public interface AuthProviderOrBuilder
extends com.google.protobuf.MessageOrBuilder
| Modifier and Type | Method and Description |
|---|---|
String |
getAudiences()
The list of JWT
[audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
|
com.google.protobuf.ByteString |
getAudiencesBytes()
The list of JWT
[audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
|
String |
getAuthorizationUrl()
Redirect URL if JWT token is required but not present or is expired.
|
com.google.protobuf.ByteString |
getAuthorizationUrlBytes()
Redirect URL if JWT token is required but not present or is expired.
|
String |
getId()
The unique identifier of the auth provider.
|
com.google.protobuf.ByteString |
getIdBytes()
The unique identifier of the auth provider.
|
String |
getIssuer()
Identifies the principal that issued the JWT.
|
com.google.protobuf.ByteString |
getIssuerBytes()
Identifies the principal that issued the JWT.
|
String |
getJwksUri()
URL of the provider's public key set to validate signature of the JWT.
|
com.google.protobuf.ByteString |
getJwksUriBytes()
URL of the provider's public key set to validate signature of the JWT.
|
JwtLocation |
getJwtLocations(int index)
Defines the locations to extract the JWT.
|
int |
getJwtLocationsCount()
Defines the locations to extract the JWT.
|
List<JwtLocation> |
getJwtLocationsList()
Defines the locations to extract the JWT.
|
JwtLocationOrBuilder |
getJwtLocationsOrBuilder(int index)
Defines the locations to extract the JWT.
|
List<? extends JwtLocationOrBuilder> |
getJwtLocationsOrBuilderList()
Defines the locations to extract the JWT.
|
findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneofString getId()
The unique identifier of the auth provider. It will be referred to by `AuthRequirement.provider_id`. Example: "bookstore_auth".
string id = 1;com.google.protobuf.ByteString getIdBytes()
The unique identifier of the auth provider. It will be referred to by `AuthRequirement.provider_id`. Example: "bookstore_auth".
string id = 1;String getIssuer()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;com.google.protobuf.ByteString getIssuerBytes()
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
string issuer = 2;String getJwksUri()
URL of the provider's public key set to validate signature of the JWT. See
[OpenID
Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
Optional if the key set document:
- can be retrieved from
[OpenID
Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google
service account).
Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;com.google.protobuf.ByteString getJwksUriBytes()
URL of the provider's public key set to validate signature of the JWT. See
[OpenID
Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
Optional if the key set document:
- can be retrieved from
[OpenID
Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
of the issuer.
- can be inferred from the email domain of the issuer (e.g. a Google
service account).
Example: https://www.googleapis.com/oauth2/v1/certs
string jwks_uri = 3;String getAudiences()
The list of JWT
[audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
that are allowed to access. A JWT containing any of these audiences will
be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/"
will be accepted.
For example, if no audiences are in the setting, LibraryService API will
accept JWTs with the following audiences:
-
https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/
Example:
audiences: bookstore_android.apps.googleusercontent.com,
bookstore_web.apps.googleusercontent.com
string audiences = 4;com.google.protobuf.ByteString getAudiencesBytes()
The list of JWT
[audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
that are allowed to access. A JWT containing any of these audiences will
be accepted. When this setting is absent, JWTs with audiences:
- "https://[service.name]/[google.protobuf.Api.name]"
- "https://[service.name]/"
will be accepted.
For example, if no audiences are in the setting, LibraryService API will
accept JWTs with the following audiences:
-
https://library-example.googleapis.com/google.example.library.v1.LibraryService
- https://library-example.googleapis.com/
Example:
audiences: bookstore_android.apps.googleusercontent.com,
bookstore_web.apps.googleusercontent.com
string audiences = 4;String getAuthorizationUrl()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;com.google.protobuf.ByteString getAuthorizationUrlBytes()
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
string authorization_url = 5;List<JwtLocation> getJwtLocationsList()
Defines the locations to extract the JWT. For now it is only used by the
Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
(https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
JWT locations can be one of HTTP headers, URL query parameters or
cookies. The rule is that the first match wins.
If not specified, default to use following 3 locations:
1) Authorization: Bearer
2) x-goog-iap-jwt-assertion
3) access_token query parameter
Default locations can be specified as followings:
jwt_locations:
- header: Authorization
value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;JwtLocation getJwtLocations(int index)
Defines the locations to extract the JWT. For now it is only used by the
Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
(https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
JWT locations can be one of HTTP headers, URL query parameters or
cookies. The rule is that the first match wins.
If not specified, default to use following 3 locations:
1) Authorization: Bearer
2) x-goog-iap-jwt-assertion
3) access_token query parameter
Default locations can be specified as followings:
jwt_locations:
- header: Authorization
value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;int getJwtLocationsCount()
Defines the locations to extract the JWT. For now it is only used by the
Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
(https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
JWT locations can be one of HTTP headers, URL query parameters or
cookies. The rule is that the first match wins.
If not specified, default to use following 3 locations:
1) Authorization: Bearer
2) x-goog-iap-jwt-assertion
3) access_token query parameter
Default locations can be specified as followings:
jwt_locations:
- header: Authorization
value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;List<? extends JwtLocationOrBuilder> getJwtLocationsOrBuilderList()
Defines the locations to extract the JWT. For now it is only used by the
Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
(https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
JWT locations can be one of HTTP headers, URL query parameters or
cookies. The rule is that the first match wins.
If not specified, default to use following 3 locations:
1) Authorization: Bearer
2) x-goog-iap-jwt-assertion
3) access_token query parameter
Default locations can be specified as followings:
jwt_locations:
- header: Authorization
value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;JwtLocationOrBuilder getJwtLocationsOrBuilder(int index)
Defines the locations to extract the JWT. For now it is only used by the
Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
(https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
JWT locations can be one of HTTP headers, URL query parameters or
cookies. The rule is that the first match wins.
If not specified, default to use following 3 locations:
1) Authorization: Bearer
2) x-goog-iap-jwt-assertion
3) access_token query parameter
Default locations can be specified as followings:
jwt_locations:
- header: Authorization
value_prefix: "Bearer "
- header: x-goog-iap-jwt-assertion
- query: access_token
repeated .google.api.JwtLocation jwt_locations = 6;Copyright © 2022 Google LLC. All rights reserved.