Package com.google.api

Interface AuthProviderOrBuilder

  • All Superinterfaces:
    com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
    All Known Implementing Classes:
    AuthProvider, AuthProvider.Builder
    public interface AuthProviderOrBuilder
extends com.google.protobuf.MessageOrBuilder

    • Method Summary

      All Methods Instance Methods Abstract Methods 
      Modifier and Type Method Description
      String getAudiences()
      The list of JWT [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
      com.google.protobuf.ByteString getAudiencesBytes()
      The list of JWT [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
      String getAuthorizationUrl()
      Redirect URL if JWT token is required but not present or is expired.
      com.google.protobuf.ByteString getAuthorizationUrlBytes()
      Redirect URL if JWT token is required but not present or is expired.
      String getId()
      The unique identifier of the auth provider.
      com.google.protobuf.ByteString getIdBytes()
      The unique identifier of the auth provider.
      String getIssuer()
      Identifies the principal that issued the JWT.
      com.google.protobuf.ByteString getIssuerBytes()
      Identifies the principal that issued the JWT.
      String getJwksUri()
      URL of the provider's public key set to validate signature of the JWT.
      com.google.protobuf.ByteString getJwksUriBytes()
      URL of the provider's public key set to validate signature of the JWT.
      JwtLocation getJwtLocations​(int index)
      Defines the locations to extract the JWT.
      int getJwtLocationsCount()
      Defines the locations to extract the JWT.
      List<JwtLocation> getJwtLocationsList()
      Defines the locations to extract the JWT.
      JwtLocationOrBuilder getJwtLocationsOrBuilder​(int index)
      Defines the locations to extract the JWT.
      List<? extends JwtLocationOrBuilder> getJwtLocationsOrBuilderList()
      Defines the locations to extract the JWT.

      • Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

        isInitialized

      • Methods inherited from interface com.google.protobuf.MessageOrBuilder

        findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

    • Method Detail

      • getId

        String getId()
         The unique identifier of the auth provider. It will be referred to by
 `AuthRequirement.provider_id`.
 Example: "bookstore_auth".
        string id = 1;
        Returns:
        The id.

      • getIdBytes

        com.google.protobuf.ByteString getIdBytes()
         The unique identifier of the auth provider. It will be referred to by
 `AuthRequirement.provider_id`.
 Example: "bookstore_auth".
        string id = 1;
        Returns:
        The bytes for id.

      • getIssuer

        String getIssuer()
         Identifies the principal that issued the JWT. See
 https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
 Usually a URL or an email address.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com
        string issuer = 2;
        Returns:
        The issuer.

      • getIssuerBytes

        com.google.protobuf.ByteString getIssuerBytes()
         Identifies the principal that issued the JWT. See
 https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
 Usually a URL or an email address.
 Example: https://securetoken.google.com
 Example: 1234567-compute@developer.gserviceaccount.com
        string issuer = 2;
        Returns:
        The bytes for issuer.

      • getJwksUri

        String getJwksUri()
         URL of the provider's public key set to validate signature of the JWT. See
 [OpenID
 Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
 Optional if the key set document:
  - can be retrieved from
    [OpenID
    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
    of the issuer.
  - can be inferred from the email domain of the issuer (e.g. a Google
  service account).
 Example: https://www.googleapis.com/oauth2/v1/certs
        string jwks_uri = 3;
        Returns:
        The jwksUri.

      • getJwksUriBytes

        com.google.protobuf.ByteString getJwksUriBytes()
         URL of the provider's public key set to validate signature of the JWT. See
 [OpenID
 Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
 Optional if the key set document:
  - can be retrieved from
    [OpenID
    Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
    of the issuer.
  - can be inferred from the email domain of the issuer (e.g. a Google
  service account).
 Example: https://www.googleapis.com/oauth2/v1/certs
        string jwks_uri = 3;
        Returns:
        The bytes for jwksUri.

      • getAudiences

        String getAudiences()
         The list of JWT
 [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
 that are allowed to access. A JWT containing any of these audiences will
 be accepted. When this setting is absent, JWTs with audiences:
   - "https://[service.name]/[google.protobuf.Api.name]"
   - "https://[service.name]/"
 will be accepted.
 For example, if no audiences are in the setting, LibraryService API will
 accept JWTs with the following audiences:
   -
   https://library-example.googleapis.com/google.example.library.v1.LibraryService
   - https://library-example.googleapis.com/
 Example:
     audiences: bookstore_android.apps.googleusercontent.com,
                bookstore_web.apps.googleusercontent.com
        string audiences = 4;
        Returns:
        The audiences.

      • getAudiencesBytes

        com.google.protobuf.ByteString getAudiencesBytes()
         The list of JWT
 [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
 that are allowed to access. A JWT containing any of these audiences will
 be accepted. When this setting is absent, JWTs with audiences:
   - "https://[service.name]/[google.protobuf.Api.name]"
   - "https://[service.name]/"
 will be accepted.
 For example, if no audiences are in the setting, LibraryService API will
 accept JWTs with the following audiences:
   -
   https://library-example.googleapis.com/google.example.library.v1.LibraryService
   - https://library-example.googleapis.com/
 Example:
     audiences: bookstore_android.apps.googleusercontent.com,
                bookstore_web.apps.googleusercontent.com
        string audiences = 4;
        Returns:
        The bytes for audiences.

      • getAuthorizationUrl

        String getAuthorizationUrl()
         Redirect URL if JWT token is required but not present or is expired.
 Implement authorizationUrl of securityDefinitions in OpenAPI spec.
        string authorization_url = 5;
        Returns:
        The authorizationUrl.

      • getAuthorizationUrlBytes

        com.google.protobuf.ByteString getAuthorizationUrlBytes()
         Redirect URL if JWT token is required but not present or is expired.
 Implement authorizationUrl of securityDefinitions in OpenAPI spec.
        string authorization_url = 5;
        Returns:
        The bytes for authorizationUrl.

      • getJwtLocationsList

        List<JwtLocation> getJwtLocationsList()
         Defines the locations to extract the JWT.  For now it is only used by the
 Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
 (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
 JWT locations can be one of HTTP headers, URL query parameters or
 cookies. The rule is that the first match wins.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
        repeated .google.api.JwtLocation jwt_locations = 6;

      • getJwtLocations

        JwtLocation getJwtLocations​(int index)
         Defines the locations to extract the JWT.  For now it is only used by the
 Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
 (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
 JWT locations can be one of HTTP headers, URL query parameters or
 cookies. The rule is that the first match wins.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
        repeated .google.api.JwtLocation jwt_locations = 6;

      • getJwtLocationsCount

        int getJwtLocationsCount()
         Defines the locations to extract the JWT.  For now it is only used by the
 Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
 (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
 JWT locations can be one of HTTP headers, URL query parameters or
 cookies. The rule is that the first match wins.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
        repeated .google.api.JwtLocation jwt_locations = 6;

      • getJwtLocationsOrBuilderList

        List<? extends JwtLocationOrBuilder> getJwtLocationsOrBuilderList()
         Defines the locations to extract the JWT.  For now it is only used by the
 Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
 (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
 JWT locations can be one of HTTP headers, URL query parameters or
 cookies. The rule is that the first match wins.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
        repeated .google.api.JwtLocation jwt_locations = 6;

      • getJwtLocationsOrBuilder

        JwtLocationOrBuilder getJwtLocationsOrBuilder​(int index)
         Defines the locations to extract the JWT.  For now it is only used by the
 Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
 (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
 JWT locations can be one of HTTP headers, URL query parameters or
 cookies. The rule is that the first match wins.
 If not specified,  default to use following 3 locations:
    1) Authorization: Bearer
    2) x-goog-iap-jwt-assertion
    3) access_token query parameter
 Default locations can be specified as followings:
    jwt_locations:
    - header: Authorization
      value_prefix: "Bearer "
    - header: x-goog-iap-jwt-assertion
    - query: access_token
        repeated .google.api.JwtLocation jwt_locations = 6;