mirror of
https://github.com/gravitational/teleport
synced 2024-10-19 16:53:57 +00:00
Add Postgres Cloud SQL support (#5941)
This commit is contained in:
parent
a3837f6720
commit
8739417729
|
@ -64,12 +64,16 @@ type DatabaseServer interface {
|
|||
GetURI() string
|
||||
// GetCA returns the database CA certificate bytes.
|
||||
GetCA() []byte
|
||||
// GetRegion returns the AWS region for RDS/Aurora databases.
|
||||
GetRegion() string
|
||||
// GetAWS returns AWS information for RDS/Aurora databases.
|
||||
GetAWS() AWS
|
||||
// GetGCP returns GCP information for Cloud SQL databases.
|
||||
GetGCP() GCPCloudSQL
|
||||
// GetType returns the database type, self-hosted or AWS RDS.
|
||||
GetType() string
|
||||
// IsRDS returns true if this is an RDS/Aurora database.
|
||||
IsRDS() bool
|
||||
// IsCloudSQL returns true if this is a Cloud SQL database.
|
||||
IsCloudSQL() bool
|
||||
// CheckAndSetDefaults checks and set default values for any missing fields.
|
||||
CheckAndSetDefaults() error
|
||||
// Copy returns a copy of this database server object.
|
||||
|
@ -235,9 +239,14 @@ func (s *DatabaseServerV3) GetCA() []byte {
|
|||
return s.Spec.CACert
|
||||
}
|
||||
|
||||
// GetRegion returns the AWS region for RDS/Aurora databases.
|
||||
func (s *DatabaseServerV3) GetRegion() string {
|
||||
return s.Spec.AWS.Region
|
||||
// GetAWS returns AWS information for RDS/Aurora databases.
|
||||
func (s *DatabaseServerV3) GetAWS() AWS {
|
||||
return s.Spec.AWS
|
||||
}
|
||||
|
||||
// GetGCP returns GCP information for Cloud SQL databases.
|
||||
func (s *DatabaseServerV3) GetGCP() GCPCloudSQL {
|
||||
return s.Spec.GCP
|
||||
}
|
||||
|
||||
// IsRDS returns true if this database represents AWS RDS/Aurora instance.
|
||||
|
@ -245,11 +254,19 @@ func (s *DatabaseServerV3) IsRDS() bool {
|
|||
return s.GetType() == DatabaseTypeRDS
|
||||
}
|
||||
|
||||
// IsCloudSQL returns true if this database is a Cloud SQL instance.
|
||||
func (s *DatabaseServerV3) IsCloudSQL() bool {
|
||||
return s.GetType() == DatabaseTypeCloudSQL
|
||||
}
|
||||
|
||||
// GetType returns the database type, self-hosted or AWS RDS.
|
||||
func (s *DatabaseServerV3) GetType() string {
|
||||
if s.Spec.AWS.Region != "" {
|
||||
return DatabaseTypeRDS
|
||||
}
|
||||
if s.Spec.GCP.ProjectID != "" {
|
||||
return DatabaseTypeCloudSQL
|
||||
}
|
||||
return DatabaseTypeSelfHosted
|
||||
}
|
||||
|
||||
|
@ -297,6 +314,8 @@ const (
|
|||
DatabaseTypeSelfHosted = "self-hosted"
|
||||
// DatabaseTypeRDS is AWS-hosted RDS or Aurora database.
|
||||
DatabaseTypeRDS = "rds"
|
||||
// DatabaseTypeCloudSQL is GCP-hosted Cloud SQL database.
|
||||
DatabaseTypeCloudSQL = "gcp"
|
||||
)
|
||||
|
||||
// SortedDatabaseServers implements sorter for database servers.
|
||||
|
@ -310,3 +329,26 @@ func (s SortedDatabaseServers) Less(i, j int) bool { return s[i].GetName() < s[j
|
|||
|
||||
// Swap swaps two database servers.
|
||||
func (s SortedDatabaseServers) Swap(i, j int) { s[i], s[j] = s[j], s[i] }
|
||||
|
||||
// DatabaseServers is a list of database servers.
|
||||
type DatabaseServers []DatabaseServer
|
||||
|
||||
// HasRDS returns true if an AWS RDS database is present among this list.
|
||||
func (s DatabaseServers) HasRDS() bool {
|
||||
for _, d := range s {
|
||||
if d.IsRDS() {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// HasGCP returns true if a GCP Cloud SQL database is present among this list.
|
||||
func (s DatabaseServers) HasGCP() bool {
|
||||
for _, d := range s {
|
||||
if d.IsCloudSQL() {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -172,6 +172,8 @@ message DatabaseServerSpecV3 {
|
|||
// Rotation contains the server CA rotation information.
|
||||
Rotation Rotation = 10
|
||||
[ (gogoproto.nullable) = false, (gogoproto.jsontag) = "rotation,omitempty" ];
|
||||
// GCP contains parameters specific to GCP Cloud SQL databases.
|
||||
GCPCloudSQL GCP = 11 [ (gogoproto.nullable) = false, (gogoproto.jsontag) = "gcp,omitempty" ];
|
||||
}
|
||||
|
||||
// AWS contains AWS specific settings such as region.
|
||||
|
@ -180,6 +182,14 @@ message AWS {
|
|||
string Region = 1 [ (gogoproto.jsontag) = "region,omitempty" ];
|
||||
}
|
||||
|
||||
// GCPCloudSQL contains parameters specific to GCP Cloud SQL databases.
|
||||
message GCPCloudSQL {
|
||||
// ProjectID is the GCP project ID the Cloud SQL instance resides in.
|
||||
string ProjectID = 1 [ (gogoproto.jsontag) = "project_id,omitempty" ];
|
||||
// InstanceID is the Cloud SQL instance ID.
|
||||
string InstanceID = 2 [ (gogoproto.jsontag) = "instance_id,omitempty" ];
|
||||
}
|
||||
|
||||
// ServerV2 represents a Node, App, Database, Proxy or Auth server in a Teleport cluster.
|
||||
message ServerV2 {
|
||||
option (gogoproto.goproto_stringer) = false;
|
||||
|
|
3
go.mod
3
go.mod
|
@ -3,7 +3,7 @@ module github.com/gravitational/teleport
|
|||
go 1.15
|
||||
|
||||
require (
|
||||
cloud.google.com/go v0.60.0 // indirect
|
||||
cloud.google.com/go v0.60.0
|
||||
cloud.google.com/go/firestore v1.2.0
|
||||
cloud.google.com/go/storage v1.10.0
|
||||
github.com/HdrHistogram/hdrhistogram-go v1.0.1
|
||||
|
@ -113,6 +113,7 @@ require (
|
|||
gopkg.in/square/go-jose.v2 v2.5.1
|
||||
gopkg.in/yaml.v2 v2.4.0
|
||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
|
||||
honnef.co/go/tools v0.0.1-2020.1.5 // indirect
|
||||
k8s.io/api v0.0.0-20200821051526-051d027c14e1
|
||||
k8s.io/apimachinery v0.20.4
|
||||
k8s.io/client-go v0.0.0-20200827131824-5d33118d4742
|
||||
|
|
3
go.sum
3
go.sum
|
@ -1073,8 +1073,9 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh
|
|||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
|
||||
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
honnef.co/go/tools v0.0.1-2020.1.4 h1:UoveltGrhghAA7ePc+e+QYDHXrBps2PqFZiHkGR/xK8=
|
||||
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
honnef.co/go/tools v0.0.1-2020.1.5 h1:nI5egYTGJakVyOryqLs1cQO5dO0ksin5XXs2pspk75k=
|
||||
honnef.co/go/tools v0.0.1-2020.1.5/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
|
||||
k8s.io/api v0.0.0-20200821051526-051d027c14e1 h1:tnYGRPNJuQuYUOaO2iTnU5BE4MXCrR495liacfqJLOg=
|
||||
k8s.io/api v0.0.0-20200821051526-051d027c14e1/go.mod h1:6DKPkNII5GHfkmzU2WRXuDEJXvErpzTgkC/GRlsMFOQ=
|
||||
k8s.io/apimachinery v0.0.0-20200821051348-9254095ca5ca/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA=
|
||||
|
|
|
@ -848,6 +848,10 @@ func applyDatabasesConfig(fc *FileConfig, cfg *service.Config) error {
|
|||
AWS: service.DatabaseAWS{
|
||||
Region: database.AWS.Region,
|
||||
},
|
||||
GCP: service.DatabaseGCP{
|
||||
ProjectID: database.GCP.ProjectID,
|
||||
InstanceID: database.GCP.InstanceID,
|
||||
},
|
||||
}
|
||||
if err := db.Check(); err != nil {
|
||||
return trace.Wrap(err)
|
||||
|
|
|
@ -906,6 +906,8 @@ type Database struct {
|
|||
DynamicLabels []CommandLabel `yaml:"dynamic_labels,omitempty"`
|
||||
// AWS contains AWS specific settings for RDS/Aurora databases.
|
||||
AWS DatabaseAWS `yaml:"aws"`
|
||||
// GCP contains GCP specific settings for Cloud SQL databases.
|
||||
GCP DatabaseGCP `yaml:"gcp"`
|
||||
}
|
||||
|
||||
// DatabaseAWS contains AWS specific settings for RDS/Aurora databases.
|
||||
|
@ -914,6 +916,14 @@ type DatabaseAWS struct {
|
|||
Region string `yaml:"region,omitempty"`
|
||||
}
|
||||
|
||||
// DatabaseGCP contains GCP specific settings for Cloud SQL databases.
|
||||
type DatabaseGCP struct {
|
||||
// ProjectID is the GCP project ID where the database is deployed.
|
||||
ProjectID string `yaml:"project_id,omitempty"`
|
||||
// InstanceID is the Cloud SQL database instance ID.
|
||||
InstanceID string `yaml:"instance_id,omitempty"`
|
||||
}
|
||||
|
||||
// Apps represents the configuration for the collection of applications this
|
||||
// service will start. In file configuration this would be the "app_service"
|
||||
// section.
|
||||
|
|
|
@ -559,6 +559,8 @@ type Database struct {
|
|||
CACert []byte
|
||||
// AWS contains AWS specific settings for RDS/Aurora.
|
||||
AWS DatabaseAWS
|
||||
// GCP contains GCP specific settings for Cloud SQL.
|
||||
GCP DatabaseGCP
|
||||
}
|
||||
|
||||
// DatabaseAWS contains AWS specific settings for RDS/Aurora databases.
|
||||
|
@ -567,6 +569,14 @@ type DatabaseAWS struct {
|
|||
Region string
|
||||
}
|
||||
|
||||
// DatabaseGCP contains GCP specific settings for Cloud SQL databases.
|
||||
type DatabaseGCP struct {
|
||||
// ProjectID is the GCP project ID where the database is deployed.
|
||||
ProjectID string
|
||||
// InstanceID is the Cloud SQL instance ID.
|
||||
InstanceID string
|
||||
}
|
||||
|
||||
// Check validates the database proxy configuration.
|
||||
func (d *Database) Check() error {
|
||||
if d.Name == "" {
|
||||
|
@ -592,6 +602,26 @@ func (d *Database) Check() error {
|
|||
d.Name, err)
|
||||
}
|
||||
}
|
||||
// Validate Cloud SQL specific configuration.
|
||||
switch {
|
||||
case d.GCP.ProjectID != "" && d.GCP.InstanceID == "":
|
||||
return trace.BadParameter("missing Cloud SQL instance ID for database %q", d.Name)
|
||||
case d.GCP.ProjectID == "" && d.GCP.InstanceID != "":
|
||||
return trace.BadParameter("missing Cloud SQL project ID for database %q", d.Name)
|
||||
case d.GCP.ProjectID != "" && d.GCP.InstanceID != "":
|
||||
// Only Postgres Cloud SQL instances currently support IAM authentication.
|
||||
// It's a relatively new feature so we'll be able to enable it once it
|
||||
// expands to MySQL as well:
|
||||
// https://cloud.google.com/sql/docs/postgres/authentication
|
||||
if d.Protocol != defaults.ProtocolPostgres {
|
||||
return trace.BadParameter("Cloud SQL IAM authentication is currently supported only for PostgreSQL databases, can't use database %q with protocol %q", d.Name, d.Protocol)
|
||||
}
|
||||
// TODO(r0mant): See if we can download it automatically similar to RDS:
|
||||
// https://cloud.google.com/sql/docs/postgres/instance-info#rest-v1beta4
|
||||
if len(d.CACert) == 0 {
|
||||
return trace.BadParameter("missing Cloud SQL instance root certificate for database %q", d.Name)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
@ -22,6 +22,7 @@ import (
|
|||
|
||||
"github.com/gravitational/teleport/lib/backend/lite"
|
||||
"github.com/gravitational/teleport/lib/defaults"
|
||||
"github.com/gravitational/teleport/lib/fixtures"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
|
@ -201,6 +202,73 @@ func TestCheckDatabase(t *testing.T) {
|
|||
},
|
||||
outErr: true,
|
||||
},
|
||||
{
|
||||
desc: "GCP valid configuration",
|
||||
inDatabase: Database{
|
||||
Name: "example",
|
||||
Protocol: defaults.ProtocolPostgres,
|
||||
URI: "localhost:5432",
|
||||
GCP: DatabaseGCP{
|
||||
ProjectID: "project-1",
|
||||
InstanceID: "instance-1",
|
||||
},
|
||||
CACert: fixtures.LocalhostCert,
|
||||
},
|
||||
outErr: false,
|
||||
},
|
||||
{
|
||||
desc: "GCP project ID specified without instance ID",
|
||||
inDatabase: Database{
|
||||
Name: "example",
|
||||
Protocol: defaults.ProtocolPostgres,
|
||||
URI: "localhost:5432",
|
||||
GCP: DatabaseGCP{
|
||||
ProjectID: "project-1",
|
||||
},
|
||||
CACert: fixtures.LocalhostCert,
|
||||
},
|
||||
outErr: true,
|
||||
},
|
||||
{
|
||||
desc: "GCP instance ID specified without project ID",
|
||||
inDatabase: Database{
|
||||
Name: "example",
|
||||
Protocol: defaults.ProtocolPostgres,
|
||||
URI: "localhost:5432",
|
||||
GCP: DatabaseGCP{
|
||||
InstanceID: "instance-1",
|
||||
},
|
||||
CACert: fixtures.LocalhostCert,
|
||||
},
|
||||
outErr: true,
|
||||
},
|
||||
{
|
||||
desc: "GCP root cert missing",
|
||||
inDatabase: Database{
|
||||
Name: "example",
|
||||
Protocol: defaults.ProtocolPostgres,
|
||||
URI: "localhost:5432",
|
||||
GCP: DatabaseGCP{
|
||||
ProjectID: "project-1",
|
||||
InstanceID: "instance-1",
|
||||
},
|
||||
},
|
||||
outErr: true,
|
||||
},
|
||||
{
|
||||
desc: "GCP unsupported for MySQL",
|
||||
inDatabase: Database{
|
||||
Name: "example",
|
||||
Protocol: defaults.ProtocolMySQL,
|
||||
URI: "localhost:3306",
|
||||
GCP: DatabaseGCP{
|
||||
ProjectID: "project-1",
|
||||
InstanceID: "instance-1",
|
||||
},
|
||||
CACert: fixtures.LocalhostCert,
|
||||
},
|
||||
outErr: true,
|
||||
},
|
||||
}
|
||||
for _, test := range tests {
|
||||
t.Run(test.desc, func(t *testing.T) {
|
||||
|
|
|
@ -93,6 +93,7 @@ func (process *TeleportProcess) initDatabaseService() (retErr error) {
|
|||
URI: db.URI,
|
||||
CACert: db.CACert,
|
||||
AWS: types.AWS{Region: db.AWS.Region},
|
||||
GCP: types.GCPCloudSQL{ProjectID: db.GCP.ProjectID, InstanceID: db.GCP.InstanceID},
|
||||
DynamicLabels: types.LabelsToV2(db.DynamicLabels),
|
||||
Version: teleport.Version,
|
||||
Hostname: process.Config.Hostname,
|
||||
|
|
|
@ -40,6 +40,14 @@ const DatabaseServerSpecV3Schema = `{
|
|||
"region": {"type": "string"}
|
||||
}
|
||||
},
|
||||
"gcp": {
|
||||
"type": "object",
|
||||
"additionalProperties": false,
|
||||
"properties": {
|
||||
"project_id": {"type": "string"},
|
||||
"instance_id": {"type": "string"}
|
||||
}
|
||||
},
|
||||
"version": {"type": "string"},
|
||||
"hostname": {"type": "string"},
|
||||
"host_id": {"type": "string"},
|
||||
|
|
|
@ -33,14 +33,14 @@ import (
|
|||
func (s *Server) initRDSRootCert(ctx context.Context, server types.DatabaseServer) error {
|
||||
// If this is not an AWS database, or CA was set explicitly, or it was
|
||||
// already loaded, then nothing to do.
|
||||
if server.GetType() != types.DatabaseTypeRDS || len(server.GetCA()) != 0 || len(s.rdsCACerts[server.GetRegion()]) != 0 {
|
||||
if server.GetType() != types.DatabaseTypeRDS || len(server.GetCA()) != 0 || len(s.rdsCACerts[server.GetAWS().Region]) != 0 {
|
||||
return nil
|
||||
}
|
||||
// This is a RDS/Aurora instance and CA certificate wasn't explicitly
|
||||
// provided, so try to download it from AWS (or see if it's already
|
||||
// been downloaded).
|
||||
downloadURL := rdsDefaultCAURL
|
||||
if u, ok := rdsCAURLs[server.GetRegion()]; ok {
|
||||
if u, ok := rdsCAURLs[server.GetAWS().Region]; ok {
|
||||
downloadURL = u
|
||||
}
|
||||
bytes, err := s.ensureRDSRootCert(downloadURL)
|
||||
|
@ -53,7 +53,7 @@ func (s *Server) initRDSRootCert(ctx context.Context, server types.DatabaseServe
|
|||
return trace.Wrap(err, "RDS root certificate for %v doesn't appear to be a valid x509 certificate: %s",
|
||||
server, bytes)
|
||||
}
|
||||
s.rdsCACerts[server.GetRegion()] = bytes
|
||||
s.rdsCACerts[server.GetAWS().Region] = bytes
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
@ -21,6 +21,7 @@ import (
|
|||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"fmt"
|
||||
|
||||
"github.com/gravitational/teleport/api/client/proto"
|
||||
"github.com/gravitational/teleport/lib/auth"
|
||||
|
@ -31,6 +32,10 @@ import (
|
|||
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
"github.com/aws/aws-sdk-go/service/rds/rdsutils"
|
||||
|
||||
gcpcredentials "cloud.google.com/go/iam/credentials/apiv1"
|
||||
gcpcredentialspb "google.golang.org/genproto/googleapis/iam/credentials/v1"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
@ -40,8 +45,12 @@ import (
|
|||
type AuthConfig struct {
|
||||
// AuthClient is the cluster auth client.
|
||||
AuthClient *auth.Client
|
||||
// Credentials are the AWS credentials used to generate RDS auth tokens.
|
||||
Credentials *credentials.Credentials
|
||||
// AWSCredentials are the AWS credentials used to generate RDS auth tokens.
|
||||
// May be empty when not proxying any RDS databases.
|
||||
AWSCredentials *credentials.Credentials
|
||||
// GCPIAM is the GCP IAM client used to generate GCP auth tokens.
|
||||
// May be empty when not proxying any Cloud SQL databases.
|
||||
GCPIAM *gcpcredentials.IamCredentialsClient
|
||||
// RDSCACerts contains AWS RDS root certificates.
|
||||
RDSCACerts map[string][]byte
|
||||
// Clock is the clock implementation.
|
||||
|
@ -55,9 +64,6 @@ func (c *AuthConfig) CheckAndSetDefaults() error {
|
|||
if c.AuthClient == nil {
|
||||
return trace.BadParameter("missing AuthClient")
|
||||
}
|
||||
if c.Credentials == nil {
|
||||
return trace.BadParameter("missing Credentials")
|
||||
}
|
||||
if c.Clock == nil {
|
||||
c.Clock = clockwork.NewRealClock()
|
||||
}
|
||||
|
@ -86,12 +92,46 @@ func NewAuth(config AuthConfig) (*Auth, error) {
|
|||
// GetRDSAuthToken returns authorization token that will be used as a password
|
||||
// when connecting to RDS and Aurora databases.
|
||||
func (a *Auth) GetRDSAuthToken(sessionCtx *Session) (string, error) {
|
||||
a.cfg.Log.Debugf("Generating auth token for %s.", sessionCtx)
|
||||
if a.cfg.AWSCredentials == nil {
|
||||
return "", trace.BadParameter("AWS IAM client is not initialized")
|
||||
}
|
||||
a.cfg.Log.Debugf("Generating RDS auth token for %s.", sessionCtx)
|
||||
return rdsutils.BuildAuthToken(
|
||||
sessionCtx.Server.GetURI(),
|
||||
sessionCtx.Server.GetRegion(),
|
||||
sessionCtx.Server.GetAWS().Region,
|
||||
sessionCtx.DatabaseUser,
|
||||
a.cfg.Credentials)
|
||||
a.cfg.AWSCredentials)
|
||||
}
|
||||
|
||||
// GetCloudSQLAuthToken returns authorization token that will be used as a
|
||||
// password when connecting to Cloud SQL databases.
|
||||
func (a *Auth) GetCloudSQLAuthToken(ctx context.Context, sessionCtx *Session) (string, error) {
|
||||
if a.cfg.GCPIAM == nil {
|
||||
return "", trace.BadParameter("GCP IAM client is not initialized")
|
||||
}
|
||||
a.cfg.Log.Debugf("Generating GCP auth token for %s.", sessionCtx)
|
||||
resp, err := a.cfg.GCPIAM.GenerateAccessToken(ctx,
|
||||
&gcpcredentialspb.GenerateAccessTokenRequest{
|
||||
// From GenerateAccessToken docs:
|
||||
//
|
||||
// The resource name of the service account for which the credentials
|
||||
// are requested, in the following format:
|
||||
// projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}
|
||||
Name: fmt.Sprintf("projects/-/serviceAccounts/%v.gserviceaccount.com", sessionCtx.DatabaseUser),
|
||||
// From GenerateAccessToken docs:
|
||||
//
|
||||
// Code to identify the scopes to be included in the OAuth 2.0 access
|
||||
// token:
|
||||
// https://developers.google.com/identity/protocols/oauth2/scopes
|
||||
// https://developers.google.com/identity/protocols/oauth2/scopes#sqladmin
|
||||
Scope: []string{
|
||||
"https://www.googleapis.com/auth/sqlservice.admin",
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
return "", trace.Wrap(err)
|
||||
}
|
||||
return resp.AccessToken, nil
|
||||
}
|
||||
|
||||
// GetTLSConfig builds the client TLS configuration for the session.
|
||||
|
@ -115,7 +155,7 @@ func (a *Auth) GetTLSConfig(ctx context.Context, sessionCtx *Session) (*tls.Conf
|
|||
return nil, trace.BadParameter("invalid server CA certificate")
|
||||
}
|
||||
} else if sessionCtx.Server.IsRDS() {
|
||||
if rdsCA, ok := a.cfg.RDSCACerts[sessionCtx.Server.GetRegion()]; ok {
|
||||
if rdsCA, ok := a.cfg.RDSCACerts[sessionCtx.Server.GetAWS().Region]; ok {
|
||||
if !tlsConfig.RootCAs.AppendCertsFromPEM(rdsCA) {
|
||||
return nil, trace.BadParameter("invalid RDS CA certificate")
|
||||
}
|
||||
|
@ -123,9 +163,37 @@ func (a *Auth) GetTLSConfig(ctx context.Context, sessionCtx *Session) (*tls.Conf
|
|||
a.cfg.Log.Warnf("No RDS CA certificate for %v.", sessionCtx.Server)
|
||||
}
|
||||
}
|
||||
// RDS/Aurora auth is done via an auth token so don't generate a client
|
||||
// certificate and exit here.
|
||||
if sessionCtx.Server.IsRDS() {
|
||||
// You connect to Cloud SQL instances by IP and the certificate presented
|
||||
// by the instance does not contain IP SANs so the default "full" certificate
|
||||
// verification will always fail.
|
||||
//
|
||||
// In the docs they recommend disabling hostname verification when connecting
|
||||
// e.g. with psql (verify-ca mode) reasoning that it's not required since
|
||||
// CA is instance-specific:
|
||||
// https://cloud.google.com/sql/docs/postgres/connect-admin-ip
|
||||
//
|
||||
// They do encode <project-id>:<instance-id> in the CN field, which also
|
||||
// wouldn't validate by default since CN has been deprecated and server
|
||||
// name verification ignores it starting from Go 1.15.
|
||||
//
|
||||
// For this reason we're setting ServerName to <project-id>:<instance-id>,
|
||||
// disabling default certificate verification and validating it ourselves.
|
||||
//
|
||||
// See the following Go issue for more context:
|
||||
// https://github.com/golang/go/issues/40748
|
||||
if sessionCtx.Server.IsCloudSQL() {
|
||||
// Cloud SQL server presented certificates encode instance names as
|
||||
// "<project-id>:<instance-id>" in CommonName. This is verified against
|
||||
// the ServerName in a custom connection verification step (see below).
|
||||
tlsConfig.ServerName = fmt.Sprintf("%v:%v", sessionCtx.Server.GetGCP().ProjectID, sessionCtx.Server.GetGCP().InstanceID)
|
||||
// This just disables default verification.
|
||||
tlsConfig.InsecureSkipVerify = true
|
||||
// This will verify CN and cert chain on each connection.
|
||||
tlsConfig.VerifyConnection = getVerifyCloudSQLCertificate(tlsConfig.RootCAs)
|
||||
}
|
||||
// RDS/Aurora and Cloud SQL auth is done with an auth token so don't
|
||||
// generate a client certificate and exit here.
|
||||
if sessionCtx.Server.IsRDS() || sessionCtx.Server.IsCloudSQL() {
|
||||
return tlsConfig, nil
|
||||
}
|
||||
// Otherwise, when connecting to an onprem database, generate a client
|
||||
|
@ -179,3 +247,25 @@ func (a *Auth) getClientCert(ctx context.Context, sessionCtx *Session) (cert *tl
|
|||
func (a *Auth) GetAuthPreference() (services.AuthPreference, error) {
|
||||
return a.cfg.AuthClient.GetAuthPreference()
|
||||
}
|
||||
|
||||
// getVerifyCloudSQLCertificate returns a function that performs verification
|
||||
// of server certificate presented by a Cloud SQL database instance.
|
||||
func getVerifyCloudSQLCertificate(roots *x509.CertPool) func(tls.ConnectionState) error {
|
||||
return func(cs tls.ConnectionState) error {
|
||||
if len(cs.PeerCertificates) < 1 {
|
||||
return trace.AccessDenied("Cloud SQL instance didn't present a certificate")
|
||||
}
|
||||
// CN has been deprecated for a while, but Cloud SQL instances still use
|
||||
// it to encode instance name in the form of <project-id>:<instance-id>.
|
||||
commonName := cs.PeerCertificates[0].Subject.CommonName
|
||||
if commonName != cs.ServerName {
|
||||
return trace.AccessDenied("Cloud SQL certificate CommonName validation failed: expected %q, got %q", cs.ServerName, commonName)
|
||||
}
|
||||
opts := x509.VerifyOptions{Roots: roots, Intermediates: x509.NewCertPool()}
|
||||
for _, cert := range cs.PeerCertificates[1:] {
|
||||
opts.Intermediates.AddCert(cert)
|
||||
}
|
||||
_, err := cs.PeerCertificates[0].Verify(opts)
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
|
|
@ -22,6 +22,7 @@ import (
|
|||
"fmt"
|
||||
"net"
|
||||
|
||||
"github.com/gravitational/teleport/api/types"
|
||||
"github.com/gravitational/teleport/lib/services"
|
||||
"github.com/gravitational/teleport/lib/srv/db/common"
|
||||
|
||||
|
@ -339,13 +340,19 @@ func (e *Engine) getConnectConfig(ctx context.Context, sessionCtx *common.Sessio
|
|||
config.Fallbacks = nil
|
||||
// Set startup parameters that the client sent us.
|
||||
config.RuntimeParams = sessionCtx.StartupParameters
|
||||
// RDS/Aurora use IAM authentication so request an auth token and
|
||||
// use it as a password.
|
||||
if sessionCtx.Server.IsRDS() {
|
||||
// AWS RDS/Aurora and GCP Cloud SQL use IAM authentication so request an
|
||||
// auth token and use it as a password.
|
||||
switch sessionCtx.Server.GetType() {
|
||||
case types.DatabaseTypeRDS:
|
||||
config.Password, err = e.Auth.GetRDSAuthToken(sessionCtx)
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
case types.DatabaseTypeCloudSQL:
|
||||
config.Password, err = e.Auth.GetCloudSQLAuthToken(ctx, sessionCtx)
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
}
|
||||
// TLS config will use client certificate for an onprem database or
|
||||
// will contain RDS root certificate for RDS/Aurora.
|
||||
|
|
|
@ -35,8 +35,10 @@ import (
|
|||
"github.com/gravitational/teleport/lib/srv/db/postgres"
|
||||
"github.com/gravitational/teleport/lib/utils"
|
||||
|
||||
gcpcredentials "cloud.google.com/go/iam/credentials/apiv1"
|
||||
"github.com/aws/aws-sdk-go/aws/credentials"
|
||||
awssession "github.com/aws/aws-sdk-go/aws/session"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
"github.com/jonboulle/clockwork"
|
||||
"github.com/pborman/uuid"
|
||||
|
@ -62,16 +64,18 @@ type Config struct {
|
|||
// GetRotation returns the certificate rotation state.
|
||||
GetRotation func(role teleport.Role) (*services.Rotation, error)
|
||||
// Servers contains a list of database servers this service proxies.
|
||||
Servers []types.DatabaseServer
|
||||
// Credentials are credentials to AWS API.
|
||||
Credentials *credentials.Credentials
|
||||
Servers types.DatabaseServers
|
||||
// AWSCredentials are credentials to AWS API.
|
||||
AWSCredentials *credentials.Credentials
|
||||
// GCPIAM is the GCP IAM client.
|
||||
GCPIAM *gcpcredentials.IamCredentialsClient
|
||||
// OnHeartbeat is called after every heartbeat. Used to update process state.
|
||||
OnHeartbeat func(error)
|
||||
}
|
||||
|
||||
// CheckAndSetDefaults makes sure the configuration has the minimum required
|
||||
// to function.
|
||||
func (c *Config) CheckAndSetDefaults() error {
|
||||
func (c *Config) CheckAndSetDefaults(ctx context.Context) error {
|
||||
if c.Clock == nil {
|
||||
c.Clock = clockwork.NewRealClock()
|
||||
}
|
||||
|
@ -99,14 +103,23 @@ func (c *Config) CheckAndSetDefaults() error {
|
|||
if len(c.Servers) == 0 {
|
||||
return trace.BadParameter("missing Servers")
|
||||
}
|
||||
if c.Credentials == nil {
|
||||
// Only initialize AWS session if this service is proxying any RDS databases.
|
||||
if c.AWSCredentials == nil && c.Servers.HasRDS() {
|
||||
session, err := awssession.NewSessionWithOptions(awssession.Options{
|
||||
SharedConfigState: awssession.SharedConfigEnable,
|
||||
})
|
||||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
c.Credentials = session.Config.Credentials
|
||||
c.AWSCredentials = session.Config.Credentials
|
||||
}
|
||||
// Only initialize GCP IAM client if this service is proxying any Cloud SQL databases.
|
||||
if c.GCPIAM == nil && c.Servers.HasGCP() {
|
||||
iamClient, err := gcpcredentials.NewIamCredentialsClient(ctx)
|
||||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
c.GCPIAM = iamClient
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
@ -136,7 +149,7 @@ type Server struct {
|
|||
|
||||
// New returns a new database server.
|
||||
func New(ctx context.Context, config Config) (*Server, error) {
|
||||
err := config.CheckAndSetDefaults()
|
||||
err := config.CheckAndSetDefaults(ctx)
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
}
|
||||
|
@ -273,6 +286,10 @@ func (s *Server) Close() error {
|
|||
for _, heartbeat := range s.heartbeats {
|
||||
errors = append(errors, heartbeat.Close())
|
||||
}
|
||||
// Close the GCP IAM client if needed.
|
||||
if s.cfg.GCPIAM != nil {
|
||||
errors = append(errors, s.cfg.GCPIAM.Close())
|
||||
}
|
||||
return trace.NewAggregate(errors...)
|
||||
}
|
||||
|
||||
|
@ -355,10 +372,11 @@ func (s *Server) handleConnection(ctx context.Context, conn net.Conn) error {
|
|||
// dispatch returns an appropriate database engine for the session.
|
||||
func (s *Server) dispatch(sessionCtx *common.Session, streamWriter events.StreamWriter) (common.Engine, error) {
|
||||
auth, err := common.NewAuth(common.AuthConfig{
|
||||
AuthClient: s.cfg.AuthClient,
|
||||
Credentials: s.cfg.Credentials,
|
||||
RDSCACerts: s.rdsCACerts,
|
||||
Clock: s.cfg.Clock,
|
||||
AuthClient: s.cfg.AuthClient,
|
||||
AWSCredentials: s.cfg.AWSCredentials,
|
||||
GCPIAM: s.cfg.GCPIAM,
|
||||
RDSCACerts: s.rdsCACerts,
|
||||
Clock: s.cfg.Clock,
|
||||
})
|
||||
if err != nil {
|
||||
return nil, trace.Wrap(err)
|
||||
|
|
105
vendor/cloud.google.com/go/iam/credentials/apiv1/doc.go
generated
vendored
Normal file
105
vendor/cloud.google.com/go/iam/credentials/apiv1/doc.go
generated
vendored
Normal file
|
@ -0,0 +1,105 @@
|
|||
// Copyright 2020 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// https://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Code generated by protoc-gen-go_gapic. DO NOT EDIT.
|
||||
|
||||
// Package credentials is an auto-generated package for the
|
||||
// IAM Service Account Credentials API.
|
||||
//
|
||||
// Creates short-lived, limited-privilege credentials for IAM service
|
||||
// accounts.
|
||||
//
|
||||
// Use of Context
|
||||
//
|
||||
// The ctx passed to NewClient is used for authentication requests and
|
||||
// for creating the underlying connection, but is not used for subsequent calls.
|
||||
// Individual methods on the client use the ctx given to them.
|
||||
//
|
||||
// To close the open connection, use the Close() method.
|
||||
//
|
||||
// For information about setting deadlines, reusing contexts, and more
|
||||
// please visit godoc.org/cloud.google.com/go.
|
||||
package credentials // import "cloud.google.com/go/iam/credentials/apiv1"
|
||||
|
||||
import (
|
||||
"context"
|
||||
"runtime"
|
||||
"strings"
|
||||
"unicode"
|
||||
|
||||
"google.golang.org/api/option"
|
||||
"google.golang.org/grpc/metadata"
|
||||
)
|
||||
|
||||
// For more information on implementing a client constructor hook, see
|
||||
// https://github.com/googleapis/google-cloud-go/wiki/Customizing-constructors.
|
||||
type clientHookParams struct{}
|
||||
type clientHook func(context.Context, clientHookParams) ([]option.ClientOption, error)
|
||||
|
||||
const versionClient = "20200629"
|
||||
|
||||
func insertMetadata(ctx context.Context, mds ...metadata.MD) context.Context {
|
||||
out, _ := metadata.FromOutgoingContext(ctx)
|
||||
out = out.Copy()
|
||||
for _, md := range mds {
|
||||
for k, v := range md {
|
||||
out[k] = append(out[k], v...)
|
||||
}
|
||||
}
|
||||
return metadata.NewOutgoingContext(ctx, out)
|
||||
}
|
||||
|
||||
// DefaultAuthScopes reports the default set of authentication scopes to use with this package.
|
||||
func DefaultAuthScopes() []string {
|
||||
return []string{
|
||||
"https://www.googleapis.com/auth/cloud-platform",
|
||||
}
|
||||
}
|
||||
|
||||
// versionGo returns the Go runtime version. The returned string
|
||||
// has no whitespace, suitable for reporting in header.
|
||||
func versionGo() string {
|
||||
const develPrefix = "devel +"
|
||||
|
||||
s := runtime.Version()
|
||||
if strings.HasPrefix(s, develPrefix) {
|
||||
s = s[len(develPrefix):]
|
||||
if p := strings.IndexFunc(s, unicode.IsSpace); p >= 0 {
|
||||
s = s[:p]
|
||||
}
|
||||
return s
|
||||
}
|
||||
|
||||
notSemverRune := func(r rune) bool {
|
||||
return !strings.ContainsRune("0123456789.", r)
|
||||
}
|
||||
|
||||
if strings.HasPrefix(s, "go1") {
|
||||
s = s[2:]
|
||||
var prerelease string
|
||||
if p := strings.IndexFunc(s, notSemverRune); p >= 0 {
|
||||
s, prerelease = s[:p], s[p:]
|
||||
}
|
||||
if strings.HasSuffix(s, ".") {
|
||||
s += "0"
|
||||
} else if strings.Count(s, ".") < 2 {
|
||||
s += ".0"
|
||||
}
|
||||
if prerelease != "" {
|
||||
s += "-" + prerelease
|
||||
}
|
||||
return s
|
||||
}
|
||||
return "UNKNOWN"
|
||||
}
|
250
vendor/cloud.google.com/go/iam/credentials/apiv1/iam_credentials_client.go
generated
vendored
Normal file
250
vendor/cloud.google.com/go/iam/credentials/apiv1/iam_credentials_client.go
generated
vendored
Normal file
|
@ -0,0 +1,250 @@
|
|||
// Copyright 2020 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// https://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Code generated by protoc-gen-go_gapic. DO NOT EDIT.
|
||||
|
||||
package credentials
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"math"
|
||||
"net/url"
|
||||
"time"
|
||||
|
||||
gax "github.com/googleapis/gax-go/v2"
|
||||
"google.golang.org/api/option"
|
||||
gtransport "google.golang.org/api/transport/grpc"
|
||||
credentialspb "google.golang.org/genproto/googleapis/iam/credentials/v1"
|
||||
"google.golang.org/grpc"
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/metadata"
|
||||
)
|
||||
|
||||
var newIamCredentialsClientHook clientHook
|
||||
|
||||
// IamCredentialsCallOptions contains the retry settings for each method of IamCredentialsClient.
|
||||
type IamCredentialsCallOptions struct {
|
||||
GenerateAccessToken []gax.CallOption
|
||||
GenerateIdToken []gax.CallOption
|
||||
SignBlob []gax.CallOption
|
||||
SignJwt []gax.CallOption
|
||||
}
|
||||
|
||||
func defaultIamCredentialsClientOptions() []option.ClientOption {
|
||||
return []option.ClientOption{
|
||||
option.WithEndpoint("iamcredentials.googleapis.com:443"),
|
||||
option.WithGRPCDialOption(grpc.WithDisableServiceConfig()),
|
||||
option.WithScopes(DefaultAuthScopes()...),
|
||||
option.WithGRPCDialOption(grpc.WithDefaultCallOptions(
|
||||
grpc.MaxCallRecvMsgSize(math.MaxInt32))),
|
||||
}
|
||||
}
|
||||
|
||||
func defaultIamCredentialsCallOptions() *IamCredentialsCallOptions {
|
||||
return &IamCredentialsCallOptions{
|
||||
GenerateAccessToken: []gax.CallOption{
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.Unavailable,
|
||||
codes.DeadlineExceeded,
|
||||
}, gax.Backoff{
|
||||
Initial: 100 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 1.30,
|
||||
})
|
||||
}),
|
||||
},
|
||||
GenerateIdToken: []gax.CallOption{
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.Unavailable,
|
||||
codes.DeadlineExceeded,
|
||||
}, gax.Backoff{
|
||||
Initial: 100 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 1.30,
|
||||
})
|
||||
}),
|
||||
},
|
||||
SignBlob: []gax.CallOption{
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.Unavailable,
|
||||
codes.DeadlineExceeded,
|
||||
}, gax.Backoff{
|
||||
Initial: 100 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 1.30,
|
||||
})
|
||||
}),
|
||||
},
|
||||
SignJwt: []gax.CallOption{
|
||||
gax.WithRetry(func() gax.Retryer {
|
||||
return gax.OnCodes([]codes.Code{
|
||||
codes.Unavailable,
|
||||
codes.DeadlineExceeded,
|
||||
}, gax.Backoff{
|
||||
Initial: 100 * time.Millisecond,
|
||||
Max: 60000 * time.Millisecond,
|
||||
Multiplier: 1.30,
|
||||
})
|
||||
}),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
// IamCredentialsClient is a client for interacting with IAM Service Account Credentials API.
|
||||
//
|
||||
// Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
|
||||
type IamCredentialsClient struct {
|
||||
// Connection pool of gRPC connections to the service.
|
||||
connPool gtransport.ConnPool
|
||||
|
||||
// The gRPC API client.
|
||||
iamCredentialsClient credentialspb.IAMCredentialsClient
|
||||
|
||||
// The call options for this service.
|
||||
CallOptions *IamCredentialsCallOptions
|
||||
|
||||
// The x-goog-* metadata to be sent with each request.
|
||||
xGoogMetadata metadata.MD
|
||||
}
|
||||
|
||||
// NewIamCredentialsClient creates a new iam credentials client.
|
||||
//
|
||||
// A service account is a special type of Google account that belongs to your
|
||||
// application or a virtual machine (VM), instead of to an individual end user.
|
||||
// Your application assumes the identity of the service account to call Google
|
||||
// APIs, so that the users aren’t directly involved.
|
||||
//
|
||||
// Service account credentials are used to temporarily assume the identity
|
||||
// of the service account. Supported credential types include OAuth 2.0 access
|
||||
// tokens, OpenID Connect ID tokens, self-signed JSON Web Tokens (JWTs), and
|
||||
// more.
|
||||
func NewIamCredentialsClient(ctx context.Context, opts ...option.ClientOption) (*IamCredentialsClient, error) {
|
||||
clientOpts := defaultIamCredentialsClientOptions()
|
||||
|
||||
if newIamCredentialsClientHook != nil {
|
||||
hookOpts, err := newIamCredentialsClientHook(ctx, clientHookParams{})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
clientOpts = append(clientOpts, hookOpts...)
|
||||
}
|
||||
|
||||
connPool, err := gtransport.DialPool(ctx, append(clientOpts, opts...)...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
c := &IamCredentialsClient{
|
||||
connPool: connPool,
|
||||
CallOptions: defaultIamCredentialsCallOptions(),
|
||||
|
||||
iamCredentialsClient: credentialspb.NewIAMCredentialsClient(connPool),
|
||||
}
|
||||
c.setGoogleClientInfo()
|
||||
|
||||
return c, nil
|
||||
}
|
||||
|
||||
// Connection returns a connection to the API service.
|
||||
//
|
||||
// Deprecated.
|
||||
func (c *IamCredentialsClient) Connection() *grpc.ClientConn {
|
||||
return c.connPool.Conn()
|
||||
}
|
||||
|
||||
// Close closes the connection to the API service. The user should invoke this when
|
||||
// the client is no longer required.
|
||||
func (c *IamCredentialsClient) Close() error {
|
||||
return c.connPool.Close()
|
||||
}
|
||||
|
||||
// setGoogleClientInfo sets the name and version of the application in
|
||||
// the `x-goog-api-client` header passed on each request. Intended for
|
||||
// use by Google-written clients.
|
||||
func (c *IamCredentialsClient) setGoogleClientInfo(keyval ...string) {
|
||||
kv := append([]string{"gl-go", versionGo()}, keyval...)
|
||||
kv = append(kv, "gapic", versionClient, "gax", gax.Version, "grpc", grpc.Version)
|
||||
c.xGoogMetadata = metadata.Pairs("x-goog-api-client", gax.XGoogHeader(kv...))
|
||||
}
|
||||
|
||||
// GenerateAccessToken generates an OAuth 2.0 access token for a service account.
|
||||
func (c *IamCredentialsClient) GenerateAccessToken(ctx context.Context, req *credentialspb.GenerateAccessTokenRequest, opts ...gax.CallOption) (*credentialspb.GenerateAccessTokenResponse, error) {
|
||||
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
|
||||
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
|
||||
opts = append(c.CallOptions.GenerateAccessToken[0:len(c.CallOptions.GenerateAccessToken):len(c.CallOptions.GenerateAccessToken)], opts...)
|
||||
var resp *credentialspb.GenerateAccessTokenResponse
|
||||
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
|
||||
var err error
|
||||
resp, err = c.iamCredentialsClient.GenerateAccessToken(ctx, req, settings.GRPC...)
|
||||
return err
|
||||
}, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
// GenerateIdToken generates an OpenID Connect ID token for a service account.
|
||||
func (c *IamCredentialsClient) GenerateIdToken(ctx context.Context, req *credentialspb.GenerateIdTokenRequest, opts ...gax.CallOption) (*credentialspb.GenerateIdTokenResponse, error) {
|
||||
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
|
||||
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
|
||||
opts = append(c.CallOptions.GenerateIdToken[0:len(c.CallOptions.GenerateIdToken):len(c.CallOptions.GenerateIdToken)], opts...)
|
||||
var resp *credentialspb.GenerateIdTokenResponse
|
||||
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
|
||||
var err error
|
||||
resp, err = c.iamCredentialsClient.GenerateIdToken(ctx, req, settings.GRPC...)
|
||||
return err
|
||||
}, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
// SignBlob signs a blob using a service account’s system-managed private key.
|
||||
func (c *IamCredentialsClient) SignBlob(ctx context.Context, req *credentialspb.SignBlobRequest, opts ...gax.CallOption) (*credentialspb.SignBlobResponse, error) {
|
||||
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
|
||||
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
|
||||
opts = append(c.CallOptions.SignBlob[0:len(c.CallOptions.SignBlob):len(c.CallOptions.SignBlob)], opts...)
|
||||
var resp *credentialspb.SignBlobResponse
|
||||
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
|
||||
var err error
|
||||
resp, err = c.iamCredentialsClient.SignBlob(ctx, req, settings.GRPC...)
|
||||
return err
|
||||
}, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
||||
|
||||
// SignJwt signs a JWT using a service account’s system-managed private key.
|
||||
func (c *IamCredentialsClient) SignJwt(ctx context.Context, req *credentialspb.SignJwtRequest, opts ...gax.CallOption) (*credentialspb.SignJwtResponse, error) {
|
||||
md := metadata.Pairs("x-goog-request-params", fmt.Sprintf("%s=%v", "name", url.QueryEscape(req.GetName())))
|
||||
ctx = insertMetadata(ctx, c.xGoogMetadata, md)
|
||||
opts = append(c.CallOptions.SignJwt[0:len(c.CallOptions.SignJwt):len(c.CallOptions.SignJwt)], opts...)
|
||||
var resp *credentialspb.SignJwtResponse
|
||||
err := gax.Invoke(ctx, func(ctx context.Context, settings gax.CallSettings) error {
|
||||
var err error
|
||||
resp, err = c.iamCredentialsClient.SignJwt(ctx, req, settings.GRPC...)
|
||||
return err
|
||||
}, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return resp, nil
|
||||
}
|
858
vendor/google.golang.org/genproto/googleapis/iam/credentials/v1/common.pb.go
generated
vendored
Normal file
858
vendor/google.golang.org/genproto/googleapis/iam/credentials/v1/common.pb.go
generated
vendored
Normal file
|
@ -0,0 +1,858 @@
|
|||
// Copyright 2020 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.25.0
|
||||
// protoc v3.13.0
|
||||
// source: google/iam/credentials/v1/common.proto
|
||||
|
||||
package credentials
|
||||
|
||||
import (
|
||||
reflect "reflect"
|
||||
sync "sync"
|
||||
|
||||
proto "github.com/golang/protobuf/proto"
|
||||
_ "google.golang.org/genproto/googleapis/api/annotations"
|
||||
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
|
||||
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
|
||||
durationpb "google.golang.org/protobuf/types/known/durationpb"
|
||||
timestamppb "google.golang.org/protobuf/types/known/timestamppb"
|
||||
)
|
||||
|
||||
const (
|
||||
// Verify that this generated code is sufficiently up-to-date.
|
||||
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
|
||||
// Verify that runtime/protoimpl is sufficiently up-to-date.
|
||||
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
|
||||
)
|
||||
|
||||
// This is a compile-time assertion that a sufficiently up-to-date version
|
||||
// of the legacy proto package is being used.
|
||||
const _ = proto.ProtoPackageIsVersion4
|
||||
|
||||
type GenerateAccessTokenRequest struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// Required. The resource name of the service account for which the credentials
|
||||
// are requested, in the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
|
||||
// The sequence of service accounts in a delegation chain. Each service
|
||||
// account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on its next service account in the chain. The last service account in the
|
||||
// chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on the service account that is specified in the `name` field of the
|
||||
// request.
|
||||
//
|
||||
// The delegates must have the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Delegates []string `protobuf:"bytes,2,rep,name=delegates,proto3" json:"delegates,omitempty"`
|
||||
// Required. Code to identify the scopes to be included in the OAuth 2.0 access token.
|
||||
// See https://developers.google.com/identity/protocols/googlescopes for more
|
||||
// information.
|
||||
// At least one value required.
|
||||
Scope []string `protobuf:"bytes,4,rep,name=scope,proto3" json:"scope,omitempty"`
|
||||
// The desired lifetime duration of the access token in seconds.
|
||||
// Must be set to a value less than or equal to 3600 (1 hour). If a value is
|
||||
// not specified, the token's lifetime will be set to a default value of one
|
||||
// hour.
|
||||
Lifetime *durationpb.Duration `protobuf:"bytes,7,opt,name=lifetime,proto3" json:"lifetime,omitempty"`
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) Reset() {
|
||||
*x = GenerateAccessTokenRequest{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[0]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*GenerateAccessTokenRequest) ProtoMessage() {}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[0]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use GenerateAccessTokenRequest.ProtoReflect.Descriptor instead.
|
||||
func (*GenerateAccessTokenRequest) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{0}
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) GetName() string {
|
||||
if x != nil {
|
||||
return x.Name
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) GetDelegates() []string {
|
||||
if x != nil {
|
||||
return x.Delegates
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) GetScope() []string {
|
||||
if x != nil {
|
||||
return x.Scope
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenRequest) GetLifetime() *durationpb.Duration {
|
||||
if x != nil {
|
||||
return x.Lifetime
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type GenerateAccessTokenResponse struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// The OAuth 2.0 access token.
|
||||
AccessToken string `protobuf:"bytes,1,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
|
||||
// Token expiration time.
|
||||
// The expiration time is always set.
|
||||
ExpireTime *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=expire_time,json=expireTime,proto3" json:"expire_time,omitempty"`
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenResponse) Reset() {
|
||||
*x = GenerateAccessTokenResponse{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[1]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenResponse) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*GenerateAccessTokenResponse) ProtoMessage() {}
|
||||
|
||||
func (x *GenerateAccessTokenResponse) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[1]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use GenerateAccessTokenResponse.ProtoReflect.Descriptor instead.
|
||||
func (*GenerateAccessTokenResponse) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{1}
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenResponse) GetAccessToken() string {
|
||||
if x != nil {
|
||||
return x.AccessToken
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *GenerateAccessTokenResponse) GetExpireTime() *timestamppb.Timestamp {
|
||||
if x != nil {
|
||||
return x.ExpireTime
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type SignBlobRequest struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// Required. The resource name of the service account for which the credentials
|
||||
// are requested, in the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
|
||||
// The sequence of service accounts in a delegation chain. Each service
|
||||
// account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on its next service account in the chain. The last service account in the
|
||||
// chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on the service account that is specified in the `name` field of the
|
||||
// request.
|
||||
//
|
||||
// The delegates must have the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Delegates []string `protobuf:"bytes,3,rep,name=delegates,proto3" json:"delegates,omitempty"`
|
||||
// Required. The bytes to sign.
|
||||
Payload []byte `protobuf:"bytes,5,opt,name=payload,proto3" json:"payload,omitempty"`
|
||||
}
|
||||
|
||||
func (x *SignBlobRequest) Reset() {
|
||||
*x = SignBlobRequest{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[2]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *SignBlobRequest) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*SignBlobRequest) ProtoMessage() {}
|
||||
|
||||
func (x *SignBlobRequest) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[2]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use SignBlobRequest.ProtoReflect.Descriptor instead.
|
||||
func (*SignBlobRequest) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{2}
|
||||
}
|
||||
|
||||
func (x *SignBlobRequest) GetName() string {
|
||||
if x != nil {
|
||||
return x.Name
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *SignBlobRequest) GetDelegates() []string {
|
||||
if x != nil {
|
||||
return x.Delegates
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (x *SignBlobRequest) GetPayload() []byte {
|
||||
if x != nil {
|
||||
return x.Payload
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type SignBlobResponse struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// The ID of the key used to sign the blob.
|
||||
KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
|
||||
// The signed blob.
|
||||
SignedBlob []byte `protobuf:"bytes,4,opt,name=signed_blob,json=signedBlob,proto3" json:"signed_blob,omitempty"`
|
||||
}
|
||||
|
||||
func (x *SignBlobResponse) Reset() {
|
||||
*x = SignBlobResponse{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[3]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *SignBlobResponse) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*SignBlobResponse) ProtoMessage() {}
|
||||
|
||||
func (x *SignBlobResponse) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[3]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use SignBlobResponse.ProtoReflect.Descriptor instead.
|
||||
func (*SignBlobResponse) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{3}
|
||||
}
|
||||
|
||||
func (x *SignBlobResponse) GetKeyId() string {
|
||||
if x != nil {
|
||||
return x.KeyId
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *SignBlobResponse) GetSignedBlob() []byte {
|
||||
if x != nil {
|
||||
return x.SignedBlob
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
type SignJwtRequest struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// Required. The resource name of the service account for which the credentials
|
||||
// are requested, in the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
|
||||
// The sequence of service accounts in a delegation chain. Each service
|
||||
// account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on its next service account in the chain. The last service account in the
|
||||
// chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on the service account that is specified in the `name` field of the
|
||||
// request.
|
||||
//
|
||||
// The delegates must have the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Delegates []string `protobuf:"bytes,3,rep,name=delegates,proto3" json:"delegates,omitempty"`
|
||||
// Required. The JWT payload to sign: a JSON object that contains a JWT Claims Set.
|
||||
Payload string `protobuf:"bytes,5,opt,name=payload,proto3" json:"payload,omitempty"`
|
||||
}
|
||||
|
||||
func (x *SignJwtRequest) Reset() {
|
||||
*x = SignJwtRequest{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[4]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *SignJwtRequest) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*SignJwtRequest) ProtoMessage() {}
|
||||
|
||||
func (x *SignJwtRequest) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[4]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use SignJwtRequest.ProtoReflect.Descriptor instead.
|
||||
func (*SignJwtRequest) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{4}
|
||||
}
|
||||
|
||||
func (x *SignJwtRequest) GetName() string {
|
||||
if x != nil {
|
||||
return x.Name
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *SignJwtRequest) GetDelegates() []string {
|
||||
if x != nil {
|
||||
return x.Delegates
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (x *SignJwtRequest) GetPayload() string {
|
||||
if x != nil {
|
||||
return x.Payload
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
type SignJwtResponse struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// The ID of the key used to sign the JWT.
|
||||
KeyId string `protobuf:"bytes,1,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"`
|
||||
// The signed JWT.
|
||||
SignedJwt string `protobuf:"bytes,2,opt,name=signed_jwt,json=signedJwt,proto3" json:"signed_jwt,omitempty"`
|
||||
}
|
||||
|
||||
func (x *SignJwtResponse) Reset() {
|
||||
*x = SignJwtResponse{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[5]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *SignJwtResponse) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*SignJwtResponse) ProtoMessage() {}
|
||||
|
||||
func (x *SignJwtResponse) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[5]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use SignJwtResponse.ProtoReflect.Descriptor instead.
|
||||
func (*SignJwtResponse) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{5}
|
||||
}
|
||||
|
||||
func (x *SignJwtResponse) GetKeyId() string {
|
||||
if x != nil {
|
||||
return x.KeyId
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *SignJwtResponse) GetSignedJwt() string {
|
||||
if x != nil {
|
||||
return x.SignedJwt
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
type GenerateIdTokenRequest struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// Required. The resource name of the service account for which the credentials
|
||||
// are requested, in the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
|
||||
// The sequence of service accounts in a delegation chain. Each service
|
||||
// account must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on its next service account in the chain. The last service account in the
|
||||
// chain must be granted the `roles/iam.serviceAccountTokenCreator` role
|
||||
// on the service account that is specified in the `name` field of the
|
||||
// request.
|
||||
//
|
||||
// The delegates must have the following format:
|
||||
// `projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}`. The `-` wildcard
|
||||
// character is required; replacing it with a project ID is invalid.
|
||||
Delegates []string `protobuf:"bytes,2,rep,name=delegates,proto3" json:"delegates,omitempty"`
|
||||
// Required. The audience for the token, such as the API or account that this token
|
||||
// grants access to.
|
||||
Audience string `protobuf:"bytes,3,opt,name=audience,proto3" json:"audience,omitempty"`
|
||||
// Include the service account email in the token. If set to `true`, the
|
||||
// token will contain `email` and `email_verified` claims.
|
||||
IncludeEmail bool `protobuf:"varint,4,opt,name=include_email,json=includeEmail,proto3" json:"include_email,omitempty"`
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenRequest) Reset() {
|
||||
*x = GenerateIdTokenRequest{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[6]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenRequest) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*GenerateIdTokenRequest) ProtoMessage() {}
|
||||
|
||||
func (x *GenerateIdTokenRequest) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[6]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use GenerateIdTokenRequest.ProtoReflect.Descriptor instead.
|
||||
func (*GenerateIdTokenRequest) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{6}
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenRequest) GetName() string {
|
||||
if x != nil {
|
||||
return x.Name
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenRequest) GetDelegates() []string {
|
||||
if x != nil {
|
||||
return x.Delegates
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenRequest) GetAudience() string {
|
||||
if x != nil {
|
||||
return x.Audience
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenRequest) GetIncludeEmail() bool {
|
||||
if x != nil {
|
||||
return x.IncludeEmail
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
type GenerateIdTokenResponse struct {
|
||||
state protoimpl.MessageState
|
||||
sizeCache protoimpl.SizeCache
|
||||
unknownFields protoimpl.UnknownFields
|
||||
|
||||
// The OpenId Connect ID token.
|
||||
Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenResponse) Reset() {
|
||||
*x = GenerateIdTokenResponse{}
|
||||
if protoimpl.UnsafeEnabled {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[7]
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenResponse) String() string {
|
||||
return protoimpl.X.MessageStringOf(x)
|
||||
}
|
||||
|
||||
func (*GenerateIdTokenResponse) ProtoMessage() {}
|
||||
|
||||
func (x *GenerateIdTokenResponse) ProtoReflect() protoreflect.Message {
|
||||
mi := &file_google_iam_credentials_v1_common_proto_msgTypes[7]
|
||||
if protoimpl.UnsafeEnabled && x != nil {
|
||||
ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
|
||||
if ms.LoadMessageInfo() == nil {
|
||||
ms.StoreMessageInfo(mi)
|
||||
}
|
||||
return ms
|
||||
}
|
||||
return mi.MessageOf(x)
|
||||
}
|
||||
|
||||
// Deprecated: Use GenerateIdTokenResponse.ProtoReflect.Descriptor instead.
|
||||
func (*GenerateIdTokenResponse) Descriptor() ([]byte, []int) {
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescGZIP(), []int{7}
|
||||
}
|
||||
|
||||
func (x *GenerateIdTokenResponse) GetToken() string {
|
||||
if x != nil {
|
||||
return x.Token
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
var File_google_iam_credentials_v1_common_proto protoreflect.FileDescriptor
|
||||
|
||||
var file_google_iam_credentials_v1_common_proto_rawDesc = []byte{
|
||||
0x0a, 0x26, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x69, 0x61, 0x6d, 0x2f, 0x63, 0x72, 0x65,
|
||||
0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x6f, 0x6d, 0x6d,
|
||||
0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
|
||||
0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73,
|
||||
0x2e, 0x76, 0x31, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f,
|
||||
0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f, 0x62, 0x65, 0x68, 0x61, 0x76, 0x69, 0x6f, 0x72, 0x2e, 0x70,
|
||||
0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69,
|
||||
0x2f, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
|
||||
0x1e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
|
||||
0x2f, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a,
|
||||
0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
|
||||
0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
|
||||
0x22, 0xcb, 0x01, 0x0a, 0x1a, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63,
|
||||
0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12,
|
||||
0x3d, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x29, 0xe0,
|
||||
0x41, 0x02, 0xfa, 0x41, 0x23, 0x0a, 0x21, 0x69, 0x61, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
|
||||
0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
|
||||
0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1c,
|
||||
0x0a, 0x09, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28,
|
||||
0x09, 0x52, 0x09, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x12, 0x19, 0x0a, 0x05,
|
||||
0x73, 0x63, 0x6f, 0x70, 0x65, 0x18, 0x04, 0x20, 0x03, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02,
|
||||
0x52, 0x05, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x12, 0x35, 0x0a, 0x08, 0x6c, 0x69, 0x66, 0x65, 0x74,
|
||||
0x69, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
|
||||
0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x75, 0x72, 0x61,
|
||||
0x74, 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x22, 0x7d,
|
||||
0x0a, 0x1b, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
|
||||
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x21, 0x0a,
|
||||
0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20,
|
||||
0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e,
|
||||
0x12, 0x3b, 0x0a, 0x0b, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x18,
|
||||
0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
|
||||
0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d,
|
||||
0x70, 0x52, 0x0a, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x54, 0x69, 0x6d, 0x65, 0x22, 0x8d, 0x01,
|
||||
0x0a, 0x0f, 0x53, 0x69, 0x67, 0x6e, 0x42, 0x6c, 0x6f, 0x62, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73,
|
||||
0x74, 0x12, 0x3d, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42,
|
||||
0x29, 0xe0, 0x41, 0x02, 0xfa, 0x41, 0x23, 0x0a, 0x21, 0x69, 0x61, 0x6d, 0x2e, 0x67, 0x6f, 0x6f,
|
||||
0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x65, 0x72, 0x76,
|
||||
0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65,
|
||||
0x12, 0x1c, 0x0a, 0x09, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20,
|
||||
0x03, 0x28, 0x09, 0x52, 0x09, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x12, 0x1d,
|
||||
0x0a, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x42,
|
||||
0x03, 0xe0, 0x41, 0x02, 0x52, 0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x22, 0x4a, 0x0a,
|
||||
0x10, 0x53, 0x69, 0x67, 0x6e, 0x42, 0x6c, 0x6f, 0x62, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73,
|
||||
0x65, 0x12, 0x15, 0x0a, 0x06, 0x6b, 0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
|
||||
0x09, 0x52, 0x05, 0x6b, 0x65, 0x79, 0x49, 0x64, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x69, 0x67, 0x6e,
|
||||
0x65, 0x64, 0x5f, 0x62, 0x6c, 0x6f, 0x62, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0a, 0x73,
|
||||
0x69, 0x67, 0x6e, 0x65, 0x64, 0x42, 0x6c, 0x6f, 0x62, 0x22, 0x8c, 0x01, 0x0a, 0x0e, 0x53, 0x69,
|
||||
0x67, 0x6e, 0x4a, 0x77, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x04,
|
||||
0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x29, 0xe0, 0x41, 0x02, 0xfa,
|
||||
0x41, 0x23, 0x0a, 0x21, 0x69, 0x61, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
|
||||
0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63,
|
||||
0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x64,
|
||||
0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x09,
|
||||
0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x12, 0x1d, 0x0a, 0x07, 0x70, 0x61, 0x79,
|
||||
0x6c, 0x6f, 0x61, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02, 0x52,
|
||||
0x07, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x22, 0x47, 0x0a, 0x0f, 0x53, 0x69, 0x67, 0x6e,
|
||||
0x4a, 0x77, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x15, 0x0a, 0x06, 0x6b,
|
||||
0x65, 0x79, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x6b, 0x65, 0x79,
|
||||
0x49, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x5f, 0x6a, 0x77, 0x74,
|
||||
0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x73, 0x69, 0x67, 0x6e, 0x65, 0x64, 0x4a, 0x77,
|
||||
0x74, 0x22, 0xbb, 0x01, 0x0a, 0x16, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x49, 0x64,
|
||||
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x3d, 0x0a, 0x04,
|
||||
0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x29, 0xe0, 0x41, 0x02, 0xfa,
|
||||
0x41, 0x23, 0x0a, 0x21, 0x69, 0x61, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
|
||||
0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63,
|
||||
0x63, 0x6f, 0x75, 0x6e, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1c, 0x0a, 0x09, 0x64,
|
||||
0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x09, 0x52, 0x09,
|
||||
0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x12, 0x1f, 0x0a, 0x08, 0x61, 0x75, 0x64,
|
||||
0x69, 0x65, 0x6e, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x42, 0x03, 0xe0, 0x41, 0x02,
|
||||
0x52, 0x08, 0x61, 0x75, 0x64, 0x69, 0x65, 0x6e, 0x63, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x69, 0x6e,
|
||||
0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f, 0x65, 0x6d, 0x61, 0x69, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28,
|
||||
0x08, 0x52, 0x0c, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x45, 0x6d, 0x61, 0x69, 0x6c, 0x22,
|
||||
0x2f, 0x0a, 0x17, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x49, 0x64, 0x54, 0x6f, 0x6b,
|
||||
0x65, 0x6e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x74, 0x6f,
|
||||
0x6b, 0x65, 0x6e, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x74, 0x6f, 0x6b, 0x65, 0x6e,
|
||||
0x42, 0x89, 0x02, 0x0a, 0x23, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
|
||||
0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e,
|
||||
0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x42, 0x19, 0x49, 0x41, 0x4d, 0x43, 0x72, 0x65,
|
||||
0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x43, 0x6f, 0x6d, 0x6d, 0x6f, 0x6e, 0x50, 0x72,
|
||||
0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x44, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f,
|
||||
0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e, 0x70, 0x72, 0x6f, 0x74,
|
||||
0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73, 0x2f, 0x69, 0x61, 0x6d,
|
||||
0x2f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2f, 0x76, 0x31, 0x3b,
|
||||
0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0xf8, 0x01, 0x01, 0xaa, 0x02,
|
||||
0x1f, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x49, 0x61,
|
||||
0x6d, 0x2e, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x56, 0x31,
|
||||
0xea, 0x41, 0x59, 0x0a, 0x21, 0x69, 0x61, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61,
|
||||
0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41,
|
||||
0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x34, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
|
||||
0x2f, 0x7b, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x7d, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69,
|
||||
0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x73, 0x2f, 0x7b, 0x73, 0x65, 0x72, 0x76,
|
||||
0x69, 0x63, 0x65, 0x5f, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x7d, 0x62, 0x06, 0x70, 0x72,
|
||||
0x6f, 0x74, 0x6f, 0x33,
|
||||
}
|
||||
|
||||
var (
|
||||
file_google_iam_credentials_v1_common_proto_rawDescOnce sync.Once
|
||||
file_google_iam_credentials_v1_common_proto_rawDescData = file_google_iam_credentials_v1_common_proto_rawDesc
|
||||
)
|
||||
|
||||
func file_google_iam_credentials_v1_common_proto_rawDescGZIP() []byte {
|
||||
file_google_iam_credentials_v1_common_proto_rawDescOnce.Do(func() {
|
||||
file_google_iam_credentials_v1_common_proto_rawDescData = protoimpl.X.CompressGZIP(file_google_iam_credentials_v1_common_proto_rawDescData)
|
||||
})
|
||||
return file_google_iam_credentials_v1_common_proto_rawDescData
|
||||
}
|
||||
|
||||
var file_google_iam_credentials_v1_common_proto_msgTypes = make([]protoimpl.MessageInfo, 8)
|
||||
var file_google_iam_credentials_v1_common_proto_goTypes = []interface{}{
|
||||
(*GenerateAccessTokenRequest)(nil), // 0: google.iam.credentials.v1.GenerateAccessTokenRequest
|
||||
(*GenerateAccessTokenResponse)(nil), // 1: google.iam.credentials.v1.GenerateAccessTokenResponse
|
||||
(*SignBlobRequest)(nil), // 2: google.iam.credentials.v1.SignBlobRequest
|
||||
(*SignBlobResponse)(nil), // 3: google.iam.credentials.v1.SignBlobResponse
|
||||
(*SignJwtRequest)(nil), // 4: google.iam.credentials.v1.SignJwtRequest
|
||||
(*SignJwtResponse)(nil), // 5: google.iam.credentials.v1.SignJwtResponse
|
||||
(*GenerateIdTokenRequest)(nil), // 6: google.iam.credentials.v1.GenerateIdTokenRequest
|
||||
(*GenerateIdTokenResponse)(nil), // 7: google.iam.credentials.v1.GenerateIdTokenResponse
|
||||
(*durationpb.Duration)(nil), // 8: google.protobuf.Duration
|
||||
(*timestamppb.Timestamp)(nil), // 9: google.protobuf.Timestamp
|
||||
}
|
||||
var file_google_iam_credentials_v1_common_proto_depIdxs = []int32{
|
||||
8, // 0: google.iam.credentials.v1.GenerateAccessTokenRequest.lifetime:type_name -> google.protobuf.Duration
|
||||
9, // 1: google.iam.credentials.v1.GenerateAccessTokenResponse.expire_time:type_name -> google.protobuf.Timestamp
|
||||
2, // [2:2] is the sub-list for method output_type
|
||||
2, // [2:2] is the sub-list for method input_type
|
||||
2, // [2:2] is the sub-list for extension type_name
|
||||
2, // [2:2] is the sub-list for extension extendee
|
||||
0, // [0:2] is the sub-list for field type_name
|
||||
}
|
||||
|
||||
func init() { file_google_iam_credentials_v1_common_proto_init() }
|
||||
func file_google_iam_credentials_v1_common_proto_init() {
|
||||
if File_google_iam_credentials_v1_common_proto != nil {
|
||||
return
|
||||
}
|
||||
if !protoimpl.UnsafeEnabled {
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*GenerateAccessTokenRequest); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*GenerateAccessTokenResponse); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*SignBlobRequest); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*SignBlobResponse); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*SignJwtRequest); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*SignJwtResponse); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*GenerateIdTokenRequest); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
|
||||
switch v := v.(*GenerateIdTokenResponse); i {
|
||||
case 0:
|
||||
return &v.state
|
||||
case 1:
|
||||
return &v.sizeCache
|
||||
case 2:
|
||||
return &v.unknownFields
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
}
|
||||
type x struct{}
|
||||
out := protoimpl.TypeBuilder{
|
||||
File: protoimpl.DescBuilder{
|
||||
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
||||
RawDescriptor: file_google_iam_credentials_v1_common_proto_rawDesc,
|
||||
NumEnums: 0,
|
||||
NumMessages: 8,
|
||||
NumExtensions: 0,
|
||||
NumServices: 0,
|
||||
},
|
||||
GoTypes: file_google_iam_credentials_v1_common_proto_goTypes,
|
||||
DependencyIndexes: file_google_iam_credentials_v1_common_proto_depIdxs,
|
||||
MessageInfos: file_google_iam_credentials_v1_common_proto_msgTypes,
|
||||
}.Build()
|
||||
File_google_iam_credentials_v1_common_proto = out.File
|
||||
file_google_iam_credentials_v1_common_proto_rawDesc = nil
|
||||
file_google_iam_credentials_v1_common_proto_goTypes = nil
|
||||
file_google_iam_credentials_v1_common_proto_depIdxs = nil
|
||||
}
|
378
vendor/google.golang.org/genproto/googleapis/iam/credentials/v1/iamcredentials.pb.go
generated
vendored
Normal file
378
vendor/google.golang.org/genproto/googleapis/iam/credentials/v1/iamcredentials.pb.go
generated
vendored
Normal file
|
@ -0,0 +1,378 @@
|
|||
// Copyright 2020 Google LLC
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
// Code generated by protoc-gen-go. DO NOT EDIT.
|
||||
// versions:
|
||||
// protoc-gen-go v1.25.0
|
||||
// protoc v3.13.0
|
||||
// source: google/iam/credentials/v1/iamcredentials.proto
|
||||
|
||||
package credentials
|
||||
|
||||
import (
|
||||
context "context"
|
||||
reflect "reflect"
|
||||
|
||||
proto "github.com/golang/protobuf/proto"
|
||||
_ "google.golang.org/genproto/googleapis/api/annotations"
|
||||
grpc "google.golang.org/grpc"
|
||||
codes "google.golang.org/grpc/codes"
|
||||
status "google.golang.org/grpc/status"
|
||||
protoreflect "google.golang.org/protobuf/reflect/protoreflect"
|
||||
protoimpl "google.golang.org/protobuf/runtime/protoimpl"
|
||||
)
|
||||
|
||||
const (
|
||||
// Verify that this generated code is sufficiently up-to-date.
|
||||
_ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion)
|
||||
// Verify that runtime/protoimpl is sufficiently up-to-date.
|
||||
_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
|
||||
)
|
||||
|
||||
// This is a compile-time assertion that a sufficiently up-to-date version
|
||||
// of the legacy proto package is being used.
|
||||
const _ = proto.ProtoPackageIsVersion4
|
||||
|
||||
var File_google_iam_credentials_v1_iamcredentials_proto protoreflect.FileDescriptor
|
||||
|
||||
var file_google_iam_credentials_v1_iamcredentials_proto_rawDesc = []byte{
|
||||
0x0a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x69, 0x61, 0x6d, 0x2f, 0x63, 0x72, 0x65,
|
||||
0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x69, 0x61, 0x6d, 0x63,
|
||||
0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
|
||||
0x12, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65,
|
||||
0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x1a, 0x1c, 0x67, 0x6f, 0x6f,
|
||||
0x67, 0x6c, 0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
|
||||
0x6f, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x17, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
|
||||
0x65, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f,
|
||||
0x74, 0x6f, 0x1a, 0x26, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x69, 0x61, 0x6d, 0x2f, 0x63,
|
||||
0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2f, 0x76, 0x31, 0x2f, 0x63, 0x6f,
|
||||
0x6d, 0x6d, 0x6f, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x32, 0xad, 0x07, 0x0a, 0x0e, 0x49,
|
||||
0x41, 0x4d, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x12, 0xec, 0x01,
|
||||
0x0a, 0x13, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
|
||||
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, 0x35, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69,
|
||||
0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76,
|
||||
0x31, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73,
|
||||
0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x36, 0x2e, 0x67,
|
||||
0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e,
|
||||
0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74,
|
||||
0x65, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x73, 0x70,
|
||||
0x6f, 0x6e, 0x73, 0x65, 0x22, 0x66, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x40, 0x22, 0x3b, 0x2f, 0x76,
|
||||
0x31, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73,
|
||||
0x2f, 0x2a, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e,
|
||||
0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x41, 0x63,
|
||||
0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x1d, 0x6e,
|
||||
0x61, 0x6d, 0x65, 0x2c, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x2c, 0x73, 0x63,
|
||||
0x6f, 0x70, 0x65, 0x2c, 0x6c, 0x69, 0x66, 0x65, 0x74, 0x69, 0x6d, 0x65, 0x12, 0xe4, 0x01, 0x0a,
|
||||
0x0f, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x49, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e,
|
||||
0x12, 0x31, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72,
|
||||
0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x47, 0x65, 0x6e,
|
||||
0x65, 0x72, 0x61, 0x74, 0x65, 0x49, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52, 0x65, 0x71, 0x75,
|
||||
0x65, 0x73, 0x74, 0x1a, 0x32, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d,
|
||||
0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x2e,
|
||||
0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x49, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x52,
|
||||
0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x6a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x3c, 0x22,
|
||||
0x37, 0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65,
|
||||
0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63,
|
||||
0x6f, 0x75, 0x6e, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74,
|
||||
0x65, 0x49, 0x64, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x25, 0x6e, 0x61,
|
||||
0x6d, 0x65, 0x2c, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x2c, 0x61, 0x75, 0x64,
|
||||
0x69, 0x65, 0x6e, 0x63, 0x65, 0x2c, 0x69, 0x6e, 0x63, 0x6c, 0x75, 0x64, 0x65, 0x5f, 0x65, 0x6d,
|
||||
0x61, 0x69, 0x6c, 0x12, 0xb9, 0x01, 0x0a, 0x08, 0x53, 0x69, 0x67, 0x6e, 0x42, 0x6c, 0x6f, 0x62,
|
||||
0x12, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72,
|
||||
0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x69, 0x67,
|
||||
0x6e, 0x42, 0x6c, 0x6f, 0x62, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2b, 0x2e, 0x67,
|
||||
0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e,
|
||||
0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x69, 0x67, 0x6e, 0x42, 0x6c, 0x6f,
|
||||
0x62, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x54, 0x82, 0xd3, 0xe4, 0x93, 0x02,
|
||||
0x35, 0x22, 0x30, 0x2f, 0x76, 0x31, 0x2f, 0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f,
|
||||
0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a, 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41,
|
||||
0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x73, 0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x69, 0x67, 0x6e, 0x42,
|
||||
0x6c, 0x6f, 0x62, 0x3a, 0x01, 0x2a, 0xda, 0x41, 0x16, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x64, 0x65,
|
||||
0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x2c, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12,
|
||||
0xb5, 0x01, 0x0a, 0x07, 0x53, 0x69, 0x67, 0x6e, 0x4a, 0x77, 0x74, 0x12, 0x29, 0x2e, 0x67, 0x6f,
|
||||
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74,
|
||||
0x69, 0x61, 0x6c, 0x73, 0x2e, 0x76, 0x31, 0x2e, 0x53, 0x69, 0x67, 0x6e, 0x4a, 0x77, 0x74, 0x52,
|
||||
0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
|
||||
0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e,
|
||||
0x76, 0x31, 0x2e, 0x53, 0x69, 0x67, 0x6e, 0x4a, 0x77, 0x74, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e,
|
||||
0x73, 0x65, 0x22, 0x53, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x34, 0x22, 0x2f, 0x2f, 0x76, 0x31, 0x2f,
|
||||
0x7b, 0x6e, 0x61, 0x6d, 0x65, 0x3d, 0x70, 0x72, 0x6f, 0x6a, 0x65, 0x63, 0x74, 0x73, 0x2f, 0x2a,
|
||||
0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x73,
|
||||
0x2f, 0x2a, 0x7d, 0x3a, 0x73, 0x69, 0x67, 0x6e, 0x4a, 0x77, 0x74, 0x3a, 0x01, 0x2a, 0xda, 0x41,
|
||||
0x16, 0x6e, 0x61, 0x6d, 0x65, 0x2c, 0x64, 0x65, 0x6c, 0x65, 0x67, 0x61, 0x74, 0x65, 0x73, 0x2c,
|
||||
0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x1a, 0x51, 0xca, 0x41, 0x1d, 0x69, 0x61, 0x6d, 0x63,
|
||||
0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
|
||||
0x65, 0x61, 0x70, 0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0xd2, 0x41, 0x2e, 0x68, 0x74, 0x74, 0x70,
|
||||
0x73, 0x3a, 0x2f, 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70,
|
||||
0x69, 0x73, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x63, 0x6c, 0x6f, 0x75,
|
||||
0x64, 0x2d, 0x70, 0x6c, 0x61, 0x74, 0x66, 0x6f, 0x72, 0x6d, 0x42, 0xa7, 0x01, 0x0a, 0x23, 0x63,
|
||||
0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e,
|
||||
0x69, 0x61, 0x6d, 0x2e, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0x2e,
|
||||
0x76, 0x31, 0x42, 0x13, 0x49, 0x41, 0x4d, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61,
|
||||
0x6c, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x44, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
|
||||
0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, 0x67, 0x65, 0x6e,
|
||||
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x61, 0x70, 0x69, 0x73,
|
||||
0x2f, 0x69, 0x61, 0x6d, 0x2f, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73,
|
||||
0x2f, 0x76, 0x31, 0x3b, 0x63, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x73, 0xf8,
|
||||
0x01, 0x01, 0xaa, 0x02, 0x1f, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75,
|
||||
0x64, 0x2e, 0x49, 0x61, 0x6d, 0x2e, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c,
|
||||
0x73, 0x2e, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
|
||||
}
|
||||
|
||||
var file_google_iam_credentials_v1_iamcredentials_proto_goTypes = []interface{}{
|
||||
(*GenerateAccessTokenRequest)(nil), // 0: google.iam.credentials.v1.GenerateAccessTokenRequest
|
||||
(*GenerateIdTokenRequest)(nil), // 1: google.iam.credentials.v1.GenerateIdTokenRequest
|
||||
(*SignBlobRequest)(nil), // 2: google.iam.credentials.v1.SignBlobRequest
|
||||
(*SignJwtRequest)(nil), // 3: google.iam.credentials.v1.SignJwtRequest
|
||||
(*GenerateAccessTokenResponse)(nil), // 4: google.iam.credentials.v1.GenerateAccessTokenResponse
|
||||
(*GenerateIdTokenResponse)(nil), // 5: google.iam.credentials.v1.GenerateIdTokenResponse
|
||||
(*SignBlobResponse)(nil), // 6: google.iam.credentials.v1.SignBlobResponse
|
||||
(*SignJwtResponse)(nil), // 7: google.iam.credentials.v1.SignJwtResponse
|
||||
}
|
||||
var file_google_iam_credentials_v1_iamcredentials_proto_depIdxs = []int32{
|
||||
0, // 0: google.iam.credentials.v1.IAMCredentials.GenerateAccessToken:input_type -> google.iam.credentials.v1.GenerateAccessTokenRequest
|
||||
1, // 1: google.iam.credentials.v1.IAMCredentials.GenerateIdToken:input_type -> google.iam.credentials.v1.GenerateIdTokenRequest
|
||||
2, // 2: google.iam.credentials.v1.IAMCredentials.SignBlob:input_type -> google.iam.credentials.v1.SignBlobRequest
|
||||
3, // 3: google.iam.credentials.v1.IAMCredentials.SignJwt:input_type -> google.iam.credentials.v1.SignJwtRequest
|
||||
4, // 4: google.iam.credentials.v1.IAMCredentials.GenerateAccessToken:output_type -> google.iam.credentials.v1.GenerateAccessTokenResponse
|
||||
5, // 5: google.iam.credentials.v1.IAMCredentials.GenerateIdToken:output_type -> google.iam.credentials.v1.GenerateIdTokenResponse
|
||||
6, // 6: google.iam.credentials.v1.IAMCredentials.SignBlob:output_type -> google.iam.credentials.v1.SignBlobResponse
|
||||
7, // 7: google.iam.credentials.v1.IAMCredentials.SignJwt:output_type -> google.iam.credentials.v1.SignJwtResponse
|
||||
4, // [4:8] is the sub-list for method output_type
|
||||
0, // [0:4] is the sub-list for method input_type
|
||||
0, // [0:0] is the sub-list for extension type_name
|
||||
0, // [0:0] is the sub-list for extension extendee
|
||||
0, // [0:0] is the sub-list for field type_name
|
||||
}
|
||||
|
||||
func init() { file_google_iam_credentials_v1_iamcredentials_proto_init() }
|
||||
func file_google_iam_credentials_v1_iamcredentials_proto_init() {
|
||||
if File_google_iam_credentials_v1_iamcredentials_proto != nil {
|
||||
return
|
||||
}
|
||||
file_google_iam_credentials_v1_common_proto_init()
|
||||
type x struct{}
|
||||
out := protoimpl.TypeBuilder{
|
||||
File: protoimpl.DescBuilder{
|
||||
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
|
||||
RawDescriptor: file_google_iam_credentials_v1_iamcredentials_proto_rawDesc,
|
||||
NumEnums: 0,
|
||||
NumMessages: 0,
|
||||
NumExtensions: 0,
|
||||
NumServices: 1,
|
||||
},
|
||||
GoTypes: file_google_iam_credentials_v1_iamcredentials_proto_goTypes,
|
||||
DependencyIndexes: file_google_iam_credentials_v1_iamcredentials_proto_depIdxs,
|
||||
}.Build()
|
||||
File_google_iam_credentials_v1_iamcredentials_proto = out.File
|
||||
file_google_iam_credentials_v1_iamcredentials_proto_rawDesc = nil
|
||||
file_google_iam_credentials_v1_iamcredentials_proto_goTypes = nil
|
||||
file_google_iam_credentials_v1_iamcredentials_proto_depIdxs = nil
|
||||
}
|
||||
|
||||
// Reference imports to suppress errors if they are not otherwise used.
|
||||
var _ context.Context
|
||||
var _ grpc.ClientConnInterface
|
||||
|
||||
// This is a compile-time assertion to ensure that this generated file
|
||||
// is compatible with the grpc package it is being compiled against.
|
||||
const _ = grpc.SupportPackageIsVersion6
|
||||
|
||||
// IAMCredentialsClient is the client API for IAMCredentials service.
|
||||
//
|
||||
// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
|
||||
type IAMCredentialsClient interface {
|
||||
// Generates an OAuth 2.0 access token for a service account.
|
||||
GenerateAccessToken(ctx context.Context, in *GenerateAccessTokenRequest, opts ...grpc.CallOption) (*GenerateAccessTokenResponse, error)
|
||||
// Generates an OpenID Connect ID token for a service account.
|
||||
GenerateIdToken(ctx context.Context, in *GenerateIdTokenRequest, opts ...grpc.CallOption) (*GenerateIdTokenResponse, error)
|
||||
// Signs a blob using a service account's system-managed private key.
|
||||
SignBlob(ctx context.Context, in *SignBlobRequest, opts ...grpc.CallOption) (*SignBlobResponse, error)
|
||||
// Signs a JWT using a service account's system-managed private key.
|
||||
SignJwt(ctx context.Context, in *SignJwtRequest, opts ...grpc.CallOption) (*SignJwtResponse, error)
|
||||
}
|
||||
|
||||
type iAMCredentialsClient struct {
|
||||
cc grpc.ClientConnInterface
|
||||
}
|
||||
|
||||
func NewIAMCredentialsClient(cc grpc.ClientConnInterface) IAMCredentialsClient {
|
||||
return &iAMCredentialsClient{cc}
|
||||
}
|
||||
|
||||
func (c *iAMCredentialsClient) GenerateAccessToken(ctx context.Context, in *GenerateAccessTokenRequest, opts ...grpc.CallOption) (*GenerateAccessTokenResponse, error) {
|
||||
out := new(GenerateAccessTokenResponse)
|
||||
err := c.cc.Invoke(ctx, "/google.iam.credentials.v1.IAMCredentials/GenerateAccessToken", in, out, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func (c *iAMCredentialsClient) GenerateIdToken(ctx context.Context, in *GenerateIdTokenRequest, opts ...grpc.CallOption) (*GenerateIdTokenResponse, error) {
|
||||
out := new(GenerateIdTokenResponse)
|
||||
err := c.cc.Invoke(ctx, "/google.iam.credentials.v1.IAMCredentials/GenerateIdToken", in, out, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func (c *iAMCredentialsClient) SignBlob(ctx context.Context, in *SignBlobRequest, opts ...grpc.CallOption) (*SignBlobResponse, error) {
|
||||
out := new(SignBlobResponse)
|
||||
err := c.cc.Invoke(ctx, "/google.iam.credentials.v1.IAMCredentials/SignBlob", in, out, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return out, nil
|
||||
}
|
||||
|
||||
func (c *iAMCredentialsClient) SignJwt(ctx context.Context, in *SignJwtRequest, opts ...grpc.CallOption) (*SignJwtResponse, error) {
|
||||
out := new(SignJwtResponse)
|
||||
err := c.cc.Invoke(ctx, "/google.iam.credentials.v1.IAMCredentials/SignJwt", in, out, opts...)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return out, nil
|
||||
}
|
||||
|
||||
// IAMCredentialsServer is the server API for IAMCredentials service.
|
||||
type IAMCredentialsServer interface {
|
||||
// Generates an OAuth 2.0 access token for a service account.
|
||||
GenerateAccessToken(context.Context, *GenerateAccessTokenRequest) (*GenerateAccessTokenResponse, error)
|
||||
// Generates an OpenID Connect ID token for a service account.
|
||||
GenerateIdToken(context.Context, *GenerateIdTokenRequest) (*GenerateIdTokenResponse, error)
|
||||
// Signs a blob using a service account's system-managed private key.
|
||||
SignBlob(context.Context, *SignBlobRequest) (*SignBlobResponse, error)
|
||||
// Signs a JWT using a service account's system-managed private key.
|
||||
SignJwt(context.Context, *SignJwtRequest) (*SignJwtResponse, error)
|
||||
}
|
||||
|
||||
// UnimplementedIAMCredentialsServer can be embedded to have forward compatible implementations.
|
||||
type UnimplementedIAMCredentialsServer struct {
|
||||
}
|
||||
|
||||
func (*UnimplementedIAMCredentialsServer) GenerateAccessToken(context.Context, *GenerateAccessTokenRequest) (*GenerateAccessTokenResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method GenerateAccessToken not implemented")
|
||||
}
|
||||
func (*UnimplementedIAMCredentialsServer) GenerateIdToken(context.Context, *GenerateIdTokenRequest) (*GenerateIdTokenResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method GenerateIdToken not implemented")
|
||||
}
|
||||
func (*UnimplementedIAMCredentialsServer) SignBlob(context.Context, *SignBlobRequest) (*SignBlobResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method SignBlob not implemented")
|
||||
}
|
||||
func (*UnimplementedIAMCredentialsServer) SignJwt(context.Context, *SignJwtRequest) (*SignJwtResponse, error) {
|
||||
return nil, status.Errorf(codes.Unimplemented, "method SignJwt not implemented")
|
||||
}
|
||||
|
||||
func RegisterIAMCredentialsServer(s *grpc.Server, srv IAMCredentialsServer) {
|
||||
s.RegisterService(&_IAMCredentials_serviceDesc, srv)
|
||||
}
|
||||
|
||||
func _IAMCredentials_GenerateAccessToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(GenerateAccessTokenRequest)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if interceptor == nil {
|
||||
return srv.(IAMCredentialsServer).GenerateAccessToken(ctx, in)
|
||||
}
|
||||
info := &grpc.UnaryServerInfo{
|
||||
Server: srv,
|
||||
FullMethod: "/google.iam.credentials.v1.IAMCredentials/GenerateAccessToken",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(IAMCredentialsServer).GenerateAccessToken(ctx, req.(*GenerateAccessTokenRequest))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
func _IAMCredentials_GenerateIdToken_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(GenerateIdTokenRequest)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if interceptor == nil {
|
||||
return srv.(IAMCredentialsServer).GenerateIdToken(ctx, in)
|
||||
}
|
||||
info := &grpc.UnaryServerInfo{
|
||||
Server: srv,
|
||||
FullMethod: "/google.iam.credentials.v1.IAMCredentials/GenerateIdToken",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(IAMCredentialsServer).GenerateIdToken(ctx, req.(*GenerateIdTokenRequest))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
func _IAMCredentials_SignBlob_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(SignBlobRequest)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if interceptor == nil {
|
||||
return srv.(IAMCredentialsServer).SignBlob(ctx, in)
|
||||
}
|
||||
info := &grpc.UnaryServerInfo{
|
||||
Server: srv,
|
||||
FullMethod: "/google.iam.credentials.v1.IAMCredentials/SignBlob",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(IAMCredentialsServer).SignBlob(ctx, req.(*SignBlobRequest))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
func _IAMCredentials_SignJwt_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) {
|
||||
in := new(SignJwtRequest)
|
||||
if err := dec(in); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if interceptor == nil {
|
||||
return srv.(IAMCredentialsServer).SignJwt(ctx, in)
|
||||
}
|
||||
info := &grpc.UnaryServerInfo{
|
||||
Server: srv,
|
||||
FullMethod: "/google.iam.credentials.v1.IAMCredentials/SignJwt",
|
||||
}
|
||||
handler := func(ctx context.Context, req interface{}) (interface{}, error) {
|
||||
return srv.(IAMCredentialsServer).SignJwt(ctx, req.(*SignJwtRequest))
|
||||
}
|
||||
return interceptor(ctx, in, info, handler)
|
||||
}
|
||||
|
||||
var _IAMCredentials_serviceDesc = grpc.ServiceDesc{
|
||||
ServiceName: "google.iam.credentials.v1.IAMCredentials",
|
||||
HandlerType: (*IAMCredentialsServer)(nil),
|
||||
Methods: []grpc.MethodDesc{
|
||||
{
|
||||
MethodName: "GenerateAccessToken",
|
||||
Handler: _IAMCredentials_GenerateAccessToken_Handler,
|
||||
},
|
||||
{
|
||||
MethodName: "GenerateIdToken",
|
||||
Handler: _IAMCredentials_GenerateIdToken_Handler,
|
||||
},
|
||||
{
|
||||
MethodName: "SignBlob",
|
||||
Handler: _IAMCredentials_SignBlob_Handler,
|
||||
},
|
||||
{
|
||||
MethodName: "SignJwt",
|
||||
Handler: _IAMCredentials_SignJwt_Handler,
|
||||
},
|
||||
},
|
||||
Streams: []grpc.StreamDesc{},
|
||||
Metadata: "google/iam/credentials/v1/iamcredentials.proto",
|
||||
}
|
22
vendor/honnef.co/go/tools/pattern/match.go
vendored
22
vendor/honnef.co/go/tools/pattern/match.go
vendored
|
@ -242,6 +242,28 @@ func match(m *Matcher, l, r interface{}) (interface{}, bool) {
|
|||
}
|
||||
}
|
||||
|
||||
{
|
||||
ln, ok1 := l.([]*ast.Field)
|
||||
rn, ok2 := r.([]*ast.Field)
|
||||
if ok1 || ok2 {
|
||||
if ok1 && !ok2 {
|
||||
rn = []*ast.Field{r.(*ast.Field)}
|
||||
} else if !ok1 && ok2 {
|
||||
ln = []*ast.Field{l.(*ast.Field)}
|
||||
}
|
||||
|
||||
if len(ln) != len(rn) {
|
||||
return nil, false
|
||||
}
|
||||
for i, ll := range ln {
|
||||
if _, ok := match(m, ll, rn[i]); !ok {
|
||||
return nil, false
|
||||
}
|
||||
}
|
||||
return r, true
|
||||
}
|
||||
}
|
||||
|
||||
panic(fmt.Sprintf("unsupported comparison: %T and %T", l, r))
|
||||
}
|
||||
|
||||
|
|
|
@ -1721,6 +1721,10 @@ func CheckUnreadVariableValues(pass *analysis.Pass) (interface{}, error) {
|
|||
continue
|
||||
}
|
||||
|
||||
if _, ok := val.(*ir.Const); ok {
|
||||
// a zero-valued constant, for example in 'foo := []string(nil)'
|
||||
continue
|
||||
}
|
||||
if !hasUse(val, nil) {
|
||||
report.Report(pass, assign, fmt.Sprintf("this value of %s is never used", lhs))
|
||||
}
|
||||
|
|
2
vendor/honnef.co/go/tools/version/version.go
vendored
2
vendor/honnef.co/go/tools/version/version.go
vendored
|
@ -7,7 +7,7 @@ import (
|
|||
"runtime"
|
||||
)
|
||||
|
||||
const Version = "2020.1.4"
|
||||
const Version = "2020.1.5"
|
||||
|
||||
// version returns a version descriptor and reports whether the
|
||||
// version is a known release.
|
||||
|
|
5
vendor/modules.txt
vendored
5
vendor/modules.txt
vendored
|
@ -3,6 +3,7 @@
|
|||
cloud.google.com/go
|
||||
cloud.google.com/go/compute/metadata
|
||||
cloud.google.com/go/iam
|
||||
cloud.google.com/go/iam/credentials/apiv1
|
||||
cloud.google.com/go/internal
|
||||
cloud.google.com/go/internal/btree
|
||||
cloud.google.com/go/internal/fields
|
||||
|
@ -688,6 +689,7 @@ google.golang.org/appengine/urlfetch
|
|||
google.golang.org/genproto/googleapis/api/annotations
|
||||
google.golang.org/genproto/googleapis/firestore/admin/v1
|
||||
google.golang.org/genproto/googleapis/firestore/v1
|
||||
google.golang.org/genproto/googleapis/iam/credentials/v1
|
||||
google.golang.org/genproto/googleapis/iam/v1
|
||||
google.golang.org/genproto/googleapis/longrunning
|
||||
google.golang.org/genproto/googleapis/rpc/code
|
||||
|
@ -815,7 +817,8 @@ gopkg.in/yaml.v2
|
|||
# gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
|
||||
## explicit
|
||||
gopkg.in/yaml.v3
|
||||
# honnef.co/go/tools v0.0.1-2020.1.4
|
||||
# honnef.co/go/tools v0.0.1-2020.1.5
|
||||
## explicit
|
||||
honnef.co/go/tools/arg
|
||||
honnef.co/go/tools/cmd/staticcheck
|
||||
honnef.co/go/tools/code
|
||||
|
|
Loading…
Reference in a new issue