auth.pb.go

Documentation: google.golang.org/genproto/googleapis/api/serviceconfig

     1  // Copyright 2024 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Code generated by protoc-gen-go. DO NOT EDIT.
    16  // versions:
    17  // 	protoc-gen-go v1.26.0
    18  // 	protoc        v4.24.4
    19  // source: google/api/auth.proto
    20  
    21  package serviceconfig
    22  
    23  import (
    24  	reflect "reflect"
    25  	sync "sync"
    26  
    27  	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
    28  	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
    29  )
    30  
    31  const (
    32  	// Verify that this generated code is sufficiently up-to-date.
    33  	_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
    34  	// Verify that runtime/protoimpl is sufficiently up-to-date.
    35  	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
    36  )
    37  
    38  // `Authentication` defines the authentication configuration for API methods
    39  // provided by an API service.
    40  //
    41  // Example:
    42  //
    43  //	name: calendar.googleapis.com
    44  //	authentication:
    45  //	  providers:
    46  //	  - id: google_calendar_auth
    47  //	    jwks_uri: https://www.googleapis.com/oauth2/v1/certs
    48  //	    issuer: https://securetoken.google.com
    49  //	  rules:
    50  //	  - selector: "*"
    51  //	    requirements:
    52  //	      provider_id: google_calendar_auth
    53  //	  - selector: google.calendar.Delegate
    54  //	    oauth:
    55  //	      canonical_scopes: https://www.googleapis.com/auth/calendar.read
    56  type Authentication struct {
    57  	state         protoimpl.MessageState
    58  	sizeCache     protoimpl.SizeCache
    59  	unknownFields protoimpl.UnknownFields
    60  
    61  	// A list of authentication rules that apply to individual API methods.
    62  	//
    63  	// **NOTE:** All service configuration rules follow "last one wins" order.
    64  	Rules []*AuthenticationRule `protobuf:"bytes,3,rep,name=rules,proto3" json:"rules,omitempty"`
    65  	// Defines a set of authentication providers that a service supports.
    66  	Providers []*AuthProvider `protobuf:"bytes,4,rep,name=providers,proto3" json:"providers,omitempty"`
    67  }
    68  
    69  func (x *Authentication) Reset() {
    70  	*x = Authentication{}
    71  	if protoimpl.UnsafeEnabled {
    72  		mi := &file_google_api_auth_proto_msgTypes[0]
    73  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
    74  		ms.StoreMessageInfo(mi)
    75  	}
    76  }
    77  
    78  func (x *Authentication) String() string {
    79  	return protoimpl.X.MessageStringOf(x)
    80  }
    81  
    82  func (*Authentication) ProtoMessage() {}
    83  
    84  func (x *Authentication) ProtoReflect() protoreflect.Message {
    85  	mi := &file_google_api_auth_proto_msgTypes[0]
    86  	if protoimpl.UnsafeEnabled && x != nil {
    87  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
    88  		if ms.LoadMessageInfo() == nil {
    89  			ms.StoreMessageInfo(mi)
    90  		}
    91  		return ms
    92  	}
    93  	return mi.MessageOf(x)
    94  }
    95  
    96  // Deprecated: Use Authentication.ProtoReflect.Descriptor instead.
    97  func (*Authentication) Descriptor() ([]byte, []int) {
    98  	return file_google_api_auth_proto_rawDescGZIP(), []int{0}
    99  }
   100  
   101  func (x *Authentication) GetRules() []*AuthenticationRule {
   102  	if x != nil {
   103  		return x.Rules
   104  	}
   105  	return nil
   106  }
   107  
   108  func (x *Authentication) GetProviders() []*AuthProvider {
   109  	if x != nil {
   110  		return x.Providers
   111  	}
   112  	return nil
   113  }
   114  
   115  // Authentication rules for the service.
   116  //
   117  // By default, if a method has any authentication requirements, every request
   118  // must include a valid credential matching one of the requirements.
   119  // It's an error to include more than one kind of credential in a single
   120  // request.
   121  //
   122  // If a method doesn't have any auth requirements, request credentials will be
   123  // ignored.
   124  type AuthenticationRule struct {
   125  	state         protoimpl.MessageState
   126  	sizeCache     protoimpl.SizeCache
   127  	unknownFields protoimpl.UnknownFields
   128  
   129  	// Selects the methods to which this rule applies.
   130  	//
   131  	// Refer to [selector][google.api.DocumentationRule.selector] for syntax
   132  	// details.
   133  	Selector string `protobuf:"bytes,1,opt,name=selector,proto3" json:"selector,omitempty"`
   134  	// The requirements for OAuth credentials.
   135  	Oauth *OAuthRequirements `protobuf:"bytes,2,opt,name=oauth,proto3" json:"oauth,omitempty"`
   136  	// If true, the service accepts API keys without any other credential.
   137  	// This flag only applies to HTTP and gRPC requests.
   138  	AllowWithoutCredential bool `protobuf:"varint,5,opt,name=allow_without_credential,json=allowWithoutCredential,proto3" json:"allow_without_credential,omitempty"`
   139  	// Requirements for additional authentication providers.
   140  	Requirements []*AuthRequirement `protobuf:"bytes,7,rep,name=requirements,proto3" json:"requirements,omitempty"`
   141  }
   142  
   143  func (x *AuthenticationRule) Reset() {
   144  	*x = AuthenticationRule{}
   145  	if protoimpl.UnsafeEnabled {
   146  		mi := &file_google_api_auth_proto_msgTypes[1]
   147  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   148  		ms.StoreMessageInfo(mi)
   149  	}
   150  }
   151  
   152  func (x *AuthenticationRule) String() string {
   153  	return protoimpl.X.MessageStringOf(x)
   154  }
   155  
   156  func (*AuthenticationRule) ProtoMessage() {}
   157  
   158  func (x *AuthenticationRule) ProtoReflect() protoreflect.Message {
   159  	mi := &file_google_api_auth_proto_msgTypes[1]
   160  	if protoimpl.UnsafeEnabled && x != nil {
   161  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   162  		if ms.LoadMessageInfo() == nil {
   163  			ms.StoreMessageInfo(mi)
   164  		}
   165  		return ms
   166  	}
   167  	return mi.MessageOf(x)
   168  }
   169  
   170  // Deprecated: Use AuthenticationRule.ProtoReflect.Descriptor instead.
   171  func (*AuthenticationRule) Descriptor() ([]byte, []int) {
   172  	return file_google_api_auth_proto_rawDescGZIP(), []int{1}
   173  }
   174  
   175  func (x *AuthenticationRule) GetSelector() string {
   176  	if x != nil {
   177  		return x.Selector
   178  	}
   179  	return ""
   180  }
   181  
   182  func (x *AuthenticationRule) GetOauth() *OAuthRequirements {
   183  	if x != nil {
   184  		return x.Oauth
   185  	}
   186  	return nil
   187  }
   188  
   189  func (x *AuthenticationRule) GetAllowWithoutCredential() bool {
   190  	if x != nil {
   191  		return x.AllowWithoutCredential
   192  	}
   193  	return false
   194  }
   195  
   196  func (x *AuthenticationRule) GetRequirements() []*AuthRequirement {
   197  	if x != nil {
   198  		return x.Requirements
   199  	}
   200  	return nil
   201  }
   202  
   203  // Specifies a location to extract JWT from an API request.
   204  type JwtLocation struct {
   205  	state         protoimpl.MessageState
   206  	sizeCache     protoimpl.SizeCache
   207  	unknownFields protoimpl.UnknownFields
   208  
   209  	// Types that are assignable to In:
   210  	//
   211  	//	*JwtLocation_Header
   212  	//	*JwtLocation_Query
   213  	//	*JwtLocation_Cookie
   214  	In isJwtLocation_In `protobuf_oneof:"in"`
   215  	// The value prefix. The value format is "value_prefix{token}"
   216  	// Only applies to "in" header type. Must be empty for "in" query type.
   217  	// If not empty, the header value has to match (case sensitive) this prefix.
   218  	// If not matched, JWT will not be extracted. If matched, JWT will be
   219  	// extracted after the prefix is removed.
   220  	//
   221  	// For example, for "Authorization: Bearer {JWT}",
   222  	// value_prefix="Bearer " with a space at the end.
   223  	ValuePrefix string `protobuf:"bytes,3,opt,name=value_prefix,json=valuePrefix,proto3" json:"value_prefix,omitempty"`
   224  }
   225  
   226  func (x *JwtLocation) Reset() {
   227  	*x = JwtLocation{}
   228  	if protoimpl.UnsafeEnabled {
   229  		mi := &file_google_api_auth_proto_msgTypes[2]
   230  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   231  		ms.StoreMessageInfo(mi)
   232  	}
   233  }
   234  
   235  func (x *JwtLocation) String() string {
   236  	return protoimpl.X.MessageStringOf(x)
   237  }
   238  
   239  func (*JwtLocation) ProtoMessage() {}
   240  
   241  func (x *JwtLocation) ProtoReflect() protoreflect.Message {
   242  	mi := &file_google_api_auth_proto_msgTypes[2]
   243  	if protoimpl.UnsafeEnabled && x != nil {
   244  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   245  		if ms.LoadMessageInfo() == nil {
   246  			ms.StoreMessageInfo(mi)
   247  		}
   248  		return ms
   249  	}
   250  	return mi.MessageOf(x)
   251  }
   252  
   253  // Deprecated: Use JwtLocation.ProtoReflect.Descriptor instead.
   254  func (*JwtLocation) Descriptor() ([]byte, []int) {
   255  	return file_google_api_auth_proto_rawDescGZIP(), []int{2}
   256  }
   257  
   258  func (m *JwtLocation) GetIn() isJwtLocation_In {
   259  	if m != nil {
   260  		return m.In
   261  	}
   262  	return nil
   263  }
   264  
   265  func (x *JwtLocation) GetHeader() string {
   266  	if x, ok := x.GetIn().(*JwtLocation_Header); ok {
   267  		return x.Header
   268  	}
   269  	return ""
   270  }
   271  
   272  func (x *JwtLocation) GetQuery() string {
   273  	if x, ok := x.GetIn().(*JwtLocation_Query); ok {
   274  		return x.Query
   275  	}
   276  	return ""
   277  }
   278  
   279  func (x *JwtLocation) GetCookie() string {
   280  	if x, ok := x.GetIn().(*JwtLocation_Cookie); ok {
   281  		return x.Cookie
   282  	}
   283  	return ""
   284  }
   285  
   286  func (x *JwtLocation) GetValuePrefix() string {
   287  	if x != nil {
   288  		return x.ValuePrefix
   289  	}
   290  	return ""
   291  }
   292  
   293  type isJwtLocation_In interface {
   294  	isJwtLocation_In()
   295  }
   296  
   297  type JwtLocation_Header struct {
   298  	// Specifies HTTP header name to extract JWT token.
   299  	Header string `protobuf:"bytes,1,opt,name=header,proto3,oneof"`
   300  }
   301  
   302  type JwtLocation_Query struct {
   303  	// Specifies URL query parameter name to extract JWT token.
   304  	Query string `protobuf:"bytes,2,opt,name=query,proto3,oneof"`
   305  }
   306  
   307  type JwtLocation_Cookie struct {
   308  	// Specifies cookie name to extract JWT token.
   309  	Cookie string `protobuf:"bytes,4,opt,name=cookie,proto3,oneof"`
   310  }
   311  
   312  func (*JwtLocation_Header) isJwtLocation_In() {}
   313  
   314  func (*JwtLocation_Query) isJwtLocation_In() {}
   315  
   316  func (*JwtLocation_Cookie) isJwtLocation_In() {}
   317  
   318  // Configuration for an authentication provider, including support for
   319  // [JSON Web Token
   320  // (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
   321  type AuthProvider struct {
   322  	state         protoimpl.MessageState
   323  	sizeCache     protoimpl.SizeCache
   324  	unknownFields protoimpl.UnknownFields
   325  
   326  	// The unique identifier of the auth provider. It will be referred to by
   327  	// `AuthRequirement.provider_id`.
   328  	//
   329  	// Example: "bookstore_auth".
   330  	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
   331  	// Identifies the principal that issued the JWT. See
   332  	// https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1
   333  	// Usually a URL or an email address.
   334  	//
   335  	// Example: https://securetoken.google.com
   336  	// Example: 1234567-compute@developer.gserviceaccount.com
   337  	Issuer string `protobuf:"bytes,2,opt,name=issuer,proto3" json:"issuer,omitempty"`
   338  	// URL of the provider's public key set to validate signature of the JWT. See
   339  	// [OpenID
   340  	// Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata).
   341  	// Optional if the key set document:
   342  	//   - can be retrieved from
   343  	//     [OpenID
   344  	//     Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
   345  	//     of the issuer.
   346  	//   - can be inferred from the email domain of the issuer (e.g. a Google
   347  	//     service account).
   348  	//
   349  	// Example: https://www.googleapis.com/oauth2/v1/certs
   350  	JwksUri string `protobuf:"bytes,3,opt,name=jwks_uri,json=jwksUri,proto3" json:"jwks_uri,omitempty"`
   351  	// The list of JWT
   352  	// [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
   353  	// that are allowed to access. A JWT containing any of these audiences will
   354  	// be accepted. When this setting is absent, JWTs with audiences:
   355  	//   - "https://[service.name]/[google.protobuf.Api.name]"
   356  	//   - "https://[service.name]/"
   357  	//
   358  	// will be accepted.
   359  	// For example, if no audiences are in the setting, LibraryService API will
   360  	// accept JWTs with the following audiences:
   361  	//
   362  	//	-
   363  	//	https://library-example.googleapis.com/google.example.library.v1.LibraryService
   364  	//	- https://library-example.googleapis.com/
   365  	//
   366  	// Example:
   367  	//
   368  	//	audiences: bookstore_android.apps.googleusercontent.com,
   369  	//	           bookstore_web.apps.googleusercontent.com
   370  	Audiences string `protobuf:"bytes,4,opt,name=audiences,proto3" json:"audiences,omitempty"`
   371  	// Redirect URL if JWT token is required but not present or is expired.
   372  	// Implement authorizationUrl of securityDefinitions in OpenAPI spec.
   373  	AuthorizationUrl string `protobuf:"bytes,5,opt,name=authorization_url,json=authorizationUrl,proto3" json:"authorization_url,omitempty"`
   374  	// Defines the locations to extract the JWT.  For now it is only used by the
   375  	// Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations]
   376  	// (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)
   377  	//
   378  	// JWT locations can be one of HTTP headers, URL query parameters or
   379  	// cookies. The rule is that the first match wins.
   380  	//
   381  	// If not specified,  default to use following 3 locations:
   382  	//  1. Authorization: Bearer
   383  	//  2. x-goog-iap-jwt-assertion
   384  	//  3. access_token query parameter
   385  	//
   386  	// Default locations can be specified as followings:
   387  	//
   388  	//	jwt_locations:
   389  	//	- header: Authorization
   390  	//	  value_prefix: "Bearer "
   391  	//	- header: x-goog-iap-jwt-assertion
   392  	//	- query: access_token
   393  	JwtLocations []*JwtLocation `protobuf:"bytes,6,rep,name=jwt_locations,json=jwtLocations,proto3" json:"jwt_locations,omitempty"`
   394  }
   395  
   396  func (x *AuthProvider) Reset() {
   397  	*x = AuthProvider{}
   398  	if protoimpl.UnsafeEnabled {
   399  		mi := &file_google_api_auth_proto_msgTypes[3]
   400  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   401  		ms.StoreMessageInfo(mi)
   402  	}
   403  }
   404  
   405  func (x *AuthProvider) String() string {
   406  	return protoimpl.X.MessageStringOf(x)
   407  }
   408  
   409  func (*AuthProvider) ProtoMessage() {}
   410  
   411  func (x *AuthProvider) ProtoReflect() protoreflect.Message {
   412  	mi := &file_google_api_auth_proto_msgTypes[3]
   413  	if protoimpl.UnsafeEnabled && x != nil {
   414  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   415  		if ms.LoadMessageInfo() == nil {
   416  			ms.StoreMessageInfo(mi)
   417  		}
   418  		return ms
   419  	}
   420  	return mi.MessageOf(x)
   421  }
   422  
   423  // Deprecated: Use AuthProvider.ProtoReflect.Descriptor instead.
   424  func (*AuthProvider) Descriptor() ([]byte, []int) {
   425  	return file_google_api_auth_proto_rawDescGZIP(), []int{3}
   426  }
   427  
   428  func (x *AuthProvider) GetId() string {
   429  	if x != nil {
   430  		return x.Id
   431  	}
   432  	return ""
   433  }
   434  
   435  func (x *AuthProvider) GetIssuer() string {
   436  	if x != nil {
   437  		return x.Issuer
   438  	}
   439  	return ""
   440  }
   441  
   442  func (x *AuthProvider) GetJwksUri() string {
   443  	if x != nil {
   444  		return x.JwksUri
   445  	}
   446  	return ""
   447  }
   448  
   449  func (x *AuthProvider) GetAudiences() string {
   450  	if x != nil {
   451  		return x.Audiences
   452  	}
   453  	return ""
   454  }
   455  
   456  func (x *AuthProvider) GetAuthorizationUrl() string {
   457  	if x != nil {
   458  		return x.AuthorizationUrl
   459  	}
   460  	return ""
   461  }
   462  
   463  func (x *AuthProvider) GetJwtLocations() []*JwtLocation {
   464  	if x != nil {
   465  		return x.JwtLocations
   466  	}
   467  	return nil
   468  }
   469  
   470  // OAuth scopes are a way to define data and permissions on data. For example,
   471  // there are scopes defined for "Read-only access to Google Calendar" and
   472  // "Access to Cloud Platform". Users can consent to a scope for an application,
   473  // giving it permission to access that data on their behalf.
   474  //
   475  // OAuth scope specifications should be fairly coarse grained; a user will need
   476  // to see and understand the text description of what your scope means.
   477  //
   478  // In most cases: use one or at most two OAuth scopes for an entire family of
   479  // products. If your product has multiple APIs, you should probably be sharing
   480  // the OAuth scope across all of those APIs.
   481  //
   482  // When you need finer grained OAuth consent screens: talk with your product
   483  // management about how developers will use them in practice.
   484  //
   485  // Please note that even though each of the canonical scopes is enough for a
   486  // request to be accepted and passed to the backend, a request can still fail
   487  // due to the backend requiring additional scopes or permissions.
   488  type OAuthRequirements struct {
   489  	state         protoimpl.MessageState
   490  	sizeCache     protoimpl.SizeCache
   491  	unknownFields protoimpl.UnknownFields
   492  
   493  	// The list of publicly documented OAuth scopes that are allowed access. An
   494  	// OAuth token containing any of these scopes will be accepted.
   495  	//
   496  	// Example:
   497  	//
   498  	//	canonical_scopes: https://www.googleapis.com/auth/calendar,
   499  	//	                  https://www.googleapis.com/auth/calendar.read
   500  	CanonicalScopes string `protobuf:"bytes,1,opt,name=canonical_scopes,json=canonicalScopes,proto3" json:"canonical_scopes,omitempty"`
   501  }
   502  
   503  func (x *OAuthRequirements) Reset() {
   504  	*x = OAuthRequirements{}
   505  	if protoimpl.UnsafeEnabled {
   506  		mi := &file_google_api_auth_proto_msgTypes[4]
   507  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   508  		ms.StoreMessageInfo(mi)
   509  	}
   510  }
   511  
   512  func (x *OAuthRequirements) String() string {
   513  	return protoimpl.X.MessageStringOf(x)
   514  }
   515  
   516  func (*OAuthRequirements) ProtoMessage() {}
   517  
   518  func (x *OAuthRequirements) ProtoReflect() protoreflect.Message {
   519  	mi := &file_google_api_auth_proto_msgTypes[4]
   520  	if protoimpl.UnsafeEnabled && x != nil {
   521  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   522  		if ms.LoadMessageInfo() == nil {
   523  			ms.StoreMessageInfo(mi)
   524  		}
   525  		return ms
   526  	}
   527  	return mi.MessageOf(x)
   528  }
   529  
   530  // Deprecated: Use OAuthRequirements.ProtoReflect.Descriptor instead.
   531  func (*OAuthRequirements) Descriptor() ([]byte, []int) {
   532  	return file_google_api_auth_proto_rawDescGZIP(), []int{4}
   533  }
   534  
   535  func (x *OAuthRequirements) GetCanonicalScopes() string {
   536  	if x != nil {
   537  		return x.CanonicalScopes
   538  	}
   539  	return ""
   540  }
   541  
   542  // User-defined authentication requirements, including support for
   543  // [JSON Web Token
   544  // (JWT)](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32).
   545  type AuthRequirement struct {
   546  	state         protoimpl.MessageState
   547  	sizeCache     protoimpl.SizeCache
   548  	unknownFields protoimpl.UnknownFields
   549  
   550  	// [id][google.api.AuthProvider.id] from authentication provider.
   551  	//
   552  	// Example:
   553  	//
   554  	//	provider_id: bookstore_auth
   555  	ProviderId string `protobuf:"bytes,1,opt,name=provider_id,json=providerId,proto3" json:"provider_id,omitempty"`
   556  	// NOTE: This will be deprecated soon, once AuthProvider.audiences is
   557  	// implemented and accepted in all the runtime components.
   558  	//
   559  	// The list of JWT
   560  	// [audiences](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.3).
   561  	// that are allowed to access. A JWT containing any of these audiences will
   562  	// be accepted. When this setting is absent, only JWTs with audience
   563  	// "https://[Service_name][google.api.Service.name]/[API_name][google.protobuf.Api.name]"
   564  	// will be accepted. For example, if no audiences are in the setting,
   565  	// LibraryService API will only accept JWTs with the following audience
   566  	// "https://library-example.googleapis.com/google.example.library.v1.LibraryService".
   567  	//
   568  	// Example:
   569  	//
   570  	//	audiences: bookstore_android.apps.googleusercontent.com,
   571  	//	           bookstore_web.apps.googleusercontent.com
   572  	Audiences string `protobuf:"bytes,2,opt,name=audiences,proto3" json:"audiences,omitempty"`
   573  }
   574  
   575  func (x *AuthRequirement) Reset() {
   576  	*x = AuthRequirement{}
   577  	if protoimpl.UnsafeEnabled {
   578  		mi := &file_google_api_auth_proto_msgTypes[5]
   579  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   580  		ms.StoreMessageInfo(mi)
   581  	}
   582  }
   583  
   584  func (x *AuthRequirement) String() string {
   585  	return protoimpl.X.MessageStringOf(x)
   586  }
   587  
   588  func (*AuthRequirement) ProtoMessage() {}
   589  
   590  func (x *AuthRequirement) ProtoReflect() protoreflect.Message {
   591  	mi := &file_google_api_auth_proto_msgTypes[5]
   592  	if protoimpl.UnsafeEnabled && x != nil {
   593  		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
   594  		if ms.LoadMessageInfo() == nil {
   595  			ms.StoreMessageInfo(mi)
   596  		}
   597  		return ms
   598  	}
   599  	return mi.MessageOf(x)
   600  }
   601  
   602  // Deprecated: Use AuthRequirement.ProtoReflect.Descriptor instead.
   603  func (*AuthRequirement) Descriptor() ([]byte, []int) {
   604  	return file_google_api_auth_proto_rawDescGZIP(), []int{5}
   605  }
   606  
   607  func (x *AuthRequirement) GetProviderId() string {
   608  	if x != nil {
   609  		return x.ProviderId
   610  	}
   611  	return ""
   612  }
   613  
   614  func (x *AuthRequirement) GetAudiences() string {
   615  	if x != nil {
   616  		return x.Audiences
   617  	}
   618  	return ""
   619  }
   620  
   621  var File_google_api_auth_proto protoreflect.FileDescriptor
   622  
   623  var file_google_api_auth_proto_rawDesc = []byte{
   624  	0x0a, 0x15, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x75, 0x74,
   625  	0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0a, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
   626  	0x61, 0x70, 0x69, 0x22, 0x7e, 0x0a, 0x0e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63,
   627  	0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x34, 0x0a, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x18, 0x03,
   628  	0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70,
   629  	0x69, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e,
   630  	0x52, 0x75, 0x6c, 0x65, 0x52, 0x05, 0x72, 0x75, 0x6c, 0x65, 0x73, 0x12, 0x36, 0x0a, 0x09, 0x70,
   631  	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x18,
   632  	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x41, 0x75, 0x74, 0x68,
   633  	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x52, 0x09, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64,
   634  	0x65, 0x72, 0x73, 0x22, 0xe0, 0x01, 0x0a, 0x12, 0x41, 0x75, 0x74, 0x68, 0x65, 0x6e, 0x74, 0x69,
   635  	0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x75, 0x6c, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x65,
   636  	0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x73, 0x65,
   637  	0x6c, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x12, 0x33, 0x0a, 0x05, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x18,
   638  	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61,
   639  	0x70, 0x69, 0x2e, 0x4f, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d,
   640  	0x65, 0x6e, 0x74, 0x73, 0x52, 0x05, 0x6f, 0x61, 0x75, 0x74, 0x68, 0x12, 0x38, 0x0a, 0x18, 0x61,
   641  	0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x77, 0x69, 0x74, 0x68, 0x6f, 0x75, 0x74, 0x5f, 0x63, 0x72, 0x65,
   642  	0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x16, 0x61,
   643  	0x6c, 0x6c, 0x6f, 0x77, 0x57, 0x69, 0x74, 0x68, 0x6f, 0x75, 0x74, 0x43, 0x72, 0x65, 0x64, 0x65,
   644  	0x6e, 0x74, 0x69, 0x61, 0x6c, 0x12, 0x3f, 0x0a, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65,
   645  	0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x67, 0x6f,
   646  	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x52, 0x65, 0x71,
   647  	0x75, 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x52, 0x0c, 0x72, 0x65, 0x71, 0x75, 0x69, 0x72,
   648  	0x65, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x82, 0x01, 0x0a, 0x0b, 0x4a, 0x77, 0x74, 0x4c, 0x6f,
   649  	0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
   650  	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72,
   651  	0x12, 0x16, 0x0a, 0x05, 0x71, 0x75, 0x65, 0x72, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x48,
   652  	0x00, 0x52, 0x05, 0x71, 0x75, 0x65, 0x72, 0x79, 0x12, 0x18, 0x0a, 0x06, 0x63, 0x6f, 0x6f, 0x6b,
   653  	0x69, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x48, 0x00, 0x52, 0x06, 0x63, 0x6f, 0x6f, 0x6b,
   654  	0x69, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x5f, 0x70, 0x72, 0x65, 0x66,
   655  	0x69, 0x78, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x50,
   656  	0x72, 0x65, 0x66, 0x69, 0x78, 0x42, 0x04, 0x0a, 0x02, 0x69, 0x6e, 0x22, 0xda, 0x01, 0x0a, 0x0c,
   657  	0x41, 0x75, 0x74, 0x68, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02,
   658  	0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x16, 0x0a, 0x06,
   659  	0x69, 0x73, 0x73, 0x75, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x69, 0x73,
   660  	0x73, 0x75, 0x65, 0x72, 0x12, 0x19, 0x0a, 0x08, 0x6a, 0x77, 0x6b, 0x73, 0x5f, 0x75, 0x72, 0x69,
   661  	0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x6a, 0x77, 0x6b, 0x73, 0x55, 0x72, 0x69, 0x12,
   662  	0x1c, 0x0a, 0x09, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x04, 0x20, 0x01,
   663  	0x28, 0x09, 0x52, 0x09, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x12, 0x2b, 0x0a,
   664  	0x11, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x75,
   665  	0x72, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x61, 0x75, 0x74, 0x68, 0x6f, 0x72,
   666  	0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x55, 0x72, 0x6c, 0x12, 0x3c, 0x0a, 0x0d, 0x6a, 0x77,
   667  	0x74, 0x5f, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28,
   668  	0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x4a,
   669  	0x77, 0x74, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0c, 0x6a, 0x77, 0x74, 0x4c,
   670  	0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x3e, 0x0a, 0x11, 0x4f, 0x41, 0x75, 0x74,
   671  	0x68, 0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x29, 0x0a,
   672  	0x10, 0x63, 0x61, 0x6e, 0x6f, 0x6e, 0x69, 0x63, 0x61, 0x6c, 0x5f, 0x73, 0x63, 0x6f, 0x70, 0x65,
   673  	0x73, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x61, 0x6e, 0x6f, 0x6e, 0x69, 0x63,
   674  	0x61, 0x6c, 0x53, 0x63, 0x6f, 0x70, 0x65, 0x73, 0x22, 0x50, 0x0a, 0x0f, 0x41, 0x75, 0x74, 0x68,
   675  	0x52, 0x65, 0x71, 0x75, 0x69, 0x72, 0x65, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x70,
   676  	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
   677  	0x52, 0x0a, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09,
   678  	0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
   679  	0x09, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x73, 0x42, 0x6b, 0x0a, 0x0e, 0x63, 0x6f,
   680  	0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x61, 0x70, 0x69, 0x42, 0x09, 0x41, 0x75,
   681  	0x74, 0x68, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x45, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
   682  	0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e,
   683  	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
   684  	0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x63, 0x6f, 0x6e, 0x66,
   685  	0x69, 0x67, 0x3b, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67,
   686  	0xa2, 0x02, 0x04, 0x47, 0x41, 0x50, 0x49, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
   687  }
   688  
   689  var (
   690  	file_google_api_auth_proto_rawDescOnce sync.Once
   691  	file_google_api_auth_proto_rawDescData = file_google_api_auth_proto_rawDesc
   692  )
   693  
   694  func file_google_api_auth_proto_rawDescGZIP() []byte {
   695  	file_google_api_auth_proto_rawDescOnce.Do(func() {
   696  		file_google_api_auth_proto_rawDescData = protoimpl.X.CompressGZIP(file_google_api_auth_proto_rawDescData)
   697  	})
   698  	return file_google_api_auth_proto_rawDescData
   699  }
   700  
   701  var file_google_api_auth_proto_msgTypes = make([]protoimpl.MessageInfo, 6)
   702  var file_google_api_auth_proto_goTypes = []interface{}{
   703  	(*Authentication)(nil),     // 0: google.api.Authentication
   704  	(*AuthenticationRule)(nil), // 1: google.api.AuthenticationRule
   705  	(*JwtLocation)(nil),        // 2: google.api.JwtLocation
   706  	(*AuthProvider)(nil),       // 3: google.api.AuthProvider
   707  	(*OAuthRequirements)(nil),  // 4: google.api.OAuthRequirements
   708  	(*AuthRequirement)(nil),    // 5: google.api.AuthRequirement
   709  }
   710  var file_google_api_auth_proto_depIdxs = []int32{
   711  	1, // 0: google.api.Authentication.rules:type_name -> google.api.AuthenticationRule
   712  	3, // 1: google.api.Authentication.providers:type_name -> google.api.AuthProvider
   713  	4, // 2: google.api.AuthenticationRule.oauth:type_name -> google.api.OAuthRequirements
   714  	5, // 3: google.api.AuthenticationRule.requirements:type_name -> google.api.AuthRequirement
   715  	2, // 4: google.api.AuthProvider.jwt_locations:type_name -> google.api.JwtLocation
   716  	5, // [5:5] is the sub-list for method output_type
   717  	5, // [5:5] is the sub-list for method input_type
   718  	5, // [5:5] is the sub-list for extension type_name
   719  	5, // [5:5] is the sub-list for extension extendee
   720  	0, // [0:5] is the sub-list for field type_name
   721  }
   722  
   723  func init() { file_google_api_auth_proto_init() }
   724  func file_google_api_auth_proto_init() {
   725  	if File_google_api_auth_proto != nil {
   726  		return
   727  	}
   728  	if !protoimpl.UnsafeEnabled {
   729  		file_google_api_auth_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
   730  			switch v := v.(*Authentication); i {
   731  			case 0:
   732  				return &v.state
   733  			case 1:
   734  				return &v.sizeCache
   735  			case 2:
   736  				return &v.unknownFields
   737  			default:
   738  				return nil
   739  			}
   740  		}
   741  		file_google_api_auth_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
   742  			switch v := v.(*AuthenticationRule); i {
   743  			case 0:
   744  				return &v.state
   745  			case 1:
   746  				return &v.sizeCache
   747  			case 2:
   748  				return &v.unknownFields
   749  			default:
   750  				return nil
   751  			}
   752  		}
   753  		file_google_api_auth_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
   754  			switch v := v.(*JwtLocation); i {
   755  			case 0:
   756  				return &v.state
   757  			case 1:
   758  				return &v.sizeCache
   759  			case 2:
   760  				return &v.unknownFields
   761  			default:
   762  				return nil
   763  			}
   764  		}
   765  		file_google_api_auth_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
   766  			switch v := v.(*AuthProvider); i {
   767  			case 0:
   768  				return &v.state
   769  			case 1:
   770  				return &v.sizeCache
   771  			case 2:
   772  				return &v.unknownFields
   773  			default:
   774  				return nil
   775  			}
   776  		}
   777  		file_google_api_auth_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
   778  			switch v := v.(*OAuthRequirements); i {
   779  			case 0:
   780  				return &v.state
   781  			case 1:
   782  				return &v.sizeCache
   783  			case 2:
   784  				return &v.unknownFields
   785  			default:
   786  				return nil
   787  			}
   788  		}
   789  		file_google_api_auth_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
   790  			switch v := v.(*AuthRequirement); i {
   791  			case 0:
   792  				return &v.state
   793  			case 1:
   794  				return &v.sizeCache
   795  			case 2:
   796  				return &v.unknownFields
   797  			default:
   798  				return nil
   799  			}
   800  		}
   801  	}
   802  	file_google_api_auth_proto_msgTypes[2].OneofWrappers = []interface{}{
   803  		(*JwtLocation_Header)(nil),
   804  		(*JwtLocation_Query)(nil),
   805  		(*JwtLocation_Cookie)(nil),
   806  	}
   807  	type x struct{}
   808  	out := protoimpl.TypeBuilder{
   809  		File: protoimpl.DescBuilder{
   810  			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
   811  			RawDescriptor: file_google_api_auth_proto_rawDesc,
   812  			NumEnums:      0,
   813  			NumMessages:   6,
   814  			NumExtensions: 0,
   815  			NumServices:   0,
   816  		},
   817  		GoTypes:           file_google_api_auth_proto_goTypes,
   818  		DependencyIndexes: file_google_api_auth_proto_depIdxs,
   819  		MessageInfos:      file_google_api_auth_proto_msgTypes,
   820  	}.Build()
   821  	File_google_api_auth_proto = out.File
   822  	file_google_api_auth_proto_rawDesc = nil
   823  	file_google_api_auth_proto_goTypes = nil
   824  	file_google_api_auth_proto_depIdxs = nil
   825  }
   826
View as plain text