iam-gen.go

Documentation: google.golang.org/api/iam/v1

     1  // Copyright 2024 Google LLC.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // Code generated file. DO NOT EDIT.
     6  
     7  // Package iam provides access to the Identity and Access Management (IAM) API.
     8  //
     9  // For product documentation, see: https://cloud.google.com/iam/
    10  //
    11  // # Library status
    12  //
    13  // These client libraries are officially supported by Google. However, this
    14  // library is considered complete and is in maintenance mode. This means
    15  // that we will address critical bugs and security issues but will not add
    16  // any new features.
    17  //
    18  // When possible, we recommend using our newer
    19  // [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go)
    20  // that are still actively being worked and iterated on.
    21  //
    22  // # Creating a client
    23  //
    24  // Usage example:
    25  //
    26  //	import "google.golang.org/api/iam/v1"
    27  //	...
    28  //	ctx := context.Background()
    29  //	iamService, err := iam.NewService(ctx)
    30  //
    31  // In this example, Google Application Default Credentials are used for
    32  // authentication. For information on how to create and obtain Application
    33  // Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
    34  //
    35  // # Other authentication options
    36  //
    37  // To use an API key for authentication (note: some APIs do not support API
    38  // keys), use [google.golang.org/api/option.WithAPIKey]:
    39  //
    40  //	iamService, err := iam.NewService(ctx, option.WithAPIKey("AIza..."))
    41  //
    42  // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth
    43  // flow, use [google.golang.org/api/option.WithTokenSource]:
    44  //
    45  //	config := &oauth2.Config{...}
    46  //	// ...
    47  //	token, err := config.Exchange(ctx, ...)
    48  //	iamService, err := iam.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
    49  //
    50  // See [google.golang.org/api/option.ClientOption] for details on options.
    51  package iam // import "google.golang.org/api/iam/v1"
    52  
    53  import (
    54  	"bytes"
    55  	"context"
    56  	"encoding/json"
    57  	"errors"
    58  	"fmt"
    59  	"io"
    60  	"net/http"
    61  	"net/url"
    62  	"strconv"
    63  	"strings"
    64  
    65  	googleapi "google.golang.org/api/googleapi"
    66  	internal "google.golang.org/api/internal"
    67  	gensupport "google.golang.org/api/internal/gensupport"
    68  	option "google.golang.org/api/option"
    69  	internaloption "google.golang.org/api/option/internaloption"
    70  	htransport "google.golang.org/api/transport/http"
    71  )
    72  
    73  // Always reference these packages, just in case the auto-generated code
    74  // below doesn't.
    75  var _ = bytes.NewBuffer
    76  var _ = strconv.Itoa
    77  var _ = fmt.Sprintf
    78  var _ = json.NewDecoder
    79  var _ = io.Copy
    80  var _ = url.Parse
    81  var _ = gensupport.MarshalJSON
    82  var _ = googleapi.Version
    83  var _ = errors.New
    84  var _ = strings.Replace
    85  var _ = context.Canceled
    86  var _ = internaloption.WithDefaultEndpoint
    87  var _ = internal.Version
    88  
    89  const apiId = "iam:v1"
    90  const apiName = "iam"
    91  const apiVersion = "v1"
    92  const basePath = "https://iam.googleapis.com/"
    93  const basePathTemplate = "https://iam.UNIVERSE_DOMAIN/"
    94  const mtlsBasePath = "https://iam.mtls.googleapis.com/"
    95  
    96  // OAuth2 scopes used by this API.
    97  const (
    98  	// See, edit, configure, and delete your Google Cloud data and see the email
    99  	// address for your Google Account.
   100  	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
   101  )
   102  
   103  // NewService creates a new Service.
   104  func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
   105  	scopesOption := internaloption.WithDefaultScopes(
   106  		"https://www.googleapis.com/auth/cloud-platform",
   107  	)
   108  	// NOTE: prepend, so we don't override user-specified scopes.
   109  	opts = append([]option.ClientOption{scopesOption}, opts...)
   110  	opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
   111  	opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate))
   112  	opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
   113  	opts = append(opts, internaloption.EnableNewAuthLibrary())
   114  	client, endpoint, err := htransport.NewClient(ctx, opts...)
   115  	if err != nil {
   116  		return nil, err
   117  	}
   118  	s, err := New(client)
   119  	if err != nil {
   120  		return nil, err
   121  	}
   122  	if endpoint != "" {
   123  		s.BasePath = endpoint
   124  	}
   125  	return s, nil
   126  }
   127  
   128  // New creates a new Service. It uses the provided http.Client for requests.
   129  //
   130  // Deprecated: please use NewService instead.
   131  // To provide a custom HTTP client, use option.WithHTTPClient.
   132  // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
   133  func New(client *http.Client) (*Service, error) {
   134  	if client == nil {
   135  		return nil, errors.New("client is nil")
   136  	}
   137  	s := &Service{client: client, BasePath: basePath}
   138  	s.IamPolicies = NewIamPoliciesService(s)
   139  	s.Locations = NewLocationsService(s)
   140  	s.Organizations = NewOrganizationsService(s)
   141  	s.Permissions = NewPermissionsService(s)
   142  	s.Projects = NewProjectsService(s)
   143  	s.Roles = NewRolesService(s)
   144  	return s, nil
   145  }
   146  
   147  type Service struct {
   148  	client    *http.Client
   149  	BasePath  string // API endpoint base URL
   150  	UserAgent string // optional additional User-Agent fragment
   151  
   152  	IamPolicies *IamPoliciesService
   153  
   154  	Locations *LocationsService
   155  
   156  	Organizations *OrganizationsService
   157  
   158  	Permissions *PermissionsService
   159  
   160  	Projects *ProjectsService
   161  
   162  	Roles *RolesService
   163  }
   164  
   165  func (s *Service) userAgent() string {
   166  	if s.UserAgent == "" {
   167  		return googleapi.UserAgent
   168  	}
   169  	return googleapi.UserAgent + " " + s.UserAgent
   170  }
   171  
   172  func NewIamPoliciesService(s *Service) *IamPoliciesService {
   173  	rs := &IamPoliciesService{s: s}
   174  	return rs
   175  }
   176  
   177  type IamPoliciesService struct {
   178  	s *Service
   179  }
   180  
   181  func NewLocationsService(s *Service) *LocationsService {
   182  	rs := &LocationsService{s: s}
   183  	rs.WorkforcePools = NewLocationsWorkforcePoolsService(s)
   184  	return rs
   185  }
   186  
   187  type LocationsService struct {
   188  	s *Service
   189  
   190  	WorkforcePools *LocationsWorkforcePoolsService
   191  }
   192  
   193  func NewLocationsWorkforcePoolsService(s *Service) *LocationsWorkforcePoolsService {
   194  	rs := &LocationsWorkforcePoolsService{s: s}
   195  	rs.Operations = NewLocationsWorkforcePoolsOperationsService(s)
   196  	rs.Providers = NewLocationsWorkforcePoolsProvidersService(s)
   197  	rs.Subjects = NewLocationsWorkforcePoolsSubjectsService(s)
   198  	return rs
   199  }
   200  
   201  type LocationsWorkforcePoolsService struct {
   202  	s *Service
   203  
   204  	Operations *LocationsWorkforcePoolsOperationsService
   205  
   206  	Providers *LocationsWorkforcePoolsProvidersService
   207  
   208  	Subjects *LocationsWorkforcePoolsSubjectsService
   209  }
   210  
   211  func NewLocationsWorkforcePoolsOperationsService(s *Service) *LocationsWorkforcePoolsOperationsService {
   212  	rs := &LocationsWorkforcePoolsOperationsService{s: s}
   213  	return rs
   214  }
   215  
   216  type LocationsWorkforcePoolsOperationsService struct {
   217  	s *Service
   218  }
   219  
   220  func NewLocationsWorkforcePoolsProvidersService(s *Service) *LocationsWorkforcePoolsProvidersService {
   221  	rs := &LocationsWorkforcePoolsProvidersService{s: s}
   222  	rs.Keys = NewLocationsWorkforcePoolsProvidersKeysService(s)
   223  	rs.Operations = NewLocationsWorkforcePoolsProvidersOperationsService(s)
   224  	return rs
   225  }
   226  
   227  type LocationsWorkforcePoolsProvidersService struct {
   228  	s *Service
   229  
   230  	Keys *LocationsWorkforcePoolsProvidersKeysService
   231  
   232  	Operations *LocationsWorkforcePoolsProvidersOperationsService
   233  }
   234  
   235  func NewLocationsWorkforcePoolsProvidersKeysService(s *Service) *LocationsWorkforcePoolsProvidersKeysService {
   236  	rs := &LocationsWorkforcePoolsProvidersKeysService{s: s}
   237  	rs.Operations = NewLocationsWorkforcePoolsProvidersKeysOperationsService(s)
   238  	return rs
   239  }
   240  
   241  type LocationsWorkforcePoolsProvidersKeysService struct {
   242  	s *Service
   243  
   244  	Operations *LocationsWorkforcePoolsProvidersKeysOperationsService
   245  }
   246  
   247  func NewLocationsWorkforcePoolsProvidersKeysOperationsService(s *Service) *LocationsWorkforcePoolsProvidersKeysOperationsService {
   248  	rs := &LocationsWorkforcePoolsProvidersKeysOperationsService{s: s}
   249  	return rs
   250  }
   251  
   252  type LocationsWorkforcePoolsProvidersKeysOperationsService struct {
   253  	s *Service
   254  }
   255  
   256  func NewLocationsWorkforcePoolsProvidersOperationsService(s *Service) *LocationsWorkforcePoolsProvidersOperationsService {
   257  	rs := &LocationsWorkforcePoolsProvidersOperationsService{s: s}
   258  	return rs
   259  }
   260  
   261  type LocationsWorkforcePoolsProvidersOperationsService struct {
   262  	s *Service
   263  }
   264  
   265  func NewLocationsWorkforcePoolsSubjectsService(s *Service) *LocationsWorkforcePoolsSubjectsService {
   266  	rs := &LocationsWorkforcePoolsSubjectsService{s: s}
   267  	rs.Operations = NewLocationsWorkforcePoolsSubjectsOperationsService(s)
   268  	return rs
   269  }
   270  
   271  type LocationsWorkforcePoolsSubjectsService struct {
   272  	s *Service
   273  
   274  	Operations *LocationsWorkforcePoolsSubjectsOperationsService
   275  }
   276  
   277  func NewLocationsWorkforcePoolsSubjectsOperationsService(s *Service) *LocationsWorkforcePoolsSubjectsOperationsService {
   278  	rs := &LocationsWorkforcePoolsSubjectsOperationsService{s: s}
   279  	return rs
   280  }
   281  
   282  type LocationsWorkforcePoolsSubjectsOperationsService struct {
   283  	s *Service
   284  }
   285  
   286  func NewOrganizationsService(s *Service) *OrganizationsService {
   287  	rs := &OrganizationsService{s: s}
   288  	rs.Roles = NewOrganizationsRolesService(s)
   289  	return rs
   290  }
   291  
   292  type OrganizationsService struct {
   293  	s *Service
   294  
   295  	Roles *OrganizationsRolesService
   296  }
   297  
   298  func NewOrganizationsRolesService(s *Service) *OrganizationsRolesService {
   299  	rs := &OrganizationsRolesService{s: s}
   300  	return rs
   301  }
   302  
   303  type OrganizationsRolesService struct {
   304  	s *Service
   305  }
   306  
   307  func NewPermissionsService(s *Service) *PermissionsService {
   308  	rs := &PermissionsService{s: s}
   309  	return rs
   310  }
   311  
   312  type PermissionsService struct {
   313  	s *Service
   314  }
   315  
   316  func NewProjectsService(s *Service) *ProjectsService {
   317  	rs := &ProjectsService{s: s}
   318  	rs.Locations = NewProjectsLocationsService(s)
   319  	rs.Roles = NewProjectsRolesService(s)
   320  	rs.ServiceAccounts = NewProjectsServiceAccountsService(s)
   321  	return rs
   322  }
   323  
   324  type ProjectsService struct {
   325  	s *Service
   326  
   327  	Locations *ProjectsLocationsService
   328  
   329  	Roles *ProjectsRolesService
   330  
   331  	ServiceAccounts *ProjectsServiceAccountsService
   332  }
   333  
   334  func NewProjectsLocationsService(s *Service) *ProjectsLocationsService {
   335  	rs := &ProjectsLocationsService{s: s}
   336  	rs.OauthClients = NewProjectsLocationsOauthClientsService(s)
   337  	rs.WorkloadIdentityPools = NewProjectsLocationsWorkloadIdentityPoolsService(s)
   338  	return rs
   339  }
   340  
   341  type ProjectsLocationsService struct {
   342  	s *Service
   343  
   344  	OauthClients *ProjectsLocationsOauthClientsService
   345  
   346  	WorkloadIdentityPools *ProjectsLocationsWorkloadIdentityPoolsService
   347  }
   348  
   349  func NewProjectsLocationsOauthClientsService(s *Service) *ProjectsLocationsOauthClientsService {
   350  	rs := &ProjectsLocationsOauthClientsService{s: s}
   351  	rs.Credentials = NewProjectsLocationsOauthClientsCredentialsService(s)
   352  	return rs
   353  }
   354  
   355  type ProjectsLocationsOauthClientsService struct {
   356  	s *Service
   357  
   358  	Credentials *ProjectsLocationsOauthClientsCredentialsService
   359  }
   360  
   361  func NewProjectsLocationsOauthClientsCredentialsService(s *Service) *ProjectsLocationsOauthClientsCredentialsService {
   362  	rs := &ProjectsLocationsOauthClientsCredentialsService{s: s}
   363  	return rs
   364  }
   365  
   366  type ProjectsLocationsOauthClientsCredentialsService struct {
   367  	s *Service
   368  }
   369  
   370  func NewProjectsLocationsWorkloadIdentityPoolsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsService {
   371  	rs := &ProjectsLocationsWorkloadIdentityPoolsService{s: s}
   372  	rs.Namespaces = NewProjectsLocationsWorkloadIdentityPoolsNamespacesService(s)
   373  	rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s)
   374  	rs.Providers = NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s)
   375  	return rs
   376  }
   377  
   378  type ProjectsLocationsWorkloadIdentityPoolsService struct {
   379  	s *Service
   380  
   381  	Namespaces *ProjectsLocationsWorkloadIdentityPoolsNamespacesService
   382  
   383  	Operations *ProjectsLocationsWorkloadIdentityPoolsOperationsService
   384  
   385  	Providers *ProjectsLocationsWorkloadIdentityPoolsProvidersService
   386  }
   387  
   388  func NewProjectsLocationsWorkloadIdentityPoolsNamespacesService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsNamespacesService {
   389  	rs := &ProjectsLocationsWorkloadIdentityPoolsNamespacesService{s: s}
   390  	rs.ManagedIdentities = NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesService(s)
   391  	rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService(s)
   392  	return rs
   393  }
   394  
   395  type ProjectsLocationsWorkloadIdentityPoolsNamespacesService struct {
   396  	s *Service
   397  
   398  	ManagedIdentities *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesService
   399  
   400  	Operations *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService
   401  }
   402  
   403  func NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesService {
   404  	rs := &ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesService{s: s}
   405  	rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService(s)
   406  	rs.WorkloadSources = NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesService(s)
   407  	return rs
   408  }
   409  
   410  type ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesService struct {
   411  	s *Service
   412  
   413  	Operations *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService
   414  
   415  	WorkloadSources *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesService
   416  }
   417  
   418  func NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService {
   419  	rs := &ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService{s: s}
   420  	return rs
   421  }
   422  
   423  type ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService struct {
   424  	s *Service
   425  }
   426  
   427  func NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesService {
   428  	rs := &ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesService{s: s}
   429  	rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService(s)
   430  	return rs
   431  }
   432  
   433  type ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesService struct {
   434  	s *Service
   435  
   436  	Operations *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService
   437  }
   438  
   439  func NewProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService {
   440  	rs := &ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService{s: s}
   441  	return rs
   442  }
   443  
   444  type ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService struct {
   445  	s *Service
   446  }
   447  
   448  func NewProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService {
   449  	rs := &ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService{s: s}
   450  	return rs
   451  }
   452  
   453  type ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService struct {
   454  	s *Service
   455  }
   456  
   457  func NewProjectsLocationsWorkloadIdentityPoolsOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsOperationsService {
   458  	rs := &ProjectsLocationsWorkloadIdentityPoolsOperationsService{s: s}
   459  	return rs
   460  }
   461  
   462  type ProjectsLocationsWorkloadIdentityPoolsOperationsService struct {
   463  	s *Service
   464  }
   465  
   466  func NewProjectsLocationsWorkloadIdentityPoolsProvidersService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersService {
   467  	rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersService{s: s}
   468  	rs.Keys = NewProjectsLocationsWorkloadIdentityPoolsProvidersKeysService(s)
   469  	rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s)
   470  	return rs
   471  }
   472  
   473  type ProjectsLocationsWorkloadIdentityPoolsProvidersService struct {
   474  	s *Service
   475  
   476  	Keys *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService
   477  
   478  	Operations *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService
   479  }
   480  
   481  func NewProjectsLocationsWorkloadIdentityPoolsProvidersKeysService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService {
   482  	rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService{s: s}
   483  	rs.Operations = NewProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService(s)
   484  	return rs
   485  }
   486  
   487  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService struct {
   488  	s *Service
   489  
   490  	Operations *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService
   491  }
   492  
   493  func NewProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService {
   494  	rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService{s: s}
   495  	return rs
   496  }
   497  
   498  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService struct {
   499  	s *Service
   500  }
   501  
   502  func NewProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService(s *Service) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService {
   503  	rs := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService{s: s}
   504  	return rs
   505  }
   506  
   507  type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService struct {
   508  	s *Service
   509  }
   510  
   511  func NewProjectsRolesService(s *Service) *ProjectsRolesService {
   512  	rs := &ProjectsRolesService{s: s}
   513  	return rs
   514  }
   515  
   516  type ProjectsRolesService struct {
   517  	s *Service
   518  }
   519  
   520  func NewProjectsServiceAccountsService(s *Service) *ProjectsServiceAccountsService {
   521  	rs := &ProjectsServiceAccountsService{s: s}
   522  	rs.Keys = NewProjectsServiceAccountsKeysService(s)
   523  	return rs
   524  }
   525  
   526  type ProjectsServiceAccountsService struct {
   527  	s *Service
   528  
   529  	Keys *ProjectsServiceAccountsKeysService
   530  }
   531  
   532  func NewProjectsServiceAccountsKeysService(s *Service) *ProjectsServiceAccountsKeysService {
   533  	rs := &ProjectsServiceAccountsKeysService{s: s}
   534  	return rs
   535  }
   536  
   537  type ProjectsServiceAccountsKeysService struct {
   538  	s *Service
   539  }
   540  
   541  func NewRolesService(s *Service) *RolesService {
   542  	rs := &RolesService{s: s}
   543  	return rs
   544  }
   545  
   546  type RolesService struct {
   547  	s *Service
   548  }
   549  
   550  // AccessRestrictions: Access related restrictions on the workforce pool.
   551  type AccessRestrictions struct {
   552  	// AllowedServices: Optional. Immutable. Services allowed for web sign-in with
   553  	// the workforce pool. If not set by default there are no restrictions.
   554  	AllowedServices []*ServiceConfig `json:"allowedServices,omitempty"`
   555  	// DisableProgrammaticSignin: Optional. Disable programmatic sign-in by
   556  	// disabling token issue via the Security Token API endpoint. See [Security
   557  	// Token Service API] (https://cloud.google.com/iam/docs/reference/sts/rest).
   558  	DisableProgrammaticSignin bool `json:"disableProgrammaticSignin,omitempty"`
   559  	// ForceSendFields is a list of field names (e.g. "AllowedServices") to
   560  	// unconditionally include in API requests. By default, fields with empty or
   561  	// default values are omitted from API requests. See
   562  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   563  	// details.
   564  	ForceSendFields []string `json:"-"`
   565  	// NullFields is a list of field names (e.g. "AllowedServices") to include in
   566  	// API requests with the JSON null value. By default, fields with empty values
   567  	// are omitted from API requests. See
   568  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   569  	NullFields []string `json:"-"`
   570  }
   571  
   572  func (s *AccessRestrictions) MarshalJSON() ([]byte, error) {
   573  	type NoMethod AccessRestrictions
   574  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   575  }
   576  
   577  // AdminAuditData: Audit log information specific to Cloud IAM admin APIs. This
   578  // message is serialized as an `Any` type in the `ServiceData` message of an
   579  // `AuditLog` message.
   580  type AdminAuditData struct {
   581  	// PermissionDelta: The permission_delta when when creating or updating a Role.
   582  	PermissionDelta *PermissionDelta `json:"permissionDelta,omitempty"`
   583  	// ForceSendFields is a list of field names (e.g. "PermissionDelta") to
   584  	// unconditionally include in API requests. By default, fields with empty or
   585  	// default values are omitted from API requests. See
   586  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   587  	// details.
   588  	ForceSendFields []string `json:"-"`
   589  	// NullFields is a list of field names (e.g. "PermissionDelta") to include in
   590  	// API requests with the JSON null value. By default, fields with empty values
   591  	// are omitted from API requests. See
   592  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   593  	NullFields []string `json:"-"`
   594  }
   595  
   596  func (s *AdminAuditData) MarshalJSON() ([]byte, error) {
   597  	type NoMethod AdminAuditData
   598  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   599  }
   600  
   601  // AuditConfig: Specifies the audit configuration for a service. The
   602  // configuration determines which permission types are logged, and what
   603  // identities, if any, are exempted from logging. An AuditConfig must have one
   604  // or more AuditLogConfigs. If there are AuditConfigs for both `allServices`
   605  // and a specific service, the union of the two AuditConfigs is used for that
   606  // service: the log_types specified in each AuditConfig are enabled, and the
   607  // exempted_members in each AuditLogConfig are exempted. Example Policy with
   608  // multiple AuditConfigs: { "audit_configs": [ { "service": "allServices",
   609  // "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [
   610  // "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type":
   611  // "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com",
   612  // "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type":
   613  // "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For
   614  // sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
   615  // logging. It also exempts `jose@example.com` from DATA_READ logging, and
   616  // `aliya@example.com` from DATA_WRITE logging.
   617  type AuditConfig struct {
   618  	// AuditLogConfigs: The configuration for logging of each type of permission.
   619  	AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"`
   620  	// Service: Specifies a service that will be enabled for audit logging. For
   621  	// example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices`
   622  	// is a special value that covers all services.
   623  	Service string `json:"service,omitempty"`
   624  	// ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to
   625  	// unconditionally include in API requests. By default, fields with empty or
   626  	// default values are omitted from API requests. See
   627  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   628  	// details.
   629  	ForceSendFields []string `json:"-"`
   630  	// NullFields is a list of field names (e.g. "AuditLogConfigs") to include in
   631  	// API requests with the JSON null value. By default, fields with empty values
   632  	// are omitted from API requests. See
   633  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   634  	NullFields []string `json:"-"`
   635  }
   636  
   637  func (s *AuditConfig) MarshalJSON() ([]byte, error) {
   638  	type NoMethod AuditConfig
   639  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   640  }
   641  
   642  // AuditData: Audit log information specific to Cloud IAM. This message is
   643  // serialized as an `Any` type in the `ServiceData` message of an `AuditLog`
   644  // message.
   645  type AuditData struct {
   646  	// PolicyDelta: Policy delta between the original policy and the newly set
   647  	// policy.
   648  	PolicyDelta *PolicyDelta `json:"policyDelta,omitempty"`
   649  	// ForceSendFields is a list of field names (e.g. "PolicyDelta") to
   650  	// unconditionally include in API requests. By default, fields with empty or
   651  	// default values are omitted from API requests. See
   652  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   653  	// details.
   654  	ForceSendFields []string `json:"-"`
   655  	// NullFields is a list of field names (e.g. "PolicyDelta") to include in API
   656  	// requests with the JSON null value. By default, fields with empty values are
   657  	// omitted from API requests. See
   658  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   659  	NullFields []string `json:"-"`
   660  }
   661  
   662  func (s *AuditData) MarshalJSON() ([]byte, error) {
   663  	type NoMethod AuditData
   664  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   665  }
   666  
   667  // AuditLogConfig: Provides the configuration for logging a type of
   668  // permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ",
   669  // "exempted_members": [ "user:jose@example.com" ] }, { "log_type":
   670  // "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while
   671  // exempting jose@example.com from DATA_READ logging.
   672  type AuditLogConfig struct {
   673  	// ExemptedMembers: Specifies the identities that do not cause logging for this
   674  	// type of permission. Follows the same format of Binding.members.
   675  	ExemptedMembers []string `json:"exemptedMembers,omitempty"`
   676  	// LogType: The log type that this config enables.
   677  	//
   678  	// Possible values:
   679  	//   "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this.
   680  	//   "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy
   681  	//   "DATA_WRITE" - Data writes. Example: CloudSQL Users create
   682  	//   "DATA_READ" - Data reads. Example: CloudSQL Users list
   683  	LogType string `json:"logType,omitempty"`
   684  	// ForceSendFields is a list of field names (e.g. "ExemptedMembers") to
   685  	// unconditionally include in API requests. By default, fields with empty or
   686  	// default values are omitted from API requests. See
   687  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   688  	// details.
   689  	ForceSendFields []string `json:"-"`
   690  	// NullFields is a list of field names (e.g. "ExemptedMembers") to include in
   691  	// API requests with the JSON null value. By default, fields with empty values
   692  	// are omitted from API requests. See
   693  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   694  	NullFields []string `json:"-"`
   695  }
   696  
   697  func (s *AuditLogConfig) MarshalJSON() ([]byte, error) {
   698  	type NoMethod AuditLogConfig
   699  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   700  }
   701  
   702  // AuditableService: Contains information about an auditable service.
   703  type AuditableService struct {
   704  	// Name: Public name of the service. For example, the service name for IAM is
   705  	// 'iam.googleapis.com'.
   706  	Name string `json:"name,omitempty"`
   707  	// ForceSendFields is a list of field names (e.g. "Name") to unconditionally
   708  	// include in API requests. By default, fields with empty or default values are
   709  	// omitted from API requests. See
   710  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   711  	// details.
   712  	ForceSendFields []string `json:"-"`
   713  	// NullFields is a list of field names (e.g. "Name") to include in API requests
   714  	// with the JSON null value. By default, fields with empty values are omitted
   715  	// from API requests. See
   716  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   717  	NullFields []string `json:"-"`
   718  }
   719  
   720  func (s *AuditableService) MarshalJSON() ([]byte, error) {
   721  	type NoMethod AuditableService
   722  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   723  }
   724  
   725  // Aws: Represents an Amazon Web Services identity provider.
   726  type Aws struct {
   727  	// AccountId: Required. The AWS account ID.
   728  	AccountId string `json:"accountId,omitempty"`
   729  	// ForceSendFields is a list of field names (e.g. "AccountId") to
   730  	// unconditionally include in API requests. By default, fields with empty or
   731  	// default values are omitted from API requests. See
   732  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   733  	// details.
   734  	ForceSendFields []string `json:"-"`
   735  	// NullFields is a list of field names (e.g. "AccountId") to include in API
   736  	// requests with the JSON null value. By default, fields with empty values are
   737  	// omitted from API requests. See
   738  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   739  	NullFields []string `json:"-"`
   740  }
   741  
   742  func (s *Aws) MarshalJSON() ([]byte, error) {
   743  	type NoMethod Aws
   744  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   745  }
   746  
   747  // Binding: Associates `members`, or principals, with a `role`.
   748  type Binding struct {
   749  	// Condition: The condition that is associated with this binding. If the
   750  	// condition evaluates to `true`, then this binding applies to the current
   751  	// request. If the condition evaluates to `false`, then this binding does not
   752  	// apply to the current request. However, a different role binding might grant
   753  	// the same role to one or more of the principals in this binding. To learn
   754  	// which resources support conditions in their IAM policies, see the IAM
   755  	// documentation
   756  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
   757  	Condition *Expr `json:"condition,omitempty"`
   758  	// Members: Specifies the principals requesting access for a Google Cloud
   759  	// resource. `members` can have the following values: * `allUsers`: A special
   760  	// identifier that represents anyone who is on the internet; with or without a
   761  	// Google account. * `allAuthenticatedUsers`: A special identifier that
   762  	// represents anyone who is authenticated with a Google account or a service
   763  	// account. Does not include identities that come from external identity
   764  	// providers (IdPs) through identity federation. * `user:{emailid}`: An email
   765  	// address that represents a specific Google account. For example,
   766  	// `alice@example.com` . * `serviceAccount:{emailid}`: An email address that
   767  	// represents a Google service account. For example,
   768  	// `my-other-app@appspot.gserviceaccount.com`. *
   769  	// `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An
   770  	// identifier for a Kubernetes service account
   771  	// (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts).
   772  	// For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
   773  	// `group:{emailid}`: An email address that represents a Google group. For
   774  	// example, `admins@example.com`. * `domain:{domain}`: The G Suite domain
   775  	// (primary) that represents all the users of that domain. For example,
   776  	// `google.com` or `example.com`. *
   777  	// `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/sub
   778  	// ject/{subject_attribute_value}`: A single identity in a workforce identity
   779  	// pool. *
   780  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   781  	// group/{group_id}`: All workforce identities in a group. *
   782  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   783  	// attribute.{attribute_name}/{attribute_value}`: All workforce identities with
   784  	// a specific attribute value. *
   785  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   786  	// *`: All identities in a workforce identity pool. *
   787  	// `principal://iam.googleapis.com/projects/{project_number}/locations/global/wo
   788  	// rkloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
   789  	// identity in a workload identity pool. *
   790  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   791  	// /workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool
   792  	// group. *
   793  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   794  	// /workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}
   795  	// `: All identities in a workload identity pool with a certain attribute. *
   796  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   797  	// /workloadIdentityPools/{pool_id}/*`: All identities in a workload identity
   798  	// pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
   799  	// unique identifier) representing a user that has been recently deleted. For
   800  	// example, `alice@example.com?uid=123456789012345678901`. If the user is
   801  	// recovered, this value reverts to `user:{emailid}` and the recovered user
   802  	// retains the role in the binding. *
   803  	// `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
   804  	// unique identifier) representing a service account that has been recently
   805  	// deleted. For example,
   806  	// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the
   807  	// service account is undeleted, this value reverts to
   808  	// `serviceAccount:{emailid}` and the undeleted service account retains the
   809  	// role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email
   810  	// address (plus unique identifier) representing a Google group that has been
   811  	// recently deleted. For example,
   812  	// `admins@example.com?uid=123456789012345678901`. If the group is recovered,
   813  	// this value reverts to `group:{emailid}` and the recovered group retains the
   814  	// role in the binding. *
   815  	// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool
   816  	// _id}/subject/{subject_attribute_value}`: Deleted single identity in a
   817  	// workforce identity pool. For example,
   818  	// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-po
   819  	// ol-id/subject/my-subject-attribute-value`.
   820  	Members []string `json:"members,omitempty"`
   821  	// Role: Role that is assigned to the list of `members`, or principals. For
   822  	// example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview
   823  	// of the IAM roles and permissions, see the IAM documentation
   824  	// (https://cloud.google.com/iam/docs/roles-overview). For a list of the
   825  	// available pre-defined roles, see here
   826  	// (https://cloud.google.com/iam/docs/understanding-roles).
   827  	Role string `json:"role,omitempty"`
   828  	// ForceSendFields is a list of field names (e.g. "Condition") to
   829  	// unconditionally include in API requests. By default, fields with empty or
   830  	// default values are omitted from API requests. See
   831  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   832  	// details.
   833  	ForceSendFields []string `json:"-"`
   834  	// NullFields is a list of field names (e.g. "Condition") to include in API
   835  	// requests with the JSON null value. By default, fields with empty values are
   836  	// omitted from API requests. See
   837  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   838  	NullFields []string `json:"-"`
   839  }
   840  
   841  func (s *Binding) MarshalJSON() ([]byte, error) {
   842  	type NoMethod Binding
   843  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   844  }
   845  
   846  // BindingDelta: One delta entry for Binding. Each individual change (only one
   847  // member in each entry) to a binding will be a separate entry.
   848  type BindingDelta struct {
   849  	// Action: The action that was performed on a Binding. Required
   850  	//
   851  	// Possible values:
   852  	//   "ACTION_UNSPECIFIED" - Unspecified.
   853  	//   "ADD" - Addition of a Binding.
   854  	//   "REMOVE" - Removal of a Binding.
   855  	Action string `json:"action,omitempty"`
   856  	// Condition: The condition that is associated with this binding.
   857  	Condition *Expr `json:"condition,omitempty"`
   858  	// Member: A single identity requesting access for a Google Cloud resource.
   859  	// Follows the same format of Binding.members. Required
   860  	Member string `json:"member,omitempty"`
   861  	// Role: Role that is assigned to `members`. For example, `roles/viewer`,
   862  	// `roles/editor`, or `roles/owner`. Required
   863  	Role string `json:"role,omitempty"`
   864  	// ForceSendFields is a list of field names (e.g. "Action") to unconditionally
   865  	// include in API requests. By default, fields with empty or default values are
   866  	// omitted from API requests. See
   867  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   868  	// details.
   869  	ForceSendFields []string `json:"-"`
   870  	// NullFields is a list of field names (e.g. "Action") to include in API
   871  	// requests with the JSON null value. By default, fields with empty values are
   872  	// omitted from API requests. See
   873  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   874  	NullFields []string `json:"-"`
   875  }
   876  
   877  func (s *BindingDelta) MarshalJSON() ([]byte, error) {
   878  	type NoMethod BindingDelta
   879  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   880  }
   881  
   882  // CreateRoleRequest: The request to create a new role.
   883  type CreateRoleRequest struct {
   884  	// Role: The Role resource to create.
   885  	Role *Role `json:"role,omitempty"`
   886  	// RoleId: The role ID to use for this role. A role ID may contain alphanumeric
   887  	// characters, underscores (`_`), and periods (`.`). It must contain a minimum
   888  	// of 3 characters and a maximum of 64 characters.
   889  	RoleId string `json:"roleId,omitempty"`
   890  	// ForceSendFields is a list of field names (e.g. "Role") to unconditionally
   891  	// include in API requests. By default, fields with empty or default values are
   892  	// omitted from API requests. See
   893  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   894  	// details.
   895  	ForceSendFields []string `json:"-"`
   896  	// NullFields is a list of field names (e.g. "Role") to include in API requests
   897  	// with the JSON null value. By default, fields with empty values are omitted
   898  	// from API requests. See
   899  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   900  	NullFields []string `json:"-"`
   901  }
   902  
   903  func (s *CreateRoleRequest) MarshalJSON() ([]byte, error) {
   904  	type NoMethod CreateRoleRequest
   905  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   906  }
   907  
   908  // CreateServiceAccountKeyRequest: The service account key create request.
   909  type CreateServiceAccountKeyRequest struct {
   910  	// KeyAlgorithm: Which type of key and algorithm to use for the key. The
   911  	// default is currently a 2K RSA key. However this may change in the future.
   912  	//
   913  	// Possible values:
   914  	//   "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm.
   915  	//   "KEY_ALG_RSA_1024" - 1k RSA Key.
   916  	//   "KEY_ALG_RSA_2048" - 2k RSA Key.
   917  	KeyAlgorithm string `json:"keyAlgorithm,omitempty"`
   918  	// PrivateKeyType: The output format of the private key. The default value is
   919  	// `TYPE_GOOGLE_CREDENTIALS_FILE`, which is the Google Credentials File format.
   920  	//
   921  	// Possible values:
   922  	//   "TYPE_UNSPECIFIED" - Unspecified. Equivalent to
   923  	// `TYPE_GOOGLE_CREDENTIALS_FILE`.
   924  	//   "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 file is
   925  	// `notasecret`. For more information, see https://tools.ietf.org/html/rfc7292.
   926  	//   "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format.
   927  	PrivateKeyType string `json:"privateKeyType,omitempty"`
   928  	// ForceSendFields is a list of field names (e.g. "KeyAlgorithm") to
   929  	// unconditionally include in API requests. By default, fields with empty or
   930  	// default values are omitted from API requests. See
   931  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   932  	// details.
   933  	ForceSendFields []string `json:"-"`
   934  	// NullFields is a list of field names (e.g. "KeyAlgorithm") to include in API
   935  	// requests with the JSON null value. By default, fields with empty values are
   936  	// omitted from API requests. See
   937  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   938  	NullFields []string `json:"-"`
   939  }
   940  
   941  func (s *CreateServiceAccountKeyRequest) MarshalJSON() ([]byte, error) {
   942  	type NoMethod CreateServiceAccountKeyRequest
   943  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   944  }
   945  
   946  // CreateServiceAccountRequest: The service account create request.
   947  type CreateServiceAccountRequest struct {
   948  	// AccountId: Required. The account id that is used to generate the service
   949  	// account email address and a stable unique id. It is unique within a project,
   950  	// must be 6-30 characters long, and match the regular expression
   951  	// `[a-z]([-a-z0-9]*[a-z0-9])` to comply with RFC1035.
   952  	AccountId string `json:"accountId,omitempty"`
   953  	// ServiceAccount: The ServiceAccount resource to create. Currently, only the
   954  	// following values are user assignable: `display_name` and `description`.
   955  	ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"`
   956  	// ForceSendFields is a list of field names (e.g. "AccountId") to
   957  	// unconditionally include in API requests. By default, fields with empty or
   958  	// default values are omitted from API requests. See
   959  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   960  	// details.
   961  	ForceSendFields []string `json:"-"`
   962  	// NullFields is a list of field names (e.g. "AccountId") to include in API
   963  	// requests with the JSON null value. By default, fields with empty values are
   964  	// omitted from API requests. See
   965  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   966  	NullFields []string `json:"-"`
   967  }
   968  
   969  func (s *CreateServiceAccountRequest) MarshalJSON() ([]byte, error) {
   970  	type NoMethod CreateServiceAccountRequest
   971  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   972  }
   973  
   974  // DisableServiceAccountKeyRequest: The service account key disable request.
   975  type DisableServiceAccountKeyRequest struct {
   976  	// ExtendedStatusMessage: Optional. Usable by internal google services only. An
   977  	// extended_status_message can be used to include additional information about
   978  	// the key, such as its private key data being exposed on a public repository
   979  	// like GitHub.
   980  	ExtendedStatusMessage string `json:"extendedStatusMessage,omitempty"`
   981  	// ServiceAccountKeyDisableReason: Optional. Describes the reason this key is
   982  	// being disabled. If unspecified, the default value of
   983  	// SERVICE_ACCOUNT_KEY_DISABLE_REASON_USER_INITIATED will be used.
   984  	//
   985  	// Possible values:
   986  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_UNSPECIFIED" - Unspecified disable
   987  	// reason
   988  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_USER_INITIATED" - Disabled by the user
   989  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_EXPOSED" - Google detected this
   990  	// Service Account external key's private key data as exposed, typically in a
   991  	// public repository on GitHub or similar.
   992  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_COMPROMISE_DETECTED" - This service
   993  	// account external key was detected as compromised and used by an attacker.
   994  	ServiceAccountKeyDisableReason string `json:"serviceAccountKeyDisableReason,omitempty"`
   995  	// ForceSendFields is a list of field names (e.g. "ExtendedStatusMessage") to
   996  	// unconditionally include in API requests. By default, fields with empty or
   997  	// default values are omitted from API requests. See
   998  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   999  	// details.
  1000  	ForceSendFields []string `json:"-"`
  1001  	// NullFields is a list of field names (e.g. "ExtendedStatusMessage") to
  1002  	// include in API requests with the JSON null value. By default, fields with
  1003  	// empty values are omitted from API requests. See
  1004  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1005  	NullFields []string `json:"-"`
  1006  }
  1007  
  1008  func (s *DisableServiceAccountKeyRequest) MarshalJSON() ([]byte, error) {
  1009  	type NoMethod DisableServiceAccountKeyRequest
  1010  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1011  }
  1012  
  1013  // DisableServiceAccountRequest: The service account disable request.
  1014  type DisableServiceAccountRequest struct {
  1015  }
  1016  
  1017  // Empty: A generic empty message that you can re-use to avoid defining
  1018  // duplicated empty messages in your APIs. A typical example is to use it as
  1019  // the request or the response type of an API method. For instance: service Foo
  1020  // { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
  1021  type Empty struct {
  1022  	// ServerResponse contains the HTTP response code and headers from the server.
  1023  	googleapi.ServerResponse `json:"-"`
  1024  }
  1025  
  1026  // EnableServiceAccountKeyRequest: The service account key enable request.
  1027  type EnableServiceAccountKeyRequest struct {
  1028  }
  1029  
  1030  // EnableServiceAccountRequest: The service account enable request.
  1031  type EnableServiceAccountRequest struct {
  1032  }
  1033  
  1034  // Expr: Represents a textual expression in the Common Expression Language
  1035  // (CEL) syntax. CEL is a C-like expression language. The syntax and semantics
  1036  // of CEL are documented at https://github.com/google/cel-spec. Example
  1037  // (Comparison): title: "Summary size limit" description: "Determines if a
  1038  // summary is less than 100 chars" expression: "document.summary.size() < 100"
  1039  // Example (Equality): title: "Requestor is owner" description: "Determines if
  1040  // requestor is the document owner" expression: "document.owner ==
  1041  // request.auth.claims.email" Example (Logic): title: "Public documents"
  1042  // description: "Determine whether the document should be publicly visible"
  1043  // expression: "document.type != 'private' && document.type != 'internal'"
  1044  // Example (Data Manipulation): title: "Notification string" description:
  1045  // "Create a notification string with a timestamp." expression: "'New message
  1046  // received at ' + string(document.create_time)" The exact variables and
  1047  // functions that may be referenced within an expression are determined by the
  1048  // service that evaluates it. See the service documentation for additional
  1049  // information.
  1050  type Expr struct {
  1051  	// Description: Optional. Description of the expression. This is a longer text
  1052  	// which describes the expression, e.g. when hovered over it in a UI.
  1053  	Description string `json:"description,omitempty"`
  1054  	// Expression: Textual representation of an expression in Common Expression
  1055  	// Language syntax.
  1056  	Expression string `json:"expression,omitempty"`
  1057  	// Location: Optional. String indicating the location of the expression for
  1058  	// error reporting, e.g. a file name and a position in the file.
  1059  	Location string `json:"location,omitempty"`
  1060  	// Title: Optional. Title for the expression, i.e. a short string describing
  1061  	// its purpose. This can be used e.g. in UIs which allow to enter the
  1062  	// expression.
  1063  	Title string `json:"title,omitempty"`
  1064  	// ForceSendFields is a list of field names (e.g. "Description") to
  1065  	// unconditionally include in API requests. By default, fields with empty or
  1066  	// default values are omitted from API requests. See
  1067  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1068  	// details.
  1069  	ForceSendFields []string `json:"-"`
  1070  	// NullFields is a list of field names (e.g. "Description") to include in API
  1071  	// requests with the JSON null value. By default, fields with empty values are
  1072  	// omitted from API requests. See
  1073  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1074  	NullFields []string `json:"-"`
  1075  }
  1076  
  1077  func (s *Expr) MarshalJSON() ([]byte, error) {
  1078  	type NoMethod Expr
  1079  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1080  }
  1081  
  1082  // ExtendedStatus: Extended status can store additional metadata. For example,
  1083  // for keys disabled due to their private key data being expoesed we may
  1084  // include a message with more information about the exposure.
  1085  type ExtendedStatus struct {
  1086  	// Key: The key for this extended status.
  1087  	//
  1088  	// Possible values:
  1089  	//   "SERVICE_ACCOUNT_KEY_EXTENDED_STATUS_KEY_UNSPECIFIED" - Unspecified
  1090  	// extended status, should not be used.
  1091  	//   "SERVICE_ACCOUNT_KEY_EXTENDED_STATUS_KEY_EXPOSED" - This key has been
  1092  	// detected as exposed. extended_status_value may contain information about the
  1093  	// exposure (public GitHub repo, open internet, etc.)
  1094  	//   "SERVICE_ACCOUNT_KEY_EXTENDED_STATUS_KEY_COMPROMISE_DETECTED" - This key
  1095  	// was implicated in a compromise or other attack. extended_status_value may
  1096  	// contain information about the abuse perpetrated.
  1097  	Key string `json:"key,omitempty"`
  1098  	// Value: The value for the extended status.
  1099  	Value string `json:"value,omitempty"`
  1100  	// ForceSendFields is a list of field names (e.g. "Key") to unconditionally
  1101  	// include in API requests. By default, fields with empty or default values are
  1102  	// omitted from API requests. See
  1103  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1104  	// details.
  1105  	ForceSendFields []string `json:"-"`
  1106  	// NullFields is a list of field names (e.g. "Key") to include in API requests
  1107  	// with the JSON null value. By default, fields with empty values are omitted
  1108  	// from API requests. See
  1109  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1110  	NullFields []string `json:"-"`
  1111  }
  1112  
  1113  func (s *ExtendedStatus) MarshalJSON() ([]byte, error) {
  1114  	type NoMethod ExtendedStatus
  1115  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1116  }
  1117  
  1118  // GetIamPolicyRequest: Request message for `GetIamPolicy` method.
  1119  type GetIamPolicyRequest struct {
  1120  	// Options: OPTIONAL: A `GetPolicyOptions` object for specifying options to
  1121  	// `GetIamPolicy`.
  1122  	Options *GetPolicyOptions `json:"options,omitempty"`
  1123  	// ForceSendFields is a list of field names (e.g. "Options") to unconditionally
  1124  	// include in API requests. By default, fields with empty or default values are
  1125  	// omitted from API requests. See
  1126  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1127  	// details.
  1128  	ForceSendFields []string `json:"-"`
  1129  	// NullFields is a list of field names (e.g. "Options") to include in API
  1130  	// requests with the JSON null value. By default, fields with empty values are
  1131  	// omitted from API requests. See
  1132  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1133  	NullFields []string `json:"-"`
  1134  }
  1135  
  1136  func (s *GetIamPolicyRequest) MarshalJSON() ([]byte, error) {
  1137  	type NoMethod GetIamPolicyRequest
  1138  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1139  }
  1140  
  1141  // GetPolicyOptions: Encapsulates settings provided to GetIamPolicy.
  1142  type GetPolicyOptions struct {
  1143  	// RequestedPolicyVersion: Optional. The maximum policy version that will be
  1144  	// used to format the policy. Valid values are 0, 1, and 3. Requests specifying
  1145  	// an invalid value will be rejected. Requests for policies with any
  1146  	// conditional role bindings must specify version 3. Policies with no
  1147  	// conditional role bindings may specify any valid value or leave the field
  1148  	// unset. The policy in the response might use the policy version that you
  1149  	// specified, or it might use a lower policy version. For example, if you
  1150  	// specify version 3, but the policy has no conditional role bindings, the
  1151  	// response uses version 1. To learn which resources support conditions in
  1152  	// their IAM policies, see the IAM documentation
  1153  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
  1154  	RequestedPolicyVersion int64 `json:"requestedPolicyVersion,omitempty"`
  1155  	// ForceSendFields is a list of field names (e.g. "RequestedPolicyVersion") to
  1156  	// unconditionally include in API requests. By default, fields with empty or
  1157  	// default values are omitted from API requests. See
  1158  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1159  	// details.
  1160  	ForceSendFields []string `json:"-"`
  1161  	// NullFields is a list of field names (e.g. "RequestedPolicyVersion") to
  1162  	// include in API requests with the JSON null value. By default, fields with
  1163  	// empty values are omitted from API requests. See
  1164  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1165  	NullFields []string `json:"-"`
  1166  }
  1167  
  1168  func (s *GetPolicyOptions) MarshalJSON() ([]byte, error) {
  1169  	type NoMethod GetPolicyOptions
  1170  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1171  }
  1172  
  1173  // GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2Client: Represents
  1174  // the OAuth 2.0 client credential configuration for retrieving additional user
  1175  // attributes that are not present in the initial authentication credentials
  1176  // from the identity provider, e.g. groups. See
  1177  // https://datatracker.ietf.org/doc/html/rfc6749#section-4.4 for more details
  1178  // on client credentials grant flow.
  1179  type GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2Client struct {
  1180  	// AttributesType: Required. Represents the IdP and type of claims that should
  1181  	// be fetched.
  1182  	//
  1183  	// Possible values:
  1184  	//   "ATTRIBUTES_TYPE_UNSPECIFIED" - No AttributesType specified.
  1185  	//   "AZURE_AD_GROUPS_MAIL" - Used to get the user's group claims from the
  1186  	// Azure AD identity provider using configuration provided in
  1187  	// ExtraAttributesOAuth2Client and `mail` property of the
  1188  	// `microsoft.graph.group` object is used for claim mapping. See
  1189  	// https://learn.microsoft.com/en-us/graph/api/resources/group?view=graph-rest-1.0#properties
  1190  	// for more details on `microsoft.graph.group` properties. The attributes
  1191  	// obtained from idntity provider are mapped to `assertion.groups`.
  1192  	AttributesType string `json:"attributesType,omitempty"`
  1193  	// ClientId: Required. The OAuth 2.0 client ID for retrieving extra attributes
  1194  	// from the identity provider. Required to get the Access Token using client
  1195  	// credentials grant flow.
  1196  	ClientId string `json:"clientId,omitempty"`
  1197  	// ClientSecret: Required. The OAuth 2.0 client secret for retrieving extra
  1198  	// attributes from the identity provider. Required to get the Access Token
  1199  	// using client credentials grant flow.
  1200  	ClientSecret *GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret `json:"clientSecret,omitempty"`
  1201  	// IssuerUri: Required. The OIDC identity provider's issuer URI. Must be a
  1202  	// valid URI using the `https` scheme. Required to get the OIDC discovery
  1203  	// document.
  1204  	IssuerUri string `json:"issuerUri,omitempty"`
  1205  	// QueryParameters: Optional. Represents the parameters to control which claims
  1206  	// are fetched from an IdP.
  1207  	QueryParameters *GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2ClientQueryParameters `json:"queryParameters,omitempty"`
  1208  	// ForceSendFields is a list of field names (e.g. "AttributesType") to
  1209  	// unconditionally include in API requests. By default, fields with empty or
  1210  	// default values are omitted from API requests. See
  1211  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1212  	// details.
  1213  	ForceSendFields []string `json:"-"`
  1214  	// NullFields is a list of field names (e.g. "AttributesType") to include in
  1215  	// API requests with the JSON null value. By default, fields with empty values
  1216  	// are omitted from API requests. See
  1217  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1218  	NullFields []string `json:"-"`
  1219  }
  1220  
  1221  func (s *GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2Client) MarshalJSON() ([]byte, error) {
  1222  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2Client
  1223  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1224  }
  1225  
  1226  // GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2ClientQueryParamete
  1227  // rs: Represents the parameters to control which claims are fetched from an
  1228  // IdP.
  1229  type GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2ClientQueryParameters struct {
  1230  	// Filter: Optional. The filter used to request specific records from IdP. In
  1231  	// case of attributes type as AZURE_AD_GROUPS_MAIL, it represents the filter
  1232  	// used to request specific groups for users from IdP. By default, all of the
  1233  	// groups associated with the user are fetched. The groups should be mail
  1234  	// enabled and security enabled. See
  1235  	// https://learn.microsoft.com/en-us/graph/search-query-parameter for more
  1236  	// details.
  1237  	Filter string `json:"filter,omitempty"`
  1238  	// ForceSendFields is a list of field names (e.g. "Filter") to unconditionally
  1239  	// include in API requests. By default, fields with empty or default values are
  1240  	// omitted from API requests. See
  1241  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1242  	// details.
  1243  	ForceSendFields []string `json:"-"`
  1244  	// NullFields is a list of field names (e.g. "Filter") to include in API
  1245  	// requests with the JSON null value. By default, fields with empty values are
  1246  	// omitted from API requests. See
  1247  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1248  	NullFields []string `json:"-"`
  1249  }
  1250  
  1251  func (s *GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2ClientQueryParameters) MarshalJSON() ([]byte, error) {
  1252  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2ClientQueryParameters
  1253  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1254  }
  1255  
  1256  // GoogleIamAdminV1WorkforcePoolProviderOidc: Represents an OpenId Connect 1.0
  1257  // identity provider.
  1258  type GoogleIamAdminV1WorkforcePoolProviderOidc struct {
  1259  	// ClientId: Required. The client ID. Must match the audience claim of the JWT
  1260  	// issued by the identity provider.
  1261  	ClientId string `json:"clientId,omitempty"`
  1262  	// ClientSecret: The optional client secret. Required to enable Authorization
  1263  	// Code flow for web sign-in.
  1264  	ClientSecret *GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret `json:"clientSecret,omitempty"`
  1265  	// IssuerUri: Required. The OIDC issuer URI. Must be a valid URI using the
  1266  	// `https` scheme.
  1267  	IssuerUri string `json:"issuerUri,omitempty"`
  1268  	// JwksJson: OIDC JWKs in JSON String format. For details on the definition of
  1269  	// a JWK, see https://tools.ietf.org/html/rfc7517. If not set, the `jwks_uri`
  1270  	// from the discovery document(fetched from the .well-known path of the
  1271  	// `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are
  1272  	// supported. The JWK must use following format and include only the following
  1273  	// fields: { "keys": [ { "kty": "RSA/EC", "alg": "", "use": "sig", "kid": "",
  1274  	// "n": "", "e": "", "x": "", "y": "", "crv": "" } ] }
  1275  	JwksJson string `json:"jwksJson,omitempty"`
  1276  	// WebSsoConfig: Required. Configuration for web single sign-on for the OIDC
  1277  	// provider. Here, web sign-in refers to console sign-in and gcloud sign-in
  1278  	// through the browser.
  1279  	WebSsoConfig *GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig `json:"webSsoConfig,omitempty"`
  1280  	// ForceSendFields is a list of field names (e.g. "ClientId") to
  1281  	// unconditionally include in API requests. By default, fields with empty or
  1282  	// default values are omitted from API requests. See
  1283  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1284  	// details.
  1285  	ForceSendFields []string `json:"-"`
  1286  	// NullFields is a list of field names (e.g. "ClientId") to include in API
  1287  	// requests with the JSON null value. By default, fields with empty values are
  1288  	// omitted from API requests. See
  1289  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1290  	NullFields []string `json:"-"`
  1291  }
  1292  
  1293  func (s *GoogleIamAdminV1WorkforcePoolProviderOidc) MarshalJSON() ([]byte, error) {
  1294  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderOidc
  1295  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1296  }
  1297  
  1298  // GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret: Representation of a
  1299  // client secret configured for the OIDC provider.
  1300  type GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret struct {
  1301  	// Value: The value of the client secret.
  1302  	Value *GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue `json:"value,omitempty"`
  1303  	// ForceSendFields is a list of field names (e.g. "Value") to unconditionally
  1304  	// include in API requests. By default, fields with empty or default values are
  1305  	// omitted from API requests. See
  1306  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1307  	// details.
  1308  	ForceSendFields []string `json:"-"`
  1309  	// NullFields is a list of field names (e.g. "Value") to include in API
  1310  	// requests with the JSON null value. By default, fields with empty values are
  1311  	// omitted from API requests. See
  1312  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1313  	NullFields []string `json:"-"`
  1314  }
  1315  
  1316  func (s *GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret) MarshalJSON() ([]byte, error) {
  1317  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderOidcClientSecret
  1318  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1319  }
  1320  
  1321  // GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue: Representation
  1322  // of the value of the client secret.
  1323  type GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue struct {
  1324  	// PlainText: Input only. The plain text of the client secret value. For
  1325  	// security reasons, this field is only used for input and will never be
  1326  	// populated in any response.
  1327  	PlainText string `json:"plainText,omitempty"`
  1328  	// Thumbprint: Output only. A thumbprint to represent the current client secret
  1329  	// value.
  1330  	Thumbprint string `json:"thumbprint,omitempty"`
  1331  	// ForceSendFields is a list of field names (e.g. "PlainText") to
  1332  	// unconditionally include in API requests. By default, fields with empty or
  1333  	// default values are omitted from API requests. See
  1334  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1335  	// details.
  1336  	ForceSendFields []string `json:"-"`
  1337  	// NullFields is a list of field names (e.g. "PlainText") to include in API
  1338  	// requests with the JSON null value. By default, fields with empty values are
  1339  	// omitted from API requests. See
  1340  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1341  	NullFields []string `json:"-"`
  1342  }
  1343  
  1344  func (s *GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue) MarshalJSON() ([]byte, error) {
  1345  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderOidcClientSecretValue
  1346  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1347  }
  1348  
  1349  // GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig: Configuration for web
  1350  // single sign-on for the OIDC provider.
  1351  type GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig struct {
  1352  	// AdditionalScopes: Additional scopes to request for in the OIDC
  1353  	// authentication request on top of scopes requested by default. By default,
  1354  	// the `openid`, `profile` and `email` scopes that are supported by the
  1355  	// identity provider are requested. Each additional scope may be at most 256
  1356  	// characters. A maximum of 10 additional scopes may be configured.
  1357  	AdditionalScopes []string `json:"additionalScopes,omitempty"`
  1358  	// AssertionClaimsBehavior: Required. The behavior for how OIDC Claims are
  1359  	// included in the `assertion` object used for attribute mapping and attribute
  1360  	// condition.
  1361  	//
  1362  	// Possible values:
  1363  	//   "ASSERTION_CLAIMS_BEHAVIOR_UNSPECIFIED" - No assertion claims behavior
  1364  	// specified.
  1365  	//   "MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS" - Merge the UserInfo Endpoint
  1366  	// Claims with ID Token Claims, preferring UserInfo Claim Values for the same
  1367  	// Claim Name. This option is available only for the Authorization Code Flow.
  1368  	//   "ONLY_ID_TOKEN_CLAIMS" - Only include ID Token Claims.
  1369  	AssertionClaimsBehavior string `json:"assertionClaimsBehavior,omitempty"`
  1370  	// ResponseType: Required. The Response Type to request for in the OIDC
  1371  	// Authorization Request for web sign-in. The `CODE` Response Type is
  1372  	// recommended to avoid the Implicit Flow, for security reasons.
  1373  	//
  1374  	// Possible values:
  1375  	//   "RESPONSE_TYPE_UNSPECIFIED" - No Response Type specified.
  1376  	//   "CODE" - The `response_type=code` selection uses the Authorization Code
  1377  	// Flow for web sign-in. Requires a configured client secret.
  1378  	//   "ID_TOKEN" - The `response_type=id_token` selection uses the Implicit Flow
  1379  	// for web sign-in.
  1380  	ResponseType string `json:"responseType,omitempty"`
  1381  	// ForceSendFields is a list of field names (e.g. "AdditionalScopes") to
  1382  	// unconditionally include in API requests. By default, fields with empty or
  1383  	// default values are omitted from API requests. See
  1384  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1385  	// details.
  1386  	ForceSendFields []string `json:"-"`
  1387  	// NullFields is a list of field names (e.g. "AdditionalScopes") to include in
  1388  	// API requests with the JSON null value. By default, fields with empty values
  1389  	// are omitted from API requests. See
  1390  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1391  	NullFields []string `json:"-"`
  1392  }
  1393  
  1394  func (s *GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig) MarshalJSON() ([]byte, error) {
  1395  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderOidcWebSsoConfig
  1396  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1397  }
  1398  
  1399  // GoogleIamAdminV1WorkforcePoolProviderSaml: Represents a SAML identity
  1400  // provider.
  1401  type GoogleIamAdminV1WorkforcePoolProviderSaml struct {
  1402  	// IdpMetadataXml: Required. SAML Identity provider configuration metadata xml
  1403  	// doc. The xml document should comply with SAML 2.0 specification
  1404  	// (https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf).
  1405  	// The max size of the acceptable xml document will be bounded to 128k
  1406  	// characters. The metadata xml document should satisfy the following
  1407  	// constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain
  1408  	// at least one non-expired signing key certificate. 3) For each signing key:
  1409  	// a) Valid from should be no more than 7 days from now. b) Valid to should be
  1410  	// no more than 15 years in the future. 4) Up to 3 IdP signing keys are allowed
  1411  	// in the metadata xml. When updating the provider's metadata xml, at least one
  1412  	// non-expired signing key must overlap with the existing metadata. This
  1413  	// requirement is skipped if there are no non-expired signing keys present in
  1414  	// the existing metadata.
  1415  	IdpMetadataXml string `json:"idpMetadataXml,omitempty"`
  1416  	// ForceSendFields is a list of field names (e.g. "IdpMetadataXml") to
  1417  	// unconditionally include in API requests. By default, fields with empty or
  1418  	// default values are omitted from API requests. See
  1419  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1420  	// details.
  1421  	ForceSendFields []string `json:"-"`
  1422  	// NullFields is a list of field names (e.g. "IdpMetadataXml") to include in
  1423  	// API requests with the JSON null value. By default, fields with empty values
  1424  	// are omitted from API requests. See
  1425  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1426  	NullFields []string `json:"-"`
  1427  }
  1428  
  1429  func (s *GoogleIamAdminV1WorkforcePoolProviderSaml) MarshalJSON() ([]byte, error) {
  1430  	type NoMethod GoogleIamAdminV1WorkforcePoolProviderSaml
  1431  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1432  }
  1433  
  1434  // KeyData: Represents a public key data along with its format.
  1435  type KeyData struct {
  1436  	// Format: Output only. The format of the key.
  1437  	//
  1438  	// Possible values:
  1439  	//   "KEY_FORMAT_UNSPECIFIED" - No format has been specified. This is an
  1440  	// invalid format and must not be used.
  1441  	//   "RSA_X509_PEM" - A RSA public key wrapped in an X.509v3 certificate
  1442  	// ([RFC5280] ( https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and
  1443  	// wrapped in [public certificate
  1444  	// label](https://datatracker.ietf.org/doc/html/rfc7468#section-5.1).
  1445  	Format string `json:"format,omitempty"`
  1446  	// Key: Output only. The key data. The format of the key is represented by the
  1447  	// format field.
  1448  	Key string `json:"key,omitempty"`
  1449  	// KeySpec: Required. The specifications for the key.
  1450  	//
  1451  	// Possible values:
  1452  	//   "KEY_SPEC_UNSPECIFIED" - No key specification specified.
  1453  	//   "RSA_2048" - A 2048 bit RSA key.
  1454  	//   "RSA_3072" - A 3072 bit RSA key.
  1455  	//   "RSA_4096" - A 4096 bit RSA key.
  1456  	KeySpec string `json:"keySpec,omitempty"`
  1457  	// NotAfterTime: Output only. Latest timestamp when this key is valid. Attempts
  1458  	// to use this key after this time will fail. Only present if the key data
  1459  	// represents a X.509 certificate.
  1460  	NotAfterTime string `json:"notAfterTime,omitempty"`
  1461  	// NotBeforeTime: Output only. Earliest timestamp when this key is valid.
  1462  	// Attempts to use this key before this time will fail. Only present if the key
  1463  	// data represents a X.509 certificate.
  1464  	NotBeforeTime string `json:"notBeforeTime,omitempty"`
  1465  	// ForceSendFields is a list of field names (e.g. "Format") to unconditionally
  1466  	// include in API requests. By default, fields with empty or default values are
  1467  	// omitted from API requests. See
  1468  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1469  	// details.
  1470  	ForceSendFields []string `json:"-"`
  1471  	// NullFields is a list of field names (e.g. "Format") to include in API
  1472  	// requests with the JSON null value. By default, fields with empty values are
  1473  	// omitted from API requests. See
  1474  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1475  	NullFields []string `json:"-"`
  1476  }
  1477  
  1478  func (s *KeyData) MarshalJSON() ([]byte, error) {
  1479  	type NoMethod KeyData
  1480  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1481  }
  1482  
  1483  // LintPolicyRequest: The request to lint an IAM policy object.
  1484  type LintPolicyRequest struct {
  1485  	// Condition: google.iam.v1.Binding.condition object to be linted.
  1486  	Condition *Expr `json:"condition,omitempty"`
  1487  	// FullResourceName: The full resource name of the policy this lint request is
  1488  	// about. The name follows the Google Cloud format for full resource names. For
  1489  	// example, a Google Cloud project with ID `my-project` will be named
  1490  	// `//cloudresourcemanager.googleapis.com/projects/my-project`. The resource
  1491  	// name is not used to read a policy from IAM. Only the data in the request
  1492  	// object is linted.
  1493  	FullResourceName string `json:"fullResourceName,omitempty"`
  1494  	// ForceSendFields is a list of field names (e.g. "Condition") to
  1495  	// unconditionally include in API requests. By default, fields with empty or
  1496  	// default values are omitted from API requests. See
  1497  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1498  	// details.
  1499  	ForceSendFields []string `json:"-"`
  1500  	// NullFields is a list of field names (e.g. "Condition") to include in API
  1501  	// requests with the JSON null value. By default, fields with empty values are
  1502  	// omitted from API requests. See
  1503  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1504  	NullFields []string `json:"-"`
  1505  }
  1506  
  1507  func (s *LintPolicyRequest) MarshalJSON() ([]byte, error) {
  1508  	type NoMethod LintPolicyRequest
  1509  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1510  }
  1511  
  1512  // LintPolicyResponse: The response of a lint operation. An empty response
  1513  // indicates the operation was able to fully execute and no lint issue was
  1514  // found.
  1515  type LintPolicyResponse struct {
  1516  	// LintResults: List of lint results sorted by `severity` in descending order.
  1517  	LintResults []*LintResult `json:"lintResults,omitempty"`
  1518  
  1519  	// ServerResponse contains the HTTP response code and headers from the server.
  1520  	googleapi.ServerResponse `json:"-"`
  1521  	// ForceSendFields is a list of field names (e.g. "LintResults") to
  1522  	// unconditionally include in API requests. By default, fields with empty or
  1523  	// default values are omitted from API requests. See
  1524  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1525  	// details.
  1526  	ForceSendFields []string `json:"-"`
  1527  	// NullFields is a list of field names (e.g. "LintResults") to include in API
  1528  	// requests with the JSON null value. By default, fields with empty values are
  1529  	// omitted from API requests. See
  1530  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1531  	NullFields []string `json:"-"`
  1532  }
  1533  
  1534  func (s *LintPolicyResponse) MarshalJSON() ([]byte, error) {
  1535  	type NoMethod LintPolicyResponse
  1536  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1537  }
  1538  
  1539  // LintResult: Structured response of a single validation unit.
  1540  type LintResult struct {
  1541  	// DebugMessage: Human readable debug message associated with the issue.
  1542  	DebugMessage string `json:"debugMessage,omitempty"`
  1543  	// FieldName: The name of the field for which this lint result is about. For
  1544  	// nested messages `field_name` consists of names of the embedded fields
  1545  	// separated by period character. The top-level qualifier is the input object
  1546  	// to lint in the request. For example, the `field_name` value
  1547  	// `condition.expression` identifies a lint result for the `expression` field
  1548  	// of the provided condition.
  1549  	FieldName string `json:"fieldName,omitempty"`
  1550  	// Level: The validation unit level.
  1551  	//
  1552  	// Possible values:
  1553  	//   "LEVEL_UNSPECIFIED" - Level is unspecified.
  1554  	//   "CONDITION" - A validation unit which operates on an individual condition
  1555  	// within a binding.
  1556  	Level string `json:"level,omitempty"`
  1557  	// LocationOffset: 0-based character position of problematic construct within
  1558  	// the object identified by `field_name`. Currently, this is populated only for
  1559  	// condition expression.
  1560  	LocationOffset int64 `json:"locationOffset,omitempty"`
  1561  	// Severity: The validation unit severity.
  1562  	//
  1563  	// Possible values:
  1564  	//   "SEVERITY_UNSPECIFIED" - Severity is unspecified.
  1565  	//   "ERROR" - A validation unit returns an error only for critical issues. If
  1566  	// an attempt is made to set the problematic policy without rectifying the
  1567  	// critical issue, it causes the `setPolicy` operation to fail.
  1568  	//   "WARNING" - Any issue which is severe enough but does not cause an error.
  1569  	// For example, suspicious constructs in the input object will not necessarily
  1570  	// fail `setPolicy`, but there is a high likelihood that they won't behave as
  1571  	// expected during policy evaluation in `checkPolicy`. This includes the
  1572  	// following common scenarios: - Unsatisfiable condition: Expired timestamp in
  1573  	// date/time condition. - Ineffective condition: Condition on a pair which is
  1574  	// granted unconditionally in another binding of the same policy.
  1575  	//   "NOTICE" - Reserved for the issues that are not severe as
  1576  	// `ERROR`/`WARNING`, but need special handling. For instance, messages about
  1577  	// skipped validation units are issued as `NOTICE`.
  1578  	//   "INFO" - Any informative statement which is not severe enough to raise
  1579  	// `ERROR`/`WARNING`/`NOTICE`, like auto-correction recommendations on the
  1580  	// input content. Note that current version of the linter does not utilize
  1581  	// `INFO`.
  1582  	//   "DEPRECATED" - Deprecated severity level.
  1583  	Severity string `json:"severity,omitempty"`
  1584  	// ValidationUnitName: The validation unit name, for instance
  1585  	// "lintValidationUnits/ConditionComplexityCheck".
  1586  	ValidationUnitName string `json:"validationUnitName,omitempty"`
  1587  	// ForceSendFields is a list of field names (e.g. "DebugMessage") to
  1588  	// unconditionally include in API requests. By default, fields with empty or
  1589  	// default values are omitted from API requests. See
  1590  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1591  	// details.
  1592  	ForceSendFields []string `json:"-"`
  1593  	// NullFields is a list of field names (e.g. "DebugMessage") to include in API
  1594  	// requests with the JSON null value. By default, fields with empty values are
  1595  	// omitted from API requests. See
  1596  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1597  	NullFields []string `json:"-"`
  1598  }
  1599  
  1600  func (s *LintResult) MarshalJSON() ([]byte, error) {
  1601  	type NoMethod LintResult
  1602  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1603  }
  1604  
  1605  // ListOauthClientCredentialsResponse: Response message for
  1606  // ListOauthClientCredentials.
  1607  type ListOauthClientCredentialsResponse struct {
  1608  	// OauthClientCredentials: A list of oauth client credentials.
  1609  	OauthClientCredentials []*OauthClientCredential `json:"oauthClientCredentials,omitempty"`
  1610  
  1611  	// ServerResponse contains the HTTP response code and headers from the server.
  1612  	googleapi.ServerResponse `json:"-"`
  1613  	// ForceSendFields is a list of field names (e.g. "OauthClientCredentials") to
  1614  	// unconditionally include in API requests. By default, fields with empty or
  1615  	// default values are omitted from API requests. See
  1616  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1617  	// details.
  1618  	ForceSendFields []string `json:"-"`
  1619  	// NullFields is a list of field names (e.g. "OauthClientCredentials") to
  1620  	// include in API requests with the JSON null value. By default, fields with
  1621  	// empty values are omitted from API requests. See
  1622  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1623  	NullFields []string `json:"-"`
  1624  }
  1625  
  1626  func (s *ListOauthClientCredentialsResponse) MarshalJSON() ([]byte, error) {
  1627  	type NoMethod ListOauthClientCredentialsResponse
  1628  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1629  }
  1630  
  1631  // ListOauthClientsResponse: Response message for ListOauthClients.
  1632  type ListOauthClientsResponse struct {
  1633  	// NextPageToken: Optional. A token, which can be sent as `page_token` to
  1634  	// retrieve the next page. If this field is omitted, there are no subsequent
  1635  	// pages.
  1636  	NextPageToken string `json:"nextPageToken,omitempty"`
  1637  	// OauthClients: A list of oauth clients.
  1638  	OauthClients []*OauthClient `json:"oauthClients,omitempty"`
  1639  
  1640  	// ServerResponse contains the HTTP response code and headers from the server.
  1641  	googleapi.ServerResponse `json:"-"`
  1642  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1643  	// unconditionally include in API requests. By default, fields with empty or
  1644  	// default values are omitted from API requests. See
  1645  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1646  	// details.
  1647  	ForceSendFields []string `json:"-"`
  1648  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1649  	// requests with the JSON null value. By default, fields with empty values are
  1650  	// omitted from API requests. See
  1651  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1652  	NullFields []string `json:"-"`
  1653  }
  1654  
  1655  func (s *ListOauthClientsResponse) MarshalJSON() ([]byte, error) {
  1656  	type NoMethod ListOauthClientsResponse
  1657  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1658  }
  1659  
  1660  // ListRolesResponse: The response containing the roles defined under a
  1661  // resource.
  1662  type ListRolesResponse struct {
  1663  	// NextPageToken: To retrieve the next page of results, set
  1664  	// `ListRolesRequest.page_token` to this value.
  1665  	NextPageToken string `json:"nextPageToken,omitempty"`
  1666  	// Roles: The Roles defined on this resource.
  1667  	Roles []*Role `json:"roles,omitempty"`
  1668  
  1669  	// ServerResponse contains the HTTP response code and headers from the server.
  1670  	googleapi.ServerResponse `json:"-"`
  1671  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1672  	// unconditionally include in API requests. By default, fields with empty or
  1673  	// default values are omitted from API requests. See
  1674  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1675  	// details.
  1676  	ForceSendFields []string `json:"-"`
  1677  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1678  	// requests with the JSON null value. By default, fields with empty values are
  1679  	// omitted from API requests. See
  1680  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1681  	NullFields []string `json:"-"`
  1682  }
  1683  
  1684  func (s *ListRolesResponse) MarshalJSON() ([]byte, error) {
  1685  	type NoMethod ListRolesResponse
  1686  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1687  }
  1688  
  1689  // ListServiceAccountKeysResponse: The service account keys list response.
  1690  type ListServiceAccountKeysResponse struct {
  1691  	// Keys: The public keys for the service account.
  1692  	Keys []*ServiceAccountKey `json:"keys,omitempty"`
  1693  
  1694  	// ServerResponse contains the HTTP response code and headers from the server.
  1695  	googleapi.ServerResponse `json:"-"`
  1696  	// ForceSendFields is a list of field names (e.g. "Keys") to unconditionally
  1697  	// include in API requests. By default, fields with empty or default values are
  1698  	// omitted from API requests. See
  1699  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1700  	// details.
  1701  	ForceSendFields []string `json:"-"`
  1702  	// NullFields is a list of field names (e.g. "Keys") to include in API requests
  1703  	// with the JSON null value. By default, fields with empty values are omitted
  1704  	// from API requests. See
  1705  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1706  	NullFields []string `json:"-"`
  1707  }
  1708  
  1709  func (s *ListServiceAccountKeysResponse) MarshalJSON() ([]byte, error) {
  1710  	type NoMethod ListServiceAccountKeysResponse
  1711  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1712  }
  1713  
  1714  // ListServiceAccountsResponse: The service account list response.
  1715  type ListServiceAccountsResponse struct {
  1716  	// Accounts: The list of matching service accounts.
  1717  	Accounts []*ServiceAccount `json:"accounts,omitempty"`
  1718  	// NextPageToken: To retrieve the next page of results, set
  1719  	// ListServiceAccountsRequest.page_token to this value.
  1720  	NextPageToken string `json:"nextPageToken,omitempty"`
  1721  
  1722  	// ServerResponse contains the HTTP response code and headers from the server.
  1723  	googleapi.ServerResponse `json:"-"`
  1724  	// ForceSendFields is a list of field names (e.g. "Accounts") to
  1725  	// unconditionally include in API requests. By default, fields with empty or
  1726  	// default values are omitted from API requests. See
  1727  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1728  	// details.
  1729  	ForceSendFields []string `json:"-"`
  1730  	// NullFields is a list of field names (e.g. "Accounts") to include in API
  1731  	// requests with the JSON null value. By default, fields with empty values are
  1732  	// omitted from API requests. See
  1733  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1734  	NullFields []string `json:"-"`
  1735  }
  1736  
  1737  func (s *ListServiceAccountsResponse) MarshalJSON() ([]byte, error) {
  1738  	type NoMethod ListServiceAccountsResponse
  1739  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1740  }
  1741  
  1742  // ListWorkforcePoolProviderKeysResponse: Response message for
  1743  // ListWorkforcePoolProviderKeys.
  1744  type ListWorkforcePoolProviderKeysResponse struct {
  1745  	// NextPageToken: A token, which can be sent as `page_token` to retrieve the
  1746  	// next page. If this field is omitted, there are no subsequent pages.
  1747  	NextPageToken string `json:"nextPageToken,omitempty"`
  1748  	// WorkforcePoolProviderKeys: A list of WorkforcePoolProviderKeys.
  1749  	WorkforcePoolProviderKeys []*WorkforcePoolProviderKey `json:"workforcePoolProviderKeys,omitempty"`
  1750  
  1751  	// ServerResponse contains the HTTP response code and headers from the server.
  1752  	googleapi.ServerResponse `json:"-"`
  1753  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1754  	// unconditionally include in API requests. By default, fields with empty or
  1755  	// default values are omitted from API requests. See
  1756  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1757  	// details.
  1758  	ForceSendFields []string `json:"-"`
  1759  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1760  	// requests with the JSON null value. By default, fields with empty values are
  1761  	// omitted from API requests. See
  1762  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1763  	NullFields []string `json:"-"`
  1764  }
  1765  
  1766  func (s *ListWorkforcePoolProviderKeysResponse) MarshalJSON() ([]byte, error) {
  1767  	type NoMethod ListWorkforcePoolProviderKeysResponse
  1768  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1769  }
  1770  
  1771  // ListWorkforcePoolProvidersResponse: Response message for
  1772  // ListWorkforcePoolProviders.
  1773  type ListWorkforcePoolProvidersResponse struct {
  1774  	// NextPageToken: A token, which can be sent as `page_token` to retrieve the
  1775  	// next page. If this field is omitted, there are no subsequent pages.
  1776  	NextPageToken string `json:"nextPageToken,omitempty"`
  1777  	// WorkforcePoolProviders: A list of providers.
  1778  	WorkforcePoolProviders []*WorkforcePoolProvider `json:"workforcePoolProviders,omitempty"`
  1779  
  1780  	// ServerResponse contains the HTTP response code and headers from the server.
  1781  	googleapi.ServerResponse `json:"-"`
  1782  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1783  	// unconditionally include in API requests. By default, fields with empty or
  1784  	// default values are omitted from API requests. See
  1785  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1786  	// details.
  1787  	ForceSendFields []string `json:"-"`
  1788  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1789  	// requests with the JSON null value. By default, fields with empty values are
  1790  	// omitted from API requests. See
  1791  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1792  	NullFields []string `json:"-"`
  1793  }
  1794  
  1795  func (s *ListWorkforcePoolProvidersResponse) MarshalJSON() ([]byte, error) {
  1796  	type NoMethod ListWorkforcePoolProvidersResponse
  1797  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1798  }
  1799  
  1800  // ListWorkforcePoolsResponse: Response message for ListWorkforcePools.
  1801  type ListWorkforcePoolsResponse struct {
  1802  	// NextPageToken: A token, which can be sent as `page_token` to retrieve the
  1803  	// next page. If this field is omitted, there are no subsequent pages.
  1804  	NextPageToken string `json:"nextPageToken,omitempty"`
  1805  	// WorkforcePools: A list of pools.
  1806  	WorkforcePools []*WorkforcePool `json:"workforcePools,omitempty"`
  1807  
  1808  	// ServerResponse contains the HTTP response code and headers from the server.
  1809  	googleapi.ServerResponse `json:"-"`
  1810  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1811  	// unconditionally include in API requests. By default, fields with empty or
  1812  	// default values are omitted from API requests. See
  1813  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1814  	// details.
  1815  	ForceSendFields []string `json:"-"`
  1816  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1817  	// requests with the JSON null value. By default, fields with empty values are
  1818  	// omitted from API requests. See
  1819  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1820  	NullFields []string `json:"-"`
  1821  }
  1822  
  1823  func (s *ListWorkforcePoolsResponse) MarshalJSON() ([]byte, error) {
  1824  	type NoMethod ListWorkforcePoolsResponse
  1825  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1826  }
  1827  
  1828  // ListWorkloadIdentityPoolProviderKeysResponse: Response message for
  1829  // ListWorkloadIdentityPoolProviderKeys.
  1830  type ListWorkloadIdentityPoolProviderKeysResponse struct {
  1831  	// NextPageToken: A token, which can be sent as `page_token` to retrieve the
  1832  	// next page. If this field is omitted, there are no subsequent pages.
  1833  	NextPageToken string `json:"nextPageToken,omitempty"`
  1834  	// WorkloadIdentityPoolProviderKeys: A list of WorkloadIdentityPoolProviderKey
  1835  	WorkloadIdentityPoolProviderKeys []*WorkloadIdentityPoolProviderKey `json:"workloadIdentityPoolProviderKeys,omitempty"`
  1836  
  1837  	// ServerResponse contains the HTTP response code and headers from the server.
  1838  	googleapi.ServerResponse `json:"-"`
  1839  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1840  	// unconditionally include in API requests. By default, fields with empty or
  1841  	// default values are omitted from API requests. See
  1842  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1843  	// details.
  1844  	ForceSendFields []string `json:"-"`
  1845  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1846  	// requests with the JSON null value. By default, fields with empty values are
  1847  	// omitted from API requests. See
  1848  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1849  	NullFields []string `json:"-"`
  1850  }
  1851  
  1852  func (s *ListWorkloadIdentityPoolProviderKeysResponse) MarshalJSON() ([]byte, error) {
  1853  	type NoMethod ListWorkloadIdentityPoolProviderKeysResponse
  1854  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1855  }
  1856  
  1857  // ListWorkloadIdentityPoolProvidersResponse: Response message for
  1858  // ListWorkloadIdentityPoolProviders.
  1859  type ListWorkloadIdentityPoolProvidersResponse struct {
  1860  	// NextPageToken: A token, which can be sent as `page_token` to retrieve the
  1861  	// next page. If this field is omitted, there are no subsequent pages.
  1862  	NextPageToken string `json:"nextPageToken,omitempty"`
  1863  	// WorkloadIdentityPoolProviders: A list of providers.
  1864  	WorkloadIdentityPoolProviders []*WorkloadIdentityPoolProvider `json:"workloadIdentityPoolProviders,omitempty"`
  1865  
  1866  	// ServerResponse contains the HTTP response code and headers from the server.
  1867  	googleapi.ServerResponse `json:"-"`
  1868  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1869  	// unconditionally include in API requests. By default, fields with empty or
  1870  	// default values are omitted from API requests. See
  1871  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1872  	// details.
  1873  	ForceSendFields []string `json:"-"`
  1874  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1875  	// requests with the JSON null value. By default, fields with empty values are
  1876  	// omitted from API requests. See
  1877  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1878  	NullFields []string `json:"-"`
  1879  }
  1880  
  1881  func (s *ListWorkloadIdentityPoolProvidersResponse) MarshalJSON() ([]byte, error) {
  1882  	type NoMethod ListWorkloadIdentityPoolProvidersResponse
  1883  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1884  }
  1885  
  1886  // ListWorkloadIdentityPoolsResponse: Response message for
  1887  // ListWorkloadIdentityPools.
  1888  type ListWorkloadIdentityPoolsResponse struct {
  1889  	// NextPageToken: A token, which can be sent as `page_token` to retrieve the
  1890  	// next page. If this field is omitted, there are no subsequent pages.
  1891  	NextPageToken string `json:"nextPageToken,omitempty"`
  1892  	// WorkloadIdentityPools: A list of pools.
  1893  	WorkloadIdentityPools []*WorkloadIdentityPool `json:"workloadIdentityPools,omitempty"`
  1894  
  1895  	// ServerResponse contains the HTTP response code and headers from the server.
  1896  	googleapi.ServerResponse `json:"-"`
  1897  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1898  	// unconditionally include in API requests. By default, fields with empty or
  1899  	// default values are omitted from API requests. See
  1900  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1901  	// details.
  1902  	ForceSendFields []string `json:"-"`
  1903  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1904  	// requests with the JSON null value. By default, fields with empty values are
  1905  	// omitted from API requests. See
  1906  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1907  	NullFields []string `json:"-"`
  1908  }
  1909  
  1910  func (s *ListWorkloadIdentityPoolsResponse) MarshalJSON() ([]byte, error) {
  1911  	type NoMethod ListWorkloadIdentityPoolsResponse
  1912  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1913  }
  1914  
  1915  // OauthClient: Represents an oauth client. Used to access Google Cloud
  1916  // resources on behave of a user by using OAuth2 Protocol to obtain an access
  1917  // token from Google Cloud Platform.
  1918  type OauthClient struct {
  1919  	// AllowedGrantTypes: Required. The list of OAuth grant type is allowed for the
  1920  	// oauth client.
  1921  	//
  1922  	// Possible values:
  1923  	//   "GRANT_TYPE_UNSPECIFIED" - should not be used
  1924  	//   "AUTHORIZATION_CODE_GRANT" - authorization code grant
  1925  	//   "REFRESH_TOKEN_GRANT" - refresh token grant
  1926  	AllowedGrantTypes []string `json:"allowedGrantTypes,omitempty"`
  1927  	// AllowedRedirectUris: Required. The list of redirect uris that is allowed to
  1928  	// redirect back when authorization process is completed.
  1929  	AllowedRedirectUris []string `json:"allowedRedirectUris,omitempty"`
  1930  	// AllowedScopes: Required. The list of scopes that the oauth client is allowed
  1931  	// to request during OAuth flows. The following scopes are supported: *
  1932  	// `https://www.googleapis.com/auth/cloud-platform`: See, edit, configure, and
  1933  	// delete your Google Cloud data and see the email address for your Google
  1934  	// Account. * `openid`: Associate you with your personal info on Google Cloud.
  1935  	// * `email`: See your Google Cloud Account email address.
  1936  	AllowedScopes []string `json:"allowedScopes,omitempty"`
  1937  	// ClientId: Output only. The system-generated oauth client id.
  1938  	ClientId string `json:"clientId,omitempty"`
  1939  	// ClientType: Immutable. The type of oauth client. either public or private.
  1940  	//
  1941  	// Possible values:
  1942  	//   "CLIENT_TYPE_UNSPECIFIED" - should not be used
  1943  	//   "PUBLIC_CLIENT" - public client has no secret
  1944  	//   "CONFIDENTIAL_CLIENT" - private client
  1945  	ClientType string `json:"clientType,omitempty"`
  1946  	// Description: Optional. A user-specified description of the oauth client.
  1947  	// Cannot exceed 256 characters.
  1948  	Description string `json:"description,omitempty"`
  1949  	// Disabled: Optional. Whether the oauth client is disabled. You cannot use a
  1950  	// disabled oauth client for login.
  1951  	Disabled bool `json:"disabled,omitempty"`
  1952  	// DisplayName: Optional. A user-specified display name of the oauth client.
  1953  	// Cannot exceed 32 characters.
  1954  	DisplayName string `json:"displayName,omitempty"`
  1955  	// ExpireTime: Output only. Time after which the oauth client will be
  1956  	// permanently purged and cannot be recovered.
  1957  	ExpireTime string `json:"expireTime,omitempty"`
  1958  	// Name: Immutable. The resource name of the oauth client.
  1959  	// Format:`projects/{project}/locations/{location}/oauthClients/{oauth_client}`.
  1960  	Name string `json:"name,omitempty"`
  1961  	// State: Output only. The state of the oauth client.
  1962  	//
  1963  	// Possible values:
  1964  	//   "STATE_UNSPECIFIED" - Default value. This value is unused.
  1965  	//   "ACTIVE" - The oauth client is active.
  1966  	//   "DELETED" - The oauth client is soft-deleted. Soft-deleted oauth client is
  1967  	// permanently deleted after approximately 30 days unless restored via
  1968  	// UndeleteOauthClient.
  1969  	State string `json:"state,omitempty"`
  1970  
  1971  	// ServerResponse contains the HTTP response code and headers from the server.
  1972  	googleapi.ServerResponse `json:"-"`
  1973  	// ForceSendFields is a list of field names (e.g. "AllowedGrantTypes") to
  1974  	// unconditionally include in API requests. By default, fields with empty or
  1975  	// default values are omitted from API requests. See
  1976  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1977  	// details.
  1978  	ForceSendFields []string `json:"-"`
  1979  	// NullFields is a list of field names (e.g. "AllowedGrantTypes") to include in
  1980  	// API requests with the JSON null value. By default, fields with empty values
  1981  	// are omitted from API requests. See
  1982  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1983  	NullFields []string `json:"-"`
  1984  }
  1985  
  1986  func (s *OauthClient) MarshalJSON() ([]byte, error) {
  1987  	type NoMethod OauthClient
  1988  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1989  }
  1990  
  1991  // OauthClientCredential: Represents an oauth client credential. Used to
  1992  // authenticate an oauth client while accessing Google Cloud resources on
  1993  // behalf of a user by using OAuth2 Protocol.
  1994  type OauthClientCredential struct {
  1995  	// ClientSecret: Output only. The system-generated oauth client secret.
  1996  	ClientSecret string `json:"clientSecret,omitempty"`
  1997  	// Disabled: Optional. Whether the oauth client credential is disabled. You
  1998  	// cannot use a disabled oauth client credential for OAuth.
  1999  	Disabled bool `json:"disabled,omitempty"`
  2000  	// DisplayName: Optional. A user-specified display name of the oauth client
  2001  	// credential Cannot exceed 32 characters.
  2002  	DisplayName string `json:"displayName,omitempty"`
  2003  	// Name: Immutable. The resource name of the oauth client credential. Format:
  2004  	// `projects/{project}/locations/{location}/oauthClients/{oauth_client}/credenti
  2005  	// als/{credential}`
  2006  	Name string `json:"name,omitempty"`
  2007  
  2008  	// ServerResponse contains the HTTP response code and headers from the server.
  2009  	googleapi.ServerResponse `json:"-"`
  2010  	// ForceSendFields is a list of field names (e.g. "ClientSecret") to
  2011  	// unconditionally include in API requests. By default, fields with empty or
  2012  	// default values are omitted from API requests. See
  2013  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2014  	// details.
  2015  	ForceSendFields []string `json:"-"`
  2016  	// NullFields is a list of field names (e.g. "ClientSecret") to include in API
  2017  	// requests with the JSON null value. By default, fields with empty values are
  2018  	// omitted from API requests. See
  2019  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2020  	NullFields []string `json:"-"`
  2021  }
  2022  
  2023  func (s *OauthClientCredential) MarshalJSON() ([]byte, error) {
  2024  	type NoMethod OauthClientCredential
  2025  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2026  }
  2027  
  2028  // Oidc: Represents an OpenId Connect 1.0 identity provider.
  2029  type Oidc struct {
  2030  	// AllowedAudiences: Acceptable values for the `aud` field (audience) in the
  2031  	// OIDC token. Token exchange requests are rejected if the token audience does
  2032  	// not match one of the configured values. Each audience may be at most 256
  2033  	// characters. A maximum of 10 audiences may be configured. If this list is
  2034  	// empty, the OIDC token audience must be equal to the full canonical resource
  2035  	// name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix.
  2036  	// For example: ```
  2037  	// //iam.googleapis.com/projects//locations//workloadIdentityPools//providers/
  2038  	// https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/
  2039  	// ```
  2040  	AllowedAudiences []string `json:"allowedAudiences,omitempty"`
  2041  	// IssuerUri: Required. The OIDC issuer URL. Must be an HTTPS endpoint.
  2042  	IssuerUri string `json:"issuerUri,omitempty"`
  2043  	// JwksJson: Optional. OIDC JWKs in JSON String format. For details on the
  2044  	// definition of a JWK, see https://tools.ietf.org/html/rfc7517. If not set,
  2045  	// the `jwks_uri` from the discovery document(fetched from the .well-known path
  2046  	// of the `issuer_uri`) will be used. Currently, RSA and EC asymmetric keys are
  2047  	// supported. The JWK must use following format and include only the following
  2048  	// fields: { "keys": [ { "kty": "RSA/EC", "alg": "", "use": "sig", "kid": "",
  2049  	// "n": "", "e": "", "x": "", "y": "", "crv": "" } ] }
  2050  	JwksJson string `json:"jwksJson,omitempty"`
  2051  	// ForceSendFields is a list of field names (e.g. "AllowedAudiences") to
  2052  	// unconditionally include in API requests. By default, fields with empty or
  2053  	// default values are omitted from API requests. See
  2054  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2055  	// details.
  2056  	ForceSendFields []string `json:"-"`
  2057  	// NullFields is a list of field names (e.g. "AllowedAudiences") to include in
  2058  	// API requests with the JSON null value. By default, fields with empty values
  2059  	// are omitted from API requests. See
  2060  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2061  	NullFields []string `json:"-"`
  2062  }
  2063  
  2064  func (s *Oidc) MarshalJSON() ([]byte, error) {
  2065  	type NoMethod Oidc
  2066  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2067  }
  2068  
  2069  // Operation: This resource represents a long-running operation that is the
  2070  // result of a network API call.
  2071  type Operation struct {
  2072  	// Done: If the value is `false`, it means the operation is still in progress.
  2073  	// If `true`, the operation is completed, and either `error` or `response` is
  2074  	// available.
  2075  	Done bool `json:"done,omitempty"`
  2076  	// Error: The error result of the operation in case of failure or cancellation.
  2077  	Error *Status `json:"error,omitempty"`
  2078  	// Metadata: Service-specific metadata associated with the operation. It
  2079  	// typically contains progress information and common metadata such as create
  2080  	// time. Some services might not provide such metadata. Any method that returns
  2081  	// a long-running operation should document the metadata type, if any.
  2082  	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
  2083  	// Name: The server-assigned name, which is only unique within the same service
  2084  	// that originally returns it. If you use the default HTTP mapping, the `name`
  2085  	// should be a resource name ending with `operations/{unique_id}`.
  2086  	Name string `json:"name,omitempty"`
  2087  	// Response: The normal, successful response of the operation. If the original
  2088  	// method returns no data on success, such as `Delete`, the response is
  2089  	// `google.protobuf.Empty`. If the original method is standard
  2090  	// `Get`/`Create`/`Update`, the response should be the resource. For other
  2091  	// methods, the response should have the type `XxxResponse`, where `Xxx` is the
  2092  	// original method name. For example, if the original method name is
  2093  	// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
  2094  	Response googleapi.RawMessage `json:"response,omitempty"`
  2095  
  2096  	// ServerResponse contains the HTTP response code and headers from the server.
  2097  	googleapi.ServerResponse `json:"-"`
  2098  	// ForceSendFields is a list of field names (e.g. "Done") to unconditionally
  2099  	// include in API requests. By default, fields with empty or default values are
  2100  	// omitted from API requests. See
  2101  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2102  	// details.
  2103  	ForceSendFields []string `json:"-"`
  2104  	// NullFields is a list of field names (e.g. "Done") to include in API requests
  2105  	// with the JSON null value. By default, fields with empty values are omitted
  2106  	// from API requests. See
  2107  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2108  	NullFields []string `json:"-"`
  2109  }
  2110  
  2111  func (s *Operation) MarshalJSON() ([]byte, error) {
  2112  	type NoMethod Operation
  2113  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2114  }
  2115  
  2116  // OperationMetadata: Represents the metadata of the long-running operation.
  2117  type OperationMetadata struct {
  2118  	// ApiVersion: Output only. API version used to start the operation.
  2119  	ApiVersion string `json:"apiVersion,omitempty"`
  2120  	// CancelRequested: Output only. Identifies whether the user has requested
  2121  	// cancellation of the operation. Operations that have been cancelled
  2122  	// successfully have Operation.error value with a google.rpc.Status.code of 1,
  2123  	// corresponding to `Code.CANCELLED`.
  2124  	CancelRequested bool `json:"cancelRequested,omitempty"`
  2125  	// CreateTime: Output only. The time the operation was created.
  2126  	CreateTime string `json:"createTime,omitempty"`
  2127  	// EndTime: Output only. The time the operation finished running.
  2128  	EndTime string `json:"endTime,omitempty"`
  2129  	// StatusDetail: Output only. Human-readable status of the operation, if any.
  2130  	StatusDetail string `json:"statusDetail,omitempty"`
  2131  	// Target: Output only. Server-defined resource path for the target of the
  2132  	// operation.
  2133  	Target string `json:"target,omitempty"`
  2134  	// Verb: Output only. Name of the verb executed by the operation.
  2135  	Verb string `json:"verb,omitempty"`
  2136  	// ForceSendFields is a list of field names (e.g. "ApiVersion") to
  2137  	// unconditionally include in API requests. By default, fields with empty or
  2138  	// default values are omitted from API requests. See
  2139  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2140  	// details.
  2141  	ForceSendFields []string `json:"-"`
  2142  	// NullFields is a list of field names (e.g. "ApiVersion") to include in API
  2143  	// requests with the JSON null value. By default, fields with empty values are
  2144  	// omitted from API requests. See
  2145  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2146  	NullFields []string `json:"-"`
  2147  }
  2148  
  2149  func (s *OperationMetadata) MarshalJSON() ([]byte, error) {
  2150  	type NoMethod OperationMetadata
  2151  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2152  }
  2153  
  2154  // PatchServiceAccountKeyRequest: The service account key patch request.
  2155  type PatchServiceAccountKeyRequest struct {
  2156  	// ServiceAccountKey: Required. The service account key to update.
  2157  	ServiceAccountKey *ServiceAccountKey `json:"serviceAccountKey,omitempty"`
  2158  	// UpdateMask: Required. The update mask to apply to the service account key.
  2159  	// Only the following fields are eligible for patching: - contact - description
  2160  	UpdateMask string `json:"updateMask,omitempty"`
  2161  	// ForceSendFields is a list of field names (e.g. "ServiceAccountKey") to
  2162  	// unconditionally include in API requests. By default, fields with empty or
  2163  	// default values are omitted from API requests. See
  2164  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2165  	// details.
  2166  	ForceSendFields []string `json:"-"`
  2167  	// NullFields is a list of field names (e.g. "ServiceAccountKey") to include in
  2168  	// API requests with the JSON null value. By default, fields with empty values
  2169  	// are omitted from API requests. See
  2170  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2171  	NullFields []string `json:"-"`
  2172  }
  2173  
  2174  func (s *PatchServiceAccountKeyRequest) MarshalJSON() ([]byte, error) {
  2175  	type NoMethod PatchServiceAccountKeyRequest
  2176  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2177  }
  2178  
  2179  // PatchServiceAccountRequest: The service account patch request. You can patch
  2180  // only the `display_name` and `description` fields. You must use the
  2181  // `update_mask` field to specify which of these fields you want to patch. Only
  2182  // the fields specified in the request are guaranteed to be returned in the
  2183  // response. Other fields may be empty in the response.
  2184  type PatchServiceAccountRequest struct {
  2185  	ServiceAccount *ServiceAccount `json:"serviceAccount,omitempty"`
  2186  	UpdateMask     string          `json:"updateMask,omitempty"`
  2187  	// ForceSendFields is a list of field names (e.g. "ServiceAccount") to
  2188  	// unconditionally include in API requests. By default, fields with empty or
  2189  	// default values are omitted from API requests. See
  2190  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2191  	// details.
  2192  	ForceSendFields []string `json:"-"`
  2193  	// NullFields is a list of field names (e.g. "ServiceAccount") to include in
  2194  	// API requests with the JSON null value. By default, fields with empty values
  2195  	// are omitted from API requests. See
  2196  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2197  	NullFields []string `json:"-"`
  2198  }
  2199  
  2200  func (s *PatchServiceAccountRequest) MarshalJSON() ([]byte, error) {
  2201  	type NoMethod PatchServiceAccountRequest
  2202  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2203  }
  2204  
  2205  // Permission: A permission which can be included by a role.
  2206  type Permission struct {
  2207  	// ApiDisabled: The service API associated with the permission is not enabled.
  2208  	ApiDisabled bool `json:"apiDisabled,omitempty"`
  2209  	// CustomRolesSupportLevel: The current custom role support level.
  2210  	//
  2211  	// Possible values:
  2212  	//   "SUPPORTED" - Default state. Permission is fully supported for custom role
  2213  	// use.
  2214  	//   "TESTING" - Permission is being tested to check custom role compatibility.
  2215  	//   "NOT_SUPPORTED" - Permission is not supported for custom role use.
  2216  	CustomRolesSupportLevel string `json:"customRolesSupportLevel,omitempty"`
  2217  	// Description: A brief description of what this Permission is used for. This
  2218  	// permission can ONLY be used in predefined roles.
  2219  	Description string `json:"description,omitempty"`
  2220  	// Name: The name of this Permission.
  2221  	Name                  string `json:"name,omitempty"`
  2222  	OnlyInPredefinedRoles bool   `json:"onlyInPredefinedRoles,omitempty"`
  2223  	// PrimaryPermission: The preferred name for this permission. If present, then
  2224  	// this permission is an alias of, and equivalent to, the listed
  2225  	// primary_permission.
  2226  	PrimaryPermission string `json:"primaryPermission,omitempty"`
  2227  	// Stage: The current launch stage of the permission.
  2228  	//
  2229  	// Possible values:
  2230  	//   "ALPHA" - The permission is currently in an alpha phase.
  2231  	//   "BETA" - The permission is currently in a beta phase.
  2232  	//   "GA" - The permission is generally available.
  2233  	//   "DEPRECATED" - The permission is being deprecated.
  2234  	Stage string `json:"stage,omitempty"`
  2235  	// Title: The title of this Permission.
  2236  	Title string `json:"title,omitempty"`
  2237  	// ForceSendFields is a list of field names (e.g. "ApiDisabled") to
  2238  	// unconditionally include in API requests. By default, fields with empty or
  2239  	// default values are omitted from API requests. See
  2240  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2241  	// details.
  2242  	ForceSendFields []string `json:"-"`
  2243  	// NullFields is a list of field names (e.g. "ApiDisabled") to include in API
  2244  	// requests with the JSON null value. By default, fields with empty values are
  2245  	// omitted from API requests. See
  2246  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2247  	NullFields []string `json:"-"`
  2248  }
  2249  
  2250  func (s *Permission) MarshalJSON() ([]byte, error) {
  2251  	type NoMethod Permission
  2252  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2253  }
  2254  
  2255  // PermissionDelta: A PermissionDelta message to record the added_permissions
  2256  // and removed_permissions inside a role.
  2257  type PermissionDelta struct {
  2258  	// AddedPermissions: Added permissions.
  2259  	AddedPermissions []string `json:"addedPermissions,omitempty"`
  2260  	// RemovedPermissions: Removed permissions.
  2261  	RemovedPermissions []string `json:"removedPermissions,omitempty"`
  2262  	// ForceSendFields is a list of field names (e.g. "AddedPermissions") to
  2263  	// unconditionally include in API requests. By default, fields with empty or
  2264  	// default values are omitted from API requests. See
  2265  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2266  	// details.
  2267  	ForceSendFields []string `json:"-"`
  2268  	// NullFields is a list of field names (e.g. "AddedPermissions") to include in
  2269  	// API requests with the JSON null value. By default, fields with empty values
  2270  	// are omitted from API requests. See
  2271  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2272  	NullFields []string `json:"-"`
  2273  }
  2274  
  2275  func (s *PermissionDelta) MarshalJSON() ([]byte, error) {
  2276  	type NoMethod PermissionDelta
  2277  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2278  }
  2279  
  2280  // Policy: An Identity and Access Management (IAM) policy, which specifies
  2281  // access controls for Google Cloud resources. A `Policy` is a collection of
  2282  // `bindings`. A `binding` binds one or more `members`, or principals, to a
  2283  // single `role`. Principals can be user accounts, service accounts, Google
  2284  // groups, and domains (such as G Suite). A `role` is a named list of
  2285  // permissions; each `role` can be an IAM predefined role or a user-created
  2286  // custom role. For some types of Google Cloud resources, a `binding` can also
  2287  // specify a `condition`, which is a logical expression that allows access to a
  2288  // resource only if the expression evaluates to `true`. A condition can add
  2289  // constraints based on attributes of the request, the resource, or both. To
  2290  // learn which resources support conditions in their IAM policies, see the IAM
  2291  // documentation
  2292  // (https://cloud.google.com/iam/help/conditions/resource-policies). **JSON
  2293  // example:** ``` { "bindings": [ { "role":
  2294  // "roles/resourcemanager.organizationAdmin", "members": [
  2295  // "user:mike@example.com", "group:admins@example.com", "domain:google.com",
  2296  // "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role":
  2297  // "roles/resourcemanager.organizationViewer", "members": [
  2298  // "user:eve@example.com" ], "condition": { "title": "expirable access",
  2299  // "description": "Does not grant access after Sep 2020", "expression":
  2300  // "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag":
  2301  // "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: -
  2302  // members: - user:mike@example.com - group:admins@example.com -
  2303  // domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
  2304  // role: roles/resourcemanager.organizationAdmin - members: -
  2305  // user:eve@example.com role: roles/resourcemanager.organizationViewer
  2306  // condition: title: expirable access description: Does not grant access after
  2307  // Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  2308  // etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features,
  2309  // see the IAM documentation (https://cloud.google.com/iam/docs/).
  2310  type Policy struct {
  2311  	// AuditConfigs: Specifies cloud audit logging configuration for this policy.
  2312  	AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"`
  2313  	// Bindings: Associates a list of `members`, or principals, with a `role`.
  2314  	// Optionally, may specify a `condition` that determines how and when the
  2315  	// `bindings` are applied. Each of the `bindings` must contain at least one
  2316  	// principal. The `bindings` in a `Policy` can refer to up to 1,500 principals;
  2317  	// up to 250 of these principals can be Google groups. Each occurrence of a
  2318  	// principal counts towards these limits. For example, if the `bindings` grant
  2319  	// 50 different roles to `user:alice@example.com`, and not to any other
  2320  	// principal, then you can add another 1,450 principals to the `bindings` in
  2321  	// the `Policy`.
  2322  	Bindings []*Binding `json:"bindings,omitempty"`
  2323  	// Etag: `etag` is used for optimistic concurrency control as a way to help
  2324  	// prevent simultaneous updates of a policy from overwriting each other. It is
  2325  	// strongly suggested that systems make use of the `etag` in the
  2326  	// read-modify-write cycle to perform policy updates in order to avoid race
  2327  	// conditions: An `etag` is returned in the response to `getIamPolicy`, and
  2328  	// systems are expected to put that etag in the request to `setIamPolicy` to
  2329  	// ensure that their change will be applied to the same version of the policy.
  2330  	// **Important:** If you use IAM Conditions, you must include the `etag` field
  2331  	// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
  2332  	// you to overwrite a version `3` policy with a version `1` policy, and all of
  2333  	// the conditions in the version `3` policy are lost.
  2334  	Etag string `json:"etag,omitempty"`
  2335  	// Version: Specifies the format of the policy. Valid values are `0`, `1`, and
  2336  	// `3`. Requests that specify an invalid value are rejected. Any operation that
  2337  	// affects conditional role bindings must specify version `3`. This requirement
  2338  	// applies to the following operations: * Getting a policy that includes a
  2339  	// conditional role binding * Adding a conditional role binding to a policy *
  2340  	// Changing a conditional role binding in a policy * Removing any role binding,
  2341  	// with or without a condition, from a policy that includes conditions
  2342  	// **Important:** If you use IAM Conditions, you must include the `etag` field
  2343  	// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
  2344  	// you to overwrite a version `3` policy with a version `1` policy, and all of
  2345  	// the conditions in the version `3` policy are lost. If a policy does not
  2346  	// include any conditions, operations on that policy may specify any valid
  2347  	// version or leave the field unset. To learn which resources support
  2348  	// conditions in their IAM policies, see the IAM documentation
  2349  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
  2350  	Version int64 `json:"version,omitempty"`
  2351  
  2352  	// ServerResponse contains the HTTP response code and headers from the server.
  2353  	googleapi.ServerResponse `json:"-"`
  2354  	// ForceSendFields is a list of field names (e.g. "AuditConfigs") to
  2355  	// unconditionally include in API requests. By default, fields with empty or
  2356  	// default values are omitted from API requests. See
  2357  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2358  	// details.
  2359  	ForceSendFields []string `json:"-"`
  2360  	// NullFields is a list of field names (e.g. "AuditConfigs") to include in API
  2361  	// requests with the JSON null value. By default, fields with empty values are
  2362  	// omitted from API requests. See
  2363  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2364  	NullFields []string `json:"-"`
  2365  }
  2366  
  2367  func (s *Policy) MarshalJSON() ([]byte, error) {
  2368  	type NoMethod Policy
  2369  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2370  }
  2371  
  2372  // PolicyDelta: The difference delta between two policies.
  2373  type PolicyDelta struct {
  2374  	// BindingDeltas: The delta for Bindings between two policies.
  2375  	BindingDeltas []*BindingDelta `json:"bindingDeltas,omitempty"`
  2376  	// ForceSendFields is a list of field names (e.g. "BindingDeltas") to
  2377  	// unconditionally include in API requests. By default, fields with empty or
  2378  	// default values are omitted from API requests. See
  2379  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2380  	// details.
  2381  	ForceSendFields []string `json:"-"`
  2382  	// NullFields is a list of field names (e.g. "BindingDeltas") to include in API
  2383  	// requests with the JSON null value. By default, fields with empty values are
  2384  	// omitted from API requests. See
  2385  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2386  	NullFields []string `json:"-"`
  2387  }
  2388  
  2389  func (s *PolicyDelta) MarshalJSON() ([]byte, error) {
  2390  	type NoMethod PolicyDelta
  2391  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2392  }
  2393  
  2394  // QueryAuditableServicesRequest: A request to get the list of auditable
  2395  // services for a resource.
  2396  type QueryAuditableServicesRequest struct {
  2397  	// FullResourceName: Required. The full resource name to query from the list of
  2398  	// auditable services. The name follows the Google Cloud Platform resource
  2399  	// format. For example, a Cloud Platform project with id `my-project` will be
  2400  	// named `//cloudresourcemanager.googleapis.com/projects/my-project`.
  2401  	FullResourceName string `json:"fullResourceName,omitempty"`
  2402  	// ForceSendFields is a list of field names (e.g. "FullResourceName") to
  2403  	// unconditionally include in API requests. By default, fields with empty or
  2404  	// default values are omitted from API requests. See
  2405  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2406  	// details.
  2407  	ForceSendFields []string `json:"-"`
  2408  	// NullFields is a list of field names (e.g. "FullResourceName") to include in
  2409  	// API requests with the JSON null value. By default, fields with empty values
  2410  	// are omitted from API requests. See
  2411  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2412  	NullFields []string `json:"-"`
  2413  }
  2414  
  2415  func (s *QueryAuditableServicesRequest) MarshalJSON() ([]byte, error) {
  2416  	type NoMethod QueryAuditableServicesRequest
  2417  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2418  }
  2419  
  2420  // QueryAuditableServicesResponse: A response containing a list of auditable
  2421  // services for a resource.
  2422  type QueryAuditableServicesResponse struct {
  2423  	// Services: The auditable services for a resource.
  2424  	Services []*AuditableService `json:"services,omitempty"`
  2425  
  2426  	// ServerResponse contains the HTTP response code and headers from the server.
  2427  	googleapi.ServerResponse `json:"-"`
  2428  	// ForceSendFields is a list of field names (e.g. "Services") to
  2429  	// unconditionally include in API requests. By default, fields with empty or
  2430  	// default values are omitted from API requests. See
  2431  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2432  	// details.
  2433  	ForceSendFields []string `json:"-"`
  2434  	// NullFields is a list of field names (e.g. "Services") to include in API
  2435  	// requests with the JSON null value. By default, fields with empty values are
  2436  	// omitted from API requests. See
  2437  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2438  	NullFields []string `json:"-"`
  2439  }
  2440  
  2441  func (s *QueryAuditableServicesResponse) MarshalJSON() ([]byte, error) {
  2442  	type NoMethod QueryAuditableServicesResponse
  2443  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2444  }
  2445  
  2446  // QueryGrantableRolesRequest: The grantable role query request.
  2447  type QueryGrantableRolesRequest struct {
  2448  	// FullResourceName: Required. The full resource name to query from the list of
  2449  	// grantable roles. The name follows the Google Cloud Platform resource format.
  2450  	// For example, a Cloud Platform project with id `my-project` will be named
  2451  	// `//cloudresourcemanager.googleapis.com/projects/my-project`.
  2452  	FullResourceName string `json:"fullResourceName,omitempty"`
  2453  	// PageSize: Optional limit on the number of roles to include in the response.
  2454  	// The default is 300, and the maximum is 1,000.
  2455  	PageSize int64 `json:"pageSize,omitempty"`
  2456  	// PageToken: Optional pagination token returned in an earlier
  2457  	// QueryGrantableRolesResponse.
  2458  	PageToken string `json:"pageToken,omitempty"`
  2459  	// Possible values:
  2460  	//   "BASIC" - Omits the `included_permissions` field. This is the default
  2461  	// value.
  2462  	//   "FULL" - Returns all fields.
  2463  	View string `json:"view,omitempty"`
  2464  	// ForceSendFields is a list of field names (e.g. "FullResourceName") to
  2465  	// unconditionally include in API requests. By default, fields with empty or
  2466  	// default values are omitted from API requests. See
  2467  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2468  	// details.
  2469  	ForceSendFields []string `json:"-"`
  2470  	// NullFields is a list of field names (e.g. "FullResourceName") to include in
  2471  	// API requests with the JSON null value. By default, fields with empty values
  2472  	// are omitted from API requests. See
  2473  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2474  	NullFields []string `json:"-"`
  2475  }
  2476  
  2477  func (s *QueryGrantableRolesRequest) MarshalJSON() ([]byte, error) {
  2478  	type NoMethod QueryGrantableRolesRequest
  2479  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2480  }
  2481  
  2482  // QueryGrantableRolesResponse: The grantable role query response.
  2483  type QueryGrantableRolesResponse struct {
  2484  	// NextPageToken: To retrieve the next page of results, set
  2485  	// `QueryGrantableRolesRequest.page_token` to this value.
  2486  	NextPageToken string `json:"nextPageToken,omitempty"`
  2487  	// Roles: The list of matching roles.
  2488  	Roles []*Role `json:"roles,omitempty"`
  2489  
  2490  	// ServerResponse contains the HTTP response code and headers from the server.
  2491  	googleapi.ServerResponse `json:"-"`
  2492  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  2493  	// unconditionally include in API requests. By default, fields with empty or
  2494  	// default values are omitted from API requests. See
  2495  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2496  	// details.
  2497  	ForceSendFields []string `json:"-"`
  2498  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  2499  	// requests with the JSON null value. By default, fields with empty values are
  2500  	// omitted from API requests. See
  2501  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2502  	NullFields []string `json:"-"`
  2503  }
  2504  
  2505  func (s *QueryGrantableRolesResponse) MarshalJSON() ([]byte, error) {
  2506  	type NoMethod QueryGrantableRolesResponse
  2507  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2508  }
  2509  
  2510  // QueryTestablePermissionsRequest: A request to get permissions which can be
  2511  // tested on a resource.
  2512  type QueryTestablePermissionsRequest struct {
  2513  	// FullResourceName: Required. The full resource name to query from the list of
  2514  	// testable permissions. The name follows the Google Cloud Platform resource
  2515  	// format. For example, a Cloud Platform project with id `my-project` will be
  2516  	// named `//cloudresourcemanager.googleapis.com/projects/my-project`.
  2517  	FullResourceName string `json:"fullResourceName,omitempty"`
  2518  	// PageSize: Optional limit on the number of permissions to include in the
  2519  	// response. The default is 100, and the maximum is 1,000.
  2520  	PageSize int64 `json:"pageSize,omitempty"`
  2521  	// PageToken: Optional pagination token returned in an earlier
  2522  	// QueryTestablePermissionsRequest.
  2523  	PageToken string `json:"pageToken,omitempty"`
  2524  	// ForceSendFields is a list of field names (e.g. "FullResourceName") to
  2525  	// unconditionally include in API requests. By default, fields with empty or
  2526  	// default values are omitted from API requests. See
  2527  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2528  	// details.
  2529  	ForceSendFields []string `json:"-"`
  2530  	// NullFields is a list of field names (e.g. "FullResourceName") to include in
  2531  	// API requests with the JSON null value. By default, fields with empty values
  2532  	// are omitted from API requests. See
  2533  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2534  	NullFields []string `json:"-"`
  2535  }
  2536  
  2537  func (s *QueryTestablePermissionsRequest) MarshalJSON() ([]byte, error) {
  2538  	type NoMethod QueryTestablePermissionsRequest
  2539  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2540  }
  2541  
  2542  // QueryTestablePermissionsResponse: The response containing permissions which
  2543  // can be tested on a resource.
  2544  type QueryTestablePermissionsResponse struct {
  2545  	// NextPageToken: To retrieve the next page of results, set
  2546  	// `QueryTestableRolesRequest.page_token` to this value.
  2547  	NextPageToken string `json:"nextPageToken,omitempty"`
  2548  	// Permissions: The Permissions testable on the requested resource.
  2549  	Permissions []*Permission `json:"permissions,omitempty"`
  2550  
  2551  	// ServerResponse contains the HTTP response code and headers from the server.
  2552  	googleapi.ServerResponse `json:"-"`
  2553  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  2554  	// unconditionally include in API requests. By default, fields with empty or
  2555  	// default values are omitted from API requests. See
  2556  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2557  	// details.
  2558  	ForceSendFields []string `json:"-"`
  2559  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  2560  	// requests with the JSON null value. By default, fields with empty values are
  2561  	// omitted from API requests. See
  2562  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2563  	NullFields []string `json:"-"`
  2564  }
  2565  
  2566  func (s *QueryTestablePermissionsResponse) MarshalJSON() ([]byte, error) {
  2567  	type NoMethod QueryTestablePermissionsResponse
  2568  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2569  }
  2570  
  2571  // ReconciliationOperationMetadata: Operation metadata returned by the CLH
  2572  // during resource state reconciliation.
  2573  type ReconciliationOperationMetadata struct {
  2574  	// DeleteResource: DEPRECATED. Use exclusive_action instead.
  2575  	DeleteResource bool `json:"deleteResource,omitempty"`
  2576  	// ExclusiveAction: Excluisive action returned by the CLH.
  2577  	//
  2578  	// Possible values:
  2579  	//   "UNKNOWN_REPAIR_ACTION" - Unknown repair action.
  2580  	//   "DELETE" - The resource has to be deleted. When using this bit, the CLH
  2581  	// should fail the operation. DEPRECATED. Instead use DELETE_RESOURCE
  2582  	// OperationSignal in SideChannel.
  2583  	//   "RETRY" - This resource could not be repaired but the repair should be
  2584  	// tried again at a later time. This can happen if there is a dependency that
  2585  	// needs to be resolved first- e.g. if a parent resource must be repaired
  2586  	// before a child resource.
  2587  	ExclusiveAction string `json:"exclusiveAction,omitempty"`
  2588  	// ForceSendFields is a list of field names (e.g. "DeleteResource") to
  2589  	// unconditionally include in API requests. By default, fields with empty or
  2590  	// default values are omitted from API requests. See
  2591  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2592  	// details.
  2593  	ForceSendFields []string `json:"-"`
  2594  	// NullFields is a list of field names (e.g. "DeleteResource") to include in
  2595  	// API requests with the JSON null value. By default, fields with empty values
  2596  	// are omitted from API requests. See
  2597  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2598  	NullFields []string `json:"-"`
  2599  }
  2600  
  2601  func (s *ReconciliationOperationMetadata) MarshalJSON() ([]byte, error) {
  2602  	type NoMethod ReconciliationOperationMetadata
  2603  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2604  }
  2605  
  2606  // Role: A role in the Identity and Access Management API.
  2607  type Role struct {
  2608  	// Deleted: The current deleted state of the role. This field is read only. It
  2609  	// will be ignored in calls to CreateRole and UpdateRole.
  2610  	Deleted bool `json:"deleted,omitempty"`
  2611  	// Description: Optional. A human-readable description for the role.
  2612  	Description string `json:"description,omitempty"`
  2613  	// Etag: Used to perform a consistent read-modify-write.
  2614  	Etag string `json:"etag,omitempty"`
  2615  	// IncludedPermissions: The names of the permissions this role grants when
  2616  	// bound in an IAM policy.
  2617  	IncludedPermissions []string `json:"includedPermissions,omitempty"`
  2618  	// Name: The name of the role. When `Role` is used in `CreateRole`, the role
  2619  	// name must not be set. When `Role` is used in output and other input such as
  2620  	// `UpdateRole`, the role name is the complete path. For example,
  2621  	// `roles/logging.viewer` for predefined roles,
  2622  	// `organizations/{ORGANIZATION_ID}/roles/myRole` for organization-level custom
  2623  	// roles, and `projects/{PROJECT_ID}/roles/myRole` for project-level custom
  2624  	// roles.
  2625  	Name string `json:"name,omitempty"`
  2626  	// Stage: The current launch stage of the role. If the `ALPHA` launch stage has
  2627  	// been selected for a role, the `stage` field will not be included in the
  2628  	// returned definition for the role.
  2629  	//
  2630  	// Possible values:
  2631  	//   "ALPHA" - The user has indicated this role is currently in an Alpha phase.
  2632  	// If this launch stage is selected, the `stage` field will not be included
  2633  	// when requesting the definition for a given role.
  2634  	//   "BETA" - The user has indicated this role is currently in a Beta phase.
  2635  	//   "GA" - The user has indicated this role is generally available.
  2636  	//   "DEPRECATED" - The user has indicated this role is being deprecated.
  2637  	//   "DISABLED" - This role is disabled and will not contribute permissions to
  2638  	// any principals it is granted to in policies.
  2639  	//   "EAP" - The user has indicated this role is currently in an EAP phase.
  2640  	Stage string `json:"stage,omitempty"`
  2641  	// Title: Optional. A human-readable title for the role. Typically this is
  2642  	// limited to 100 UTF-8 bytes.
  2643  	Title string `json:"title,omitempty"`
  2644  
  2645  	// ServerResponse contains the HTTP response code and headers from the server.
  2646  	googleapi.ServerResponse `json:"-"`
  2647  	// ForceSendFields is a list of field names (e.g. "Deleted") to unconditionally
  2648  	// include in API requests. By default, fields with empty or default values are
  2649  	// omitted from API requests. See
  2650  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2651  	// details.
  2652  	ForceSendFields []string `json:"-"`
  2653  	// NullFields is a list of field names (e.g. "Deleted") to include in API
  2654  	// requests with the JSON null value. By default, fields with empty values are
  2655  	// omitted from API requests. See
  2656  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2657  	NullFields []string `json:"-"`
  2658  }
  2659  
  2660  func (s *Role) MarshalJSON() ([]byte, error) {
  2661  	type NoMethod Role
  2662  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2663  }
  2664  
  2665  // Saml: Represents an SAML 2.0 identity provider.
  2666  type Saml struct {
  2667  	// IdpMetadataXml: Required. SAML identity provider (IdP) configuration
  2668  	// metadata XML doc. The XML document must comply with the SAML 2.0
  2669  	// specification
  2670  	// (https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf).
  2671  	// The maximum size of an acceptable XML document is 128K characters. The SAML
  2672  	// metadata XML document must satisfy the following constraints: * Must contain
  2673  	// an IdP Entity ID. * Must contain at least one non-expired signing
  2674  	// certificate. * For each signing certificate, the expiration must be: * From
  2675  	// no more than 7 days in the future. * To no more than 15 years in the future.
  2676  	// * Up to three IdP signing keys are allowed. When updating the provider's
  2677  	// metadata XML, at least one non-expired signing key must overlap with the
  2678  	// existing metadata. This requirement is skipped if there are no non-expired
  2679  	// signing keys present in the existing metadata.
  2680  	IdpMetadataXml string `json:"idpMetadataXml,omitempty"`
  2681  	// ForceSendFields is a list of field names (e.g. "IdpMetadataXml") to
  2682  	// unconditionally include in API requests. By default, fields with empty or
  2683  	// default values are omitted from API requests. See
  2684  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2685  	// details.
  2686  	ForceSendFields []string `json:"-"`
  2687  	// NullFields is a list of field names (e.g. "IdpMetadataXml") to include in
  2688  	// API requests with the JSON null value. By default, fields with empty values
  2689  	// are omitted from API requests. See
  2690  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2691  	NullFields []string `json:"-"`
  2692  }
  2693  
  2694  func (s *Saml) MarshalJSON() ([]byte, error) {
  2695  	type NoMethod Saml
  2696  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2697  }
  2698  
  2699  // ServiceAccount: An IAM service account. A service account is an account for
  2700  // an application or a virtual machine (VM) instance, not a person. You can use
  2701  // a service account to call Google APIs. To learn more, read the overview of
  2702  // service accounts
  2703  // (https://cloud.google.com/iam/help/service-accounts/overview). When you
  2704  // create a service account, you specify the project ID that owns the service
  2705  // account, as well as a name that must be unique within the project. IAM uses
  2706  // these values to create an email address that identifies the service account.
  2707  // //
  2708  type ServiceAccount struct {
  2709  	// Description: Optional. A user-specified, human-readable description of the
  2710  	// service account. The maximum length is 256 UTF-8 bytes.
  2711  	Description string `json:"description,omitempty"`
  2712  	// Disabled: Output only. Whether the service account is disabled.
  2713  	Disabled bool `json:"disabled,omitempty"`
  2714  	// DisplayName: Optional. A user-specified, human-readable name for the service
  2715  	// account. The maximum length is 100 UTF-8 bytes.
  2716  	DisplayName string `json:"displayName,omitempty"`
  2717  	// Email: Output only. The email address of the service account.
  2718  	Email string `json:"email,omitempty"`
  2719  	// Etag: Deprecated. Do not use.
  2720  	Etag string `json:"etag,omitempty"`
  2721  	// Name: The resource name of the service account. Use one of the following
  2722  	// formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
  2723  	// `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
  2724  	// can use the `-` wildcard character instead of the project ID: *
  2725  	// `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
  2726  	// `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the `-`
  2727  	// wildcard character, because it can cause response messages to contain
  2728  	// misleading error codes. For example, if you try to access the service
  2729  	// account `projects/-/serviceAccounts/fake@example.com`, which does not exist,
  2730  	// the response contains an HTTP `403 Forbidden` error instead of a `404 Not
  2731  	// Found` error.
  2732  	Name string `json:"name,omitempty"`
  2733  	// Oauth2ClientId: Output only. The OAuth 2.0 client ID for the service
  2734  	// account.
  2735  	Oauth2ClientId string `json:"oauth2ClientId,omitempty"`
  2736  	// ProjectId: Output only. The ID of the project that owns the service account.
  2737  	ProjectId string `json:"projectId,omitempty"`
  2738  	// UniqueId: Output only. The unique, stable numeric ID for the service
  2739  	// account. Each service account retains its unique ID even if you delete the
  2740  	// service account. For example, if you delete a service account, then create a
  2741  	// new service account with the same name, the new service account has a
  2742  	// different unique ID than the deleted service account.
  2743  	UniqueId string `json:"uniqueId,omitempty"`
  2744  
  2745  	// ServerResponse contains the HTTP response code and headers from the server.
  2746  	googleapi.ServerResponse `json:"-"`
  2747  	// ForceSendFields is a list of field names (e.g. "Description") to
  2748  	// unconditionally include in API requests. By default, fields with empty or
  2749  	// default values are omitted from API requests. See
  2750  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2751  	// details.
  2752  	ForceSendFields []string `json:"-"`
  2753  	// NullFields is a list of field names (e.g. "Description") to include in API
  2754  	// requests with the JSON null value. By default, fields with empty values are
  2755  	// omitted from API requests. See
  2756  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2757  	NullFields []string `json:"-"`
  2758  }
  2759  
  2760  func (s *ServiceAccount) MarshalJSON() ([]byte, error) {
  2761  	type NoMethod ServiceAccount
  2762  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2763  }
  2764  
  2765  // ServiceAccountKey: Represents a service account key. A service account has
  2766  // two sets of key-pairs: user-managed, and system-managed. User-managed
  2767  // key-pairs can be created and deleted by users. Users are responsible for
  2768  // rotating these keys periodically to ensure security of their service
  2769  // accounts. Users retain the private key of these key-pairs, and Google
  2770  // retains ONLY the public key. System-managed keys are automatically rotated
  2771  // by Google, and are used for signing for a maximum of two weeks. The rotation
  2772  // process is probabilistic, and usage of the new key will gradually ramp up
  2773  // and down over the key's lifetime. If you cache the public key set for a
  2774  // service account, we recommend that you update the cache every 15 minutes.
  2775  // User-managed keys can be added and removed at any time, so it is important
  2776  // to update the cache frequently. For Google-managed keys, Google will publish
  2777  // a key at least 6 hours before it is first used for signing and will keep
  2778  // publishing it for at least 6 hours after it was last used for signing.
  2779  // Public keys for all service accounts are also published at the OAuth2
  2780  // Service Account API.
  2781  type ServiceAccountKey struct {
  2782  	// Contact: Optional. A user provided email address as the point of contact for
  2783  	// this service account key. Must be an email address. Limit 64 characters.
  2784  	Contact string `json:"contact,omitempty"`
  2785  	// Creator: Output only. The cloud identity that created this service account
  2786  	// key. Populated automatically when the key is created and not editable by the
  2787  	// user.
  2788  	Creator string `json:"creator,omitempty"`
  2789  	// Description: Optional. A user provided description of this service account
  2790  	// key.
  2791  	Description string `json:"description,omitempty"`
  2792  	// DisableReason: Output only. optional. If the key is disabled, it may have a
  2793  	// DisableReason describing why it was disabled.
  2794  	//
  2795  	// Possible values:
  2796  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_UNSPECIFIED" - Unspecified disable
  2797  	// reason
  2798  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_USER_INITIATED" - Disabled by the user
  2799  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_EXPOSED" - Google detected this
  2800  	// Service Account external key's private key data as exposed, typically in a
  2801  	// public repository on GitHub or similar.
  2802  	//   "SERVICE_ACCOUNT_KEY_DISABLE_REASON_COMPROMISE_DETECTED" - This service
  2803  	// account external key was detected as compromised and used by an attacker.
  2804  	DisableReason string `json:"disableReason,omitempty"`
  2805  	// Disabled: The key status.
  2806  	Disabled bool `json:"disabled,omitempty"`
  2807  	// ExtendedStatus: Output only. Extended Status provides permanent information
  2808  	// about a service account key. For example, if this key was detected as
  2809  	// exposed or compromised, that information will remain for the lifetime of the
  2810  	// key in the extended_status.
  2811  	ExtendedStatus []*ExtendedStatus `json:"extendedStatus,omitempty"`
  2812  	// KeyAlgorithm: Specifies the algorithm (and possibly key size) for the key.
  2813  	//
  2814  	// Possible values:
  2815  	//   "KEY_ALG_UNSPECIFIED" - An unspecified key algorithm.
  2816  	//   "KEY_ALG_RSA_1024" - 1k RSA Key.
  2817  	//   "KEY_ALG_RSA_2048" - 2k RSA Key.
  2818  	KeyAlgorithm string `json:"keyAlgorithm,omitempty"`
  2819  	// KeyOrigin: The key origin.
  2820  	//
  2821  	// Possible values:
  2822  	//   "ORIGIN_UNSPECIFIED" - Unspecified key origin.
  2823  	//   "USER_PROVIDED" - Key is provided by user.
  2824  	//   "GOOGLE_PROVIDED" - Key is provided by Google.
  2825  	KeyOrigin string `json:"keyOrigin,omitempty"`
  2826  	// KeyType: The key type.
  2827  	//
  2828  	// Possible values:
  2829  	//   "KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this in the
  2830  	// message will immediately result in an error.
  2831  	//   "USER_MANAGED" - User-managed keys (managed and rotated by the user).
  2832  	//   "SYSTEM_MANAGED" - System-managed keys (managed and rotated by Google).
  2833  	KeyType string `json:"keyType,omitempty"`
  2834  	// Name: The resource name of the service account key in the following format
  2835  	// `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.
  2836  	Name string `json:"name,omitempty"`
  2837  	// PrivateKeyData: The private key data. Only provided in
  2838  	// `CreateServiceAccountKey` responses. Make sure to keep the private key data
  2839  	// secure because it allows for the assertion of the service account identity.
  2840  	// When base64 decoded, the private key data can be used to authenticate with
  2841  	// Google API client libraries and with gcloud auth activate-service-account.
  2842  	PrivateKeyData string `json:"privateKeyData,omitempty"`
  2843  	// PrivateKeyType: The output format for the private key. Only provided in
  2844  	// `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` or
  2845  	// `ListServiceAccountKey` responses. Google never exposes system-managed
  2846  	// private keys, and never retains user-managed private keys.
  2847  	//
  2848  	// Possible values:
  2849  	//   "TYPE_UNSPECIFIED" - Unspecified. Equivalent to
  2850  	// `TYPE_GOOGLE_CREDENTIALS_FILE`.
  2851  	//   "TYPE_PKCS12_FILE" - PKCS12 format. The password for the PKCS12 file is
  2852  	// `notasecret`. For more information, see https://tools.ietf.org/html/rfc7292.
  2853  	//   "TYPE_GOOGLE_CREDENTIALS_FILE" - Google Credentials File format.
  2854  	PrivateKeyType string `json:"privateKeyType,omitempty"`
  2855  	// PublicKeyData: The public key data. Only provided in `GetServiceAccountKey`
  2856  	// responses.
  2857  	PublicKeyData string `json:"publicKeyData,omitempty"`
  2858  	// ValidAfterTime: The key can be used after this timestamp.
  2859  	ValidAfterTime string `json:"validAfterTime,omitempty"`
  2860  	// ValidBeforeTime: The key can be used before this timestamp. For
  2861  	// system-managed key pairs, this timestamp is the end time for the private key
  2862  	// signing operation. The public key could still be used for verification for a
  2863  	// few hours after this time.
  2864  	ValidBeforeTime string `json:"validBeforeTime,omitempty"`
  2865  
  2866  	// ServerResponse contains the HTTP response code and headers from the server.
  2867  	googleapi.ServerResponse `json:"-"`
  2868  	// ForceSendFields is a list of field names (e.g. "Contact") to unconditionally
  2869  	// include in API requests. By default, fields with empty or default values are
  2870  	// omitted from API requests. See
  2871  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2872  	// details.
  2873  	ForceSendFields []string `json:"-"`
  2874  	// NullFields is a list of field names (e.g. "Contact") to include in API
  2875  	// requests with the JSON null value. By default, fields with empty values are
  2876  	// omitted from API requests. See
  2877  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2878  	NullFields []string `json:"-"`
  2879  }
  2880  
  2881  func (s *ServiceAccountKey) MarshalJSON() ([]byte, error) {
  2882  	type NoMethod ServiceAccountKey
  2883  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2884  }
  2885  
  2886  // ServiceConfig: Configuration for a service.
  2887  type ServiceConfig struct {
  2888  	// Domain: Optional. Domain name of the service. Example: console.cloud.google
  2889  	Domain string `json:"domain,omitempty"`
  2890  	// ForceSendFields is a list of field names (e.g. "Domain") to unconditionally
  2891  	// include in API requests. By default, fields with empty or default values are
  2892  	// omitted from API requests. See
  2893  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2894  	// details.
  2895  	ForceSendFields []string `json:"-"`
  2896  	// NullFields is a list of field names (e.g. "Domain") to include in API
  2897  	// requests with the JSON null value. By default, fields with empty values are
  2898  	// omitted from API requests. See
  2899  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2900  	NullFields []string `json:"-"`
  2901  }
  2902  
  2903  func (s *ServiceConfig) MarshalJSON() ([]byte, error) {
  2904  	type NoMethod ServiceConfig
  2905  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2906  }
  2907  
  2908  // SetIamPolicyRequest: Request message for `SetIamPolicy` method.
  2909  type SetIamPolicyRequest struct {
  2910  	// Policy: REQUIRED: The complete policy to be applied to the `resource`. The
  2911  	// size of the policy is limited to a few 10s of KB. An empty policy is a valid
  2912  	// policy but certain Google Cloud services (such as Projects) might reject
  2913  	// them.
  2914  	Policy *Policy `json:"policy,omitempty"`
  2915  	// UpdateMask: OPTIONAL: A FieldMask specifying which fields of the policy to
  2916  	// modify. Only the fields in the mask will be modified. If no mask is
  2917  	// provided, the following default mask is used: `paths: "bindings, etag"
  2918  	UpdateMask string `json:"updateMask,omitempty"`
  2919  	// ForceSendFields is a list of field names (e.g. "Policy") to unconditionally
  2920  	// include in API requests. By default, fields with empty or default values are
  2921  	// omitted from API requests. See
  2922  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2923  	// details.
  2924  	ForceSendFields []string `json:"-"`
  2925  	// NullFields is a list of field names (e.g. "Policy") to include in API
  2926  	// requests with the JSON null value. By default, fields with empty values are
  2927  	// omitted from API requests. See
  2928  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2929  	NullFields []string `json:"-"`
  2930  }
  2931  
  2932  func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) {
  2933  	type NoMethod SetIamPolicyRequest
  2934  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2935  }
  2936  
  2937  // SignBlobRequest: Deprecated. Migrate to Service Account Credentials API
  2938  // (https://cloud.google.com/iam/help/credentials/migrate-api). The service
  2939  // account sign blob request.
  2940  type SignBlobRequest struct {
  2941  	// BytesToSign: Required. Deprecated. Migrate to Service Account Credentials
  2942  	// API (https://cloud.google.com/iam/help/credentials/migrate-api). The bytes
  2943  	// to sign.
  2944  	BytesToSign string `json:"bytesToSign,omitempty"`
  2945  	// ForceSendFields is a list of field names (e.g. "BytesToSign") to
  2946  	// unconditionally include in API requests. By default, fields with empty or
  2947  	// default values are omitted from API requests. See
  2948  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2949  	// details.
  2950  	ForceSendFields []string `json:"-"`
  2951  	// NullFields is a list of field names (e.g. "BytesToSign") to include in API
  2952  	// requests with the JSON null value. By default, fields with empty values are
  2953  	// omitted from API requests. See
  2954  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2955  	NullFields []string `json:"-"`
  2956  }
  2957  
  2958  func (s *SignBlobRequest) MarshalJSON() ([]byte, error) {
  2959  	type NoMethod SignBlobRequest
  2960  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2961  }
  2962  
  2963  // SignBlobResponse: Deprecated. Migrate to Service Account Credentials API
  2964  // (https://cloud.google.com/iam/help/credentials/migrate-api). The service
  2965  // account sign blob response.
  2966  type SignBlobResponse struct {
  2967  	// KeyId: Deprecated. Migrate to Service Account Credentials API
  2968  	// (https://cloud.google.com/iam/help/credentials/migrate-api). The id of the
  2969  	// key used to sign the blob.
  2970  	KeyId string `json:"keyId,omitempty"`
  2971  	// Signature: Deprecated. Migrate to Service Account Credentials API
  2972  	// (https://cloud.google.com/iam/help/credentials/migrate-api). The signed
  2973  	// blob.
  2974  	Signature string `json:"signature,omitempty"`
  2975  
  2976  	// ServerResponse contains the HTTP response code and headers from the server.
  2977  	googleapi.ServerResponse `json:"-"`
  2978  	// ForceSendFields is a list of field names (e.g. "KeyId") to unconditionally
  2979  	// include in API requests. By default, fields with empty or default values are
  2980  	// omitted from API requests. See
  2981  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2982  	// details.
  2983  	ForceSendFields []string `json:"-"`
  2984  	// NullFields is a list of field names (e.g. "KeyId") to include in API
  2985  	// requests with the JSON null value. By default, fields with empty values are
  2986  	// omitted from API requests. See
  2987  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2988  	NullFields []string `json:"-"`
  2989  }
  2990  
  2991  func (s *SignBlobResponse) MarshalJSON() ([]byte, error) {
  2992  	type NoMethod SignBlobResponse
  2993  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2994  }
  2995  
  2996  // SignJwtRequest: Deprecated. Migrate to Service Account Credentials API
  2997  // (https://cloud.google.com/iam/help/credentials/migrate-api). The service
  2998  // account sign JWT request.
  2999  type SignJwtRequest struct {
  3000  	// Payload: Required. Deprecated. Migrate to Service Account Credentials API
  3001  	// (https://cloud.google.com/iam/help/credentials/migrate-api). The JWT payload
  3002  	// to sign. Must be a serialized JSON object that contains a JWT Claims Set.
  3003  	// For example: `{"sub": "user@example.com", "iat": 313435}` If the JWT Claims
  3004  	// Set contains an expiration time (`exp`) claim, it must be an integer
  3005  	// timestamp that is not in the past and no more than 12 hours in the future.
  3006  	// If the JWT Claims Set does not contain an expiration time (`exp`) claim,
  3007  	// this claim is added automatically, with a timestamp that is 1 hour in the
  3008  	// future.
  3009  	Payload string `json:"payload,omitempty"`
  3010  	// ForceSendFields is a list of field names (e.g. "Payload") to unconditionally
  3011  	// include in API requests. By default, fields with empty or default values are
  3012  	// omitted from API requests. See
  3013  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3014  	// details.
  3015  	ForceSendFields []string `json:"-"`
  3016  	// NullFields is a list of field names (e.g. "Payload") to include in API
  3017  	// requests with the JSON null value. By default, fields with empty values are
  3018  	// omitted from API requests. See
  3019  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3020  	NullFields []string `json:"-"`
  3021  }
  3022  
  3023  func (s *SignJwtRequest) MarshalJSON() ([]byte, error) {
  3024  	type NoMethod SignJwtRequest
  3025  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3026  }
  3027  
  3028  // SignJwtResponse: Deprecated. Migrate to Service Account Credentials API
  3029  // (https://cloud.google.com/iam/help/credentials/migrate-api). The service
  3030  // account sign JWT response.
  3031  type SignJwtResponse struct {
  3032  	// KeyId: Deprecated. Migrate to Service Account Credentials API
  3033  	// (https://cloud.google.com/iam/help/credentials/migrate-api). The id of the
  3034  	// key used to sign the JWT.
  3035  	KeyId string `json:"keyId,omitempty"`
  3036  	// SignedJwt: Deprecated. Migrate to Service Account Credentials API
  3037  	// (https://cloud.google.com/iam/help/credentials/migrate-api). The signed JWT.
  3038  	SignedJwt string `json:"signedJwt,omitempty"`
  3039  
  3040  	// ServerResponse contains the HTTP response code and headers from the server.
  3041  	googleapi.ServerResponse `json:"-"`
  3042  	// ForceSendFields is a list of field names (e.g. "KeyId") to unconditionally
  3043  	// include in API requests. By default, fields with empty or default values are
  3044  	// omitted from API requests. See
  3045  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3046  	// details.
  3047  	ForceSendFields []string `json:"-"`
  3048  	// NullFields is a list of field names (e.g. "KeyId") to include in API
  3049  	// requests with the JSON null value. By default, fields with empty values are
  3050  	// omitted from API requests. See
  3051  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3052  	NullFields []string `json:"-"`
  3053  }
  3054  
  3055  func (s *SignJwtResponse) MarshalJSON() ([]byte, error) {
  3056  	type NoMethod SignJwtResponse
  3057  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3058  }
  3059  
  3060  // Status: The `Status` type defines a logical error model that is suitable for
  3061  // different programming environments, including REST APIs and RPC APIs. It is
  3062  // used by gRPC (https://github.com/grpc). Each `Status` message contains three
  3063  // pieces of data: error code, error message, and error details. You can find
  3064  // out more about this error model and how to work with it in the API Design
  3065  // Guide (https://cloud.google.com/apis/design/errors).
  3066  type Status struct {
  3067  	// Code: The status code, which should be an enum value of google.rpc.Code.
  3068  	Code int64 `json:"code,omitempty"`
  3069  	// Details: A list of messages that carry the error details. There is a common
  3070  	// set of message types for APIs to use.
  3071  	Details []googleapi.RawMessage `json:"details,omitempty"`
  3072  	// Message: A developer-facing error message, which should be in English. Any
  3073  	// user-facing error message should be localized and sent in the
  3074  	// google.rpc.Status.details field, or localized by the client.
  3075  	Message string `json:"message,omitempty"`
  3076  	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
  3077  	// include in API requests. By default, fields with empty or default values are
  3078  	// omitted from API requests. See
  3079  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3080  	// details.
  3081  	ForceSendFields []string `json:"-"`
  3082  	// NullFields is a list of field names (e.g. "Code") to include in API requests
  3083  	// with the JSON null value. By default, fields with empty values are omitted
  3084  	// from API requests. See
  3085  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3086  	NullFields []string `json:"-"`
  3087  }
  3088  
  3089  func (s *Status) MarshalJSON() ([]byte, error) {
  3090  	type NoMethod Status
  3091  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3092  }
  3093  
  3094  // TestIamPermissionsRequest: Request message for `TestIamPermissions` method.
  3095  type TestIamPermissionsRequest struct {
  3096  	// Permissions: The set of permissions to check for the `resource`. Permissions
  3097  	// with wildcards (such as `*` or `storage.*`) are not allowed. For more
  3098  	// information see IAM Overview
  3099  	// (https://cloud.google.com/iam/docs/overview#permissions).
  3100  	Permissions []string `json:"permissions,omitempty"`
  3101  	// ForceSendFields is a list of field names (e.g. "Permissions") to
  3102  	// unconditionally include in API requests. By default, fields with empty or
  3103  	// default values are omitted from API requests. See
  3104  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3105  	// details.
  3106  	ForceSendFields []string `json:"-"`
  3107  	// NullFields is a list of field names (e.g. "Permissions") to include in API
  3108  	// requests with the JSON null value. By default, fields with empty values are
  3109  	// omitted from API requests. See
  3110  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3111  	NullFields []string `json:"-"`
  3112  }
  3113  
  3114  func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) {
  3115  	type NoMethod TestIamPermissionsRequest
  3116  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3117  }
  3118  
  3119  // TestIamPermissionsResponse: Response message for `TestIamPermissions`
  3120  // method.
  3121  type TestIamPermissionsResponse struct {
  3122  	// Permissions: A subset of `TestPermissionsRequest.permissions` that the
  3123  	// caller is allowed.
  3124  	Permissions []string `json:"permissions,omitempty"`
  3125  
  3126  	// ServerResponse contains the HTTP response code and headers from the server.
  3127  	googleapi.ServerResponse `json:"-"`
  3128  	// ForceSendFields is a list of field names (e.g. "Permissions") to
  3129  	// unconditionally include in API requests. By default, fields with empty or
  3130  	// default values are omitted from API requests. See
  3131  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3132  	// details.
  3133  	ForceSendFields []string `json:"-"`
  3134  	// NullFields is a list of field names (e.g. "Permissions") to include in API
  3135  	// requests with the JSON null value. By default, fields with empty values are
  3136  	// omitted from API requests. See
  3137  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3138  	NullFields []string `json:"-"`
  3139  }
  3140  
  3141  func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
  3142  	type NoMethod TestIamPermissionsResponse
  3143  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3144  }
  3145  
  3146  // UndeleteOauthClientRequest: Request message for UndeleteOauthClient.
  3147  type UndeleteOauthClientRequest struct {
  3148  }
  3149  
  3150  // UndeleteRoleRequest: The request to undelete an existing role.
  3151  type UndeleteRoleRequest struct {
  3152  	// Etag: Used to perform a consistent read-modify-write.
  3153  	Etag string `json:"etag,omitempty"`
  3154  	// ForceSendFields is a list of field names (e.g. "Etag") to unconditionally
  3155  	// include in API requests. By default, fields with empty or default values are
  3156  	// omitted from API requests. See
  3157  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3158  	// details.
  3159  	ForceSendFields []string `json:"-"`
  3160  	// NullFields is a list of field names (e.g. "Etag") to include in API requests
  3161  	// with the JSON null value. By default, fields with empty values are omitted
  3162  	// from API requests. See
  3163  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3164  	NullFields []string `json:"-"`
  3165  }
  3166  
  3167  func (s *UndeleteRoleRequest) MarshalJSON() ([]byte, error) {
  3168  	type NoMethod UndeleteRoleRequest
  3169  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3170  }
  3171  
  3172  // UndeleteServiceAccountRequest: The service account undelete request.
  3173  type UndeleteServiceAccountRequest struct {
  3174  }
  3175  
  3176  type UndeleteServiceAccountResponse struct {
  3177  	// RestoredAccount: Metadata for the restored service account.
  3178  	RestoredAccount *ServiceAccount `json:"restoredAccount,omitempty"`
  3179  
  3180  	// ServerResponse contains the HTTP response code and headers from the server.
  3181  	googleapi.ServerResponse `json:"-"`
  3182  	// ForceSendFields is a list of field names (e.g. "RestoredAccount") to
  3183  	// unconditionally include in API requests. By default, fields with empty or
  3184  	// default values are omitted from API requests. See
  3185  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3186  	// details.
  3187  	ForceSendFields []string `json:"-"`
  3188  	// NullFields is a list of field names (e.g. "RestoredAccount") to include in
  3189  	// API requests with the JSON null value. By default, fields with empty values
  3190  	// are omitted from API requests. See
  3191  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3192  	NullFields []string `json:"-"`
  3193  }
  3194  
  3195  func (s *UndeleteServiceAccountResponse) MarshalJSON() ([]byte, error) {
  3196  	type NoMethod UndeleteServiceAccountResponse
  3197  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3198  }
  3199  
  3200  // UndeleteWorkforcePoolProviderKeyRequest: Request message for
  3201  // UndeleteWorkforcePoolProviderKey.
  3202  type UndeleteWorkforcePoolProviderKeyRequest struct {
  3203  }
  3204  
  3205  // UndeleteWorkforcePoolProviderRequest: Request message for
  3206  // UndeleteWorkforcePoolProvider.
  3207  type UndeleteWorkforcePoolProviderRequest struct {
  3208  }
  3209  
  3210  // UndeleteWorkforcePoolRequest: Request message for UndeleteWorkforcePool.
  3211  type UndeleteWorkforcePoolRequest struct {
  3212  }
  3213  
  3214  // UndeleteWorkforcePoolSubjectRequest: Request message for
  3215  // UndeleteWorkforcePoolSubject.
  3216  type UndeleteWorkforcePoolSubjectRequest struct {
  3217  }
  3218  
  3219  // UndeleteWorkloadIdentityPoolProviderKeyRequest: Request message for
  3220  // UndeleteWorkloadIdentityPoolProviderKey.
  3221  type UndeleteWorkloadIdentityPoolProviderKeyRequest struct {
  3222  }
  3223  
  3224  // UndeleteWorkloadIdentityPoolProviderRequest: Request message for
  3225  // UndeleteWorkloadIdentityPoolProvider.
  3226  type UndeleteWorkloadIdentityPoolProviderRequest struct {
  3227  }
  3228  
  3229  // UndeleteWorkloadIdentityPoolRequest: Request message for
  3230  // UndeleteWorkloadIdentityPool.
  3231  type UndeleteWorkloadIdentityPoolRequest struct {
  3232  }
  3233  
  3234  // UploadServiceAccountKeyRequest: The service account key upload request.
  3235  type UploadServiceAccountKeyRequest struct {
  3236  	// PublicKeyData: The public key to associate with the service account. Must be
  3237  	// an RSA public key that is wrapped in an X.509 v3 certificate. Include the
  3238  	// first line, `-----BEGIN CERTIFICATE-----`, and the last line, `-----END
  3239  	// CERTIFICATE-----`.
  3240  	PublicKeyData string `json:"publicKeyData,omitempty"`
  3241  	// ForceSendFields is a list of field names (e.g. "PublicKeyData") to
  3242  	// unconditionally include in API requests. By default, fields with empty or
  3243  	// default values are omitted from API requests. See
  3244  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3245  	// details.
  3246  	ForceSendFields []string `json:"-"`
  3247  	// NullFields is a list of field names (e.g. "PublicKeyData") to include in API
  3248  	// requests with the JSON null value. By default, fields with empty values are
  3249  	// omitted from API requests. See
  3250  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3251  	NullFields []string `json:"-"`
  3252  }
  3253  
  3254  func (s *UploadServiceAccountKeyRequest) MarshalJSON() ([]byte, error) {
  3255  	type NoMethod UploadServiceAccountKeyRequest
  3256  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3257  }
  3258  
  3259  // WorkforcePool: Represents a collection of external workforces. Provides
  3260  // namespaces for federated users that can be referenced in IAM policies.
  3261  type WorkforcePool struct {
  3262  	// AccessRestrictions: Optional. Configure access restrictions on the workforce
  3263  	// pool users. This is an optional field. If specified web sign-in can be
  3264  	// restricted to given set of services or programmatic sign-in can be disabled
  3265  	// for pool users.
  3266  	AccessRestrictions *AccessRestrictions `json:"accessRestrictions,omitempty"`
  3267  	// Description: A user-specified description of the pool. Cannot exceed 256
  3268  	// characters.
  3269  	Description string `json:"description,omitempty"`
  3270  	// Disabled: Disables the workforce pool. You cannot use a disabled pool to
  3271  	// exchange tokens, or use existing tokens to access resources. If the pool is
  3272  	// re-enabled, existing tokens grant access again.
  3273  	Disabled bool `json:"disabled,omitempty"`
  3274  	// DisplayName: A user-specified display name of the pool in Google Cloud
  3275  	// Console. Cannot exceed 32 characters.
  3276  	DisplayName string `json:"displayName,omitempty"`
  3277  	// ExpireTime: Output only. Time after which the workforce pool will be
  3278  	// permanently purged and cannot be recovered.
  3279  	ExpireTime string `json:"expireTime,omitempty"`
  3280  	// Name: Output only. The resource name of the pool. Format:
  3281  	// `locations/{location}/workforcePools/{workforce_pool_id}`
  3282  	Name string `json:"name,omitempty"`
  3283  	// Parent: Immutable. The resource name of the parent. Format:
  3284  	// `organizations/{org-id}`.
  3285  	Parent string `json:"parent,omitempty"`
  3286  	// SessionDuration: Duration that the Google Cloud access tokens, console
  3287  	// sign-in sessions, and `gcloud` sign-in sessions from this pool are valid.
  3288  	// Must be greater than 15 minutes (900s) and less than 12 hours (43200s). If
  3289  	// `session_duration` is not configured, minted credentials have a default
  3290  	// duration of one hour (3600s). For SAML providers, the lifetime of the token
  3291  	// is the minimum of the `session_duration` and the `SessionNotOnOrAfter` claim
  3292  	// in the SAML assertion.
  3293  	SessionDuration string `json:"sessionDuration,omitempty"`
  3294  	// State: Output only. The state of the pool.
  3295  	//
  3296  	// Possible values:
  3297  	//   "STATE_UNSPECIFIED" - State unspecified.
  3298  	//   "ACTIVE" - The pool is active and may be used in Google Cloud policies.
  3299  	//   "DELETED" - The pool is soft-deleted. Soft-deleted pools are permanently
  3300  	// deleted after approximately 30 days. You can restore a soft-deleted pool
  3301  	// using UndeleteWorkforcePool. You cannot reuse the ID of a soft-deleted pool
  3302  	// until it is permanently deleted. While a pool is deleted, you cannot use it
  3303  	// to exchange tokens, or use existing tokens to access resources. If the pool
  3304  	// is undeleted, existing tokens grant access again.
  3305  	State string `json:"state,omitempty"`
  3306  
  3307  	// ServerResponse contains the HTTP response code and headers from the server.
  3308  	googleapi.ServerResponse `json:"-"`
  3309  	// ForceSendFields is a list of field names (e.g. "AccessRestrictions") to
  3310  	// unconditionally include in API requests. By default, fields with empty or
  3311  	// default values are omitted from API requests. See
  3312  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3313  	// details.
  3314  	ForceSendFields []string `json:"-"`
  3315  	// NullFields is a list of field names (e.g. "AccessRestrictions") to include
  3316  	// in API requests with the JSON null value. By default, fields with empty
  3317  	// values are omitted from API requests. See
  3318  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3319  	NullFields []string `json:"-"`
  3320  }
  3321  
  3322  func (s *WorkforcePool) MarshalJSON() ([]byte, error) {
  3323  	type NoMethod WorkforcePool
  3324  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3325  }
  3326  
  3327  // WorkforcePoolProvider: A configuration for an external identity provider.
  3328  type WorkforcePoolProvider struct {
  3329  	// AttributeCondition: A Common Expression Language
  3330  	// (https://opensource.google/projects/cel) expression, in plain text, to
  3331  	// restrict what otherwise valid authentication credentials issued by the
  3332  	// provider should not be accepted. The expression must output a boolean
  3333  	// representing whether to allow the federation. The following keywords may be
  3334  	// referenced in the expressions: * `assertion`: JSON representing the
  3335  	// authentication credential issued by the provider. * `google`: The Google
  3336  	// attributes mapped from the assertion in the `attribute_mappings`.
  3337  	// `google.profile_photo`, `google.display_name` and `google.posix_username`
  3338  	// are not supported. * `attribute`: The custom attributes mapped from the
  3339  	// assertion in the `attribute_mappings`. The maximum length of the attribute
  3340  	// condition expression is 4096 characters. If unspecified, all valid
  3341  	// authentication credentials will be accepted. The following example shows how
  3342  	// to only allow credentials with a mapped `google.groups` value of `admins`:
  3343  	// ``` "'admins' in google.groups" ```
  3344  	AttributeCondition string `json:"attributeCondition,omitempty"`
  3345  	// AttributeMapping: Required. Maps attributes from the authentication
  3346  	// credentials issued by an external identity provider to Google Cloud
  3347  	// attributes, such as `subject` and `segment`. Each key must be a string
  3348  	// specifying the Google Cloud IAM attribute to map to. The following keys are
  3349  	// supported: * `google.subject`: The principal IAM is authenticating. You can
  3350  	// reference this value in IAM bindings. This is also the subject that appears
  3351  	// in Cloud Logging logs. This is a required field and the mapped subject
  3352  	// cannot exceed 127 bytes. * `google.groups`: Groups the authenticating user
  3353  	// belongs to. You can grant groups access to resources using an IAM
  3354  	// `principalSet` binding; access applies to all members of the group. *
  3355  	// `google.display_name`: The name of the authenticated user. This is an
  3356  	// optional field and the mapped display name cannot exceed 100 bytes. If not
  3357  	// set, `google.subject` will be displayed instead. This attribute cannot be
  3358  	// referenced in IAM bindings. * `google.profile_photo`: The URL that specifies
  3359  	// the authenticated user's thumbnail photo. This is an optional field. When
  3360  	// set, the image will be visible as the user's profile picture. If not set, a
  3361  	// generic user icon will be displayed instead. This attribute cannot be
  3362  	// referenced in IAM bindings. * `google.posix_username`: The Linux username
  3363  	// used by OS Login. This is an optional field and the mapped POSIX username
  3364  	// cannot exceed 32 characters, The key must match the regex
  3365  	// "^a-zA-Z0-9._{0,31}$". This attribute cannot be referenced in IAM bindings.
  3366  	// You can also provide custom attributes by specifying
  3367  	// `attribute.{custom_attribute}`, where {custom_attribute} is the name of the
  3368  	// custom attribute to be mapped. You can define a maximum of 50 custom
  3369  	// attributes. The maximum length of a mapped attribute key is 100 characters,
  3370  	// and the key may only contain the characters [a-z0-9_]. You can reference
  3371  	// these attributes in IAM policies to define fine-grained access for a
  3372  	// workforce pool to Google Cloud resources. For example: * `google.subject`:
  3373  	// `principal://iam.googleapis.com/locations/global/workforcePools/{pool}/subjec
  3374  	// t/{value}` * `google.groups`:
  3375  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/gro
  3376  	// up/{value}` * `attribute.{custom_attribute}`:
  3377  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool}/att
  3378  	// ribute.{custom_attribute}/{value}` Each value must be a [Common Expression
  3379  	// Language] (https://opensource.google/projects/cel) function that maps an
  3380  	// identity provider credential to the normalized attribute specified by the
  3381  	// corresponding map key. You can use the `assertion` keyword in the expression
  3382  	// to access a JSON representation of the authentication credential issued by
  3383  	// the provider. The maximum length of an attribute mapping expression is 2048
  3384  	// characters. When evaluated, the total size of all mapped attributes must not
  3385  	// exceed 4KB. For OIDC providers, you must supply a custom mapping that
  3386  	// includes the `google.subject` attribute. For example, the following maps the
  3387  	// `sub` claim of the incoming credential to the `subject` attribute on a
  3388  	// Google token: ``` {"google.subject": "assertion.sub"} ```
  3389  	AttributeMapping map[string]string `json:"attributeMapping,omitempty"`
  3390  	// Description: A user-specified description of the provider. Cannot exceed 256
  3391  	// characters.
  3392  	Description string `json:"description,omitempty"`
  3393  	// Disabled: Disables the workforce pool provider. You cannot use a disabled
  3394  	// provider to exchange tokens. However, existing tokens still grant access.
  3395  	Disabled bool `json:"disabled,omitempty"`
  3396  	// DisplayName: A user-specified display name for the provider. Cannot exceed
  3397  	// 32 characters.
  3398  	DisplayName string `json:"displayName,omitempty"`
  3399  	// ExpireTime: Output only. Time after which the workload pool provider will be
  3400  	// permanently purged and cannot be recovered.
  3401  	ExpireTime string `json:"expireTime,omitempty"`
  3402  	// ExtraAttributesOauth2Client: Optional. The configuration for OAuth 2.0
  3403  	// client used to get the additional user attributes. This should be used when
  3404  	// users can't get the desired claims in authentication credentials. Currently
  3405  	// this configuration is only supported with OIDC protocol.
  3406  	ExtraAttributesOauth2Client *GoogleIamAdminV1WorkforcePoolProviderExtraAttributesOAuth2Client `json:"extraAttributesOauth2Client,omitempty"`
  3407  	// Name: Output only. The resource name of the provider. Format:
  3408  	// `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provider_
  3409  	// id}`
  3410  	Name string `json:"name,omitempty"`
  3411  	// Oidc: An OpenId Connect 1.0 identity provider configuration.
  3412  	Oidc *GoogleIamAdminV1WorkforcePoolProviderOidc `json:"oidc,omitempty"`
  3413  	// Saml: A SAML identity provider configuration.
  3414  	Saml *GoogleIamAdminV1WorkforcePoolProviderSaml `json:"saml,omitempty"`
  3415  	// State: Output only. The state of the provider.
  3416  	//
  3417  	// Possible values:
  3418  	//   "STATE_UNSPECIFIED" - State unspecified.
  3419  	//   "ACTIVE" - The provider is active and may be used to validate
  3420  	// authentication credentials.
  3421  	//   "DELETED" - The provider is soft-deleted. Soft-deleted providers are
  3422  	// permanently deleted after approximately 30 days. You can restore a
  3423  	// soft-deleted provider using UndeleteWorkforcePoolProvider.
  3424  	State string `json:"state,omitempty"`
  3425  
  3426  	// ServerResponse contains the HTTP response code and headers from the server.
  3427  	googleapi.ServerResponse `json:"-"`
  3428  	// ForceSendFields is a list of field names (e.g. "AttributeCondition") to
  3429  	// unconditionally include in API requests. By default, fields with empty or
  3430  	// default values are omitted from API requests. See
  3431  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3432  	// details.
  3433  	ForceSendFields []string `json:"-"`
  3434  	// NullFields is a list of field names (e.g. "AttributeCondition") to include
  3435  	// in API requests with the JSON null value. By default, fields with empty
  3436  	// values are omitted from API requests. See
  3437  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3438  	NullFields []string `json:"-"`
  3439  }
  3440  
  3441  func (s *WorkforcePoolProvider) MarshalJSON() ([]byte, error) {
  3442  	type NoMethod WorkforcePoolProvider
  3443  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3444  }
  3445  
  3446  // WorkforcePoolProviderKey: Represents a public key configuration for a
  3447  // Workforce Pool Provider. The key can be configured in your identity provider
  3448  // to encrypt SAML assertions. Google holds the corresponding private key,
  3449  // which it uses to decrypt encrypted tokens.
  3450  type WorkforcePoolProviderKey struct {
  3451  	// ExpireTime: Output only. The time after which the key will be permanently
  3452  	// deleted and cannot be recovered. Note that the key may get purged before
  3453  	// this time if the total limit of keys per provider is exceeded.
  3454  	ExpireTime string `json:"expireTime,omitempty"`
  3455  	// KeyData: Immutable. Public half of the asymmetric key.
  3456  	KeyData *KeyData `json:"keyData,omitempty"`
  3457  	// Name: Output only. The resource name of the key.
  3458  	Name string `json:"name,omitempty"`
  3459  	// State: Output only. The state of the key.
  3460  	//
  3461  	// Possible values:
  3462  	//   "STATE_UNSPECIFIED" - State unspecified.
  3463  	//   "ACTIVE" - The key is active.
  3464  	//   "DELETED" - The key is soft-deleted. Soft-deleted keys are permanently
  3465  	// deleted after approximately 30 days. You can restore a soft-deleted key
  3466  	// using UndeleteWorkforcePoolProviderKey.
  3467  	State string `json:"state,omitempty"`
  3468  	// Use: Required. The purpose of the key.
  3469  	//
  3470  	// Possible values:
  3471  	//   "KEY_USE_UNSPECIFIED" - KeyUse unspecified.
  3472  	//   "ENCRYPTION" - The key is used for encryption.
  3473  	Use string `json:"use,omitempty"`
  3474  
  3475  	// ServerResponse contains the HTTP response code and headers from the server.
  3476  	googleapi.ServerResponse `json:"-"`
  3477  	// ForceSendFields is a list of field names (e.g. "ExpireTime") to
  3478  	// unconditionally include in API requests. By default, fields with empty or
  3479  	// default values are omitted from API requests. See
  3480  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3481  	// details.
  3482  	ForceSendFields []string `json:"-"`
  3483  	// NullFields is a list of field names (e.g. "ExpireTime") to include in API
  3484  	// requests with the JSON null value. By default, fields with empty values are
  3485  	// omitted from API requests. See
  3486  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3487  	NullFields []string `json:"-"`
  3488  }
  3489  
  3490  func (s *WorkforcePoolProviderKey) MarshalJSON() ([]byte, error) {
  3491  	type NoMethod WorkforcePoolProviderKey
  3492  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3493  }
  3494  
  3495  // WorkloadIdentityPool: Represents a collection of workload identities. You
  3496  // can define IAM policies to grant these identities access to Google Cloud
  3497  // resources.
  3498  type WorkloadIdentityPool struct {
  3499  	// Description: A description of the pool. Cannot exceed 256 characters.
  3500  	Description string `json:"description,omitempty"`
  3501  	// Disabled: Whether the pool is disabled. You cannot use a disabled pool to
  3502  	// exchange tokens, or use existing tokens to access resources. If the pool is
  3503  	// re-enabled, existing tokens grant access again.
  3504  	Disabled bool `json:"disabled,omitempty"`
  3505  	// DisplayName: A display name for the pool. Cannot exceed 32 characters.
  3506  	DisplayName string `json:"displayName,omitempty"`
  3507  	// ExpireTime: Output only. Time after which the workload identity pool will be
  3508  	// permanently purged and cannot be recovered.
  3509  	ExpireTime string `json:"expireTime,omitempty"`
  3510  	// Name: Output only. The resource name of the pool.
  3511  	Name string `json:"name,omitempty"`
  3512  	// State: Output only. The state of the pool.
  3513  	//
  3514  	// Possible values:
  3515  	//   "STATE_UNSPECIFIED" - State unspecified.
  3516  	//   "ACTIVE" - The pool is active, and may be used in Google Cloud policies.
  3517  	//   "DELETED" - The pool is soft-deleted. Soft-deleted pools are permanently
  3518  	// deleted after approximately 30 days. You can restore a soft-deleted pool
  3519  	// using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a
  3520  	// soft-deleted pool until it is permanently deleted. While a pool is deleted,
  3521  	// you cannot use it to exchange tokens, or use existing tokens to access
  3522  	// resources. If the pool is undeleted, existing tokens grant access again.
  3523  	State string `json:"state,omitempty"`
  3524  
  3525  	// ServerResponse contains the HTTP response code and headers from the server.
  3526  	googleapi.ServerResponse `json:"-"`
  3527  	// ForceSendFields is a list of field names (e.g. "Description") to
  3528  	// unconditionally include in API requests. By default, fields with empty or
  3529  	// default values are omitted from API requests. See
  3530  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3531  	// details.
  3532  	ForceSendFields []string `json:"-"`
  3533  	// NullFields is a list of field names (e.g. "Description") to include in API
  3534  	// requests with the JSON null value. By default, fields with empty values are
  3535  	// omitted from API requests. See
  3536  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3537  	NullFields []string `json:"-"`
  3538  }
  3539  
  3540  func (s *WorkloadIdentityPool) MarshalJSON() ([]byte, error) {
  3541  	type NoMethod WorkloadIdentityPool
  3542  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3543  }
  3544  
  3545  // WorkloadIdentityPoolOperationMetadata: Metadata for long-running
  3546  // WorkloadIdentityPool operations.
  3547  type WorkloadIdentityPoolOperationMetadata struct {
  3548  }
  3549  
  3550  // WorkloadIdentityPoolProvider: A configuration for an external identity
  3551  // provider.
  3552  type WorkloadIdentityPoolProvider struct {
  3553  	// AttributeCondition: A Common Expression Language
  3554  	// (https://opensource.google/projects/cel) expression, in plain text, to
  3555  	// restrict what otherwise valid authentication credentials issued by the
  3556  	// provider should not be accepted. The expression must output a boolean
  3557  	// representing whether to allow the federation. The following keywords may be
  3558  	// referenced in the expressions: * `assertion`: JSON representing the
  3559  	// authentication credential issued by the provider. * `google`: The Google
  3560  	// attributes mapped from the assertion in the `attribute_mappings`. *
  3561  	// `attribute`: The custom attributes mapped from the assertion in the
  3562  	// `attribute_mappings`. The maximum length of the attribute condition
  3563  	// expression is 4096 characters. If unspecified, all valid authentication
  3564  	// credential are accepted. The following example shows how to only allow
  3565  	// credentials with a mapped `google.groups` value of `admins`: ``` "'admins'
  3566  	// in google.groups" ```
  3567  	AttributeCondition string `json:"attributeCondition,omitempty"`
  3568  	// AttributeMapping:  Maps attributes from authentication credentials issued by
  3569  	// an external identity provider to Google Cloud attributes, such as `subject`
  3570  	// and `segment`. Each key must be a string specifying the Google Cloud IAM
  3571  	// attribute to map to. The following keys are supported: * `google.subject`:
  3572  	// The principal IAM is authenticating. You can reference this value in IAM
  3573  	// bindings. This is also the subject that appears in Cloud Logging logs.
  3574  	// Cannot exceed 127 bytes. * `google.groups`: Groups the external identity
  3575  	// belongs to. You can grant groups access to resources using an IAM
  3576  	// `principalSet` binding; access applies to all members of the group. You can
  3577  	// also provide custom attributes by specifying `attribute.{custom_attribute}`,
  3578  	// where `{custom_attribute}` is the name of the custom attribute to be mapped.
  3579  	// You can define a maximum of 50 custom attributes. The maximum length of a
  3580  	// mapped attribute key is 100 characters, and the key may only contain the
  3581  	// characters [a-z0-9_]. You can reference these attributes in IAM policies to
  3582  	// define fine-grained access for a workload to Google Cloud resources. For
  3583  	// example: * `google.subject`:
  3584  	// `principal://iam.googleapis.com/projects/{project}/locations/{location}/workl
  3585  	// oadIdentityPools/{pool}/subject/{value}` * `google.groups`:
  3586  	// `principalSet://iam.googleapis.com/projects/{project}/locations/{location}/wo
  3587  	// rkloadIdentityPools/{pool}/group/{value}` * `attribute.{custom_attribute}`:
  3588  	// `principalSet://iam.googleapis.com/projects/{project}/locations/{location}/wo
  3589  	// rkloadIdentityPools/{pool}/attribute.{custom_attribute}/{value}` Each value
  3590  	// must be a [Common Expression Language]
  3591  	// (https://opensource.google/projects/cel) function that maps an identity
  3592  	// provider credential to the normalized attribute specified by the
  3593  	// corresponding map key. You can use the `assertion` keyword in the expression
  3594  	// to access a JSON representation of the authentication credential issued by
  3595  	// the provider. The maximum length of an attribute mapping expression is 2048
  3596  	// characters. When evaluated, the total size of all mapped attributes must not
  3597  	// exceed 8KB. For AWS providers, if no attribute mapping is defined, the
  3598  	// following default mapping applies: ``` { "google.subject":"assertion.arn",
  3599  	// "attribute.aws_role": "assertion.arn.contains('assumed-role')" " ?
  3600  	// assertion.arn.extract('{account_arn}assumed-role/')" " + 'assumed-role/'" "
  3601  	// + assertion.arn.extract('assumed-role/{role_name}/')" " : assertion.arn", }
  3602  	// ``` If any custom attribute mappings are defined, they must include a
  3603  	// mapping to the `google.subject` attribute. For OIDC providers, you must
  3604  	// supply a custom mapping, which must include the `google.subject` attribute.
  3605  	// For example, the following maps the `sub` claim of the incoming credential
  3606  	// to the `subject` attribute on a Google token: ``` {"google.subject":
  3607  	// "assertion.sub"} ```
  3608  	AttributeMapping map[string]string `json:"attributeMapping,omitempty"`
  3609  	// Aws: An Amazon Web Services identity provider.
  3610  	Aws *Aws `json:"aws,omitempty"`
  3611  	// Description: A description for the provider. Cannot exceed 256 characters.
  3612  	Description string `json:"description,omitempty"`
  3613  	// Disabled: Whether the provider is disabled. You cannot use a disabled
  3614  	// provider to exchange tokens. However, existing tokens still grant access.
  3615  	Disabled bool `json:"disabled,omitempty"`
  3616  	// DisplayName: A display name for the provider. Cannot exceed 32 characters.
  3617  	DisplayName string `json:"displayName,omitempty"`
  3618  	// ExpireTime: Output only. Time after which the workload identity pool
  3619  	// provider will be permanently purged and cannot be recovered.
  3620  	ExpireTime string `json:"expireTime,omitempty"`
  3621  	// Name: Output only. The resource name of the provider.
  3622  	Name string `json:"name,omitempty"`
  3623  	// Oidc: An OpenId Connect 1.0 identity provider.
  3624  	Oidc *Oidc `json:"oidc,omitempty"`
  3625  	// Saml: An SAML 2.0 identity provider.
  3626  	Saml *Saml `json:"saml,omitempty"`
  3627  	// State: Output only. The state of the provider.
  3628  	//
  3629  	// Possible values:
  3630  	//   "STATE_UNSPECIFIED" - State unspecified.
  3631  	//   "ACTIVE" - The provider is active, and may be used to validate
  3632  	// authentication credentials.
  3633  	//   "DELETED" - The provider is soft-deleted. Soft-deleted providers are
  3634  	// permanently deleted after approximately 30 days. You can restore a
  3635  	// soft-deleted provider using UndeleteWorkloadIdentityPoolProvider. You cannot
  3636  	// reuse the ID of a soft-deleted provider until it is permanently deleted.
  3637  	State string `json:"state,omitempty"`
  3638  
  3639  	// ServerResponse contains the HTTP response code and headers from the server.
  3640  	googleapi.ServerResponse `json:"-"`
  3641  	// ForceSendFields is a list of field names (e.g. "AttributeCondition") to
  3642  	// unconditionally include in API requests. By default, fields with empty or
  3643  	// default values are omitted from API requests. See
  3644  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3645  	// details.
  3646  	ForceSendFields []string `json:"-"`
  3647  	// NullFields is a list of field names (e.g. "AttributeCondition") to include
  3648  	// in API requests with the JSON null value. By default, fields with empty
  3649  	// values are omitted from API requests. See
  3650  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3651  	NullFields []string `json:"-"`
  3652  }
  3653  
  3654  func (s *WorkloadIdentityPoolProvider) MarshalJSON() ([]byte, error) {
  3655  	type NoMethod WorkloadIdentityPoolProvider
  3656  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3657  }
  3658  
  3659  // WorkloadIdentityPoolProviderKey: Represents a public key configuration for
  3660  // your workload identity pool provider. The key can be configured in your
  3661  // identity provider to encrypt the SAML assertions. Google holds the
  3662  // corresponding private key which it uses to decrypt encrypted tokens.
  3663  type WorkloadIdentityPoolProviderKey struct {
  3664  	// ExpireTime: Output only. Time after which the key will be permanently purged
  3665  	// and cannot be recovered. Note that the key may get purged before this
  3666  	// timestamp if the total limit of keys per provider is crossed.
  3667  	ExpireTime string `json:"expireTime,omitempty"`
  3668  	// KeyData: Immutable. Public half of the asymmetric key.
  3669  	KeyData *KeyData `json:"keyData,omitempty"`
  3670  	// Name: Output only. The resource name of the key.
  3671  	Name string `json:"name,omitempty"`
  3672  	// State: Output only. The state of the key.
  3673  	//
  3674  	// Possible values:
  3675  	//   "STATE_UNSPECIFIED" - State unspecified.
  3676  	//   "ACTIVE" - The key is active.
  3677  	//   "DELETED" - The key is soft-deleted. Soft-deleted keys are permanently
  3678  	// deleted after approximately 30 days. You can restore a soft-deleted key
  3679  	// using UndeleteWorkloadIdentityPoolProviderKey. While a key is deleted, you
  3680  	// cannot use it during the federation.
  3681  	State string `json:"state,omitempty"`
  3682  	// Use: Required. The purpose of the key.
  3683  	//
  3684  	// Possible values:
  3685  	//   "KEY_USE_UNSPECIFIED" - The key use is not known.
  3686  	//   "ENCRYPTION" - The public key is used for encryption purposes.
  3687  	Use string `json:"use,omitempty"`
  3688  
  3689  	// ServerResponse contains the HTTP response code and headers from the server.
  3690  	googleapi.ServerResponse `json:"-"`
  3691  	// ForceSendFields is a list of field names (e.g. "ExpireTime") to
  3692  	// unconditionally include in API requests. By default, fields with empty or
  3693  	// default values are omitted from API requests. See
  3694  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  3695  	// details.
  3696  	ForceSendFields []string `json:"-"`
  3697  	// NullFields is a list of field names (e.g. "ExpireTime") to include in API
  3698  	// requests with the JSON null value. By default, fields with empty values are
  3699  	// omitted from API requests. See
  3700  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  3701  	NullFields []string `json:"-"`
  3702  }
  3703  
  3704  func (s *WorkloadIdentityPoolProviderKey) MarshalJSON() ([]byte, error) {
  3705  	type NoMethod WorkloadIdentityPoolProviderKey
  3706  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  3707  }
  3708  
  3709  type IamPoliciesLintPolicyCall struct {
  3710  	s                 *Service
  3711  	lintpolicyrequest *LintPolicyRequest
  3712  	urlParams_        gensupport.URLParams
  3713  	ctx_              context.Context
  3714  	header_           http.Header
  3715  }
  3716  
  3717  // LintPolicy: Lints, or validates, an IAM policy. Currently checks the
  3718  // google.iam.v1.Binding.condition field, which contains a condition expression
  3719  // for a role binding. Successful calls to this method always return an HTTP
  3720  // `200 OK` status code, even if the linter detects an issue in the IAM policy.
  3721  func (r *IamPoliciesService) LintPolicy(lintpolicyrequest *LintPolicyRequest) *IamPoliciesLintPolicyCall {
  3722  	c := &IamPoliciesLintPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3723  	c.lintpolicyrequest = lintpolicyrequest
  3724  	return c
  3725  }
  3726  
  3727  // Fields allows partial responses to be retrieved. See
  3728  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3729  // details.
  3730  func (c *IamPoliciesLintPolicyCall) Fields(s ...googleapi.Field) *IamPoliciesLintPolicyCall {
  3731  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3732  	return c
  3733  }
  3734  
  3735  // Context sets the context to be used in this call's Do method.
  3736  func (c *IamPoliciesLintPolicyCall) Context(ctx context.Context) *IamPoliciesLintPolicyCall {
  3737  	c.ctx_ = ctx
  3738  	return c
  3739  }
  3740  
  3741  // Header returns a http.Header that can be modified by the caller to add
  3742  // headers to the request.
  3743  func (c *IamPoliciesLintPolicyCall) Header() http.Header {
  3744  	if c.header_ == nil {
  3745  		c.header_ = make(http.Header)
  3746  	}
  3747  	return c.header_
  3748  }
  3749  
  3750  func (c *IamPoliciesLintPolicyCall) doRequest(alt string) (*http.Response, error) {
  3751  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3752  	var body io.Reader = nil
  3753  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.lintpolicyrequest)
  3754  	if err != nil {
  3755  		return nil, err
  3756  	}
  3757  	c.urlParams_.Set("alt", alt)
  3758  	c.urlParams_.Set("prettyPrint", "false")
  3759  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:lintPolicy")
  3760  	urls += "?" + c.urlParams_.Encode()
  3761  	req, err := http.NewRequest("POST", urls, body)
  3762  	if err != nil {
  3763  		return nil, err
  3764  	}
  3765  	req.Header = reqHeaders
  3766  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3767  }
  3768  
  3769  // Do executes the "iam.iamPolicies.lintPolicy" call.
  3770  // Any non-2xx status code is an error. Response headers are in either
  3771  // *LintPolicyResponse.ServerResponse.Header or (if a response was returned at
  3772  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  3773  // check whether the returned error was because http.StatusNotModified was
  3774  // returned.
  3775  func (c *IamPoliciesLintPolicyCall) Do(opts ...googleapi.CallOption) (*LintPolicyResponse, error) {
  3776  	gensupport.SetOptions(c.urlParams_, opts...)
  3777  	res, err := c.doRequest("json")
  3778  	if res != nil && res.StatusCode == http.StatusNotModified {
  3779  		if res.Body != nil {
  3780  			res.Body.Close()
  3781  		}
  3782  		return nil, gensupport.WrapError(&googleapi.Error{
  3783  			Code:   res.StatusCode,
  3784  			Header: res.Header,
  3785  		})
  3786  	}
  3787  	if err != nil {
  3788  		return nil, err
  3789  	}
  3790  	defer googleapi.CloseBody(res)
  3791  	if err := googleapi.CheckResponse(res); err != nil {
  3792  		return nil, gensupport.WrapError(err)
  3793  	}
  3794  	ret := &LintPolicyResponse{
  3795  		ServerResponse: googleapi.ServerResponse{
  3796  			Header:         res.Header,
  3797  			HTTPStatusCode: res.StatusCode,
  3798  		},
  3799  	}
  3800  	target := &ret
  3801  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3802  		return nil, err
  3803  	}
  3804  	return ret, nil
  3805  }
  3806  
  3807  type IamPoliciesQueryAuditableServicesCall struct {
  3808  	s                             *Service
  3809  	queryauditableservicesrequest *QueryAuditableServicesRequest
  3810  	urlParams_                    gensupport.URLParams
  3811  	ctx_                          context.Context
  3812  	header_                       http.Header
  3813  }
  3814  
  3815  // QueryAuditableServices: Returns a list of services that allow you to opt
  3816  // into audit logs that are not generated by default. To learn more about audit
  3817  // logs, see the Logging documentation
  3818  // (https://cloud.google.com/logging/docs/audit).
  3819  func (r *IamPoliciesService) QueryAuditableServices(queryauditableservicesrequest *QueryAuditableServicesRequest) *IamPoliciesQueryAuditableServicesCall {
  3820  	c := &IamPoliciesQueryAuditableServicesCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3821  	c.queryauditableservicesrequest = queryauditableservicesrequest
  3822  	return c
  3823  }
  3824  
  3825  // Fields allows partial responses to be retrieved. See
  3826  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3827  // details.
  3828  func (c *IamPoliciesQueryAuditableServicesCall) Fields(s ...googleapi.Field) *IamPoliciesQueryAuditableServicesCall {
  3829  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3830  	return c
  3831  }
  3832  
  3833  // Context sets the context to be used in this call's Do method.
  3834  func (c *IamPoliciesQueryAuditableServicesCall) Context(ctx context.Context) *IamPoliciesQueryAuditableServicesCall {
  3835  	c.ctx_ = ctx
  3836  	return c
  3837  }
  3838  
  3839  // Header returns a http.Header that can be modified by the caller to add
  3840  // headers to the request.
  3841  func (c *IamPoliciesQueryAuditableServicesCall) Header() http.Header {
  3842  	if c.header_ == nil {
  3843  		c.header_ = make(http.Header)
  3844  	}
  3845  	return c.header_
  3846  }
  3847  
  3848  func (c *IamPoliciesQueryAuditableServicesCall) doRequest(alt string) (*http.Response, error) {
  3849  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3850  	var body io.Reader = nil
  3851  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.queryauditableservicesrequest)
  3852  	if err != nil {
  3853  		return nil, err
  3854  	}
  3855  	c.urlParams_.Set("alt", alt)
  3856  	c.urlParams_.Set("prettyPrint", "false")
  3857  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/iamPolicies:queryAuditableServices")
  3858  	urls += "?" + c.urlParams_.Encode()
  3859  	req, err := http.NewRequest("POST", urls, body)
  3860  	if err != nil {
  3861  		return nil, err
  3862  	}
  3863  	req.Header = reqHeaders
  3864  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3865  }
  3866  
  3867  // Do executes the "iam.iamPolicies.queryAuditableServices" call.
  3868  // Any non-2xx status code is an error. Response headers are in either
  3869  // *QueryAuditableServicesResponse.ServerResponse.Header or (if a response was
  3870  // returned at all) in error.(*googleapi.Error).Header. Use
  3871  // googleapi.IsNotModified to check whether the returned error was because
  3872  // http.StatusNotModified was returned.
  3873  func (c *IamPoliciesQueryAuditableServicesCall) Do(opts ...googleapi.CallOption) (*QueryAuditableServicesResponse, error) {
  3874  	gensupport.SetOptions(c.urlParams_, opts...)
  3875  	res, err := c.doRequest("json")
  3876  	if res != nil && res.StatusCode == http.StatusNotModified {
  3877  		if res.Body != nil {
  3878  			res.Body.Close()
  3879  		}
  3880  		return nil, gensupport.WrapError(&googleapi.Error{
  3881  			Code:   res.StatusCode,
  3882  			Header: res.Header,
  3883  		})
  3884  	}
  3885  	if err != nil {
  3886  		return nil, err
  3887  	}
  3888  	defer googleapi.CloseBody(res)
  3889  	if err := googleapi.CheckResponse(res); err != nil {
  3890  		return nil, gensupport.WrapError(err)
  3891  	}
  3892  	ret := &QueryAuditableServicesResponse{
  3893  		ServerResponse: googleapi.ServerResponse{
  3894  			Header:         res.Header,
  3895  			HTTPStatusCode: res.StatusCode,
  3896  		},
  3897  	}
  3898  	target := &ret
  3899  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3900  		return nil, err
  3901  	}
  3902  	return ret, nil
  3903  }
  3904  
  3905  type LocationsWorkforcePoolsCreateCall struct {
  3906  	s             *Service
  3907  	location      string
  3908  	workforcepool *WorkforcePool
  3909  	urlParams_    gensupport.URLParams
  3910  	ctx_          context.Context
  3911  	header_       http.Header
  3912  }
  3913  
  3914  // Create: Creates a new WorkforcePool. You cannot reuse the name of a deleted
  3915  // pool until 30 days after deletion.
  3916  //
  3917  //   - location: The location of the pool to create. Format:
  3918  //     `locations/{location}`.
  3919  func (r *LocationsWorkforcePoolsService) Create(location string, workforcepool *WorkforcePool) *LocationsWorkforcePoolsCreateCall {
  3920  	c := &LocationsWorkforcePoolsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3921  	c.location = location
  3922  	c.workforcepool = workforcepool
  3923  	return c
  3924  }
  3925  
  3926  // WorkforcePoolId sets the optional parameter "workforcePoolId": The ID to use
  3927  // for the pool, which becomes the final component of the resource name. The
  3928  // IDs must be a globally unique string of 6 to 63 lowercase letters, digits,
  3929  // or hyphens. It must start with a letter, and cannot have a trailing hyphen.
  3930  // The prefix `gcp-` is reserved for use by Google, and may not be specified.
  3931  func (c *LocationsWorkforcePoolsCreateCall) WorkforcePoolId(workforcePoolId string) *LocationsWorkforcePoolsCreateCall {
  3932  	c.urlParams_.Set("workforcePoolId", workforcePoolId)
  3933  	return c
  3934  }
  3935  
  3936  // Fields allows partial responses to be retrieved. See
  3937  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3938  // details.
  3939  func (c *LocationsWorkforcePoolsCreateCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsCreateCall {
  3940  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3941  	return c
  3942  }
  3943  
  3944  // Context sets the context to be used in this call's Do method.
  3945  func (c *LocationsWorkforcePoolsCreateCall) Context(ctx context.Context) *LocationsWorkforcePoolsCreateCall {
  3946  	c.ctx_ = ctx
  3947  	return c
  3948  }
  3949  
  3950  // Header returns a http.Header that can be modified by the caller to add
  3951  // headers to the request.
  3952  func (c *LocationsWorkforcePoolsCreateCall) Header() http.Header {
  3953  	if c.header_ == nil {
  3954  		c.header_ = make(http.Header)
  3955  	}
  3956  	return c.header_
  3957  }
  3958  
  3959  func (c *LocationsWorkforcePoolsCreateCall) doRequest(alt string) (*http.Response, error) {
  3960  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3961  	var body io.Reader = nil
  3962  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workforcepool)
  3963  	if err != nil {
  3964  		return nil, err
  3965  	}
  3966  	c.urlParams_.Set("alt", alt)
  3967  	c.urlParams_.Set("prettyPrint", "false")
  3968  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+location}/workforcePools")
  3969  	urls += "?" + c.urlParams_.Encode()
  3970  	req, err := http.NewRequest("POST", urls, body)
  3971  	if err != nil {
  3972  		return nil, err
  3973  	}
  3974  	req.Header = reqHeaders
  3975  	googleapi.Expand(req.URL, map[string]string{
  3976  		"location": c.location,
  3977  	})
  3978  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3979  }
  3980  
  3981  // Do executes the "iam.locations.workforcePools.create" call.
  3982  // Any non-2xx status code is an error. Response headers are in either
  3983  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3984  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3985  // whether the returned error was because http.StatusNotModified was returned.
  3986  func (c *LocationsWorkforcePoolsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3987  	gensupport.SetOptions(c.urlParams_, opts...)
  3988  	res, err := c.doRequest("json")
  3989  	if res != nil && res.StatusCode == http.StatusNotModified {
  3990  		if res.Body != nil {
  3991  			res.Body.Close()
  3992  		}
  3993  		return nil, gensupport.WrapError(&googleapi.Error{
  3994  			Code:   res.StatusCode,
  3995  			Header: res.Header,
  3996  		})
  3997  	}
  3998  	if err != nil {
  3999  		return nil, err
  4000  	}
  4001  	defer googleapi.CloseBody(res)
  4002  	if err := googleapi.CheckResponse(res); err != nil {
  4003  		return nil, gensupport.WrapError(err)
  4004  	}
  4005  	ret := &Operation{
  4006  		ServerResponse: googleapi.ServerResponse{
  4007  			Header:         res.Header,
  4008  			HTTPStatusCode: res.StatusCode,
  4009  		},
  4010  	}
  4011  	target := &ret
  4012  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4013  		return nil, err
  4014  	}
  4015  	return ret, nil
  4016  }
  4017  
  4018  type LocationsWorkforcePoolsDeleteCall struct {
  4019  	s          *Service
  4020  	name       string
  4021  	urlParams_ gensupport.URLParams
  4022  	ctx_       context.Context
  4023  	header_    http.Header
  4024  }
  4025  
  4026  // Delete: Deletes a WorkforcePool. You cannot use a deleted WorkforcePool to
  4027  // exchange external credentials for Google Cloud credentials. However,
  4028  // deletion does not revoke credentials that have already been issued.
  4029  // Credentials issued for a deleted pool do not grant access to resources. If
  4030  // the pool is undeleted, and the credentials are not expired, they grant
  4031  // access again. You can undelete a pool for 30 days. After 30 days, deletion
  4032  // is permanent. You cannot update deleted pools. However, you can view and
  4033  // list them.
  4034  //
  4035  //   - name: The name of the pool to delete. Format:
  4036  //     `locations/{location}/workforcePools/{workforce_pool_id}`.
  4037  func (r *LocationsWorkforcePoolsService) Delete(name string) *LocationsWorkforcePoolsDeleteCall {
  4038  	c := &LocationsWorkforcePoolsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4039  	c.name = name
  4040  	return c
  4041  }
  4042  
  4043  // Fields allows partial responses to be retrieved. See
  4044  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4045  // details.
  4046  func (c *LocationsWorkforcePoolsDeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsDeleteCall {
  4047  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4048  	return c
  4049  }
  4050  
  4051  // Context sets the context to be used in this call's Do method.
  4052  func (c *LocationsWorkforcePoolsDeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsDeleteCall {
  4053  	c.ctx_ = ctx
  4054  	return c
  4055  }
  4056  
  4057  // Header returns a http.Header that can be modified by the caller to add
  4058  // headers to the request.
  4059  func (c *LocationsWorkforcePoolsDeleteCall) Header() http.Header {
  4060  	if c.header_ == nil {
  4061  		c.header_ = make(http.Header)
  4062  	}
  4063  	return c.header_
  4064  }
  4065  
  4066  func (c *LocationsWorkforcePoolsDeleteCall) doRequest(alt string) (*http.Response, error) {
  4067  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4068  	var body io.Reader = nil
  4069  	c.urlParams_.Set("alt", alt)
  4070  	c.urlParams_.Set("prettyPrint", "false")
  4071  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4072  	urls += "?" + c.urlParams_.Encode()
  4073  	req, err := http.NewRequest("DELETE", urls, body)
  4074  	if err != nil {
  4075  		return nil, err
  4076  	}
  4077  	req.Header = reqHeaders
  4078  	googleapi.Expand(req.URL, map[string]string{
  4079  		"name": c.name,
  4080  	})
  4081  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4082  }
  4083  
  4084  // Do executes the "iam.locations.workforcePools.delete" call.
  4085  // Any non-2xx status code is an error. Response headers are in either
  4086  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4087  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4088  // whether the returned error was because http.StatusNotModified was returned.
  4089  func (c *LocationsWorkforcePoolsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4090  	gensupport.SetOptions(c.urlParams_, opts...)
  4091  	res, err := c.doRequest("json")
  4092  	if res != nil && res.StatusCode == http.StatusNotModified {
  4093  		if res.Body != nil {
  4094  			res.Body.Close()
  4095  		}
  4096  		return nil, gensupport.WrapError(&googleapi.Error{
  4097  			Code:   res.StatusCode,
  4098  			Header: res.Header,
  4099  		})
  4100  	}
  4101  	if err != nil {
  4102  		return nil, err
  4103  	}
  4104  	defer googleapi.CloseBody(res)
  4105  	if err := googleapi.CheckResponse(res); err != nil {
  4106  		return nil, gensupport.WrapError(err)
  4107  	}
  4108  	ret := &Operation{
  4109  		ServerResponse: googleapi.ServerResponse{
  4110  			Header:         res.Header,
  4111  			HTTPStatusCode: res.StatusCode,
  4112  		},
  4113  	}
  4114  	target := &ret
  4115  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4116  		return nil, err
  4117  	}
  4118  	return ret, nil
  4119  }
  4120  
  4121  type LocationsWorkforcePoolsGetCall struct {
  4122  	s            *Service
  4123  	name         string
  4124  	urlParams_   gensupport.URLParams
  4125  	ifNoneMatch_ string
  4126  	ctx_         context.Context
  4127  	header_      http.Header
  4128  }
  4129  
  4130  // Get: Gets an individual WorkforcePool.
  4131  //
  4132  //   - name: The name of the pool to retrieve. Format:
  4133  //     `locations/{location}/workforcePools/{workforce_pool_id}`.
  4134  func (r *LocationsWorkforcePoolsService) Get(name string) *LocationsWorkforcePoolsGetCall {
  4135  	c := &LocationsWorkforcePoolsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4136  	c.name = name
  4137  	return c
  4138  }
  4139  
  4140  // Fields allows partial responses to be retrieved. See
  4141  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4142  // details.
  4143  func (c *LocationsWorkforcePoolsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsGetCall {
  4144  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4145  	return c
  4146  }
  4147  
  4148  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4149  // object's ETag matches the given value. This is useful for getting updates
  4150  // only after the object has changed since the last request.
  4151  func (c *LocationsWorkforcePoolsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsGetCall {
  4152  	c.ifNoneMatch_ = entityTag
  4153  	return c
  4154  }
  4155  
  4156  // Context sets the context to be used in this call's Do method.
  4157  func (c *LocationsWorkforcePoolsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsGetCall {
  4158  	c.ctx_ = ctx
  4159  	return c
  4160  }
  4161  
  4162  // Header returns a http.Header that can be modified by the caller to add
  4163  // headers to the request.
  4164  func (c *LocationsWorkforcePoolsGetCall) Header() http.Header {
  4165  	if c.header_ == nil {
  4166  		c.header_ = make(http.Header)
  4167  	}
  4168  	return c.header_
  4169  }
  4170  
  4171  func (c *LocationsWorkforcePoolsGetCall) doRequest(alt string) (*http.Response, error) {
  4172  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4173  	if c.ifNoneMatch_ != "" {
  4174  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4175  	}
  4176  	var body io.Reader = nil
  4177  	c.urlParams_.Set("alt", alt)
  4178  	c.urlParams_.Set("prettyPrint", "false")
  4179  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4180  	urls += "?" + c.urlParams_.Encode()
  4181  	req, err := http.NewRequest("GET", urls, body)
  4182  	if err != nil {
  4183  		return nil, err
  4184  	}
  4185  	req.Header = reqHeaders
  4186  	googleapi.Expand(req.URL, map[string]string{
  4187  		"name": c.name,
  4188  	})
  4189  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4190  }
  4191  
  4192  // Do executes the "iam.locations.workforcePools.get" call.
  4193  // Any non-2xx status code is an error. Response headers are in either
  4194  // *WorkforcePool.ServerResponse.Header or (if a response was returned at all)
  4195  // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4196  // whether the returned error was because http.StatusNotModified was returned.
  4197  func (c *LocationsWorkforcePoolsGetCall) Do(opts ...googleapi.CallOption) (*WorkforcePool, error) {
  4198  	gensupport.SetOptions(c.urlParams_, opts...)
  4199  	res, err := c.doRequest("json")
  4200  	if res != nil && res.StatusCode == http.StatusNotModified {
  4201  		if res.Body != nil {
  4202  			res.Body.Close()
  4203  		}
  4204  		return nil, gensupport.WrapError(&googleapi.Error{
  4205  			Code:   res.StatusCode,
  4206  			Header: res.Header,
  4207  		})
  4208  	}
  4209  	if err != nil {
  4210  		return nil, err
  4211  	}
  4212  	defer googleapi.CloseBody(res)
  4213  	if err := googleapi.CheckResponse(res); err != nil {
  4214  		return nil, gensupport.WrapError(err)
  4215  	}
  4216  	ret := &WorkforcePool{
  4217  		ServerResponse: googleapi.ServerResponse{
  4218  			Header:         res.Header,
  4219  			HTTPStatusCode: res.StatusCode,
  4220  		},
  4221  	}
  4222  	target := &ret
  4223  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4224  		return nil, err
  4225  	}
  4226  	return ret, nil
  4227  }
  4228  
  4229  type LocationsWorkforcePoolsGetIamPolicyCall struct {
  4230  	s                   *Service
  4231  	resource            string
  4232  	getiampolicyrequest *GetIamPolicyRequest
  4233  	urlParams_          gensupport.URLParams
  4234  	ctx_                context.Context
  4235  	header_             http.Header
  4236  }
  4237  
  4238  // GetIamPolicy: Gets IAM policies on a WorkforcePool.
  4239  //
  4240  //   - resource: REQUIRED: The resource for which the policy is being requested.
  4241  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  4242  //     for the appropriate value for this field.
  4243  func (r *LocationsWorkforcePoolsService) GetIamPolicy(resource string, getiampolicyrequest *GetIamPolicyRequest) *LocationsWorkforcePoolsGetIamPolicyCall {
  4244  	c := &LocationsWorkforcePoolsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4245  	c.resource = resource
  4246  	c.getiampolicyrequest = getiampolicyrequest
  4247  	return c
  4248  }
  4249  
  4250  // Fields allows partial responses to be retrieved. See
  4251  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4252  // details.
  4253  func (c *LocationsWorkforcePoolsGetIamPolicyCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsGetIamPolicyCall {
  4254  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4255  	return c
  4256  }
  4257  
  4258  // Context sets the context to be used in this call's Do method.
  4259  func (c *LocationsWorkforcePoolsGetIamPolicyCall) Context(ctx context.Context) *LocationsWorkforcePoolsGetIamPolicyCall {
  4260  	c.ctx_ = ctx
  4261  	return c
  4262  }
  4263  
  4264  // Header returns a http.Header that can be modified by the caller to add
  4265  // headers to the request.
  4266  func (c *LocationsWorkforcePoolsGetIamPolicyCall) Header() http.Header {
  4267  	if c.header_ == nil {
  4268  		c.header_ = make(http.Header)
  4269  	}
  4270  	return c.header_
  4271  }
  4272  
  4273  func (c *LocationsWorkforcePoolsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  4274  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4275  	var body io.Reader = nil
  4276  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.getiampolicyrequest)
  4277  	if err != nil {
  4278  		return nil, err
  4279  	}
  4280  	c.urlParams_.Set("alt", alt)
  4281  	c.urlParams_.Set("prettyPrint", "false")
  4282  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy")
  4283  	urls += "?" + c.urlParams_.Encode()
  4284  	req, err := http.NewRequest("POST", urls, body)
  4285  	if err != nil {
  4286  		return nil, err
  4287  	}
  4288  	req.Header = reqHeaders
  4289  	googleapi.Expand(req.URL, map[string]string{
  4290  		"resource": c.resource,
  4291  	})
  4292  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4293  }
  4294  
  4295  // Do executes the "iam.locations.workforcePools.getIamPolicy" call.
  4296  // Any non-2xx status code is an error. Response headers are in either
  4297  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  4298  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4299  // whether the returned error was because http.StatusNotModified was returned.
  4300  func (c *LocationsWorkforcePoolsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  4301  	gensupport.SetOptions(c.urlParams_, opts...)
  4302  	res, err := c.doRequest("json")
  4303  	if res != nil && res.StatusCode == http.StatusNotModified {
  4304  		if res.Body != nil {
  4305  			res.Body.Close()
  4306  		}
  4307  		return nil, gensupport.WrapError(&googleapi.Error{
  4308  			Code:   res.StatusCode,
  4309  			Header: res.Header,
  4310  		})
  4311  	}
  4312  	if err != nil {
  4313  		return nil, err
  4314  	}
  4315  	defer googleapi.CloseBody(res)
  4316  	if err := googleapi.CheckResponse(res); err != nil {
  4317  		return nil, gensupport.WrapError(err)
  4318  	}
  4319  	ret := &Policy{
  4320  		ServerResponse: googleapi.ServerResponse{
  4321  			Header:         res.Header,
  4322  			HTTPStatusCode: res.StatusCode,
  4323  		},
  4324  	}
  4325  	target := &ret
  4326  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4327  		return nil, err
  4328  	}
  4329  	return ret, nil
  4330  }
  4331  
  4332  type LocationsWorkforcePoolsListCall struct {
  4333  	s            *Service
  4334  	location     string
  4335  	urlParams_   gensupport.URLParams
  4336  	ifNoneMatch_ string
  4337  	ctx_         context.Context
  4338  	header_      http.Header
  4339  }
  4340  
  4341  // List: Lists all non-deleted WorkforcePools under the specified parent. If
  4342  // `show_deleted` is set to `true`, then deleted pools are also listed.
  4343  //
  4344  // - location: The location of the pool. Format: `locations/{location}`.
  4345  func (r *LocationsWorkforcePoolsService) List(location string) *LocationsWorkforcePoolsListCall {
  4346  	c := &LocationsWorkforcePoolsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4347  	c.location = location
  4348  	return c
  4349  }
  4350  
  4351  // PageSize sets the optional parameter "pageSize": The maximum number of pools
  4352  // to return. If unspecified, at most 50 pools will be returned. The maximum
  4353  // value is 1000; values above 1000 are truncated to 1000.
  4354  func (c *LocationsWorkforcePoolsListCall) PageSize(pageSize int64) *LocationsWorkforcePoolsListCall {
  4355  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  4356  	return c
  4357  }
  4358  
  4359  // PageToken sets the optional parameter "pageToken": A page token, received
  4360  // from a previous `ListWorkforcePools` call. Provide this to retrieve the
  4361  // subsequent page.
  4362  func (c *LocationsWorkforcePoolsListCall) PageToken(pageToken string) *LocationsWorkforcePoolsListCall {
  4363  	c.urlParams_.Set("pageToken", pageToken)
  4364  	return c
  4365  }
  4366  
  4367  // Parent sets the optional parameter "parent": Required. The parent resource
  4368  // to list pools for. Format: `organizations/{org-id}`.
  4369  func (c *LocationsWorkforcePoolsListCall) Parent(parent string) *LocationsWorkforcePoolsListCall {
  4370  	c.urlParams_.Set("parent", parent)
  4371  	return c
  4372  }
  4373  
  4374  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
  4375  // soft-deleted pools.
  4376  func (c *LocationsWorkforcePoolsListCall) ShowDeleted(showDeleted bool) *LocationsWorkforcePoolsListCall {
  4377  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
  4378  	return c
  4379  }
  4380  
  4381  // Fields allows partial responses to be retrieved. See
  4382  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4383  // details.
  4384  func (c *LocationsWorkforcePoolsListCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsListCall {
  4385  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4386  	return c
  4387  }
  4388  
  4389  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4390  // object's ETag matches the given value. This is useful for getting updates
  4391  // only after the object has changed since the last request.
  4392  func (c *LocationsWorkforcePoolsListCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsListCall {
  4393  	c.ifNoneMatch_ = entityTag
  4394  	return c
  4395  }
  4396  
  4397  // Context sets the context to be used in this call's Do method.
  4398  func (c *LocationsWorkforcePoolsListCall) Context(ctx context.Context) *LocationsWorkforcePoolsListCall {
  4399  	c.ctx_ = ctx
  4400  	return c
  4401  }
  4402  
  4403  // Header returns a http.Header that can be modified by the caller to add
  4404  // headers to the request.
  4405  func (c *LocationsWorkforcePoolsListCall) Header() http.Header {
  4406  	if c.header_ == nil {
  4407  		c.header_ = make(http.Header)
  4408  	}
  4409  	return c.header_
  4410  }
  4411  
  4412  func (c *LocationsWorkforcePoolsListCall) doRequest(alt string) (*http.Response, error) {
  4413  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4414  	if c.ifNoneMatch_ != "" {
  4415  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4416  	}
  4417  	var body io.Reader = nil
  4418  	c.urlParams_.Set("alt", alt)
  4419  	c.urlParams_.Set("prettyPrint", "false")
  4420  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+location}/workforcePools")
  4421  	urls += "?" + c.urlParams_.Encode()
  4422  	req, err := http.NewRequest("GET", urls, body)
  4423  	if err != nil {
  4424  		return nil, err
  4425  	}
  4426  	req.Header = reqHeaders
  4427  	googleapi.Expand(req.URL, map[string]string{
  4428  		"location": c.location,
  4429  	})
  4430  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4431  }
  4432  
  4433  // Do executes the "iam.locations.workforcePools.list" call.
  4434  // Any non-2xx status code is an error. Response headers are in either
  4435  // *ListWorkforcePoolsResponse.ServerResponse.Header or (if a response was
  4436  // returned at all) in error.(*googleapi.Error).Header. Use
  4437  // googleapi.IsNotModified to check whether the returned error was because
  4438  // http.StatusNotModified was returned.
  4439  func (c *LocationsWorkforcePoolsListCall) Do(opts ...googleapi.CallOption) (*ListWorkforcePoolsResponse, error) {
  4440  	gensupport.SetOptions(c.urlParams_, opts...)
  4441  	res, err := c.doRequest("json")
  4442  	if res != nil && res.StatusCode == http.StatusNotModified {
  4443  		if res.Body != nil {
  4444  			res.Body.Close()
  4445  		}
  4446  		return nil, gensupport.WrapError(&googleapi.Error{
  4447  			Code:   res.StatusCode,
  4448  			Header: res.Header,
  4449  		})
  4450  	}
  4451  	if err != nil {
  4452  		return nil, err
  4453  	}
  4454  	defer googleapi.CloseBody(res)
  4455  	if err := googleapi.CheckResponse(res); err != nil {
  4456  		return nil, gensupport.WrapError(err)
  4457  	}
  4458  	ret := &ListWorkforcePoolsResponse{
  4459  		ServerResponse: googleapi.ServerResponse{
  4460  			Header:         res.Header,
  4461  			HTTPStatusCode: res.StatusCode,
  4462  		},
  4463  	}
  4464  	target := &ret
  4465  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4466  		return nil, err
  4467  	}
  4468  	return ret, nil
  4469  }
  4470  
  4471  // Pages invokes f for each page of results.
  4472  // A non-nil error returned from f will halt the iteration.
  4473  // The provided context supersedes any context provided to the Context method.
  4474  func (c *LocationsWorkforcePoolsListCall) Pages(ctx context.Context, f func(*ListWorkforcePoolsResponse) error) error {
  4475  	c.ctx_ = ctx
  4476  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  4477  	for {
  4478  		x, err := c.Do()
  4479  		if err != nil {
  4480  			return err
  4481  		}
  4482  		if err := f(x); err != nil {
  4483  			return err
  4484  		}
  4485  		if x.NextPageToken == "" {
  4486  			return nil
  4487  		}
  4488  		c.PageToken(x.NextPageToken)
  4489  	}
  4490  }
  4491  
  4492  type LocationsWorkforcePoolsPatchCall struct {
  4493  	s             *Service
  4494  	name          string
  4495  	workforcepool *WorkforcePool
  4496  	urlParams_    gensupport.URLParams
  4497  	ctx_          context.Context
  4498  	header_       http.Header
  4499  }
  4500  
  4501  // Patch: Updates an existing WorkforcePool.
  4502  //
  4503  //   - name: Output only. The resource name of the pool. Format:
  4504  //     `locations/{location}/workforcePools/{workforce_pool_id}`.
  4505  func (r *LocationsWorkforcePoolsService) Patch(name string, workforcepool *WorkforcePool) *LocationsWorkforcePoolsPatchCall {
  4506  	c := &LocationsWorkforcePoolsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4507  	c.name = name
  4508  	c.workforcepool = workforcepool
  4509  	return c
  4510  }
  4511  
  4512  // UpdateMask sets the optional parameter "updateMask": Required. The list of
  4513  // fields to update.
  4514  func (c *LocationsWorkforcePoolsPatchCall) UpdateMask(updateMask string) *LocationsWorkforcePoolsPatchCall {
  4515  	c.urlParams_.Set("updateMask", updateMask)
  4516  	return c
  4517  }
  4518  
  4519  // Fields allows partial responses to be retrieved. See
  4520  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4521  // details.
  4522  func (c *LocationsWorkforcePoolsPatchCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsPatchCall {
  4523  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4524  	return c
  4525  }
  4526  
  4527  // Context sets the context to be used in this call's Do method.
  4528  func (c *LocationsWorkforcePoolsPatchCall) Context(ctx context.Context) *LocationsWorkforcePoolsPatchCall {
  4529  	c.ctx_ = ctx
  4530  	return c
  4531  }
  4532  
  4533  // Header returns a http.Header that can be modified by the caller to add
  4534  // headers to the request.
  4535  func (c *LocationsWorkforcePoolsPatchCall) Header() http.Header {
  4536  	if c.header_ == nil {
  4537  		c.header_ = make(http.Header)
  4538  	}
  4539  	return c.header_
  4540  }
  4541  
  4542  func (c *LocationsWorkforcePoolsPatchCall) doRequest(alt string) (*http.Response, error) {
  4543  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4544  	var body io.Reader = nil
  4545  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workforcepool)
  4546  	if err != nil {
  4547  		return nil, err
  4548  	}
  4549  	c.urlParams_.Set("alt", alt)
  4550  	c.urlParams_.Set("prettyPrint", "false")
  4551  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4552  	urls += "?" + c.urlParams_.Encode()
  4553  	req, err := http.NewRequest("PATCH", urls, body)
  4554  	if err != nil {
  4555  		return nil, err
  4556  	}
  4557  	req.Header = reqHeaders
  4558  	googleapi.Expand(req.URL, map[string]string{
  4559  		"name": c.name,
  4560  	})
  4561  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4562  }
  4563  
  4564  // Do executes the "iam.locations.workforcePools.patch" call.
  4565  // Any non-2xx status code is an error. Response headers are in either
  4566  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4567  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4568  // whether the returned error was because http.StatusNotModified was returned.
  4569  func (c *LocationsWorkforcePoolsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4570  	gensupport.SetOptions(c.urlParams_, opts...)
  4571  	res, err := c.doRequest("json")
  4572  	if res != nil && res.StatusCode == http.StatusNotModified {
  4573  		if res.Body != nil {
  4574  			res.Body.Close()
  4575  		}
  4576  		return nil, gensupport.WrapError(&googleapi.Error{
  4577  			Code:   res.StatusCode,
  4578  			Header: res.Header,
  4579  		})
  4580  	}
  4581  	if err != nil {
  4582  		return nil, err
  4583  	}
  4584  	defer googleapi.CloseBody(res)
  4585  	if err := googleapi.CheckResponse(res); err != nil {
  4586  		return nil, gensupport.WrapError(err)
  4587  	}
  4588  	ret := &Operation{
  4589  		ServerResponse: googleapi.ServerResponse{
  4590  			Header:         res.Header,
  4591  			HTTPStatusCode: res.StatusCode,
  4592  		},
  4593  	}
  4594  	target := &ret
  4595  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4596  		return nil, err
  4597  	}
  4598  	return ret, nil
  4599  }
  4600  
  4601  type LocationsWorkforcePoolsSetIamPolicyCall struct {
  4602  	s                   *Service
  4603  	resource            string
  4604  	setiampolicyrequest *SetIamPolicyRequest
  4605  	urlParams_          gensupport.URLParams
  4606  	ctx_                context.Context
  4607  	header_             http.Header
  4608  }
  4609  
  4610  // SetIamPolicy: Sets IAM policies on a WorkforcePool.
  4611  //
  4612  //   - resource: REQUIRED: The resource for which the policy is being specified.
  4613  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  4614  //     for the appropriate value for this field.
  4615  func (r *LocationsWorkforcePoolsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *LocationsWorkforcePoolsSetIamPolicyCall {
  4616  	c := &LocationsWorkforcePoolsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4617  	c.resource = resource
  4618  	c.setiampolicyrequest = setiampolicyrequest
  4619  	return c
  4620  }
  4621  
  4622  // Fields allows partial responses to be retrieved. See
  4623  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4624  // details.
  4625  func (c *LocationsWorkforcePoolsSetIamPolicyCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsSetIamPolicyCall {
  4626  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4627  	return c
  4628  }
  4629  
  4630  // Context sets the context to be used in this call's Do method.
  4631  func (c *LocationsWorkforcePoolsSetIamPolicyCall) Context(ctx context.Context) *LocationsWorkforcePoolsSetIamPolicyCall {
  4632  	c.ctx_ = ctx
  4633  	return c
  4634  }
  4635  
  4636  // Header returns a http.Header that can be modified by the caller to add
  4637  // headers to the request.
  4638  func (c *LocationsWorkforcePoolsSetIamPolicyCall) Header() http.Header {
  4639  	if c.header_ == nil {
  4640  		c.header_ = make(http.Header)
  4641  	}
  4642  	return c.header_
  4643  }
  4644  
  4645  func (c *LocationsWorkforcePoolsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  4646  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4647  	var body io.Reader = nil
  4648  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
  4649  	if err != nil {
  4650  		return nil, err
  4651  	}
  4652  	c.urlParams_.Set("alt", alt)
  4653  	c.urlParams_.Set("prettyPrint", "false")
  4654  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy")
  4655  	urls += "?" + c.urlParams_.Encode()
  4656  	req, err := http.NewRequest("POST", urls, body)
  4657  	if err != nil {
  4658  		return nil, err
  4659  	}
  4660  	req.Header = reqHeaders
  4661  	googleapi.Expand(req.URL, map[string]string{
  4662  		"resource": c.resource,
  4663  	})
  4664  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4665  }
  4666  
  4667  // Do executes the "iam.locations.workforcePools.setIamPolicy" call.
  4668  // Any non-2xx status code is an error. Response headers are in either
  4669  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  4670  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4671  // whether the returned error was because http.StatusNotModified was returned.
  4672  func (c *LocationsWorkforcePoolsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  4673  	gensupport.SetOptions(c.urlParams_, opts...)
  4674  	res, err := c.doRequest("json")
  4675  	if res != nil && res.StatusCode == http.StatusNotModified {
  4676  		if res.Body != nil {
  4677  			res.Body.Close()
  4678  		}
  4679  		return nil, gensupport.WrapError(&googleapi.Error{
  4680  			Code:   res.StatusCode,
  4681  			Header: res.Header,
  4682  		})
  4683  	}
  4684  	if err != nil {
  4685  		return nil, err
  4686  	}
  4687  	defer googleapi.CloseBody(res)
  4688  	if err := googleapi.CheckResponse(res); err != nil {
  4689  		return nil, gensupport.WrapError(err)
  4690  	}
  4691  	ret := &Policy{
  4692  		ServerResponse: googleapi.ServerResponse{
  4693  			Header:         res.Header,
  4694  			HTTPStatusCode: res.StatusCode,
  4695  		},
  4696  	}
  4697  	target := &ret
  4698  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4699  		return nil, err
  4700  	}
  4701  	return ret, nil
  4702  }
  4703  
  4704  type LocationsWorkforcePoolsTestIamPermissionsCall struct {
  4705  	s                         *Service
  4706  	resource                  string
  4707  	testiampermissionsrequest *TestIamPermissionsRequest
  4708  	urlParams_                gensupport.URLParams
  4709  	ctx_                      context.Context
  4710  	header_                   http.Header
  4711  }
  4712  
  4713  // TestIamPermissions: Returns the caller's permissions on the WorkforcePool.
  4714  // If the pool doesn't exist, this call returns an empty set of permissions. It
  4715  // doesn't return a `NOT_FOUND` error.
  4716  //
  4717  //   - resource: REQUIRED: The resource for which the policy detail is being
  4718  //     requested. See Resource names
  4719  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  4720  //     value for this field.
  4721  func (r *LocationsWorkforcePoolsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *LocationsWorkforcePoolsTestIamPermissionsCall {
  4722  	c := &LocationsWorkforcePoolsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4723  	c.resource = resource
  4724  	c.testiampermissionsrequest = testiampermissionsrequest
  4725  	return c
  4726  }
  4727  
  4728  // Fields allows partial responses to be retrieved. See
  4729  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4730  // details.
  4731  func (c *LocationsWorkforcePoolsTestIamPermissionsCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsTestIamPermissionsCall {
  4732  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4733  	return c
  4734  }
  4735  
  4736  // Context sets the context to be used in this call's Do method.
  4737  func (c *LocationsWorkforcePoolsTestIamPermissionsCall) Context(ctx context.Context) *LocationsWorkforcePoolsTestIamPermissionsCall {
  4738  	c.ctx_ = ctx
  4739  	return c
  4740  }
  4741  
  4742  // Header returns a http.Header that can be modified by the caller to add
  4743  // headers to the request.
  4744  func (c *LocationsWorkforcePoolsTestIamPermissionsCall) Header() http.Header {
  4745  	if c.header_ == nil {
  4746  		c.header_ = make(http.Header)
  4747  	}
  4748  	return c.header_
  4749  }
  4750  
  4751  func (c *LocationsWorkforcePoolsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  4752  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4753  	var body io.Reader = nil
  4754  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  4755  	if err != nil {
  4756  		return nil, err
  4757  	}
  4758  	c.urlParams_.Set("alt", alt)
  4759  	c.urlParams_.Set("prettyPrint", "false")
  4760  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  4761  	urls += "?" + c.urlParams_.Encode()
  4762  	req, err := http.NewRequest("POST", urls, body)
  4763  	if err != nil {
  4764  		return nil, err
  4765  	}
  4766  	req.Header = reqHeaders
  4767  	googleapi.Expand(req.URL, map[string]string{
  4768  		"resource": c.resource,
  4769  	})
  4770  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4771  }
  4772  
  4773  // Do executes the "iam.locations.workforcePools.testIamPermissions" call.
  4774  // Any non-2xx status code is an error. Response headers are in either
  4775  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  4776  // returned at all) in error.(*googleapi.Error).Header. Use
  4777  // googleapi.IsNotModified to check whether the returned error was because
  4778  // http.StatusNotModified was returned.
  4779  func (c *LocationsWorkforcePoolsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  4780  	gensupport.SetOptions(c.urlParams_, opts...)
  4781  	res, err := c.doRequest("json")
  4782  	if res != nil && res.StatusCode == http.StatusNotModified {
  4783  		if res.Body != nil {
  4784  			res.Body.Close()
  4785  		}
  4786  		return nil, gensupport.WrapError(&googleapi.Error{
  4787  			Code:   res.StatusCode,
  4788  			Header: res.Header,
  4789  		})
  4790  	}
  4791  	if err != nil {
  4792  		return nil, err
  4793  	}
  4794  	defer googleapi.CloseBody(res)
  4795  	if err := googleapi.CheckResponse(res); err != nil {
  4796  		return nil, gensupport.WrapError(err)
  4797  	}
  4798  	ret := &TestIamPermissionsResponse{
  4799  		ServerResponse: googleapi.ServerResponse{
  4800  			Header:         res.Header,
  4801  			HTTPStatusCode: res.StatusCode,
  4802  		},
  4803  	}
  4804  	target := &ret
  4805  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4806  		return nil, err
  4807  	}
  4808  	return ret, nil
  4809  }
  4810  
  4811  type LocationsWorkforcePoolsUndeleteCall struct {
  4812  	s                            *Service
  4813  	name                         string
  4814  	undeleteworkforcepoolrequest *UndeleteWorkforcePoolRequest
  4815  	urlParams_                   gensupport.URLParams
  4816  	ctx_                         context.Context
  4817  	header_                      http.Header
  4818  }
  4819  
  4820  // Undelete: Undeletes a WorkforcePool, as long as it was deleted fewer than 30
  4821  // days ago.
  4822  //
  4823  //   - name: The name of the pool to undelete. Format:
  4824  //     `locations/{location}/workforcePools/{workforce_pool_id}`.
  4825  func (r *LocationsWorkforcePoolsService) Undelete(name string, undeleteworkforcepoolrequest *UndeleteWorkforcePoolRequest) *LocationsWorkforcePoolsUndeleteCall {
  4826  	c := &LocationsWorkforcePoolsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4827  	c.name = name
  4828  	c.undeleteworkforcepoolrequest = undeleteworkforcepoolrequest
  4829  	return c
  4830  }
  4831  
  4832  // Fields allows partial responses to be retrieved. See
  4833  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4834  // details.
  4835  func (c *LocationsWorkforcePoolsUndeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsUndeleteCall {
  4836  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4837  	return c
  4838  }
  4839  
  4840  // Context sets the context to be used in this call's Do method.
  4841  func (c *LocationsWorkforcePoolsUndeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsUndeleteCall {
  4842  	c.ctx_ = ctx
  4843  	return c
  4844  }
  4845  
  4846  // Header returns a http.Header that can be modified by the caller to add
  4847  // headers to the request.
  4848  func (c *LocationsWorkforcePoolsUndeleteCall) Header() http.Header {
  4849  	if c.header_ == nil {
  4850  		c.header_ = make(http.Header)
  4851  	}
  4852  	return c.header_
  4853  }
  4854  
  4855  func (c *LocationsWorkforcePoolsUndeleteCall) doRequest(alt string) (*http.Response, error) {
  4856  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4857  	var body io.Reader = nil
  4858  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkforcepoolrequest)
  4859  	if err != nil {
  4860  		return nil, err
  4861  	}
  4862  	c.urlParams_.Set("alt", alt)
  4863  	c.urlParams_.Set("prettyPrint", "false")
  4864  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  4865  	urls += "?" + c.urlParams_.Encode()
  4866  	req, err := http.NewRequest("POST", urls, body)
  4867  	if err != nil {
  4868  		return nil, err
  4869  	}
  4870  	req.Header = reqHeaders
  4871  	googleapi.Expand(req.URL, map[string]string{
  4872  		"name": c.name,
  4873  	})
  4874  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4875  }
  4876  
  4877  // Do executes the "iam.locations.workforcePools.undelete" call.
  4878  // Any non-2xx status code is an error. Response headers are in either
  4879  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4880  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4881  // whether the returned error was because http.StatusNotModified was returned.
  4882  func (c *LocationsWorkforcePoolsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4883  	gensupport.SetOptions(c.urlParams_, opts...)
  4884  	res, err := c.doRequest("json")
  4885  	if res != nil && res.StatusCode == http.StatusNotModified {
  4886  		if res.Body != nil {
  4887  			res.Body.Close()
  4888  		}
  4889  		return nil, gensupport.WrapError(&googleapi.Error{
  4890  			Code:   res.StatusCode,
  4891  			Header: res.Header,
  4892  		})
  4893  	}
  4894  	if err != nil {
  4895  		return nil, err
  4896  	}
  4897  	defer googleapi.CloseBody(res)
  4898  	if err := googleapi.CheckResponse(res); err != nil {
  4899  		return nil, gensupport.WrapError(err)
  4900  	}
  4901  	ret := &Operation{
  4902  		ServerResponse: googleapi.ServerResponse{
  4903  			Header:         res.Header,
  4904  			HTTPStatusCode: res.StatusCode,
  4905  		},
  4906  	}
  4907  	target := &ret
  4908  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4909  		return nil, err
  4910  	}
  4911  	return ret, nil
  4912  }
  4913  
  4914  type LocationsWorkforcePoolsOperationsGetCall struct {
  4915  	s            *Service
  4916  	name         string
  4917  	urlParams_   gensupport.URLParams
  4918  	ifNoneMatch_ string
  4919  	ctx_         context.Context
  4920  	header_      http.Header
  4921  }
  4922  
  4923  // Get: Gets the latest state of a long-running operation. Clients can use this
  4924  // method to poll the operation result at intervals as recommended by the API
  4925  // service.
  4926  //
  4927  // - name: The name of the operation resource.
  4928  func (r *LocationsWorkforcePoolsOperationsService) Get(name string) *LocationsWorkforcePoolsOperationsGetCall {
  4929  	c := &LocationsWorkforcePoolsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4930  	c.name = name
  4931  	return c
  4932  }
  4933  
  4934  // Fields allows partial responses to be retrieved. See
  4935  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4936  // details.
  4937  func (c *LocationsWorkforcePoolsOperationsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsOperationsGetCall {
  4938  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4939  	return c
  4940  }
  4941  
  4942  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4943  // object's ETag matches the given value. This is useful for getting updates
  4944  // only after the object has changed since the last request.
  4945  func (c *LocationsWorkforcePoolsOperationsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsOperationsGetCall {
  4946  	c.ifNoneMatch_ = entityTag
  4947  	return c
  4948  }
  4949  
  4950  // Context sets the context to be used in this call's Do method.
  4951  func (c *LocationsWorkforcePoolsOperationsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsOperationsGetCall {
  4952  	c.ctx_ = ctx
  4953  	return c
  4954  }
  4955  
  4956  // Header returns a http.Header that can be modified by the caller to add
  4957  // headers to the request.
  4958  func (c *LocationsWorkforcePoolsOperationsGetCall) Header() http.Header {
  4959  	if c.header_ == nil {
  4960  		c.header_ = make(http.Header)
  4961  	}
  4962  	return c.header_
  4963  }
  4964  
  4965  func (c *LocationsWorkforcePoolsOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  4966  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4967  	if c.ifNoneMatch_ != "" {
  4968  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4969  	}
  4970  	var body io.Reader = nil
  4971  	c.urlParams_.Set("alt", alt)
  4972  	c.urlParams_.Set("prettyPrint", "false")
  4973  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4974  	urls += "?" + c.urlParams_.Encode()
  4975  	req, err := http.NewRequest("GET", urls, body)
  4976  	if err != nil {
  4977  		return nil, err
  4978  	}
  4979  	req.Header = reqHeaders
  4980  	googleapi.Expand(req.URL, map[string]string{
  4981  		"name": c.name,
  4982  	})
  4983  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4984  }
  4985  
  4986  // Do executes the "iam.locations.workforcePools.operations.get" call.
  4987  // Any non-2xx status code is an error. Response headers are in either
  4988  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4989  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4990  // whether the returned error was because http.StatusNotModified was returned.
  4991  func (c *LocationsWorkforcePoolsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4992  	gensupport.SetOptions(c.urlParams_, opts...)
  4993  	res, err := c.doRequest("json")
  4994  	if res != nil && res.StatusCode == http.StatusNotModified {
  4995  		if res.Body != nil {
  4996  			res.Body.Close()
  4997  		}
  4998  		return nil, gensupport.WrapError(&googleapi.Error{
  4999  			Code:   res.StatusCode,
  5000  			Header: res.Header,
  5001  		})
  5002  	}
  5003  	if err != nil {
  5004  		return nil, err
  5005  	}
  5006  	defer googleapi.CloseBody(res)
  5007  	if err := googleapi.CheckResponse(res); err != nil {
  5008  		return nil, gensupport.WrapError(err)
  5009  	}
  5010  	ret := &Operation{
  5011  		ServerResponse: googleapi.ServerResponse{
  5012  			Header:         res.Header,
  5013  			HTTPStatusCode: res.StatusCode,
  5014  		},
  5015  	}
  5016  	target := &ret
  5017  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5018  		return nil, err
  5019  	}
  5020  	return ret, nil
  5021  }
  5022  
  5023  type LocationsWorkforcePoolsProvidersCreateCall struct {
  5024  	s                     *Service
  5025  	parent                string
  5026  	workforcepoolprovider *WorkforcePoolProvider
  5027  	urlParams_            gensupport.URLParams
  5028  	ctx_                  context.Context
  5029  	header_               http.Header
  5030  }
  5031  
  5032  // Create: Creates a new WorkforcePoolProvider in a WorkforcePool. You cannot
  5033  // reuse the name of a deleted provider until 30 days after deletion.
  5034  //
  5035  //   - parent: The pool to create this provider in. Format:
  5036  //     `locations/{location}/workforcePools/{workforce_pool_id}`.
  5037  func (r *LocationsWorkforcePoolsProvidersService) Create(parent string, workforcepoolprovider *WorkforcePoolProvider) *LocationsWorkforcePoolsProvidersCreateCall {
  5038  	c := &LocationsWorkforcePoolsProvidersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5039  	c.parent = parent
  5040  	c.workforcepoolprovider = workforcepoolprovider
  5041  	return c
  5042  }
  5043  
  5044  // WorkforcePoolProviderId sets the optional parameter
  5045  // "workforcePoolProviderId": Required. The ID for the provider, which becomes
  5046  // the final component of the resource name. This value must be 4-32
  5047  // characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is
  5048  // reserved for use by Google, and may not be specified.
  5049  func (c *LocationsWorkforcePoolsProvidersCreateCall) WorkforcePoolProviderId(workforcePoolProviderId string) *LocationsWorkforcePoolsProvidersCreateCall {
  5050  	c.urlParams_.Set("workforcePoolProviderId", workforcePoolProviderId)
  5051  	return c
  5052  }
  5053  
  5054  // Fields allows partial responses to be retrieved. See
  5055  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5056  // details.
  5057  func (c *LocationsWorkforcePoolsProvidersCreateCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersCreateCall {
  5058  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5059  	return c
  5060  }
  5061  
  5062  // Context sets the context to be used in this call's Do method.
  5063  func (c *LocationsWorkforcePoolsProvidersCreateCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersCreateCall {
  5064  	c.ctx_ = ctx
  5065  	return c
  5066  }
  5067  
  5068  // Header returns a http.Header that can be modified by the caller to add
  5069  // headers to the request.
  5070  func (c *LocationsWorkforcePoolsProvidersCreateCall) Header() http.Header {
  5071  	if c.header_ == nil {
  5072  		c.header_ = make(http.Header)
  5073  	}
  5074  	return c.header_
  5075  }
  5076  
  5077  func (c *LocationsWorkforcePoolsProvidersCreateCall) doRequest(alt string) (*http.Response, error) {
  5078  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5079  	var body io.Reader = nil
  5080  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workforcepoolprovider)
  5081  	if err != nil {
  5082  		return nil, err
  5083  	}
  5084  	c.urlParams_.Set("alt", alt)
  5085  	c.urlParams_.Set("prettyPrint", "false")
  5086  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers")
  5087  	urls += "?" + c.urlParams_.Encode()
  5088  	req, err := http.NewRequest("POST", urls, body)
  5089  	if err != nil {
  5090  		return nil, err
  5091  	}
  5092  	req.Header = reqHeaders
  5093  	googleapi.Expand(req.URL, map[string]string{
  5094  		"parent": c.parent,
  5095  	})
  5096  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5097  }
  5098  
  5099  // Do executes the "iam.locations.workforcePools.providers.create" call.
  5100  // Any non-2xx status code is an error. Response headers are in either
  5101  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5102  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5103  // whether the returned error was because http.StatusNotModified was returned.
  5104  func (c *LocationsWorkforcePoolsProvidersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5105  	gensupport.SetOptions(c.urlParams_, opts...)
  5106  	res, err := c.doRequest("json")
  5107  	if res != nil && res.StatusCode == http.StatusNotModified {
  5108  		if res.Body != nil {
  5109  			res.Body.Close()
  5110  		}
  5111  		return nil, gensupport.WrapError(&googleapi.Error{
  5112  			Code:   res.StatusCode,
  5113  			Header: res.Header,
  5114  		})
  5115  	}
  5116  	if err != nil {
  5117  		return nil, err
  5118  	}
  5119  	defer googleapi.CloseBody(res)
  5120  	if err := googleapi.CheckResponse(res); err != nil {
  5121  		return nil, gensupport.WrapError(err)
  5122  	}
  5123  	ret := &Operation{
  5124  		ServerResponse: googleapi.ServerResponse{
  5125  			Header:         res.Header,
  5126  			HTTPStatusCode: res.StatusCode,
  5127  		},
  5128  	}
  5129  	target := &ret
  5130  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5131  		return nil, err
  5132  	}
  5133  	return ret, nil
  5134  }
  5135  
  5136  type LocationsWorkforcePoolsProvidersDeleteCall struct {
  5137  	s          *Service
  5138  	name       string
  5139  	urlParams_ gensupport.URLParams
  5140  	ctx_       context.Context
  5141  	header_    http.Header
  5142  }
  5143  
  5144  // Delete: Deletes a WorkforcePoolProvider. Deleting a provider does not revoke
  5145  // credentials that have already been issued; they continue to grant access.
  5146  // You can undelete a provider for 30 days. After 30 days, deletion is
  5147  // permanent. You cannot update deleted providers. However, you can view and
  5148  // list them.
  5149  //
  5150  //   - name: The name of the provider to delete. Format:
  5151  //     `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provide
  5152  //     r_id}`.
  5153  func (r *LocationsWorkforcePoolsProvidersService) Delete(name string) *LocationsWorkforcePoolsProvidersDeleteCall {
  5154  	c := &LocationsWorkforcePoolsProvidersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5155  	c.name = name
  5156  	return c
  5157  }
  5158  
  5159  // Fields allows partial responses to be retrieved. See
  5160  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5161  // details.
  5162  func (c *LocationsWorkforcePoolsProvidersDeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersDeleteCall {
  5163  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5164  	return c
  5165  }
  5166  
  5167  // Context sets the context to be used in this call's Do method.
  5168  func (c *LocationsWorkforcePoolsProvidersDeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersDeleteCall {
  5169  	c.ctx_ = ctx
  5170  	return c
  5171  }
  5172  
  5173  // Header returns a http.Header that can be modified by the caller to add
  5174  // headers to the request.
  5175  func (c *LocationsWorkforcePoolsProvidersDeleteCall) Header() http.Header {
  5176  	if c.header_ == nil {
  5177  		c.header_ = make(http.Header)
  5178  	}
  5179  	return c.header_
  5180  }
  5181  
  5182  func (c *LocationsWorkforcePoolsProvidersDeleteCall) doRequest(alt string) (*http.Response, error) {
  5183  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5184  	var body io.Reader = nil
  5185  	c.urlParams_.Set("alt", alt)
  5186  	c.urlParams_.Set("prettyPrint", "false")
  5187  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5188  	urls += "?" + c.urlParams_.Encode()
  5189  	req, err := http.NewRequest("DELETE", urls, body)
  5190  	if err != nil {
  5191  		return nil, err
  5192  	}
  5193  	req.Header = reqHeaders
  5194  	googleapi.Expand(req.URL, map[string]string{
  5195  		"name": c.name,
  5196  	})
  5197  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5198  }
  5199  
  5200  // Do executes the "iam.locations.workforcePools.providers.delete" call.
  5201  // Any non-2xx status code is an error. Response headers are in either
  5202  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5203  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5204  // whether the returned error was because http.StatusNotModified was returned.
  5205  func (c *LocationsWorkforcePoolsProvidersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5206  	gensupport.SetOptions(c.urlParams_, opts...)
  5207  	res, err := c.doRequest("json")
  5208  	if res != nil && res.StatusCode == http.StatusNotModified {
  5209  		if res.Body != nil {
  5210  			res.Body.Close()
  5211  		}
  5212  		return nil, gensupport.WrapError(&googleapi.Error{
  5213  			Code:   res.StatusCode,
  5214  			Header: res.Header,
  5215  		})
  5216  	}
  5217  	if err != nil {
  5218  		return nil, err
  5219  	}
  5220  	defer googleapi.CloseBody(res)
  5221  	if err := googleapi.CheckResponse(res); err != nil {
  5222  		return nil, gensupport.WrapError(err)
  5223  	}
  5224  	ret := &Operation{
  5225  		ServerResponse: googleapi.ServerResponse{
  5226  			Header:         res.Header,
  5227  			HTTPStatusCode: res.StatusCode,
  5228  		},
  5229  	}
  5230  	target := &ret
  5231  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5232  		return nil, err
  5233  	}
  5234  	return ret, nil
  5235  }
  5236  
  5237  type LocationsWorkforcePoolsProvidersGetCall struct {
  5238  	s            *Service
  5239  	name         string
  5240  	urlParams_   gensupport.URLParams
  5241  	ifNoneMatch_ string
  5242  	ctx_         context.Context
  5243  	header_      http.Header
  5244  }
  5245  
  5246  // Get: Gets an individual WorkforcePoolProvider.
  5247  //
  5248  //   - name: The name of the provider to retrieve. Format:
  5249  //     `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provide
  5250  //     r_id}`.
  5251  func (r *LocationsWorkforcePoolsProvidersService) Get(name string) *LocationsWorkforcePoolsProvidersGetCall {
  5252  	c := &LocationsWorkforcePoolsProvidersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5253  	c.name = name
  5254  	return c
  5255  }
  5256  
  5257  // Fields allows partial responses to be retrieved. See
  5258  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5259  // details.
  5260  func (c *LocationsWorkforcePoolsProvidersGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersGetCall {
  5261  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5262  	return c
  5263  }
  5264  
  5265  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5266  // object's ETag matches the given value. This is useful for getting updates
  5267  // only after the object has changed since the last request.
  5268  func (c *LocationsWorkforcePoolsProvidersGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersGetCall {
  5269  	c.ifNoneMatch_ = entityTag
  5270  	return c
  5271  }
  5272  
  5273  // Context sets the context to be used in this call's Do method.
  5274  func (c *LocationsWorkforcePoolsProvidersGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersGetCall {
  5275  	c.ctx_ = ctx
  5276  	return c
  5277  }
  5278  
  5279  // Header returns a http.Header that can be modified by the caller to add
  5280  // headers to the request.
  5281  func (c *LocationsWorkforcePoolsProvidersGetCall) Header() http.Header {
  5282  	if c.header_ == nil {
  5283  		c.header_ = make(http.Header)
  5284  	}
  5285  	return c.header_
  5286  }
  5287  
  5288  func (c *LocationsWorkforcePoolsProvidersGetCall) doRequest(alt string) (*http.Response, error) {
  5289  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5290  	if c.ifNoneMatch_ != "" {
  5291  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5292  	}
  5293  	var body io.Reader = nil
  5294  	c.urlParams_.Set("alt", alt)
  5295  	c.urlParams_.Set("prettyPrint", "false")
  5296  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5297  	urls += "?" + c.urlParams_.Encode()
  5298  	req, err := http.NewRequest("GET", urls, body)
  5299  	if err != nil {
  5300  		return nil, err
  5301  	}
  5302  	req.Header = reqHeaders
  5303  	googleapi.Expand(req.URL, map[string]string{
  5304  		"name": c.name,
  5305  	})
  5306  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5307  }
  5308  
  5309  // Do executes the "iam.locations.workforcePools.providers.get" call.
  5310  // Any non-2xx status code is an error. Response headers are in either
  5311  // *WorkforcePoolProvider.ServerResponse.Header or (if a response was returned
  5312  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  5313  // check whether the returned error was because http.StatusNotModified was
  5314  // returned.
  5315  func (c *LocationsWorkforcePoolsProvidersGetCall) Do(opts ...googleapi.CallOption) (*WorkforcePoolProvider, error) {
  5316  	gensupport.SetOptions(c.urlParams_, opts...)
  5317  	res, err := c.doRequest("json")
  5318  	if res != nil && res.StatusCode == http.StatusNotModified {
  5319  		if res.Body != nil {
  5320  			res.Body.Close()
  5321  		}
  5322  		return nil, gensupport.WrapError(&googleapi.Error{
  5323  			Code:   res.StatusCode,
  5324  			Header: res.Header,
  5325  		})
  5326  	}
  5327  	if err != nil {
  5328  		return nil, err
  5329  	}
  5330  	defer googleapi.CloseBody(res)
  5331  	if err := googleapi.CheckResponse(res); err != nil {
  5332  		return nil, gensupport.WrapError(err)
  5333  	}
  5334  	ret := &WorkforcePoolProvider{
  5335  		ServerResponse: googleapi.ServerResponse{
  5336  			Header:         res.Header,
  5337  			HTTPStatusCode: res.StatusCode,
  5338  		},
  5339  	}
  5340  	target := &ret
  5341  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5342  		return nil, err
  5343  	}
  5344  	return ret, nil
  5345  }
  5346  
  5347  type LocationsWorkforcePoolsProvidersListCall struct {
  5348  	s            *Service
  5349  	parent       string
  5350  	urlParams_   gensupport.URLParams
  5351  	ifNoneMatch_ string
  5352  	ctx_         context.Context
  5353  	header_      http.Header
  5354  }
  5355  
  5356  // List: Lists all non-deleted WorkforcePoolProviders in a WorkforcePool. If
  5357  // `show_deleted` is set to `true`, then deleted providers are also listed.
  5358  //
  5359  //   - parent: The pool to list providers for. Format:
  5360  //     `locations/{location}/workforcePools/{workforce_pool_id}`.
  5361  func (r *LocationsWorkforcePoolsProvidersService) List(parent string) *LocationsWorkforcePoolsProvidersListCall {
  5362  	c := &LocationsWorkforcePoolsProvidersListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5363  	c.parent = parent
  5364  	return c
  5365  }
  5366  
  5367  // PageSize sets the optional parameter "pageSize": The maximum number of
  5368  // providers to return. If unspecified, at most 50 providers are returned. The
  5369  // maximum value is 100; values above 100 are truncated to 100.
  5370  func (c *LocationsWorkforcePoolsProvidersListCall) PageSize(pageSize int64) *LocationsWorkforcePoolsProvidersListCall {
  5371  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  5372  	return c
  5373  }
  5374  
  5375  // PageToken sets the optional parameter "pageToken": A page token, received
  5376  // from a previous `ListWorkforcePoolProviders` call. Provide this to retrieve
  5377  // the subsequent page.
  5378  func (c *LocationsWorkforcePoolsProvidersListCall) PageToken(pageToken string) *LocationsWorkforcePoolsProvidersListCall {
  5379  	c.urlParams_.Set("pageToken", pageToken)
  5380  	return c
  5381  }
  5382  
  5383  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
  5384  // soft-deleted providers.
  5385  func (c *LocationsWorkforcePoolsProvidersListCall) ShowDeleted(showDeleted bool) *LocationsWorkforcePoolsProvidersListCall {
  5386  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
  5387  	return c
  5388  }
  5389  
  5390  // Fields allows partial responses to be retrieved. See
  5391  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5392  // details.
  5393  func (c *LocationsWorkforcePoolsProvidersListCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersListCall {
  5394  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5395  	return c
  5396  }
  5397  
  5398  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5399  // object's ETag matches the given value. This is useful for getting updates
  5400  // only after the object has changed since the last request.
  5401  func (c *LocationsWorkforcePoolsProvidersListCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersListCall {
  5402  	c.ifNoneMatch_ = entityTag
  5403  	return c
  5404  }
  5405  
  5406  // Context sets the context to be used in this call's Do method.
  5407  func (c *LocationsWorkforcePoolsProvidersListCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersListCall {
  5408  	c.ctx_ = ctx
  5409  	return c
  5410  }
  5411  
  5412  // Header returns a http.Header that can be modified by the caller to add
  5413  // headers to the request.
  5414  func (c *LocationsWorkforcePoolsProvidersListCall) Header() http.Header {
  5415  	if c.header_ == nil {
  5416  		c.header_ = make(http.Header)
  5417  	}
  5418  	return c.header_
  5419  }
  5420  
  5421  func (c *LocationsWorkforcePoolsProvidersListCall) doRequest(alt string) (*http.Response, error) {
  5422  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5423  	if c.ifNoneMatch_ != "" {
  5424  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5425  	}
  5426  	var body io.Reader = nil
  5427  	c.urlParams_.Set("alt", alt)
  5428  	c.urlParams_.Set("prettyPrint", "false")
  5429  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers")
  5430  	urls += "?" + c.urlParams_.Encode()
  5431  	req, err := http.NewRequest("GET", urls, body)
  5432  	if err != nil {
  5433  		return nil, err
  5434  	}
  5435  	req.Header = reqHeaders
  5436  	googleapi.Expand(req.URL, map[string]string{
  5437  		"parent": c.parent,
  5438  	})
  5439  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5440  }
  5441  
  5442  // Do executes the "iam.locations.workforcePools.providers.list" call.
  5443  // Any non-2xx status code is an error. Response headers are in either
  5444  // *ListWorkforcePoolProvidersResponse.ServerResponse.Header or (if a response
  5445  // was returned at all) in error.(*googleapi.Error).Header. Use
  5446  // googleapi.IsNotModified to check whether the returned error was because
  5447  // http.StatusNotModified was returned.
  5448  func (c *LocationsWorkforcePoolsProvidersListCall) Do(opts ...googleapi.CallOption) (*ListWorkforcePoolProvidersResponse, error) {
  5449  	gensupport.SetOptions(c.urlParams_, opts...)
  5450  	res, err := c.doRequest("json")
  5451  	if res != nil && res.StatusCode == http.StatusNotModified {
  5452  		if res.Body != nil {
  5453  			res.Body.Close()
  5454  		}
  5455  		return nil, gensupport.WrapError(&googleapi.Error{
  5456  			Code:   res.StatusCode,
  5457  			Header: res.Header,
  5458  		})
  5459  	}
  5460  	if err != nil {
  5461  		return nil, err
  5462  	}
  5463  	defer googleapi.CloseBody(res)
  5464  	if err := googleapi.CheckResponse(res); err != nil {
  5465  		return nil, gensupport.WrapError(err)
  5466  	}
  5467  	ret := &ListWorkforcePoolProvidersResponse{
  5468  		ServerResponse: googleapi.ServerResponse{
  5469  			Header:         res.Header,
  5470  			HTTPStatusCode: res.StatusCode,
  5471  		},
  5472  	}
  5473  	target := &ret
  5474  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5475  		return nil, err
  5476  	}
  5477  	return ret, nil
  5478  }
  5479  
  5480  // Pages invokes f for each page of results.
  5481  // A non-nil error returned from f will halt the iteration.
  5482  // The provided context supersedes any context provided to the Context method.
  5483  func (c *LocationsWorkforcePoolsProvidersListCall) Pages(ctx context.Context, f func(*ListWorkforcePoolProvidersResponse) error) error {
  5484  	c.ctx_ = ctx
  5485  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  5486  	for {
  5487  		x, err := c.Do()
  5488  		if err != nil {
  5489  			return err
  5490  		}
  5491  		if err := f(x); err != nil {
  5492  			return err
  5493  		}
  5494  		if x.NextPageToken == "" {
  5495  			return nil
  5496  		}
  5497  		c.PageToken(x.NextPageToken)
  5498  	}
  5499  }
  5500  
  5501  type LocationsWorkforcePoolsProvidersPatchCall struct {
  5502  	s                     *Service
  5503  	name                  string
  5504  	workforcepoolprovider *WorkforcePoolProvider
  5505  	urlParams_            gensupport.URLParams
  5506  	ctx_                  context.Context
  5507  	header_               http.Header
  5508  }
  5509  
  5510  // Patch: Updates an existing WorkforcePoolProvider.
  5511  //
  5512  //   - name: Output only. The resource name of the provider. Format:
  5513  //     `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provide
  5514  //     r_id}`.
  5515  func (r *LocationsWorkforcePoolsProvidersService) Patch(name string, workforcepoolprovider *WorkforcePoolProvider) *LocationsWorkforcePoolsProvidersPatchCall {
  5516  	c := &LocationsWorkforcePoolsProvidersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5517  	c.name = name
  5518  	c.workforcepoolprovider = workforcepoolprovider
  5519  	return c
  5520  }
  5521  
  5522  // UpdateMask sets the optional parameter "updateMask": Required. The list of
  5523  // fields to update.
  5524  func (c *LocationsWorkforcePoolsProvidersPatchCall) UpdateMask(updateMask string) *LocationsWorkforcePoolsProvidersPatchCall {
  5525  	c.urlParams_.Set("updateMask", updateMask)
  5526  	return c
  5527  }
  5528  
  5529  // Fields allows partial responses to be retrieved. See
  5530  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5531  // details.
  5532  func (c *LocationsWorkforcePoolsProvidersPatchCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersPatchCall {
  5533  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5534  	return c
  5535  }
  5536  
  5537  // Context sets the context to be used in this call's Do method.
  5538  func (c *LocationsWorkforcePoolsProvidersPatchCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersPatchCall {
  5539  	c.ctx_ = ctx
  5540  	return c
  5541  }
  5542  
  5543  // Header returns a http.Header that can be modified by the caller to add
  5544  // headers to the request.
  5545  func (c *LocationsWorkforcePoolsProvidersPatchCall) Header() http.Header {
  5546  	if c.header_ == nil {
  5547  		c.header_ = make(http.Header)
  5548  	}
  5549  	return c.header_
  5550  }
  5551  
  5552  func (c *LocationsWorkforcePoolsProvidersPatchCall) doRequest(alt string) (*http.Response, error) {
  5553  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5554  	var body io.Reader = nil
  5555  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workforcepoolprovider)
  5556  	if err != nil {
  5557  		return nil, err
  5558  	}
  5559  	c.urlParams_.Set("alt", alt)
  5560  	c.urlParams_.Set("prettyPrint", "false")
  5561  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5562  	urls += "?" + c.urlParams_.Encode()
  5563  	req, err := http.NewRequest("PATCH", urls, body)
  5564  	if err != nil {
  5565  		return nil, err
  5566  	}
  5567  	req.Header = reqHeaders
  5568  	googleapi.Expand(req.URL, map[string]string{
  5569  		"name": c.name,
  5570  	})
  5571  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5572  }
  5573  
  5574  // Do executes the "iam.locations.workforcePools.providers.patch" call.
  5575  // Any non-2xx status code is an error. Response headers are in either
  5576  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5577  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5578  // whether the returned error was because http.StatusNotModified was returned.
  5579  func (c *LocationsWorkforcePoolsProvidersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5580  	gensupport.SetOptions(c.urlParams_, opts...)
  5581  	res, err := c.doRequest("json")
  5582  	if res != nil && res.StatusCode == http.StatusNotModified {
  5583  		if res.Body != nil {
  5584  			res.Body.Close()
  5585  		}
  5586  		return nil, gensupport.WrapError(&googleapi.Error{
  5587  			Code:   res.StatusCode,
  5588  			Header: res.Header,
  5589  		})
  5590  	}
  5591  	if err != nil {
  5592  		return nil, err
  5593  	}
  5594  	defer googleapi.CloseBody(res)
  5595  	if err := googleapi.CheckResponse(res); err != nil {
  5596  		return nil, gensupport.WrapError(err)
  5597  	}
  5598  	ret := &Operation{
  5599  		ServerResponse: googleapi.ServerResponse{
  5600  			Header:         res.Header,
  5601  			HTTPStatusCode: res.StatusCode,
  5602  		},
  5603  	}
  5604  	target := &ret
  5605  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5606  		return nil, err
  5607  	}
  5608  	return ret, nil
  5609  }
  5610  
  5611  type LocationsWorkforcePoolsProvidersUndeleteCall struct {
  5612  	s                                    *Service
  5613  	name                                 string
  5614  	undeleteworkforcepoolproviderrequest *UndeleteWorkforcePoolProviderRequest
  5615  	urlParams_                           gensupport.URLParams
  5616  	ctx_                                 context.Context
  5617  	header_                              http.Header
  5618  }
  5619  
  5620  // Undelete: Undeletes a WorkforcePoolProvider, as long as it was deleted fewer
  5621  // than 30 days ago.
  5622  //
  5623  //   - name: The name of the provider to undelete. Format:
  5624  //     `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provide
  5625  //     r_id}`.
  5626  func (r *LocationsWorkforcePoolsProvidersService) Undelete(name string, undeleteworkforcepoolproviderrequest *UndeleteWorkforcePoolProviderRequest) *LocationsWorkforcePoolsProvidersUndeleteCall {
  5627  	c := &LocationsWorkforcePoolsProvidersUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5628  	c.name = name
  5629  	c.undeleteworkforcepoolproviderrequest = undeleteworkforcepoolproviderrequest
  5630  	return c
  5631  }
  5632  
  5633  // Fields allows partial responses to be retrieved. See
  5634  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5635  // details.
  5636  func (c *LocationsWorkforcePoolsProvidersUndeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersUndeleteCall {
  5637  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5638  	return c
  5639  }
  5640  
  5641  // Context sets the context to be used in this call's Do method.
  5642  func (c *LocationsWorkforcePoolsProvidersUndeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersUndeleteCall {
  5643  	c.ctx_ = ctx
  5644  	return c
  5645  }
  5646  
  5647  // Header returns a http.Header that can be modified by the caller to add
  5648  // headers to the request.
  5649  func (c *LocationsWorkforcePoolsProvidersUndeleteCall) Header() http.Header {
  5650  	if c.header_ == nil {
  5651  		c.header_ = make(http.Header)
  5652  	}
  5653  	return c.header_
  5654  }
  5655  
  5656  func (c *LocationsWorkforcePoolsProvidersUndeleteCall) doRequest(alt string) (*http.Response, error) {
  5657  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5658  	var body io.Reader = nil
  5659  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkforcepoolproviderrequest)
  5660  	if err != nil {
  5661  		return nil, err
  5662  	}
  5663  	c.urlParams_.Set("alt", alt)
  5664  	c.urlParams_.Set("prettyPrint", "false")
  5665  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  5666  	urls += "?" + c.urlParams_.Encode()
  5667  	req, err := http.NewRequest("POST", urls, body)
  5668  	if err != nil {
  5669  		return nil, err
  5670  	}
  5671  	req.Header = reqHeaders
  5672  	googleapi.Expand(req.URL, map[string]string{
  5673  		"name": c.name,
  5674  	})
  5675  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5676  }
  5677  
  5678  // Do executes the "iam.locations.workforcePools.providers.undelete" call.
  5679  // Any non-2xx status code is an error. Response headers are in either
  5680  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5681  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5682  // whether the returned error was because http.StatusNotModified was returned.
  5683  func (c *LocationsWorkforcePoolsProvidersUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5684  	gensupport.SetOptions(c.urlParams_, opts...)
  5685  	res, err := c.doRequest("json")
  5686  	if res != nil && res.StatusCode == http.StatusNotModified {
  5687  		if res.Body != nil {
  5688  			res.Body.Close()
  5689  		}
  5690  		return nil, gensupport.WrapError(&googleapi.Error{
  5691  			Code:   res.StatusCode,
  5692  			Header: res.Header,
  5693  		})
  5694  	}
  5695  	if err != nil {
  5696  		return nil, err
  5697  	}
  5698  	defer googleapi.CloseBody(res)
  5699  	if err := googleapi.CheckResponse(res); err != nil {
  5700  		return nil, gensupport.WrapError(err)
  5701  	}
  5702  	ret := &Operation{
  5703  		ServerResponse: googleapi.ServerResponse{
  5704  			Header:         res.Header,
  5705  			HTTPStatusCode: res.StatusCode,
  5706  		},
  5707  	}
  5708  	target := &ret
  5709  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5710  		return nil, err
  5711  	}
  5712  	return ret, nil
  5713  }
  5714  
  5715  type LocationsWorkforcePoolsProvidersKeysCreateCall struct {
  5716  	s                        *Service
  5717  	parent                   string
  5718  	workforcepoolproviderkey *WorkforcePoolProviderKey
  5719  	urlParams_               gensupport.URLParams
  5720  	ctx_                     context.Context
  5721  	header_                  http.Header
  5722  }
  5723  
  5724  // Create: Creates a new WorkforcePoolProviderKey in a WorkforcePoolProvider.
  5725  //
  5726  // - parent: The provider to create this key in.
  5727  func (r *LocationsWorkforcePoolsProvidersKeysService) Create(parent string, workforcepoolproviderkey *WorkforcePoolProviderKey) *LocationsWorkforcePoolsProvidersKeysCreateCall {
  5728  	c := &LocationsWorkforcePoolsProvidersKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5729  	c.parent = parent
  5730  	c.workforcepoolproviderkey = workforcepoolproviderkey
  5731  	return c
  5732  }
  5733  
  5734  // WorkforcePoolProviderKeyId sets the optional parameter
  5735  // "workforcePoolProviderKeyId": Required. The ID to use for the key, which
  5736  // becomes the final component of the resource name. This value must be 4-32
  5737  // characters, and may contain the characters [a-z0-9-].
  5738  func (c *LocationsWorkforcePoolsProvidersKeysCreateCall) WorkforcePoolProviderKeyId(workforcePoolProviderKeyId string) *LocationsWorkforcePoolsProvidersKeysCreateCall {
  5739  	c.urlParams_.Set("workforcePoolProviderKeyId", workforcePoolProviderKeyId)
  5740  	return c
  5741  }
  5742  
  5743  // Fields allows partial responses to be retrieved. See
  5744  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5745  // details.
  5746  func (c *LocationsWorkforcePoolsProvidersKeysCreateCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersKeysCreateCall {
  5747  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5748  	return c
  5749  }
  5750  
  5751  // Context sets the context to be used in this call's Do method.
  5752  func (c *LocationsWorkforcePoolsProvidersKeysCreateCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersKeysCreateCall {
  5753  	c.ctx_ = ctx
  5754  	return c
  5755  }
  5756  
  5757  // Header returns a http.Header that can be modified by the caller to add
  5758  // headers to the request.
  5759  func (c *LocationsWorkforcePoolsProvidersKeysCreateCall) Header() http.Header {
  5760  	if c.header_ == nil {
  5761  		c.header_ = make(http.Header)
  5762  	}
  5763  	return c.header_
  5764  }
  5765  
  5766  func (c *LocationsWorkforcePoolsProvidersKeysCreateCall) doRequest(alt string) (*http.Response, error) {
  5767  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5768  	var body io.Reader = nil
  5769  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workforcepoolproviderkey)
  5770  	if err != nil {
  5771  		return nil, err
  5772  	}
  5773  	c.urlParams_.Set("alt", alt)
  5774  	c.urlParams_.Set("prettyPrint", "false")
  5775  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/keys")
  5776  	urls += "?" + c.urlParams_.Encode()
  5777  	req, err := http.NewRequest("POST", urls, body)
  5778  	if err != nil {
  5779  		return nil, err
  5780  	}
  5781  	req.Header = reqHeaders
  5782  	googleapi.Expand(req.URL, map[string]string{
  5783  		"parent": c.parent,
  5784  	})
  5785  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5786  }
  5787  
  5788  // Do executes the "iam.locations.workforcePools.providers.keys.create" call.
  5789  // Any non-2xx status code is an error. Response headers are in either
  5790  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5791  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5792  // whether the returned error was because http.StatusNotModified was returned.
  5793  func (c *LocationsWorkforcePoolsProvidersKeysCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5794  	gensupport.SetOptions(c.urlParams_, opts...)
  5795  	res, err := c.doRequest("json")
  5796  	if res != nil && res.StatusCode == http.StatusNotModified {
  5797  		if res.Body != nil {
  5798  			res.Body.Close()
  5799  		}
  5800  		return nil, gensupport.WrapError(&googleapi.Error{
  5801  			Code:   res.StatusCode,
  5802  			Header: res.Header,
  5803  		})
  5804  	}
  5805  	if err != nil {
  5806  		return nil, err
  5807  	}
  5808  	defer googleapi.CloseBody(res)
  5809  	if err := googleapi.CheckResponse(res); err != nil {
  5810  		return nil, gensupport.WrapError(err)
  5811  	}
  5812  	ret := &Operation{
  5813  		ServerResponse: googleapi.ServerResponse{
  5814  			Header:         res.Header,
  5815  			HTTPStatusCode: res.StatusCode,
  5816  		},
  5817  	}
  5818  	target := &ret
  5819  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5820  		return nil, err
  5821  	}
  5822  	return ret, nil
  5823  }
  5824  
  5825  type LocationsWorkforcePoolsProvidersKeysDeleteCall struct {
  5826  	s          *Service
  5827  	name       string
  5828  	urlParams_ gensupport.URLParams
  5829  	ctx_       context.Context
  5830  	header_    http.Header
  5831  }
  5832  
  5833  // Delete: Deletes a WorkforcePoolProviderKey. You can undelete a key for 30
  5834  // days. After 30 days, deletion is permanent.
  5835  //
  5836  // - name: The name of the key to delete.
  5837  func (r *LocationsWorkforcePoolsProvidersKeysService) Delete(name string) *LocationsWorkforcePoolsProvidersKeysDeleteCall {
  5838  	c := &LocationsWorkforcePoolsProvidersKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5839  	c.name = name
  5840  	return c
  5841  }
  5842  
  5843  // Fields allows partial responses to be retrieved. See
  5844  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5845  // details.
  5846  func (c *LocationsWorkforcePoolsProvidersKeysDeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersKeysDeleteCall {
  5847  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5848  	return c
  5849  }
  5850  
  5851  // Context sets the context to be used in this call's Do method.
  5852  func (c *LocationsWorkforcePoolsProvidersKeysDeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersKeysDeleteCall {
  5853  	c.ctx_ = ctx
  5854  	return c
  5855  }
  5856  
  5857  // Header returns a http.Header that can be modified by the caller to add
  5858  // headers to the request.
  5859  func (c *LocationsWorkforcePoolsProvidersKeysDeleteCall) Header() http.Header {
  5860  	if c.header_ == nil {
  5861  		c.header_ = make(http.Header)
  5862  	}
  5863  	return c.header_
  5864  }
  5865  
  5866  func (c *LocationsWorkforcePoolsProvidersKeysDeleteCall) doRequest(alt string) (*http.Response, error) {
  5867  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5868  	var body io.Reader = nil
  5869  	c.urlParams_.Set("alt", alt)
  5870  	c.urlParams_.Set("prettyPrint", "false")
  5871  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5872  	urls += "?" + c.urlParams_.Encode()
  5873  	req, err := http.NewRequest("DELETE", urls, body)
  5874  	if err != nil {
  5875  		return nil, err
  5876  	}
  5877  	req.Header = reqHeaders
  5878  	googleapi.Expand(req.URL, map[string]string{
  5879  		"name": c.name,
  5880  	})
  5881  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5882  }
  5883  
  5884  // Do executes the "iam.locations.workforcePools.providers.keys.delete" call.
  5885  // Any non-2xx status code is an error. Response headers are in either
  5886  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5887  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5888  // whether the returned error was because http.StatusNotModified was returned.
  5889  func (c *LocationsWorkforcePoolsProvidersKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5890  	gensupport.SetOptions(c.urlParams_, opts...)
  5891  	res, err := c.doRequest("json")
  5892  	if res != nil && res.StatusCode == http.StatusNotModified {
  5893  		if res.Body != nil {
  5894  			res.Body.Close()
  5895  		}
  5896  		return nil, gensupport.WrapError(&googleapi.Error{
  5897  			Code:   res.StatusCode,
  5898  			Header: res.Header,
  5899  		})
  5900  	}
  5901  	if err != nil {
  5902  		return nil, err
  5903  	}
  5904  	defer googleapi.CloseBody(res)
  5905  	if err := googleapi.CheckResponse(res); err != nil {
  5906  		return nil, gensupport.WrapError(err)
  5907  	}
  5908  	ret := &Operation{
  5909  		ServerResponse: googleapi.ServerResponse{
  5910  			Header:         res.Header,
  5911  			HTTPStatusCode: res.StatusCode,
  5912  		},
  5913  	}
  5914  	target := &ret
  5915  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5916  		return nil, err
  5917  	}
  5918  	return ret, nil
  5919  }
  5920  
  5921  type LocationsWorkforcePoolsProvidersKeysGetCall struct {
  5922  	s            *Service
  5923  	name         string
  5924  	urlParams_   gensupport.URLParams
  5925  	ifNoneMatch_ string
  5926  	ctx_         context.Context
  5927  	header_      http.Header
  5928  }
  5929  
  5930  // Get: Gets a WorkforcePoolProviderKey.
  5931  //
  5932  // - name: The name of the key to retrieve.
  5933  func (r *LocationsWorkforcePoolsProvidersKeysService) Get(name string) *LocationsWorkforcePoolsProvidersKeysGetCall {
  5934  	c := &LocationsWorkforcePoolsProvidersKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5935  	c.name = name
  5936  	return c
  5937  }
  5938  
  5939  // Fields allows partial responses to be retrieved. See
  5940  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5941  // details.
  5942  func (c *LocationsWorkforcePoolsProvidersKeysGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersKeysGetCall {
  5943  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5944  	return c
  5945  }
  5946  
  5947  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5948  // object's ETag matches the given value. This is useful for getting updates
  5949  // only after the object has changed since the last request.
  5950  func (c *LocationsWorkforcePoolsProvidersKeysGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersKeysGetCall {
  5951  	c.ifNoneMatch_ = entityTag
  5952  	return c
  5953  }
  5954  
  5955  // Context sets the context to be used in this call's Do method.
  5956  func (c *LocationsWorkforcePoolsProvidersKeysGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersKeysGetCall {
  5957  	c.ctx_ = ctx
  5958  	return c
  5959  }
  5960  
  5961  // Header returns a http.Header that can be modified by the caller to add
  5962  // headers to the request.
  5963  func (c *LocationsWorkforcePoolsProvidersKeysGetCall) Header() http.Header {
  5964  	if c.header_ == nil {
  5965  		c.header_ = make(http.Header)
  5966  	}
  5967  	return c.header_
  5968  }
  5969  
  5970  func (c *LocationsWorkforcePoolsProvidersKeysGetCall) doRequest(alt string) (*http.Response, error) {
  5971  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5972  	if c.ifNoneMatch_ != "" {
  5973  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5974  	}
  5975  	var body io.Reader = nil
  5976  	c.urlParams_.Set("alt", alt)
  5977  	c.urlParams_.Set("prettyPrint", "false")
  5978  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5979  	urls += "?" + c.urlParams_.Encode()
  5980  	req, err := http.NewRequest("GET", urls, body)
  5981  	if err != nil {
  5982  		return nil, err
  5983  	}
  5984  	req.Header = reqHeaders
  5985  	googleapi.Expand(req.URL, map[string]string{
  5986  		"name": c.name,
  5987  	})
  5988  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5989  }
  5990  
  5991  // Do executes the "iam.locations.workforcePools.providers.keys.get" call.
  5992  // Any non-2xx status code is an error. Response headers are in either
  5993  // *WorkforcePoolProviderKey.ServerResponse.Header or (if a response was
  5994  // returned at all) in error.(*googleapi.Error).Header. Use
  5995  // googleapi.IsNotModified to check whether the returned error was because
  5996  // http.StatusNotModified was returned.
  5997  func (c *LocationsWorkforcePoolsProvidersKeysGetCall) Do(opts ...googleapi.CallOption) (*WorkforcePoolProviderKey, error) {
  5998  	gensupport.SetOptions(c.urlParams_, opts...)
  5999  	res, err := c.doRequest("json")
  6000  	if res != nil && res.StatusCode == http.StatusNotModified {
  6001  		if res.Body != nil {
  6002  			res.Body.Close()
  6003  		}
  6004  		return nil, gensupport.WrapError(&googleapi.Error{
  6005  			Code:   res.StatusCode,
  6006  			Header: res.Header,
  6007  		})
  6008  	}
  6009  	if err != nil {
  6010  		return nil, err
  6011  	}
  6012  	defer googleapi.CloseBody(res)
  6013  	if err := googleapi.CheckResponse(res); err != nil {
  6014  		return nil, gensupport.WrapError(err)
  6015  	}
  6016  	ret := &WorkforcePoolProviderKey{
  6017  		ServerResponse: googleapi.ServerResponse{
  6018  			Header:         res.Header,
  6019  			HTTPStatusCode: res.StatusCode,
  6020  		},
  6021  	}
  6022  	target := &ret
  6023  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6024  		return nil, err
  6025  	}
  6026  	return ret, nil
  6027  }
  6028  
  6029  type LocationsWorkforcePoolsProvidersKeysListCall struct {
  6030  	s            *Service
  6031  	parent       string
  6032  	urlParams_   gensupport.URLParams
  6033  	ifNoneMatch_ string
  6034  	ctx_         context.Context
  6035  	header_      http.Header
  6036  }
  6037  
  6038  // List: Lists all non-deleted WorkforcePoolProviderKeys in a
  6039  // WorkforcePoolProvider. If `show_deleted` is set to `true`, then deleted keys
  6040  // are also listed.
  6041  //
  6042  //   - parent: The provider resource to list encryption keys for. Format:
  6043  //     `locations/{location}/workforcePools/{workforce_pool_id}/providers/{provide
  6044  //     r_id}`.
  6045  func (r *LocationsWorkforcePoolsProvidersKeysService) List(parent string) *LocationsWorkforcePoolsProvidersKeysListCall {
  6046  	c := &LocationsWorkforcePoolsProvidersKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6047  	c.parent = parent
  6048  	return c
  6049  }
  6050  
  6051  // PageSize sets the optional parameter "pageSize": The maximum number of keys
  6052  // to return. If unspecified, all keys are returned. The maximum value is 10;
  6053  // values above 10 are truncated to 10.
  6054  func (c *LocationsWorkforcePoolsProvidersKeysListCall) PageSize(pageSize int64) *LocationsWorkforcePoolsProvidersKeysListCall {
  6055  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  6056  	return c
  6057  }
  6058  
  6059  // PageToken sets the optional parameter "pageToken": A page token, received
  6060  // from a previous `ListWorkforcePoolProviderKeys` call. Provide this to
  6061  // retrieve the subsequent page.
  6062  func (c *LocationsWorkforcePoolsProvidersKeysListCall) PageToken(pageToken string) *LocationsWorkforcePoolsProvidersKeysListCall {
  6063  	c.urlParams_.Set("pageToken", pageToken)
  6064  	return c
  6065  }
  6066  
  6067  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
  6068  // soft-deleted keys.
  6069  func (c *LocationsWorkforcePoolsProvidersKeysListCall) ShowDeleted(showDeleted bool) *LocationsWorkforcePoolsProvidersKeysListCall {
  6070  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
  6071  	return c
  6072  }
  6073  
  6074  // Fields allows partial responses to be retrieved. See
  6075  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6076  // details.
  6077  func (c *LocationsWorkforcePoolsProvidersKeysListCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersKeysListCall {
  6078  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6079  	return c
  6080  }
  6081  
  6082  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6083  // object's ETag matches the given value. This is useful for getting updates
  6084  // only after the object has changed since the last request.
  6085  func (c *LocationsWorkforcePoolsProvidersKeysListCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersKeysListCall {
  6086  	c.ifNoneMatch_ = entityTag
  6087  	return c
  6088  }
  6089  
  6090  // Context sets the context to be used in this call's Do method.
  6091  func (c *LocationsWorkforcePoolsProvidersKeysListCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersKeysListCall {
  6092  	c.ctx_ = ctx
  6093  	return c
  6094  }
  6095  
  6096  // Header returns a http.Header that can be modified by the caller to add
  6097  // headers to the request.
  6098  func (c *LocationsWorkforcePoolsProvidersKeysListCall) Header() http.Header {
  6099  	if c.header_ == nil {
  6100  		c.header_ = make(http.Header)
  6101  	}
  6102  	return c.header_
  6103  }
  6104  
  6105  func (c *LocationsWorkforcePoolsProvidersKeysListCall) doRequest(alt string) (*http.Response, error) {
  6106  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6107  	if c.ifNoneMatch_ != "" {
  6108  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6109  	}
  6110  	var body io.Reader = nil
  6111  	c.urlParams_.Set("alt", alt)
  6112  	c.urlParams_.Set("prettyPrint", "false")
  6113  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/keys")
  6114  	urls += "?" + c.urlParams_.Encode()
  6115  	req, err := http.NewRequest("GET", urls, body)
  6116  	if err != nil {
  6117  		return nil, err
  6118  	}
  6119  	req.Header = reqHeaders
  6120  	googleapi.Expand(req.URL, map[string]string{
  6121  		"parent": c.parent,
  6122  	})
  6123  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6124  }
  6125  
  6126  // Do executes the "iam.locations.workforcePools.providers.keys.list" call.
  6127  // Any non-2xx status code is an error. Response headers are in either
  6128  // *ListWorkforcePoolProviderKeysResponse.ServerResponse.Header or (if a
  6129  // response was returned at all) in error.(*googleapi.Error).Header. Use
  6130  // googleapi.IsNotModified to check whether the returned error was because
  6131  // http.StatusNotModified was returned.
  6132  func (c *LocationsWorkforcePoolsProvidersKeysListCall) Do(opts ...googleapi.CallOption) (*ListWorkforcePoolProviderKeysResponse, error) {
  6133  	gensupport.SetOptions(c.urlParams_, opts...)
  6134  	res, err := c.doRequest("json")
  6135  	if res != nil && res.StatusCode == http.StatusNotModified {
  6136  		if res.Body != nil {
  6137  			res.Body.Close()
  6138  		}
  6139  		return nil, gensupport.WrapError(&googleapi.Error{
  6140  			Code:   res.StatusCode,
  6141  			Header: res.Header,
  6142  		})
  6143  	}
  6144  	if err != nil {
  6145  		return nil, err
  6146  	}
  6147  	defer googleapi.CloseBody(res)
  6148  	if err := googleapi.CheckResponse(res); err != nil {
  6149  		return nil, gensupport.WrapError(err)
  6150  	}
  6151  	ret := &ListWorkforcePoolProviderKeysResponse{
  6152  		ServerResponse: googleapi.ServerResponse{
  6153  			Header:         res.Header,
  6154  			HTTPStatusCode: res.StatusCode,
  6155  		},
  6156  	}
  6157  	target := &ret
  6158  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6159  		return nil, err
  6160  	}
  6161  	return ret, nil
  6162  }
  6163  
  6164  // Pages invokes f for each page of results.
  6165  // A non-nil error returned from f will halt the iteration.
  6166  // The provided context supersedes any context provided to the Context method.
  6167  func (c *LocationsWorkforcePoolsProvidersKeysListCall) Pages(ctx context.Context, f func(*ListWorkforcePoolProviderKeysResponse) error) error {
  6168  	c.ctx_ = ctx
  6169  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  6170  	for {
  6171  		x, err := c.Do()
  6172  		if err != nil {
  6173  			return err
  6174  		}
  6175  		if err := f(x); err != nil {
  6176  			return err
  6177  		}
  6178  		if x.NextPageToken == "" {
  6179  			return nil
  6180  		}
  6181  		c.PageToken(x.NextPageToken)
  6182  	}
  6183  }
  6184  
  6185  type LocationsWorkforcePoolsProvidersKeysUndeleteCall struct {
  6186  	s                                       *Service
  6187  	name                                    string
  6188  	undeleteworkforcepoolproviderkeyrequest *UndeleteWorkforcePoolProviderKeyRequest
  6189  	urlParams_                              gensupport.URLParams
  6190  	ctx_                                    context.Context
  6191  	header_                                 http.Header
  6192  }
  6193  
  6194  // Undelete: Undeletes a WorkforcePoolProviderKey, as long as it was deleted
  6195  // fewer than 30 days ago.
  6196  //
  6197  // - name: The name of the key to undelete.
  6198  func (r *LocationsWorkforcePoolsProvidersKeysService) Undelete(name string, undeleteworkforcepoolproviderkeyrequest *UndeleteWorkforcePoolProviderKeyRequest) *LocationsWorkforcePoolsProvidersKeysUndeleteCall {
  6199  	c := &LocationsWorkforcePoolsProvidersKeysUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6200  	c.name = name
  6201  	c.undeleteworkforcepoolproviderkeyrequest = undeleteworkforcepoolproviderkeyrequest
  6202  	return c
  6203  }
  6204  
  6205  // Fields allows partial responses to be retrieved. See
  6206  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6207  // details.
  6208  func (c *LocationsWorkforcePoolsProvidersKeysUndeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersKeysUndeleteCall {
  6209  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6210  	return c
  6211  }
  6212  
  6213  // Context sets the context to be used in this call's Do method.
  6214  func (c *LocationsWorkforcePoolsProvidersKeysUndeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersKeysUndeleteCall {
  6215  	c.ctx_ = ctx
  6216  	return c
  6217  }
  6218  
  6219  // Header returns a http.Header that can be modified by the caller to add
  6220  // headers to the request.
  6221  func (c *LocationsWorkforcePoolsProvidersKeysUndeleteCall) Header() http.Header {
  6222  	if c.header_ == nil {
  6223  		c.header_ = make(http.Header)
  6224  	}
  6225  	return c.header_
  6226  }
  6227  
  6228  func (c *LocationsWorkforcePoolsProvidersKeysUndeleteCall) doRequest(alt string) (*http.Response, error) {
  6229  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6230  	var body io.Reader = nil
  6231  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkforcepoolproviderkeyrequest)
  6232  	if err != nil {
  6233  		return nil, err
  6234  	}
  6235  	c.urlParams_.Set("alt", alt)
  6236  	c.urlParams_.Set("prettyPrint", "false")
  6237  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  6238  	urls += "?" + c.urlParams_.Encode()
  6239  	req, err := http.NewRequest("POST", urls, body)
  6240  	if err != nil {
  6241  		return nil, err
  6242  	}
  6243  	req.Header = reqHeaders
  6244  	googleapi.Expand(req.URL, map[string]string{
  6245  		"name": c.name,
  6246  	})
  6247  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6248  }
  6249  
  6250  // Do executes the "iam.locations.workforcePools.providers.keys.undelete" call.
  6251  // Any non-2xx status code is an error. Response headers are in either
  6252  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6253  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6254  // whether the returned error was because http.StatusNotModified was returned.
  6255  func (c *LocationsWorkforcePoolsProvidersKeysUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6256  	gensupport.SetOptions(c.urlParams_, opts...)
  6257  	res, err := c.doRequest("json")
  6258  	if res != nil && res.StatusCode == http.StatusNotModified {
  6259  		if res.Body != nil {
  6260  			res.Body.Close()
  6261  		}
  6262  		return nil, gensupport.WrapError(&googleapi.Error{
  6263  			Code:   res.StatusCode,
  6264  			Header: res.Header,
  6265  		})
  6266  	}
  6267  	if err != nil {
  6268  		return nil, err
  6269  	}
  6270  	defer googleapi.CloseBody(res)
  6271  	if err := googleapi.CheckResponse(res); err != nil {
  6272  		return nil, gensupport.WrapError(err)
  6273  	}
  6274  	ret := &Operation{
  6275  		ServerResponse: googleapi.ServerResponse{
  6276  			Header:         res.Header,
  6277  			HTTPStatusCode: res.StatusCode,
  6278  		},
  6279  	}
  6280  	target := &ret
  6281  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6282  		return nil, err
  6283  	}
  6284  	return ret, nil
  6285  }
  6286  
  6287  type LocationsWorkforcePoolsProvidersKeysOperationsGetCall struct {
  6288  	s            *Service
  6289  	name         string
  6290  	urlParams_   gensupport.URLParams
  6291  	ifNoneMatch_ string
  6292  	ctx_         context.Context
  6293  	header_      http.Header
  6294  }
  6295  
  6296  // Get: Gets the latest state of a long-running operation. Clients can use this
  6297  // method to poll the operation result at intervals as recommended by the API
  6298  // service.
  6299  //
  6300  // - name: The name of the operation resource.
  6301  func (r *LocationsWorkforcePoolsProvidersKeysOperationsService) Get(name string) *LocationsWorkforcePoolsProvidersKeysOperationsGetCall {
  6302  	c := &LocationsWorkforcePoolsProvidersKeysOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6303  	c.name = name
  6304  	return c
  6305  }
  6306  
  6307  // Fields allows partial responses to be retrieved. See
  6308  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6309  // details.
  6310  func (c *LocationsWorkforcePoolsProvidersKeysOperationsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersKeysOperationsGetCall {
  6311  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6312  	return c
  6313  }
  6314  
  6315  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6316  // object's ETag matches the given value. This is useful for getting updates
  6317  // only after the object has changed since the last request.
  6318  func (c *LocationsWorkforcePoolsProvidersKeysOperationsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersKeysOperationsGetCall {
  6319  	c.ifNoneMatch_ = entityTag
  6320  	return c
  6321  }
  6322  
  6323  // Context sets the context to be used in this call's Do method.
  6324  func (c *LocationsWorkforcePoolsProvidersKeysOperationsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersKeysOperationsGetCall {
  6325  	c.ctx_ = ctx
  6326  	return c
  6327  }
  6328  
  6329  // Header returns a http.Header that can be modified by the caller to add
  6330  // headers to the request.
  6331  func (c *LocationsWorkforcePoolsProvidersKeysOperationsGetCall) Header() http.Header {
  6332  	if c.header_ == nil {
  6333  		c.header_ = make(http.Header)
  6334  	}
  6335  	return c.header_
  6336  }
  6337  
  6338  func (c *LocationsWorkforcePoolsProvidersKeysOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  6339  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6340  	if c.ifNoneMatch_ != "" {
  6341  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6342  	}
  6343  	var body io.Reader = nil
  6344  	c.urlParams_.Set("alt", alt)
  6345  	c.urlParams_.Set("prettyPrint", "false")
  6346  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6347  	urls += "?" + c.urlParams_.Encode()
  6348  	req, err := http.NewRequest("GET", urls, body)
  6349  	if err != nil {
  6350  		return nil, err
  6351  	}
  6352  	req.Header = reqHeaders
  6353  	googleapi.Expand(req.URL, map[string]string{
  6354  		"name": c.name,
  6355  	})
  6356  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6357  }
  6358  
  6359  // Do executes the "iam.locations.workforcePools.providers.keys.operations.get" call.
  6360  // Any non-2xx status code is an error. Response headers are in either
  6361  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6362  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6363  // whether the returned error was because http.StatusNotModified was returned.
  6364  func (c *LocationsWorkforcePoolsProvidersKeysOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6365  	gensupport.SetOptions(c.urlParams_, opts...)
  6366  	res, err := c.doRequest("json")
  6367  	if res != nil && res.StatusCode == http.StatusNotModified {
  6368  		if res.Body != nil {
  6369  			res.Body.Close()
  6370  		}
  6371  		return nil, gensupport.WrapError(&googleapi.Error{
  6372  			Code:   res.StatusCode,
  6373  			Header: res.Header,
  6374  		})
  6375  	}
  6376  	if err != nil {
  6377  		return nil, err
  6378  	}
  6379  	defer googleapi.CloseBody(res)
  6380  	if err := googleapi.CheckResponse(res); err != nil {
  6381  		return nil, gensupport.WrapError(err)
  6382  	}
  6383  	ret := &Operation{
  6384  		ServerResponse: googleapi.ServerResponse{
  6385  			Header:         res.Header,
  6386  			HTTPStatusCode: res.StatusCode,
  6387  		},
  6388  	}
  6389  	target := &ret
  6390  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6391  		return nil, err
  6392  	}
  6393  	return ret, nil
  6394  }
  6395  
  6396  type LocationsWorkforcePoolsProvidersOperationsGetCall struct {
  6397  	s            *Service
  6398  	name         string
  6399  	urlParams_   gensupport.URLParams
  6400  	ifNoneMatch_ string
  6401  	ctx_         context.Context
  6402  	header_      http.Header
  6403  }
  6404  
  6405  // Get: Gets the latest state of a long-running operation. Clients can use this
  6406  // method to poll the operation result at intervals as recommended by the API
  6407  // service.
  6408  //
  6409  // - name: The name of the operation resource.
  6410  func (r *LocationsWorkforcePoolsProvidersOperationsService) Get(name string) *LocationsWorkforcePoolsProvidersOperationsGetCall {
  6411  	c := &LocationsWorkforcePoolsProvidersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6412  	c.name = name
  6413  	return c
  6414  }
  6415  
  6416  // Fields allows partial responses to be retrieved. See
  6417  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6418  // details.
  6419  func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsProvidersOperationsGetCall {
  6420  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6421  	return c
  6422  }
  6423  
  6424  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6425  // object's ETag matches the given value. This is useful for getting updates
  6426  // only after the object has changed since the last request.
  6427  func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsProvidersOperationsGetCall {
  6428  	c.ifNoneMatch_ = entityTag
  6429  	return c
  6430  }
  6431  
  6432  // Context sets the context to be used in this call's Do method.
  6433  func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsProvidersOperationsGetCall {
  6434  	c.ctx_ = ctx
  6435  	return c
  6436  }
  6437  
  6438  // Header returns a http.Header that can be modified by the caller to add
  6439  // headers to the request.
  6440  func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Header() http.Header {
  6441  	if c.header_ == nil {
  6442  		c.header_ = make(http.Header)
  6443  	}
  6444  	return c.header_
  6445  }
  6446  
  6447  func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  6448  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6449  	if c.ifNoneMatch_ != "" {
  6450  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6451  	}
  6452  	var body io.Reader = nil
  6453  	c.urlParams_.Set("alt", alt)
  6454  	c.urlParams_.Set("prettyPrint", "false")
  6455  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6456  	urls += "?" + c.urlParams_.Encode()
  6457  	req, err := http.NewRequest("GET", urls, body)
  6458  	if err != nil {
  6459  		return nil, err
  6460  	}
  6461  	req.Header = reqHeaders
  6462  	googleapi.Expand(req.URL, map[string]string{
  6463  		"name": c.name,
  6464  	})
  6465  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6466  }
  6467  
  6468  // Do executes the "iam.locations.workforcePools.providers.operations.get" call.
  6469  // Any non-2xx status code is an error. Response headers are in either
  6470  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6471  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6472  // whether the returned error was because http.StatusNotModified was returned.
  6473  func (c *LocationsWorkforcePoolsProvidersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6474  	gensupport.SetOptions(c.urlParams_, opts...)
  6475  	res, err := c.doRequest("json")
  6476  	if res != nil && res.StatusCode == http.StatusNotModified {
  6477  		if res.Body != nil {
  6478  			res.Body.Close()
  6479  		}
  6480  		return nil, gensupport.WrapError(&googleapi.Error{
  6481  			Code:   res.StatusCode,
  6482  			Header: res.Header,
  6483  		})
  6484  	}
  6485  	if err != nil {
  6486  		return nil, err
  6487  	}
  6488  	defer googleapi.CloseBody(res)
  6489  	if err := googleapi.CheckResponse(res); err != nil {
  6490  		return nil, gensupport.WrapError(err)
  6491  	}
  6492  	ret := &Operation{
  6493  		ServerResponse: googleapi.ServerResponse{
  6494  			Header:         res.Header,
  6495  			HTTPStatusCode: res.StatusCode,
  6496  		},
  6497  	}
  6498  	target := &ret
  6499  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6500  		return nil, err
  6501  	}
  6502  	return ret, nil
  6503  }
  6504  
  6505  type LocationsWorkforcePoolsSubjectsDeleteCall struct {
  6506  	s          *Service
  6507  	name       string
  6508  	urlParams_ gensupport.URLParams
  6509  	ctx_       context.Context
  6510  	header_    http.Header
  6511  }
  6512  
  6513  // Delete: Deletes a WorkforcePoolSubject. Subject must not already be in a
  6514  // deleted state. A WorkforcePoolSubject is automatically created the first
  6515  // time an external credential is exchanged for a Google Cloud credential using
  6516  // a mapped `google.subject` attribute. There is no endpoint to manually create
  6517  // a WorkforcePoolSubject. For 30 days after a WorkforcePoolSubject is deleted,
  6518  // using the same `google.subject` attribute in token exchanges with Google
  6519  // Cloud STS fails. Call UndeleteWorkforcePoolSubject to undelete a
  6520  // WorkforcePoolSubject that has been deleted, within within 30 days of
  6521  // deleting it. After 30 days, the WorkforcePoolSubject is permanently deleted.
  6522  // At this point, a token exchange with Google Cloud STS that uses the same
  6523  // mapped `google.subject` attribute automatically creates a new
  6524  // WorkforcePoolSubject that is unrelated to the previously deleted
  6525  // WorkforcePoolSubject but has the same `google.subject` value.
  6526  //
  6527  //   - name: The resource name of the WorkforcePoolSubject. Special characters,
  6528  //     like `/` and `:`, must be escaped, because all URLs need to conform to the
  6529  //     "When to Escape and Unescape" section of RFC3986
  6530  //     (https://www.ietf.org/rfc/rfc2396.txt). Format:
  6531  //     `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_
  6532  //     id}`.
  6533  func (r *LocationsWorkforcePoolsSubjectsService) Delete(name string) *LocationsWorkforcePoolsSubjectsDeleteCall {
  6534  	c := &LocationsWorkforcePoolsSubjectsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6535  	c.name = name
  6536  	return c
  6537  }
  6538  
  6539  // Fields allows partial responses to be retrieved. See
  6540  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6541  // details.
  6542  func (c *LocationsWorkforcePoolsSubjectsDeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsSubjectsDeleteCall {
  6543  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6544  	return c
  6545  }
  6546  
  6547  // Context sets the context to be used in this call's Do method.
  6548  func (c *LocationsWorkforcePoolsSubjectsDeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsSubjectsDeleteCall {
  6549  	c.ctx_ = ctx
  6550  	return c
  6551  }
  6552  
  6553  // Header returns a http.Header that can be modified by the caller to add
  6554  // headers to the request.
  6555  func (c *LocationsWorkforcePoolsSubjectsDeleteCall) Header() http.Header {
  6556  	if c.header_ == nil {
  6557  		c.header_ = make(http.Header)
  6558  	}
  6559  	return c.header_
  6560  }
  6561  
  6562  func (c *LocationsWorkforcePoolsSubjectsDeleteCall) doRequest(alt string) (*http.Response, error) {
  6563  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6564  	var body io.Reader = nil
  6565  	c.urlParams_.Set("alt", alt)
  6566  	c.urlParams_.Set("prettyPrint", "false")
  6567  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6568  	urls += "?" + c.urlParams_.Encode()
  6569  	req, err := http.NewRequest("DELETE", urls, body)
  6570  	if err != nil {
  6571  		return nil, err
  6572  	}
  6573  	req.Header = reqHeaders
  6574  	googleapi.Expand(req.URL, map[string]string{
  6575  		"name": c.name,
  6576  	})
  6577  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6578  }
  6579  
  6580  // Do executes the "iam.locations.workforcePools.subjects.delete" call.
  6581  // Any non-2xx status code is an error. Response headers are in either
  6582  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6583  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6584  // whether the returned error was because http.StatusNotModified was returned.
  6585  func (c *LocationsWorkforcePoolsSubjectsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6586  	gensupport.SetOptions(c.urlParams_, opts...)
  6587  	res, err := c.doRequest("json")
  6588  	if res != nil && res.StatusCode == http.StatusNotModified {
  6589  		if res.Body != nil {
  6590  			res.Body.Close()
  6591  		}
  6592  		return nil, gensupport.WrapError(&googleapi.Error{
  6593  			Code:   res.StatusCode,
  6594  			Header: res.Header,
  6595  		})
  6596  	}
  6597  	if err != nil {
  6598  		return nil, err
  6599  	}
  6600  	defer googleapi.CloseBody(res)
  6601  	if err := googleapi.CheckResponse(res); err != nil {
  6602  		return nil, gensupport.WrapError(err)
  6603  	}
  6604  	ret := &Operation{
  6605  		ServerResponse: googleapi.ServerResponse{
  6606  			Header:         res.Header,
  6607  			HTTPStatusCode: res.StatusCode,
  6608  		},
  6609  	}
  6610  	target := &ret
  6611  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6612  		return nil, err
  6613  	}
  6614  	return ret, nil
  6615  }
  6616  
  6617  type LocationsWorkforcePoolsSubjectsUndeleteCall struct {
  6618  	s                                   *Service
  6619  	name                                string
  6620  	undeleteworkforcepoolsubjectrequest *UndeleteWorkforcePoolSubjectRequest
  6621  	urlParams_                          gensupport.URLParams
  6622  	ctx_                                context.Context
  6623  	header_                             http.Header
  6624  }
  6625  
  6626  // Undelete: Undeletes a WorkforcePoolSubject, as long as it was deleted fewer
  6627  // than 30 days ago.
  6628  //
  6629  //   - name: The resource name of the WorkforcePoolSubject. Special characters,
  6630  //     like `/` and `:`, must be escaped, because all URLs need to conform to the
  6631  //     "When to Escape and Unescape" section of RFC3986
  6632  //     (https://www.ietf.org/rfc/rfc2396.txt). Format:
  6633  //     `locations/{location}/workforcePools/{workforce_pool_id}/subjects/{subject_
  6634  //     id}`.
  6635  func (r *LocationsWorkforcePoolsSubjectsService) Undelete(name string, undeleteworkforcepoolsubjectrequest *UndeleteWorkforcePoolSubjectRequest) *LocationsWorkforcePoolsSubjectsUndeleteCall {
  6636  	c := &LocationsWorkforcePoolsSubjectsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6637  	c.name = name
  6638  	c.undeleteworkforcepoolsubjectrequest = undeleteworkforcepoolsubjectrequest
  6639  	return c
  6640  }
  6641  
  6642  // Fields allows partial responses to be retrieved. See
  6643  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6644  // details.
  6645  func (c *LocationsWorkforcePoolsSubjectsUndeleteCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsSubjectsUndeleteCall {
  6646  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6647  	return c
  6648  }
  6649  
  6650  // Context sets the context to be used in this call's Do method.
  6651  func (c *LocationsWorkforcePoolsSubjectsUndeleteCall) Context(ctx context.Context) *LocationsWorkforcePoolsSubjectsUndeleteCall {
  6652  	c.ctx_ = ctx
  6653  	return c
  6654  }
  6655  
  6656  // Header returns a http.Header that can be modified by the caller to add
  6657  // headers to the request.
  6658  func (c *LocationsWorkforcePoolsSubjectsUndeleteCall) Header() http.Header {
  6659  	if c.header_ == nil {
  6660  		c.header_ = make(http.Header)
  6661  	}
  6662  	return c.header_
  6663  }
  6664  
  6665  func (c *LocationsWorkforcePoolsSubjectsUndeleteCall) doRequest(alt string) (*http.Response, error) {
  6666  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6667  	var body io.Reader = nil
  6668  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkforcepoolsubjectrequest)
  6669  	if err != nil {
  6670  		return nil, err
  6671  	}
  6672  	c.urlParams_.Set("alt", alt)
  6673  	c.urlParams_.Set("prettyPrint", "false")
  6674  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  6675  	urls += "?" + c.urlParams_.Encode()
  6676  	req, err := http.NewRequest("POST", urls, body)
  6677  	if err != nil {
  6678  		return nil, err
  6679  	}
  6680  	req.Header = reqHeaders
  6681  	googleapi.Expand(req.URL, map[string]string{
  6682  		"name": c.name,
  6683  	})
  6684  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6685  }
  6686  
  6687  // Do executes the "iam.locations.workforcePools.subjects.undelete" call.
  6688  // Any non-2xx status code is an error. Response headers are in either
  6689  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6690  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6691  // whether the returned error was because http.StatusNotModified was returned.
  6692  func (c *LocationsWorkforcePoolsSubjectsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6693  	gensupport.SetOptions(c.urlParams_, opts...)
  6694  	res, err := c.doRequest("json")
  6695  	if res != nil && res.StatusCode == http.StatusNotModified {
  6696  		if res.Body != nil {
  6697  			res.Body.Close()
  6698  		}
  6699  		return nil, gensupport.WrapError(&googleapi.Error{
  6700  			Code:   res.StatusCode,
  6701  			Header: res.Header,
  6702  		})
  6703  	}
  6704  	if err != nil {
  6705  		return nil, err
  6706  	}
  6707  	defer googleapi.CloseBody(res)
  6708  	if err := googleapi.CheckResponse(res); err != nil {
  6709  		return nil, gensupport.WrapError(err)
  6710  	}
  6711  	ret := &Operation{
  6712  		ServerResponse: googleapi.ServerResponse{
  6713  			Header:         res.Header,
  6714  			HTTPStatusCode: res.StatusCode,
  6715  		},
  6716  	}
  6717  	target := &ret
  6718  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6719  		return nil, err
  6720  	}
  6721  	return ret, nil
  6722  }
  6723  
  6724  type LocationsWorkforcePoolsSubjectsOperationsGetCall struct {
  6725  	s            *Service
  6726  	name         string
  6727  	urlParams_   gensupport.URLParams
  6728  	ifNoneMatch_ string
  6729  	ctx_         context.Context
  6730  	header_      http.Header
  6731  }
  6732  
  6733  // Get: Gets the latest state of a long-running operation. Clients can use this
  6734  // method to poll the operation result at intervals as recommended by the API
  6735  // service.
  6736  //
  6737  // - name: The name of the operation resource.
  6738  func (r *LocationsWorkforcePoolsSubjectsOperationsService) Get(name string) *LocationsWorkforcePoolsSubjectsOperationsGetCall {
  6739  	c := &LocationsWorkforcePoolsSubjectsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6740  	c.name = name
  6741  	return c
  6742  }
  6743  
  6744  // Fields allows partial responses to be retrieved. See
  6745  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6746  // details.
  6747  func (c *LocationsWorkforcePoolsSubjectsOperationsGetCall) Fields(s ...googleapi.Field) *LocationsWorkforcePoolsSubjectsOperationsGetCall {
  6748  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6749  	return c
  6750  }
  6751  
  6752  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6753  // object's ETag matches the given value. This is useful for getting updates
  6754  // only after the object has changed since the last request.
  6755  func (c *LocationsWorkforcePoolsSubjectsOperationsGetCall) IfNoneMatch(entityTag string) *LocationsWorkforcePoolsSubjectsOperationsGetCall {
  6756  	c.ifNoneMatch_ = entityTag
  6757  	return c
  6758  }
  6759  
  6760  // Context sets the context to be used in this call's Do method.
  6761  func (c *LocationsWorkforcePoolsSubjectsOperationsGetCall) Context(ctx context.Context) *LocationsWorkforcePoolsSubjectsOperationsGetCall {
  6762  	c.ctx_ = ctx
  6763  	return c
  6764  }
  6765  
  6766  // Header returns a http.Header that can be modified by the caller to add
  6767  // headers to the request.
  6768  func (c *LocationsWorkforcePoolsSubjectsOperationsGetCall) Header() http.Header {
  6769  	if c.header_ == nil {
  6770  		c.header_ = make(http.Header)
  6771  	}
  6772  	return c.header_
  6773  }
  6774  
  6775  func (c *LocationsWorkforcePoolsSubjectsOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  6776  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6777  	if c.ifNoneMatch_ != "" {
  6778  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6779  	}
  6780  	var body io.Reader = nil
  6781  	c.urlParams_.Set("alt", alt)
  6782  	c.urlParams_.Set("prettyPrint", "false")
  6783  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6784  	urls += "?" + c.urlParams_.Encode()
  6785  	req, err := http.NewRequest("GET", urls, body)
  6786  	if err != nil {
  6787  		return nil, err
  6788  	}
  6789  	req.Header = reqHeaders
  6790  	googleapi.Expand(req.URL, map[string]string{
  6791  		"name": c.name,
  6792  	})
  6793  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6794  }
  6795  
  6796  // Do executes the "iam.locations.workforcePools.subjects.operations.get" call.
  6797  // Any non-2xx status code is an error. Response headers are in either
  6798  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6799  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6800  // whether the returned error was because http.StatusNotModified was returned.
  6801  func (c *LocationsWorkforcePoolsSubjectsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6802  	gensupport.SetOptions(c.urlParams_, opts...)
  6803  	res, err := c.doRequest("json")
  6804  	if res != nil && res.StatusCode == http.StatusNotModified {
  6805  		if res.Body != nil {
  6806  			res.Body.Close()
  6807  		}
  6808  		return nil, gensupport.WrapError(&googleapi.Error{
  6809  			Code:   res.StatusCode,
  6810  			Header: res.Header,
  6811  		})
  6812  	}
  6813  	if err != nil {
  6814  		return nil, err
  6815  	}
  6816  	defer googleapi.CloseBody(res)
  6817  	if err := googleapi.CheckResponse(res); err != nil {
  6818  		return nil, gensupport.WrapError(err)
  6819  	}
  6820  	ret := &Operation{
  6821  		ServerResponse: googleapi.ServerResponse{
  6822  			Header:         res.Header,
  6823  			HTTPStatusCode: res.StatusCode,
  6824  		},
  6825  	}
  6826  	target := &ret
  6827  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6828  		return nil, err
  6829  	}
  6830  	return ret, nil
  6831  }
  6832  
  6833  type OrganizationsRolesCreateCall struct {
  6834  	s                 *Service
  6835  	parent            string
  6836  	createrolerequest *CreateRoleRequest
  6837  	urlParams_        gensupport.URLParams
  6838  	ctx_              context.Context
  6839  	header_           http.Header
  6840  }
  6841  
  6842  // Create: Creates a new custom Role.
  6843  //
  6844  //   - parent: The `parent` parameter's value depends on the target resource for
  6845  //     the request, namely `projects`
  6846  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
  6847  //     `organizations`
  6848  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
  6849  //     Each resource type's `parent` value format is described below: *
  6850  //     `projects.roles.create()`
  6851  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/create):
  6852  //     `projects/{PROJECT_ID}`. This method creates project-level custom roles
  6853  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
  6854  //     request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` *
  6855  //     `organizations.roles.create()`
  6856  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/create):
  6857  //     `organizations/{ORGANIZATION_ID}`. This method creates organization-level
  6858  //     custom roles
  6859  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
  6860  //     request URL:
  6861  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`
  6862  //     Note: Wildcard (*) values are invalid; you must specify a complete project
  6863  //     ID or organization ID.
  6864  func (r *OrganizationsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *OrganizationsRolesCreateCall {
  6865  	c := &OrganizationsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6866  	c.parent = parent
  6867  	c.createrolerequest = createrolerequest
  6868  	return c
  6869  }
  6870  
  6871  // Fields allows partial responses to be retrieved. See
  6872  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6873  // details.
  6874  func (c *OrganizationsRolesCreateCall) Fields(s ...googleapi.Field) *OrganizationsRolesCreateCall {
  6875  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6876  	return c
  6877  }
  6878  
  6879  // Context sets the context to be used in this call's Do method.
  6880  func (c *OrganizationsRolesCreateCall) Context(ctx context.Context) *OrganizationsRolesCreateCall {
  6881  	c.ctx_ = ctx
  6882  	return c
  6883  }
  6884  
  6885  // Header returns a http.Header that can be modified by the caller to add
  6886  // headers to the request.
  6887  func (c *OrganizationsRolesCreateCall) Header() http.Header {
  6888  	if c.header_ == nil {
  6889  		c.header_ = make(http.Header)
  6890  	}
  6891  	return c.header_
  6892  }
  6893  
  6894  func (c *OrganizationsRolesCreateCall) doRequest(alt string) (*http.Response, error) {
  6895  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6896  	var body io.Reader = nil
  6897  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest)
  6898  	if err != nil {
  6899  		return nil, err
  6900  	}
  6901  	c.urlParams_.Set("alt", alt)
  6902  	c.urlParams_.Set("prettyPrint", "false")
  6903  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles")
  6904  	urls += "?" + c.urlParams_.Encode()
  6905  	req, err := http.NewRequest("POST", urls, body)
  6906  	if err != nil {
  6907  		return nil, err
  6908  	}
  6909  	req.Header = reqHeaders
  6910  	googleapi.Expand(req.URL, map[string]string{
  6911  		"parent": c.parent,
  6912  	})
  6913  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6914  }
  6915  
  6916  // Do executes the "iam.organizations.roles.create" call.
  6917  // Any non-2xx status code is an error. Response headers are in either
  6918  // *Role.ServerResponse.Header or (if a response was returned at all) in
  6919  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6920  // whether the returned error was because http.StatusNotModified was returned.
  6921  func (c *OrganizationsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) {
  6922  	gensupport.SetOptions(c.urlParams_, opts...)
  6923  	res, err := c.doRequest("json")
  6924  	if res != nil && res.StatusCode == http.StatusNotModified {
  6925  		if res.Body != nil {
  6926  			res.Body.Close()
  6927  		}
  6928  		return nil, gensupport.WrapError(&googleapi.Error{
  6929  			Code:   res.StatusCode,
  6930  			Header: res.Header,
  6931  		})
  6932  	}
  6933  	if err != nil {
  6934  		return nil, err
  6935  	}
  6936  	defer googleapi.CloseBody(res)
  6937  	if err := googleapi.CheckResponse(res); err != nil {
  6938  		return nil, gensupport.WrapError(err)
  6939  	}
  6940  	ret := &Role{
  6941  		ServerResponse: googleapi.ServerResponse{
  6942  			Header:         res.Header,
  6943  			HTTPStatusCode: res.StatusCode,
  6944  		},
  6945  	}
  6946  	target := &ret
  6947  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6948  		return nil, err
  6949  	}
  6950  	return ret, nil
  6951  }
  6952  
  6953  type OrganizationsRolesDeleteCall struct {
  6954  	s          *Service
  6955  	name       string
  6956  	urlParams_ gensupport.URLParams
  6957  	ctx_       context.Context
  6958  	header_    http.Header
  6959  }
  6960  
  6961  // Delete: Deletes a custom Role. When you delete a custom role, the following
  6962  // changes occur immediately: * You cannot bind a principal to the custom role
  6963  // in an IAM Policy. * Existing bindings to the custom role are not changed,
  6964  // but they have no effect. * By default, the response from ListRoles does not
  6965  // include the custom role. You have 7 days to undelete the custom role. After
  6966  // 7 days, the following changes occur: * The custom role is permanently
  6967  // deleted and cannot be recovered. * If an IAM policy contains a binding to
  6968  // the custom role, the binding is permanently removed.
  6969  //
  6970  //   - name: The `name` parameter's value depends on the target resource for the
  6971  //     request, namely `projects`
  6972  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
  6973  //     `organizations`
  6974  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
  6975  //     Each resource type's `name` value format is described below: *
  6976  //     `projects.roles.delete()`
  6977  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/delete):
  6978  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only
  6979  //     custom roles
  6980  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  6981  //     been created at the project level. Example request URL:
  6982  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
  6983  //     ` * `organizations.roles.delete()`
  6984  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/delete):
  6985  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
  6986  //     deletes only custom roles
  6987  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  6988  //     been created at the organization level. Example request URL:
  6989  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
  6990  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
  6991  //     complete project ID or organization ID.
  6992  func (r *OrganizationsRolesService) Delete(name string) *OrganizationsRolesDeleteCall {
  6993  	c := &OrganizationsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6994  	c.name = name
  6995  	return c
  6996  }
  6997  
  6998  // Etag sets the optional parameter "etag": Used to perform a consistent
  6999  // read-modify-write.
  7000  func (c *OrganizationsRolesDeleteCall) Etag(etag string) *OrganizationsRolesDeleteCall {
  7001  	c.urlParams_.Set("etag", etag)
  7002  	return c
  7003  }
  7004  
  7005  // Fields allows partial responses to be retrieved. See
  7006  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7007  // details.
  7008  func (c *OrganizationsRolesDeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesDeleteCall {
  7009  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7010  	return c
  7011  }
  7012  
  7013  // Context sets the context to be used in this call's Do method.
  7014  func (c *OrganizationsRolesDeleteCall) Context(ctx context.Context) *OrganizationsRolesDeleteCall {
  7015  	c.ctx_ = ctx
  7016  	return c
  7017  }
  7018  
  7019  // Header returns a http.Header that can be modified by the caller to add
  7020  // headers to the request.
  7021  func (c *OrganizationsRolesDeleteCall) Header() http.Header {
  7022  	if c.header_ == nil {
  7023  		c.header_ = make(http.Header)
  7024  	}
  7025  	return c.header_
  7026  }
  7027  
  7028  func (c *OrganizationsRolesDeleteCall) doRequest(alt string) (*http.Response, error) {
  7029  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7030  	var body io.Reader = nil
  7031  	c.urlParams_.Set("alt", alt)
  7032  	c.urlParams_.Set("prettyPrint", "false")
  7033  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7034  	urls += "?" + c.urlParams_.Encode()
  7035  	req, err := http.NewRequest("DELETE", urls, body)
  7036  	if err != nil {
  7037  		return nil, err
  7038  	}
  7039  	req.Header = reqHeaders
  7040  	googleapi.Expand(req.URL, map[string]string{
  7041  		"name": c.name,
  7042  	})
  7043  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7044  }
  7045  
  7046  // Do executes the "iam.organizations.roles.delete" call.
  7047  // Any non-2xx status code is an error. Response headers are in either
  7048  // *Role.ServerResponse.Header or (if a response was returned at all) in
  7049  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7050  // whether the returned error was because http.StatusNotModified was returned.
  7051  func (c *OrganizationsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) {
  7052  	gensupport.SetOptions(c.urlParams_, opts...)
  7053  	res, err := c.doRequest("json")
  7054  	if res != nil && res.StatusCode == http.StatusNotModified {
  7055  		if res.Body != nil {
  7056  			res.Body.Close()
  7057  		}
  7058  		return nil, gensupport.WrapError(&googleapi.Error{
  7059  			Code:   res.StatusCode,
  7060  			Header: res.Header,
  7061  		})
  7062  	}
  7063  	if err != nil {
  7064  		return nil, err
  7065  	}
  7066  	defer googleapi.CloseBody(res)
  7067  	if err := googleapi.CheckResponse(res); err != nil {
  7068  		return nil, gensupport.WrapError(err)
  7069  	}
  7070  	ret := &Role{
  7071  		ServerResponse: googleapi.ServerResponse{
  7072  			Header:         res.Header,
  7073  			HTTPStatusCode: res.StatusCode,
  7074  		},
  7075  	}
  7076  	target := &ret
  7077  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7078  		return nil, err
  7079  	}
  7080  	return ret, nil
  7081  }
  7082  
  7083  type OrganizationsRolesGetCall struct {
  7084  	s            *Service
  7085  	name         string
  7086  	urlParams_   gensupport.URLParams
  7087  	ifNoneMatch_ string
  7088  	ctx_         context.Context
  7089  	header_      http.Header
  7090  }
  7091  
  7092  // Get: Gets the definition of a Role.
  7093  //
  7094  //   - name: The `name` parameter's value depends on the target resource for the
  7095  //     request, namely `roles`
  7096  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles), `projects`
  7097  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or
  7098  //     `organizations`
  7099  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
  7100  //     Each resource type's `name` value format is described below: *
  7101  //     `roles.get()`
  7102  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles/get):
  7103  //     `roles/{ROLE_NAME}`. This method returns results from all predefined roles
  7104  //     (https://cloud.google.com/iam/docs/understanding-roles#predefined_roles)
  7105  //     in IAM. Example request URL:
  7106  //     `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * `projects.roles.get()`
  7107  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/get):
  7108  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only
  7109  //     custom roles
  7110  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  7111  //     been created at the project level. Example request URL:
  7112  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
  7113  //     ` * `organizations.roles.get()`
  7114  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/get):
  7115  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
  7116  //     returns only custom roles
  7117  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  7118  //     been created at the organization level. Example request URL:
  7119  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
  7120  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
  7121  //     complete project ID or organization ID.
  7122  func (r *OrganizationsRolesService) Get(name string) *OrganizationsRolesGetCall {
  7123  	c := &OrganizationsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7124  	c.name = name
  7125  	return c
  7126  }
  7127  
  7128  // Fields allows partial responses to be retrieved. See
  7129  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7130  // details.
  7131  func (c *OrganizationsRolesGetCall) Fields(s ...googleapi.Field) *OrganizationsRolesGetCall {
  7132  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7133  	return c
  7134  }
  7135  
  7136  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  7137  // object's ETag matches the given value. This is useful for getting updates
  7138  // only after the object has changed since the last request.
  7139  func (c *OrganizationsRolesGetCall) IfNoneMatch(entityTag string) *OrganizationsRolesGetCall {
  7140  	c.ifNoneMatch_ = entityTag
  7141  	return c
  7142  }
  7143  
  7144  // Context sets the context to be used in this call's Do method.
  7145  func (c *OrganizationsRolesGetCall) Context(ctx context.Context) *OrganizationsRolesGetCall {
  7146  	c.ctx_ = ctx
  7147  	return c
  7148  }
  7149  
  7150  // Header returns a http.Header that can be modified by the caller to add
  7151  // headers to the request.
  7152  func (c *OrganizationsRolesGetCall) Header() http.Header {
  7153  	if c.header_ == nil {
  7154  		c.header_ = make(http.Header)
  7155  	}
  7156  	return c.header_
  7157  }
  7158  
  7159  func (c *OrganizationsRolesGetCall) doRequest(alt string) (*http.Response, error) {
  7160  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7161  	if c.ifNoneMatch_ != "" {
  7162  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  7163  	}
  7164  	var body io.Reader = nil
  7165  	c.urlParams_.Set("alt", alt)
  7166  	c.urlParams_.Set("prettyPrint", "false")
  7167  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7168  	urls += "?" + c.urlParams_.Encode()
  7169  	req, err := http.NewRequest("GET", urls, body)
  7170  	if err != nil {
  7171  		return nil, err
  7172  	}
  7173  	req.Header = reqHeaders
  7174  	googleapi.Expand(req.URL, map[string]string{
  7175  		"name": c.name,
  7176  	})
  7177  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7178  }
  7179  
  7180  // Do executes the "iam.organizations.roles.get" call.
  7181  // Any non-2xx status code is an error. Response headers are in either
  7182  // *Role.ServerResponse.Header or (if a response was returned at all) in
  7183  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7184  // whether the returned error was because http.StatusNotModified was returned.
  7185  func (c *OrganizationsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) {
  7186  	gensupport.SetOptions(c.urlParams_, opts...)
  7187  	res, err := c.doRequest("json")
  7188  	if res != nil && res.StatusCode == http.StatusNotModified {
  7189  		if res.Body != nil {
  7190  			res.Body.Close()
  7191  		}
  7192  		return nil, gensupport.WrapError(&googleapi.Error{
  7193  			Code:   res.StatusCode,
  7194  			Header: res.Header,
  7195  		})
  7196  	}
  7197  	if err != nil {
  7198  		return nil, err
  7199  	}
  7200  	defer googleapi.CloseBody(res)
  7201  	if err := googleapi.CheckResponse(res); err != nil {
  7202  		return nil, gensupport.WrapError(err)
  7203  	}
  7204  	ret := &Role{
  7205  		ServerResponse: googleapi.ServerResponse{
  7206  			Header:         res.Header,
  7207  			HTTPStatusCode: res.StatusCode,
  7208  		},
  7209  	}
  7210  	target := &ret
  7211  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7212  		return nil, err
  7213  	}
  7214  	return ret, nil
  7215  }
  7216  
  7217  type OrganizationsRolesListCall struct {
  7218  	s            *Service
  7219  	parent       string
  7220  	urlParams_   gensupport.URLParams
  7221  	ifNoneMatch_ string
  7222  	ctx_         context.Context
  7223  	header_      http.Header
  7224  }
  7225  
  7226  // List: Lists every predefined Role that IAM supports, or every custom role
  7227  // that is defined for an organization or project.
  7228  //
  7229  //   - parent: The `parent` parameter's value depends on the target resource for
  7230  //     the request, namely `roles`
  7231  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles), `projects`
  7232  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or
  7233  //     `organizations`
  7234  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
  7235  //     Each resource type's `parent` value format is described below: *
  7236  //     `roles.list()`
  7237  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles/list): An empty
  7238  //     string. This method doesn't require a resource; it simply returns all
  7239  //     predefined roles
  7240  //     (https://cloud.google.com/iam/docs/understanding-roles#predefined_roles)
  7241  //     in IAM. Example request URL: `https://iam.googleapis.com/v1/roles` *
  7242  //     `projects.roles.list()`
  7243  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/list):
  7244  //     `projects/{PROJECT_ID}`. This method lists all project-level custom roles
  7245  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
  7246  //     request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` *
  7247  //     `organizations.roles.list()`
  7248  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/list):
  7249  //     `organizations/{ORGANIZATION_ID}`. This method lists all
  7250  //     organization-level custom roles
  7251  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
  7252  //     request URL:
  7253  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`
  7254  //     Note: Wildcard (*) values are invalid; you must specify a complete project
  7255  //     ID or organization ID.
  7256  func (r *OrganizationsRolesService) List(parent string) *OrganizationsRolesListCall {
  7257  	c := &OrganizationsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7258  	c.parent = parent
  7259  	return c
  7260  }
  7261  
  7262  // PageSize sets the optional parameter "pageSize": Optional limit on the
  7263  // number of roles to include in the response. The default is 300, and the
  7264  // maximum is 1,000.
  7265  func (c *OrganizationsRolesListCall) PageSize(pageSize int64) *OrganizationsRolesListCall {
  7266  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  7267  	return c
  7268  }
  7269  
  7270  // PageToken sets the optional parameter "pageToken": Optional pagination token
  7271  // returned in an earlier ListRolesResponse.
  7272  func (c *OrganizationsRolesListCall) PageToken(pageToken string) *OrganizationsRolesListCall {
  7273  	c.urlParams_.Set("pageToken", pageToken)
  7274  	return c
  7275  }
  7276  
  7277  // ShowDeleted sets the optional parameter "showDeleted": Include Roles that
  7278  // have been deleted.
  7279  func (c *OrganizationsRolesListCall) ShowDeleted(showDeleted bool) *OrganizationsRolesListCall {
  7280  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
  7281  	return c
  7282  }
  7283  
  7284  // View sets the optional parameter "view": Optional view for the returned Role
  7285  // objects. When `FULL` is specified, the `includedPermissions` field is
  7286  // returned, which includes a list of all permissions in the role. The default
  7287  // value is `BASIC`, which does not return the `includedPermissions` field.
  7288  //
  7289  // Possible values:
  7290  //
  7291  //	"BASIC" - Omits the `included_permissions` field. This is the default
  7292  //
  7293  // value.
  7294  //
  7295  //	"FULL" - Returns all fields.
  7296  func (c *OrganizationsRolesListCall) View(view string) *OrganizationsRolesListCall {
  7297  	c.urlParams_.Set("view", view)
  7298  	return c
  7299  }
  7300  
  7301  // Fields allows partial responses to be retrieved. See
  7302  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7303  // details.
  7304  func (c *OrganizationsRolesListCall) Fields(s ...googleapi.Field) *OrganizationsRolesListCall {
  7305  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7306  	return c
  7307  }
  7308  
  7309  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  7310  // object's ETag matches the given value. This is useful for getting updates
  7311  // only after the object has changed since the last request.
  7312  func (c *OrganizationsRolesListCall) IfNoneMatch(entityTag string) *OrganizationsRolesListCall {
  7313  	c.ifNoneMatch_ = entityTag
  7314  	return c
  7315  }
  7316  
  7317  // Context sets the context to be used in this call's Do method.
  7318  func (c *OrganizationsRolesListCall) Context(ctx context.Context) *OrganizationsRolesListCall {
  7319  	c.ctx_ = ctx
  7320  	return c
  7321  }
  7322  
  7323  // Header returns a http.Header that can be modified by the caller to add
  7324  // headers to the request.
  7325  func (c *OrganizationsRolesListCall) Header() http.Header {
  7326  	if c.header_ == nil {
  7327  		c.header_ = make(http.Header)
  7328  	}
  7329  	return c.header_
  7330  }
  7331  
  7332  func (c *OrganizationsRolesListCall) doRequest(alt string) (*http.Response, error) {
  7333  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7334  	if c.ifNoneMatch_ != "" {
  7335  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  7336  	}
  7337  	var body io.Reader = nil
  7338  	c.urlParams_.Set("alt", alt)
  7339  	c.urlParams_.Set("prettyPrint", "false")
  7340  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles")
  7341  	urls += "?" + c.urlParams_.Encode()
  7342  	req, err := http.NewRequest("GET", urls, body)
  7343  	if err != nil {
  7344  		return nil, err
  7345  	}
  7346  	req.Header = reqHeaders
  7347  	googleapi.Expand(req.URL, map[string]string{
  7348  		"parent": c.parent,
  7349  	})
  7350  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7351  }
  7352  
  7353  // Do executes the "iam.organizations.roles.list" call.
  7354  // Any non-2xx status code is an error. Response headers are in either
  7355  // *ListRolesResponse.ServerResponse.Header or (if a response was returned at
  7356  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  7357  // check whether the returned error was because http.StatusNotModified was
  7358  // returned.
  7359  func (c *OrganizationsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) {
  7360  	gensupport.SetOptions(c.urlParams_, opts...)
  7361  	res, err := c.doRequest("json")
  7362  	if res != nil && res.StatusCode == http.StatusNotModified {
  7363  		if res.Body != nil {
  7364  			res.Body.Close()
  7365  		}
  7366  		return nil, gensupport.WrapError(&googleapi.Error{
  7367  			Code:   res.StatusCode,
  7368  			Header: res.Header,
  7369  		})
  7370  	}
  7371  	if err != nil {
  7372  		return nil, err
  7373  	}
  7374  	defer googleapi.CloseBody(res)
  7375  	if err := googleapi.CheckResponse(res); err != nil {
  7376  		return nil, gensupport.WrapError(err)
  7377  	}
  7378  	ret := &ListRolesResponse{
  7379  		ServerResponse: googleapi.ServerResponse{
  7380  			Header:         res.Header,
  7381  			HTTPStatusCode: res.StatusCode,
  7382  		},
  7383  	}
  7384  	target := &ret
  7385  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7386  		return nil, err
  7387  	}
  7388  	return ret, nil
  7389  }
  7390  
  7391  // Pages invokes f for each page of results.
  7392  // A non-nil error returned from f will halt the iteration.
  7393  // The provided context supersedes any context provided to the Context method.
  7394  func (c *OrganizationsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error {
  7395  	c.ctx_ = ctx
  7396  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  7397  	for {
  7398  		x, err := c.Do()
  7399  		if err != nil {
  7400  			return err
  7401  		}
  7402  		if err := f(x); err != nil {
  7403  			return err
  7404  		}
  7405  		if x.NextPageToken == "" {
  7406  			return nil
  7407  		}
  7408  		c.PageToken(x.NextPageToken)
  7409  	}
  7410  }
  7411  
  7412  type OrganizationsRolesPatchCall struct {
  7413  	s          *Service
  7414  	name       string
  7415  	role       *Role
  7416  	urlParams_ gensupport.URLParams
  7417  	ctx_       context.Context
  7418  	header_    http.Header
  7419  }
  7420  
  7421  // Patch: Updates the definition of a custom Role.
  7422  //
  7423  //   - name: The `name` parameter's value depends on the target resource for the
  7424  //     request, namely `projects`
  7425  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
  7426  //     `organizations`
  7427  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
  7428  //     Each resource type's `name` value format is described below: *
  7429  //     `projects.roles.patch()`
  7430  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/patch):
  7431  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only
  7432  //     custom roles
  7433  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  7434  //     been created at the project level. Example request URL:
  7435  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
  7436  //     ` * `organizations.roles.patch()`
  7437  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/patch):
  7438  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
  7439  //     updates only custom roles
  7440  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  7441  //     been created at the organization level. Example request URL:
  7442  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
  7443  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
  7444  //     complete project ID or organization ID.
  7445  func (r *OrganizationsRolesService) Patch(name string, role *Role) *OrganizationsRolesPatchCall {
  7446  	c := &OrganizationsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7447  	c.name = name
  7448  	c.role = role
  7449  	return c
  7450  }
  7451  
  7452  // UpdateMask sets the optional parameter "updateMask": A mask describing which
  7453  // fields in the Role have changed.
  7454  func (c *OrganizationsRolesPatchCall) UpdateMask(updateMask string) *OrganizationsRolesPatchCall {
  7455  	c.urlParams_.Set("updateMask", updateMask)
  7456  	return c
  7457  }
  7458  
  7459  // Fields allows partial responses to be retrieved. See
  7460  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7461  // details.
  7462  func (c *OrganizationsRolesPatchCall) Fields(s ...googleapi.Field) *OrganizationsRolesPatchCall {
  7463  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7464  	return c
  7465  }
  7466  
  7467  // Context sets the context to be used in this call's Do method.
  7468  func (c *OrganizationsRolesPatchCall) Context(ctx context.Context) *OrganizationsRolesPatchCall {
  7469  	c.ctx_ = ctx
  7470  	return c
  7471  }
  7472  
  7473  // Header returns a http.Header that can be modified by the caller to add
  7474  // headers to the request.
  7475  func (c *OrganizationsRolesPatchCall) Header() http.Header {
  7476  	if c.header_ == nil {
  7477  		c.header_ = make(http.Header)
  7478  	}
  7479  	return c.header_
  7480  }
  7481  
  7482  func (c *OrganizationsRolesPatchCall) doRequest(alt string) (*http.Response, error) {
  7483  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7484  	var body io.Reader = nil
  7485  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.role)
  7486  	if err != nil {
  7487  		return nil, err
  7488  	}
  7489  	c.urlParams_.Set("alt", alt)
  7490  	c.urlParams_.Set("prettyPrint", "false")
  7491  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7492  	urls += "?" + c.urlParams_.Encode()
  7493  	req, err := http.NewRequest("PATCH", urls, body)
  7494  	if err != nil {
  7495  		return nil, err
  7496  	}
  7497  	req.Header = reqHeaders
  7498  	googleapi.Expand(req.URL, map[string]string{
  7499  		"name": c.name,
  7500  	})
  7501  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7502  }
  7503  
  7504  // Do executes the "iam.organizations.roles.patch" call.
  7505  // Any non-2xx status code is an error. Response headers are in either
  7506  // *Role.ServerResponse.Header or (if a response was returned at all) in
  7507  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7508  // whether the returned error was because http.StatusNotModified was returned.
  7509  func (c *OrganizationsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) {
  7510  	gensupport.SetOptions(c.urlParams_, opts...)
  7511  	res, err := c.doRequest("json")
  7512  	if res != nil && res.StatusCode == http.StatusNotModified {
  7513  		if res.Body != nil {
  7514  			res.Body.Close()
  7515  		}
  7516  		return nil, gensupport.WrapError(&googleapi.Error{
  7517  			Code:   res.StatusCode,
  7518  			Header: res.Header,
  7519  		})
  7520  	}
  7521  	if err != nil {
  7522  		return nil, err
  7523  	}
  7524  	defer googleapi.CloseBody(res)
  7525  	if err := googleapi.CheckResponse(res); err != nil {
  7526  		return nil, gensupport.WrapError(err)
  7527  	}
  7528  	ret := &Role{
  7529  		ServerResponse: googleapi.ServerResponse{
  7530  			Header:         res.Header,
  7531  			HTTPStatusCode: res.StatusCode,
  7532  		},
  7533  	}
  7534  	target := &ret
  7535  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7536  		return nil, err
  7537  	}
  7538  	return ret, nil
  7539  }
  7540  
  7541  type OrganizationsRolesUndeleteCall struct {
  7542  	s                   *Service
  7543  	name                string
  7544  	undeleterolerequest *UndeleteRoleRequest
  7545  	urlParams_          gensupport.URLParams
  7546  	ctx_                context.Context
  7547  	header_             http.Header
  7548  }
  7549  
  7550  // Undelete: Undeletes a custom Role.
  7551  //
  7552  //   - name: The `name` parameter's value depends on the target resource for the
  7553  //     request, namely `projects`
  7554  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
  7555  //     `organizations`
  7556  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
  7557  //     Each resource type's `name` value format is described below: *
  7558  //     `projects.roles.undelete()`
  7559  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/undelete):
  7560  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only
  7561  //     custom roles
  7562  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  7563  //     been created at the project level. Example request URL:
  7564  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
  7565  //     ` * `organizations.roles.undelete()`
  7566  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/undelete):
  7567  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
  7568  //     undeletes only custom roles
  7569  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
  7570  //     been created at the organization level. Example request URL:
  7571  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
  7572  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
  7573  //     complete project ID or organization ID.
  7574  func (r *OrganizationsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *OrganizationsRolesUndeleteCall {
  7575  	c := &OrganizationsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7576  	c.name = name
  7577  	c.undeleterolerequest = undeleterolerequest
  7578  	return c
  7579  }
  7580  
  7581  // Fields allows partial responses to be retrieved. See
  7582  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7583  // details.
  7584  func (c *OrganizationsRolesUndeleteCall) Fields(s ...googleapi.Field) *OrganizationsRolesUndeleteCall {
  7585  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7586  	return c
  7587  }
  7588  
  7589  // Context sets the context to be used in this call's Do method.
  7590  func (c *OrganizationsRolesUndeleteCall) Context(ctx context.Context) *OrganizationsRolesUndeleteCall {
  7591  	c.ctx_ = ctx
  7592  	return c
  7593  }
  7594  
  7595  // Header returns a http.Header that can be modified by the caller to add
  7596  // headers to the request.
  7597  func (c *OrganizationsRolesUndeleteCall) Header() http.Header {
  7598  	if c.header_ == nil {
  7599  		c.header_ = make(http.Header)
  7600  	}
  7601  	return c.header_
  7602  }
  7603  
  7604  func (c *OrganizationsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) {
  7605  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7606  	var body io.Reader = nil
  7607  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest)
  7608  	if err != nil {
  7609  		return nil, err
  7610  	}
  7611  	c.urlParams_.Set("alt", alt)
  7612  	c.urlParams_.Set("prettyPrint", "false")
  7613  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  7614  	urls += "?" + c.urlParams_.Encode()
  7615  	req, err := http.NewRequest("POST", urls, body)
  7616  	if err != nil {
  7617  		return nil, err
  7618  	}
  7619  	req.Header = reqHeaders
  7620  	googleapi.Expand(req.URL, map[string]string{
  7621  		"name": c.name,
  7622  	})
  7623  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7624  }
  7625  
  7626  // Do executes the "iam.organizations.roles.undelete" call.
  7627  // Any non-2xx status code is an error. Response headers are in either
  7628  // *Role.ServerResponse.Header or (if a response was returned at all) in
  7629  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7630  // whether the returned error was because http.StatusNotModified was returned.
  7631  func (c *OrganizationsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) {
  7632  	gensupport.SetOptions(c.urlParams_, opts...)
  7633  	res, err := c.doRequest("json")
  7634  	if res != nil && res.StatusCode == http.StatusNotModified {
  7635  		if res.Body != nil {
  7636  			res.Body.Close()
  7637  		}
  7638  		return nil, gensupport.WrapError(&googleapi.Error{
  7639  			Code:   res.StatusCode,
  7640  			Header: res.Header,
  7641  		})
  7642  	}
  7643  	if err != nil {
  7644  		return nil, err
  7645  	}
  7646  	defer googleapi.CloseBody(res)
  7647  	if err := googleapi.CheckResponse(res); err != nil {
  7648  		return nil, gensupport.WrapError(err)
  7649  	}
  7650  	ret := &Role{
  7651  		ServerResponse: googleapi.ServerResponse{
  7652  			Header:         res.Header,
  7653  			HTTPStatusCode: res.StatusCode,
  7654  		},
  7655  	}
  7656  	target := &ret
  7657  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7658  		return nil, err
  7659  	}
  7660  	return ret, nil
  7661  }
  7662  
  7663  type PermissionsQueryTestablePermissionsCall struct {
  7664  	s                               *Service
  7665  	querytestablepermissionsrequest *QueryTestablePermissionsRequest
  7666  	urlParams_                      gensupport.URLParams
  7667  	ctx_                            context.Context
  7668  	header_                         http.Header
  7669  }
  7670  
  7671  // QueryTestablePermissions: Lists every permission that you can test on a
  7672  // resource. A permission is testable if you can check whether a principal has
  7673  // that permission on the resource.
  7674  func (r *PermissionsService) QueryTestablePermissions(querytestablepermissionsrequest *QueryTestablePermissionsRequest) *PermissionsQueryTestablePermissionsCall {
  7675  	c := &PermissionsQueryTestablePermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7676  	c.querytestablepermissionsrequest = querytestablepermissionsrequest
  7677  	return c
  7678  }
  7679  
  7680  // Fields allows partial responses to be retrieved. See
  7681  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7682  // details.
  7683  func (c *PermissionsQueryTestablePermissionsCall) Fields(s ...googleapi.Field) *PermissionsQueryTestablePermissionsCall {
  7684  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7685  	return c
  7686  }
  7687  
  7688  // Context sets the context to be used in this call's Do method.
  7689  func (c *PermissionsQueryTestablePermissionsCall) Context(ctx context.Context) *PermissionsQueryTestablePermissionsCall {
  7690  	c.ctx_ = ctx
  7691  	return c
  7692  }
  7693  
  7694  // Header returns a http.Header that can be modified by the caller to add
  7695  // headers to the request.
  7696  func (c *PermissionsQueryTestablePermissionsCall) Header() http.Header {
  7697  	if c.header_ == nil {
  7698  		c.header_ = make(http.Header)
  7699  	}
  7700  	return c.header_
  7701  }
  7702  
  7703  func (c *PermissionsQueryTestablePermissionsCall) doRequest(alt string) (*http.Response, error) {
  7704  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7705  	var body io.Reader = nil
  7706  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.querytestablepermissionsrequest)
  7707  	if err != nil {
  7708  		return nil, err
  7709  	}
  7710  	c.urlParams_.Set("alt", alt)
  7711  	c.urlParams_.Set("prettyPrint", "false")
  7712  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/permissions:queryTestablePermissions")
  7713  	urls += "?" + c.urlParams_.Encode()
  7714  	req, err := http.NewRequest("POST", urls, body)
  7715  	if err != nil {
  7716  		return nil, err
  7717  	}
  7718  	req.Header = reqHeaders
  7719  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7720  }
  7721  
  7722  // Do executes the "iam.permissions.queryTestablePermissions" call.
  7723  // Any non-2xx status code is an error. Response headers are in either
  7724  // *QueryTestablePermissionsResponse.ServerResponse.Header or (if a response
  7725  // was returned at all) in error.(*googleapi.Error).Header. Use
  7726  // googleapi.IsNotModified to check whether the returned error was because
  7727  // http.StatusNotModified was returned.
  7728  func (c *PermissionsQueryTestablePermissionsCall) Do(opts ...googleapi.CallOption) (*QueryTestablePermissionsResponse, error) {
  7729  	gensupport.SetOptions(c.urlParams_, opts...)
  7730  	res, err := c.doRequest("json")
  7731  	if res != nil && res.StatusCode == http.StatusNotModified {
  7732  		if res.Body != nil {
  7733  			res.Body.Close()
  7734  		}
  7735  		return nil, gensupport.WrapError(&googleapi.Error{
  7736  			Code:   res.StatusCode,
  7737  			Header: res.Header,
  7738  		})
  7739  	}
  7740  	if err != nil {
  7741  		return nil, err
  7742  	}
  7743  	defer googleapi.CloseBody(res)
  7744  	if err := googleapi.CheckResponse(res); err != nil {
  7745  		return nil, gensupport.WrapError(err)
  7746  	}
  7747  	ret := &QueryTestablePermissionsResponse{
  7748  		ServerResponse: googleapi.ServerResponse{
  7749  			Header:         res.Header,
  7750  			HTTPStatusCode: res.StatusCode,
  7751  		},
  7752  	}
  7753  	target := &ret
  7754  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7755  		return nil, err
  7756  	}
  7757  	return ret, nil
  7758  }
  7759  
  7760  // Pages invokes f for each page of results.
  7761  // A non-nil error returned from f will halt the iteration.
  7762  // The provided context supersedes any context provided to the Context method.
  7763  func (c *PermissionsQueryTestablePermissionsCall) Pages(ctx context.Context, f func(*QueryTestablePermissionsResponse) error) error {
  7764  	c.ctx_ = ctx
  7765  	defer func(pt string) { c.querytestablepermissionsrequest.PageToken = pt }(c.querytestablepermissionsrequest.PageToken)
  7766  	for {
  7767  		x, err := c.Do()
  7768  		if err != nil {
  7769  			return err
  7770  		}
  7771  		if err := f(x); err != nil {
  7772  			return err
  7773  		}
  7774  		if x.NextPageToken == "" {
  7775  			return nil
  7776  		}
  7777  		c.querytestablepermissionsrequest.PageToken = x.NextPageToken
  7778  	}
  7779  }
  7780  
  7781  type ProjectsLocationsOauthClientsCreateCall struct {
  7782  	s           *Service
  7783  	parent      string
  7784  	oauthclient *OauthClient
  7785  	urlParams_  gensupport.URLParams
  7786  	ctx_        context.Context
  7787  	header_     http.Header
  7788  }
  7789  
  7790  // Create: Creates a new OauthClient. You cannot reuse the name of a deleted
  7791  // oauth client until 30 days after deletion.
  7792  //
  7793  //   - parent: The parent resource to create the oauth client in. The only
  7794  //     supported location is `global`.
  7795  func (r *ProjectsLocationsOauthClientsService) Create(parent string, oauthclient *OauthClient) *ProjectsLocationsOauthClientsCreateCall {
  7796  	c := &ProjectsLocationsOauthClientsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7797  	c.parent = parent
  7798  	c.oauthclient = oauthclient
  7799  	return c
  7800  }
  7801  
  7802  // OauthClientId sets the optional parameter "oauthClientId": Required. The ID
  7803  // to use for the oauth client, which becomes the final component of the
  7804  // resource name. This value should be a string of 6 to 63 lowercase letters,
  7805  // digits, or hyphens. It must start with a letter, and cannot have a trailing
  7806  // hyphen. The prefix `gcp-` is reserved for use by Google, and may not be
  7807  // specified.
  7808  func (c *ProjectsLocationsOauthClientsCreateCall) OauthClientId(oauthClientId string) *ProjectsLocationsOauthClientsCreateCall {
  7809  	c.urlParams_.Set("oauthClientId", oauthClientId)
  7810  	return c
  7811  }
  7812  
  7813  // Fields allows partial responses to be retrieved. See
  7814  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7815  // details.
  7816  func (c *ProjectsLocationsOauthClientsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsCreateCall {
  7817  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7818  	return c
  7819  }
  7820  
  7821  // Context sets the context to be used in this call's Do method.
  7822  func (c *ProjectsLocationsOauthClientsCreateCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsCreateCall {
  7823  	c.ctx_ = ctx
  7824  	return c
  7825  }
  7826  
  7827  // Header returns a http.Header that can be modified by the caller to add
  7828  // headers to the request.
  7829  func (c *ProjectsLocationsOauthClientsCreateCall) Header() http.Header {
  7830  	if c.header_ == nil {
  7831  		c.header_ = make(http.Header)
  7832  	}
  7833  	return c.header_
  7834  }
  7835  
  7836  func (c *ProjectsLocationsOauthClientsCreateCall) doRequest(alt string) (*http.Response, error) {
  7837  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7838  	var body io.Reader = nil
  7839  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.oauthclient)
  7840  	if err != nil {
  7841  		return nil, err
  7842  	}
  7843  	c.urlParams_.Set("alt", alt)
  7844  	c.urlParams_.Set("prettyPrint", "false")
  7845  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/oauthClients")
  7846  	urls += "?" + c.urlParams_.Encode()
  7847  	req, err := http.NewRequest("POST", urls, body)
  7848  	if err != nil {
  7849  		return nil, err
  7850  	}
  7851  	req.Header = reqHeaders
  7852  	googleapi.Expand(req.URL, map[string]string{
  7853  		"parent": c.parent,
  7854  	})
  7855  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7856  }
  7857  
  7858  // Do executes the "iam.projects.locations.oauthClients.create" call.
  7859  // Any non-2xx status code is an error. Response headers are in either
  7860  // *OauthClient.ServerResponse.Header or (if a response was returned at all) in
  7861  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7862  // whether the returned error was because http.StatusNotModified was returned.
  7863  func (c *ProjectsLocationsOauthClientsCreateCall) Do(opts ...googleapi.CallOption) (*OauthClient, error) {
  7864  	gensupport.SetOptions(c.urlParams_, opts...)
  7865  	res, err := c.doRequest("json")
  7866  	if res != nil && res.StatusCode == http.StatusNotModified {
  7867  		if res.Body != nil {
  7868  			res.Body.Close()
  7869  		}
  7870  		return nil, gensupport.WrapError(&googleapi.Error{
  7871  			Code:   res.StatusCode,
  7872  			Header: res.Header,
  7873  		})
  7874  	}
  7875  	if err != nil {
  7876  		return nil, err
  7877  	}
  7878  	defer googleapi.CloseBody(res)
  7879  	if err := googleapi.CheckResponse(res); err != nil {
  7880  		return nil, gensupport.WrapError(err)
  7881  	}
  7882  	ret := &OauthClient{
  7883  		ServerResponse: googleapi.ServerResponse{
  7884  			Header:         res.Header,
  7885  			HTTPStatusCode: res.StatusCode,
  7886  		},
  7887  	}
  7888  	target := &ret
  7889  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7890  		return nil, err
  7891  	}
  7892  	return ret, nil
  7893  }
  7894  
  7895  type ProjectsLocationsOauthClientsDeleteCall struct {
  7896  	s          *Service
  7897  	name       string
  7898  	urlParams_ gensupport.URLParams
  7899  	ctx_       context.Context
  7900  	header_    http.Header
  7901  }
  7902  
  7903  // Delete: Deletes a OauthClient. You cannot use a deleted oauth client.
  7904  // However, deletion does not revoke access tokens that have already been
  7905  // issued; they continue to grant access. Deletion does revoke refresh tokens
  7906  // that have already been issued; They cannot be used to renew an access token.
  7907  // If the oauth client is undeleted, and the refresh tokens are not expired,
  7908  // they are valid for token exchange again. You can undelete an oauth client
  7909  // for 30 days. After 30 days, deletion is permanent. You cannot update deleted
  7910  // oauth clients. However, you can view and list them.
  7911  //
  7912  //   - name: The name of the oauth client to delete. Format:
  7913  //     `projects/{project}/locations/{location}/oauthClients/{oauth_client}`.
  7914  func (r *ProjectsLocationsOauthClientsService) Delete(name string) *ProjectsLocationsOauthClientsDeleteCall {
  7915  	c := &ProjectsLocationsOauthClientsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7916  	c.name = name
  7917  	return c
  7918  }
  7919  
  7920  // Fields allows partial responses to be retrieved. See
  7921  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7922  // details.
  7923  func (c *ProjectsLocationsOauthClientsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsDeleteCall {
  7924  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7925  	return c
  7926  }
  7927  
  7928  // Context sets the context to be used in this call's Do method.
  7929  func (c *ProjectsLocationsOauthClientsDeleteCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsDeleteCall {
  7930  	c.ctx_ = ctx
  7931  	return c
  7932  }
  7933  
  7934  // Header returns a http.Header that can be modified by the caller to add
  7935  // headers to the request.
  7936  func (c *ProjectsLocationsOauthClientsDeleteCall) Header() http.Header {
  7937  	if c.header_ == nil {
  7938  		c.header_ = make(http.Header)
  7939  	}
  7940  	return c.header_
  7941  }
  7942  
  7943  func (c *ProjectsLocationsOauthClientsDeleteCall) doRequest(alt string) (*http.Response, error) {
  7944  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7945  	var body io.Reader = nil
  7946  	c.urlParams_.Set("alt", alt)
  7947  	c.urlParams_.Set("prettyPrint", "false")
  7948  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7949  	urls += "?" + c.urlParams_.Encode()
  7950  	req, err := http.NewRequest("DELETE", urls, body)
  7951  	if err != nil {
  7952  		return nil, err
  7953  	}
  7954  	req.Header = reqHeaders
  7955  	googleapi.Expand(req.URL, map[string]string{
  7956  		"name": c.name,
  7957  	})
  7958  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7959  }
  7960  
  7961  // Do executes the "iam.projects.locations.oauthClients.delete" call.
  7962  // Any non-2xx status code is an error. Response headers are in either
  7963  // *OauthClient.ServerResponse.Header or (if a response was returned at all) in
  7964  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7965  // whether the returned error was because http.StatusNotModified was returned.
  7966  func (c *ProjectsLocationsOauthClientsDeleteCall) Do(opts ...googleapi.CallOption) (*OauthClient, error) {
  7967  	gensupport.SetOptions(c.urlParams_, opts...)
  7968  	res, err := c.doRequest("json")
  7969  	if res != nil && res.StatusCode == http.StatusNotModified {
  7970  		if res.Body != nil {
  7971  			res.Body.Close()
  7972  		}
  7973  		return nil, gensupport.WrapError(&googleapi.Error{
  7974  			Code:   res.StatusCode,
  7975  			Header: res.Header,
  7976  		})
  7977  	}
  7978  	if err != nil {
  7979  		return nil, err
  7980  	}
  7981  	defer googleapi.CloseBody(res)
  7982  	if err := googleapi.CheckResponse(res); err != nil {
  7983  		return nil, gensupport.WrapError(err)
  7984  	}
  7985  	ret := &OauthClient{
  7986  		ServerResponse: googleapi.ServerResponse{
  7987  			Header:         res.Header,
  7988  			HTTPStatusCode: res.StatusCode,
  7989  		},
  7990  	}
  7991  	target := &ret
  7992  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7993  		return nil, err
  7994  	}
  7995  	return ret, nil
  7996  }
  7997  
  7998  type ProjectsLocationsOauthClientsGetCall struct {
  7999  	s            *Service
  8000  	name         string
  8001  	urlParams_   gensupport.URLParams
  8002  	ifNoneMatch_ string
  8003  	ctx_         context.Context
  8004  	header_      http.Header
  8005  }
  8006  
  8007  // Get: Gets an individual OauthClient.
  8008  //
  8009  //   - name: The name of the oauth client to retrieve. Format:
  8010  //     `projects/{project}/locations/{location}/oauthClients/{oauth_client}`.
  8011  func (r *ProjectsLocationsOauthClientsService) Get(name string) *ProjectsLocationsOauthClientsGetCall {
  8012  	c := &ProjectsLocationsOauthClientsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8013  	c.name = name
  8014  	return c
  8015  }
  8016  
  8017  // Fields allows partial responses to be retrieved. See
  8018  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8019  // details.
  8020  func (c *ProjectsLocationsOauthClientsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsGetCall {
  8021  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8022  	return c
  8023  }
  8024  
  8025  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  8026  // object's ETag matches the given value. This is useful for getting updates
  8027  // only after the object has changed since the last request.
  8028  func (c *ProjectsLocationsOauthClientsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsOauthClientsGetCall {
  8029  	c.ifNoneMatch_ = entityTag
  8030  	return c
  8031  }
  8032  
  8033  // Context sets the context to be used in this call's Do method.
  8034  func (c *ProjectsLocationsOauthClientsGetCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsGetCall {
  8035  	c.ctx_ = ctx
  8036  	return c
  8037  }
  8038  
  8039  // Header returns a http.Header that can be modified by the caller to add
  8040  // headers to the request.
  8041  func (c *ProjectsLocationsOauthClientsGetCall) Header() http.Header {
  8042  	if c.header_ == nil {
  8043  		c.header_ = make(http.Header)
  8044  	}
  8045  	return c.header_
  8046  }
  8047  
  8048  func (c *ProjectsLocationsOauthClientsGetCall) doRequest(alt string) (*http.Response, error) {
  8049  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8050  	if c.ifNoneMatch_ != "" {
  8051  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  8052  	}
  8053  	var body io.Reader = nil
  8054  	c.urlParams_.Set("alt", alt)
  8055  	c.urlParams_.Set("prettyPrint", "false")
  8056  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  8057  	urls += "?" + c.urlParams_.Encode()
  8058  	req, err := http.NewRequest("GET", urls, body)
  8059  	if err != nil {
  8060  		return nil, err
  8061  	}
  8062  	req.Header = reqHeaders
  8063  	googleapi.Expand(req.URL, map[string]string{
  8064  		"name": c.name,
  8065  	})
  8066  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8067  }
  8068  
  8069  // Do executes the "iam.projects.locations.oauthClients.get" call.
  8070  // Any non-2xx status code is an error. Response headers are in either
  8071  // *OauthClient.ServerResponse.Header or (if a response was returned at all) in
  8072  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  8073  // whether the returned error was because http.StatusNotModified was returned.
  8074  func (c *ProjectsLocationsOauthClientsGetCall) Do(opts ...googleapi.CallOption) (*OauthClient, error) {
  8075  	gensupport.SetOptions(c.urlParams_, opts...)
  8076  	res, err := c.doRequest("json")
  8077  	if res != nil && res.StatusCode == http.StatusNotModified {
  8078  		if res.Body != nil {
  8079  			res.Body.Close()
  8080  		}
  8081  		return nil, gensupport.WrapError(&googleapi.Error{
  8082  			Code:   res.StatusCode,
  8083  			Header: res.Header,
  8084  		})
  8085  	}
  8086  	if err != nil {
  8087  		return nil, err
  8088  	}
  8089  	defer googleapi.CloseBody(res)
  8090  	if err := googleapi.CheckResponse(res); err != nil {
  8091  		return nil, gensupport.WrapError(err)
  8092  	}
  8093  	ret := &OauthClient{
  8094  		ServerResponse: googleapi.ServerResponse{
  8095  			Header:         res.Header,
  8096  			HTTPStatusCode: res.StatusCode,
  8097  		},
  8098  	}
  8099  	target := &ret
  8100  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8101  		return nil, err
  8102  	}
  8103  	return ret, nil
  8104  }
  8105  
  8106  type ProjectsLocationsOauthClientsListCall struct {
  8107  	s            *Service
  8108  	parent       string
  8109  	urlParams_   gensupport.URLParams
  8110  	ifNoneMatch_ string
  8111  	ctx_         context.Context
  8112  	header_      http.Header
  8113  }
  8114  
  8115  // List: Lists all non-deleted OauthClientss in a project. If `show_deleted` is
  8116  // set to `true`, then deleted oauth clients are also listed.
  8117  //
  8118  // - parent: The parent to list oauth clients for.
  8119  func (r *ProjectsLocationsOauthClientsService) List(parent string) *ProjectsLocationsOauthClientsListCall {
  8120  	c := &ProjectsLocationsOauthClientsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8121  	c.parent = parent
  8122  	return c
  8123  }
  8124  
  8125  // PageSize sets the optional parameter "pageSize": The maximum number of oauth
  8126  // clients to return. If unspecified, at most 50 oauth clients will be
  8127  // returned. The maximum value is 100; values above 100 are truncated to 100.
  8128  func (c *ProjectsLocationsOauthClientsListCall) PageSize(pageSize int64) *ProjectsLocationsOauthClientsListCall {
  8129  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  8130  	return c
  8131  }
  8132  
  8133  // PageToken sets the optional parameter "pageToken": A page token, received
  8134  // from a previous `ListOauthClients` call. Provide this to retrieve the
  8135  // subsequent page.
  8136  func (c *ProjectsLocationsOauthClientsListCall) PageToken(pageToken string) *ProjectsLocationsOauthClientsListCall {
  8137  	c.urlParams_.Set("pageToken", pageToken)
  8138  	return c
  8139  }
  8140  
  8141  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
  8142  // soft-deleted oauth clients.
  8143  func (c *ProjectsLocationsOauthClientsListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsOauthClientsListCall {
  8144  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
  8145  	return c
  8146  }
  8147  
  8148  // Fields allows partial responses to be retrieved. See
  8149  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8150  // details.
  8151  func (c *ProjectsLocationsOauthClientsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsListCall {
  8152  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8153  	return c
  8154  }
  8155  
  8156  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  8157  // object's ETag matches the given value. This is useful for getting updates
  8158  // only after the object has changed since the last request.
  8159  func (c *ProjectsLocationsOauthClientsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsOauthClientsListCall {
  8160  	c.ifNoneMatch_ = entityTag
  8161  	return c
  8162  }
  8163  
  8164  // Context sets the context to be used in this call's Do method.
  8165  func (c *ProjectsLocationsOauthClientsListCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsListCall {
  8166  	c.ctx_ = ctx
  8167  	return c
  8168  }
  8169  
  8170  // Header returns a http.Header that can be modified by the caller to add
  8171  // headers to the request.
  8172  func (c *ProjectsLocationsOauthClientsListCall) Header() http.Header {
  8173  	if c.header_ == nil {
  8174  		c.header_ = make(http.Header)
  8175  	}
  8176  	return c.header_
  8177  }
  8178  
  8179  func (c *ProjectsLocationsOauthClientsListCall) doRequest(alt string) (*http.Response, error) {
  8180  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8181  	if c.ifNoneMatch_ != "" {
  8182  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  8183  	}
  8184  	var body io.Reader = nil
  8185  	c.urlParams_.Set("alt", alt)
  8186  	c.urlParams_.Set("prettyPrint", "false")
  8187  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/oauthClients")
  8188  	urls += "?" + c.urlParams_.Encode()
  8189  	req, err := http.NewRequest("GET", urls, body)
  8190  	if err != nil {
  8191  		return nil, err
  8192  	}
  8193  	req.Header = reqHeaders
  8194  	googleapi.Expand(req.URL, map[string]string{
  8195  		"parent": c.parent,
  8196  	})
  8197  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8198  }
  8199  
  8200  // Do executes the "iam.projects.locations.oauthClients.list" call.
  8201  // Any non-2xx status code is an error. Response headers are in either
  8202  // *ListOauthClientsResponse.ServerResponse.Header or (if a response was
  8203  // returned at all) in error.(*googleapi.Error).Header. Use
  8204  // googleapi.IsNotModified to check whether the returned error was because
  8205  // http.StatusNotModified was returned.
  8206  func (c *ProjectsLocationsOauthClientsListCall) Do(opts ...googleapi.CallOption) (*ListOauthClientsResponse, error) {
  8207  	gensupport.SetOptions(c.urlParams_, opts...)
  8208  	res, err := c.doRequest("json")
  8209  	if res != nil && res.StatusCode == http.StatusNotModified {
  8210  		if res.Body != nil {
  8211  			res.Body.Close()
  8212  		}
  8213  		return nil, gensupport.WrapError(&googleapi.Error{
  8214  			Code:   res.StatusCode,
  8215  			Header: res.Header,
  8216  		})
  8217  	}
  8218  	if err != nil {
  8219  		return nil, err
  8220  	}
  8221  	defer googleapi.CloseBody(res)
  8222  	if err := googleapi.CheckResponse(res); err != nil {
  8223  		return nil, gensupport.WrapError(err)
  8224  	}
  8225  	ret := &ListOauthClientsResponse{
  8226  		ServerResponse: googleapi.ServerResponse{
  8227  			Header:         res.Header,
  8228  			HTTPStatusCode: res.StatusCode,
  8229  		},
  8230  	}
  8231  	target := &ret
  8232  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8233  		return nil, err
  8234  	}
  8235  	return ret, nil
  8236  }
  8237  
  8238  // Pages invokes f for each page of results.
  8239  // A non-nil error returned from f will halt the iteration.
  8240  // The provided context supersedes any context provided to the Context method.
  8241  func (c *ProjectsLocationsOauthClientsListCall) Pages(ctx context.Context, f func(*ListOauthClientsResponse) error) error {
  8242  	c.ctx_ = ctx
  8243  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  8244  	for {
  8245  		x, err := c.Do()
  8246  		if err != nil {
  8247  			return err
  8248  		}
  8249  		if err := f(x); err != nil {
  8250  			return err
  8251  		}
  8252  		if x.NextPageToken == "" {
  8253  			return nil
  8254  		}
  8255  		c.PageToken(x.NextPageToken)
  8256  	}
  8257  }
  8258  
  8259  type ProjectsLocationsOauthClientsPatchCall struct {
  8260  	s           *Service
  8261  	name        string
  8262  	oauthclient *OauthClient
  8263  	urlParams_  gensupport.URLParams
  8264  	ctx_        context.Context
  8265  	header_     http.Header
  8266  }
  8267  
  8268  // Patch: Updates an existing OauthClient.
  8269  //
  8270  //   - name: Immutable. The resource name of the oauth client.
  8271  //     Format:`projects/{project}/locations/{location}/oauthClients/{oauth_client}
  8272  //     `.
  8273  func (r *ProjectsLocationsOauthClientsService) Patch(name string, oauthclient *OauthClient) *ProjectsLocationsOauthClientsPatchCall {
  8274  	c := &ProjectsLocationsOauthClientsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8275  	c.name = name
  8276  	c.oauthclient = oauthclient
  8277  	return c
  8278  }
  8279  
  8280  // UpdateMask sets the optional parameter "updateMask": Required. The list of
  8281  // fields to update.
  8282  func (c *ProjectsLocationsOauthClientsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsOauthClientsPatchCall {
  8283  	c.urlParams_.Set("updateMask", updateMask)
  8284  	return c
  8285  }
  8286  
  8287  // Fields allows partial responses to be retrieved. See
  8288  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8289  // details.
  8290  func (c *ProjectsLocationsOauthClientsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsPatchCall {
  8291  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8292  	return c
  8293  }
  8294  
  8295  // Context sets the context to be used in this call's Do method.
  8296  func (c *ProjectsLocationsOauthClientsPatchCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsPatchCall {
  8297  	c.ctx_ = ctx
  8298  	return c
  8299  }
  8300  
  8301  // Header returns a http.Header that can be modified by the caller to add
  8302  // headers to the request.
  8303  func (c *ProjectsLocationsOauthClientsPatchCall) Header() http.Header {
  8304  	if c.header_ == nil {
  8305  		c.header_ = make(http.Header)
  8306  	}
  8307  	return c.header_
  8308  }
  8309  
  8310  func (c *ProjectsLocationsOauthClientsPatchCall) doRequest(alt string) (*http.Response, error) {
  8311  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  8312  	var body io.Reader = nil
  8313  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.oauthclient)
  8314  	if err != nil {
  8315  		return nil, err
  8316  	}
  8317  	c.urlParams_.Set("alt", alt)
  8318  	c.urlParams_.Set("prettyPrint", "false")
  8319  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  8320  	urls += "?" + c.urlParams_.Encode()
  8321  	req, err := http.NewRequest("PATCH", urls, body)
  8322  	if err != nil {
  8323  		return nil, err
  8324  	}
  8325  	req.Header = reqHeaders
  8326  	googleapi.Expand(req.URL, map[string]string{
  8327  		"name": c.name,
  8328  	})
  8329  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8330  }
  8331  
  8332  // Do executes the "iam.projects.locations.oauthClients.patch" call.
  8333  // Any non-2xx status code is an error. Response headers are in either
  8334  // *OauthClient.ServerResponse.Header or (if a response was returned at all) in
  8335  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  8336  // whether the returned error was because http.StatusNotModified was returned.
  8337  func (c *ProjectsLocationsOauthClientsPatchCall) Do(opts ...googleapi.CallOption) (*OauthClient, error) {
  8338  	gensupport.SetOptions(c.urlParams_, opts...)
  8339  	res, err := c.doRequest("json")
  8340  	if res != nil && res.StatusCode == http.StatusNotModified {
  8341  		if res.Body != nil {
  8342  			res.Body.Close()
  8343  		}
  8344  		return nil, gensupport.WrapError(&googleapi.Error{
  8345  			Code:   res.StatusCode,
  8346  			Header: res.Header,
  8347  		})
  8348  	}
  8349  	if err != nil {
  8350  		return nil, err
  8351  	}
  8352  	defer googleapi.CloseBody(res)
  8353  	if err := googleapi.CheckResponse(res); err != nil {
  8354  		return nil, gensupport.WrapError(err)
  8355  	}
  8356  	ret := &OauthClient{
  8357  		ServerResponse: googleapi.ServerResponse{
  8358  			Header:         res.Header,
  8359  			HTTPStatusCode: res.StatusCode,
  8360  		},
  8361  	}
  8362  	target := &ret
  8363  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8364  		return nil, err
  8365  	}
  8366  	return ret, nil
  8367  }
  8368  
  8369  type ProjectsLocationsOauthClientsUndeleteCall struct {
  8370  	s                          *Service
  8371  	name                       string
  8372  	undeleteoauthclientrequest *UndeleteOauthClientRequest
  8373  	urlParams_                 gensupport.URLParams
  8374  	ctx_                       context.Context
  8375  	header_                    http.Header
  8376  }
  8377  
  8378  // Undelete: Undeletes a OauthClient, as long as it was deleted fewer than 30
  8379  // days ago.
  8380  //
  8381  //   - name: The name of the oauth client to undelete. Format:
  8382  //     `projects/{project}/locations/{location}/oauthClients/{oauth_client}`.
  8383  func (r *ProjectsLocationsOauthClientsService) Undelete(name string, undeleteoauthclientrequest *UndeleteOauthClientRequest) *ProjectsLocationsOauthClientsUndeleteCall {
  8384  	c := &ProjectsLocationsOauthClientsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8385  	c.name = name
  8386  	c.undeleteoauthclientrequest = undeleteoauthclientrequest
  8387  	return c
  8388  }
  8389  
  8390  // Fields allows partial responses to be retrieved. See
  8391  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8392  // details.
  8393  func (c *ProjectsLocationsOauthClientsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsUndeleteCall {
  8394  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8395  	return c
  8396  }
  8397  
  8398  // Context sets the context to be used in this call's Do method.
  8399  func (c *ProjectsLocationsOauthClientsUndeleteCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsUndeleteCall {
  8400  	c.ctx_ = ctx
  8401  	return c
  8402  }
  8403  
  8404  // Header returns a http.Header that can be modified by the caller to add
  8405  // headers to the request.
  8406  func (c *ProjectsLocationsOauthClientsUndeleteCall) Header() http.Header {
  8407  	if c.header_ == nil {
  8408  		c.header_ = make(http.Header)
  8409  	}
  8410  	return c.header_
  8411  }
  8412  
  8413  func (c *ProjectsLocationsOauthClientsUndeleteCall) doRequest(alt string) (*http.Response, error) {
  8414  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  8415  	var body io.Reader = nil
  8416  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteoauthclientrequest)
  8417  	if err != nil {
  8418  		return nil, err
  8419  	}
  8420  	c.urlParams_.Set("alt", alt)
  8421  	c.urlParams_.Set("prettyPrint", "false")
  8422  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  8423  	urls += "?" + c.urlParams_.Encode()
  8424  	req, err := http.NewRequest("POST", urls, body)
  8425  	if err != nil {
  8426  		return nil, err
  8427  	}
  8428  	req.Header = reqHeaders
  8429  	googleapi.Expand(req.URL, map[string]string{
  8430  		"name": c.name,
  8431  	})
  8432  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8433  }
  8434  
  8435  // Do executes the "iam.projects.locations.oauthClients.undelete" call.
  8436  // Any non-2xx status code is an error. Response headers are in either
  8437  // *OauthClient.ServerResponse.Header or (if a response was returned at all) in
  8438  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  8439  // whether the returned error was because http.StatusNotModified was returned.
  8440  func (c *ProjectsLocationsOauthClientsUndeleteCall) Do(opts ...googleapi.CallOption) (*OauthClient, error) {
  8441  	gensupport.SetOptions(c.urlParams_, opts...)
  8442  	res, err := c.doRequest("json")
  8443  	if res != nil && res.StatusCode == http.StatusNotModified {
  8444  		if res.Body != nil {
  8445  			res.Body.Close()
  8446  		}
  8447  		return nil, gensupport.WrapError(&googleapi.Error{
  8448  			Code:   res.StatusCode,
  8449  			Header: res.Header,
  8450  		})
  8451  	}
  8452  	if err != nil {
  8453  		return nil, err
  8454  	}
  8455  	defer googleapi.CloseBody(res)
  8456  	if err := googleapi.CheckResponse(res); err != nil {
  8457  		return nil, gensupport.WrapError(err)
  8458  	}
  8459  	ret := &OauthClient{
  8460  		ServerResponse: googleapi.ServerResponse{
  8461  			Header:         res.Header,
  8462  			HTTPStatusCode: res.StatusCode,
  8463  		},
  8464  	}
  8465  	target := &ret
  8466  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8467  		return nil, err
  8468  	}
  8469  	return ret, nil
  8470  }
  8471  
  8472  type ProjectsLocationsOauthClientsCredentialsCreateCall struct {
  8473  	s                     *Service
  8474  	parent                string
  8475  	oauthclientcredential *OauthClientCredential
  8476  	urlParams_            gensupport.URLParams
  8477  	ctx_                  context.Context
  8478  	header_               http.Header
  8479  }
  8480  
  8481  // Create: Creates a new OauthClientCredential.
  8482  //
  8483  // - parent: The parent resource to create the oauth client Credential in.
  8484  func (r *ProjectsLocationsOauthClientsCredentialsService) Create(parent string, oauthclientcredential *OauthClientCredential) *ProjectsLocationsOauthClientsCredentialsCreateCall {
  8485  	c := &ProjectsLocationsOauthClientsCredentialsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8486  	c.parent = parent
  8487  	c.oauthclientcredential = oauthclientcredential
  8488  	return c
  8489  }
  8490  
  8491  // OauthClientCredentialId sets the optional parameter
  8492  // "oauthClientCredentialId": Required. The ID to use for the oauth client
  8493  // credential, which becomes the final component of the resource name. This
  8494  // value should be 4-32 characters, and may contain the characters [a-z0-9-].
  8495  // The prefix `gcp-` is reserved for use by Google, and may not be specified.
  8496  func (c *ProjectsLocationsOauthClientsCredentialsCreateCall) OauthClientCredentialId(oauthClientCredentialId string) *ProjectsLocationsOauthClientsCredentialsCreateCall {
  8497  	c.urlParams_.Set("oauthClientCredentialId", oauthClientCredentialId)
  8498  	return c
  8499  }
  8500  
  8501  // Fields allows partial responses to be retrieved. See
  8502  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8503  // details.
  8504  func (c *ProjectsLocationsOauthClientsCredentialsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsCredentialsCreateCall {
  8505  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8506  	return c
  8507  }
  8508  
  8509  // Context sets the context to be used in this call's Do method.
  8510  func (c *ProjectsLocationsOauthClientsCredentialsCreateCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsCredentialsCreateCall {
  8511  	c.ctx_ = ctx
  8512  	return c
  8513  }
  8514  
  8515  // Header returns a http.Header that can be modified by the caller to add
  8516  // headers to the request.
  8517  func (c *ProjectsLocationsOauthClientsCredentialsCreateCall) Header() http.Header {
  8518  	if c.header_ == nil {
  8519  		c.header_ = make(http.Header)
  8520  	}
  8521  	return c.header_
  8522  }
  8523  
  8524  func (c *ProjectsLocationsOauthClientsCredentialsCreateCall) doRequest(alt string) (*http.Response, error) {
  8525  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  8526  	var body io.Reader = nil
  8527  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.oauthclientcredential)
  8528  	if err != nil {
  8529  		return nil, err
  8530  	}
  8531  	c.urlParams_.Set("alt", alt)
  8532  	c.urlParams_.Set("prettyPrint", "false")
  8533  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/credentials")
  8534  	urls += "?" + c.urlParams_.Encode()
  8535  	req, err := http.NewRequest("POST", urls, body)
  8536  	if err != nil {
  8537  		return nil, err
  8538  	}
  8539  	req.Header = reqHeaders
  8540  	googleapi.Expand(req.URL, map[string]string{
  8541  		"parent": c.parent,
  8542  	})
  8543  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8544  }
  8545  
  8546  // Do executes the "iam.projects.locations.oauthClients.credentials.create" call.
  8547  // Any non-2xx status code is an error. Response headers are in either
  8548  // *OauthClientCredential.ServerResponse.Header or (if a response was returned
  8549  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  8550  // check whether the returned error was because http.StatusNotModified was
  8551  // returned.
  8552  func (c *ProjectsLocationsOauthClientsCredentialsCreateCall) Do(opts ...googleapi.CallOption) (*OauthClientCredential, error) {
  8553  	gensupport.SetOptions(c.urlParams_, opts...)
  8554  	res, err := c.doRequest("json")
  8555  	if res != nil && res.StatusCode == http.StatusNotModified {
  8556  		if res.Body != nil {
  8557  			res.Body.Close()
  8558  		}
  8559  		return nil, gensupport.WrapError(&googleapi.Error{
  8560  			Code:   res.StatusCode,
  8561  			Header: res.Header,
  8562  		})
  8563  	}
  8564  	if err != nil {
  8565  		return nil, err
  8566  	}
  8567  	defer googleapi.CloseBody(res)
  8568  	if err := googleapi.CheckResponse(res); err != nil {
  8569  		return nil, gensupport.WrapError(err)
  8570  	}
  8571  	ret := &OauthClientCredential{
  8572  		ServerResponse: googleapi.ServerResponse{
  8573  			Header:         res.Header,
  8574  			HTTPStatusCode: res.StatusCode,
  8575  		},
  8576  	}
  8577  	target := &ret
  8578  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8579  		return nil, err
  8580  	}
  8581  	return ret, nil
  8582  }
  8583  
  8584  type ProjectsLocationsOauthClientsCredentialsDeleteCall struct {
  8585  	s          *Service
  8586  	name       string
  8587  	urlParams_ gensupport.URLParams
  8588  	ctx_       context.Context
  8589  	header_    http.Header
  8590  }
  8591  
  8592  // Delete: Deletes a OauthClientCredential. Before deleting an oauth client
  8593  // credential, it should first be disabled.
  8594  //
  8595  //   - name: The name of the oauth client credential to delete. Format:
  8596  //     `projects/{project}/locations/{location}/oauthClients/{oauth_client}/creden
  8597  //     tials/{credential}`.
  8598  func (r *ProjectsLocationsOauthClientsCredentialsService) Delete(name string) *ProjectsLocationsOauthClientsCredentialsDeleteCall {
  8599  	c := &ProjectsLocationsOauthClientsCredentialsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8600  	c.name = name
  8601  	return c
  8602  }
  8603  
  8604  // Fields allows partial responses to be retrieved. See
  8605  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8606  // details.
  8607  func (c *ProjectsLocationsOauthClientsCredentialsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsCredentialsDeleteCall {
  8608  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8609  	return c
  8610  }
  8611  
  8612  // Context sets the context to be used in this call's Do method.
  8613  func (c *ProjectsLocationsOauthClientsCredentialsDeleteCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsCredentialsDeleteCall {
  8614  	c.ctx_ = ctx
  8615  	return c
  8616  }
  8617  
  8618  // Header returns a http.Header that can be modified by the caller to add
  8619  // headers to the request.
  8620  func (c *ProjectsLocationsOauthClientsCredentialsDeleteCall) Header() http.Header {
  8621  	if c.header_ == nil {
  8622  		c.header_ = make(http.Header)
  8623  	}
  8624  	return c.header_
  8625  }
  8626  
  8627  func (c *ProjectsLocationsOauthClientsCredentialsDeleteCall) doRequest(alt string) (*http.Response, error) {
  8628  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8629  	var body io.Reader = nil
  8630  	c.urlParams_.Set("alt", alt)
  8631  	c.urlParams_.Set("prettyPrint", "false")
  8632  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  8633  	urls += "?" + c.urlParams_.Encode()
  8634  	req, err := http.NewRequest("DELETE", urls, body)
  8635  	if err != nil {
  8636  		return nil, err
  8637  	}
  8638  	req.Header = reqHeaders
  8639  	googleapi.Expand(req.URL, map[string]string{
  8640  		"name": c.name,
  8641  	})
  8642  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8643  }
  8644  
  8645  // Do executes the "iam.projects.locations.oauthClients.credentials.delete" call.
  8646  // Any non-2xx status code is an error. Response headers are in either
  8647  // *Empty.ServerResponse.Header or (if a response was returned at all) in
  8648  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  8649  // whether the returned error was because http.StatusNotModified was returned.
  8650  func (c *ProjectsLocationsOauthClientsCredentialsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
  8651  	gensupport.SetOptions(c.urlParams_, opts...)
  8652  	res, err := c.doRequest("json")
  8653  	if res != nil && res.StatusCode == http.StatusNotModified {
  8654  		if res.Body != nil {
  8655  			res.Body.Close()
  8656  		}
  8657  		return nil, gensupport.WrapError(&googleapi.Error{
  8658  			Code:   res.StatusCode,
  8659  			Header: res.Header,
  8660  		})
  8661  	}
  8662  	if err != nil {
  8663  		return nil, err
  8664  	}
  8665  	defer googleapi.CloseBody(res)
  8666  	if err := googleapi.CheckResponse(res); err != nil {
  8667  		return nil, gensupport.WrapError(err)
  8668  	}
  8669  	ret := &Empty{
  8670  		ServerResponse: googleapi.ServerResponse{
  8671  			Header:         res.Header,
  8672  			HTTPStatusCode: res.StatusCode,
  8673  		},
  8674  	}
  8675  	target := &ret
  8676  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8677  		return nil, err
  8678  	}
  8679  	return ret, nil
  8680  }
  8681  
  8682  type ProjectsLocationsOauthClientsCredentialsGetCall struct {
  8683  	s            *Service
  8684  	name         string
  8685  	urlParams_   gensupport.URLParams
  8686  	ifNoneMatch_ string
  8687  	ctx_         context.Context
  8688  	header_      http.Header
  8689  }
  8690  
  8691  // Get: Gets an individual OauthClientCredential.
  8692  //
  8693  //   - name: The name of the oauth client credential to retrieve. Format:
  8694  //     `projects/{project}/locations/{location}/oauthClients/{oauth_client}/creden
  8695  //     tials/{credential}`.
  8696  func (r *ProjectsLocationsOauthClientsCredentialsService) Get(name string) *ProjectsLocationsOauthClientsCredentialsGetCall {
  8697  	c := &ProjectsLocationsOauthClientsCredentialsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8698  	c.name = name
  8699  	return c
  8700  }
  8701  
  8702  // Fields allows partial responses to be retrieved. See
  8703  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8704  // details.
  8705  func (c *ProjectsLocationsOauthClientsCredentialsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsCredentialsGetCall {
  8706  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8707  	return c
  8708  }
  8709  
  8710  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  8711  // object's ETag matches the given value. This is useful for getting updates
  8712  // only after the object has changed since the last request.
  8713  func (c *ProjectsLocationsOauthClientsCredentialsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsOauthClientsCredentialsGetCall {
  8714  	c.ifNoneMatch_ = entityTag
  8715  	return c
  8716  }
  8717  
  8718  // Context sets the context to be used in this call's Do method.
  8719  func (c *ProjectsLocationsOauthClientsCredentialsGetCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsCredentialsGetCall {
  8720  	c.ctx_ = ctx
  8721  	return c
  8722  }
  8723  
  8724  // Header returns a http.Header that can be modified by the caller to add
  8725  // headers to the request.
  8726  func (c *ProjectsLocationsOauthClientsCredentialsGetCall) Header() http.Header {
  8727  	if c.header_ == nil {
  8728  		c.header_ = make(http.Header)
  8729  	}
  8730  	return c.header_
  8731  }
  8732  
  8733  func (c *ProjectsLocationsOauthClientsCredentialsGetCall) doRequest(alt string) (*http.Response, error) {
  8734  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8735  	if c.ifNoneMatch_ != "" {
  8736  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  8737  	}
  8738  	var body io.Reader = nil
  8739  	c.urlParams_.Set("alt", alt)
  8740  	c.urlParams_.Set("prettyPrint", "false")
  8741  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  8742  	urls += "?" + c.urlParams_.Encode()
  8743  	req, err := http.NewRequest("GET", urls, body)
  8744  	if err != nil {
  8745  		return nil, err
  8746  	}
  8747  	req.Header = reqHeaders
  8748  	googleapi.Expand(req.URL, map[string]string{
  8749  		"name": c.name,
  8750  	})
  8751  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8752  }
  8753  
  8754  // Do executes the "iam.projects.locations.oauthClients.credentials.get" call.
  8755  // Any non-2xx status code is an error. Response headers are in either
  8756  // *OauthClientCredential.ServerResponse.Header or (if a response was returned
  8757  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  8758  // check whether the returned error was because http.StatusNotModified was
  8759  // returned.
  8760  func (c *ProjectsLocationsOauthClientsCredentialsGetCall) Do(opts ...googleapi.CallOption) (*OauthClientCredential, error) {
  8761  	gensupport.SetOptions(c.urlParams_, opts...)
  8762  	res, err := c.doRequest("json")
  8763  	if res != nil && res.StatusCode == http.StatusNotModified {
  8764  		if res.Body != nil {
  8765  			res.Body.Close()
  8766  		}
  8767  		return nil, gensupport.WrapError(&googleapi.Error{
  8768  			Code:   res.StatusCode,
  8769  			Header: res.Header,
  8770  		})
  8771  	}
  8772  	if err != nil {
  8773  		return nil, err
  8774  	}
  8775  	defer googleapi.CloseBody(res)
  8776  	if err := googleapi.CheckResponse(res); err != nil {
  8777  		return nil, gensupport.WrapError(err)
  8778  	}
  8779  	ret := &OauthClientCredential{
  8780  		ServerResponse: googleapi.ServerResponse{
  8781  			Header:         res.Header,
  8782  			HTTPStatusCode: res.StatusCode,
  8783  		},
  8784  	}
  8785  	target := &ret
  8786  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8787  		return nil, err
  8788  	}
  8789  	return ret, nil
  8790  }
  8791  
  8792  type ProjectsLocationsOauthClientsCredentialsListCall struct {
  8793  	s            *Service
  8794  	parent       string
  8795  	urlParams_   gensupport.URLParams
  8796  	ifNoneMatch_ string
  8797  	ctx_         context.Context
  8798  	header_      http.Header
  8799  }
  8800  
  8801  // List: Lists all OauthClientCredentialss in a OauthClient.
  8802  //
  8803  // - parent: The parent to list oauth client credentials for.
  8804  func (r *ProjectsLocationsOauthClientsCredentialsService) List(parent string) *ProjectsLocationsOauthClientsCredentialsListCall {
  8805  	c := &ProjectsLocationsOauthClientsCredentialsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8806  	c.parent = parent
  8807  	return c
  8808  }
  8809  
  8810  // Fields allows partial responses to be retrieved. See
  8811  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8812  // details.
  8813  func (c *ProjectsLocationsOauthClientsCredentialsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsCredentialsListCall {
  8814  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8815  	return c
  8816  }
  8817  
  8818  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  8819  // object's ETag matches the given value. This is useful for getting updates
  8820  // only after the object has changed since the last request.
  8821  func (c *ProjectsLocationsOauthClientsCredentialsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsOauthClientsCredentialsListCall {
  8822  	c.ifNoneMatch_ = entityTag
  8823  	return c
  8824  }
  8825  
  8826  // Context sets the context to be used in this call's Do method.
  8827  func (c *ProjectsLocationsOauthClientsCredentialsListCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsCredentialsListCall {
  8828  	c.ctx_ = ctx
  8829  	return c
  8830  }
  8831  
  8832  // Header returns a http.Header that can be modified by the caller to add
  8833  // headers to the request.
  8834  func (c *ProjectsLocationsOauthClientsCredentialsListCall) Header() http.Header {
  8835  	if c.header_ == nil {
  8836  		c.header_ = make(http.Header)
  8837  	}
  8838  	return c.header_
  8839  }
  8840  
  8841  func (c *ProjectsLocationsOauthClientsCredentialsListCall) doRequest(alt string) (*http.Response, error) {
  8842  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8843  	if c.ifNoneMatch_ != "" {
  8844  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  8845  	}
  8846  	var body io.Reader = nil
  8847  	c.urlParams_.Set("alt", alt)
  8848  	c.urlParams_.Set("prettyPrint", "false")
  8849  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/credentials")
  8850  	urls += "?" + c.urlParams_.Encode()
  8851  	req, err := http.NewRequest("GET", urls, body)
  8852  	if err != nil {
  8853  		return nil, err
  8854  	}
  8855  	req.Header = reqHeaders
  8856  	googleapi.Expand(req.URL, map[string]string{
  8857  		"parent": c.parent,
  8858  	})
  8859  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8860  }
  8861  
  8862  // Do executes the "iam.projects.locations.oauthClients.credentials.list" call.
  8863  // Any non-2xx status code is an error. Response headers are in either
  8864  // *ListOauthClientCredentialsResponse.ServerResponse.Header or (if a response
  8865  // was returned at all) in error.(*googleapi.Error).Header. Use
  8866  // googleapi.IsNotModified to check whether the returned error was because
  8867  // http.StatusNotModified was returned.
  8868  func (c *ProjectsLocationsOauthClientsCredentialsListCall) Do(opts ...googleapi.CallOption) (*ListOauthClientCredentialsResponse, error) {
  8869  	gensupport.SetOptions(c.urlParams_, opts...)
  8870  	res, err := c.doRequest("json")
  8871  	if res != nil && res.StatusCode == http.StatusNotModified {
  8872  		if res.Body != nil {
  8873  			res.Body.Close()
  8874  		}
  8875  		return nil, gensupport.WrapError(&googleapi.Error{
  8876  			Code:   res.StatusCode,
  8877  			Header: res.Header,
  8878  		})
  8879  	}
  8880  	if err != nil {
  8881  		return nil, err
  8882  	}
  8883  	defer googleapi.CloseBody(res)
  8884  	if err := googleapi.CheckResponse(res); err != nil {
  8885  		return nil, gensupport.WrapError(err)
  8886  	}
  8887  	ret := &ListOauthClientCredentialsResponse{
  8888  		ServerResponse: googleapi.ServerResponse{
  8889  			Header:         res.Header,
  8890  			HTTPStatusCode: res.StatusCode,
  8891  		},
  8892  	}
  8893  	target := &ret
  8894  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8895  		return nil, err
  8896  	}
  8897  	return ret, nil
  8898  }
  8899  
  8900  type ProjectsLocationsOauthClientsCredentialsPatchCall struct {
  8901  	s                     *Service
  8902  	name                  string
  8903  	oauthclientcredential *OauthClientCredential
  8904  	urlParams_            gensupport.URLParams
  8905  	ctx_                  context.Context
  8906  	header_               http.Header
  8907  }
  8908  
  8909  // Patch: Updates an existing OauthClientCredential.
  8910  //
  8911  //   - name: Immutable. The resource name of the oauth client credential. Format:
  8912  //     `projects/{project}/locations/{location}/oauthClients/{oauth_client}/creden
  8913  //     tials/{credential}`.
  8914  func (r *ProjectsLocationsOauthClientsCredentialsService) Patch(name string, oauthclientcredential *OauthClientCredential) *ProjectsLocationsOauthClientsCredentialsPatchCall {
  8915  	c := &ProjectsLocationsOauthClientsCredentialsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8916  	c.name = name
  8917  	c.oauthclientcredential = oauthclientcredential
  8918  	return c
  8919  }
  8920  
  8921  // UpdateMask sets the optional parameter "updateMask": Required. The list of
  8922  // fields to update.
  8923  func (c *ProjectsLocationsOauthClientsCredentialsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsOauthClientsCredentialsPatchCall {
  8924  	c.urlParams_.Set("updateMask", updateMask)
  8925  	return c
  8926  }
  8927  
  8928  // Fields allows partial responses to be retrieved. See
  8929  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8930  // details.
  8931  func (c *ProjectsLocationsOauthClientsCredentialsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsOauthClientsCredentialsPatchCall {
  8932  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8933  	return c
  8934  }
  8935  
  8936  // Context sets the context to be used in this call's Do method.
  8937  func (c *ProjectsLocationsOauthClientsCredentialsPatchCall) Context(ctx context.Context) *ProjectsLocationsOauthClientsCredentialsPatchCall {
  8938  	c.ctx_ = ctx
  8939  	return c
  8940  }
  8941  
  8942  // Header returns a http.Header that can be modified by the caller to add
  8943  // headers to the request.
  8944  func (c *ProjectsLocationsOauthClientsCredentialsPatchCall) Header() http.Header {
  8945  	if c.header_ == nil {
  8946  		c.header_ = make(http.Header)
  8947  	}
  8948  	return c.header_
  8949  }
  8950  
  8951  func (c *ProjectsLocationsOauthClientsCredentialsPatchCall) doRequest(alt string) (*http.Response, error) {
  8952  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  8953  	var body io.Reader = nil
  8954  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.oauthclientcredential)
  8955  	if err != nil {
  8956  		return nil, err
  8957  	}
  8958  	c.urlParams_.Set("alt", alt)
  8959  	c.urlParams_.Set("prettyPrint", "false")
  8960  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  8961  	urls += "?" + c.urlParams_.Encode()
  8962  	req, err := http.NewRequest("PATCH", urls, body)
  8963  	if err != nil {
  8964  		return nil, err
  8965  	}
  8966  	req.Header = reqHeaders
  8967  	googleapi.Expand(req.URL, map[string]string{
  8968  		"name": c.name,
  8969  	})
  8970  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8971  }
  8972  
  8973  // Do executes the "iam.projects.locations.oauthClients.credentials.patch" call.
  8974  // Any non-2xx status code is an error. Response headers are in either
  8975  // *OauthClientCredential.ServerResponse.Header or (if a response was returned
  8976  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  8977  // check whether the returned error was because http.StatusNotModified was
  8978  // returned.
  8979  func (c *ProjectsLocationsOauthClientsCredentialsPatchCall) Do(opts ...googleapi.CallOption) (*OauthClientCredential, error) {
  8980  	gensupport.SetOptions(c.urlParams_, opts...)
  8981  	res, err := c.doRequest("json")
  8982  	if res != nil && res.StatusCode == http.StatusNotModified {
  8983  		if res.Body != nil {
  8984  			res.Body.Close()
  8985  		}
  8986  		return nil, gensupport.WrapError(&googleapi.Error{
  8987  			Code:   res.StatusCode,
  8988  			Header: res.Header,
  8989  		})
  8990  	}
  8991  	if err != nil {
  8992  		return nil, err
  8993  	}
  8994  	defer googleapi.CloseBody(res)
  8995  	if err := googleapi.CheckResponse(res); err != nil {
  8996  		return nil, gensupport.WrapError(err)
  8997  	}
  8998  	ret := &OauthClientCredential{
  8999  		ServerResponse: googleapi.ServerResponse{
  9000  			Header:         res.Header,
  9001  			HTTPStatusCode: res.StatusCode,
  9002  		},
  9003  	}
  9004  	target := &ret
  9005  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9006  		return nil, err
  9007  	}
  9008  	return ret, nil
  9009  }
  9010  
  9011  type ProjectsLocationsWorkloadIdentityPoolsCreateCall struct {
  9012  	s                    *Service
  9013  	parent               string
  9014  	workloadidentitypool *WorkloadIdentityPool
  9015  	urlParams_           gensupport.URLParams
  9016  	ctx_                 context.Context
  9017  	header_              http.Header
  9018  }
  9019  
  9020  // Create: Creates a new WorkloadIdentityPool. You cannot reuse the name of a
  9021  // deleted pool until 30 days after deletion.
  9022  //
  9023  //   - parent: The parent resource to create the pool in. The only supported
  9024  //     location is `global`.
  9025  func (r *ProjectsLocationsWorkloadIdentityPoolsService) Create(parent string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsCreateCall {
  9026  	c := &ProjectsLocationsWorkloadIdentityPoolsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9027  	c.parent = parent
  9028  	c.workloadidentitypool = workloadidentitypool
  9029  	return c
  9030  }
  9031  
  9032  // WorkloadIdentityPoolId sets the optional parameter "workloadIdentityPoolId":
  9033  // Required. The ID to use for the pool, which becomes the final component of
  9034  // the resource name. This value should be 4-32 characters, and may contain the
  9035  // characters [a-z0-9-]. The prefix `gcp-` is reserved for use by Google, and
  9036  // may not be specified.
  9037  func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) WorkloadIdentityPoolId(workloadIdentityPoolId string) *ProjectsLocationsWorkloadIdentityPoolsCreateCall {
  9038  	c.urlParams_.Set("workloadIdentityPoolId", workloadIdentityPoolId)
  9039  	return c
  9040  }
  9041  
  9042  // Fields allows partial responses to be retrieved. See
  9043  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9044  // details.
  9045  func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsCreateCall {
  9046  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9047  	return c
  9048  }
  9049  
  9050  // Context sets the context to be used in this call's Do method.
  9051  func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsCreateCall {
  9052  	c.ctx_ = ctx
  9053  	return c
  9054  }
  9055  
  9056  // Header returns a http.Header that can be modified by the caller to add
  9057  // headers to the request.
  9058  func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Header() http.Header {
  9059  	if c.header_ == nil {
  9060  		c.header_ = make(http.Header)
  9061  	}
  9062  	return c.header_
  9063  }
  9064  
  9065  func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) doRequest(alt string) (*http.Response, error) {
  9066  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  9067  	var body io.Reader = nil
  9068  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool)
  9069  	if err != nil {
  9070  		return nil, err
  9071  	}
  9072  	c.urlParams_.Set("alt", alt)
  9073  	c.urlParams_.Set("prettyPrint", "false")
  9074  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools")
  9075  	urls += "?" + c.urlParams_.Encode()
  9076  	req, err := http.NewRequest("POST", urls, body)
  9077  	if err != nil {
  9078  		return nil, err
  9079  	}
  9080  	req.Header = reqHeaders
  9081  	googleapi.Expand(req.URL, map[string]string{
  9082  		"parent": c.parent,
  9083  	})
  9084  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9085  }
  9086  
  9087  // Do executes the "iam.projects.locations.workloadIdentityPools.create" call.
  9088  // Any non-2xx status code is an error. Response headers are in either
  9089  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9090  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9091  // whether the returned error was because http.StatusNotModified was returned.
  9092  func (c *ProjectsLocationsWorkloadIdentityPoolsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9093  	gensupport.SetOptions(c.urlParams_, opts...)
  9094  	res, err := c.doRequest("json")
  9095  	if res != nil && res.StatusCode == http.StatusNotModified {
  9096  		if res.Body != nil {
  9097  			res.Body.Close()
  9098  		}
  9099  		return nil, gensupport.WrapError(&googleapi.Error{
  9100  			Code:   res.StatusCode,
  9101  			Header: res.Header,
  9102  		})
  9103  	}
  9104  	if err != nil {
  9105  		return nil, err
  9106  	}
  9107  	defer googleapi.CloseBody(res)
  9108  	if err := googleapi.CheckResponse(res); err != nil {
  9109  		return nil, gensupport.WrapError(err)
  9110  	}
  9111  	ret := &Operation{
  9112  		ServerResponse: googleapi.ServerResponse{
  9113  			Header:         res.Header,
  9114  			HTTPStatusCode: res.StatusCode,
  9115  		},
  9116  	}
  9117  	target := &ret
  9118  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9119  		return nil, err
  9120  	}
  9121  	return ret, nil
  9122  }
  9123  
  9124  type ProjectsLocationsWorkloadIdentityPoolsDeleteCall struct {
  9125  	s          *Service
  9126  	name       string
  9127  	urlParams_ gensupport.URLParams
  9128  	ctx_       context.Context
  9129  	header_    http.Header
  9130  }
  9131  
  9132  // Delete: Deletes a WorkloadIdentityPool. You cannot use a deleted pool to
  9133  // exchange external credentials for Google Cloud credentials. However,
  9134  // deletion does not revoke credentials that have already been issued.
  9135  // Credentials issued for a deleted pool do not grant access to resources. If
  9136  // the pool is undeleted, and the credentials are not expired, they grant
  9137  // access again. You can undelete a pool for 30 days. After 30 days, deletion
  9138  // is permanent. You cannot update deleted pools. However, you can view and
  9139  // list them.
  9140  //
  9141  // - name: The name of the pool to delete.
  9142  func (r *ProjectsLocationsWorkloadIdentityPoolsService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall {
  9143  	c := &ProjectsLocationsWorkloadIdentityPoolsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9144  	c.name = name
  9145  	return c
  9146  }
  9147  
  9148  // Fields allows partial responses to be retrieved. See
  9149  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9150  // details.
  9151  func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall {
  9152  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9153  	return c
  9154  }
  9155  
  9156  // Context sets the context to be used in this call's Do method.
  9157  func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsDeleteCall {
  9158  	c.ctx_ = ctx
  9159  	return c
  9160  }
  9161  
  9162  // Header returns a http.Header that can be modified by the caller to add
  9163  // headers to the request.
  9164  func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Header() http.Header {
  9165  	if c.header_ == nil {
  9166  		c.header_ = make(http.Header)
  9167  	}
  9168  	return c.header_
  9169  }
  9170  
  9171  func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) doRequest(alt string) (*http.Response, error) {
  9172  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  9173  	var body io.Reader = nil
  9174  	c.urlParams_.Set("alt", alt)
  9175  	c.urlParams_.Set("prettyPrint", "false")
  9176  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  9177  	urls += "?" + c.urlParams_.Encode()
  9178  	req, err := http.NewRequest("DELETE", urls, body)
  9179  	if err != nil {
  9180  		return nil, err
  9181  	}
  9182  	req.Header = reqHeaders
  9183  	googleapi.Expand(req.URL, map[string]string{
  9184  		"name": c.name,
  9185  	})
  9186  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9187  }
  9188  
  9189  // Do executes the "iam.projects.locations.workloadIdentityPools.delete" call.
  9190  // Any non-2xx status code is an error. Response headers are in either
  9191  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9192  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9193  // whether the returned error was because http.StatusNotModified was returned.
  9194  func (c *ProjectsLocationsWorkloadIdentityPoolsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9195  	gensupport.SetOptions(c.urlParams_, opts...)
  9196  	res, err := c.doRequest("json")
  9197  	if res != nil && res.StatusCode == http.StatusNotModified {
  9198  		if res.Body != nil {
  9199  			res.Body.Close()
  9200  		}
  9201  		return nil, gensupport.WrapError(&googleapi.Error{
  9202  			Code:   res.StatusCode,
  9203  			Header: res.Header,
  9204  		})
  9205  	}
  9206  	if err != nil {
  9207  		return nil, err
  9208  	}
  9209  	defer googleapi.CloseBody(res)
  9210  	if err := googleapi.CheckResponse(res); err != nil {
  9211  		return nil, gensupport.WrapError(err)
  9212  	}
  9213  	ret := &Operation{
  9214  		ServerResponse: googleapi.ServerResponse{
  9215  			Header:         res.Header,
  9216  			HTTPStatusCode: res.StatusCode,
  9217  		},
  9218  	}
  9219  	target := &ret
  9220  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9221  		return nil, err
  9222  	}
  9223  	return ret, nil
  9224  }
  9225  
  9226  type ProjectsLocationsWorkloadIdentityPoolsGetCall struct {
  9227  	s            *Service
  9228  	name         string
  9229  	urlParams_   gensupport.URLParams
  9230  	ifNoneMatch_ string
  9231  	ctx_         context.Context
  9232  	header_      http.Header
  9233  }
  9234  
  9235  // Get: Gets an individual WorkloadIdentityPool.
  9236  //
  9237  // - name: The name of the pool to retrieve.
  9238  func (r *ProjectsLocationsWorkloadIdentityPoolsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsGetCall {
  9239  	c := &ProjectsLocationsWorkloadIdentityPoolsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9240  	c.name = name
  9241  	return c
  9242  }
  9243  
  9244  // Fields allows partial responses to be retrieved. See
  9245  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9246  // details.
  9247  func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsGetCall {
  9248  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9249  	return c
  9250  }
  9251  
  9252  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  9253  // object's ETag matches the given value. This is useful for getting updates
  9254  // only after the object has changed since the last request.
  9255  func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsGetCall {
  9256  	c.ifNoneMatch_ = entityTag
  9257  	return c
  9258  }
  9259  
  9260  // Context sets the context to be used in this call's Do method.
  9261  func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsGetCall {
  9262  	c.ctx_ = ctx
  9263  	return c
  9264  }
  9265  
  9266  // Header returns a http.Header that can be modified by the caller to add
  9267  // headers to the request.
  9268  func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Header() http.Header {
  9269  	if c.header_ == nil {
  9270  		c.header_ = make(http.Header)
  9271  	}
  9272  	return c.header_
  9273  }
  9274  
  9275  func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) doRequest(alt string) (*http.Response, error) {
  9276  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  9277  	if c.ifNoneMatch_ != "" {
  9278  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  9279  	}
  9280  	var body io.Reader = nil
  9281  	c.urlParams_.Set("alt", alt)
  9282  	c.urlParams_.Set("prettyPrint", "false")
  9283  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  9284  	urls += "?" + c.urlParams_.Encode()
  9285  	req, err := http.NewRequest("GET", urls, body)
  9286  	if err != nil {
  9287  		return nil, err
  9288  	}
  9289  	req.Header = reqHeaders
  9290  	googleapi.Expand(req.URL, map[string]string{
  9291  		"name": c.name,
  9292  	})
  9293  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9294  }
  9295  
  9296  // Do executes the "iam.projects.locations.workloadIdentityPools.get" call.
  9297  // Any non-2xx status code is an error. Response headers are in either
  9298  // *WorkloadIdentityPool.ServerResponse.Header or (if a response was returned
  9299  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  9300  // check whether the returned error was because http.StatusNotModified was
  9301  // returned.
  9302  func (c *ProjectsLocationsWorkloadIdentityPoolsGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPool, error) {
  9303  	gensupport.SetOptions(c.urlParams_, opts...)
  9304  	res, err := c.doRequest("json")
  9305  	if res != nil && res.StatusCode == http.StatusNotModified {
  9306  		if res.Body != nil {
  9307  			res.Body.Close()
  9308  		}
  9309  		return nil, gensupport.WrapError(&googleapi.Error{
  9310  			Code:   res.StatusCode,
  9311  			Header: res.Header,
  9312  		})
  9313  	}
  9314  	if err != nil {
  9315  		return nil, err
  9316  	}
  9317  	defer googleapi.CloseBody(res)
  9318  	if err := googleapi.CheckResponse(res); err != nil {
  9319  		return nil, gensupport.WrapError(err)
  9320  	}
  9321  	ret := &WorkloadIdentityPool{
  9322  		ServerResponse: googleapi.ServerResponse{
  9323  			Header:         res.Header,
  9324  			HTTPStatusCode: res.StatusCode,
  9325  		},
  9326  	}
  9327  	target := &ret
  9328  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9329  		return nil, err
  9330  	}
  9331  	return ret, nil
  9332  }
  9333  
  9334  type ProjectsLocationsWorkloadIdentityPoolsListCall struct {
  9335  	s            *Service
  9336  	parent       string
  9337  	urlParams_   gensupport.URLParams
  9338  	ifNoneMatch_ string
  9339  	ctx_         context.Context
  9340  	header_      http.Header
  9341  }
  9342  
  9343  // List: Lists all non-deleted WorkloadIdentityPools in a project. If
  9344  // `show_deleted` is set to `true`, then deleted pools are also listed.
  9345  //
  9346  // - parent: The parent resource to list pools for.
  9347  func (r *ProjectsLocationsWorkloadIdentityPoolsService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9348  	c := &ProjectsLocationsWorkloadIdentityPoolsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9349  	c.parent = parent
  9350  	return c
  9351  }
  9352  
  9353  // PageSize sets the optional parameter "pageSize": The maximum number of pools
  9354  // to return. If unspecified, at most 50 pools are returned. The maximum value
  9355  // is 1000; values above are 1000 truncated to 1000.
  9356  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9357  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  9358  	return c
  9359  }
  9360  
  9361  // PageToken sets the optional parameter "pageToken": A page token, received
  9362  // from a previous `ListWorkloadIdentityPools` call. Provide this to retrieve
  9363  // the subsequent page.
  9364  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9365  	c.urlParams_.Set("pageToken", pageToken)
  9366  	return c
  9367  }
  9368  
  9369  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
  9370  // soft-deleted pools.
  9371  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9372  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
  9373  	return c
  9374  }
  9375  
  9376  // Fields allows partial responses to be retrieved. See
  9377  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9378  // details.
  9379  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9380  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9381  	return c
  9382  }
  9383  
  9384  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  9385  // object's ETag matches the given value. This is useful for getting updates
  9386  // only after the object has changed since the last request.
  9387  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9388  	c.ifNoneMatch_ = entityTag
  9389  	return c
  9390  }
  9391  
  9392  // Context sets the context to be used in this call's Do method.
  9393  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsListCall {
  9394  	c.ctx_ = ctx
  9395  	return c
  9396  }
  9397  
  9398  // Header returns a http.Header that can be modified by the caller to add
  9399  // headers to the request.
  9400  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Header() http.Header {
  9401  	if c.header_ == nil {
  9402  		c.header_ = make(http.Header)
  9403  	}
  9404  	return c.header_
  9405  }
  9406  
  9407  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) doRequest(alt string) (*http.Response, error) {
  9408  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  9409  	if c.ifNoneMatch_ != "" {
  9410  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  9411  	}
  9412  	var body io.Reader = nil
  9413  	c.urlParams_.Set("alt", alt)
  9414  	c.urlParams_.Set("prettyPrint", "false")
  9415  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/workloadIdentityPools")
  9416  	urls += "?" + c.urlParams_.Encode()
  9417  	req, err := http.NewRequest("GET", urls, body)
  9418  	if err != nil {
  9419  		return nil, err
  9420  	}
  9421  	req.Header = reqHeaders
  9422  	googleapi.Expand(req.URL, map[string]string{
  9423  		"parent": c.parent,
  9424  	})
  9425  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9426  }
  9427  
  9428  // Do executes the "iam.projects.locations.workloadIdentityPools.list" call.
  9429  // Any non-2xx status code is an error. Response headers are in either
  9430  // *ListWorkloadIdentityPoolsResponse.ServerResponse.Header or (if a response
  9431  // was returned at all) in error.(*googleapi.Error).Header. Use
  9432  // googleapi.IsNotModified to check whether the returned error was because
  9433  // http.StatusNotModified was returned.
  9434  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolsResponse, error) {
  9435  	gensupport.SetOptions(c.urlParams_, opts...)
  9436  	res, err := c.doRequest("json")
  9437  	if res != nil && res.StatusCode == http.StatusNotModified {
  9438  		if res.Body != nil {
  9439  			res.Body.Close()
  9440  		}
  9441  		return nil, gensupport.WrapError(&googleapi.Error{
  9442  			Code:   res.StatusCode,
  9443  			Header: res.Header,
  9444  		})
  9445  	}
  9446  	if err != nil {
  9447  		return nil, err
  9448  	}
  9449  	defer googleapi.CloseBody(res)
  9450  	if err := googleapi.CheckResponse(res); err != nil {
  9451  		return nil, gensupport.WrapError(err)
  9452  	}
  9453  	ret := &ListWorkloadIdentityPoolsResponse{
  9454  		ServerResponse: googleapi.ServerResponse{
  9455  			Header:         res.Header,
  9456  			HTTPStatusCode: res.StatusCode,
  9457  		},
  9458  	}
  9459  	target := &ret
  9460  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9461  		return nil, err
  9462  	}
  9463  	return ret, nil
  9464  }
  9465  
  9466  // Pages invokes f for each page of results.
  9467  // A non-nil error returned from f will halt the iteration.
  9468  // The provided context supersedes any context provided to the Context method.
  9469  func (c *ProjectsLocationsWorkloadIdentityPoolsListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolsResponse) error) error {
  9470  	c.ctx_ = ctx
  9471  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  9472  	for {
  9473  		x, err := c.Do()
  9474  		if err != nil {
  9475  			return err
  9476  		}
  9477  		if err := f(x); err != nil {
  9478  			return err
  9479  		}
  9480  		if x.NextPageToken == "" {
  9481  			return nil
  9482  		}
  9483  		c.PageToken(x.NextPageToken)
  9484  	}
  9485  }
  9486  
  9487  type ProjectsLocationsWorkloadIdentityPoolsPatchCall struct {
  9488  	s                    *Service
  9489  	name                 string
  9490  	workloadidentitypool *WorkloadIdentityPool
  9491  	urlParams_           gensupport.URLParams
  9492  	ctx_                 context.Context
  9493  	header_              http.Header
  9494  }
  9495  
  9496  // Patch: Updates an existing WorkloadIdentityPool.
  9497  //
  9498  // - name: Output only. The resource name of the pool.
  9499  func (r *ProjectsLocationsWorkloadIdentityPoolsService) Patch(name string, workloadidentitypool *WorkloadIdentityPool) *ProjectsLocationsWorkloadIdentityPoolsPatchCall {
  9500  	c := &ProjectsLocationsWorkloadIdentityPoolsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9501  	c.name = name
  9502  	c.workloadidentitypool = workloadidentitypool
  9503  	return c
  9504  }
  9505  
  9506  // UpdateMask sets the optional parameter "updateMask": Required. The list of
  9507  // fields to update.
  9508  func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsPatchCall {
  9509  	c.urlParams_.Set("updateMask", updateMask)
  9510  	return c
  9511  }
  9512  
  9513  // Fields allows partial responses to be retrieved. See
  9514  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9515  // details.
  9516  func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsPatchCall {
  9517  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9518  	return c
  9519  }
  9520  
  9521  // Context sets the context to be used in this call's Do method.
  9522  func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsPatchCall {
  9523  	c.ctx_ = ctx
  9524  	return c
  9525  }
  9526  
  9527  // Header returns a http.Header that can be modified by the caller to add
  9528  // headers to the request.
  9529  func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Header() http.Header {
  9530  	if c.header_ == nil {
  9531  		c.header_ = make(http.Header)
  9532  	}
  9533  	return c.header_
  9534  }
  9535  
  9536  func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) doRequest(alt string) (*http.Response, error) {
  9537  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  9538  	var body io.Reader = nil
  9539  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypool)
  9540  	if err != nil {
  9541  		return nil, err
  9542  	}
  9543  	c.urlParams_.Set("alt", alt)
  9544  	c.urlParams_.Set("prettyPrint", "false")
  9545  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  9546  	urls += "?" + c.urlParams_.Encode()
  9547  	req, err := http.NewRequest("PATCH", urls, body)
  9548  	if err != nil {
  9549  		return nil, err
  9550  	}
  9551  	req.Header = reqHeaders
  9552  	googleapi.Expand(req.URL, map[string]string{
  9553  		"name": c.name,
  9554  	})
  9555  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9556  }
  9557  
  9558  // Do executes the "iam.projects.locations.workloadIdentityPools.patch" call.
  9559  // Any non-2xx status code is an error. Response headers are in either
  9560  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9561  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9562  // whether the returned error was because http.StatusNotModified was returned.
  9563  func (c *ProjectsLocationsWorkloadIdentityPoolsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9564  	gensupport.SetOptions(c.urlParams_, opts...)
  9565  	res, err := c.doRequest("json")
  9566  	if res != nil && res.StatusCode == http.StatusNotModified {
  9567  		if res.Body != nil {
  9568  			res.Body.Close()
  9569  		}
  9570  		return nil, gensupport.WrapError(&googleapi.Error{
  9571  			Code:   res.StatusCode,
  9572  			Header: res.Header,
  9573  		})
  9574  	}
  9575  	if err != nil {
  9576  		return nil, err
  9577  	}
  9578  	defer googleapi.CloseBody(res)
  9579  	if err := googleapi.CheckResponse(res); err != nil {
  9580  		return nil, gensupport.WrapError(err)
  9581  	}
  9582  	ret := &Operation{
  9583  		ServerResponse: googleapi.ServerResponse{
  9584  			Header:         res.Header,
  9585  			HTTPStatusCode: res.StatusCode,
  9586  		},
  9587  	}
  9588  	target := &ret
  9589  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9590  		return nil, err
  9591  	}
  9592  	return ret, nil
  9593  }
  9594  
  9595  type ProjectsLocationsWorkloadIdentityPoolsUndeleteCall struct {
  9596  	s                                   *Service
  9597  	name                                string
  9598  	undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest
  9599  	urlParams_                          gensupport.URLParams
  9600  	ctx_                                context.Context
  9601  	header_                             http.Header
  9602  }
  9603  
  9604  // Undelete: Undeletes a WorkloadIdentityPool, as long as it was deleted fewer
  9605  // than 30 days ago.
  9606  //
  9607  // - name: The name of the pool to undelete.
  9608  func (r *ProjectsLocationsWorkloadIdentityPoolsService) Undelete(name string, undeleteworkloadidentitypoolrequest *UndeleteWorkloadIdentityPoolRequest) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall {
  9609  	c := &ProjectsLocationsWorkloadIdentityPoolsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9610  	c.name = name
  9611  	c.undeleteworkloadidentitypoolrequest = undeleteworkloadidentitypoolrequest
  9612  	return c
  9613  }
  9614  
  9615  // Fields allows partial responses to be retrieved. See
  9616  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9617  // details.
  9618  func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall {
  9619  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9620  	return c
  9621  }
  9622  
  9623  // Context sets the context to be used in this call's Do method.
  9624  func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall {
  9625  	c.ctx_ = ctx
  9626  	return c
  9627  }
  9628  
  9629  // Header returns a http.Header that can be modified by the caller to add
  9630  // headers to the request.
  9631  func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Header() http.Header {
  9632  	if c.header_ == nil {
  9633  		c.header_ = make(http.Header)
  9634  	}
  9635  	return c.header_
  9636  }
  9637  
  9638  func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) doRequest(alt string) (*http.Response, error) {
  9639  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  9640  	var body io.Reader = nil
  9641  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolrequest)
  9642  	if err != nil {
  9643  		return nil, err
  9644  	}
  9645  	c.urlParams_.Set("alt", alt)
  9646  	c.urlParams_.Set("prettyPrint", "false")
  9647  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  9648  	urls += "?" + c.urlParams_.Encode()
  9649  	req, err := http.NewRequest("POST", urls, body)
  9650  	if err != nil {
  9651  		return nil, err
  9652  	}
  9653  	req.Header = reqHeaders
  9654  	googleapi.Expand(req.URL, map[string]string{
  9655  		"name": c.name,
  9656  	})
  9657  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9658  }
  9659  
  9660  // Do executes the "iam.projects.locations.workloadIdentityPools.undelete" call.
  9661  // Any non-2xx status code is an error. Response headers are in either
  9662  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9663  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9664  // whether the returned error was because http.StatusNotModified was returned.
  9665  func (c *ProjectsLocationsWorkloadIdentityPoolsUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9666  	gensupport.SetOptions(c.urlParams_, opts...)
  9667  	res, err := c.doRequest("json")
  9668  	if res != nil && res.StatusCode == http.StatusNotModified {
  9669  		if res.Body != nil {
  9670  			res.Body.Close()
  9671  		}
  9672  		return nil, gensupport.WrapError(&googleapi.Error{
  9673  			Code:   res.StatusCode,
  9674  			Header: res.Header,
  9675  		})
  9676  	}
  9677  	if err != nil {
  9678  		return nil, err
  9679  	}
  9680  	defer googleapi.CloseBody(res)
  9681  	if err := googleapi.CheckResponse(res); err != nil {
  9682  		return nil, gensupport.WrapError(err)
  9683  	}
  9684  	ret := &Operation{
  9685  		ServerResponse: googleapi.ServerResponse{
  9686  			Header:         res.Header,
  9687  			HTTPStatusCode: res.StatusCode,
  9688  		},
  9689  	}
  9690  	target := &ret
  9691  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9692  		return nil, err
  9693  	}
  9694  	return ret, nil
  9695  }
  9696  
  9697  type ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall struct {
  9698  	s            *Service
  9699  	name         string
  9700  	urlParams_   gensupport.URLParams
  9701  	ifNoneMatch_ string
  9702  	ctx_         context.Context
  9703  	header_      http.Header
  9704  }
  9705  
  9706  // Get: Gets the latest state of a long-running operation. Clients can use this
  9707  // method to poll the operation result at intervals as recommended by the API
  9708  // service.
  9709  //
  9710  // - name: The name of the operation resource.
  9711  func (r *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall {
  9712  	c := &ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9713  	c.name = name
  9714  	return c
  9715  }
  9716  
  9717  // Fields allows partial responses to be retrieved. See
  9718  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9719  // details.
  9720  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall {
  9721  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9722  	return c
  9723  }
  9724  
  9725  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  9726  // object's ETag matches the given value. This is useful for getting updates
  9727  // only after the object has changed since the last request.
  9728  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall {
  9729  	c.ifNoneMatch_ = entityTag
  9730  	return c
  9731  }
  9732  
  9733  // Context sets the context to be used in this call's Do method.
  9734  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall {
  9735  	c.ctx_ = ctx
  9736  	return c
  9737  }
  9738  
  9739  // Header returns a http.Header that can be modified by the caller to add
  9740  // headers to the request.
  9741  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall) Header() http.Header {
  9742  	if c.header_ == nil {
  9743  		c.header_ = make(http.Header)
  9744  	}
  9745  	return c.header_
  9746  }
  9747  
  9748  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  9749  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  9750  	if c.ifNoneMatch_ != "" {
  9751  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  9752  	}
  9753  	var body io.Reader = nil
  9754  	c.urlParams_.Set("alt", alt)
  9755  	c.urlParams_.Set("prettyPrint", "false")
  9756  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  9757  	urls += "?" + c.urlParams_.Encode()
  9758  	req, err := http.NewRequest("GET", urls, body)
  9759  	if err != nil {
  9760  		return nil, err
  9761  	}
  9762  	req.Header = reqHeaders
  9763  	googleapi.Expand(req.URL, map[string]string{
  9764  		"name": c.name,
  9765  	})
  9766  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9767  }
  9768  
  9769  // Do executes the "iam.projects.locations.workloadIdentityPools.namespaces.managedIdentities.operations.get" call.
  9770  // Any non-2xx status code is an error. Response headers are in either
  9771  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9772  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9773  // whether the returned error was because http.StatusNotModified was returned.
  9774  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9775  	gensupport.SetOptions(c.urlParams_, opts...)
  9776  	res, err := c.doRequest("json")
  9777  	if res != nil && res.StatusCode == http.StatusNotModified {
  9778  		if res.Body != nil {
  9779  			res.Body.Close()
  9780  		}
  9781  		return nil, gensupport.WrapError(&googleapi.Error{
  9782  			Code:   res.StatusCode,
  9783  			Header: res.Header,
  9784  		})
  9785  	}
  9786  	if err != nil {
  9787  		return nil, err
  9788  	}
  9789  	defer googleapi.CloseBody(res)
  9790  	if err := googleapi.CheckResponse(res); err != nil {
  9791  		return nil, gensupport.WrapError(err)
  9792  	}
  9793  	ret := &Operation{
  9794  		ServerResponse: googleapi.ServerResponse{
  9795  			Header:         res.Header,
  9796  			HTTPStatusCode: res.StatusCode,
  9797  		},
  9798  	}
  9799  	target := &ret
  9800  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9801  		return nil, err
  9802  	}
  9803  	return ret, nil
  9804  }
  9805  
  9806  type ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall struct {
  9807  	s            *Service
  9808  	name         string
  9809  	urlParams_   gensupport.URLParams
  9810  	ifNoneMatch_ string
  9811  	ctx_         context.Context
  9812  	header_      http.Header
  9813  }
  9814  
  9815  // Get: Gets the latest state of a long-running operation. Clients can use this
  9816  // method to poll the operation result at intervals as recommended by the API
  9817  // service.
  9818  //
  9819  // - name: The name of the operation resource.
  9820  func (r *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall {
  9821  	c := &ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9822  	c.name = name
  9823  	return c
  9824  }
  9825  
  9826  // Fields allows partial responses to be retrieved. See
  9827  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9828  // details.
  9829  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall {
  9830  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9831  	return c
  9832  }
  9833  
  9834  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  9835  // object's ETag matches the given value. This is useful for getting updates
  9836  // only after the object has changed since the last request.
  9837  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall {
  9838  	c.ifNoneMatch_ = entityTag
  9839  	return c
  9840  }
  9841  
  9842  // Context sets the context to be used in this call's Do method.
  9843  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall {
  9844  	c.ctx_ = ctx
  9845  	return c
  9846  }
  9847  
  9848  // Header returns a http.Header that can be modified by the caller to add
  9849  // headers to the request.
  9850  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall) Header() http.Header {
  9851  	if c.header_ == nil {
  9852  		c.header_ = make(http.Header)
  9853  	}
  9854  	return c.header_
  9855  }
  9856  
  9857  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  9858  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  9859  	if c.ifNoneMatch_ != "" {
  9860  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  9861  	}
  9862  	var body io.Reader = nil
  9863  	c.urlParams_.Set("alt", alt)
  9864  	c.urlParams_.Set("prettyPrint", "false")
  9865  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  9866  	urls += "?" + c.urlParams_.Encode()
  9867  	req, err := http.NewRequest("GET", urls, body)
  9868  	if err != nil {
  9869  		return nil, err
  9870  	}
  9871  	req.Header = reqHeaders
  9872  	googleapi.Expand(req.URL, map[string]string{
  9873  		"name": c.name,
  9874  	})
  9875  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9876  }
  9877  
  9878  // Do executes the "iam.projects.locations.workloadIdentityPools.namespaces.managedIdentities.workloadSources.operations.get" call.
  9879  // Any non-2xx status code is an error. Response headers are in either
  9880  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9881  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9882  // whether the returned error was because http.StatusNotModified was returned.
  9883  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesManagedIdentitiesWorkloadSourcesOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9884  	gensupport.SetOptions(c.urlParams_, opts...)
  9885  	res, err := c.doRequest("json")
  9886  	if res != nil && res.StatusCode == http.StatusNotModified {
  9887  		if res.Body != nil {
  9888  			res.Body.Close()
  9889  		}
  9890  		return nil, gensupport.WrapError(&googleapi.Error{
  9891  			Code:   res.StatusCode,
  9892  			Header: res.Header,
  9893  		})
  9894  	}
  9895  	if err != nil {
  9896  		return nil, err
  9897  	}
  9898  	defer googleapi.CloseBody(res)
  9899  	if err := googleapi.CheckResponse(res); err != nil {
  9900  		return nil, gensupport.WrapError(err)
  9901  	}
  9902  	ret := &Operation{
  9903  		ServerResponse: googleapi.ServerResponse{
  9904  			Header:         res.Header,
  9905  			HTTPStatusCode: res.StatusCode,
  9906  		},
  9907  	}
  9908  	target := &ret
  9909  	if err := gensupport.DecodeResponse(target, res); err != nil {
  9910  		return nil, err
  9911  	}
  9912  	return ret, nil
  9913  }
  9914  
  9915  type ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall struct {
  9916  	s            *Service
  9917  	name         string
  9918  	urlParams_   gensupport.URLParams
  9919  	ifNoneMatch_ string
  9920  	ctx_         context.Context
  9921  	header_      http.Header
  9922  }
  9923  
  9924  // Get: Gets the latest state of a long-running operation. Clients can use this
  9925  // method to poll the operation result at intervals as recommended by the API
  9926  // service.
  9927  //
  9928  // - name: The name of the operation resource.
  9929  func (r *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall {
  9930  	c := &ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  9931  	c.name = name
  9932  	return c
  9933  }
  9934  
  9935  // Fields allows partial responses to be retrieved. See
  9936  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  9937  // details.
  9938  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall {
  9939  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  9940  	return c
  9941  }
  9942  
  9943  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  9944  // object's ETag matches the given value. This is useful for getting updates
  9945  // only after the object has changed since the last request.
  9946  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall {
  9947  	c.ifNoneMatch_ = entityTag
  9948  	return c
  9949  }
  9950  
  9951  // Context sets the context to be used in this call's Do method.
  9952  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall {
  9953  	c.ctx_ = ctx
  9954  	return c
  9955  }
  9956  
  9957  // Header returns a http.Header that can be modified by the caller to add
  9958  // headers to the request.
  9959  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall) Header() http.Header {
  9960  	if c.header_ == nil {
  9961  		c.header_ = make(http.Header)
  9962  	}
  9963  	return c.header_
  9964  }
  9965  
  9966  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  9967  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  9968  	if c.ifNoneMatch_ != "" {
  9969  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  9970  	}
  9971  	var body io.Reader = nil
  9972  	c.urlParams_.Set("alt", alt)
  9973  	c.urlParams_.Set("prettyPrint", "false")
  9974  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  9975  	urls += "?" + c.urlParams_.Encode()
  9976  	req, err := http.NewRequest("GET", urls, body)
  9977  	if err != nil {
  9978  		return nil, err
  9979  	}
  9980  	req.Header = reqHeaders
  9981  	googleapi.Expand(req.URL, map[string]string{
  9982  		"name": c.name,
  9983  	})
  9984  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  9985  }
  9986  
  9987  // Do executes the "iam.projects.locations.workloadIdentityPools.namespaces.operations.get" call.
  9988  // Any non-2xx status code is an error. Response headers are in either
  9989  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  9990  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  9991  // whether the returned error was because http.StatusNotModified was returned.
  9992  func (c *ProjectsLocationsWorkloadIdentityPoolsNamespacesOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  9993  	gensupport.SetOptions(c.urlParams_, opts...)
  9994  	res, err := c.doRequest("json")
  9995  	if res != nil && res.StatusCode == http.StatusNotModified {
  9996  		if res.Body != nil {
  9997  			res.Body.Close()
  9998  		}
  9999  		return nil, gensupport.WrapError(&googleapi.Error{
 10000  			Code:   res.StatusCode,
 10001  			Header: res.Header,
 10002  		})
 10003  	}
 10004  	if err != nil {
 10005  		return nil, err
 10006  	}
 10007  	defer googleapi.CloseBody(res)
 10008  	if err := googleapi.CheckResponse(res); err != nil {
 10009  		return nil, gensupport.WrapError(err)
 10010  	}
 10011  	ret := &Operation{
 10012  		ServerResponse: googleapi.ServerResponse{
 10013  			Header:         res.Header,
 10014  			HTTPStatusCode: res.StatusCode,
 10015  		},
 10016  	}
 10017  	target := &ret
 10018  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10019  		return nil, err
 10020  	}
 10021  	return ret, nil
 10022  }
 10023  
 10024  type ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall struct {
 10025  	s            *Service
 10026  	name         string
 10027  	urlParams_   gensupport.URLParams
 10028  	ifNoneMatch_ string
 10029  	ctx_         context.Context
 10030  	header_      http.Header
 10031  }
 10032  
 10033  // Get: Gets the latest state of a long-running operation. Clients can use this
 10034  // method to poll the operation result at intervals as recommended by the API
 10035  // service.
 10036  //
 10037  // - name: The name of the operation resource.
 10038  func (r *ProjectsLocationsWorkloadIdentityPoolsOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall {
 10039  	c := &ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10040  	c.name = name
 10041  	return c
 10042  }
 10043  
 10044  // Fields allows partial responses to be retrieved. See
 10045  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10046  // details.
 10047  func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall {
 10048  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10049  	return c
 10050  }
 10051  
 10052  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 10053  // object's ETag matches the given value. This is useful for getting updates
 10054  // only after the object has changed since the last request.
 10055  func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall {
 10056  	c.ifNoneMatch_ = entityTag
 10057  	return c
 10058  }
 10059  
 10060  // Context sets the context to be used in this call's Do method.
 10061  func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall {
 10062  	c.ctx_ = ctx
 10063  	return c
 10064  }
 10065  
 10066  // Header returns a http.Header that can be modified by the caller to add
 10067  // headers to the request.
 10068  func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Header() http.Header {
 10069  	if c.header_ == nil {
 10070  		c.header_ = make(http.Header)
 10071  	}
 10072  	return c.header_
 10073  }
 10074  
 10075  func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) doRequest(alt string) (*http.Response, error) {
 10076  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 10077  	if c.ifNoneMatch_ != "" {
 10078  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 10079  	}
 10080  	var body io.Reader = nil
 10081  	c.urlParams_.Set("alt", alt)
 10082  	c.urlParams_.Set("prettyPrint", "false")
 10083  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 10084  	urls += "?" + c.urlParams_.Encode()
 10085  	req, err := http.NewRequest("GET", urls, body)
 10086  	if err != nil {
 10087  		return nil, err
 10088  	}
 10089  	req.Header = reqHeaders
 10090  	googleapi.Expand(req.URL, map[string]string{
 10091  		"name": c.name,
 10092  	})
 10093  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10094  }
 10095  
 10096  // Do executes the "iam.projects.locations.workloadIdentityPools.operations.get" call.
 10097  // Any non-2xx status code is an error. Response headers are in either
 10098  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10099  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10100  // whether the returned error was because http.StatusNotModified was returned.
 10101  func (c *ProjectsLocationsWorkloadIdentityPoolsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10102  	gensupport.SetOptions(c.urlParams_, opts...)
 10103  	res, err := c.doRequest("json")
 10104  	if res != nil && res.StatusCode == http.StatusNotModified {
 10105  		if res.Body != nil {
 10106  			res.Body.Close()
 10107  		}
 10108  		return nil, gensupport.WrapError(&googleapi.Error{
 10109  			Code:   res.StatusCode,
 10110  			Header: res.Header,
 10111  		})
 10112  	}
 10113  	if err != nil {
 10114  		return nil, err
 10115  	}
 10116  	defer googleapi.CloseBody(res)
 10117  	if err := googleapi.CheckResponse(res); err != nil {
 10118  		return nil, gensupport.WrapError(err)
 10119  	}
 10120  	ret := &Operation{
 10121  		ServerResponse: googleapi.ServerResponse{
 10122  			Header:         res.Header,
 10123  			HTTPStatusCode: res.StatusCode,
 10124  		},
 10125  	}
 10126  	target := &ret
 10127  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10128  		return nil, err
 10129  	}
 10130  	return ret, nil
 10131  }
 10132  
 10133  type ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall struct {
 10134  	s                            *Service
 10135  	parent                       string
 10136  	workloadidentitypoolprovider *WorkloadIdentityPoolProvider
 10137  	urlParams_                   gensupport.URLParams
 10138  	ctx_                         context.Context
 10139  	header_                      http.Header
 10140  }
 10141  
 10142  // Create: Creates a new WorkloadIdentityPoolProvider in a
 10143  // WorkloadIdentityPool. You cannot reuse the name of a deleted provider until
 10144  // 30 days after deletion.
 10145  //
 10146  // - parent: The pool to create this provider in.
 10147  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Create(parent string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall {
 10148  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10149  	c.parent = parent
 10150  	c.workloadidentitypoolprovider = workloadidentitypoolprovider
 10151  	return c
 10152  }
 10153  
 10154  // WorkloadIdentityPoolProviderId sets the optional parameter
 10155  // "workloadIdentityPoolProviderId": Required. The ID for the provider, which
 10156  // becomes the final component of the resource name. This value must be 4-32
 10157  // characters, and may contain the characters [a-z0-9-]. The prefix `gcp-` is
 10158  // reserved for use by Google, and may not be specified.
 10159  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) WorkloadIdentityPoolProviderId(workloadIdentityPoolProviderId string) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall {
 10160  	c.urlParams_.Set("workloadIdentityPoolProviderId", workloadIdentityPoolProviderId)
 10161  	return c
 10162  }
 10163  
 10164  // Fields allows partial responses to be retrieved. See
 10165  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10166  // details.
 10167  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall {
 10168  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10169  	return c
 10170  }
 10171  
 10172  // Context sets the context to be used in this call's Do method.
 10173  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall {
 10174  	c.ctx_ = ctx
 10175  	return c
 10176  }
 10177  
 10178  // Header returns a http.Header that can be modified by the caller to add
 10179  // headers to the request.
 10180  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Header() http.Header {
 10181  	if c.header_ == nil {
 10182  		c.header_ = make(http.Header)
 10183  	}
 10184  	return c.header_
 10185  }
 10186  
 10187  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) doRequest(alt string) (*http.Response, error) {
 10188  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 10189  	var body io.Reader = nil
 10190  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider)
 10191  	if err != nil {
 10192  		return nil, err
 10193  	}
 10194  	c.urlParams_.Set("alt", alt)
 10195  	c.urlParams_.Set("prettyPrint", "false")
 10196  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers")
 10197  	urls += "?" + c.urlParams_.Encode()
 10198  	req, err := http.NewRequest("POST", urls, body)
 10199  	if err != nil {
 10200  		return nil, err
 10201  	}
 10202  	req.Header = reqHeaders
 10203  	googleapi.Expand(req.URL, map[string]string{
 10204  		"parent": c.parent,
 10205  	})
 10206  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10207  }
 10208  
 10209  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.create" call.
 10210  // Any non-2xx status code is an error. Response headers are in either
 10211  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10212  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10213  // whether the returned error was because http.StatusNotModified was returned.
 10214  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10215  	gensupport.SetOptions(c.urlParams_, opts...)
 10216  	res, err := c.doRequest("json")
 10217  	if res != nil && res.StatusCode == http.StatusNotModified {
 10218  		if res.Body != nil {
 10219  			res.Body.Close()
 10220  		}
 10221  		return nil, gensupport.WrapError(&googleapi.Error{
 10222  			Code:   res.StatusCode,
 10223  			Header: res.Header,
 10224  		})
 10225  	}
 10226  	if err != nil {
 10227  		return nil, err
 10228  	}
 10229  	defer googleapi.CloseBody(res)
 10230  	if err := googleapi.CheckResponse(res); err != nil {
 10231  		return nil, gensupport.WrapError(err)
 10232  	}
 10233  	ret := &Operation{
 10234  		ServerResponse: googleapi.ServerResponse{
 10235  			Header:         res.Header,
 10236  			HTTPStatusCode: res.StatusCode,
 10237  		},
 10238  	}
 10239  	target := &ret
 10240  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10241  		return nil, err
 10242  	}
 10243  	return ret, nil
 10244  }
 10245  
 10246  type ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall struct {
 10247  	s          *Service
 10248  	name       string
 10249  	urlParams_ gensupport.URLParams
 10250  	ctx_       context.Context
 10251  	header_    http.Header
 10252  }
 10253  
 10254  // Delete: Deletes a WorkloadIdentityPoolProvider. Deleting a provider does not
 10255  // revoke credentials that have already been issued; they continue to grant
 10256  // access. You can undelete a provider for 30 days. After 30 days, deletion is
 10257  // permanent. You cannot update deleted providers. However, you can view and
 10258  // list them.
 10259  //
 10260  // - name: The name of the provider to delete.
 10261  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall {
 10262  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10263  	c.name = name
 10264  	return c
 10265  }
 10266  
 10267  // Fields allows partial responses to be retrieved. See
 10268  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10269  // details.
 10270  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall {
 10271  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10272  	return c
 10273  }
 10274  
 10275  // Context sets the context to be used in this call's Do method.
 10276  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall {
 10277  	c.ctx_ = ctx
 10278  	return c
 10279  }
 10280  
 10281  // Header returns a http.Header that can be modified by the caller to add
 10282  // headers to the request.
 10283  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Header() http.Header {
 10284  	if c.header_ == nil {
 10285  		c.header_ = make(http.Header)
 10286  	}
 10287  	return c.header_
 10288  }
 10289  
 10290  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) doRequest(alt string) (*http.Response, error) {
 10291  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 10292  	var body io.Reader = nil
 10293  	c.urlParams_.Set("alt", alt)
 10294  	c.urlParams_.Set("prettyPrint", "false")
 10295  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 10296  	urls += "?" + c.urlParams_.Encode()
 10297  	req, err := http.NewRequest("DELETE", urls, body)
 10298  	if err != nil {
 10299  		return nil, err
 10300  	}
 10301  	req.Header = reqHeaders
 10302  	googleapi.Expand(req.URL, map[string]string{
 10303  		"name": c.name,
 10304  	})
 10305  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10306  }
 10307  
 10308  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.delete" call.
 10309  // Any non-2xx status code is an error. Response headers are in either
 10310  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10311  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10312  // whether the returned error was because http.StatusNotModified was returned.
 10313  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10314  	gensupport.SetOptions(c.urlParams_, opts...)
 10315  	res, err := c.doRequest("json")
 10316  	if res != nil && res.StatusCode == http.StatusNotModified {
 10317  		if res.Body != nil {
 10318  			res.Body.Close()
 10319  		}
 10320  		return nil, gensupport.WrapError(&googleapi.Error{
 10321  			Code:   res.StatusCode,
 10322  			Header: res.Header,
 10323  		})
 10324  	}
 10325  	if err != nil {
 10326  		return nil, err
 10327  	}
 10328  	defer googleapi.CloseBody(res)
 10329  	if err := googleapi.CheckResponse(res); err != nil {
 10330  		return nil, gensupport.WrapError(err)
 10331  	}
 10332  	ret := &Operation{
 10333  		ServerResponse: googleapi.ServerResponse{
 10334  			Header:         res.Header,
 10335  			HTTPStatusCode: res.StatusCode,
 10336  		},
 10337  	}
 10338  	target := &ret
 10339  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10340  		return nil, err
 10341  	}
 10342  	return ret, nil
 10343  }
 10344  
 10345  type ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall struct {
 10346  	s            *Service
 10347  	name         string
 10348  	urlParams_   gensupport.URLParams
 10349  	ifNoneMatch_ string
 10350  	ctx_         context.Context
 10351  	header_      http.Header
 10352  }
 10353  
 10354  // Get: Gets an individual WorkloadIdentityPoolProvider.
 10355  //
 10356  // - name: The name of the provider to retrieve.
 10357  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall {
 10358  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10359  	c.name = name
 10360  	return c
 10361  }
 10362  
 10363  // Fields allows partial responses to be retrieved. See
 10364  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10365  // details.
 10366  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall {
 10367  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10368  	return c
 10369  }
 10370  
 10371  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 10372  // object's ETag matches the given value. This is useful for getting updates
 10373  // only after the object has changed since the last request.
 10374  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall {
 10375  	c.ifNoneMatch_ = entityTag
 10376  	return c
 10377  }
 10378  
 10379  // Context sets the context to be used in this call's Do method.
 10380  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall {
 10381  	c.ctx_ = ctx
 10382  	return c
 10383  }
 10384  
 10385  // Header returns a http.Header that can be modified by the caller to add
 10386  // headers to the request.
 10387  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Header() http.Header {
 10388  	if c.header_ == nil {
 10389  		c.header_ = make(http.Header)
 10390  	}
 10391  	return c.header_
 10392  }
 10393  
 10394  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) doRequest(alt string) (*http.Response, error) {
 10395  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 10396  	if c.ifNoneMatch_ != "" {
 10397  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 10398  	}
 10399  	var body io.Reader = nil
 10400  	c.urlParams_.Set("alt", alt)
 10401  	c.urlParams_.Set("prettyPrint", "false")
 10402  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 10403  	urls += "?" + c.urlParams_.Encode()
 10404  	req, err := http.NewRequest("GET", urls, body)
 10405  	if err != nil {
 10406  		return nil, err
 10407  	}
 10408  	req.Header = reqHeaders
 10409  	googleapi.Expand(req.URL, map[string]string{
 10410  		"name": c.name,
 10411  	})
 10412  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10413  }
 10414  
 10415  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.get" call.
 10416  // Any non-2xx status code is an error. Response headers are in either
 10417  // *WorkloadIdentityPoolProvider.ServerResponse.Header or (if a response was
 10418  // returned at all) in error.(*googleapi.Error).Header. Use
 10419  // googleapi.IsNotModified to check whether the returned error was because
 10420  // http.StatusNotModified was returned.
 10421  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPoolProvider, error) {
 10422  	gensupport.SetOptions(c.urlParams_, opts...)
 10423  	res, err := c.doRequest("json")
 10424  	if res != nil && res.StatusCode == http.StatusNotModified {
 10425  		if res.Body != nil {
 10426  			res.Body.Close()
 10427  		}
 10428  		return nil, gensupport.WrapError(&googleapi.Error{
 10429  			Code:   res.StatusCode,
 10430  			Header: res.Header,
 10431  		})
 10432  	}
 10433  	if err != nil {
 10434  		return nil, err
 10435  	}
 10436  	defer googleapi.CloseBody(res)
 10437  	if err := googleapi.CheckResponse(res); err != nil {
 10438  		return nil, gensupport.WrapError(err)
 10439  	}
 10440  	ret := &WorkloadIdentityPoolProvider{
 10441  		ServerResponse: googleapi.ServerResponse{
 10442  			Header:         res.Header,
 10443  			HTTPStatusCode: res.StatusCode,
 10444  		},
 10445  	}
 10446  	target := &ret
 10447  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10448  		return nil, err
 10449  	}
 10450  	return ret, nil
 10451  }
 10452  
 10453  type ProjectsLocationsWorkloadIdentityPoolsProvidersListCall struct {
 10454  	s            *Service
 10455  	parent       string
 10456  	urlParams_   gensupport.URLParams
 10457  	ifNoneMatch_ string
 10458  	ctx_         context.Context
 10459  	header_      http.Header
 10460  }
 10461  
 10462  // List: Lists all non-deleted WorkloadIdentityPoolProviders in a
 10463  // WorkloadIdentityPool. If `show_deleted` is set to `true`, then deleted
 10464  // providers are also listed.
 10465  //
 10466  // - parent: The pool to list providers for.
 10467  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10468  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10469  	c.parent = parent
 10470  	return c
 10471  }
 10472  
 10473  // PageSize sets the optional parameter "pageSize": The maximum number of
 10474  // providers to return. If unspecified, at most 50 providers are returned. The
 10475  // maximum value is 100; values above 100 are truncated to 100.
 10476  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10477  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 10478  	return c
 10479  }
 10480  
 10481  // PageToken sets the optional parameter "pageToken": A page token, received
 10482  // from a previous `ListWorkloadIdentityPoolProviders` call. Provide this to
 10483  // retrieve the subsequent page.
 10484  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10485  	c.urlParams_.Set("pageToken", pageToken)
 10486  	return c
 10487  }
 10488  
 10489  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
 10490  // soft-deleted providers.
 10491  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10492  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
 10493  	return c
 10494  }
 10495  
 10496  // Fields allows partial responses to be retrieved. See
 10497  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10498  // details.
 10499  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10500  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10501  	return c
 10502  }
 10503  
 10504  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 10505  // object's ETag matches the given value. This is useful for getting updates
 10506  // only after the object has changed since the last request.
 10507  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10508  	c.ifNoneMatch_ = entityTag
 10509  	return c
 10510  }
 10511  
 10512  // Context sets the context to be used in this call's Do method.
 10513  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall {
 10514  	c.ctx_ = ctx
 10515  	return c
 10516  }
 10517  
 10518  // Header returns a http.Header that can be modified by the caller to add
 10519  // headers to the request.
 10520  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Header() http.Header {
 10521  	if c.header_ == nil {
 10522  		c.header_ = make(http.Header)
 10523  	}
 10524  	return c.header_
 10525  }
 10526  
 10527  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) doRequest(alt string) (*http.Response, error) {
 10528  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 10529  	if c.ifNoneMatch_ != "" {
 10530  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 10531  	}
 10532  	var body io.Reader = nil
 10533  	c.urlParams_.Set("alt", alt)
 10534  	c.urlParams_.Set("prettyPrint", "false")
 10535  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/providers")
 10536  	urls += "?" + c.urlParams_.Encode()
 10537  	req, err := http.NewRequest("GET", urls, body)
 10538  	if err != nil {
 10539  		return nil, err
 10540  	}
 10541  	req.Header = reqHeaders
 10542  	googleapi.Expand(req.URL, map[string]string{
 10543  		"parent": c.parent,
 10544  	})
 10545  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10546  }
 10547  
 10548  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.list" call.
 10549  // Any non-2xx status code is an error. Response headers are in either
 10550  // *ListWorkloadIdentityPoolProvidersResponse.ServerResponse.Header or (if a
 10551  // response was returned at all) in error.(*googleapi.Error).Header. Use
 10552  // googleapi.IsNotModified to check whether the returned error was because
 10553  // http.StatusNotModified was returned.
 10554  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolProvidersResponse, error) {
 10555  	gensupport.SetOptions(c.urlParams_, opts...)
 10556  	res, err := c.doRequest("json")
 10557  	if res != nil && res.StatusCode == http.StatusNotModified {
 10558  		if res.Body != nil {
 10559  			res.Body.Close()
 10560  		}
 10561  		return nil, gensupport.WrapError(&googleapi.Error{
 10562  			Code:   res.StatusCode,
 10563  			Header: res.Header,
 10564  		})
 10565  	}
 10566  	if err != nil {
 10567  		return nil, err
 10568  	}
 10569  	defer googleapi.CloseBody(res)
 10570  	if err := googleapi.CheckResponse(res); err != nil {
 10571  		return nil, gensupport.WrapError(err)
 10572  	}
 10573  	ret := &ListWorkloadIdentityPoolProvidersResponse{
 10574  		ServerResponse: googleapi.ServerResponse{
 10575  			Header:         res.Header,
 10576  			HTTPStatusCode: res.StatusCode,
 10577  		},
 10578  	}
 10579  	target := &ret
 10580  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10581  		return nil, err
 10582  	}
 10583  	return ret, nil
 10584  }
 10585  
 10586  // Pages invokes f for each page of results.
 10587  // A non-nil error returned from f will halt the iteration.
 10588  // The provided context supersedes any context provided to the Context method.
 10589  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolProvidersResponse) error) error {
 10590  	c.ctx_ = ctx
 10591  	defer c.PageToken(c.urlParams_.Get("pageToken"))
 10592  	for {
 10593  		x, err := c.Do()
 10594  		if err != nil {
 10595  			return err
 10596  		}
 10597  		if err := f(x); err != nil {
 10598  			return err
 10599  		}
 10600  		if x.NextPageToken == "" {
 10601  			return nil
 10602  		}
 10603  		c.PageToken(x.NextPageToken)
 10604  	}
 10605  }
 10606  
 10607  type ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall struct {
 10608  	s                            *Service
 10609  	name                         string
 10610  	workloadidentitypoolprovider *WorkloadIdentityPoolProvider
 10611  	urlParams_                   gensupport.URLParams
 10612  	ctx_                         context.Context
 10613  	header_                      http.Header
 10614  }
 10615  
 10616  // Patch: Updates an existing WorkloadIdentityPoolProvider.
 10617  //
 10618  // - name: Output only. The resource name of the provider.
 10619  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Patch(name string, workloadidentitypoolprovider *WorkloadIdentityPoolProvider) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall {
 10620  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10621  	c.name = name
 10622  	c.workloadidentitypoolprovider = workloadidentitypoolprovider
 10623  	return c
 10624  }
 10625  
 10626  // UpdateMask sets the optional parameter "updateMask": Required. The list of
 10627  // fields to update.
 10628  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) UpdateMask(updateMask string) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall {
 10629  	c.urlParams_.Set("updateMask", updateMask)
 10630  	return c
 10631  }
 10632  
 10633  // Fields allows partial responses to be retrieved. See
 10634  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10635  // details.
 10636  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall {
 10637  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10638  	return c
 10639  }
 10640  
 10641  // Context sets the context to be used in this call's Do method.
 10642  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall {
 10643  	c.ctx_ = ctx
 10644  	return c
 10645  }
 10646  
 10647  // Header returns a http.Header that can be modified by the caller to add
 10648  // headers to the request.
 10649  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Header() http.Header {
 10650  	if c.header_ == nil {
 10651  		c.header_ = make(http.Header)
 10652  	}
 10653  	return c.header_
 10654  }
 10655  
 10656  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) doRequest(alt string) (*http.Response, error) {
 10657  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 10658  	var body io.Reader = nil
 10659  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolprovider)
 10660  	if err != nil {
 10661  		return nil, err
 10662  	}
 10663  	c.urlParams_.Set("alt", alt)
 10664  	c.urlParams_.Set("prettyPrint", "false")
 10665  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 10666  	urls += "?" + c.urlParams_.Encode()
 10667  	req, err := http.NewRequest("PATCH", urls, body)
 10668  	if err != nil {
 10669  		return nil, err
 10670  	}
 10671  	req.Header = reqHeaders
 10672  	googleapi.Expand(req.URL, map[string]string{
 10673  		"name": c.name,
 10674  	})
 10675  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10676  }
 10677  
 10678  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.patch" call.
 10679  // Any non-2xx status code is an error. Response headers are in either
 10680  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10681  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10682  // whether the returned error was because http.StatusNotModified was returned.
 10683  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10684  	gensupport.SetOptions(c.urlParams_, opts...)
 10685  	res, err := c.doRequest("json")
 10686  	if res != nil && res.StatusCode == http.StatusNotModified {
 10687  		if res.Body != nil {
 10688  			res.Body.Close()
 10689  		}
 10690  		return nil, gensupport.WrapError(&googleapi.Error{
 10691  			Code:   res.StatusCode,
 10692  			Header: res.Header,
 10693  		})
 10694  	}
 10695  	if err != nil {
 10696  		return nil, err
 10697  	}
 10698  	defer googleapi.CloseBody(res)
 10699  	if err := googleapi.CheckResponse(res); err != nil {
 10700  		return nil, gensupport.WrapError(err)
 10701  	}
 10702  	ret := &Operation{
 10703  		ServerResponse: googleapi.ServerResponse{
 10704  			Header:         res.Header,
 10705  			HTTPStatusCode: res.StatusCode,
 10706  		},
 10707  	}
 10708  	target := &ret
 10709  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10710  		return nil, err
 10711  	}
 10712  	return ret, nil
 10713  }
 10714  
 10715  type ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall struct {
 10716  	s                                           *Service
 10717  	name                                        string
 10718  	undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest
 10719  	urlParams_                                  gensupport.URLParams
 10720  	ctx_                                        context.Context
 10721  	header_                                     http.Header
 10722  }
 10723  
 10724  // Undelete: Undeletes a WorkloadIdentityPoolProvider, as long as it was
 10725  // deleted fewer than 30 days ago.
 10726  //
 10727  // - name: The name of the provider to undelete.
 10728  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersService) Undelete(name string, undeleteworkloadidentitypoolproviderrequest *UndeleteWorkloadIdentityPoolProviderRequest) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall {
 10729  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10730  	c.name = name
 10731  	c.undeleteworkloadidentitypoolproviderrequest = undeleteworkloadidentitypoolproviderrequest
 10732  	return c
 10733  }
 10734  
 10735  // Fields allows partial responses to be retrieved. See
 10736  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10737  // details.
 10738  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall {
 10739  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10740  	return c
 10741  }
 10742  
 10743  // Context sets the context to be used in this call's Do method.
 10744  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall {
 10745  	c.ctx_ = ctx
 10746  	return c
 10747  }
 10748  
 10749  // Header returns a http.Header that can be modified by the caller to add
 10750  // headers to the request.
 10751  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Header() http.Header {
 10752  	if c.header_ == nil {
 10753  		c.header_ = make(http.Header)
 10754  	}
 10755  	return c.header_
 10756  }
 10757  
 10758  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) doRequest(alt string) (*http.Response, error) {
 10759  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 10760  	var body io.Reader = nil
 10761  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolproviderrequest)
 10762  	if err != nil {
 10763  		return nil, err
 10764  	}
 10765  	c.urlParams_.Set("alt", alt)
 10766  	c.urlParams_.Set("prettyPrint", "false")
 10767  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
 10768  	urls += "?" + c.urlParams_.Encode()
 10769  	req, err := http.NewRequest("POST", urls, body)
 10770  	if err != nil {
 10771  		return nil, err
 10772  	}
 10773  	req.Header = reqHeaders
 10774  	googleapi.Expand(req.URL, map[string]string{
 10775  		"name": c.name,
 10776  	})
 10777  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10778  }
 10779  
 10780  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.undelete" call.
 10781  // Any non-2xx status code is an error. Response headers are in either
 10782  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10783  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10784  // whether the returned error was because http.StatusNotModified was returned.
 10785  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10786  	gensupport.SetOptions(c.urlParams_, opts...)
 10787  	res, err := c.doRequest("json")
 10788  	if res != nil && res.StatusCode == http.StatusNotModified {
 10789  		if res.Body != nil {
 10790  			res.Body.Close()
 10791  		}
 10792  		return nil, gensupport.WrapError(&googleapi.Error{
 10793  			Code:   res.StatusCode,
 10794  			Header: res.Header,
 10795  		})
 10796  	}
 10797  	if err != nil {
 10798  		return nil, err
 10799  	}
 10800  	defer googleapi.CloseBody(res)
 10801  	if err := googleapi.CheckResponse(res); err != nil {
 10802  		return nil, gensupport.WrapError(err)
 10803  	}
 10804  	ret := &Operation{
 10805  		ServerResponse: googleapi.ServerResponse{
 10806  			Header:         res.Header,
 10807  			HTTPStatusCode: res.StatusCode,
 10808  		},
 10809  	}
 10810  	target := &ret
 10811  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10812  		return nil, err
 10813  	}
 10814  	return ret, nil
 10815  }
 10816  
 10817  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall struct {
 10818  	s                               *Service
 10819  	parent                          string
 10820  	workloadidentitypoolproviderkey *WorkloadIdentityPoolProviderKey
 10821  	urlParams_                      gensupport.URLParams
 10822  	ctx_                            context.Context
 10823  	header_                         http.Header
 10824  }
 10825  
 10826  // Create: Create a new WorkloadIdentityPoolProviderKey in a
 10827  // WorkloadIdentityPoolProvider.
 10828  //
 10829  // - parent: The parent provider resource to create the key in.
 10830  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService) Create(parent string, workloadidentitypoolproviderkey *WorkloadIdentityPoolProviderKey) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall {
 10831  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10832  	c.parent = parent
 10833  	c.workloadidentitypoolproviderkey = workloadidentitypoolproviderkey
 10834  	return c
 10835  }
 10836  
 10837  // WorkloadIdentityPoolProviderKeyId sets the optional parameter
 10838  // "workloadIdentityPoolProviderKeyId": Required. The ID to use for the key,
 10839  // which becomes the final component of the resource name. This value should be
 10840  // 4-32 characters, and may contain the characters [a-z0-9-].
 10841  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall) WorkloadIdentityPoolProviderKeyId(workloadIdentityPoolProviderKeyId string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall {
 10842  	c.urlParams_.Set("workloadIdentityPoolProviderKeyId", workloadIdentityPoolProviderKeyId)
 10843  	return c
 10844  }
 10845  
 10846  // Fields allows partial responses to be retrieved. See
 10847  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10848  // details.
 10849  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall {
 10850  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10851  	return c
 10852  }
 10853  
 10854  // Context sets the context to be used in this call's Do method.
 10855  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall {
 10856  	c.ctx_ = ctx
 10857  	return c
 10858  }
 10859  
 10860  // Header returns a http.Header that can be modified by the caller to add
 10861  // headers to the request.
 10862  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall) Header() http.Header {
 10863  	if c.header_ == nil {
 10864  		c.header_ = make(http.Header)
 10865  	}
 10866  	return c.header_
 10867  }
 10868  
 10869  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall) doRequest(alt string) (*http.Response, error) {
 10870  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 10871  	var body io.Reader = nil
 10872  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.workloadidentitypoolproviderkey)
 10873  	if err != nil {
 10874  		return nil, err
 10875  	}
 10876  	c.urlParams_.Set("alt", alt)
 10877  	c.urlParams_.Set("prettyPrint", "false")
 10878  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/keys")
 10879  	urls += "?" + c.urlParams_.Encode()
 10880  	req, err := http.NewRequest("POST", urls, body)
 10881  	if err != nil {
 10882  		return nil, err
 10883  	}
 10884  	req.Header = reqHeaders
 10885  	googleapi.Expand(req.URL, map[string]string{
 10886  		"parent": c.parent,
 10887  	})
 10888  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10889  }
 10890  
 10891  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.keys.create" call.
 10892  // Any non-2xx status code is an error. Response headers are in either
 10893  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10894  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10895  // whether the returned error was because http.StatusNotModified was returned.
 10896  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10897  	gensupport.SetOptions(c.urlParams_, opts...)
 10898  	res, err := c.doRequest("json")
 10899  	if res != nil && res.StatusCode == http.StatusNotModified {
 10900  		if res.Body != nil {
 10901  			res.Body.Close()
 10902  		}
 10903  		return nil, gensupport.WrapError(&googleapi.Error{
 10904  			Code:   res.StatusCode,
 10905  			Header: res.Header,
 10906  		})
 10907  	}
 10908  	if err != nil {
 10909  		return nil, err
 10910  	}
 10911  	defer googleapi.CloseBody(res)
 10912  	if err := googleapi.CheckResponse(res); err != nil {
 10913  		return nil, gensupport.WrapError(err)
 10914  	}
 10915  	ret := &Operation{
 10916  		ServerResponse: googleapi.ServerResponse{
 10917  			Header:         res.Header,
 10918  			HTTPStatusCode: res.StatusCode,
 10919  		},
 10920  	}
 10921  	target := &ret
 10922  	if err := gensupport.DecodeResponse(target, res); err != nil {
 10923  		return nil, err
 10924  	}
 10925  	return ret, nil
 10926  }
 10927  
 10928  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall struct {
 10929  	s          *Service
 10930  	name       string
 10931  	urlParams_ gensupport.URLParams
 10932  	ctx_       context.Context
 10933  	header_    http.Header
 10934  }
 10935  
 10936  // Delete: Deletes an WorkloadIdentityPoolProviderKey. You can undelete a key
 10937  // for 30 days. After 30 days, deletion is permanent.
 10938  //
 10939  // - name: The name of the encryption key to delete.
 10940  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService) Delete(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall {
 10941  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 10942  	c.name = name
 10943  	return c
 10944  }
 10945  
 10946  // Fields allows partial responses to be retrieved. See
 10947  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 10948  // details.
 10949  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall {
 10950  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 10951  	return c
 10952  }
 10953  
 10954  // Context sets the context to be used in this call's Do method.
 10955  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall {
 10956  	c.ctx_ = ctx
 10957  	return c
 10958  }
 10959  
 10960  // Header returns a http.Header that can be modified by the caller to add
 10961  // headers to the request.
 10962  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall) Header() http.Header {
 10963  	if c.header_ == nil {
 10964  		c.header_ = make(http.Header)
 10965  	}
 10966  	return c.header_
 10967  }
 10968  
 10969  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall) doRequest(alt string) (*http.Response, error) {
 10970  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 10971  	var body io.Reader = nil
 10972  	c.urlParams_.Set("alt", alt)
 10973  	c.urlParams_.Set("prettyPrint", "false")
 10974  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 10975  	urls += "?" + c.urlParams_.Encode()
 10976  	req, err := http.NewRequest("DELETE", urls, body)
 10977  	if err != nil {
 10978  		return nil, err
 10979  	}
 10980  	req.Header = reqHeaders
 10981  	googleapi.Expand(req.URL, map[string]string{
 10982  		"name": c.name,
 10983  	})
 10984  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 10985  }
 10986  
 10987  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.keys.delete" call.
 10988  // Any non-2xx status code is an error. Response headers are in either
 10989  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 10990  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 10991  // whether the returned error was because http.StatusNotModified was returned.
 10992  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 10993  	gensupport.SetOptions(c.urlParams_, opts...)
 10994  	res, err := c.doRequest("json")
 10995  	if res != nil && res.StatusCode == http.StatusNotModified {
 10996  		if res.Body != nil {
 10997  			res.Body.Close()
 10998  		}
 10999  		return nil, gensupport.WrapError(&googleapi.Error{
 11000  			Code:   res.StatusCode,
 11001  			Header: res.Header,
 11002  		})
 11003  	}
 11004  	if err != nil {
 11005  		return nil, err
 11006  	}
 11007  	defer googleapi.CloseBody(res)
 11008  	if err := googleapi.CheckResponse(res); err != nil {
 11009  		return nil, gensupport.WrapError(err)
 11010  	}
 11011  	ret := &Operation{
 11012  		ServerResponse: googleapi.ServerResponse{
 11013  			Header:         res.Header,
 11014  			HTTPStatusCode: res.StatusCode,
 11015  		},
 11016  	}
 11017  	target := &ret
 11018  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11019  		return nil, err
 11020  	}
 11021  	return ret, nil
 11022  }
 11023  
 11024  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall struct {
 11025  	s            *Service
 11026  	name         string
 11027  	urlParams_   gensupport.URLParams
 11028  	ifNoneMatch_ string
 11029  	ctx_         context.Context
 11030  	header_      http.Header
 11031  }
 11032  
 11033  // Get: Gets an individual WorkloadIdentityPoolProviderKey.
 11034  //
 11035  // - name: The name of the key to retrieve.
 11036  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall {
 11037  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11038  	c.name = name
 11039  	return c
 11040  }
 11041  
 11042  // Fields allows partial responses to be retrieved. See
 11043  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11044  // details.
 11045  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall {
 11046  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11047  	return c
 11048  }
 11049  
 11050  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 11051  // object's ETag matches the given value. This is useful for getting updates
 11052  // only after the object has changed since the last request.
 11053  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall {
 11054  	c.ifNoneMatch_ = entityTag
 11055  	return c
 11056  }
 11057  
 11058  // Context sets the context to be used in this call's Do method.
 11059  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall {
 11060  	c.ctx_ = ctx
 11061  	return c
 11062  }
 11063  
 11064  // Header returns a http.Header that can be modified by the caller to add
 11065  // headers to the request.
 11066  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall) Header() http.Header {
 11067  	if c.header_ == nil {
 11068  		c.header_ = make(http.Header)
 11069  	}
 11070  	return c.header_
 11071  }
 11072  
 11073  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall) doRequest(alt string) (*http.Response, error) {
 11074  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 11075  	if c.ifNoneMatch_ != "" {
 11076  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 11077  	}
 11078  	var body io.Reader = nil
 11079  	c.urlParams_.Set("alt", alt)
 11080  	c.urlParams_.Set("prettyPrint", "false")
 11081  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 11082  	urls += "?" + c.urlParams_.Encode()
 11083  	req, err := http.NewRequest("GET", urls, body)
 11084  	if err != nil {
 11085  		return nil, err
 11086  	}
 11087  	req.Header = reqHeaders
 11088  	googleapi.Expand(req.URL, map[string]string{
 11089  		"name": c.name,
 11090  	})
 11091  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11092  }
 11093  
 11094  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.keys.get" call.
 11095  // Any non-2xx status code is an error. Response headers are in either
 11096  // *WorkloadIdentityPoolProviderKey.ServerResponse.Header or (if a response was
 11097  // returned at all) in error.(*googleapi.Error).Header. Use
 11098  // googleapi.IsNotModified to check whether the returned error was because
 11099  // http.StatusNotModified was returned.
 11100  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysGetCall) Do(opts ...googleapi.CallOption) (*WorkloadIdentityPoolProviderKey, error) {
 11101  	gensupport.SetOptions(c.urlParams_, opts...)
 11102  	res, err := c.doRequest("json")
 11103  	if res != nil && res.StatusCode == http.StatusNotModified {
 11104  		if res.Body != nil {
 11105  			res.Body.Close()
 11106  		}
 11107  		return nil, gensupport.WrapError(&googleapi.Error{
 11108  			Code:   res.StatusCode,
 11109  			Header: res.Header,
 11110  		})
 11111  	}
 11112  	if err != nil {
 11113  		return nil, err
 11114  	}
 11115  	defer googleapi.CloseBody(res)
 11116  	if err := googleapi.CheckResponse(res); err != nil {
 11117  		return nil, gensupport.WrapError(err)
 11118  	}
 11119  	ret := &WorkloadIdentityPoolProviderKey{
 11120  		ServerResponse: googleapi.ServerResponse{
 11121  			Header:         res.Header,
 11122  			HTTPStatusCode: res.StatusCode,
 11123  		},
 11124  	}
 11125  	target := &ret
 11126  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11127  		return nil, err
 11128  	}
 11129  	return ret, nil
 11130  }
 11131  
 11132  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall struct {
 11133  	s            *Service
 11134  	parent       string
 11135  	urlParams_   gensupport.URLParams
 11136  	ifNoneMatch_ string
 11137  	ctx_         context.Context
 11138  	header_      http.Header
 11139  }
 11140  
 11141  // List: Lists all non-deleted WorkloadIdentityPoolProviderKeys in a project.
 11142  // If show_deleted is set to `true`, then deleted pools are also listed.
 11143  //
 11144  // - parent: The parent provider resource to list encryption keys for.
 11145  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService) List(parent string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11146  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11147  	c.parent = parent
 11148  	return c
 11149  }
 11150  
 11151  // PageSize sets the optional parameter "pageSize": The maximum number of keys
 11152  // to return. If unspecified, all keys are returned. The maximum value is 10;
 11153  // values above 10 are truncated to 10.
 11154  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) PageSize(pageSize int64) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11155  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 11156  	return c
 11157  }
 11158  
 11159  // PageToken sets the optional parameter "pageToken": A page token, received
 11160  // from a previous `ListWorkloadIdentityPoolProviderKeys` call. Provide this to
 11161  // retrieve the subsequent page.
 11162  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) PageToken(pageToken string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11163  	c.urlParams_.Set("pageToken", pageToken)
 11164  	return c
 11165  }
 11166  
 11167  // ShowDeleted sets the optional parameter "showDeleted": Whether to return
 11168  // soft deleted resources as well.
 11169  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) ShowDeleted(showDeleted bool) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11170  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
 11171  	return c
 11172  }
 11173  
 11174  // Fields allows partial responses to be retrieved. See
 11175  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11176  // details.
 11177  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11178  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11179  	return c
 11180  }
 11181  
 11182  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 11183  // object's ETag matches the given value. This is useful for getting updates
 11184  // only after the object has changed since the last request.
 11185  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11186  	c.ifNoneMatch_ = entityTag
 11187  	return c
 11188  }
 11189  
 11190  // Context sets the context to be used in this call's Do method.
 11191  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall {
 11192  	c.ctx_ = ctx
 11193  	return c
 11194  }
 11195  
 11196  // Header returns a http.Header that can be modified by the caller to add
 11197  // headers to the request.
 11198  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) Header() http.Header {
 11199  	if c.header_ == nil {
 11200  		c.header_ = make(http.Header)
 11201  	}
 11202  	return c.header_
 11203  }
 11204  
 11205  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) doRequest(alt string) (*http.Response, error) {
 11206  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 11207  	if c.ifNoneMatch_ != "" {
 11208  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 11209  	}
 11210  	var body io.Reader = nil
 11211  	c.urlParams_.Set("alt", alt)
 11212  	c.urlParams_.Set("prettyPrint", "false")
 11213  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/keys")
 11214  	urls += "?" + c.urlParams_.Encode()
 11215  	req, err := http.NewRequest("GET", urls, body)
 11216  	if err != nil {
 11217  		return nil, err
 11218  	}
 11219  	req.Header = reqHeaders
 11220  	googleapi.Expand(req.URL, map[string]string{
 11221  		"parent": c.parent,
 11222  	})
 11223  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11224  }
 11225  
 11226  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.keys.list" call.
 11227  // Any non-2xx status code is an error. Response headers are in either
 11228  // *ListWorkloadIdentityPoolProviderKeysResponse.ServerResponse.Header or (if a
 11229  // response was returned at all) in error.(*googleapi.Error).Header. Use
 11230  // googleapi.IsNotModified to check whether the returned error was because
 11231  // http.StatusNotModified was returned.
 11232  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) Do(opts ...googleapi.CallOption) (*ListWorkloadIdentityPoolProviderKeysResponse, error) {
 11233  	gensupport.SetOptions(c.urlParams_, opts...)
 11234  	res, err := c.doRequest("json")
 11235  	if res != nil && res.StatusCode == http.StatusNotModified {
 11236  		if res.Body != nil {
 11237  			res.Body.Close()
 11238  		}
 11239  		return nil, gensupport.WrapError(&googleapi.Error{
 11240  			Code:   res.StatusCode,
 11241  			Header: res.Header,
 11242  		})
 11243  	}
 11244  	if err != nil {
 11245  		return nil, err
 11246  	}
 11247  	defer googleapi.CloseBody(res)
 11248  	if err := googleapi.CheckResponse(res); err != nil {
 11249  		return nil, gensupport.WrapError(err)
 11250  	}
 11251  	ret := &ListWorkloadIdentityPoolProviderKeysResponse{
 11252  		ServerResponse: googleapi.ServerResponse{
 11253  			Header:         res.Header,
 11254  			HTTPStatusCode: res.StatusCode,
 11255  		},
 11256  	}
 11257  	target := &ret
 11258  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11259  		return nil, err
 11260  	}
 11261  	return ret, nil
 11262  }
 11263  
 11264  // Pages invokes f for each page of results.
 11265  // A non-nil error returned from f will halt the iteration.
 11266  // The provided context supersedes any context provided to the Context method.
 11267  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysListCall) Pages(ctx context.Context, f func(*ListWorkloadIdentityPoolProviderKeysResponse) error) error {
 11268  	c.ctx_ = ctx
 11269  	defer c.PageToken(c.urlParams_.Get("pageToken"))
 11270  	for {
 11271  		x, err := c.Do()
 11272  		if err != nil {
 11273  			return err
 11274  		}
 11275  		if err := f(x); err != nil {
 11276  			return err
 11277  		}
 11278  		if x.NextPageToken == "" {
 11279  			return nil
 11280  		}
 11281  		c.PageToken(x.NextPageToken)
 11282  	}
 11283  }
 11284  
 11285  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall struct {
 11286  	s                                              *Service
 11287  	name                                           string
 11288  	undeleteworkloadidentitypoolproviderkeyrequest *UndeleteWorkloadIdentityPoolProviderKeyRequest
 11289  	urlParams_                                     gensupport.URLParams
 11290  	ctx_                                           context.Context
 11291  	header_                                        http.Header
 11292  }
 11293  
 11294  // Undelete: Undeletes an WorkloadIdentityPoolProviderKey, as long as it was
 11295  // deleted fewer than 30 days ago.
 11296  //
 11297  // - name: The name of the encryption key to undelete.
 11298  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysService) Undelete(name string, undeleteworkloadidentitypoolproviderkeyrequest *UndeleteWorkloadIdentityPoolProviderKeyRequest) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall {
 11299  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11300  	c.name = name
 11301  	c.undeleteworkloadidentitypoolproviderkeyrequest = undeleteworkloadidentitypoolproviderkeyrequest
 11302  	return c
 11303  }
 11304  
 11305  // Fields allows partial responses to be retrieved. See
 11306  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11307  // details.
 11308  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall {
 11309  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11310  	return c
 11311  }
 11312  
 11313  // Context sets the context to be used in this call's Do method.
 11314  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall {
 11315  	c.ctx_ = ctx
 11316  	return c
 11317  }
 11318  
 11319  // Header returns a http.Header that can be modified by the caller to add
 11320  // headers to the request.
 11321  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall) Header() http.Header {
 11322  	if c.header_ == nil {
 11323  		c.header_ = make(http.Header)
 11324  	}
 11325  	return c.header_
 11326  }
 11327  
 11328  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall) doRequest(alt string) (*http.Response, error) {
 11329  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 11330  	var body io.Reader = nil
 11331  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteworkloadidentitypoolproviderkeyrequest)
 11332  	if err != nil {
 11333  		return nil, err
 11334  	}
 11335  	c.urlParams_.Set("alt", alt)
 11336  	c.urlParams_.Set("prettyPrint", "false")
 11337  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
 11338  	urls += "?" + c.urlParams_.Encode()
 11339  	req, err := http.NewRequest("POST", urls, body)
 11340  	if err != nil {
 11341  		return nil, err
 11342  	}
 11343  	req.Header = reqHeaders
 11344  	googleapi.Expand(req.URL, map[string]string{
 11345  		"name": c.name,
 11346  	})
 11347  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11348  }
 11349  
 11350  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.keys.undelete" call.
 11351  // Any non-2xx status code is an error. Response headers are in either
 11352  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 11353  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 11354  // whether the returned error was because http.StatusNotModified was returned.
 11355  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 11356  	gensupport.SetOptions(c.urlParams_, opts...)
 11357  	res, err := c.doRequest("json")
 11358  	if res != nil && res.StatusCode == http.StatusNotModified {
 11359  		if res.Body != nil {
 11360  			res.Body.Close()
 11361  		}
 11362  		return nil, gensupport.WrapError(&googleapi.Error{
 11363  			Code:   res.StatusCode,
 11364  			Header: res.Header,
 11365  		})
 11366  	}
 11367  	if err != nil {
 11368  		return nil, err
 11369  	}
 11370  	defer googleapi.CloseBody(res)
 11371  	if err := googleapi.CheckResponse(res); err != nil {
 11372  		return nil, gensupport.WrapError(err)
 11373  	}
 11374  	ret := &Operation{
 11375  		ServerResponse: googleapi.ServerResponse{
 11376  			Header:         res.Header,
 11377  			HTTPStatusCode: res.StatusCode,
 11378  		},
 11379  	}
 11380  	target := &ret
 11381  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11382  		return nil, err
 11383  	}
 11384  	return ret, nil
 11385  }
 11386  
 11387  type ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall struct {
 11388  	s            *Service
 11389  	name         string
 11390  	urlParams_   gensupport.URLParams
 11391  	ifNoneMatch_ string
 11392  	ctx_         context.Context
 11393  	header_      http.Header
 11394  }
 11395  
 11396  // Get: Gets the latest state of a long-running operation. Clients can use this
 11397  // method to poll the operation result at intervals as recommended by the API
 11398  // service.
 11399  //
 11400  // - name: The name of the operation resource.
 11401  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall {
 11402  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11403  	c.name = name
 11404  	return c
 11405  }
 11406  
 11407  // Fields allows partial responses to be retrieved. See
 11408  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11409  // details.
 11410  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall {
 11411  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11412  	return c
 11413  }
 11414  
 11415  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 11416  // object's ETag matches the given value. This is useful for getting updates
 11417  // only after the object has changed since the last request.
 11418  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall {
 11419  	c.ifNoneMatch_ = entityTag
 11420  	return c
 11421  }
 11422  
 11423  // Context sets the context to be used in this call's Do method.
 11424  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall {
 11425  	c.ctx_ = ctx
 11426  	return c
 11427  }
 11428  
 11429  // Header returns a http.Header that can be modified by the caller to add
 11430  // headers to the request.
 11431  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall) Header() http.Header {
 11432  	if c.header_ == nil {
 11433  		c.header_ = make(http.Header)
 11434  	}
 11435  	return c.header_
 11436  }
 11437  
 11438  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall) doRequest(alt string) (*http.Response, error) {
 11439  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 11440  	if c.ifNoneMatch_ != "" {
 11441  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 11442  	}
 11443  	var body io.Reader = nil
 11444  	c.urlParams_.Set("alt", alt)
 11445  	c.urlParams_.Set("prettyPrint", "false")
 11446  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 11447  	urls += "?" + c.urlParams_.Encode()
 11448  	req, err := http.NewRequest("GET", urls, body)
 11449  	if err != nil {
 11450  		return nil, err
 11451  	}
 11452  	req.Header = reqHeaders
 11453  	googleapi.Expand(req.URL, map[string]string{
 11454  		"name": c.name,
 11455  	})
 11456  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11457  }
 11458  
 11459  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.keys.operations.get" call.
 11460  // Any non-2xx status code is an error. Response headers are in either
 11461  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 11462  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 11463  // whether the returned error was because http.StatusNotModified was returned.
 11464  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersKeysOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 11465  	gensupport.SetOptions(c.urlParams_, opts...)
 11466  	res, err := c.doRequest("json")
 11467  	if res != nil && res.StatusCode == http.StatusNotModified {
 11468  		if res.Body != nil {
 11469  			res.Body.Close()
 11470  		}
 11471  		return nil, gensupport.WrapError(&googleapi.Error{
 11472  			Code:   res.StatusCode,
 11473  			Header: res.Header,
 11474  		})
 11475  	}
 11476  	if err != nil {
 11477  		return nil, err
 11478  	}
 11479  	defer googleapi.CloseBody(res)
 11480  	if err := googleapi.CheckResponse(res); err != nil {
 11481  		return nil, gensupport.WrapError(err)
 11482  	}
 11483  	ret := &Operation{
 11484  		ServerResponse: googleapi.ServerResponse{
 11485  			Header:         res.Header,
 11486  			HTTPStatusCode: res.StatusCode,
 11487  		},
 11488  	}
 11489  	target := &ret
 11490  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11491  		return nil, err
 11492  	}
 11493  	return ret, nil
 11494  }
 11495  
 11496  type ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall struct {
 11497  	s            *Service
 11498  	name         string
 11499  	urlParams_   gensupport.URLParams
 11500  	ifNoneMatch_ string
 11501  	ctx_         context.Context
 11502  	header_      http.Header
 11503  }
 11504  
 11505  // Get: Gets the latest state of a long-running operation. Clients can use this
 11506  // method to poll the operation result at intervals as recommended by the API
 11507  // service.
 11508  //
 11509  // - name: The name of the operation resource.
 11510  func (r *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsService) Get(name string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall {
 11511  	c := &ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11512  	c.name = name
 11513  	return c
 11514  }
 11515  
 11516  // Fields allows partial responses to be retrieved. See
 11517  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11518  // details.
 11519  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall {
 11520  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11521  	return c
 11522  }
 11523  
 11524  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 11525  // object's ETag matches the given value. This is useful for getting updates
 11526  // only after the object has changed since the last request.
 11527  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall {
 11528  	c.ifNoneMatch_ = entityTag
 11529  	return c
 11530  }
 11531  
 11532  // Context sets the context to be used in this call's Do method.
 11533  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall {
 11534  	c.ctx_ = ctx
 11535  	return c
 11536  }
 11537  
 11538  // Header returns a http.Header that can be modified by the caller to add
 11539  // headers to the request.
 11540  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Header() http.Header {
 11541  	if c.header_ == nil {
 11542  		c.header_ = make(http.Header)
 11543  	}
 11544  	return c.header_
 11545  }
 11546  
 11547  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) doRequest(alt string) (*http.Response, error) {
 11548  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 11549  	if c.ifNoneMatch_ != "" {
 11550  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 11551  	}
 11552  	var body io.Reader = nil
 11553  	c.urlParams_.Set("alt", alt)
 11554  	c.urlParams_.Set("prettyPrint", "false")
 11555  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 11556  	urls += "?" + c.urlParams_.Encode()
 11557  	req, err := http.NewRequest("GET", urls, body)
 11558  	if err != nil {
 11559  		return nil, err
 11560  	}
 11561  	req.Header = reqHeaders
 11562  	googleapi.Expand(req.URL, map[string]string{
 11563  		"name": c.name,
 11564  	})
 11565  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11566  }
 11567  
 11568  // Do executes the "iam.projects.locations.workloadIdentityPools.providers.operations.get" call.
 11569  // Any non-2xx status code is an error. Response headers are in either
 11570  // *Operation.ServerResponse.Header or (if a response was returned at all) in
 11571  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 11572  // whether the returned error was because http.StatusNotModified was returned.
 11573  func (c *ProjectsLocationsWorkloadIdentityPoolsProvidersOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
 11574  	gensupport.SetOptions(c.urlParams_, opts...)
 11575  	res, err := c.doRequest("json")
 11576  	if res != nil && res.StatusCode == http.StatusNotModified {
 11577  		if res.Body != nil {
 11578  			res.Body.Close()
 11579  		}
 11580  		return nil, gensupport.WrapError(&googleapi.Error{
 11581  			Code:   res.StatusCode,
 11582  			Header: res.Header,
 11583  		})
 11584  	}
 11585  	if err != nil {
 11586  		return nil, err
 11587  	}
 11588  	defer googleapi.CloseBody(res)
 11589  	if err := googleapi.CheckResponse(res); err != nil {
 11590  		return nil, gensupport.WrapError(err)
 11591  	}
 11592  	ret := &Operation{
 11593  		ServerResponse: googleapi.ServerResponse{
 11594  			Header:         res.Header,
 11595  			HTTPStatusCode: res.StatusCode,
 11596  		},
 11597  	}
 11598  	target := &ret
 11599  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11600  		return nil, err
 11601  	}
 11602  	return ret, nil
 11603  }
 11604  
 11605  type ProjectsRolesCreateCall struct {
 11606  	s                 *Service
 11607  	parent            string
 11608  	createrolerequest *CreateRoleRequest
 11609  	urlParams_        gensupport.URLParams
 11610  	ctx_              context.Context
 11611  	header_           http.Header
 11612  }
 11613  
 11614  // Create: Creates a new custom Role.
 11615  //
 11616  //   - parent: The `parent` parameter's value depends on the target resource for
 11617  //     the request, namely `projects`
 11618  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
 11619  //     `organizations`
 11620  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 11621  //     Each resource type's `parent` value format is described below: *
 11622  //     `projects.roles.create()`
 11623  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/create):
 11624  //     `projects/{PROJECT_ID}`. This method creates project-level custom roles
 11625  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
 11626  //     request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` *
 11627  //     `organizations.roles.create()`
 11628  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/create):
 11629  //     `organizations/{ORGANIZATION_ID}`. This method creates organization-level
 11630  //     custom roles
 11631  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
 11632  //     request URL:
 11633  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`
 11634  //     Note: Wildcard (*) values are invalid; you must specify a complete project
 11635  //     ID or organization ID.
 11636  func (r *ProjectsRolesService) Create(parent string, createrolerequest *CreateRoleRequest) *ProjectsRolesCreateCall {
 11637  	c := &ProjectsRolesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11638  	c.parent = parent
 11639  	c.createrolerequest = createrolerequest
 11640  	return c
 11641  }
 11642  
 11643  // Fields allows partial responses to be retrieved. See
 11644  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11645  // details.
 11646  func (c *ProjectsRolesCreateCall) Fields(s ...googleapi.Field) *ProjectsRolesCreateCall {
 11647  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11648  	return c
 11649  }
 11650  
 11651  // Context sets the context to be used in this call's Do method.
 11652  func (c *ProjectsRolesCreateCall) Context(ctx context.Context) *ProjectsRolesCreateCall {
 11653  	c.ctx_ = ctx
 11654  	return c
 11655  }
 11656  
 11657  // Header returns a http.Header that can be modified by the caller to add
 11658  // headers to the request.
 11659  func (c *ProjectsRolesCreateCall) Header() http.Header {
 11660  	if c.header_ == nil {
 11661  		c.header_ = make(http.Header)
 11662  	}
 11663  	return c.header_
 11664  }
 11665  
 11666  func (c *ProjectsRolesCreateCall) doRequest(alt string) (*http.Response, error) {
 11667  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 11668  	var body io.Reader = nil
 11669  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.createrolerequest)
 11670  	if err != nil {
 11671  		return nil, err
 11672  	}
 11673  	c.urlParams_.Set("alt", alt)
 11674  	c.urlParams_.Set("prettyPrint", "false")
 11675  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles")
 11676  	urls += "?" + c.urlParams_.Encode()
 11677  	req, err := http.NewRequest("POST", urls, body)
 11678  	if err != nil {
 11679  		return nil, err
 11680  	}
 11681  	req.Header = reqHeaders
 11682  	googleapi.Expand(req.URL, map[string]string{
 11683  		"parent": c.parent,
 11684  	})
 11685  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11686  }
 11687  
 11688  // Do executes the "iam.projects.roles.create" call.
 11689  // Any non-2xx status code is an error. Response headers are in either
 11690  // *Role.ServerResponse.Header or (if a response was returned at all) in
 11691  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 11692  // whether the returned error was because http.StatusNotModified was returned.
 11693  func (c *ProjectsRolesCreateCall) Do(opts ...googleapi.CallOption) (*Role, error) {
 11694  	gensupport.SetOptions(c.urlParams_, opts...)
 11695  	res, err := c.doRequest("json")
 11696  	if res != nil && res.StatusCode == http.StatusNotModified {
 11697  		if res.Body != nil {
 11698  			res.Body.Close()
 11699  		}
 11700  		return nil, gensupport.WrapError(&googleapi.Error{
 11701  			Code:   res.StatusCode,
 11702  			Header: res.Header,
 11703  		})
 11704  	}
 11705  	if err != nil {
 11706  		return nil, err
 11707  	}
 11708  	defer googleapi.CloseBody(res)
 11709  	if err := googleapi.CheckResponse(res); err != nil {
 11710  		return nil, gensupport.WrapError(err)
 11711  	}
 11712  	ret := &Role{
 11713  		ServerResponse: googleapi.ServerResponse{
 11714  			Header:         res.Header,
 11715  			HTTPStatusCode: res.StatusCode,
 11716  		},
 11717  	}
 11718  	target := &ret
 11719  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11720  		return nil, err
 11721  	}
 11722  	return ret, nil
 11723  }
 11724  
 11725  type ProjectsRolesDeleteCall struct {
 11726  	s          *Service
 11727  	name       string
 11728  	urlParams_ gensupport.URLParams
 11729  	ctx_       context.Context
 11730  	header_    http.Header
 11731  }
 11732  
 11733  // Delete: Deletes a custom Role. When you delete a custom role, the following
 11734  // changes occur immediately: * You cannot bind a principal to the custom role
 11735  // in an IAM Policy. * Existing bindings to the custom role are not changed,
 11736  // but they have no effect. * By default, the response from ListRoles does not
 11737  // include the custom role. You have 7 days to undelete the custom role. After
 11738  // 7 days, the following changes occur: * The custom role is permanently
 11739  // deleted and cannot be recovered. * If an IAM policy contains a binding to
 11740  // the custom role, the binding is permanently removed.
 11741  //
 11742  //   - name: The `name` parameter's value depends on the target resource for the
 11743  //     request, namely `projects`
 11744  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
 11745  //     `organizations`
 11746  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 11747  //     Each resource type's `name` value format is described below: *
 11748  //     `projects.roles.delete()`
 11749  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/delete):
 11750  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method deletes only
 11751  //     custom roles
 11752  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 11753  //     been created at the project level. Example request URL:
 11754  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
 11755  //     ` * `organizations.roles.delete()`
 11756  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/delete):
 11757  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
 11758  //     deletes only custom roles
 11759  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 11760  //     been created at the organization level. Example request URL:
 11761  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
 11762  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
 11763  //     complete project ID or organization ID.
 11764  func (r *ProjectsRolesService) Delete(name string) *ProjectsRolesDeleteCall {
 11765  	c := &ProjectsRolesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11766  	c.name = name
 11767  	return c
 11768  }
 11769  
 11770  // Etag sets the optional parameter "etag": Used to perform a consistent
 11771  // read-modify-write.
 11772  func (c *ProjectsRolesDeleteCall) Etag(etag string) *ProjectsRolesDeleteCall {
 11773  	c.urlParams_.Set("etag", etag)
 11774  	return c
 11775  }
 11776  
 11777  // Fields allows partial responses to be retrieved. See
 11778  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11779  // details.
 11780  func (c *ProjectsRolesDeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesDeleteCall {
 11781  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11782  	return c
 11783  }
 11784  
 11785  // Context sets the context to be used in this call's Do method.
 11786  func (c *ProjectsRolesDeleteCall) Context(ctx context.Context) *ProjectsRolesDeleteCall {
 11787  	c.ctx_ = ctx
 11788  	return c
 11789  }
 11790  
 11791  // Header returns a http.Header that can be modified by the caller to add
 11792  // headers to the request.
 11793  func (c *ProjectsRolesDeleteCall) Header() http.Header {
 11794  	if c.header_ == nil {
 11795  		c.header_ = make(http.Header)
 11796  	}
 11797  	return c.header_
 11798  }
 11799  
 11800  func (c *ProjectsRolesDeleteCall) doRequest(alt string) (*http.Response, error) {
 11801  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 11802  	var body io.Reader = nil
 11803  	c.urlParams_.Set("alt", alt)
 11804  	c.urlParams_.Set("prettyPrint", "false")
 11805  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 11806  	urls += "?" + c.urlParams_.Encode()
 11807  	req, err := http.NewRequest("DELETE", urls, body)
 11808  	if err != nil {
 11809  		return nil, err
 11810  	}
 11811  	req.Header = reqHeaders
 11812  	googleapi.Expand(req.URL, map[string]string{
 11813  		"name": c.name,
 11814  	})
 11815  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11816  }
 11817  
 11818  // Do executes the "iam.projects.roles.delete" call.
 11819  // Any non-2xx status code is an error. Response headers are in either
 11820  // *Role.ServerResponse.Header or (if a response was returned at all) in
 11821  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 11822  // whether the returned error was because http.StatusNotModified was returned.
 11823  func (c *ProjectsRolesDeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) {
 11824  	gensupport.SetOptions(c.urlParams_, opts...)
 11825  	res, err := c.doRequest("json")
 11826  	if res != nil && res.StatusCode == http.StatusNotModified {
 11827  		if res.Body != nil {
 11828  			res.Body.Close()
 11829  		}
 11830  		return nil, gensupport.WrapError(&googleapi.Error{
 11831  			Code:   res.StatusCode,
 11832  			Header: res.Header,
 11833  		})
 11834  	}
 11835  	if err != nil {
 11836  		return nil, err
 11837  	}
 11838  	defer googleapi.CloseBody(res)
 11839  	if err := googleapi.CheckResponse(res); err != nil {
 11840  		return nil, gensupport.WrapError(err)
 11841  	}
 11842  	ret := &Role{
 11843  		ServerResponse: googleapi.ServerResponse{
 11844  			Header:         res.Header,
 11845  			HTTPStatusCode: res.StatusCode,
 11846  		},
 11847  	}
 11848  	target := &ret
 11849  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11850  		return nil, err
 11851  	}
 11852  	return ret, nil
 11853  }
 11854  
 11855  type ProjectsRolesGetCall struct {
 11856  	s            *Service
 11857  	name         string
 11858  	urlParams_   gensupport.URLParams
 11859  	ifNoneMatch_ string
 11860  	ctx_         context.Context
 11861  	header_      http.Header
 11862  }
 11863  
 11864  // Get: Gets the definition of a Role.
 11865  //
 11866  //   - name: The `name` parameter's value depends on the target resource for the
 11867  //     request, namely `roles`
 11868  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles), `projects`
 11869  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or
 11870  //     `organizations`
 11871  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 11872  //     Each resource type's `name` value format is described below: *
 11873  //     `roles.get()`
 11874  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles/get):
 11875  //     `roles/{ROLE_NAME}`. This method returns results from all predefined roles
 11876  //     (https://cloud.google.com/iam/docs/understanding-roles#predefined_roles)
 11877  //     in IAM. Example request URL:
 11878  //     `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * `projects.roles.get()`
 11879  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/get):
 11880  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only
 11881  //     custom roles
 11882  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 11883  //     been created at the project level. Example request URL:
 11884  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
 11885  //     ` * `organizations.roles.get()`
 11886  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/get):
 11887  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
 11888  //     returns only custom roles
 11889  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 11890  //     been created at the organization level. Example request URL:
 11891  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
 11892  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
 11893  //     complete project ID or organization ID.
 11894  func (r *ProjectsRolesService) Get(name string) *ProjectsRolesGetCall {
 11895  	c := &ProjectsRolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 11896  	c.name = name
 11897  	return c
 11898  }
 11899  
 11900  // Fields allows partial responses to be retrieved. See
 11901  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 11902  // details.
 11903  func (c *ProjectsRolesGetCall) Fields(s ...googleapi.Field) *ProjectsRolesGetCall {
 11904  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 11905  	return c
 11906  }
 11907  
 11908  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 11909  // object's ETag matches the given value. This is useful for getting updates
 11910  // only after the object has changed since the last request.
 11911  func (c *ProjectsRolesGetCall) IfNoneMatch(entityTag string) *ProjectsRolesGetCall {
 11912  	c.ifNoneMatch_ = entityTag
 11913  	return c
 11914  }
 11915  
 11916  // Context sets the context to be used in this call's Do method.
 11917  func (c *ProjectsRolesGetCall) Context(ctx context.Context) *ProjectsRolesGetCall {
 11918  	c.ctx_ = ctx
 11919  	return c
 11920  }
 11921  
 11922  // Header returns a http.Header that can be modified by the caller to add
 11923  // headers to the request.
 11924  func (c *ProjectsRolesGetCall) Header() http.Header {
 11925  	if c.header_ == nil {
 11926  		c.header_ = make(http.Header)
 11927  	}
 11928  	return c.header_
 11929  }
 11930  
 11931  func (c *ProjectsRolesGetCall) doRequest(alt string) (*http.Response, error) {
 11932  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 11933  	if c.ifNoneMatch_ != "" {
 11934  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 11935  	}
 11936  	var body io.Reader = nil
 11937  	c.urlParams_.Set("alt", alt)
 11938  	c.urlParams_.Set("prettyPrint", "false")
 11939  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 11940  	urls += "?" + c.urlParams_.Encode()
 11941  	req, err := http.NewRequest("GET", urls, body)
 11942  	if err != nil {
 11943  		return nil, err
 11944  	}
 11945  	req.Header = reqHeaders
 11946  	googleapi.Expand(req.URL, map[string]string{
 11947  		"name": c.name,
 11948  	})
 11949  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 11950  }
 11951  
 11952  // Do executes the "iam.projects.roles.get" call.
 11953  // Any non-2xx status code is an error. Response headers are in either
 11954  // *Role.ServerResponse.Header or (if a response was returned at all) in
 11955  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 11956  // whether the returned error was because http.StatusNotModified was returned.
 11957  func (c *ProjectsRolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) {
 11958  	gensupport.SetOptions(c.urlParams_, opts...)
 11959  	res, err := c.doRequest("json")
 11960  	if res != nil && res.StatusCode == http.StatusNotModified {
 11961  		if res.Body != nil {
 11962  			res.Body.Close()
 11963  		}
 11964  		return nil, gensupport.WrapError(&googleapi.Error{
 11965  			Code:   res.StatusCode,
 11966  			Header: res.Header,
 11967  		})
 11968  	}
 11969  	if err != nil {
 11970  		return nil, err
 11971  	}
 11972  	defer googleapi.CloseBody(res)
 11973  	if err := googleapi.CheckResponse(res); err != nil {
 11974  		return nil, gensupport.WrapError(err)
 11975  	}
 11976  	ret := &Role{
 11977  		ServerResponse: googleapi.ServerResponse{
 11978  			Header:         res.Header,
 11979  			HTTPStatusCode: res.StatusCode,
 11980  		},
 11981  	}
 11982  	target := &ret
 11983  	if err := gensupport.DecodeResponse(target, res); err != nil {
 11984  		return nil, err
 11985  	}
 11986  	return ret, nil
 11987  }
 11988  
 11989  type ProjectsRolesListCall struct {
 11990  	s            *Service
 11991  	parent       string
 11992  	urlParams_   gensupport.URLParams
 11993  	ifNoneMatch_ string
 11994  	ctx_         context.Context
 11995  	header_      http.Header
 11996  }
 11997  
 11998  // List: Lists every predefined Role that IAM supports, or every custom role
 11999  // that is defined for an organization or project.
 12000  //
 12001  //   - parent: The `parent` parameter's value depends on the target resource for
 12002  //     the request, namely `roles`
 12003  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles), `projects`
 12004  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or
 12005  //     `organizations`
 12006  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 12007  //     Each resource type's `parent` value format is described below: *
 12008  //     `roles.list()`
 12009  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles/list): An empty
 12010  //     string. This method doesn't require a resource; it simply returns all
 12011  //     predefined roles
 12012  //     (https://cloud.google.com/iam/docs/understanding-roles#predefined_roles)
 12013  //     in IAM. Example request URL: `https://iam.googleapis.com/v1/roles` *
 12014  //     `projects.roles.list()`
 12015  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/list):
 12016  //     `projects/{PROJECT_ID}`. This method lists all project-level custom roles
 12017  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
 12018  //     request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` *
 12019  //     `organizations.roles.list()`
 12020  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/list):
 12021  //     `organizations/{ORGANIZATION_ID}`. This method lists all
 12022  //     organization-level custom roles
 12023  //     (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
 12024  //     request URL:
 12025  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles`
 12026  //     Note: Wildcard (*) values are invalid; you must specify a complete project
 12027  //     ID or organization ID.
 12028  func (r *ProjectsRolesService) List(parent string) *ProjectsRolesListCall {
 12029  	c := &ProjectsRolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12030  	c.parent = parent
 12031  	return c
 12032  }
 12033  
 12034  // PageSize sets the optional parameter "pageSize": Optional limit on the
 12035  // number of roles to include in the response. The default is 300, and the
 12036  // maximum is 1,000.
 12037  func (c *ProjectsRolesListCall) PageSize(pageSize int64) *ProjectsRolesListCall {
 12038  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 12039  	return c
 12040  }
 12041  
 12042  // PageToken sets the optional parameter "pageToken": Optional pagination token
 12043  // returned in an earlier ListRolesResponse.
 12044  func (c *ProjectsRolesListCall) PageToken(pageToken string) *ProjectsRolesListCall {
 12045  	c.urlParams_.Set("pageToken", pageToken)
 12046  	return c
 12047  }
 12048  
 12049  // ShowDeleted sets the optional parameter "showDeleted": Include Roles that
 12050  // have been deleted.
 12051  func (c *ProjectsRolesListCall) ShowDeleted(showDeleted bool) *ProjectsRolesListCall {
 12052  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
 12053  	return c
 12054  }
 12055  
 12056  // View sets the optional parameter "view": Optional view for the returned Role
 12057  // objects. When `FULL` is specified, the `includedPermissions` field is
 12058  // returned, which includes a list of all permissions in the role. The default
 12059  // value is `BASIC`, which does not return the `includedPermissions` field.
 12060  //
 12061  // Possible values:
 12062  //
 12063  //	"BASIC" - Omits the `included_permissions` field. This is the default
 12064  //
 12065  // value.
 12066  //
 12067  //	"FULL" - Returns all fields.
 12068  func (c *ProjectsRolesListCall) View(view string) *ProjectsRolesListCall {
 12069  	c.urlParams_.Set("view", view)
 12070  	return c
 12071  }
 12072  
 12073  // Fields allows partial responses to be retrieved. See
 12074  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12075  // details.
 12076  func (c *ProjectsRolesListCall) Fields(s ...googleapi.Field) *ProjectsRolesListCall {
 12077  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12078  	return c
 12079  }
 12080  
 12081  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 12082  // object's ETag matches the given value. This is useful for getting updates
 12083  // only after the object has changed since the last request.
 12084  func (c *ProjectsRolesListCall) IfNoneMatch(entityTag string) *ProjectsRolesListCall {
 12085  	c.ifNoneMatch_ = entityTag
 12086  	return c
 12087  }
 12088  
 12089  // Context sets the context to be used in this call's Do method.
 12090  func (c *ProjectsRolesListCall) Context(ctx context.Context) *ProjectsRolesListCall {
 12091  	c.ctx_ = ctx
 12092  	return c
 12093  }
 12094  
 12095  // Header returns a http.Header that can be modified by the caller to add
 12096  // headers to the request.
 12097  func (c *ProjectsRolesListCall) Header() http.Header {
 12098  	if c.header_ == nil {
 12099  		c.header_ = make(http.Header)
 12100  	}
 12101  	return c.header_
 12102  }
 12103  
 12104  func (c *ProjectsRolesListCall) doRequest(alt string) (*http.Response, error) {
 12105  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 12106  	if c.ifNoneMatch_ != "" {
 12107  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 12108  	}
 12109  	var body io.Reader = nil
 12110  	c.urlParams_.Set("alt", alt)
 12111  	c.urlParams_.Set("prettyPrint", "false")
 12112  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/roles")
 12113  	urls += "?" + c.urlParams_.Encode()
 12114  	req, err := http.NewRequest("GET", urls, body)
 12115  	if err != nil {
 12116  		return nil, err
 12117  	}
 12118  	req.Header = reqHeaders
 12119  	googleapi.Expand(req.URL, map[string]string{
 12120  		"parent": c.parent,
 12121  	})
 12122  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12123  }
 12124  
 12125  // Do executes the "iam.projects.roles.list" call.
 12126  // Any non-2xx status code is an error. Response headers are in either
 12127  // *ListRolesResponse.ServerResponse.Header or (if a response was returned at
 12128  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 12129  // check whether the returned error was because http.StatusNotModified was
 12130  // returned.
 12131  func (c *ProjectsRolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) {
 12132  	gensupport.SetOptions(c.urlParams_, opts...)
 12133  	res, err := c.doRequest("json")
 12134  	if res != nil && res.StatusCode == http.StatusNotModified {
 12135  		if res.Body != nil {
 12136  			res.Body.Close()
 12137  		}
 12138  		return nil, gensupport.WrapError(&googleapi.Error{
 12139  			Code:   res.StatusCode,
 12140  			Header: res.Header,
 12141  		})
 12142  	}
 12143  	if err != nil {
 12144  		return nil, err
 12145  	}
 12146  	defer googleapi.CloseBody(res)
 12147  	if err := googleapi.CheckResponse(res); err != nil {
 12148  		return nil, gensupport.WrapError(err)
 12149  	}
 12150  	ret := &ListRolesResponse{
 12151  		ServerResponse: googleapi.ServerResponse{
 12152  			Header:         res.Header,
 12153  			HTTPStatusCode: res.StatusCode,
 12154  		},
 12155  	}
 12156  	target := &ret
 12157  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12158  		return nil, err
 12159  	}
 12160  	return ret, nil
 12161  }
 12162  
 12163  // Pages invokes f for each page of results.
 12164  // A non-nil error returned from f will halt the iteration.
 12165  // The provided context supersedes any context provided to the Context method.
 12166  func (c *ProjectsRolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error {
 12167  	c.ctx_ = ctx
 12168  	defer c.PageToken(c.urlParams_.Get("pageToken"))
 12169  	for {
 12170  		x, err := c.Do()
 12171  		if err != nil {
 12172  			return err
 12173  		}
 12174  		if err := f(x); err != nil {
 12175  			return err
 12176  		}
 12177  		if x.NextPageToken == "" {
 12178  			return nil
 12179  		}
 12180  		c.PageToken(x.NextPageToken)
 12181  	}
 12182  }
 12183  
 12184  type ProjectsRolesPatchCall struct {
 12185  	s          *Service
 12186  	name       string
 12187  	role       *Role
 12188  	urlParams_ gensupport.URLParams
 12189  	ctx_       context.Context
 12190  	header_    http.Header
 12191  }
 12192  
 12193  // Patch: Updates the definition of a custom Role.
 12194  //
 12195  //   - name: The `name` parameter's value depends on the target resource for the
 12196  //     request, namely `projects`
 12197  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
 12198  //     `organizations`
 12199  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 12200  //     Each resource type's `name` value format is described below: *
 12201  //     `projects.roles.patch()`
 12202  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/patch):
 12203  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method updates only
 12204  //     custom roles
 12205  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 12206  //     been created at the project level. Example request URL:
 12207  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
 12208  //     ` * `organizations.roles.patch()`
 12209  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/patch):
 12210  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
 12211  //     updates only custom roles
 12212  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 12213  //     been created at the organization level. Example request URL:
 12214  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
 12215  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
 12216  //     complete project ID or organization ID.
 12217  func (r *ProjectsRolesService) Patch(name string, role *Role) *ProjectsRolesPatchCall {
 12218  	c := &ProjectsRolesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12219  	c.name = name
 12220  	c.role = role
 12221  	return c
 12222  }
 12223  
 12224  // UpdateMask sets the optional parameter "updateMask": A mask describing which
 12225  // fields in the Role have changed.
 12226  func (c *ProjectsRolesPatchCall) UpdateMask(updateMask string) *ProjectsRolesPatchCall {
 12227  	c.urlParams_.Set("updateMask", updateMask)
 12228  	return c
 12229  }
 12230  
 12231  // Fields allows partial responses to be retrieved. See
 12232  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12233  // details.
 12234  func (c *ProjectsRolesPatchCall) Fields(s ...googleapi.Field) *ProjectsRolesPatchCall {
 12235  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12236  	return c
 12237  }
 12238  
 12239  // Context sets the context to be used in this call's Do method.
 12240  func (c *ProjectsRolesPatchCall) Context(ctx context.Context) *ProjectsRolesPatchCall {
 12241  	c.ctx_ = ctx
 12242  	return c
 12243  }
 12244  
 12245  // Header returns a http.Header that can be modified by the caller to add
 12246  // headers to the request.
 12247  func (c *ProjectsRolesPatchCall) Header() http.Header {
 12248  	if c.header_ == nil {
 12249  		c.header_ = make(http.Header)
 12250  	}
 12251  	return c.header_
 12252  }
 12253  
 12254  func (c *ProjectsRolesPatchCall) doRequest(alt string) (*http.Response, error) {
 12255  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 12256  	var body io.Reader = nil
 12257  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.role)
 12258  	if err != nil {
 12259  		return nil, err
 12260  	}
 12261  	c.urlParams_.Set("alt", alt)
 12262  	c.urlParams_.Set("prettyPrint", "false")
 12263  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 12264  	urls += "?" + c.urlParams_.Encode()
 12265  	req, err := http.NewRequest("PATCH", urls, body)
 12266  	if err != nil {
 12267  		return nil, err
 12268  	}
 12269  	req.Header = reqHeaders
 12270  	googleapi.Expand(req.URL, map[string]string{
 12271  		"name": c.name,
 12272  	})
 12273  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12274  }
 12275  
 12276  // Do executes the "iam.projects.roles.patch" call.
 12277  // Any non-2xx status code is an error. Response headers are in either
 12278  // *Role.ServerResponse.Header or (if a response was returned at all) in
 12279  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12280  // whether the returned error was because http.StatusNotModified was returned.
 12281  func (c *ProjectsRolesPatchCall) Do(opts ...googleapi.CallOption) (*Role, error) {
 12282  	gensupport.SetOptions(c.urlParams_, opts...)
 12283  	res, err := c.doRequest("json")
 12284  	if res != nil && res.StatusCode == http.StatusNotModified {
 12285  		if res.Body != nil {
 12286  			res.Body.Close()
 12287  		}
 12288  		return nil, gensupport.WrapError(&googleapi.Error{
 12289  			Code:   res.StatusCode,
 12290  			Header: res.Header,
 12291  		})
 12292  	}
 12293  	if err != nil {
 12294  		return nil, err
 12295  	}
 12296  	defer googleapi.CloseBody(res)
 12297  	if err := googleapi.CheckResponse(res); err != nil {
 12298  		return nil, gensupport.WrapError(err)
 12299  	}
 12300  	ret := &Role{
 12301  		ServerResponse: googleapi.ServerResponse{
 12302  			Header:         res.Header,
 12303  			HTTPStatusCode: res.StatusCode,
 12304  		},
 12305  	}
 12306  	target := &ret
 12307  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12308  		return nil, err
 12309  	}
 12310  	return ret, nil
 12311  }
 12312  
 12313  type ProjectsRolesUndeleteCall struct {
 12314  	s                   *Service
 12315  	name                string
 12316  	undeleterolerequest *UndeleteRoleRequest
 12317  	urlParams_          gensupport.URLParams
 12318  	ctx_                context.Context
 12319  	header_             http.Header
 12320  }
 12321  
 12322  // Undelete: Undeletes a custom Role.
 12323  //
 12324  //   - name: The `name` parameter's value depends on the target resource for the
 12325  //     request, namely `projects`
 12326  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles) or
 12327  //     `organizations`
 12328  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 12329  //     Each resource type's `name` value format is described below: *
 12330  //     `projects.roles.undelete()`
 12331  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/undelete):
 12332  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method undeletes only
 12333  //     custom roles
 12334  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 12335  //     been created at the project level. Example request URL:
 12336  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
 12337  //     ` * `organizations.roles.undelete()`
 12338  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/undelete):
 12339  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
 12340  //     undeletes only custom roles
 12341  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 12342  //     been created at the organization level. Example request URL:
 12343  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
 12344  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
 12345  //     complete project ID or organization ID.
 12346  func (r *ProjectsRolesService) Undelete(name string, undeleterolerequest *UndeleteRoleRequest) *ProjectsRolesUndeleteCall {
 12347  	c := &ProjectsRolesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12348  	c.name = name
 12349  	c.undeleterolerequest = undeleterolerequest
 12350  	return c
 12351  }
 12352  
 12353  // Fields allows partial responses to be retrieved. See
 12354  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12355  // details.
 12356  func (c *ProjectsRolesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsRolesUndeleteCall {
 12357  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12358  	return c
 12359  }
 12360  
 12361  // Context sets the context to be used in this call's Do method.
 12362  func (c *ProjectsRolesUndeleteCall) Context(ctx context.Context) *ProjectsRolesUndeleteCall {
 12363  	c.ctx_ = ctx
 12364  	return c
 12365  }
 12366  
 12367  // Header returns a http.Header that can be modified by the caller to add
 12368  // headers to the request.
 12369  func (c *ProjectsRolesUndeleteCall) Header() http.Header {
 12370  	if c.header_ == nil {
 12371  		c.header_ = make(http.Header)
 12372  	}
 12373  	return c.header_
 12374  }
 12375  
 12376  func (c *ProjectsRolesUndeleteCall) doRequest(alt string) (*http.Response, error) {
 12377  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 12378  	var body io.Reader = nil
 12379  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleterolerequest)
 12380  	if err != nil {
 12381  		return nil, err
 12382  	}
 12383  	c.urlParams_.Set("alt", alt)
 12384  	c.urlParams_.Set("prettyPrint", "false")
 12385  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
 12386  	urls += "?" + c.urlParams_.Encode()
 12387  	req, err := http.NewRequest("POST", urls, body)
 12388  	if err != nil {
 12389  		return nil, err
 12390  	}
 12391  	req.Header = reqHeaders
 12392  	googleapi.Expand(req.URL, map[string]string{
 12393  		"name": c.name,
 12394  	})
 12395  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12396  }
 12397  
 12398  // Do executes the "iam.projects.roles.undelete" call.
 12399  // Any non-2xx status code is an error. Response headers are in either
 12400  // *Role.ServerResponse.Header or (if a response was returned at all) in
 12401  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12402  // whether the returned error was because http.StatusNotModified was returned.
 12403  func (c *ProjectsRolesUndeleteCall) Do(opts ...googleapi.CallOption) (*Role, error) {
 12404  	gensupport.SetOptions(c.urlParams_, opts...)
 12405  	res, err := c.doRequest("json")
 12406  	if res != nil && res.StatusCode == http.StatusNotModified {
 12407  		if res.Body != nil {
 12408  			res.Body.Close()
 12409  		}
 12410  		return nil, gensupport.WrapError(&googleapi.Error{
 12411  			Code:   res.StatusCode,
 12412  			Header: res.Header,
 12413  		})
 12414  	}
 12415  	if err != nil {
 12416  		return nil, err
 12417  	}
 12418  	defer googleapi.CloseBody(res)
 12419  	if err := googleapi.CheckResponse(res); err != nil {
 12420  		return nil, gensupport.WrapError(err)
 12421  	}
 12422  	ret := &Role{
 12423  		ServerResponse: googleapi.ServerResponse{
 12424  			Header:         res.Header,
 12425  			HTTPStatusCode: res.StatusCode,
 12426  		},
 12427  	}
 12428  	target := &ret
 12429  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12430  		return nil, err
 12431  	}
 12432  	return ret, nil
 12433  }
 12434  
 12435  type ProjectsServiceAccountsCreateCall struct {
 12436  	s                           *Service
 12437  	name                        string
 12438  	createserviceaccountrequest *CreateServiceAccountRequest
 12439  	urlParams_                  gensupport.URLParams
 12440  	ctx_                        context.Context
 12441  	header_                     http.Header
 12442  }
 12443  
 12444  // Create: Creates a ServiceAccount.
 12445  //
 12446  //   - name: The resource name of the project associated with the service
 12447  //     accounts, such as `projects/my-project-123`.
 12448  func (r *ProjectsServiceAccountsService) Create(name string, createserviceaccountrequest *CreateServiceAccountRequest) *ProjectsServiceAccountsCreateCall {
 12449  	c := &ProjectsServiceAccountsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12450  	c.name = name
 12451  	c.createserviceaccountrequest = createserviceaccountrequest
 12452  	return c
 12453  }
 12454  
 12455  // Fields allows partial responses to be retrieved. See
 12456  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12457  // details.
 12458  func (c *ProjectsServiceAccountsCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsCreateCall {
 12459  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12460  	return c
 12461  }
 12462  
 12463  // Context sets the context to be used in this call's Do method.
 12464  func (c *ProjectsServiceAccountsCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsCreateCall {
 12465  	c.ctx_ = ctx
 12466  	return c
 12467  }
 12468  
 12469  // Header returns a http.Header that can be modified by the caller to add
 12470  // headers to the request.
 12471  func (c *ProjectsServiceAccountsCreateCall) Header() http.Header {
 12472  	if c.header_ == nil {
 12473  		c.header_ = make(http.Header)
 12474  	}
 12475  	return c.header_
 12476  }
 12477  
 12478  func (c *ProjectsServiceAccountsCreateCall) doRequest(alt string) (*http.Response, error) {
 12479  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 12480  	var body io.Reader = nil
 12481  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountrequest)
 12482  	if err != nil {
 12483  		return nil, err
 12484  	}
 12485  	c.urlParams_.Set("alt", alt)
 12486  	c.urlParams_.Set("prettyPrint", "false")
 12487  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts")
 12488  	urls += "?" + c.urlParams_.Encode()
 12489  	req, err := http.NewRequest("POST", urls, body)
 12490  	if err != nil {
 12491  		return nil, err
 12492  	}
 12493  	req.Header = reqHeaders
 12494  	googleapi.Expand(req.URL, map[string]string{
 12495  		"name": c.name,
 12496  	})
 12497  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12498  }
 12499  
 12500  // Do executes the "iam.projects.serviceAccounts.create" call.
 12501  // Any non-2xx status code is an error. Response headers are in either
 12502  // *ServiceAccount.ServerResponse.Header or (if a response was returned at all)
 12503  // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12504  // whether the returned error was because http.StatusNotModified was returned.
 12505  func (c *ProjectsServiceAccountsCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) {
 12506  	gensupport.SetOptions(c.urlParams_, opts...)
 12507  	res, err := c.doRequest("json")
 12508  	if res != nil && res.StatusCode == http.StatusNotModified {
 12509  		if res.Body != nil {
 12510  			res.Body.Close()
 12511  		}
 12512  		return nil, gensupport.WrapError(&googleapi.Error{
 12513  			Code:   res.StatusCode,
 12514  			Header: res.Header,
 12515  		})
 12516  	}
 12517  	if err != nil {
 12518  		return nil, err
 12519  	}
 12520  	defer googleapi.CloseBody(res)
 12521  	if err := googleapi.CheckResponse(res); err != nil {
 12522  		return nil, gensupport.WrapError(err)
 12523  	}
 12524  	ret := &ServiceAccount{
 12525  		ServerResponse: googleapi.ServerResponse{
 12526  			Header:         res.Header,
 12527  			HTTPStatusCode: res.StatusCode,
 12528  		},
 12529  	}
 12530  	target := &ret
 12531  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12532  		return nil, err
 12533  	}
 12534  	return ret, nil
 12535  }
 12536  
 12537  type ProjectsServiceAccountsDeleteCall struct {
 12538  	s          *Service
 12539  	name       string
 12540  	urlParams_ gensupport.URLParams
 12541  	ctx_       context.Context
 12542  	header_    http.Header
 12543  }
 12544  
 12545  // Delete: Deletes a ServiceAccount. **Warning:** After you delete a service
 12546  // account, you might not be able to undelete it. If you know that you need to
 12547  // re-enable the service account in the future, use DisableServiceAccount
 12548  // instead. If you delete a service account, IAM permanently removes the
 12549  // service account 30 days later. Google Cloud cannot recover the service
 12550  // account after it is permanently removed, even if you file a support request.
 12551  // To help avoid unplanned outages, we recommend that you disable the service
 12552  // account before you delete it. Use DisableServiceAccount to disable the
 12553  // service account, then wait at least 24 hours and watch for unintended
 12554  // consequences. If there are no unintended consequences, you can delete the
 12555  // service account.
 12556  //
 12557  //   - name: The resource name of the service account. Use one of the following
 12558  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 12559  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 12560  //     can use the `-` wildcard character instead of the project ID: *
 12561  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 12562  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 12563  //     `-` wildcard character, because it can cause response messages to contain
 12564  //     misleading error codes. For example, if you try to access the service
 12565  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 12566  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 12567  //     `404 Not Found` error.
 12568  func (r *ProjectsServiceAccountsService) Delete(name string) *ProjectsServiceAccountsDeleteCall {
 12569  	c := &ProjectsServiceAccountsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12570  	c.name = name
 12571  	return c
 12572  }
 12573  
 12574  // Fields allows partial responses to be retrieved. See
 12575  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12576  // details.
 12577  func (c *ProjectsServiceAccountsDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDeleteCall {
 12578  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12579  	return c
 12580  }
 12581  
 12582  // Context sets the context to be used in this call's Do method.
 12583  func (c *ProjectsServiceAccountsDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsDeleteCall {
 12584  	c.ctx_ = ctx
 12585  	return c
 12586  }
 12587  
 12588  // Header returns a http.Header that can be modified by the caller to add
 12589  // headers to the request.
 12590  func (c *ProjectsServiceAccountsDeleteCall) Header() http.Header {
 12591  	if c.header_ == nil {
 12592  		c.header_ = make(http.Header)
 12593  	}
 12594  	return c.header_
 12595  }
 12596  
 12597  func (c *ProjectsServiceAccountsDeleteCall) doRequest(alt string) (*http.Response, error) {
 12598  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 12599  	var body io.Reader = nil
 12600  	c.urlParams_.Set("alt", alt)
 12601  	c.urlParams_.Set("prettyPrint", "false")
 12602  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 12603  	urls += "?" + c.urlParams_.Encode()
 12604  	req, err := http.NewRequest("DELETE", urls, body)
 12605  	if err != nil {
 12606  		return nil, err
 12607  	}
 12608  	req.Header = reqHeaders
 12609  	googleapi.Expand(req.URL, map[string]string{
 12610  		"name": c.name,
 12611  	})
 12612  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12613  }
 12614  
 12615  // Do executes the "iam.projects.serviceAccounts.delete" call.
 12616  // Any non-2xx status code is an error. Response headers are in either
 12617  // *Empty.ServerResponse.Header or (if a response was returned at all) in
 12618  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12619  // whether the returned error was because http.StatusNotModified was returned.
 12620  func (c *ProjectsServiceAccountsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 12621  	gensupport.SetOptions(c.urlParams_, opts...)
 12622  	res, err := c.doRequest("json")
 12623  	if res != nil && res.StatusCode == http.StatusNotModified {
 12624  		if res.Body != nil {
 12625  			res.Body.Close()
 12626  		}
 12627  		return nil, gensupport.WrapError(&googleapi.Error{
 12628  			Code:   res.StatusCode,
 12629  			Header: res.Header,
 12630  		})
 12631  	}
 12632  	if err != nil {
 12633  		return nil, err
 12634  	}
 12635  	defer googleapi.CloseBody(res)
 12636  	if err := googleapi.CheckResponse(res); err != nil {
 12637  		return nil, gensupport.WrapError(err)
 12638  	}
 12639  	ret := &Empty{
 12640  		ServerResponse: googleapi.ServerResponse{
 12641  			Header:         res.Header,
 12642  			HTTPStatusCode: res.StatusCode,
 12643  		},
 12644  	}
 12645  	target := &ret
 12646  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12647  		return nil, err
 12648  	}
 12649  	return ret, nil
 12650  }
 12651  
 12652  type ProjectsServiceAccountsDisableCall struct {
 12653  	s                            *Service
 12654  	name                         string
 12655  	disableserviceaccountrequest *DisableServiceAccountRequest
 12656  	urlParams_                   gensupport.URLParams
 12657  	ctx_                         context.Context
 12658  	header_                      http.Header
 12659  }
 12660  
 12661  // Disable: Disables a ServiceAccount immediately. If an application uses the
 12662  // service account to authenticate, that application can no longer call Google
 12663  // APIs or access Google Cloud resources. Existing access tokens for the
 12664  // service account are rejected, and requests for new access tokens will fail.
 12665  // To re-enable the service account, use EnableServiceAccount. After you
 12666  // re-enable the service account, its existing access tokens will be accepted,
 12667  // and you can request new access tokens. To help avoid unplanned outages, we
 12668  // recommend that you disable the service account before you delete it. Use
 12669  // this method to disable the service account, then wait at least 24 hours and
 12670  // watch for unintended consequences. If there are no unintended consequences,
 12671  // you can delete the service account with DeleteServiceAccount.
 12672  //
 12673  //   - name: The resource name of the service account. Use one of the following
 12674  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 12675  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 12676  //     can use the `-` wildcard character instead of the project ID: *
 12677  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 12678  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 12679  //     `-` wildcard character, because it can cause response messages to contain
 12680  //     misleading error codes. For example, if you try to access the service
 12681  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 12682  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 12683  //     `404 Not Found` error.
 12684  func (r *ProjectsServiceAccountsService) Disable(name string, disableserviceaccountrequest *DisableServiceAccountRequest) *ProjectsServiceAccountsDisableCall {
 12685  	c := &ProjectsServiceAccountsDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12686  	c.name = name
 12687  	c.disableserviceaccountrequest = disableserviceaccountrequest
 12688  	return c
 12689  }
 12690  
 12691  // Fields allows partial responses to be retrieved. See
 12692  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12693  // details.
 12694  func (c *ProjectsServiceAccountsDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsDisableCall {
 12695  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12696  	return c
 12697  }
 12698  
 12699  // Context sets the context to be used in this call's Do method.
 12700  func (c *ProjectsServiceAccountsDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsDisableCall {
 12701  	c.ctx_ = ctx
 12702  	return c
 12703  }
 12704  
 12705  // Header returns a http.Header that can be modified by the caller to add
 12706  // headers to the request.
 12707  func (c *ProjectsServiceAccountsDisableCall) Header() http.Header {
 12708  	if c.header_ == nil {
 12709  		c.header_ = make(http.Header)
 12710  	}
 12711  	return c.header_
 12712  }
 12713  
 12714  func (c *ProjectsServiceAccountsDisableCall) doRequest(alt string) (*http.Response, error) {
 12715  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 12716  	var body io.Reader = nil
 12717  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountrequest)
 12718  	if err != nil {
 12719  		return nil, err
 12720  	}
 12721  	c.urlParams_.Set("alt", alt)
 12722  	c.urlParams_.Set("prettyPrint", "false")
 12723  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable")
 12724  	urls += "?" + c.urlParams_.Encode()
 12725  	req, err := http.NewRequest("POST", urls, body)
 12726  	if err != nil {
 12727  		return nil, err
 12728  	}
 12729  	req.Header = reqHeaders
 12730  	googleapi.Expand(req.URL, map[string]string{
 12731  		"name": c.name,
 12732  	})
 12733  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12734  }
 12735  
 12736  // Do executes the "iam.projects.serviceAccounts.disable" call.
 12737  // Any non-2xx status code is an error. Response headers are in either
 12738  // *Empty.ServerResponse.Header or (if a response was returned at all) in
 12739  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12740  // whether the returned error was because http.StatusNotModified was returned.
 12741  func (c *ProjectsServiceAccountsDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 12742  	gensupport.SetOptions(c.urlParams_, opts...)
 12743  	res, err := c.doRequest("json")
 12744  	if res != nil && res.StatusCode == http.StatusNotModified {
 12745  		if res.Body != nil {
 12746  			res.Body.Close()
 12747  		}
 12748  		return nil, gensupport.WrapError(&googleapi.Error{
 12749  			Code:   res.StatusCode,
 12750  			Header: res.Header,
 12751  		})
 12752  	}
 12753  	if err != nil {
 12754  		return nil, err
 12755  	}
 12756  	defer googleapi.CloseBody(res)
 12757  	if err := googleapi.CheckResponse(res); err != nil {
 12758  		return nil, gensupport.WrapError(err)
 12759  	}
 12760  	ret := &Empty{
 12761  		ServerResponse: googleapi.ServerResponse{
 12762  			Header:         res.Header,
 12763  			HTTPStatusCode: res.StatusCode,
 12764  		},
 12765  	}
 12766  	target := &ret
 12767  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12768  		return nil, err
 12769  	}
 12770  	return ret, nil
 12771  }
 12772  
 12773  type ProjectsServiceAccountsEnableCall struct {
 12774  	s                           *Service
 12775  	name                        string
 12776  	enableserviceaccountrequest *EnableServiceAccountRequest
 12777  	urlParams_                  gensupport.URLParams
 12778  	ctx_                        context.Context
 12779  	header_                     http.Header
 12780  }
 12781  
 12782  // Enable: Enables a ServiceAccount that was disabled by DisableServiceAccount.
 12783  // If the service account is already enabled, then this method has no effect.
 12784  // If the service account was disabled by other means—for example, if Google
 12785  // disabled the service account because it was compromised—you cannot use
 12786  // this method to enable the service account.
 12787  //
 12788  //   - name: The resource name of the service account. Use one of the following
 12789  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 12790  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 12791  //     can use the `-` wildcard character instead of the project ID: *
 12792  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 12793  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 12794  //     `-` wildcard character, because it can cause response messages to contain
 12795  //     misleading error codes. For example, if you try to access the service
 12796  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 12797  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 12798  //     `404 Not Found` error.
 12799  func (r *ProjectsServiceAccountsService) Enable(name string, enableserviceaccountrequest *EnableServiceAccountRequest) *ProjectsServiceAccountsEnableCall {
 12800  	c := &ProjectsServiceAccountsEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12801  	c.name = name
 12802  	c.enableserviceaccountrequest = enableserviceaccountrequest
 12803  	return c
 12804  }
 12805  
 12806  // Fields allows partial responses to be retrieved. See
 12807  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12808  // details.
 12809  func (c *ProjectsServiceAccountsEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsEnableCall {
 12810  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12811  	return c
 12812  }
 12813  
 12814  // Context sets the context to be used in this call's Do method.
 12815  func (c *ProjectsServiceAccountsEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsEnableCall {
 12816  	c.ctx_ = ctx
 12817  	return c
 12818  }
 12819  
 12820  // Header returns a http.Header that can be modified by the caller to add
 12821  // headers to the request.
 12822  func (c *ProjectsServiceAccountsEnableCall) Header() http.Header {
 12823  	if c.header_ == nil {
 12824  		c.header_ = make(http.Header)
 12825  	}
 12826  	return c.header_
 12827  }
 12828  
 12829  func (c *ProjectsServiceAccountsEnableCall) doRequest(alt string) (*http.Response, error) {
 12830  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 12831  	var body io.Reader = nil
 12832  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountrequest)
 12833  	if err != nil {
 12834  		return nil, err
 12835  	}
 12836  	c.urlParams_.Set("alt", alt)
 12837  	c.urlParams_.Set("prettyPrint", "false")
 12838  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable")
 12839  	urls += "?" + c.urlParams_.Encode()
 12840  	req, err := http.NewRequest("POST", urls, body)
 12841  	if err != nil {
 12842  		return nil, err
 12843  	}
 12844  	req.Header = reqHeaders
 12845  	googleapi.Expand(req.URL, map[string]string{
 12846  		"name": c.name,
 12847  	})
 12848  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12849  }
 12850  
 12851  // Do executes the "iam.projects.serviceAccounts.enable" call.
 12852  // Any non-2xx status code is an error. Response headers are in either
 12853  // *Empty.ServerResponse.Header or (if a response was returned at all) in
 12854  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12855  // whether the returned error was because http.StatusNotModified was returned.
 12856  func (c *ProjectsServiceAccountsEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 12857  	gensupport.SetOptions(c.urlParams_, opts...)
 12858  	res, err := c.doRequest("json")
 12859  	if res != nil && res.StatusCode == http.StatusNotModified {
 12860  		if res.Body != nil {
 12861  			res.Body.Close()
 12862  		}
 12863  		return nil, gensupport.WrapError(&googleapi.Error{
 12864  			Code:   res.StatusCode,
 12865  			Header: res.Header,
 12866  		})
 12867  	}
 12868  	if err != nil {
 12869  		return nil, err
 12870  	}
 12871  	defer googleapi.CloseBody(res)
 12872  	if err := googleapi.CheckResponse(res); err != nil {
 12873  		return nil, gensupport.WrapError(err)
 12874  	}
 12875  	ret := &Empty{
 12876  		ServerResponse: googleapi.ServerResponse{
 12877  			Header:         res.Header,
 12878  			HTTPStatusCode: res.StatusCode,
 12879  		},
 12880  	}
 12881  	target := &ret
 12882  	if err := gensupport.DecodeResponse(target, res); err != nil {
 12883  		return nil, err
 12884  	}
 12885  	return ret, nil
 12886  }
 12887  
 12888  type ProjectsServiceAccountsGetCall struct {
 12889  	s            *Service
 12890  	name         string
 12891  	urlParams_   gensupport.URLParams
 12892  	ifNoneMatch_ string
 12893  	ctx_         context.Context
 12894  	header_      http.Header
 12895  }
 12896  
 12897  // Get: Gets a ServiceAccount.
 12898  //
 12899  //   - name: The resource name of the service account. Use one of the following
 12900  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 12901  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 12902  //     can use the `-` wildcard character instead of the project ID: *
 12903  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 12904  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 12905  //     `-` wildcard character, because it can cause response messages to contain
 12906  //     misleading error codes. For example, if you try to access the service
 12907  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 12908  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 12909  //     `404 Not Found` error.
 12910  func (r *ProjectsServiceAccountsService) Get(name string) *ProjectsServiceAccountsGetCall {
 12911  	c := &ProjectsServiceAccountsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 12912  	c.name = name
 12913  	return c
 12914  }
 12915  
 12916  // Fields allows partial responses to be retrieved. See
 12917  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 12918  // details.
 12919  func (c *ProjectsServiceAccountsGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetCall {
 12920  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 12921  	return c
 12922  }
 12923  
 12924  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 12925  // object's ETag matches the given value. This is useful for getting updates
 12926  // only after the object has changed since the last request.
 12927  func (c *ProjectsServiceAccountsGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsGetCall {
 12928  	c.ifNoneMatch_ = entityTag
 12929  	return c
 12930  }
 12931  
 12932  // Context sets the context to be used in this call's Do method.
 12933  func (c *ProjectsServiceAccountsGetCall) Context(ctx context.Context) *ProjectsServiceAccountsGetCall {
 12934  	c.ctx_ = ctx
 12935  	return c
 12936  }
 12937  
 12938  // Header returns a http.Header that can be modified by the caller to add
 12939  // headers to the request.
 12940  func (c *ProjectsServiceAccountsGetCall) Header() http.Header {
 12941  	if c.header_ == nil {
 12942  		c.header_ = make(http.Header)
 12943  	}
 12944  	return c.header_
 12945  }
 12946  
 12947  func (c *ProjectsServiceAccountsGetCall) doRequest(alt string) (*http.Response, error) {
 12948  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 12949  	if c.ifNoneMatch_ != "" {
 12950  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 12951  	}
 12952  	var body io.Reader = nil
 12953  	c.urlParams_.Set("alt", alt)
 12954  	c.urlParams_.Set("prettyPrint", "false")
 12955  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 12956  	urls += "?" + c.urlParams_.Encode()
 12957  	req, err := http.NewRequest("GET", urls, body)
 12958  	if err != nil {
 12959  		return nil, err
 12960  	}
 12961  	req.Header = reqHeaders
 12962  	googleapi.Expand(req.URL, map[string]string{
 12963  		"name": c.name,
 12964  	})
 12965  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 12966  }
 12967  
 12968  // Do executes the "iam.projects.serviceAccounts.get" call.
 12969  // Any non-2xx status code is an error. Response headers are in either
 12970  // *ServiceAccount.ServerResponse.Header or (if a response was returned at all)
 12971  // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 12972  // whether the returned error was because http.StatusNotModified was returned.
 12973  func (c *ProjectsServiceAccountsGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) {
 12974  	gensupport.SetOptions(c.urlParams_, opts...)
 12975  	res, err := c.doRequest("json")
 12976  	if res != nil && res.StatusCode == http.StatusNotModified {
 12977  		if res.Body != nil {
 12978  			res.Body.Close()
 12979  		}
 12980  		return nil, gensupport.WrapError(&googleapi.Error{
 12981  			Code:   res.StatusCode,
 12982  			Header: res.Header,
 12983  		})
 12984  	}
 12985  	if err != nil {
 12986  		return nil, err
 12987  	}
 12988  	defer googleapi.CloseBody(res)
 12989  	if err := googleapi.CheckResponse(res); err != nil {
 12990  		return nil, gensupport.WrapError(err)
 12991  	}
 12992  	ret := &ServiceAccount{
 12993  		ServerResponse: googleapi.ServerResponse{
 12994  			Header:         res.Header,
 12995  			HTTPStatusCode: res.StatusCode,
 12996  		},
 12997  	}
 12998  	target := &ret
 12999  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13000  		return nil, err
 13001  	}
 13002  	return ret, nil
 13003  }
 13004  
 13005  type ProjectsServiceAccountsGetIamPolicyCall struct {
 13006  	s          *Service
 13007  	resource   string
 13008  	urlParams_ gensupport.URLParams
 13009  	ctx_       context.Context
 13010  	header_    http.Header
 13011  }
 13012  
 13013  // GetIamPolicy: Gets the IAM policy that is attached to a ServiceAccount. This
 13014  // IAM policy specifies which principals have access to the service account.
 13015  // This method does not tell you whether the service account has been granted
 13016  // any roles on other resources. To check whether a service account has role
 13017  // grants on a resource, use the `getIamPolicy` method for that resource. For
 13018  // example, to view the role grants for a project, call the Resource Manager
 13019  // API's `projects.getIamPolicy`
 13020  // (https://cloud.google.com/resource-manager/reference/rest/v1/projects/getIamPolicy)
 13021  // method.
 13022  //
 13023  //   - resource: REQUIRED: The resource for which the policy is being requested.
 13024  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
 13025  //     for the appropriate value for this field.
 13026  func (r *ProjectsServiceAccountsService) GetIamPolicy(resource string) *ProjectsServiceAccountsGetIamPolicyCall {
 13027  	c := &ProjectsServiceAccountsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13028  	c.resource = resource
 13029  	return c
 13030  }
 13031  
 13032  // OptionsRequestedPolicyVersion sets the optional parameter
 13033  // "options.requestedPolicyVersion": The maximum policy version that will be
 13034  // used to format the policy. Valid values are 0, 1, and 3. Requests specifying
 13035  // an invalid value will be rejected. Requests for policies with any
 13036  // conditional role bindings must specify version 3. Policies with no
 13037  // conditional role bindings may specify any valid value or leave the field
 13038  // unset. The policy in the response might use the policy version that you
 13039  // specified, or it might use a lower policy version. For example, if you
 13040  // specify version 3, but the policy has no conditional role bindings, the
 13041  // response uses version 1. To learn which resources support conditions in
 13042  // their IAM policies, see the IAM documentation
 13043  // (https://cloud.google.com/iam/help/conditions/resource-policies).
 13044  func (c *ProjectsServiceAccountsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsServiceAccountsGetIamPolicyCall {
 13045  	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
 13046  	return c
 13047  }
 13048  
 13049  // Fields allows partial responses to be retrieved. See
 13050  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13051  // details.
 13052  func (c *ProjectsServiceAccountsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsGetIamPolicyCall {
 13053  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13054  	return c
 13055  }
 13056  
 13057  // Context sets the context to be used in this call's Do method.
 13058  func (c *ProjectsServiceAccountsGetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsGetIamPolicyCall {
 13059  	c.ctx_ = ctx
 13060  	return c
 13061  }
 13062  
 13063  // Header returns a http.Header that can be modified by the caller to add
 13064  // headers to the request.
 13065  func (c *ProjectsServiceAccountsGetIamPolicyCall) Header() http.Header {
 13066  	if c.header_ == nil {
 13067  		c.header_ = make(http.Header)
 13068  	}
 13069  	return c.header_
 13070  }
 13071  
 13072  func (c *ProjectsServiceAccountsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 13073  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 13074  	var body io.Reader = nil
 13075  	c.urlParams_.Set("alt", alt)
 13076  	c.urlParams_.Set("prettyPrint", "false")
 13077  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy")
 13078  	urls += "?" + c.urlParams_.Encode()
 13079  	req, err := http.NewRequest("POST", urls, body)
 13080  	if err != nil {
 13081  		return nil, err
 13082  	}
 13083  	req.Header = reqHeaders
 13084  	googleapi.Expand(req.URL, map[string]string{
 13085  		"resource": c.resource,
 13086  	})
 13087  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13088  }
 13089  
 13090  // Do executes the "iam.projects.serviceAccounts.getIamPolicy" call.
 13091  // Any non-2xx status code is an error. Response headers are in either
 13092  // *Policy.ServerResponse.Header or (if a response was returned at all) in
 13093  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 13094  // whether the returned error was because http.StatusNotModified was returned.
 13095  func (c *ProjectsServiceAccountsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 13096  	gensupport.SetOptions(c.urlParams_, opts...)
 13097  	res, err := c.doRequest("json")
 13098  	if res != nil && res.StatusCode == http.StatusNotModified {
 13099  		if res.Body != nil {
 13100  			res.Body.Close()
 13101  		}
 13102  		return nil, gensupport.WrapError(&googleapi.Error{
 13103  			Code:   res.StatusCode,
 13104  			Header: res.Header,
 13105  		})
 13106  	}
 13107  	if err != nil {
 13108  		return nil, err
 13109  	}
 13110  	defer googleapi.CloseBody(res)
 13111  	if err := googleapi.CheckResponse(res); err != nil {
 13112  		return nil, gensupport.WrapError(err)
 13113  	}
 13114  	ret := &Policy{
 13115  		ServerResponse: googleapi.ServerResponse{
 13116  			Header:         res.Header,
 13117  			HTTPStatusCode: res.StatusCode,
 13118  		},
 13119  	}
 13120  	target := &ret
 13121  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13122  		return nil, err
 13123  	}
 13124  	return ret, nil
 13125  }
 13126  
 13127  type ProjectsServiceAccountsListCall struct {
 13128  	s            *Service
 13129  	name         string
 13130  	urlParams_   gensupport.URLParams
 13131  	ifNoneMatch_ string
 13132  	ctx_         context.Context
 13133  	header_      http.Header
 13134  }
 13135  
 13136  // List: Lists every ServiceAccount that belongs to a specific project.
 13137  //
 13138  //   - name: The resource name of the project associated with the service
 13139  //     accounts, such as `projects/my-project-123`.
 13140  func (r *ProjectsServiceAccountsService) List(name string) *ProjectsServiceAccountsListCall {
 13141  	c := &ProjectsServiceAccountsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13142  	c.name = name
 13143  	return c
 13144  }
 13145  
 13146  // PageSize sets the optional parameter "pageSize": Optional limit on the
 13147  // number of service accounts to include in the response. Further accounts can
 13148  // subsequently be obtained by including the
 13149  // ListServiceAccountsResponse.next_page_token in a subsequent request. The
 13150  // default is 20, and the maximum is 100.
 13151  func (c *ProjectsServiceAccountsListCall) PageSize(pageSize int64) *ProjectsServiceAccountsListCall {
 13152  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 13153  	return c
 13154  }
 13155  
 13156  // PageToken sets the optional parameter "pageToken": Optional pagination token
 13157  // returned in an earlier ListServiceAccountsResponse.next_page_token.
 13158  func (c *ProjectsServiceAccountsListCall) PageToken(pageToken string) *ProjectsServiceAccountsListCall {
 13159  	c.urlParams_.Set("pageToken", pageToken)
 13160  	return c
 13161  }
 13162  
 13163  // Fields allows partial responses to be retrieved. See
 13164  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13165  // details.
 13166  func (c *ProjectsServiceAccountsListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsListCall {
 13167  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13168  	return c
 13169  }
 13170  
 13171  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 13172  // object's ETag matches the given value. This is useful for getting updates
 13173  // only after the object has changed since the last request.
 13174  func (c *ProjectsServiceAccountsListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsListCall {
 13175  	c.ifNoneMatch_ = entityTag
 13176  	return c
 13177  }
 13178  
 13179  // Context sets the context to be used in this call's Do method.
 13180  func (c *ProjectsServiceAccountsListCall) Context(ctx context.Context) *ProjectsServiceAccountsListCall {
 13181  	c.ctx_ = ctx
 13182  	return c
 13183  }
 13184  
 13185  // Header returns a http.Header that can be modified by the caller to add
 13186  // headers to the request.
 13187  func (c *ProjectsServiceAccountsListCall) Header() http.Header {
 13188  	if c.header_ == nil {
 13189  		c.header_ = make(http.Header)
 13190  	}
 13191  	return c.header_
 13192  }
 13193  
 13194  func (c *ProjectsServiceAccountsListCall) doRequest(alt string) (*http.Response, error) {
 13195  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 13196  	if c.ifNoneMatch_ != "" {
 13197  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 13198  	}
 13199  	var body io.Reader = nil
 13200  	c.urlParams_.Set("alt", alt)
 13201  	c.urlParams_.Set("prettyPrint", "false")
 13202  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/serviceAccounts")
 13203  	urls += "?" + c.urlParams_.Encode()
 13204  	req, err := http.NewRequest("GET", urls, body)
 13205  	if err != nil {
 13206  		return nil, err
 13207  	}
 13208  	req.Header = reqHeaders
 13209  	googleapi.Expand(req.URL, map[string]string{
 13210  		"name": c.name,
 13211  	})
 13212  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13213  }
 13214  
 13215  // Do executes the "iam.projects.serviceAccounts.list" call.
 13216  // Any non-2xx status code is an error. Response headers are in either
 13217  // *ListServiceAccountsResponse.ServerResponse.Header or (if a response was
 13218  // returned at all) in error.(*googleapi.Error).Header. Use
 13219  // googleapi.IsNotModified to check whether the returned error was because
 13220  // http.StatusNotModified was returned.
 13221  func (c *ProjectsServiceAccountsListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountsResponse, error) {
 13222  	gensupport.SetOptions(c.urlParams_, opts...)
 13223  	res, err := c.doRequest("json")
 13224  	if res != nil && res.StatusCode == http.StatusNotModified {
 13225  		if res.Body != nil {
 13226  			res.Body.Close()
 13227  		}
 13228  		return nil, gensupport.WrapError(&googleapi.Error{
 13229  			Code:   res.StatusCode,
 13230  			Header: res.Header,
 13231  		})
 13232  	}
 13233  	if err != nil {
 13234  		return nil, err
 13235  	}
 13236  	defer googleapi.CloseBody(res)
 13237  	if err := googleapi.CheckResponse(res); err != nil {
 13238  		return nil, gensupport.WrapError(err)
 13239  	}
 13240  	ret := &ListServiceAccountsResponse{
 13241  		ServerResponse: googleapi.ServerResponse{
 13242  			Header:         res.Header,
 13243  			HTTPStatusCode: res.StatusCode,
 13244  		},
 13245  	}
 13246  	target := &ret
 13247  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13248  		return nil, err
 13249  	}
 13250  	return ret, nil
 13251  }
 13252  
 13253  // Pages invokes f for each page of results.
 13254  // A non-nil error returned from f will halt the iteration.
 13255  // The provided context supersedes any context provided to the Context method.
 13256  func (c *ProjectsServiceAccountsListCall) Pages(ctx context.Context, f func(*ListServiceAccountsResponse) error) error {
 13257  	c.ctx_ = ctx
 13258  	defer c.PageToken(c.urlParams_.Get("pageToken"))
 13259  	for {
 13260  		x, err := c.Do()
 13261  		if err != nil {
 13262  			return err
 13263  		}
 13264  		if err := f(x); err != nil {
 13265  			return err
 13266  		}
 13267  		if x.NextPageToken == "" {
 13268  			return nil
 13269  		}
 13270  		c.PageToken(x.NextPageToken)
 13271  	}
 13272  }
 13273  
 13274  type ProjectsServiceAccountsPatchCall struct {
 13275  	s                          *Service
 13276  	name                       string
 13277  	patchserviceaccountrequest *PatchServiceAccountRequest
 13278  	urlParams_                 gensupport.URLParams
 13279  	ctx_                       context.Context
 13280  	header_                    http.Header
 13281  }
 13282  
 13283  // Patch: Patches a ServiceAccount.
 13284  //
 13285  //   - name: The resource name of the service account. Use one of the following
 13286  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 13287  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 13288  //     can use the `-` wildcard character instead of the project ID: *
 13289  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 13290  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 13291  //     `-` wildcard character, because it can cause response messages to contain
 13292  //     misleading error codes. For example, if you try to access the service
 13293  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 13294  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 13295  //     `404 Not Found` error.
 13296  func (r *ProjectsServiceAccountsService) Patch(name string, patchserviceaccountrequest *PatchServiceAccountRequest) *ProjectsServiceAccountsPatchCall {
 13297  	c := &ProjectsServiceAccountsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13298  	c.name = name
 13299  	c.patchserviceaccountrequest = patchserviceaccountrequest
 13300  	return c
 13301  }
 13302  
 13303  // Fields allows partial responses to be retrieved. See
 13304  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13305  // details.
 13306  func (c *ProjectsServiceAccountsPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsPatchCall {
 13307  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13308  	return c
 13309  }
 13310  
 13311  // Context sets the context to be used in this call's Do method.
 13312  func (c *ProjectsServiceAccountsPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsPatchCall {
 13313  	c.ctx_ = ctx
 13314  	return c
 13315  }
 13316  
 13317  // Header returns a http.Header that can be modified by the caller to add
 13318  // headers to the request.
 13319  func (c *ProjectsServiceAccountsPatchCall) Header() http.Header {
 13320  	if c.header_ == nil {
 13321  		c.header_ = make(http.Header)
 13322  	}
 13323  	return c.header_
 13324  }
 13325  
 13326  func (c *ProjectsServiceAccountsPatchCall) doRequest(alt string) (*http.Response, error) {
 13327  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 13328  	var body io.Reader = nil
 13329  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountrequest)
 13330  	if err != nil {
 13331  		return nil, err
 13332  	}
 13333  	c.urlParams_.Set("alt", alt)
 13334  	c.urlParams_.Set("prettyPrint", "false")
 13335  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 13336  	urls += "?" + c.urlParams_.Encode()
 13337  	req, err := http.NewRequest("PATCH", urls, body)
 13338  	if err != nil {
 13339  		return nil, err
 13340  	}
 13341  	req.Header = reqHeaders
 13342  	googleapi.Expand(req.URL, map[string]string{
 13343  		"name": c.name,
 13344  	})
 13345  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13346  }
 13347  
 13348  // Do executes the "iam.projects.serviceAccounts.patch" call.
 13349  // Any non-2xx status code is an error. Response headers are in either
 13350  // *ServiceAccount.ServerResponse.Header or (if a response was returned at all)
 13351  // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 13352  // whether the returned error was because http.StatusNotModified was returned.
 13353  func (c *ProjectsServiceAccountsPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) {
 13354  	gensupport.SetOptions(c.urlParams_, opts...)
 13355  	res, err := c.doRequest("json")
 13356  	if res != nil && res.StatusCode == http.StatusNotModified {
 13357  		if res.Body != nil {
 13358  			res.Body.Close()
 13359  		}
 13360  		return nil, gensupport.WrapError(&googleapi.Error{
 13361  			Code:   res.StatusCode,
 13362  			Header: res.Header,
 13363  		})
 13364  	}
 13365  	if err != nil {
 13366  		return nil, err
 13367  	}
 13368  	defer googleapi.CloseBody(res)
 13369  	if err := googleapi.CheckResponse(res); err != nil {
 13370  		return nil, gensupport.WrapError(err)
 13371  	}
 13372  	ret := &ServiceAccount{
 13373  		ServerResponse: googleapi.ServerResponse{
 13374  			Header:         res.Header,
 13375  			HTTPStatusCode: res.StatusCode,
 13376  		},
 13377  	}
 13378  	target := &ret
 13379  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13380  		return nil, err
 13381  	}
 13382  	return ret, nil
 13383  }
 13384  
 13385  type ProjectsServiceAccountsSetIamPolicyCall struct {
 13386  	s                   *Service
 13387  	resource            string
 13388  	setiampolicyrequest *SetIamPolicyRequest
 13389  	urlParams_          gensupport.URLParams
 13390  	ctx_                context.Context
 13391  	header_             http.Header
 13392  }
 13393  
 13394  // SetIamPolicy: Sets the IAM policy that is attached to a ServiceAccount. Use
 13395  // this method to grant or revoke access to the service account. For example,
 13396  // you could grant a principal the ability to impersonate the service account.
 13397  // This method does not enable the service account to access other resources.
 13398  // To grant roles to a service account on a resource, follow these steps: 1.
 13399  // Call the resource's `getIamPolicy` method to get its current IAM policy. 2.
 13400  // Edit the policy so that it binds the service account to an IAM role for the
 13401  // resource. 3. Call the resource's `setIamPolicy` method to update its IAM
 13402  // policy. For detailed instructions, see Manage access to project, folders,
 13403  // and organizations
 13404  // (https://cloud.google.com/iam/help/service-accounts/granting-access-to-service-accounts)
 13405  // or Manage access to other resources
 13406  // (https://cloud.google.com/iam/help/access/manage-other-resources).
 13407  //
 13408  //   - resource: REQUIRED: The resource for which the policy is being specified.
 13409  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
 13410  //     for the appropriate value for this field.
 13411  func (r *ProjectsServiceAccountsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsServiceAccountsSetIamPolicyCall {
 13412  	c := &ProjectsServiceAccountsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13413  	c.resource = resource
 13414  	c.setiampolicyrequest = setiampolicyrequest
 13415  	return c
 13416  }
 13417  
 13418  // Fields allows partial responses to be retrieved. See
 13419  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13420  // details.
 13421  func (c *ProjectsServiceAccountsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSetIamPolicyCall {
 13422  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13423  	return c
 13424  }
 13425  
 13426  // Context sets the context to be used in this call's Do method.
 13427  func (c *ProjectsServiceAccountsSetIamPolicyCall) Context(ctx context.Context) *ProjectsServiceAccountsSetIamPolicyCall {
 13428  	c.ctx_ = ctx
 13429  	return c
 13430  }
 13431  
 13432  // Header returns a http.Header that can be modified by the caller to add
 13433  // headers to the request.
 13434  func (c *ProjectsServiceAccountsSetIamPolicyCall) Header() http.Header {
 13435  	if c.header_ == nil {
 13436  		c.header_ = make(http.Header)
 13437  	}
 13438  	return c.header_
 13439  }
 13440  
 13441  func (c *ProjectsServiceAccountsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
 13442  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 13443  	var body io.Reader = nil
 13444  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
 13445  	if err != nil {
 13446  		return nil, err
 13447  	}
 13448  	c.urlParams_.Set("alt", alt)
 13449  	c.urlParams_.Set("prettyPrint", "false")
 13450  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy")
 13451  	urls += "?" + c.urlParams_.Encode()
 13452  	req, err := http.NewRequest("POST", urls, body)
 13453  	if err != nil {
 13454  		return nil, err
 13455  	}
 13456  	req.Header = reqHeaders
 13457  	googleapi.Expand(req.URL, map[string]string{
 13458  		"resource": c.resource,
 13459  	})
 13460  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13461  }
 13462  
 13463  // Do executes the "iam.projects.serviceAccounts.setIamPolicy" call.
 13464  // Any non-2xx status code is an error. Response headers are in either
 13465  // *Policy.ServerResponse.Header or (if a response was returned at all) in
 13466  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 13467  // whether the returned error was because http.StatusNotModified was returned.
 13468  func (c *ProjectsServiceAccountsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
 13469  	gensupport.SetOptions(c.urlParams_, opts...)
 13470  	res, err := c.doRequest("json")
 13471  	if res != nil && res.StatusCode == http.StatusNotModified {
 13472  		if res.Body != nil {
 13473  			res.Body.Close()
 13474  		}
 13475  		return nil, gensupport.WrapError(&googleapi.Error{
 13476  			Code:   res.StatusCode,
 13477  			Header: res.Header,
 13478  		})
 13479  	}
 13480  	if err != nil {
 13481  		return nil, err
 13482  	}
 13483  	defer googleapi.CloseBody(res)
 13484  	if err := googleapi.CheckResponse(res); err != nil {
 13485  		return nil, gensupport.WrapError(err)
 13486  	}
 13487  	ret := &Policy{
 13488  		ServerResponse: googleapi.ServerResponse{
 13489  			Header:         res.Header,
 13490  			HTTPStatusCode: res.StatusCode,
 13491  		},
 13492  	}
 13493  	target := &ret
 13494  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13495  		return nil, err
 13496  	}
 13497  	return ret, nil
 13498  }
 13499  
 13500  type ProjectsServiceAccountsSignBlobCall struct {
 13501  	s               *Service
 13502  	name            string
 13503  	signblobrequest *SignBlobRequest
 13504  	urlParams_      gensupport.URLParams
 13505  	ctx_            context.Context
 13506  	header_         http.Header
 13507  }
 13508  
 13509  // SignBlob: **Note:** This method is deprecated. Use the `signBlob`
 13510  // (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signBlob)
 13511  // method in the IAM Service Account Credentials API instead. If you currently
 13512  // use this method, see the migration guide
 13513  // (https://cloud.google.com/iam/help/credentials/migrate-api) for
 13514  // instructions. Signs a blob using the system-managed private key for a
 13515  // ServiceAccount.
 13516  //
 13517  //   - name: Deprecated. Migrate to Service Account Credentials API
 13518  //     (https://cloud.google.com/iam/help/credentials/migrate-api). The resource
 13519  //     name of the service account. Use one of the following formats: *
 13520  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 13521  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 13522  //     can use the `-` wildcard character instead of the project ID: *
 13523  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 13524  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 13525  //     `-` wildcard character, because it can cause response messages to contain
 13526  //     misleading error codes. For example, if you try to access the service
 13527  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 13528  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 13529  //     `404 Not Found` error.
 13530  func (r *ProjectsServiceAccountsService) SignBlob(name string, signblobrequest *SignBlobRequest) *ProjectsServiceAccountsSignBlobCall {
 13531  	c := &ProjectsServiceAccountsSignBlobCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13532  	c.name = name
 13533  	c.signblobrequest = signblobrequest
 13534  	return c
 13535  }
 13536  
 13537  // Fields allows partial responses to be retrieved. See
 13538  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13539  // details.
 13540  func (c *ProjectsServiceAccountsSignBlobCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignBlobCall {
 13541  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13542  	return c
 13543  }
 13544  
 13545  // Context sets the context to be used in this call's Do method.
 13546  func (c *ProjectsServiceAccountsSignBlobCall) Context(ctx context.Context) *ProjectsServiceAccountsSignBlobCall {
 13547  	c.ctx_ = ctx
 13548  	return c
 13549  }
 13550  
 13551  // Header returns a http.Header that can be modified by the caller to add
 13552  // headers to the request.
 13553  func (c *ProjectsServiceAccountsSignBlobCall) Header() http.Header {
 13554  	if c.header_ == nil {
 13555  		c.header_ = make(http.Header)
 13556  	}
 13557  	return c.header_
 13558  }
 13559  
 13560  func (c *ProjectsServiceAccountsSignBlobCall) doRequest(alt string) (*http.Response, error) {
 13561  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 13562  	var body io.Reader = nil
 13563  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.signblobrequest)
 13564  	if err != nil {
 13565  		return nil, err
 13566  	}
 13567  	c.urlParams_.Set("alt", alt)
 13568  	c.urlParams_.Set("prettyPrint", "false")
 13569  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signBlob")
 13570  	urls += "?" + c.urlParams_.Encode()
 13571  	req, err := http.NewRequest("POST", urls, body)
 13572  	if err != nil {
 13573  		return nil, err
 13574  	}
 13575  	req.Header = reqHeaders
 13576  	googleapi.Expand(req.URL, map[string]string{
 13577  		"name": c.name,
 13578  	})
 13579  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13580  }
 13581  
 13582  // Do executes the "iam.projects.serviceAccounts.signBlob" call.
 13583  // Any non-2xx status code is an error. Response headers are in either
 13584  // *SignBlobResponse.ServerResponse.Header or (if a response was returned at
 13585  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 13586  // check whether the returned error was because http.StatusNotModified was
 13587  // returned.
 13588  func (c *ProjectsServiceAccountsSignBlobCall) Do(opts ...googleapi.CallOption) (*SignBlobResponse, error) {
 13589  	gensupport.SetOptions(c.urlParams_, opts...)
 13590  	res, err := c.doRequest("json")
 13591  	if res != nil && res.StatusCode == http.StatusNotModified {
 13592  		if res.Body != nil {
 13593  			res.Body.Close()
 13594  		}
 13595  		return nil, gensupport.WrapError(&googleapi.Error{
 13596  			Code:   res.StatusCode,
 13597  			Header: res.Header,
 13598  		})
 13599  	}
 13600  	if err != nil {
 13601  		return nil, err
 13602  	}
 13603  	defer googleapi.CloseBody(res)
 13604  	if err := googleapi.CheckResponse(res); err != nil {
 13605  		return nil, gensupport.WrapError(err)
 13606  	}
 13607  	ret := &SignBlobResponse{
 13608  		ServerResponse: googleapi.ServerResponse{
 13609  			Header:         res.Header,
 13610  			HTTPStatusCode: res.StatusCode,
 13611  		},
 13612  	}
 13613  	target := &ret
 13614  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13615  		return nil, err
 13616  	}
 13617  	return ret, nil
 13618  }
 13619  
 13620  type ProjectsServiceAccountsSignJwtCall struct {
 13621  	s              *Service
 13622  	name           string
 13623  	signjwtrequest *SignJwtRequest
 13624  	urlParams_     gensupport.URLParams
 13625  	ctx_           context.Context
 13626  	header_        http.Header
 13627  }
 13628  
 13629  // SignJwt: **Note:** This method is deprecated. Use the `signJwt`
 13630  // (https://cloud.google.com/iam/help/rest-credentials/v1/projects.serviceAccounts/signJwt)
 13631  // method in the IAM Service Account Credentials API instead. If you currently
 13632  // use this method, see the migration guide
 13633  // (https://cloud.google.com/iam/help/credentials/migrate-api) for
 13634  // instructions. Signs a JSON Web Token (JWT) using the system-managed private
 13635  // key for a ServiceAccount.
 13636  //
 13637  //   - name: Deprecated. Migrate to Service Account Credentials API
 13638  //     (https://cloud.google.com/iam/help/credentials/migrate-api). The resource
 13639  //     name of the service account. Use one of the following formats: *
 13640  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 13641  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 13642  //     can use the `-` wildcard character instead of the project ID: *
 13643  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 13644  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 13645  //     `-` wildcard character, because it can cause response messages to contain
 13646  //     misleading error codes. For example, if you try to access the service
 13647  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 13648  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 13649  //     `404 Not Found` error.
 13650  func (r *ProjectsServiceAccountsService) SignJwt(name string, signjwtrequest *SignJwtRequest) *ProjectsServiceAccountsSignJwtCall {
 13651  	c := &ProjectsServiceAccountsSignJwtCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13652  	c.name = name
 13653  	c.signjwtrequest = signjwtrequest
 13654  	return c
 13655  }
 13656  
 13657  // Fields allows partial responses to be retrieved. See
 13658  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13659  // details.
 13660  func (c *ProjectsServiceAccountsSignJwtCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsSignJwtCall {
 13661  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13662  	return c
 13663  }
 13664  
 13665  // Context sets the context to be used in this call's Do method.
 13666  func (c *ProjectsServiceAccountsSignJwtCall) Context(ctx context.Context) *ProjectsServiceAccountsSignJwtCall {
 13667  	c.ctx_ = ctx
 13668  	return c
 13669  }
 13670  
 13671  // Header returns a http.Header that can be modified by the caller to add
 13672  // headers to the request.
 13673  func (c *ProjectsServiceAccountsSignJwtCall) Header() http.Header {
 13674  	if c.header_ == nil {
 13675  		c.header_ = make(http.Header)
 13676  	}
 13677  	return c.header_
 13678  }
 13679  
 13680  func (c *ProjectsServiceAccountsSignJwtCall) doRequest(alt string) (*http.Response, error) {
 13681  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 13682  	var body io.Reader = nil
 13683  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.signjwtrequest)
 13684  	if err != nil {
 13685  		return nil, err
 13686  	}
 13687  	c.urlParams_.Set("alt", alt)
 13688  	c.urlParams_.Set("prettyPrint", "false")
 13689  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:signJwt")
 13690  	urls += "?" + c.urlParams_.Encode()
 13691  	req, err := http.NewRequest("POST", urls, body)
 13692  	if err != nil {
 13693  		return nil, err
 13694  	}
 13695  	req.Header = reqHeaders
 13696  	googleapi.Expand(req.URL, map[string]string{
 13697  		"name": c.name,
 13698  	})
 13699  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13700  }
 13701  
 13702  // Do executes the "iam.projects.serviceAccounts.signJwt" call.
 13703  // Any non-2xx status code is an error. Response headers are in either
 13704  // *SignJwtResponse.ServerResponse.Header or (if a response was returned at
 13705  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 13706  // check whether the returned error was because http.StatusNotModified was
 13707  // returned.
 13708  func (c *ProjectsServiceAccountsSignJwtCall) Do(opts ...googleapi.CallOption) (*SignJwtResponse, error) {
 13709  	gensupport.SetOptions(c.urlParams_, opts...)
 13710  	res, err := c.doRequest("json")
 13711  	if res != nil && res.StatusCode == http.StatusNotModified {
 13712  		if res.Body != nil {
 13713  			res.Body.Close()
 13714  		}
 13715  		return nil, gensupport.WrapError(&googleapi.Error{
 13716  			Code:   res.StatusCode,
 13717  			Header: res.Header,
 13718  		})
 13719  	}
 13720  	if err != nil {
 13721  		return nil, err
 13722  	}
 13723  	defer googleapi.CloseBody(res)
 13724  	if err := googleapi.CheckResponse(res); err != nil {
 13725  		return nil, gensupport.WrapError(err)
 13726  	}
 13727  	ret := &SignJwtResponse{
 13728  		ServerResponse: googleapi.ServerResponse{
 13729  			Header:         res.Header,
 13730  			HTTPStatusCode: res.StatusCode,
 13731  		},
 13732  	}
 13733  	target := &ret
 13734  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13735  		return nil, err
 13736  	}
 13737  	return ret, nil
 13738  }
 13739  
 13740  type ProjectsServiceAccountsTestIamPermissionsCall struct {
 13741  	s                         *Service
 13742  	resource                  string
 13743  	testiampermissionsrequest *TestIamPermissionsRequest
 13744  	urlParams_                gensupport.URLParams
 13745  	ctx_                      context.Context
 13746  	header_                   http.Header
 13747  }
 13748  
 13749  // TestIamPermissions: Tests whether the caller has the specified permissions
 13750  // on a ServiceAccount.
 13751  //
 13752  //   - resource: REQUIRED: The resource for which the policy detail is being
 13753  //     requested. See Resource names
 13754  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
 13755  //     value for this field.
 13756  func (r *ProjectsServiceAccountsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsServiceAccountsTestIamPermissionsCall {
 13757  	c := &ProjectsServiceAccountsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13758  	c.resource = resource
 13759  	c.testiampermissionsrequest = testiampermissionsrequest
 13760  	return c
 13761  }
 13762  
 13763  // Fields allows partial responses to be retrieved. See
 13764  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13765  // details.
 13766  func (c *ProjectsServiceAccountsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsTestIamPermissionsCall {
 13767  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13768  	return c
 13769  }
 13770  
 13771  // Context sets the context to be used in this call's Do method.
 13772  func (c *ProjectsServiceAccountsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsServiceAccountsTestIamPermissionsCall {
 13773  	c.ctx_ = ctx
 13774  	return c
 13775  }
 13776  
 13777  // Header returns a http.Header that can be modified by the caller to add
 13778  // headers to the request.
 13779  func (c *ProjectsServiceAccountsTestIamPermissionsCall) Header() http.Header {
 13780  	if c.header_ == nil {
 13781  		c.header_ = make(http.Header)
 13782  	}
 13783  	return c.header_
 13784  }
 13785  
 13786  func (c *ProjectsServiceAccountsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
 13787  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 13788  	var body io.Reader = nil
 13789  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
 13790  	if err != nil {
 13791  		return nil, err
 13792  	}
 13793  	c.urlParams_.Set("alt", alt)
 13794  	c.urlParams_.Set("prettyPrint", "false")
 13795  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
 13796  	urls += "?" + c.urlParams_.Encode()
 13797  	req, err := http.NewRequest("POST", urls, body)
 13798  	if err != nil {
 13799  		return nil, err
 13800  	}
 13801  	req.Header = reqHeaders
 13802  	googleapi.Expand(req.URL, map[string]string{
 13803  		"resource": c.resource,
 13804  	})
 13805  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13806  }
 13807  
 13808  // Do executes the "iam.projects.serviceAccounts.testIamPermissions" call.
 13809  // Any non-2xx status code is an error. Response headers are in either
 13810  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
 13811  // returned at all) in error.(*googleapi.Error).Header. Use
 13812  // googleapi.IsNotModified to check whether the returned error was because
 13813  // http.StatusNotModified was returned.
 13814  func (c *ProjectsServiceAccountsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
 13815  	gensupport.SetOptions(c.urlParams_, opts...)
 13816  	res, err := c.doRequest("json")
 13817  	if res != nil && res.StatusCode == http.StatusNotModified {
 13818  		if res.Body != nil {
 13819  			res.Body.Close()
 13820  		}
 13821  		return nil, gensupport.WrapError(&googleapi.Error{
 13822  			Code:   res.StatusCode,
 13823  			Header: res.Header,
 13824  		})
 13825  	}
 13826  	if err != nil {
 13827  		return nil, err
 13828  	}
 13829  	defer googleapi.CloseBody(res)
 13830  	if err := googleapi.CheckResponse(res); err != nil {
 13831  		return nil, gensupport.WrapError(err)
 13832  	}
 13833  	ret := &TestIamPermissionsResponse{
 13834  		ServerResponse: googleapi.ServerResponse{
 13835  			Header:         res.Header,
 13836  			HTTPStatusCode: res.StatusCode,
 13837  		},
 13838  	}
 13839  	target := &ret
 13840  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13841  		return nil, err
 13842  	}
 13843  	return ret, nil
 13844  }
 13845  
 13846  type ProjectsServiceAccountsUndeleteCall struct {
 13847  	s                             *Service
 13848  	name                          string
 13849  	undeleteserviceaccountrequest *UndeleteServiceAccountRequest
 13850  	urlParams_                    gensupport.URLParams
 13851  	ctx_                          context.Context
 13852  	header_                       http.Header
 13853  }
 13854  
 13855  // Undelete: Restores a deleted ServiceAccount. **Important:** It is not always
 13856  // possible to restore a deleted service account. Use this method only as a
 13857  // last resort. After you delete a service account, IAM permanently removes the
 13858  // service account 30 days later. There is no way to restore a deleted service
 13859  // account that has been permanently removed.
 13860  //
 13861  //   - name: The resource name of the service account. Use one of the following
 13862  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 13863  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 13864  //     can use the `-` wildcard character instead of the project ID: *
 13865  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 13866  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 13867  //     `-` wildcard character, because it can cause response messages to contain
 13868  //     misleading error codes. For example, if you try to access the service
 13869  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 13870  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 13871  //     `404 Not Found` error.
 13872  func (r *ProjectsServiceAccountsService) Undelete(name string, undeleteserviceaccountrequest *UndeleteServiceAccountRequest) *ProjectsServiceAccountsUndeleteCall {
 13873  	c := &ProjectsServiceAccountsUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13874  	c.name = name
 13875  	c.undeleteserviceaccountrequest = undeleteserviceaccountrequest
 13876  	return c
 13877  }
 13878  
 13879  // Fields allows partial responses to be retrieved. See
 13880  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13881  // details.
 13882  func (c *ProjectsServiceAccountsUndeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUndeleteCall {
 13883  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13884  	return c
 13885  }
 13886  
 13887  // Context sets the context to be used in this call's Do method.
 13888  func (c *ProjectsServiceAccountsUndeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsUndeleteCall {
 13889  	c.ctx_ = ctx
 13890  	return c
 13891  }
 13892  
 13893  // Header returns a http.Header that can be modified by the caller to add
 13894  // headers to the request.
 13895  func (c *ProjectsServiceAccountsUndeleteCall) Header() http.Header {
 13896  	if c.header_ == nil {
 13897  		c.header_ = make(http.Header)
 13898  	}
 13899  	return c.header_
 13900  }
 13901  
 13902  func (c *ProjectsServiceAccountsUndeleteCall) doRequest(alt string) (*http.Response, error) {
 13903  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 13904  	var body io.Reader = nil
 13905  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeleteserviceaccountrequest)
 13906  	if err != nil {
 13907  		return nil, err
 13908  	}
 13909  	c.urlParams_.Set("alt", alt)
 13910  	c.urlParams_.Set("prettyPrint", "false")
 13911  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
 13912  	urls += "?" + c.urlParams_.Encode()
 13913  	req, err := http.NewRequest("POST", urls, body)
 13914  	if err != nil {
 13915  		return nil, err
 13916  	}
 13917  	req.Header = reqHeaders
 13918  	googleapi.Expand(req.URL, map[string]string{
 13919  		"name": c.name,
 13920  	})
 13921  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 13922  }
 13923  
 13924  // Do executes the "iam.projects.serviceAccounts.undelete" call.
 13925  // Any non-2xx status code is an error. Response headers are in either
 13926  // *UndeleteServiceAccountResponse.ServerResponse.Header or (if a response was
 13927  // returned at all) in error.(*googleapi.Error).Header. Use
 13928  // googleapi.IsNotModified to check whether the returned error was because
 13929  // http.StatusNotModified was returned.
 13930  func (c *ProjectsServiceAccountsUndeleteCall) Do(opts ...googleapi.CallOption) (*UndeleteServiceAccountResponse, error) {
 13931  	gensupport.SetOptions(c.urlParams_, opts...)
 13932  	res, err := c.doRequest("json")
 13933  	if res != nil && res.StatusCode == http.StatusNotModified {
 13934  		if res.Body != nil {
 13935  			res.Body.Close()
 13936  		}
 13937  		return nil, gensupport.WrapError(&googleapi.Error{
 13938  			Code:   res.StatusCode,
 13939  			Header: res.Header,
 13940  		})
 13941  	}
 13942  	if err != nil {
 13943  		return nil, err
 13944  	}
 13945  	defer googleapi.CloseBody(res)
 13946  	if err := googleapi.CheckResponse(res); err != nil {
 13947  		return nil, gensupport.WrapError(err)
 13948  	}
 13949  	ret := &UndeleteServiceAccountResponse{
 13950  		ServerResponse: googleapi.ServerResponse{
 13951  			Header:         res.Header,
 13952  			HTTPStatusCode: res.StatusCode,
 13953  		},
 13954  	}
 13955  	target := &ret
 13956  	if err := gensupport.DecodeResponse(target, res); err != nil {
 13957  		return nil, err
 13958  	}
 13959  	return ret, nil
 13960  }
 13961  
 13962  type ProjectsServiceAccountsUpdateCall struct {
 13963  	s              *Service
 13964  	name           string
 13965  	serviceaccount *ServiceAccount
 13966  	urlParams_     gensupport.URLParams
 13967  	ctx_           context.Context
 13968  	header_        http.Header
 13969  }
 13970  
 13971  // Update: **Note:** We are in the process of deprecating this method. Use
 13972  // PatchServiceAccount instead. Updates a ServiceAccount. You can update only
 13973  // the `display_name` field.
 13974  //
 13975  //   - name: The resource name of the service account. Use one of the following
 13976  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 13977  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 13978  //     can use the `-` wildcard character instead of the project ID: *
 13979  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 13980  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 13981  //     `-` wildcard character, because it can cause response messages to contain
 13982  //     misleading error codes. For example, if you try to access the service
 13983  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 13984  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 13985  //     `404 Not Found` error.
 13986  func (r *ProjectsServiceAccountsService) Update(name string, serviceaccount *ServiceAccount) *ProjectsServiceAccountsUpdateCall {
 13987  	c := &ProjectsServiceAccountsUpdateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 13988  	c.name = name
 13989  	c.serviceaccount = serviceaccount
 13990  	return c
 13991  }
 13992  
 13993  // Fields allows partial responses to be retrieved. See
 13994  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 13995  // details.
 13996  func (c *ProjectsServiceAccountsUpdateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsUpdateCall {
 13997  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 13998  	return c
 13999  }
 14000  
 14001  // Context sets the context to be used in this call's Do method.
 14002  func (c *ProjectsServiceAccountsUpdateCall) Context(ctx context.Context) *ProjectsServiceAccountsUpdateCall {
 14003  	c.ctx_ = ctx
 14004  	return c
 14005  }
 14006  
 14007  // Header returns a http.Header that can be modified by the caller to add
 14008  // headers to the request.
 14009  func (c *ProjectsServiceAccountsUpdateCall) Header() http.Header {
 14010  	if c.header_ == nil {
 14011  		c.header_ = make(http.Header)
 14012  	}
 14013  	return c.header_
 14014  }
 14015  
 14016  func (c *ProjectsServiceAccountsUpdateCall) doRequest(alt string) (*http.Response, error) {
 14017  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 14018  	var body io.Reader = nil
 14019  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.serviceaccount)
 14020  	if err != nil {
 14021  		return nil, err
 14022  	}
 14023  	c.urlParams_.Set("alt", alt)
 14024  	c.urlParams_.Set("prettyPrint", "false")
 14025  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 14026  	urls += "?" + c.urlParams_.Encode()
 14027  	req, err := http.NewRequest("PUT", urls, body)
 14028  	if err != nil {
 14029  		return nil, err
 14030  	}
 14031  	req.Header = reqHeaders
 14032  	googleapi.Expand(req.URL, map[string]string{
 14033  		"name": c.name,
 14034  	})
 14035  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14036  }
 14037  
 14038  // Do executes the "iam.projects.serviceAccounts.update" call.
 14039  // Any non-2xx status code is an error. Response headers are in either
 14040  // *ServiceAccount.ServerResponse.Header or (if a response was returned at all)
 14041  // in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 14042  // whether the returned error was because http.StatusNotModified was returned.
 14043  func (c *ProjectsServiceAccountsUpdateCall) Do(opts ...googleapi.CallOption) (*ServiceAccount, error) {
 14044  	gensupport.SetOptions(c.urlParams_, opts...)
 14045  	res, err := c.doRequest("json")
 14046  	if res != nil && res.StatusCode == http.StatusNotModified {
 14047  		if res.Body != nil {
 14048  			res.Body.Close()
 14049  		}
 14050  		return nil, gensupport.WrapError(&googleapi.Error{
 14051  			Code:   res.StatusCode,
 14052  			Header: res.Header,
 14053  		})
 14054  	}
 14055  	if err != nil {
 14056  		return nil, err
 14057  	}
 14058  	defer googleapi.CloseBody(res)
 14059  	if err := googleapi.CheckResponse(res); err != nil {
 14060  		return nil, gensupport.WrapError(err)
 14061  	}
 14062  	ret := &ServiceAccount{
 14063  		ServerResponse: googleapi.ServerResponse{
 14064  			Header:         res.Header,
 14065  			HTTPStatusCode: res.StatusCode,
 14066  		},
 14067  	}
 14068  	target := &ret
 14069  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14070  		return nil, err
 14071  	}
 14072  	return ret, nil
 14073  }
 14074  
 14075  type ProjectsServiceAccountsKeysCreateCall struct {
 14076  	s                              *Service
 14077  	name                           string
 14078  	createserviceaccountkeyrequest *CreateServiceAccountKeyRequest
 14079  	urlParams_                     gensupport.URLParams
 14080  	ctx_                           context.Context
 14081  	header_                        http.Header
 14082  }
 14083  
 14084  // Create: Creates a ServiceAccountKey.
 14085  //
 14086  //   - name: The resource name of the service account. Use one of the following
 14087  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 14088  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 14089  //     can use the `-` wildcard character instead of the project ID: *
 14090  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 14091  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 14092  //     `-` wildcard character, because it can cause response messages to contain
 14093  //     misleading error codes. For example, if you try to access the service
 14094  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 14095  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 14096  //     `404 Not Found` error.
 14097  func (r *ProjectsServiceAccountsKeysService) Create(name string, createserviceaccountkeyrequest *CreateServiceAccountKeyRequest) *ProjectsServiceAccountsKeysCreateCall {
 14098  	c := &ProjectsServiceAccountsKeysCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14099  	c.name = name
 14100  	c.createserviceaccountkeyrequest = createserviceaccountkeyrequest
 14101  	return c
 14102  }
 14103  
 14104  // Fields allows partial responses to be retrieved. See
 14105  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14106  // details.
 14107  func (c *ProjectsServiceAccountsKeysCreateCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysCreateCall {
 14108  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14109  	return c
 14110  }
 14111  
 14112  // Context sets the context to be used in this call's Do method.
 14113  func (c *ProjectsServiceAccountsKeysCreateCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysCreateCall {
 14114  	c.ctx_ = ctx
 14115  	return c
 14116  }
 14117  
 14118  // Header returns a http.Header that can be modified by the caller to add
 14119  // headers to the request.
 14120  func (c *ProjectsServiceAccountsKeysCreateCall) Header() http.Header {
 14121  	if c.header_ == nil {
 14122  		c.header_ = make(http.Header)
 14123  	}
 14124  	return c.header_
 14125  }
 14126  
 14127  func (c *ProjectsServiceAccountsKeysCreateCall) doRequest(alt string) (*http.Response, error) {
 14128  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 14129  	var body io.Reader = nil
 14130  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.createserviceaccountkeyrequest)
 14131  	if err != nil {
 14132  		return nil, err
 14133  	}
 14134  	c.urlParams_.Set("alt", alt)
 14135  	c.urlParams_.Set("prettyPrint", "false")
 14136  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys")
 14137  	urls += "?" + c.urlParams_.Encode()
 14138  	req, err := http.NewRequest("POST", urls, body)
 14139  	if err != nil {
 14140  		return nil, err
 14141  	}
 14142  	req.Header = reqHeaders
 14143  	googleapi.Expand(req.URL, map[string]string{
 14144  		"name": c.name,
 14145  	})
 14146  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14147  }
 14148  
 14149  // Do executes the "iam.projects.serviceAccounts.keys.create" call.
 14150  // Any non-2xx status code is an error. Response headers are in either
 14151  // *ServiceAccountKey.ServerResponse.Header or (if a response was returned at
 14152  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 14153  // check whether the returned error was because http.StatusNotModified was
 14154  // returned.
 14155  func (c *ProjectsServiceAccountsKeysCreateCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) {
 14156  	gensupport.SetOptions(c.urlParams_, opts...)
 14157  	res, err := c.doRequest("json")
 14158  	if res != nil && res.StatusCode == http.StatusNotModified {
 14159  		if res.Body != nil {
 14160  			res.Body.Close()
 14161  		}
 14162  		return nil, gensupport.WrapError(&googleapi.Error{
 14163  			Code:   res.StatusCode,
 14164  			Header: res.Header,
 14165  		})
 14166  	}
 14167  	if err != nil {
 14168  		return nil, err
 14169  	}
 14170  	defer googleapi.CloseBody(res)
 14171  	if err := googleapi.CheckResponse(res); err != nil {
 14172  		return nil, gensupport.WrapError(err)
 14173  	}
 14174  	ret := &ServiceAccountKey{
 14175  		ServerResponse: googleapi.ServerResponse{
 14176  			Header:         res.Header,
 14177  			HTTPStatusCode: res.StatusCode,
 14178  		},
 14179  	}
 14180  	target := &ret
 14181  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14182  		return nil, err
 14183  	}
 14184  	return ret, nil
 14185  }
 14186  
 14187  type ProjectsServiceAccountsKeysDeleteCall struct {
 14188  	s          *Service
 14189  	name       string
 14190  	urlParams_ gensupport.URLParams
 14191  	ctx_       context.Context
 14192  	header_    http.Header
 14193  }
 14194  
 14195  // Delete: Deletes a ServiceAccountKey. Deleting a service account key does not
 14196  // revoke short-lived credentials that have been issued based on the service
 14197  // account key.
 14198  //
 14199  //   - name: The resource name of the service account key. Use one of the
 14200  //     following formats: *
 14201  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14202  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` As an
 14203  //     alternative, you can use the `-` wildcard character instead of the project
 14204  //     ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14205  //     `projects/-/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` When possible,
 14206  //     avoid using the `-` wildcard character, because it can cause response
 14207  //     messages to contain misleading error codes. For example, if you try to
 14208  //     access the service account key
 14209  //     `projects/-/serviceAccounts/fake@example.com/keys/fake-key`, which does
 14210  //     not exist, the response contains an HTTP `403 Forbidden` error instead of
 14211  //     a `404 Not Found` error.
 14212  func (r *ProjectsServiceAccountsKeysService) Delete(name string) *ProjectsServiceAccountsKeysDeleteCall {
 14213  	c := &ProjectsServiceAccountsKeysDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14214  	c.name = name
 14215  	return c
 14216  }
 14217  
 14218  // Fields allows partial responses to be retrieved. See
 14219  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14220  // details.
 14221  func (c *ProjectsServiceAccountsKeysDeleteCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDeleteCall {
 14222  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14223  	return c
 14224  }
 14225  
 14226  // Context sets the context to be used in this call's Do method.
 14227  func (c *ProjectsServiceAccountsKeysDeleteCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDeleteCall {
 14228  	c.ctx_ = ctx
 14229  	return c
 14230  }
 14231  
 14232  // Header returns a http.Header that can be modified by the caller to add
 14233  // headers to the request.
 14234  func (c *ProjectsServiceAccountsKeysDeleteCall) Header() http.Header {
 14235  	if c.header_ == nil {
 14236  		c.header_ = make(http.Header)
 14237  	}
 14238  	return c.header_
 14239  }
 14240  
 14241  func (c *ProjectsServiceAccountsKeysDeleteCall) doRequest(alt string) (*http.Response, error) {
 14242  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 14243  	var body io.Reader = nil
 14244  	c.urlParams_.Set("alt", alt)
 14245  	c.urlParams_.Set("prettyPrint", "false")
 14246  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 14247  	urls += "?" + c.urlParams_.Encode()
 14248  	req, err := http.NewRequest("DELETE", urls, body)
 14249  	if err != nil {
 14250  		return nil, err
 14251  	}
 14252  	req.Header = reqHeaders
 14253  	googleapi.Expand(req.URL, map[string]string{
 14254  		"name": c.name,
 14255  	})
 14256  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14257  }
 14258  
 14259  // Do executes the "iam.projects.serviceAccounts.keys.delete" call.
 14260  // Any non-2xx status code is an error. Response headers are in either
 14261  // *Empty.ServerResponse.Header or (if a response was returned at all) in
 14262  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 14263  // whether the returned error was because http.StatusNotModified was returned.
 14264  func (c *ProjectsServiceAccountsKeysDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 14265  	gensupport.SetOptions(c.urlParams_, opts...)
 14266  	res, err := c.doRequest("json")
 14267  	if res != nil && res.StatusCode == http.StatusNotModified {
 14268  		if res.Body != nil {
 14269  			res.Body.Close()
 14270  		}
 14271  		return nil, gensupport.WrapError(&googleapi.Error{
 14272  			Code:   res.StatusCode,
 14273  			Header: res.Header,
 14274  		})
 14275  	}
 14276  	if err != nil {
 14277  		return nil, err
 14278  	}
 14279  	defer googleapi.CloseBody(res)
 14280  	if err := googleapi.CheckResponse(res); err != nil {
 14281  		return nil, gensupport.WrapError(err)
 14282  	}
 14283  	ret := &Empty{
 14284  		ServerResponse: googleapi.ServerResponse{
 14285  			Header:         res.Header,
 14286  			HTTPStatusCode: res.StatusCode,
 14287  		},
 14288  	}
 14289  	target := &ret
 14290  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14291  		return nil, err
 14292  	}
 14293  	return ret, nil
 14294  }
 14295  
 14296  type ProjectsServiceAccountsKeysDisableCall struct {
 14297  	s                               *Service
 14298  	name                            string
 14299  	disableserviceaccountkeyrequest *DisableServiceAccountKeyRequest
 14300  	urlParams_                      gensupport.URLParams
 14301  	ctx_                            context.Context
 14302  	header_                         http.Header
 14303  }
 14304  
 14305  // Disable: Disable a ServiceAccountKey. A disabled service account key can be
 14306  // re-enabled with EnableServiceAccountKey.
 14307  //
 14308  //   - name: The resource name of the service account key. Use one of the
 14309  //     following formats: *
 14310  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14311  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` As an
 14312  //     alternative, you can use the `-` wildcard character instead of the project
 14313  //     ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14314  //     `projects/-/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` When possible,
 14315  //     avoid using the `-` wildcard character, because it can cause response
 14316  //     messages to contain misleading error codes. For example, if you try to
 14317  //     access the service account key
 14318  //     `projects/-/serviceAccounts/fake@example.com/keys/fake-key`, which does
 14319  //     not exist, the response contains an HTTP `403 Forbidden` error instead of
 14320  //     a `404 Not Found` error.
 14321  func (r *ProjectsServiceAccountsKeysService) Disable(name string, disableserviceaccountkeyrequest *DisableServiceAccountKeyRequest) *ProjectsServiceAccountsKeysDisableCall {
 14322  	c := &ProjectsServiceAccountsKeysDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14323  	c.name = name
 14324  	c.disableserviceaccountkeyrequest = disableserviceaccountkeyrequest
 14325  	return c
 14326  }
 14327  
 14328  // Fields allows partial responses to be retrieved. See
 14329  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14330  // details.
 14331  func (c *ProjectsServiceAccountsKeysDisableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysDisableCall {
 14332  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14333  	return c
 14334  }
 14335  
 14336  // Context sets the context to be used in this call's Do method.
 14337  func (c *ProjectsServiceAccountsKeysDisableCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysDisableCall {
 14338  	c.ctx_ = ctx
 14339  	return c
 14340  }
 14341  
 14342  // Header returns a http.Header that can be modified by the caller to add
 14343  // headers to the request.
 14344  func (c *ProjectsServiceAccountsKeysDisableCall) Header() http.Header {
 14345  	if c.header_ == nil {
 14346  		c.header_ = make(http.Header)
 14347  	}
 14348  	return c.header_
 14349  }
 14350  
 14351  func (c *ProjectsServiceAccountsKeysDisableCall) doRequest(alt string) (*http.Response, error) {
 14352  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 14353  	var body io.Reader = nil
 14354  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.disableserviceaccountkeyrequest)
 14355  	if err != nil {
 14356  		return nil, err
 14357  	}
 14358  	c.urlParams_.Set("alt", alt)
 14359  	c.urlParams_.Set("prettyPrint", "false")
 14360  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable")
 14361  	urls += "?" + c.urlParams_.Encode()
 14362  	req, err := http.NewRequest("POST", urls, body)
 14363  	if err != nil {
 14364  		return nil, err
 14365  	}
 14366  	req.Header = reqHeaders
 14367  	googleapi.Expand(req.URL, map[string]string{
 14368  		"name": c.name,
 14369  	})
 14370  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14371  }
 14372  
 14373  // Do executes the "iam.projects.serviceAccounts.keys.disable" call.
 14374  // Any non-2xx status code is an error. Response headers are in either
 14375  // *Empty.ServerResponse.Header or (if a response was returned at all) in
 14376  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 14377  // whether the returned error was because http.StatusNotModified was returned.
 14378  func (c *ProjectsServiceAccountsKeysDisableCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 14379  	gensupport.SetOptions(c.urlParams_, opts...)
 14380  	res, err := c.doRequest("json")
 14381  	if res != nil && res.StatusCode == http.StatusNotModified {
 14382  		if res.Body != nil {
 14383  			res.Body.Close()
 14384  		}
 14385  		return nil, gensupport.WrapError(&googleapi.Error{
 14386  			Code:   res.StatusCode,
 14387  			Header: res.Header,
 14388  		})
 14389  	}
 14390  	if err != nil {
 14391  		return nil, err
 14392  	}
 14393  	defer googleapi.CloseBody(res)
 14394  	if err := googleapi.CheckResponse(res); err != nil {
 14395  		return nil, gensupport.WrapError(err)
 14396  	}
 14397  	ret := &Empty{
 14398  		ServerResponse: googleapi.ServerResponse{
 14399  			Header:         res.Header,
 14400  			HTTPStatusCode: res.StatusCode,
 14401  		},
 14402  	}
 14403  	target := &ret
 14404  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14405  		return nil, err
 14406  	}
 14407  	return ret, nil
 14408  }
 14409  
 14410  type ProjectsServiceAccountsKeysEnableCall struct {
 14411  	s                              *Service
 14412  	name                           string
 14413  	enableserviceaccountkeyrequest *EnableServiceAccountKeyRequest
 14414  	urlParams_                     gensupport.URLParams
 14415  	ctx_                           context.Context
 14416  	header_                        http.Header
 14417  }
 14418  
 14419  // Enable: Enable a ServiceAccountKey.
 14420  //
 14421  //   - name: The resource name of the service account key. Use one of the
 14422  //     following formats: *
 14423  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14424  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` As an
 14425  //     alternative, you can use the `-` wildcard character instead of the project
 14426  //     ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14427  //     `projects/-/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` When possible,
 14428  //     avoid using the `-` wildcard character, because it can cause response
 14429  //     messages to contain misleading error codes. For example, if you try to
 14430  //     access the service account key
 14431  //     `projects/-/serviceAccounts/fake@example.com/keys/fake-key`, which does
 14432  //     not exist, the response contains an HTTP `403 Forbidden` error instead of
 14433  //     a `404 Not Found` error.
 14434  func (r *ProjectsServiceAccountsKeysService) Enable(name string, enableserviceaccountkeyrequest *EnableServiceAccountKeyRequest) *ProjectsServiceAccountsKeysEnableCall {
 14435  	c := &ProjectsServiceAccountsKeysEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14436  	c.name = name
 14437  	c.enableserviceaccountkeyrequest = enableserviceaccountkeyrequest
 14438  	return c
 14439  }
 14440  
 14441  // Fields allows partial responses to be retrieved. See
 14442  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14443  // details.
 14444  func (c *ProjectsServiceAccountsKeysEnableCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysEnableCall {
 14445  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14446  	return c
 14447  }
 14448  
 14449  // Context sets the context to be used in this call's Do method.
 14450  func (c *ProjectsServiceAccountsKeysEnableCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysEnableCall {
 14451  	c.ctx_ = ctx
 14452  	return c
 14453  }
 14454  
 14455  // Header returns a http.Header that can be modified by the caller to add
 14456  // headers to the request.
 14457  func (c *ProjectsServiceAccountsKeysEnableCall) Header() http.Header {
 14458  	if c.header_ == nil {
 14459  		c.header_ = make(http.Header)
 14460  	}
 14461  	return c.header_
 14462  }
 14463  
 14464  func (c *ProjectsServiceAccountsKeysEnableCall) doRequest(alt string) (*http.Response, error) {
 14465  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 14466  	var body io.Reader = nil
 14467  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.enableserviceaccountkeyrequest)
 14468  	if err != nil {
 14469  		return nil, err
 14470  	}
 14471  	c.urlParams_.Set("alt", alt)
 14472  	c.urlParams_.Set("prettyPrint", "false")
 14473  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable")
 14474  	urls += "?" + c.urlParams_.Encode()
 14475  	req, err := http.NewRequest("POST", urls, body)
 14476  	if err != nil {
 14477  		return nil, err
 14478  	}
 14479  	req.Header = reqHeaders
 14480  	googleapi.Expand(req.URL, map[string]string{
 14481  		"name": c.name,
 14482  	})
 14483  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14484  }
 14485  
 14486  // Do executes the "iam.projects.serviceAccounts.keys.enable" call.
 14487  // Any non-2xx status code is an error. Response headers are in either
 14488  // *Empty.ServerResponse.Header or (if a response was returned at all) in
 14489  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 14490  // whether the returned error was because http.StatusNotModified was returned.
 14491  func (c *ProjectsServiceAccountsKeysEnableCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
 14492  	gensupport.SetOptions(c.urlParams_, opts...)
 14493  	res, err := c.doRequest("json")
 14494  	if res != nil && res.StatusCode == http.StatusNotModified {
 14495  		if res.Body != nil {
 14496  			res.Body.Close()
 14497  		}
 14498  		return nil, gensupport.WrapError(&googleapi.Error{
 14499  			Code:   res.StatusCode,
 14500  			Header: res.Header,
 14501  		})
 14502  	}
 14503  	if err != nil {
 14504  		return nil, err
 14505  	}
 14506  	defer googleapi.CloseBody(res)
 14507  	if err := googleapi.CheckResponse(res); err != nil {
 14508  		return nil, gensupport.WrapError(err)
 14509  	}
 14510  	ret := &Empty{
 14511  		ServerResponse: googleapi.ServerResponse{
 14512  			Header:         res.Header,
 14513  			HTTPStatusCode: res.StatusCode,
 14514  		},
 14515  	}
 14516  	target := &ret
 14517  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14518  		return nil, err
 14519  	}
 14520  	return ret, nil
 14521  }
 14522  
 14523  type ProjectsServiceAccountsKeysGetCall struct {
 14524  	s            *Service
 14525  	name         string
 14526  	urlParams_   gensupport.URLParams
 14527  	ifNoneMatch_ string
 14528  	ctx_         context.Context
 14529  	header_      http.Header
 14530  }
 14531  
 14532  // Get: Gets a ServiceAccountKey.
 14533  //
 14534  //   - name: The resource name of the service account key. Use one of the
 14535  //     following formats: *
 14536  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14537  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` As an
 14538  //     alternative, you can use the `-` wildcard character instead of the project
 14539  //     ID: * `projects/-/serviceAccounts/{EMAIL_ADDRESS}/keys/{KEY_ID}` *
 14540  //     `projects/-/serviceAccounts/{UNIQUE_ID}/keys/{KEY_ID}` When possible,
 14541  //     avoid using the `-` wildcard character, because it can cause response
 14542  //     messages to contain misleading error codes. For example, if you try to
 14543  //     access the service account key
 14544  //     `projects/-/serviceAccounts/fake@example.com/keys/fake-key`, which does
 14545  //     not exist, the response contains an HTTP `403 Forbidden` error instead of
 14546  //     a `404 Not Found` error.
 14547  func (r *ProjectsServiceAccountsKeysService) Get(name string) *ProjectsServiceAccountsKeysGetCall {
 14548  	c := &ProjectsServiceAccountsKeysGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14549  	c.name = name
 14550  	return c
 14551  }
 14552  
 14553  // PublicKeyType sets the optional parameter "publicKeyType": The output format
 14554  // of the public key. The default is `TYPE_NONE`, which means that the public
 14555  // key is not returned.
 14556  //
 14557  // Possible values:
 14558  //
 14559  //	"TYPE_NONE" - Do not return the public key.
 14560  //	"TYPE_X509_PEM_FILE" - X509 PEM format.
 14561  //	"TYPE_RAW_PUBLIC_KEY" - Raw public key.
 14562  func (c *ProjectsServiceAccountsKeysGetCall) PublicKeyType(publicKeyType string) *ProjectsServiceAccountsKeysGetCall {
 14563  	c.urlParams_.Set("publicKeyType", publicKeyType)
 14564  	return c
 14565  }
 14566  
 14567  // Fields allows partial responses to be retrieved. See
 14568  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14569  // details.
 14570  func (c *ProjectsServiceAccountsKeysGetCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysGetCall {
 14571  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14572  	return c
 14573  }
 14574  
 14575  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 14576  // object's ETag matches the given value. This is useful for getting updates
 14577  // only after the object has changed since the last request.
 14578  func (c *ProjectsServiceAccountsKeysGetCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysGetCall {
 14579  	c.ifNoneMatch_ = entityTag
 14580  	return c
 14581  }
 14582  
 14583  // Context sets the context to be used in this call's Do method.
 14584  func (c *ProjectsServiceAccountsKeysGetCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysGetCall {
 14585  	c.ctx_ = ctx
 14586  	return c
 14587  }
 14588  
 14589  // Header returns a http.Header that can be modified by the caller to add
 14590  // headers to the request.
 14591  func (c *ProjectsServiceAccountsKeysGetCall) Header() http.Header {
 14592  	if c.header_ == nil {
 14593  		c.header_ = make(http.Header)
 14594  	}
 14595  	return c.header_
 14596  }
 14597  
 14598  func (c *ProjectsServiceAccountsKeysGetCall) doRequest(alt string) (*http.Response, error) {
 14599  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 14600  	if c.ifNoneMatch_ != "" {
 14601  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 14602  	}
 14603  	var body io.Reader = nil
 14604  	c.urlParams_.Set("alt", alt)
 14605  	c.urlParams_.Set("prettyPrint", "false")
 14606  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 14607  	urls += "?" + c.urlParams_.Encode()
 14608  	req, err := http.NewRequest("GET", urls, body)
 14609  	if err != nil {
 14610  		return nil, err
 14611  	}
 14612  	req.Header = reqHeaders
 14613  	googleapi.Expand(req.URL, map[string]string{
 14614  		"name": c.name,
 14615  	})
 14616  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14617  }
 14618  
 14619  // Do executes the "iam.projects.serviceAccounts.keys.get" call.
 14620  // Any non-2xx status code is an error. Response headers are in either
 14621  // *ServiceAccountKey.ServerResponse.Header or (if a response was returned at
 14622  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 14623  // check whether the returned error was because http.StatusNotModified was
 14624  // returned.
 14625  func (c *ProjectsServiceAccountsKeysGetCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) {
 14626  	gensupport.SetOptions(c.urlParams_, opts...)
 14627  	res, err := c.doRequest("json")
 14628  	if res != nil && res.StatusCode == http.StatusNotModified {
 14629  		if res.Body != nil {
 14630  			res.Body.Close()
 14631  		}
 14632  		return nil, gensupport.WrapError(&googleapi.Error{
 14633  			Code:   res.StatusCode,
 14634  			Header: res.Header,
 14635  		})
 14636  	}
 14637  	if err != nil {
 14638  		return nil, err
 14639  	}
 14640  	defer googleapi.CloseBody(res)
 14641  	if err := googleapi.CheckResponse(res); err != nil {
 14642  		return nil, gensupport.WrapError(err)
 14643  	}
 14644  	ret := &ServiceAccountKey{
 14645  		ServerResponse: googleapi.ServerResponse{
 14646  			Header:         res.Header,
 14647  			HTTPStatusCode: res.StatusCode,
 14648  		},
 14649  	}
 14650  	target := &ret
 14651  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14652  		return nil, err
 14653  	}
 14654  	return ret, nil
 14655  }
 14656  
 14657  type ProjectsServiceAccountsKeysListCall struct {
 14658  	s            *Service
 14659  	name         string
 14660  	urlParams_   gensupport.URLParams
 14661  	ifNoneMatch_ string
 14662  	ctx_         context.Context
 14663  	header_      http.Header
 14664  }
 14665  
 14666  // List: Lists every ServiceAccountKey for a service account.
 14667  //
 14668  //   - name: The resource name of the service account. Use one of the following
 14669  //     formats: * `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 14670  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 14671  //     can use the `-` wildcard character instead of the project ID: *
 14672  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 14673  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 14674  //     `-` wildcard character, because it can cause response messages to contain
 14675  //     misleading error codes. For example, if you try to access the service
 14676  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 14677  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 14678  //     `404 Not Found` error.
 14679  func (r *ProjectsServiceAccountsKeysService) List(name string) *ProjectsServiceAccountsKeysListCall {
 14680  	c := &ProjectsServiceAccountsKeysListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14681  	c.name = name
 14682  	return c
 14683  }
 14684  
 14685  // KeyTypes sets the optional parameter "keyTypes": Filters the types of keys
 14686  // the user wants to include in the list response. Duplicate key types are not
 14687  // allowed. If no key type is provided, all keys are returned.
 14688  //
 14689  // Possible values:
 14690  //
 14691  //	"KEY_TYPE_UNSPECIFIED" - Unspecified key type. The presence of this in the
 14692  //
 14693  // message will immediately result in an error.
 14694  //
 14695  //	"USER_MANAGED" - User-managed keys (managed and rotated by the user).
 14696  //	"SYSTEM_MANAGED" - System-managed keys (managed and rotated by Google).
 14697  func (c *ProjectsServiceAccountsKeysListCall) KeyTypes(keyTypes ...string) *ProjectsServiceAccountsKeysListCall {
 14698  	c.urlParams_.SetMulti("keyTypes", append([]string{}, keyTypes...))
 14699  	return c
 14700  }
 14701  
 14702  // Fields allows partial responses to be retrieved. See
 14703  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14704  // details.
 14705  func (c *ProjectsServiceAccountsKeysListCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysListCall {
 14706  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14707  	return c
 14708  }
 14709  
 14710  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 14711  // object's ETag matches the given value. This is useful for getting updates
 14712  // only after the object has changed since the last request.
 14713  func (c *ProjectsServiceAccountsKeysListCall) IfNoneMatch(entityTag string) *ProjectsServiceAccountsKeysListCall {
 14714  	c.ifNoneMatch_ = entityTag
 14715  	return c
 14716  }
 14717  
 14718  // Context sets the context to be used in this call's Do method.
 14719  func (c *ProjectsServiceAccountsKeysListCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysListCall {
 14720  	c.ctx_ = ctx
 14721  	return c
 14722  }
 14723  
 14724  // Header returns a http.Header that can be modified by the caller to add
 14725  // headers to the request.
 14726  func (c *ProjectsServiceAccountsKeysListCall) Header() http.Header {
 14727  	if c.header_ == nil {
 14728  		c.header_ = make(http.Header)
 14729  	}
 14730  	return c.header_
 14731  }
 14732  
 14733  func (c *ProjectsServiceAccountsKeysListCall) doRequest(alt string) (*http.Response, error) {
 14734  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 14735  	if c.ifNoneMatch_ != "" {
 14736  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 14737  	}
 14738  	var body io.Reader = nil
 14739  	c.urlParams_.Set("alt", alt)
 14740  	c.urlParams_.Set("prettyPrint", "false")
 14741  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys")
 14742  	urls += "?" + c.urlParams_.Encode()
 14743  	req, err := http.NewRequest("GET", urls, body)
 14744  	if err != nil {
 14745  		return nil, err
 14746  	}
 14747  	req.Header = reqHeaders
 14748  	googleapi.Expand(req.URL, map[string]string{
 14749  		"name": c.name,
 14750  	})
 14751  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14752  }
 14753  
 14754  // Do executes the "iam.projects.serviceAccounts.keys.list" call.
 14755  // Any non-2xx status code is an error. Response headers are in either
 14756  // *ListServiceAccountKeysResponse.ServerResponse.Header or (if a response was
 14757  // returned at all) in error.(*googleapi.Error).Header. Use
 14758  // googleapi.IsNotModified to check whether the returned error was because
 14759  // http.StatusNotModified was returned.
 14760  func (c *ProjectsServiceAccountsKeysListCall) Do(opts ...googleapi.CallOption) (*ListServiceAccountKeysResponse, error) {
 14761  	gensupport.SetOptions(c.urlParams_, opts...)
 14762  	res, err := c.doRequest("json")
 14763  	if res != nil && res.StatusCode == http.StatusNotModified {
 14764  		if res.Body != nil {
 14765  			res.Body.Close()
 14766  		}
 14767  		return nil, gensupport.WrapError(&googleapi.Error{
 14768  			Code:   res.StatusCode,
 14769  			Header: res.Header,
 14770  		})
 14771  	}
 14772  	if err != nil {
 14773  		return nil, err
 14774  	}
 14775  	defer googleapi.CloseBody(res)
 14776  	if err := googleapi.CheckResponse(res); err != nil {
 14777  		return nil, gensupport.WrapError(err)
 14778  	}
 14779  	ret := &ListServiceAccountKeysResponse{
 14780  		ServerResponse: googleapi.ServerResponse{
 14781  			Header:         res.Header,
 14782  			HTTPStatusCode: res.StatusCode,
 14783  		},
 14784  	}
 14785  	target := &ret
 14786  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14787  		return nil, err
 14788  	}
 14789  	return ret, nil
 14790  }
 14791  
 14792  type ProjectsServiceAccountsKeysPatchCall struct {
 14793  	s                             *Service
 14794  	name                          string
 14795  	patchserviceaccountkeyrequest *PatchServiceAccountKeyRequest
 14796  	urlParams_                    gensupport.URLParams
 14797  	ctx_                          context.Context
 14798  	header_                       http.Header
 14799  }
 14800  
 14801  // Patch: Patches a ServiceAccountKey.
 14802  //
 14803  //   - name: The resource name of the service account key in the following format
 14804  //     `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.
 14805  func (r *ProjectsServiceAccountsKeysService) Patch(name string, patchserviceaccountkeyrequest *PatchServiceAccountKeyRequest) *ProjectsServiceAccountsKeysPatchCall {
 14806  	c := &ProjectsServiceAccountsKeysPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14807  	c.name = name
 14808  	c.patchserviceaccountkeyrequest = patchserviceaccountkeyrequest
 14809  	return c
 14810  }
 14811  
 14812  // Fields allows partial responses to be retrieved. See
 14813  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14814  // details.
 14815  func (c *ProjectsServiceAccountsKeysPatchCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysPatchCall {
 14816  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14817  	return c
 14818  }
 14819  
 14820  // Context sets the context to be used in this call's Do method.
 14821  func (c *ProjectsServiceAccountsKeysPatchCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysPatchCall {
 14822  	c.ctx_ = ctx
 14823  	return c
 14824  }
 14825  
 14826  // Header returns a http.Header that can be modified by the caller to add
 14827  // headers to the request.
 14828  func (c *ProjectsServiceAccountsKeysPatchCall) Header() http.Header {
 14829  	if c.header_ == nil {
 14830  		c.header_ = make(http.Header)
 14831  	}
 14832  	return c.header_
 14833  }
 14834  
 14835  func (c *ProjectsServiceAccountsKeysPatchCall) doRequest(alt string) (*http.Response, error) {
 14836  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 14837  	var body io.Reader = nil
 14838  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.patchserviceaccountkeyrequest)
 14839  	if err != nil {
 14840  		return nil, err
 14841  	}
 14842  	c.urlParams_.Set("alt", alt)
 14843  	c.urlParams_.Set("prettyPrint", "false")
 14844  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:patch")
 14845  	urls += "?" + c.urlParams_.Encode()
 14846  	req, err := http.NewRequest("POST", urls, body)
 14847  	if err != nil {
 14848  		return nil, err
 14849  	}
 14850  	req.Header = reqHeaders
 14851  	googleapi.Expand(req.URL, map[string]string{
 14852  		"name": c.name,
 14853  	})
 14854  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14855  }
 14856  
 14857  // Do executes the "iam.projects.serviceAccounts.keys.patch" call.
 14858  // Any non-2xx status code is an error. Response headers are in either
 14859  // *ServiceAccountKey.ServerResponse.Header or (if a response was returned at
 14860  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 14861  // check whether the returned error was because http.StatusNotModified was
 14862  // returned.
 14863  func (c *ProjectsServiceAccountsKeysPatchCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) {
 14864  	gensupport.SetOptions(c.urlParams_, opts...)
 14865  	res, err := c.doRequest("json")
 14866  	if res != nil && res.StatusCode == http.StatusNotModified {
 14867  		if res.Body != nil {
 14868  			res.Body.Close()
 14869  		}
 14870  		return nil, gensupport.WrapError(&googleapi.Error{
 14871  			Code:   res.StatusCode,
 14872  			Header: res.Header,
 14873  		})
 14874  	}
 14875  	if err != nil {
 14876  		return nil, err
 14877  	}
 14878  	defer googleapi.CloseBody(res)
 14879  	if err := googleapi.CheckResponse(res); err != nil {
 14880  		return nil, gensupport.WrapError(err)
 14881  	}
 14882  	ret := &ServiceAccountKey{
 14883  		ServerResponse: googleapi.ServerResponse{
 14884  			Header:         res.Header,
 14885  			HTTPStatusCode: res.StatusCode,
 14886  		},
 14887  	}
 14888  	target := &ret
 14889  	if err := gensupport.DecodeResponse(target, res); err != nil {
 14890  		return nil, err
 14891  	}
 14892  	return ret, nil
 14893  }
 14894  
 14895  type ProjectsServiceAccountsKeysUploadCall struct {
 14896  	s                              *Service
 14897  	name                           string
 14898  	uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest
 14899  	urlParams_                     gensupport.URLParams
 14900  	ctx_                           context.Context
 14901  	header_                        http.Header
 14902  }
 14903  
 14904  // Upload: Uploads the public key portion of a key pair that you manage, and
 14905  // associates the public key with a ServiceAccount. After you upload the public
 14906  // key, you can use the private key from the key pair as a service account key.
 14907  //
 14908  //   - name: The resource name of the service account key. Use one of the
 14909  //     following formats: *
 14910  //     `projects/{PROJECT_ID}/serviceAccounts/{EMAIL_ADDRESS}` *
 14911  //     `projects/{PROJECT_ID}/serviceAccounts/{UNIQUE_ID}` As an alternative, you
 14912  //     can use the `-` wildcard character instead of the project ID: *
 14913  //     `projects/-/serviceAccounts/{EMAIL_ADDRESS}` *
 14914  //     `projects/-/serviceAccounts/{UNIQUE_ID}` When possible, avoid using the
 14915  //     `-` wildcard character, because it can cause response messages to contain
 14916  //     misleading error codes. For example, if you try to access the service
 14917  //     account `projects/-/serviceAccounts/fake@example.com`, which does not
 14918  //     exist, the response contains an HTTP `403 Forbidden` error instead of a
 14919  //     `404 Not Found` error.
 14920  func (r *ProjectsServiceAccountsKeysService) Upload(name string, uploadserviceaccountkeyrequest *UploadServiceAccountKeyRequest) *ProjectsServiceAccountsKeysUploadCall {
 14921  	c := &ProjectsServiceAccountsKeysUploadCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 14922  	c.name = name
 14923  	c.uploadserviceaccountkeyrequest = uploadserviceaccountkeyrequest
 14924  	return c
 14925  }
 14926  
 14927  // Fields allows partial responses to be retrieved. See
 14928  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 14929  // details.
 14930  func (c *ProjectsServiceAccountsKeysUploadCall) Fields(s ...googleapi.Field) *ProjectsServiceAccountsKeysUploadCall {
 14931  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 14932  	return c
 14933  }
 14934  
 14935  // Context sets the context to be used in this call's Do method.
 14936  func (c *ProjectsServiceAccountsKeysUploadCall) Context(ctx context.Context) *ProjectsServiceAccountsKeysUploadCall {
 14937  	c.ctx_ = ctx
 14938  	return c
 14939  }
 14940  
 14941  // Header returns a http.Header that can be modified by the caller to add
 14942  // headers to the request.
 14943  func (c *ProjectsServiceAccountsKeysUploadCall) Header() http.Header {
 14944  	if c.header_ == nil {
 14945  		c.header_ = make(http.Header)
 14946  	}
 14947  	return c.header_
 14948  }
 14949  
 14950  func (c *ProjectsServiceAccountsKeysUploadCall) doRequest(alt string) (*http.Response, error) {
 14951  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 14952  	var body io.Reader = nil
 14953  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.uploadserviceaccountkeyrequest)
 14954  	if err != nil {
 14955  		return nil, err
 14956  	}
 14957  	c.urlParams_.Set("alt", alt)
 14958  	c.urlParams_.Set("prettyPrint", "false")
 14959  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/keys:upload")
 14960  	urls += "?" + c.urlParams_.Encode()
 14961  	req, err := http.NewRequest("POST", urls, body)
 14962  	if err != nil {
 14963  		return nil, err
 14964  	}
 14965  	req.Header = reqHeaders
 14966  	googleapi.Expand(req.URL, map[string]string{
 14967  		"name": c.name,
 14968  	})
 14969  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 14970  }
 14971  
 14972  // Do executes the "iam.projects.serviceAccounts.keys.upload" call.
 14973  // Any non-2xx status code is an error. Response headers are in either
 14974  // *ServiceAccountKey.ServerResponse.Header or (if a response was returned at
 14975  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 14976  // check whether the returned error was because http.StatusNotModified was
 14977  // returned.
 14978  func (c *ProjectsServiceAccountsKeysUploadCall) Do(opts ...googleapi.CallOption) (*ServiceAccountKey, error) {
 14979  	gensupport.SetOptions(c.urlParams_, opts...)
 14980  	res, err := c.doRequest("json")
 14981  	if res != nil && res.StatusCode == http.StatusNotModified {
 14982  		if res.Body != nil {
 14983  			res.Body.Close()
 14984  		}
 14985  		return nil, gensupport.WrapError(&googleapi.Error{
 14986  			Code:   res.StatusCode,
 14987  			Header: res.Header,
 14988  		})
 14989  	}
 14990  	if err != nil {
 14991  		return nil, err
 14992  	}
 14993  	defer googleapi.CloseBody(res)
 14994  	if err := googleapi.CheckResponse(res); err != nil {
 14995  		return nil, gensupport.WrapError(err)
 14996  	}
 14997  	ret := &ServiceAccountKey{
 14998  		ServerResponse: googleapi.ServerResponse{
 14999  			Header:         res.Header,
 15000  			HTTPStatusCode: res.StatusCode,
 15001  		},
 15002  	}
 15003  	target := &ret
 15004  	if err := gensupport.DecodeResponse(target, res); err != nil {
 15005  		return nil, err
 15006  	}
 15007  	return ret, nil
 15008  }
 15009  
 15010  type RolesGetCall struct {
 15011  	s            *Service
 15012  	name         string
 15013  	urlParams_   gensupport.URLParams
 15014  	ifNoneMatch_ string
 15015  	ctx_         context.Context
 15016  	header_      http.Header
 15017  }
 15018  
 15019  // Get: Gets the definition of a Role.
 15020  //
 15021  //   - name: The `name` parameter's value depends on the target resource for the
 15022  //     request, namely `roles`
 15023  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles), `projects`
 15024  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or
 15025  //     `organizations`
 15026  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 15027  //     Each resource type's `name` value format is described below: *
 15028  //     `roles.get()`
 15029  //     (https://cloud.google.com/iam/docs/reference/rest/v1/roles/get):
 15030  //     `roles/{ROLE_NAME}`. This method returns results from all predefined roles
 15031  //     (https://cloud.google.com/iam/docs/understanding-roles#predefined_roles)
 15032  //     in IAM. Example request URL:
 15033  //     `https://iam.googleapis.com/v1/roles/{ROLE_NAME}` * `projects.roles.get()`
 15034  //     (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/get):
 15035  //     `projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}`. This method returns only
 15036  //     custom roles
 15037  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 15038  //     been created at the project level. Example request URL:
 15039  //     `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles/{CUSTOM_ROLE_ID}
 15040  //     ` * `organizations.roles.get()`
 15041  //     (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/get):
 15042  //     `organizations/{ORGANIZATION_ID}/roles/{CUSTOM_ROLE_ID}`. This method
 15043  //     returns only custom roles
 15044  //     (https://cloud.google.com/iam/docs/understanding-custom-roles) that have
 15045  //     been created at the organization level. Example request URL:
 15046  //     `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles/{CUSTO
 15047  //     M_ROLE_ID}` Note: Wildcard (*) values are invalid; you must specify a
 15048  //     complete project ID or organization ID.
 15049  func (r *RolesService) Get(name string) *RolesGetCall {
 15050  	c := &RolesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 15051  	c.name = name
 15052  	return c
 15053  }
 15054  
 15055  // Fields allows partial responses to be retrieved. See
 15056  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 15057  // details.
 15058  func (c *RolesGetCall) Fields(s ...googleapi.Field) *RolesGetCall {
 15059  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 15060  	return c
 15061  }
 15062  
 15063  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 15064  // object's ETag matches the given value. This is useful for getting updates
 15065  // only after the object has changed since the last request.
 15066  func (c *RolesGetCall) IfNoneMatch(entityTag string) *RolesGetCall {
 15067  	c.ifNoneMatch_ = entityTag
 15068  	return c
 15069  }
 15070  
 15071  // Context sets the context to be used in this call's Do method.
 15072  func (c *RolesGetCall) Context(ctx context.Context) *RolesGetCall {
 15073  	c.ctx_ = ctx
 15074  	return c
 15075  }
 15076  
 15077  // Header returns a http.Header that can be modified by the caller to add
 15078  // headers to the request.
 15079  func (c *RolesGetCall) Header() http.Header {
 15080  	if c.header_ == nil {
 15081  		c.header_ = make(http.Header)
 15082  	}
 15083  	return c.header_
 15084  }
 15085  
 15086  func (c *RolesGetCall) doRequest(alt string) (*http.Response, error) {
 15087  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 15088  	if c.ifNoneMatch_ != "" {
 15089  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 15090  	}
 15091  	var body io.Reader = nil
 15092  	c.urlParams_.Set("alt", alt)
 15093  	c.urlParams_.Set("prettyPrint", "false")
 15094  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
 15095  	urls += "?" + c.urlParams_.Encode()
 15096  	req, err := http.NewRequest("GET", urls, body)
 15097  	if err != nil {
 15098  		return nil, err
 15099  	}
 15100  	req.Header = reqHeaders
 15101  	googleapi.Expand(req.URL, map[string]string{
 15102  		"name": c.name,
 15103  	})
 15104  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 15105  }
 15106  
 15107  // Do executes the "iam.roles.get" call.
 15108  // Any non-2xx status code is an error. Response headers are in either
 15109  // *Role.ServerResponse.Header or (if a response was returned at all) in
 15110  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
 15111  // whether the returned error was because http.StatusNotModified was returned.
 15112  func (c *RolesGetCall) Do(opts ...googleapi.CallOption) (*Role, error) {
 15113  	gensupport.SetOptions(c.urlParams_, opts...)
 15114  	res, err := c.doRequest("json")
 15115  	if res != nil && res.StatusCode == http.StatusNotModified {
 15116  		if res.Body != nil {
 15117  			res.Body.Close()
 15118  		}
 15119  		return nil, gensupport.WrapError(&googleapi.Error{
 15120  			Code:   res.StatusCode,
 15121  			Header: res.Header,
 15122  		})
 15123  	}
 15124  	if err != nil {
 15125  		return nil, err
 15126  	}
 15127  	defer googleapi.CloseBody(res)
 15128  	if err := googleapi.CheckResponse(res); err != nil {
 15129  		return nil, gensupport.WrapError(err)
 15130  	}
 15131  	ret := &Role{
 15132  		ServerResponse: googleapi.ServerResponse{
 15133  			Header:         res.Header,
 15134  			HTTPStatusCode: res.StatusCode,
 15135  		},
 15136  	}
 15137  	target := &ret
 15138  	if err := gensupport.DecodeResponse(target, res); err != nil {
 15139  		return nil, err
 15140  	}
 15141  	return ret, nil
 15142  }
 15143  
 15144  type RolesListCall struct {
 15145  	s            *Service
 15146  	urlParams_   gensupport.URLParams
 15147  	ifNoneMatch_ string
 15148  	ctx_         context.Context
 15149  	header_      http.Header
 15150  }
 15151  
 15152  // List: Lists every predefined Role that IAM supports, or every custom role
 15153  // that is defined for an organization or project.
 15154  func (r *RolesService) List() *RolesListCall {
 15155  	c := &RolesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 15156  	return c
 15157  }
 15158  
 15159  // PageSize sets the optional parameter "pageSize": Optional limit on the
 15160  // number of roles to include in the response. The default is 300, and the
 15161  // maximum is 1,000.
 15162  func (c *RolesListCall) PageSize(pageSize int64) *RolesListCall {
 15163  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
 15164  	return c
 15165  }
 15166  
 15167  // PageToken sets the optional parameter "pageToken": Optional pagination token
 15168  // returned in an earlier ListRolesResponse.
 15169  func (c *RolesListCall) PageToken(pageToken string) *RolesListCall {
 15170  	c.urlParams_.Set("pageToken", pageToken)
 15171  	return c
 15172  }
 15173  
 15174  // Parent sets the optional parameter "parent": The `parent` parameter's value
 15175  // depends on the target resource for the request, namely `roles`
 15176  // (https://cloud.google.com/iam/docs/reference/rest/v1/roles), `projects`
 15177  // (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles), or
 15178  // `organizations`
 15179  // (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles).
 15180  // Each resource type's `parent` value format is described below: *
 15181  // `roles.list()`
 15182  // (https://cloud.google.com/iam/docs/reference/rest/v1/roles/list): An empty
 15183  // string. This method doesn't require a resource; it simply returns all
 15184  // predefined roles
 15185  // (https://cloud.google.com/iam/docs/understanding-roles#predefined_roles) in
 15186  // IAM. Example request URL: `https://iam.googleapis.com/v1/roles` *
 15187  // `projects.roles.list()`
 15188  // (https://cloud.google.com/iam/docs/reference/rest/v1/projects.roles/list):
 15189  // `projects/{PROJECT_ID}`. This method lists all project-level custom roles
 15190  // (https://cloud.google.com/iam/docs/understanding-custom-roles). Example
 15191  // request URL: `https://iam.googleapis.com/v1/projects/{PROJECT_ID}/roles` *
 15192  // `organizations.roles.list()`
 15193  // (https://cloud.google.com/iam/docs/reference/rest/v1/organizations.roles/list):
 15194  // `organizations/{ORGANIZATION_ID}`. This method lists all organization-level
 15195  // custom roles (https://cloud.google.com/iam/docs/understanding-custom-roles).
 15196  // Example request URL:
 15197  // `https://iam.googleapis.com/v1/organizations/{ORGANIZATION_ID}/roles` Note:
 15198  // Wildcard (*) values are invalid; you must specify a complete project ID or
 15199  // organization ID.
 15200  func (c *RolesListCall) Parent(parent string) *RolesListCall {
 15201  	c.urlParams_.Set("parent", parent)
 15202  	return c
 15203  }
 15204  
 15205  // ShowDeleted sets the optional parameter "showDeleted": Include Roles that
 15206  // have been deleted.
 15207  func (c *RolesListCall) ShowDeleted(showDeleted bool) *RolesListCall {
 15208  	c.urlParams_.Set("showDeleted", fmt.Sprint(showDeleted))
 15209  	return c
 15210  }
 15211  
 15212  // View sets the optional parameter "view": Optional view for the returned Role
 15213  // objects. When `FULL` is specified, the `includedPermissions` field is
 15214  // returned, which includes a list of all permissions in the role. The default
 15215  // value is `BASIC`, which does not return the `includedPermissions` field.
 15216  //
 15217  // Possible values:
 15218  //
 15219  //	"BASIC" - Omits the `included_permissions` field. This is the default
 15220  //
 15221  // value.
 15222  //
 15223  //	"FULL" - Returns all fields.
 15224  func (c *RolesListCall) View(view string) *RolesListCall {
 15225  	c.urlParams_.Set("view", view)
 15226  	return c
 15227  }
 15228  
 15229  // Fields allows partial responses to be retrieved. See
 15230  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 15231  // details.
 15232  func (c *RolesListCall) Fields(s ...googleapi.Field) *RolesListCall {
 15233  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 15234  	return c
 15235  }
 15236  
 15237  // IfNoneMatch sets an optional parameter which makes the operation fail if the
 15238  // object's ETag matches the given value. This is useful for getting updates
 15239  // only after the object has changed since the last request.
 15240  func (c *RolesListCall) IfNoneMatch(entityTag string) *RolesListCall {
 15241  	c.ifNoneMatch_ = entityTag
 15242  	return c
 15243  }
 15244  
 15245  // Context sets the context to be used in this call's Do method.
 15246  func (c *RolesListCall) Context(ctx context.Context) *RolesListCall {
 15247  	c.ctx_ = ctx
 15248  	return c
 15249  }
 15250  
 15251  // Header returns a http.Header that can be modified by the caller to add
 15252  // headers to the request.
 15253  func (c *RolesListCall) Header() http.Header {
 15254  	if c.header_ == nil {
 15255  		c.header_ = make(http.Header)
 15256  	}
 15257  	return c.header_
 15258  }
 15259  
 15260  func (c *RolesListCall) doRequest(alt string) (*http.Response, error) {
 15261  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
 15262  	if c.ifNoneMatch_ != "" {
 15263  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
 15264  	}
 15265  	var body io.Reader = nil
 15266  	c.urlParams_.Set("alt", alt)
 15267  	c.urlParams_.Set("prettyPrint", "false")
 15268  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles")
 15269  	urls += "?" + c.urlParams_.Encode()
 15270  	req, err := http.NewRequest("GET", urls, body)
 15271  	if err != nil {
 15272  		return nil, err
 15273  	}
 15274  	req.Header = reqHeaders
 15275  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 15276  }
 15277  
 15278  // Do executes the "iam.roles.list" call.
 15279  // Any non-2xx status code is an error. Response headers are in either
 15280  // *ListRolesResponse.ServerResponse.Header or (if a response was returned at
 15281  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
 15282  // check whether the returned error was because http.StatusNotModified was
 15283  // returned.
 15284  func (c *RolesListCall) Do(opts ...googleapi.CallOption) (*ListRolesResponse, error) {
 15285  	gensupport.SetOptions(c.urlParams_, opts...)
 15286  	res, err := c.doRequest("json")
 15287  	if res != nil && res.StatusCode == http.StatusNotModified {
 15288  		if res.Body != nil {
 15289  			res.Body.Close()
 15290  		}
 15291  		return nil, gensupport.WrapError(&googleapi.Error{
 15292  			Code:   res.StatusCode,
 15293  			Header: res.Header,
 15294  		})
 15295  	}
 15296  	if err != nil {
 15297  		return nil, err
 15298  	}
 15299  	defer googleapi.CloseBody(res)
 15300  	if err := googleapi.CheckResponse(res); err != nil {
 15301  		return nil, gensupport.WrapError(err)
 15302  	}
 15303  	ret := &ListRolesResponse{
 15304  		ServerResponse: googleapi.ServerResponse{
 15305  			Header:         res.Header,
 15306  			HTTPStatusCode: res.StatusCode,
 15307  		},
 15308  	}
 15309  	target := &ret
 15310  	if err := gensupport.DecodeResponse(target, res); err != nil {
 15311  		return nil, err
 15312  	}
 15313  	return ret, nil
 15314  }
 15315  
 15316  // Pages invokes f for each page of results.
 15317  // A non-nil error returned from f will halt the iteration.
 15318  // The provided context supersedes any context provided to the Context method.
 15319  func (c *RolesListCall) Pages(ctx context.Context, f func(*ListRolesResponse) error) error {
 15320  	c.ctx_ = ctx
 15321  	defer c.PageToken(c.urlParams_.Get("pageToken"))
 15322  	for {
 15323  		x, err := c.Do()
 15324  		if err != nil {
 15325  			return err
 15326  		}
 15327  		if err := f(x); err != nil {
 15328  			return err
 15329  		}
 15330  		if x.NextPageToken == "" {
 15331  			return nil
 15332  		}
 15333  		c.PageToken(x.NextPageToken)
 15334  	}
 15335  }
 15336  
 15337  type RolesQueryGrantableRolesCall struct {
 15338  	s                          *Service
 15339  	querygrantablerolesrequest *QueryGrantableRolesRequest
 15340  	urlParams_                 gensupport.URLParams
 15341  	ctx_                       context.Context
 15342  	header_                    http.Header
 15343  }
 15344  
 15345  // QueryGrantableRoles: Lists roles that can be granted on a Google Cloud
 15346  // resource. A role is grantable if the IAM policy for the resource can contain
 15347  // bindings to the role.
 15348  func (r *RolesService) QueryGrantableRoles(querygrantablerolesrequest *QueryGrantableRolesRequest) *RolesQueryGrantableRolesCall {
 15349  	c := &RolesQueryGrantableRolesCall{s: r.s, urlParams_: make(gensupport.URLParams)}
 15350  	c.querygrantablerolesrequest = querygrantablerolesrequest
 15351  	return c
 15352  }
 15353  
 15354  // Fields allows partial responses to be retrieved. See
 15355  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
 15356  // details.
 15357  func (c *RolesQueryGrantableRolesCall) Fields(s ...googleapi.Field) *RolesQueryGrantableRolesCall {
 15358  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
 15359  	return c
 15360  }
 15361  
 15362  // Context sets the context to be used in this call's Do method.
 15363  func (c *RolesQueryGrantableRolesCall) Context(ctx context.Context) *RolesQueryGrantableRolesCall {
 15364  	c.ctx_ = ctx
 15365  	return c
 15366  }
 15367  
 15368  // Header returns a http.Header that can be modified by the caller to add
 15369  // headers to the request.
 15370  func (c *RolesQueryGrantableRolesCall) Header() http.Header {
 15371  	if c.header_ == nil {
 15372  		c.header_ = make(http.Header)
 15373  	}
 15374  	return c.header_
 15375  }
 15376  
 15377  func (c *RolesQueryGrantableRolesCall) doRequest(alt string) (*http.Response, error) {
 15378  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
 15379  	var body io.Reader = nil
 15380  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.querygrantablerolesrequest)
 15381  	if err != nil {
 15382  		return nil, err
 15383  	}
 15384  	c.urlParams_.Set("alt", alt)
 15385  	c.urlParams_.Set("prettyPrint", "false")
 15386  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/roles:queryGrantableRoles")
 15387  	urls += "?" + c.urlParams_.Encode()
 15388  	req, err := http.NewRequest("POST", urls, body)
 15389  	if err != nil {
 15390  		return nil, err
 15391  	}
 15392  	req.Header = reqHeaders
 15393  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
 15394  }
 15395  
 15396  // Do executes the "iam.roles.queryGrantableRoles" call.
 15397  // Any non-2xx status code is an error. Response headers are in either
 15398  // *QueryGrantableRolesResponse.ServerResponse.Header or (if a response was
 15399  // returned at all) in error.(*googleapi.Error).Header. Use
 15400  // googleapi.IsNotModified to check whether the returned error was because
 15401  // http.StatusNotModified was returned.
 15402  func (c *RolesQueryGrantableRolesCall) Do(opts ...googleapi.CallOption) (*QueryGrantableRolesResponse, error) {
 15403  	gensupport.SetOptions(c.urlParams_, opts...)
 15404  	res, err := c.doRequest("json")
 15405  	if res != nil && res.StatusCode == http.StatusNotModified {
 15406  		if res.Body != nil {
 15407  			res.Body.Close()
 15408  		}
 15409  		return nil, gensupport.WrapError(&googleapi.Error{
 15410  			Code:   res.StatusCode,
 15411  			Header: res.Header,
 15412  		})
 15413  	}
 15414  	if err != nil {
 15415  		return nil, err
 15416  	}
 15417  	defer googleapi.CloseBody(res)
 15418  	if err := googleapi.CheckResponse(res); err != nil {
 15419  		return nil, gensupport.WrapError(err)
 15420  	}
 15421  	ret := &QueryGrantableRolesResponse{
 15422  		ServerResponse: googleapi.ServerResponse{
 15423  			Header:         res.Header,
 15424  			HTTPStatusCode: res.StatusCode,
 15425  		},
 15426  	}
 15427  	target := &ret
 15428  	if err := gensupport.DecodeResponse(target, res); err != nil {
 15429  		return nil, err
 15430  	}
 15431  	return ret, nil
 15432  }
 15433  
 15434  // Pages invokes f for each page of results.
 15435  // A non-nil error returned from f will halt the iteration.
 15436  // The provided context supersedes any context provided to the Context method.
 15437  func (c *RolesQueryGrantableRolesCall) Pages(ctx context.Context, f func(*QueryGrantableRolesResponse) error) error {
 15438  	c.ctx_ = ctx
 15439  	defer func(pt string) { c.querygrantablerolesrequest.PageToken = pt }(c.querygrantablerolesrequest.PageToken)
 15440  	for {
 15441  		x, err := c.Do()
 15442  		if err != nil {
 15443  			return err
 15444  		}
 15445  		if err := f(x); err != nil {
 15446  			return err
 15447  		}
 15448  		if x.NextPageToken == "" {
 15449  			return nil
 15450  		}
 15451  		c.querygrantablerolesrequest.PageToken = x.NextPageToken
 15452  	}
 15453  }
 15454
View as plain text