▽

Source file src/google.golang.org/api/privateca/v1/privateca-gen.go

Documentation: google.golang.org/api/privateca/v1

     1  // Copyright 2024 Google LLC.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // Code generated file. DO NOT EDIT.
     6  
     7  // Package privateca provides access to the Certificate Authority API.
     8  //
     9  // For product documentation, see: https://cloud.google.com/
    10  //
    11  // # Library status
    12  //
    13  // These client libraries are officially supported by Google. However, this
    14  // library is considered complete and is in maintenance mode. This means
    15  // that we will address critical bugs and security issues but will not add
    16  // any new features.
    17  //
    18  // When possible, we recommend using our newer
    19  // [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go)
    20  // that are still actively being worked and iterated on.
    21  //
    22  // # Creating a client
    23  //
    24  // Usage example:
    25  //
    26  //	import "google.golang.org/api/privateca/v1"
    27  //	...
    28  //	ctx := context.Background()
    29  //	privatecaService, err := privateca.NewService(ctx)
    30  //
    31  // In this example, Google Application Default Credentials are used for
    32  // authentication. For information on how to create and obtain Application
    33  // Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
    34  //
    35  // # Other authentication options
    36  //
    37  // To use an API key for authentication (note: some APIs do not support API
    38  // keys), use [google.golang.org/api/option.WithAPIKey]:
    39  //
    40  //	privatecaService, err := privateca.NewService(ctx, option.WithAPIKey("AIza..."))
    41  //
    42  // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth
    43  // flow, use [google.golang.org/api/option.WithTokenSource]:
    44  //
    45  //	config := &oauth2.Config{...}
    46  //	// ...
    47  //	token, err := config.Exchange(ctx, ...)
    48  //	privatecaService, err := privateca.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
    49  //
    50  // See [google.golang.org/api/option.ClientOption] for details on options.
    51  package privateca // import "google.golang.org/api/privateca/v1"
    52  
    53  import (
    54  	"bytes"
    55  	"context"
    56  	"encoding/json"
    57  	"errors"
    58  	"fmt"
    59  	"io"
    60  	"net/http"
    61  	"net/url"
    62  	"strconv"
    63  	"strings"
    64  
    65  	googleapi "google.golang.org/api/googleapi"
    66  	internal "google.golang.org/api/internal"
    67  	gensupport "google.golang.org/api/internal/gensupport"
    68  	option "google.golang.org/api/option"
    69  	internaloption "google.golang.org/api/option/internaloption"
    70  	htransport "google.golang.org/api/transport/http"
    71  )
    72  
    73  // Always reference these packages, just in case the auto-generated code
    74  // below doesn't.
    75  var _ = bytes.NewBuffer
    76  var _ = strconv.Itoa
    77  var _ = fmt.Sprintf
    78  var _ = json.NewDecoder
    79  var _ = io.Copy
    80  var _ = url.Parse
    81  var _ = gensupport.MarshalJSON
    82  var _ = googleapi.Version
    83  var _ = errors.New
    84  var _ = strings.Replace
    85  var _ = context.Canceled
    86  var _ = internaloption.WithDefaultEndpoint
    87  var _ = internal.Version
    88  
    89  const apiId = "privateca:v1"
    90  const apiName = "privateca"
    91  const apiVersion = "v1"
    92  const basePath = "https://privateca.googleapis.com/"
    93  const basePathTemplate = "https://privateca.UNIVERSE_DOMAIN/"
    94  const mtlsBasePath = "https://privateca.mtls.googleapis.com/"
    95  
    96  // OAuth2 scopes used by this API.
    97  const (
    98  	// See, edit, configure, and delete your Google Cloud data and see the email
    99  	// address for your Google Account.
   100  	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
   101  )
   102  
   103  // NewService creates a new Service.
   104  func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
   105  	scopesOption := internaloption.WithDefaultScopes(
   106  		"https://www.googleapis.com/auth/cloud-platform",
   107  	)
   108  	// NOTE: prepend, so we don't override user-specified scopes.
   109  	opts = append([]option.ClientOption{scopesOption}, opts...)
   110  	opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
   111  	opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate))
   112  	opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
   113  	opts = append(opts, internaloption.EnableNewAuthLibrary())
   114  	client, endpoint, err := htransport.NewClient(ctx, opts...)
   115  	if err != nil {
   116  		return nil, err
   117  	}
   118  	s, err := New(client)
   119  	if err != nil {
   120  		return nil, err
   121  	}
   122  	if endpoint != "" {
   123  		s.BasePath = endpoint
   124  	}
   125  	return s, nil
   126  }
   127  
   128  // New creates a new Service. It uses the provided http.Client for requests.
   129  //
   130  // Deprecated: please use NewService instead.
   131  // To provide a custom HTTP client, use option.WithHTTPClient.
   132  // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
   133  func New(client *http.Client) (*Service, error) {
   134  	if client == nil {
   135  		return nil, errors.New("client is nil")
   136  	}
   137  	s := &Service{client: client, BasePath: basePath}
   138  	s.Projects = NewProjectsService(s)
   139  	return s, nil
   140  }
   141  
   142  type Service struct {
   143  	client    *http.Client
   144  	BasePath  string // API endpoint base URL
   145  	UserAgent string // optional additional User-Agent fragment
   146  
   147  	Projects *ProjectsService
   148  }
   149  
   150  func (s *Service) userAgent() string {
   151  	if s.UserAgent == "" {
   152  		return googleapi.UserAgent
   153  	}
   154  	return googleapi.UserAgent + " " + s.UserAgent
   155  }
   156  
   157  func NewProjectsService(s *Service) *ProjectsService {
   158  	rs := &ProjectsService{s: s}
   159  	rs.Locations = NewProjectsLocationsService(s)
   160  	return rs
   161  }
   162  
   163  type ProjectsService struct {
   164  	s *Service
   165  
   166  	Locations *ProjectsLocationsService
   167  }
   168  
   169  func NewProjectsLocationsService(s *Service) *ProjectsLocationsService {
   170  	rs := &ProjectsLocationsService{s: s}
   171  	rs.CaPools = NewProjectsLocationsCaPoolsService(s)
   172  	rs.CertificateTemplates = NewProjectsLocationsCertificateTemplatesService(s)
   173  	rs.Operations = NewProjectsLocationsOperationsService(s)
   174  	return rs
   175  }
   176  
   177  type ProjectsLocationsService struct {
   178  	s *Service
   179  
   180  	CaPools *ProjectsLocationsCaPoolsService
   181  
   182  	CertificateTemplates *ProjectsLocationsCertificateTemplatesService
   183  
   184  	Operations *ProjectsLocationsOperationsService
   185  }
   186  
   187  func NewProjectsLocationsCaPoolsService(s *Service) *ProjectsLocationsCaPoolsService {
   188  	rs := &ProjectsLocationsCaPoolsService{s: s}
   189  	rs.CertificateAuthorities = NewProjectsLocationsCaPoolsCertificateAuthoritiesService(s)
   190  	rs.Certificates = NewProjectsLocationsCaPoolsCertificatesService(s)
   191  	return rs
   192  }
   193  
   194  type ProjectsLocationsCaPoolsService struct {
   195  	s *Service
   196  
   197  	CertificateAuthorities *ProjectsLocationsCaPoolsCertificateAuthoritiesService
   198  
   199  	Certificates *ProjectsLocationsCaPoolsCertificatesService
   200  }
   201  
   202  func NewProjectsLocationsCaPoolsCertificateAuthoritiesService(s *Service) *ProjectsLocationsCaPoolsCertificateAuthoritiesService {
   203  	rs := &ProjectsLocationsCaPoolsCertificateAuthoritiesService{s: s}
   204  	rs.CertificateRevocationLists = NewProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService(s)
   205  	return rs
   206  }
   207  
   208  type ProjectsLocationsCaPoolsCertificateAuthoritiesService struct {
   209  	s *Service
   210  
   211  	CertificateRevocationLists *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService
   212  }
   213  
   214  func NewProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService(s *Service) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService {
   215  	rs := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService{s: s}
   216  	return rs
   217  }
   218  
   219  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService struct {
   220  	s *Service
   221  }
   222  
   223  func NewProjectsLocationsCaPoolsCertificatesService(s *Service) *ProjectsLocationsCaPoolsCertificatesService {
   224  	rs := &ProjectsLocationsCaPoolsCertificatesService{s: s}
   225  	return rs
   226  }
   227  
   228  type ProjectsLocationsCaPoolsCertificatesService struct {
   229  	s *Service
   230  }
   231  
   232  func NewProjectsLocationsCertificateTemplatesService(s *Service) *ProjectsLocationsCertificateTemplatesService {
   233  	rs := &ProjectsLocationsCertificateTemplatesService{s: s}
   234  	return rs
   235  }
   236  
   237  type ProjectsLocationsCertificateTemplatesService struct {
   238  	s *Service
   239  }
   240  
   241  func NewProjectsLocationsOperationsService(s *Service) *ProjectsLocationsOperationsService {
   242  	rs := &ProjectsLocationsOperationsService{s: s}
   243  	return rs
   244  }
   245  
   246  type ProjectsLocationsOperationsService struct {
   247  	s *Service
   248  }
   249  
   250  // AccessUrls: URLs where a CertificateAuthority will publish content.
   251  type AccessUrls struct {
   252  	// CaCertificateAccessUrl: The URL where this CertificateAuthority's CA
   253  	// certificate is published. This will only be set for CAs that have been
   254  	// activated.
   255  	CaCertificateAccessUrl string `json:"caCertificateAccessUrl,omitempty"`
   256  	// CrlAccessUrls: The URLs where this CertificateAuthority's CRLs are
   257  	// published. This will only be set for CAs that have been activated.
   258  	CrlAccessUrls []string `json:"crlAccessUrls,omitempty"`
   259  	// ForceSendFields is a list of field names (e.g. "CaCertificateAccessUrl") to
   260  	// unconditionally include in API requests. By default, fields with empty or
   261  	// default values are omitted from API requests. See
   262  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   263  	// details.
   264  	ForceSendFields []string `json:"-"`
   265  	// NullFields is a list of field names (e.g. "CaCertificateAccessUrl") to
   266  	// include in API requests with the JSON null value. By default, fields with
   267  	// empty values are omitted from API requests. See
   268  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   269  	NullFields []string `json:"-"`
   270  }
   271  
   272  func (s *AccessUrls) MarshalJSON() ([]byte, error) {
   273  	type NoMethod AccessUrls
   274  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   275  }
   276  
   277  // ActivateCertificateAuthorityRequest: Request message for
   278  // CertificateAuthorityService.ActivateCertificateAuthority.
   279  type ActivateCertificateAuthorityRequest struct {
   280  	// PemCaCertificate: Required. The signed CA certificate issued from
   281  	// FetchCertificateAuthorityCsrResponse.pem_csr.
   282  	PemCaCertificate string `json:"pemCaCertificate,omitempty"`
   283  	// RequestId: Optional. An ID to identify requests. Specify a unique request ID
   284  	// so that if you must retry your request, the server will know to ignore the
   285  	// request if it has already been completed. The server will guarantee that for
   286  	// at least 60 minutes since the first request. For example, consider a
   287  	// situation where you make an initial request and the request times out. If
   288  	// you make the request again with the same request ID, the server can check if
   289  	// original operation with the same request ID was received, and if so, will
   290  	// ignore the second request. This prevents clients from accidentally creating
   291  	// duplicate commitments. The request ID must be a valid UUID with the
   292  	// exception that zero UUID is not supported
   293  	// (00000000-0000-0000-0000-000000000000).
   294  	RequestId string `json:"requestId,omitempty"`
   295  	// SubordinateConfig: Required. Must include information about the issuer of
   296  	// 'pem_ca_certificate', and any further issuers until the self-signed CA.
   297  	SubordinateConfig *SubordinateConfig `json:"subordinateConfig,omitempty"`
   298  	// ForceSendFields is a list of field names (e.g. "PemCaCertificate") to
   299  	// unconditionally include in API requests. By default, fields with empty or
   300  	// default values are omitted from API requests. See
   301  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   302  	// details.
   303  	ForceSendFields []string `json:"-"`
   304  	// NullFields is a list of field names (e.g. "PemCaCertificate") to include in
   305  	// API requests with the JSON null value. By default, fields with empty values
   306  	// are omitted from API requests. See
   307  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   308  	NullFields []string `json:"-"`
   309  }
   310  
   311  func (s *ActivateCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
   312  	type NoMethod ActivateCertificateAuthorityRequest
   313  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   314  }
   315  
   316  // AllowedKeyType: Describes a "type" of key that may be used in a Certificate
   317  // issued from a CaPool. Note that a single AllowedKeyType may refer to either
   318  // a fully-qualified key algorithm, such as RSA 4096, or a family of key
   319  // algorithms, such as any RSA key.
   320  type AllowedKeyType struct {
   321  	// EllipticCurve: Represents an allowed Elliptic Curve key type.
   322  	EllipticCurve *EcKeyType `json:"ellipticCurve,omitempty"`
   323  	// Rsa: Represents an allowed RSA key type.
   324  	Rsa *RsaKeyType `json:"rsa,omitempty"`
   325  	// ForceSendFields is a list of field names (e.g. "EllipticCurve") to
   326  	// unconditionally include in API requests. By default, fields with empty or
   327  	// default values are omitted from API requests. See
   328  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   329  	// details.
   330  	ForceSendFields []string `json:"-"`
   331  	// NullFields is a list of field names (e.g. "EllipticCurve") to include in API
   332  	// requests with the JSON null value. By default, fields with empty values are
   333  	// omitted from API requests. See
   334  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   335  	NullFields []string `json:"-"`
   336  }
   337  
   338  func (s *AllowedKeyType) MarshalJSON() ([]byte, error) {
   339  	type NoMethod AllowedKeyType
   340  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   341  }
   342  
   343  // AuditConfig: Specifies the audit configuration for a service. The
   344  // configuration determines which permission types are logged, and what
   345  // identities, if any, are exempted from logging. An AuditConfig must have one
   346  // or more AuditLogConfigs. If there are AuditConfigs for both `allServices`
   347  // and a specific service, the union of the two AuditConfigs is used for that
   348  // service: the log_types specified in each AuditConfig are enabled, and the
   349  // exempted_members in each AuditLogConfig are exempted. Example Policy with
   350  // multiple AuditConfigs: { "audit_configs": [ { "service": "allServices",
   351  // "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [
   352  // "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type":
   353  // "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com",
   354  // "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type":
   355  // "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For
   356  // sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
   357  // logging. It also exempts `jose@example.com` from DATA_READ logging, and
   358  // `aliya@example.com` from DATA_WRITE logging.
   359  type AuditConfig struct {
   360  	// AuditLogConfigs: The configuration for logging of each type of permission.
   361  	AuditLogConfigs []*AuditLogConfig `json:"auditLogConfigs,omitempty"`
   362  	// Service: Specifies a service that will be enabled for audit logging. For
   363  	// example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices`
   364  	// is a special value that covers all services.
   365  	Service string `json:"service,omitempty"`
   366  	// ForceSendFields is a list of field names (e.g. "AuditLogConfigs") to
   367  	// unconditionally include in API requests. By default, fields with empty or
   368  	// default values are omitted from API requests. See
   369  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   370  	// details.
   371  	ForceSendFields []string `json:"-"`
   372  	// NullFields is a list of field names (e.g. "AuditLogConfigs") to include in
   373  	// API requests with the JSON null value. By default, fields with empty values
   374  	// are omitted from API requests. See
   375  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   376  	NullFields []string `json:"-"`
   377  }
   378  
   379  func (s *AuditConfig) MarshalJSON() ([]byte, error) {
   380  	type NoMethod AuditConfig
   381  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   382  }
   383  
   384  // AuditLogConfig: Provides the configuration for logging a type of
   385  // permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ",
   386  // "exempted_members": [ "user:jose@example.com" ] }, { "log_type":
   387  // "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while
   388  // exempting jose@example.com from DATA_READ logging.
   389  type AuditLogConfig struct {
   390  	// ExemptedMembers: Specifies the identities that do not cause logging for this
   391  	// type of permission. Follows the same format of Binding.members.
   392  	ExemptedMembers []string `json:"exemptedMembers,omitempty"`
   393  	// LogType: The log type that this config enables.
   394  	//
   395  	// Possible values:
   396  	//   "LOG_TYPE_UNSPECIFIED" - Default case. Should never be this.
   397  	//   "ADMIN_READ" - Admin reads. Example: CloudIAM getIamPolicy
   398  	//   "DATA_WRITE" - Data writes. Example: CloudSQL Users create
   399  	//   "DATA_READ" - Data reads. Example: CloudSQL Users list
   400  	LogType string `json:"logType,omitempty"`
   401  	// ForceSendFields is a list of field names (e.g. "ExemptedMembers") to
   402  	// unconditionally include in API requests. By default, fields with empty or
   403  	// default values are omitted from API requests. See
   404  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   405  	// details.
   406  	ForceSendFields []string `json:"-"`
   407  	// NullFields is a list of field names (e.g. "ExemptedMembers") to include in
   408  	// API requests with the JSON null value. By default, fields with empty values
   409  	// are omitted from API requests. See
   410  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   411  	NullFields []string `json:"-"`
   412  }
   413  
   414  func (s *AuditLogConfig) MarshalJSON() ([]byte, error) {
   415  	type NoMethod AuditLogConfig
   416  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   417  }
   418  
   419  // Binding: Associates `members`, or principals, with a `role`.
   420  type Binding struct {
   421  	// Condition: The condition that is associated with this binding. If the
   422  	// condition evaluates to `true`, then this binding applies to the current
   423  	// request. If the condition evaluates to `false`, then this binding does not
   424  	// apply to the current request. However, a different role binding might grant
   425  	// the same role to one or more of the principals in this binding. To learn
   426  	// which resources support conditions in their IAM policies, see the IAM
   427  	// documentation
   428  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
   429  	Condition *Expr `json:"condition,omitempty"`
   430  	// Members: Specifies the principals requesting access for a Google Cloud
   431  	// resource. `members` can have the following values: * `allUsers`: A special
   432  	// identifier that represents anyone who is on the internet; with or without a
   433  	// Google account. * `allAuthenticatedUsers`: A special identifier that
   434  	// represents anyone who is authenticated with a Google account or a service
   435  	// account. Does not include identities that come from external identity
   436  	// providers (IdPs) through identity federation. * `user:{emailid}`: An email
   437  	// address that represents a specific Google account. For example,
   438  	// `alice@example.com` . * `serviceAccount:{emailid}`: An email address that
   439  	// represents a Google service account. For example,
   440  	// `my-other-app@appspot.gserviceaccount.com`. *
   441  	// `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An
   442  	// identifier for a Kubernetes service account
   443  	// (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts).
   444  	// For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. *
   445  	// `group:{emailid}`: An email address that represents a Google group. For
   446  	// example, `admins@example.com`. * `domain:{domain}`: The G Suite domain
   447  	// (primary) that represents all the users of that domain. For example,
   448  	// `google.com` or `example.com`. *
   449  	// `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/sub
   450  	// ject/{subject_attribute_value}`: A single identity in a workforce identity
   451  	// pool. *
   452  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   453  	// group/{group_id}`: All workforce identities in a group. *
   454  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   455  	// attribute.{attribute_name}/{attribute_value}`: All workforce identities with
   456  	// a specific attribute value. *
   457  	// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/
   458  	// *`: All identities in a workforce identity pool. *
   459  	// `principal://iam.googleapis.com/projects/{project_number}/locations/global/wo
   460  	// rkloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: A single
   461  	// identity in a workload identity pool. *
   462  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   463  	// /workloadIdentityPools/{pool_id}/group/{group_id}`: A workload identity pool
   464  	// group. *
   465  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   466  	// /workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}
   467  	// `: All identities in a workload identity pool with a certain attribute. *
   468  	// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global
   469  	// /workloadIdentityPools/{pool_id}/*`: All identities in a workload identity
   470  	// pool. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus
   471  	// unique identifier) representing a user that has been recently deleted. For
   472  	// example, `alice@example.com?uid=123456789012345678901`. If the user is
   473  	// recovered, this value reverts to `user:{emailid}` and the recovered user
   474  	// retains the role in the binding. *
   475  	// `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus
   476  	// unique identifier) representing a service account that has been recently
   477  	// deleted. For example,
   478  	// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the
   479  	// service account is undeleted, this value reverts to
   480  	// `serviceAccount:{emailid}` and the undeleted service account retains the
   481  	// role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email
   482  	// address (plus unique identifier) representing a Google group that has been
   483  	// recently deleted. For example,
   484  	// `admins@example.com?uid=123456789012345678901`. If the group is recovered,
   485  	// this value reverts to `group:{emailid}` and the recovered group retains the
   486  	// role in the binding. *
   487  	// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool
   488  	// _id}/subject/{subject_attribute_value}`: Deleted single identity in a
   489  	// workforce identity pool. For example,
   490  	// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-po
   491  	// ol-id/subject/my-subject-attribute-value`.
   492  	Members []string `json:"members,omitempty"`
   493  	// Role: Role that is assigned to the list of `members`, or principals. For
   494  	// example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an overview
   495  	// of the IAM roles and permissions, see the IAM documentation
   496  	// (https://cloud.google.com/iam/docs/roles-overview). For a list of the
   497  	// available pre-defined roles, see here
   498  	// (https://cloud.google.com/iam/docs/understanding-roles).
   499  	Role string `json:"role,omitempty"`
   500  	// ForceSendFields is a list of field names (e.g. "Condition") to
   501  	// unconditionally include in API requests. By default, fields with empty or
   502  	// default values are omitted from API requests. See
   503  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   504  	// details.
   505  	ForceSendFields []string `json:"-"`
   506  	// NullFields is a list of field names (e.g. "Condition") to include in API
   507  	// requests with the JSON null value. By default, fields with empty values are
   508  	// omitted from API requests. See
   509  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   510  	NullFields []string `json:"-"`
   511  }
   512  
   513  func (s *Binding) MarshalJSON() ([]byte, error) {
   514  	type NoMethod Binding
   515  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   516  }
   517  
   518  // CaOptions: Describes values that are relevant in a CA certificate.
   519  type CaOptions struct {
   520  	// IsCa: Optional. Refers to the "CA" X.509 extension, which is a boolean
   521  	// value. When this value is missing, the extension will be omitted from the CA
   522  	// certificate.
   523  	IsCa bool `json:"isCa,omitempty"`
   524  	// MaxIssuerPathLength: Optional. Refers to the path length restriction X.509
   525  	// extension. For a CA certificate, this value describes the depth of
   526  	// subordinate CA certificates that are allowed. If this value is less than 0,
   527  	// the request will fail. If this value is missing, the max path length will be
   528  	// omitted from the CA certificate.
   529  	MaxIssuerPathLength int64 `json:"maxIssuerPathLength,omitempty"`
   530  	// ForceSendFields is a list of field names (e.g. "IsCa") to unconditionally
   531  	// include in API requests. By default, fields with empty or default values are
   532  	// omitted from API requests. See
   533  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   534  	// details.
   535  	ForceSendFields []string `json:"-"`
   536  	// NullFields is a list of field names (e.g. "IsCa") to include in API requests
   537  	// with the JSON null value. By default, fields with empty values are omitted
   538  	// from API requests. See
   539  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   540  	NullFields []string `json:"-"`
   541  }
   542  
   543  func (s *CaOptions) MarshalJSON() ([]byte, error) {
   544  	type NoMethod CaOptions
   545  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   546  }
   547  
   548  // CaPool: A CaPool represents a group of CertificateAuthorities that form a
   549  // trust anchor. A CaPool can be used to manage issuance policies for one or
   550  // more CertificateAuthority resources and to rotate CA certificates in and out
   551  // of the trust anchor.
   552  type CaPool struct {
   553  	// IssuancePolicy: Optional. The IssuancePolicy to control how Certificates
   554  	// will be issued from this CaPool.
   555  	IssuancePolicy *IssuancePolicy `json:"issuancePolicy,omitempty"`
   556  	// Labels: Optional. Labels with user-defined metadata.
   557  	Labels map[string]string `json:"labels,omitempty"`
   558  	// Name: Output only. The resource name for this CaPool in the format
   559  	// `projects/*/locations/*/caPools/*`.
   560  	Name string `json:"name,omitempty"`
   561  	// PublishingOptions: Optional. The PublishingOptions to follow when issuing
   562  	// Certificates from any CertificateAuthority in this CaPool.
   563  	PublishingOptions *PublishingOptions `json:"publishingOptions,omitempty"`
   564  	// Tier: Required. Immutable. The Tier of this CaPool.
   565  	//
   566  	// Possible values:
   567  	//   "TIER_UNSPECIFIED" - Not specified.
   568  	//   "ENTERPRISE" - Enterprise tier.
   569  	//   "DEVOPS" - DevOps tier.
   570  	Tier string `json:"tier,omitempty"`
   571  
   572  	// ServerResponse contains the HTTP response code and headers from the server.
   573  	googleapi.ServerResponse `json:"-"`
   574  	// ForceSendFields is a list of field names (e.g. "IssuancePolicy") to
   575  	// unconditionally include in API requests. By default, fields with empty or
   576  	// default values are omitted from API requests. See
   577  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   578  	// details.
   579  	ForceSendFields []string `json:"-"`
   580  	// NullFields is a list of field names (e.g. "IssuancePolicy") to include in
   581  	// API requests with the JSON null value. By default, fields with empty values
   582  	// are omitted from API requests. See
   583  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   584  	NullFields []string `json:"-"`
   585  }
   586  
   587  func (s *CaPool) MarshalJSON() ([]byte, error) {
   588  	type NoMethod CaPool
   589  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   590  }
   591  
   592  // CancelOperationRequest: The request message for Operations.CancelOperation.
   593  type CancelOperationRequest struct {
   594  }
   595  
   596  type CertChain struct {
   597  	// Certificates: The certificates that form the CA chain, from leaf to root
   598  	// order.
   599  	Certificates []string `json:"certificates,omitempty"`
   600  	// ForceSendFields is a list of field names (e.g. "Certificates") to
   601  	// unconditionally include in API requests. By default, fields with empty or
   602  	// default values are omitted from API requests. See
   603  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   604  	// details.
   605  	ForceSendFields []string `json:"-"`
   606  	// NullFields is a list of field names (e.g. "Certificates") to include in API
   607  	// requests with the JSON null value. By default, fields with empty values are
   608  	// omitted from API requests. See
   609  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   610  	NullFields []string `json:"-"`
   611  }
   612  
   613  func (s *CertChain) MarshalJSON() ([]byte, error) {
   614  	type NoMethod CertChain
   615  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   616  }
   617  
   618  // Certificate: A Certificate corresponds to a signed X.509 certificate issued
   619  // by a CertificateAuthority.
   620  type Certificate struct {
   621  	// CertificateDescription: Output only. A structured description of the issued
   622  	// X.509 certificate.
   623  	CertificateDescription *CertificateDescription `json:"certificateDescription,omitempty"`
   624  	// CertificateTemplate: Immutable. The resource name for a CertificateTemplate
   625  	// used to issue this certificate, in the format
   626  	// `projects/*/locations/*/certificateTemplates/*`. If this is specified, the
   627  	// caller must have the necessary permission to use this template. If this is
   628  	// omitted, no template will be used. This template must be in the same
   629  	// location as the Certificate.
   630  	CertificateTemplate string `json:"certificateTemplate,omitempty"`
   631  	// Config: Immutable. A description of the certificate and key that does not
   632  	// require X.509 or ASN.1.
   633  	Config *CertificateConfig `json:"config,omitempty"`
   634  	// CreateTime: Output only. The time at which this Certificate was created.
   635  	CreateTime string `json:"createTime,omitempty"`
   636  	// IssuerCertificateAuthority: Output only. The resource name of the issuing
   637  	// CertificateAuthority in the format
   638  	// `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
   639  	IssuerCertificateAuthority string `json:"issuerCertificateAuthority,omitempty"`
   640  	// Labels: Optional. Labels with user-defined metadata.
   641  	Labels map[string]string `json:"labels,omitempty"`
   642  	// Lifetime: Required. Immutable. The desired lifetime of a certificate. Used
   643  	// to create the "not_before_time" and "not_after_time" fields inside an X.509
   644  	// certificate. Note that the lifetime may be truncated if it would extend past
   645  	// the life of any certificate authority in the issuing chain.
   646  	Lifetime string `json:"lifetime,omitempty"`
   647  	// Name: Output only. The resource name for this Certificate in the format
   648  	// `projects/*/locations/*/caPools/*/certificates/*`.
   649  	Name string `json:"name,omitempty"`
   650  	// PemCertificate: Output only. The pem-encoded, signed X.509 certificate.
   651  	PemCertificate string `json:"pemCertificate,omitempty"`
   652  	// PemCertificateChain: Output only. The chain that may be used to verify the
   653  	// X.509 certificate. Expected to be in issuer-to-root order according to RFC
   654  	// 5246.
   655  	PemCertificateChain []string `json:"pemCertificateChain,omitempty"`
   656  	// PemCsr: Immutable. A pem-encoded X.509 certificate signing request (CSR).
   657  	PemCsr string `json:"pemCsr,omitempty"`
   658  	// RevocationDetails: Output only. Details regarding the revocation of this
   659  	// Certificate. This Certificate is considered revoked if and only if this
   660  	// field is present.
   661  	RevocationDetails *RevocationDetails `json:"revocationDetails,omitempty"`
   662  	// SubjectMode: Immutable. Specifies how the Certificate's identity fields are
   663  	// to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
   664  	//
   665  	// Possible values:
   666  	//   "SUBJECT_REQUEST_MODE_UNSPECIFIED" - Not specified.
   667  	//   "DEFAULT" - The default mode used in most cases. Indicates that the
   668  	// certificate's Subject and/or SubjectAltNames are specified in the
   669  	// certificate request. This mode requires the caller to have the
   670  	// `privateca.certificates.create` permission.
   671  	//   "REFLECTED_SPIFFE" - A mode reserved for special cases. Indicates that the
   672  	// certificate should have one SPIFFE SubjectAltNames set by the service based
   673  	// on the caller's identity. This mode will ignore any explicitly specified
   674  	// Subject and/or SubjectAltNames in the certificate request. This mode
   675  	// requires the caller to have the `privateca.certificates.createForSelf`
   676  	// permission.
   677  	SubjectMode string `json:"subjectMode,omitempty"`
   678  	// UpdateTime: Output only. The time at which this Certificate was updated.
   679  	UpdateTime string `json:"updateTime,omitempty"`
   680  
   681  	// ServerResponse contains the HTTP response code and headers from the server.
   682  	googleapi.ServerResponse `json:"-"`
   683  	// ForceSendFields is a list of field names (e.g. "CertificateDescription") to
   684  	// unconditionally include in API requests. By default, fields with empty or
   685  	// default values are omitted from API requests. See
   686  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   687  	// details.
   688  	ForceSendFields []string `json:"-"`
   689  	// NullFields is a list of field names (e.g. "CertificateDescription") to
   690  	// include in API requests with the JSON null value. By default, fields with
   691  	// empty values are omitted from API requests. See
   692  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   693  	NullFields []string `json:"-"`
   694  }
   695  
   696  func (s *Certificate) MarshalJSON() ([]byte, error) {
   697  	type NoMethod Certificate
   698  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   699  }
   700  
   701  // CertificateAuthority: A CertificateAuthority represents an individual
   702  // Certificate Authority. A CertificateAuthority can be used to create
   703  // Certificates.
   704  type CertificateAuthority struct {
   705  	// AccessUrls: Output only. URLs for accessing content published by this CA,
   706  	// such as the CA certificate and CRLs.
   707  	AccessUrls *AccessUrls `json:"accessUrls,omitempty"`
   708  	// CaCertificateDescriptions: Output only. A structured description of this
   709  	// CertificateAuthority's CA certificate and its issuers. Ordered as
   710  	// self-to-root.
   711  	CaCertificateDescriptions []*CertificateDescription `json:"caCertificateDescriptions,omitempty"`
   712  	// Config: Required. Immutable. The config used to create a self-signed X.509
   713  	// certificate or CSR.
   714  	Config *CertificateConfig `json:"config,omitempty"`
   715  	// CreateTime: Output only. The time at which this CertificateAuthority was
   716  	// created.
   717  	CreateTime string `json:"createTime,omitempty"`
   718  	// DeleteTime: Output only. The time at which this CertificateAuthority was
   719  	// soft deleted, if it is in the DELETED state.
   720  	DeleteTime string `json:"deleteTime,omitempty"`
   721  	// ExpireTime: Output only. The time at which this CertificateAuthority will be
   722  	// permanently purged, if it is in the DELETED state.
   723  	ExpireTime string `json:"expireTime,omitempty"`
   724  	// GcsBucket: Immutable. The name of a Cloud Storage bucket where this
   725  	// CertificateAuthority will publish content, such as the CA certificate and
   726  	// CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or
   727  	// suffixes (such as `.googleapis.com`). For example, to use a bucket named
   728  	// `my-bucket`, you would simply specify `my-bucket`. If not specified, a
   729  	// managed bucket will be created.
   730  	GcsBucket string `json:"gcsBucket,omitempty"`
   731  	// KeySpec: Required. Immutable. Used when issuing certificates for this
   732  	// CertificateAuthority. If this CertificateAuthority is a self-signed
   733  	// CertificateAuthority, this key is also used to sign the self-signed CA
   734  	// certificate. Otherwise, it is used to sign a CSR.
   735  	KeySpec *KeyVersionSpec `json:"keySpec,omitempty"`
   736  	// Labels: Optional. Labels with user-defined metadata.
   737  	Labels map[string]string `json:"labels,omitempty"`
   738  	// Lifetime: Required. Immutable. The desired lifetime of the CA certificate.
   739  	// Used to create the "not_before_time" and "not_after_time" fields inside an
   740  	// X.509 certificate.
   741  	Lifetime string `json:"lifetime,omitempty"`
   742  	// Name: Output only. The resource name for this CertificateAuthority in the
   743  	// format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
   744  	Name string `json:"name,omitempty"`
   745  	// PemCaCertificates: Output only. This CertificateAuthority's certificate
   746  	// chain, including the current CertificateAuthority's certificate. Ordered
   747  	// such that the root issuer is the final element (consistent with RFC 5246).
   748  	// For a self-signed CA, this will only list the current CertificateAuthority's
   749  	// certificate.
   750  	PemCaCertificates []string `json:"pemCaCertificates,omitempty"`
   751  	// SatisfiesPzi: Output only. Reserved for future use.
   752  	SatisfiesPzi bool `json:"satisfiesPzi,omitempty"`
   753  	// SatisfiesPzs: Output only. Reserved for future use.
   754  	SatisfiesPzs bool `json:"satisfiesPzs,omitempty"`
   755  	// State: Output only. The State for this CertificateAuthority.
   756  	//
   757  	// Possible values:
   758  	//   "STATE_UNSPECIFIED" - Not specified.
   759  	//   "ENABLED" - Certificates can be issued from this CA. CRLs will be
   760  	// generated for this CA. The CA will be part of the CaPool's trust anchor, and
   761  	// will be used to issue certificates from the CaPool.
   762  	//   "DISABLED" - Certificates cannot be issued from this CA. CRLs will still
   763  	// be generated. The CA will be part of the CaPool's trust anchor, but will not
   764  	// be used to issue certificates from the CaPool.
   765  	//   "STAGED" - Certificates can be issued from this CA. CRLs will be generated
   766  	// for this CA. The CA will be part of the CaPool's trust anchor, but will not
   767  	// be used to issue certificates from the CaPool.
   768  	//   "AWAITING_USER_ACTIVATION" - Certificates cannot be issued from this CA.
   769  	// CRLs will not be generated. The CA will not be part of the CaPool's trust
   770  	// anchor, and will not be used to issue certificates from the CaPool.
   771  	//   "DELETED" - Certificates cannot be issued from this CA. CRLs will not be
   772  	// generated. The CA may still be recovered by calling
   773  	// CertificateAuthorityService.UndeleteCertificateAuthority before expire_time.
   774  	// The CA will not be part of the CaPool's trust anchor, and will not be used
   775  	// to issue certificates from the CaPool.
   776  	State string `json:"state,omitempty"`
   777  	// SubordinateConfig: Optional. If this is a subordinate CertificateAuthority,
   778  	// this field will be set with the subordinate configuration, which describes
   779  	// its issuers. This may be updated, but this CertificateAuthority must
   780  	// continue to validate.
   781  	SubordinateConfig *SubordinateConfig `json:"subordinateConfig,omitempty"`
   782  	// Tier: Output only. The CaPool.Tier of the CaPool that includes this
   783  	// CertificateAuthority.
   784  	//
   785  	// Possible values:
   786  	//   "TIER_UNSPECIFIED" - Not specified.
   787  	//   "ENTERPRISE" - Enterprise tier.
   788  	//   "DEVOPS" - DevOps tier.
   789  	Tier string `json:"tier,omitempty"`
   790  	// Type: Required. Immutable. The Type of this CertificateAuthority.
   791  	//
   792  	// Possible values:
   793  	//   "TYPE_UNSPECIFIED" - Not specified.
   794  	//   "SELF_SIGNED" - Self-signed CA.
   795  	//   "SUBORDINATE" - Subordinate CA. Could be issued by a Private CA
   796  	// CertificateAuthority or an unmanaged CA.
   797  	Type string `json:"type,omitempty"`
   798  	// UpdateTime: Output only. The time at which this CertificateAuthority was
   799  	// last updated.
   800  	UpdateTime string `json:"updateTime,omitempty"`
   801  
   802  	// ServerResponse contains the HTTP response code and headers from the server.
   803  	googleapi.ServerResponse `json:"-"`
   804  	// ForceSendFields is a list of field names (e.g. "AccessUrls") to
   805  	// unconditionally include in API requests. By default, fields with empty or
   806  	// default values are omitted from API requests. See
   807  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   808  	// details.
   809  	ForceSendFields []string `json:"-"`
   810  	// NullFields is a list of field names (e.g. "AccessUrls") to include in API
   811  	// requests with the JSON null value. By default, fields with empty values are
   812  	// omitted from API requests. See
   813  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   814  	NullFields []string `json:"-"`
   815  }
   816  
   817  func (s *CertificateAuthority) MarshalJSON() ([]byte, error) {
   818  	type NoMethod CertificateAuthority
   819  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   820  }
   821  
   822  // CertificateConfig: A CertificateConfig describes an X.509 certificate or CSR
   823  // that is to be created, as an alternative to using ASN.1.
   824  type CertificateConfig struct {
   825  	// PublicKey: Optional. The public key that corresponds to this config. This
   826  	// is, for example, used when issuing Certificates, but not when creating a
   827  	// self-signed CertificateAuthority or CertificateAuthority CSR.
   828  	PublicKey *PublicKey `json:"publicKey,omitempty"`
   829  	// SubjectConfig: Required. Specifies some of the values in a certificate that
   830  	// are related to the subject.
   831  	SubjectConfig *SubjectConfig `json:"subjectConfig,omitempty"`
   832  	// SubjectKeyId: Optional. When specified this provides a custom SKI to be used
   833  	// in the certificate. This should only be used to maintain a SKI of an
   834  	// existing CA originally created outside CA service, which was not generated
   835  	// using method (1) described in RFC 5280 section 4.2.1.2.
   836  	SubjectKeyId *CertificateConfigKeyId `json:"subjectKeyId,omitempty"`
   837  	// X509Config: Required. Describes how some of the technical X.509 fields in a
   838  	// certificate should be populated.
   839  	X509Config *X509Parameters `json:"x509Config,omitempty"`
   840  	// ForceSendFields is a list of field names (e.g. "PublicKey") to
   841  	// unconditionally include in API requests. By default, fields with empty or
   842  	// default values are omitted from API requests. See
   843  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   844  	// details.
   845  	ForceSendFields []string `json:"-"`
   846  	// NullFields is a list of field names (e.g. "PublicKey") to include in API
   847  	// requests with the JSON null value. By default, fields with empty values are
   848  	// omitted from API requests. See
   849  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   850  	NullFields []string `json:"-"`
   851  }
   852  
   853  func (s *CertificateConfig) MarshalJSON() ([]byte, error) {
   854  	type NoMethod CertificateConfig
   855  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   856  }
   857  
   858  // CertificateConfigKeyId: A KeyId identifies a specific public key, usually by
   859  // hashing the public key.
   860  type CertificateConfigKeyId struct {
   861  	// KeyId: Required. The value of this KeyId encoded in lowercase hexadecimal.
   862  	// This is most likely the 160 bit SHA-1 hash of the public key.
   863  	KeyId string `json:"keyId,omitempty"`
   864  	// ForceSendFields is a list of field names (e.g. "KeyId") to unconditionally
   865  	// include in API requests. By default, fields with empty or default values are
   866  	// omitted from API requests. See
   867  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   868  	// details.
   869  	ForceSendFields []string `json:"-"`
   870  	// NullFields is a list of field names (e.g. "KeyId") to include in API
   871  	// requests with the JSON null value. By default, fields with empty values are
   872  	// omitted from API requests. See
   873  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   874  	NullFields []string `json:"-"`
   875  }
   876  
   877  func (s *CertificateConfigKeyId) MarshalJSON() ([]byte, error) {
   878  	type NoMethod CertificateConfigKeyId
   879  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   880  }
   881  
   882  // CertificateDescription: A CertificateDescription describes an X.509
   883  // certificate or CSR that has been issued, as an alternative to using ASN.1 /
   884  // X.509.
   885  type CertificateDescription struct {
   886  	// AiaIssuingCertificateUrls: Describes lists of issuer CA certificate URLs
   887  	// that appear in the "Authority Information Access" extension in the
   888  	// certificate.
   889  	AiaIssuingCertificateUrls []string `json:"aiaIssuingCertificateUrls,omitempty"`
   890  	// AuthorityKeyId: Identifies the subject_key_id of the parent certificate, per
   891  	// https://tools.ietf.org/html/rfc5280#section-4.2.1.1
   892  	AuthorityKeyId *KeyId `json:"authorityKeyId,omitempty"`
   893  	// CertFingerprint: The hash of the x.509 certificate.
   894  	CertFingerprint *CertificateFingerprint `json:"certFingerprint,omitempty"`
   895  	// CrlDistributionPoints: Describes a list of locations to obtain CRL
   896  	// information, i.e. the DistributionPoint.fullName described by
   897  	// https://tools.ietf.org/html/rfc5280#section-4.2.1.13
   898  	CrlDistributionPoints []string `json:"crlDistributionPoints,omitempty"`
   899  	// PublicKey: The public key that corresponds to an issued certificate.
   900  	PublicKey *PublicKey `json:"publicKey,omitempty"`
   901  	// SubjectDescription: Describes some of the values in a certificate that are
   902  	// related to the subject and lifetime.
   903  	SubjectDescription *SubjectDescription `json:"subjectDescription,omitempty"`
   904  	// SubjectKeyId: Provides a means of identifiying certificates that contain a
   905  	// particular public key, per
   906  	// https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
   907  	SubjectKeyId *KeyId `json:"subjectKeyId,omitempty"`
   908  	// X509Description: Describes some of the technical X.509 fields in a
   909  	// certificate.
   910  	X509Description *X509Parameters `json:"x509Description,omitempty"`
   911  	// ForceSendFields is a list of field names (e.g. "AiaIssuingCertificateUrls")
   912  	// to unconditionally include in API requests. By default, fields with empty or
   913  	// default values are omitted from API requests. See
   914  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   915  	// details.
   916  	ForceSendFields []string `json:"-"`
   917  	// NullFields is a list of field names (e.g. "AiaIssuingCertificateUrls") to
   918  	// include in API requests with the JSON null value. By default, fields with
   919  	// empty values are omitted from API requests. See
   920  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   921  	NullFields []string `json:"-"`
   922  }
   923  
   924  func (s *CertificateDescription) MarshalJSON() ([]byte, error) {
   925  	type NoMethod CertificateDescription
   926  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   927  }
   928  
   929  // CertificateExtensionConstraints: Describes a set of X.509 extensions that
   930  // may be part of some certificate issuance controls.
   931  type CertificateExtensionConstraints struct {
   932  	// AdditionalExtensions: Optional. A set of ObjectIds identifying custom X.509
   933  	// extensions. Will be combined with known_extensions to determine the full set
   934  	// of X.509 extensions.
   935  	AdditionalExtensions []*ObjectId `json:"additionalExtensions,omitempty"`
   936  	// KnownExtensions: Optional. A set of named X.509 extensions. Will be combined
   937  	// with additional_extensions to determine the full set of X.509 extensions.
   938  	//
   939  	// Possible values:
   940  	//   "KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED" - Not specified.
   941  	//   "BASE_KEY_USAGE" - Refers to a certificate's Key Usage extension, as
   942  	// described in [RFC 5280 section
   943  	// 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3). This
   944  	// corresponds to the KeyUsage.base_key_usage field.
   945  	//   "EXTENDED_KEY_USAGE" - Refers to a certificate's Extended Key Usage
   946  	// extension, as described in [RFC 5280 section
   947  	// 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12). This
   948  	// corresponds to the KeyUsage.extended_key_usage message.
   949  	//   "CA_OPTIONS" - Refers to a certificate's Basic Constraints extension, as
   950  	// described in [RFC 5280 section
   951  	// 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9). This
   952  	// corresponds to the X509Parameters.ca_options field.
   953  	//   "POLICY_IDS" - Refers to a certificate's Policy object identifiers, as
   954  	// described in [RFC 5280 section
   955  	// 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4). This
   956  	// corresponds to the X509Parameters.policy_ids field.
   957  	//   "AIA_OCSP_SERVERS" - Refers to OCSP servers in a certificate's Authority
   958  	// Information Access extension, as described in [RFC 5280 section
   959  	// 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1), This
   960  	// corresponds to the X509Parameters.aia_ocsp_servers field.
   961  	//   "NAME_CONSTRAINTS" - Refers to Name Constraints extension as described in
   962  	// [RFC 5280 section
   963  	// 4.2.1.10](https://tools.ietf.org/html/rfc5280#section-4.2.1.10)
   964  	KnownExtensions []string `json:"knownExtensions,omitempty"`
   965  	// ForceSendFields is a list of field names (e.g. "AdditionalExtensions") to
   966  	// unconditionally include in API requests. By default, fields with empty or
   967  	// default values are omitted from API requests. See
   968  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   969  	// details.
   970  	ForceSendFields []string `json:"-"`
   971  	// NullFields is a list of field names (e.g. "AdditionalExtensions") to include
   972  	// in API requests with the JSON null value. By default, fields with empty
   973  	// values are omitted from API requests. See
   974  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   975  	NullFields []string `json:"-"`
   976  }
   977  
   978  func (s *CertificateExtensionConstraints) MarshalJSON() ([]byte, error) {
   979  	type NoMethod CertificateExtensionConstraints
   980  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   981  }
   982  
   983  // CertificateFingerprint: A group of fingerprints for the x509 certificate.
   984  type CertificateFingerprint struct {
   985  	// Sha256Hash: The SHA 256 hash, encoded in hexadecimal, of the DER x509
   986  	// certificate.
   987  	Sha256Hash string `json:"sha256Hash,omitempty"`
   988  	// ForceSendFields is a list of field names (e.g. "Sha256Hash") to
   989  	// unconditionally include in API requests. By default, fields with empty or
   990  	// default values are omitted from API requests. See
   991  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   992  	// details.
   993  	ForceSendFields []string `json:"-"`
   994  	// NullFields is a list of field names (e.g. "Sha256Hash") to include in API
   995  	// requests with the JSON null value. By default, fields with empty values are
   996  	// omitted from API requests. See
   997  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   998  	NullFields []string `json:"-"`
   999  }
  1000  
  1001  func (s *CertificateFingerprint) MarshalJSON() ([]byte, error) {
  1002  	type NoMethod CertificateFingerprint
  1003  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1004  }
  1005  
  1006  // CertificateIdentityConstraints: Describes constraints on a Certificate's
  1007  // Subject and SubjectAltNames.
  1008  type CertificateIdentityConstraints struct {
  1009  	// AllowSubjectAltNamesPassthrough: Required. If this is true, the
  1010  	// SubjectAltNames extension may be copied from a certificate request into the
  1011  	// signed certificate. Otherwise, the requested SubjectAltNames will be
  1012  	// discarded.
  1013  	AllowSubjectAltNamesPassthrough bool `json:"allowSubjectAltNamesPassthrough,omitempty"`
  1014  	// AllowSubjectPassthrough: Required. If this is true, the Subject field may be
  1015  	// copied from a certificate request into the signed certificate. Otherwise,
  1016  	// the requested Subject will be discarded.
  1017  	AllowSubjectPassthrough bool `json:"allowSubjectPassthrough,omitempty"`
  1018  	// CelExpression: Optional. A CEL expression that may be used to validate the
  1019  	// resolved X.509 Subject and/or Subject Alternative Name before a certificate
  1020  	// is signed. To see the full allowed syntax and some examples, see
  1021  	// https://cloud.google.com/certificate-authority-service/docs/using-cel
  1022  	CelExpression *Expr `json:"celExpression,omitempty"`
  1023  	// ForceSendFields is a list of field names (e.g.
  1024  	// "AllowSubjectAltNamesPassthrough") to unconditionally include in API
  1025  	// requests. By default, fields with empty or default values are omitted from
  1026  	// API requests. See
  1027  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1028  	// details.
  1029  	ForceSendFields []string `json:"-"`
  1030  	// NullFields is a list of field names (e.g. "AllowSubjectAltNamesPassthrough")
  1031  	// to include in API requests with the JSON null value. By default, fields with
  1032  	// empty values are omitted from API requests. See
  1033  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1034  	NullFields []string `json:"-"`
  1035  }
  1036  
  1037  func (s *CertificateIdentityConstraints) MarshalJSON() ([]byte, error) {
  1038  	type NoMethod CertificateIdentityConstraints
  1039  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1040  }
  1041  
  1042  // CertificateRevocationList: A CertificateRevocationList corresponds to a
  1043  // signed X.509 certificate Revocation List (CRL). A CRL contains the serial
  1044  // numbers of certificates that should no longer be trusted.
  1045  type CertificateRevocationList struct {
  1046  	// AccessUrl: Output only. The location where 'pem_crl' can be accessed.
  1047  	AccessUrl string `json:"accessUrl,omitempty"`
  1048  	// CreateTime: Output only. The time at which this CertificateRevocationList
  1049  	// was created.
  1050  	CreateTime string `json:"createTime,omitempty"`
  1051  	// Labels: Optional. Labels with user-defined metadata.
  1052  	Labels map[string]string `json:"labels,omitempty"`
  1053  	// Name: Output only. The resource name for this CertificateRevocationList in
  1054  	// the format `projects/*/locations/*/caPools/*certificateAuthorities/*/
  1055  	// certificateRevocationLists/*`.
  1056  	Name string `json:"name,omitempty"`
  1057  	// PemCrl: Output only. The PEM-encoded X.509 CRL.
  1058  	PemCrl string `json:"pemCrl,omitempty"`
  1059  	// RevisionId: Output only. The revision ID of this CertificateRevocationList.
  1060  	// A new revision is committed whenever a new CRL is published. The format is
  1061  	// an 8-character hexadecimal string.
  1062  	RevisionId string `json:"revisionId,omitempty"`
  1063  	// RevokedCertificates: Output only. The revoked serial numbers that appear in
  1064  	// pem_crl.
  1065  	RevokedCertificates []*RevokedCertificate `json:"revokedCertificates,omitempty"`
  1066  	// SequenceNumber: Output only. The CRL sequence number that appears in
  1067  	// pem_crl.
  1068  	SequenceNumber int64 `json:"sequenceNumber,omitempty,string"`
  1069  	// State: Output only. The State for this CertificateRevocationList.
  1070  	//
  1071  	// Possible values:
  1072  	//   "STATE_UNSPECIFIED" - Not specified.
  1073  	//   "ACTIVE" - The CertificateRevocationList is up to date.
  1074  	//   "SUPERSEDED" - The CertificateRevocationList is no longer current.
  1075  	State string `json:"state,omitempty"`
  1076  	// UpdateTime: Output only. The time at which this CertificateRevocationList
  1077  	// was updated.
  1078  	UpdateTime string `json:"updateTime,omitempty"`
  1079  
  1080  	// ServerResponse contains the HTTP response code and headers from the server.
  1081  	googleapi.ServerResponse `json:"-"`
  1082  	// ForceSendFields is a list of field names (e.g. "AccessUrl") to
  1083  	// unconditionally include in API requests. By default, fields with empty or
  1084  	// default values are omitted from API requests. See
  1085  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1086  	// details.
  1087  	ForceSendFields []string `json:"-"`
  1088  	// NullFields is a list of field names (e.g. "AccessUrl") to include in API
  1089  	// requests with the JSON null value. By default, fields with empty values are
  1090  	// omitted from API requests. See
  1091  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1092  	NullFields []string `json:"-"`
  1093  }
  1094  
  1095  func (s *CertificateRevocationList) MarshalJSON() ([]byte, error) {
  1096  	type NoMethod CertificateRevocationList
  1097  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1098  }
  1099  
  1100  // CertificateTemplate: A CertificateTemplate refers to a managed template for
  1101  // certificate issuance.
  1102  type CertificateTemplate struct {
  1103  	// CreateTime: Output only. The time at which this CertificateTemplate was
  1104  	// created.
  1105  	CreateTime string `json:"createTime,omitempty"`
  1106  	// Description: Optional. A human-readable description of scenarios this
  1107  	// template is intended for.
  1108  	Description string `json:"description,omitempty"`
  1109  	// IdentityConstraints: Optional. Describes constraints on identities that may
  1110  	// be appear in Certificates issued using this template. If this is omitted,
  1111  	// then this template will not add restrictions on a certificate's identity.
  1112  	IdentityConstraints *CertificateIdentityConstraints `json:"identityConstraints,omitempty"`
  1113  	// Labels: Optional. Labels with user-defined metadata.
  1114  	Labels map[string]string `json:"labels,omitempty"`
  1115  	// MaximumLifetime: Optional. The maximum lifetime allowed for issued
  1116  	// Certificates that use this template. If the issuing CaPool resource's
  1117  	// IssuancePolicy specifies a maximum_lifetime the minimum of the two durations
  1118  	// will be the maximum lifetime for issued Certificates. Note that if the
  1119  	// issuing CertificateAuthority expires before a Certificate's requested
  1120  	// maximum_lifetime, the effective lifetime will be explicitly truncated to
  1121  	// match it.
  1122  	MaximumLifetime string `json:"maximumLifetime,omitempty"`
  1123  	// Name: Output only. The resource name for this CertificateTemplate in the
  1124  	// format `projects/*/locations/*/certificateTemplates/*`.
  1125  	Name string `json:"name,omitempty"`
  1126  	// PassthroughExtensions: Optional. Describes the set of X.509 extensions that
  1127  	// may appear in a Certificate issued using this CertificateTemplate. If a
  1128  	// certificate request sets extensions that don't appear in the
  1129  	// passthrough_extensions, those extensions will be dropped. If the issuing
  1130  	// CaPool's IssuancePolicy defines baseline_values that don't appear here, the
  1131  	// certificate issuance request will fail. If this is omitted, then this
  1132  	// template will not add restrictions on a certificate's X.509 extensions.
  1133  	// These constraints do not apply to X.509 extensions set in this
  1134  	// CertificateTemplate's predefined_values.
  1135  	PassthroughExtensions *CertificateExtensionConstraints `json:"passthroughExtensions,omitempty"`
  1136  	// PredefinedValues: Optional. A set of X.509 values that will be applied to
  1137  	// all issued certificates that use this template. If the certificate request
  1138  	// includes conflicting values for the same properties, they will be
  1139  	// overwritten by the values defined here. If the issuing CaPool's
  1140  	// IssuancePolicy defines conflicting baseline_values for the same properties,
  1141  	// the certificate issuance request will fail.
  1142  	PredefinedValues *X509Parameters `json:"predefinedValues,omitempty"`
  1143  	// UpdateTime: Output only. The time at which this CertificateTemplate was
  1144  	// updated.
  1145  	UpdateTime string `json:"updateTime,omitempty"`
  1146  
  1147  	// ServerResponse contains the HTTP response code and headers from the server.
  1148  	googleapi.ServerResponse `json:"-"`
  1149  	// ForceSendFields is a list of field names (e.g. "CreateTime") to
  1150  	// unconditionally include in API requests. By default, fields with empty or
  1151  	// default values are omitted from API requests. See
  1152  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1153  	// details.
  1154  	ForceSendFields []string `json:"-"`
  1155  	// NullFields is a list of field names (e.g. "CreateTime") to include in API
  1156  	// requests with the JSON null value. By default, fields with empty values are
  1157  	// omitted from API requests. See
  1158  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1159  	NullFields []string `json:"-"`
  1160  }
  1161  
  1162  func (s *CertificateTemplate) MarshalJSON() ([]byte, error) {
  1163  	type NoMethod CertificateTemplate
  1164  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1165  }
  1166  
  1167  // DisableCertificateAuthorityRequest: Request message for
  1168  // CertificateAuthorityService.DisableCertificateAuthority.
  1169  type DisableCertificateAuthorityRequest struct {
  1170  	// IgnoreDependentResources: Optional. This field allows this CA to be disabled
  1171  	// even if it's being depended on by another resource. However, doing so may
  1172  	// result in unintended and unrecoverable effects on any dependent resources
  1173  	// since the CA will no longer be able to issue certificates.
  1174  	IgnoreDependentResources bool `json:"ignoreDependentResources,omitempty"`
  1175  	// RequestId: Optional. An ID to identify requests. Specify a unique request ID
  1176  	// so that if you must retry your request, the server will know to ignore the
  1177  	// request if it has already been completed. The server will guarantee that for
  1178  	// at least 60 minutes since the first request. For example, consider a
  1179  	// situation where you make an initial request and the request times out. If
  1180  	// you make the request again with the same request ID, the server can check if
  1181  	// original operation with the same request ID was received, and if so, will
  1182  	// ignore the second request. This prevents clients from accidentally creating
  1183  	// duplicate commitments. The request ID must be a valid UUID with the
  1184  	// exception that zero UUID is not supported
  1185  	// (00000000-0000-0000-0000-000000000000).
  1186  	RequestId string `json:"requestId,omitempty"`
  1187  	// ForceSendFields is a list of field names (e.g. "IgnoreDependentResources")
  1188  	// to unconditionally include in API requests. By default, fields with empty or
  1189  	// default values are omitted from API requests. See
  1190  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1191  	// details.
  1192  	ForceSendFields []string `json:"-"`
  1193  	// NullFields is a list of field names (e.g. "IgnoreDependentResources") to
  1194  	// include in API requests with the JSON null value. By default, fields with
  1195  	// empty values are omitted from API requests. See
  1196  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1197  	NullFields []string `json:"-"`
  1198  }
  1199  
  1200  func (s *DisableCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
  1201  	type NoMethod DisableCertificateAuthorityRequest
  1202  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1203  }
  1204  
  1205  // EcKeyType: Describes an Elliptic Curve key that may be used in a Certificate
  1206  // issued from a CaPool.
  1207  type EcKeyType struct {
  1208  	// SignatureAlgorithm: Optional. A signature algorithm that must be used. If
  1209  	// this is omitted, any EC-based signature algorithm will be allowed.
  1210  	//
  1211  	// Possible values:
  1212  	//   "EC_SIGNATURE_ALGORITHM_UNSPECIFIED" - Not specified. Signifies that any
  1213  	// signature algorithm may be used.
  1214  	//   "ECDSA_P256" - Refers to the Elliptic Curve Digital Signature Algorithm
  1215  	// over the NIST P-256 curve.
  1216  	//   "ECDSA_P384" - Refers to the Elliptic Curve Digital Signature Algorithm
  1217  	// over the NIST P-384 curve.
  1218  	//   "EDDSA_25519" - Refers to the Edwards-curve Digital Signature Algorithm
  1219  	// over curve 25519, as described in RFC 8410.
  1220  	SignatureAlgorithm string `json:"signatureAlgorithm,omitempty"`
  1221  	// ForceSendFields is a list of field names (e.g. "SignatureAlgorithm") to
  1222  	// unconditionally include in API requests. By default, fields with empty or
  1223  	// default values are omitted from API requests. See
  1224  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1225  	// details.
  1226  	ForceSendFields []string `json:"-"`
  1227  	// NullFields is a list of field names (e.g. "SignatureAlgorithm") to include
  1228  	// in API requests with the JSON null value. By default, fields with empty
  1229  	// values are omitted from API requests. See
  1230  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1231  	NullFields []string `json:"-"`
  1232  }
  1233  
  1234  func (s *EcKeyType) MarshalJSON() ([]byte, error) {
  1235  	type NoMethod EcKeyType
  1236  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1237  }
  1238  
  1239  // Empty: A generic empty message that you can re-use to avoid defining
  1240  // duplicated empty messages in your APIs. A typical example is to use it as
  1241  // the request or the response type of an API method. For instance: service Foo
  1242  // { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
  1243  type Empty struct {
  1244  	// ServerResponse contains the HTTP response code and headers from the server.
  1245  	googleapi.ServerResponse `json:"-"`
  1246  }
  1247  
  1248  // EnableCertificateAuthorityRequest: Request message for
  1249  // CertificateAuthorityService.EnableCertificateAuthority.
  1250  type EnableCertificateAuthorityRequest struct {
  1251  	// RequestId: Optional. An ID to identify requests. Specify a unique request ID
  1252  	// so that if you must retry your request, the server will know to ignore the
  1253  	// request if it has already been completed. The server will guarantee that for
  1254  	// at least 60 minutes since the first request. For example, consider a
  1255  	// situation where you make an initial request and the request times out. If
  1256  	// you make the request again with the same request ID, the server can check if
  1257  	// original operation with the same request ID was received, and if so, will
  1258  	// ignore the second request. This prevents clients from accidentally creating
  1259  	// duplicate commitments. The request ID must be a valid UUID with the
  1260  	// exception that zero UUID is not supported
  1261  	// (00000000-0000-0000-0000-000000000000).
  1262  	RequestId string `json:"requestId,omitempty"`
  1263  	// ForceSendFields is a list of field names (e.g. "RequestId") to
  1264  	// unconditionally include in API requests. By default, fields with empty or
  1265  	// default values are omitted from API requests. See
  1266  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1267  	// details.
  1268  	ForceSendFields []string `json:"-"`
  1269  	// NullFields is a list of field names (e.g. "RequestId") to include in API
  1270  	// requests with the JSON null value. By default, fields with empty values are
  1271  	// omitted from API requests. See
  1272  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1273  	NullFields []string `json:"-"`
  1274  }
  1275  
  1276  func (s *EnableCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
  1277  	type NoMethod EnableCertificateAuthorityRequest
  1278  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1279  }
  1280  
  1281  // Expr: Represents a textual expression in the Common Expression Language
  1282  // (CEL) syntax. CEL is a C-like expression language. The syntax and semantics
  1283  // of CEL are documented at https://github.com/google/cel-spec. Example
  1284  // (Comparison): title: "Summary size limit" description: "Determines if a
  1285  // summary is less than 100 chars" expression: "document.summary.size() < 100"
  1286  // Example (Equality): title: "Requestor is owner" description: "Determines if
  1287  // requestor is the document owner" expression: "document.owner ==
  1288  // request.auth.claims.email" Example (Logic): title: "Public documents"
  1289  // description: "Determine whether the document should be publicly visible"
  1290  // expression: "document.type != 'private' && document.type != 'internal'"
  1291  // Example (Data Manipulation): title: "Notification string" description:
  1292  // "Create a notification string with a timestamp." expression: "'New message
  1293  // received at ' + string(document.create_time)" The exact variables and
  1294  // functions that may be referenced within an expression are determined by the
  1295  // service that evaluates it. See the service documentation for additional
  1296  // information.
  1297  type Expr struct {
  1298  	// Description: Optional. Description of the expression. This is a longer text
  1299  	// which describes the expression, e.g. when hovered over it in a UI.
  1300  	Description string `json:"description,omitempty"`
  1301  	// Expression: Textual representation of an expression in Common Expression
  1302  	// Language syntax.
  1303  	Expression string `json:"expression,omitempty"`
  1304  	// Location: Optional. String indicating the location of the expression for
  1305  	// error reporting, e.g. a file name and a position in the file.
  1306  	Location string `json:"location,omitempty"`
  1307  	// Title: Optional. Title for the expression, i.e. a short string describing
  1308  	// its purpose. This can be used e.g. in UIs which allow to enter the
  1309  	// expression.
  1310  	Title string `json:"title,omitempty"`
  1311  	// ForceSendFields is a list of field names (e.g. "Description") to
  1312  	// unconditionally include in API requests. By default, fields with empty or
  1313  	// default values are omitted from API requests. See
  1314  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1315  	// details.
  1316  	ForceSendFields []string `json:"-"`
  1317  	// NullFields is a list of field names (e.g. "Description") to include in API
  1318  	// requests with the JSON null value. By default, fields with empty values are
  1319  	// omitted from API requests. See
  1320  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1321  	NullFields []string `json:"-"`
  1322  }
  1323  
  1324  func (s *Expr) MarshalJSON() ([]byte, error) {
  1325  	type NoMethod Expr
  1326  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1327  }
  1328  
  1329  // ExtendedKeyUsageOptions: KeyUsage.ExtendedKeyUsageOptions has fields that
  1330  // correspond to certain common OIDs that could be specified as an extended key
  1331  // usage value.
  1332  type ExtendedKeyUsageOptions struct {
  1333  	// ClientAuth: Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as
  1334  	// "TLS WWW client authentication", though regularly used for non-WWW TLS.
  1335  	ClientAuth bool `json:"clientAuth,omitempty"`
  1336  	// CodeSigning: Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as
  1337  	// "Signing of downloadable executable code client authentication".
  1338  	CodeSigning bool `json:"codeSigning,omitempty"`
  1339  	// EmailProtection: Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described
  1340  	// as "Email protection".
  1341  	EmailProtection bool `json:"emailProtection,omitempty"`
  1342  	// OcspSigning: Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as
  1343  	// "Signing OCSP responses".
  1344  	OcspSigning bool `json:"ocspSigning,omitempty"`
  1345  	// ServerAuth: Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as
  1346  	// "TLS WWW server authentication", though regularly used for non-WWW TLS.
  1347  	ServerAuth bool `json:"serverAuth,omitempty"`
  1348  	// TimeStamping: Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as
  1349  	// "Binding the hash of an object to a time".
  1350  	TimeStamping bool `json:"timeStamping,omitempty"`
  1351  	// ForceSendFields is a list of field names (e.g. "ClientAuth") to
  1352  	// unconditionally include in API requests. By default, fields with empty or
  1353  	// default values are omitted from API requests. See
  1354  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1355  	// details.
  1356  	ForceSendFields []string `json:"-"`
  1357  	// NullFields is a list of field names (e.g. "ClientAuth") to include in API
  1358  	// requests with the JSON null value. By default, fields with empty values are
  1359  	// omitted from API requests. See
  1360  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1361  	NullFields []string `json:"-"`
  1362  }
  1363  
  1364  func (s *ExtendedKeyUsageOptions) MarshalJSON() ([]byte, error) {
  1365  	type NoMethod ExtendedKeyUsageOptions
  1366  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1367  }
  1368  
  1369  // FetchCaCertsRequest: Request message for
  1370  // CertificateAuthorityService.FetchCaCerts.
  1371  type FetchCaCertsRequest struct {
  1372  	// RequestId: Optional. An ID to identify requests. Specify a unique request ID
  1373  	// so that if you must retry your request, the server will know to ignore the
  1374  	// request if it has already been completed. The server will guarantee that for
  1375  	// at least 60 minutes since the first request. For example, consider a
  1376  	// situation where you make an initial request and the request times out. If
  1377  	// you make the request again with the same request ID, the server can check if
  1378  	// original operation with the same request ID was received, and if so, will
  1379  	// ignore the second request. This prevents clients from accidentally creating
  1380  	// duplicate commitments. The request ID must be a valid UUID with the
  1381  	// exception that zero UUID is not supported
  1382  	// (00000000-0000-0000-0000-000000000000).
  1383  	RequestId string `json:"requestId,omitempty"`
  1384  	// ForceSendFields is a list of field names (e.g. "RequestId") to
  1385  	// unconditionally include in API requests. By default, fields with empty or
  1386  	// default values are omitted from API requests. See
  1387  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1388  	// details.
  1389  	ForceSendFields []string `json:"-"`
  1390  	// NullFields is a list of field names (e.g. "RequestId") to include in API
  1391  	// requests with the JSON null value. By default, fields with empty values are
  1392  	// omitted from API requests. See
  1393  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1394  	NullFields []string `json:"-"`
  1395  }
  1396  
  1397  func (s *FetchCaCertsRequest) MarshalJSON() ([]byte, error) {
  1398  	type NoMethod FetchCaCertsRequest
  1399  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1400  }
  1401  
  1402  // FetchCaCertsResponse: Response message for
  1403  // CertificateAuthorityService.FetchCaCerts.
  1404  type FetchCaCertsResponse struct {
  1405  	// CaCerts: The PEM encoded CA certificate chains of all certificate
  1406  	// authorities in this CaPool in the ENABLED, DISABLED, or STAGED states.
  1407  	CaCerts []*CertChain `json:"caCerts,omitempty"`
  1408  
  1409  	// ServerResponse contains the HTTP response code and headers from the server.
  1410  	googleapi.ServerResponse `json:"-"`
  1411  	// ForceSendFields is a list of field names (e.g. "CaCerts") to unconditionally
  1412  	// include in API requests. By default, fields with empty or default values are
  1413  	// omitted from API requests. See
  1414  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1415  	// details.
  1416  	ForceSendFields []string `json:"-"`
  1417  	// NullFields is a list of field names (e.g. "CaCerts") to include in API
  1418  	// requests with the JSON null value. By default, fields with empty values are
  1419  	// omitted from API requests. See
  1420  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1421  	NullFields []string `json:"-"`
  1422  }
  1423  
  1424  func (s *FetchCaCertsResponse) MarshalJSON() ([]byte, error) {
  1425  	type NoMethod FetchCaCertsResponse
  1426  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1427  }
  1428  
  1429  // FetchCertificateAuthorityCsrResponse: Response message for
  1430  // CertificateAuthorityService.FetchCertificateAuthorityCsr.
  1431  type FetchCertificateAuthorityCsrResponse struct {
  1432  	// PemCsr: Output only. The PEM-encoded signed certificate signing request
  1433  	// (CSR).
  1434  	PemCsr string `json:"pemCsr,omitempty"`
  1435  
  1436  	// ServerResponse contains the HTTP response code and headers from the server.
  1437  	googleapi.ServerResponse `json:"-"`
  1438  	// ForceSendFields is a list of field names (e.g. "PemCsr") to unconditionally
  1439  	// include in API requests. By default, fields with empty or default values are
  1440  	// omitted from API requests. See
  1441  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1442  	// details.
  1443  	ForceSendFields []string `json:"-"`
  1444  	// NullFields is a list of field names (e.g. "PemCsr") to include in API
  1445  	// requests with the JSON null value. By default, fields with empty values are
  1446  	// omitted from API requests. See
  1447  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1448  	NullFields []string `json:"-"`
  1449  }
  1450  
  1451  func (s *FetchCertificateAuthorityCsrResponse) MarshalJSON() ([]byte, error) {
  1452  	type NoMethod FetchCertificateAuthorityCsrResponse
  1453  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1454  }
  1455  
  1456  // IssuanceModes: IssuanceModes specifies the allowed ways in which
  1457  // Certificates may be requested from this CaPool.
  1458  type IssuanceModes struct {
  1459  	// AllowConfigBasedIssuance: Optional. When true, allows callers to create
  1460  	// Certificates by specifying a CertificateConfig.
  1461  	AllowConfigBasedIssuance bool `json:"allowConfigBasedIssuance,omitempty"`
  1462  	// AllowCsrBasedIssuance: Optional. When true, allows callers to create
  1463  	// Certificates by specifying a CSR.
  1464  	AllowCsrBasedIssuance bool `json:"allowCsrBasedIssuance,omitempty"`
  1465  	// ForceSendFields is a list of field names (e.g. "AllowConfigBasedIssuance")
  1466  	// to unconditionally include in API requests. By default, fields with empty or
  1467  	// default values are omitted from API requests. See
  1468  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1469  	// details.
  1470  	ForceSendFields []string `json:"-"`
  1471  	// NullFields is a list of field names (e.g. "AllowConfigBasedIssuance") to
  1472  	// include in API requests with the JSON null value. By default, fields with
  1473  	// empty values are omitted from API requests. See
  1474  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1475  	NullFields []string `json:"-"`
  1476  }
  1477  
  1478  func (s *IssuanceModes) MarshalJSON() ([]byte, error) {
  1479  	type NoMethod IssuanceModes
  1480  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1481  }
  1482  
  1483  // IssuancePolicy: Defines controls over all certificate issuance within a
  1484  // CaPool.
  1485  type IssuancePolicy struct {
  1486  	// AllowedIssuanceModes: Optional. If specified, then only methods allowed in
  1487  	// the IssuanceModes may be used to issue Certificates.
  1488  	AllowedIssuanceModes *IssuanceModes `json:"allowedIssuanceModes,omitempty"`
  1489  	// AllowedKeyTypes: Optional. If any AllowedKeyType is specified, then the
  1490  	// certificate request's public key must match one of the key types listed
  1491  	// here. Otherwise, any key may be used.
  1492  	AllowedKeyTypes []*AllowedKeyType `json:"allowedKeyTypes,omitempty"`
  1493  	// BaselineValues: Optional. A set of X.509 values that will be applied to all
  1494  	// certificates issued through this CaPool. If a certificate request includes
  1495  	// conflicting values for the same properties, they will be overwritten by the
  1496  	// values defined here. If a certificate request uses a CertificateTemplate
  1497  	// that defines conflicting predefined_values for the same properties, the
  1498  	// certificate issuance request will fail.
  1499  	BaselineValues *X509Parameters `json:"baselineValues,omitempty"`
  1500  	// IdentityConstraints: Optional. Describes constraints on identities that may
  1501  	// appear in Certificates issued through this CaPool. If this is omitted, then
  1502  	// this CaPool will not add restrictions on a certificate's identity.
  1503  	IdentityConstraints *CertificateIdentityConstraints `json:"identityConstraints,omitempty"`
  1504  	// MaximumLifetime: Optional. The maximum lifetime allowed for issued
  1505  	// Certificates. Note that if the issuing CertificateAuthority expires before a
  1506  	// Certificate resource's requested maximum_lifetime, the effective lifetime
  1507  	// will be explicitly truncated to match it.
  1508  	MaximumLifetime string `json:"maximumLifetime,omitempty"`
  1509  	// PassthroughExtensions: Optional. Describes the set of X.509 extensions that
  1510  	// may appear in a Certificate issued through this CaPool. If a certificate
  1511  	// request sets extensions that don't appear in the passthrough_extensions,
  1512  	// those extensions will be dropped. If a certificate request uses a
  1513  	// CertificateTemplate with predefined_values that don't appear here, the
  1514  	// certificate issuance request will fail. If this is omitted, then this CaPool
  1515  	// will not add restrictions on a certificate's X.509 extensions. These
  1516  	// constraints do not apply to X.509 extensions set in this CaPool's
  1517  	// baseline_values.
  1518  	PassthroughExtensions *CertificateExtensionConstraints `json:"passthroughExtensions,omitempty"`
  1519  	// ForceSendFields is a list of field names (e.g. "AllowedIssuanceModes") to
  1520  	// unconditionally include in API requests. By default, fields with empty or
  1521  	// default values are omitted from API requests. See
  1522  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1523  	// details.
  1524  	ForceSendFields []string `json:"-"`
  1525  	// NullFields is a list of field names (e.g. "AllowedIssuanceModes") to include
  1526  	// in API requests with the JSON null value. By default, fields with empty
  1527  	// values are omitted from API requests. See
  1528  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1529  	NullFields []string `json:"-"`
  1530  }
  1531  
  1532  func (s *IssuancePolicy) MarshalJSON() ([]byte, error) {
  1533  	type NoMethod IssuancePolicy
  1534  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1535  }
  1536  
  1537  // KeyId: A KeyId identifies a specific public key, usually by hashing the
  1538  // public key.
  1539  type KeyId struct {
  1540  	// KeyId: Optional. The value of this KeyId encoded in lowercase hexadecimal.
  1541  	// This is most likely the 160 bit SHA-1 hash of the public key.
  1542  	KeyId string `json:"keyId,omitempty"`
  1543  	// ForceSendFields is a list of field names (e.g. "KeyId") to unconditionally
  1544  	// include in API requests. By default, fields with empty or default values are
  1545  	// omitted from API requests. See
  1546  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1547  	// details.
  1548  	ForceSendFields []string `json:"-"`
  1549  	// NullFields is a list of field names (e.g. "KeyId") to include in API
  1550  	// requests with the JSON null value. By default, fields with empty values are
  1551  	// omitted from API requests. See
  1552  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1553  	NullFields []string `json:"-"`
  1554  }
  1555  
  1556  func (s *KeyId) MarshalJSON() ([]byte, error) {
  1557  	type NoMethod KeyId
  1558  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1559  }
  1560  
  1561  // KeyUsage: A KeyUsage describes key usage values that may appear in an X.509
  1562  // certificate.
  1563  type KeyUsage struct {
  1564  	// BaseKeyUsage: Describes high-level ways in which a key may be used.
  1565  	BaseKeyUsage *KeyUsageOptions `json:"baseKeyUsage,omitempty"`
  1566  	// ExtendedKeyUsage: Detailed scenarios in which a key may be used.
  1567  	ExtendedKeyUsage *ExtendedKeyUsageOptions `json:"extendedKeyUsage,omitempty"`
  1568  	// UnknownExtendedKeyUsages: Used to describe extended key usages that are not
  1569  	// listed in the KeyUsage.ExtendedKeyUsageOptions message.
  1570  	UnknownExtendedKeyUsages []*ObjectId `json:"unknownExtendedKeyUsages,omitempty"`
  1571  	// ForceSendFields is a list of field names (e.g. "BaseKeyUsage") to
  1572  	// unconditionally include in API requests. By default, fields with empty or
  1573  	// default values are omitted from API requests. See
  1574  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1575  	// details.
  1576  	ForceSendFields []string `json:"-"`
  1577  	// NullFields is a list of field names (e.g. "BaseKeyUsage") to include in API
  1578  	// requests with the JSON null value. By default, fields with empty values are
  1579  	// omitted from API requests. See
  1580  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1581  	NullFields []string `json:"-"`
  1582  }
  1583  
  1584  func (s *KeyUsage) MarshalJSON() ([]byte, error) {
  1585  	type NoMethod KeyUsage
  1586  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1587  }
  1588  
  1589  // KeyUsageOptions: KeyUsage.KeyUsageOptions corresponds to the key usage
  1590  // values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.
  1591  type KeyUsageOptions struct {
  1592  	// CertSign: The key may be used to sign certificates.
  1593  	CertSign bool `json:"certSign,omitempty"`
  1594  	// ContentCommitment: The key may be used for cryptographic commitments. Note
  1595  	// that this may also be referred to as "non-repudiation".
  1596  	ContentCommitment bool `json:"contentCommitment,omitempty"`
  1597  	// CrlSign: The key may be used sign certificate revocation lists.
  1598  	CrlSign bool `json:"crlSign,omitempty"`
  1599  	// DataEncipherment: The key may be used to encipher data.
  1600  	DataEncipherment bool `json:"dataEncipherment,omitempty"`
  1601  	// DecipherOnly: The key may be used to decipher only.
  1602  	DecipherOnly bool `json:"decipherOnly,omitempty"`
  1603  	// DigitalSignature: The key may be used for digital signatures.
  1604  	DigitalSignature bool `json:"digitalSignature,omitempty"`
  1605  	// EncipherOnly: The key may be used to encipher only.
  1606  	EncipherOnly bool `json:"encipherOnly,omitempty"`
  1607  	// KeyAgreement: The key may be used in a key agreement protocol.
  1608  	KeyAgreement bool `json:"keyAgreement,omitempty"`
  1609  	// KeyEncipherment: The key may be used to encipher other keys.
  1610  	KeyEncipherment bool `json:"keyEncipherment,omitempty"`
  1611  	// ForceSendFields is a list of field names (e.g. "CertSign") to
  1612  	// unconditionally include in API requests. By default, fields with empty or
  1613  	// default values are omitted from API requests. See
  1614  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1615  	// details.
  1616  	ForceSendFields []string `json:"-"`
  1617  	// NullFields is a list of field names (e.g. "CertSign") to include in API
  1618  	// requests with the JSON null value. By default, fields with empty values are
  1619  	// omitted from API requests. See
  1620  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1621  	NullFields []string `json:"-"`
  1622  }
  1623  
  1624  func (s *KeyUsageOptions) MarshalJSON() ([]byte, error) {
  1625  	type NoMethod KeyUsageOptions
  1626  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1627  }
  1628  
  1629  // KeyVersionSpec: A Cloud KMS key configuration that a CertificateAuthority
  1630  // will use.
  1631  type KeyVersionSpec struct {
  1632  	// Algorithm: The algorithm to use for creating a managed Cloud KMS key for a
  1633  	// for a simplified experience. All managed keys will be have their
  1634  	// ProtectionLevel as `HSM`.
  1635  	//
  1636  	// Possible values:
  1637  	//   "SIGN_HASH_ALGORITHM_UNSPECIFIED" - Not specified.
  1638  	//   "RSA_PSS_2048_SHA256" - maps to
  1639  	// CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
  1640  	//   "RSA_PSS_3072_SHA256" - maps to CryptoKeyVersionAlgorithm.
  1641  	// RSA_SIGN_PSS_3072_SHA256
  1642  	//   "RSA_PSS_4096_SHA256" - maps to
  1643  	// CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
  1644  	//   "RSA_PKCS1_2048_SHA256" - maps to
  1645  	// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
  1646  	//   "RSA_PKCS1_3072_SHA256" - maps to
  1647  	// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
  1648  	//   "RSA_PKCS1_4096_SHA256" - maps to
  1649  	// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
  1650  	//   "EC_P256_SHA256" - maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
  1651  	//   "EC_P384_SHA384" - maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
  1652  	Algorithm string `json:"algorithm,omitempty"`
  1653  	// CloudKmsKeyVersion: The resource name for an existing Cloud KMS
  1654  	// CryptoKeyVersion in the format
  1655  	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This
  1656  	// option enables full flexibility in the key's capabilities and properties.
  1657  	CloudKmsKeyVersion string `json:"cloudKmsKeyVersion,omitempty"`
  1658  	// ForceSendFields is a list of field names (e.g. "Algorithm") to
  1659  	// unconditionally include in API requests. By default, fields with empty or
  1660  	// default values are omitted from API requests. See
  1661  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1662  	// details.
  1663  	ForceSendFields []string `json:"-"`
  1664  	// NullFields is a list of field names (e.g. "Algorithm") to include in API
  1665  	// requests with the JSON null value. By default, fields with empty values are
  1666  	// omitted from API requests. See
  1667  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1668  	NullFields []string `json:"-"`
  1669  }
  1670  
  1671  func (s *KeyVersionSpec) MarshalJSON() ([]byte, error) {
  1672  	type NoMethod KeyVersionSpec
  1673  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1674  }
  1675  
  1676  // ListCaPoolsResponse: Response message for
  1677  // CertificateAuthorityService.ListCaPools.
  1678  type ListCaPoolsResponse struct {
  1679  	// CaPools: The list of CaPools.
  1680  	CaPools []*CaPool `json:"caPools,omitempty"`
  1681  	// NextPageToken: A token to retrieve next page of results. Pass this value in
  1682  	// ListCertificateAuthoritiesRequest.next_page_token to retrieve the next page
  1683  	// of results.
  1684  	NextPageToken string `json:"nextPageToken,omitempty"`
  1685  	// Unreachable: A list of locations (e.g. "us-west1") that could not be
  1686  	// reached.
  1687  	Unreachable []string `json:"unreachable,omitempty"`
  1688  
  1689  	// ServerResponse contains the HTTP response code and headers from the server.
  1690  	googleapi.ServerResponse `json:"-"`
  1691  	// ForceSendFields is a list of field names (e.g. "CaPools") to unconditionally
  1692  	// include in API requests. By default, fields with empty or default values are
  1693  	// omitted from API requests. See
  1694  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1695  	// details.
  1696  	ForceSendFields []string `json:"-"`
  1697  	// NullFields is a list of field names (e.g. "CaPools") to include in API
  1698  	// requests with the JSON null value. By default, fields with empty values are
  1699  	// omitted from API requests. See
  1700  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1701  	NullFields []string `json:"-"`
  1702  }
  1703  
  1704  func (s *ListCaPoolsResponse) MarshalJSON() ([]byte, error) {
  1705  	type NoMethod ListCaPoolsResponse
  1706  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1707  }
  1708  
  1709  // ListCertificateAuthoritiesResponse: Response message for
  1710  // CertificateAuthorityService.ListCertificateAuthorities.
  1711  type ListCertificateAuthoritiesResponse struct {
  1712  	// CertificateAuthorities: The list of CertificateAuthorities.
  1713  	CertificateAuthorities []*CertificateAuthority `json:"certificateAuthorities,omitempty"`
  1714  	// NextPageToken: A token to retrieve next page of results. Pass this value in
  1715  	// ListCertificateAuthoritiesRequest.next_page_token to retrieve the next page
  1716  	// of results.
  1717  	NextPageToken string `json:"nextPageToken,omitempty"`
  1718  	// Unreachable: A list of locations (e.g. "us-west1") that could not be
  1719  	// reached.
  1720  	Unreachable []string `json:"unreachable,omitempty"`
  1721  
  1722  	// ServerResponse contains the HTTP response code and headers from the server.
  1723  	googleapi.ServerResponse `json:"-"`
  1724  	// ForceSendFields is a list of field names (e.g. "CertificateAuthorities") to
  1725  	// unconditionally include in API requests. By default, fields with empty or
  1726  	// default values are omitted from API requests. See
  1727  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1728  	// details.
  1729  	ForceSendFields []string `json:"-"`
  1730  	// NullFields is a list of field names (e.g. "CertificateAuthorities") to
  1731  	// include in API requests with the JSON null value. By default, fields with
  1732  	// empty values are omitted from API requests. See
  1733  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1734  	NullFields []string `json:"-"`
  1735  }
  1736  
  1737  func (s *ListCertificateAuthoritiesResponse) MarshalJSON() ([]byte, error) {
  1738  	type NoMethod ListCertificateAuthoritiesResponse
  1739  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1740  }
  1741  
  1742  // ListCertificateRevocationListsResponse: Response message for
  1743  // CertificateAuthorityService.ListCertificateRevocationLists.
  1744  type ListCertificateRevocationListsResponse struct {
  1745  	// CertificateRevocationLists: The list of CertificateRevocationLists.
  1746  	CertificateRevocationLists []*CertificateRevocationList `json:"certificateRevocationLists,omitempty"`
  1747  	// NextPageToken: A token to retrieve next page of results. Pass this value in
  1748  	// ListCertificateRevocationListsRequest.next_page_token to retrieve the next
  1749  	// page of results.
  1750  	NextPageToken string `json:"nextPageToken,omitempty"`
  1751  	// Unreachable: A list of locations (e.g. "us-west1") that could not be
  1752  	// reached.
  1753  	Unreachable []string `json:"unreachable,omitempty"`
  1754  
  1755  	// ServerResponse contains the HTTP response code and headers from the server.
  1756  	googleapi.ServerResponse `json:"-"`
  1757  	// ForceSendFields is a list of field names (e.g. "CertificateRevocationLists")
  1758  	// to unconditionally include in API requests. By default, fields with empty or
  1759  	// default values are omitted from API requests. See
  1760  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1761  	// details.
  1762  	ForceSendFields []string `json:"-"`
  1763  	// NullFields is a list of field names (e.g. "CertificateRevocationLists") to
  1764  	// include in API requests with the JSON null value. By default, fields with
  1765  	// empty values are omitted from API requests. See
  1766  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1767  	NullFields []string `json:"-"`
  1768  }
  1769  
  1770  func (s *ListCertificateRevocationListsResponse) MarshalJSON() ([]byte, error) {
  1771  	type NoMethod ListCertificateRevocationListsResponse
  1772  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1773  }
  1774  
  1775  // ListCertificateTemplatesResponse: Response message for
  1776  // CertificateAuthorityService.ListCertificateTemplates.
  1777  type ListCertificateTemplatesResponse struct {
  1778  	// CertificateTemplates: The list of CertificateTemplates.
  1779  	CertificateTemplates []*CertificateTemplate `json:"certificateTemplates,omitempty"`
  1780  	// NextPageToken: A token to retrieve next page of results. Pass this value in
  1781  	// ListCertificateTemplatesRequest.next_page_token to retrieve the next page of
  1782  	// results.
  1783  	NextPageToken string `json:"nextPageToken,omitempty"`
  1784  	// Unreachable: A list of locations (e.g. "us-west1") that could not be
  1785  	// reached.
  1786  	Unreachable []string `json:"unreachable,omitempty"`
  1787  
  1788  	// ServerResponse contains the HTTP response code and headers from the server.
  1789  	googleapi.ServerResponse `json:"-"`
  1790  	// ForceSendFields is a list of field names (e.g. "CertificateTemplates") to
  1791  	// unconditionally include in API requests. By default, fields with empty or
  1792  	// default values are omitted from API requests. See
  1793  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1794  	// details.
  1795  	ForceSendFields []string `json:"-"`
  1796  	// NullFields is a list of field names (e.g. "CertificateTemplates") to include
  1797  	// in API requests with the JSON null value. By default, fields with empty
  1798  	// values are omitted from API requests. See
  1799  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1800  	NullFields []string `json:"-"`
  1801  }
  1802  
  1803  func (s *ListCertificateTemplatesResponse) MarshalJSON() ([]byte, error) {
  1804  	type NoMethod ListCertificateTemplatesResponse
  1805  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1806  }
  1807  
  1808  // ListCertificatesResponse: Response message for
  1809  // CertificateAuthorityService.ListCertificates.
  1810  type ListCertificatesResponse struct {
  1811  	// Certificates: The list of Certificates.
  1812  	Certificates []*Certificate `json:"certificates,omitempty"`
  1813  	// NextPageToken: A token to retrieve next page of results. Pass this value in
  1814  	// ListCertificatesRequest.next_page_token to retrieve the next page of
  1815  	// results.
  1816  	NextPageToken string `json:"nextPageToken,omitempty"`
  1817  	// Unreachable: A list of locations (e.g. "us-west1") that could not be
  1818  	// reached.
  1819  	Unreachable []string `json:"unreachable,omitempty"`
  1820  
  1821  	// ServerResponse contains the HTTP response code and headers from the server.
  1822  	googleapi.ServerResponse `json:"-"`
  1823  	// ForceSendFields is a list of field names (e.g. "Certificates") to
  1824  	// unconditionally include in API requests. By default, fields with empty or
  1825  	// default values are omitted from API requests. See
  1826  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1827  	// details.
  1828  	ForceSendFields []string `json:"-"`
  1829  	// NullFields is a list of field names (e.g. "Certificates") to include in API
  1830  	// requests with the JSON null value. By default, fields with empty values are
  1831  	// omitted from API requests. See
  1832  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1833  	NullFields []string `json:"-"`
  1834  }
  1835  
  1836  func (s *ListCertificatesResponse) MarshalJSON() ([]byte, error) {
  1837  	type NoMethod ListCertificatesResponse
  1838  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1839  }
  1840  
  1841  // ListLocationsResponse: The response message for Locations.ListLocations.
  1842  type ListLocationsResponse struct {
  1843  	// Locations: A list of locations that matches the specified filter in the
  1844  	// request.
  1845  	Locations []*Location `json:"locations,omitempty"`
  1846  	// NextPageToken: The standard List next-page token.
  1847  	NextPageToken string `json:"nextPageToken,omitempty"`
  1848  
  1849  	// ServerResponse contains the HTTP response code and headers from the server.
  1850  	googleapi.ServerResponse `json:"-"`
  1851  	// ForceSendFields is a list of field names (e.g. "Locations") to
  1852  	// unconditionally include in API requests. By default, fields with empty or
  1853  	// default values are omitted from API requests. See
  1854  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1855  	// details.
  1856  	ForceSendFields []string `json:"-"`
  1857  	// NullFields is a list of field names (e.g. "Locations") to include in API
  1858  	// requests with the JSON null value. By default, fields with empty values are
  1859  	// omitted from API requests. See
  1860  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1861  	NullFields []string `json:"-"`
  1862  }
  1863  
  1864  func (s *ListLocationsResponse) MarshalJSON() ([]byte, error) {
  1865  	type NoMethod ListLocationsResponse
  1866  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1867  }
  1868  
  1869  // ListOperationsResponse: The response message for Operations.ListOperations.
  1870  type ListOperationsResponse struct {
  1871  	// NextPageToken: The standard List next-page token.
  1872  	NextPageToken string `json:"nextPageToken,omitempty"`
  1873  	// Operations: A list of operations that matches the specified filter in the
  1874  	// request.
  1875  	Operations []*Operation `json:"operations,omitempty"`
  1876  
  1877  	// ServerResponse contains the HTTP response code and headers from the server.
  1878  	googleapi.ServerResponse `json:"-"`
  1879  	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
  1880  	// unconditionally include in API requests. By default, fields with empty or
  1881  	// default values are omitted from API requests. See
  1882  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1883  	// details.
  1884  	ForceSendFields []string `json:"-"`
  1885  	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
  1886  	// requests with the JSON null value. By default, fields with empty values are
  1887  	// omitted from API requests. See
  1888  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1889  	NullFields []string `json:"-"`
  1890  }
  1891  
  1892  func (s *ListOperationsResponse) MarshalJSON() ([]byte, error) {
  1893  	type NoMethod ListOperationsResponse
  1894  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1895  }
  1896  
  1897  // Location: A resource that represents a Google Cloud location.
  1898  type Location struct {
  1899  	// DisplayName: The friendly name for this location, typically a nearby city
  1900  	// name. For example, "Tokyo".
  1901  	DisplayName string `json:"displayName,omitempty"`
  1902  	// Labels: Cross-service attributes for the location. For example
  1903  	// {"cloud.googleapis.com/region": "us-east1"}
  1904  	Labels map[string]string `json:"labels,omitempty"`
  1905  	// LocationId: The canonical id for this location. For example: "us-east1".
  1906  	LocationId string `json:"locationId,omitempty"`
  1907  	// Metadata: Service-specific metadata. For example the available capacity at
  1908  	// the given location.
  1909  	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
  1910  	// Name: Resource name for the location, which may vary between
  1911  	// implementations. For example:
  1912  	// "projects/example-project/locations/us-east1"
  1913  	Name string `json:"name,omitempty"`
  1914  
  1915  	// ServerResponse contains the HTTP response code and headers from the server.
  1916  	googleapi.ServerResponse `json:"-"`
  1917  	// ForceSendFields is a list of field names (e.g. "DisplayName") to
  1918  	// unconditionally include in API requests. By default, fields with empty or
  1919  	// default values are omitted from API requests. See
  1920  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1921  	// details.
  1922  	ForceSendFields []string `json:"-"`
  1923  	// NullFields is a list of field names (e.g. "DisplayName") to include in API
  1924  	// requests with the JSON null value. By default, fields with empty values are
  1925  	// omitted from API requests. See
  1926  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1927  	NullFields []string `json:"-"`
  1928  }
  1929  
  1930  func (s *Location) MarshalJSON() ([]byte, error) {
  1931  	type NoMethod Location
  1932  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1933  }
  1934  
  1935  // NameConstraints: Describes the X.509 name constraints extension, per
  1936  // https://tools.ietf.org/html/rfc5280#section-4.2.1.10
  1937  type NameConstraints struct {
  1938  	// Critical: Indicates whether or not the name constraints are marked critical.
  1939  	Critical bool `json:"critical,omitempty"`
  1940  	// ExcludedDnsNames: Contains excluded DNS names. Any DNS name that can be
  1941  	// constructed by simply adding zero or more labels to the left-hand side of
  1942  	// the name satisfies the name constraint. For example, `example.com`,
  1943  	// `www.example.com`, `www.sub.example.com` would satisfy `example.com` while
  1944  	// `example1.com` does not.
  1945  	ExcludedDnsNames []string `json:"excludedDnsNames,omitempty"`
  1946  	// ExcludedEmailAddresses: Contains the excluded email addresses. The value can
  1947  	// be a particular email address, a hostname to indicate all email addresses on
  1948  	// that host or a domain with a leading period (e.g. `.example.com`) to
  1949  	// indicate all email addresses in that domain.
  1950  	ExcludedEmailAddresses []string `json:"excludedEmailAddresses,omitempty"`
  1951  	// ExcludedIpRanges: Contains the excluded IP ranges. For IPv4 addresses, the
  1952  	// ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6
  1953  	// addresses, the ranges are expressed in similar encoding as IPv4 addresses.
  1954  	ExcludedIpRanges []string `json:"excludedIpRanges,omitempty"`
  1955  	// ExcludedUris: Contains the excluded URIs that apply to the host part of the
  1956  	// name. The value can be a hostname or a domain with a leading period (like
  1957  	// `.example.com`)
  1958  	ExcludedUris []string `json:"excludedUris,omitempty"`
  1959  	// PermittedDnsNames: Contains permitted DNS names. Any DNS name that can be
  1960  	// constructed by simply adding zero or more labels to the left-hand side of
  1961  	// the name satisfies the name constraint. For example, `example.com`,
  1962  	// `www.example.com`, `www.sub.example.com` would satisfy `example.com` while
  1963  	// `example1.com` does not.
  1964  	PermittedDnsNames []string `json:"permittedDnsNames,omitempty"`
  1965  	// PermittedEmailAddresses: Contains the permitted email addresses. The value
  1966  	// can be a particular email address, a hostname to indicate all email
  1967  	// addresses on that host or a domain with a leading period (e.g.
  1968  	// `.example.com`) to indicate all email addresses in that domain.
  1969  	PermittedEmailAddresses []string `json:"permittedEmailAddresses,omitempty"`
  1970  	// PermittedIpRanges: Contains the permitted IP ranges. For IPv4 addresses, the
  1971  	// ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6
  1972  	// addresses, the ranges are expressed in similar encoding as IPv4 addresses.
  1973  	PermittedIpRanges []string `json:"permittedIpRanges,omitempty"`
  1974  	// PermittedUris: Contains the permitted URIs that apply to the host part of
  1975  	// the name. The value can be a hostname or a domain with a leading period
  1976  	// (like `.example.com`)
  1977  	PermittedUris []string `json:"permittedUris,omitempty"`
  1978  	// ForceSendFields is a list of field names (e.g. "Critical") to
  1979  	// unconditionally include in API requests. By default, fields with empty or
  1980  	// default values are omitted from API requests. See
  1981  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  1982  	// details.
  1983  	ForceSendFields []string `json:"-"`
  1984  	// NullFields is a list of field names (e.g. "Critical") to include in API
  1985  	// requests with the JSON null value. By default, fields with empty values are
  1986  	// omitted from API requests. See
  1987  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  1988  	NullFields []string `json:"-"`
  1989  }
  1990  
  1991  func (s *NameConstraints) MarshalJSON() ([]byte, error) {
  1992  	type NoMethod NameConstraints
  1993  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  1994  }
  1995  
  1996  // ObjectId: An ObjectId specifies an object identifier (OID). These provide
  1997  // context and describe types in ASN.1 messages.
  1998  type ObjectId struct {
  1999  	// ObjectIdPath: Required. The parts of an OID path. The most significant parts
  2000  	// of the path come first.
  2001  	ObjectIdPath []int64 `json:"objectIdPath,omitempty"`
  2002  	// ForceSendFields is a list of field names (e.g. "ObjectIdPath") to
  2003  	// unconditionally include in API requests. By default, fields with empty or
  2004  	// default values are omitted from API requests. See
  2005  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2006  	// details.
  2007  	ForceSendFields []string `json:"-"`
  2008  	// NullFields is a list of field names (e.g. "ObjectIdPath") to include in API
  2009  	// requests with the JSON null value. By default, fields with empty values are
  2010  	// omitted from API requests. See
  2011  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2012  	NullFields []string `json:"-"`
  2013  }
  2014  
  2015  func (s *ObjectId) MarshalJSON() ([]byte, error) {
  2016  	type NoMethod ObjectId
  2017  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2018  }
  2019  
  2020  // Operation: This resource represents a long-running operation that is the
  2021  // result of a network API call.
  2022  type Operation struct {
  2023  	// Done: If the value is `false`, it means the operation is still in progress.
  2024  	// If `true`, the operation is completed, and either `error` or `response` is
  2025  	// available.
  2026  	Done bool `json:"done,omitempty"`
  2027  	// Error: The error result of the operation in case of failure or cancellation.
  2028  	Error *Status `json:"error,omitempty"`
  2029  	// Metadata: Service-specific metadata associated with the operation. It
  2030  	// typically contains progress information and common metadata such as create
  2031  	// time. Some services might not provide such metadata. Any method that returns
  2032  	// a long-running operation should document the metadata type, if any.
  2033  	Metadata googleapi.RawMessage `json:"metadata,omitempty"`
  2034  	// Name: The server-assigned name, which is only unique within the same service
  2035  	// that originally returns it. If you use the default HTTP mapping, the `name`
  2036  	// should be a resource name ending with `operations/{unique_id}`.
  2037  	Name string `json:"name,omitempty"`
  2038  	// Response: The normal, successful response of the operation. If the original
  2039  	// method returns no data on success, such as `Delete`, the response is
  2040  	// `google.protobuf.Empty`. If the original method is standard
  2041  	// `Get`/`Create`/`Update`, the response should be the resource. For other
  2042  	// methods, the response should have the type `XxxResponse`, where `Xxx` is the
  2043  	// original method name. For example, if the original method name is
  2044  	// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
  2045  	Response googleapi.RawMessage `json:"response,omitempty"`
  2046  
  2047  	// ServerResponse contains the HTTP response code and headers from the server.
  2048  	googleapi.ServerResponse `json:"-"`
  2049  	// ForceSendFields is a list of field names (e.g. "Done") to unconditionally
  2050  	// include in API requests. By default, fields with empty or default values are
  2051  	// omitted from API requests. See
  2052  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2053  	// details.
  2054  	ForceSendFields []string `json:"-"`
  2055  	// NullFields is a list of field names (e.g. "Done") to include in API requests
  2056  	// with the JSON null value. By default, fields with empty values are omitted
  2057  	// from API requests. See
  2058  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2059  	NullFields []string `json:"-"`
  2060  }
  2061  
  2062  func (s *Operation) MarshalJSON() ([]byte, error) {
  2063  	type NoMethod Operation
  2064  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2065  }
  2066  
  2067  // OperationMetadata: Represents the metadata of the long-running operation.
  2068  type OperationMetadata struct {
  2069  	// ApiVersion: Output only. API version used to start the operation.
  2070  	ApiVersion string `json:"apiVersion,omitempty"`
  2071  	// CreateTime: Output only. The time the operation was created.
  2072  	CreateTime string `json:"createTime,omitempty"`
  2073  	// EndTime: Output only. The time the operation finished running.
  2074  	EndTime string `json:"endTime,omitempty"`
  2075  	// RequestedCancellation: Output only. Identifies whether the user has
  2076  	// requested cancellation of the operation. Operations that have successfully
  2077  	// been cancelled have Operation.error value with a google.rpc.Status.code of
  2078  	// 1, corresponding to `Code.CANCELLED`.
  2079  	RequestedCancellation bool `json:"requestedCancellation,omitempty"`
  2080  	// StatusMessage: Output only. Human-readable status of the operation, if any.
  2081  	StatusMessage string `json:"statusMessage,omitempty"`
  2082  	// Target: Output only. Server-defined resource path for the target of the
  2083  	// operation.
  2084  	Target string `json:"target,omitempty"`
  2085  	// Verb: Output only. Name of the verb executed by the operation.
  2086  	Verb string `json:"verb,omitempty"`
  2087  	// ForceSendFields is a list of field names (e.g. "ApiVersion") to
  2088  	// unconditionally include in API requests. By default, fields with empty or
  2089  	// default values are omitted from API requests. See
  2090  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2091  	// details.
  2092  	ForceSendFields []string `json:"-"`
  2093  	// NullFields is a list of field names (e.g. "ApiVersion") to include in API
  2094  	// requests with the JSON null value. By default, fields with empty values are
  2095  	// omitted from API requests. See
  2096  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2097  	NullFields []string `json:"-"`
  2098  }
  2099  
  2100  func (s *OperationMetadata) MarshalJSON() ([]byte, error) {
  2101  	type NoMethod OperationMetadata
  2102  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2103  }
  2104  
  2105  // Policy: An Identity and Access Management (IAM) policy, which specifies
  2106  // access controls for Google Cloud resources. A `Policy` is a collection of
  2107  // `bindings`. A `binding` binds one or more `members`, or principals, to a
  2108  // single `role`. Principals can be user accounts, service accounts, Google
  2109  // groups, and domains (such as G Suite). A `role` is a named list of
  2110  // permissions; each `role` can be an IAM predefined role or a user-created
  2111  // custom role. For some types of Google Cloud resources, a `binding` can also
  2112  // specify a `condition`, which is a logical expression that allows access to a
  2113  // resource only if the expression evaluates to `true`. A condition can add
  2114  // constraints based on attributes of the request, the resource, or both. To
  2115  // learn which resources support conditions in their IAM policies, see the IAM
  2116  // documentation
  2117  // (https://cloud.google.com/iam/help/conditions/resource-policies). **JSON
  2118  // example:** ``` { "bindings": [ { "role":
  2119  // "roles/resourcemanager.organizationAdmin", "members": [
  2120  // "user:mike@example.com", "group:admins@example.com", "domain:google.com",
  2121  // "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role":
  2122  // "roles/resourcemanager.organizationViewer", "members": [
  2123  // "user:eve@example.com" ], "condition": { "title": "expirable access",
  2124  // "description": "Does not grant access after Sep 2020", "expression":
  2125  // "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag":
  2126  // "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: -
  2127  // members: - user:mike@example.com - group:admins@example.com -
  2128  // domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
  2129  // role: roles/resourcemanager.organizationAdmin - members: -
  2130  // user:eve@example.com role: roles/resourcemanager.organizationViewer
  2131  // condition: title: expirable access description: Does not grant access after
  2132  // Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
  2133  // etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features,
  2134  // see the IAM documentation (https://cloud.google.com/iam/docs/).
  2135  type Policy struct {
  2136  	// AuditConfigs: Specifies cloud audit logging configuration for this policy.
  2137  	AuditConfigs []*AuditConfig `json:"auditConfigs,omitempty"`
  2138  	// Bindings: Associates a list of `members`, or principals, with a `role`.
  2139  	// Optionally, may specify a `condition` that determines how and when the
  2140  	// `bindings` are applied. Each of the `bindings` must contain at least one
  2141  	// principal. The `bindings` in a `Policy` can refer to up to 1,500 principals;
  2142  	// up to 250 of these principals can be Google groups. Each occurrence of a
  2143  	// principal counts towards these limits. For example, if the `bindings` grant
  2144  	// 50 different roles to `user:alice@example.com`, and not to any other
  2145  	// principal, then you can add another 1,450 principals to the `bindings` in
  2146  	// the `Policy`.
  2147  	Bindings []*Binding `json:"bindings,omitempty"`
  2148  	// Etag: `etag` is used for optimistic concurrency control as a way to help
  2149  	// prevent simultaneous updates of a policy from overwriting each other. It is
  2150  	// strongly suggested that systems make use of the `etag` in the
  2151  	// read-modify-write cycle to perform policy updates in order to avoid race
  2152  	// conditions: An `etag` is returned in the response to `getIamPolicy`, and
  2153  	// systems are expected to put that etag in the request to `setIamPolicy` to
  2154  	// ensure that their change will be applied to the same version of the policy.
  2155  	// **Important:** If you use IAM Conditions, you must include the `etag` field
  2156  	// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
  2157  	// you to overwrite a version `3` policy with a version `1` policy, and all of
  2158  	// the conditions in the version `3` policy are lost.
  2159  	Etag string `json:"etag,omitempty"`
  2160  	// Version: Specifies the format of the policy. Valid values are `0`, `1`, and
  2161  	// `3`. Requests that specify an invalid value are rejected. Any operation that
  2162  	// affects conditional role bindings must specify version `3`. This requirement
  2163  	// applies to the following operations: * Getting a policy that includes a
  2164  	// conditional role binding * Adding a conditional role binding to a policy *
  2165  	// Changing a conditional role binding in a policy * Removing any role binding,
  2166  	// with or without a condition, from a policy that includes conditions
  2167  	// **Important:** If you use IAM Conditions, you must include the `etag` field
  2168  	// whenever you call `setIamPolicy`. If you omit this field, then IAM allows
  2169  	// you to overwrite a version `3` policy with a version `1` policy, and all of
  2170  	// the conditions in the version `3` policy are lost. If a policy does not
  2171  	// include any conditions, operations on that policy may specify any valid
  2172  	// version or leave the field unset. To learn which resources support
  2173  	// conditions in their IAM policies, see the IAM documentation
  2174  	// (https://cloud.google.com/iam/help/conditions/resource-policies).
  2175  	Version int64 `json:"version,omitempty"`
  2176  
  2177  	// ServerResponse contains the HTTP response code and headers from the server.
  2178  	googleapi.ServerResponse `json:"-"`
  2179  	// ForceSendFields is a list of field names (e.g. "AuditConfigs") to
  2180  	// unconditionally include in API requests. By default, fields with empty or
  2181  	// default values are omitted from API requests. See
  2182  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2183  	// details.
  2184  	ForceSendFields []string `json:"-"`
  2185  	// NullFields is a list of field names (e.g. "AuditConfigs") to include in API
  2186  	// requests with the JSON null value. By default, fields with empty values are
  2187  	// omitted from API requests. See
  2188  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2189  	NullFields []string `json:"-"`
  2190  }
  2191  
  2192  func (s *Policy) MarshalJSON() ([]byte, error) {
  2193  	type NoMethod Policy
  2194  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2195  }
  2196  
  2197  // PublicKey: A PublicKey describes a public key.
  2198  type PublicKey struct {
  2199  	// Format: Required. The format of the public key.
  2200  	//
  2201  	// Possible values:
  2202  	//   "KEY_FORMAT_UNSPECIFIED" - Default unspecified value.
  2203  	//   "PEM" - The key is PEM-encoded as defined in [RFC
  2204  	// 7468](https://tools.ietf.org/html/rfc7468). It can be any of the following:
  2205  	// a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, an RFC 5280
  2206  	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) or a
  2207  	// PEM-encoded X.509 certificate signing request (CSR). If a
  2208  	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) is
  2209  	// specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey or a
  2210  	// NIST P-256/secp256r1/prime256v1 or P-384 key. If a CSR is specified, it will
  2211  	// used solely for the purpose of extracting the public key. When generated by
  2212  	// the service, it will always be an RFC 5280
  2213  	// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1)
  2214  	// structure containing an algorithm identifier and a key.
  2215  	Format string `json:"format,omitempty"`
  2216  	// Key: Required. A public key. The padding and encoding must match with the
  2217  	// `KeyFormat` value specified for the `format` field.
  2218  	Key string `json:"key,omitempty"`
  2219  	// ForceSendFields is a list of field names (e.g. "Format") to unconditionally
  2220  	// include in API requests. By default, fields with empty or default values are
  2221  	// omitted from API requests. See
  2222  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2223  	// details.
  2224  	ForceSendFields []string `json:"-"`
  2225  	// NullFields is a list of field names (e.g. "Format") to include in API
  2226  	// requests with the JSON null value. By default, fields with empty values are
  2227  	// omitted from API requests. See
  2228  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2229  	NullFields []string `json:"-"`
  2230  }
  2231  
  2232  func (s *PublicKey) MarshalJSON() ([]byte, error) {
  2233  	type NoMethod PublicKey
  2234  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2235  }
  2236  
  2237  // PublishingOptions: Options relating to the publication of each
  2238  // CertificateAuthority's CA certificate and CRLs and their inclusion as
  2239  // extensions in issued Certificates. The options set here apply to
  2240  // certificates issued by any CertificateAuthority in the CaPool.
  2241  type PublishingOptions struct {
  2242  	// EncodingFormat: Optional. Specifies the encoding format of each
  2243  	// CertificateAuthority resource's CA certificate and CRLs. If this is omitted,
  2244  	// CA certificates and CRLs will be published in PEM.
  2245  	//
  2246  	// Possible values:
  2247  	//   "ENCODING_FORMAT_UNSPECIFIED" - Not specified. By default, PEM format will
  2248  	// be used.
  2249  	//   "PEM" - The CertificateAuthority's CA certificate and CRLs will be
  2250  	// published in PEM format.
  2251  	//   "DER" - The CertificateAuthority's CA certificate and CRLs will be
  2252  	// published in DER format.
  2253  	EncodingFormat string `json:"encodingFormat,omitempty"`
  2254  	// PublishCaCert: Optional. When true, publishes each CertificateAuthority's CA
  2255  	// certificate and includes its URL in the "Authority Information Access" X.509
  2256  	// extension in all issued Certificates. If this is false, the CA certificate
  2257  	// will not be published and the corresponding X.509 extension will not be
  2258  	// written in issued certificates.
  2259  	PublishCaCert bool `json:"publishCaCert,omitempty"`
  2260  	// PublishCrl: Optional. When true, publishes each CertificateAuthority's CRL
  2261  	// and includes its URL in the "CRL Distribution Points" X.509 extension in all
  2262  	// issued Certificates. If this is false, CRLs will not be published and the
  2263  	// corresponding X.509 extension will not be written in issued certificates.
  2264  	// CRLs will expire 7 days from their creation. However, we will rebuild daily.
  2265  	// CRLs are also rebuilt shortly after a certificate is revoked.
  2266  	PublishCrl bool `json:"publishCrl,omitempty"`
  2267  	// ForceSendFields is a list of field names (e.g. "EncodingFormat") to
  2268  	// unconditionally include in API requests. By default, fields with empty or
  2269  	// default values are omitted from API requests. See
  2270  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2271  	// details.
  2272  	ForceSendFields []string `json:"-"`
  2273  	// NullFields is a list of field names (e.g. "EncodingFormat") to include in
  2274  	// API requests with the JSON null value. By default, fields with empty values
  2275  	// are omitted from API requests. See
  2276  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2277  	NullFields []string `json:"-"`
  2278  }
  2279  
  2280  func (s *PublishingOptions) MarshalJSON() ([]byte, error) {
  2281  	type NoMethod PublishingOptions
  2282  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2283  }
  2284  
  2285  // ReconciliationOperationMetadata: Operation metadata returned by the CLH
  2286  // during resource state reconciliation.
  2287  type ReconciliationOperationMetadata struct {
  2288  	// DeleteResource: DEPRECATED. Use exclusive_action instead.
  2289  	DeleteResource bool `json:"deleteResource,omitempty"`
  2290  	// ExclusiveAction: Excluisive action returned by the CLH.
  2291  	//
  2292  	// Possible values:
  2293  	//   "UNKNOWN_REPAIR_ACTION" - Unknown repair action.
  2294  	//   "DELETE" - The resource has to be deleted. When using this bit, the CLH
  2295  	// should fail the operation. DEPRECATED. Instead use DELETE_RESOURCE
  2296  	// OperationSignal in SideChannel.
  2297  	//   "RETRY" - This resource could not be repaired but the repair should be
  2298  	// tried again at a later time. This can happen if there is a dependency that
  2299  	// needs to be resolved first- e.g. if a parent resource must be repaired
  2300  	// before a child resource.
  2301  	ExclusiveAction string `json:"exclusiveAction,omitempty"`
  2302  	// ForceSendFields is a list of field names (e.g. "DeleteResource") to
  2303  	// unconditionally include in API requests. By default, fields with empty or
  2304  	// default values are omitted from API requests. See
  2305  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2306  	// details.
  2307  	ForceSendFields []string `json:"-"`
  2308  	// NullFields is a list of field names (e.g. "DeleteResource") to include in
  2309  	// API requests with the JSON null value. By default, fields with empty values
  2310  	// are omitted from API requests. See
  2311  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2312  	NullFields []string `json:"-"`
  2313  }
  2314  
  2315  func (s *ReconciliationOperationMetadata) MarshalJSON() ([]byte, error) {
  2316  	type NoMethod ReconciliationOperationMetadata
  2317  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2318  }
  2319  
  2320  // RevocationDetails: Describes fields that are relavent to the revocation of a
  2321  // Certificate.
  2322  type RevocationDetails struct {
  2323  	// RevocationState: Indicates why a Certificate was revoked.
  2324  	//
  2325  	// Possible values:
  2326  	//   "REVOCATION_REASON_UNSPECIFIED" - Default unspecified value. This value
  2327  	// does indicate that a Certificate has been revoked, but that a reason has not
  2328  	// been recorded.
  2329  	//   "KEY_COMPROMISE" - Key material for this Certificate may have leaked.
  2330  	//   "CERTIFICATE_AUTHORITY_COMPROMISE" - The key material for a certificate
  2331  	// authority in the issuing path may have leaked.
  2332  	//   "AFFILIATION_CHANGED" - The subject or other attributes in this
  2333  	// Certificate have changed.
  2334  	//   "SUPERSEDED" - This Certificate has been superseded.
  2335  	//   "CESSATION_OF_OPERATION" - This Certificate or entities in the issuing
  2336  	// path have ceased to operate.
  2337  	//   "CERTIFICATE_HOLD" - This Certificate should not be considered valid, it
  2338  	// is expected that it may become valid in the future.
  2339  	//   "PRIVILEGE_WITHDRAWN" - This Certificate no longer has permission to
  2340  	// assert the listed attributes.
  2341  	//   "ATTRIBUTE_AUTHORITY_COMPROMISE" - The authority which determines
  2342  	// appropriate attributes for a Certificate may have been compromised.
  2343  	RevocationState string `json:"revocationState,omitempty"`
  2344  	// RevocationTime: The time at which this Certificate was revoked.
  2345  	RevocationTime string `json:"revocationTime,omitempty"`
  2346  	// ForceSendFields is a list of field names (e.g. "RevocationState") to
  2347  	// unconditionally include in API requests. By default, fields with empty or
  2348  	// default values are omitted from API requests. See
  2349  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2350  	// details.
  2351  	ForceSendFields []string `json:"-"`
  2352  	// NullFields is a list of field names (e.g. "RevocationState") to include in
  2353  	// API requests with the JSON null value. By default, fields with empty values
  2354  	// are omitted from API requests. See
  2355  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2356  	NullFields []string `json:"-"`
  2357  }
  2358  
  2359  func (s *RevocationDetails) MarshalJSON() ([]byte, error) {
  2360  	type NoMethod RevocationDetails
  2361  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2362  }
  2363  
  2364  // RevokeCertificateRequest: Request message for
  2365  // CertificateAuthorityService.RevokeCertificate.
  2366  type RevokeCertificateRequest struct {
  2367  	// Reason: Required. The RevocationReason for revoking this certificate.
  2368  	//
  2369  	// Possible values:
  2370  	//   "REVOCATION_REASON_UNSPECIFIED" - Default unspecified value. This value
  2371  	// does indicate that a Certificate has been revoked, but that a reason has not
  2372  	// been recorded.
  2373  	//   "KEY_COMPROMISE" - Key material for this Certificate may have leaked.
  2374  	//   "CERTIFICATE_AUTHORITY_COMPROMISE" - The key material for a certificate
  2375  	// authority in the issuing path may have leaked.
  2376  	//   "AFFILIATION_CHANGED" - The subject or other attributes in this
  2377  	// Certificate have changed.
  2378  	//   "SUPERSEDED" - This Certificate has been superseded.
  2379  	//   "CESSATION_OF_OPERATION" - This Certificate or entities in the issuing
  2380  	// path have ceased to operate.
  2381  	//   "CERTIFICATE_HOLD" - This Certificate should not be considered valid, it
  2382  	// is expected that it may become valid in the future.
  2383  	//   "PRIVILEGE_WITHDRAWN" - This Certificate no longer has permission to
  2384  	// assert the listed attributes.
  2385  	//   "ATTRIBUTE_AUTHORITY_COMPROMISE" - The authority which determines
  2386  	// appropriate attributes for a Certificate may have been compromised.
  2387  	Reason string `json:"reason,omitempty"`
  2388  	// RequestId: Optional. An ID to identify requests. Specify a unique request ID
  2389  	// so that if you must retry your request, the server will know to ignore the
  2390  	// request if it has already been completed. The server will guarantee that for
  2391  	// at least 60 minutes since the first request. For example, consider a
  2392  	// situation where you make an initial request and the request times out. If
  2393  	// you make the request again with the same request ID, the server can check if
  2394  	// original operation with the same request ID was received, and if so, will
  2395  	// ignore the second request. This prevents clients from accidentally creating
  2396  	// duplicate commitments. The request ID must be a valid UUID with the
  2397  	// exception that zero UUID is not supported
  2398  	// (00000000-0000-0000-0000-000000000000).
  2399  	RequestId string `json:"requestId,omitempty"`
  2400  	// ForceSendFields is a list of field names (e.g. "Reason") to unconditionally
  2401  	// include in API requests. By default, fields with empty or default values are
  2402  	// omitted from API requests. See
  2403  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2404  	// details.
  2405  	ForceSendFields []string `json:"-"`
  2406  	// NullFields is a list of field names (e.g. "Reason") to include in API
  2407  	// requests with the JSON null value. By default, fields with empty values are
  2408  	// omitted from API requests. See
  2409  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2410  	NullFields []string `json:"-"`
  2411  }
  2412  
  2413  func (s *RevokeCertificateRequest) MarshalJSON() ([]byte, error) {
  2414  	type NoMethod RevokeCertificateRequest
  2415  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2416  }
  2417  
  2418  // RevokedCertificate: Describes a revoked Certificate.
  2419  type RevokedCertificate struct {
  2420  	// Certificate: The resource name for the Certificate in the format
  2421  	// `projects/*/locations/*/caPools/*/certificates/*`.
  2422  	Certificate string `json:"certificate,omitempty"`
  2423  	// HexSerialNumber: The serial number of the Certificate.
  2424  	HexSerialNumber string `json:"hexSerialNumber,omitempty"`
  2425  	// RevocationReason: The reason the Certificate was revoked.
  2426  	//
  2427  	// Possible values:
  2428  	//   "REVOCATION_REASON_UNSPECIFIED" - Default unspecified value. This value
  2429  	// does indicate that a Certificate has been revoked, but that a reason has not
  2430  	// been recorded.
  2431  	//   "KEY_COMPROMISE" - Key material for this Certificate may have leaked.
  2432  	//   "CERTIFICATE_AUTHORITY_COMPROMISE" - The key material for a certificate
  2433  	// authority in the issuing path may have leaked.
  2434  	//   "AFFILIATION_CHANGED" - The subject or other attributes in this
  2435  	// Certificate have changed.
  2436  	//   "SUPERSEDED" - This Certificate has been superseded.
  2437  	//   "CESSATION_OF_OPERATION" - This Certificate or entities in the issuing
  2438  	// path have ceased to operate.
  2439  	//   "CERTIFICATE_HOLD" - This Certificate should not be considered valid, it
  2440  	// is expected that it may become valid in the future.
  2441  	//   "PRIVILEGE_WITHDRAWN" - This Certificate no longer has permission to
  2442  	// assert the listed attributes.
  2443  	//   "ATTRIBUTE_AUTHORITY_COMPROMISE" - The authority which determines
  2444  	// appropriate attributes for a Certificate may have been compromised.
  2445  	RevocationReason string `json:"revocationReason,omitempty"`
  2446  	// ForceSendFields is a list of field names (e.g. "Certificate") to
  2447  	// unconditionally include in API requests. By default, fields with empty or
  2448  	// default values are omitted from API requests. See
  2449  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2450  	// details.
  2451  	ForceSendFields []string `json:"-"`
  2452  	// NullFields is a list of field names (e.g. "Certificate") to include in API
  2453  	// requests with the JSON null value. By default, fields with empty values are
  2454  	// omitted from API requests. See
  2455  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2456  	NullFields []string `json:"-"`
  2457  }
  2458  
  2459  func (s *RevokedCertificate) MarshalJSON() ([]byte, error) {
  2460  	type NoMethod RevokedCertificate
  2461  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2462  }
  2463  
  2464  // RsaKeyType: Describes an RSA key that may be used in a Certificate issued
  2465  // from a CaPool.
  2466  type RsaKeyType struct {
  2467  	// MaxModulusSize: Optional. The maximum allowed RSA modulus size (inclusive),
  2468  	// in bits. If this is not set, or if set to zero, the service will not enforce
  2469  	// an explicit upper bound on RSA modulus sizes.
  2470  	MaxModulusSize int64 `json:"maxModulusSize,omitempty,string"`
  2471  	// MinModulusSize: Optional. The minimum allowed RSA modulus size (inclusive),
  2472  	// in bits. If this is not set, or if set to zero, the service-level min RSA
  2473  	// modulus size will continue to apply.
  2474  	MinModulusSize int64 `json:"minModulusSize,omitempty,string"`
  2475  	// ForceSendFields is a list of field names (e.g. "MaxModulusSize") to
  2476  	// unconditionally include in API requests. By default, fields with empty or
  2477  	// default values are omitted from API requests. See
  2478  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2479  	// details.
  2480  	ForceSendFields []string `json:"-"`
  2481  	// NullFields is a list of field names (e.g. "MaxModulusSize") to include in
  2482  	// API requests with the JSON null value. By default, fields with empty values
  2483  	// are omitted from API requests. See
  2484  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2485  	NullFields []string `json:"-"`
  2486  }
  2487  
  2488  func (s *RsaKeyType) MarshalJSON() ([]byte, error) {
  2489  	type NoMethod RsaKeyType
  2490  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2491  }
  2492  
  2493  // SetIamPolicyRequest: Request message for `SetIamPolicy` method.
  2494  type SetIamPolicyRequest struct {
  2495  	// Policy: REQUIRED: The complete policy to be applied to the `resource`. The
  2496  	// size of the policy is limited to a few 10s of KB. An empty policy is a valid
  2497  	// policy but certain Google Cloud services (such as Projects) might reject
  2498  	// them.
  2499  	Policy *Policy `json:"policy,omitempty"`
  2500  	// UpdateMask: OPTIONAL: A FieldMask specifying which fields of the policy to
  2501  	// modify. Only the fields in the mask will be modified. If no mask is
  2502  	// provided, the following default mask is used: `paths: "bindings, etag"
  2503  	UpdateMask string `json:"updateMask,omitempty"`
  2504  	// ForceSendFields is a list of field names (e.g. "Policy") to unconditionally
  2505  	// include in API requests. By default, fields with empty or default values are
  2506  	// omitted from API requests. See
  2507  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2508  	// details.
  2509  	ForceSendFields []string `json:"-"`
  2510  	// NullFields is a list of field names (e.g. "Policy") to include in API
  2511  	// requests with the JSON null value. By default, fields with empty values are
  2512  	// omitted from API requests. See
  2513  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2514  	NullFields []string `json:"-"`
  2515  }
  2516  
  2517  func (s *SetIamPolicyRequest) MarshalJSON() ([]byte, error) {
  2518  	type NoMethod SetIamPolicyRequest
  2519  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2520  }
  2521  
  2522  // Status: The `Status` type defines a logical error model that is suitable for
  2523  // different programming environments, including REST APIs and RPC APIs. It is
  2524  // used by gRPC (https://github.com/grpc). Each `Status` message contains three
  2525  // pieces of data: error code, error message, and error details. You can find
  2526  // out more about this error model and how to work with it in the API Design
  2527  // Guide (https://cloud.google.com/apis/design/errors).
  2528  type Status struct {
  2529  	// Code: The status code, which should be an enum value of google.rpc.Code.
  2530  	Code int64 `json:"code,omitempty"`
  2531  	// Details: A list of messages that carry the error details. There is a common
  2532  	// set of message types for APIs to use.
  2533  	Details []googleapi.RawMessage `json:"details,omitempty"`
  2534  	// Message: A developer-facing error message, which should be in English. Any
  2535  	// user-facing error message should be localized and sent in the
  2536  	// google.rpc.Status.details field, or localized by the client.
  2537  	Message string `json:"message,omitempty"`
  2538  	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
  2539  	// include in API requests. By default, fields with empty or default values are
  2540  	// omitted from API requests. See
  2541  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2542  	// details.
  2543  	ForceSendFields []string `json:"-"`
  2544  	// NullFields is a list of field names (e.g. "Code") to include in API requests
  2545  	// with the JSON null value. By default, fields with empty values are omitted
  2546  	// from API requests. See
  2547  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2548  	NullFields []string `json:"-"`
  2549  }
  2550  
  2551  func (s *Status) MarshalJSON() ([]byte, error) {
  2552  	type NoMethod Status
  2553  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2554  }
  2555  
  2556  // Subject: Subject describes parts of a distinguished name that, in turn,
  2557  // describes the subject of the certificate.
  2558  type Subject struct {
  2559  	// CommonName: The "common name" of the subject.
  2560  	CommonName string `json:"commonName,omitempty"`
  2561  	// CountryCode: The country code of the subject.
  2562  	CountryCode string `json:"countryCode,omitempty"`
  2563  	// Locality: The locality or city of the subject.
  2564  	Locality string `json:"locality,omitempty"`
  2565  	// Organization: The organization of the subject.
  2566  	Organization string `json:"organization,omitempty"`
  2567  	// OrganizationalUnit: The organizational_unit of the subject.
  2568  	OrganizationalUnit string `json:"organizationalUnit,omitempty"`
  2569  	// PostalCode: The postal code of the subject.
  2570  	PostalCode string `json:"postalCode,omitempty"`
  2571  	// Province: The province, territory, or regional state of the subject.
  2572  	Province string `json:"province,omitempty"`
  2573  	// StreetAddress: The street address of the subject.
  2574  	StreetAddress string `json:"streetAddress,omitempty"`
  2575  	// ForceSendFields is a list of field names (e.g. "CommonName") to
  2576  	// unconditionally include in API requests. By default, fields with empty or
  2577  	// default values are omitted from API requests. See
  2578  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2579  	// details.
  2580  	ForceSendFields []string `json:"-"`
  2581  	// NullFields is a list of field names (e.g. "CommonName") to include in API
  2582  	// requests with the JSON null value. By default, fields with empty values are
  2583  	// omitted from API requests. See
  2584  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2585  	NullFields []string `json:"-"`
  2586  }
  2587  
  2588  func (s *Subject) MarshalJSON() ([]byte, error) {
  2589  	type NoMethod Subject
  2590  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2591  }
  2592  
  2593  // SubjectAltNames: SubjectAltNames corresponds to a more modern way of listing
  2594  // what the asserted identity is in a certificate (i.e., compared to the
  2595  // "common name" in the distinguished name).
  2596  type SubjectAltNames struct {
  2597  	// CustomSans: Contains additional subject alternative name values. For each
  2598  	// custom_san, the `value` field must contain an ASN.1 encoded UTF8String.
  2599  	CustomSans []*X509Extension `json:"customSans,omitempty"`
  2600  	// DnsNames: Contains only valid, fully-qualified host names.
  2601  	DnsNames []string `json:"dnsNames,omitempty"`
  2602  	// EmailAddresses: Contains only valid RFC 2822 E-mail addresses.
  2603  	EmailAddresses []string `json:"emailAddresses,omitempty"`
  2604  	// IpAddresses: Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6
  2605  	// addresses.
  2606  	IpAddresses []string `json:"ipAddresses,omitempty"`
  2607  	// Uris: Contains only valid RFC 3986 URIs.
  2608  	Uris []string `json:"uris,omitempty"`
  2609  	// ForceSendFields is a list of field names (e.g. "CustomSans") to
  2610  	// unconditionally include in API requests. By default, fields with empty or
  2611  	// default values are omitted from API requests. See
  2612  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2613  	// details.
  2614  	ForceSendFields []string `json:"-"`
  2615  	// NullFields is a list of field names (e.g. "CustomSans") to include in API
  2616  	// requests with the JSON null value. By default, fields with empty values are
  2617  	// omitted from API requests. See
  2618  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2619  	NullFields []string `json:"-"`
  2620  }
  2621  
  2622  func (s *SubjectAltNames) MarshalJSON() ([]byte, error) {
  2623  	type NoMethod SubjectAltNames
  2624  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2625  }
  2626  
  2627  // SubjectConfig: These values are used to create the distinguished name and
  2628  // subject alternative name fields in an X.509 certificate.
  2629  type SubjectConfig struct {
  2630  	// Subject: Optional. Contains distinguished name fields such as the common
  2631  	// name, location and organization.
  2632  	Subject *Subject `json:"subject,omitempty"`
  2633  	// SubjectAltName: Optional. The subject alternative name fields.
  2634  	SubjectAltName *SubjectAltNames `json:"subjectAltName,omitempty"`
  2635  	// ForceSendFields is a list of field names (e.g. "Subject") to unconditionally
  2636  	// include in API requests. By default, fields with empty or default values are
  2637  	// omitted from API requests. See
  2638  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2639  	// details.
  2640  	ForceSendFields []string `json:"-"`
  2641  	// NullFields is a list of field names (e.g. "Subject") to include in API
  2642  	// requests with the JSON null value. By default, fields with empty values are
  2643  	// omitted from API requests. See
  2644  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2645  	NullFields []string `json:"-"`
  2646  }
  2647  
  2648  func (s *SubjectConfig) MarshalJSON() ([]byte, error) {
  2649  	type NoMethod SubjectConfig
  2650  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2651  }
  2652  
  2653  // SubjectDescription: These values describe fields in an issued X.509
  2654  // certificate such as the distinguished name, subject alternative names,
  2655  // serial number, and lifetime.
  2656  type SubjectDescription struct {
  2657  	// HexSerialNumber: The serial number encoded in lowercase hexadecimal.
  2658  	HexSerialNumber string `json:"hexSerialNumber,omitempty"`
  2659  	// Lifetime: For convenience, the actual lifetime of an issued certificate.
  2660  	Lifetime string `json:"lifetime,omitempty"`
  2661  	// NotAfterTime: The time after which the certificate is expired. Per RFC 5280,
  2662  	// the validity period for a certificate is the period of time from
  2663  	// not_before_time through not_after_time, inclusive. Corresponds to
  2664  	// 'not_before_time' + 'lifetime' - 1 second.
  2665  	NotAfterTime string `json:"notAfterTime,omitempty"`
  2666  	// NotBeforeTime: The time at which the certificate becomes valid.
  2667  	NotBeforeTime string `json:"notBeforeTime,omitempty"`
  2668  	// Subject: Contains distinguished name fields such as the common name,
  2669  	// location and / organization.
  2670  	Subject *Subject `json:"subject,omitempty"`
  2671  	// SubjectAltName: The subject alternative name fields.
  2672  	SubjectAltName *SubjectAltNames `json:"subjectAltName,omitempty"`
  2673  	// ForceSendFields is a list of field names (e.g. "HexSerialNumber") to
  2674  	// unconditionally include in API requests. By default, fields with empty or
  2675  	// default values are omitted from API requests. See
  2676  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2677  	// details.
  2678  	ForceSendFields []string `json:"-"`
  2679  	// NullFields is a list of field names (e.g. "HexSerialNumber") to include in
  2680  	// API requests with the JSON null value. By default, fields with empty values
  2681  	// are omitted from API requests. See
  2682  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2683  	NullFields []string `json:"-"`
  2684  }
  2685  
  2686  func (s *SubjectDescription) MarshalJSON() ([]byte, error) {
  2687  	type NoMethod SubjectDescription
  2688  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2689  }
  2690  
  2691  // SubordinateConfig: Describes a subordinate CA's issuers. This is either a
  2692  // resource name to a known issuing CertificateAuthority, or a PEM issuer
  2693  // certificate chain.
  2694  type SubordinateConfig struct {
  2695  	// CertificateAuthority: Required. This can refer to a CertificateAuthority
  2696  	// that was used to create a subordinate CertificateAuthority. This field is
  2697  	// used for information and usability purposes only. The resource name is in
  2698  	// the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  2699  	CertificateAuthority string `json:"certificateAuthority,omitempty"`
  2700  	// PemIssuerChain: Required. Contains the PEM certificate chain for the issuers
  2701  	// of this CertificateAuthority, but not pem certificate for this CA itself.
  2702  	PemIssuerChain *SubordinateConfigChain `json:"pemIssuerChain,omitempty"`
  2703  	// ForceSendFields is a list of field names (e.g. "CertificateAuthority") to
  2704  	// unconditionally include in API requests. By default, fields with empty or
  2705  	// default values are omitted from API requests. See
  2706  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2707  	// details.
  2708  	ForceSendFields []string `json:"-"`
  2709  	// NullFields is a list of field names (e.g. "CertificateAuthority") to include
  2710  	// in API requests with the JSON null value. By default, fields with empty
  2711  	// values are omitted from API requests. See
  2712  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2713  	NullFields []string `json:"-"`
  2714  }
  2715  
  2716  func (s *SubordinateConfig) MarshalJSON() ([]byte, error) {
  2717  	type NoMethod SubordinateConfig
  2718  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2719  }
  2720  
  2721  // SubordinateConfigChain: This message describes a subordinate CA's issuer
  2722  // certificate chain. This wrapper exists for compatibility reasons.
  2723  type SubordinateConfigChain struct {
  2724  	// PemCertificates: Required. Expected to be in leaf-to-root order according to
  2725  	// RFC 5246.
  2726  	PemCertificates []string `json:"pemCertificates,omitempty"`
  2727  	// ForceSendFields is a list of field names (e.g. "PemCertificates") to
  2728  	// unconditionally include in API requests. By default, fields with empty or
  2729  	// default values are omitted from API requests. See
  2730  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2731  	// details.
  2732  	ForceSendFields []string `json:"-"`
  2733  	// NullFields is a list of field names (e.g. "PemCertificates") to include in
  2734  	// API requests with the JSON null value. By default, fields with empty values
  2735  	// are omitted from API requests. See
  2736  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2737  	NullFields []string `json:"-"`
  2738  }
  2739  
  2740  func (s *SubordinateConfigChain) MarshalJSON() ([]byte, error) {
  2741  	type NoMethod SubordinateConfigChain
  2742  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2743  }
  2744  
  2745  // TestIamPermissionsRequest: Request message for `TestIamPermissions` method.
  2746  type TestIamPermissionsRequest struct {
  2747  	// Permissions: The set of permissions to check for the `resource`. Permissions
  2748  	// with wildcards (such as `*` or `storage.*`) are not allowed. For more
  2749  	// information see IAM Overview
  2750  	// (https://cloud.google.com/iam/docs/overview#permissions).
  2751  	Permissions []string `json:"permissions,omitempty"`
  2752  	// ForceSendFields is a list of field names (e.g. "Permissions") to
  2753  	// unconditionally include in API requests. By default, fields with empty or
  2754  	// default values are omitted from API requests. See
  2755  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2756  	// details.
  2757  	ForceSendFields []string `json:"-"`
  2758  	// NullFields is a list of field names (e.g. "Permissions") to include in API
  2759  	// requests with the JSON null value. By default, fields with empty values are
  2760  	// omitted from API requests. See
  2761  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2762  	NullFields []string `json:"-"`
  2763  }
  2764  
  2765  func (s *TestIamPermissionsRequest) MarshalJSON() ([]byte, error) {
  2766  	type NoMethod TestIamPermissionsRequest
  2767  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2768  }
  2769  
  2770  // TestIamPermissionsResponse: Response message for `TestIamPermissions`
  2771  // method.
  2772  type TestIamPermissionsResponse struct {
  2773  	// Permissions: A subset of `TestPermissionsRequest.permissions` that the
  2774  	// caller is allowed.
  2775  	Permissions []string `json:"permissions,omitempty"`
  2776  
  2777  	// ServerResponse contains the HTTP response code and headers from the server.
  2778  	googleapi.ServerResponse `json:"-"`
  2779  	// ForceSendFields is a list of field names (e.g. "Permissions") to
  2780  	// unconditionally include in API requests. By default, fields with empty or
  2781  	// default values are omitted from API requests. See
  2782  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2783  	// details.
  2784  	ForceSendFields []string `json:"-"`
  2785  	// NullFields is a list of field names (e.g. "Permissions") to include in API
  2786  	// requests with the JSON null value. By default, fields with empty values are
  2787  	// omitted from API requests. See
  2788  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2789  	NullFields []string `json:"-"`
  2790  }
  2791  
  2792  func (s *TestIamPermissionsResponse) MarshalJSON() ([]byte, error) {
  2793  	type NoMethod TestIamPermissionsResponse
  2794  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2795  }
  2796  
  2797  // UndeleteCertificateAuthorityRequest: Request message for
  2798  // CertificateAuthorityService.UndeleteCertificateAuthority.
  2799  type UndeleteCertificateAuthorityRequest struct {
  2800  	// RequestId: Optional. An ID to identify requests. Specify a unique request ID
  2801  	// so that if you must retry your request, the server will know to ignore the
  2802  	// request if it has already been completed. The server will guarantee that for
  2803  	// at least 60 minutes since the first request. For example, consider a
  2804  	// situation where you make an initial request and the request times out. If
  2805  	// you make the request again with the same request ID, the server can check if
  2806  	// original operation with the same request ID was received, and if so, will
  2807  	// ignore the second request. This prevents clients from accidentally creating
  2808  	// duplicate commitments. The request ID must be a valid UUID with the
  2809  	// exception that zero UUID is not supported
  2810  	// (00000000-0000-0000-0000-000000000000).
  2811  	RequestId string `json:"requestId,omitempty"`
  2812  	// ForceSendFields is a list of field names (e.g. "RequestId") to
  2813  	// unconditionally include in API requests. By default, fields with empty or
  2814  	// default values are omitted from API requests. See
  2815  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2816  	// details.
  2817  	ForceSendFields []string `json:"-"`
  2818  	// NullFields is a list of field names (e.g. "RequestId") to include in API
  2819  	// requests with the JSON null value. By default, fields with empty values are
  2820  	// omitted from API requests. See
  2821  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2822  	NullFields []string `json:"-"`
  2823  }
  2824  
  2825  func (s *UndeleteCertificateAuthorityRequest) MarshalJSON() ([]byte, error) {
  2826  	type NoMethod UndeleteCertificateAuthorityRequest
  2827  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2828  }
  2829  
  2830  // X509Extension: An X509Extension specifies an X.509 extension, which may be
  2831  // used in different parts of X.509 objects like certificates, CSRs, and CRLs.
  2832  type X509Extension struct {
  2833  	// Critical: Optional. Indicates whether or not this extension is critical
  2834  	// (i.e., if the client does not know how to handle this extension, the client
  2835  	// should consider this to be an error).
  2836  	Critical bool `json:"critical,omitempty"`
  2837  	// ObjectId: Required. The OID for this X.509 extension.
  2838  	ObjectId *ObjectId `json:"objectId,omitempty"`
  2839  	// Value: Required. The value of this X.509 extension.
  2840  	Value string `json:"value,omitempty"`
  2841  	// ForceSendFields is a list of field names (e.g. "Critical") to
  2842  	// unconditionally include in API requests. By default, fields with empty or
  2843  	// default values are omitted from API requests. See
  2844  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2845  	// details.
  2846  	ForceSendFields []string `json:"-"`
  2847  	// NullFields is a list of field names (e.g. "Critical") to include in API
  2848  	// requests with the JSON null value. By default, fields with empty values are
  2849  	// omitted from API requests. See
  2850  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2851  	NullFields []string `json:"-"`
  2852  }
  2853  
  2854  func (s *X509Extension) MarshalJSON() ([]byte, error) {
  2855  	type NoMethod X509Extension
  2856  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2857  }
  2858  
  2859  // X509Parameters: An X509Parameters is used to describe certain fields of an
  2860  // X.509 certificate, such as the key usage fields, fields specific to CA
  2861  // certificates, certificate policy extensions and custom extensions.
  2862  type X509Parameters struct {
  2863  	// AdditionalExtensions: Optional. Describes custom X.509 extensions.
  2864  	AdditionalExtensions []*X509Extension `json:"additionalExtensions,omitempty"`
  2865  	// AiaOcspServers: Optional. Describes Online Certificate Status Protocol
  2866  	// (OCSP) endpoint addresses that appear in the "Authority Information Access"
  2867  	// extension in the certificate.
  2868  	AiaOcspServers []string `json:"aiaOcspServers,omitempty"`
  2869  	// CaOptions: Optional. Describes options in this X509Parameters that are
  2870  	// relevant in a CA certificate.
  2871  	CaOptions *CaOptions `json:"caOptions,omitempty"`
  2872  	// KeyUsage: Optional. Indicates the intended use for keys that correspond to a
  2873  	// certificate.
  2874  	KeyUsage *KeyUsage `json:"keyUsage,omitempty"`
  2875  	// NameConstraints: Optional. Describes the X.509 name constraints extension.
  2876  	NameConstraints *NameConstraints `json:"nameConstraints,omitempty"`
  2877  	// PolicyIds: Optional. Describes the X.509 certificate policy object
  2878  	// identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
  2879  	PolicyIds []*ObjectId `json:"policyIds,omitempty"`
  2880  	// ForceSendFields is a list of field names (e.g. "AdditionalExtensions") to
  2881  	// unconditionally include in API requests. By default, fields with empty or
  2882  	// default values are omitted from API requests. See
  2883  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
  2884  	// details.
  2885  	ForceSendFields []string `json:"-"`
  2886  	// NullFields is a list of field names (e.g. "AdditionalExtensions") to include
  2887  	// in API requests with the JSON null value. By default, fields with empty
  2888  	// values are omitted from API requests. See
  2889  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
  2890  	NullFields []string `json:"-"`
  2891  }
  2892  
  2893  func (s *X509Parameters) MarshalJSON() ([]byte, error) {
  2894  	type NoMethod X509Parameters
  2895  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
  2896  }
  2897  
  2898  type ProjectsLocationsGetCall struct {
  2899  	s            *Service
  2900  	name         string
  2901  	urlParams_   gensupport.URLParams
  2902  	ifNoneMatch_ string
  2903  	ctx_         context.Context
  2904  	header_      http.Header
  2905  }
  2906  
  2907  // Get: Gets information about a location.
  2908  //
  2909  // - name: Resource name for the location.
  2910  func (r *ProjectsLocationsService) Get(name string) *ProjectsLocationsGetCall {
  2911  	c := &ProjectsLocationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  2912  	c.name = name
  2913  	return c
  2914  }
  2915  
  2916  // Fields allows partial responses to be retrieved. See
  2917  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  2918  // details.
  2919  func (c *ProjectsLocationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsGetCall {
  2920  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  2921  	return c
  2922  }
  2923  
  2924  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  2925  // object's ETag matches the given value. This is useful for getting updates
  2926  // only after the object has changed since the last request.
  2927  func (c *ProjectsLocationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsGetCall {
  2928  	c.ifNoneMatch_ = entityTag
  2929  	return c
  2930  }
  2931  
  2932  // Context sets the context to be used in this call's Do method.
  2933  func (c *ProjectsLocationsGetCall) Context(ctx context.Context) *ProjectsLocationsGetCall {
  2934  	c.ctx_ = ctx
  2935  	return c
  2936  }
  2937  
  2938  // Header returns a http.Header that can be modified by the caller to add
  2939  // headers to the request.
  2940  func (c *ProjectsLocationsGetCall) Header() http.Header {
  2941  	if c.header_ == nil {
  2942  		c.header_ = make(http.Header)
  2943  	}
  2944  	return c.header_
  2945  }
  2946  
  2947  func (c *ProjectsLocationsGetCall) doRequest(alt string) (*http.Response, error) {
  2948  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  2949  	if c.ifNoneMatch_ != "" {
  2950  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  2951  	}
  2952  	var body io.Reader = nil
  2953  	c.urlParams_.Set("alt", alt)
  2954  	c.urlParams_.Set("prettyPrint", "false")
  2955  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  2956  	urls += "?" + c.urlParams_.Encode()
  2957  	req, err := http.NewRequest("GET", urls, body)
  2958  	if err != nil {
  2959  		return nil, err
  2960  	}
  2961  	req.Header = reqHeaders
  2962  	googleapi.Expand(req.URL, map[string]string{
  2963  		"name": c.name,
  2964  	})
  2965  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  2966  }
  2967  
  2968  // Do executes the "privateca.projects.locations.get" call.
  2969  // Any non-2xx status code is an error. Response headers are in either
  2970  // *Location.ServerResponse.Header or (if a response was returned at all) in
  2971  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  2972  // whether the returned error was because http.StatusNotModified was returned.
  2973  func (c *ProjectsLocationsGetCall) Do(opts ...googleapi.CallOption) (*Location, error) {
  2974  	gensupport.SetOptions(c.urlParams_, opts...)
  2975  	res, err := c.doRequest("json")
  2976  	if res != nil && res.StatusCode == http.StatusNotModified {
  2977  		if res.Body != nil {
  2978  			res.Body.Close()
  2979  		}
  2980  		return nil, gensupport.WrapError(&googleapi.Error{
  2981  			Code:   res.StatusCode,
  2982  			Header: res.Header,
  2983  		})
  2984  	}
  2985  	if err != nil {
  2986  		return nil, err
  2987  	}
  2988  	defer googleapi.CloseBody(res)
  2989  	if err := googleapi.CheckResponse(res); err != nil {
  2990  		return nil, gensupport.WrapError(err)
  2991  	}
  2992  	ret := &Location{
  2993  		ServerResponse: googleapi.ServerResponse{
  2994  			Header:         res.Header,
  2995  			HTTPStatusCode: res.StatusCode,
  2996  		},
  2997  	}
  2998  	target := &ret
  2999  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3000  		return nil, err
  3001  	}
  3002  	return ret, nil
  3003  }
  3004  
  3005  type ProjectsLocationsListCall struct {
  3006  	s            *Service
  3007  	name         string
  3008  	urlParams_   gensupport.URLParams
  3009  	ifNoneMatch_ string
  3010  	ctx_         context.Context
  3011  	header_      http.Header
  3012  }
  3013  
  3014  // List: Lists information about the supported locations for this service.
  3015  //
  3016  // - name: The resource that owns the locations collection, if applicable.
  3017  func (r *ProjectsLocationsService) List(name string) *ProjectsLocationsListCall {
  3018  	c := &ProjectsLocationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3019  	c.name = name
  3020  	return c
  3021  }
  3022  
  3023  // Filter sets the optional parameter "filter": A filter to narrow down results
  3024  // to a preferred subset. The filtering language accepts strings like
  3025  // "displayName=tokyo", and is documented in more detail in AIP-160
  3026  // (https://google.aip.dev/160).
  3027  func (c *ProjectsLocationsListCall) Filter(filter string) *ProjectsLocationsListCall {
  3028  	c.urlParams_.Set("filter", filter)
  3029  	return c
  3030  }
  3031  
  3032  // PageSize sets the optional parameter "pageSize": The maximum number of
  3033  // results to return. If not set, the service selects a default.
  3034  func (c *ProjectsLocationsListCall) PageSize(pageSize int64) *ProjectsLocationsListCall {
  3035  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  3036  	return c
  3037  }
  3038  
  3039  // PageToken sets the optional parameter "pageToken": A page token received
  3040  // from the `next_page_token` field in the response. Send that page token to
  3041  // receive the subsequent page.
  3042  func (c *ProjectsLocationsListCall) PageToken(pageToken string) *ProjectsLocationsListCall {
  3043  	c.urlParams_.Set("pageToken", pageToken)
  3044  	return c
  3045  }
  3046  
  3047  // Fields allows partial responses to be retrieved. See
  3048  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3049  // details.
  3050  func (c *ProjectsLocationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsListCall {
  3051  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3052  	return c
  3053  }
  3054  
  3055  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  3056  // object's ETag matches the given value. This is useful for getting updates
  3057  // only after the object has changed since the last request.
  3058  func (c *ProjectsLocationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsListCall {
  3059  	c.ifNoneMatch_ = entityTag
  3060  	return c
  3061  }
  3062  
  3063  // Context sets the context to be used in this call's Do method.
  3064  func (c *ProjectsLocationsListCall) Context(ctx context.Context) *ProjectsLocationsListCall {
  3065  	c.ctx_ = ctx
  3066  	return c
  3067  }
  3068  
  3069  // Header returns a http.Header that can be modified by the caller to add
  3070  // headers to the request.
  3071  func (c *ProjectsLocationsListCall) Header() http.Header {
  3072  	if c.header_ == nil {
  3073  		c.header_ = make(http.Header)
  3074  	}
  3075  	return c.header_
  3076  }
  3077  
  3078  func (c *ProjectsLocationsListCall) doRequest(alt string) (*http.Response, error) {
  3079  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3080  	if c.ifNoneMatch_ != "" {
  3081  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  3082  	}
  3083  	var body io.Reader = nil
  3084  	c.urlParams_.Set("alt", alt)
  3085  	c.urlParams_.Set("prettyPrint", "false")
  3086  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/locations")
  3087  	urls += "?" + c.urlParams_.Encode()
  3088  	req, err := http.NewRequest("GET", urls, body)
  3089  	if err != nil {
  3090  		return nil, err
  3091  	}
  3092  	req.Header = reqHeaders
  3093  	googleapi.Expand(req.URL, map[string]string{
  3094  		"name": c.name,
  3095  	})
  3096  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3097  }
  3098  
  3099  // Do executes the "privateca.projects.locations.list" call.
  3100  // Any non-2xx status code is an error. Response headers are in either
  3101  // *ListLocationsResponse.ServerResponse.Header or (if a response was returned
  3102  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  3103  // check whether the returned error was because http.StatusNotModified was
  3104  // returned.
  3105  func (c *ProjectsLocationsListCall) Do(opts ...googleapi.CallOption) (*ListLocationsResponse, error) {
  3106  	gensupport.SetOptions(c.urlParams_, opts...)
  3107  	res, err := c.doRequest("json")
  3108  	if res != nil && res.StatusCode == http.StatusNotModified {
  3109  		if res.Body != nil {
  3110  			res.Body.Close()
  3111  		}
  3112  		return nil, gensupport.WrapError(&googleapi.Error{
  3113  			Code:   res.StatusCode,
  3114  			Header: res.Header,
  3115  		})
  3116  	}
  3117  	if err != nil {
  3118  		return nil, err
  3119  	}
  3120  	defer googleapi.CloseBody(res)
  3121  	if err := googleapi.CheckResponse(res); err != nil {
  3122  		return nil, gensupport.WrapError(err)
  3123  	}
  3124  	ret := &ListLocationsResponse{
  3125  		ServerResponse: googleapi.ServerResponse{
  3126  			Header:         res.Header,
  3127  			HTTPStatusCode: res.StatusCode,
  3128  		},
  3129  	}
  3130  	target := &ret
  3131  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3132  		return nil, err
  3133  	}
  3134  	return ret, nil
  3135  }
  3136  
  3137  // Pages invokes f for each page of results.
  3138  // A non-nil error returned from f will halt the iteration.
  3139  // The provided context supersedes any context provided to the Context method.
  3140  func (c *ProjectsLocationsListCall) Pages(ctx context.Context, f func(*ListLocationsResponse) error) error {
  3141  	c.ctx_ = ctx
  3142  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  3143  	for {
  3144  		x, err := c.Do()
  3145  		if err != nil {
  3146  			return err
  3147  		}
  3148  		if err := f(x); err != nil {
  3149  			return err
  3150  		}
  3151  		if x.NextPageToken == "" {
  3152  			return nil
  3153  		}
  3154  		c.PageToken(x.NextPageToken)
  3155  	}
  3156  }
  3157  
  3158  type ProjectsLocationsCaPoolsCreateCall struct {
  3159  	s          *Service
  3160  	parent     string
  3161  	capool     *CaPool
  3162  	urlParams_ gensupport.URLParams
  3163  	ctx_       context.Context
  3164  	header_    http.Header
  3165  }
  3166  
  3167  // Create: Create a CaPool.
  3168  //
  3169  //   - parent: The resource name of the location associated with the CaPool, in
  3170  //     the format `projects/*/locations/*`.
  3171  func (r *ProjectsLocationsCaPoolsService) Create(parent string, capool *CaPool) *ProjectsLocationsCaPoolsCreateCall {
  3172  	c := &ProjectsLocationsCaPoolsCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3173  	c.parent = parent
  3174  	c.capool = capool
  3175  	return c
  3176  }
  3177  
  3178  // CaPoolId sets the optional parameter "caPoolId": Required. It must be unique
  3179  // within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
  3180  func (c *ProjectsLocationsCaPoolsCreateCall) CaPoolId(caPoolId string) *ProjectsLocationsCaPoolsCreateCall {
  3181  	c.urlParams_.Set("caPoolId", caPoolId)
  3182  	return c
  3183  }
  3184  
  3185  // RequestId sets the optional parameter "requestId": An ID to identify
  3186  // requests. Specify a unique request ID so that if you must retry your
  3187  // request, the server will know to ignore the request if it has already been
  3188  // completed. The server will guarantee that for at least 60 minutes since the
  3189  // first request. For example, consider a situation where you make an initial
  3190  // request and the request times out. If you make the request again with the
  3191  // same request ID, the server can check if original operation with the same
  3192  // request ID was received, and if so, will ignore the second request. This
  3193  // prevents clients from accidentally creating duplicate commitments. The
  3194  // request ID must be a valid UUID with the exception that zero UUID is not
  3195  // supported (00000000-0000-0000-0000-000000000000).
  3196  func (c *ProjectsLocationsCaPoolsCreateCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCreateCall {
  3197  	c.urlParams_.Set("requestId", requestId)
  3198  	return c
  3199  }
  3200  
  3201  // Fields allows partial responses to be retrieved. See
  3202  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3203  // details.
  3204  func (c *ProjectsLocationsCaPoolsCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCreateCall {
  3205  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3206  	return c
  3207  }
  3208  
  3209  // Context sets the context to be used in this call's Do method.
  3210  func (c *ProjectsLocationsCaPoolsCreateCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCreateCall {
  3211  	c.ctx_ = ctx
  3212  	return c
  3213  }
  3214  
  3215  // Header returns a http.Header that can be modified by the caller to add
  3216  // headers to the request.
  3217  func (c *ProjectsLocationsCaPoolsCreateCall) Header() http.Header {
  3218  	if c.header_ == nil {
  3219  		c.header_ = make(http.Header)
  3220  	}
  3221  	return c.header_
  3222  }
  3223  
  3224  func (c *ProjectsLocationsCaPoolsCreateCall) doRequest(alt string) (*http.Response, error) {
  3225  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3226  	var body io.Reader = nil
  3227  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.capool)
  3228  	if err != nil {
  3229  		return nil, err
  3230  	}
  3231  	c.urlParams_.Set("alt", alt)
  3232  	c.urlParams_.Set("prettyPrint", "false")
  3233  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/caPools")
  3234  	urls += "?" + c.urlParams_.Encode()
  3235  	req, err := http.NewRequest("POST", urls, body)
  3236  	if err != nil {
  3237  		return nil, err
  3238  	}
  3239  	req.Header = reqHeaders
  3240  	googleapi.Expand(req.URL, map[string]string{
  3241  		"parent": c.parent,
  3242  	})
  3243  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3244  }
  3245  
  3246  // Do executes the "privateca.projects.locations.caPools.create" call.
  3247  // Any non-2xx status code is an error. Response headers are in either
  3248  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3249  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3250  // whether the returned error was because http.StatusNotModified was returned.
  3251  func (c *ProjectsLocationsCaPoolsCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3252  	gensupport.SetOptions(c.urlParams_, opts...)
  3253  	res, err := c.doRequest("json")
  3254  	if res != nil && res.StatusCode == http.StatusNotModified {
  3255  		if res.Body != nil {
  3256  			res.Body.Close()
  3257  		}
  3258  		return nil, gensupport.WrapError(&googleapi.Error{
  3259  			Code:   res.StatusCode,
  3260  			Header: res.Header,
  3261  		})
  3262  	}
  3263  	if err != nil {
  3264  		return nil, err
  3265  	}
  3266  	defer googleapi.CloseBody(res)
  3267  	if err := googleapi.CheckResponse(res); err != nil {
  3268  		return nil, gensupport.WrapError(err)
  3269  	}
  3270  	ret := &Operation{
  3271  		ServerResponse: googleapi.ServerResponse{
  3272  			Header:         res.Header,
  3273  			HTTPStatusCode: res.StatusCode,
  3274  		},
  3275  	}
  3276  	target := &ret
  3277  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3278  		return nil, err
  3279  	}
  3280  	return ret, nil
  3281  }
  3282  
  3283  type ProjectsLocationsCaPoolsDeleteCall struct {
  3284  	s          *Service
  3285  	name       string
  3286  	urlParams_ gensupport.URLParams
  3287  	ctx_       context.Context
  3288  	header_    http.Header
  3289  }
  3290  
  3291  // Delete: Delete a CaPool.
  3292  //
  3293  //   - name: The resource name for this CaPool in the format
  3294  //     `projects/*/locations/*/caPools/*`.
  3295  func (r *ProjectsLocationsCaPoolsService) Delete(name string) *ProjectsLocationsCaPoolsDeleteCall {
  3296  	c := &ProjectsLocationsCaPoolsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3297  	c.name = name
  3298  	return c
  3299  }
  3300  
  3301  // IgnoreDependentResources sets the optional parameter
  3302  // "ignoreDependentResources": This field allows this pool to be deleted even
  3303  // if it's being depended on by another resource. However, doing so may result
  3304  // in unintended and unrecoverable effects on any dependent resources since the
  3305  // pool will no longer be able to issue certificates.
  3306  func (c *ProjectsLocationsCaPoolsDeleteCall) IgnoreDependentResources(ignoreDependentResources bool) *ProjectsLocationsCaPoolsDeleteCall {
  3307  	c.urlParams_.Set("ignoreDependentResources", fmt.Sprint(ignoreDependentResources))
  3308  	return c
  3309  }
  3310  
  3311  // RequestId sets the optional parameter "requestId": An ID to identify
  3312  // requests. Specify a unique request ID so that if you must retry your
  3313  // request, the server will know to ignore the request if it has already been
  3314  // completed. The server will guarantee that for at least 60 minutes since the
  3315  // first request. For example, consider a situation where you make an initial
  3316  // request and the request times out. If you make the request again with the
  3317  // same request ID, the server can check if original operation with the same
  3318  // request ID was received, and if so, will ignore the second request. This
  3319  // prevents clients from accidentally creating duplicate commitments. The
  3320  // request ID must be a valid UUID with the exception that zero UUID is not
  3321  // supported (00000000-0000-0000-0000-000000000000).
  3322  func (c *ProjectsLocationsCaPoolsDeleteCall) RequestId(requestId string) *ProjectsLocationsCaPoolsDeleteCall {
  3323  	c.urlParams_.Set("requestId", requestId)
  3324  	return c
  3325  }
  3326  
  3327  // Fields allows partial responses to be retrieved. See
  3328  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3329  // details.
  3330  func (c *ProjectsLocationsCaPoolsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsDeleteCall {
  3331  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3332  	return c
  3333  }
  3334  
  3335  // Context sets the context to be used in this call's Do method.
  3336  func (c *ProjectsLocationsCaPoolsDeleteCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsDeleteCall {
  3337  	c.ctx_ = ctx
  3338  	return c
  3339  }
  3340  
  3341  // Header returns a http.Header that can be modified by the caller to add
  3342  // headers to the request.
  3343  func (c *ProjectsLocationsCaPoolsDeleteCall) Header() http.Header {
  3344  	if c.header_ == nil {
  3345  		c.header_ = make(http.Header)
  3346  	}
  3347  	return c.header_
  3348  }
  3349  
  3350  func (c *ProjectsLocationsCaPoolsDeleteCall) doRequest(alt string) (*http.Response, error) {
  3351  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3352  	var body io.Reader = nil
  3353  	c.urlParams_.Set("alt", alt)
  3354  	c.urlParams_.Set("prettyPrint", "false")
  3355  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  3356  	urls += "?" + c.urlParams_.Encode()
  3357  	req, err := http.NewRequest("DELETE", urls, body)
  3358  	if err != nil {
  3359  		return nil, err
  3360  	}
  3361  	req.Header = reqHeaders
  3362  	googleapi.Expand(req.URL, map[string]string{
  3363  		"name": c.name,
  3364  	})
  3365  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3366  }
  3367  
  3368  // Do executes the "privateca.projects.locations.caPools.delete" call.
  3369  // Any non-2xx status code is an error. Response headers are in either
  3370  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3371  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3372  // whether the returned error was because http.StatusNotModified was returned.
  3373  func (c *ProjectsLocationsCaPoolsDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3374  	gensupport.SetOptions(c.urlParams_, opts...)
  3375  	res, err := c.doRequest("json")
  3376  	if res != nil && res.StatusCode == http.StatusNotModified {
  3377  		if res.Body != nil {
  3378  			res.Body.Close()
  3379  		}
  3380  		return nil, gensupport.WrapError(&googleapi.Error{
  3381  			Code:   res.StatusCode,
  3382  			Header: res.Header,
  3383  		})
  3384  	}
  3385  	if err != nil {
  3386  		return nil, err
  3387  	}
  3388  	defer googleapi.CloseBody(res)
  3389  	if err := googleapi.CheckResponse(res); err != nil {
  3390  		return nil, gensupport.WrapError(err)
  3391  	}
  3392  	ret := &Operation{
  3393  		ServerResponse: googleapi.ServerResponse{
  3394  			Header:         res.Header,
  3395  			HTTPStatusCode: res.StatusCode,
  3396  		},
  3397  	}
  3398  	target := &ret
  3399  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3400  		return nil, err
  3401  	}
  3402  	return ret, nil
  3403  }
  3404  
  3405  type ProjectsLocationsCaPoolsFetchCaCertsCall struct {
  3406  	s                   *Service
  3407  	caPool              string
  3408  	fetchcacertsrequest *FetchCaCertsRequest
  3409  	urlParams_          gensupport.URLParams
  3410  	ctx_                context.Context
  3411  	header_             http.Header
  3412  }
  3413  
  3414  // FetchCaCerts: FetchCaCerts returns the current trust anchor for the CaPool.
  3415  // This will include CA certificate chains for all certificate authorities in
  3416  // the ENABLED, DISABLED, or STAGED states.
  3417  //
  3418  //   - caPool: The resource name for the CaPool in the format
  3419  //     `projects/*/locations/*/caPools/*`.
  3420  func (r *ProjectsLocationsCaPoolsService) FetchCaCerts(caPool string, fetchcacertsrequest *FetchCaCertsRequest) *ProjectsLocationsCaPoolsFetchCaCertsCall {
  3421  	c := &ProjectsLocationsCaPoolsFetchCaCertsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3422  	c.caPool = caPool
  3423  	c.fetchcacertsrequest = fetchcacertsrequest
  3424  	return c
  3425  }
  3426  
  3427  // Fields allows partial responses to be retrieved. See
  3428  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3429  // details.
  3430  func (c *ProjectsLocationsCaPoolsFetchCaCertsCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsFetchCaCertsCall {
  3431  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3432  	return c
  3433  }
  3434  
  3435  // Context sets the context to be used in this call's Do method.
  3436  func (c *ProjectsLocationsCaPoolsFetchCaCertsCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsFetchCaCertsCall {
  3437  	c.ctx_ = ctx
  3438  	return c
  3439  }
  3440  
  3441  // Header returns a http.Header that can be modified by the caller to add
  3442  // headers to the request.
  3443  func (c *ProjectsLocationsCaPoolsFetchCaCertsCall) Header() http.Header {
  3444  	if c.header_ == nil {
  3445  		c.header_ = make(http.Header)
  3446  	}
  3447  	return c.header_
  3448  }
  3449  
  3450  func (c *ProjectsLocationsCaPoolsFetchCaCertsCall) doRequest(alt string) (*http.Response, error) {
  3451  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3452  	var body io.Reader = nil
  3453  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.fetchcacertsrequest)
  3454  	if err != nil {
  3455  		return nil, err
  3456  	}
  3457  	c.urlParams_.Set("alt", alt)
  3458  	c.urlParams_.Set("prettyPrint", "false")
  3459  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+caPool}:fetchCaCerts")
  3460  	urls += "?" + c.urlParams_.Encode()
  3461  	req, err := http.NewRequest("POST", urls, body)
  3462  	if err != nil {
  3463  		return nil, err
  3464  	}
  3465  	req.Header = reqHeaders
  3466  	googleapi.Expand(req.URL, map[string]string{
  3467  		"caPool": c.caPool,
  3468  	})
  3469  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3470  }
  3471  
  3472  // Do executes the "privateca.projects.locations.caPools.fetchCaCerts" call.
  3473  // Any non-2xx status code is an error. Response headers are in either
  3474  // *FetchCaCertsResponse.ServerResponse.Header or (if a response was returned
  3475  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  3476  // check whether the returned error was because http.StatusNotModified was
  3477  // returned.
  3478  func (c *ProjectsLocationsCaPoolsFetchCaCertsCall) Do(opts ...googleapi.CallOption) (*FetchCaCertsResponse, error) {
  3479  	gensupport.SetOptions(c.urlParams_, opts...)
  3480  	res, err := c.doRequest("json")
  3481  	if res != nil && res.StatusCode == http.StatusNotModified {
  3482  		if res.Body != nil {
  3483  			res.Body.Close()
  3484  		}
  3485  		return nil, gensupport.WrapError(&googleapi.Error{
  3486  			Code:   res.StatusCode,
  3487  			Header: res.Header,
  3488  		})
  3489  	}
  3490  	if err != nil {
  3491  		return nil, err
  3492  	}
  3493  	defer googleapi.CloseBody(res)
  3494  	if err := googleapi.CheckResponse(res); err != nil {
  3495  		return nil, gensupport.WrapError(err)
  3496  	}
  3497  	ret := &FetchCaCertsResponse{
  3498  		ServerResponse: googleapi.ServerResponse{
  3499  			Header:         res.Header,
  3500  			HTTPStatusCode: res.StatusCode,
  3501  		},
  3502  	}
  3503  	target := &ret
  3504  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3505  		return nil, err
  3506  	}
  3507  	return ret, nil
  3508  }
  3509  
  3510  type ProjectsLocationsCaPoolsGetCall struct {
  3511  	s            *Service
  3512  	name         string
  3513  	urlParams_   gensupport.URLParams
  3514  	ifNoneMatch_ string
  3515  	ctx_         context.Context
  3516  	header_      http.Header
  3517  }
  3518  
  3519  // Get: Returns a CaPool.
  3520  //
  3521  // - name: The name of the CaPool to get.
  3522  func (r *ProjectsLocationsCaPoolsService) Get(name string) *ProjectsLocationsCaPoolsGetCall {
  3523  	c := &ProjectsLocationsCaPoolsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3524  	c.name = name
  3525  	return c
  3526  }
  3527  
  3528  // Fields allows partial responses to be retrieved. See
  3529  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3530  // details.
  3531  func (c *ProjectsLocationsCaPoolsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsGetCall {
  3532  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3533  	return c
  3534  }
  3535  
  3536  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  3537  // object's ETag matches the given value. This is useful for getting updates
  3538  // only after the object has changed since the last request.
  3539  func (c *ProjectsLocationsCaPoolsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsGetCall {
  3540  	c.ifNoneMatch_ = entityTag
  3541  	return c
  3542  }
  3543  
  3544  // Context sets the context to be used in this call's Do method.
  3545  func (c *ProjectsLocationsCaPoolsGetCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsGetCall {
  3546  	c.ctx_ = ctx
  3547  	return c
  3548  }
  3549  
  3550  // Header returns a http.Header that can be modified by the caller to add
  3551  // headers to the request.
  3552  func (c *ProjectsLocationsCaPoolsGetCall) Header() http.Header {
  3553  	if c.header_ == nil {
  3554  		c.header_ = make(http.Header)
  3555  	}
  3556  	return c.header_
  3557  }
  3558  
  3559  func (c *ProjectsLocationsCaPoolsGetCall) doRequest(alt string) (*http.Response, error) {
  3560  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3561  	if c.ifNoneMatch_ != "" {
  3562  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  3563  	}
  3564  	var body io.Reader = nil
  3565  	c.urlParams_.Set("alt", alt)
  3566  	c.urlParams_.Set("prettyPrint", "false")
  3567  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  3568  	urls += "?" + c.urlParams_.Encode()
  3569  	req, err := http.NewRequest("GET", urls, body)
  3570  	if err != nil {
  3571  		return nil, err
  3572  	}
  3573  	req.Header = reqHeaders
  3574  	googleapi.Expand(req.URL, map[string]string{
  3575  		"name": c.name,
  3576  	})
  3577  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3578  }
  3579  
  3580  // Do executes the "privateca.projects.locations.caPools.get" call.
  3581  // Any non-2xx status code is an error. Response headers are in either
  3582  // *CaPool.ServerResponse.Header or (if a response was returned at all) in
  3583  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3584  // whether the returned error was because http.StatusNotModified was returned.
  3585  func (c *ProjectsLocationsCaPoolsGetCall) Do(opts ...googleapi.CallOption) (*CaPool, error) {
  3586  	gensupport.SetOptions(c.urlParams_, opts...)
  3587  	res, err := c.doRequest("json")
  3588  	if res != nil && res.StatusCode == http.StatusNotModified {
  3589  		if res.Body != nil {
  3590  			res.Body.Close()
  3591  		}
  3592  		return nil, gensupport.WrapError(&googleapi.Error{
  3593  			Code:   res.StatusCode,
  3594  			Header: res.Header,
  3595  		})
  3596  	}
  3597  	if err != nil {
  3598  		return nil, err
  3599  	}
  3600  	defer googleapi.CloseBody(res)
  3601  	if err := googleapi.CheckResponse(res); err != nil {
  3602  		return nil, gensupport.WrapError(err)
  3603  	}
  3604  	ret := &CaPool{
  3605  		ServerResponse: googleapi.ServerResponse{
  3606  			Header:         res.Header,
  3607  			HTTPStatusCode: res.StatusCode,
  3608  		},
  3609  	}
  3610  	target := &ret
  3611  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3612  		return nil, err
  3613  	}
  3614  	return ret, nil
  3615  }
  3616  
  3617  type ProjectsLocationsCaPoolsGetIamPolicyCall struct {
  3618  	s            *Service
  3619  	resource     string
  3620  	urlParams_   gensupport.URLParams
  3621  	ifNoneMatch_ string
  3622  	ctx_         context.Context
  3623  	header_      http.Header
  3624  }
  3625  
  3626  // GetIamPolicy: Gets the access control policy for a resource. Returns an
  3627  // empty policy if the resource exists and does not have a policy set.
  3628  //
  3629  //   - resource: REQUIRED: The resource for which the policy is being requested.
  3630  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  3631  //     for the appropriate value for this field.
  3632  func (r *ProjectsLocationsCaPoolsService) GetIamPolicy(resource string) *ProjectsLocationsCaPoolsGetIamPolicyCall {
  3633  	c := &ProjectsLocationsCaPoolsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3634  	c.resource = resource
  3635  	return c
  3636  }
  3637  
  3638  // OptionsRequestedPolicyVersion sets the optional parameter
  3639  // "options.requestedPolicyVersion": The maximum policy version that will be
  3640  // used to format the policy. Valid values are 0, 1, and 3. Requests specifying
  3641  // an invalid value will be rejected. Requests for policies with any
  3642  // conditional role bindings must specify version 3. Policies with no
  3643  // conditional role bindings may specify any valid value or leave the field
  3644  // unset. The policy in the response might use the policy version that you
  3645  // specified, or it might use a lower policy version. For example, if you
  3646  // specify version 3, but the policy has no conditional role bindings, the
  3647  // response uses version 1. To learn which resources support conditions in
  3648  // their IAM policies, see the IAM documentation
  3649  // (https://cloud.google.com/iam/help/conditions/resource-policies).
  3650  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsCaPoolsGetIamPolicyCall {
  3651  	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
  3652  	return c
  3653  }
  3654  
  3655  // Fields allows partial responses to be retrieved. See
  3656  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3657  // details.
  3658  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsGetIamPolicyCall {
  3659  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3660  	return c
  3661  }
  3662  
  3663  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  3664  // object's ETag matches the given value. This is useful for getting updates
  3665  // only after the object has changed since the last request.
  3666  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsGetIamPolicyCall {
  3667  	c.ifNoneMatch_ = entityTag
  3668  	return c
  3669  }
  3670  
  3671  // Context sets the context to be used in this call's Do method.
  3672  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsGetIamPolicyCall {
  3673  	c.ctx_ = ctx
  3674  	return c
  3675  }
  3676  
  3677  // Header returns a http.Header that can be modified by the caller to add
  3678  // headers to the request.
  3679  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) Header() http.Header {
  3680  	if c.header_ == nil {
  3681  		c.header_ = make(http.Header)
  3682  	}
  3683  	return c.header_
  3684  }
  3685  
  3686  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  3687  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3688  	if c.ifNoneMatch_ != "" {
  3689  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  3690  	}
  3691  	var body io.Reader = nil
  3692  	c.urlParams_.Set("alt", alt)
  3693  	c.urlParams_.Set("prettyPrint", "false")
  3694  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy")
  3695  	urls += "?" + c.urlParams_.Encode()
  3696  	req, err := http.NewRequest("GET", urls, body)
  3697  	if err != nil {
  3698  		return nil, err
  3699  	}
  3700  	req.Header = reqHeaders
  3701  	googleapi.Expand(req.URL, map[string]string{
  3702  		"resource": c.resource,
  3703  	})
  3704  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3705  }
  3706  
  3707  // Do executes the "privateca.projects.locations.caPools.getIamPolicy" call.
  3708  // Any non-2xx status code is an error. Response headers are in either
  3709  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  3710  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3711  // whether the returned error was because http.StatusNotModified was returned.
  3712  func (c *ProjectsLocationsCaPoolsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  3713  	gensupport.SetOptions(c.urlParams_, opts...)
  3714  	res, err := c.doRequest("json")
  3715  	if res != nil && res.StatusCode == http.StatusNotModified {
  3716  		if res.Body != nil {
  3717  			res.Body.Close()
  3718  		}
  3719  		return nil, gensupport.WrapError(&googleapi.Error{
  3720  			Code:   res.StatusCode,
  3721  			Header: res.Header,
  3722  		})
  3723  	}
  3724  	if err != nil {
  3725  		return nil, err
  3726  	}
  3727  	defer googleapi.CloseBody(res)
  3728  	if err := googleapi.CheckResponse(res); err != nil {
  3729  		return nil, gensupport.WrapError(err)
  3730  	}
  3731  	ret := &Policy{
  3732  		ServerResponse: googleapi.ServerResponse{
  3733  			Header:         res.Header,
  3734  			HTTPStatusCode: res.StatusCode,
  3735  		},
  3736  	}
  3737  	target := &ret
  3738  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3739  		return nil, err
  3740  	}
  3741  	return ret, nil
  3742  }
  3743  
  3744  type ProjectsLocationsCaPoolsListCall struct {
  3745  	s            *Service
  3746  	parent       string
  3747  	urlParams_   gensupport.URLParams
  3748  	ifNoneMatch_ string
  3749  	ctx_         context.Context
  3750  	header_      http.Header
  3751  }
  3752  
  3753  // List: Lists CaPools.
  3754  //
  3755  //   - parent: The resource name of the location associated with the CaPools, in
  3756  //     the format `projects/*/locations/*`.
  3757  func (r *ProjectsLocationsCaPoolsService) List(parent string) *ProjectsLocationsCaPoolsListCall {
  3758  	c := &ProjectsLocationsCaPoolsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3759  	c.parent = parent
  3760  	return c
  3761  }
  3762  
  3763  // Filter sets the optional parameter "filter": Only include resources that
  3764  // match the filter in the response.
  3765  func (c *ProjectsLocationsCaPoolsListCall) Filter(filter string) *ProjectsLocationsCaPoolsListCall {
  3766  	c.urlParams_.Set("filter", filter)
  3767  	return c
  3768  }
  3769  
  3770  // OrderBy sets the optional parameter "orderBy": Specify how the results
  3771  // should be sorted.
  3772  func (c *ProjectsLocationsCaPoolsListCall) OrderBy(orderBy string) *ProjectsLocationsCaPoolsListCall {
  3773  	c.urlParams_.Set("orderBy", orderBy)
  3774  	return c
  3775  }
  3776  
  3777  // PageSize sets the optional parameter "pageSize": Limit on the number of
  3778  // CaPools to include in the response. Further CaPools can subsequently be
  3779  // obtained by including the ListCaPoolsResponse.next_page_token in a
  3780  // subsequent request. If unspecified, the server will pick an appropriate
  3781  // default.
  3782  func (c *ProjectsLocationsCaPoolsListCall) PageSize(pageSize int64) *ProjectsLocationsCaPoolsListCall {
  3783  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  3784  	return c
  3785  }
  3786  
  3787  // PageToken sets the optional parameter "pageToken": Pagination token,
  3788  // returned earlier via ListCaPoolsResponse.next_page_token.
  3789  func (c *ProjectsLocationsCaPoolsListCall) PageToken(pageToken string) *ProjectsLocationsCaPoolsListCall {
  3790  	c.urlParams_.Set("pageToken", pageToken)
  3791  	return c
  3792  }
  3793  
  3794  // Fields allows partial responses to be retrieved. See
  3795  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3796  // details.
  3797  func (c *ProjectsLocationsCaPoolsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsListCall {
  3798  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3799  	return c
  3800  }
  3801  
  3802  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  3803  // object's ETag matches the given value. This is useful for getting updates
  3804  // only after the object has changed since the last request.
  3805  func (c *ProjectsLocationsCaPoolsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsListCall {
  3806  	c.ifNoneMatch_ = entityTag
  3807  	return c
  3808  }
  3809  
  3810  // Context sets the context to be used in this call's Do method.
  3811  func (c *ProjectsLocationsCaPoolsListCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsListCall {
  3812  	c.ctx_ = ctx
  3813  	return c
  3814  }
  3815  
  3816  // Header returns a http.Header that can be modified by the caller to add
  3817  // headers to the request.
  3818  func (c *ProjectsLocationsCaPoolsListCall) Header() http.Header {
  3819  	if c.header_ == nil {
  3820  		c.header_ = make(http.Header)
  3821  	}
  3822  	return c.header_
  3823  }
  3824  
  3825  func (c *ProjectsLocationsCaPoolsListCall) doRequest(alt string) (*http.Response, error) {
  3826  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  3827  	if c.ifNoneMatch_ != "" {
  3828  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  3829  	}
  3830  	var body io.Reader = nil
  3831  	c.urlParams_.Set("alt", alt)
  3832  	c.urlParams_.Set("prettyPrint", "false")
  3833  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/caPools")
  3834  	urls += "?" + c.urlParams_.Encode()
  3835  	req, err := http.NewRequest("GET", urls, body)
  3836  	if err != nil {
  3837  		return nil, err
  3838  	}
  3839  	req.Header = reqHeaders
  3840  	googleapi.Expand(req.URL, map[string]string{
  3841  		"parent": c.parent,
  3842  	})
  3843  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3844  }
  3845  
  3846  // Do executes the "privateca.projects.locations.caPools.list" call.
  3847  // Any non-2xx status code is an error. Response headers are in either
  3848  // *ListCaPoolsResponse.ServerResponse.Header or (if a response was returned at
  3849  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  3850  // check whether the returned error was because http.StatusNotModified was
  3851  // returned.
  3852  func (c *ProjectsLocationsCaPoolsListCall) Do(opts ...googleapi.CallOption) (*ListCaPoolsResponse, error) {
  3853  	gensupport.SetOptions(c.urlParams_, opts...)
  3854  	res, err := c.doRequest("json")
  3855  	if res != nil && res.StatusCode == http.StatusNotModified {
  3856  		if res.Body != nil {
  3857  			res.Body.Close()
  3858  		}
  3859  		return nil, gensupport.WrapError(&googleapi.Error{
  3860  			Code:   res.StatusCode,
  3861  			Header: res.Header,
  3862  		})
  3863  	}
  3864  	if err != nil {
  3865  		return nil, err
  3866  	}
  3867  	defer googleapi.CloseBody(res)
  3868  	if err := googleapi.CheckResponse(res); err != nil {
  3869  		return nil, gensupport.WrapError(err)
  3870  	}
  3871  	ret := &ListCaPoolsResponse{
  3872  		ServerResponse: googleapi.ServerResponse{
  3873  			Header:         res.Header,
  3874  			HTTPStatusCode: res.StatusCode,
  3875  		},
  3876  	}
  3877  	target := &ret
  3878  	if err := gensupport.DecodeResponse(target, res); err != nil {
  3879  		return nil, err
  3880  	}
  3881  	return ret, nil
  3882  }
  3883  
  3884  // Pages invokes f for each page of results.
  3885  // A non-nil error returned from f will halt the iteration.
  3886  // The provided context supersedes any context provided to the Context method.
  3887  func (c *ProjectsLocationsCaPoolsListCall) Pages(ctx context.Context, f func(*ListCaPoolsResponse) error) error {
  3888  	c.ctx_ = ctx
  3889  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  3890  	for {
  3891  		x, err := c.Do()
  3892  		if err != nil {
  3893  			return err
  3894  		}
  3895  		if err := f(x); err != nil {
  3896  			return err
  3897  		}
  3898  		if x.NextPageToken == "" {
  3899  			return nil
  3900  		}
  3901  		c.PageToken(x.NextPageToken)
  3902  	}
  3903  }
  3904  
  3905  type ProjectsLocationsCaPoolsPatchCall struct {
  3906  	s          *Service
  3907  	name       string
  3908  	capool     *CaPool
  3909  	urlParams_ gensupport.URLParams
  3910  	ctx_       context.Context
  3911  	header_    http.Header
  3912  }
  3913  
  3914  // Patch: Update a CaPool.
  3915  //
  3916  //   - name: Output only. The resource name for this CaPool in the format
  3917  //     `projects/*/locations/*/caPools/*`.
  3918  func (r *ProjectsLocationsCaPoolsService) Patch(name string, capool *CaPool) *ProjectsLocationsCaPoolsPatchCall {
  3919  	c := &ProjectsLocationsCaPoolsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  3920  	c.name = name
  3921  	c.capool = capool
  3922  	return c
  3923  }
  3924  
  3925  // RequestId sets the optional parameter "requestId": An ID to identify
  3926  // requests. Specify a unique request ID so that if you must retry your
  3927  // request, the server will know to ignore the request if it has already been
  3928  // completed. The server will guarantee that for at least 60 minutes since the
  3929  // first request. For example, consider a situation where you make an initial
  3930  // request and the request times out. If you make the request again with the
  3931  // same request ID, the server can check if original operation with the same
  3932  // request ID was received, and if so, will ignore the second request. This
  3933  // prevents clients from accidentally creating duplicate commitments. The
  3934  // request ID must be a valid UUID with the exception that zero UUID is not
  3935  // supported (00000000-0000-0000-0000-000000000000).
  3936  func (c *ProjectsLocationsCaPoolsPatchCall) RequestId(requestId string) *ProjectsLocationsCaPoolsPatchCall {
  3937  	c.urlParams_.Set("requestId", requestId)
  3938  	return c
  3939  }
  3940  
  3941  // UpdateMask sets the optional parameter "updateMask": Required. A list of
  3942  // fields to be updated in this request.
  3943  func (c *ProjectsLocationsCaPoolsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCaPoolsPatchCall {
  3944  	c.urlParams_.Set("updateMask", updateMask)
  3945  	return c
  3946  }
  3947  
  3948  // Fields allows partial responses to be retrieved. See
  3949  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  3950  // details.
  3951  func (c *ProjectsLocationsCaPoolsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsPatchCall {
  3952  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  3953  	return c
  3954  }
  3955  
  3956  // Context sets the context to be used in this call's Do method.
  3957  func (c *ProjectsLocationsCaPoolsPatchCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsPatchCall {
  3958  	c.ctx_ = ctx
  3959  	return c
  3960  }
  3961  
  3962  // Header returns a http.Header that can be modified by the caller to add
  3963  // headers to the request.
  3964  func (c *ProjectsLocationsCaPoolsPatchCall) Header() http.Header {
  3965  	if c.header_ == nil {
  3966  		c.header_ = make(http.Header)
  3967  	}
  3968  	return c.header_
  3969  }
  3970  
  3971  func (c *ProjectsLocationsCaPoolsPatchCall) doRequest(alt string) (*http.Response, error) {
  3972  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  3973  	var body io.Reader = nil
  3974  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.capool)
  3975  	if err != nil {
  3976  		return nil, err
  3977  	}
  3978  	c.urlParams_.Set("alt", alt)
  3979  	c.urlParams_.Set("prettyPrint", "false")
  3980  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  3981  	urls += "?" + c.urlParams_.Encode()
  3982  	req, err := http.NewRequest("PATCH", urls, body)
  3983  	if err != nil {
  3984  		return nil, err
  3985  	}
  3986  	req.Header = reqHeaders
  3987  	googleapi.Expand(req.URL, map[string]string{
  3988  		"name": c.name,
  3989  	})
  3990  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  3991  }
  3992  
  3993  // Do executes the "privateca.projects.locations.caPools.patch" call.
  3994  // Any non-2xx status code is an error. Response headers are in either
  3995  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  3996  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  3997  // whether the returned error was because http.StatusNotModified was returned.
  3998  func (c *ProjectsLocationsCaPoolsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  3999  	gensupport.SetOptions(c.urlParams_, opts...)
  4000  	res, err := c.doRequest("json")
  4001  	if res != nil && res.StatusCode == http.StatusNotModified {
  4002  		if res.Body != nil {
  4003  			res.Body.Close()
  4004  		}
  4005  		return nil, gensupport.WrapError(&googleapi.Error{
  4006  			Code:   res.StatusCode,
  4007  			Header: res.Header,
  4008  		})
  4009  	}
  4010  	if err != nil {
  4011  		return nil, err
  4012  	}
  4013  	defer googleapi.CloseBody(res)
  4014  	if err := googleapi.CheckResponse(res); err != nil {
  4015  		return nil, gensupport.WrapError(err)
  4016  	}
  4017  	ret := &Operation{
  4018  		ServerResponse: googleapi.ServerResponse{
  4019  			Header:         res.Header,
  4020  			HTTPStatusCode: res.StatusCode,
  4021  		},
  4022  	}
  4023  	target := &ret
  4024  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4025  		return nil, err
  4026  	}
  4027  	return ret, nil
  4028  }
  4029  
  4030  type ProjectsLocationsCaPoolsSetIamPolicyCall struct {
  4031  	s                   *Service
  4032  	resource            string
  4033  	setiampolicyrequest *SetIamPolicyRequest
  4034  	urlParams_          gensupport.URLParams
  4035  	ctx_                context.Context
  4036  	header_             http.Header
  4037  }
  4038  
  4039  // SetIamPolicy: Sets the access control policy on the specified resource.
  4040  // Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`,
  4041  // and `PERMISSION_DENIED` errors.
  4042  //
  4043  //   - resource: REQUIRED: The resource for which the policy is being specified.
  4044  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  4045  //     for the appropriate value for this field.
  4046  func (r *ProjectsLocationsCaPoolsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsCaPoolsSetIamPolicyCall {
  4047  	c := &ProjectsLocationsCaPoolsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4048  	c.resource = resource
  4049  	c.setiampolicyrequest = setiampolicyrequest
  4050  	return c
  4051  }
  4052  
  4053  // Fields allows partial responses to be retrieved. See
  4054  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4055  // details.
  4056  func (c *ProjectsLocationsCaPoolsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsSetIamPolicyCall {
  4057  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4058  	return c
  4059  }
  4060  
  4061  // Context sets the context to be used in this call's Do method.
  4062  func (c *ProjectsLocationsCaPoolsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsSetIamPolicyCall {
  4063  	c.ctx_ = ctx
  4064  	return c
  4065  }
  4066  
  4067  // Header returns a http.Header that can be modified by the caller to add
  4068  // headers to the request.
  4069  func (c *ProjectsLocationsCaPoolsSetIamPolicyCall) Header() http.Header {
  4070  	if c.header_ == nil {
  4071  		c.header_ = make(http.Header)
  4072  	}
  4073  	return c.header_
  4074  }
  4075  
  4076  func (c *ProjectsLocationsCaPoolsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  4077  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4078  	var body io.Reader = nil
  4079  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
  4080  	if err != nil {
  4081  		return nil, err
  4082  	}
  4083  	c.urlParams_.Set("alt", alt)
  4084  	c.urlParams_.Set("prettyPrint", "false")
  4085  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy")
  4086  	urls += "?" + c.urlParams_.Encode()
  4087  	req, err := http.NewRequest("POST", urls, body)
  4088  	if err != nil {
  4089  		return nil, err
  4090  	}
  4091  	req.Header = reqHeaders
  4092  	googleapi.Expand(req.URL, map[string]string{
  4093  		"resource": c.resource,
  4094  	})
  4095  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4096  }
  4097  
  4098  // Do executes the "privateca.projects.locations.caPools.setIamPolicy" call.
  4099  // Any non-2xx status code is an error. Response headers are in either
  4100  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  4101  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4102  // whether the returned error was because http.StatusNotModified was returned.
  4103  func (c *ProjectsLocationsCaPoolsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  4104  	gensupport.SetOptions(c.urlParams_, opts...)
  4105  	res, err := c.doRequest("json")
  4106  	if res != nil && res.StatusCode == http.StatusNotModified {
  4107  		if res.Body != nil {
  4108  			res.Body.Close()
  4109  		}
  4110  		return nil, gensupport.WrapError(&googleapi.Error{
  4111  			Code:   res.StatusCode,
  4112  			Header: res.Header,
  4113  		})
  4114  	}
  4115  	if err != nil {
  4116  		return nil, err
  4117  	}
  4118  	defer googleapi.CloseBody(res)
  4119  	if err := googleapi.CheckResponse(res); err != nil {
  4120  		return nil, gensupport.WrapError(err)
  4121  	}
  4122  	ret := &Policy{
  4123  		ServerResponse: googleapi.ServerResponse{
  4124  			Header:         res.Header,
  4125  			HTTPStatusCode: res.StatusCode,
  4126  		},
  4127  	}
  4128  	target := &ret
  4129  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4130  		return nil, err
  4131  	}
  4132  	return ret, nil
  4133  }
  4134  
  4135  type ProjectsLocationsCaPoolsTestIamPermissionsCall struct {
  4136  	s                         *Service
  4137  	resource                  string
  4138  	testiampermissionsrequest *TestIamPermissionsRequest
  4139  	urlParams_                gensupport.URLParams
  4140  	ctx_                      context.Context
  4141  	header_                   http.Header
  4142  }
  4143  
  4144  // TestIamPermissions: Returns permissions that a caller has on the specified
  4145  // resource. If the resource does not exist, this will return an empty set of
  4146  // permissions, not a `NOT_FOUND` error. Note: This operation is designed to be
  4147  // used for building permission-aware UIs and command-line tools, not for
  4148  // authorization checking. This operation may "fail open" without warning.
  4149  //
  4150  //   - resource: REQUIRED: The resource for which the policy detail is being
  4151  //     requested. See Resource names
  4152  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  4153  //     value for this field.
  4154  func (r *ProjectsLocationsCaPoolsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsCaPoolsTestIamPermissionsCall {
  4155  	c := &ProjectsLocationsCaPoolsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4156  	c.resource = resource
  4157  	c.testiampermissionsrequest = testiampermissionsrequest
  4158  	return c
  4159  }
  4160  
  4161  // Fields allows partial responses to be retrieved. See
  4162  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4163  // details.
  4164  func (c *ProjectsLocationsCaPoolsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsTestIamPermissionsCall {
  4165  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4166  	return c
  4167  }
  4168  
  4169  // Context sets the context to be used in this call's Do method.
  4170  func (c *ProjectsLocationsCaPoolsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsTestIamPermissionsCall {
  4171  	c.ctx_ = ctx
  4172  	return c
  4173  }
  4174  
  4175  // Header returns a http.Header that can be modified by the caller to add
  4176  // headers to the request.
  4177  func (c *ProjectsLocationsCaPoolsTestIamPermissionsCall) Header() http.Header {
  4178  	if c.header_ == nil {
  4179  		c.header_ = make(http.Header)
  4180  	}
  4181  	return c.header_
  4182  }
  4183  
  4184  func (c *ProjectsLocationsCaPoolsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  4185  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4186  	var body io.Reader = nil
  4187  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  4188  	if err != nil {
  4189  		return nil, err
  4190  	}
  4191  	c.urlParams_.Set("alt", alt)
  4192  	c.urlParams_.Set("prettyPrint", "false")
  4193  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  4194  	urls += "?" + c.urlParams_.Encode()
  4195  	req, err := http.NewRequest("POST", urls, body)
  4196  	if err != nil {
  4197  		return nil, err
  4198  	}
  4199  	req.Header = reqHeaders
  4200  	googleapi.Expand(req.URL, map[string]string{
  4201  		"resource": c.resource,
  4202  	})
  4203  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4204  }
  4205  
  4206  // Do executes the "privateca.projects.locations.caPools.testIamPermissions" call.
  4207  // Any non-2xx status code is an error. Response headers are in either
  4208  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  4209  // returned at all) in error.(*googleapi.Error).Header. Use
  4210  // googleapi.IsNotModified to check whether the returned error was because
  4211  // http.StatusNotModified was returned.
  4212  func (c *ProjectsLocationsCaPoolsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  4213  	gensupport.SetOptions(c.urlParams_, opts...)
  4214  	res, err := c.doRequest("json")
  4215  	if res != nil && res.StatusCode == http.StatusNotModified {
  4216  		if res.Body != nil {
  4217  			res.Body.Close()
  4218  		}
  4219  		return nil, gensupport.WrapError(&googleapi.Error{
  4220  			Code:   res.StatusCode,
  4221  			Header: res.Header,
  4222  		})
  4223  	}
  4224  	if err != nil {
  4225  		return nil, err
  4226  	}
  4227  	defer googleapi.CloseBody(res)
  4228  	if err := googleapi.CheckResponse(res); err != nil {
  4229  		return nil, gensupport.WrapError(err)
  4230  	}
  4231  	ret := &TestIamPermissionsResponse{
  4232  		ServerResponse: googleapi.ServerResponse{
  4233  			Header:         res.Header,
  4234  			HTTPStatusCode: res.StatusCode,
  4235  		},
  4236  	}
  4237  	target := &ret
  4238  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4239  		return nil, err
  4240  	}
  4241  	return ret, nil
  4242  }
  4243  
  4244  type ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall struct {
  4245  	s                                   *Service
  4246  	name                                string
  4247  	activatecertificateauthorityrequest *ActivateCertificateAuthorityRequest
  4248  	urlParams_                          gensupport.URLParams
  4249  	ctx_                                context.Context
  4250  	header_                             http.Header
  4251  }
  4252  
  4253  // Activate: Activate a CertificateAuthority that is in state
  4254  // AWAITING_USER_ACTIVATION and is of type SUBORDINATE. After the parent
  4255  // Certificate Authority signs a certificate signing request from
  4256  // FetchCertificateAuthorityCsr, this method can complete the activation
  4257  // process.
  4258  //
  4259  //   - name: The resource name for this CertificateAuthority in the format
  4260  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  4261  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Activate(name string, activatecertificateauthorityrequest *ActivateCertificateAuthorityRequest) *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall {
  4262  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4263  	c.name = name
  4264  	c.activatecertificateauthorityrequest = activatecertificateauthorityrequest
  4265  	return c
  4266  }
  4267  
  4268  // Fields allows partial responses to be retrieved. See
  4269  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4270  // details.
  4271  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall {
  4272  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4273  	return c
  4274  }
  4275  
  4276  // Context sets the context to be used in this call's Do method.
  4277  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall {
  4278  	c.ctx_ = ctx
  4279  	return c
  4280  }
  4281  
  4282  // Header returns a http.Header that can be modified by the caller to add
  4283  // headers to the request.
  4284  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall) Header() http.Header {
  4285  	if c.header_ == nil {
  4286  		c.header_ = make(http.Header)
  4287  	}
  4288  	return c.header_
  4289  }
  4290  
  4291  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall) doRequest(alt string) (*http.Response, error) {
  4292  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4293  	var body io.Reader = nil
  4294  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.activatecertificateauthorityrequest)
  4295  	if err != nil {
  4296  		return nil, err
  4297  	}
  4298  	c.urlParams_.Set("alt", alt)
  4299  	c.urlParams_.Set("prettyPrint", "false")
  4300  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:activate")
  4301  	urls += "?" + c.urlParams_.Encode()
  4302  	req, err := http.NewRequest("POST", urls, body)
  4303  	if err != nil {
  4304  		return nil, err
  4305  	}
  4306  	req.Header = reqHeaders
  4307  	googleapi.Expand(req.URL, map[string]string{
  4308  		"name": c.name,
  4309  	})
  4310  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4311  }
  4312  
  4313  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.activate" call.
  4314  // Any non-2xx status code is an error. Response headers are in either
  4315  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4316  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4317  // whether the returned error was because http.StatusNotModified was returned.
  4318  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesActivateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4319  	gensupport.SetOptions(c.urlParams_, opts...)
  4320  	res, err := c.doRequest("json")
  4321  	if res != nil && res.StatusCode == http.StatusNotModified {
  4322  		if res.Body != nil {
  4323  			res.Body.Close()
  4324  		}
  4325  		return nil, gensupport.WrapError(&googleapi.Error{
  4326  			Code:   res.StatusCode,
  4327  			Header: res.Header,
  4328  		})
  4329  	}
  4330  	if err != nil {
  4331  		return nil, err
  4332  	}
  4333  	defer googleapi.CloseBody(res)
  4334  	if err := googleapi.CheckResponse(res); err != nil {
  4335  		return nil, gensupport.WrapError(err)
  4336  	}
  4337  	ret := &Operation{
  4338  		ServerResponse: googleapi.ServerResponse{
  4339  			Header:         res.Header,
  4340  			HTTPStatusCode: res.StatusCode,
  4341  		},
  4342  	}
  4343  	target := &ret
  4344  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4345  		return nil, err
  4346  	}
  4347  	return ret, nil
  4348  }
  4349  
  4350  type ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall struct {
  4351  	s                    *Service
  4352  	parent               string
  4353  	certificateauthority *CertificateAuthority
  4354  	urlParams_           gensupport.URLParams
  4355  	ctx_                 context.Context
  4356  	header_              http.Header
  4357  }
  4358  
  4359  // Create: Create a new CertificateAuthority in a given Project and Location.
  4360  //
  4361  //   - parent: The resource name of the CaPool associated with the
  4362  //     CertificateAuthorities, in the format `projects/*/locations/*/caPools/*`.
  4363  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Create(parent string, certificateauthority *CertificateAuthority) *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall {
  4364  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4365  	c.parent = parent
  4366  	c.certificateauthority = certificateauthority
  4367  	return c
  4368  }
  4369  
  4370  // CertificateAuthorityId sets the optional parameter "certificateAuthorityId":
  4371  // Required. It must be unique within a location and match the regular
  4372  // expression `[a-zA-Z0-9_-]{1,63}`
  4373  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) CertificateAuthorityId(certificateAuthorityId string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall {
  4374  	c.urlParams_.Set("certificateAuthorityId", certificateAuthorityId)
  4375  	return c
  4376  }
  4377  
  4378  // RequestId sets the optional parameter "requestId": An ID to identify
  4379  // requests. Specify a unique request ID so that if you must retry your
  4380  // request, the server will know to ignore the request if it has already been
  4381  // completed. The server will guarantee that for at least 60 minutes since the
  4382  // first request. For example, consider a situation where you make an initial
  4383  // request and the request times out. If you make the request again with the
  4384  // same request ID, the server can check if original operation with the same
  4385  // request ID was received, and if so, will ignore the second request. This
  4386  // prevents clients from accidentally creating duplicate commitments. The
  4387  // request ID must be a valid UUID with the exception that zero UUID is not
  4388  // supported (00000000-0000-0000-0000-000000000000).
  4389  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall {
  4390  	c.urlParams_.Set("requestId", requestId)
  4391  	return c
  4392  }
  4393  
  4394  // Fields allows partial responses to be retrieved. See
  4395  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4396  // details.
  4397  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall {
  4398  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4399  	return c
  4400  }
  4401  
  4402  // Context sets the context to be used in this call's Do method.
  4403  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall {
  4404  	c.ctx_ = ctx
  4405  	return c
  4406  }
  4407  
  4408  // Header returns a http.Header that can be modified by the caller to add
  4409  // headers to the request.
  4410  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) Header() http.Header {
  4411  	if c.header_ == nil {
  4412  		c.header_ = make(http.Header)
  4413  	}
  4414  	return c.header_
  4415  }
  4416  
  4417  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) doRequest(alt string) (*http.Response, error) {
  4418  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4419  	var body io.Reader = nil
  4420  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificateauthority)
  4421  	if err != nil {
  4422  		return nil, err
  4423  	}
  4424  	c.urlParams_.Set("alt", alt)
  4425  	c.urlParams_.Set("prettyPrint", "false")
  4426  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificateAuthorities")
  4427  	urls += "?" + c.urlParams_.Encode()
  4428  	req, err := http.NewRequest("POST", urls, body)
  4429  	if err != nil {
  4430  		return nil, err
  4431  	}
  4432  	req.Header = reqHeaders
  4433  	googleapi.Expand(req.URL, map[string]string{
  4434  		"parent": c.parent,
  4435  	})
  4436  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4437  }
  4438  
  4439  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.create" call.
  4440  // Any non-2xx status code is an error. Response headers are in either
  4441  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4442  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4443  // whether the returned error was because http.StatusNotModified was returned.
  4444  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4445  	gensupport.SetOptions(c.urlParams_, opts...)
  4446  	res, err := c.doRequest("json")
  4447  	if res != nil && res.StatusCode == http.StatusNotModified {
  4448  		if res.Body != nil {
  4449  			res.Body.Close()
  4450  		}
  4451  		return nil, gensupport.WrapError(&googleapi.Error{
  4452  			Code:   res.StatusCode,
  4453  			Header: res.Header,
  4454  		})
  4455  	}
  4456  	if err != nil {
  4457  		return nil, err
  4458  	}
  4459  	defer googleapi.CloseBody(res)
  4460  	if err := googleapi.CheckResponse(res); err != nil {
  4461  		return nil, gensupport.WrapError(err)
  4462  	}
  4463  	ret := &Operation{
  4464  		ServerResponse: googleapi.ServerResponse{
  4465  			Header:         res.Header,
  4466  			HTTPStatusCode: res.StatusCode,
  4467  		},
  4468  	}
  4469  	target := &ret
  4470  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4471  		return nil, err
  4472  	}
  4473  	return ret, nil
  4474  }
  4475  
  4476  type ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall struct {
  4477  	s          *Service
  4478  	name       string
  4479  	urlParams_ gensupport.URLParams
  4480  	ctx_       context.Context
  4481  	header_    http.Header
  4482  }
  4483  
  4484  // Delete: Delete a CertificateAuthority.
  4485  //
  4486  //   - name: The resource name for this CertificateAuthority in the format
  4487  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  4488  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Delete(name string) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4489  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4490  	c.name = name
  4491  	return c
  4492  }
  4493  
  4494  // IgnoreActiveCertificates sets the optional parameter
  4495  // "ignoreActiveCertificates": This field allows the CA to be deleted even if
  4496  // the CA has active certs. Active certs include both unrevoked and unexpired
  4497  // certs.
  4498  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) IgnoreActiveCertificates(ignoreActiveCertificates bool) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4499  	c.urlParams_.Set("ignoreActiveCertificates", fmt.Sprint(ignoreActiveCertificates))
  4500  	return c
  4501  }
  4502  
  4503  // IgnoreDependentResources sets the optional parameter
  4504  // "ignoreDependentResources": This field allows this CA to be deleted even if
  4505  // it's being depended on by another resource. However, doing so may result in
  4506  // unintended and unrecoverable effects on any dependent resources since the CA
  4507  // will no longer be able to issue certificates.
  4508  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) IgnoreDependentResources(ignoreDependentResources bool) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4509  	c.urlParams_.Set("ignoreDependentResources", fmt.Sprint(ignoreDependentResources))
  4510  	return c
  4511  }
  4512  
  4513  // RequestId sets the optional parameter "requestId": An ID to identify
  4514  // requests. Specify a unique request ID so that if you must retry your
  4515  // request, the server will know to ignore the request if it has already been
  4516  // completed. The server will guarantee that for at least 60 minutes since the
  4517  // first request. For example, consider a situation where you make an initial
  4518  // request and the request times out. If you make the request again with the
  4519  // same request ID, the server can check if original operation with the same
  4520  // request ID was received, and if so, will ignore the second request. This
  4521  // prevents clients from accidentally creating duplicate commitments. The
  4522  // request ID must be a valid UUID with the exception that zero UUID is not
  4523  // supported (00000000-0000-0000-0000-000000000000).
  4524  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4525  	c.urlParams_.Set("requestId", requestId)
  4526  	return c
  4527  }
  4528  
  4529  // SkipGracePeriod sets the optional parameter "skipGracePeriod": If this flag
  4530  // is set, the Certificate Authority will be deleted as soon as possible
  4531  // without a 30-day grace period where undeletion would have been allowed. If
  4532  // you proceed, there will be no way to recover this CA.
  4533  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) SkipGracePeriod(skipGracePeriod bool) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4534  	c.urlParams_.Set("skipGracePeriod", fmt.Sprint(skipGracePeriod))
  4535  	return c
  4536  }
  4537  
  4538  // Fields allows partial responses to be retrieved. See
  4539  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4540  // details.
  4541  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4542  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4543  	return c
  4544  }
  4545  
  4546  // Context sets the context to be used in this call's Do method.
  4547  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall {
  4548  	c.ctx_ = ctx
  4549  	return c
  4550  }
  4551  
  4552  // Header returns a http.Header that can be modified by the caller to add
  4553  // headers to the request.
  4554  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) Header() http.Header {
  4555  	if c.header_ == nil {
  4556  		c.header_ = make(http.Header)
  4557  	}
  4558  	return c.header_
  4559  }
  4560  
  4561  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) doRequest(alt string) (*http.Response, error) {
  4562  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4563  	var body io.Reader = nil
  4564  	c.urlParams_.Set("alt", alt)
  4565  	c.urlParams_.Set("prettyPrint", "false")
  4566  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4567  	urls += "?" + c.urlParams_.Encode()
  4568  	req, err := http.NewRequest("DELETE", urls, body)
  4569  	if err != nil {
  4570  		return nil, err
  4571  	}
  4572  	req.Header = reqHeaders
  4573  	googleapi.Expand(req.URL, map[string]string{
  4574  		"name": c.name,
  4575  	})
  4576  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4577  }
  4578  
  4579  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.delete" call.
  4580  // Any non-2xx status code is an error. Response headers are in either
  4581  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4582  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4583  // whether the returned error was because http.StatusNotModified was returned.
  4584  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4585  	gensupport.SetOptions(c.urlParams_, opts...)
  4586  	res, err := c.doRequest("json")
  4587  	if res != nil && res.StatusCode == http.StatusNotModified {
  4588  		if res.Body != nil {
  4589  			res.Body.Close()
  4590  		}
  4591  		return nil, gensupport.WrapError(&googleapi.Error{
  4592  			Code:   res.StatusCode,
  4593  			Header: res.Header,
  4594  		})
  4595  	}
  4596  	if err != nil {
  4597  		return nil, err
  4598  	}
  4599  	defer googleapi.CloseBody(res)
  4600  	if err := googleapi.CheckResponse(res); err != nil {
  4601  		return nil, gensupport.WrapError(err)
  4602  	}
  4603  	ret := &Operation{
  4604  		ServerResponse: googleapi.ServerResponse{
  4605  			Header:         res.Header,
  4606  			HTTPStatusCode: res.StatusCode,
  4607  		},
  4608  	}
  4609  	target := &ret
  4610  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4611  		return nil, err
  4612  	}
  4613  	return ret, nil
  4614  }
  4615  
  4616  type ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall struct {
  4617  	s                                  *Service
  4618  	name                               string
  4619  	disablecertificateauthorityrequest *DisableCertificateAuthorityRequest
  4620  	urlParams_                         gensupport.URLParams
  4621  	ctx_                               context.Context
  4622  	header_                            http.Header
  4623  }
  4624  
  4625  // Disable: Disable a CertificateAuthority.
  4626  //
  4627  //   - name: The resource name for this CertificateAuthority in the format
  4628  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  4629  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Disable(name string, disablecertificateauthorityrequest *DisableCertificateAuthorityRequest) *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall {
  4630  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4631  	c.name = name
  4632  	c.disablecertificateauthorityrequest = disablecertificateauthorityrequest
  4633  	return c
  4634  }
  4635  
  4636  // Fields allows partial responses to be retrieved. See
  4637  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4638  // details.
  4639  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall {
  4640  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4641  	return c
  4642  }
  4643  
  4644  // Context sets the context to be used in this call's Do method.
  4645  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall {
  4646  	c.ctx_ = ctx
  4647  	return c
  4648  }
  4649  
  4650  // Header returns a http.Header that can be modified by the caller to add
  4651  // headers to the request.
  4652  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall) Header() http.Header {
  4653  	if c.header_ == nil {
  4654  		c.header_ = make(http.Header)
  4655  	}
  4656  	return c.header_
  4657  }
  4658  
  4659  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall) doRequest(alt string) (*http.Response, error) {
  4660  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4661  	var body io.Reader = nil
  4662  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.disablecertificateauthorityrequest)
  4663  	if err != nil {
  4664  		return nil, err
  4665  	}
  4666  	c.urlParams_.Set("alt", alt)
  4667  	c.urlParams_.Set("prettyPrint", "false")
  4668  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:disable")
  4669  	urls += "?" + c.urlParams_.Encode()
  4670  	req, err := http.NewRequest("POST", urls, body)
  4671  	if err != nil {
  4672  		return nil, err
  4673  	}
  4674  	req.Header = reqHeaders
  4675  	googleapi.Expand(req.URL, map[string]string{
  4676  		"name": c.name,
  4677  	})
  4678  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4679  }
  4680  
  4681  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.disable" call.
  4682  // Any non-2xx status code is an error. Response headers are in either
  4683  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4684  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4685  // whether the returned error was because http.StatusNotModified was returned.
  4686  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesDisableCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4687  	gensupport.SetOptions(c.urlParams_, opts...)
  4688  	res, err := c.doRequest("json")
  4689  	if res != nil && res.StatusCode == http.StatusNotModified {
  4690  		if res.Body != nil {
  4691  			res.Body.Close()
  4692  		}
  4693  		return nil, gensupport.WrapError(&googleapi.Error{
  4694  			Code:   res.StatusCode,
  4695  			Header: res.Header,
  4696  		})
  4697  	}
  4698  	if err != nil {
  4699  		return nil, err
  4700  	}
  4701  	defer googleapi.CloseBody(res)
  4702  	if err := googleapi.CheckResponse(res); err != nil {
  4703  		return nil, gensupport.WrapError(err)
  4704  	}
  4705  	ret := &Operation{
  4706  		ServerResponse: googleapi.ServerResponse{
  4707  			Header:         res.Header,
  4708  			HTTPStatusCode: res.StatusCode,
  4709  		},
  4710  	}
  4711  	target := &ret
  4712  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4713  		return nil, err
  4714  	}
  4715  	return ret, nil
  4716  }
  4717  
  4718  type ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall struct {
  4719  	s                                 *Service
  4720  	name                              string
  4721  	enablecertificateauthorityrequest *EnableCertificateAuthorityRequest
  4722  	urlParams_                        gensupport.URLParams
  4723  	ctx_                              context.Context
  4724  	header_                           http.Header
  4725  }
  4726  
  4727  // Enable: Enable a CertificateAuthority.
  4728  //
  4729  //   - name: The resource name for this CertificateAuthority in the format
  4730  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  4731  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Enable(name string, enablecertificateauthorityrequest *EnableCertificateAuthorityRequest) *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall {
  4732  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4733  	c.name = name
  4734  	c.enablecertificateauthorityrequest = enablecertificateauthorityrequest
  4735  	return c
  4736  }
  4737  
  4738  // Fields allows partial responses to be retrieved. See
  4739  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4740  // details.
  4741  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall {
  4742  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4743  	return c
  4744  }
  4745  
  4746  // Context sets the context to be used in this call's Do method.
  4747  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall {
  4748  	c.ctx_ = ctx
  4749  	return c
  4750  }
  4751  
  4752  // Header returns a http.Header that can be modified by the caller to add
  4753  // headers to the request.
  4754  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall) Header() http.Header {
  4755  	if c.header_ == nil {
  4756  		c.header_ = make(http.Header)
  4757  	}
  4758  	return c.header_
  4759  }
  4760  
  4761  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall) doRequest(alt string) (*http.Response, error) {
  4762  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  4763  	var body io.Reader = nil
  4764  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.enablecertificateauthorityrequest)
  4765  	if err != nil {
  4766  		return nil, err
  4767  	}
  4768  	c.urlParams_.Set("alt", alt)
  4769  	c.urlParams_.Set("prettyPrint", "false")
  4770  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:enable")
  4771  	urls += "?" + c.urlParams_.Encode()
  4772  	req, err := http.NewRequest("POST", urls, body)
  4773  	if err != nil {
  4774  		return nil, err
  4775  	}
  4776  	req.Header = reqHeaders
  4777  	googleapi.Expand(req.URL, map[string]string{
  4778  		"name": c.name,
  4779  	})
  4780  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4781  }
  4782  
  4783  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.enable" call.
  4784  // Any non-2xx status code is an error. Response headers are in either
  4785  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  4786  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  4787  // whether the returned error was because http.StatusNotModified was returned.
  4788  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesEnableCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  4789  	gensupport.SetOptions(c.urlParams_, opts...)
  4790  	res, err := c.doRequest("json")
  4791  	if res != nil && res.StatusCode == http.StatusNotModified {
  4792  		if res.Body != nil {
  4793  			res.Body.Close()
  4794  		}
  4795  		return nil, gensupport.WrapError(&googleapi.Error{
  4796  			Code:   res.StatusCode,
  4797  			Header: res.Header,
  4798  		})
  4799  	}
  4800  	if err != nil {
  4801  		return nil, err
  4802  	}
  4803  	defer googleapi.CloseBody(res)
  4804  	if err := googleapi.CheckResponse(res); err != nil {
  4805  		return nil, gensupport.WrapError(err)
  4806  	}
  4807  	ret := &Operation{
  4808  		ServerResponse: googleapi.ServerResponse{
  4809  			Header:         res.Header,
  4810  			HTTPStatusCode: res.StatusCode,
  4811  		},
  4812  	}
  4813  	target := &ret
  4814  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4815  		return nil, err
  4816  	}
  4817  	return ret, nil
  4818  }
  4819  
  4820  type ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall struct {
  4821  	s            *Service
  4822  	name         string
  4823  	urlParams_   gensupport.URLParams
  4824  	ifNoneMatch_ string
  4825  	ctx_         context.Context
  4826  	header_      http.Header
  4827  }
  4828  
  4829  // Fetch: Fetch a certificate signing request (CSR) from a CertificateAuthority
  4830  // that is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. The
  4831  // CSR must then be signed by the desired parent Certificate Authority, which
  4832  // could be another CertificateAuthority resource, or could be an on-prem
  4833  // certificate authority. See also ActivateCertificateAuthority.
  4834  //
  4835  //   - name: The resource name for this CertificateAuthority in the format
  4836  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  4837  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Fetch(name string) *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall {
  4838  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4839  	c.name = name
  4840  	return c
  4841  }
  4842  
  4843  // Fields allows partial responses to be retrieved. See
  4844  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4845  // details.
  4846  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall {
  4847  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4848  	return c
  4849  }
  4850  
  4851  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4852  // object's ETag matches the given value. This is useful for getting updates
  4853  // only after the object has changed since the last request.
  4854  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall {
  4855  	c.ifNoneMatch_ = entityTag
  4856  	return c
  4857  }
  4858  
  4859  // Context sets the context to be used in this call's Do method.
  4860  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall {
  4861  	c.ctx_ = ctx
  4862  	return c
  4863  }
  4864  
  4865  // Header returns a http.Header that can be modified by the caller to add
  4866  // headers to the request.
  4867  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall) Header() http.Header {
  4868  	if c.header_ == nil {
  4869  		c.header_ = make(http.Header)
  4870  	}
  4871  	return c.header_
  4872  }
  4873  
  4874  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall) doRequest(alt string) (*http.Response, error) {
  4875  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4876  	if c.ifNoneMatch_ != "" {
  4877  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4878  	}
  4879  	var body io.Reader = nil
  4880  	c.urlParams_.Set("alt", alt)
  4881  	c.urlParams_.Set("prettyPrint", "false")
  4882  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:fetch")
  4883  	urls += "?" + c.urlParams_.Encode()
  4884  	req, err := http.NewRequest("GET", urls, body)
  4885  	if err != nil {
  4886  		return nil, err
  4887  	}
  4888  	req.Header = reqHeaders
  4889  	googleapi.Expand(req.URL, map[string]string{
  4890  		"name": c.name,
  4891  	})
  4892  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  4893  }
  4894  
  4895  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.fetch" call.
  4896  // Any non-2xx status code is an error. Response headers are in either
  4897  // *FetchCertificateAuthorityCsrResponse.ServerResponse.Header or (if a
  4898  // response was returned at all) in error.(*googleapi.Error).Header. Use
  4899  // googleapi.IsNotModified to check whether the returned error was because
  4900  // http.StatusNotModified was returned.
  4901  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesFetchCall) Do(opts ...googleapi.CallOption) (*FetchCertificateAuthorityCsrResponse, error) {
  4902  	gensupport.SetOptions(c.urlParams_, opts...)
  4903  	res, err := c.doRequest("json")
  4904  	if res != nil && res.StatusCode == http.StatusNotModified {
  4905  		if res.Body != nil {
  4906  			res.Body.Close()
  4907  		}
  4908  		return nil, gensupport.WrapError(&googleapi.Error{
  4909  			Code:   res.StatusCode,
  4910  			Header: res.Header,
  4911  		})
  4912  	}
  4913  	if err != nil {
  4914  		return nil, err
  4915  	}
  4916  	defer googleapi.CloseBody(res)
  4917  	if err := googleapi.CheckResponse(res); err != nil {
  4918  		return nil, gensupport.WrapError(err)
  4919  	}
  4920  	ret := &FetchCertificateAuthorityCsrResponse{
  4921  		ServerResponse: googleapi.ServerResponse{
  4922  			Header:         res.Header,
  4923  			HTTPStatusCode: res.StatusCode,
  4924  		},
  4925  	}
  4926  	target := &ret
  4927  	if err := gensupport.DecodeResponse(target, res); err != nil {
  4928  		return nil, err
  4929  	}
  4930  	return ret, nil
  4931  }
  4932  
  4933  type ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall struct {
  4934  	s            *Service
  4935  	name         string
  4936  	urlParams_   gensupport.URLParams
  4937  	ifNoneMatch_ string
  4938  	ctx_         context.Context
  4939  	header_      http.Header
  4940  }
  4941  
  4942  // Get: Returns a CertificateAuthority.
  4943  //
  4944  // - name: The name of the CertificateAuthority to get.
  4945  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Get(name string) *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall {
  4946  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  4947  	c.name = name
  4948  	return c
  4949  }
  4950  
  4951  // Fields allows partial responses to be retrieved. See
  4952  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  4953  // details.
  4954  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall {
  4955  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  4956  	return c
  4957  }
  4958  
  4959  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  4960  // object's ETag matches the given value. This is useful for getting updates
  4961  // only after the object has changed since the last request.
  4962  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall {
  4963  	c.ifNoneMatch_ = entityTag
  4964  	return c
  4965  }
  4966  
  4967  // Context sets the context to be used in this call's Do method.
  4968  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall {
  4969  	c.ctx_ = ctx
  4970  	return c
  4971  }
  4972  
  4973  // Header returns a http.Header that can be modified by the caller to add
  4974  // headers to the request.
  4975  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall) Header() http.Header {
  4976  	if c.header_ == nil {
  4977  		c.header_ = make(http.Header)
  4978  	}
  4979  	return c.header_
  4980  }
  4981  
  4982  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall) doRequest(alt string) (*http.Response, error) {
  4983  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  4984  	if c.ifNoneMatch_ != "" {
  4985  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  4986  	}
  4987  	var body io.Reader = nil
  4988  	c.urlParams_.Set("alt", alt)
  4989  	c.urlParams_.Set("prettyPrint", "false")
  4990  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  4991  	urls += "?" + c.urlParams_.Encode()
  4992  	req, err := http.NewRequest("GET", urls, body)
  4993  	if err != nil {
  4994  		return nil, err
  4995  	}
  4996  	req.Header = reqHeaders
  4997  	googleapi.Expand(req.URL, map[string]string{
  4998  		"name": c.name,
  4999  	})
  5000  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5001  }
  5002  
  5003  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.get" call.
  5004  // Any non-2xx status code is an error. Response headers are in either
  5005  // *CertificateAuthority.ServerResponse.Header or (if a response was returned
  5006  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  5007  // check whether the returned error was because http.StatusNotModified was
  5008  // returned.
  5009  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesGetCall) Do(opts ...googleapi.CallOption) (*CertificateAuthority, error) {
  5010  	gensupport.SetOptions(c.urlParams_, opts...)
  5011  	res, err := c.doRequest("json")
  5012  	if res != nil && res.StatusCode == http.StatusNotModified {
  5013  		if res.Body != nil {
  5014  			res.Body.Close()
  5015  		}
  5016  		return nil, gensupport.WrapError(&googleapi.Error{
  5017  			Code:   res.StatusCode,
  5018  			Header: res.Header,
  5019  		})
  5020  	}
  5021  	if err != nil {
  5022  		return nil, err
  5023  	}
  5024  	defer googleapi.CloseBody(res)
  5025  	if err := googleapi.CheckResponse(res); err != nil {
  5026  		return nil, gensupport.WrapError(err)
  5027  	}
  5028  	ret := &CertificateAuthority{
  5029  		ServerResponse: googleapi.ServerResponse{
  5030  			Header:         res.Header,
  5031  			HTTPStatusCode: res.StatusCode,
  5032  		},
  5033  	}
  5034  	target := &ret
  5035  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5036  		return nil, err
  5037  	}
  5038  	return ret, nil
  5039  }
  5040  
  5041  type ProjectsLocationsCaPoolsCertificateAuthoritiesListCall struct {
  5042  	s            *Service
  5043  	parent       string
  5044  	urlParams_   gensupport.URLParams
  5045  	ifNoneMatch_ string
  5046  	ctx_         context.Context
  5047  	header_      http.Header
  5048  }
  5049  
  5050  // List: Lists CertificateAuthorities.
  5051  //
  5052  //   - parent: The resource name of the CaPool associated with the
  5053  //     CertificateAuthorities, in the format `projects/*/locations/*/caPools/*`.
  5054  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) List(parent string) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5055  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5056  	c.parent = parent
  5057  	return c
  5058  }
  5059  
  5060  // Filter sets the optional parameter "filter": Only include resources that
  5061  // match the filter in the response.
  5062  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) Filter(filter string) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5063  	c.urlParams_.Set("filter", filter)
  5064  	return c
  5065  }
  5066  
  5067  // OrderBy sets the optional parameter "orderBy": Specify how the results
  5068  // should be sorted.
  5069  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) OrderBy(orderBy string) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5070  	c.urlParams_.Set("orderBy", orderBy)
  5071  	return c
  5072  }
  5073  
  5074  // PageSize sets the optional parameter "pageSize": Limit on the number of
  5075  // CertificateAuthorities to include in the response. Further
  5076  // CertificateAuthorities can subsequently be obtained by including the
  5077  // ListCertificateAuthoritiesResponse.next_page_token in a subsequent request.
  5078  // If unspecified, the server will pick an appropriate default.
  5079  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) PageSize(pageSize int64) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5080  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  5081  	return c
  5082  }
  5083  
  5084  // PageToken sets the optional parameter "pageToken": Pagination token,
  5085  // returned earlier via ListCertificateAuthoritiesResponse.next_page_token.
  5086  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) PageToken(pageToken string) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5087  	c.urlParams_.Set("pageToken", pageToken)
  5088  	return c
  5089  }
  5090  
  5091  // Fields allows partial responses to be retrieved. See
  5092  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5093  // details.
  5094  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5095  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5096  	return c
  5097  }
  5098  
  5099  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5100  // object's ETag matches the given value. This is useful for getting updates
  5101  // only after the object has changed since the last request.
  5102  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5103  	c.ifNoneMatch_ = entityTag
  5104  	return c
  5105  }
  5106  
  5107  // Context sets the context to be used in this call's Do method.
  5108  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall {
  5109  	c.ctx_ = ctx
  5110  	return c
  5111  }
  5112  
  5113  // Header returns a http.Header that can be modified by the caller to add
  5114  // headers to the request.
  5115  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) Header() http.Header {
  5116  	if c.header_ == nil {
  5117  		c.header_ = make(http.Header)
  5118  	}
  5119  	return c.header_
  5120  }
  5121  
  5122  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) doRequest(alt string) (*http.Response, error) {
  5123  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5124  	if c.ifNoneMatch_ != "" {
  5125  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5126  	}
  5127  	var body io.Reader = nil
  5128  	c.urlParams_.Set("alt", alt)
  5129  	c.urlParams_.Set("prettyPrint", "false")
  5130  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificateAuthorities")
  5131  	urls += "?" + c.urlParams_.Encode()
  5132  	req, err := http.NewRequest("GET", urls, body)
  5133  	if err != nil {
  5134  		return nil, err
  5135  	}
  5136  	req.Header = reqHeaders
  5137  	googleapi.Expand(req.URL, map[string]string{
  5138  		"parent": c.parent,
  5139  	})
  5140  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5141  }
  5142  
  5143  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.list" call.
  5144  // Any non-2xx status code is an error. Response headers are in either
  5145  // *ListCertificateAuthoritiesResponse.ServerResponse.Header or (if a response
  5146  // was returned at all) in error.(*googleapi.Error).Header. Use
  5147  // googleapi.IsNotModified to check whether the returned error was because
  5148  // http.StatusNotModified was returned.
  5149  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) Do(opts ...googleapi.CallOption) (*ListCertificateAuthoritiesResponse, error) {
  5150  	gensupport.SetOptions(c.urlParams_, opts...)
  5151  	res, err := c.doRequest("json")
  5152  	if res != nil && res.StatusCode == http.StatusNotModified {
  5153  		if res.Body != nil {
  5154  			res.Body.Close()
  5155  		}
  5156  		return nil, gensupport.WrapError(&googleapi.Error{
  5157  			Code:   res.StatusCode,
  5158  			Header: res.Header,
  5159  		})
  5160  	}
  5161  	if err != nil {
  5162  		return nil, err
  5163  	}
  5164  	defer googleapi.CloseBody(res)
  5165  	if err := googleapi.CheckResponse(res); err != nil {
  5166  		return nil, gensupport.WrapError(err)
  5167  	}
  5168  	ret := &ListCertificateAuthoritiesResponse{
  5169  		ServerResponse: googleapi.ServerResponse{
  5170  			Header:         res.Header,
  5171  			HTTPStatusCode: res.StatusCode,
  5172  		},
  5173  	}
  5174  	target := &ret
  5175  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5176  		return nil, err
  5177  	}
  5178  	return ret, nil
  5179  }
  5180  
  5181  // Pages invokes f for each page of results.
  5182  // A non-nil error returned from f will halt the iteration.
  5183  // The provided context supersedes any context provided to the Context method.
  5184  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesListCall) Pages(ctx context.Context, f func(*ListCertificateAuthoritiesResponse) error) error {
  5185  	c.ctx_ = ctx
  5186  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  5187  	for {
  5188  		x, err := c.Do()
  5189  		if err != nil {
  5190  			return err
  5191  		}
  5192  		if err := f(x); err != nil {
  5193  			return err
  5194  		}
  5195  		if x.NextPageToken == "" {
  5196  			return nil
  5197  		}
  5198  		c.PageToken(x.NextPageToken)
  5199  	}
  5200  }
  5201  
  5202  type ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall struct {
  5203  	s                    *Service
  5204  	name                 string
  5205  	certificateauthority *CertificateAuthority
  5206  	urlParams_           gensupport.URLParams
  5207  	ctx_                 context.Context
  5208  	header_              http.Header
  5209  }
  5210  
  5211  // Patch: Update a CertificateAuthority.
  5212  //
  5213  //   - name: Output only. The resource name for this CertificateAuthority in the
  5214  //     format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  5215  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Patch(name string, certificateauthority *CertificateAuthority) *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall {
  5216  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5217  	c.name = name
  5218  	c.certificateauthority = certificateauthority
  5219  	return c
  5220  }
  5221  
  5222  // RequestId sets the optional parameter "requestId": An ID to identify
  5223  // requests. Specify a unique request ID so that if you must retry your
  5224  // request, the server will know to ignore the request if it has already been
  5225  // completed. The server will guarantee that for at least 60 minutes since the
  5226  // first request. For example, consider a situation where you make an initial
  5227  // request and the request times out. If you make the request again with the
  5228  // same request ID, the server can check if original operation with the same
  5229  // request ID was received, and if so, will ignore the second request. This
  5230  // prevents clients from accidentally creating duplicate commitments. The
  5231  // request ID must be a valid UUID with the exception that zero UUID is not
  5232  // supported (00000000-0000-0000-0000-000000000000).
  5233  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall {
  5234  	c.urlParams_.Set("requestId", requestId)
  5235  	return c
  5236  }
  5237  
  5238  // UpdateMask sets the optional parameter "updateMask": Required. A list of
  5239  // fields to be updated in this request.
  5240  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall {
  5241  	c.urlParams_.Set("updateMask", updateMask)
  5242  	return c
  5243  }
  5244  
  5245  // Fields allows partial responses to be retrieved. See
  5246  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5247  // details.
  5248  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall {
  5249  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5250  	return c
  5251  }
  5252  
  5253  // Context sets the context to be used in this call's Do method.
  5254  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall {
  5255  	c.ctx_ = ctx
  5256  	return c
  5257  }
  5258  
  5259  // Header returns a http.Header that can be modified by the caller to add
  5260  // headers to the request.
  5261  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) Header() http.Header {
  5262  	if c.header_ == nil {
  5263  		c.header_ = make(http.Header)
  5264  	}
  5265  	return c.header_
  5266  }
  5267  
  5268  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) doRequest(alt string) (*http.Response, error) {
  5269  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5270  	var body io.Reader = nil
  5271  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificateauthority)
  5272  	if err != nil {
  5273  		return nil, err
  5274  	}
  5275  	c.urlParams_.Set("alt", alt)
  5276  	c.urlParams_.Set("prettyPrint", "false")
  5277  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5278  	urls += "?" + c.urlParams_.Encode()
  5279  	req, err := http.NewRequest("PATCH", urls, body)
  5280  	if err != nil {
  5281  		return nil, err
  5282  	}
  5283  	req.Header = reqHeaders
  5284  	googleapi.Expand(req.URL, map[string]string{
  5285  		"name": c.name,
  5286  	})
  5287  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5288  }
  5289  
  5290  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.patch" call.
  5291  // Any non-2xx status code is an error. Response headers are in either
  5292  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5293  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5294  // whether the returned error was because http.StatusNotModified was returned.
  5295  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5296  	gensupport.SetOptions(c.urlParams_, opts...)
  5297  	res, err := c.doRequest("json")
  5298  	if res != nil && res.StatusCode == http.StatusNotModified {
  5299  		if res.Body != nil {
  5300  			res.Body.Close()
  5301  		}
  5302  		return nil, gensupport.WrapError(&googleapi.Error{
  5303  			Code:   res.StatusCode,
  5304  			Header: res.Header,
  5305  		})
  5306  	}
  5307  	if err != nil {
  5308  		return nil, err
  5309  	}
  5310  	defer googleapi.CloseBody(res)
  5311  	if err := googleapi.CheckResponse(res); err != nil {
  5312  		return nil, gensupport.WrapError(err)
  5313  	}
  5314  	ret := &Operation{
  5315  		ServerResponse: googleapi.ServerResponse{
  5316  			Header:         res.Header,
  5317  			HTTPStatusCode: res.StatusCode,
  5318  		},
  5319  	}
  5320  	target := &ret
  5321  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5322  		return nil, err
  5323  	}
  5324  	return ret, nil
  5325  }
  5326  
  5327  type ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall struct {
  5328  	s                                   *Service
  5329  	name                                string
  5330  	undeletecertificateauthorityrequest *UndeleteCertificateAuthorityRequest
  5331  	urlParams_                          gensupport.URLParams
  5332  	ctx_                                context.Context
  5333  	header_                             http.Header
  5334  }
  5335  
  5336  // Undelete: Undelete a CertificateAuthority that has been deleted.
  5337  //
  5338  //   - name: The resource name for this CertificateAuthority in the format
  5339  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  5340  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesService) Undelete(name string, undeletecertificateauthorityrequest *UndeleteCertificateAuthorityRequest) *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall {
  5341  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5342  	c.name = name
  5343  	c.undeletecertificateauthorityrequest = undeletecertificateauthorityrequest
  5344  	return c
  5345  }
  5346  
  5347  // Fields allows partial responses to be retrieved. See
  5348  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5349  // details.
  5350  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall {
  5351  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5352  	return c
  5353  }
  5354  
  5355  // Context sets the context to be used in this call's Do method.
  5356  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall {
  5357  	c.ctx_ = ctx
  5358  	return c
  5359  }
  5360  
  5361  // Header returns a http.Header that can be modified by the caller to add
  5362  // headers to the request.
  5363  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall) Header() http.Header {
  5364  	if c.header_ == nil {
  5365  		c.header_ = make(http.Header)
  5366  	}
  5367  	return c.header_
  5368  }
  5369  
  5370  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall) doRequest(alt string) (*http.Response, error) {
  5371  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5372  	var body io.Reader = nil
  5373  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.undeletecertificateauthorityrequest)
  5374  	if err != nil {
  5375  		return nil, err
  5376  	}
  5377  	c.urlParams_.Set("alt", alt)
  5378  	c.urlParams_.Set("prettyPrint", "false")
  5379  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:undelete")
  5380  	urls += "?" + c.urlParams_.Encode()
  5381  	req, err := http.NewRequest("POST", urls, body)
  5382  	if err != nil {
  5383  		return nil, err
  5384  	}
  5385  	req.Header = reqHeaders
  5386  	googleapi.Expand(req.URL, map[string]string{
  5387  		"name": c.name,
  5388  	})
  5389  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5390  }
  5391  
  5392  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.undelete" call.
  5393  // Any non-2xx status code is an error. Response headers are in either
  5394  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5395  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5396  // whether the returned error was because http.StatusNotModified was returned.
  5397  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesUndeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5398  	gensupport.SetOptions(c.urlParams_, opts...)
  5399  	res, err := c.doRequest("json")
  5400  	if res != nil && res.StatusCode == http.StatusNotModified {
  5401  		if res.Body != nil {
  5402  			res.Body.Close()
  5403  		}
  5404  		return nil, gensupport.WrapError(&googleapi.Error{
  5405  			Code:   res.StatusCode,
  5406  			Header: res.Header,
  5407  		})
  5408  	}
  5409  	if err != nil {
  5410  		return nil, err
  5411  	}
  5412  	defer googleapi.CloseBody(res)
  5413  	if err := googleapi.CheckResponse(res); err != nil {
  5414  		return nil, gensupport.WrapError(err)
  5415  	}
  5416  	ret := &Operation{
  5417  		ServerResponse: googleapi.ServerResponse{
  5418  			Header:         res.Header,
  5419  			HTTPStatusCode: res.StatusCode,
  5420  		},
  5421  	}
  5422  	target := &ret
  5423  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5424  		return nil, err
  5425  	}
  5426  	return ret, nil
  5427  }
  5428  
  5429  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall struct {
  5430  	s            *Service
  5431  	name         string
  5432  	urlParams_   gensupport.URLParams
  5433  	ifNoneMatch_ string
  5434  	ctx_         context.Context
  5435  	header_      http.Header
  5436  }
  5437  
  5438  // Get: Returns a CertificateRevocationList.
  5439  //
  5440  // - name: The name of the CertificateRevocationList to get.
  5441  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService) Get(name string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall {
  5442  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5443  	c.name = name
  5444  	return c
  5445  }
  5446  
  5447  // Fields allows partial responses to be retrieved. See
  5448  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5449  // details.
  5450  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall {
  5451  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5452  	return c
  5453  }
  5454  
  5455  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5456  // object's ETag matches the given value. This is useful for getting updates
  5457  // only after the object has changed since the last request.
  5458  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall {
  5459  	c.ifNoneMatch_ = entityTag
  5460  	return c
  5461  }
  5462  
  5463  // Context sets the context to be used in this call's Do method.
  5464  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall {
  5465  	c.ctx_ = ctx
  5466  	return c
  5467  }
  5468  
  5469  // Header returns a http.Header that can be modified by the caller to add
  5470  // headers to the request.
  5471  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall) Header() http.Header {
  5472  	if c.header_ == nil {
  5473  		c.header_ = make(http.Header)
  5474  	}
  5475  	return c.header_
  5476  }
  5477  
  5478  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall) doRequest(alt string) (*http.Response, error) {
  5479  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5480  	if c.ifNoneMatch_ != "" {
  5481  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5482  	}
  5483  	var body io.Reader = nil
  5484  	c.urlParams_.Set("alt", alt)
  5485  	c.urlParams_.Set("prettyPrint", "false")
  5486  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5487  	urls += "?" + c.urlParams_.Encode()
  5488  	req, err := http.NewRequest("GET", urls, body)
  5489  	if err != nil {
  5490  		return nil, err
  5491  	}
  5492  	req.Header = reqHeaders
  5493  	googleapi.Expand(req.URL, map[string]string{
  5494  		"name": c.name,
  5495  	})
  5496  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5497  }
  5498  
  5499  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.get" call.
  5500  // Any non-2xx status code is an error. Response headers are in either
  5501  // *CertificateRevocationList.ServerResponse.Header or (if a response was
  5502  // returned at all) in error.(*googleapi.Error).Header. Use
  5503  // googleapi.IsNotModified to check whether the returned error was because
  5504  // http.StatusNotModified was returned.
  5505  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetCall) Do(opts ...googleapi.CallOption) (*CertificateRevocationList, error) {
  5506  	gensupport.SetOptions(c.urlParams_, opts...)
  5507  	res, err := c.doRequest("json")
  5508  	if res != nil && res.StatusCode == http.StatusNotModified {
  5509  		if res.Body != nil {
  5510  			res.Body.Close()
  5511  		}
  5512  		return nil, gensupport.WrapError(&googleapi.Error{
  5513  			Code:   res.StatusCode,
  5514  			Header: res.Header,
  5515  		})
  5516  	}
  5517  	if err != nil {
  5518  		return nil, err
  5519  	}
  5520  	defer googleapi.CloseBody(res)
  5521  	if err := googleapi.CheckResponse(res); err != nil {
  5522  		return nil, gensupport.WrapError(err)
  5523  	}
  5524  	ret := &CertificateRevocationList{
  5525  		ServerResponse: googleapi.ServerResponse{
  5526  			Header:         res.Header,
  5527  			HTTPStatusCode: res.StatusCode,
  5528  		},
  5529  	}
  5530  	target := &ret
  5531  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5532  		return nil, err
  5533  	}
  5534  	return ret, nil
  5535  }
  5536  
  5537  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall struct {
  5538  	s            *Service
  5539  	resource     string
  5540  	urlParams_   gensupport.URLParams
  5541  	ifNoneMatch_ string
  5542  	ctx_         context.Context
  5543  	header_      http.Header
  5544  }
  5545  
  5546  // GetIamPolicy: Gets the access control policy for a resource. Returns an
  5547  // empty policy if the resource exists and does not have a policy set.
  5548  //
  5549  //   - resource: REQUIRED: The resource for which the policy is being requested.
  5550  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  5551  //     for the appropriate value for this field.
  5552  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService) GetIamPolicy(resource string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
  5553  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5554  	c.resource = resource
  5555  	return c
  5556  }
  5557  
  5558  // OptionsRequestedPolicyVersion sets the optional parameter
  5559  // "options.requestedPolicyVersion": The maximum policy version that will be
  5560  // used to format the policy. Valid values are 0, 1, and 3. Requests specifying
  5561  // an invalid value will be rejected. Requests for policies with any
  5562  // conditional role bindings must specify version 3. Policies with no
  5563  // conditional role bindings may specify any valid value or leave the field
  5564  // unset. The policy in the response might use the policy version that you
  5565  // specified, or it might use a lower policy version. For example, if you
  5566  // specify version 3, but the policy has no conditional role bindings, the
  5567  // response uses version 1. To learn which resources support conditions in
  5568  // their IAM policies, see the IAM documentation
  5569  // (https://cloud.google.com/iam/help/conditions/resource-policies).
  5570  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
  5571  	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
  5572  	return c
  5573  }
  5574  
  5575  // Fields allows partial responses to be retrieved. See
  5576  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5577  // details.
  5578  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
  5579  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5580  	return c
  5581  }
  5582  
  5583  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5584  // object's ETag matches the given value. This is useful for getting updates
  5585  // only after the object has changed since the last request.
  5586  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
  5587  	c.ifNoneMatch_ = entityTag
  5588  	return c
  5589  }
  5590  
  5591  // Context sets the context to be used in this call's Do method.
  5592  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall {
  5593  	c.ctx_ = ctx
  5594  	return c
  5595  }
  5596  
  5597  // Header returns a http.Header that can be modified by the caller to add
  5598  // headers to the request.
  5599  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Header() http.Header {
  5600  	if c.header_ == nil {
  5601  		c.header_ = make(http.Header)
  5602  	}
  5603  	return c.header_
  5604  }
  5605  
  5606  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  5607  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5608  	if c.ifNoneMatch_ != "" {
  5609  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5610  	}
  5611  	var body io.Reader = nil
  5612  	c.urlParams_.Set("alt", alt)
  5613  	c.urlParams_.Set("prettyPrint", "false")
  5614  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy")
  5615  	urls += "?" + c.urlParams_.Encode()
  5616  	req, err := http.NewRequest("GET", urls, body)
  5617  	if err != nil {
  5618  		return nil, err
  5619  	}
  5620  	req.Header = reqHeaders
  5621  	googleapi.Expand(req.URL, map[string]string{
  5622  		"resource": c.resource,
  5623  	})
  5624  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5625  }
  5626  
  5627  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.getIamPolicy" call.
  5628  // Any non-2xx status code is an error. Response headers are in either
  5629  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  5630  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5631  // whether the returned error was because http.StatusNotModified was returned.
  5632  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  5633  	gensupport.SetOptions(c.urlParams_, opts...)
  5634  	res, err := c.doRequest("json")
  5635  	if res != nil && res.StatusCode == http.StatusNotModified {
  5636  		if res.Body != nil {
  5637  			res.Body.Close()
  5638  		}
  5639  		return nil, gensupport.WrapError(&googleapi.Error{
  5640  			Code:   res.StatusCode,
  5641  			Header: res.Header,
  5642  		})
  5643  	}
  5644  	if err != nil {
  5645  		return nil, err
  5646  	}
  5647  	defer googleapi.CloseBody(res)
  5648  	if err := googleapi.CheckResponse(res); err != nil {
  5649  		return nil, gensupport.WrapError(err)
  5650  	}
  5651  	ret := &Policy{
  5652  		ServerResponse: googleapi.ServerResponse{
  5653  			Header:         res.Header,
  5654  			HTTPStatusCode: res.StatusCode,
  5655  		},
  5656  	}
  5657  	target := &ret
  5658  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5659  		return nil, err
  5660  	}
  5661  	return ret, nil
  5662  }
  5663  
  5664  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall struct {
  5665  	s            *Service
  5666  	parent       string
  5667  	urlParams_   gensupport.URLParams
  5668  	ifNoneMatch_ string
  5669  	ctx_         context.Context
  5670  	header_      http.Header
  5671  }
  5672  
  5673  // List: Lists CertificateRevocationLists.
  5674  //
  5675  //   - parent: The resource name of the location associated with the
  5676  //     CertificateRevocationLists, in the format
  5677  //     `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
  5678  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService) List(parent string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5679  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5680  	c.parent = parent
  5681  	return c
  5682  }
  5683  
  5684  // Filter sets the optional parameter "filter": Only include resources that
  5685  // match the filter in the response.
  5686  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) Filter(filter string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5687  	c.urlParams_.Set("filter", filter)
  5688  	return c
  5689  }
  5690  
  5691  // OrderBy sets the optional parameter "orderBy": Specify how the results
  5692  // should be sorted.
  5693  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) OrderBy(orderBy string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5694  	c.urlParams_.Set("orderBy", orderBy)
  5695  	return c
  5696  }
  5697  
  5698  // PageSize sets the optional parameter "pageSize": Limit on the number of
  5699  // CertificateRevocationLists to include in the response. Further
  5700  // CertificateRevocationLists can subsequently be obtained by including the
  5701  // ListCertificateRevocationListsResponse.next_page_token in a subsequent
  5702  // request. If unspecified, the server will pick an appropriate default.
  5703  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) PageSize(pageSize int64) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5704  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  5705  	return c
  5706  }
  5707  
  5708  // PageToken sets the optional parameter "pageToken": Pagination token,
  5709  // returned earlier via ListCertificateRevocationListsResponse.next_page_token.
  5710  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) PageToken(pageToken string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5711  	c.urlParams_.Set("pageToken", pageToken)
  5712  	return c
  5713  }
  5714  
  5715  // Fields allows partial responses to be retrieved. See
  5716  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5717  // details.
  5718  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5719  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5720  	return c
  5721  }
  5722  
  5723  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  5724  // object's ETag matches the given value. This is useful for getting updates
  5725  // only after the object has changed since the last request.
  5726  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5727  	c.ifNoneMatch_ = entityTag
  5728  	return c
  5729  }
  5730  
  5731  // Context sets the context to be used in this call's Do method.
  5732  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall {
  5733  	c.ctx_ = ctx
  5734  	return c
  5735  }
  5736  
  5737  // Header returns a http.Header that can be modified by the caller to add
  5738  // headers to the request.
  5739  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) Header() http.Header {
  5740  	if c.header_ == nil {
  5741  		c.header_ = make(http.Header)
  5742  	}
  5743  	return c.header_
  5744  }
  5745  
  5746  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) doRequest(alt string) (*http.Response, error) {
  5747  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  5748  	if c.ifNoneMatch_ != "" {
  5749  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  5750  	}
  5751  	var body io.Reader = nil
  5752  	c.urlParams_.Set("alt", alt)
  5753  	c.urlParams_.Set("prettyPrint", "false")
  5754  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificateRevocationLists")
  5755  	urls += "?" + c.urlParams_.Encode()
  5756  	req, err := http.NewRequest("GET", urls, body)
  5757  	if err != nil {
  5758  		return nil, err
  5759  	}
  5760  	req.Header = reqHeaders
  5761  	googleapi.Expand(req.URL, map[string]string{
  5762  		"parent": c.parent,
  5763  	})
  5764  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5765  }
  5766  
  5767  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.list" call.
  5768  // Any non-2xx status code is an error. Response headers are in either
  5769  // *ListCertificateRevocationListsResponse.ServerResponse.Header or (if a
  5770  // response was returned at all) in error.(*googleapi.Error).Header. Use
  5771  // googleapi.IsNotModified to check whether the returned error was because
  5772  // http.StatusNotModified was returned.
  5773  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) Do(opts ...googleapi.CallOption) (*ListCertificateRevocationListsResponse, error) {
  5774  	gensupport.SetOptions(c.urlParams_, opts...)
  5775  	res, err := c.doRequest("json")
  5776  	if res != nil && res.StatusCode == http.StatusNotModified {
  5777  		if res.Body != nil {
  5778  			res.Body.Close()
  5779  		}
  5780  		return nil, gensupport.WrapError(&googleapi.Error{
  5781  			Code:   res.StatusCode,
  5782  			Header: res.Header,
  5783  		})
  5784  	}
  5785  	if err != nil {
  5786  		return nil, err
  5787  	}
  5788  	defer googleapi.CloseBody(res)
  5789  	if err := googleapi.CheckResponse(res); err != nil {
  5790  		return nil, gensupport.WrapError(err)
  5791  	}
  5792  	ret := &ListCertificateRevocationListsResponse{
  5793  		ServerResponse: googleapi.ServerResponse{
  5794  			Header:         res.Header,
  5795  			HTTPStatusCode: res.StatusCode,
  5796  		},
  5797  	}
  5798  	target := &ret
  5799  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5800  		return nil, err
  5801  	}
  5802  	return ret, nil
  5803  }
  5804  
  5805  // Pages invokes f for each page of results.
  5806  // A non-nil error returned from f will halt the iteration.
  5807  // The provided context supersedes any context provided to the Context method.
  5808  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsListCall) Pages(ctx context.Context, f func(*ListCertificateRevocationListsResponse) error) error {
  5809  	c.ctx_ = ctx
  5810  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  5811  	for {
  5812  		x, err := c.Do()
  5813  		if err != nil {
  5814  			return err
  5815  		}
  5816  		if err := f(x); err != nil {
  5817  			return err
  5818  		}
  5819  		if x.NextPageToken == "" {
  5820  			return nil
  5821  		}
  5822  		c.PageToken(x.NextPageToken)
  5823  	}
  5824  }
  5825  
  5826  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall struct {
  5827  	s                         *Service
  5828  	name                      string
  5829  	certificaterevocationlist *CertificateRevocationList
  5830  	urlParams_                gensupport.URLParams
  5831  	ctx_                      context.Context
  5832  	header_                   http.Header
  5833  }
  5834  
  5835  // Patch: Update a CertificateRevocationList.
  5836  //
  5837  //   - name: Output only. The resource name for this CertificateRevocationList in
  5838  //     the format `projects/*/locations/*/caPools/*certificateAuthorities/*/
  5839  //     certificateRevocationLists/*`.
  5840  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService) Patch(name string, certificaterevocationlist *CertificateRevocationList) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall {
  5841  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5842  	c.name = name
  5843  	c.certificaterevocationlist = certificaterevocationlist
  5844  	return c
  5845  }
  5846  
  5847  // RequestId sets the optional parameter "requestId": An ID to identify
  5848  // requests. Specify a unique request ID so that if you must retry your
  5849  // request, the server will know to ignore the request if it has already been
  5850  // completed. The server will guarantee that for at least 60 minutes since the
  5851  // first request. For example, consider a situation where you make an initial
  5852  // request and the request times out. If you make the request again with the
  5853  // same request ID, the server can check if original operation with the same
  5854  // request ID was received, and if so, will ignore the second request. This
  5855  // prevents clients from accidentally creating duplicate commitments. The
  5856  // request ID must be a valid UUID with the exception that zero UUID is not
  5857  // supported (00000000-0000-0000-0000-000000000000).
  5858  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall {
  5859  	c.urlParams_.Set("requestId", requestId)
  5860  	return c
  5861  }
  5862  
  5863  // UpdateMask sets the optional parameter "updateMask": Required. A list of
  5864  // fields to be updated in this request.
  5865  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall {
  5866  	c.urlParams_.Set("updateMask", updateMask)
  5867  	return c
  5868  }
  5869  
  5870  // Fields allows partial responses to be retrieved. See
  5871  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5872  // details.
  5873  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall {
  5874  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5875  	return c
  5876  }
  5877  
  5878  // Context sets the context to be used in this call's Do method.
  5879  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall {
  5880  	c.ctx_ = ctx
  5881  	return c
  5882  }
  5883  
  5884  // Header returns a http.Header that can be modified by the caller to add
  5885  // headers to the request.
  5886  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) Header() http.Header {
  5887  	if c.header_ == nil {
  5888  		c.header_ = make(http.Header)
  5889  	}
  5890  	return c.header_
  5891  }
  5892  
  5893  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) doRequest(alt string) (*http.Response, error) {
  5894  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  5895  	var body io.Reader = nil
  5896  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificaterevocationlist)
  5897  	if err != nil {
  5898  		return nil, err
  5899  	}
  5900  	c.urlParams_.Set("alt", alt)
  5901  	c.urlParams_.Set("prettyPrint", "false")
  5902  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  5903  	urls += "?" + c.urlParams_.Encode()
  5904  	req, err := http.NewRequest("PATCH", urls, body)
  5905  	if err != nil {
  5906  		return nil, err
  5907  	}
  5908  	req.Header = reqHeaders
  5909  	googleapi.Expand(req.URL, map[string]string{
  5910  		"name": c.name,
  5911  	})
  5912  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  5913  }
  5914  
  5915  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.patch" call.
  5916  // Any non-2xx status code is an error. Response headers are in either
  5917  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  5918  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  5919  // whether the returned error was because http.StatusNotModified was returned.
  5920  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  5921  	gensupport.SetOptions(c.urlParams_, opts...)
  5922  	res, err := c.doRequest("json")
  5923  	if res != nil && res.StatusCode == http.StatusNotModified {
  5924  		if res.Body != nil {
  5925  			res.Body.Close()
  5926  		}
  5927  		return nil, gensupport.WrapError(&googleapi.Error{
  5928  			Code:   res.StatusCode,
  5929  			Header: res.Header,
  5930  		})
  5931  	}
  5932  	if err != nil {
  5933  		return nil, err
  5934  	}
  5935  	defer googleapi.CloseBody(res)
  5936  	if err := googleapi.CheckResponse(res); err != nil {
  5937  		return nil, gensupport.WrapError(err)
  5938  	}
  5939  	ret := &Operation{
  5940  		ServerResponse: googleapi.ServerResponse{
  5941  			Header:         res.Header,
  5942  			HTTPStatusCode: res.StatusCode,
  5943  		},
  5944  	}
  5945  	target := &ret
  5946  	if err := gensupport.DecodeResponse(target, res); err != nil {
  5947  		return nil, err
  5948  	}
  5949  	return ret, nil
  5950  }
  5951  
  5952  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall struct {
  5953  	s                   *Service
  5954  	resource            string
  5955  	setiampolicyrequest *SetIamPolicyRequest
  5956  	urlParams_          gensupport.URLParams
  5957  	ctx_                context.Context
  5958  	header_             http.Header
  5959  }
  5960  
  5961  // SetIamPolicy: Sets the access control policy on the specified resource.
  5962  // Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`,
  5963  // and `PERMISSION_DENIED` errors.
  5964  //
  5965  //   - resource: REQUIRED: The resource for which the policy is being specified.
  5966  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  5967  //     for the appropriate value for this field.
  5968  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall {
  5969  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  5970  	c.resource = resource
  5971  	c.setiampolicyrequest = setiampolicyrequest
  5972  	return c
  5973  }
  5974  
  5975  // Fields allows partial responses to be retrieved. See
  5976  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  5977  // details.
  5978  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall {
  5979  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  5980  	return c
  5981  }
  5982  
  5983  // Context sets the context to be used in this call's Do method.
  5984  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall {
  5985  	c.ctx_ = ctx
  5986  	return c
  5987  }
  5988  
  5989  // Header returns a http.Header that can be modified by the caller to add
  5990  // headers to the request.
  5991  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Header() http.Header {
  5992  	if c.header_ == nil {
  5993  		c.header_ = make(http.Header)
  5994  	}
  5995  	return c.header_
  5996  }
  5997  
  5998  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  5999  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6000  	var body io.Reader = nil
  6001  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
  6002  	if err != nil {
  6003  		return nil, err
  6004  	}
  6005  	c.urlParams_.Set("alt", alt)
  6006  	c.urlParams_.Set("prettyPrint", "false")
  6007  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy")
  6008  	urls += "?" + c.urlParams_.Encode()
  6009  	req, err := http.NewRequest("POST", urls, body)
  6010  	if err != nil {
  6011  		return nil, err
  6012  	}
  6013  	req.Header = reqHeaders
  6014  	googleapi.Expand(req.URL, map[string]string{
  6015  		"resource": c.resource,
  6016  	})
  6017  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6018  }
  6019  
  6020  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.setIamPolicy" call.
  6021  // Any non-2xx status code is an error. Response headers are in either
  6022  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  6023  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6024  // whether the returned error was because http.StatusNotModified was returned.
  6025  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  6026  	gensupport.SetOptions(c.urlParams_, opts...)
  6027  	res, err := c.doRequest("json")
  6028  	if res != nil && res.StatusCode == http.StatusNotModified {
  6029  		if res.Body != nil {
  6030  			res.Body.Close()
  6031  		}
  6032  		return nil, gensupport.WrapError(&googleapi.Error{
  6033  			Code:   res.StatusCode,
  6034  			Header: res.Header,
  6035  		})
  6036  	}
  6037  	if err != nil {
  6038  		return nil, err
  6039  	}
  6040  	defer googleapi.CloseBody(res)
  6041  	if err := googleapi.CheckResponse(res); err != nil {
  6042  		return nil, gensupport.WrapError(err)
  6043  	}
  6044  	ret := &Policy{
  6045  		ServerResponse: googleapi.ServerResponse{
  6046  			Header:         res.Header,
  6047  			HTTPStatusCode: res.StatusCode,
  6048  		},
  6049  	}
  6050  	target := &ret
  6051  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6052  		return nil, err
  6053  	}
  6054  	return ret, nil
  6055  }
  6056  
  6057  type ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall struct {
  6058  	s                         *Service
  6059  	resource                  string
  6060  	testiampermissionsrequest *TestIamPermissionsRequest
  6061  	urlParams_                gensupport.URLParams
  6062  	ctx_                      context.Context
  6063  	header_                   http.Header
  6064  }
  6065  
  6066  // TestIamPermissions: Returns permissions that a caller has on the specified
  6067  // resource. If the resource does not exist, this will return an empty set of
  6068  // permissions, not a `NOT_FOUND` error. Note: This operation is designed to be
  6069  // used for building permission-aware UIs and command-line tools, not for
  6070  // authorization checking. This operation may "fail open" without warning.
  6071  //
  6072  //   - resource: REQUIRED: The resource for which the policy detail is being
  6073  //     requested. See Resource names
  6074  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  6075  //     value for this field.
  6076  func (r *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall {
  6077  	c := &ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6078  	c.resource = resource
  6079  	c.testiampermissionsrequest = testiampermissionsrequest
  6080  	return c
  6081  }
  6082  
  6083  // Fields allows partial responses to be retrieved. See
  6084  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6085  // details.
  6086  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall {
  6087  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6088  	return c
  6089  }
  6090  
  6091  // Context sets the context to be used in this call's Do method.
  6092  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall {
  6093  	c.ctx_ = ctx
  6094  	return c
  6095  }
  6096  
  6097  // Header returns a http.Header that can be modified by the caller to add
  6098  // headers to the request.
  6099  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Header() http.Header {
  6100  	if c.header_ == nil {
  6101  		c.header_ = make(http.Header)
  6102  	}
  6103  	return c.header_
  6104  }
  6105  
  6106  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  6107  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6108  	var body io.Reader = nil
  6109  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  6110  	if err != nil {
  6111  		return nil, err
  6112  	}
  6113  	c.urlParams_.Set("alt", alt)
  6114  	c.urlParams_.Set("prettyPrint", "false")
  6115  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  6116  	urls += "?" + c.urlParams_.Encode()
  6117  	req, err := http.NewRequest("POST", urls, body)
  6118  	if err != nil {
  6119  		return nil, err
  6120  	}
  6121  	req.Header = reqHeaders
  6122  	googleapi.Expand(req.URL, map[string]string{
  6123  		"resource": c.resource,
  6124  	})
  6125  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6126  }
  6127  
  6128  // Do executes the "privateca.projects.locations.caPools.certificateAuthorities.certificateRevocationLists.testIamPermissions" call.
  6129  // Any non-2xx status code is an error. Response headers are in either
  6130  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  6131  // returned at all) in error.(*googleapi.Error).Header. Use
  6132  // googleapi.IsNotModified to check whether the returned error was because
  6133  // http.StatusNotModified was returned.
  6134  func (c *ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  6135  	gensupport.SetOptions(c.urlParams_, opts...)
  6136  	res, err := c.doRequest("json")
  6137  	if res != nil && res.StatusCode == http.StatusNotModified {
  6138  		if res.Body != nil {
  6139  			res.Body.Close()
  6140  		}
  6141  		return nil, gensupport.WrapError(&googleapi.Error{
  6142  			Code:   res.StatusCode,
  6143  			Header: res.Header,
  6144  		})
  6145  	}
  6146  	if err != nil {
  6147  		return nil, err
  6148  	}
  6149  	defer googleapi.CloseBody(res)
  6150  	if err := googleapi.CheckResponse(res); err != nil {
  6151  		return nil, gensupport.WrapError(err)
  6152  	}
  6153  	ret := &TestIamPermissionsResponse{
  6154  		ServerResponse: googleapi.ServerResponse{
  6155  			Header:         res.Header,
  6156  			HTTPStatusCode: res.StatusCode,
  6157  		},
  6158  	}
  6159  	target := &ret
  6160  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6161  		return nil, err
  6162  	}
  6163  	return ret, nil
  6164  }
  6165  
  6166  type ProjectsLocationsCaPoolsCertificatesCreateCall struct {
  6167  	s           *Service
  6168  	parent      string
  6169  	certificate *Certificate
  6170  	urlParams_  gensupport.URLParams
  6171  	ctx_        context.Context
  6172  	header_     http.Header
  6173  }
  6174  
  6175  // Create: Create a new Certificate in a given Project, Location from a
  6176  // particular CaPool.
  6177  //
  6178  //   - parent: The resource name of the CaPool associated with the Certificate,
  6179  //     in the format `projects/*/locations/*/caPools/*`.
  6180  func (r *ProjectsLocationsCaPoolsCertificatesService) Create(parent string, certificate *Certificate) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6181  	c := &ProjectsLocationsCaPoolsCertificatesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6182  	c.parent = parent
  6183  	c.certificate = certificate
  6184  	return c
  6185  }
  6186  
  6187  // CertificateId sets the optional parameter "certificateId": It must be unique
  6188  // within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`.
  6189  // This field is required when using a CertificateAuthority in the Enterprise
  6190  // CertificateAuthority.Tier, but is optional and its value is ignored
  6191  // otherwise.
  6192  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) CertificateId(certificateId string) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6193  	c.urlParams_.Set("certificateId", certificateId)
  6194  	return c
  6195  }
  6196  
  6197  // IssuingCertificateAuthorityId sets the optional parameter
  6198  // "issuingCertificateAuthorityId": The resource ID of the CertificateAuthority
  6199  // that should issue the certificate. This optional field will ignore the
  6200  // load-balancing scheme of the Pool and directly issue the certificate from
  6201  // the CA with the specified ID, contained in the same CaPool referenced by
  6202  // `parent`. Per-CA quota rules apply. If left empty, a CertificateAuthority
  6203  // will be chosen from the CaPool by the service. For example, to issue a
  6204  // Certificate from a Certificate Authority with resource name
  6205  // "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthori
  6206  // ties/my-ca", you can set the parent to
  6207  // "projects/my-project/locations/us-central1/caPools/my-pool" and the
  6208  // issuing_certificate_authority_id to "my-ca".
  6209  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) IssuingCertificateAuthorityId(issuingCertificateAuthorityId string) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6210  	c.urlParams_.Set("issuingCertificateAuthorityId", issuingCertificateAuthorityId)
  6211  	return c
  6212  }
  6213  
  6214  // RequestId sets the optional parameter "requestId": An ID to identify
  6215  // requests. Specify a unique request ID so that if you must retry your
  6216  // request, the server will know to ignore the request if it has already been
  6217  // completed. The server will guarantee that for at least 60 minutes since the
  6218  // first request. For example, consider a situation where you make an initial
  6219  // request and the request times out. If you make the request again with the
  6220  // same request ID, the server can check if original operation with the same
  6221  // request ID was received, and if so, will ignore the second request. This
  6222  // prevents clients from accidentally creating duplicate commitments. The
  6223  // request ID must be a valid UUID with the exception that zero UUID is not
  6224  // supported (00000000-0000-0000-0000-000000000000).
  6225  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6226  	c.urlParams_.Set("requestId", requestId)
  6227  	return c
  6228  }
  6229  
  6230  // ValidateOnly sets the optional parameter "validateOnly": If this is true, no
  6231  // Certificate resource will be persisted regardless of the CaPool's tier, and
  6232  // the returned Certificate will not contain the pem_certificate field.
  6233  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) ValidateOnly(validateOnly bool) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6234  	c.urlParams_.Set("validateOnly", fmt.Sprint(validateOnly))
  6235  	return c
  6236  }
  6237  
  6238  // Fields allows partial responses to be retrieved. See
  6239  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6240  // details.
  6241  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6242  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6243  	return c
  6244  }
  6245  
  6246  // Context sets the context to be used in this call's Do method.
  6247  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificatesCreateCall {
  6248  	c.ctx_ = ctx
  6249  	return c
  6250  }
  6251  
  6252  // Header returns a http.Header that can be modified by the caller to add
  6253  // headers to the request.
  6254  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) Header() http.Header {
  6255  	if c.header_ == nil {
  6256  		c.header_ = make(http.Header)
  6257  	}
  6258  	return c.header_
  6259  }
  6260  
  6261  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) doRequest(alt string) (*http.Response, error) {
  6262  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6263  	var body io.Reader = nil
  6264  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificate)
  6265  	if err != nil {
  6266  		return nil, err
  6267  	}
  6268  	c.urlParams_.Set("alt", alt)
  6269  	c.urlParams_.Set("prettyPrint", "false")
  6270  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificates")
  6271  	urls += "?" + c.urlParams_.Encode()
  6272  	req, err := http.NewRequest("POST", urls, body)
  6273  	if err != nil {
  6274  		return nil, err
  6275  	}
  6276  	req.Header = reqHeaders
  6277  	googleapi.Expand(req.URL, map[string]string{
  6278  		"parent": c.parent,
  6279  	})
  6280  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6281  }
  6282  
  6283  // Do executes the "privateca.projects.locations.caPools.certificates.create" call.
  6284  // Any non-2xx status code is an error. Response headers are in either
  6285  // *Certificate.ServerResponse.Header or (if a response was returned at all) in
  6286  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6287  // whether the returned error was because http.StatusNotModified was returned.
  6288  func (c *ProjectsLocationsCaPoolsCertificatesCreateCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
  6289  	gensupport.SetOptions(c.urlParams_, opts...)
  6290  	res, err := c.doRequest("json")
  6291  	if res != nil && res.StatusCode == http.StatusNotModified {
  6292  		if res.Body != nil {
  6293  			res.Body.Close()
  6294  		}
  6295  		return nil, gensupport.WrapError(&googleapi.Error{
  6296  			Code:   res.StatusCode,
  6297  			Header: res.Header,
  6298  		})
  6299  	}
  6300  	if err != nil {
  6301  		return nil, err
  6302  	}
  6303  	defer googleapi.CloseBody(res)
  6304  	if err := googleapi.CheckResponse(res); err != nil {
  6305  		return nil, gensupport.WrapError(err)
  6306  	}
  6307  	ret := &Certificate{
  6308  		ServerResponse: googleapi.ServerResponse{
  6309  			Header:         res.Header,
  6310  			HTTPStatusCode: res.StatusCode,
  6311  		},
  6312  	}
  6313  	target := &ret
  6314  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6315  		return nil, err
  6316  	}
  6317  	return ret, nil
  6318  }
  6319  
  6320  type ProjectsLocationsCaPoolsCertificatesGetCall struct {
  6321  	s            *Service
  6322  	name         string
  6323  	urlParams_   gensupport.URLParams
  6324  	ifNoneMatch_ string
  6325  	ctx_         context.Context
  6326  	header_      http.Header
  6327  }
  6328  
  6329  // Get: Returns a Certificate.
  6330  //
  6331  // - name: The name of the Certificate to get.
  6332  func (r *ProjectsLocationsCaPoolsCertificatesService) Get(name string) *ProjectsLocationsCaPoolsCertificatesGetCall {
  6333  	c := &ProjectsLocationsCaPoolsCertificatesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6334  	c.name = name
  6335  	return c
  6336  }
  6337  
  6338  // Fields allows partial responses to be retrieved. See
  6339  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6340  // details.
  6341  func (c *ProjectsLocationsCaPoolsCertificatesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificatesGetCall {
  6342  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6343  	return c
  6344  }
  6345  
  6346  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6347  // object's ETag matches the given value. This is useful for getting updates
  6348  // only after the object has changed since the last request.
  6349  func (c *ProjectsLocationsCaPoolsCertificatesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificatesGetCall {
  6350  	c.ifNoneMatch_ = entityTag
  6351  	return c
  6352  }
  6353  
  6354  // Context sets the context to be used in this call's Do method.
  6355  func (c *ProjectsLocationsCaPoolsCertificatesGetCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificatesGetCall {
  6356  	c.ctx_ = ctx
  6357  	return c
  6358  }
  6359  
  6360  // Header returns a http.Header that can be modified by the caller to add
  6361  // headers to the request.
  6362  func (c *ProjectsLocationsCaPoolsCertificatesGetCall) Header() http.Header {
  6363  	if c.header_ == nil {
  6364  		c.header_ = make(http.Header)
  6365  	}
  6366  	return c.header_
  6367  }
  6368  
  6369  func (c *ProjectsLocationsCaPoolsCertificatesGetCall) doRequest(alt string) (*http.Response, error) {
  6370  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6371  	if c.ifNoneMatch_ != "" {
  6372  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6373  	}
  6374  	var body io.Reader = nil
  6375  	c.urlParams_.Set("alt", alt)
  6376  	c.urlParams_.Set("prettyPrint", "false")
  6377  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6378  	urls += "?" + c.urlParams_.Encode()
  6379  	req, err := http.NewRequest("GET", urls, body)
  6380  	if err != nil {
  6381  		return nil, err
  6382  	}
  6383  	req.Header = reqHeaders
  6384  	googleapi.Expand(req.URL, map[string]string{
  6385  		"name": c.name,
  6386  	})
  6387  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6388  }
  6389  
  6390  // Do executes the "privateca.projects.locations.caPools.certificates.get" call.
  6391  // Any non-2xx status code is an error. Response headers are in either
  6392  // *Certificate.ServerResponse.Header or (if a response was returned at all) in
  6393  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6394  // whether the returned error was because http.StatusNotModified was returned.
  6395  func (c *ProjectsLocationsCaPoolsCertificatesGetCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
  6396  	gensupport.SetOptions(c.urlParams_, opts...)
  6397  	res, err := c.doRequest("json")
  6398  	if res != nil && res.StatusCode == http.StatusNotModified {
  6399  		if res.Body != nil {
  6400  			res.Body.Close()
  6401  		}
  6402  		return nil, gensupport.WrapError(&googleapi.Error{
  6403  			Code:   res.StatusCode,
  6404  			Header: res.Header,
  6405  		})
  6406  	}
  6407  	if err != nil {
  6408  		return nil, err
  6409  	}
  6410  	defer googleapi.CloseBody(res)
  6411  	if err := googleapi.CheckResponse(res); err != nil {
  6412  		return nil, gensupport.WrapError(err)
  6413  	}
  6414  	ret := &Certificate{
  6415  		ServerResponse: googleapi.ServerResponse{
  6416  			Header:         res.Header,
  6417  			HTTPStatusCode: res.StatusCode,
  6418  		},
  6419  	}
  6420  	target := &ret
  6421  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6422  		return nil, err
  6423  	}
  6424  	return ret, nil
  6425  }
  6426  
  6427  type ProjectsLocationsCaPoolsCertificatesListCall struct {
  6428  	s            *Service
  6429  	parent       string
  6430  	urlParams_   gensupport.URLParams
  6431  	ifNoneMatch_ string
  6432  	ctx_         context.Context
  6433  	header_      http.Header
  6434  }
  6435  
  6436  // List: Lists Certificates.
  6437  //
  6438  //   - parent: The resource name of the location associated with the
  6439  //     Certificates, in the format `projects/*/locations/*/caPools/*`.
  6440  func (r *ProjectsLocationsCaPoolsCertificatesService) List(parent string) *ProjectsLocationsCaPoolsCertificatesListCall {
  6441  	c := &ProjectsLocationsCaPoolsCertificatesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6442  	c.parent = parent
  6443  	return c
  6444  }
  6445  
  6446  // Filter sets the optional parameter "filter": Only include resources that
  6447  // match the filter in the response. For details on supported filters and
  6448  // syntax, see Certificates Filtering documentation
  6449  // (https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support).
  6450  func (c *ProjectsLocationsCaPoolsCertificatesListCall) Filter(filter string) *ProjectsLocationsCaPoolsCertificatesListCall {
  6451  	c.urlParams_.Set("filter", filter)
  6452  	return c
  6453  }
  6454  
  6455  // OrderBy sets the optional parameter "orderBy": Specify how the results
  6456  // should be sorted. For details on supported fields and syntax, see
  6457  // Certificates Sorting documentation
  6458  // (https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support).
  6459  func (c *ProjectsLocationsCaPoolsCertificatesListCall) OrderBy(orderBy string) *ProjectsLocationsCaPoolsCertificatesListCall {
  6460  	c.urlParams_.Set("orderBy", orderBy)
  6461  	return c
  6462  }
  6463  
  6464  // PageSize sets the optional parameter "pageSize": Limit on the number of
  6465  // Certificates to include in the response. Further Certificates can
  6466  // subsequently be obtained by including the
  6467  // ListCertificatesResponse.next_page_token in a subsequent request. If
  6468  // unspecified, the server will pick an appropriate default.
  6469  func (c *ProjectsLocationsCaPoolsCertificatesListCall) PageSize(pageSize int64) *ProjectsLocationsCaPoolsCertificatesListCall {
  6470  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  6471  	return c
  6472  }
  6473  
  6474  // PageToken sets the optional parameter "pageToken": Pagination token,
  6475  // returned earlier via ListCertificatesResponse.next_page_token.
  6476  func (c *ProjectsLocationsCaPoolsCertificatesListCall) PageToken(pageToken string) *ProjectsLocationsCaPoolsCertificatesListCall {
  6477  	c.urlParams_.Set("pageToken", pageToken)
  6478  	return c
  6479  }
  6480  
  6481  // Fields allows partial responses to be retrieved. See
  6482  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6483  // details.
  6484  func (c *ProjectsLocationsCaPoolsCertificatesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificatesListCall {
  6485  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6486  	return c
  6487  }
  6488  
  6489  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  6490  // object's ETag matches the given value. This is useful for getting updates
  6491  // only after the object has changed since the last request.
  6492  func (c *ProjectsLocationsCaPoolsCertificatesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCaPoolsCertificatesListCall {
  6493  	c.ifNoneMatch_ = entityTag
  6494  	return c
  6495  }
  6496  
  6497  // Context sets the context to be used in this call's Do method.
  6498  func (c *ProjectsLocationsCaPoolsCertificatesListCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificatesListCall {
  6499  	c.ctx_ = ctx
  6500  	return c
  6501  }
  6502  
  6503  // Header returns a http.Header that can be modified by the caller to add
  6504  // headers to the request.
  6505  func (c *ProjectsLocationsCaPoolsCertificatesListCall) Header() http.Header {
  6506  	if c.header_ == nil {
  6507  		c.header_ = make(http.Header)
  6508  	}
  6509  	return c.header_
  6510  }
  6511  
  6512  func (c *ProjectsLocationsCaPoolsCertificatesListCall) doRequest(alt string) (*http.Response, error) {
  6513  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  6514  	if c.ifNoneMatch_ != "" {
  6515  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  6516  	}
  6517  	var body io.Reader = nil
  6518  	c.urlParams_.Set("alt", alt)
  6519  	c.urlParams_.Set("prettyPrint", "false")
  6520  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificates")
  6521  	urls += "?" + c.urlParams_.Encode()
  6522  	req, err := http.NewRequest("GET", urls, body)
  6523  	if err != nil {
  6524  		return nil, err
  6525  	}
  6526  	req.Header = reqHeaders
  6527  	googleapi.Expand(req.URL, map[string]string{
  6528  		"parent": c.parent,
  6529  	})
  6530  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6531  }
  6532  
  6533  // Do executes the "privateca.projects.locations.caPools.certificates.list" call.
  6534  // Any non-2xx status code is an error. Response headers are in either
  6535  // *ListCertificatesResponse.ServerResponse.Header or (if a response was
  6536  // returned at all) in error.(*googleapi.Error).Header. Use
  6537  // googleapi.IsNotModified to check whether the returned error was because
  6538  // http.StatusNotModified was returned.
  6539  func (c *ProjectsLocationsCaPoolsCertificatesListCall) Do(opts ...googleapi.CallOption) (*ListCertificatesResponse, error) {
  6540  	gensupport.SetOptions(c.urlParams_, opts...)
  6541  	res, err := c.doRequest("json")
  6542  	if res != nil && res.StatusCode == http.StatusNotModified {
  6543  		if res.Body != nil {
  6544  			res.Body.Close()
  6545  		}
  6546  		return nil, gensupport.WrapError(&googleapi.Error{
  6547  			Code:   res.StatusCode,
  6548  			Header: res.Header,
  6549  		})
  6550  	}
  6551  	if err != nil {
  6552  		return nil, err
  6553  	}
  6554  	defer googleapi.CloseBody(res)
  6555  	if err := googleapi.CheckResponse(res); err != nil {
  6556  		return nil, gensupport.WrapError(err)
  6557  	}
  6558  	ret := &ListCertificatesResponse{
  6559  		ServerResponse: googleapi.ServerResponse{
  6560  			Header:         res.Header,
  6561  			HTTPStatusCode: res.StatusCode,
  6562  		},
  6563  	}
  6564  	target := &ret
  6565  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6566  		return nil, err
  6567  	}
  6568  	return ret, nil
  6569  }
  6570  
  6571  // Pages invokes f for each page of results.
  6572  // A non-nil error returned from f will halt the iteration.
  6573  // The provided context supersedes any context provided to the Context method.
  6574  func (c *ProjectsLocationsCaPoolsCertificatesListCall) Pages(ctx context.Context, f func(*ListCertificatesResponse) error) error {
  6575  	c.ctx_ = ctx
  6576  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  6577  	for {
  6578  		x, err := c.Do()
  6579  		if err != nil {
  6580  			return err
  6581  		}
  6582  		if err := f(x); err != nil {
  6583  			return err
  6584  		}
  6585  		if x.NextPageToken == "" {
  6586  			return nil
  6587  		}
  6588  		c.PageToken(x.NextPageToken)
  6589  	}
  6590  }
  6591  
  6592  type ProjectsLocationsCaPoolsCertificatesPatchCall struct {
  6593  	s           *Service
  6594  	name        string
  6595  	certificate *Certificate
  6596  	urlParams_  gensupport.URLParams
  6597  	ctx_        context.Context
  6598  	header_     http.Header
  6599  }
  6600  
  6601  // Patch: Update a Certificate. Currently, the only field you can update is the
  6602  // labels field.
  6603  //
  6604  //   - name: Output only. The resource name for this Certificate in the format
  6605  //     `projects/*/locations/*/caPools/*/certificates/*`.
  6606  func (r *ProjectsLocationsCaPoolsCertificatesService) Patch(name string, certificate *Certificate) *ProjectsLocationsCaPoolsCertificatesPatchCall {
  6607  	c := &ProjectsLocationsCaPoolsCertificatesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6608  	c.name = name
  6609  	c.certificate = certificate
  6610  	return c
  6611  }
  6612  
  6613  // RequestId sets the optional parameter "requestId": An ID to identify
  6614  // requests. Specify a unique request ID so that if you must retry your
  6615  // request, the server will know to ignore the request if it has already been
  6616  // completed. The server will guarantee that for at least 60 minutes since the
  6617  // first request. For example, consider a situation where you make an initial
  6618  // request and the request times out. If you make the request again with the
  6619  // same request ID, the server can check if original operation with the same
  6620  // request ID was received, and if so, will ignore the second request. This
  6621  // prevents clients from accidentally creating duplicate commitments. The
  6622  // request ID must be a valid UUID with the exception that zero UUID is not
  6623  // supported (00000000-0000-0000-0000-000000000000).
  6624  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) RequestId(requestId string) *ProjectsLocationsCaPoolsCertificatesPatchCall {
  6625  	c.urlParams_.Set("requestId", requestId)
  6626  	return c
  6627  }
  6628  
  6629  // UpdateMask sets the optional parameter "updateMask": Required. A list of
  6630  // fields to be updated in this request.
  6631  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCaPoolsCertificatesPatchCall {
  6632  	c.urlParams_.Set("updateMask", updateMask)
  6633  	return c
  6634  }
  6635  
  6636  // Fields allows partial responses to be retrieved. See
  6637  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6638  // details.
  6639  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificatesPatchCall {
  6640  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6641  	return c
  6642  }
  6643  
  6644  // Context sets the context to be used in this call's Do method.
  6645  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificatesPatchCall {
  6646  	c.ctx_ = ctx
  6647  	return c
  6648  }
  6649  
  6650  // Header returns a http.Header that can be modified by the caller to add
  6651  // headers to the request.
  6652  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) Header() http.Header {
  6653  	if c.header_ == nil {
  6654  		c.header_ = make(http.Header)
  6655  	}
  6656  	return c.header_
  6657  }
  6658  
  6659  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) doRequest(alt string) (*http.Response, error) {
  6660  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6661  	var body io.Reader = nil
  6662  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificate)
  6663  	if err != nil {
  6664  		return nil, err
  6665  	}
  6666  	c.urlParams_.Set("alt", alt)
  6667  	c.urlParams_.Set("prettyPrint", "false")
  6668  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  6669  	urls += "?" + c.urlParams_.Encode()
  6670  	req, err := http.NewRequest("PATCH", urls, body)
  6671  	if err != nil {
  6672  		return nil, err
  6673  	}
  6674  	req.Header = reqHeaders
  6675  	googleapi.Expand(req.URL, map[string]string{
  6676  		"name": c.name,
  6677  	})
  6678  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6679  }
  6680  
  6681  // Do executes the "privateca.projects.locations.caPools.certificates.patch" call.
  6682  // Any non-2xx status code is an error. Response headers are in either
  6683  // *Certificate.ServerResponse.Header or (if a response was returned at all) in
  6684  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6685  // whether the returned error was because http.StatusNotModified was returned.
  6686  func (c *ProjectsLocationsCaPoolsCertificatesPatchCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
  6687  	gensupport.SetOptions(c.urlParams_, opts...)
  6688  	res, err := c.doRequest("json")
  6689  	if res != nil && res.StatusCode == http.StatusNotModified {
  6690  		if res.Body != nil {
  6691  			res.Body.Close()
  6692  		}
  6693  		return nil, gensupport.WrapError(&googleapi.Error{
  6694  			Code:   res.StatusCode,
  6695  			Header: res.Header,
  6696  		})
  6697  	}
  6698  	if err != nil {
  6699  		return nil, err
  6700  	}
  6701  	defer googleapi.CloseBody(res)
  6702  	if err := googleapi.CheckResponse(res); err != nil {
  6703  		return nil, gensupport.WrapError(err)
  6704  	}
  6705  	ret := &Certificate{
  6706  		ServerResponse: googleapi.ServerResponse{
  6707  			Header:         res.Header,
  6708  			HTTPStatusCode: res.StatusCode,
  6709  		},
  6710  	}
  6711  	target := &ret
  6712  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6713  		return nil, err
  6714  	}
  6715  	return ret, nil
  6716  }
  6717  
  6718  type ProjectsLocationsCaPoolsCertificatesRevokeCall struct {
  6719  	s                        *Service
  6720  	name                     string
  6721  	revokecertificaterequest *RevokeCertificateRequest
  6722  	urlParams_               gensupport.URLParams
  6723  	ctx_                     context.Context
  6724  	header_                  http.Header
  6725  }
  6726  
  6727  // Revoke: Revoke a Certificate.
  6728  //
  6729  //   - name: The resource name for this Certificate in the format
  6730  //     `projects/*/locations/*/caPools/*/certificates/*`.
  6731  func (r *ProjectsLocationsCaPoolsCertificatesService) Revoke(name string, revokecertificaterequest *RevokeCertificateRequest) *ProjectsLocationsCaPoolsCertificatesRevokeCall {
  6732  	c := &ProjectsLocationsCaPoolsCertificatesRevokeCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6733  	c.name = name
  6734  	c.revokecertificaterequest = revokecertificaterequest
  6735  	return c
  6736  }
  6737  
  6738  // Fields allows partial responses to be retrieved. See
  6739  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6740  // details.
  6741  func (c *ProjectsLocationsCaPoolsCertificatesRevokeCall) Fields(s ...googleapi.Field) *ProjectsLocationsCaPoolsCertificatesRevokeCall {
  6742  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6743  	return c
  6744  }
  6745  
  6746  // Context sets the context to be used in this call's Do method.
  6747  func (c *ProjectsLocationsCaPoolsCertificatesRevokeCall) Context(ctx context.Context) *ProjectsLocationsCaPoolsCertificatesRevokeCall {
  6748  	c.ctx_ = ctx
  6749  	return c
  6750  }
  6751  
  6752  // Header returns a http.Header that can be modified by the caller to add
  6753  // headers to the request.
  6754  func (c *ProjectsLocationsCaPoolsCertificatesRevokeCall) Header() http.Header {
  6755  	if c.header_ == nil {
  6756  		c.header_ = make(http.Header)
  6757  	}
  6758  	return c.header_
  6759  }
  6760  
  6761  func (c *ProjectsLocationsCaPoolsCertificatesRevokeCall) doRequest(alt string) (*http.Response, error) {
  6762  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6763  	var body io.Reader = nil
  6764  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.revokecertificaterequest)
  6765  	if err != nil {
  6766  		return nil, err
  6767  	}
  6768  	c.urlParams_.Set("alt", alt)
  6769  	c.urlParams_.Set("prettyPrint", "false")
  6770  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:revoke")
  6771  	urls += "?" + c.urlParams_.Encode()
  6772  	req, err := http.NewRequest("POST", urls, body)
  6773  	if err != nil {
  6774  		return nil, err
  6775  	}
  6776  	req.Header = reqHeaders
  6777  	googleapi.Expand(req.URL, map[string]string{
  6778  		"name": c.name,
  6779  	})
  6780  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6781  }
  6782  
  6783  // Do executes the "privateca.projects.locations.caPools.certificates.revoke" call.
  6784  // Any non-2xx status code is an error. Response headers are in either
  6785  // *Certificate.ServerResponse.Header or (if a response was returned at all) in
  6786  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6787  // whether the returned error was because http.StatusNotModified was returned.
  6788  func (c *ProjectsLocationsCaPoolsCertificatesRevokeCall) Do(opts ...googleapi.CallOption) (*Certificate, error) {
  6789  	gensupport.SetOptions(c.urlParams_, opts...)
  6790  	res, err := c.doRequest("json")
  6791  	if res != nil && res.StatusCode == http.StatusNotModified {
  6792  		if res.Body != nil {
  6793  			res.Body.Close()
  6794  		}
  6795  		return nil, gensupport.WrapError(&googleapi.Error{
  6796  			Code:   res.StatusCode,
  6797  			Header: res.Header,
  6798  		})
  6799  	}
  6800  	if err != nil {
  6801  		return nil, err
  6802  	}
  6803  	defer googleapi.CloseBody(res)
  6804  	if err := googleapi.CheckResponse(res); err != nil {
  6805  		return nil, gensupport.WrapError(err)
  6806  	}
  6807  	ret := &Certificate{
  6808  		ServerResponse: googleapi.ServerResponse{
  6809  			Header:         res.Header,
  6810  			HTTPStatusCode: res.StatusCode,
  6811  		},
  6812  	}
  6813  	target := &ret
  6814  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6815  		return nil, err
  6816  	}
  6817  	return ret, nil
  6818  }
  6819  
  6820  type ProjectsLocationsCertificateTemplatesCreateCall struct {
  6821  	s                   *Service
  6822  	parent              string
  6823  	certificatetemplate *CertificateTemplate
  6824  	urlParams_          gensupport.URLParams
  6825  	ctx_                context.Context
  6826  	header_             http.Header
  6827  }
  6828  
  6829  // Create: Create a new CertificateTemplate in a given Project and Location.
  6830  //
  6831  //   - parent: The resource name of the location associated with the
  6832  //     CertificateTemplate, in the format `projects/*/locations/*`.
  6833  func (r *ProjectsLocationsCertificateTemplatesService) Create(parent string, certificatetemplate *CertificateTemplate) *ProjectsLocationsCertificateTemplatesCreateCall {
  6834  	c := &ProjectsLocationsCertificateTemplatesCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6835  	c.parent = parent
  6836  	c.certificatetemplate = certificatetemplate
  6837  	return c
  6838  }
  6839  
  6840  // CertificateTemplateId sets the optional parameter "certificateTemplateId":
  6841  // Required. It must be unique within a location and match the regular
  6842  // expression `[a-zA-Z0-9_-]{1,63}`
  6843  func (c *ProjectsLocationsCertificateTemplatesCreateCall) CertificateTemplateId(certificateTemplateId string) *ProjectsLocationsCertificateTemplatesCreateCall {
  6844  	c.urlParams_.Set("certificateTemplateId", certificateTemplateId)
  6845  	return c
  6846  }
  6847  
  6848  // RequestId sets the optional parameter "requestId": An ID to identify
  6849  // requests. Specify a unique request ID so that if you must retry your
  6850  // request, the server will know to ignore the request if it has already been
  6851  // completed. The server will guarantee that for at least 60 minutes since the
  6852  // first request. For example, consider a situation where you make an initial
  6853  // request and the request times out. If you make the request again with the
  6854  // same request ID, the server can check if original operation with the same
  6855  // request ID was received, and if so, will ignore the second request. This
  6856  // prevents clients from accidentally creating duplicate commitments. The
  6857  // request ID must be a valid UUID with the exception that zero UUID is not
  6858  // supported (00000000-0000-0000-0000-000000000000).
  6859  func (c *ProjectsLocationsCertificateTemplatesCreateCall) RequestId(requestId string) *ProjectsLocationsCertificateTemplatesCreateCall {
  6860  	c.urlParams_.Set("requestId", requestId)
  6861  	return c
  6862  }
  6863  
  6864  // Fields allows partial responses to be retrieved. See
  6865  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6866  // details.
  6867  func (c *ProjectsLocationsCertificateTemplatesCreateCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesCreateCall {
  6868  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6869  	return c
  6870  }
  6871  
  6872  // Context sets the context to be used in this call's Do method.
  6873  func (c *ProjectsLocationsCertificateTemplatesCreateCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesCreateCall {
  6874  	c.ctx_ = ctx
  6875  	return c
  6876  }
  6877  
  6878  // Header returns a http.Header that can be modified by the caller to add
  6879  // headers to the request.
  6880  func (c *ProjectsLocationsCertificateTemplatesCreateCall) Header() http.Header {
  6881  	if c.header_ == nil {
  6882  		c.header_ = make(http.Header)
  6883  	}
  6884  	return c.header_
  6885  }
  6886  
  6887  func (c *ProjectsLocationsCertificateTemplatesCreateCall) doRequest(alt string) (*http.Response, error) {
  6888  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  6889  	var body io.Reader = nil
  6890  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificatetemplate)
  6891  	if err != nil {
  6892  		return nil, err
  6893  	}
  6894  	c.urlParams_.Set("alt", alt)
  6895  	c.urlParams_.Set("prettyPrint", "false")
  6896  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificateTemplates")
  6897  	urls += "?" + c.urlParams_.Encode()
  6898  	req, err := http.NewRequest("POST", urls, body)
  6899  	if err != nil {
  6900  		return nil, err
  6901  	}
  6902  	req.Header = reqHeaders
  6903  	googleapi.Expand(req.URL, map[string]string{
  6904  		"parent": c.parent,
  6905  	})
  6906  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  6907  }
  6908  
  6909  // Do executes the "privateca.projects.locations.certificateTemplates.create" call.
  6910  // Any non-2xx status code is an error. Response headers are in either
  6911  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  6912  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  6913  // whether the returned error was because http.StatusNotModified was returned.
  6914  func (c *ProjectsLocationsCertificateTemplatesCreateCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  6915  	gensupport.SetOptions(c.urlParams_, opts...)
  6916  	res, err := c.doRequest("json")
  6917  	if res != nil && res.StatusCode == http.StatusNotModified {
  6918  		if res.Body != nil {
  6919  			res.Body.Close()
  6920  		}
  6921  		return nil, gensupport.WrapError(&googleapi.Error{
  6922  			Code:   res.StatusCode,
  6923  			Header: res.Header,
  6924  		})
  6925  	}
  6926  	if err != nil {
  6927  		return nil, err
  6928  	}
  6929  	defer googleapi.CloseBody(res)
  6930  	if err := googleapi.CheckResponse(res); err != nil {
  6931  		return nil, gensupport.WrapError(err)
  6932  	}
  6933  	ret := &Operation{
  6934  		ServerResponse: googleapi.ServerResponse{
  6935  			Header:         res.Header,
  6936  			HTTPStatusCode: res.StatusCode,
  6937  		},
  6938  	}
  6939  	target := &ret
  6940  	if err := gensupport.DecodeResponse(target, res); err != nil {
  6941  		return nil, err
  6942  	}
  6943  	return ret, nil
  6944  }
  6945  
  6946  type ProjectsLocationsCertificateTemplatesDeleteCall struct {
  6947  	s          *Service
  6948  	name       string
  6949  	urlParams_ gensupport.URLParams
  6950  	ctx_       context.Context
  6951  	header_    http.Header
  6952  }
  6953  
  6954  // Delete: DeleteCertificateTemplate deletes a CertificateTemplate.
  6955  //
  6956  //   - name: The resource name for this CertificateTemplate in the format
  6957  //     `projects/*/locations/*/certificateTemplates/*`.
  6958  func (r *ProjectsLocationsCertificateTemplatesService) Delete(name string) *ProjectsLocationsCertificateTemplatesDeleteCall {
  6959  	c := &ProjectsLocationsCertificateTemplatesDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  6960  	c.name = name
  6961  	return c
  6962  }
  6963  
  6964  // RequestId sets the optional parameter "requestId": An ID to identify
  6965  // requests. Specify a unique request ID so that if you must retry your
  6966  // request, the server will know to ignore the request if it has already been
  6967  // completed. The server will guarantee that for at least 60 minutes since the
  6968  // first request. For example, consider a situation where you make an initial
  6969  // request and the request times out. If you make the request again with the
  6970  // same request ID, the server can check if original operation with the same
  6971  // request ID was received, and if so, will ignore the second request. This
  6972  // prevents clients from accidentally creating duplicate commitments. The
  6973  // request ID must be a valid UUID with the exception that zero UUID is not
  6974  // supported (00000000-0000-0000-0000-000000000000).
  6975  func (c *ProjectsLocationsCertificateTemplatesDeleteCall) RequestId(requestId string) *ProjectsLocationsCertificateTemplatesDeleteCall {
  6976  	c.urlParams_.Set("requestId", requestId)
  6977  	return c
  6978  }
  6979  
  6980  // Fields allows partial responses to be retrieved. See
  6981  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  6982  // details.
  6983  func (c *ProjectsLocationsCertificateTemplatesDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesDeleteCall {
  6984  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  6985  	return c
  6986  }
  6987  
  6988  // Context sets the context to be used in this call's Do method.
  6989  func (c *ProjectsLocationsCertificateTemplatesDeleteCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesDeleteCall {
  6990  	c.ctx_ = ctx
  6991  	return c
  6992  }
  6993  
  6994  // Header returns a http.Header that can be modified by the caller to add
  6995  // headers to the request.
  6996  func (c *ProjectsLocationsCertificateTemplatesDeleteCall) Header() http.Header {
  6997  	if c.header_ == nil {
  6998  		c.header_ = make(http.Header)
  6999  	}
  7000  	return c.header_
  7001  }
  7002  
  7003  func (c *ProjectsLocationsCertificateTemplatesDeleteCall) doRequest(alt string) (*http.Response, error) {
  7004  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7005  	var body io.Reader = nil
  7006  	c.urlParams_.Set("alt", alt)
  7007  	c.urlParams_.Set("prettyPrint", "false")
  7008  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7009  	urls += "?" + c.urlParams_.Encode()
  7010  	req, err := http.NewRequest("DELETE", urls, body)
  7011  	if err != nil {
  7012  		return nil, err
  7013  	}
  7014  	req.Header = reqHeaders
  7015  	googleapi.Expand(req.URL, map[string]string{
  7016  		"name": c.name,
  7017  	})
  7018  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7019  }
  7020  
  7021  // Do executes the "privateca.projects.locations.certificateTemplates.delete" call.
  7022  // Any non-2xx status code is an error. Response headers are in either
  7023  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  7024  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7025  // whether the returned error was because http.StatusNotModified was returned.
  7026  func (c *ProjectsLocationsCertificateTemplatesDeleteCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  7027  	gensupport.SetOptions(c.urlParams_, opts...)
  7028  	res, err := c.doRequest("json")
  7029  	if res != nil && res.StatusCode == http.StatusNotModified {
  7030  		if res.Body != nil {
  7031  			res.Body.Close()
  7032  		}
  7033  		return nil, gensupport.WrapError(&googleapi.Error{
  7034  			Code:   res.StatusCode,
  7035  			Header: res.Header,
  7036  		})
  7037  	}
  7038  	if err != nil {
  7039  		return nil, err
  7040  	}
  7041  	defer googleapi.CloseBody(res)
  7042  	if err := googleapi.CheckResponse(res); err != nil {
  7043  		return nil, gensupport.WrapError(err)
  7044  	}
  7045  	ret := &Operation{
  7046  		ServerResponse: googleapi.ServerResponse{
  7047  			Header:         res.Header,
  7048  			HTTPStatusCode: res.StatusCode,
  7049  		},
  7050  	}
  7051  	target := &ret
  7052  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7053  		return nil, err
  7054  	}
  7055  	return ret, nil
  7056  }
  7057  
  7058  type ProjectsLocationsCertificateTemplatesGetCall struct {
  7059  	s            *Service
  7060  	name         string
  7061  	urlParams_   gensupport.URLParams
  7062  	ifNoneMatch_ string
  7063  	ctx_         context.Context
  7064  	header_      http.Header
  7065  }
  7066  
  7067  // Get: Returns a CertificateTemplate.
  7068  //
  7069  // - name: The name of the CertificateTemplate to get.
  7070  func (r *ProjectsLocationsCertificateTemplatesService) Get(name string) *ProjectsLocationsCertificateTemplatesGetCall {
  7071  	c := &ProjectsLocationsCertificateTemplatesGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7072  	c.name = name
  7073  	return c
  7074  }
  7075  
  7076  // Fields allows partial responses to be retrieved. See
  7077  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7078  // details.
  7079  func (c *ProjectsLocationsCertificateTemplatesGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesGetCall {
  7080  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7081  	return c
  7082  }
  7083  
  7084  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  7085  // object's ETag matches the given value. This is useful for getting updates
  7086  // only after the object has changed since the last request.
  7087  func (c *ProjectsLocationsCertificateTemplatesGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateTemplatesGetCall {
  7088  	c.ifNoneMatch_ = entityTag
  7089  	return c
  7090  }
  7091  
  7092  // Context sets the context to be used in this call's Do method.
  7093  func (c *ProjectsLocationsCertificateTemplatesGetCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesGetCall {
  7094  	c.ctx_ = ctx
  7095  	return c
  7096  }
  7097  
  7098  // Header returns a http.Header that can be modified by the caller to add
  7099  // headers to the request.
  7100  func (c *ProjectsLocationsCertificateTemplatesGetCall) Header() http.Header {
  7101  	if c.header_ == nil {
  7102  		c.header_ = make(http.Header)
  7103  	}
  7104  	return c.header_
  7105  }
  7106  
  7107  func (c *ProjectsLocationsCertificateTemplatesGetCall) doRequest(alt string) (*http.Response, error) {
  7108  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7109  	if c.ifNoneMatch_ != "" {
  7110  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  7111  	}
  7112  	var body io.Reader = nil
  7113  	c.urlParams_.Set("alt", alt)
  7114  	c.urlParams_.Set("prettyPrint", "false")
  7115  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7116  	urls += "?" + c.urlParams_.Encode()
  7117  	req, err := http.NewRequest("GET", urls, body)
  7118  	if err != nil {
  7119  		return nil, err
  7120  	}
  7121  	req.Header = reqHeaders
  7122  	googleapi.Expand(req.URL, map[string]string{
  7123  		"name": c.name,
  7124  	})
  7125  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7126  }
  7127  
  7128  // Do executes the "privateca.projects.locations.certificateTemplates.get" call.
  7129  // Any non-2xx status code is an error. Response headers are in either
  7130  // *CertificateTemplate.ServerResponse.Header or (if a response was returned at
  7131  // all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  7132  // check whether the returned error was because http.StatusNotModified was
  7133  // returned.
  7134  func (c *ProjectsLocationsCertificateTemplatesGetCall) Do(opts ...googleapi.CallOption) (*CertificateTemplate, error) {
  7135  	gensupport.SetOptions(c.urlParams_, opts...)
  7136  	res, err := c.doRequest("json")
  7137  	if res != nil && res.StatusCode == http.StatusNotModified {
  7138  		if res.Body != nil {
  7139  			res.Body.Close()
  7140  		}
  7141  		return nil, gensupport.WrapError(&googleapi.Error{
  7142  			Code:   res.StatusCode,
  7143  			Header: res.Header,
  7144  		})
  7145  	}
  7146  	if err != nil {
  7147  		return nil, err
  7148  	}
  7149  	defer googleapi.CloseBody(res)
  7150  	if err := googleapi.CheckResponse(res); err != nil {
  7151  		return nil, gensupport.WrapError(err)
  7152  	}
  7153  	ret := &CertificateTemplate{
  7154  		ServerResponse: googleapi.ServerResponse{
  7155  			Header:         res.Header,
  7156  			HTTPStatusCode: res.StatusCode,
  7157  		},
  7158  	}
  7159  	target := &ret
  7160  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7161  		return nil, err
  7162  	}
  7163  	return ret, nil
  7164  }
  7165  
  7166  type ProjectsLocationsCertificateTemplatesGetIamPolicyCall struct {
  7167  	s            *Service
  7168  	resource     string
  7169  	urlParams_   gensupport.URLParams
  7170  	ifNoneMatch_ string
  7171  	ctx_         context.Context
  7172  	header_      http.Header
  7173  }
  7174  
  7175  // GetIamPolicy: Gets the access control policy for a resource. Returns an
  7176  // empty policy if the resource exists and does not have a policy set.
  7177  //
  7178  //   - resource: REQUIRED: The resource for which the policy is being requested.
  7179  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  7180  //     for the appropriate value for this field.
  7181  func (r *ProjectsLocationsCertificateTemplatesService) GetIamPolicy(resource string) *ProjectsLocationsCertificateTemplatesGetIamPolicyCall {
  7182  	c := &ProjectsLocationsCertificateTemplatesGetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7183  	c.resource = resource
  7184  	return c
  7185  }
  7186  
  7187  // OptionsRequestedPolicyVersion sets the optional parameter
  7188  // "options.requestedPolicyVersion": The maximum policy version that will be
  7189  // used to format the policy. Valid values are 0, 1, and 3. Requests specifying
  7190  // an invalid value will be rejected. Requests for policies with any
  7191  // conditional role bindings must specify version 3. Policies with no
  7192  // conditional role bindings may specify any valid value or leave the field
  7193  // unset. The policy in the response might use the policy version that you
  7194  // specified, or it might use a lower policy version. For example, if you
  7195  // specify version 3, but the policy has no conditional role bindings, the
  7196  // response uses version 1. To learn which resources support conditions in
  7197  // their IAM policies, see the IAM documentation
  7198  // (https://cloud.google.com/iam/help/conditions/resource-policies).
  7199  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) OptionsRequestedPolicyVersion(optionsRequestedPolicyVersion int64) *ProjectsLocationsCertificateTemplatesGetIamPolicyCall {
  7200  	c.urlParams_.Set("options.requestedPolicyVersion", fmt.Sprint(optionsRequestedPolicyVersion))
  7201  	return c
  7202  }
  7203  
  7204  // Fields allows partial responses to be retrieved. See
  7205  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7206  // details.
  7207  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesGetIamPolicyCall {
  7208  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7209  	return c
  7210  }
  7211  
  7212  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  7213  // object's ETag matches the given value. This is useful for getting updates
  7214  // only after the object has changed since the last request.
  7215  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateTemplatesGetIamPolicyCall {
  7216  	c.ifNoneMatch_ = entityTag
  7217  	return c
  7218  }
  7219  
  7220  // Context sets the context to be used in this call's Do method.
  7221  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesGetIamPolicyCall {
  7222  	c.ctx_ = ctx
  7223  	return c
  7224  }
  7225  
  7226  // Header returns a http.Header that can be modified by the caller to add
  7227  // headers to the request.
  7228  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) Header() http.Header {
  7229  	if c.header_ == nil {
  7230  		c.header_ = make(http.Header)
  7231  	}
  7232  	return c.header_
  7233  }
  7234  
  7235  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  7236  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7237  	if c.ifNoneMatch_ != "" {
  7238  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  7239  	}
  7240  	var body io.Reader = nil
  7241  	c.urlParams_.Set("alt", alt)
  7242  	c.urlParams_.Set("prettyPrint", "false")
  7243  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:getIamPolicy")
  7244  	urls += "?" + c.urlParams_.Encode()
  7245  	req, err := http.NewRequest("GET", urls, body)
  7246  	if err != nil {
  7247  		return nil, err
  7248  	}
  7249  	req.Header = reqHeaders
  7250  	googleapi.Expand(req.URL, map[string]string{
  7251  		"resource": c.resource,
  7252  	})
  7253  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7254  }
  7255  
  7256  // Do executes the "privateca.projects.locations.certificateTemplates.getIamPolicy" call.
  7257  // Any non-2xx status code is an error. Response headers are in either
  7258  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  7259  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7260  // whether the returned error was because http.StatusNotModified was returned.
  7261  func (c *ProjectsLocationsCertificateTemplatesGetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  7262  	gensupport.SetOptions(c.urlParams_, opts...)
  7263  	res, err := c.doRequest("json")
  7264  	if res != nil && res.StatusCode == http.StatusNotModified {
  7265  		if res.Body != nil {
  7266  			res.Body.Close()
  7267  		}
  7268  		return nil, gensupport.WrapError(&googleapi.Error{
  7269  			Code:   res.StatusCode,
  7270  			Header: res.Header,
  7271  		})
  7272  	}
  7273  	if err != nil {
  7274  		return nil, err
  7275  	}
  7276  	defer googleapi.CloseBody(res)
  7277  	if err := googleapi.CheckResponse(res); err != nil {
  7278  		return nil, gensupport.WrapError(err)
  7279  	}
  7280  	ret := &Policy{
  7281  		ServerResponse: googleapi.ServerResponse{
  7282  			Header:         res.Header,
  7283  			HTTPStatusCode: res.StatusCode,
  7284  		},
  7285  	}
  7286  	target := &ret
  7287  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7288  		return nil, err
  7289  	}
  7290  	return ret, nil
  7291  }
  7292  
  7293  type ProjectsLocationsCertificateTemplatesListCall struct {
  7294  	s            *Service
  7295  	parent       string
  7296  	urlParams_   gensupport.URLParams
  7297  	ifNoneMatch_ string
  7298  	ctx_         context.Context
  7299  	header_      http.Header
  7300  }
  7301  
  7302  // List: Lists CertificateTemplates.
  7303  //
  7304  //   - parent: The resource name of the location associated with the
  7305  //     CertificateTemplates, in the format `projects/*/locations/*`.
  7306  func (r *ProjectsLocationsCertificateTemplatesService) List(parent string) *ProjectsLocationsCertificateTemplatesListCall {
  7307  	c := &ProjectsLocationsCertificateTemplatesListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7308  	c.parent = parent
  7309  	return c
  7310  }
  7311  
  7312  // Filter sets the optional parameter "filter": Only include resources that
  7313  // match the filter in the response.
  7314  func (c *ProjectsLocationsCertificateTemplatesListCall) Filter(filter string) *ProjectsLocationsCertificateTemplatesListCall {
  7315  	c.urlParams_.Set("filter", filter)
  7316  	return c
  7317  }
  7318  
  7319  // OrderBy sets the optional parameter "orderBy": Specify how the results
  7320  // should be sorted.
  7321  func (c *ProjectsLocationsCertificateTemplatesListCall) OrderBy(orderBy string) *ProjectsLocationsCertificateTemplatesListCall {
  7322  	c.urlParams_.Set("orderBy", orderBy)
  7323  	return c
  7324  }
  7325  
  7326  // PageSize sets the optional parameter "pageSize": Limit on the number of
  7327  // CertificateTemplates to include in the response. Further
  7328  // CertificateTemplates can subsequently be obtained by including the
  7329  // ListCertificateTemplatesResponse.next_page_token in a subsequent request. If
  7330  // unspecified, the server will pick an appropriate default.
  7331  func (c *ProjectsLocationsCertificateTemplatesListCall) PageSize(pageSize int64) *ProjectsLocationsCertificateTemplatesListCall {
  7332  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  7333  	return c
  7334  }
  7335  
  7336  // PageToken sets the optional parameter "pageToken": Pagination token,
  7337  // returned earlier via ListCertificateTemplatesResponse.next_page_token.
  7338  func (c *ProjectsLocationsCertificateTemplatesListCall) PageToken(pageToken string) *ProjectsLocationsCertificateTemplatesListCall {
  7339  	c.urlParams_.Set("pageToken", pageToken)
  7340  	return c
  7341  }
  7342  
  7343  // Fields allows partial responses to be retrieved. See
  7344  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7345  // details.
  7346  func (c *ProjectsLocationsCertificateTemplatesListCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesListCall {
  7347  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7348  	return c
  7349  }
  7350  
  7351  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  7352  // object's ETag matches the given value. This is useful for getting updates
  7353  // only after the object has changed since the last request.
  7354  func (c *ProjectsLocationsCertificateTemplatesListCall) IfNoneMatch(entityTag string) *ProjectsLocationsCertificateTemplatesListCall {
  7355  	c.ifNoneMatch_ = entityTag
  7356  	return c
  7357  }
  7358  
  7359  // Context sets the context to be used in this call's Do method.
  7360  func (c *ProjectsLocationsCertificateTemplatesListCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesListCall {
  7361  	c.ctx_ = ctx
  7362  	return c
  7363  }
  7364  
  7365  // Header returns a http.Header that can be modified by the caller to add
  7366  // headers to the request.
  7367  func (c *ProjectsLocationsCertificateTemplatesListCall) Header() http.Header {
  7368  	if c.header_ == nil {
  7369  		c.header_ = make(http.Header)
  7370  	}
  7371  	return c.header_
  7372  }
  7373  
  7374  func (c *ProjectsLocationsCertificateTemplatesListCall) doRequest(alt string) (*http.Response, error) {
  7375  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7376  	if c.ifNoneMatch_ != "" {
  7377  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  7378  	}
  7379  	var body io.Reader = nil
  7380  	c.urlParams_.Set("alt", alt)
  7381  	c.urlParams_.Set("prettyPrint", "false")
  7382  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+parent}/certificateTemplates")
  7383  	urls += "?" + c.urlParams_.Encode()
  7384  	req, err := http.NewRequest("GET", urls, body)
  7385  	if err != nil {
  7386  		return nil, err
  7387  	}
  7388  	req.Header = reqHeaders
  7389  	googleapi.Expand(req.URL, map[string]string{
  7390  		"parent": c.parent,
  7391  	})
  7392  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7393  }
  7394  
  7395  // Do executes the "privateca.projects.locations.certificateTemplates.list" call.
  7396  // Any non-2xx status code is an error. Response headers are in either
  7397  // *ListCertificateTemplatesResponse.ServerResponse.Header or (if a response
  7398  // was returned at all) in error.(*googleapi.Error).Header. Use
  7399  // googleapi.IsNotModified to check whether the returned error was because
  7400  // http.StatusNotModified was returned.
  7401  func (c *ProjectsLocationsCertificateTemplatesListCall) Do(opts ...googleapi.CallOption) (*ListCertificateTemplatesResponse, error) {
  7402  	gensupport.SetOptions(c.urlParams_, opts...)
  7403  	res, err := c.doRequest("json")
  7404  	if res != nil && res.StatusCode == http.StatusNotModified {
  7405  		if res.Body != nil {
  7406  			res.Body.Close()
  7407  		}
  7408  		return nil, gensupport.WrapError(&googleapi.Error{
  7409  			Code:   res.StatusCode,
  7410  			Header: res.Header,
  7411  		})
  7412  	}
  7413  	if err != nil {
  7414  		return nil, err
  7415  	}
  7416  	defer googleapi.CloseBody(res)
  7417  	if err := googleapi.CheckResponse(res); err != nil {
  7418  		return nil, gensupport.WrapError(err)
  7419  	}
  7420  	ret := &ListCertificateTemplatesResponse{
  7421  		ServerResponse: googleapi.ServerResponse{
  7422  			Header:         res.Header,
  7423  			HTTPStatusCode: res.StatusCode,
  7424  		},
  7425  	}
  7426  	target := &ret
  7427  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7428  		return nil, err
  7429  	}
  7430  	return ret, nil
  7431  }
  7432  
  7433  // Pages invokes f for each page of results.
  7434  // A non-nil error returned from f will halt the iteration.
  7435  // The provided context supersedes any context provided to the Context method.
  7436  func (c *ProjectsLocationsCertificateTemplatesListCall) Pages(ctx context.Context, f func(*ListCertificateTemplatesResponse) error) error {
  7437  	c.ctx_ = ctx
  7438  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  7439  	for {
  7440  		x, err := c.Do()
  7441  		if err != nil {
  7442  			return err
  7443  		}
  7444  		if err := f(x); err != nil {
  7445  			return err
  7446  		}
  7447  		if x.NextPageToken == "" {
  7448  			return nil
  7449  		}
  7450  		c.PageToken(x.NextPageToken)
  7451  	}
  7452  }
  7453  
  7454  type ProjectsLocationsCertificateTemplatesPatchCall struct {
  7455  	s                   *Service
  7456  	name                string
  7457  	certificatetemplate *CertificateTemplate
  7458  	urlParams_          gensupport.URLParams
  7459  	ctx_                context.Context
  7460  	header_             http.Header
  7461  }
  7462  
  7463  // Patch: Update a CertificateTemplate.
  7464  //
  7465  //   - name: Output only. The resource name for this CertificateTemplate in the
  7466  //     format `projects/*/locations/*/certificateTemplates/*`.
  7467  func (r *ProjectsLocationsCertificateTemplatesService) Patch(name string, certificatetemplate *CertificateTemplate) *ProjectsLocationsCertificateTemplatesPatchCall {
  7468  	c := &ProjectsLocationsCertificateTemplatesPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7469  	c.name = name
  7470  	c.certificatetemplate = certificatetemplate
  7471  	return c
  7472  }
  7473  
  7474  // RequestId sets the optional parameter "requestId": An ID to identify
  7475  // requests. Specify a unique request ID so that if you must retry your
  7476  // request, the server will know to ignore the request if it has already been
  7477  // completed. The server will guarantee that for at least 60 minutes since the
  7478  // first request. For example, consider a situation where you make an initial
  7479  // request and the request times out. If you make the request again with the
  7480  // same request ID, the server can check if original operation with the same
  7481  // request ID was received, and if so, will ignore the second request. This
  7482  // prevents clients from accidentally creating duplicate commitments. The
  7483  // request ID must be a valid UUID with the exception that zero UUID is not
  7484  // supported (00000000-0000-0000-0000-000000000000).
  7485  func (c *ProjectsLocationsCertificateTemplatesPatchCall) RequestId(requestId string) *ProjectsLocationsCertificateTemplatesPatchCall {
  7486  	c.urlParams_.Set("requestId", requestId)
  7487  	return c
  7488  }
  7489  
  7490  // UpdateMask sets the optional parameter "updateMask": Required. A list of
  7491  // fields to be updated in this request.
  7492  func (c *ProjectsLocationsCertificateTemplatesPatchCall) UpdateMask(updateMask string) *ProjectsLocationsCertificateTemplatesPatchCall {
  7493  	c.urlParams_.Set("updateMask", updateMask)
  7494  	return c
  7495  }
  7496  
  7497  // Fields allows partial responses to be retrieved. See
  7498  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7499  // details.
  7500  func (c *ProjectsLocationsCertificateTemplatesPatchCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesPatchCall {
  7501  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7502  	return c
  7503  }
  7504  
  7505  // Context sets the context to be used in this call's Do method.
  7506  func (c *ProjectsLocationsCertificateTemplatesPatchCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesPatchCall {
  7507  	c.ctx_ = ctx
  7508  	return c
  7509  }
  7510  
  7511  // Header returns a http.Header that can be modified by the caller to add
  7512  // headers to the request.
  7513  func (c *ProjectsLocationsCertificateTemplatesPatchCall) Header() http.Header {
  7514  	if c.header_ == nil {
  7515  		c.header_ = make(http.Header)
  7516  	}
  7517  	return c.header_
  7518  }
  7519  
  7520  func (c *ProjectsLocationsCertificateTemplatesPatchCall) doRequest(alt string) (*http.Response, error) {
  7521  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7522  	var body io.Reader = nil
  7523  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.certificatetemplate)
  7524  	if err != nil {
  7525  		return nil, err
  7526  	}
  7527  	c.urlParams_.Set("alt", alt)
  7528  	c.urlParams_.Set("prettyPrint", "false")
  7529  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7530  	urls += "?" + c.urlParams_.Encode()
  7531  	req, err := http.NewRequest("PATCH", urls, body)
  7532  	if err != nil {
  7533  		return nil, err
  7534  	}
  7535  	req.Header = reqHeaders
  7536  	googleapi.Expand(req.URL, map[string]string{
  7537  		"name": c.name,
  7538  	})
  7539  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7540  }
  7541  
  7542  // Do executes the "privateca.projects.locations.certificateTemplates.patch" call.
  7543  // Any non-2xx status code is an error. Response headers are in either
  7544  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  7545  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7546  // whether the returned error was because http.StatusNotModified was returned.
  7547  func (c *ProjectsLocationsCertificateTemplatesPatchCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  7548  	gensupport.SetOptions(c.urlParams_, opts...)
  7549  	res, err := c.doRequest("json")
  7550  	if res != nil && res.StatusCode == http.StatusNotModified {
  7551  		if res.Body != nil {
  7552  			res.Body.Close()
  7553  		}
  7554  		return nil, gensupport.WrapError(&googleapi.Error{
  7555  			Code:   res.StatusCode,
  7556  			Header: res.Header,
  7557  		})
  7558  	}
  7559  	if err != nil {
  7560  		return nil, err
  7561  	}
  7562  	defer googleapi.CloseBody(res)
  7563  	if err := googleapi.CheckResponse(res); err != nil {
  7564  		return nil, gensupport.WrapError(err)
  7565  	}
  7566  	ret := &Operation{
  7567  		ServerResponse: googleapi.ServerResponse{
  7568  			Header:         res.Header,
  7569  			HTTPStatusCode: res.StatusCode,
  7570  		},
  7571  	}
  7572  	target := &ret
  7573  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7574  		return nil, err
  7575  	}
  7576  	return ret, nil
  7577  }
  7578  
  7579  type ProjectsLocationsCertificateTemplatesSetIamPolicyCall struct {
  7580  	s                   *Service
  7581  	resource            string
  7582  	setiampolicyrequest *SetIamPolicyRequest
  7583  	urlParams_          gensupport.URLParams
  7584  	ctx_                context.Context
  7585  	header_             http.Header
  7586  }
  7587  
  7588  // SetIamPolicy: Sets the access control policy on the specified resource.
  7589  // Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`,
  7590  // and `PERMISSION_DENIED` errors.
  7591  //
  7592  //   - resource: REQUIRED: The resource for which the policy is being specified.
  7593  //     See Resource names (https://cloud.google.com/apis/design/resource_names)
  7594  //     for the appropriate value for this field.
  7595  func (r *ProjectsLocationsCertificateTemplatesService) SetIamPolicy(resource string, setiampolicyrequest *SetIamPolicyRequest) *ProjectsLocationsCertificateTemplatesSetIamPolicyCall {
  7596  	c := &ProjectsLocationsCertificateTemplatesSetIamPolicyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7597  	c.resource = resource
  7598  	c.setiampolicyrequest = setiampolicyrequest
  7599  	return c
  7600  }
  7601  
  7602  // Fields allows partial responses to be retrieved. See
  7603  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7604  // details.
  7605  func (c *ProjectsLocationsCertificateTemplatesSetIamPolicyCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesSetIamPolicyCall {
  7606  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7607  	return c
  7608  }
  7609  
  7610  // Context sets the context to be used in this call's Do method.
  7611  func (c *ProjectsLocationsCertificateTemplatesSetIamPolicyCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesSetIamPolicyCall {
  7612  	c.ctx_ = ctx
  7613  	return c
  7614  }
  7615  
  7616  // Header returns a http.Header that can be modified by the caller to add
  7617  // headers to the request.
  7618  func (c *ProjectsLocationsCertificateTemplatesSetIamPolicyCall) Header() http.Header {
  7619  	if c.header_ == nil {
  7620  		c.header_ = make(http.Header)
  7621  	}
  7622  	return c.header_
  7623  }
  7624  
  7625  func (c *ProjectsLocationsCertificateTemplatesSetIamPolicyCall) doRequest(alt string) (*http.Response, error) {
  7626  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7627  	var body io.Reader = nil
  7628  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.setiampolicyrequest)
  7629  	if err != nil {
  7630  		return nil, err
  7631  	}
  7632  	c.urlParams_.Set("alt", alt)
  7633  	c.urlParams_.Set("prettyPrint", "false")
  7634  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:setIamPolicy")
  7635  	urls += "?" + c.urlParams_.Encode()
  7636  	req, err := http.NewRequest("POST", urls, body)
  7637  	if err != nil {
  7638  		return nil, err
  7639  	}
  7640  	req.Header = reqHeaders
  7641  	googleapi.Expand(req.URL, map[string]string{
  7642  		"resource": c.resource,
  7643  	})
  7644  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7645  }
  7646  
  7647  // Do executes the "privateca.projects.locations.certificateTemplates.setIamPolicy" call.
  7648  // Any non-2xx status code is an error. Response headers are in either
  7649  // *Policy.ServerResponse.Header or (if a response was returned at all) in
  7650  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7651  // whether the returned error was because http.StatusNotModified was returned.
  7652  func (c *ProjectsLocationsCertificateTemplatesSetIamPolicyCall) Do(opts ...googleapi.CallOption) (*Policy, error) {
  7653  	gensupport.SetOptions(c.urlParams_, opts...)
  7654  	res, err := c.doRequest("json")
  7655  	if res != nil && res.StatusCode == http.StatusNotModified {
  7656  		if res.Body != nil {
  7657  			res.Body.Close()
  7658  		}
  7659  		return nil, gensupport.WrapError(&googleapi.Error{
  7660  			Code:   res.StatusCode,
  7661  			Header: res.Header,
  7662  		})
  7663  	}
  7664  	if err != nil {
  7665  		return nil, err
  7666  	}
  7667  	defer googleapi.CloseBody(res)
  7668  	if err := googleapi.CheckResponse(res); err != nil {
  7669  		return nil, gensupport.WrapError(err)
  7670  	}
  7671  	ret := &Policy{
  7672  		ServerResponse: googleapi.ServerResponse{
  7673  			Header:         res.Header,
  7674  			HTTPStatusCode: res.StatusCode,
  7675  		},
  7676  	}
  7677  	target := &ret
  7678  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7679  		return nil, err
  7680  	}
  7681  	return ret, nil
  7682  }
  7683  
  7684  type ProjectsLocationsCertificateTemplatesTestIamPermissionsCall struct {
  7685  	s                         *Service
  7686  	resource                  string
  7687  	testiampermissionsrequest *TestIamPermissionsRequest
  7688  	urlParams_                gensupport.URLParams
  7689  	ctx_                      context.Context
  7690  	header_                   http.Header
  7691  }
  7692  
  7693  // TestIamPermissions: Returns permissions that a caller has on the specified
  7694  // resource. If the resource does not exist, this will return an empty set of
  7695  // permissions, not a `NOT_FOUND` error. Note: This operation is designed to be
  7696  // used for building permission-aware UIs and command-line tools, not for
  7697  // authorization checking. This operation may "fail open" without warning.
  7698  //
  7699  //   - resource: REQUIRED: The resource for which the policy detail is being
  7700  //     requested. See Resource names
  7701  //     (https://cloud.google.com/apis/design/resource_names) for the appropriate
  7702  //     value for this field.
  7703  func (r *ProjectsLocationsCertificateTemplatesService) TestIamPermissions(resource string, testiampermissionsrequest *TestIamPermissionsRequest) *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall {
  7704  	c := &ProjectsLocationsCertificateTemplatesTestIamPermissionsCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7705  	c.resource = resource
  7706  	c.testiampermissionsrequest = testiampermissionsrequest
  7707  	return c
  7708  }
  7709  
  7710  // Fields allows partial responses to be retrieved. See
  7711  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7712  // details.
  7713  func (c *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall) Fields(s ...googleapi.Field) *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall {
  7714  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7715  	return c
  7716  }
  7717  
  7718  // Context sets the context to be used in this call's Do method.
  7719  func (c *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall) Context(ctx context.Context) *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall {
  7720  	c.ctx_ = ctx
  7721  	return c
  7722  }
  7723  
  7724  // Header returns a http.Header that can be modified by the caller to add
  7725  // headers to the request.
  7726  func (c *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall) Header() http.Header {
  7727  	if c.header_ == nil {
  7728  		c.header_ = make(http.Header)
  7729  	}
  7730  	return c.header_
  7731  }
  7732  
  7733  func (c *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall) doRequest(alt string) (*http.Response, error) {
  7734  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7735  	var body io.Reader = nil
  7736  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.testiampermissionsrequest)
  7737  	if err != nil {
  7738  		return nil, err
  7739  	}
  7740  	c.urlParams_.Set("alt", alt)
  7741  	c.urlParams_.Set("prettyPrint", "false")
  7742  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+resource}:testIamPermissions")
  7743  	urls += "?" + c.urlParams_.Encode()
  7744  	req, err := http.NewRequest("POST", urls, body)
  7745  	if err != nil {
  7746  		return nil, err
  7747  	}
  7748  	req.Header = reqHeaders
  7749  	googleapi.Expand(req.URL, map[string]string{
  7750  		"resource": c.resource,
  7751  	})
  7752  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7753  }
  7754  
  7755  // Do executes the "privateca.projects.locations.certificateTemplates.testIamPermissions" call.
  7756  // Any non-2xx status code is an error. Response headers are in either
  7757  // *TestIamPermissionsResponse.ServerResponse.Header or (if a response was
  7758  // returned at all) in error.(*googleapi.Error).Header. Use
  7759  // googleapi.IsNotModified to check whether the returned error was because
  7760  // http.StatusNotModified was returned.
  7761  func (c *ProjectsLocationsCertificateTemplatesTestIamPermissionsCall) Do(opts ...googleapi.CallOption) (*TestIamPermissionsResponse, error) {
  7762  	gensupport.SetOptions(c.urlParams_, opts...)
  7763  	res, err := c.doRequest("json")
  7764  	if res != nil && res.StatusCode == http.StatusNotModified {
  7765  		if res.Body != nil {
  7766  			res.Body.Close()
  7767  		}
  7768  		return nil, gensupport.WrapError(&googleapi.Error{
  7769  			Code:   res.StatusCode,
  7770  			Header: res.Header,
  7771  		})
  7772  	}
  7773  	if err != nil {
  7774  		return nil, err
  7775  	}
  7776  	defer googleapi.CloseBody(res)
  7777  	if err := googleapi.CheckResponse(res); err != nil {
  7778  		return nil, gensupport.WrapError(err)
  7779  	}
  7780  	ret := &TestIamPermissionsResponse{
  7781  		ServerResponse: googleapi.ServerResponse{
  7782  			Header:         res.Header,
  7783  			HTTPStatusCode: res.StatusCode,
  7784  		},
  7785  	}
  7786  	target := &ret
  7787  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7788  		return nil, err
  7789  	}
  7790  	return ret, nil
  7791  }
  7792  
  7793  type ProjectsLocationsOperationsCancelCall struct {
  7794  	s                      *Service
  7795  	name                   string
  7796  	canceloperationrequest *CancelOperationRequest
  7797  	urlParams_             gensupport.URLParams
  7798  	ctx_                   context.Context
  7799  	header_                http.Header
  7800  }
  7801  
  7802  // Cancel: Starts asynchronous cancellation on a long-running operation. The
  7803  // server makes a best effort to cancel the operation, but success is not
  7804  // guaranteed. If the server doesn't support this method, it returns
  7805  // `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation or
  7806  // other methods to check whether the cancellation succeeded or whether the
  7807  // operation completed despite cancellation. On successful cancellation, the
  7808  // operation is not deleted; instead, it becomes an operation with an
  7809  // Operation.error value with a google.rpc.Status.code of 1, corresponding to
  7810  // `Code.CANCELLED`.
  7811  //
  7812  // - name: The name of the operation resource to be cancelled.
  7813  func (r *ProjectsLocationsOperationsService) Cancel(name string, canceloperationrequest *CancelOperationRequest) *ProjectsLocationsOperationsCancelCall {
  7814  	c := &ProjectsLocationsOperationsCancelCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7815  	c.name = name
  7816  	c.canceloperationrequest = canceloperationrequest
  7817  	return c
  7818  }
  7819  
  7820  // Fields allows partial responses to be retrieved. See
  7821  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7822  // details.
  7823  func (c *ProjectsLocationsOperationsCancelCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsCancelCall {
  7824  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7825  	return c
  7826  }
  7827  
  7828  // Context sets the context to be used in this call's Do method.
  7829  func (c *ProjectsLocationsOperationsCancelCall) Context(ctx context.Context) *ProjectsLocationsOperationsCancelCall {
  7830  	c.ctx_ = ctx
  7831  	return c
  7832  }
  7833  
  7834  // Header returns a http.Header that can be modified by the caller to add
  7835  // headers to the request.
  7836  func (c *ProjectsLocationsOperationsCancelCall) Header() http.Header {
  7837  	if c.header_ == nil {
  7838  		c.header_ = make(http.Header)
  7839  	}
  7840  	return c.header_
  7841  }
  7842  
  7843  func (c *ProjectsLocationsOperationsCancelCall) doRequest(alt string) (*http.Response, error) {
  7844  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
  7845  	var body io.Reader = nil
  7846  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.canceloperationrequest)
  7847  	if err != nil {
  7848  		return nil, err
  7849  	}
  7850  	c.urlParams_.Set("alt", alt)
  7851  	c.urlParams_.Set("prettyPrint", "false")
  7852  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}:cancel")
  7853  	urls += "?" + c.urlParams_.Encode()
  7854  	req, err := http.NewRequest("POST", urls, body)
  7855  	if err != nil {
  7856  		return nil, err
  7857  	}
  7858  	req.Header = reqHeaders
  7859  	googleapi.Expand(req.URL, map[string]string{
  7860  		"name": c.name,
  7861  	})
  7862  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7863  }
  7864  
  7865  // Do executes the "privateca.projects.locations.operations.cancel" call.
  7866  // Any non-2xx status code is an error. Response headers are in either
  7867  // *Empty.ServerResponse.Header or (if a response was returned at all) in
  7868  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7869  // whether the returned error was because http.StatusNotModified was returned.
  7870  func (c *ProjectsLocationsOperationsCancelCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
  7871  	gensupport.SetOptions(c.urlParams_, opts...)
  7872  	res, err := c.doRequest("json")
  7873  	if res != nil && res.StatusCode == http.StatusNotModified {
  7874  		if res.Body != nil {
  7875  			res.Body.Close()
  7876  		}
  7877  		return nil, gensupport.WrapError(&googleapi.Error{
  7878  			Code:   res.StatusCode,
  7879  			Header: res.Header,
  7880  		})
  7881  	}
  7882  	if err != nil {
  7883  		return nil, err
  7884  	}
  7885  	defer googleapi.CloseBody(res)
  7886  	if err := googleapi.CheckResponse(res); err != nil {
  7887  		return nil, gensupport.WrapError(err)
  7888  	}
  7889  	ret := &Empty{
  7890  		ServerResponse: googleapi.ServerResponse{
  7891  			Header:         res.Header,
  7892  			HTTPStatusCode: res.StatusCode,
  7893  		},
  7894  	}
  7895  	target := &ret
  7896  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7897  		return nil, err
  7898  	}
  7899  	return ret, nil
  7900  }
  7901  
  7902  type ProjectsLocationsOperationsDeleteCall struct {
  7903  	s          *Service
  7904  	name       string
  7905  	urlParams_ gensupport.URLParams
  7906  	ctx_       context.Context
  7907  	header_    http.Header
  7908  }
  7909  
  7910  // Delete: Deletes a long-running operation. This method indicates that the
  7911  // client is no longer interested in the operation result. It does not cancel
  7912  // the operation. If the server doesn't support this method, it returns
  7913  // `google.rpc.Code.UNIMPLEMENTED`.
  7914  //
  7915  // - name: The name of the operation resource to be deleted.
  7916  func (r *ProjectsLocationsOperationsService) Delete(name string) *ProjectsLocationsOperationsDeleteCall {
  7917  	c := &ProjectsLocationsOperationsDeleteCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  7918  	c.name = name
  7919  	return c
  7920  }
  7921  
  7922  // Fields allows partial responses to be retrieved. See
  7923  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  7924  // details.
  7925  func (c *ProjectsLocationsOperationsDeleteCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsDeleteCall {
  7926  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  7927  	return c
  7928  }
  7929  
  7930  // Context sets the context to be used in this call's Do method.
  7931  func (c *ProjectsLocationsOperationsDeleteCall) Context(ctx context.Context) *ProjectsLocationsOperationsDeleteCall {
  7932  	c.ctx_ = ctx
  7933  	return c
  7934  }
  7935  
  7936  // Header returns a http.Header that can be modified by the caller to add
  7937  // headers to the request.
  7938  func (c *ProjectsLocationsOperationsDeleteCall) Header() http.Header {
  7939  	if c.header_ == nil {
  7940  		c.header_ = make(http.Header)
  7941  	}
  7942  	return c.header_
  7943  }
  7944  
  7945  func (c *ProjectsLocationsOperationsDeleteCall) doRequest(alt string) (*http.Response, error) {
  7946  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  7947  	var body io.Reader = nil
  7948  	c.urlParams_.Set("alt", alt)
  7949  	c.urlParams_.Set("prettyPrint", "false")
  7950  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  7951  	urls += "?" + c.urlParams_.Encode()
  7952  	req, err := http.NewRequest("DELETE", urls, body)
  7953  	if err != nil {
  7954  		return nil, err
  7955  	}
  7956  	req.Header = reqHeaders
  7957  	googleapi.Expand(req.URL, map[string]string{
  7958  		"name": c.name,
  7959  	})
  7960  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  7961  }
  7962  
  7963  // Do executes the "privateca.projects.locations.operations.delete" call.
  7964  // Any non-2xx status code is an error. Response headers are in either
  7965  // *Empty.ServerResponse.Header or (if a response was returned at all) in
  7966  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  7967  // whether the returned error was because http.StatusNotModified was returned.
  7968  func (c *ProjectsLocationsOperationsDeleteCall) Do(opts ...googleapi.CallOption) (*Empty, error) {
  7969  	gensupport.SetOptions(c.urlParams_, opts...)
  7970  	res, err := c.doRequest("json")
  7971  	if res != nil && res.StatusCode == http.StatusNotModified {
  7972  		if res.Body != nil {
  7973  			res.Body.Close()
  7974  		}
  7975  		return nil, gensupport.WrapError(&googleapi.Error{
  7976  			Code:   res.StatusCode,
  7977  			Header: res.Header,
  7978  		})
  7979  	}
  7980  	if err != nil {
  7981  		return nil, err
  7982  	}
  7983  	defer googleapi.CloseBody(res)
  7984  	if err := googleapi.CheckResponse(res); err != nil {
  7985  		return nil, gensupport.WrapError(err)
  7986  	}
  7987  	ret := &Empty{
  7988  		ServerResponse: googleapi.ServerResponse{
  7989  			Header:         res.Header,
  7990  			HTTPStatusCode: res.StatusCode,
  7991  		},
  7992  	}
  7993  	target := &ret
  7994  	if err := gensupport.DecodeResponse(target, res); err != nil {
  7995  		return nil, err
  7996  	}
  7997  	return ret, nil
  7998  }
  7999  
  8000  type ProjectsLocationsOperationsGetCall struct {
  8001  	s            *Service
  8002  	name         string
  8003  	urlParams_   gensupport.URLParams
  8004  	ifNoneMatch_ string
  8005  	ctx_         context.Context
  8006  	header_      http.Header
  8007  }
  8008  
  8009  // Get: Gets the latest state of a long-running operation. Clients can use this
  8010  // method to poll the operation result at intervals as recommended by the API
  8011  // service.
  8012  //
  8013  // - name: The name of the operation resource.
  8014  func (r *ProjectsLocationsOperationsService) Get(name string) *ProjectsLocationsOperationsGetCall {
  8015  	c := &ProjectsLocationsOperationsGetCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8016  	c.name = name
  8017  	return c
  8018  }
  8019  
  8020  // Fields allows partial responses to be retrieved. See
  8021  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8022  // details.
  8023  func (c *ProjectsLocationsOperationsGetCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsGetCall {
  8024  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8025  	return c
  8026  }
  8027  
  8028  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  8029  // object's ETag matches the given value. This is useful for getting updates
  8030  // only after the object has changed since the last request.
  8031  func (c *ProjectsLocationsOperationsGetCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsGetCall {
  8032  	c.ifNoneMatch_ = entityTag
  8033  	return c
  8034  }
  8035  
  8036  // Context sets the context to be used in this call's Do method.
  8037  func (c *ProjectsLocationsOperationsGetCall) Context(ctx context.Context) *ProjectsLocationsOperationsGetCall {
  8038  	c.ctx_ = ctx
  8039  	return c
  8040  }
  8041  
  8042  // Header returns a http.Header that can be modified by the caller to add
  8043  // headers to the request.
  8044  func (c *ProjectsLocationsOperationsGetCall) Header() http.Header {
  8045  	if c.header_ == nil {
  8046  		c.header_ = make(http.Header)
  8047  	}
  8048  	return c.header_
  8049  }
  8050  
  8051  func (c *ProjectsLocationsOperationsGetCall) doRequest(alt string) (*http.Response, error) {
  8052  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8053  	if c.ifNoneMatch_ != "" {
  8054  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  8055  	}
  8056  	var body io.Reader = nil
  8057  	c.urlParams_.Set("alt", alt)
  8058  	c.urlParams_.Set("prettyPrint", "false")
  8059  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}")
  8060  	urls += "?" + c.urlParams_.Encode()
  8061  	req, err := http.NewRequest("GET", urls, body)
  8062  	if err != nil {
  8063  		return nil, err
  8064  	}
  8065  	req.Header = reqHeaders
  8066  	googleapi.Expand(req.URL, map[string]string{
  8067  		"name": c.name,
  8068  	})
  8069  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8070  }
  8071  
  8072  // Do executes the "privateca.projects.locations.operations.get" call.
  8073  // Any non-2xx status code is an error. Response headers are in either
  8074  // *Operation.ServerResponse.Header or (if a response was returned at all) in
  8075  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
  8076  // whether the returned error was because http.StatusNotModified was returned.
  8077  func (c *ProjectsLocationsOperationsGetCall) Do(opts ...googleapi.CallOption) (*Operation, error) {
  8078  	gensupport.SetOptions(c.urlParams_, opts...)
  8079  	res, err := c.doRequest("json")
  8080  	if res != nil && res.StatusCode == http.StatusNotModified {
  8081  		if res.Body != nil {
  8082  			res.Body.Close()
  8083  		}
  8084  		return nil, gensupport.WrapError(&googleapi.Error{
  8085  			Code:   res.StatusCode,
  8086  			Header: res.Header,
  8087  		})
  8088  	}
  8089  	if err != nil {
  8090  		return nil, err
  8091  	}
  8092  	defer googleapi.CloseBody(res)
  8093  	if err := googleapi.CheckResponse(res); err != nil {
  8094  		return nil, gensupport.WrapError(err)
  8095  	}
  8096  	ret := &Operation{
  8097  		ServerResponse: googleapi.ServerResponse{
  8098  			Header:         res.Header,
  8099  			HTTPStatusCode: res.StatusCode,
  8100  		},
  8101  	}
  8102  	target := &ret
  8103  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8104  		return nil, err
  8105  	}
  8106  	return ret, nil
  8107  }
  8108  
  8109  type ProjectsLocationsOperationsListCall struct {
  8110  	s            *Service
  8111  	name         string
  8112  	urlParams_   gensupport.URLParams
  8113  	ifNoneMatch_ string
  8114  	ctx_         context.Context
  8115  	header_      http.Header
  8116  }
  8117  
  8118  // List: Lists operations that match the specified filter in the request. If
  8119  // the server doesn't support this method, it returns `UNIMPLEMENTED`.
  8120  //
  8121  // - name: The name of the operation's parent resource.
  8122  func (r *ProjectsLocationsOperationsService) List(name string) *ProjectsLocationsOperationsListCall {
  8123  	c := &ProjectsLocationsOperationsListCall{s: r.s, urlParams_: make(gensupport.URLParams)}
  8124  	c.name = name
  8125  	return c
  8126  }
  8127  
  8128  // Filter sets the optional parameter "filter": The standard list filter.
  8129  func (c *ProjectsLocationsOperationsListCall) Filter(filter string) *ProjectsLocationsOperationsListCall {
  8130  	c.urlParams_.Set("filter", filter)
  8131  	return c
  8132  }
  8133  
  8134  // PageSize sets the optional parameter "pageSize": The standard list page
  8135  // size.
  8136  func (c *ProjectsLocationsOperationsListCall) PageSize(pageSize int64) *ProjectsLocationsOperationsListCall {
  8137  	c.urlParams_.Set("pageSize", fmt.Sprint(pageSize))
  8138  	return c
  8139  }
  8140  
  8141  // PageToken sets the optional parameter "pageToken": The standard list page
  8142  // token.
  8143  func (c *ProjectsLocationsOperationsListCall) PageToken(pageToken string) *ProjectsLocationsOperationsListCall {
  8144  	c.urlParams_.Set("pageToken", pageToken)
  8145  	return c
  8146  }
  8147  
  8148  // Fields allows partial responses to be retrieved. See
  8149  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
  8150  // details.
  8151  func (c *ProjectsLocationsOperationsListCall) Fields(s ...googleapi.Field) *ProjectsLocationsOperationsListCall {
  8152  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
  8153  	return c
  8154  }
  8155  
  8156  // IfNoneMatch sets an optional parameter which makes the operation fail if the
  8157  // object's ETag matches the given value. This is useful for getting updates
  8158  // only after the object has changed since the last request.
  8159  func (c *ProjectsLocationsOperationsListCall) IfNoneMatch(entityTag string) *ProjectsLocationsOperationsListCall {
  8160  	c.ifNoneMatch_ = entityTag
  8161  	return c
  8162  }
  8163  
  8164  // Context sets the context to be used in this call's Do method.
  8165  func (c *ProjectsLocationsOperationsListCall) Context(ctx context.Context) *ProjectsLocationsOperationsListCall {
  8166  	c.ctx_ = ctx
  8167  	return c
  8168  }
  8169  
  8170  // Header returns a http.Header that can be modified by the caller to add
  8171  // headers to the request.
  8172  func (c *ProjectsLocationsOperationsListCall) Header() http.Header {
  8173  	if c.header_ == nil {
  8174  		c.header_ = make(http.Header)
  8175  	}
  8176  	return c.header_
  8177  }
  8178  
  8179  func (c *ProjectsLocationsOperationsListCall) doRequest(alt string) (*http.Response, error) {
  8180  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "", c.header_)
  8181  	if c.ifNoneMatch_ != "" {
  8182  		reqHeaders.Set("If-None-Match", c.ifNoneMatch_)
  8183  	}
  8184  	var body io.Reader = nil
  8185  	c.urlParams_.Set("alt", alt)
  8186  	c.urlParams_.Set("prettyPrint", "false")
  8187  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/{+name}/operations")
  8188  	urls += "?" + c.urlParams_.Encode()
  8189  	req, err := http.NewRequest("GET", urls, body)
  8190  	if err != nil {
  8191  		return nil, err
  8192  	}
  8193  	req.Header = reqHeaders
  8194  	googleapi.Expand(req.URL, map[string]string{
  8195  		"name": c.name,
  8196  	})
  8197  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
  8198  }
  8199  
  8200  // Do executes the "privateca.projects.locations.operations.list" call.
  8201  // Any non-2xx status code is an error. Response headers are in either
  8202  // *ListOperationsResponse.ServerResponse.Header or (if a response was returned
  8203  // at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to
  8204  // check whether the returned error was because http.StatusNotModified was
  8205  // returned.
  8206  func (c *ProjectsLocationsOperationsListCall) Do(opts ...googleapi.CallOption) (*ListOperationsResponse, error) {
  8207  	gensupport.SetOptions(c.urlParams_, opts...)
  8208  	res, err := c.doRequest("json")
  8209  	if res != nil && res.StatusCode == http.StatusNotModified {
  8210  		if res.Body != nil {
  8211  			res.Body.Close()
  8212  		}
  8213  		return nil, gensupport.WrapError(&googleapi.Error{
  8214  			Code:   res.StatusCode,
  8215  			Header: res.Header,
  8216  		})
  8217  	}
  8218  	if err != nil {
  8219  		return nil, err
  8220  	}
  8221  	defer googleapi.CloseBody(res)
  8222  	if err := googleapi.CheckResponse(res); err != nil {
  8223  		return nil, gensupport.WrapError(err)
  8224  	}
  8225  	ret := &ListOperationsResponse{
  8226  		ServerResponse: googleapi.ServerResponse{
  8227  			Header:         res.Header,
  8228  			HTTPStatusCode: res.StatusCode,
  8229  		},
  8230  	}
  8231  	target := &ret
  8232  	if err := gensupport.DecodeResponse(target, res); err != nil {
  8233  		return nil, err
  8234  	}
  8235  	return ret, nil
  8236  }
  8237  
  8238  // Pages invokes f for each page of results.
  8239  // A non-nil error returned from f will halt the iteration.
  8240  // The provided context supersedes any context provided to the Context method.
  8241  func (c *ProjectsLocationsOperationsListCall) Pages(ctx context.Context, f func(*ListOperationsResponse) error) error {
  8242  	c.ctx_ = ctx
  8243  	defer c.PageToken(c.urlParams_.Get("pageToken"))
  8244  	for {
  8245  		x, err := c.Do()
  8246  		if err != nil {
  8247  			return err
  8248  		}
  8249  		if err := f(x); err != nil {
  8250  			return err
  8251  		}
  8252  		if x.NextPageToken == "" {
  8253  			return nil
  8254  		}
  8255  		c.PageToken(x.NextPageToken)
  8256  	}
  8257  }
  8258  

View as plain text