "@bufbuild/protobuf";
+
+/**
+ * Describes the file google/api/auth.proto.
+ */
+export declare const file_google_api_auth: GenFile;
+
+/**
+ * `Authentication` defines the authentication configuration for API methods
+ * provided by an API service.
+ *
+ * Example:
+ *
+ *     name: calendar.googleapis.com
+ *     authentication:
+ *       providers:
+ *       - id: google_calendar_auth
+ *         jwks_uri: https://www.googleapis.com/oauth2/v1/certs
+ *         issuer: https://securetoken.google.com
+ *       rules:
+ *       - selector: "*"
+ *         requirements:
+ *           provider_id: google_calendar_auth
+ *       - selector: google.calendar.Delegate
+ *         oauth:
+ *           canonical_scopes: https://www.googleapis.com/auth/calendar.read
+ *
+ * @generated from message google.api.Authentication
+ */
+export declare type Authentication = Message<"google.api.Authentication"> & {
+  /**
+   * A list of authentication rules that apply to individual API methods.
+   *
+   * **NOTE:** All service configuration rules follow "last one wins" order.
+   *
+   * @generated from field: repeated google.api.AuthenticationRule rules = 3;
+   */
+  rules: AuthenticationRule[];
+
+  /**
+   * Defines a set of authentication providers that a service supports.
+   *
+   * @generated from field: repeated google.api.AuthProvider providers = 4;
+   */
+  providers: AuthProvider[];
+};
+
+/**
+ * Describes the message google.api.Authentication.
+ * Use `create(AuthenticationSchema)` to create a new message.
+ */
+export declare const AuthenticationSchema: GenMessage<Authentication>;
+
+/**
+ * Authentication rules for the service.
+ *
+ * By default, if a method has any authentication requirements, every request
+ * must include a valid credential matching one of the requirements.
+ * It's an error to include more than one kind of credential in a single
+ * request.
+ *
+ * If a method doesn't have any auth requirements, request credentials will be
+ * ignored.
+ *
+ * @generated from message google.api.AuthenticationRule
+ */
+export declare type AuthenticationRule = Message<"google.api.AuthenticationRule"> & {
+  /**
+   * Selects the methods to which this rule applies.
+   *
+   * Refer to [selector][google.api.DocumentationRule.selector] for syntax details.
+   *
+   * @generated from field: string selector = 1;
+   */
+  selector: string;
+
+  /**
+   * The requirements for OAuth credentials.
+   *
+   * @generated from field: google.api.OAuthRequirements oauth = 2;
+   */
+  oauth?: OAuthRequirements;
+
+  /**
+   * If true, the service accepts API keys without any other credential.
+   * This flag only applies to HTTP and gRPC requests.
+   *
+   * @generated from field: bool allow_without_credential = 5;
+   */
+  allowWithoutCredential: boolean;
+
+  /**
+   * Requirements for additional authentication providers.
+   *
+   * @generated from field: repeated google.api.AuthRequirement requirements = 7;
+   */
+  requirements: AuthRequirement[];
+};
+
+/**
+ * Describes the message google.api.AuthenticationRule.
+ * Use `create(AuthenticationRuleSchema)` to create a new message.
+ */
+export declare const AuthenticationRuleSchema: GenMessage<AuthenticationRule>;
+
+/**
+ * Specifies a location to extract JWT from an API request.
+ *
+ * @generated from message google.api.JwtLocation
+ */
+export declare type JwtLocation = Message<"google.api.JwtLocation"> & {
+  /**
+   * @generated from oneof google.api.JwtLocation.in
+   */
+  in: {
+    /**
+     * Specifies HTTP header name to extract JWT token.
+     *
+     * @generated from field: string header = 1;
+     */
+    value: string;
+    case: "header";
+  } | {
+    /**
+     * Specifies URL query parameter name to extract JWT token.
+     *
+     * @generated from field: string query = 2;
+     */
+    value: string;
+    case: "query";
+  } | {
+    /**
+     * Specifies cookie name to extract JWT token.
+     *
+     * @generated from field: string cookie = 4;
+     */
+    value: string;
+    case: "cookie";
+  } | { case: undefined; value?: undefined };
+
+  /**
+   * The value prefix. The value format is "value_prefix{token}"
+   * Only applies to "in" header type. Must be empty for "in" query type.
+   * If not empty, the header value has to match (case sensitive) this prefix.
+   * If not matched, JWT will not be extracted. If matched, JWT will be
+   * extracted after the prefix is removed.
+   *
+   * For example, for "Authorization: Bearer {JWT}",
+   * value_prefix="Bearer " with a space at the end.
+   *
+   * @generated from field: string value_prefix = 3;
+   */
+  valuePrefix: string;
+};
+
+/**
+ * Describes the message google.api.JwtLocation.
+ * Use `create(JwtLocationSchema)` to create a new message.
+ */
+export declare const JwtLocationSchema: GenMessage<JwtLocation>;
+
+/**
+ * Configuration for an authentication provider, including support for
+ * [JSON Web Token
+ * (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ *
+ * @generated from message google.api.AuthProvider
+ */
+export declare type AuthProvider = Message<"google.api.AuthProvider"> & {
+  /**
+   * The unique identifier of the auth provider. It will be referred to by
+   * `AuthRequirement.provider_id`.
+   *
+   * Example: "bookstore_auth".
+   *
+   * @generated from field: string id = 1;
+   */
+  id: string;
+
+  /**
+   * Identifies the principal that issued the JWT. See
+   * https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
+   * Usually a URL or an email address.
+   *
+   * Example: https://securetoken.google.com
+   * Example: 1234567-compute@developer.gserviceaccount.com
+   *
+   * @generated from field: string issuer = 2;
+   */
+  issuer: string;
+
+  /**
+   * URL of the provider's public key set to validate signature of the JWT. See
+   * [OpenID
+   * Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
+   * Optional if the key set document:
+   *  - can be retrieved from
+   *    [OpenID
+   *    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
+   *    of the issuer.
+   *  - can be inferred from the email domain of the issuer (e.g. a Google
+   *  service account).
+   *
+   * Example: https://www.googleapis.com/oauth2/v1/certs
+   *
+   * @generated from field: string jwks_uri = 3;
+   */
+  jwksUri: string;
+
+  /**
+   * The list of JWT
+   * [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+   * that are allowed to access. A JWT containing any of these audiences will
+   * be accepted. When this setting is absent, JWTs with audiences:
+   *   - "https://[service.name]/[google.protobuf.Api.name]"
+   *   - "https://[service.name]/"
+   * will be accepted.
+   * For example, if no audiences are in the setting, LibraryService API will
+   * accept JWTs with the following audiences:
+   *   -
+   *   https://library-example.googleapis.com/google.example.library.v1.LibraryService
+   *   - https://library-example.googleapis.com/
+   *
+   * Example:
+   *
+   *     audiences: bookstore_android.apps.googleusercontent.com,
+   *                bookstore_web.apps.googleusercontent.com
+   *
+   * @generated from field: string audiences = 4;
+   */
+  audiences: string;
+
+  /**
+   * Redirect URL if JWT token is required but not present or is expired.
+   * Implement authorizationUrl of securityDefinitions in OpenAPI spec.
+   *
+   * @generated from field: string authorization_url = 5;
+   */
+  authorizationUrl: string;
+
+  /**
+   * Defines the locations to extract the JWT.  For now it is only used by the
+   * Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
+   * (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
+   *
+   * JWT locations can be one of HTTP headers, URL query parameters or
+   * cookies. The rule is that the first match wins.
+   *
+   * If not specified,  default to use following 3 locations:
+   *    1) Authorization: Bearer
+   *    2) x-goog-iap-jwt-assertion
+   *    3) access_token query parameter
+   *
+   * Default locations can be specified as followings:
+   *    jwt_locations:
+   *    - header: Authorization
+   *      value_prefix: "Bearer "
+   *    - header: x-goog-iap-jwt-assertion
+   *    - query: access_token
+   *
+   * @generated from field: repeated google.api.JwtLocation jwt_locations = 6;
+   */
+  jwtLocations: JwtLocation[];
+};
+
+/**
+ * Describes the message google.api.AuthProvider.
+ * Use `create(AuthProviderSchema)` to create a new message.
+ */
+export declare const AuthProviderSchema: GenMessage<AuthProvider>;
+
+/**
+ * OAuth scopes are a way to define data and permissions on data. For example,
+ * there are scopes defined for "Read-only access to Google Calendar" and
+ * "Access to Cloud Platform". Users can consent to a scope for an application,
+ * giving it permission to access that data on their behalf.
+ *
+ * OAuth scope specifications should be fairly coarse grained; a user will need
+ * to see and understand the text description of what your scope means.
+ *
+ * In most cases: use one or at most two OAuth scopes for an entire family of
+ * products. If your product has multiple APIs, you should probably be sharing
+ * the OAuth scope across all of those APIs.
+ *
+ * When you need finer grained OAuth consent screens: talk with your product
+ * management about how developers will use them in practice.
+ *
+ * Please note that even though each of the canonical scopes is enough for a
+ * request to be accepted and passed to the backend, a request can still fail
+ * due to the backend requiring additional scopes or permissions.
+ *
+ * @generated from message google.api.OAuthRequirements
+ */
+export declare type OAuthRequirements = Message<"google.api.OAuthRequirements"> & {
+  /**
+   * The list of publicly documented OAuth scopes that are allowed access. An
+   * OAuth token containing any of these scopes will be accepted.
+   *
+   * Example:
+   *
+   *      canonical_scopes: https://www.googleapis.com/auth/calendar,
+   *                        https://www.googleapis.com/auth/calendar.read
+   *
+   * @generated from field: string canonical_scopes = 1;
+   */
+  canonicalScopes: string;
+};
+
+/**
+ * Describes the message google.api.OAuthRequirements.
+ * Use `create(OAuthRequirementsSchema)` to create a new message.
+ */
+export declare const OAuthRequirementsSchema: GenMessage<OAuthRequirements>;
+
+/**
+ * User-defined authentication requirements, including support for
+ * [JSON Web Token
+ * (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
+ *
+ * @generated from message google.api.AuthRequirement
+ */
+export declare type AuthRequirement = Message<"google.api.AuthRequirement"> & {
+  /**
+   * [id][google.api.AuthProvider.id] from authentication provider.
+   *
+   * Example:
+   *
+   *     provider_id: bookstore_auth
+   *
+   * @generated from field: string provider_id = 1;
+   */
+  providerId: string;
+
+  /**
+   * NOTE: This will be deprecated soon, once AuthProvider.audiences is
+   * implemented and accepted in all the runtime components.
+   *
+   * The list of JWT
+   * [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
+   * that are allowed to access. A JWT containing any of these audiences will
+   * be accepted. When this setting is absent, only JWTs with audience
+   * "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]"
+   * will be accepted. For example, if no audiences are in the setting,
+   * LibraryService API will only accept JWTs with the following audience
+   * "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
+   *
+   * Example:
+   *
+   *     audiences: bookstore_android.apps.googleusercontent.com,
+   *                bookstore_web.apps.googleusercontent.com
+   *
+   * @generated from field: string audiences = 2;
+   */
+  audiences: string;
+};
+
+/**
+ * Describes the message google.api.AuthRequirement.
+ * Use `create(AuthRequirementSchema)` to create a new message.
+ */
+export declare const AuthRequirementSchema: GenMessage<AuthRequirement>;

package/google/api/auth_pb.js

@@ -0,0 +1,67 @@
+// Copyright 2015 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// @generated by protoc-gen-es v2.11.0 with parameter "target=js+dts"
+// @generated from file google/api/auth.proto (package google.api, syntax proto3)
+/* eslint-disable */
+
+import { fileDesc, messageDesc } from "@bufbuild/protobuf/codegenv2";
+
+/**
+ * Describes the file google/api/auth.proto.
+ */
+export const file_google_api_auth = /*@__PURE__*/
+  fileDesc("ChVnb29nbGUvYXBpL2F1dGgucHJvdG8SCmdvb2dsZS5hcGkibAoOQXV0aGVudGljYXRpb24SLQoFcnVsZXMYAyADKAsyHi5nb29nbGUuYXBpLkF1dGhlbnRpY2F0aW9uUnVsZRIrCglwcm92aWRlcnMYBCADKAsyGC5nb29nbGUuYXBpLkF1dGhQcm92aWRlciKpAQoSQXV0aGVudGljYXRpb25SdWxlEhAKCHNlbGVjdG9yGAEgASgJEiwKBW9hdXRoGAIgASgLMh0uZ29vZ2xlLmFwaS5PQXV0aFJlcXVpcmVtZW50cxIgChhhbGxvd193aXRob3V0X2NyZWRlbnRpYWwYBSABKAgSMQoMcmVxdWlyZW1lbnRzGAcgAygLMhsuZ29vZ2xlLmFwaS5BdXRoUmVxdWlyZW1lbnQiXgoLSnd0TG9jYXRpb24SEAoGaGVhZGVyGAEgASgJSAASDwoFcXVlcnkYAiABKAlIABIQCgZjb29raWUYBCABKAlIABIUCgx2YWx1ZV9wcmVmaXgYAyABKAlCBAoCaW4imgEKDEF1dGhQcm92aWRlchIKCgJpZBgBIAEoCRIOCgZpc3N1ZXIYAiABKAkSEAoIandrc191cmkYAyABKAkSEQoJYXVkaWVuY2VzGAQgASgJEhkKEWF1dGhvcml6YXRpb25fdXJsGAUgASgJEi4KDWp3dF9sb2NhdGlvbnMYBiADKAsyFy5nb29nbGUuYXBpLkp3dExvY2F0aW9uIi0KEU9BdXRoUmVxdWlyZW1lbnRzEhgKEGNhbm9uaWNhbF9zY29wZXMYASABKAkiOQoPQXV0aFJlcXVpcmVtZW50EhMKC3Byb3ZpZGVyX2lkGAEgASgJEhEKCWF1ZGllbmNlcxgCIAEoCUJrCg5jb20uZ29vZ2xlLmFwaUIJQXV0aFByb3RvUAFaRWdvb2dsZS5nb2xhbmcub3JnL2dlbnByb3RvL2dvb2dsZWFwaXMvYXBpL3NlcnZpY2Vjb25maWc7c2VydmljZWNvbmZpZ6ICBEdBUEliBnByb3RvMw");
+
+/**
+ * Describes the message google.api.Authentication.
+ * Use `create(AuthenticationSchema)` to create a new message.
+ */
+export const AuthenticationSchema = /*@__PURE__*/
+  messageDesc(file_google_api_auth, 0);
+
+/**
+ * Describes the message google.api.AuthenticationRule.
+ * Use `create(AuthenticationRuleSchema)` to create a new message.
+ */
+export const AuthenticationRuleSchema = /*@__PURE__*/
+  messageDesc(file_google_api_auth, 1);
+
+/**
+ * Describes the message google.api.JwtLocation.
+ * Use `create(JwtLocationSchema)` to create a new message.
+ */
+export const JwtLocationSchema = /*@__PURE__*/
+  messageDesc(file_google_api_auth, 2);
+
+/**
+ * Describes the message google.api.AuthProvider.
+ * Use `create(AuthProviderSchema)` to create a new message.
+ */
+export const AuthProviderSchema = /*@__PURE__*/
+  messageDesc(file_google_api_auth, 3);
+
+/**
+ * Describes the message google.api.OAuthRequirements.
+ * Use `create(OAuthRequirementsSchema)` to create a new message.
+ */
+export const OAuthRequirementsSchema = /*@__PURE__*/
+  messageDesc(file_google_api_auth, 4);
+
+/**
+ * Describes the message google.api.AuthRequirement.
+ * Use `create(AuthRequirementSchema)` to create a new message.
+ */
+export const AuthRequirementSchema = /*@__PURE__*/
+  messageDesc(file_google_api_auth, 5);