verifiedaccess

package
v0.154.0-20231227-2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 27, 2023 License: BSD-3-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package verifiedaccess provides access to the Chrome Verified Access API.

For product documentation, see: https://developers.google.com/chrome/verified-access

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example: 

import "google.golang.org/api/verifiedaccess/v1"
...
ctx := context.Background()
verifiedaccessService, err := verifiedaccess.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey: 

verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource: 

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source 
const (
	// Verify your enterprise credentials
	VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type Challenge 

type Challenge struct {
	// AlternativeChallenge: Challenge generated with the old signing key
	// (this will only be present during key rotation)
	AlternativeChallenge *SignedData `json:"alternativeChallenge,omitempty"`

	// Challenge: Generated challenge
	Challenge *SignedData `json:"challenge,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g.
	// "AlternativeChallenge") to unconditionally include in API requests.
	// By default, fields with empty or default values are omitted from API
	// requests. However, any non-pointer, non-interface field appearing in
	// ForceSendFields will be sent to the server regardless of whether the
	// field is empty or not. This may be used to include empty fields in
	// Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AlternativeChallenge") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

Challenge: Result message for VerifiedAccess.CreateChallenge.

func (*Challenge) MarshalJSON 

func (s *Challenge) MarshalJSON() ([]byte, error)

type ChallengeCreateCall 

type ChallengeCreateCall struct {
	// contains filtered or unexported fields
}

func (*ChallengeCreateCall) Context 

func (c *ChallengeCreateCall) Context(ctx context.Context) *ChallengeCreateCall

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ChallengeCreateCall) Do 

func (c *ChallengeCreateCall) Do(opts ...googleapi.CallOption) (*Challenge, error)

Do executes the "verifiedaccess.challenge.create" call. Exactly one of *Challenge or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Challenge.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ChallengeCreateCall) Fields 

func (c *ChallengeCreateCall) Fields(s ...googleapi.Field) *ChallengeCreateCall

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ChallengeCreateCall) Header 

func (c *ChallengeCreateCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ChallengeService 

type ChallengeService struct {
	// contains filtered or unexported fields
}

func NewChallengeService 

func NewChallengeService(s *Service) *ChallengeService

func (*ChallengeService) Create 

func (r *ChallengeService) Create(empty *Empty) *ChallengeCreateCall

Create: CreateChallenge API

func (*ChallengeService) Verify 

func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall

Verify: VerifyChallengeResponse API

type ChallengeVerifyCall 

type ChallengeVerifyCall struct {
	// contains filtered or unexported fields
}

func (*ChallengeVerifyCall) Context 

func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ChallengeVerifyCall) Do 

func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error)

Do executes the "verifiedaccess.challenge.verify" call. Exactly one of *VerifyChallengeResponseResult or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ChallengeVerifyCall) Fields 

func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ChallengeVerifyCall) Header 

func (c *ChallengeVerifyCall) Header() http.Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type Empty 

type Empty struct {
}

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

type Service 

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Challenge *ChallengeService
	// contains filtered or unexported fields
}

func New deprecated 

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService 

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type SignedData 

type SignedData struct {
	// Data: The data to be signed.
	Data string `json:"data,omitempty"`

	// Signature: The signature of the data field.
	Signature string `json:"signature,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Data") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Data") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

SignedData: The wrapper message of any data and its signature.

func (*SignedData) MarshalJSON 

func (s *SignedData) MarshalJSON() ([]byte, error)

type VerifyChallengeResponseRequest 

type VerifyChallengeResponseRequest struct {
	// ChallengeResponse: The generated response to the challenge
	ChallengeResponse *SignedData `json:"challengeResponse,omitempty"`

	// ExpectedIdentity: Service can optionally provide identity information
	// about the device or user associated with the key. For an EMK, this
	// value is the enrolled domain. For an EUK, this value is the user's
	// email address. If present, this value will be checked against
	// contents of the response, and verification will fail if there is no
	// match.
	ExpectedIdentity string `json:"expectedIdentity,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ChallengeResponse")
	// to unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ChallengeResponse") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

VerifyChallengeResponseRequest: signed ChallengeResponse

func (*VerifyChallengeResponseRequest) MarshalJSON 

func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error)

type VerifyChallengeResponseResult 

type VerifyChallengeResponseResult struct {
	// AttestedDeviceId: Attested device id (ADID) of the device, read from
	// the verified data.
	AttestedDeviceId string `json:"attestedDeviceId,omitempty"`

	// DeviceEnrollmentId: Device enrollment id is returned in this field
	// (for the machine response only).
	DeviceEnrollmentId string `json:"deviceEnrollmentId,omitempty"`

	// DevicePermanentId: Device permanent id is returned in this field (for
	// the machine response only).
	DevicePermanentId string `json:"devicePermanentId,omitempty"`

	// SignedPublicKeyAndChallenge: Certificate Signing Request (in the
	// SPKAC format, base64 encoded) is returned in this field. This field
	// will be set only if device has included CSR in its challenge
	// response. (the option to include CSR is now available for both user
	// and machine responses)
	SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"`

	// VerificationOutput: For EMCert check, device permanent id is returned
	// here. For EUCert check, signed_public_key_and_challenge [base64
	// encoded] is returned if present, otherwise empty string is returned.
	// This field is deprecated, please use device_permanent_id or
	// signed_public_key_and_challenge fields.
	VerificationOutput string `json:"verificationOutput,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "AttestedDeviceId") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AttestedDeviceId") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

VerifyChallengeResponseResult: Result message for VerifiedAccess.VerifyChallengeResponse.

func (*VerifyChallengeResponseResult) MarshalJSON 

func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.