com.google.api

Interface AuthProviderOrBuilder

All Superinterfaces:

com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder

All Known Implementing Classes:

AuthProvider, AuthProvider.Builder

public interface AuthProviderOrBuilder
extends com.google.protobuf.MessageOrBuilder

Method Summary

Modifier and Type	Method and Description
String	getAudiences() The list of JWT [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
com.google.protobuf.ByteString	getAudiencesBytes() The list of JWT [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
String	getAuthorizationUrl() Redirect URL if JWT token is required but not present or is expired.
com.google.protobuf.ByteString	getAuthorizationUrlBytes() Redirect URL if JWT token is required but not present or is expired.
String	getId() The unique identifier of the auth provider.
com.google.protobuf.ByteString	getIdBytes() The unique identifier of the auth provider.
String	getIssuer() Identifies the principal that issued the JWT.
com.google.protobuf.ByteString	getIssuerBytes() Identifies the principal that issued the JWT.
String	getJwksUri() URL of the provider's public key set to validate signature of the JWT.
com.google.protobuf.ByteString	getJwksUriBytes() URL of the provider's public key set to validate signature of the JWT.
JwtLocation	getJwtLocations(int index) Defines the locations to extract the JWT.
int	getJwtLocationsCount() Defines the locations to extract the JWT.
List<JwtLocation>	getJwtLocationsList() Defines the locations to extract the JWT.
JwtLocationOrBuilder	getJwtLocationsOrBuilder(int index) Defines the locations to extract the JWT.
List<? extends JwtLocationOrBuilder>	getJwtLocationsOrBuilderList() Defines the locations to extract the JWT.

Methods inherited from interface com.google.protobuf.MessageOrBuilder

findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

isInitialized

Method Detail

getId

String getId()

 The unique identifier of the auth provider. It will be referred to by
 `AuthRequirement.provider_id`.
 Example: "bookstore_auth".
 

string id = 1;

Returns:

The id.

getIdBytes

com.google.protobuf.ByteString getIdBytes()

 The unique identifier of the auth provider. It will be referred to by
 `AuthRequirement.provider_id`.
 Example: "bookstore_auth".
 

string id = 1;

Returns:

The bytes for id.

getIssuer

String getIssuer()

 Identifies the principal that issued the JWT. See
 https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
 Usually a URL or an email address.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com
 

string issuer = 2;

Returns:

The issuer.

getIssuerBytes

com.google.protobuf.ByteString getIssuerBytes()

 Identifies the principal that issued the JWT. See
 https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
 Usually a URL or an email address.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com
 

string issuer = 2;

Returns:

The bytes for issuer.

getJwksUri

String getJwksUri()

 URL of the provider's public key set to validate signature of the JWT. See
 [OpenID
 Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
 Optional if the key set document:
  - can be retrieved from
    [OpenID
    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
    the issuer.
  - can be inferred from the email domain of the issuer (e.g. a Google
  service account).
 Example: https://www.googleapis.com/oauth2/v1/certs
 

string jwks_uri = 3;

Returns:

The jwksUri.

getJwksUriBytes

com.google.protobuf.ByteString getJwksUriBytes()

 URL of the provider's public key set to validate signature of the JWT. See
 [OpenID
 Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
 Optional if the key set document:
  - can be retrieved from
    [OpenID
    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html of
    the issuer.
  - can be inferred from the email domain of the issuer (e.g. a Google
  service account).
 Example: https://www.googleapis.com/oauth2/v1/certs
 

string jwks_uri = 3;

Returns:

The bytes for jwksUri.

getAudiences

String getAudiences()

 The list of JWT
 [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
 that are allowed to access. A JWT containing any of these audiences will
 be accepted. When this setting is absent, only JWTs with audience
 "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]"
 will be accepted. For example, if no audiences are in the setting,
 LibraryService API will only accept JWTs with the following audience
 "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
 Example:
     audiences: bookstore_android.apps.googleusercontent.com,
                bookstore_web.apps.googleusercontent.com
 

string audiences = 4;

Returns:

The audiences.

getAudiencesBytes

com.google.protobuf.ByteString getAudiencesBytes()

 The list of JWT
 [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
 that are allowed to access. A JWT containing any of these audiences will
 be accepted. When this setting is absent, only JWTs with audience
 "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]"
 will be accepted. For example, if no audiences are in the setting,
 LibraryService API will only accept JWTs with the following audience
 "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
 Example:
     audiences: bookstore_android.apps.googleusercontent.com,
                bookstore_web.apps.googleusercontent.com
 

string audiences = 4;

Returns:

The bytes for audiences.

getAuthorizationUrl

String getAuthorizationUrl()

 Redirect URL if JWT token is required but not present or is expired.
 Implement authorizationUrl of securityDefinitions in OpenAPI spec.
 

string authorization_url = 5;

Returns:

The authorizationUrl.

getAuthorizationUrlBytes

com.google.protobuf.ByteString getAuthorizationUrlBytes()

 Redirect URL if JWT token is required but not present or is expired.
 Implement authorizationUrl of securityDefinitions in OpenAPI spec.
 

string authorization_url = 5;

Returns:

The bytes for authorizationUrl.

getJwtLocationsList

List<JwtLocation> getJwtLocationsList()

 Defines the locations to extract the JWT.
 JWT locations can be either from HTTP headers or URL query parameters.
 The rule is that the first match wins. The checking order is: checking
 all headers first, then URL query parameters.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
 

repeated .google.api.JwtLocation jwt_locations = 6;

getJwtLocations

JwtLocation getJwtLocations(int index)

 Defines the locations to extract the JWT.
 JWT locations can be either from HTTP headers or URL query parameters.
 The rule is that the first match wins. The checking order is: checking
 all headers first, then URL query parameters.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
 

repeated .google.api.JwtLocation jwt_locations = 6;

getJwtLocationsCount

int getJwtLocationsCount()

 Defines the locations to extract the JWT.
 JWT locations can be either from HTTP headers or URL query parameters.
 The rule is that the first match wins. The checking order is: checking
 all headers first, then URL query parameters.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
 

repeated .google.api.JwtLocation jwt_locations = 6;

getJwtLocationsOrBuilderList

List<? extends JwtLocationOrBuilder> getJwtLocationsOrBuilderList()

 Defines the locations to extract the JWT.
 JWT locations can be either from HTTP headers or URL query parameters.
 The rule is that the first match wins. The checking order is: checking
 all headers first, then URL query parameters.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
 

repeated .google.api.JwtLocation jwt_locations = 6;

getJwtLocationsOrBuilder

JwtLocationOrBuilder getJwtLocationsOrBuilder(int index)

 Defines the locations to extract the JWT.
 JWT locations can be either from HTTP headers or URL query parameters.
 The rule is that the first match wins. The checking order is: checking
 all headers first, then URL query parameters.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
 

repeated .google.api.JwtLocation jwt_locations = 6;