Class: Google::Api::AuthProvider

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/api/auth.rb

Overview

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Instance Attribute Summary collapse

Instance Attribute Details

#audiences::String

Returns The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

Example:

audiences: bookstore_android.apps.googleusercontent.com,
           bookstore_web.apps.googleusercontent.com.

Returns:



182
183
184
185
# File 'proto_docs/google/api/auth.rb', line 182

class AuthProvider
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#authorization_url::String

Returns Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.

Returns:

  • (::String)

    Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.



182
183
184
185
# File 'proto_docs/google/api/auth.rb', line 182

class AuthProvider
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#id::String

Returns The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

Example: "bookstore_auth".

Returns:

  • (::String)

    The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

    Example: "bookstore_auth".



182
183
184
185
# File 'proto_docs/google/api/auth.rb', line 182

class AuthProvider
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#issuer::String

Returns Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

Example: https://securetoken.google.com Example: [email protected].

Returns:



182
183
184
185
# File 'proto_docs/google/api/auth.rb', line 182

class AuthProvider
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#jwks_uri::String

Returns URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

  • can be retrieved from OpenID Discovery of the issuer.
  • can be inferred from the email domain of the issuer (e.g. a Google service account).

Example: https://www.googleapis.com/oauth2/v1/certs.

Returns:



182
183
184
185
# File 'proto_docs/google/api/auth.rb', line 182

class AuthProvider
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end

#jwt_locations::Array<::Google::Api::JwtLocation>

Returns Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations

JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins.

If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

Default locations can be specified as followings: jwt_locations:

  • header: Authorization value_prefix: "Bearer "
  • header: x-goog-iap-jwt-assertion
  • query: access_token.

Returns:

  • (::Array<::Google::Api::JwtLocation>)

    Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension x-google-jwt-locations

    JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins.

    If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter

    Default locations can be specified as followings: jwt_locations:

    • header: Authorization value_prefix: "Bearer "
    • header: x-goog-iap-jwt-assertion
    • query: access_token


182
183
184
185
# File 'proto_docs/google/api/auth.rb', line 182

class AuthProvider
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods
end