mirror of
https://github.com/Luzifer/nginx-sso.git
synced 2024-12-25 15:21:16 +00:00
917 lines
31 KiB
Go
917 lines
31 KiB
Go
// Copyright 2019 Google LLC.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Code generated file. DO NOT EDIT.
|
|
|
|
// Package iap provides access to the Cloud Identity-Aware Proxy API.
|
|
//
|
|
// For product documentation, see: https://cloud.google.com/iap
|
|
//
|
|
// Creating a client
|
|
//
|
|
// Usage example:
|
|
//
|
|
// import "google.golang.org/api/iap/v1beta1"
|
|
// ...
|
|
// ctx := context.Background()
|
|
// iapService, err := iap.NewService(ctx)
|
|
//
|
|
// In this example, Google Application Default Credentials are used for authentication.
|
|
//
|
|
// For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
|
|
//
|
|
// Other authentication options
|
|
//
|
|
// To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
|
|
//
|
|
// iapService, err := iap.NewService(ctx, option.WithAPIKey("AIza..."))
|
|
//
|
|
// To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
|
|
//
|
|
// config := &oauth2.Config{...}
|
|
// // ...
|
|
// token, err := config.Exchange(ctx, ...)
|
|
// iapService, err := iap.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
|
|
//
|
|
// See https://godoc.org/google.golang.org/api/option/ for details on options.
|
|
package iap // import "google.golang.org/api/iap/v1beta1"
|
|
|
|
import (
|
|
"bytes"
|
|
"context"
|
|
"encoding/json"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/url"
|
|
"strconv"
|
|
"strings"
|
|
|
|
gensupport "google.golang.org/api/gensupport"
|
|
googleapi "google.golang.org/api/googleapi"
|
|
option "google.golang.org/api/option"
|
|
htransport "google.golang.org/api/transport/http"
|
|
)
|
|
|
|
// Always reference these packages, just in case the auto-generated code
|
|
// below doesn't.
|
|
var _ = bytes.NewBuffer
|
|
var _ = strconv.Itoa
|
|
var _ = fmt.Sprintf
|
|
var _ = json.NewDecoder
|
|
var _ = io.Copy
|
|
var _ = url.Parse
|
|
var _ = gensupport.MarshalJSON
|
|
var _ = googleapi.Version
|
|
var _ = errors.New
|
|
var _ = strings.Replace
|
|
var _ = context.Canceled
|
|
|
|
const apiId = "iap:v1beta1"
|
|
const apiName = "iap"
|
|
const apiVersion = "v1beta1"
|
|
const basePath = "https://iap.googleapis.com/"
|
|
|
|
// OAuth2 scopes used by this API.
|
|
const (
|
|
// View and manage your data across Google Cloud Platform services
|
|
CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
|
|
)
|
|
|
|
// NewService creates a new Service.
|
|
func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
|
|
scopesOption := option.WithScopes(
|
|
"https://www.googleapis.com/auth/cloud-platform",
|
|
)
|
|
// NOTE: prepend, so we don't override user-specified scopes.
|
|
opts = append([]option.ClientOption{scopesOption}, opts...)
|
|
client, endpoint, err := htransport.NewClient(ctx, opts...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
s, err := New(client)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if endpoint != "" {
|
|
s.BasePath = endpoint
|
|
}
|
|
return s, nil
|
|
}
|
|
|
|
// New creates a new Service. It uses the provided http.Client for requests.
|
|
//
|
|
// Deprecated: please use NewService instead.
|
|
// To provide a custom HTTP client, use option.WithHTTPClient.
|
|
// If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
|
|
func New(client *http.Client) (*Service, error) {
|
|
if client == nil {
|
|
return nil, errors.New("client is nil")
|
|
}
|
|
s := &Service{client: client, BasePath: basePath}
|
|
s.V1beta1 = NewV1beta1Service(s)
|
|
return s, nil
|
|
}
|
|
|
|
type Service struct {
|
|
client *http.Client
|
|
BasePath string // API endpoint base URL
|
|
UserAgent string // optional additional User-Agent fragment
|
|
|
|
V1beta1 *V1beta1Service
|
|
}
|
|
|
|
func (s *Service) userAgent() string {
|
|
if s.UserAgent == "" {
|
|
return googleapi.UserAgent
|
|
}
|
|
return googleapi.UserAgent + " " + s.UserAgent
|
|
}
|
|
|
|
func NewV1beta1Service(s *Service) *V1beta1Service {
|
|
rs := &V1beta1Service{s: s}
|
|
return rs
|
|
}
|
|
|
|
type V1beta1Service struct {
|
|
s *Service
|
|
}
|
|
|
|
// Binding: Associates `members` with a `role`.
|
|
type Binding struct {
|
|
// Condition: The condition that is associated with this binding.
|
|
// NOTE: an unsatisfied condition will not allow user access via
|
|
// current
|
|
// binding. Different bindings, including their conditions, are
|
|
// examined
|
|
// independently.
|
|
Condition *Expr `json:"condition,omitempty"`
|
|
|
|
// Members: Specifies the identities requesting access for a Cloud
|
|
// Platform resource.
|
|
// `members` can have the following values:
|
|
//
|
|
// * `allUsers`: A special identifier that represents anyone who is
|
|
// on the internet; with or without a Google account.
|
|
//
|
|
// * `allAuthenticatedUsers`: A special identifier that represents
|
|
// anyone
|
|
// who is authenticated with a Google account or a service
|
|
// account.
|
|
//
|
|
// * `user:{emailid}`: An email address that represents a specific
|
|
// Google
|
|
// account. For example, `alice@gmail.com` .
|
|
//
|
|
//
|
|
// * `serviceAccount:{emailid}`: An email address that represents a
|
|
// service
|
|
// account. For example,
|
|
// `my-other-app@appspot.gserviceaccount.com`.
|
|
//
|
|
// * `group:{emailid}`: An email address that represents a Google
|
|
// group.
|
|
// For example, `admins@example.com`.
|
|
//
|
|
//
|
|
// * `domain:{domain}`: The G Suite domain (primary) that represents all
|
|
// the
|
|
// users of that domain. For example, `google.com` or
|
|
// `example.com`.
|
|
//
|
|
//
|
|
Members []string `json:"members,omitempty"`
|
|
|
|
// Role: Role that is assigned to `members`.
|
|
// For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
|
|
Role string `json:"role,omitempty"`
|
|
|
|
// ForceSendFields is a list of field names (e.g. "Condition") to
|
|
// unconditionally include in API requests. By default, fields with
|
|
// empty values are omitted from API requests. However, any non-pointer,
|
|
// non-interface field appearing in ForceSendFields will be sent to the
|
|
// server regardless of whether the field is empty or not. This may be
|
|
// used to include empty fields in Patch requests.
|
|
ForceSendFields []string `json:"-"`
|
|
|
|
// NullFields is a list of field names (e.g. "Condition") to include in
|
|
// API requests with the JSON null value. By default, fields with empty
|
|
// values are omitted from API requests. However, any field with an
|
|
// empty value appearing in NullFields will be sent to the server as
|
|
// null. It is an error if a field in this list has a non-empty value.
|
|
// This may be used to include null fields in Patch requests.
|
|
NullFields []string `json:"-"`
|
|
}
|
|
|
|
func (s *Binding) MarshalJSON() ([]byte, error) {
|
|
type NoMethod Binding
|
|
raw := NoMethod(*s)
|
|
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
|
|
}
|
|
|
|
// Expr: Represents an expression text. Example:
|
|
//
|
|
// title: "User account presence"
|
|
// description: "Determines whether the request has a user account"
|
|
// expression: "size(request.user) > 0"
|
|
type Expr struct {
|
|
// Description: An optional description of the expression. This is a
|
|
// longer text which
|
|
// describes the expression, e.g. when hovered over it in a UI.
|
|
Description string `json:"description,omitempty"`
|
|
|
|
// Expression: Textual representation of an expression in
|
|
// Common Expression Language syntax.
|
|
//
|
|
// The application context of the containing message determines
|
|
// which
|
|
// well-known feature set of CEL is supported.
|
|
Expression string `json:"expression,omitempty"`
|
|
|
|
// Location: An optional string indicating the location of the
|
|
// expression for error
|
|
// reporting, e.g. a file name and a position in the file.
|
|
Location string `json:"location,omitempty"`
|
|
|
|
// Title: An optional title for the expression, i.e. a short string
|
|
// describing
|
|
// its purpose. This can be used e.g. in UIs which allow to enter
|
|
// the
|
|
// expression.
|
|
Title string `json:"title,omitempty"`
|
|
|
|
// ForceSendFields is a list of field names (e.g. "Description") to
|
|
// unconditionally include in API requests. By default, fields with
|
|
// empty values are omitted from API requests. However, any non-pointer,
|
|
// non-interface field appearing in ForceSendFields will be sent to the
|
|
// server regardless of whether the field is empty or not. This may be
|
|
// used to include empty fields in Patch requests.
|
|
ForceSendFields []string `json:"-"`
|
|
|
|
// NullFields is a list of field names (e.g. "Description") to include
|
|
// in API requests with the JSON null value. By default, fields with
|
|
// empty values are omitted from API requests. However, any field with
|
|
// an empty value appearing in NullFields will be sent to the server as
|
|
// null. It is an error if a field in this list has a non-empty value.
|
|
// This may be used to include null fields in Patch requests.
|
|
NullFields []string `json:"-"`
|
|
}
|
|
|
|
func (s *Expr) MarshalJSON() ([]byte, error) {
|
|
type NoMethod Expr
|
|
raw := NoMethod(*s)
|
|
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
|
|
}
|
|
|
|
// GetIamPolicyRequest: Request message for `GetIamPolicy` method.
|
|
type GetIamPolicyRequest struct {
|
|
}
|
|
|
|
// Policy: Defines an Identity and Access Management (IAM) policy. It is
|
|
// used to
|
|
// specify access control policies for Cloud Platform resources.
|
|
//
|
|
//
|
|
// A `Policy` consists of a list of `bindings`. A `binding` binds a list
|
|
// of
|
|
// `members` to a `role`, where the members can be user accounts, Google
|
|
// groups,
|
|
// Google domains, and service accounts. A `role` is a named list of
|
|
// permissions
|
|
// defined by IAM.
|
|
//
|
|
// **JSON Example**
|
|
//
|
|
// {
|
|
// "bindings": [
|
|
// {
|
|
// "role": "roles/owner",
|
|
// "members": [
|
|
// "user:mike@example.com",
|
|
// "group:admins@example.com",
|
|
// "domain:google.com",
|
|
//
|
|
// "serviceAccount:my-other-app@appspot.gserviceaccount.com"
|
|
// ]
|
|
// },
|
|
// {
|
|
// "role": "roles/viewer",
|
|
// "members": ["user:sean@example.com"]
|
|
// }
|
|
// ]
|
|
// }
|
|
//
|
|
// **YAML Example**
|
|
//
|
|
// bindings:
|
|
// - members:
|
|
// - user:mike@example.com
|
|
// - group:admins@example.com
|
|
// - domain:google.com
|
|
// - serviceAccount:my-other-app@appspot.gserviceaccount.com
|
|
// role: roles/owner
|
|
// - members:
|
|
// - user:sean@example.com
|
|
// role: roles/viewer
|
|
//
|
|
//
|
|
// For a description of IAM and its features, see the
|
|
// [IAM developer's guide](https://cloud.google.com/iam/docs).
|
|
type Policy struct {
|
|
// Bindings: Associates a list of `members` to a `role`.
|
|
// `bindings` with no members will result in an error.
|
|
Bindings []*Binding `json:"bindings,omitempty"`
|
|
|
|
// Etag: `etag` is used for optimistic concurrency control as a way to
|
|
// help
|
|
// prevent simultaneous updates of a policy from overwriting each
|
|
// other.
|
|
// It is strongly suggested that systems make use of the `etag` in
|
|
// the
|
|
// read-modify-write cycle to perform policy updates in order to avoid
|
|
// race
|
|
// conditions: An `etag` is returned in the response to `getIamPolicy`,
|
|
// and
|
|
// systems are expected to put that etag in the request to
|
|
// `setIamPolicy` to
|
|
// ensure that their change will be applied to the same version of the
|
|
// policy.
|
|
//
|
|
// If no `etag` is provided in the call to `setIamPolicy`, then the
|
|
// existing
|
|
// policy is overwritten blindly.
|
|
Etag string `json:"etag,omitempty"`
|
|
|
|
// Version: Deprecated.
|
|
Version int64 `json:"version,omitempty"`
|
|
|
|
// ServerResponse contains the HTTP response code and headers from the
|
|
// server.
|
|
googleapi.ServerResponse `json:"-"`
|
|
|
|
// ForceSendFields is a list of field names (e.g. "Bindings") to
|
|
// unconditionally include in API requests. By default, fields with
|
|
// empty values are omitted from API requests. However, any non-pointer,
|
|
// non-interface field appearing in ForceSendFields will be sent to the
|
|
// server regardless of whether the field is empty or not. This may be
|
|
// used to include empty fields in Patch requests.
|
|
ForceSendFields []string `json:"-"`
|
|
|
|
// NullFields is a list of field names (e.g. "Bindings") to include in
|
|
// API requests with the JSON null value. By default, fields with empty
|
|
// values are omitted from API requests. However, any field with an
|
|
// empty value appearing in NullFields will be sent to the server as
|
|
// null. It is an error if a field in this list has a non-empty value.
|
|
// This may be used to include null fields in Patch requests.
|
|
NullFields []string `json:"-"`
|
|
}
|
|
|
|
func (s *Policy) MarshalJSON() ([]byte, error) {
|
|
type NoMethod Policy
|
|
raw := NoMethod(*s)
|
|
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
|
|
}
|
|
|
|
// SetIamPolicyRequest: Request message for `SetIamPolicy` method.
|
|
type SetIamPolicyRequest struct {
|
|
// Policy: REQUIRED: The complete policy to be applied to the
|
|
// `resource`. The size of
|
|
// the policy is limited to a few 10s of KB. An empty policy is a
|
|
// valid policy but certain Cloud Platform services (such as
|
|
// Projects)
|
|
// might reject them.
|
|
Policy *Policy `json:"policy,omitempty"`
|
|
|
|
// ForceSendFields is a list of field names (e.g. "Policy") to
|
|
// unconditionally include in API requests. By default, fields with
|
|
// empty values are omitted from API requests. However, any non-pointer,
|
|
// non-interface field appearing in ForceSendFields will be sent to the
|
|
// server regardless of whether the field is empty or not. This may be
|
|
// used to include empty fields in Patch requests.
|
|
ForceSendFields []string `json:"-"`
|
|
|
|
// NullFields is a list of field names (e.g. "Policy") to include in API
|
|
// requests with the JSON null value. By default, fields with empty
|
|
// values are omitted from API requests. However, any field with an
|
|
// empty value appearing in NullFields will be sent to the server as
|
|
// null. It is an error if a field in this list has a non-empty value.
|
|
// This may be used to include null fields in Patch requests.
|
|
NullFields []string `json:"-"`
|
|
}
|
|
|
|
func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) {
|
|
type NoMethod SetIamPolicyRequest
|
|
raw := NoMethod(*s)
|
|
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
|
|
}
|
|
|
|
// TestIamPermissionsRequest: Request message for `TestIamPermissions`
|
|
// method.
|
|
type TestIamPermissionsRequest struct {
|
|
// Permissions: The set of permissions to check for the `resource`.
|
|
// Permissions with
|
|
// wildcards (such as '*' or 'storage.*') are not allowed. For
|
|
// more
|
|
// information see
|
|
// [IAM
|
|
// Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
|
Permissions []string `json:"permissions,omitempty"`
|
|
|
|
// ForceSendFields is a list of field names (e.g. "Permissions") to
|
|
// unconditionally include in API requests. By default, fields with
|
|
// empty values are omitted from API requests. However, any non-pointer,
|
|
// non-interface field appearing in ForceSendFields will be sent to the
|
|
// server regardless of whether the field is empty or not. This may be
|
|
// used to include empty fields in Patch requests.
|
|
ForceSendFields []string `json:"-"`
|
|
|
|
// NullFields is a list of field names (e.g. "Permissions") to include
|
|
// in API requests with the JSON null value. By default, fields with
|
|
// empty values are omitted from API requests. However, any field with
|
|
// an empty value appearing in NullFields will be sent to the server as
|
|
// null. It is an error if a field in this list has a non-empty value.
|
|
// This may be used to include null fields in Patch requests.
|
|
NullFields []string `json:"-"`
|
|
}
|
|
|
|
func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) {
|
|
type NoMethod TestIamPermissionsRequest
|
|
raw := NoMethod(*s)
|
|
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
|
|
}
|
|
|
|
// TestIamPermissionsResponse: Response message for `TestIamPermissions`
|
|
// method.
|
|
type TestIamPermissionsResponse struct {
|
|
// Permissions: A subset of `TestPermissionsRequest.permissions` that
|
|
// the caller is
|
|
// allowed.
|
|
Permissions []string `json:"permissions,omitempty"`
|
|
|
|
// ServerResponse contains the HTTP response code and headers from the
|
|
// server.
|
|
googleapi.ServerResponse `json:"-"`
|
|
|
|
// ForceSendFields is a list of field names (e.g. "Permissions") to
|
|
// unconditionally include in API requests. By default, fields with
|
|
// empty values are omitted from API requests. However, any non-pointer,
|
|
// non-interface field appearing in ForceSendFields will be sent to the
|
|
// server regardless of whether the field is empty or not. This may be
|
|
// used to include empty fields in Patch requests.
|
|
ForceSendFields []string `json:"-"`
|
|
|
|
// NullFields is a list of field names (e.g. "Permissions") to include
|
|
// in API requests with the JSON null value. By default, fields with
|
|
// empty values are omitted from API requests. However, any field with
|
|
// an empty value appearing in NullFields will be sent to the server as
|
|
// null. It is an error if a field in this list has a non-empty value.
|
|
// This may be used to include null fields in Patch requests.
|
|
NullFields []string `json:"-"`
|
|
}
|
|
|
|
func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
|
|
type NoMethod TestIamPermissionsResponse
|
|
raw := NoMethod(*s)
|
|
return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields)
|
|
}
|
|
|
|
// method id "iap.getIamPolicy":
|
|
|
|
type V1beta1GetIamPolicyCall struct {
|
|
s *Service
|
|
resource string
|
|
getiampolicyrequest *GetIamPolicyRequest
|
|
urlParams_ gensupport.URLParams
|
|
ctx_ context.Context
|
|
header_ http.Header
|
|
}
|
|
|
|
// GetIamPolicy: Gets the access control policy for an Identity-Aware
|
|
// Proxy protected
|
|
// resource.
|
|
// More information about managing access via IAP can be found
|
|
// at:
|
|
// https://cloud.google.com/iap/docs/managing-access#managing_access_
|
|
// via_the_api
|
|
func (r *V1beta1Service) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *V1beta1GetIamPolicyCall {
|
|
c := &V1beta1GetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
|
|
c.resource = resource
|
|
c.getiampolicyrequest = getiampolicyrequest
|
|
return c
|
|
}
|
|
|
|
// Fields allows partial responses to be retrieved. See
|
|
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
|
|
// for more information.
|
|
func (c *V1beta1GetIamPolicyCall) Fields(s ...googleapi.Field) *V1beta1GetIamPolicyCall {
|
|
c.urlParams_.Set("fields", googleapi.CombineFields(s))
|
|
return c
|
|
}
|
|
|
|
// Context sets the context to be used in this call's Do method. Any
|
|
// pending HTTP request will be aborted if the provided context is
|
|
// canceled.
|
|
func (c *V1beta1GetIamPolicyCall) Context(ctx context.Context) *V1beta1GetIamPolicyCall {
|
|
c.ctx_ = ctx
|
|
return c
|
|
}
|
|
|
|
// Header returns an http.Header that can be modified by the caller to
|
|
// add HTTP headers to the request.
|
|
func (c *V1beta1GetIamPolicyCall) Header() http.Header {
|
|
if c.header_ == nil {
|
|
c.header_ = make(http.Header)
|
|
}
|
|
return c.header_
|
|
}
|
|
|
|
func (c *V1beta1GetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
|
|
reqHeaders := make(http.Header)
|
|
for k, v := range c.header_ {
|
|
reqHeaders[k] = v
|
|
}
|
|
reqHeaders.Set("User-Agent", c.s.userAgent())
|
|
var body io.Reader = nil
|
|
body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
reqHeaders.Set("Content-Type", "application/json")
|
|
c.urlParams_.Set("alt", alt)
|
|
c.urlParams_.Set("prettyPrint", "false")
|
|
urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:getIamPolicy")
|
|
urls += "?" + c.urlParams_.Encode()
|
|
req, err := http.NewRequest("POST", urls, body)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
req.Header = reqHeaders
|
|
googleapi.Expand(req.URL, map[string]string{
|
|
"resource": c.resource,
|
|
})
|
|
return gensupport.SendRequest(c.ctx_, c.s.client, req)
|
|
}
|
|
|
|
// Do executes the "iap.getIamPolicy" call.
|
|
// Exactly one of *Policy or error will be non-nil. Any non-2xx status
|
|
// code is an error. Response headers are in either
|
|
// *Policy.ServerResponse.Header or (if a response was returned at all)
|
|
// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
|
|
// check whether the returned error was because http.StatusNotModified
|
|
// was returned.
|
|
func (c *V1beta1GetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
|
|
gensupport.SetOptions(c.urlParams_, opts...)
|
|
res, err := c.doRequest("json")
|
|
if res != nil && res.StatusCode == http.StatusNotModified {
|
|
if res.Body != nil {
|
|
res.Body.Close()
|
|
}
|
|
return nil, &googleapi.Error{
|
|
Code: res.StatusCode,
|
|
Header: res.Header,
|
|
}
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer googleapi.CloseBody(res)
|
|
if err := googleapi.CheckResponse(res); err != nil {
|
|
return nil, err
|
|
}
|
|
ret := &Policy{
|
|
ServerResponse: googleapi.ServerResponse{
|
|
Header: res.Header,
|
|
HTTPStatusCode: res.StatusCode,
|
|
},
|
|
}
|
|
target := &ret
|
|
if err := gensupport.DecodeResponse(target, res); err != nil {
|
|
return nil, err
|
|
}
|
|
return ret, nil
|
|
// {
|
|
// "description": "Gets the access control policy for an Identity-Aware Proxy protected\nresource.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api",
|
|
// "flatPath": "v1beta1/{v1beta1Id}:getIamPolicy",
|
|
// "httpMethod": "POST",
|
|
// "id": "iap.getIamPolicy",
|
|
// "parameterOrder": [
|
|
// "resource"
|
|
// ],
|
|
// "parameters": {
|
|
// "resource": {
|
|
// "description": "REQUIRED: The resource for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
|
|
// "location": "path",
|
|
// "pattern": "^.+$",
|
|
// "required": true,
|
|
// "type": "string"
|
|
// }
|
|
// },
|
|
// "path": "v1beta1/{+resource}:getIamPolicy",
|
|
// "request": {
|
|
// "$ref": "GetIamPolicyRequest"
|
|
// },
|
|
// "response": {
|
|
// "$ref": "Policy"
|
|
// },
|
|
// "scopes": [
|
|
// "https://www.googleapis.com/auth/cloud-platform"
|
|
// ]
|
|
// }
|
|
|
|
}
|
|
|
|
// method id "iap.setIamPolicy":
|
|
|
|
type V1beta1SetIamPolicyCall struct {
|
|
s *Service
|
|
resource string
|
|
setiampolicyrequest *SetIamPolicyRequest
|
|
urlParams_ gensupport.URLParams
|
|
ctx_ context.Context
|
|
header_ http.Header
|
|
}
|
|
|
|
// SetIamPolicy: Sets the access control policy for an Identity-Aware
|
|
// Proxy protected
|
|
// resource. Replaces any existing policy.
|
|
// More information about managing access via IAP can be found
|
|
// at:
|
|
// https://cloud.google.com/iap/docs/managing-access#managing_access_
|
|
// via_the_api
|
|
func (r *V1beta1Service) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *V1beta1SetIamPolicyCall {
|
|
c := &V1beta1SetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
|
|
c.resource = resource
|
|
c.setiampolicyrequest = setiampolicyrequest
|
|
return c
|
|
}
|
|
|
|
// Fields allows partial responses to be retrieved. See
|
|
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
|
|
// for more information.
|
|
func (c *V1beta1SetIamPolicyCall) Fields(s ...googleapi.Field) *V1beta1SetIamPolicyCall {
|
|
c.urlParams_.Set("fields", googleapi.CombineFields(s))
|
|
return c
|
|
}
|
|
|
|
// Context sets the context to be used in this call's Do method. Any
|
|
// pending HTTP request will be aborted if the provided context is
|
|
// canceled.
|
|
func (c *V1beta1SetIamPolicyCall) Context(ctx context.Context) *V1beta1SetIamPolicyCall {
|
|
c.ctx_ = ctx
|
|
return c
|
|
}
|
|
|
|
// Header returns an http.Header that can be modified by the caller to
|
|
// add HTTP headers to the request.
|
|
func (c *V1beta1SetIamPolicyCall) Header() http.Header {
|
|
if c.header_ == nil {
|
|
c.header_ = make(http.Header)
|
|
}
|
|
return c.header_
|
|
}
|
|
|
|
func (c *V1beta1SetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
|
|
reqHeaders := make(http.Header)
|
|
for k, v := range c.header_ {
|
|
reqHeaders[k] = v
|
|
}
|
|
reqHeaders.Set("User-Agent", c.s.userAgent())
|
|
var body io.Reader = nil
|
|
body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
reqHeaders.Set("Content-Type", "application/json")
|
|
c.urlParams_.Set("alt", alt)
|
|
c.urlParams_.Set("prettyPrint", "false")
|
|
urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:setIamPolicy")
|
|
urls += "?" + c.urlParams_.Encode()
|
|
req, err := http.NewRequest("POST", urls, body)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
req.Header = reqHeaders
|
|
googleapi.Expand(req.URL, map[string]string{
|
|
"resource": c.resource,
|
|
})
|
|
return gensupport.SendRequest(c.ctx_, c.s.client, req)
|
|
}
|
|
|
|
// Do executes the "iap.setIamPolicy" call.
|
|
// Exactly one of *Policy or error will be non-nil. Any non-2xx status
|
|
// code is an error. Response headers are in either
|
|
// *Policy.ServerResponse.Header or (if a response was returned at all)
|
|
// in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
|
|
// check whether the returned error was because http.StatusNotModified
|
|
// was returned.
|
|
func (c *V1beta1SetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
|
|
gensupport.SetOptions(c.urlParams_, opts...)
|
|
res, err := c.doRequest("json")
|
|
if res != nil && res.StatusCode == http.StatusNotModified {
|
|
if res.Body != nil {
|
|
res.Body.Close()
|
|
}
|
|
return nil, &googleapi.Error{
|
|
Code: res.StatusCode,
|
|
Header: res.Header,
|
|
}
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer googleapi.CloseBody(res)
|
|
if err := googleapi.CheckResponse(res); err != nil {
|
|
return nil, err
|
|
}
|
|
ret := &Policy{
|
|
ServerResponse: googleapi.ServerResponse{
|
|
Header: res.Header,
|
|
HTTPStatusCode: res.StatusCode,
|
|
},
|
|
}
|
|
target := &ret
|
|
if err := gensupport.DecodeResponse(target, res); err != nil {
|
|
return nil, err
|
|
}
|
|
return ret, nil
|
|
// {
|
|
// "description": "Sets the access control policy for an Identity-Aware Proxy protected\nresource. Replaces any existing policy.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api",
|
|
// "flatPath": "v1beta1/{v1beta1Id}:setIamPolicy",
|
|
// "httpMethod": "POST",
|
|
// "id": "iap.setIamPolicy",
|
|
// "parameterOrder": [
|
|
// "resource"
|
|
// ],
|
|
// "parameters": {
|
|
// "resource": {
|
|
// "description": "REQUIRED: The resource for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
|
|
// "location": "path",
|
|
// "pattern": "^.+$",
|
|
// "required": true,
|
|
// "type": "string"
|
|
// }
|
|
// },
|
|
// "path": "v1beta1/{+resource}:setIamPolicy",
|
|
// "request": {
|
|
// "$ref": "SetIamPolicyRequest"
|
|
// },
|
|
// "response": {
|
|
// "$ref": "Policy"
|
|
// },
|
|
// "scopes": [
|
|
// "https://www.googleapis.com/auth/cloud-platform"
|
|
// ]
|
|
// }
|
|
|
|
}
|
|
|
|
// method id "iap.testIamPermissions":
|
|
|
|
type V1beta1TestIamPermissionsCall struct {
|
|
s *Service
|
|
resource string
|
|
testiampermissionsrequest *TestIamPermissionsRequest
|
|
urlParams_ gensupport.URLParams
|
|
ctx_ context.Context
|
|
header_ http.Header
|
|
}
|
|
|
|
// TestIamPermissions: Returns permissions that a caller has on the
|
|
// Identity-Aware Proxy protected
|
|
// resource. If the resource does not exist or the caller does not
|
|
// have
|
|
// Identity-Aware Proxy permissions a
|
|
// [google.rpc.Code.PERMISSION_DENIED]
|
|
// will be returned.
|
|
// More information about managing access via IAP can be found
|
|
// at:
|
|
// https://cloud.google.com/iap/docs/managing-access#managing_access_
|
|
// via_the_api
|
|
func (r *V1beta1Service) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *V1beta1TestIamPermissionsCall {
|
|
c := &V1beta1TestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
|
|
c.resource = resource
|
|
c.testiampermissionsrequest = testiampermissionsrequest
|
|
return c
|
|
}
|
|
|
|
// Fields allows partial responses to be retrieved. See
|
|
// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse
|
|
// for more information.
|
|
func (c *V1beta1TestIamPermissionsCall) Fields(s ...googleapi.Field) *V1beta1TestIamPermissionsCall {
|
|
c.urlParams_.Set("fields", googleapi.CombineFields(s))
|
|
return c
|
|
}
|
|
|
|
// Context sets the context to be used in this call's Do method. Any
|
|
// pending HTTP request will be aborted if the provided context is
|
|
// canceled.
|
|
func (c *V1beta1TestIamPermissionsCall) Context(ctx context.Context) *V1beta1TestIamPermissionsCall {
|
|
c.ctx_ = ctx
|
|
return c
|
|
}
|
|
|
|
// Header returns an http.Header that can be modified by the caller to
|
|
// add HTTP headers to the request.
|
|
func (c *V1beta1TestIamPermissionsCall) Header() http.Header {
|
|
if c.header_ == nil {
|
|
c.header_ = make(http.Header)
|
|
}
|
|
return c.header_
|
|
}
|
|
|
|
func (c *V1beta1TestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
|
|
reqHeaders := make(http.Header)
|
|
for k, v := range c.header_ {
|
|
reqHeaders[k] = v
|
|
}
|
|
reqHeaders.Set("User-Agent", c.s.userAgent())
|
|
var body io.Reader = nil
|
|
body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
reqHeaders.Set("Content-Type", "application/json")
|
|
c.urlParams_.Set("alt", alt)
|
|
c.urlParams_.Set("prettyPrint", "false")
|
|
urls := googleapi.ResolveRelative(c.s.BasePath, "v1beta1/{+resource}:testIamPermissions")
|
|
urls += "?" + c.urlParams_.Encode()
|
|
req, err := http.NewRequest("POST", urls, body)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
req.Header = reqHeaders
|
|
googleapi.Expand(req.URL, map[string]string{
|
|
"resource": c.resource,
|
|
})
|
|
return gensupport.SendRequest(c.ctx_, c.s.client, req)
|
|
}
|
|
|
|
// Do executes the "iap.testIamPermissions" call.
|
|
// Exactly one of *TestIamPermissionsResponse or error will be non-nil.
|
|
// Any non-2xx status code is an error. Response headers are in either
|
|
// *TestIamPermissionsResponse.ServerResponse.Header or (if a response
|
|
// was returned at all) in error.(*googleapi.Error).Header. Use
|
|
// googleapi.IsNotModified to check whether the returned error was
|
|
// because http.StatusNotModified was returned.
|
|
func (c *V1beta1TestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
|
|
gensupport.SetOptions(c.urlParams_, opts...)
|
|
res, err := c.doRequest("json")
|
|
if res != nil && res.StatusCode == http.StatusNotModified {
|
|
if res.Body != nil {
|
|
res.Body.Close()
|
|
}
|
|
return nil, &googleapi.Error{
|
|
Code: res.StatusCode,
|
|
Header: res.Header,
|
|
}
|
|
}
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer googleapi.CloseBody(res)
|
|
if err := googleapi.CheckResponse(res); err != nil {
|
|
return nil, err
|
|
}
|
|
ret := &TestIamPermissionsResponse{
|
|
ServerResponse: googleapi.ServerResponse{
|
|
Header: res.Header,
|
|
HTTPStatusCode: res.StatusCode,
|
|
},
|
|
}
|
|
target := &ret
|
|
if err := gensupport.DecodeResponse(target, res); err != nil {
|
|
return nil, err
|
|
}
|
|
return ret, nil
|
|
// {
|
|
// "description": "Returns permissions that a caller has on the Identity-Aware Proxy protected\nresource. If the resource does not exist or the caller does not have\nIdentity-Aware Proxy permissions a [google.rpc.Code.PERMISSION_DENIED]\nwill be returned.\nMore information about managing access via IAP can be found at:\nhttps://cloud.google.com/iap/docs/managing-access#managing_access_via_the_api",
|
|
// "flatPath": "v1beta1/{v1beta1Id}:testIamPermissions",
|
|
// "httpMethod": "POST",
|
|
// "id": "iap.testIamPermissions",
|
|
// "parameterOrder": [
|
|
// "resource"
|
|
// ],
|
|
// "parameters": {
|
|
// "resource": {
|
|
// "description": "REQUIRED: The resource for which the policy detail is being requested.\nSee the operation documentation for the appropriate value for this field.",
|
|
// "location": "path",
|
|
// "pattern": "^.+$",
|
|
// "required": true,
|
|
// "type": "string"
|
|
// }
|
|
// },
|
|
// "path": "v1beta1/{+resource}:testIamPermissions",
|
|
// "request": {
|
|
// "$ref": "TestIamPermissionsRequest"
|
|
// },
|
|
// "response": {
|
|
// "$ref": "TestIamPermissionsResponse"
|
|
// },
|
|
// "scopes": [
|
|
// "https://www.googleapis.com/auth/cloud-platform"
|
|
// ]
|
|
// }
|
|
|
|
}
|