Documentation ¶
Overview ¶
Package iamcredentials provides access to the IAM Service Account Credentials API.
See https://developers.google.com/identity/protocols/OAuth2ServiceAccount
Usage example:
import "google.golang.org/api/iamcredentials/v1" ... iamcredentialsService, err := iamcredentials.New(oauthHttpClient)
Index ¶
- Constants
- type GenerateAccessTokenRequest
- type GenerateAccessTokenResponse
- type GenerateIdTokenRequest
- type GenerateIdTokenResponse
- type ProjectsService
- type ProjectsServiceAccountsGenerateAccessTokenCall
- func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Context(ctx context.Context) *ProjectsServiceAccountsGenerateAccessTokenCall
- func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Do(opts ...googleapi.CallOption) (*GenerateAccessTokenResponse, error)
- func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGenerateAccessTokenCall
- func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Header() http.Header
- type ProjectsServiceAccountsGenerateIdTokenCall
- func (c *ProjectsServiceAccountsGenerateIdTokenCall) Context(ctx context.Context) *ProjectsServiceAccountsGenerateIdTokenCall
- func (c *ProjectsServiceAccountsGenerateIdTokenCall) Do(opts ...googleapi.CallOption) (*GenerateIdTokenResponse, error)
- func (c *ProjectsServiceAccountsGenerateIdTokenCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGenerateIdTokenCall
- func (c *ProjectsServiceAccountsGenerateIdTokenCall) Header() http.Header
- type ProjectsServiceAccountsService
- func (r *ProjectsServiceAccountsService) GenerateAccessToken(name string, generateaccesstokenrequest *GenerateAccessTokenRequest) *ProjectsServiceAccountsGenerateAccessTokenCall
- func (r *ProjectsServiceAccountsService) GenerateIdToken(name string, generateidtokenrequest *GenerateIdTokenRequest) *ProjectsServiceAccountsGenerateIdTokenCall
- func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall
- func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall
- type ProjectsServiceAccountsSignBlobCall
- func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall
- func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error)
- func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall
- func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header
- type ProjectsServiceAccountsSignJwtCall
- func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall
- func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error)
- func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall
- func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header
- type Service
- type SignBlobRequest
- type SignBlobResponse
- type SignJwtRequest
- type SignJwtResponse
Constants ¶
const (
// View and manage your data across Google Cloud Platform services
CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)
OAuth2 scopes used by this API.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GenerateAccessTokenRequest ¶
type GenerateAccessTokenRequest struct { // Delegates: The sequence of service accounts in a delegation chain. // Each service // account must be granted the `roles/iam.serviceAccountTokenCreator` // role // on its next service account in the chain. The last service account in // the // chain must be granted the `roles/iam.serviceAccountTokenCreator` // role // on the service account that is specified in the `name` field of // the // request. // // The delegates must have the following // format: // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}` Delegates []string `json:"delegates,omitempty"` // Lifetime: The desired lifetime duration of the access token in // seconds. // Must be set to a value less than or equal to 3600 (1 hour). If a // value is // not specified, the token's lifetime will be set to a default value of // one // hour. Lifetime string `json:"lifetime,omitempty"` // Scope: Code to identify ApiScope (OAuth scope to be precise) to be // included in the // OAuth token. // See https://developers.google.com/identity/protocols/googlescopes for // more // information. // At least one value required. Scope []string `json:"scope,omitempty"` // ForceSendFields is a list of field names (e.g. "Delegates") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Delegates") to include in // API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*GenerateAccessTokenRequest) MarshalJSON ¶
func (s *GenerateAccessTokenRequest) MarshalJSON() ([]byte, error)
type GenerateAccessTokenResponse ¶
type GenerateAccessTokenResponse struct { // AccessToken: The OAuth 2.0 access token. AccessToken string `json:"accessToken,omitempty"` // ExpireTime: Token expiration time. ExpireTime string `json:"expireTime,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "AccessToken") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AccessToken") to include // in API requests with the JSON null value. By default, fields with // empty values are omitted from API requests. However, any field with // an empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*GenerateAccessTokenResponse) MarshalJSON ¶
func (s *GenerateAccessTokenResponse) MarshalJSON() ([]byte, error)
type GenerateIdTokenRequest ¶
type GenerateIdTokenRequest struct { // Audience: The audience for the token, such as the API or account that // this token // grants access to. Audience string `json:"audience,omitempty"` // Delegates: The sequence of service accounts in a delegation chain. // Each service // account must be granted the `roles/iam.serviceAccountTokenCreator` // role // on its next service account in the chain. The last service account in // the // chain must be granted the `roles/iam.serviceAccountTokenCreator` // role // on the service account that is specified in the `name` field of // the // request. // // The delegates must have the following // format: // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}` Delegates []string `json:"delegates,omitempty"` // IncludeEmail: Include the service account email in the token. If set // to `true`, the // token will contain `email` and `email_verified` claims. IncludeEmail bool `json:"includeEmail,omitempty"` // ForceSendFields is a list of field names (e.g. "Audience") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Audience") to include in // API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*GenerateIdTokenRequest) MarshalJSON ¶
func (s *GenerateIdTokenRequest) MarshalJSON() ([]byte, error)
type GenerateIdTokenResponse ¶
type GenerateIdTokenResponse struct { // Token: The OpenId Connect ID token. Token string `json:"token,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "Token") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Token") to include in API // requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*GenerateIdTokenResponse) MarshalJSON ¶
func (s *GenerateIdTokenResponse) MarshalJSON() ([]byte, error)
type ProjectsService ¶
type ProjectsService struct { ServiceAccounts *ProjectsServiceAccountsService // contains filtered or unexported fields }
func NewProjectsService ¶
func NewProjectsService(s *Service) *ProjectsService
type ProjectsServiceAccountsGenerateAccessTokenCall ¶
type ProjectsServiceAccountsGenerateAccessTokenCall struct {
// contains filtered or unexported fields
}
func (*ProjectsServiceAccountsGenerateAccessTokenCall) Context ¶
func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Context(ctx context.Context) *ProjectsServiceAccountsGenerateAccessTokenCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ProjectsServiceAccountsGenerateAccessTokenCall) Do ¶
func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Do(opts ...googleapi.CallOption) (*GenerateAccessTokenResponse, error)
Do executes the "iamcredentials.projects.serviceAccounts.generateAccessToken" call. Exactly one of *GenerateAccessTokenResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *GenerateAccessTokenResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ProjectsServiceAccountsGenerateAccessTokenCall) Fields ¶
func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGenerateAccessTokenCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ProjectsServiceAccountsGenerateAccessTokenCall) Header ¶
func (c *ProjectsServiceAccountsGenerateAccessTokenCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type ProjectsServiceAccountsGenerateIdTokenCall ¶
type ProjectsServiceAccountsGenerateIdTokenCall struct {
// contains filtered or unexported fields
}
func (*ProjectsServiceAccountsGenerateIdTokenCall) Context ¶
func (c *ProjectsServiceAccountsGenerateIdTokenCall) Context(ctx context.Context) *ProjectsServiceAccountsGenerateIdTokenCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ProjectsServiceAccountsGenerateIdTokenCall) Do ¶
func (c *ProjectsServiceAccountsGenerateIdTokenCall) Do(opts ...googleapi.CallOption) (*GenerateIdTokenResponse, error)
Do executes the "iamcredentials.projects.serviceAccounts.generateIdToken" call. Exactly one of *GenerateIdTokenResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *GenerateIdTokenResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ProjectsServiceAccountsGenerateIdTokenCall) Fields ¶
func (c *ProjectsServiceAccountsGenerateIdTokenCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGenerateIdTokenCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ProjectsServiceAccountsGenerateIdTokenCall) Header ¶
func (c *ProjectsServiceAccountsGenerateIdTokenCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type ProjectsServiceAccountsService ¶
type ProjectsServiceAccountsService struct {
// contains filtered or unexported fields
}
func NewProjectsServiceAccountsService ¶
func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService
func (*ProjectsServiceAccountsService) GenerateAccessToken ¶
func (r *ProjectsServiceAccountsService) GenerateAccessToken(name string, generateaccesstokenrequest *GenerateAccessTokenRequest) *ProjectsServiceAccountsGenerateAccessTokenCall
GenerateAccessToken: Generates an OAuth 2.0 access token for a service account.
func (*ProjectsServiceAccountsService) GenerateIdToken ¶
func (r *ProjectsServiceAccountsService) GenerateIdToken(name string, generateidtokenrequest *GenerateIdTokenRequest) *ProjectsServiceAccountsGenerateIdTokenCall
GenerateIdToken: Generates an OpenID Connect ID token for a service account.
func (*ProjectsServiceAccountsService) SignBlob ¶
func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall
SignBlob: Signs a blob using a service account's system-managed private key.
func (*ProjectsServiceAccountsService) SignJwt ¶
func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall
SignJwt: Signs a JWT using a service account's system-managed private key.
type ProjectsServiceAccountsSignBlobCall ¶
type ProjectsServiceAccountsSignBlobCall struct {
// contains filtered or unexported fields
}
func (*ProjectsServiceAccountsSignBlobCall) Context ¶
func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ProjectsServiceAccountsSignBlobCall) Do ¶
func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error)
Do executes the "iamcredentials.projects.serviceAccounts.signBlob" call. Exactly one of *SignBlobResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *SignBlobResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ProjectsServiceAccountsSignBlobCall) Fields ¶
func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ProjectsServiceAccountsSignBlobCall) Header ¶
func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type ProjectsServiceAccountsSignJwtCall ¶
type ProjectsServiceAccountsSignJwtCall struct {
// contains filtered or unexported fields
}
func (*ProjectsServiceAccountsSignJwtCall) Context ¶
func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ProjectsServiceAccountsSignJwtCall) Do ¶
func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error)
Do executes the "iamcredentials.projects.serviceAccounts.signJwt" call. Exactly one of *SignJwtResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *SignJwtResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ProjectsServiceAccountsSignJwtCall) Fields ¶
func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ProjectsServiceAccountsSignJwtCall) Header ¶
func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type Service ¶
type Service struct { BasePath string // API endpoint base URL UserAgent string // optional additional User-Agent fragment Projects *ProjectsService // contains filtered or unexported fields }
type SignBlobRequest ¶
type SignBlobRequest struct { // Delegates: The sequence of service accounts in a delegation chain. // Each service // account must be granted the `roles/iam.serviceAccountTokenCreator` // role // on its next service account in the chain. The last service account in // the // chain must be granted the `roles/iam.serviceAccountTokenCreator` // role // on the service account that is specified in the `name` field of // the // request. // // The delegates must have the following // format: // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}` Delegates []string `json:"delegates,omitempty"` // Payload: The bytes to sign. Payload string `json:"payload,omitempty"` // ForceSendFields is a list of field names (e.g. "Delegates") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Delegates") to include in // API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*SignBlobRequest) MarshalJSON ¶
func (s *SignBlobRequest) MarshalJSON() ([]byte, error)
type SignBlobResponse ¶
type SignBlobResponse struct { // KeyId: The ID of the key used to sign the blob. KeyId string `json:"keyId,omitempty"` // SignedBlob: The signed blob. SignedBlob string `json:"signedBlob,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "KeyId") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "KeyId") to include in API // requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*SignBlobResponse) MarshalJSON ¶
func (s *SignBlobResponse) MarshalJSON() ([]byte, error)
type SignJwtRequest ¶
type SignJwtRequest struct { // Delegates: The sequence of service accounts in a delegation chain. // Each service // account must be granted the `roles/iam.serviceAccountTokenCreator` // role // on its next service account in the chain. The last service account in // the // chain must be granted the `roles/iam.serviceAccountTokenCreator` // role // on the service account that is specified in the `name` field of // the // request. // // The delegates must have the following // format: // `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}` Delegates []string `json:"delegates,omitempty"` // Payload: The JWT payload to sign: a JSON object that contains a JWT // Claims Set. Payload string `json:"payload,omitempty"` // ForceSendFields is a list of field names (e.g. "Delegates") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Delegates") to include in // API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*SignJwtRequest) MarshalJSON ¶
func (s *SignJwtRequest) MarshalJSON() ([]byte, error)
type SignJwtResponse ¶
type SignJwtResponse struct { // KeyId: The ID of the key used to sign the JWT. KeyId string `json:"keyId,omitempty"` // SignedJwt: The signed JWT. SignedJwt string `json:"signedJwt,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "KeyId") to // unconditionally include in API requests. By default, fields with // empty values are omitted from API requests. However, any non-pointer, // non-interface field appearing in ForceSendFields will be sent to the // server regardless of whether the field is empty or not. This may be // used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "KeyId") to include in API // requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
func (*SignJwtResponse) MarshalJSON ¶
func (s *SignJwtResponse) MarshalJSON() ([]byte, error)