1// Code generated by protoc-gen-go. DO NOT EDIT. 2// source: google/api/auth.proto 3 4package serviceconfig // import "google.golang.org/genproto/googleapis/api/serviceconfig" 5 6import proto "github.com/golang/protobuf/proto" 7import fmt "fmt" 8import math "math" 9import _ "google.golang.org/genproto/googleapis/api/annotations" 10 11// Reference imports to suppress errors if they are not otherwise used. 12var _ = proto.Marshal 13var _ = fmt.Errorf 14var _ = math.Inf 15 16// This is a compile-time assertion to ensure that this generated file 17// is compatible with the proto package it is being compiled against. 18// A compilation error at this line likely means your copy of the 19// proto package needs to be updated. 20const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package 21 22// `Authentication` defines the authentication configuration for an API. 23// 24// Example for an API targeted for external use: 25// 26// name: calendar.googleapis.com 27// authentication: 28// providers: 29// - id: google_calendar_auth 30// jwks_uri: https://www.googleapis.com/oauth2/v1/certs 31// issuer: https://securetoken.google.com 32// rules: 33// - selector: "*" 34// requirements: 35// provider_id: google_calendar_auth 36type Authentication struct { 37 // A list of authentication rules that apply to individual API methods. 38 // 39 // **NOTE:** All service configuration rules follow "last one wins" order. 40 Rules []*AuthenticationRule `protobuf:"bytes,3,rep,name=rules,proto3" json:"rules,omitempty"` 41 // Defines a set of authentication providers that a service supports. 42 Providers []*AuthProvider `protobuf:"bytes,4,rep,name=providers,proto3" json:"providers,omitempty"` 43 XXX_NoUnkeyedLiteral struct{} `json:"-"` 44 XXX_unrecognized []byte `json:"-"` 45 XXX_sizecache int32 `json:"-"` 46} 47 48func (m *Authentication) Reset() { *m = Authentication{} } 49func (m *Authentication) String() string { return proto.CompactTextString(m) } 50func (*Authentication) ProtoMessage() {} 51func (*Authentication) Descriptor() ([]byte, []int) { 52 return fileDescriptor_auth_88c4f5ae0863ae9c, []int{0} 53} 54func (m *Authentication) XXX_Unmarshal(b []byte) error { 55 return xxx_messageInfo_Authentication.Unmarshal(m, b) 56} 57func (m *Authentication) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { 58 return xxx_messageInfo_Authentication.Marshal(b, m, deterministic) 59} 60func (dst *Authentication) XXX_Merge(src proto.Message) { 61 xxx_messageInfo_Authentication.Merge(dst, src) 62} 63func (m *Authentication) XXX_Size() int { 64 return xxx_messageInfo_Authentication.Size(m) 65} 66func (m *Authentication) XXX_DiscardUnknown() { 67 xxx_messageInfo_Authentication.DiscardUnknown(m) 68} 69 70var xxx_messageInfo_Authentication proto.InternalMessageInfo 71 72func (m *Authentication) GetRules() []*AuthenticationRule { 73 if m != nil { 74 return m.Rules 75 } 76 return nil 77} 78 79func (m *Authentication) GetProviders() []*AuthProvider { 80 if m != nil { 81 return m.Providers 82 } 83 return nil 84} 85 86// Authentication rules for the service. 87// 88// By default, if a method has any authentication requirements, every request 89// must include a valid credential matching one of the requirements. 90// It's an error to include more than one kind of credential in a single 91// request. 92// 93// If a method doesn't have any auth requirements, request credentials will be 94// ignored. 95type AuthenticationRule struct { 96 // Selects the methods to which this rule applies. 97 // 98 // Refer to [selector][google.api.DocumentationRule.selector] for syntax details. 99 Selector string `protobuf:"bytes,1,opt,name=selector,proto3" json:"selector,omitempty"` 100 // The requirements for OAuth credentials. 101 Oauth *OAuthRequirements `protobuf:"bytes,2,opt,name=oauth,proto3" json:"oauth,omitempty"` 102 // If true, the service accepts API keys without any other credential. 103 AllowWithoutCredential bool `protobuf:"varint,5,opt,name=allow_without_credential,json=allowWithoutCredential,proto3" json:"allow_without_credential,omitempty"` 104 // Requirements for additional authentication providers. 105 Requirements []*AuthRequirement `protobuf:"bytes,7,rep,name=requirements,proto3" json:"requirements,omitempty"` 106 XXX_NoUnkeyedLiteral struct{} `json:"-"` 107 XXX_unrecognized []byte `json:"-"` 108 XXX_sizecache int32 `json:"-"` 109} 110 111func (m *AuthenticationRule) Reset() { *m = AuthenticationRule{} } 112func (m *AuthenticationRule) String() string { return proto.CompactTextString(m) } 113func (*AuthenticationRule) ProtoMessage() {} 114func (*AuthenticationRule) Descriptor() ([]byte, []int) { 115 return fileDescriptor_auth_88c4f5ae0863ae9c, []int{1} 116} 117func (m *AuthenticationRule) XXX_Unmarshal(b []byte) error { 118 return xxx_messageInfo_AuthenticationRule.Unmarshal(m, b) 119} 120func (m *AuthenticationRule) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { 121 return xxx_messageInfo_AuthenticationRule.Marshal(b, m, deterministic) 122} 123func (dst *AuthenticationRule) XXX_Merge(src proto.Message) { 124 xxx_messageInfo_AuthenticationRule.Merge(dst, src) 125} 126func (m *AuthenticationRule) XXX_Size() int { 127 return xxx_messageInfo_AuthenticationRule.Size(m) 128} 129func (m *AuthenticationRule) XXX_DiscardUnknown() { 130 xxx_messageInfo_AuthenticationRule.DiscardUnknown(m) 131} 132 133var xxx_messageInfo_AuthenticationRule proto.InternalMessageInfo 134 135func (m *AuthenticationRule) GetSelector() string { 136 if m != nil { 137 return m.Selector 138 } 139 return "" 140} 141 142func (m *AuthenticationRule) GetOauth() *OAuthRequirements { 143 if m != nil { 144 return m.Oauth 145 } 146 return nil 147} 148 149func (m *AuthenticationRule) GetAllowWithoutCredential() bool { 150 if m != nil { 151 return m.AllowWithoutCredential 152 } 153 return false 154} 155 156func (m *AuthenticationRule) GetRequirements() []*AuthRequirement { 157 if m != nil { 158 return m.Requirements 159 } 160 return nil 161} 162 163// Configuration for an anthentication provider, including support for 164// [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). 165type AuthProvider struct { 166 // The unique identifier of the auth provider. It will be referred to by 167 // `AuthRequirement.provider_id`. 168 // 169 // Example: "bookstore_auth". 170 Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` 171 // Identifies the principal that issued the JWT. See 172 // https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 173 // Usually a URL or an email address. 174 // 175 // Example: https://securetoken.google.com 176 // Example: 1234567-compute@developer.gserviceaccount.com 177 Issuer string `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"` 178 // URL of the provider's public key set to validate signature of the JWT. See 179 // [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). 180 // Optional if the key set document: 181 // - can be retrieved from 182 // [OpenID Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html 183 // of the issuer. 184 // - can be inferred from the email domain of the issuer (e.g. a Google service account). 185 // 186 // Example: https://www.googleapis.com/oauth2/v1/certs 187 JwksUri string `protobuf:"bytes,3,opt,name=jwks_uri,json=jwksUri,proto3" json:"jwks_uri,omitempty"` 188 // The list of JWT 189 // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). 190 // that are allowed to access. A JWT containing any of these audiences will 191 // be accepted. When this setting is absent, only JWTs with audience 192 // "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]" 193 // will be accepted. For example, if no audiences are in the setting, 194 // LibraryService API will only accept JWTs with the following audience 195 // "https://library-example.googleapis.com/google.example.library.v1.LibraryService". 196 // 197 // Example: 198 // 199 // audiences: bookstore_android.apps.googleusercontent.com, 200 // bookstore_web.apps.googleusercontent.com 201 Audiences string `protobuf:"bytes,4,opt,name=audiences,proto3" json:"audiences,omitempty"` 202 // Redirect URL if JWT token is required but no present or is expired. 203 // Implement authorizationUrl of securityDefinitions in OpenAPI spec. 204 AuthorizationUrl string `protobuf:"bytes,5,opt,name=authorization_url,json=authorizationUrl,proto3" json:"authorization_url,omitempty"` 205 XXX_NoUnkeyedLiteral struct{} `json:"-"` 206 XXX_unrecognized []byte `json:"-"` 207 XXX_sizecache int32 `json:"-"` 208} 209 210func (m *AuthProvider) Reset() { *m = AuthProvider{} } 211func (m *AuthProvider) String() string { return proto.CompactTextString(m) } 212func (*AuthProvider) ProtoMessage() {} 213func (*AuthProvider) Descriptor() ([]byte, []int) { 214 return fileDescriptor_auth_88c4f5ae0863ae9c, []int{2} 215} 216func (m *AuthProvider) XXX_Unmarshal(b []byte) error { 217 return xxx_messageInfo_AuthProvider.Unmarshal(m, b) 218} 219func (m *AuthProvider) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { 220 return xxx_messageInfo_AuthProvider.Marshal(b, m, deterministic) 221} 222func (dst *AuthProvider) XXX_Merge(src proto.Message) { 223 xxx_messageInfo_AuthProvider.Merge(dst, src) 224} 225func (m *AuthProvider) XXX_Size() int { 226 return xxx_messageInfo_AuthProvider.Size(m) 227} 228func (m *AuthProvider) XXX_DiscardUnknown() { 229 xxx_messageInfo_AuthProvider.DiscardUnknown(m) 230} 231 232var xxx_messageInfo_AuthProvider proto.InternalMessageInfo 233 234func (m *AuthProvider) GetId() string { 235 if m != nil { 236 return m.Id 237 } 238 return "" 239} 240 241func (m *AuthProvider) GetIssuer() string { 242 if m != nil { 243 return m.Issuer 244 } 245 return "" 246} 247 248func (m *AuthProvider) GetJwksUri() string { 249 if m != nil { 250 return m.JwksUri 251 } 252 return "" 253} 254 255func (m *AuthProvider) GetAudiences() string { 256 if m != nil { 257 return m.Audiences 258 } 259 return "" 260} 261 262func (m *AuthProvider) GetAuthorizationUrl() string { 263 if m != nil { 264 return m.AuthorizationUrl 265 } 266 return "" 267} 268 269// OAuth scopes are a way to define data and permissions on data. For example, 270// there are scopes defined for "Read-only access to Google Calendar" and 271// "Access to Cloud Platform". Users can consent to a scope for an application, 272// giving it permission to access that data on their behalf. 273// 274// OAuth scope specifications should be fairly coarse grained; a user will need 275// to see and understand the text description of what your scope means. 276// 277// In most cases: use one or at most two OAuth scopes for an entire family of 278// products. If your product has multiple APIs, you should probably be sharing 279// the OAuth scope across all of those APIs. 280// 281// When you need finer grained OAuth consent screens: talk with your product 282// management about how developers will use them in practice. 283// 284// Please note that even though each of the canonical scopes is enough for a 285// request to be accepted and passed to the backend, a request can still fail 286// due to the backend requiring additional scopes or permissions. 287type OAuthRequirements struct { 288 // The list of publicly documented OAuth scopes that are allowed access. An 289 // OAuth token containing any of these scopes will be accepted. 290 // 291 // Example: 292 // 293 // canonical_scopes: https://www.googleapis.com/auth/calendar, 294 // https://www.googleapis.com/auth/calendar.read 295 CanonicalScopes string `protobuf:"bytes,1,opt,name=canonical_scopes,json=canonicalScopes,proto3" json:"canonical_scopes,omitempty"` 296 XXX_NoUnkeyedLiteral struct{} `json:"-"` 297 XXX_unrecognized []byte `json:"-"` 298 XXX_sizecache int32 `json:"-"` 299} 300 301func (m *OAuthRequirements) Reset() { *m = OAuthRequirements{} } 302func (m *OAuthRequirements) String() string { return proto.CompactTextString(m) } 303func (*OAuthRequirements) ProtoMessage() {} 304func (*OAuthRequirements) Descriptor() ([]byte, []int) { 305 return fileDescriptor_auth_88c4f5ae0863ae9c, []int{3} 306} 307func (m *OAuthRequirements) XXX_Unmarshal(b []byte) error { 308 return xxx_messageInfo_OAuthRequirements.Unmarshal(m, b) 309} 310func (m *OAuthRequirements) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { 311 return xxx_messageInfo_OAuthRequirements.Marshal(b, m, deterministic) 312} 313func (dst *OAuthRequirements) XXX_Merge(src proto.Message) { 314 xxx_messageInfo_OAuthRequirements.Merge(dst, src) 315} 316func (m *OAuthRequirements) XXX_Size() int { 317 return xxx_messageInfo_OAuthRequirements.Size(m) 318} 319func (m *OAuthRequirements) XXX_DiscardUnknown() { 320 xxx_messageInfo_OAuthRequirements.DiscardUnknown(m) 321} 322 323var xxx_messageInfo_OAuthRequirements proto.InternalMessageInfo 324 325func (m *OAuthRequirements) GetCanonicalScopes() string { 326 if m != nil { 327 return m.CanonicalScopes 328 } 329 return "" 330} 331 332// User-defined authentication requirements, including support for 333// [JSON Web Token (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32). 334type AuthRequirement struct { 335 // [id][google.api.AuthProvider.id] from authentication provider. 336 // 337 // Example: 338 // 339 // provider_id: bookstore_auth 340 ProviderId string `protobuf:"bytes,1,opt,name=provider_id,json=providerId,proto3" json:"provider_id,omitempty"` 341 // NOTE: This will be deprecated soon, once AuthProvider.audiences is 342 // implemented and accepted in all the runtime components. 343 // 344 // The list of JWT 345 // [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3). 346 // that are allowed to access. A JWT containing any of these audiences will 347 // be accepted. When this setting is absent, only JWTs with audience 348 // "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]" 349 // will be accepted. For example, if no audiences are in the setting, 350 // LibraryService API will only accept JWTs with the following audience 351 // "https://library-example.googleapis.com/google.example.library.v1.LibraryService". 352 // 353 // Example: 354 // 355 // audiences: bookstore_android.apps.googleusercontent.com, 356 // bookstore_web.apps.googleusercontent.com 357 Audiences string `protobuf:"bytes,2,opt,name=audiences,proto3" json:"audiences,omitempty"` 358 XXX_NoUnkeyedLiteral struct{} `json:"-"` 359 XXX_unrecognized []byte `json:"-"` 360 XXX_sizecache int32 `json:"-"` 361} 362 363func (m *AuthRequirement) Reset() { *m = AuthRequirement{} } 364func (m *AuthRequirement) String() string { return proto.CompactTextString(m) } 365func (*AuthRequirement) ProtoMessage() {} 366func (*AuthRequirement) Descriptor() ([]byte, []int) { 367 return fileDescriptor_auth_88c4f5ae0863ae9c, []int{4} 368} 369func (m *AuthRequirement) XXX_Unmarshal(b []byte) error { 370 return xxx_messageInfo_AuthRequirement.Unmarshal(m, b) 371} 372func (m *AuthRequirement) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { 373 return xxx_messageInfo_AuthRequirement.Marshal(b, m, deterministic) 374} 375func (dst *AuthRequirement) XXX_Merge(src proto.Message) { 376 xxx_messageInfo_AuthRequirement.Merge(dst, src) 377} 378func (m *AuthRequirement) XXX_Size() int { 379 return xxx_messageInfo_AuthRequirement.Size(m) 380} 381func (m *AuthRequirement) XXX_DiscardUnknown() { 382 xxx_messageInfo_AuthRequirement.DiscardUnknown(m) 383} 384 385var xxx_messageInfo_AuthRequirement proto.InternalMessageInfo 386 387func (m *AuthRequirement) GetProviderId() string { 388 if m != nil { 389 return m.ProviderId 390 } 391 return "" 392} 393 394func (m *AuthRequirement) GetAudiences() string { 395 if m != nil { 396 return m.Audiences 397 } 398 return "" 399} 400 401func init() { 402 proto.RegisterType((*Authentication)(nil), "google.api.Authentication") 403 proto.RegisterType((*AuthenticationRule)(nil), "google.api.AuthenticationRule") 404 proto.RegisterType((*AuthProvider)(nil), "google.api.AuthProvider") 405 proto.RegisterType((*OAuthRequirements)(nil), "google.api.OAuthRequirements") 406 proto.RegisterType((*AuthRequirement)(nil), "google.api.AuthRequirement") 407} 408 409func init() { proto.RegisterFile("google/api/auth.proto", fileDescriptor_auth_88c4f5ae0863ae9c) } 410 411var fileDescriptor_auth_88c4f5ae0863ae9c = []byte{ 412 // 465 bytes of a gzipped FileDescriptorProto 413 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x64, 0x52, 0x5f, 0x6b, 0x13, 0x4f, 414 0x14, 0x65, 0x93, 0xa6, 0xcd, 0xde, 0x94, 0xb4, 0x1d, 0xf8, 0x95, 0xfd, 0xd5, 0xaa, 0x21, 0x4f, 415 0x11, 0x61, 0x03, 0xad, 0x88, 0x20, 0x28, 0xad, 0x88, 0xf4, 0xc9, 0x30, 0x52, 0x04, 0x5f, 0x96, 416 0x71, 0x76, 0xdc, 0x8c, 0x9d, 0xce, 0x5d, 0xe7, 0x4f, 0x03, 0x3e, 0xf8, 0x49, 0x7c, 0xf2, 0x93, 417 0xf9, 0x51, 0x64, 0x67, 0xb7, 0xc9, 0x6e, 0xfa, 0x78, 0xef, 0x39, 0xe7, 0xde, 0x7b, 0xce, 0x0c, 418 0xfc, 0x57, 0x20, 0x16, 0x4a, 0xcc, 0x59, 0x29, 0xe7, 0xcc, 0xbb, 0x65, 0x5a, 0x1a, 0x74, 0x48, 419 0xa0, 0x6e, 0xa7, 0xac, 0x94, 0x27, 0xa7, 0x6d, 0x8a, 0xd6, 0xe8, 0x98, 0x93, 0xa8, 0x6d, 0xcd, 420 0x9c, 0xfe, 0x82, 0xf1, 0x85, 0x77, 0x4b, 0xa1, 0x9d, 0xe4, 0x01, 0x20, 0x2f, 0x60, 0x60, 0xbc, 421 0x12, 0x36, 0xe9, 0x4f, 0xfa, 0xb3, 0xd1, 0xd9, 0x93, 0x74, 0x33, 0x2b, 0xed, 0x52, 0xa9, 0x57, 422 0x82, 0xd6, 0x64, 0xf2, 0x12, 0xe2, 0xd2, 0xe0, 0x9d, 0xcc, 0x85, 0xb1, 0xc9, 0x4e, 0x50, 0x26, 423 0xdb, 0xca, 0x45, 0x43, 0xa0, 0x1b, 0xea, 0xf4, 0x6f, 0x04, 0xe4, 0xe1, 0x54, 0x72, 0x02, 0x43, 424 0x2b, 0x94, 0xe0, 0x0e, 0x4d, 0x12, 0x4d, 0xa2, 0x59, 0x4c, 0xd7, 0x35, 0x39, 0x87, 0x01, 0x56, 425 0x5e, 0x93, 0xde, 0x24, 0x9a, 0x8d, 0xce, 0x1e, 0xb7, 0xd7, 0x7c, 0xac, 0x66, 0x51, 0xf1, 0xc3, 426 0x4b, 0x23, 0x6e, 0x85, 0x76, 0x96, 0xd6, 0x5c, 0xf2, 0x0a, 0x12, 0xa6, 0x14, 0xae, 0xb2, 0x95, 427 0x74, 0x4b, 0xf4, 0x2e, 0xe3, 0x46, 0xe4, 0xd5, 0x52, 0xa6, 0x92, 0xc1, 0x24, 0x9a, 0x0d, 0xe9, 428 0x71, 0xc0, 0x3f, 0xd7, 0xf0, 0xbb, 0x35, 0x4a, 0xde, 0xc2, 0xbe, 0x69, 0x0d, 0x4c, 0xf6, 0x82, 429 0xb9, 0x47, 0xdb, 0xe6, 0x5a, 0x4b, 0x69, 0x47, 0x30, 0xfd, 0x1d, 0xc1, 0x7e, 0xdb, 0x3e, 0x19, 430 0x43, 0x4f, 0xe6, 0x8d, 0xad, 0x9e, 0xcc, 0xc9, 0x31, 0xec, 0x4a, 0x6b, 0xbd, 0x30, 0xc1, 0x51, 431 0x4c, 0x9b, 0x8a, 0xfc, 0x0f, 0xc3, 0xef, 0xab, 0x1b, 0x9b, 0x79, 0x23, 0x93, 0x7e, 0x40, 0xf6, 432 0xaa, 0xfa, 0xda, 0x48, 0x72, 0x0a, 0x31, 0xf3, 0xb9, 0x14, 0x9a, 0x8b, 0x2a, 0xee, 0x0a, 0xdb, 433 0x34, 0xc8, 0x73, 0x38, 0xaa, 0x4c, 0xa3, 0x91, 0x3f, 0x43, 0xa4, 0x99, 0x37, 0xb5, 0xcb, 0x98, 434 0x1e, 0x76, 0x80, 0x6b, 0xa3, 0xa6, 0x6f, 0xe0, 0xe8, 0x41, 0x6a, 0xe4, 0x19, 0x1c, 0x72, 0xa6, 435 0x51, 0x4b, 0xce, 0x54, 0x66, 0x39, 0x96, 0xc2, 0x36, 0x07, 0x1f, 0xac, 0xfb, 0x9f, 0x42, 0x7b, 436 0xba, 0x80, 0x83, 0x2d, 0x39, 0x79, 0x0a, 0xa3, 0xfb, 0x17, 0xce, 0xd6, 0x4e, 0xe1, 0xbe, 0x75, 437 0x95, 0x77, 0xcf, 0xef, 0x6d, 0x9d, 0x7f, 0x79, 0x03, 0x63, 0x8e, 0xb7, 0xad, 0x80, 0x2f, 0xe3, 438 0x26, 0x3f, 0x87, 0x8b, 0xe8, 0xcb, 0xfb, 0x06, 0x28, 0x50, 0x31, 0x5d, 0xa4, 0x68, 0x8a, 0x79, 439 0x21, 0x74, 0xf8, 0xce, 0xf3, 0x1a, 0x62, 0xa5, 0xb4, 0xe1, 0xbf, 0x5b, 0x61, 0xee, 0x24, 0x17, 440 0x1c, 0xf5, 0x37, 0x59, 0xbc, 0xee, 0x54, 0x7f, 0x7a, 0x3b, 0x1f, 0x2e, 0x16, 0x57, 0x5f, 0x77, 441 0x83, 0xf0, 0xfc, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xe5, 0xa3, 0x9d, 0xc6, 0x4a, 0x03, 0x00, 442 0x00, 443} 444