genproto: google.golang.org/genproto/googleapis/iam/credentials/v1 Index | Files

package credentials

import "google.golang.org/genproto/googleapis/iam/credentials/v1"

Index

Package Files

common.pb.go iamcredentials.pb.go

Variables

var File_google_iam_credentials_v1_common_proto protoreflect.FileDescriptor
var File_google_iam_credentials_v1_iamcredentials_proto protoreflect.FileDescriptor

func RegisterIAMCredentialsServer Uses

func RegisterIAMCredentialsServer(s *grpc.Server, srv IAMCredentialsServer)

type GenerateAccessTokenRequest Uses

type GenerateAccessTokenRequest struct {

    // Required. The resource name of the service account for which the credentials
    // are requested, in the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // The sequence of service accounts in a delegation chain. Each service
    // account must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on its next service account in the chain. The last service account in the
    // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on the service account that is specified in the `name` field of the
    // request.
    //
    // The delegates must have the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Delegates []string `protobuf:"bytes,2,rep,name=delegates,proto3" json:"delegates,omitempty"`
    // Required. Code to identify the scopes to be included in the OAuth 2.0 access token.
    // See https://developers.google.com/identity/protocols/googlescopes for more
    // information.
    // At least one value required.
    Scope []string `protobuf:"bytes,4,rep,name=scope,proto3" json:"scope,omitempty"`
    // The desired lifetime duration of the access token in seconds.
    // Must be set to a value less than or equal to 3600 (1 hour). If a value is
    // not specified, the token's lifetime will be set to a default value of one
    // hour.
    Lifetime *duration.Duration `protobuf:"bytes,7,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
    // contains filtered or unexported fields
}

func (*GenerateAccessTokenRequest) Descriptor Uses

func (*GenerateAccessTokenRequest) Descriptor() ([]byte, []int)

Deprecated: Use GenerateAccessTokenRequest.ProtoReflect.Descriptor instead.

func (*GenerateAccessTokenRequest) GetDelegates Uses

func (x *GenerateAccessTokenRequest) GetDelegates() []string

func (*GenerateAccessTokenRequest) GetLifetime Uses

func (x *GenerateAccessTokenRequest) GetLifetime() *duration.Duration

func (*GenerateAccessTokenRequest) GetName Uses

func (x *GenerateAccessTokenRequest) GetName() string

func (*GenerateAccessTokenRequest) GetScope Uses

func (x *GenerateAccessTokenRequest) GetScope() []string

func (*GenerateAccessTokenRequest) ProtoMessage Uses

func (*GenerateAccessTokenRequest) ProtoMessage()

func (*GenerateAccessTokenRequest) ProtoReflect Uses

func (x *GenerateAccessTokenRequest) ProtoReflect() protoreflect.Message

func (*GenerateAccessTokenRequest) Reset Uses

func (x *GenerateAccessTokenRequest) Reset()

func (*GenerateAccessTokenRequest) String Uses

func (x *GenerateAccessTokenRequest) String() string

type GenerateAccessTokenResponse Uses

type GenerateAccessTokenResponse struct {

    // The OAuth 2.0 access token.
    AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
    // Token expiration time.
    // The expiration time is always set.
    ExpireTime *timestamp.Timestamp `protobuf:"bytes,3,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`
    // contains filtered or unexported fields
}

func (*GenerateAccessTokenResponse) Descriptor Uses

func (*GenerateAccessTokenResponse) Descriptor() ([]byte, []int)

Deprecated: Use GenerateAccessTokenResponse.ProtoReflect.Descriptor instead.

func (*GenerateAccessTokenResponse) GetAccessToken Uses

func (x *GenerateAccessTokenResponse) GetAccessToken() string

func (*GenerateAccessTokenResponse) GetExpireTime Uses

func (x *GenerateAccessTokenResponse) GetExpireTime() *timestamp.Timestamp

func (*GenerateAccessTokenResponse) ProtoMessage Uses

func (*GenerateAccessTokenResponse) ProtoMessage()

func (*GenerateAccessTokenResponse) ProtoReflect Uses

func (x *GenerateAccessTokenResponse) ProtoReflect() protoreflect.Message

func (*GenerateAccessTokenResponse) Reset Uses

func (x *GenerateAccessTokenResponse) Reset()

func (*GenerateAccessTokenResponse) String Uses

func (x *GenerateAccessTokenResponse) String() string

type GenerateIdTokenRequest Uses

type GenerateIdTokenRequest struct {

    // Required. The resource name of the service account for which the credentials
    // are requested, in the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // The sequence of service accounts in a delegation chain. Each service
    // account must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on its next service account in the chain. The last service account in the
    // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on the service account that is specified in the `name` field of the
    // request.
    //
    // The delegates must have the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Delegates []string `protobuf:"bytes,2,rep,name=delegates,proto3" json:"delegates,omitempty"`
    // Required. The audience for the token, such as the API or account that this token
    // grants access to.
    Audience string `protobuf:"bytes,3,opt,name=audience,proto3" json:"audience,omitempty"`
    // Include the service account email in the token. If set to `true`, the
    // token will contain `email` and `email_verified` claims.
    IncludeEmail bool `protobuf:"varint,4,opt,name=include_email,json=includeEmail,proto3" json:"include_email,omitempty"`
    // contains filtered or unexported fields
}

func (*GenerateIdTokenRequest) Descriptor Uses

func (*GenerateIdTokenRequest) Descriptor() ([]byte, []int)

Deprecated: Use GenerateIdTokenRequest.ProtoReflect.Descriptor instead.

func (*GenerateIdTokenRequest) GetAudience Uses

func (x *GenerateIdTokenRequest) GetAudience() string

func (*GenerateIdTokenRequest) GetDelegates Uses

func (x *GenerateIdTokenRequest) GetDelegates() []string

func (*GenerateIdTokenRequest) GetIncludeEmail Uses

func (x *GenerateIdTokenRequest) GetIncludeEmail() bool

func (*GenerateIdTokenRequest) GetName Uses

func (x *GenerateIdTokenRequest) GetName() string

func (*GenerateIdTokenRequest) ProtoMessage Uses

func (*GenerateIdTokenRequest) ProtoMessage()

func (*GenerateIdTokenRequest) ProtoReflect Uses

func (x *GenerateIdTokenRequest) ProtoReflect() protoreflect.Message

func (*GenerateIdTokenRequest) Reset Uses

func (x *GenerateIdTokenRequest) Reset()

func (*GenerateIdTokenRequest) String Uses

func (x *GenerateIdTokenRequest) String() string

type GenerateIdTokenResponse Uses

type GenerateIdTokenResponse struct {

    // The OpenId Connect ID token.
    Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
    // contains filtered or unexported fields
}

func (*GenerateIdTokenResponse) Descriptor Uses

func (*GenerateIdTokenResponse) Descriptor() ([]byte, []int)

Deprecated: Use GenerateIdTokenResponse.ProtoReflect.Descriptor instead.

func (*GenerateIdTokenResponse) GetToken Uses

func (x *GenerateIdTokenResponse) GetToken() string

func (*GenerateIdTokenResponse) ProtoMessage Uses

func (*GenerateIdTokenResponse) ProtoMessage()

func (*GenerateIdTokenResponse) ProtoReflect Uses

func (x *GenerateIdTokenResponse) ProtoReflect() protoreflect.Message

func (*GenerateIdTokenResponse) Reset Uses

func (x *GenerateIdTokenResponse) Reset()

func (*GenerateIdTokenResponse) String Uses

func (x *GenerateIdTokenResponse) String() string

type IAMCredentialsClient Uses

type IAMCredentialsClient interface {
    // Generates an OAuth 2.0 access token for a service account.
    GenerateAccessToken(ctx context.Context, in *GenerateAccessTokenRequest, opts ...grpc.CallOption) (*GenerateAccessTokenResponse, error)
    // Generates an OpenID Connect ID token for a service account.
    GenerateIdToken(ctx context.Context, in *GenerateIdTokenRequest, opts ...grpc.CallOption) (*GenerateIdTokenResponse, error)
    // Signs a blob using a service account's system-managed private key.
    SignBlob(ctx context.Context, in *SignBlobRequest, opts ...grpc.CallOption) (*SignBlobResponse, error)
    // Signs a JWT using a service account's system-managed private key.
    SignJwt(ctx context.Context, in *SignJwtRequest, opts ...grpc.CallOption) (*SignJwtResponse, error)
}

IAMCredentialsClient is the client API for IAMCredentials service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewIAMCredentialsClient Uses

func NewIAMCredentialsClient(cc grpc.ClientConnInterface) IAMCredentialsClient

type IAMCredentialsServer Uses

type IAMCredentialsServer interface {
    // Generates an OAuth 2.0 access token for a service account.
    GenerateAccessToken(context.Context, *GenerateAccessTokenRequest) (*GenerateAccessTokenResponse, error)
    // Generates an OpenID Connect ID token for a service account.
    GenerateIdToken(context.Context, *GenerateIdTokenRequest) (*GenerateIdTokenResponse, error)
    // Signs a blob using a service account's system-managed private key.
    SignBlob(context.Context, *SignBlobRequest) (*SignBlobResponse, error)
    // Signs a JWT using a service account's system-managed private key.
    SignJwt(context.Context, *SignJwtRequest) (*SignJwtResponse, error)
}

IAMCredentialsServer is the server API for IAMCredentials service.

type SignBlobRequest Uses

type SignBlobRequest struct {

    // Required. The resource name of the service account for which the credentials
    // are requested, in the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // The sequence of service accounts in a delegation chain. Each service
    // account must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on its next service account in the chain. The last service account in the
    // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on the service account that is specified in the `name` field of the
    // request.
    //
    // The delegates must have the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Delegates []string `protobuf:"bytes,3,rep,name=delegates,proto3" json:"delegates,omitempty"`
    // Required. The bytes to sign.
    Payload []byte `protobuf:"bytes,5,opt,name=payload,proto3" json:"payload,omitempty"`
    // contains filtered or unexported fields
}

func (*SignBlobRequest) Descriptor Uses

func (*SignBlobRequest) Descriptor() ([]byte, []int)

Deprecated: Use SignBlobRequest.ProtoReflect.Descriptor instead.

func (*SignBlobRequest) GetDelegates Uses

func (x *SignBlobRequest) GetDelegates() []string

func (*SignBlobRequest) GetName Uses

func (x *SignBlobRequest) GetName() string

func (*SignBlobRequest) GetPayload Uses

func (x *SignBlobRequest) GetPayload() []byte

func (*SignBlobRequest) ProtoMessage Uses

func (*SignBlobRequest) ProtoMessage()

func (*SignBlobRequest) ProtoReflect Uses

func (x *SignBlobRequest) ProtoReflect() protoreflect.Message

func (*SignBlobRequest) Reset Uses

func (x *SignBlobRequest) Reset()

func (*SignBlobRequest) String Uses

func (x *SignBlobRequest) String() string

type SignBlobResponse Uses

type SignBlobResponse struct {

    // The ID of the key used to sign the blob.
    KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
    // The signed blob.
    SignedBlob []byte `protobuf:"bytes,4,opt,name=signed_blob,json=signedBlob,proto3" json:"signed_blob,omitempty"`
    // contains filtered or unexported fields
}

func (*SignBlobResponse) Descriptor Uses

func (*SignBlobResponse) Descriptor() ([]byte, []int)

Deprecated: Use SignBlobResponse.ProtoReflect.Descriptor instead.

func (*SignBlobResponse) GetKeyId Uses

func (x *SignBlobResponse) GetKeyId() string

func (*SignBlobResponse) GetSignedBlob Uses

func (x *SignBlobResponse) GetSignedBlob() []byte

func (*SignBlobResponse) ProtoMessage Uses

func (*SignBlobResponse) ProtoMessage()

func (*SignBlobResponse) ProtoReflect Uses

func (x *SignBlobResponse) ProtoReflect() protoreflect.Message

func (*SignBlobResponse) Reset Uses

func (x *SignBlobResponse) Reset()

func (*SignBlobResponse) String Uses

func (x *SignBlobResponse) String() string

type SignJwtRequest Uses

type SignJwtRequest struct {

    // Required. The resource name of the service account for which the credentials
    // are requested, in the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
    // The sequence of service accounts in a delegation chain. Each service
    // account must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on its next service account in the chain. The last service account in the
    // chain must be granted the `roles/iam.serviceAccountTokenCreator` role
    // on the service account that is specified in the `name` field of the
    // request.
    //
    // The delegates must have the following format:
    // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
    // character is required; replacing it with a project ID is invalid.
    Delegates []string `protobuf:"bytes,3,rep,name=delegates,proto3" json:"delegates,omitempty"`
    // Required. The JWT payload to sign: a JSON object that contains a JWT Claims Set.
    Payload string `protobuf:"bytes,5,opt,name=payload,proto3" json:"payload,omitempty"`
    // contains filtered or unexported fields
}

func (*SignJwtRequest) Descriptor Uses

func (*SignJwtRequest) Descriptor() ([]byte, []int)

Deprecated: Use SignJwtRequest.ProtoReflect.Descriptor instead.

func (*SignJwtRequest) GetDelegates Uses

func (x *SignJwtRequest) GetDelegates() []string

func (*SignJwtRequest) GetName Uses

func (x *SignJwtRequest) GetName() string

func (*SignJwtRequest) GetPayload Uses

func (x *SignJwtRequest) GetPayload() string

func (*SignJwtRequest) ProtoMessage Uses

func (*SignJwtRequest) ProtoMessage()

func (*SignJwtRequest) ProtoReflect Uses

func (x *SignJwtRequest) ProtoReflect() protoreflect.Message

func (*SignJwtRequest) Reset Uses

func (x *SignJwtRequest) Reset()

func (*SignJwtRequest) String Uses

func (x *SignJwtRequest) String() string

type SignJwtResponse Uses

type SignJwtResponse struct {

    // The ID of the key used to sign the JWT.
    KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
    // The signed JWT.
    SignedJwt string `protobuf:"bytes,2,opt,name=signed_jwt,json=signedJwt,proto3" json:"signed_jwt,omitempty"`
    // contains filtered or unexported fields
}

func (*SignJwtResponse) Descriptor Uses

func (*SignJwtResponse) Descriptor() ([]byte, []int)

Deprecated: Use SignJwtResponse.ProtoReflect.Descriptor instead.

func (*SignJwtResponse) GetKeyId Uses

func (x *SignJwtResponse) GetKeyId() string

func (*SignJwtResponse) GetSignedJwt Uses

func (x *SignJwtResponse) GetSignedJwt() string

func (*SignJwtResponse) ProtoMessage Uses

func (*SignJwtResponse) ProtoMessage()

func (*SignJwtResponse) ProtoReflect Uses

func (x *SignJwtResponse) ProtoReflect() protoreflect.Message

func (*SignJwtResponse) Reset Uses

func (x *SignJwtResponse) Reset()

func (*SignJwtResponse) String Uses

func (x *SignJwtResponse) String() string

type UnimplementedIAMCredentialsServer Uses

type UnimplementedIAMCredentialsServer struct {
}

UnimplementedIAMCredentialsServer can be embedded to have forward compatible implementations.

func (*UnimplementedIAMCredentialsServer) GenerateAccessToken Uses

func (*UnimplementedIAMCredentialsServer) GenerateAccessToken(context.Context, *GenerateAccessTokenRequest) (*GenerateAccessTokenResponse, error)

func (*UnimplementedIAMCredentialsServer) GenerateIdToken Uses

func (*UnimplementedIAMCredentialsServer) GenerateIdToken(context.Context, *GenerateIdTokenRequest) (*GenerateIdTokenResponse, error)

func (*UnimplementedIAMCredentialsServer) SignBlob Uses

func (*UnimplementedIAMCredentialsServer) SignBlob(context.Context, *SignBlobRequest) (*SignBlobResponse, error)

func (*UnimplementedIAMCredentialsServer) SignJwt Uses

func (*UnimplementedIAMCredentialsServer) SignJwt(context.Context, *SignJwtRequest) (*SignJwtResponse, error)

Package credentials imports 12 packages (graph) and is imported by 4 packages. Updated 2020-08-13. Refresh now. Tools for package owners.