Documentation

Overview

Package verifiedaccess provides access to the Chrome Verified Access API.

For product documentation, see: https://developers.google.com/chrome/verified-access

Creating a client

Usage example:

import "google.golang.org/api/verifiedaccess/v1"
...
ctx := context.Background()
verifiedaccessService, err := verifiedaccess.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication.

For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use option.WithAPIKey:

verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow), use option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See https://godoc.org/google.golang.org/api/option/ for details on options.

Index

Constants

View Source
const (
	// Verify your enterprise credentials
	VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
)

    OAuth2 scopes used by this API.

    Variables

    This section is empty.

    Functions

    This section is empty.

    Types

    type Challenge

    type Challenge struct {
    	// AlternativeChallenge: Challenge generated with the old signing key
    	// (this will only be present during key rotation)
    	AlternativeChallenge *SignedData `json:"alternativeChallenge,omitempty"`
    
    	// Challenge: Generated challenge
    	Challenge *SignedData `json:"challenge,omitempty"`
    
    	// ServerResponse contains the HTTP response code and headers from the
    	// server.
    	googleapi.ServerResponse `json:"-"`
    
    	// ForceSendFields is a list of field names (e.g.
    	// "AlternativeChallenge") to unconditionally include in API requests.
    	// By default, fields with empty values are omitted from API requests.
    	// However, any non-pointer, non-interface field appearing in
    	// ForceSendFields will be sent to the server regardless of whether the
    	// field is empty or not. This may be used to include empty fields in
    	// Patch requests.
    	ForceSendFields []string `json:"-"`
    
    	// NullFields is a list of field names (e.g. "AlternativeChallenge") to
    	// include in API requests with the JSON null value. By default, fields
    	// with empty values are omitted from API requests. However, any field
    	// with an empty value appearing in NullFields will be sent to the
    	// server as null. It is an error if a field in this list has a
    	// non-empty value. This may be used to include null fields in Patch
    	// requests.
    	NullFields []string `json:"-"`
    }

      Challenge: Result message for VerifiedAccess.CreateChallenge.

      func (*Challenge) MarshalJSON

      func (s *Challenge) MarshalJSON() ([]byte, error)

      type ChallengeCreateCall

      type ChallengeCreateCall struct {
      	// contains filtered or unexported fields
      }

      func (*ChallengeCreateCall) Context

        Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

        func (*ChallengeCreateCall) Do

          Do executes the "verifiedaccess.challenge.create" call. Exactly one of *Challenge or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Challenge.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

          func (*ChallengeCreateCall) Fields

            Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

            func (*ChallengeCreateCall) Header

            func (c *ChallengeCreateCall) Header() http.Header

              Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

              type ChallengeService

              type ChallengeService struct {
              	// contains filtered or unexported fields
              }

              func NewChallengeService

              func NewChallengeService(s *Service) *ChallengeService

              func (*ChallengeService) Create

              func (r *ChallengeService) Create(empty *Empty) *ChallengeCreateCall

                Create: CreateChallenge API

                func (*ChallengeService) Verify

                func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall

                  Verify: VerifyChallengeResponse API

                  type ChallengeVerifyCall

                  type ChallengeVerifyCall struct {
                  	// contains filtered or unexported fields
                  }

                  func (*ChallengeVerifyCall) Context

                    Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

                    func (*ChallengeVerifyCall) Do

                      Do executes the "verifiedaccess.challenge.verify" call. Exactly one of *VerifyChallengeResponseResult or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

                      func (*ChallengeVerifyCall) Fields

                        Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

                        func (*ChallengeVerifyCall) Header

                        func (c *ChallengeVerifyCall) Header() http.Header

                          Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

                          type Empty

                          type Empty struct {
                          }

                            Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`.

                            type Service

                            type Service struct {
                            	BasePath  string // API endpoint base URL
                            	UserAgent string // optional additional User-Agent fragment
                            
                            	Challenge *ChallengeService
                            	// contains filtered or unexported fields
                            }

                            func New

                            func New(client *http.Client) (*Service, error)

                              New creates a new Service. It uses the provided http.Client for requests.

                              Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

                              func NewService

                              func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

                                NewService creates a new Service.

                                type SignedData

                                type SignedData struct {
                                	// Data: The data to be signed.
                                	Data string `json:"data,omitempty"`
                                
                                	// Signature: The signature of the data field.
                                	Signature string `json:"signature,omitempty"`
                                
                                	// ForceSendFields is a list of field names (e.g. "Data") to
                                	// unconditionally include in API requests. By default, fields with
                                	// empty values are omitted from API requests. However, any non-pointer,
                                	// non-interface field appearing in ForceSendFields will be sent to the
                                	// server regardless of whether the field is empty or not. This may be
                                	// used to include empty fields in Patch requests.
                                	ForceSendFields []string `json:"-"`
                                
                                	// NullFields is a list of field names (e.g. "Data") to include in API
                                	// requests with the JSON null value. By default, fields with empty
                                	// values are omitted from API requests. However, any field with an
                                	// empty value appearing in NullFields will be sent to the server as
                                	// null. It is an error if a field in this list has a non-empty value.
                                	// This may be used to include null fields in Patch requests.
                                	NullFields []string `json:"-"`
                                }

                                  SignedData: The wrapper message of any data and its signature.

                                  func (*SignedData) MarshalJSON

                                  func (s *SignedData) MarshalJSON() ([]byte, error)

                                  type VerifyChallengeResponseRequest

                                  type VerifyChallengeResponseRequest struct {
                                  	// ChallengeResponse: The generated response to the challenge
                                  	ChallengeResponse *SignedData `json:"challengeResponse,omitempty"`
                                  
                                  	// ExpectedIdentity: Service can optionally provide identity information
                                  	// about the device or user associated with the key. For an EMK, this
                                  	// value is the enrolled domain. For an EUK, this value is the user's
                                  	// email address. If present, this value will be checked against
                                  	// contents of the response, and verification will fail if there is no
                                  	// match.
                                  	ExpectedIdentity string `json:"expectedIdentity,omitempty"`
                                  
                                  	// ForceSendFields is a list of field names (e.g. "ChallengeResponse")
                                  	// to unconditionally include in API requests. By default, fields with
                                  	// empty values are omitted from API requests. However, any non-pointer,
                                  	// non-interface field appearing in ForceSendFields will be sent to the
                                  	// server regardless of whether the field is empty or not. This may be
                                  	// used to include empty fields in Patch requests.
                                  	ForceSendFields []string `json:"-"`
                                  
                                  	// NullFields is a list of field names (e.g. "ChallengeResponse") to
                                  	// include in API requests with the JSON null value. By default, fields
                                  	// with empty values are omitted from API requests. However, any field
                                  	// with an empty value appearing in NullFields will be sent to the
                                  	// server as null. It is an error if a field in this list has a
                                  	// non-empty value. This may be used to include null fields in Patch
                                  	// requests.
                                  	NullFields []string `json:"-"`
                                  }

                                    VerifyChallengeResponseRequest: signed ChallengeResponse

                                    func (*VerifyChallengeResponseRequest) MarshalJSON

                                    func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error)

                                    type VerifyChallengeResponseResult

                                    type VerifyChallengeResponseResult struct {
                                    	// DeviceEnrollmentId: Device enrollment id is returned in this field
                                    	// (for the machine response only).
                                    	DeviceEnrollmentId string `json:"deviceEnrollmentId,omitempty"`
                                    
                                    	// DevicePermanentId: Device permanent id is returned in this field (for
                                    	// the machine response only).
                                    	DevicePermanentId string `json:"devicePermanentId,omitempty"`
                                    
                                    	// SignedPublicKeyAndChallenge: Certificate Signing Request (in the
                                    	// SPKAC format, base64 encoded) is returned in this field. This field
                                    	// will be set only if device has included CSR in its challenge
                                    	// response. (the option to include CSR is now available for both user
                                    	// and machine responses)
                                    	SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"`
                                    
                                    	// VerificationOutput: For EMCert check, device permanent id is returned
                                    	// here. For EUCert check, signed_public_key_and_challenge [base64
                                    	// encoded] is returned if present, otherwise empty string is returned.
                                    	// This field is deprecated, please use device_permanent_id or
                                    	// signed_public_key_and_challenge fields.
                                    	VerificationOutput string `json:"verificationOutput,omitempty"`
                                    
                                    	// ServerResponse contains the HTTP response code and headers from the
                                    	// server.
                                    	googleapi.ServerResponse `json:"-"`
                                    
                                    	// ForceSendFields is a list of field names (e.g. "DeviceEnrollmentId")
                                    	// to unconditionally include in API requests. By default, fields with
                                    	// empty values are omitted from API requests. However, any non-pointer,
                                    	// non-interface field appearing in ForceSendFields will be sent to the
                                    	// server regardless of whether the field is empty or not. This may be
                                    	// used to include empty fields in Patch requests.
                                    	ForceSendFields []string `json:"-"`
                                    
                                    	// NullFields is a list of field names (e.g. "DeviceEnrollmentId") to
                                    	// include in API requests with the JSON null value. By default, fields
                                    	// with empty values are omitted from API requests. However, any field
                                    	// with an empty value appearing in NullFields will be sent to the
                                    	// server as null. It is an error if a field in this list has a
                                    	// non-empty value. This may be used to include null fields in Patch
                                    	// requests.
                                    	NullFields []string `json:"-"`
                                    }

                                      VerifyChallengeResponseResult: Result message for VerifiedAccess.VerifyChallengeResponse.

                                      func (*VerifyChallengeResponseResult) MarshalJSON

                                      func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error)