|
- // Copyright 2019 Google LLC
- //
- // Licensed under the Apache License, Version 2.0 (the "License");
- // you may not use this file except in compliance with the License.
- // You may obtain a copy of the License at
- //
- // https://www.apache.org/licenses/LICENSE-2.0
- //
- // Unless required by applicable law or agreed to in writing, software
- // distributed under the License is distributed on an "AS IS" BASIS,
- // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- // See the License for the specific language governing permissions and
- // limitations under the License.
-
- // Code generated by gapic-generator. DO NOT EDIT.
-
- package credentials
-
- import (
- "context"
- "time"
-
- gax "github.com/googleapis/gax-go/v2"
- "google.golang.org/api/option"
- "google.golang.org/api/transport"
- credentialspb "google.golang.org/genproto/googleapis/iam/credentials/v1"
- "google.golang.org/grpc"
- "google.golang.org/grpc/codes"
- "google.golang.org/grpc/metadata"
- )
-
- // IamCredentialsCallOptions contains the retry settings for each method of IamCredentialsClient.
- type IamCredentialsCallOptions struct {
- GenerateAccessToken []gax.CallOption
- GenerateIdToken []gax.CallOption
- SignBlob []gax.CallOption
- SignJwt []gax.CallOption
- GenerateIdentityBindingAccessToken []gax.CallOption
- }
-
- func defaultIamCredentialsClientOptions() []option.ClientOption {
- return []option.ClientOption{
- option.WithEndpoint("iamcredentials.googleapis.com:443"),
- option.WithScopes(DefaultAuthScopes()...),
- }
- }
-
- func defaultIamCredentialsCallOptions() *IamCredentialsCallOptions {
- retry := map[[2]string][]gax.CallOption{
- {"default", "idempotent"}: {
- gax.WithRetry(func() gax.Retryer {
- return gax.OnCodes([]codes.Code{
- codes.DeadlineExceeded,
- codes.Unavailable,
- }, gax.Backoff{
- Initial: 100 * time.Millisecond,
- Max: 60000 * time.Millisecond,
- Multiplier: 1.3,
- })
- }),
- },
- }
- return &IamCredentialsCallOptions{
- GenerateAccessToken: retry[[2]string{"default", "idempotent"}],
- GenerateIdToken: retry[[2]string{"default", "idempotent"}],
- SignBlob: retry[[2]string{"default", "idempotent"}],
- SignJwt: retry[[2]string{"default", "idempotent"}],
- GenerateIdentityBindingAccessToken: retry[[2]string{"default", "idempotent"}],
- }
- }
-
- // IamCredentialsClient is a client for interacting with IAM Service Account Credentials API.
- //
- // Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
- type IamCredentialsClient struct {
- // The connection to the service.
- conn *grpc.ClientConn
-
- // The gRPC API client.
- iamCredentialsClient credentialspb.IAMCredentialsClient
-
- // The call options for this service.
- CallOptions *IamCredentialsCallOptions
-
- // The x-goog-* metadata to be sent with each request.
- xGoogMetadata metadata.MD
- }
-
- // NewIamCredentialsClient creates a new iam credentials client.
- //
- // A service account is a special type of Google account that belongs to your
- // application or a virtual machine (VM), instead of to an individual end user.
- // Your application assumes the identity of the service account to call Google
- // APIs, so that the users aren't directly involved.
- //
- // Service account credentials are used to temporarily assume the identity
- // of the service account. Supported credential types include OAuth 2.0 access
- // tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
- // more.
- func NewIamCredentialsClient(ctx context.Context, opts ...option.ClientOption) (*IamCredentialsClient, error) {
- conn, err := transport.DialGRPC(ctx, append(defaultIamCredentialsClientOptions(), opts...)...)
- if err != nil {
- return nil, err
- }
- c := &IamCredentialsClient{
- conn: conn,
- CallOptions: defaultIamCredentialsCallOptions(),
-
- iamCredentialsClient: credentialspb.NewIAMCredentialsClient(conn),
- }
- c.setGoogleClientInfo()
- return c, nil
- }
-
- // Connection returns the client's connection to the API service.
- func (c *IamCredentialsClient) Connection() *grpc.ClientConn {
- return c.conn
- }
-
- // Close closes the connection to the API service. The user should invoke this when
- // the client is no longer required.
- func (c *IamCredentialsClient) Close() error {
- return c.conn.Close()
- }
-
- // setGoogleClientInfo sets the name and version of the application in
- // the `x-goog-api-client` header passed on each request. Intended for
- // use by Google-written clients.
- func (c *IamCredentialsClient) setGoogleClientInfo(keyval ...string) {
- kv := append([]string{"gl-go", versionGo()}, keyval...)
- kv = append(kv, "gapic", versionClient, "gax", gax.Version, "grpc", grpc.Version)
- c.xGoogMetadata = metadata.Pairs("x-goog-api-client", gax.XGoogHeader(kv...))
- }
-
- // GenerateAccessToken generates an OAuth 2.0 access token for a service account.
- func (c *IamCredentialsClient) GenerateAccessToken(ctx context.Context, req *credentialspb.GenerateAccessTokenRequest, opts ...gax.CallOption) (*credentialspb.GenerateAccessTokenResponse, error) {
- ctx = insertMetadata(ctx, c.xGoogMetadata)
- opts = append(c.CallOptions.GenerateAccessToken[0:len(c.CallOptions.GenerateAccessToken):len(c.CallOptions.GenerateAccessToken)], opts...)
- var resp *credentialspb.GenerateAccessTokenResponse
- err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
- var err error
- resp, err = c.iamCredentialsClient.GenerateAccessToken(ctx, req, settings.GRPC...)
- return err
- }, opts...)
- if err != nil {
- return nil, err
- }
- return resp, nil
- }
-
- // GenerateIdToken generates an OpenID Connect ID token for a service account.
- func (c *IamCredentialsClient) GenerateIdToken(ctx context.Context, req *credentialspb.GenerateIdTokenRequest, opts ...gax.CallOption) (*credentialspb.GenerateIdTokenResponse, error) {
- ctx = insertMetadata(ctx, c.xGoogMetadata)
- opts = append(c.CallOptions.GenerateIdToken[0:len(c.CallOptions.GenerateIdToken):len(c.CallOptions.GenerateIdToken)], opts...)
- var resp *credentialspb.GenerateIdTokenResponse
- err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
- var err error
- resp, err = c.iamCredentialsClient.GenerateIdToken(ctx, req, settings.GRPC...)
- return err
- }, opts...)
- if err != nil {
- return nil, err
- }
- return resp, nil
- }
-
- // SignBlob signs a blob using a service account's system-managed private key.
- func (c *IamCredentialsClient) SignBlob(ctx context.Context, req *credentialspb.SignBlobRequest, opts ...gax.CallOption) (*credentialspb.SignBlobResponse, error) {
- ctx = insertMetadata(ctx, c.xGoogMetadata)
- opts = append(c.CallOptions.SignBlob[0:len(c.CallOptions.SignBlob):len(c.CallOptions.SignBlob)], opts...)
- var resp *credentialspb.SignBlobResponse
- err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
- var err error
- resp, err = c.iamCredentialsClient.SignBlob(ctx, req, settings.GRPC...)
- return err
- }, opts...)
- if err != nil {
- return nil, err
- }
- return resp, nil
- }
-
- // SignJwt signs a JWT using a service account's system-managed private key.
- func (c *IamCredentialsClient) SignJwt(ctx context.Context, req *credentialspb.SignJwtRequest, opts ...gax.CallOption) (*credentialspb.SignJwtResponse, error) {
- ctx = insertMetadata(ctx, c.xGoogMetadata)
- opts = append(c.CallOptions.SignJwt[0:len(c.CallOptions.SignJwt):len(c.CallOptions.SignJwt)], opts...)
- var resp *credentialspb.SignJwtResponse
- err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
- var err error
- resp, err = c.iamCredentialsClient.SignJwt(ctx, req, settings.GRPC...)
- return err
- }, opts...)
- if err != nil {
- return nil, err
- }
- return resp, nil
- }
-
- // GenerateIdentityBindingAccessToken exchange a JWT signed by third party identity provider to an OAuth 2.0
- // access token
- func (c *IamCredentialsClient) GenerateIdentityBindingAccessToken(ctx context.Context, req *credentialspb.GenerateIdentityBindingAccessTokenRequest, opts ...gax.CallOption) (*credentialspb.GenerateIdentityBindingAccessTokenResponse, error) {
- ctx = insertMetadata(ctx, c.xGoogMetadata)
- opts = append(c.CallOptions.GenerateIdentityBindingAccessToken[0:len(c.CallOptions.GenerateIdentityBindingAccessToken):len(c.CallOptions.GenerateIdentityBindingAccessToken)], opts...)
- var resp *credentialspb.GenerateIdentityBindingAccessTokenResponse
- err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
- var err error
- resp, err = c.iamCredentialsClient.GenerateIdentityBindingAccessToken(ctx, req, settings.GRPC...)
- return err
- }, opts...)
- if err != nil {
- return nil, err
- }
- return resp, nil
- }
|