Documentation ¶
Overview ¶
Package verifiedaccess provides access to the Chrome Verified Access API.
For product documentation, see: https://developers.google.com/chrome/verified-access
Creating a client ¶
Usage example:
import "google.golang.org/api/verifiedaccess/v1" ... ctx := context.Background() verifiedaccessService, err := verifiedaccess.NewService(ctx)
In this example, Google Application Default Credentials are used for authentication.
For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
Other authentication options ¶
To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))
To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
config := &oauth2.Config{...} // ... token, err := config.Exchange(ctx, ...) verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
See https://godoc.org/google.golang.org/api/option/ for details on options.
Index ¶
- Constants
- type Challenge
- type ChallengeCreateCall
- type ChallengeService
- type ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
- func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Header() http.Header
- type Empty
- type Service
- type SignedData
- type VerifyChallengeResponseRequest
- type VerifyChallengeResponseResult
Constants ¶
const (
// Verify your enterprise credentials
VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
)
OAuth2 scopes used by this API.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Challenge ¶
type Challenge struct { // AlternativeChallenge: Challenge generated with the old signing key // (this will only be present during key rotation) AlternativeChallenge *SignedData `json:"alternativeChallenge,omitempty"` // Challenge: Generated challenge Challenge *SignedData `json:"challenge,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. // "AlternativeChallenge") to unconditionally include in API requests. // By default, fields with empty or default values are omitted from API // requests. However, any non-pointer, non-interface field appearing in // ForceSendFields will be sent to the server regardless of whether the // field is empty or not. This may be used to include empty fields in // Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AlternativeChallenge") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the // server as null. It is an error if a field in this list has a // non-empty value. This may be used to include null fields in Patch // requests. NullFields []string `json:"-"` }
Challenge: Result message for VerifiedAccess.CreateChallenge.
func (*Challenge) MarshalJSON ¶
type ChallengeCreateCall ¶
type ChallengeCreateCall struct {
// contains filtered or unexported fields
}
func (*ChallengeCreateCall) Context ¶
func (c *ChallengeCreateCall) Context(ctx context.Context) *ChallengeCreateCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ChallengeCreateCall) Do ¶
func (c *ChallengeCreateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)
Do executes the "verifiedaccess.challenge.create" call. Exactly one of *Challenge or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Challenge.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeCreateCall) Fields ¶
func (c *ChallengeCreateCall) Fields(s ...googleapi.Field) *ChallengeCreateCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ChallengeCreateCall) Header ¶
func (c *ChallengeCreateCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type ChallengeService ¶
type ChallengeService struct {
// contains filtered or unexported fields
}
func NewChallengeService ¶
func NewChallengeService(s *Service) *ChallengeService
func (*ChallengeService) Create ¶
func (r *ChallengeService) Create(empty *Empty) *ChallengeCreateCall
Create: CreateChallenge API
func (*ChallengeService) Verify ¶
func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall
Verify: VerifyChallengeResponse API
type ChallengeVerifyCall ¶
type ChallengeVerifyCall struct {
// contains filtered or unexported fields
}
func (*ChallengeVerifyCall) Context ¶
func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ChallengeVerifyCall) Do ¶
func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
Do executes the "verifiedaccess.challenge.verify" call. Exactly one of *VerifyChallengeResponseResult or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeVerifyCall) Fields ¶
func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ChallengeVerifyCall) Header ¶
func (c *ChallengeVerifyCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type Empty ¶
type Empty struct { }
Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
type Service ¶
type Service struct { BasePath string // API endpoint base URL UserAgent string // optional additional User-Agent fragment Challenge *ChallengeService // contains filtered or unexported fields }
func New
deprecated
New creates a new Service. It uses the provided http.Client for requests.
Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
func NewService ¶
NewService creates a new Service.
type SignedData ¶
type SignedData struct { // Data: The data to be signed. Data string `json:"data,omitempty"` // Signature: The signature of the data field. Signature string `json:"signature,omitempty"` // ForceSendFields is a list of field names (e.g. "Data") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Data") to include in API // requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
SignedData: The wrapper message of any data and its signature.
func (*SignedData) MarshalJSON ¶
func (s *SignedData) MarshalJSON() ([]byte, error)
type VerifyChallengeResponseRequest ¶
type VerifyChallengeResponseRequest struct { // ChallengeResponse: The generated response to the challenge ChallengeResponse *SignedData `json:"challengeResponse,omitempty"` // ExpectedIdentity: Service can optionally provide identity information // about the device or user associated with the key. For an EMK, this // value is the enrolled domain. For an EUK, this value is the user's // email address. If present, this value will be checked against // contents of the response, and verification will fail if there is no // match. ExpectedIdentity string `json:"expectedIdentity,omitempty"` // ForceSendFields is a list of field names (e.g. "ChallengeResponse") // to unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "ChallengeResponse") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the // server as null. It is an error if a field in this list has a // non-empty value. This may be used to include null fields in Patch // requests. NullFields []string `json:"-"` }
VerifyChallengeResponseRequest: signed ChallengeResponse
func (*VerifyChallengeResponseRequest) MarshalJSON ¶
func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error)
type VerifyChallengeResponseResult ¶
type VerifyChallengeResponseResult struct { // DeviceEnrollmentId: Device enrollment id is returned in this field // (for the machine response only). DeviceEnrollmentId string `json:"deviceEnrollmentId,omitempty"` // DevicePermanentId: Device permanent id is returned in this field (for // the machine response only). DevicePermanentId string `json:"devicePermanentId,omitempty"` // SignedPublicKeyAndChallenge: Certificate Signing Request (in the // SPKAC format, base64 encoded) is returned in this field. This field // will be set only if device has included CSR in its challenge // response. (the option to include CSR is now available for both user // and machine responses) SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"` // VerificationOutput: For EMCert check, device permanent id is returned // here. For EUCert check, signed_public_key_and_challenge [base64 // encoded] is returned if present, otherwise empty string is returned. // This field is deprecated, please use device_permanent_id or // signed_public_key_and_challenge fields. VerificationOutput string `json:"verificationOutput,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "DeviceEnrollmentId") // to unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "DeviceEnrollmentId") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the // server as null. It is an error if a field in this list has a // non-empty value. This may be used to include null fields in Patch // requests. NullFields []string `json:"-"` }
VerifyChallengeResponseResult: Result message for VerifiedAccess.VerifyChallengeResponse.
func (*VerifyChallengeResponseResult) MarshalJSON ¶
func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error)