Documentation ¶
Overview ¶
Package verifiedaccess provides access to the Chrome Verified Access API.
For product documentation, see: https://developers.google.com/chrome/verified-access
Creating a client ¶
Usage example:
import "google.golang.org/api/verifiedaccess/v2" ... ctx := context.Background() verifiedaccessService, err := verifiedaccess.NewService(ctx)
In this example, Google Application Default Credentials are used for authentication.
For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
Other authentication options ¶
To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))
To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:
config := &oauth2.Config{...} // ... token, err := config.Exchange(ctx, ...) verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
See https://godoc.org/google.golang.org/api/option/ for details on options.
Index ¶
- Constants
- type Challenge
- type ChallengeGenerateCall
- func (c *ChallengeGenerateCall) Context(ctx context.Context) *ChallengeGenerateCall
- func (c *ChallengeGenerateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)
- func (c *ChallengeGenerateCall) Fields(s ...googleapi.Field) *ChallengeGenerateCall
- func (c *ChallengeGenerateCall) Header() http.Header
- type ChallengeService
- type ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
- func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Header() http.Header
- type Empty
- type Service
- type VerifyChallengeResponseRequest
- type VerifyChallengeResponseResult
Constants ¶
const (
// Verify your enterprise credentials
VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
)
OAuth2 scopes used by this API.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Challenge ¶
type Challenge struct { // AlternativeChallenge: Challenge generated with the old signing key, // the bytes representation of SignedData (this will only be present // during key rotation). AlternativeChallenge string `json:"alternativeChallenge,omitempty"` // Challenge: Generated challenge, the bytes representation of // SignedData. Challenge string `json:"challenge,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. // "AlternativeChallenge") to unconditionally include in API requests. // By default, fields with empty or default values are omitted from API // requests. However, any non-pointer, non-interface field appearing in // ForceSendFields will be sent to the server regardless of whether the // field is empty or not. This may be used to include empty fields in // Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AlternativeChallenge") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the // server as null. It is an error if a field in this list has a // non-empty value. This may be used to include null fields in Patch // requests. NullFields []string `json:"-"` }
Challenge: Result message for VerifiedAccess.GenerateChallenge.
func (*Challenge) MarshalJSON ¶
type ChallengeGenerateCall ¶
type ChallengeGenerateCall struct {
// contains filtered or unexported fields
}
func (*ChallengeGenerateCall) Context ¶
func (c *ChallengeGenerateCall) Context(ctx context.Context) *ChallengeGenerateCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ChallengeGenerateCall) Do ¶
func (c *ChallengeGenerateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)
Do executes the "verifiedaccess.challenge.generate" call. Exactly one of *Challenge or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Challenge.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeGenerateCall) Fields ¶
func (c *ChallengeGenerateCall) Fields(s ...googleapi.Field) *ChallengeGenerateCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ChallengeGenerateCall) Header ¶
func (c *ChallengeGenerateCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type ChallengeService ¶
type ChallengeService struct {
// contains filtered or unexported fields
}
func NewChallengeService ¶
func NewChallengeService(s *Service) *ChallengeService
func (*ChallengeService) Generate ¶
func (r *ChallengeService) Generate(empty *Empty) *ChallengeGenerateCall
Generate: Generates a new challenge.
func (*ChallengeService) Verify ¶
func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall
Verify: Verifies the challenge response.
type ChallengeVerifyCall ¶
type ChallengeVerifyCall struct {
// contains filtered or unexported fields
}
func (*ChallengeVerifyCall) Context ¶
func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.
func (*ChallengeVerifyCall) Do ¶
func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
Do executes the "verifiedaccess.challenge.verify" call. Exactly one of *VerifyChallengeResponseResult or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeVerifyCall) Fields ¶
func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.
func (*ChallengeVerifyCall) Header ¶
func (c *ChallengeVerifyCall) Header() http.Header
Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.
type Empty ¶
type Empty struct { }
Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
type Service ¶
type Service struct { BasePath string // API endpoint base URL UserAgent string // optional additional User-Agent fragment Challenge *ChallengeService // contains filtered or unexported fields }
func New
deprecated
New creates a new Service. It uses the provided http.Client for requests.
Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
func NewService ¶
NewService creates a new Service.
type VerifyChallengeResponseRequest ¶
type VerifyChallengeResponseRequest struct { // ChallengeResponse: Required. The generated response to the challenge, // the bytes representation of SignedData. ChallengeResponse string `json:"challengeResponse,omitempty"` // ExpectedIdentity: Optional. Service can optionally provide identity // information about the device or user associated with the key. For an // EMK, this value is the enrolled domain. For an EUK, this value is the // user's email address. If present, this value will be checked against // contents of the response, and verification will fail if there is no // match. ExpectedIdentity string `json:"expectedIdentity,omitempty"` // ForceSendFields is a list of field names (e.g. "ChallengeResponse") // to unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "ChallengeResponse") to // include in API requests with the JSON null value. By default, fields // with empty values are omitted from API requests. However, any field // with an empty value appearing in NullFields will be sent to the // server as null. It is an error if a field in this list has a // non-empty value. This may be used to include null fields in Patch // requests. NullFields []string `json:"-"` }
VerifyChallengeResponseRequest: Signed ChallengeResponse.
func (*VerifyChallengeResponseRequest) MarshalJSON ¶
func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error)
type VerifyChallengeResponseResult ¶
type VerifyChallengeResponseResult struct { // CustomerId: Unique customer id that this device belongs to, as // defined by the Google Admin SDK at // https://developers.google.com/admin-sdk/directory/v1/guides/manage-customers CustomerId string `json:"customerId,omitempty"` // DevicePermanentId: Device permanent id is returned in this field (for // the machine response only). DevicePermanentId string `json:"devicePermanentId,omitempty"` // DeviceSignal: Device signal in json string representation. DeviceSignal string `json:"deviceSignal,omitempty"` // KeyTrustLevel: Device attested key trust level. // // Possible values: // "KEY_TRUST_LEVEL_UNSPECIFIED" - UNSPECIFIED. // "CHROME_OS_VERIFIED_MODE" - ChromeOS device in verified mode. // "CHROME_OS_DEVELOPER_MODE" - ChromeOS device in developer mode. // "CHROME_BROWSER_HW_KEY" - Chrome Browser with the key stored in the // device hardware. // "CHROME_BROWSER_OS_KEY" - Chrome Browser with the key stored at OS // level. KeyTrustLevel string `json:"keyTrustLevel,omitempty"` // SignedPublicKeyAndChallenge: Certificate Signing Request (in the // SPKAC format, base64 encoded) is returned in this field. This field // will be set only if device has included CSR in its challenge // response. (the option to include CSR is now available for both user // and machine responses) SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"` // VirtualDeviceId: Virtual device id of the device. The definition of // virtual device id is platform-specific. VirtualDeviceId string `json:"virtualDeviceId,omitempty"` // ServerResponse contains the HTTP response code and headers from the // server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "CustomerId") to // unconditionally include in API requests. By default, fields with // empty or default values are omitted from API requests. However, any // non-pointer, non-interface field appearing in ForceSendFields will be // sent to the server regardless of whether the field is empty or not. // This may be used to include empty fields in Patch requests. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "CustomerId") to include in // API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. However, any field with an // empty value appearing in NullFields will be sent to the server as // null. It is an error if a field in this list has a non-empty value. // This may be used to include null fields in Patch requests. NullFields []string `json:"-"` }
VerifyChallengeResponseResult: Result message for VerifiedAccess.VerifyChallengeResponse.
func (*VerifyChallengeResponseResult) MarshalJSON ¶
func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error)