ekm_client.go

Documentation: cloud.google.com/go/kms/apiv1

     1  // Copyright 2024 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     https://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Code generated by protoc-gen-go_gapic. DO NOT EDIT.
    16  
    17  package kms
    18  
    19  import (
    20  	"bytes"
    21  	"context"
    22  	"fmt"
    23  	"io"
    24  	"math"
    25  	"net/http"
    26  	"net/url"
    27  	"time"
    28  
    29  	iampb "cloud.google.com/go/iam/apiv1/iampb"
    30  	kmspb "cloud.google.com/go/kms/apiv1/kmspb"
    31  	longrunningpb "cloud.google.com/go/longrunning/autogen/longrunningpb"
    32  	gax "github.com/googleapis/gax-go/v2"
    33  	"google.golang.org/api/googleapi"
    34  	"google.golang.org/api/iterator"
    35  	"google.golang.org/api/option"
    36  	"google.golang.org/api/option/internaloption"
    37  	gtransport "google.golang.org/api/transport/grpc"
    38  	httptransport "google.golang.org/api/transport/http"
    39  	locationpb "google.golang.org/genproto/googleapis/cloud/location"
    40  	"google.golang.org/grpc"
    41  	"google.golang.org/grpc/codes"
    42  	"google.golang.org/protobuf/encoding/protojson"
    43  	"google.golang.org/protobuf/proto"
    44  )
    45  
    46  var newEkmClientHook clientHook
    47  
    48  // EkmCallOptions contains the retry settings for each method of EkmClient.
    49  type EkmCallOptions struct {
    50  	ListEkmConnections  []gax.CallOption
    51  	GetEkmConnection    []gax.CallOption
    52  	CreateEkmConnection []gax.CallOption
    53  	UpdateEkmConnection []gax.CallOption
    54  	GetEkmConfig        []gax.CallOption
    55  	UpdateEkmConfig     []gax.CallOption
    56  	VerifyConnectivity  []gax.CallOption
    57  	GetLocation         []gax.CallOption
    58  	ListLocations       []gax.CallOption
    59  	GetIamPolicy        []gax.CallOption
    60  	SetIamPolicy        []gax.CallOption
    61  	TestIamPermissions  []gax.CallOption
    62  	GetOperation        []gax.CallOption
    63  }
    64  
    65  func defaultEkmGRPCClientOptions() []option.ClientOption {
    66  	return []option.ClientOption{
    67  		internaloption.WithDefaultEndpoint("cloudkms.googleapis.com:443"),
    68  		internaloption.WithDefaultEndpointTemplate("cloudkms.UNIVERSE_DOMAIN:443"),
    69  		internaloption.WithDefaultMTLSEndpoint("cloudkms.mtls.googleapis.com:443"),
    70  		internaloption.WithDefaultUniverseDomain("googleapis.com"),
    71  		internaloption.WithDefaultAudience("https://cloudkms.googleapis.com/"),
    72  		internaloption.WithDefaultScopes(DefaultAuthScopes()...),
    73  		internaloption.EnableJwtWithScope(),
    74  		option.WithGRPCDialOption(grpc.WithDefaultCallOptions(
    75  			grpc.MaxCallRecvMsgSize(math.MaxInt32))),
    76  	}
    77  }
    78  
    79  func defaultEkmCallOptions() *EkmCallOptions {
    80  	return &EkmCallOptions{
    81  		ListEkmConnections: []gax.CallOption{
    82  			gax.WithTimeout(60000 * time.Millisecond),
    83  			gax.WithRetry(func() gax.Retryer {
    84  				return gax.OnCodes([]codes.Code{
    85  					codes.Unavailable,
    86  					codes.DeadlineExceeded,
    87  				}, gax.Backoff{
    88  					Initial:    100 * time.Millisecond,
    89  					Max:        60000 * time.Millisecond,
    90  					Multiplier: 1.30,
    91  				})
    92  			}),
    93  		},
    94  		GetEkmConnection: []gax.CallOption{
    95  			gax.WithTimeout(60000 * time.Millisecond),
    96  			gax.WithRetry(func() gax.Retryer {
    97  				return gax.OnCodes([]codes.Code{
    98  					codes.Unavailable,
    99  					codes.DeadlineExceeded,
   100  				}, gax.Backoff{
   101  					Initial:    100 * time.Millisecond,
   102  					Max:        60000 * time.Millisecond,
   103  					Multiplier: 1.30,
   104  				})
   105  			}),
   106  		},
   107  		CreateEkmConnection: []gax.CallOption{
   108  			gax.WithTimeout(60000 * time.Millisecond),
   109  			gax.WithRetry(func() gax.Retryer {
   110  				return gax.OnCodes([]codes.Code{
   111  					codes.Unavailable,
   112  					codes.DeadlineExceeded,
   113  				}, gax.Backoff{
   114  					Initial:    100 * time.Millisecond,
   115  					Max:        60000 * time.Millisecond,
   116  					Multiplier: 1.30,
   117  				})
   118  			}),
   119  		},
   120  		UpdateEkmConnection: []gax.CallOption{
   121  			gax.WithTimeout(60000 * time.Millisecond),
   122  			gax.WithRetry(func() gax.Retryer {
   123  				return gax.OnCodes([]codes.Code{
   124  					codes.Unavailable,
   125  					codes.DeadlineExceeded,
   126  				}, gax.Backoff{
   127  					Initial:    100 * time.Millisecond,
   128  					Max:        60000 * time.Millisecond,
   129  					Multiplier: 1.30,
   130  				})
   131  			}),
   132  		},
   133  		GetEkmConfig:       []gax.CallOption{},
   134  		UpdateEkmConfig:    []gax.CallOption{},
   135  		VerifyConnectivity: []gax.CallOption{},
   136  		GetLocation:        []gax.CallOption{},
   137  		ListLocations:      []gax.CallOption{},
   138  		GetIamPolicy:       []gax.CallOption{},
   139  		SetIamPolicy:       []gax.CallOption{},
   140  		TestIamPermissions: []gax.CallOption{},
   141  		GetOperation:       []gax.CallOption{},
   142  	}
   143  }
   144  
   145  func defaultEkmRESTCallOptions() *EkmCallOptions {
   146  	return &EkmCallOptions{
   147  		ListEkmConnections: []gax.CallOption{
   148  			gax.WithTimeout(60000 * time.Millisecond),
   149  			gax.WithRetry(func() gax.Retryer {
   150  				return gax.OnHTTPCodes(gax.Backoff{
   151  					Initial:    100 * time.Millisecond,
   152  					Max:        60000 * time.Millisecond,
   153  					Multiplier: 1.30,
   154  				},
   155  					http.StatusServiceUnavailable,
   156  					http.StatusGatewayTimeout)
   157  			}),
   158  		},
   159  		GetEkmConnection: []gax.CallOption{
   160  			gax.WithTimeout(60000 * time.Millisecond),
   161  			gax.WithRetry(func() gax.Retryer {
   162  				return gax.OnHTTPCodes(gax.Backoff{
   163  					Initial:    100 * time.Millisecond,
   164  					Max:        60000 * time.Millisecond,
   165  					Multiplier: 1.30,
   166  				},
   167  					http.StatusServiceUnavailable,
   168  					http.StatusGatewayTimeout)
   169  			}),
   170  		},
   171  		CreateEkmConnection: []gax.CallOption{
   172  			gax.WithTimeout(60000 * time.Millisecond),
   173  			gax.WithRetry(func() gax.Retryer {
   174  				return gax.OnHTTPCodes(gax.Backoff{
   175  					Initial:    100 * time.Millisecond,
   176  					Max:        60000 * time.Millisecond,
   177  					Multiplier: 1.30,
   178  				},
   179  					http.StatusServiceUnavailable,
   180  					http.StatusGatewayTimeout)
   181  			}),
   182  		},
   183  		UpdateEkmConnection: []gax.CallOption{
   184  			gax.WithTimeout(60000 * time.Millisecond),
   185  			gax.WithRetry(func() gax.Retryer {
   186  				return gax.OnHTTPCodes(gax.Backoff{
   187  					Initial:    100 * time.Millisecond,
   188  					Max:        60000 * time.Millisecond,
   189  					Multiplier: 1.30,
   190  				},
   191  					http.StatusServiceUnavailable,
   192  					http.StatusGatewayTimeout)
   193  			}),
   194  		},
   195  		GetEkmConfig:       []gax.CallOption{},
   196  		UpdateEkmConfig:    []gax.CallOption{},
   197  		VerifyConnectivity: []gax.CallOption{},
   198  		GetLocation:        []gax.CallOption{},
   199  		ListLocations:      []gax.CallOption{},
   200  		GetIamPolicy:       []gax.CallOption{},
   201  		SetIamPolicy:       []gax.CallOption{},
   202  		TestIamPermissions: []gax.CallOption{},
   203  		GetOperation:       []gax.CallOption{},
   204  	}
   205  }
   206  
   207  // internalEkmClient is an interface that defines the methods available from Cloud Key Management Service (KMS) API.
   208  type internalEkmClient interface {
   209  	Close() error
   210  	setGoogleClientInfo(...string)
   211  	Connection() *grpc.ClientConn
   212  	ListEkmConnections(context.Context, *kmspb.ListEkmConnectionsRequest, ...gax.CallOption) *EkmConnectionIterator
   213  	GetEkmConnection(context.Context, *kmspb.GetEkmConnectionRequest, ...gax.CallOption) (*kmspb.EkmConnection, error)
   214  	CreateEkmConnection(context.Context, *kmspb.CreateEkmConnectionRequest, ...gax.CallOption) (*kmspb.EkmConnection, error)
   215  	UpdateEkmConnection(context.Context, *kmspb.UpdateEkmConnectionRequest, ...gax.CallOption) (*kmspb.EkmConnection, error)
   216  	GetEkmConfig(context.Context, *kmspb.GetEkmConfigRequest, ...gax.CallOption) (*kmspb.EkmConfig, error)
   217  	UpdateEkmConfig(context.Context, *kmspb.UpdateEkmConfigRequest, ...gax.CallOption) (*kmspb.EkmConfig, error)
   218  	VerifyConnectivity(context.Context, *kmspb.VerifyConnectivityRequest, ...gax.CallOption) (*kmspb.VerifyConnectivityResponse, error)
   219  	GetLocation(context.Context, *locationpb.GetLocationRequest, ...gax.CallOption) (*locationpb.Location, error)
   220  	ListLocations(context.Context, *locationpb.ListLocationsRequest, ...gax.CallOption) *LocationIterator
   221  	GetIamPolicy(context.Context, *iampb.GetIamPolicyRequest, ...gax.CallOption) (*iampb.Policy, error)
   222  	SetIamPolicy(context.Context, *iampb.SetIamPolicyRequest, ...gax.CallOption) (*iampb.Policy, error)
   223  	TestIamPermissions(context.Context, *iampb.TestIamPermissionsRequest, ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error)
   224  	GetOperation(context.Context, *longrunningpb.GetOperationRequest, ...gax.CallOption) (*longrunningpb.Operation, error)
   225  }
   226  
   227  // EkmClient is a client for interacting with Cloud Key Management Service (KMS) API.
   228  // Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
   229  //
   230  // # Google Cloud Key Management EKM Service
   231  //
   232  // Manages external cryptographic keys and operations using those keys.
   233  // Implements a REST model with the following objects:
   234  //
   235  //	EkmConnection
   236  type EkmClient struct {
   237  	// The internal transport-dependent client.
   238  	internalClient internalEkmClient
   239  
   240  	// The call options for this service.
   241  	CallOptions *EkmCallOptions
   242  }
   243  
   244  // Wrapper methods routed to the internal client.
   245  
   246  // Close closes the connection to the API service. The user should invoke this when
   247  // the client is no longer required.
   248  func (c *EkmClient) Close() error {
   249  	return c.internalClient.Close()
   250  }
   251  
   252  // setGoogleClientInfo sets the name and version of the application in
   253  // the `x-goog-api-client` header passed on each request. Intended for
   254  // use by Google-written clients.
   255  func (c *EkmClient) setGoogleClientInfo(keyval ...string) {
   256  	c.internalClient.setGoogleClientInfo(keyval...)
   257  }
   258  
   259  // Connection returns a connection to the API service.
   260  //
   261  // Deprecated: Connections are now pooled so this method does not always
   262  // return the same resource.
   263  func (c *EkmClient) Connection() *grpc.ClientConn {
   264  	return c.internalClient.Connection()
   265  }
   266  
   267  // ListEkmConnections lists EkmConnections.
   268  func (c *EkmClient) ListEkmConnections(ctx context.Context, req *kmspb.ListEkmConnectionsRequest, opts ...gax.CallOption) *EkmConnectionIterator {
   269  	return c.internalClient.ListEkmConnections(ctx, req, opts...)
   270  }
   271  
   272  // GetEkmConnection returns metadata for a given
   273  // EkmConnection.
   274  func (c *EkmClient) GetEkmConnection(ctx context.Context, req *kmspb.GetEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   275  	return c.internalClient.GetEkmConnection(ctx, req, opts...)
   276  }
   277  
   278  // CreateEkmConnection creates a new EkmConnection in a given
   279  // Project and Location.
   280  func (c *EkmClient) CreateEkmConnection(ctx context.Context, req *kmspb.CreateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   281  	return c.internalClient.CreateEkmConnection(ctx, req, opts...)
   282  }
   283  
   284  // UpdateEkmConnection updates an EkmConnection's metadata.
   285  func (c *EkmClient) UpdateEkmConnection(ctx context.Context, req *kmspb.UpdateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   286  	return c.internalClient.UpdateEkmConnection(ctx, req, opts...)
   287  }
   288  
   289  // GetEkmConfig returns the EkmConfig singleton resource
   290  // for a given project and location.
   291  func (c *EkmClient) GetEkmConfig(ctx context.Context, req *kmspb.GetEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error) {
   292  	return c.internalClient.GetEkmConfig(ctx, req, opts...)
   293  }
   294  
   295  // UpdateEkmConfig updates the EkmConfig singleton resource
   296  // for a given project and location.
   297  func (c *EkmClient) UpdateEkmConfig(ctx context.Context, req *kmspb.UpdateEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error) {
   298  	return c.internalClient.UpdateEkmConfig(ctx, req, opts...)
   299  }
   300  
   301  // VerifyConnectivity verifies that Cloud KMS can successfully connect to the external key
   302  // manager specified by an EkmConnection.
   303  // If there is an error connecting to the EKM, this method returns a
   304  // FAILED_PRECONDITION status containing structured information as described
   305  // at https://cloud.google.com/kms/docs/reference/ekm_errors (at https://cloud.google.com/kms/docs/reference/ekm_errors).
   306  func (c *EkmClient) VerifyConnectivity(ctx context.Context, req *kmspb.VerifyConnectivityRequest, opts ...gax.CallOption) (*kmspb.VerifyConnectivityResponse, error) {
   307  	return c.internalClient.VerifyConnectivity(ctx, req, opts...)
   308  }
   309  
   310  // GetLocation gets information about a location.
   311  func (c *EkmClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error) {
   312  	return c.internalClient.GetLocation(ctx, req, opts...)
   313  }
   314  
   315  // ListLocations lists information about the supported locations for this service.
   316  func (c *EkmClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator {
   317  	return c.internalClient.ListLocations(ctx, req, opts...)
   318  }
   319  
   320  // GetIamPolicy gets the access control policy for a resource. Returns an empty policy
   321  // if the resource exists and does not have a policy set.
   322  func (c *EkmClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error) {
   323  	return c.internalClient.GetIamPolicy(ctx, req, opts...)
   324  }
   325  
   326  // SetIamPolicy sets the access control policy on the specified resource. Replaces
   327  // any existing policy.
   328  //
   329  // Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED
   330  // errors.
   331  func (c *EkmClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error) {
   332  	return c.internalClient.SetIamPolicy(ctx, req, opts...)
   333  }
   334  
   335  // TestIamPermissions returns permissions that a caller has on the specified resource. If the
   336  // resource does not exist, this will return an empty set of
   337  // permissions, not a NOT_FOUND error.
   338  //
   339  // Note: This operation is designed to be used for building
   340  // permission-aware UIs and command-line tools, not for authorization
   341  // checking. This operation may “fail open” without warning.
   342  func (c *EkmClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error) {
   343  	return c.internalClient.TestIamPermissions(ctx, req, opts...)
   344  }
   345  
   346  // GetOperation is a utility method from google.longrunning.Operations.
   347  func (c *EkmClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error) {
   348  	return c.internalClient.GetOperation(ctx, req, opts...)
   349  }
   350  
   351  // ekmGRPCClient is a client for interacting with Cloud Key Management Service (KMS) API over gRPC transport.
   352  //
   353  // Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
   354  type ekmGRPCClient struct {
   355  	// Connection pool of gRPC connections to the service.
   356  	connPool gtransport.ConnPool
   357  
   358  	// Points back to the CallOptions field of the containing EkmClient
   359  	CallOptions **EkmCallOptions
   360  
   361  	// The gRPC API client.
   362  	ekmClient kmspb.EkmServiceClient
   363  
   364  	operationsClient longrunningpb.OperationsClient
   365  
   366  	iamPolicyClient iampb.IAMPolicyClient
   367  
   368  	locationsClient locationpb.LocationsClient
   369  
   370  	// The x-goog-* metadata to be sent with each request.
   371  	xGoogHeaders []string
   372  }
   373  
   374  // NewEkmClient creates a new ekm service client based on gRPC.
   375  // The returned client must be Closed when it is done being used to clean up its underlying connections.
   376  //
   377  // # Google Cloud Key Management EKM Service
   378  //
   379  // Manages external cryptographic keys and operations using those keys.
   380  // Implements a REST model with the following objects:
   381  //
   382  //	EkmConnection
   383  func NewEkmClient(ctx context.Context, opts ...option.ClientOption) (*EkmClient, error) {
   384  	clientOpts := defaultEkmGRPCClientOptions()
   385  	if newEkmClientHook != nil {
   386  		hookOpts, err := newEkmClientHook(ctx, clientHookParams{})
   387  		if err != nil {
   388  			return nil, err
   389  		}
   390  		clientOpts = append(clientOpts, hookOpts...)
   391  	}
   392  
   393  	connPool, err := gtransport.DialPool(ctx, append(clientOpts, opts...)...)
   394  	if err != nil {
   395  		return nil, err
   396  	}
   397  	client := EkmClient{CallOptions: defaultEkmCallOptions()}
   398  
   399  	c := &ekmGRPCClient{
   400  		connPool:         connPool,
   401  		ekmClient:        kmspb.NewEkmServiceClient(connPool),
   402  		CallOptions:      &client.CallOptions,
   403  		operationsClient: longrunningpb.NewOperationsClient(connPool),
   404  		iamPolicyClient:  iampb.NewIAMPolicyClient(connPool),
   405  		locationsClient:  locationpb.NewLocationsClient(connPool),
   406  	}
   407  	c.setGoogleClientInfo()
   408  
   409  	client.internalClient = c
   410  
   411  	return &client, nil
   412  }
   413  
   414  // Connection returns a connection to the API service.
   415  //
   416  // Deprecated: Connections are now pooled so this method does not always
   417  // return the same resource.
   418  func (c *ekmGRPCClient) Connection() *grpc.ClientConn {
   419  	return c.connPool.Conn()
   420  }
   421  
   422  // setGoogleClientInfo sets the name and version of the application in
   423  // the `x-goog-api-client` header passed on each request. Intended for
   424  // use by Google-written clients.
   425  func (c *ekmGRPCClient) setGoogleClientInfo(keyval ...string) {
   426  	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
   427  	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "grpc", grpc.Version)
   428  	c.xGoogHeaders = []string{"x-goog-api-client", gax.XGoogHeader(kv...)}
   429  }
   430  
   431  // Close closes the connection to the API service. The user should invoke this when
   432  // the client is no longer required.
   433  func (c *ekmGRPCClient) Close() error {
   434  	return c.connPool.Close()
   435  }
   436  
   437  // Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
   438  type ekmRESTClient struct {
   439  	// The http endpoint to connect to.
   440  	endpoint string
   441  
   442  	// The http client.
   443  	httpClient *http.Client
   444  
   445  	// The x-goog-* headers to be sent with each request.
   446  	xGoogHeaders []string
   447  
   448  	// Points back to the CallOptions field of the containing EkmClient
   449  	CallOptions **EkmCallOptions
   450  }
   451  
   452  // NewEkmRESTClient creates a new ekm service rest client.
   453  //
   454  // # Google Cloud Key Management EKM Service
   455  //
   456  // Manages external cryptographic keys and operations using those keys.
   457  // Implements a REST model with the following objects:
   458  //
   459  //	EkmConnection
   460  func NewEkmRESTClient(ctx context.Context, opts ...option.ClientOption) (*EkmClient, error) {
   461  	clientOpts := append(defaultEkmRESTClientOptions(), opts...)
   462  	httpClient, endpoint, err := httptransport.NewClient(ctx, clientOpts...)
   463  	if err != nil {
   464  		return nil, err
   465  	}
   466  
   467  	callOpts := defaultEkmRESTCallOptions()
   468  	c := &ekmRESTClient{
   469  		endpoint:    endpoint,
   470  		httpClient:  httpClient,
   471  		CallOptions: &callOpts,
   472  	}
   473  	c.setGoogleClientInfo()
   474  
   475  	return &EkmClient{internalClient: c, CallOptions: callOpts}, nil
   476  }
   477  
   478  func defaultEkmRESTClientOptions() []option.ClientOption {
   479  	return []option.ClientOption{
   480  		internaloption.WithDefaultEndpoint("https://cloudkms.googleapis.com"),
   481  		internaloption.WithDefaultEndpointTemplate("https://cloudkms.UNIVERSE_DOMAIN"),
   482  		internaloption.WithDefaultMTLSEndpoint("https://cloudkms.mtls.googleapis.com"),
   483  		internaloption.WithDefaultUniverseDomain("googleapis.com"),
   484  		internaloption.WithDefaultAudience("https://cloudkms.googleapis.com/"),
   485  		internaloption.WithDefaultScopes(DefaultAuthScopes()...),
   486  	}
   487  }
   488  
   489  // setGoogleClientInfo sets the name and version of the application in
   490  // the `x-goog-api-client` header passed on each request. Intended for
   491  // use by Google-written clients.
   492  func (c *ekmRESTClient) setGoogleClientInfo(keyval ...string) {
   493  	kv := append([]string{"gl-go", gax.GoVersion}, keyval...)
   494  	kv = append(kv, "gapic", getVersionClient(), "gax", gax.Version, "rest", "UNKNOWN")
   495  	c.xGoogHeaders = []string{"x-goog-api-client", gax.XGoogHeader(kv...)}
   496  }
   497  
   498  // Close closes the connection to the API service. The user should invoke this when
   499  // the client is no longer required.
   500  func (c *ekmRESTClient) Close() error {
   501  	// Replace httpClient with nil to force cleanup.
   502  	c.httpClient = nil
   503  	return nil
   504  }
   505  
   506  // Connection returns a connection to the API service.
   507  //
   508  // Deprecated: This method always returns nil.
   509  func (c *ekmRESTClient) Connection() *grpc.ClientConn {
   510  	return nil
   511  }
   512  func (c *ekmGRPCClient) ListEkmConnections(ctx context.Context, req *kmspb.ListEkmConnectionsRequest, opts ...gax.CallOption) *EkmConnectionIterator {
   513  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "parent", url.QueryEscape(req.GetParent()))}
   514  
   515  	hds = append(c.xGoogHeaders, hds...)
   516  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   517  	opts = append((*c.CallOptions).ListEkmConnections[0:len((*c.CallOptions).ListEkmConnections):len((*c.CallOptions).ListEkmConnections)], opts...)
   518  	it := &EkmConnectionIterator{}
   519  	req = proto.Clone(req).(*kmspb.ListEkmConnectionsRequest)
   520  	it.InternalFetch = func(pageSize int, pageToken string) ([]*kmspb.EkmConnection, string, error) {
   521  		resp := &kmspb.ListEkmConnectionsResponse{}
   522  		if pageToken != "" {
   523  			req.PageToken = pageToken
   524  		}
   525  		if pageSize > math.MaxInt32 {
   526  			req.PageSize = math.MaxInt32
   527  		} else if pageSize != 0 {
   528  			req.PageSize = int32(pageSize)
   529  		}
   530  		err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   531  			var err error
   532  			resp, err = c.ekmClient.ListEkmConnections(ctx, req, settings.GRPC...)
   533  			return err
   534  		}, opts...)
   535  		if err != nil {
   536  			return nil, "", err
   537  		}
   538  
   539  		it.Response = resp
   540  		return resp.GetEkmConnections(), resp.GetNextPageToken(), nil
   541  	}
   542  	fetch := func(pageSize int, pageToken string) (string, error) {
   543  		items, nextPageToken, err := it.InternalFetch(pageSize, pageToken)
   544  		if err != nil {
   545  			return "", err
   546  		}
   547  		it.items = append(it.items, items...)
   548  		return nextPageToken, nil
   549  	}
   550  
   551  	it.pageInfo, it.nextFunc = iterator.NewPageInfo(fetch, it.bufLen, it.takeBuf)
   552  	it.pageInfo.MaxSize = int(req.GetPageSize())
   553  	it.pageInfo.Token = req.GetPageToken()
   554  
   555  	return it
   556  }
   557  
   558  func (c *ekmGRPCClient) GetEkmConnection(ctx context.Context, req *kmspb.GetEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   559  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   560  
   561  	hds = append(c.xGoogHeaders, hds...)
   562  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   563  	opts = append((*c.CallOptions).GetEkmConnection[0:len((*c.CallOptions).GetEkmConnection):len((*c.CallOptions).GetEkmConnection)], opts...)
   564  	var resp *kmspb.EkmConnection
   565  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   566  		var err error
   567  		resp, err = c.ekmClient.GetEkmConnection(ctx, req, settings.GRPC...)
   568  		return err
   569  	}, opts...)
   570  	if err != nil {
   571  		return nil, err
   572  	}
   573  	return resp, nil
   574  }
   575  
   576  func (c *ekmGRPCClient) CreateEkmConnection(ctx context.Context, req *kmspb.CreateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   577  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "parent", url.QueryEscape(req.GetParent()))}
   578  
   579  	hds = append(c.xGoogHeaders, hds...)
   580  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   581  	opts = append((*c.CallOptions).CreateEkmConnection[0:len((*c.CallOptions).CreateEkmConnection):len((*c.CallOptions).CreateEkmConnection)], opts...)
   582  	var resp *kmspb.EkmConnection
   583  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   584  		var err error
   585  		resp, err = c.ekmClient.CreateEkmConnection(ctx, req, settings.GRPC...)
   586  		return err
   587  	}, opts...)
   588  	if err != nil {
   589  		return nil, err
   590  	}
   591  	return resp, nil
   592  }
   593  
   594  func (c *ekmGRPCClient) UpdateEkmConnection(ctx context.Context, req *kmspb.UpdateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   595  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "ekm_connection.name", url.QueryEscape(req.GetEkmConnection().GetName()))}
   596  
   597  	hds = append(c.xGoogHeaders, hds...)
   598  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   599  	opts = append((*c.CallOptions).UpdateEkmConnection[0:len((*c.CallOptions).UpdateEkmConnection):len((*c.CallOptions).UpdateEkmConnection)], opts...)
   600  	var resp *kmspb.EkmConnection
   601  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   602  		var err error
   603  		resp, err = c.ekmClient.UpdateEkmConnection(ctx, req, settings.GRPC...)
   604  		return err
   605  	}, opts...)
   606  	if err != nil {
   607  		return nil, err
   608  	}
   609  	return resp, nil
   610  }
   611  
   612  func (c *ekmGRPCClient) GetEkmConfig(ctx context.Context, req *kmspb.GetEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error) {
   613  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   614  
   615  	hds = append(c.xGoogHeaders, hds...)
   616  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   617  	opts = append((*c.CallOptions).GetEkmConfig[0:len((*c.CallOptions).GetEkmConfig):len((*c.CallOptions).GetEkmConfig)], opts...)
   618  	var resp *kmspb.EkmConfig
   619  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   620  		var err error
   621  		resp, err = c.ekmClient.GetEkmConfig(ctx, req, settings.GRPC...)
   622  		return err
   623  	}, opts...)
   624  	if err != nil {
   625  		return nil, err
   626  	}
   627  	return resp, nil
   628  }
   629  
   630  func (c *ekmGRPCClient) UpdateEkmConfig(ctx context.Context, req *kmspb.UpdateEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error) {
   631  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "ekm_config.name", url.QueryEscape(req.GetEkmConfig().GetName()))}
   632  
   633  	hds = append(c.xGoogHeaders, hds...)
   634  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   635  	opts = append((*c.CallOptions).UpdateEkmConfig[0:len((*c.CallOptions).UpdateEkmConfig):len((*c.CallOptions).UpdateEkmConfig)], opts...)
   636  	var resp *kmspb.EkmConfig
   637  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   638  		var err error
   639  		resp, err = c.ekmClient.UpdateEkmConfig(ctx, req, settings.GRPC...)
   640  		return err
   641  	}, opts...)
   642  	if err != nil {
   643  		return nil, err
   644  	}
   645  	return resp, nil
   646  }
   647  
   648  func (c *ekmGRPCClient) VerifyConnectivity(ctx context.Context, req *kmspb.VerifyConnectivityRequest, opts ...gax.CallOption) (*kmspb.VerifyConnectivityResponse, error) {
   649  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   650  
   651  	hds = append(c.xGoogHeaders, hds...)
   652  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   653  	opts = append((*c.CallOptions).VerifyConnectivity[0:len((*c.CallOptions).VerifyConnectivity):len((*c.CallOptions).VerifyConnectivity)], opts...)
   654  	var resp *kmspb.VerifyConnectivityResponse
   655  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   656  		var err error
   657  		resp, err = c.ekmClient.VerifyConnectivity(ctx, req, settings.GRPC...)
   658  		return err
   659  	}, opts...)
   660  	if err != nil {
   661  		return nil, err
   662  	}
   663  	return resp, nil
   664  }
   665  
   666  func (c *ekmGRPCClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error) {
   667  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   668  
   669  	hds = append(c.xGoogHeaders, hds...)
   670  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   671  	opts = append((*c.CallOptions).GetLocation[0:len((*c.CallOptions).GetLocation):len((*c.CallOptions).GetLocation)], opts...)
   672  	var resp *locationpb.Location
   673  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   674  		var err error
   675  		resp, err = c.locationsClient.GetLocation(ctx, req, settings.GRPC...)
   676  		return err
   677  	}, opts...)
   678  	if err != nil {
   679  		return nil, err
   680  	}
   681  	return resp, nil
   682  }
   683  
   684  func (c *ekmGRPCClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator {
   685  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   686  
   687  	hds = append(c.xGoogHeaders, hds...)
   688  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   689  	opts = append((*c.CallOptions).ListLocations[0:len((*c.CallOptions).ListLocations):len((*c.CallOptions).ListLocations)], opts...)
   690  	it := &LocationIterator{}
   691  	req = proto.Clone(req).(*locationpb.ListLocationsRequest)
   692  	it.InternalFetch = func(pageSize int, pageToken string) ([]*locationpb.Location, string, error) {
   693  		resp := &locationpb.ListLocationsResponse{}
   694  		if pageToken != "" {
   695  			req.PageToken = pageToken
   696  		}
   697  		if pageSize > math.MaxInt32 {
   698  			req.PageSize = math.MaxInt32
   699  		} else if pageSize != 0 {
   700  			req.PageSize = int32(pageSize)
   701  		}
   702  		err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   703  			var err error
   704  			resp, err = c.locationsClient.ListLocations(ctx, req, settings.GRPC...)
   705  			return err
   706  		}, opts...)
   707  		if err != nil {
   708  			return nil, "", err
   709  		}
   710  
   711  		it.Response = resp
   712  		return resp.GetLocations(), resp.GetNextPageToken(), nil
   713  	}
   714  	fetch := func(pageSize int, pageToken string) (string, error) {
   715  		items, nextPageToken, err := it.InternalFetch(pageSize, pageToken)
   716  		if err != nil {
   717  			return "", err
   718  		}
   719  		it.items = append(it.items, items...)
   720  		return nextPageToken, nil
   721  	}
   722  
   723  	it.pageInfo, it.nextFunc = iterator.NewPageInfo(fetch, it.bufLen, it.takeBuf)
   724  	it.pageInfo.MaxSize = int(req.GetPageSize())
   725  	it.pageInfo.Token = req.GetPageToken()
   726  
   727  	return it
   728  }
   729  
   730  func (c *ekmGRPCClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error) {
   731  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "resource", url.QueryEscape(req.GetResource()))}
   732  
   733  	hds = append(c.xGoogHeaders, hds...)
   734  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   735  	opts = append((*c.CallOptions).GetIamPolicy[0:len((*c.CallOptions).GetIamPolicy):len((*c.CallOptions).GetIamPolicy)], opts...)
   736  	var resp *iampb.Policy
   737  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   738  		var err error
   739  		resp, err = c.iamPolicyClient.GetIamPolicy(ctx, req, settings.GRPC...)
   740  		return err
   741  	}, opts...)
   742  	if err != nil {
   743  		return nil, err
   744  	}
   745  	return resp, nil
   746  }
   747  
   748  func (c *ekmGRPCClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error) {
   749  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "resource", url.QueryEscape(req.GetResource()))}
   750  
   751  	hds = append(c.xGoogHeaders, hds...)
   752  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   753  	opts = append((*c.CallOptions).SetIamPolicy[0:len((*c.CallOptions).SetIamPolicy):len((*c.CallOptions).SetIamPolicy)], opts...)
   754  	var resp *iampb.Policy
   755  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   756  		var err error
   757  		resp, err = c.iamPolicyClient.SetIamPolicy(ctx, req, settings.GRPC...)
   758  		return err
   759  	}, opts...)
   760  	if err != nil {
   761  		return nil, err
   762  	}
   763  	return resp, nil
   764  }
   765  
   766  func (c *ekmGRPCClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error) {
   767  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "resource", url.QueryEscape(req.GetResource()))}
   768  
   769  	hds = append(c.xGoogHeaders, hds...)
   770  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   771  	opts = append((*c.CallOptions).TestIamPermissions[0:len((*c.CallOptions).TestIamPermissions):len((*c.CallOptions).TestIamPermissions)], opts...)
   772  	var resp *iampb.TestIamPermissionsResponse
   773  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   774  		var err error
   775  		resp, err = c.iamPolicyClient.TestIamPermissions(ctx, req, settings.GRPC...)
   776  		return err
   777  	}, opts...)
   778  	if err != nil {
   779  		return nil, err
   780  	}
   781  	return resp, nil
   782  }
   783  
   784  func (c *ekmGRPCClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error) {
   785  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   786  
   787  	hds = append(c.xGoogHeaders, hds...)
   788  	ctx = gax.InsertMetadataIntoOutgoingContext(ctx, hds...)
   789  	opts = append((*c.CallOptions).GetOperation[0:len((*c.CallOptions).GetOperation):len((*c.CallOptions).GetOperation)], opts...)
   790  	var resp *longrunningpb.Operation
   791  	err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   792  		var err error
   793  		resp, err = c.operationsClient.GetOperation(ctx, req, settings.GRPC...)
   794  		return err
   795  	}, opts...)
   796  	if err != nil {
   797  		return nil, err
   798  	}
   799  	return resp, nil
   800  }
   801  
   802  // ListEkmConnections lists EkmConnections.
   803  func (c *ekmRESTClient) ListEkmConnections(ctx context.Context, req *kmspb.ListEkmConnectionsRequest, opts ...gax.CallOption) *EkmConnectionIterator {
   804  	it := &EkmConnectionIterator{}
   805  	req = proto.Clone(req).(*kmspb.ListEkmConnectionsRequest)
   806  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
   807  	it.InternalFetch = func(pageSize int, pageToken string) ([]*kmspb.EkmConnection, string, error) {
   808  		resp := &kmspb.ListEkmConnectionsResponse{}
   809  		if pageToken != "" {
   810  			req.PageToken = pageToken
   811  		}
   812  		if pageSize > math.MaxInt32 {
   813  			req.PageSize = math.MaxInt32
   814  		} else if pageSize != 0 {
   815  			req.PageSize = int32(pageSize)
   816  		}
   817  		baseUrl, err := url.Parse(c.endpoint)
   818  		if err != nil {
   819  			return nil, "", err
   820  		}
   821  		baseUrl.Path += fmt.Sprintf("/v1/%v/ekmConnections", req.GetParent())
   822  
   823  		params := url.Values{}
   824  		params.Add("$alt", "json;enum-encoding=int")
   825  		if req.GetFilter() != "" {
   826  			params.Add("filter", fmt.Sprintf("%v", req.GetFilter()))
   827  		}
   828  		if req.GetOrderBy() != "" {
   829  			params.Add("orderBy", fmt.Sprintf("%v", req.GetOrderBy()))
   830  		}
   831  		if req.GetPageSize() != 0 {
   832  			params.Add("pageSize", fmt.Sprintf("%v", req.GetPageSize()))
   833  		}
   834  		if req.GetPageToken() != "" {
   835  			params.Add("pageToken", fmt.Sprintf("%v", req.GetPageToken()))
   836  		}
   837  
   838  		baseUrl.RawQuery = params.Encode()
   839  
   840  		// Build HTTP headers from client and context metadata.
   841  		hds := append(c.xGoogHeaders, "Content-Type", "application/json")
   842  		headers := gax.BuildHeaders(ctx, hds...)
   843  		e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   844  			if settings.Path != "" {
   845  				baseUrl.Path = settings.Path
   846  			}
   847  			httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
   848  			if err != nil {
   849  				return err
   850  			}
   851  			httpReq.Header = headers
   852  
   853  			httpRsp, err := c.httpClient.Do(httpReq)
   854  			if err != nil {
   855  				return err
   856  			}
   857  			defer httpRsp.Body.Close()
   858  
   859  			if err = googleapi.CheckResponse(httpRsp); err != nil {
   860  				return err
   861  			}
   862  
   863  			buf, err := io.ReadAll(httpRsp.Body)
   864  			if err != nil {
   865  				return err
   866  			}
   867  
   868  			if err := unm.Unmarshal(buf, resp); err != nil {
   869  				return err
   870  			}
   871  
   872  			return nil
   873  		}, opts...)
   874  		if e != nil {
   875  			return nil, "", e
   876  		}
   877  		it.Response = resp
   878  		return resp.GetEkmConnections(), resp.GetNextPageToken(), nil
   879  	}
   880  
   881  	fetch := func(pageSize int, pageToken string) (string, error) {
   882  		items, nextPageToken, err := it.InternalFetch(pageSize, pageToken)
   883  		if err != nil {
   884  			return "", err
   885  		}
   886  		it.items = append(it.items, items...)
   887  		return nextPageToken, nil
   888  	}
   889  
   890  	it.pageInfo, it.nextFunc = iterator.NewPageInfo(fetch, it.bufLen, it.takeBuf)
   891  	it.pageInfo.MaxSize = int(req.GetPageSize())
   892  	it.pageInfo.Token = req.GetPageToken()
   893  
   894  	return it
   895  }
   896  
   897  // GetEkmConnection returns metadata for a given
   898  // EkmConnection.
   899  func (c *ekmRESTClient) GetEkmConnection(ctx context.Context, req *kmspb.GetEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   900  	baseUrl, err := url.Parse(c.endpoint)
   901  	if err != nil {
   902  		return nil, err
   903  	}
   904  	baseUrl.Path += fmt.Sprintf("/v1/%v", req.GetName())
   905  
   906  	params := url.Values{}
   907  	params.Add("$alt", "json;enum-encoding=int")
   908  
   909  	baseUrl.RawQuery = params.Encode()
   910  
   911  	// Build HTTP headers from client and context metadata.
   912  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
   913  
   914  	hds = append(c.xGoogHeaders, hds...)
   915  	hds = append(hds, "Content-Type", "application/json")
   916  	headers := gax.BuildHeaders(ctx, hds...)
   917  	opts = append((*c.CallOptions).GetEkmConnection[0:len((*c.CallOptions).GetEkmConnection):len((*c.CallOptions).GetEkmConnection)], opts...)
   918  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
   919  	resp := &kmspb.EkmConnection{}
   920  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   921  		if settings.Path != "" {
   922  			baseUrl.Path = settings.Path
   923  		}
   924  		httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
   925  		if err != nil {
   926  			return err
   927  		}
   928  		httpReq = httpReq.WithContext(ctx)
   929  		httpReq.Header = headers
   930  
   931  		httpRsp, err := c.httpClient.Do(httpReq)
   932  		if err != nil {
   933  			return err
   934  		}
   935  		defer httpRsp.Body.Close()
   936  
   937  		if err = googleapi.CheckResponse(httpRsp); err != nil {
   938  			return err
   939  		}
   940  
   941  		buf, err := io.ReadAll(httpRsp.Body)
   942  		if err != nil {
   943  			return err
   944  		}
   945  
   946  		if err := unm.Unmarshal(buf, resp); err != nil {
   947  			return err
   948  		}
   949  
   950  		return nil
   951  	}, opts...)
   952  	if e != nil {
   953  		return nil, e
   954  	}
   955  	return resp, nil
   956  }
   957  
   958  // CreateEkmConnection creates a new EkmConnection in a given
   959  // Project and Location.
   960  func (c *ekmRESTClient) CreateEkmConnection(ctx context.Context, req *kmspb.CreateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
   961  	m := protojson.MarshalOptions{AllowPartial: true, UseEnumNumbers: true}
   962  	body := req.GetEkmConnection()
   963  	jsonReq, err := m.Marshal(body)
   964  	if err != nil {
   965  		return nil, err
   966  	}
   967  
   968  	baseUrl, err := url.Parse(c.endpoint)
   969  	if err != nil {
   970  		return nil, err
   971  	}
   972  	baseUrl.Path += fmt.Sprintf("/v1/%v/ekmConnections", req.GetParent())
   973  
   974  	params := url.Values{}
   975  	params.Add("$alt", "json;enum-encoding=int")
   976  	params.Add("ekmConnectionId", fmt.Sprintf("%v", req.GetEkmConnectionId()))
   977  
   978  	baseUrl.RawQuery = params.Encode()
   979  
   980  	// Build HTTP headers from client and context metadata.
   981  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "parent", url.QueryEscape(req.GetParent()))}
   982  
   983  	hds = append(c.xGoogHeaders, hds...)
   984  	hds = append(hds, "Content-Type", "application/json")
   985  	headers := gax.BuildHeaders(ctx, hds...)
   986  	opts = append((*c.CallOptions).CreateEkmConnection[0:len((*c.CallOptions).CreateEkmConnection):len((*c.CallOptions).CreateEkmConnection)], opts...)
   987  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
   988  	resp := &kmspb.EkmConnection{}
   989  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
   990  		if settings.Path != "" {
   991  			baseUrl.Path = settings.Path
   992  		}
   993  		httpReq, err := http.NewRequest("POST", baseUrl.String(), bytes.NewReader(jsonReq))
   994  		if err != nil {
   995  			return err
   996  		}
   997  		httpReq = httpReq.WithContext(ctx)
   998  		httpReq.Header = headers
   999  
  1000  		httpRsp, err := c.httpClient.Do(httpReq)
  1001  		if err != nil {
  1002  			return err
  1003  		}
  1004  		defer httpRsp.Body.Close()
  1005  
  1006  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1007  			return err
  1008  		}
  1009  
  1010  		buf, err := io.ReadAll(httpRsp.Body)
  1011  		if err != nil {
  1012  			return err
  1013  		}
  1014  
  1015  		if err := unm.Unmarshal(buf, resp); err != nil {
  1016  			return err
  1017  		}
  1018  
  1019  		return nil
  1020  	}, opts...)
  1021  	if e != nil {
  1022  		return nil, e
  1023  	}
  1024  	return resp, nil
  1025  }
  1026  
  1027  // UpdateEkmConnection updates an EkmConnection's metadata.
  1028  func (c *ekmRESTClient) UpdateEkmConnection(ctx context.Context, req *kmspb.UpdateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error) {
  1029  	m := protojson.MarshalOptions{AllowPartial: true, UseEnumNumbers: true}
  1030  	body := req.GetEkmConnection()
  1031  	jsonReq, err := m.Marshal(body)
  1032  	if err != nil {
  1033  		return nil, err
  1034  	}
  1035  
  1036  	baseUrl, err := url.Parse(c.endpoint)
  1037  	if err != nil {
  1038  		return nil, err
  1039  	}
  1040  	baseUrl.Path += fmt.Sprintf("/v1/%v", req.GetEkmConnection().GetName())
  1041  
  1042  	params := url.Values{}
  1043  	params.Add("$alt", "json;enum-encoding=int")
  1044  	if req.GetUpdateMask() != nil {
  1045  		updateMask, err := protojson.Marshal(req.GetUpdateMask())
  1046  		if err != nil {
  1047  			return nil, err
  1048  		}
  1049  		params.Add("updateMask", string(updateMask[1:len(updateMask)-1]))
  1050  	}
  1051  
  1052  	baseUrl.RawQuery = params.Encode()
  1053  
  1054  	// Build HTTP headers from client and context metadata.
  1055  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "ekm_connection.name", url.QueryEscape(req.GetEkmConnection().GetName()))}
  1056  
  1057  	hds = append(c.xGoogHeaders, hds...)
  1058  	hds = append(hds, "Content-Type", "application/json")
  1059  	headers := gax.BuildHeaders(ctx, hds...)
  1060  	opts = append((*c.CallOptions).UpdateEkmConnection[0:len((*c.CallOptions).UpdateEkmConnection):len((*c.CallOptions).UpdateEkmConnection)], opts...)
  1061  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1062  	resp := &kmspb.EkmConnection{}
  1063  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1064  		if settings.Path != "" {
  1065  			baseUrl.Path = settings.Path
  1066  		}
  1067  		httpReq, err := http.NewRequest("PATCH", baseUrl.String(), bytes.NewReader(jsonReq))
  1068  		if err != nil {
  1069  			return err
  1070  		}
  1071  		httpReq = httpReq.WithContext(ctx)
  1072  		httpReq.Header = headers
  1073  
  1074  		httpRsp, err := c.httpClient.Do(httpReq)
  1075  		if err != nil {
  1076  			return err
  1077  		}
  1078  		defer httpRsp.Body.Close()
  1079  
  1080  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1081  			return err
  1082  		}
  1083  
  1084  		buf, err := io.ReadAll(httpRsp.Body)
  1085  		if err != nil {
  1086  			return err
  1087  		}
  1088  
  1089  		if err := unm.Unmarshal(buf, resp); err != nil {
  1090  			return err
  1091  		}
  1092  
  1093  		return nil
  1094  	}, opts...)
  1095  	if e != nil {
  1096  		return nil, e
  1097  	}
  1098  	return resp, nil
  1099  }
  1100  
  1101  // GetEkmConfig returns the EkmConfig singleton resource
  1102  // for a given project and location.
  1103  func (c *ekmRESTClient) GetEkmConfig(ctx context.Context, req *kmspb.GetEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error) {
  1104  	baseUrl, err := url.Parse(c.endpoint)
  1105  	if err != nil {
  1106  		return nil, err
  1107  	}
  1108  	baseUrl.Path += fmt.Sprintf("/v1/%v", req.GetName())
  1109  
  1110  	params := url.Values{}
  1111  	params.Add("$alt", "json;enum-encoding=int")
  1112  
  1113  	baseUrl.RawQuery = params.Encode()
  1114  
  1115  	// Build HTTP headers from client and context metadata.
  1116  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
  1117  
  1118  	hds = append(c.xGoogHeaders, hds...)
  1119  	hds = append(hds, "Content-Type", "application/json")
  1120  	headers := gax.BuildHeaders(ctx, hds...)
  1121  	opts = append((*c.CallOptions).GetEkmConfig[0:len((*c.CallOptions).GetEkmConfig):len((*c.CallOptions).GetEkmConfig)], opts...)
  1122  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1123  	resp := &kmspb.EkmConfig{}
  1124  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1125  		if settings.Path != "" {
  1126  			baseUrl.Path = settings.Path
  1127  		}
  1128  		httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
  1129  		if err != nil {
  1130  			return err
  1131  		}
  1132  		httpReq = httpReq.WithContext(ctx)
  1133  		httpReq.Header = headers
  1134  
  1135  		httpRsp, err := c.httpClient.Do(httpReq)
  1136  		if err != nil {
  1137  			return err
  1138  		}
  1139  		defer httpRsp.Body.Close()
  1140  
  1141  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1142  			return err
  1143  		}
  1144  
  1145  		buf, err := io.ReadAll(httpRsp.Body)
  1146  		if err != nil {
  1147  			return err
  1148  		}
  1149  
  1150  		if err := unm.Unmarshal(buf, resp); err != nil {
  1151  			return err
  1152  		}
  1153  
  1154  		return nil
  1155  	}, opts...)
  1156  	if e != nil {
  1157  		return nil, e
  1158  	}
  1159  	return resp, nil
  1160  }
  1161  
  1162  // UpdateEkmConfig updates the EkmConfig singleton resource
  1163  // for a given project and location.
  1164  func (c *ekmRESTClient) UpdateEkmConfig(ctx context.Context, req *kmspb.UpdateEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error) {
  1165  	m := protojson.MarshalOptions{AllowPartial: true, UseEnumNumbers: true}
  1166  	body := req.GetEkmConfig()
  1167  	jsonReq, err := m.Marshal(body)
  1168  	if err != nil {
  1169  		return nil, err
  1170  	}
  1171  
  1172  	baseUrl, err := url.Parse(c.endpoint)
  1173  	if err != nil {
  1174  		return nil, err
  1175  	}
  1176  	baseUrl.Path += fmt.Sprintf("/v1/%v", req.GetEkmConfig().GetName())
  1177  
  1178  	params := url.Values{}
  1179  	params.Add("$alt", "json;enum-encoding=int")
  1180  	if req.GetUpdateMask() != nil {
  1181  		updateMask, err := protojson.Marshal(req.GetUpdateMask())
  1182  		if err != nil {
  1183  			return nil, err
  1184  		}
  1185  		params.Add("updateMask", string(updateMask[1:len(updateMask)-1]))
  1186  	}
  1187  
  1188  	baseUrl.RawQuery = params.Encode()
  1189  
  1190  	// Build HTTP headers from client and context metadata.
  1191  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "ekm_config.name", url.QueryEscape(req.GetEkmConfig().GetName()))}
  1192  
  1193  	hds = append(c.xGoogHeaders, hds...)
  1194  	hds = append(hds, "Content-Type", "application/json")
  1195  	headers := gax.BuildHeaders(ctx, hds...)
  1196  	opts = append((*c.CallOptions).UpdateEkmConfig[0:len((*c.CallOptions).UpdateEkmConfig):len((*c.CallOptions).UpdateEkmConfig)], opts...)
  1197  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1198  	resp := &kmspb.EkmConfig{}
  1199  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1200  		if settings.Path != "" {
  1201  			baseUrl.Path = settings.Path
  1202  		}
  1203  		httpReq, err := http.NewRequest("PATCH", baseUrl.String(), bytes.NewReader(jsonReq))
  1204  		if err != nil {
  1205  			return err
  1206  		}
  1207  		httpReq = httpReq.WithContext(ctx)
  1208  		httpReq.Header = headers
  1209  
  1210  		httpRsp, err := c.httpClient.Do(httpReq)
  1211  		if err != nil {
  1212  			return err
  1213  		}
  1214  		defer httpRsp.Body.Close()
  1215  
  1216  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1217  			return err
  1218  		}
  1219  
  1220  		buf, err := io.ReadAll(httpRsp.Body)
  1221  		if err != nil {
  1222  			return err
  1223  		}
  1224  
  1225  		if err := unm.Unmarshal(buf, resp); err != nil {
  1226  			return err
  1227  		}
  1228  
  1229  		return nil
  1230  	}, opts...)
  1231  	if e != nil {
  1232  		return nil, e
  1233  	}
  1234  	return resp, nil
  1235  }
  1236  
  1237  // VerifyConnectivity verifies that Cloud KMS can successfully connect to the external key
  1238  // manager specified by an EkmConnection.
  1239  // If there is an error connecting to the EKM, this method returns a
  1240  // FAILED_PRECONDITION status containing structured information as described
  1241  // at https://cloud.google.com/kms/docs/reference/ekm_errors (at https://cloud.google.com/kms/docs/reference/ekm_errors).
  1242  func (c *ekmRESTClient) VerifyConnectivity(ctx context.Context, req *kmspb.VerifyConnectivityRequest, opts ...gax.CallOption) (*kmspb.VerifyConnectivityResponse, error) {
  1243  	baseUrl, err := url.Parse(c.endpoint)
  1244  	if err != nil {
  1245  		return nil, err
  1246  	}
  1247  	baseUrl.Path += fmt.Sprintf("/v1/%v:verifyConnectivity", req.GetName())
  1248  
  1249  	params := url.Values{}
  1250  	params.Add("$alt", "json;enum-encoding=int")
  1251  
  1252  	baseUrl.RawQuery = params.Encode()
  1253  
  1254  	// Build HTTP headers from client and context metadata.
  1255  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
  1256  
  1257  	hds = append(c.xGoogHeaders, hds...)
  1258  	hds = append(hds, "Content-Type", "application/json")
  1259  	headers := gax.BuildHeaders(ctx, hds...)
  1260  	opts = append((*c.CallOptions).VerifyConnectivity[0:len((*c.CallOptions).VerifyConnectivity):len((*c.CallOptions).VerifyConnectivity)], opts...)
  1261  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1262  	resp := &kmspb.VerifyConnectivityResponse{}
  1263  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1264  		if settings.Path != "" {
  1265  			baseUrl.Path = settings.Path
  1266  		}
  1267  		httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
  1268  		if err != nil {
  1269  			return err
  1270  		}
  1271  		httpReq = httpReq.WithContext(ctx)
  1272  		httpReq.Header = headers
  1273  
  1274  		httpRsp, err := c.httpClient.Do(httpReq)
  1275  		if err != nil {
  1276  			return err
  1277  		}
  1278  		defer httpRsp.Body.Close()
  1279  
  1280  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1281  			return err
  1282  		}
  1283  
  1284  		buf, err := io.ReadAll(httpRsp.Body)
  1285  		if err != nil {
  1286  			return err
  1287  		}
  1288  
  1289  		if err := unm.Unmarshal(buf, resp); err != nil {
  1290  			return err
  1291  		}
  1292  
  1293  		return nil
  1294  	}, opts...)
  1295  	if e != nil {
  1296  		return nil, e
  1297  	}
  1298  	return resp, nil
  1299  }
  1300  
  1301  // GetLocation gets information about a location.
  1302  func (c *ekmRESTClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error) {
  1303  	baseUrl, err := url.Parse(c.endpoint)
  1304  	if err != nil {
  1305  		return nil, err
  1306  	}
  1307  	baseUrl.Path += fmt.Sprintf("/v1/%v", req.GetName())
  1308  
  1309  	params := url.Values{}
  1310  	params.Add("$alt", "json;enum-encoding=int")
  1311  
  1312  	baseUrl.RawQuery = params.Encode()
  1313  
  1314  	// Build HTTP headers from client and context metadata.
  1315  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
  1316  
  1317  	hds = append(c.xGoogHeaders, hds...)
  1318  	hds = append(hds, "Content-Type", "application/json")
  1319  	headers := gax.BuildHeaders(ctx, hds...)
  1320  	opts = append((*c.CallOptions).GetLocation[0:len((*c.CallOptions).GetLocation):len((*c.CallOptions).GetLocation)], opts...)
  1321  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1322  	resp := &locationpb.Location{}
  1323  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1324  		if settings.Path != "" {
  1325  			baseUrl.Path = settings.Path
  1326  		}
  1327  		httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
  1328  		if err != nil {
  1329  			return err
  1330  		}
  1331  		httpReq = httpReq.WithContext(ctx)
  1332  		httpReq.Header = headers
  1333  
  1334  		httpRsp, err := c.httpClient.Do(httpReq)
  1335  		if err != nil {
  1336  			return err
  1337  		}
  1338  		defer httpRsp.Body.Close()
  1339  
  1340  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1341  			return err
  1342  		}
  1343  
  1344  		buf, err := io.ReadAll(httpRsp.Body)
  1345  		if err != nil {
  1346  			return err
  1347  		}
  1348  
  1349  		if err := unm.Unmarshal(buf, resp); err != nil {
  1350  			return err
  1351  		}
  1352  
  1353  		return nil
  1354  	}, opts...)
  1355  	if e != nil {
  1356  		return nil, e
  1357  	}
  1358  	return resp, nil
  1359  }
  1360  
  1361  // ListLocations lists information about the supported locations for this service.
  1362  func (c *ekmRESTClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator {
  1363  	it := &LocationIterator{}
  1364  	req = proto.Clone(req).(*locationpb.ListLocationsRequest)
  1365  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1366  	it.InternalFetch = func(pageSize int, pageToken string) ([]*locationpb.Location, string, error) {
  1367  		resp := &locationpb.ListLocationsResponse{}
  1368  		if pageToken != "" {
  1369  			req.PageToken = pageToken
  1370  		}
  1371  		if pageSize > math.MaxInt32 {
  1372  			req.PageSize = math.MaxInt32
  1373  		} else if pageSize != 0 {
  1374  			req.PageSize = int32(pageSize)
  1375  		}
  1376  		baseUrl, err := url.Parse(c.endpoint)
  1377  		if err != nil {
  1378  			return nil, "", err
  1379  		}
  1380  		baseUrl.Path += fmt.Sprintf("/v1/%v/locations", req.GetName())
  1381  
  1382  		params := url.Values{}
  1383  		params.Add("$alt", "json;enum-encoding=int")
  1384  		if req.GetFilter() != "" {
  1385  			params.Add("filter", fmt.Sprintf("%v", req.GetFilter()))
  1386  		}
  1387  		if req.GetPageSize() != 0 {
  1388  			params.Add("pageSize", fmt.Sprintf("%v", req.GetPageSize()))
  1389  		}
  1390  		if req.GetPageToken() != "" {
  1391  			params.Add("pageToken", fmt.Sprintf("%v", req.GetPageToken()))
  1392  		}
  1393  
  1394  		baseUrl.RawQuery = params.Encode()
  1395  
  1396  		// Build HTTP headers from client and context metadata.
  1397  		hds := append(c.xGoogHeaders, "Content-Type", "application/json")
  1398  		headers := gax.BuildHeaders(ctx, hds...)
  1399  		e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1400  			if settings.Path != "" {
  1401  				baseUrl.Path = settings.Path
  1402  			}
  1403  			httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
  1404  			if err != nil {
  1405  				return err
  1406  			}
  1407  			httpReq.Header = headers
  1408  
  1409  			httpRsp, err := c.httpClient.Do(httpReq)
  1410  			if err != nil {
  1411  				return err
  1412  			}
  1413  			defer httpRsp.Body.Close()
  1414  
  1415  			if err = googleapi.CheckResponse(httpRsp); err != nil {
  1416  				return err
  1417  			}
  1418  
  1419  			buf, err := io.ReadAll(httpRsp.Body)
  1420  			if err != nil {
  1421  				return err
  1422  			}
  1423  
  1424  			if err := unm.Unmarshal(buf, resp); err != nil {
  1425  				return err
  1426  			}
  1427  
  1428  			return nil
  1429  		}, opts...)
  1430  		if e != nil {
  1431  			return nil, "", e
  1432  		}
  1433  		it.Response = resp
  1434  		return resp.GetLocations(), resp.GetNextPageToken(), nil
  1435  	}
  1436  
  1437  	fetch := func(pageSize int, pageToken string) (string, error) {
  1438  		items, nextPageToken, err := it.InternalFetch(pageSize, pageToken)
  1439  		if err != nil {
  1440  			return "", err
  1441  		}
  1442  		it.items = append(it.items, items...)
  1443  		return nextPageToken, nil
  1444  	}
  1445  
  1446  	it.pageInfo, it.nextFunc = iterator.NewPageInfo(fetch, it.bufLen, it.takeBuf)
  1447  	it.pageInfo.MaxSize = int(req.GetPageSize())
  1448  	it.pageInfo.Token = req.GetPageToken()
  1449  
  1450  	return it
  1451  }
  1452  
  1453  // GetIamPolicy gets the access control policy for a resource. Returns an empty policy
  1454  // if the resource exists and does not have a policy set.
  1455  func (c *ekmRESTClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error) {
  1456  	baseUrl, err := url.Parse(c.endpoint)
  1457  	if err != nil {
  1458  		return nil, err
  1459  	}
  1460  	baseUrl.Path += fmt.Sprintf("/v1/%v:getIamPolicy", req.GetResource())
  1461  
  1462  	params := url.Values{}
  1463  	params.Add("$alt", "json;enum-encoding=int")
  1464  	if req.GetOptions().GetRequestedPolicyVersion() != 0 {
  1465  		params.Add("options.requestedPolicyVersion", fmt.Sprintf("%v", req.GetOptions().GetRequestedPolicyVersion()))
  1466  	}
  1467  
  1468  	baseUrl.RawQuery = params.Encode()
  1469  
  1470  	// Build HTTP headers from client and context metadata.
  1471  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "resource", url.QueryEscape(req.GetResource()))}
  1472  
  1473  	hds = append(c.xGoogHeaders, hds...)
  1474  	hds = append(hds, "Content-Type", "application/json")
  1475  	headers := gax.BuildHeaders(ctx, hds...)
  1476  	opts = append((*c.CallOptions).GetIamPolicy[0:len((*c.CallOptions).GetIamPolicy):len((*c.CallOptions).GetIamPolicy)], opts...)
  1477  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1478  	resp := &iampb.Policy{}
  1479  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1480  		if settings.Path != "" {
  1481  			baseUrl.Path = settings.Path
  1482  		}
  1483  		httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
  1484  		if err != nil {
  1485  			return err
  1486  		}
  1487  		httpReq = httpReq.WithContext(ctx)
  1488  		httpReq.Header = headers
  1489  
  1490  		httpRsp, err := c.httpClient.Do(httpReq)
  1491  		if err != nil {
  1492  			return err
  1493  		}
  1494  		defer httpRsp.Body.Close()
  1495  
  1496  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1497  			return err
  1498  		}
  1499  
  1500  		buf, err := io.ReadAll(httpRsp.Body)
  1501  		if err != nil {
  1502  			return err
  1503  		}
  1504  
  1505  		if err := unm.Unmarshal(buf, resp); err != nil {
  1506  			return err
  1507  		}
  1508  
  1509  		return nil
  1510  	}, opts...)
  1511  	if e != nil {
  1512  		return nil, e
  1513  	}
  1514  	return resp, nil
  1515  }
  1516  
  1517  // SetIamPolicy sets the access control policy on the specified resource. Replaces
  1518  // any existing policy.
  1519  //
  1520  // Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED
  1521  // errors.
  1522  func (c *ekmRESTClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error) {
  1523  	m := protojson.MarshalOptions{AllowPartial: true, UseEnumNumbers: true}
  1524  	jsonReq, err := m.Marshal(req)
  1525  	if err != nil {
  1526  		return nil, err
  1527  	}
  1528  
  1529  	baseUrl, err := url.Parse(c.endpoint)
  1530  	if err != nil {
  1531  		return nil, err
  1532  	}
  1533  	baseUrl.Path += fmt.Sprintf("/v1/%v:setIamPolicy", req.GetResource())
  1534  
  1535  	params := url.Values{}
  1536  	params.Add("$alt", "json;enum-encoding=int")
  1537  
  1538  	baseUrl.RawQuery = params.Encode()
  1539  
  1540  	// Build HTTP headers from client and context metadata.
  1541  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "resource", url.QueryEscape(req.GetResource()))}
  1542  
  1543  	hds = append(c.xGoogHeaders, hds...)
  1544  	hds = append(hds, "Content-Type", "application/json")
  1545  	headers := gax.BuildHeaders(ctx, hds...)
  1546  	opts = append((*c.CallOptions).SetIamPolicy[0:len((*c.CallOptions).SetIamPolicy):len((*c.CallOptions).SetIamPolicy)], opts...)
  1547  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1548  	resp := &iampb.Policy{}
  1549  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1550  		if settings.Path != "" {
  1551  			baseUrl.Path = settings.Path
  1552  		}
  1553  		httpReq, err := http.NewRequest("POST", baseUrl.String(), bytes.NewReader(jsonReq))
  1554  		if err != nil {
  1555  			return err
  1556  		}
  1557  		httpReq = httpReq.WithContext(ctx)
  1558  		httpReq.Header = headers
  1559  
  1560  		httpRsp, err := c.httpClient.Do(httpReq)
  1561  		if err != nil {
  1562  			return err
  1563  		}
  1564  		defer httpRsp.Body.Close()
  1565  
  1566  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1567  			return err
  1568  		}
  1569  
  1570  		buf, err := io.ReadAll(httpRsp.Body)
  1571  		if err != nil {
  1572  			return err
  1573  		}
  1574  
  1575  		if err := unm.Unmarshal(buf, resp); err != nil {
  1576  			return err
  1577  		}
  1578  
  1579  		return nil
  1580  	}, opts...)
  1581  	if e != nil {
  1582  		return nil, e
  1583  	}
  1584  	return resp, nil
  1585  }
  1586  
  1587  // TestIamPermissions returns permissions that a caller has on the specified resource. If the
  1588  // resource does not exist, this will return an empty set of
  1589  // permissions, not a NOT_FOUND error.
  1590  //
  1591  // Note: This operation is designed to be used for building
  1592  // permission-aware UIs and command-line tools, not for authorization
  1593  // checking. This operation may “fail open” without warning.
  1594  func (c *ekmRESTClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error) {
  1595  	m := protojson.MarshalOptions{AllowPartial: true, UseEnumNumbers: true}
  1596  	jsonReq, err := m.Marshal(req)
  1597  	if err != nil {
  1598  		return nil, err
  1599  	}
  1600  
  1601  	baseUrl, err := url.Parse(c.endpoint)
  1602  	if err != nil {
  1603  		return nil, err
  1604  	}
  1605  	baseUrl.Path += fmt.Sprintf("/v1/%v:testIamPermissions", req.GetResource())
  1606  
  1607  	params := url.Values{}
  1608  	params.Add("$alt", "json;enum-encoding=int")
  1609  
  1610  	baseUrl.RawQuery = params.Encode()
  1611  
  1612  	// Build HTTP headers from client and context metadata.
  1613  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "resource", url.QueryEscape(req.GetResource()))}
  1614  
  1615  	hds = append(c.xGoogHeaders, hds...)
  1616  	hds = append(hds, "Content-Type", "application/json")
  1617  	headers := gax.BuildHeaders(ctx, hds...)
  1618  	opts = append((*c.CallOptions).TestIamPermissions[0:len((*c.CallOptions).TestIamPermissions):len((*c.CallOptions).TestIamPermissions)], opts...)
  1619  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1620  	resp := &iampb.TestIamPermissionsResponse{}
  1621  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1622  		if settings.Path != "" {
  1623  			baseUrl.Path = settings.Path
  1624  		}
  1625  		httpReq, err := http.NewRequest("POST", baseUrl.String(), bytes.NewReader(jsonReq))
  1626  		if err != nil {
  1627  			return err
  1628  		}
  1629  		httpReq = httpReq.WithContext(ctx)
  1630  		httpReq.Header = headers
  1631  
  1632  		httpRsp, err := c.httpClient.Do(httpReq)
  1633  		if err != nil {
  1634  			return err
  1635  		}
  1636  		defer httpRsp.Body.Close()
  1637  
  1638  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1639  			return err
  1640  		}
  1641  
  1642  		buf, err := io.ReadAll(httpRsp.Body)
  1643  		if err != nil {
  1644  			return err
  1645  		}
  1646  
  1647  		if err := unm.Unmarshal(buf, resp); err != nil {
  1648  			return err
  1649  		}
  1650  
  1651  		return nil
  1652  	}, opts...)
  1653  	if e != nil {
  1654  		return nil, e
  1655  	}
  1656  	return resp, nil
  1657  }
  1658  
  1659  // GetOperation is a utility method from google.longrunning.Operations.
  1660  func (c *ekmRESTClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error) {
  1661  	baseUrl, err := url.Parse(c.endpoint)
  1662  	if err != nil {
  1663  		return nil, err
  1664  	}
  1665  	baseUrl.Path += fmt.Sprintf("/v1/%v", req.GetName())
  1666  
  1667  	params := url.Values{}
  1668  	params.Add("$alt", "json;enum-encoding=int")
  1669  
  1670  	baseUrl.RawQuery = params.Encode()
  1671  
  1672  	// Build HTTP headers from client and context metadata.
  1673  	hds := []string{"x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName()))}
  1674  
  1675  	hds = append(c.xGoogHeaders, hds...)
  1676  	hds = append(hds, "Content-Type", "application/json")
  1677  	headers := gax.BuildHeaders(ctx, hds...)
  1678  	opts = append((*c.CallOptions).GetOperation[0:len((*c.CallOptions).GetOperation):len((*c.CallOptions).GetOperation)], opts...)
  1679  	unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
  1680  	resp := &longrunningpb.Operation{}
  1681  	e := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
  1682  		if settings.Path != "" {
  1683  			baseUrl.Path = settings.Path
  1684  		}
  1685  		httpReq, err := http.NewRequest("GET", baseUrl.String(), nil)
  1686  		if err != nil {
  1687  			return err
  1688  		}
  1689  		httpReq = httpReq.WithContext(ctx)
  1690  		httpReq.Header = headers
  1691  
  1692  		httpRsp, err := c.httpClient.Do(httpReq)
  1693  		if err != nil {
  1694  			return err
  1695  		}
  1696  		defer httpRsp.Body.Close()
  1697  
  1698  		if err = googleapi.CheckResponse(httpRsp); err != nil {
  1699  			return err
  1700  		}
  1701  
  1702  		buf, err := io.ReadAll(httpRsp.Body)
  1703  		if err != nil {
  1704  			return err
  1705  		}
  1706  
  1707  		if err := unm.Unmarshal(buf, resp); err != nil {
  1708  			return err
  1709  		}
  1710  
  1711  		return nil
  1712  	}, opts...)
  1713  	if e != nil {
  1714  		return nil, e
  1715  	}
  1716  	return resp, nil
  1717  }
  1718
View as plain text