verifiedaccess-gen.go

Documentation: google.golang.org/api/verifiedaccess/v1

     1  // Copyright 2024 Google LLC.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // Code generated file. DO NOT EDIT.
     6  
     7  // Package verifiedaccess provides access to the Chrome Verified Access API.
     8  //
     9  // For product documentation, see: https://developers.google.com/chrome/verified-access
    10  //
    11  // # Library status
    12  //
    13  // These client libraries are officially supported by Google. However, this
    14  // library is considered complete and is in maintenance mode. This means
    15  // that we will address critical bugs and security issues but will not add
    16  // any new features.
    17  //
    18  // When possible, we recommend using our newer
    19  // [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go)
    20  // that are still actively being worked and iterated on.
    21  //
    22  // # Creating a client
    23  //
    24  // Usage example:
    25  //
    26  //	import "google.golang.org/api/verifiedaccess/v1"
    27  //	...
    28  //	ctx := context.Background()
    29  //	verifiedaccessService, err := verifiedaccess.NewService(ctx)
    30  //
    31  // In this example, Google Application Default Credentials are used for
    32  // authentication. For information on how to create and obtain Application
    33  // Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.
    34  //
    35  // # Other authentication options
    36  //
    37  // To use an API key for authentication (note: some APIs do not support API
    38  // keys), use [google.golang.org/api/option.WithAPIKey]:
    39  //
    40  //	verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithAPIKey("AIza..."))
    41  //
    42  // To use an OAuth token (e.g., a user token obtained via a three-legged OAuth
    43  // flow, use [google.golang.org/api/option.WithTokenSource]:
    44  //
    45  //	config := &oauth2.Config{...}
    46  //	// ...
    47  //	token, err := config.Exchange(ctx, ...)
    48  //	verifiedaccessService, err := verifiedaccess.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))
    49  //
    50  // See [google.golang.org/api/option.ClientOption] for details on options.
    51  package verifiedaccess // import "google.golang.org/api/verifiedaccess/v1"
    52  
    53  import (
    54  	"bytes"
    55  	"context"
    56  	"encoding/json"
    57  	"errors"
    58  	"fmt"
    59  	"io"
    60  	"net/http"
    61  	"net/url"
    62  	"strconv"
    63  	"strings"
    64  
    65  	googleapi "google.golang.org/api/googleapi"
    66  	internal "google.golang.org/api/internal"
    67  	gensupport "google.golang.org/api/internal/gensupport"
    68  	option "google.golang.org/api/option"
    69  	internaloption "google.golang.org/api/option/internaloption"
    70  	htransport "google.golang.org/api/transport/http"
    71  )
    72  
    73  // Always reference these packages, just in case the auto-generated code
    74  // below doesn't.
    75  var _ = bytes.NewBuffer
    76  var _ = strconv.Itoa
    77  var _ = fmt.Sprintf
    78  var _ = json.NewDecoder
    79  var _ = io.Copy
    80  var _ = url.Parse
    81  var _ = gensupport.MarshalJSON
    82  var _ = googleapi.Version
    83  var _ = errors.New
    84  var _ = strings.Replace
    85  var _ = context.Canceled
    86  var _ = internaloption.WithDefaultEndpoint
    87  var _ = internal.Version
    88  
    89  const apiId = "verifiedaccess:v1"
    90  const apiName = "verifiedaccess"
    91  const apiVersion = "v1"
    92  const basePath = "https://verifiedaccess.googleapis.com/"
    93  const basePathTemplate = "https://verifiedaccess.UNIVERSE_DOMAIN/"
    94  const mtlsBasePath = "https://verifiedaccess.mtls.googleapis.com/"
    95  
    96  // OAuth2 scopes used by this API.
    97  const (
    98  	// Verify your enterprise credentials
    99  	VerifiedaccessScope = "https://www.googleapis.com/auth/verifiedaccess"
   100  )
   101  
   102  // NewService creates a new Service.
   103  func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error) {
   104  	scopesOption := internaloption.WithDefaultScopes(
   105  		"https://www.googleapis.com/auth/verifiedaccess",
   106  	)
   107  	// NOTE: prepend, so we don't override user-specified scopes.
   108  	opts = append([]option.ClientOption{scopesOption}, opts...)
   109  	opts = append(opts, internaloption.WithDefaultEndpoint(basePath))
   110  	opts = append(opts, internaloption.WithDefaultEndpointTemplate(basePathTemplate))
   111  	opts = append(opts, internaloption.WithDefaultMTLSEndpoint(mtlsBasePath))
   112  	opts = append(opts, internaloption.EnableNewAuthLibrary())
   113  	client, endpoint, err := htransport.NewClient(ctx, opts...)
   114  	if err != nil {
   115  		return nil, err
   116  	}
   117  	s, err := New(client)
   118  	if err != nil {
   119  		return nil, err
   120  	}
   121  	if endpoint != "" {
   122  		s.BasePath = endpoint
   123  	}
   124  	return s, nil
   125  }
   126  
   127  // New creates a new Service. It uses the provided http.Client for requests.
   128  //
   129  // Deprecated: please use NewService instead.
   130  // To provide a custom HTTP client, use option.WithHTTPClient.
   131  // If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.
   132  func New(client *http.Client) (*Service, error) {
   133  	if client == nil {
   134  		return nil, errors.New("client is nil")
   135  	}
   136  	s := &Service{client: client, BasePath: basePath}
   137  	s.Challenge = NewChallengeService(s)
   138  	return s, nil
   139  }
   140  
   141  type Service struct {
   142  	client    *http.Client
   143  	BasePath  string // API endpoint base URL
   144  	UserAgent string // optional additional User-Agent fragment
   145  
   146  	Challenge *ChallengeService
   147  }
   148  
   149  func (s *Service) userAgent() string {
   150  	if s.UserAgent == "" {
   151  		return googleapi.UserAgent
   152  	}
   153  	return googleapi.UserAgent + " " + s.UserAgent
   154  }
   155  
   156  func NewChallengeService(s *Service) *ChallengeService {
   157  	rs := &ChallengeService{s: s}
   158  	return rs
   159  }
   160  
   161  type ChallengeService struct {
   162  	s *Service
   163  }
   164  
   165  // Challenge: Result message for VerifiedAccess.CreateChallenge.
   166  type Challenge struct {
   167  	// AlternativeChallenge: Challenge generated with the old signing key (this
   168  	// will only be present during key rotation)
   169  	AlternativeChallenge *SignedData `json:"alternativeChallenge,omitempty"`
   170  	// Challenge: Generated challenge
   171  	Challenge *SignedData `json:"challenge,omitempty"`
   172  
   173  	// ServerResponse contains the HTTP response code and headers from the server.
   174  	googleapi.ServerResponse `json:"-"`
   175  	// ForceSendFields is a list of field names (e.g. "AlternativeChallenge") to
   176  	// unconditionally include in API requests. By default, fields with empty or
   177  	// default values are omitted from API requests. See
   178  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   179  	// details.
   180  	ForceSendFields []string `json:"-"`
   181  	// NullFields is a list of field names (e.g. "AlternativeChallenge") to include
   182  	// in API requests with the JSON null value. By default, fields with empty
   183  	// values are omitted from API requests. See
   184  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   185  	NullFields []string `json:"-"`
   186  }
   187  
   188  func (s *Challenge) MarshalJSON() ([]byte, error) {
   189  	type NoMethod Challenge
   190  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   191  }
   192  
   193  // Empty: A generic empty message that you can re-use to avoid defining
   194  // duplicated empty messages in your APIs. A typical example is to use it as
   195  // the request or the response type of an API method. For instance: service Foo
   196  // { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }
   197  type Empty struct {
   198  }
   199  
   200  // SignedData: The wrapper message of any data and its signature.
   201  type SignedData struct {
   202  	// Data: The data to be signed.
   203  	Data string `json:"data,omitempty"`
   204  	// Signature: The signature of the data field.
   205  	Signature string `json:"signature,omitempty"`
   206  	// ForceSendFields is a list of field names (e.g. "Data") to unconditionally
   207  	// include in API requests. By default, fields with empty or default values are
   208  	// omitted from API requests. See
   209  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   210  	// details.
   211  	ForceSendFields []string `json:"-"`
   212  	// NullFields is a list of field names (e.g. "Data") to include in API requests
   213  	// with the JSON null value. By default, fields with empty values are omitted
   214  	// from API requests. See
   215  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   216  	NullFields []string `json:"-"`
   217  }
   218  
   219  func (s *SignedData) MarshalJSON() ([]byte, error) {
   220  	type NoMethod SignedData
   221  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   222  }
   223  
   224  // VerifyChallengeResponseRequest: signed ChallengeResponse
   225  type VerifyChallengeResponseRequest struct {
   226  	// ChallengeResponse: The generated response to the challenge
   227  	ChallengeResponse *SignedData `json:"challengeResponse,omitempty"`
   228  	// ExpectedIdentity: Service can optionally provide identity information about
   229  	// the device or user associated with the key. For an EMK, this value is the
   230  	// enrolled domain. For an EUK, this value is the user's email address. If
   231  	// present, this value will be checked against contents of the response, and
   232  	// verification will fail if there is no match.
   233  	ExpectedIdentity string `json:"expectedIdentity,omitempty"`
   234  	// ForceSendFields is a list of field names (e.g. "ChallengeResponse") to
   235  	// unconditionally include in API requests. By default, fields with empty or
   236  	// default values are omitted from API requests. See
   237  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   238  	// details.
   239  	ForceSendFields []string `json:"-"`
   240  	// NullFields is a list of field names (e.g. "ChallengeResponse") to include in
   241  	// API requests with the JSON null value. By default, fields with empty values
   242  	// are omitted from API requests. See
   243  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   244  	NullFields []string `json:"-"`
   245  }
   246  
   247  func (s *VerifyChallengeResponseRequest) MarshalJSON() ([]byte, error) {
   248  	type NoMethod VerifyChallengeResponseRequest
   249  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   250  }
   251  
   252  // VerifyChallengeResponseResult: Result message for
   253  // VerifiedAccess.VerifyChallengeResponse.
   254  type VerifyChallengeResponseResult struct {
   255  	// AttestedDeviceId: Attested device id (ADID) of the device, read from the
   256  	// verified data.
   257  	AttestedDeviceId string `json:"attestedDeviceId,omitempty"`
   258  	// DeviceEnrollmentId: Device enrollment id is returned in this field (for the
   259  	// machine response only).
   260  	DeviceEnrollmentId string `json:"deviceEnrollmentId,omitempty"`
   261  	// DevicePermanentId: Device permanent id is returned in this field (for the
   262  	// machine response only).
   263  	DevicePermanentId string `json:"devicePermanentId,omitempty"`
   264  	// SignedPublicKeyAndChallenge: Certificate Signing Request (in the SPKAC
   265  	// format, base64 encoded) is returned in this field. This field will be set
   266  	// only if device has included CSR in its challenge response. (the option to
   267  	// include CSR is now available for both user and machine responses)
   268  	SignedPublicKeyAndChallenge string `json:"signedPublicKeyAndChallenge,omitempty"`
   269  	// VerificationOutput: For EMCert check, device permanent id is returned here.
   270  	// For EUCert check, signed_public_key_and_challenge [base64 encoded] is
   271  	// returned if present, otherwise empty string is returned. This field is
   272  	// deprecated, please use device_permanent_id or
   273  	// signed_public_key_and_challenge fields.
   274  	VerificationOutput string `json:"verificationOutput,omitempty"`
   275  
   276  	// ServerResponse contains the HTTP response code and headers from the server.
   277  	googleapi.ServerResponse `json:"-"`
   278  	// ForceSendFields is a list of field names (e.g. "AttestedDeviceId") to
   279  	// unconditionally include in API requests. By default, fields with empty or
   280  	// default values are omitted from API requests. See
   281  	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
   282  	// details.
   283  	ForceSendFields []string `json:"-"`
   284  	// NullFields is a list of field names (e.g. "AttestedDeviceId") to include in
   285  	// API requests with the JSON null value. By default, fields with empty values
   286  	// are omitted from API requests. See
   287  	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
   288  	NullFields []string `json:"-"`
   289  }
   290  
   291  func (s *VerifyChallengeResponseResult) MarshalJSON() ([]byte, error) {
   292  	type NoMethod VerifyChallengeResponseResult
   293  	return gensupport.MarshalJSON(NoMethod(*s), s.ForceSendFields, s.NullFields)
   294  }
   295  
   296  type ChallengeCreateCall struct {
   297  	s          *Service
   298  	empty      *Empty
   299  	urlParams_ gensupport.URLParams
   300  	ctx_       context.Context
   301  	header_    http.Header
   302  }
   303  
   304  // Create: CreateChallenge API
   305  func (r *ChallengeService) Create(empty *Empty) *ChallengeCreateCall {
   306  	c := &ChallengeCreateCall{s: r.s, urlParams_: make(gensupport.URLParams)}
   307  	c.empty = empty
   308  	return c
   309  }
   310  
   311  // Fields allows partial responses to be retrieved. See
   312  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
   313  // details.
   314  func (c *ChallengeCreateCall) Fields(s ...googleapi.Field) *ChallengeCreateCall {
   315  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
   316  	return c
   317  }
   318  
   319  // Context sets the context to be used in this call's Do method.
   320  func (c *ChallengeCreateCall) Context(ctx context.Context) *ChallengeCreateCall {
   321  	c.ctx_ = ctx
   322  	return c
   323  }
   324  
   325  // Header returns a http.Header that can be modified by the caller to add
   326  // headers to the request.
   327  func (c *ChallengeCreateCall) Header() http.Header {
   328  	if c.header_ == nil {
   329  		c.header_ = make(http.Header)
   330  	}
   331  	return c.header_
   332  }
   333  
   334  func (c *ChallengeCreateCall) doRequest(alt string) (*http.Response, error) {
   335  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
   336  	var body io.Reader = nil
   337  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.empty)
   338  	if err != nil {
   339  		return nil, err
   340  	}
   341  	c.urlParams_.Set("alt", alt)
   342  	c.urlParams_.Set("prettyPrint", "false")
   343  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/challenge")
   344  	urls += "?" + c.urlParams_.Encode()
   345  	req, err := http.NewRequest("POST", urls, body)
   346  	if err != nil {
   347  		return nil, err
   348  	}
   349  	req.Header = reqHeaders
   350  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
   351  }
   352  
   353  // Do executes the "verifiedaccess.challenge.create" call.
   354  // Any non-2xx status code is an error. Response headers are in either
   355  // *Challenge.ServerResponse.Header or (if a response was returned at all) in
   356  // error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check
   357  // whether the returned error was because http.StatusNotModified was returned.
   358  func (c *ChallengeCreateCall) Do(opts ...googleapi.CallOption) (*Challenge, error) {
   359  	gensupport.SetOptions(c.urlParams_, opts...)
   360  	res, err := c.doRequest("json")
   361  	if res != nil && res.StatusCode == http.StatusNotModified {
   362  		if res.Body != nil {
   363  			res.Body.Close()
   364  		}
   365  		return nil, gensupport.WrapError(&googleapi.Error{
   366  			Code:   res.StatusCode,
   367  			Header: res.Header,
   368  		})
   369  	}
   370  	if err != nil {
   371  		return nil, err
   372  	}
   373  	defer googleapi.CloseBody(res)
   374  	if err := googleapi.CheckResponse(res); err != nil {
   375  		return nil, gensupport.WrapError(err)
   376  	}
   377  	ret := &Challenge{
   378  		ServerResponse: googleapi.ServerResponse{
   379  			Header:         res.Header,
   380  			HTTPStatusCode: res.StatusCode,
   381  		},
   382  	}
   383  	target := &ret
   384  	if err := gensupport.DecodeResponse(target, res); err != nil {
   385  		return nil, err
   386  	}
   387  	return ret, nil
   388  }
   389  
   390  type ChallengeVerifyCall struct {
   391  	s                              *Service
   392  	verifychallengeresponserequest *VerifyChallengeResponseRequest
   393  	urlParams_                     gensupport.URLParams
   394  	ctx_                           context.Context
   395  	header_                        http.Header
   396  }
   397  
   398  // Verify: VerifyChallengeResponse API
   399  func (r *ChallengeService) Verify(verifychallengeresponserequest *VerifyChallengeResponseRequest) *ChallengeVerifyCall {
   400  	c := &ChallengeVerifyCall{s: r.s, urlParams_: make(gensupport.URLParams)}
   401  	c.verifychallengeresponserequest = verifychallengeresponserequest
   402  	return c
   403  }
   404  
   405  // Fields allows partial responses to be retrieved. See
   406  // https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more
   407  // details.
   408  func (c *ChallengeVerifyCall) Fields(s ...googleapi.Field) *ChallengeVerifyCall {
   409  	c.urlParams_.Set("fields", googleapi.CombineFields(s))
   410  	return c
   411  }
   412  
   413  // Context sets the context to be used in this call's Do method.
   414  func (c *ChallengeVerifyCall) Context(ctx context.Context) *ChallengeVerifyCall {
   415  	c.ctx_ = ctx
   416  	return c
   417  }
   418  
   419  // Header returns a http.Header that can be modified by the caller to add
   420  // headers to the request.
   421  func (c *ChallengeVerifyCall) Header() http.Header {
   422  	if c.header_ == nil {
   423  		c.header_ = make(http.Header)
   424  	}
   425  	return c.header_
   426  }
   427  
   428  func (c *ChallengeVerifyCall) doRequest(alt string) (*http.Response, error) {
   429  	reqHeaders := gensupport.SetHeaders(c.s.userAgent(), "application/json", c.header_)
   430  	var body io.Reader = nil
   431  	body, err := googleapi.WithoutDataWrapper.JSONReader(c.verifychallengeresponserequest)
   432  	if err != nil {
   433  		return nil, err
   434  	}
   435  	c.urlParams_.Set("alt", alt)
   436  	c.urlParams_.Set("prettyPrint", "false")
   437  	urls := googleapi.ResolveRelative(c.s.BasePath, "v1/challenge:verify")
   438  	urls += "?" + c.urlParams_.Encode()
   439  	req, err := http.NewRequest("POST", urls, body)
   440  	if err != nil {
   441  		return nil, err
   442  	}
   443  	req.Header = reqHeaders
   444  	return gensupport.SendRequest(c.ctx_, c.s.client, req)
   445  }
   446  
   447  // Do executes the "verifiedaccess.challenge.verify" call.
   448  // Any non-2xx status code is an error. Response headers are in either
   449  // *VerifyChallengeResponseResult.ServerResponse.Header or (if a response was
   450  // returned at all) in error.(*googleapi.Error).Header. Use
   451  // googleapi.IsNotModified to check whether the returned error was because
   452  // http.StatusNotModified was returned.
   453  func (c *ChallengeVerifyCall) Do(opts ...googleapi.CallOption) (*VerifyChallengeResponseResult, error) {
   454  	gensupport.SetOptions(c.urlParams_, opts...)
   455  	res, err := c.doRequest("json")
   456  	if res != nil && res.StatusCode == http.StatusNotModified {
   457  		if res.Body != nil {
   458  			res.Body.Close()
   459  		}
   460  		return nil, gensupport.WrapError(&googleapi.Error{
   461  			Code:   res.StatusCode,
   462  			Header: res.Header,
   463  		})
   464  	}
   465  	if err != nil {
   466  		return nil, err
   467  	}
   468  	defer googleapi.CloseBody(res)
   469  	if err := googleapi.CheckResponse(res); err != nil {
   470  		return nil, gensupport.WrapError(err)
   471  	}
   472  	ret := &VerifyChallengeResponseResult{
   473  		ServerResponse: googleapi.ServerResponse{
   474  			Header:         res.Header,
   475  			HTTPStatusCode: res.StatusCode,
   476  		},
   477  	}
   478  	target := &ret
   479  	if err := gensupport.DecodeResponse(target, res); err != nil {
   480  		return nil, err
   481  	}
   482  	return ret, nil
   483  }
   484
View as plain text