Documentation ¶
Overview ¶
Package verifiedaccess provides access to the Chrome Verified Access API.
For product documentation, see: https://developers.google.com/chrome/verified-access
Library status ¶
These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.
When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.
Creating a client ¶
Usage example:
import "google.golang.org/api/verifiedaccess/v1" ... ctx := context.Background() verifiedaccessService, err := verifiedaccess.NewService(ctx)
In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
Other authentication options ¶
To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))
To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:
config := &oauth2.Config{...} // ... token, err := config.Exchange(ctx, ...) verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
See google.golang.org/api/option.ClientOption for details on options.
Index ¶
- Constants
- type Challenge
- type ChallengeCreateCall
- type ChallengeService
- type ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
- func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
- func (c *ChallengeVerifyCall) Header() http.Header
- type Empty
- type Service
- type SignedData
- type VerifyChallengeResponseRequest
- type VerifyChallengeResponseResult
Constants ¶
const (
// Verify your enterprise credentials
VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
)
OAuth2 scopes used by this API.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Challenge ¶
type Challenge struct { // AlternativeChallenge: Challenge generated with the old signing key (this // will only be present during key rotation) AlternativeChallenge *SignedData `json:"alternativeChallenge,omitempty"` // Challenge: Generated challenge Challenge *SignedData `json:"challenge,omitempty"` // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "AlternativeChallenge") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AlternativeChallenge") to include // in API requests with the JSON null value. By default, fields with empty // values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` }
Challenge: Result message for VerifiedAccess.CreateChallenge.
func (*Challenge) MarshalJSON ¶
type ChallengeCreateCall ¶
type ChallengeCreateCall struct {
// contains filtered or unexported fields
}
func (*ChallengeCreateCall) Context ¶
func (c *ChallengeCreateCall) Context(ctx context.Context) *ChallengeCreateCall
Context sets the context to be used in this call's Do method.
func (*ChallengeCreateCall) Do ¶
func (c *ChallengeCreateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)
Do executes the "verifiedaccess.challenge.create" call. Any non-2xx status code is an error. Response headers are in either *Challenge.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeCreateCall) Fields ¶
func (c *ChallengeCreateCall) Fields(s ...googleapi.Field) *ChallengeCreateCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.
func (*ChallengeCreateCall) Header ¶
func (c *ChallengeCreateCall) Header() http.Header
Header returns a http.Header that can be modified by the caller to add headers to the request.
type ChallengeService ¶
type ChallengeService struct {
// contains filtered or unexported fields
}
func NewChallengeService ¶
func NewChallengeService(s *Service) *ChallengeService
func (*ChallengeService) Create ¶
func (r *ChallengeService) Create(empty *Empty) *ChallengeCreateCall
Create: CreateChallenge API
func (*ChallengeService) Verify ¶
func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall
Verify: VerifyChallengeResponse API
type ChallengeVerifyCall ¶
type ChallengeVerifyCall struct {
// contains filtered or unexported fields
}
func (*ChallengeVerifyCall) Context ¶
func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall
Context sets the context to be used in this call's Do method.
func (*ChallengeVerifyCall) Do ¶
func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)
Do executes the "verifiedaccess.challenge.verify" call. Any non-2xx status code is an error. Response headers are in either *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.
func (*ChallengeVerifyCall) Fields ¶
func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall
Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.
func (*ChallengeVerifyCall) Header ¶
func (c *ChallengeVerifyCall) Header() http.Header
Header returns a http.Header that can be modified by the caller to add headers to the request.
type Empty ¶
type Empty struct { }
Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
type Service ¶
type Service struct { BasePath string // API endpoint base URL UserAgent string // optional additional User-Agent fragment Challenge *ChallengeService // contains filtered or unexported fields }
func New
deprecated
New creates a new Service. It uses the provided http.Client for requests.
Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
func NewService ¶
NewService creates a new Service.
type SignedData ¶
type SignedData struct { // Data: The data to be signed. Data string `json:"data,omitempty"` // Signature: The signature of the data field. Signature string `json:"signature,omitempty"` // ForceSendFields is a list of field names (e.g. "Data") to unconditionally // include in API requests. By default, fields with empty or default values are // omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "Data") to include in API requests // with the JSON null value. By default, fields with empty values are omitted // from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` }
SignedData: The wrapper message of any data and its signature.
func (*SignedData) MarshalJSON ¶
func (s *SignedData) MarshalJSON() ([]byte, error)
type VerifyChallengeResponseRequest ¶
type VerifyChallengeResponseRequest struct { // ChallengeResponse: The generated response to the challenge ChallengeResponse *SignedData `json:"challengeResponse,omitempty"` // ExpectedIdentity: Service can optionally provide identity information about // the device or user associated with the key. For an EMK, this value is the // enrolled domain. For an EUK, this value is the user's email address. If // present, this value will be checked against contents of the response, and // verification will fail if there is no match. ExpectedIdentity string `json:"expectedIdentity,omitempty"` // ForceSendFields is a list of field names (e.g. "ChallengeResponse") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "ChallengeResponse") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` }
VerifyChallengeResponseRequest: signed ChallengeResponse
func (*VerifyChallengeResponseRequest) MarshalJSON ¶
func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error)
type VerifyChallengeResponseResult ¶
type VerifyChallengeResponseResult struct { // AttestedDeviceId: Attested device id (ADID) of the device, read from the // verified data. AttestedDeviceId string `json:"attestedDeviceId,omitempty"` // DeviceEnrollmentId: Device enrollment id is returned in this field (for the // machine response only). DeviceEnrollmentId string `json:"deviceEnrollmentId,omitempty"` // DevicePermanentId: Device permanent id is returned in this field (for the // machine response only). DevicePermanentId string `json:"devicePermanentId,omitempty"` // SignedPublicKeyAndChallenge: Certificate Signing Request (in the SPKAC // format, base64 encoded) is returned in this field. This field will be set // only if device has included CSR in its challenge response. (the option to // include CSR is now available for both user and machine responses) SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"` // VerificationOutput: For EMCert check, device permanent id is returned here. // For EUCert check, signed_public_key_and_challenge [base64 encoded] is // returned if present, otherwise empty string is returned. This field is // deprecated, please use device_permanent_id or // signed_public_key_and_challenge fields. VerificationOutput string `json:"verificationOutput,omitempty"` // ServerResponse contains the HTTP response code and headers from the server. googleapi.ServerResponse `json:"-"` // ForceSendFields is a list of field names (e.g. "AttestedDeviceId") to // unconditionally include in API requests. By default, fields with empty or // default values are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more // details. ForceSendFields []string `json:"-"` // NullFields is a list of field names (e.g. "AttestedDeviceId") to include in // API requests with the JSON null value. By default, fields with empty values // are omitted from API requests. See // https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details. NullFields []string `json:"-"` }
VerifyChallengeResponseResult: Result message for VerifiedAccess.VerifyChallengeResponse.
func (*VerifyChallengeResponseResult) MarshalJSON ¶
func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error)