| // Copyright 2021 Google LLC |
| // |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file or at |
| // https://developers.google.com/open-source/licenses/bsd |
| |
| // This is a generated file (see the discoveryapis_generator project). |
| |
| // ignore_for_file: camel_case_types |
| // ignore_for_file: comment_references |
| // ignore_for_file: deprecated_member_use_from_same_package |
| // ignore_for_file: doc_directive_unknown |
| // ignore_for_file: lines_longer_than_80_chars |
| // ignore_for_file: non_constant_identifier_names |
| // ignore_for_file: prefer_interpolation_to_compose_strings |
| // ignore_for_file: unintended_html_in_doc_comment |
| // ignore_for_file: unnecessary_brace_in_string_interps |
| // ignore_for_file: unnecessary_lambdas |
| // ignore_for_file: unnecessary_string_interpolations |
| |
| /// Certificate Authority API - v1 |
| /// |
| /// The Certificate Authority Service API is a highly-available, scalable |
| /// service that enables you to simplify and automate the management of private |
| /// certificate authorities (CAs) while staying in control of your private keys. |
| /// |
| /// For more information, see <https://cloud.google.com/> |
| /// |
| /// Create an instance of [CertificateAuthorityServiceApi] to access these |
| /// resources: |
| /// |
| /// - [ProjectsResource] |
| /// - [ProjectsLocationsResource] |
| /// - [ProjectsLocationsCaPoolsResource] |
| /// - [ProjectsLocationsCaPoolsCertificateAuthoritiesResource] |
| /// - |
| /// [ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource] |
| /// - [ProjectsLocationsCaPoolsCertificatesResource] |
| /// - [ProjectsLocationsCertificateTemplatesResource] |
| /// - [ProjectsLocationsOperationsResource] |
| library; |
| |
| import 'dart:async' as async; |
| import 'dart:convert' as convert; |
| import 'dart:core' as core; |
| |
| import 'package:_discoveryapis_commons/_discoveryapis_commons.dart' as commons; |
| import 'package:http/http.dart' as http; |
| |
| import '../shared.dart'; |
| import '../src/user_agent.dart'; |
| |
| export 'package:_discoveryapis_commons/_discoveryapis_commons.dart' |
| show ApiRequestError, DetailedApiRequestError; |
| |
| /// The Certificate Authority Service API is a highly-available, scalable |
| /// service that enables you to simplify and automate the management of private |
| /// certificate authorities (CAs) while staying in control of your private keys. |
| class CertificateAuthorityServiceApi { |
| /// See, edit, configure, and delete your Google Cloud data and see the email |
| /// address for your Google Account. |
| static const cloudPlatformScope = |
| 'https://www.googleapis.com/auth/cloud-platform'; |
| |
| final commons.ApiRequester _requester; |
| |
| ProjectsResource get projects => ProjectsResource(_requester); |
| |
| CertificateAuthorityServiceApi( |
| http.Client client, { |
| core.String rootUrl = 'https://privateca.googleapis.com/', |
| core.String servicePath = '', |
| }) : _requester = commons.ApiRequester( |
| client, |
| rootUrl, |
| servicePath, |
| requestHeaders, |
| ); |
| } |
| |
| class ProjectsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsResource get locations => |
| ProjectsLocationsResource(_requester); |
| |
| ProjectsResource(commons.ApiRequester client) : _requester = client; |
| } |
| |
| class ProjectsLocationsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsCaPoolsResource get caPools => |
| ProjectsLocationsCaPoolsResource(_requester); |
| ProjectsLocationsCertificateTemplatesResource get certificateTemplates => |
| ProjectsLocationsCertificateTemplatesResource(_requester); |
| ProjectsLocationsOperationsResource get operations => |
| ProjectsLocationsOperationsResource(_requester); |
| |
| ProjectsLocationsResource(commons.ApiRequester client) : _requester = client; |
| |
| /// Gets information about a location. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Resource name for the location. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Location]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Location> get(core.String name, {core.String? $fields}) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Location.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists information about the supported locations for this service. |
| /// |
| /// This method lists locations based on the resource scope provided in the |
| /// \[ListLocationsRequest.name\] field: * **Global locations**: If `name` is |
| /// empty, the method lists the public locations available to all projects. * |
| /// **Project-specific locations**: If `name` follows the format |
| /// `projects/{project}`, the method lists locations visible to that specific |
| /// project. This includes public, private, or other project-specific |
| /// locations enabled for the project. For gRPC and client library |
| /// implementations, the resource name is passed as the `name` field. For |
| /// direct service calls, the resource name is incorporated into the request |
| /// path based on the specific service implementation and version. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The resource that owns the locations collection, if applicable. |
| /// Value must have pattern `^projects/\[^/\]+$`. |
| /// |
| /// [extraLocationTypes] - Optional. Do not use this field. It is unsupported |
| /// and is ignored unless explicitly documented otherwise. This is primarily |
| /// for internal usage. |
| /// |
| /// [filter] - A filter to narrow down results to a preferred subset. The |
| /// filtering language accepts strings like `"displayName=tokyo"`, and is |
| /// documented in more detail in \[AIP-160\](https://google.aip.dev/160). |
| /// |
| /// [pageSize] - The maximum number of results to return. If not set, the |
| /// service selects a default. |
| /// |
| /// [pageToken] - A page token received from the `next_page_token` field in |
| /// the response. Send that page token to receive the subsequent page. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListLocationsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListLocationsResponse> list( |
| core.String name, { |
| core.List<core.String>? extraLocationTypes, |
| core.String? filter, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'extraLocationTypes': ?extraLocationTypes, |
| 'filter': ?filter == null ? null : [filter], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + '/locations'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListLocationsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| class ProjectsLocationsCaPoolsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsCaPoolsCertificateAuthoritiesResource |
| get certificateAuthorities => |
| ProjectsLocationsCaPoolsCertificateAuthoritiesResource(_requester); |
| ProjectsLocationsCaPoolsCertificatesResource get certificates => |
| ProjectsLocationsCaPoolsCertificatesResource(_requester); |
| |
| ProjectsLocationsCaPoolsResource(commons.ApiRequester client) |
| : _requester = client; |
| |
| /// Create a CaPool. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the location associated with the |
| /// CaPool, in the format `projects / * /locations / * `. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [caPoolId] - Required. It must be unique within a location and match the |
| /// regular expression `[a-zA-Z0-9_-]{1,63}` |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> create( |
| CaPool request, |
| core.String parent, { |
| core.String? caPoolId, |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'caPoolId': ?caPoolId == null ? null : [caPoolId], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$parent') + '/caPools'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Delete a CaPool. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CaPool in the format |
| /// `projects / * /locations / * /caPools / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [ignoreDependentResources] - Optional. This field allows this pool to be |
| /// deleted even if it's being depended on by another resource. However, doing |
| /// so may result in unintended and unrecoverable effects on any dependent |
| /// resources since the pool will no longer be able to issue certificates. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> delete( |
| core.String name, { |
| core.bool? ignoreDependentResources, |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'ignoreDependentResources': ?ignoreDependentResources == null |
| ? null |
| : ['${ignoreDependentResources}'], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'DELETE', |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// FetchCaCerts returns the current trust anchor for the CaPool. |
| /// |
| /// This will include CA certificate chains for all certificate authorities in |
| /// the ENABLED, DISABLED, or STAGED states. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [caPool] - Required. The resource name for the CaPool in the format |
| /// `projects / * /locations / * /caPools / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [FetchCaCertsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<FetchCaCertsResponse> fetchCaCerts( |
| FetchCaCertsRequest request, |
| core.String caPool, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$caPool') + ':fetchCaCerts'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return FetchCaCertsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Returns a CaPool. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The name of the CaPool to get. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [CaPool]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<CaPool> get(core.String name, {core.String? $fields}) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return CaPool.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Gets the access control policy for a resource. |
| /// |
| /// Returns an empty policy if the resource exists and does not have a policy |
| /// set. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy is being |
| /// requested. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [options_requestedPolicyVersion] - Optional. The maximum policy version |
| /// that will be used to format the policy. Valid values are 0, 1, and 3. |
| /// Requests specifying an invalid value will be rejected. Requests for |
| /// policies with any conditional role bindings must specify version 3. |
| /// Policies with no conditional role bindings may specify any valid value or |
| /// leave the field unset. The policy in the response might use the policy |
| /// version that you specified, or it might use a lower policy version. For |
| /// example, if you specify version 3, but the policy has no conditional role |
| /// bindings, the response uses version 1. To learn which resources support |
| /// conditions in their IAM policies, see the |
| /// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Policy]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Policy> getIamPolicy( |
| core.String resource, { |
| core.int? options_requestedPolicyVersion, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'options.requestedPolicyVersion': ?options_requestedPolicyVersion == null |
| ? null |
| : ['${options_requestedPolicyVersion}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':getIamPolicy'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists CaPools. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the location associated with the |
| /// CaPools, in the format `projects / * /locations / * `. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [filter] - Optional. Only include resources that match the filter in the |
| /// response. |
| /// |
| /// [orderBy] - Optional. Specify how the results should be sorted. |
| /// |
| /// [pageSize] - Optional. Limit on the number of CaPools to include in the |
| /// response. Further CaPools can subsequently be obtained by including the |
| /// ListCaPoolsResponse.next_page_token in a subsequent request. If |
| /// unspecified, the server will pick an appropriate default. |
| /// |
| /// [pageToken] - Optional. Pagination token, returned earlier via |
| /// ListCaPoolsResponse.next_page_token. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListCaPoolsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListCaPoolsResponse> list( |
| core.String parent, { |
| core.String? filter, |
| core.String? orderBy, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'orderBy': ?orderBy == null ? null : [orderBy], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$parent') + '/caPools'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListCaPoolsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Update a CaPool. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Identifier. The resource name for this CaPool in the format |
| /// `projects / * /locations / * /caPools / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [updateMask] - Required. A list of fields to be updated in this request. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> patch( |
| CaPool request, |
| core.String name, { |
| core.String? requestId, |
| core.String? updateMask, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'updateMask': ?updateMask == null ? null : [updateMask], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'PATCH', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Sets the access control policy on the specified resource. |
| /// |
| /// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, |
| /// and `PERMISSION_DENIED` errors. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy is being |
| /// specified. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Policy]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Policy> setIamPolicy( |
| SetIamPolicyRequest request, |
| core.String resource, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':setIamPolicy'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Returns permissions that a caller has on the specified resource. |
| /// |
| /// If the resource does not exist, this will return an empty set of |
| /// permissions, not a `NOT_FOUND` error. Note: This operation is designed to |
| /// be used for building permission-aware UIs and command-line tools, not for |
| /// authorization checking. This operation may "fail open" without warning. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy detail is being |
| /// requested. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [TestIamPermissionsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<TestIamPermissionsResponse> testIamPermissions( |
| TestIamPermissionsRequest request, |
| core.String resource, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$resource') + ':testIamPermissions'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return TestIamPermissionsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| class ProjectsLocationsCaPoolsCertificateAuthoritiesResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource |
| get certificateRevocationLists => |
| ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource( |
| _requester, |
| ); |
| |
| ProjectsLocationsCaPoolsCertificateAuthoritiesResource( |
| commons.ApiRequester client, |
| ) : _requester = client; |
| |
| /// Activate a CertificateAuthority that is in state AWAITING_USER_ACTIVATION |
| /// and is of type SUBORDINATE. |
| /// |
| /// After the parent Certificate Authority signs a certificate signing request |
| /// from FetchCertificateAuthorityCsr, this method can complete the activation |
| /// process. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateAuthority in the |
| /// format `projects / * /locations / * /caPools / * /certificateAuthorities / |
| /// * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> activate( |
| ActivateCertificateAuthorityRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':activate'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Create a new CertificateAuthority in a given Project and Location. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the CaPool associated with the |
| /// CertificateAuthorities, in the format `projects / * /locations / * |
| /// /caPools / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [certificateAuthorityId] - Required. It must be unique within a location |
| /// and match the regular expression `[a-zA-Z0-9_-]{1,63}` |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> create( |
| CertificateAuthority request, |
| core.String parent, { |
| core.String? certificateAuthorityId, |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'certificateAuthorityId': ?certificateAuthorityId == null |
| ? null |
| : [certificateAuthorityId], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$parent') + '/certificateAuthorities'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Delete a CertificateAuthority. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateAuthority in the |
| /// format `projects / * /locations / * /caPools / * /certificateAuthorities / |
| /// * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [ignoreActiveCertificates] - Optional. This field allows the CA to be |
| /// deleted even if the CA has active certs. Active certs include both |
| /// unrevoked and unexpired certs. |
| /// |
| /// [ignoreDependentResources] - Optional. This field allows this CA to be |
| /// deleted even if it's being depended on by another resource. However, doing |
| /// so may result in unintended and unrecoverable effects on any dependent |
| /// resources since the CA will no longer be able to issue certificates. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [skipGracePeriod] - Optional. If this flag is set, the Certificate |
| /// Authority will be deleted as soon as possible without a 30-day grace |
| /// period where undeletion would have been allowed. If you proceed, there |
| /// will be no way to recover this CA. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> delete( |
| core.String name, { |
| core.bool? ignoreActiveCertificates, |
| core.bool? ignoreDependentResources, |
| core.String? requestId, |
| core.bool? skipGracePeriod, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'ignoreActiveCertificates': ?ignoreActiveCertificates == null |
| ? null |
| : ['${ignoreActiveCertificates}'], |
| 'ignoreDependentResources': ?ignoreDependentResources == null |
| ? null |
| : ['${ignoreDependentResources}'], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'skipGracePeriod': ?skipGracePeriod == null |
| ? null |
| : ['${skipGracePeriod}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'DELETE', |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Disable a CertificateAuthority. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateAuthority in the |
| /// format `projects / * /locations / * /caPools / * /certificateAuthorities / |
| /// * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> disable( |
| DisableCertificateAuthorityRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':disable'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Enable a CertificateAuthority. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateAuthority in the |
| /// format `projects / * /locations / * /caPools / * /certificateAuthorities / |
| /// * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> enable( |
| EnableCertificateAuthorityRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':enable'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Fetch a certificate signing request (CSR) from a CertificateAuthority that |
| /// is in state AWAITING_USER_ACTIVATION and is of type SUBORDINATE. |
| /// |
| /// The CSR must then be signed by the desired parent Certificate Authority, |
| /// which could be another CertificateAuthority resource, or could be an |
| /// on-prem certificate authority. See also ActivateCertificateAuthority. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateAuthority in the |
| /// format `projects / * /locations / * /caPools / * /certificateAuthorities / |
| /// * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [FetchCertificateAuthorityCsrResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<FetchCertificateAuthorityCsrResponse> fetch( |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':fetch'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return FetchCertificateAuthorityCsrResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Returns a CertificateAuthority. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The name of the CertificateAuthority to get. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [CertificateAuthority]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<CertificateAuthority> get( |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return CertificateAuthority.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Lists CertificateAuthorities. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the CaPool associated with the |
| /// CertificateAuthorities, in the format `projects / * /locations / * |
| /// /caPools / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [filter] - Optional. Only include resources that match the filter in the |
| /// response. |
| /// |
| /// [orderBy] - Optional. Specify how the results should be sorted. |
| /// |
| /// [pageSize] - Optional. Limit on the number of CertificateAuthorities to |
| /// include in the response. Further CertificateAuthorities can subsequently |
| /// be obtained by including the |
| /// ListCertificateAuthoritiesResponse.next_page_token in a subsequent |
| /// request. If unspecified, the server will pick an appropriate default. |
| /// |
| /// [pageToken] - Optional. Pagination token, returned earlier via |
| /// ListCertificateAuthoritiesResponse.next_page_token. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListCertificateAuthoritiesResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListCertificateAuthoritiesResponse> list( |
| core.String parent, { |
| core.String? filter, |
| core.String? orderBy, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'orderBy': ?orderBy == null ? null : [orderBy], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$parent') + '/certificateAuthorities'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListCertificateAuthoritiesResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Update a CertificateAuthority. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Identifier. The resource name for this CertificateAuthority in |
| /// the format `projects / * /locations / * /caPools / * |
| /// /certificateAuthorities / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [updateMask] - Required. A list of fields to be updated in this request. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> patch( |
| CertificateAuthority request, |
| core.String name, { |
| core.String? requestId, |
| core.String? updateMask, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'updateMask': ?updateMask == null ? null : [updateMask], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'PATCH', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Undelete a CertificateAuthority that has been deleted. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateAuthority in the |
| /// format `projects / * /locations / * /caPools / * /certificateAuthorities / |
| /// * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> undelete( |
| UndeleteCertificateAuthorityRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':undelete'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| } |
| |
| class ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource( |
| commons.ApiRequester client, |
| ) : _requester = client; |
| |
| /// Returns a CertificateRevocationList. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The name of the CertificateRevocationList to get. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+/certificateRevocationLists/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [CertificateRevocationList]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<CertificateRevocationList> get( |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return CertificateRevocationList.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Gets the access control policy for a resource. |
| /// |
| /// Returns an empty policy if the resource exists and does not have a policy |
| /// set. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy is being |
| /// requested. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+/certificateRevocationLists/\[^/\]+$`. |
| /// |
| /// [options_requestedPolicyVersion] - Optional. The maximum policy version |
| /// that will be used to format the policy. Valid values are 0, 1, and 3. |
| /// Requests specifying an invalid value will be rejected. Requests for |
| /// policies with any conditional role bindings must specify version 3. |
| /// Policies with no conditional role bindings may specify any valid value or |
| /// leave the field unset. The policy in the response might use the policy |
| /// version that you specified, or it might use a lower policy version. For |
| /// example, if you specify version 3, but the policy has no conditional role |
| /// bindings, the response uses version 1. To learn which resources support |
| /// conditions in their IAM policies, see the |
| /// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Policy]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Policy> getIamPolicy( |
| core.String resource, { |
| core.int? options_requestedPolicyVersion, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'options.requestedPolicyVersion': ?options_requestedPolicyVersion == null |
| ? null |
| : ['${options_requestedPolicyVersion}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':getIamPolicy'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists CertificateRevocationLists. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the location associated with the |
| /// CertificateRevocationLists, in the format `projects / * /locations / * |
| /// /caPools / * /certificateAuthorities / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+$`. |
| /// |
| /// [filter] - Optional. Only include resources that match the filter in the |
| /// response. |
| /// |
| /// [orderBy] - Optional. Specify how the results should be sorted. |
| /// |
| /// [pageSize] - Optional. Limit on the number of CertificateRevocationLists |
| /// to include in the response. Further CertificateRevocationLists can |
| /// subsequently be obtained by including the |
| /// ListCertificateRevocationListsResponse.next_page_token in a subsequent |
| /// request. If unspecified, the server will pick an appropriate default. |
| /// |
| /// [pageToken] - Optional. Pagination token, returned earlier via |
| /// ListCertificateRevocationListsResponse.next_page_token. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListCertificateRevocationListsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListCertificateRevocationListsResponse> list( |
| core.String parent, { |
| core.String? filter, |
| core.String? orderBy, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'orderBy': ?orderBy == null ? null : [orderBy], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$parent') + '/certificateRevocationLists'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListCertificateRevocationListsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Update a CertificateRevocationList. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Identifier. The resource name for this CertificateRevocationList |
| /// in the format `projects / * /locations / * /caPools / * |
| /// certificateAuthorities / * / certificateRevocationLists / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+/certificateRevocationLists/\[^/\]+$`. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [updateMask] - Required. A list of fields to be updated in this request. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> patch( |
| CertificateRevocationList request, |
| core.String name, { |
| core.String? requestId, |
| core.String? updateMask, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'updateMask': ?updateMask == null ? null : [updateMask], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'PATCH', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Sets the access control policy on the specified resource. |
| /// |
| /// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, |
| /// and `PERMISSION_DENIED` errors. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy is being |
| /// specified. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+/certificateRevocationLists/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Policy]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Policy> setIamPolicy( |
| SetIamPolicyRequest request, |
| core.String resource, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':setIamPolicy'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Returns permissions that a caller has on the specified resource. |
| /// |
| /// If the resource does not exist, this will return an empty set of |
| /// permissions, not a `NOT_FOUND` error. Note: This operation is designed to |
| /// be used for building permission-aware UIs and command-line tools, not for |
| /// authorization checking. This operation may "fail open" without warning. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy detail is being |
| /// requested. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificateAuthorities/\[^/\]+/certificateRevocationLists/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [TestIamPermissionsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<TestIamPermissionsResponse> testIamPermissions( |
| TestIamPermissionsRequest request, |
| core.String resource, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$resource') + ':testIamPermissions'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return TestIamPermissionsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| class ProjectsLocationsCaPoolsCertificatesResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsCaPoolsCertificatesResource(commons.ApiRequester client) |
| : _requester = client; |
| |
| /// Create a new Certificate in a given Project, Location from a particular |
| /// CaPool. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the CaPool associated with the |
| /// Certificate, in the format `projects / * /locations / * /caPools / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [certificateId] - Optional. It must be unique within a location and match |
| /// the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when |
| /// using a CertificateAuthority in the Enterprise CertificateAuthority.tier, |
| /// but is optional and its value is ignored otherwise. |
| /// |
| /// [issuingCertificateAuthorityId] - Optional. The resource ID of the |
| /// CertificateAuthority that should issue the certificate. This optional |
| /// field will ignore the load-balancing scheme of the Pool and directly issue |
| /// the certificate from the CA with the specified ID, contained in the same |
| /// CaPool referenced by `parent`. Per-CA quota rules apply. If left empty, a |
| /// CertificateAuthority will be chosen from the CaPool by the service. For |
| /// example, to issue a Certificate from a Certificate Authority with resource |
| /// name |
| /// "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca", |
| /// you can set the parent to |
| /// "projects/my-project/locations/us-central1/caPools/my-pool" and the |
| /// issuing_certificate_authority_id to "my-ca". |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [validateOnly] - Optional. If this is true, no Certificate resource will |
| /// be persisted regardless of the CaPool's tier, and the returned Certificate |
| /// will not contain the pem_certificate field. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Certificate]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Certificate> create( |
| Certificate request, |
| core.String parent, { |
| core.String? certificateId, |
| core.String? issuingCertificateAuthorityId, |
| core.String? requestId, |
| core.bool? validateOnly, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'certificateId': ?certificateId == null ? null : [certificateId], |
| 'issuingCertificateAuthorityId': ?issuingCertificateAuthorityId == null |
| ? null |
| : [issuingCertificateAuthorityId], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'validateOnly': ?validateOnly == null ? null : ['${validateOnly}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$parent') + '/certificates'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Certificate.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Returns a Certificate. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The name of the Certificate to get. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificates/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Certificate]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Certificate> get( |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Certificate.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Lists Certificates. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the parent associated with the |
| /// Certificates, in the format `projects / * /locations / * /caPools / * `. |
| /// The parent resource name can be in one of two forms: 1. **Specific CA |
| /// Pool:** To list certificates within a single CA Pool: `projects / * |
| /// /locations / * /caPools / * ` 2. **All CA Pools in a Location:** To list |
| /// certificates across *all* CA Pools in a given project and location, use |
| /// the wildcard character (`-`) in place of the CA Pool ID. Example: |
| /// `projects / * /locations / * /caPools/-` See |
| /// go/ccfe-nested-collections#aggregate-listing for more details. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+$`. |
| /// |
| /// [filter] - Optional. Only include resources that match the filter in the |
| /// response. For details on supported filters and syntax, see |
| /// [Certificates Filtering documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#filtering_support). |
| /// |
| /// [orderBy] - Optional. Specify how the results should be sorted. For |
| /// details on supported fields and syntax, see |
| /// [Certificates Sorting documentation](https://cloud.google.com/certificate-authority-service/docs/sorting-filtering-certificates#sorting_support). |
| /// |
| /// [pageSize] - Optional. Limit on the number of Certificates to include in |
| /// the response. Further Certificates can subsequently be obtained by |
| /// including the ListCertificatesResponse.next_page_token in a subsequent |
| /// request. If unspecified, the server will pick an appropriate default. |
| /// |
| /// [pageToken] - Optional. Pagination token, returned earlier via |
| /// ListCertificatesResponse.next_page_token. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListCertificatesResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListCertificatesResponse> list( |
| core.String parent, { |
| core.String? filter, |
| core.String? orderBy, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'orderBy': ?orderBy == null ? null : [orderBy], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$parent') + '/certificates'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListCertificatesResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Update a Certificate. |
| /// |
| /// Currently, the only field you can update is the labels field. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Identifier. The resource name for this Certificate in the format |
| /// `projects / * /locations / * /caPools / * /certificates / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificates/\[^/\]+$`. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [updateMask] - Required. A list of fields to be updated in this request. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Certificate]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Certificate> patch( |
| Certificate request, |
| core.String name, { |
| core.String? requestId, |
| core.String? updateMask, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'updateMask': ?updateMask == null ? null : [updateMask], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'PATCH', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Certificate.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Revoke a Certificate. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this Certificate in the format |
| /// `projects / * /locations / * /caPools / * /certificates / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/caPools/\[^/\]+/certificates/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Certificate]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Certificate> revoke( |
| RevokeCertificateRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':revoke'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Certificate.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| class ProjectsLocationsCertificateTemplatesResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsCertificateTemplatesResource(commons.ApiRequester client) |
| : _requester = client; |
| |
| /// Create a new CertificateTemplate in a given Project and Location. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the location associated with the |
| /// CertificateTemplate, in the format `projects / * /locations / * `. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [certificateTemplateId] - Required. It must be unique within a location |
| /// and match the regular expression `[a-zA-Z0-9_-]{1,63}` |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> create( |
| CertificateTemplate request, |
| core.String parent, { |
| core.String? certificateTemplateId, |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'certificateTemplateId': ?certificateTemplateId == null |
| ? null |
| : [certificateTemplateId], |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$parent') + '/certificateTemplates'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// DeleteCertificateTemplate deletes a CertificateTemplate. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The resource name for this CertificateTemplate in the |
| /// format `projects / * /locations / * /certificateTemplates / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/certificateTemplates/\[^/\]+$`. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> delete( |
| core.String name, { |
| core.String? requestId, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'DELETE', |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Returns a CertificateTemplate. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Required. The name of the CertificateTemplate to get. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/certificateTemplates/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [CertificateTemplate]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<CertificateTemplate> get( |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return CertificateTemplate.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Gets the access control policy for a resource. |
| /// |
| /// Returns an empty policy if the resource exists and does not have a policy |
| /// set. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy is being |
| /// requested. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/certificateTemplates/\[^/\]+$`. |
| /// |
| /// [options_requestedPolicyVersion] - Optional. The maximum policy version |
| /// that will be used to format the policy. Valid values are 0, 1, and 3. |
| /// Requests specifying an invalid value will be rejected. Requests for |
| /// policies with any conditional role bindings must specify version 3. |
| /// Policies with no conditional role bindings may specify any valid value or |
| /// leave the field unset. The policy in the response might use the policy |
| /// version that you specified, or it might use a lower policy version. For |
| /// example, if you specify version 3, but the policy has no conditional role |
| /// bindings, the response uses version 1. To learn which resources support |
| /// conditions in their IAM policies, see the |
| /// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Policy]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Policy> getIamPolicy( |
| core.String resource, { |
| core.int? options_requestedPolicyVersion, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'options.requestedPolicyVersion': ?options_requestedPolicyVersion == null |
| ? null |
| : ['${options_requestedPolicyVersion}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':getIamPolicy'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists CertificateTemplates. |
| /// |
| /// Request parameters: |
| /// |
| /// [parent] - Required. The resource name of the location associated with the |
| /// CertificateTemplates, in the format `projects / * /locations / * `. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [filter] - Optional. Only include resources that match the filter in the |
| /// response. |
| /// |
| /// [orderBy] - Optional. Specify how the results should be sorted. |
| /// |
| /// [pageSize] - Optional. Limit on the number of CertificateTemplates to |
| /// include in the response. Further CertificateTemplates can subsequently be |
| /// obtained by including the ListCertificateTemplatesResponse.next_page_token |
| /// in a subsequent request. If unspecified, the server will pick an |
| /// appropriate default. |
| /// |
| /// [pageToken] - Optional. Pagination token, returned earlier via |
| /// ListCertificateTemplatesResponse.next_page_token. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListCertificateTemplatesResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListCertificateTemplatesResponse> list( |
| core.String parent, { |
| core.String? filter, |
| core.String? orderBy, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'orderBy': ?orderBy == null ? null : [orderBy], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$parent') + '/certificateTemplates'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListCertificateTemplatesResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| |
| /// Update a CertificateTemplate. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - Identifier. The resource name for this CertificateTemplate in the |
| /// format `projects / * /locations / * /certificateTemplates / * `. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/certificateTemplates/\[^/\]+$`. |
| /// |
| /// [requestId] - Optional. An ID to identify requests. Specify a unique |
| /// request ID so that if you must retry your request, the server will know to |
| /// ignore the request if it has already been completed. The server will |
| /// guarantee that for at least 60 minutes since the first request. For |
| /// example, consider a situation where you make an initial request and the |
| /// request times out. If you make the request again with the same request ID, |
| /// the server can check if original operation with the same request ID was |
| /// received, and if so, will ignore the second request. This prevents clients |
| /// from accidentally creating duplicate commitments. The request ID must be a |
| /// valid UUID with the exception that zero UUID is not supported |
| /// (00000000-0000-0000-0000-000000000000). |
| /// |
| /// [updateMask] - Required. A list of fields to be updated in this request. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> patch( |
| CertificateTemplate request, |
| core.String name, { |
| core.String? requestId, |
| core.String? updateMask, |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'requestId': ?requestId == null ? null : [requestId], |
| 'updateMask': ?updateMask == null ? null : [updateMask], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'PATCH', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Sets the access control policy on the specified resource. |
| /// |
| /// Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, |
| /// and `PERMISSION_DENIED` errors. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy is being |
| /// specified. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/certificateTemplates/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Policy]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Policy> setIamPolicy( |
| SetIamPolicyRequest request, |
| core.String resource, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$resource') + ':setIamPolicy'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Policy.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Returns permissions that a caller has on the specified resource. |
| /// |
| /// If the resource does not exist, this will return an empty set of |
| /// permissions, not a `NOT_FOUND` error. Note: This operation is designed to |
| /// be used for building permission-aware UIs and command-line tools, not for |
| /// authorization checking. This operation may "fail open" without warning. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [resource] - REQUIRED: The resource for which the policy detail is being |
| /// requested. See |
| /// [Resource names](https://cloud.google.com/apis/design/resource_names) for |
| /// the appropriate value for this field. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/certificateTemplates/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [TestIamPermissionsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<TestIamPermissionsResponse> testIamPermissions( |
| TestIamPermissionsRequest request, |
| core.String resource, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = |
| 'v1/' + core.Uri.encodeFull('$resource') + ':testIamPermissions'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return TestIamPermissionsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| class ProjectsLocationsOperationsResource { |
| final commons.ApiRequester _requester; |
| |
| ProjectsLocationsOperationsResource(commons.ApiRequester client) |
| : _requester = client; |
| |
| /// Starts asynchronous cancellation on a long-running operation. |
| /// |
| /// The server makes a best effort to cancel the operation, but success is not |
| /// guaranteed. If the server doesn't support this method, it returns |
| /// `google.rpc.Code.UNIMPLEMENTED`. Clients can use Operations.GetOperation |
| /// or other methods to check whether the cancellation succeeded or whether |
| /// the operation completed despite cancellation. On successful cancellation, |
| /// the operation is not deleted; instead, it becomes an operation with an |
| /// Operation.error value with a google.rpc.Status.code of `1`, corresponding |
| /// to `Code.CANCELLED`. |
| /// |
| /// [request] - The metadata request object. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation resource to be cancelled. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/operations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Empty]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Empty> cancel( |
| CancelOperationRequest request, |
| core.String name, { |
| core.String? $fields, |
| }) async { |
| final body_ = convert.json.encode(request); |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + ':cancel'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'POST', |
| body: body_, |
| queryParams: queryParams_, |
| ); |
| return Empty.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Deletes a long-running operation. |
| /// |
| /// This method indicates that the client is no longer interested in the |
| /// operation result. It does not cancel the operation. If the server doesn't |
| /// support this method, it returns `google.rpc.Code.UNIMPLEMENTED`. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation resource to be deleted. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/operations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Empty]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Empty> delete(core.String name, {core.String? $fields}) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'DELETE', |
| queryParams: queryParams_, |
| ); |
| return Empty.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Gets the latest state of a long-running operation. |
| /// |
| /// Clients can use this method to poll the operation result at intervals as |
| /// recommended by the API service. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation resource. |
| /// Value must have pattern |
| /// `^projects/\[^/\]+/locations/\[^/\]+/operations/\[^/\]+$`. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [Operation]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<Operation> get(core.String name, {core.String? $fields}) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name'); |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return Operation.fromJson(response_ as core.Map<core.String, core.dynamic>); |
| } |
| |
| /// Lists operations that match the specified filter in the request. |
| /// |
| /// If the server doesn't support this method, it returns `UNIMPLEMENTED`. |
| /// |
| /// Request parameters: |
| /// |
| /// [name] - The name of the operation's parent resource. |
| /// Value must have pattern `^projects/\[^/\]+/locations/\[^/\]+$`. |
| /// |
| /// [filter] - The standard list filter. |
| /// |
| /// [pageSize] - The standard list page size. |
| /// |
| /// [pageToken] - The standard list page token. |
| /// |
| /// [returnPartialSuccess] - When set to `true`, operations that are reachable |
| /// are returned as normal, and those that are unreachable are returned in the |
| /// ListOperationsResponse.unreachable field. This can only be `true` when |
| /// reading across collections. For example, when `parent` is set to |
| /// `"projects/example/locations/-"`. This field is not supported by default |
| /// and will result in an `UNIMPLEMENTED` error if set unless explicitly |
| /// documented otherwise in service or product specific documentation. |
| /// |
| /// [$fields] - Selector specifying which fields to include in a partial |
| /// response. |
| /// |
| /// Completes with a [ListOperationsResponse]. |
| /// |
| /// Completes with a [commons.ApiRequestError] if the API endpoint returned an |
| /// error. |
| /// |
| /// If the used [http.Client] completes with an error when making a REST call, |
| /// this method will complete with the same error. |
| async.Future<ListOperationsResponse> list( |
| core.String name, { |
| core.String? filter, |
| core.int? pageSize, |
| core.String? pageToken, |
| core.bool? returnPartialSuccess, |
| core.String? $fields, |
| }) async { |
| final queryParams_ = <core.String, core.List<core.String>>{ |
| 'filter': ?filter == null ? null : [filter], |
| 'pageSize': ?pageSize == null ? null : ['${pageSize}'], |
| 'pageToken': ?pageToken == null ? null : [pageToken], |
| 'returnPartialSuccess': ?returnPartialSuccess == null |
| ? null |
| : ['${returnPartialSuccess}'], |
| 'fields': ?$fields == null ? null : [$fields], |
| }; |
| |
| final url_ = 'v1/' + core.Uri.encodeFull('$name') + '/operations'; |
| |
| final response_ = await _requester.request( |
| url_, |
| 'GET', |
| queryParams: queryParams_, |
| ); |
| return ListOperationsResponse.fromJson( |
| response_ as core.Map<core.String, core.dynamic>, |
| ); |
| } |
| } |
| |
| /// URLs where a CertificateAuthority will publish content. |
| class AccessUrls { |
| /// The URL where this CertificateAuthority's CA certificate is published. |
| /// |
| /// This will only be set for CAs that have been activated. |
| core.String? caCertificateAccessUrl; |
| |
| /// The URLs where this CertificateAuthority's CRLs are published. |
| /// |
| /// This will only be set for CAs that have been activated. |
| core.List<core.String>? crlAccessUrls; |
| |
| AccessUrls({this.caCertificateAccessUrl, this.crlAccessUrls}); |
| |
| AccessUrls.fromJson(core.Map json_) |
| : this( |
| caCertificateAccessUrl: json_['caCertificateAccessUrl'] as core.String?, |
| crlAccessUrls: (json_['crlAccessUrls'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final caCertificateAccessUrl = this.caCertificateAccessUrl; |
| final crlAccessUrls = this.crlAccessUrls; |
| return { |
| 'caCertificateAccessUrl': ?caCertificateAccessUrl, |
| 'crlAccessUrls': ?crlAccessUrls, |
| }; |
| } |
| } |
| |
| /// Request message for |
| /// CertificateAuthorityService.ActivateCertificateAuthority. |
| class ActivateCertificateAuthorityRequest { |
| /// The signed CA certificate issued from |
| /// FetchCertificateAuthorityCsrResponse.pem_csr. |
| /// |
| /// Required. |
| core.String? pemCaCertificate; |
| |
| /// An ID to identify requests. |
| /// |
| /// Specify a unique request ID so that if you must retry your request, the |
| /// server will know to ignore the request if it has already been completed. |
| /// The server will guarantee that for at least 60 minutes since the first |
| /// request. For example, consider a situation where you make an initial |
| /// request and the request times out. If you make the request again with the |
| /// same request ID, the server can check if original operation with the same |
| /// request ID was received, and if so, will ignore the second request. This |
| /// prevents clients from accidentally creating duplicate commitments. The |
| /// request ID must be a valid UUID with the exception that zero UUID is not |
| /// supported (00000000-0000-0000-0000-000000000000). |
| /// |
| /// Optional. |
| core.String? requestId; |
| |
| /// Must include information about the issuer of 'pem_ca_certificate', and any |
| /// further issuers until the self-signed CA. |
| /// |
| /// Required. |
| SubordinateConfig? subordinateConfig; |
| |
| ActivateCertificateAuthorityRequest({ |
| this.pemCaCertificate, |
| this.requestId, |
| this.subordinateConfig, |
| }); |
| |
| ActivateCertificateAuthorityRequest.fromJson(core.Map json_) |
| : this( |
| pemCaCertificate: json_['pemCaCertificate'] as core.String?, |
| requestId: json_['requestId'] as core.String?, |
| subordinateConfig: json_.containsKey('subordinateConfig') |
| ? SubordinateConfig.fromJson( |
| json_['subordinateConfig'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final pemCaCertificate = this.pemCaCertificate; |
| final requestId = this.requestId; |
| final subordinateConfig = this.subordinateConfig; |
| return { |
| 'pemCaCertificate': ?pemCaCertificate, |
| 'requestId': ?requestId, |
| 'subordinateConfig': ?subordinateConfig, |
| }; |
| } |
| } |
| |
| /// Describes a "type" of key that may be used in a Certificate issued from a |
| /// CaPool. |
| /// |
| /// Note that a single AllowedKeyType may refer to either a fully-qualified key |
| /// algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA |
| /// key. |
| class AllowedKeyType { |
| /// Represents an allowed Elliptic Curve key type. |
| EcKeyType? ellipticCurve; |
| |
| /// Represents an allowed RSA key type. |
| RsaKeyType? rsa; |
| |
| AllowedKeyType({this.ellipticCurve, this.rsa}); |
| |
| AllowedKeyType.fromJson(core.Map json_) |
| : this( |
| ellipticCurve: json_.containsKey('ellipticCurve') |
| ? EcKeyType.fromJson( |
| json_['ellipticCurve'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| rsa: json_.containsKey('rsa') |
| ? RsaKeyType.fromJson( |
| json_['rsa'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final ellipticCurve = this.ellipticCurve; |
| final rsa = this.rsa; |
| return {'ellipticCurve': ?ellipticCurve, 'rsa': ?rsa}; |
| } |
| } |
| |
| /// AttributeTypeAndValue specifies an attribute type and value. |
| /// |
| /// It can use either a OID or enum value to specify the attribute type. |
| class AttributeTypeAndValue { |
| /// Object ID for an attribute type of an attribute and value pair. |
| ObjectId? objectId; |
| |
| /// The attribute type of the attribute and value pair. |
| /// Possible string values are: |
| /// - "ATTRIBUTE_TYPE_UNSPECIFIED" : Attribute type is unspecified. |
| /// - "COMMON_NAME" : The "common name" of the subject. |
| /// - "COUNTRY_CODE" : The country code of the subject. |
| /// - "ORGANIZATION" : The organization of the subject. |
| /// - "ORGANIZATIONAL_UNIT" : The organizational unit of the subject. |
| /// - "LOCALITY" : The locality or city of the subject. |
| /// - "PROVINCE" : The province, territory, or regional state of the subject. |
| /// - "STREET_ADDRESS" : The street address of the subject. |
| /// - "POSTAL_CODE" : The postal code of the subject. |
| core.String? type; |
| |
| /// The value for the attribute type. |
| core.String? value; |
| |
| AttributeTypeAndValue({this.objectId, this.type, this.value}); |
| |
| AttributeTypeAndValue.fromJson(core.Map json_) |
| : this( |
| objectId: json_.containsKey('objectId') |
| ? ObjectId.fromJson( |
| json_['objectId'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| type: json_['type'] as core.String?, |
| value: json_['value'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final objectId = this.objectId; |
| final type = this.type; |
| final value = this.value; |
| return {'objectId': ?objectId, 'type': ?type, 'value': ?value}; |
| } |
| } |
| |
| /// Specifies the audit configuration for a service. |
| /// |
| /// The configuration determines which permission types are logged, and what |
| /// identities, if any, are exempted from logging. An AuditConfig must have one |
| /// or more AuditLogConfigs. If there are AuditConfigs for both `allServices` |
| /// and a specific service, the union of the two AuditConfigs is used for that |
| /// service: the log_types specified in each AuditConfig are enabled, and the |
| /// exempted_members in each AuditLogConfig are exempted. Example Policy with |
| /// multiple AuditConfigs: { "audit_configs": \[ { "service": "allServices", |
| /// "audit_log_configs": \[ { "log_type": "DATA_READ", "exempted_members": \[ |
| /// "user:jose@example.com" \] }, { "log_type": "DATA_WRITE" }, { "log_type": |
| /// "ADMIN_READ" } \] }, { "service": "sampleservice.googleapis.com", |
| /// "audit_log_configs": \[ { "log_type": "DATA_READ" }, { "log_type": |
| /// "DATA_WRITE", "exempted_members": \[ "user:aliya@example.com" \] } \] } \] } |
| /// For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ |
| /// logging. It also exempts `jose@example.com` from DATA_READ logging, and |
| /// `aliya@example.com` from DATA_WRITE logging. |
| class AuditConfig { |
| /// The configuration for logging of each type of permission. |
| core.List<AuditLogConfig>? auditLogConfigs; |
| |
| /// Specifies a service that will be enabled for audit logging. |
| /// |
| /// For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. |
| /// `allServices` is a special value that covers all services. |
| core.String? service; |
| |
| AuditConfig({this.auditLogConfigs, this.service}); |
| |
| AuditConfig.fromJson(core.Map json_) |
| : this( |
| auditLogConfigs: (json_['auditLogConfigs'] as core.List?) |
| ?.map( |
| (value) => AuditLogConfig.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| service: json_['service'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final auditLogConfigs = this.auditLogConfigs; |
| final service = this.service; |
| return {'auditLogConfigs': ?auditLogConfigs, 'service': ?service}; |
| } |
| } |
| |
| /// Provides the configuration for logging a type of permissions. |
| /// |
| /// Example: { "audit_log_configs": \[ { "log_type": "DATA_READ", |
| /// "exempted_members": \[ "user:jose@example.com" \] }, { "log_type": |
| /// "DATA_WRITE" } \] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while |
| /// exempting jose@example.com from DATA_READ logging. |
| typedef AuditLogConfig = $AuditLogConfig; |
| |
| /// Associates `members`, or principals, with a `role`. |
| class Binding { |
| /// The condition that is associated with this binding. |
| /// |
| /// If the condition evaluates to `true`, then this binding applies to the |
| /// current request. If the condition evaluates to `false`, then this binding |
| /// does not apply to the current request. However, a different role binding |
| /// might grant the same role to one or more of the principals in this |
| /// binding. To learn which resources support conditions in their IAM |
| /// policies, see the |
| /// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| Expr? condition; |
| |
| /// Specifies the principals requesting access for a Google Cloud resource. |
| /// |
| /// `members` can have the following values: * `allUsers`: A special |
| /// identifier that represents anyone who is on the internet; with or without |
| /// a Google account. * `allAuthenticatedUsers`: A special identifier that |
| /// represents anyone who is authenticated with a Google account or a service |
| /// account. Does not include identities that come from external identity |
| /// providers (IdPs) through identity federation. * `user:{emailid}`: An email |
| /// address that represents a specific Google account. For example, |
| /// `alice@example.com` . * `serviceAccount:{emailid}`: An email address that |
| /// represents a Google service account. For example, |
| /// `my-other-app@appspot.gserviceaccount.com`. * |
| /// `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An |
| /// identifier for a |
| /// [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). |
| /// For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * |
| /// `group:{emailid}`: An email address that represents a Google group. For |
| /// example, `admins@example.com`. * `domain:{domain}`: The G Suite domain |
| /// (primary) that represents all the users of that domain. For example, |
| /// `google.com` or `example.com`. * |
| /// `principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| /// A single identity in a workforce identity pool. * |
| /// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/group/{group_id}`: |
| /// All workforce identities in a group. * |
| /// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| /// All workforce identities with a specific attribute value. * |
| /// `principalSet://iam.googleapis.com/locations/global/workforcePools/{pool_id} |
| /// / * `: All identities in a workforce identity pool. * |
| /// `principal://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/subject/{subject_attribute_value}`: |
| /// A single identity in a workload identity pool. * |
| /// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/group/{group_id}`: |
| /// A workload identity pool group. * |
| /// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id}/attribute.{attribute_name}/{attribute_value}`: |
| /// All identities in a workload identity pool with a certain attribute. * |
| /// `principalSet://iam.googleapis.com/projects/{project_number}/locations/global/workloadIdentityPools/{pool_id} |
| /// / * `: All identities in a workload identity pool. * |
| /// `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique |
| /// identifier) representing a user that has been recently deleted. For |
| /// example, `alice@example.com?uid=123456789012345678901`. If the user is |
| /// recovered, this value reverts to `user:{emailid}` and the recovered user |
| /// retains the role in the binding. * |
| /// `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus |
| /// unique identifier) representing a service account that has been recently |
| /// deleted. For example, |
| /// `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If |
| /// the service account is undeleted, this value reverts to |
| /// `serviceAccount:{emailid}` and the undeleted service account retains the |
| /// role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email |
| /// address (plus unique identifier) representing a Google group that has been |
| /// recently deleted. For example, |
| /// `admins@example.com?uid=123456789012345678901`. If the group is recovered, |
| /// this value reverts to `group:{emailid}` and the recovered group retains |
| /// the role in the binding. * |
| /// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/{pool_id}/subject/{subject_attribute_value}`: |
| /// Deleted single identity in a workforce identity pool. For example, |
| /// `deleted:principal://iam.googleapis.com/locations/global/workforcePools/my-pool-id/subject/my-subject-attribute-value`. |
| core.List<core.String>? members; |
| |
| /// Role that is assigned to the list of `members`, or principals. |
| /// |
| /// For example, `roles/viewer`, `roles/editor`, or `roles/owner`. For an |
| /// overview of the IAM roles and permissions, see the |
| /// [IAM documentation](https://cloud.google.com/iam/docs/roles-overview). For |
| /// a list of the available pre-defined roles, see |
| /// [here](https://cloud.google.com/iam/docs/understanding-roles). |
| core.String? role; |
| |
| Binding({this.condition, this.members, this.role}); |
| |
| Binding.fromJson(core.Map json_) |
| : this( |
| condition: json_.containsKey('condition') |
| ? Expr.fromJson( |
| json_['condition'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| members: (json_['members'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| role: json_['role'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final condition = this.condition; |
| final members = this.members; |
| final role = this.role; |
| return {'condition': ?condition, 'members': ?members, 'role': ?role}; |
| } |
| } |
| |
| /// Describes the X.509 basic constraints extension, per |
| /// [RFC 5280 section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9) |
| class CaOptions { |
| /// Refers to the "CA" boolean field in the X.509 extension. |
| /// |
| /// When this value is missing, the basic constraints extension will be |
| /// omitted from the certificate. |
| /// |
| /// Optional. |
| core.bool? isCa; |
| |
| /// Refers to the path length constraint field in the X.509 extension. |
| /// |
| /// For a CA certificate, this value describes the depth of subordinate CA |
| /// certificates that are allowed. If this value is less than 0, the request |
| /// will fail. If this value is missing, the max path length will be omitted |
| /// from the certificate. |
| /// |
| /// Optional. |
| core.int? maxIssuerPathLength; |
| |
| CaOptions({this.isCa, this.maxIssuerPathLength}); |
| |
| CaOptions.fromJson(core.Map json_) |
| : this( |
| isCa: json_['isCa'] as core.bool?, |
| maxIssuerPathLength: json_['maxIssuerPathLength'] as core.int?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final isCa = this.isCa; |
| final maxIssuerPathLength = this.maxIssuerPathLength; |
| return {'isCa': ?isCa, 'maxIssuerPathLength': ?maxIssuerPathLength}; |
| } |
| } |
| |
| /// A CaPool represents a group of CertificateAuthorities that form a trust |
| /// anchor. |
| /// |
| /// A CaPool can be used to manage issuance policies for one or more |
| /// CertificateAuthority resources and to rotate CA certificates in and out of |
| /// the trust anchor. |
| class CaPool { |
| /// When EncryptionSpec is provided, the Subject, SubjectAltNames, and the |
| /// PEM-encoded certificate fields will be encrypted at rest. |
| /// |
| /// Optional. |
| EncryptionSpec? encryptionSpec; |
| |
| /// The IssuancePolicy to control how Certificates will be issued from this |
| /// CaPool. |
| /// |
| /// Optional. |
| IssuancePolicy? issuancePolicy; |
| |
| /// Labels with user-defined metadata. |
| /// |
| /// Optional. |
| core.Map<core.String, core.String>? labels; |
| |
| /// Identifier. |
| /// |
| /// The resource name for this CaPool in the format `projects / * /locations / |
| /// * /caPools / * `. |
| core.String? name; |
| |
| /// The PublishingOptions to follow when issuing Certificates from any |
| /// CertificateAuthority in this CaPool. |
| /// |
| /// Optional. |
| PublishingOptions? publishingOptions; |
| |
| /// The Tier of this CaPool. |
| /// |
| /// Required. Immutable. |
| /// Possible string values are: |
| /// - "TIER_UNSPECIFIED" : Not specified. |
| /// - "ENTERPRISE" : Enterprise tier. |
| /// - "DEVOPS" : DevOps tier. |
| core.String? tier; |
| |
| CaPool({ |
| this.encryptionSpec, |
| this.issuancePolicy, |
| this.labels, |
| this.name, |
| this.publishingOptions, |
| this.tier, |
| }); |
| |
| CaPool.fromJson(core.Map json_) |
| : this( |
| encryptionSpec: json_.containsKey('encryptionSpec') |
| ? EncryptionSpec.fromJson( |
| json_['encryptionSpec'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| issuancePolicy: json_.containsKey('issuancePolicy') |
| ? IssuancePolicy.fromJson( |
| json_['issuancePolicy'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| labels: (json_['labels'] as core.Map<core.String, core.dynamic>?)?.map( |
| (key, value) => core.MapEntry(key, value as core.String), |
| ), |
| name: json_['name'] as core.String?, |
| publishingOptions: json_.containsKey('publishingOptions') |
| ? PublishingOptions.fromJson( |
| json_['publishingOptions'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| tier: json_['tier'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final encryptionSpec = this.encryptionSpec; |
| final issuancePolicy = this.issuancePolicy; |
| final labels = this.labels; |
| final name = this.name; |
| final publishingOptions = this.publishingOptions; |
| final tier = this.tier; |
| return { |
| 'encryptionSpec': ?encryptionSpec, |
| 'issuancePolicy': ?issuancePolicy, |
| 'labels': ?labels, |
| 'name': ?name, |
| 'publishingOptions': ?publishingOptions, |
| 'tier': ?tier, |
| }; |
| } |
| } |
| |
| /// The request message for Operations.CancelOperation. |
| typedef CancelOperationRequest = $Empty; |
| typedef CertChain = $CertChain; |
| |
| /// A Certificate corresponds to a signed X.509 certificate issued by a |
| /// CertificateAuthority. |
| class Certificate { |
| /// A structured description of the issued X.509 certificate. |
| /// |
| /// Output only. |
| CertificateDescription? certificateDescription; |
| |
| /// The resource name for a CertificateTemplate used to issue this |
| /// certificate, in the format `projects / * /locations / * |
| /// /certificateTemplates / * `. |
| /// |
| /// If this is specified, the caller must have the necessary permission to use |
| /// this template. If this is omitted, no template will be used. This template |
| /// must be in the same location as the Certificate. |
| /// |
| /// Immutable. |
| core.String? certificateTemplate; |
| |
| /// A description of the certificate and key that does not require X.509 or |
| /// ASN.1. |
| /// |
| /// Immutable. |
| CertificateConfig? config; |
| |
| /// The time at which this Certificate was created. |
| /// |
| /// Output only. |
| core.String? createTime; |
| |
| /// The resource name of the issuing CertificateAuthority in the format |
| /// `projects / * /locations / * /caPools / * /certificateAuthorities / * `. |
| /// |
| /// Output only. |
| core.String? issuerCertificateAuthority; |
| |
| /// Labels with user-defined metadata. |
| /// |
| /// Optional. |
| core.Map<core.String, core.String>? labels; |
| |
| /// The desired lifetime of a certificate. |
| /// |
| /// Used to create the "not_before_time" and "not_after_time" fields inside an |
| /// X.509 certificate. Note that the lifetime may be truncated if it would |
| /// extend past the life of any certificate authority in the issuing chain. |
| /// |
| /// Required. Immutable. |
| core.String? lifetime; |
| |
| /// Identifier. |
| /// |
| /// The resource name for this Certificate in the format `projects / * |
| /// /locations / * /caPools / * /certificates / * `. |
| core.String? name; |
| |
| /// The pem-encoded, signed X.509 certificate. |
| /// |
| /// Output only. |
| core.String? pemCertificate; |
| |
| /// The chain that may be used to verify the X.509 certificate. |
| /// |
| /// Expected to be in issuer-to-root order according to RFC 5246. |
| /// |
| /// Output only. |
| core.List<core.String>? pemCertificateChain; |
| |
| /// A pem-encoded X.509 certificate signing request (CSR). |
| /// |
| /// Immutable. |
| core.String? pemCsr; |
| |
| /// Details regarding the revocation of this Certificate. |
| /// |
| /// This Certificate is considered revoked if and only if this field is |
| /// present. |
| /// |
| /// Output only. |
| RevocationDetails? revocationDetails; |
| |
| /// Specifies how the Certificate's identity fields are to be decided. |
| /// |
| /// If this is omitted, the `DEFAULT` subject mode will be used. |
| /// |
| /// Immutable. |
| /// Possible string values are: |
| /// - "SUBJECT_REQUEST_MODE_UNSPECIFIED" : Not specified. |
| /// - "DEFAULT" : The default mode used in most cases. Indicates that the |
| /// certificate's Subject and/or SubjectAltNames are specified in the |
| /// certificate request. This mode requires the caller to have the |
| /// `privateca.certificates.create` permission. |
| /// - "RDN_SEQUENCE" : A mode used to get an accurate representation of the |
| /// Subject field's distinguished name. Indicates that the certificate's |
| /// Subject and/or SubjectAltNames are specified in the certificate request. |
| /// When parsing a PEM CSR this mode will maintain the sequence of RDNs found |
| /// in the CSR's subject field in the issued Certificate. This mode requires |
| /// the caller to have the `privateca.certificates.create` permission. |
| /// - "REFLECTED_SPIFFE" : A mode reserved for special cases. Indicates that |
| /// the certificate should have one SPIFFE SubjectAltNames set by the service |
| /// based on the caller's identity. This mode will ignore any explicitly |
| /// specified Subject and/or SubjectAltNames in the certificate request. This |
| /// mode requires the caller to have the |
| /// `privateca.certificates.createForSelf` permission. |
| core.String? subjectMode; |
| |
| /// The time at which this Certificate was updated. |
| /// |
| /// Output only. |
| core.String? updateTime; |
| |
| Certificate({ |
| this.certificateDescription, |
| this.certificateTemplate, |
| this.config, |
| this.createTime, |
| this.issuerCertificateAuthority, |
| this.labels, |
| this.lifetime, |
| this.name, |
| this.pemCertificate, |
| this.pemCertificateChain, |
| this.pemCsr, |
| this.revocationDetails, |
| this.subjectMode, |
| this.updateTime, |
| }); |
| |
| Certificate.fromJson(core.Map json_) |
| : this( |
| certificateDescription: json_.containsKey('certificateDescription') |
| ? CertificateDescription.fromJson( |
| json_['certificateDescription'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| certificateTemplate: json_['certificateTemplate'] as core.String?, |
| config: json_.containsKey('config') |
| ? CertificateConfig.fromJson( |
| json_['config'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| createTime: json_['createTime'] as core.String?, |
| issuerCertificateAuthority: |
| json_['issuerCertificateAuthority'] as core.String?, |
| labels: (json_['labels'] as core.Map<core.String, core.dynamic>?)?.map( |
| (key, value) => core.MapEntry(key, value as core.String), |
| ), |
| lifetime: json_['lifetime'] as core.String?, |
| name: json_['name'] as core.String?, |
| pemCertificate: json_['pemCertificate'] as core.String?, |
| pemCertificateChain: (json_['pemCertificateChain'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| pemCsr: json_['pemCsr'] as core.String?, |
| revocationDetails: json_.containsKey('revocationDetails') |
| ? RevocationDetails.fromJson( |
| json_['revocationDetails'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectMode: json_['subjectMode'] as core.String?, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateDescription = this.certificateDescription; |
| final certificateTemplate = this.certificateTemplate; |
| final config = this.config; |
| final createTime = this.createTime; |
| final issuerCertificateAuthority = this.issuerCertificateAuthority; |
| final labels = this.labels; |
| final lifetime = this.lifetime; |
| final name = this.name; |
| final pemCertificate = this.pemCertificate; |
| final pemCertificateChain = this.pemCertificateChain; |
| final pemCsr = this.pemCsr; |
| final revocationDetails = this.revocationDetails; |
| final subjectMode = this.subjectMode; |
| final updateTime = this.updateTime; |
| return { |
| 'certificateDescription': ?certificateDescription, |
| 'certificateTemplate': ?certificateTemplate, |
| 'config': ?config, |
| 'createTime': ?createTime, |
| 'issuerCertificateAuthority': ?issuerCertificateAuthority, |
| 'labels': ?labels, |
| 'lifetime': ?lifetime, |
| 'name': ?name, |
| 'pemCertificate': ?pemCertificate, |
| 'pemCertificateChain': ?pemCertificateChain, |
| 'pemCsr': ?pemCsr, |
| 'revocationDetails': ?revocationDetails, |
| 'subjectMode': ?subjectMode, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// A CertificateAuthority represents an individual Certificate Authority. |
| /// |
| /// A CertificateAuthority can be used to create Certificates. |
| class CertificateAuthority { |
| /// URLs for accessing content published by this CA, such as the CA |
| /// certificate and CRLs. |
| /// |
| /// Output only. |
| AccessUrls? accessUrls; |
| |
| /// A structured description of this CertificateAuthority's CA certificate and |
| /// its issuers. |
| /// |
| /// Ordered as self-to-root. |
| /// |
| /// Output only. |
| core.List<CertificateDescription>? caCertificateDescriptions; |
| |
| /// The config used to create a self-signed X.509 certificate or CSR. |
| /// |
| /// Required. Immutable. |
| CertificateConfig? config; |
| |
| /// The time at which this CertificateAuthority was created. |
| /// |
| /// Output only. |
| core.String? createTime; |
| |
| /// The time at which this CertificateAuthority was soft deleted, if it is in |
| /// the DELETED state. |
| /// |
| /// Output only. |
| core.String? deleteTime; |
| |
| /// The time at which this CertificateAuthority will be permanently purged, if |
| /// it is in the DELETED state. |
| /// |
| /// Output only. |
| core.String? expireTime; |
| |
| /// The name of a Cloud Storage bucket where this CertificateAuthority will |
| /// publish content, such as the CA certificate and CRLs. |
| /// |
| /// This must be a bucket name, without any prefixes (such as `gs://`) or |
| /// suffixes (such as `.googleapis.com`). For example, to use a bucket named |
| /// `my-bucket`, you would simply specify `my-bucket`. If not specified, a |
| /// managed bucket will be created. |
| /// |
| /// Immutable. |
| core.String? gcsBucket; |
| |
| /// Used when issuing certificates for this CertificateAuthority. |
| /// |
| /// If this CertificateAuthority is a self-signed CertificateAuthority, this |
| /// key is also used to sign the self-signed CA certificate. Otherwise, it is |
| /// used to sign a CSR. |
| /// |
| /// Required. Immutable. |
| KeyVersionSpec? keySpec; |
| |
| /// Labels with user-defined metadata. |
| /// |
| /// Optional. |
| core.Map<core.String, core.String>? labels; |
| |
| /// The desired lifetime of the CA certificate. |
| /// |
| /// Used to create the "not_before_time" and "not_after_time" fields inside an |
| /// X.509 certificate. |
| /// |
| /// Required. Immutable. |
| core.String? lifetime; |
| |
| /// Identifier. |
| /// |
| /// The resource name for this CertificateAuthority in the format `projects / |
| /// * /locations / * /caPools / * /certificateAuthorities / * `. |
| core.String? name; |
| |
| /// This CertificateAuthority's certificate chain, including the current |
| /// CertificateAuthority's certificate. |
| /// |
| /// Ordered such that the root issuer is the final element (consistent with |
| /// RFC 5246). For a self-signed CA, this will only list the current |
| /// CertificateAuthority's certificate. |
| /// |
| /// Output only. |
| core.List<core.String>? pemCaCertificates; |
| |
| /// Reserved for future use. |
| /// |
| /// Output only. |
| core.bool? satisfiesPzi; |
| |
| /// Reserved for future use. |
| /// |
| /// Output only. |
| core.bool? satisfiesPzs; |
| |
| /// The State for this CertificateAuthority. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "STATE_UNSPECIFIED" : Not specified. |
| /// - "ENABLED" : Certificates can be issued from this CA. CRLs will be |
| /// generated for this CA. The CA will be part of the CaPool's trust anchor, |
| /// and will be used to issue certificates from the CaPool. |
| /// - "DISABLED" : Certificates cannot be issued from this CA. CRLs will still |
| /// be generated. The CA will be part of the CaPool's trust anchor, but will |
| /// not be used to issue certificates from the CaPool. |
| /// - "STAGED" : Certificates can be issued from this CA. CRLs will be |
| /// generated for this CA. The CA will be part of the CaPool's trust anchor, |
| /// but will not be used to issue certificates from the CaPool. |
| /// - "AWAITING_USER_ACTIVATION" : Certificates cannot be issued from this CA. |
| /// CRLs will not be generated. The CA will not be part of the CaPool's trust |
| /// anchor, and will not be used to issue certificates from the CaPool. |
| /// - "DELETED" : Certificates cannot be issued from this CA. CRLs will not be |
| /// generated. The CA may still be recovered by calling |
| /// CertificateAuthorityService.UndeleteCertificateAuthority before |
| /// expire_time. The CA will not be part of the CaPool's trust anchor, and |
| /// will not be used to issue certificates from the CaPool. |
| core.String? state; |
| |
| /// If this is a subordinate CertificateAuthority, this field will be set with |
| /// the subordinate configuration, which describes its issuers. |
| /// |
| /// This may be updated, but this CertificateAuthority must continue to |
| /// validate. |
| /// |
| /// Optional. |
| SubordinateConfig? subordinateConfig; |
| |
| /// The CaPool.Tier of the CaPool that includes this CertificateAuthority. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "TIER_UNSPECIFIED" : Not specified. |
| /// - "ENTERPRISE" : Enterprise tier. |
| /// - "DEVOPS" : DevOps tier. |
| core.String? tier; |
| |
| /// The Type of this CertificateAuthority. |
| /// |
| /// Required. Immutable. |
| /// Possible string values are: |
| /// - "TYPE_UNSPECIFIED" : Not specified. |
| /// - "SELF_SIGNED" : Self-signed CA. |
| /// - "SUBORDINATE" : Subordinate CA. Could be issued by a Private CA |
| /// CertificateAuthority or an unmanaged CA. |
| core.String? type; |
| |
| /// The time at which this CertificateAuthority was last updated. |
| /// |
| /// Output only. |
| core.String? updateTime; |
| |
| /// User-defined URLs for CA certificate and CRLs. |
| /// |
| /// The service does not publish content to these URLs. It is up to the user |
| /// to mirror content to these URLs. |
| /// |
| /// Optional. |
| UserDefinedAccessUrls? userDefinedAccessUrls; |
| |
| CertificateAuthority({ |
| this.accessUrls, |
| this.caCertificateDescriptions, |
| this.config, |
| this.createTime, |
| this.deleteTime, |
| this.expireTime, |
| this.gcsBucket, |
| this.keySpec, |
| this.labels, |
| this.lifetime, |
| this.name, |
| this.pemCaCertificates, |
| this.satisfiesPzi, |
| this.satisfiesPzs, |
| this.state, |
| this.subordinateConfig, |
| this.tier, |
| this.type, |
| this.updateTime, |
| this.userDefinedAccessUrls, |
| }); |
| |
| CertificateAuthority.fromJson(core.Map json_) |
| : this( |
| accessUrls: json_.containsKey('accessUrls') |
| ? AccessUrls.fromJson( |
| json_['accessUrls'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| caCertificateDescriptions: |
| (json_['caCertificateDescriptions'] as core.List?) |
| ?.map( |
| (value) => CertificateDescription.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| config: json_.containsKey('config') |
| ? CertificateConfig.fromJson( |
| json_['config'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| createTime: json_['createTime'] as core.String?, |
| deleteTime: json_['deleteTime'] as core.String?, |
| expireTime: json_['expireTime'] as core.String?, |
| gcsBucket: json_['gcsBucket'] as core.String?, |
| keySpec: json_.containsKey('keySpec') |
| ? KeyVersionSpec.fromJson( |
| json_['keySpec'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| labels: (json_['labels'] as core.Map<core.String, core.dynamic>?)?.map( |
| (key, value) => core.MapEntry(key, value as core.String), |
| ), |
| lifetime: json_['lifetime'] as core.String?, |
| name: json_['name'] as core.String?, |
| pemCaCertificates: (json_['pemCaCertificates'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| satisfiesPzi: json_['satisfiesPzi'] as core.bool?, |
| satisfiesPzs: json_['satisfiesPzs'] as core.bool?, |
| state: json_['state'] as core.String?, |
| subordinateConfig: json_.containsKey('subordinateConfig') |
| ? SubordinateConfig.fromJson( |
| json_['subordinateConfig'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| tier: json_['tier'] as core.String?, |
| type: json_['type'] as core.String?, |
| updateTime: json_['updateTime'] as core.String?, |
| userDefinedAccessUrls: json_.containsKey('userDefinedAccessUrls') |
| ? UserDefinedAccessUrls.fromJson( |
| json_['userDefinedAccessUrls'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final accessUrls = this.accessUrls; |
| final caCertificateDescriptions = this.caCertificateDescriptions; |
| final config = this.config; |
| final createTime = this.createTime; |
| final deleteTime = this.deleteTime; |
| final expireTime = this.expireTime; |
| final gcsBucket = this.gcsBucket; |
| final keySpec = this.keySpec; |
| final labels = this.labels; |
| final lifetime = this.lifetime; |
| final name = this.name; |
| final pemCaCertificates = this.pemCaCertificates; |
| final satisfiesPzi = this.satisfiesPzi; |
| final satisfiesPzs = this.satisfiesPzs; |
| final state = this.state; |
| final subordinateConfig = this.subordinateConfig; |
| final tier = this.tier; |
| final type = this.type; |
| final updateTime = this.updateTime; |
| final userDefinedAccessUrls = this.userDefinedAccessUrls; |
| return { |
| 'accessUrls': ?accessUrls, |
| 'caCertificateDescriptions': ?caCertificateDescriptions, |
| 'config': ?config, |
| 'createTime': ?createTime, |
| 'deleteTime': ?deleteTime, |
| 'expireTime': ?expireTime, |
| 'gcsBucket': ?gcsBucket, |
| 'keySpec': ?keySpec, |
| 'labels': ?labels, |
| 'lifetime': ?lifetime, |
| 'name': ?name, |
| 'pemCaCertificates': ?pemCaCertificates, |
| 'satisfiesPzi': ?satisfiesPzi, |
| 'satisfiesPzs': ?satisfiesPzs, |
| 'state': ?state, |
| 'subordinateConfig': ?subordinateConfig, |
| 'tier': ?tier, |
| 'type': ?type, |
| 'updateTime': ?updateTime, |
| 'userDefinedAccessUrls': ?userDefinedAccessUrls, |
| }; |
| } |
| } |
| |
| /// A CertificateConfig describes an X.509 certificate or CSR that is to be |
| /// created, as an alternative to using ASN.1. |
| class CertificateConfig { |
| /// The public key that corresponds to this config. |
| /// |
| /// This is, for example, used when issuing Certificates, but not when |
| /// creating a self-signed CertificateAuthority or CertificateAuthority CSR. |
| /// |
| /// Optional. |
| PublicKey? publicKey; |
| |
| /// Specifies some of the values in a certificate that are related to the |
| /// subject. |
| /// |
| /// Required. |
| SubjectConfig? subjectConfig; |
| |
| /// When specified this provides a custom SKI to be used in the certificate. |
| /// |
| /// This should only be used to maintain a SKI of an existing CA originally |
| /// created outside CA service, which was not generated using method (1) |
| /// described in RFC 5280 section 4.2.1.2. |
| /// |
| /// Optional. |
| CertificateConfigKeyId? subjectKeyId; |
| |
| /// Describes how some of the technical X.509 fields in a certificate should |
| /// be populated. |
| /// |
| /// Required. |
| X509Parameters? x509Config; |
| |
| CertificateConfig({ |
| this.publicKey, |
| this.subjectConfig, |
| this.subjectKeyId, |
| this.x509Config, |
| }); |
| |
| CertificateConfig.fromJson(core.Map json_) |
| : this( |
| publicKey: json_.containsKey('publicKey') |
| ? PublicKey.fromJson( |
| json_['publicKey'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectConfig: json_.containsKey('subjectConfig') |
| ? SubjectConfig.fromJson( |
| json_['subjectConfig'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectKeyId: json_.containsKey('subjectKeyId') |
| ? CertificateConfigKeyId.fromJson( |
| json_['subjectKeyId'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| x509Config: json_.containsKey('x509Config') |
| ? X509Parameters.fromJson( |
| json_['x509Config'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final publicKey = this.publicKey; |
| final subjectConfig = this.subjectConfig; |
| final subjectKeyId = this.subjectKeyId; |
| final x509Config = this.x509Config; |
| return { |
| 'publicKey': ?publicKey, |
| 'subjectConfig': ?subjectConfig, |
| 'subjectKeyId': ?subjectKeyId, |
| 'x509Config': ?x509Config, |
| }; |
| } |
| } |
| |
| /// A KeyId identifies a specific public key, usually by hashing the public key. |
| class CertificateConfigKeyId { |
| /// The value of this KeyId encoded in lowercase hexadecimal. |
| /// |
| /// This is most likely the 160 bit SHA-1 hash of the public key. |
| /// |
| /// Required. |
| core.String? keyId; |
| |
| CertificateConfigKeyId({this.keyId}); |
| |
| CertificateConfigKeyId.fromJson(core.Map json_) |
| : this(keyId: json_['keyId'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final keyId = this.keyId; |
| return {'keyId': ?keyId}; |
| } |
| } |
| |
| /// A CertificateDescription describes an X.509 certificate or CSR that has been |
| /// issued, as an alternative to using ASN.1 / X.509. |
| class CertificateDescription { |
| /// Describes lists of issuer CA certificate URLs that appear in the |
| /// "Authority Information Access" extension in the certificate. |
| core.List<core.String>? aiaIssuingCertificateUrls; |
| |
| /// Identifies the subject_key_id of the parent certificate, per |
| /// https://tools.ietf.org/html/rfc5280#section-4.2.1.1 |
| KeyId? authorityKeyId; |
| |
| /// The hash of the x.509 certificate. |
| CertificateFingerprint? certFingerprint; |
| |
| /// Describes a list of locations to obtain CRL information, i.e. the |
| /// DistributionPoint.fullName described by |
| /// https://tools.ietf.org/html/rfc5280#section-4.2.1.13 |
| core.List<core.String>? crlDistributionPoints; |
| |
| /// The public key that corresponds to an issued certificate. |
| PublicKey? publicKey; |
| |
| /// Describes some of the values in a certificate that are related to the |
| /// subject and lifetime. |
| SubjectDescription? subjectDescription; |
| |
| /// Provides a means of identifiying certificates that contain a particular |
| /// public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2. |
| KeyId? subjectKeyId; |
| |
| /// The hash of the pre-signed certificate, which will be signed by the CA. |
| /// |
| /// Corresponds to the TBS Certificate in |
| /// https://tools.ietf.org/html/rfc5280#section-4.1.2. The field will always |
| /// be populated. |
| core.String? tbsCertificateDigest; |
| |
| /// Describes some of the technical X.509 fields in a certificate. |
| X509Parameters? x509Description; |
| |
| CertificateDescription({ |
| this.aiaIssuingCertificateUrls, |
| this.authorityKeyId, |
| this.certFingerprint, |
| this.crlDistributionPoints, |
| this.publicKey, |
| this.subjectDescription, |
| this.subjectKeyId, |
| this.tbsCertificateDigest, |
| this.x509Description, |
| }); |
| |
| CertificateDescription.fromJson(core.Map json_) |
| : this( |
| aiaIssuingCertificateUrls: |
| (json_['aiaIssuingCertificateUrls'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| authorityKeyId: json_.containsKey('authorityKeyId') |
| ? KeyId.fromJson( |
| json_['authorityKeyId'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| certFingerprint: json_.containsKey('certFingerprint') |
| ? CertificateFingerprint.fromJson( |
| json_['certFingerprint'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| crlDistributionPoints: (json_['crlDistributionPoints'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| publicKey: json_.containsKey('publicKey') |
| ? PublicKey.fromJson( |
| json_['publicKey'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectDescription: json_.containsKey('subjectDescription') |
| ? SubjectDescription.fromJson( |
| json_['subjectDescription'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectKeyId: json_.containsKey('subjectKeyId') |
| ? KeyId.fromJson( |
| json_['subjectKeyId'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| tbsCertificateDigest: json_['tbsCertificateDigest'] as core.String?, |
| x509Description: json_.containsKey('x509Description') |
| ? X509Parameters.fromJson( |
| json_['x509Description'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final aiaIssuingCertificateUrls = this.aiaIssuingCertificateUrls; |
| final authorityKeyId = this.authorityKeyId; |
| final certFingerprint = this.certFingerprint; |
| final crlDistributionPoints = this.crlDistributionPoints; |
| final publicKey = this.publicKey; |
| final subjectDescription = this.subjectDescription; |
| final subjectKeyId = this.subjectKeyId; |
| final tbsCertificateDigest = this.tbsCertificateDigest; |
| final x509Description = this.x509Description; |
| return { |
| 'aiaIssuingCertificateUrls': ?aiaIssuingCertificateUrls, |
| 'authorityKeyId': ?authorityKeyId, |
| 'certFingerprint': ?certFingerprint, |
| 'crlDistributionPoints': ?crlDistributionPoints, |
| 'publicKey': ?publicKey, |
| 'subjectDescription': ?subjectDescription, |
| 'subjectKeyId': ?subjectKeyId, |
| 'tbsCertificateDigest': ?tbsCertificateDigest, |
| 'x509Description': ?x509Description, |
| }; |
| } |
| } |
| |
| /// Describes a set of X.509 extensions that may be part of some certificate |
| /// issuance controls. |
| class CertificateExtensionConstraints { |
| /// A set of ObjectIds identifying custom X.509 extensions. |
| /// |
| /// Will be combined with known_extensions to determine the full set of X.509 |
| /// extensions. |
| /// |
| /// Optional. |
| core.List<ObjectId>? additionalExtensions; |
| |
| /// A set of named X.509 extensions. |
| /// |
| /// Will be combined with additional_extensions to determine the full set of |
| /// X.509 extensions. |
| /// |
| /// Optional. |
| core.List<core.String>? knownExtensions; |
| |
| CertificateExtensionConstraints({ |
| this.additionalExtensions, |
| this.knownExtensions, |
| }); |
| |
| CertificateExtensionConstraints.fromJson(core.Map json_) |
| : this( |
| additionalExtensions: (json_['additionalExtensions'] as core.List?) |
| ?.map( |
| (value) => ObjectId.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| knownExtensions: (json_['knownExtensions'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final additionalExtensions = this.additionalExtensions; |
| final knownExtensions = this.knownExtensions; |
| return { |
| 'additionalExtensions': ?additionalExtensions, |
| 'knownExtensions': ?knownExtensions, |
| }; |
| } |
| } |
| |
| /// A group of fingerprints for the x509 certificate. |
| class CertificateFingerprint { |
| /// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate. |
| core.String? sha256Hash; |
| |
| CertificateFingerprint({this.sha256Hash}); |
| |
| CertificateFingerprint.fromJson(core.Map json_) |
| : this(sha256Hash: json_['sha256Hash'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final sha256Hash = this.sha256Hash; |
| return {'sha256Hash': ?sha256Hash}; |
| } |
| } |
| |
| /// Describes constraints on a Certificate's Subject and SubjectAltNames. |
| class CertificateIdentityConstraints { |
| /// If this is true, the SubjectAltNames extension may be copied from a |
| /// certificate request into the signed certificate. |
| /// |
| /// Otherwise, the requested SubjectAltNames will be discarded. |
| /// |
| /// Required. |
| core.bool? allowSubjectAltNamesPassthrough; |
| |
| /// If this is true, the Subject field may be copied from a certificate |
| /// request into the signed certificate. |
| /// |
| /// Otherwise, the requested Subject will be discarded. |
| /// |
| /// Required. |
| core.bool? allowSubjectPassthrough; |
| |
| /// A CEL expression that may be used to validate the resolved X.509 Subject |
| /// and/or Subject Alternative Name before a certificate is signed. |
| /// |
| /// To see the full allowed syntax and some examples, see |
| /// https://cloud.google.com/certificate-authority-service/docs/using-cel |
| /// |
| /// Optional. |
| Expr? celExpression; |
| |
| CertificateIdentityConstraints({ |
| this.allowSubjectAltNamesPassthrough, |
| this.allowSubjectPassthrough, |
| this.celExpression, |
| }); |
| |
| CertificateIdentityConstraints.fromJson(core.Map json_) |
| : this( |
| allowSubjectAltNamesPassthrough: |
| json_['allowSubjectAltNamesPassthrough'] as core.bool?, |
| allowSubjectPassthrough: json_['allowSubjectPassthrough'] as core.bool?, |
| celExpression: json_.containsKey('celExpression') |
| ? Expr.fromJson( |
| json_['celExpression'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final allowSubjectAltNamesPassthrough = |
| this.allowSubjectAltNamesPassthrough; |
| final allowSubjectPassthrough = this.allowSubjectPassthrough; |
| final celExpression = this.celExpression; |
| return { |
| 'allowSubjectAltNamesPassthrough': ?allowSubjectAltNamesPassthrough, |
| 'allowSubjectPassthrough': ?allowSubjectPassthrough, |
| 'celExpression': ?celExpression, |
| }; |
| } |
| } |
| |
| /// A CertificateRevocationList corresponds to a signed X.509 certificate |
| /// Revocation List (CRL). |
| /// |
| /// A CRL contains the serial numbers of certificates that should no longer be |
| /// trusted. |
| class CertificateRevocationList { |
| /// The location where 'pem_crl' can be accessed. |
| /// |
| /// Output only. |
| core.String? accessUrl; |
| |
| /// The time at which this CertificateRevocationList was created. |
| /// |
| /// Output only. |
| core.String? createTime; |
| |
| /// Labels with user-defined metadata. |
| /// |
| /// Optional. |
| core.Map<core.String, core.String>? labels; |
| |
| /// Identifier. |
| /// |
| /// The resource name for this CertificateRevocationList in the format |
| /// `projects / * /locations / * /caPools / * certificateAuthorities / * / |
| /// certificateRevocationLists / * `. |
| core.String? name; |
| |
| /// The PEM-encoded X.509 CRL. |
| /// |
| /// Output only. |
| core.String? pemCrl; |
| |
| /// The revision ID of this CertificateRevocationList. |
| /// |
| /// A new revision is committed whenever a new CRL is published. The format is |
| /// an 8-character hexadecimal string. |
| /// |
| /// Output only. |
| core.String? revisionId; |
| |
| /// The revoked serial numbers that appear in pem_crl. |
| /// |
| /// Output only. |
| core.List<RevokedCertificate>? revokedCertificates; |
| |
| /// The CRL sequence number that appears in pem_crl. |
| /// |
| /// Output only. |
| core.String? sequenceNumber; |
| |
| /// The State for this CertificateRevocationList. |
| /// |
| /// Output only. |
| /// Possible string values are: |
| /// - "STATE_UNSPECIFIED" : Not specified. |
| /// - "ACTIVE" : The CertificateRevocationList is up to date. |
| /// - "SUPERSEDED" : The CertificateRevocationList is no longer current. |
| core.String? state; |
| |
| /// The time at which this CertificateRevocationList was updated. |
| /// |
| /// Output only. |
| core.String? updateTime; |
| |
| CertificateRevocationList({ |
| this.accessUrl, |
| this.createTime, |
| this.labels, |
| this.name, |
| this.pemCrl, |
| this.revisionId, |
| this.revokedCertificates, |
| this.sequenceNumber, |
| this.state, |
| this.updateTime, |
| }); |
| |
| CertificateRevocationList.fromJson(core.Map json_) |
| : this( |
| accessUrl: json_['accessUrl'] as core.String?, |
| createTime: json_['createTime'] as core.String?, |
| labels: (json_['labels'] as core.Map<core.String, core.dynamic>?)?.map( |
| (key, value) => core.MapEntry(key, value as core.String), |
| ), |
| name: json_['name'] as core.String?, |
| pemCrl: json_['pemCrl'] as core.String?, |
| revisionId: json_['revisionId'] as core.String?, |
| revokedCertificates: (json_['revokedCertificates'] as core.List?) |
| ?.map( |
| (value) => RevokedCertificate.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| sequenceNumber: json_['sequenceNumber'] as core.String?, |
| state: json_['state'] as core.String?, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final accessUrl = this.accessUrl; |
| final createTime = this.createTime; |
| final labels = this.labels; |
| final name = this.name; |
| final pemCrl = this.pemCrl; |
| final revisionId = this.revisionId; |
| final revokedCertificates = this.revokedCertificates; |
| final sequenceNumber = this.sequenceNumber; |
| final state = this.state; |
| final updateTime = this.updateTime; |
| return { |
| 'accessUrl': ?accessUrl, |
| 'createTime': ?createTime, |
| 'labels': ?labels, |
| 'name': ?name, |
| 'pemCrl': ?pemCrl, |
| 'revisionId': ?revisionId, |
| 'revokedCertificates': ?revokedCertificates, |
| 'sequenceNumber': ?sequenceNumber, |
| 'state': ?state, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// A CertificateTemplate refers to a managed template for certificate issuance. |
| class CertificateTemplate { |
| /// The time at which this CertificateTemplate was created. |
| /// |
| /// Output only. |
| core.String? createTime; |
| |
| /// A human-readable description of scenarios this template is intended for. |
| /// |
| /// Optional. |
| core.String? description; |
| |
| /// Describes constraints on identities that may be appear in Certificates |
| /// issued using this template. |
| /// |
| /// If this is omitted, then this template will not add restrictions on a |
| /// certificate's identity. |
| /// |
| /// Optional. |
| CertificateIdentityConstraints? identityConstraints; |
| |
| /// Labels with user-defined metadata. |
| /// |
| /// Optional. |
| core.Map<core.String, core.String>? labels; |
| |
| /// The maximum lifetime allowed for issued Certificates that use this |
| /// template. |
| /// |
| /// If the issuing CaPool resource's IssuancePolicy specifies a |
| /// maximum_lifetime the minimum of the two durations will be the maximum |
| /// lifetime for issued Certificates. Note that if the issuing |
| /// CertificateAuthority expires before a Certificate's requested |
| /// maximum_lifetime, the effective lifetime will be explicitly truncated to |
| /// match it. |
| /// |
| /// Optional. |
| core.String? maximumLifetime; |
| |
| /// Identifier. |
| /// |
| /// The resource name for this CertificateTemplate in the format `projects / * |
| /// /locations / * /certificateTemplates / * `. |
| core.String? name; |
| |
| /// Describes the set of X.509 extensions that may appear in a Certificate |
| /// issued using this CertificateTemplate. |
| /// |
| /// If a certificate request sets extensions that don't appear in the |
| /// passthrough_extensions, those extensions will be dropped. If the issuing |
| /// CaPool's IssuancePolicy defines baseline_values that don't appear here, |
| /// the certificate issuance request will fail. If this is omitted, then this |
| /// template will not add restrictions on a certificate's X.509 extensions. |
| /// These constraints do not apply to X.509 extensions set in this |
| /// CertificateTemplate's predefined_values. |
| /// |
| /// Optional. |
| CertificateExtensionConstraints? passthroughExtensions; |
| |
| /// A set of X.509 values that will be applied to all issued certificates that |
| /// use this template. |
| /// |
| /// If the certificate request includes conflicting values for the same |
| /// properties, they will be overwritten by the values defined here. If the |
| /// issuing CaPool's IssuancePolicy defines conflicting baseline_values for |
| /// the same properties, the certificate issuance request will fail. |
| /// |
| /// Optional. |
| X509Parameters? predefinedValues; |
| |
| /// The time at which this CertificateTemplate was updated. |
| /// |
| /// Output only. |
| core.String? updateTime; |
| |
| CertificateTemplate({ |
| this.createTime, |
| this.description, |
| this.identityConstraints, |
| this.labels, |
| this.maximumLifetime, |
| this.name, |
| this.passthroughExtensions, |
| this.predefinedValues, |
| this.updateTime, |
| }); |
| |
| CertificateTemplate.fromJson(core.Map json_) |
| : this( |
| createTime: json_['createTime'] as core.String?, |
| description: json_['description'] as core.String?, |
| identityConstraints: json_.containsKey('identityConstraints') |
| ? CertificateIdentityConstraints.fromJson( |
| json_['identityConstraints'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| labels: (json_['labels'] as core.Map<core.String, core.dynamic>?)?.map( |
| (key, value) => core.MapEntry(key, value as core.String), |
| ), |
| maximumLifetime: json_['maximumLifetime'] as core.String?, |
| name: json_['name'] as core.String?, |
| passthroughExtensions: json_.containsKey('passthroughExtensions') |
| ? CertificateExtensionConstraints.fromJson( |
| json_['passthroughExtensions'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| predefinedValues: json_.containsKey('predefinedValues') |
| ? X509Parameters.fromJson( |
| json_['predefinedValues'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| updateTime: json_['updateTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final createTime = this.createTime; |
| final description = this.description; |
| final identityConstraints = this.identityConstraints; |
| final labels = this.labels; |
| final maximumLifetime = this.maximumLifetime; |
| final name = this.name; |
| final passthroughExtensions = this.passthroughExtensions; |
| final predefinedValues = this.predefinedValues; |
| final updateTime = this.updateTime; |
| return { |
| 'createTime': ?createTime, |
| 'description': ?description, |
| 'identityConstraints': ?identityConstraints, |
| 'labels': ?labels, |
| 'maximumLifetime': ?maximumLifetime, |
| 'name': ?name, |
| 'passthroughExtensions': ?passthroughExtensions, |
| 'predefinedValues': ?predefinedValues, |
| 'updateTime': ?updateTime, |
| }; |
| } |
| } |
| |
| /// Request message for CertificateAuthorityService.DisableCertificateAuthority. |
| class DisableCertificateAuthorityRequest { |
| /// This field allows this CA to be disabled even if it's being depended on by |
| /// another resource. |
| /// |
| /// However, doing so may result in unintended and unrecoverable effects on |
| /// any dependent resources since the CA will no longer be able to issue |
| /// certificates. |
| /// |
| /// Optional. |
| core.bool? ignoreDependentResources; |
| |
| /// An ID to identify requests. |
| /// |
| /// Specify a unique request ID so that if you must retry your request, the |
| /// server will know to ignore the request if it has already been completed. |
| /// The server will guarantee that for at least 60 minutes since the first |
| /// request. For example, consider a situation where you make an initial |
| /// request and the request times out. If you make the request again with the |
| /// same request ID, the server can check if original operation with the same |
| /// request ID was received, and if so, will ignore the second request. This |
| /// prevents clients from accidentally creating duplicate commitments. The |
| /// request ID must be a valid UUID with the exception that zero UUID is not |
| /// supported (00000000-0000-0000-0000-000000000000). |
| /// |
| /// Optional. |
| core.String? requestId; |
| |
| DisableCertificateAuthorityRequest({ |
| this.ignoreDependentResources, |
| this.requestId, |
| }); |
| |
| DisableCertificateAuthorityRequest.fromJson(core.Map json_) |
| : this( |
| ignoreDependentResources: |
| json_['ignoreDependentResources'] as core.bool?, |
| requestId: json_['requestId'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final ignoreDependentResources = this.ignoreDependentResources; |
| final requestId = this.requestId; |
| return { |
| 'ignoreDependentResources': ?ignoreDependentResources, |
| 'requestId': ?requestId, |
| }; |
| } |
| } |
| |
| /// Describes an Elliptic Curve key that may be used in a Certificate issued |
| /// from a CaPool. |
| class EcKeyType { |
| /// A signature algorithm that must be used. |
| /// |
| /// If this is omitted, any EC-based signature algorithm will be allowed. |
| /// |
| /// Optional. |
| /// Possible string values are: |
| /// - "EC_SIGNATURE_ALGORITHM_UNSPECIFIED" : Not specified. Signifies that any |
| /// signature algorithm may be used. |
| /// - "ECDSA_P256" : Refers to the Elliptic Curve Digital Signature Algorithm |
| /// over the NIST P-256 curve. |
| /// - "ECDSA_P384" : Refers to the Elliptic Curve Digital Signature Algorithm |
| /// over the NIST P-384 curve. |
| /// - "EDDSA_25519" : Refers to the Edwards-curve Digital Signature Algorithm |
| /// over curve 25519, as described in RFC 8410. |
| core.String? signatureAlgorithm; |
| |
| EcKeyType({this.signatureAlgorithm}); |
| |
| EcKeyType.fromJson(core.Map json_) |
| : this(signatureAlgorithm: json_['signatureAlgorithm'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final signatureAlgorithm = this.signatureAlgorithm; |
| return {'signatureAlgorithm': ?signatureAlgorithm}; |
| } |
| } |
| |
| /// A generic empty message that you can re-use to avoid defining duplicated |
| /// empty messages in your APIs. |
| /// |
| /// A typical example is to use it as the request or the response type of an API |
| /// method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns |
| /// (google.protobuf.Empty); } |
| typedef Empty = $Empty; |
| |
| /// Request message for CertificateAuthorityService.EnableCertificateAuthority. |
| typedef EnableCertificateAuthorityRequest = $Request03; |
| |
| /// The configuration used for encrypting data at rest. |
| class EncryptionSpec { |
| /// The resource name for a Cloud KMS key in the format `projects / * |
| /// /locations / * /keyRings / * /cryptoKeys / * `. |
| core.String? cloudKmsKey; |
| |
| EncryptionSpec({this.cloudKmsKey}); |
| |
| EncryptionSpec.fromJson(core.Map json_) |
| : this(cloudKmsKey: json_['cloudKmsKey'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final cloudKmsKey = this.cloudKmsKey; |
| return {'cloudKmsKey': ?cloudKmsKey}; |
| } |
| } |
| |
| /// Represents a textual expression in the Common Expression Language (CEL) |
| /// syntax. |
| /// |
| /// CEL is a C-like expression language. The syntax and semantics of CEL are |
| /// documented at https://github.com/google/cel-spec. Example (Comparison): |
| /// title: "Summary size limit" description: "Determines if a summary is less |
| /// than 100 chars" expression: "document.summary.size() \< 100" Example |
| /// (Equality): title: "Requestor is owner" description: "Determines if |
| /// requestor is the document owner" expression: "document.owner == |
| /// request.auth.claims.email" Example (Logic): title: "Public documents" |
| /// description: "Determine whether the document should be publicly visible" |
| /// expression: "document.type != 'private' && document.type != 'internal'" |
| /// Example (Data Manipulation): title: "Notification string" description: |
| /// "Create a notification string with a timestamp." expression: "'New message |
| /// received at ' + string(document.create_time)" The exact variables and |
| /// functions that may be referenced within an expression are determined by the |
| /// service that evaluates it. See the service documentation for additional |
| /// information. |
| typedef Expr = $Expr; |
| |
| /// KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain |
| /// common OIDs that could be specified as an extended key usage value. |
| class ExtendedKeyUsageOptions { |
| /// Corresponds to OID 1.3.6.1.5.5.7.3.2. |
| /// |
| /// Officially described as "TLS WWW client authentication", though regularly |
| /// used for non-WWW TLS. |
| core.bool? clientAuth; |
| |
| /// Corresponds to OID 1.3.6.1.5.5.7.3.3. |
| /// |
| /// Officially described as "Signing of downloadable executable code client |
| /// authentication". |
| core.bool? codeSigning; |
| |
| /// Corresponds to OID 1.3.6.1.5.5.7.3.4. |
| /// |
| /// Officially described as "Email protection". |
| core.bool? emailProtection; |
| |
| /// Corresponds to OID 1.3.6.1.5.5.7.3.9. |
| /// |
| /// Officially described as "Signing OCSP responses". |
| core.bool? ocspSigning; |
| |
| /// Corresponds to OID 1.3.6.1.5.5.7.3.1. |
| /// |
| /// Officially described as "TLS WWW server authentication", though regularly |
| /// used for non-WWW TLS. |
| core.bool? serverAuth; |
| |
| /// Corresponds to OID 1.3.6.1.5.5.7.3.8. |
| /// |
| /// Officially described as "Binding the hash of an object to a time". |
| core.bool? timeStamping; |
| |
| ExtendedKeyUsageOptions({ |
| this.clientAuth, |
| this.codeSigning, |
| this.emailProtection, |
| this.ocspSigning, |
| this.serverAuth, |
| this.timeStamping, |
| }); |
| |
| ExtendedKeyUsageOptions.fromJson(core.Map json_) |
| : this( |
| clientAuth: json_['clientAuth'] as core.bool?, |
| codeSigning: json_['codeSigning'] as core.bool?, |
| emailProtection: json_['emailProtection'] as core.bool?, |
| ocspSigning: json_['ocspSigning'] as core.bool?, |
| serverAuth: json_['serverAuth'] as core.bool?, |
| timeStamping: json_['timeStamping'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final clientAuth = this.clientAuth; |
| final codeSigning = this.codeSigning; |
| final emailProtection = this.emailProtection; |
| final ocspSigning = this.ocspSigning; |
| final serverAuth = this.serverAuth; |
| final timeStamping = this.timeStamping; |
| return { |
| 'clientAuth': ?clientAuth, |
| 'codeSigning': ?codeSigning, |
| 'emailProtection': ?emailProtection, |
| 'ocspSigning': ?ocspSigning, |
| 'serverAuth': ?serverAuth, |
| 'timeStamping': ?timeStamping, |
| }; |
| } |
| } |
| |
| /// Request message for CertificateAuthorityService.FetchCaCerts. |
| typedef FetchCaCertsRequest = $Request03; |
| |
| /// Response message for CertificateAuthorityService.FetchCaCerts. |
| class FetchCaCertsResponse { |
| /// The PEM encoded CA certificate chains of all certificate authorities in |
| /// this CaPool in the ENABLED, DISABLED, or STAGED states. |
| core.List<CertChain>? caCerts; |
| |
| FetchCaCertsResponse({this.caCerts}); |
| |
| FetchCaCertsResponse.fromJson(core.Map json_) |
| : this( |
| caCerts: (json_['caCerts'] as core.List?) |
| ?.map( |
| (value) => CertChain.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final caCerts = this.caCerts; |
| return {'caCerts': ?caCerts}; |
| } |
| } |
| |
| /// Response message for |
| /// CertificateAuthorityService.FetchCertificateAuthorityCsr. |
| class FetchCertificateAuthorityCsrResponse { |
| /// The PEM-encoded signed certificate signing request (CSR). |
| /// |
| /// Output only. |
| core.String? pemCsr; |
| |
| FetchCertificateAuthorityCsrResponse({this.pemCsr}); |
| |
| FetchCertificateAuthorityCsrResponse.fromJson(core.Map json_) |
| : this(pemCsr: json_['pemCsr'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final pemCsr = this.pemCsr; |
| return {'pemCsr': ?pemCsr}; |
| } |
| } |
| |
| /// IssuanceModes specifies the allowed ways in which Certificates may be |
| /// requested from this CaPool. |
| class IssuanceModes { |
| /// When true, allows callers to create Certificates by specifying a |
| /// CertificateConfig. |
| /// |
| /// Optional. |
| core.bool? allowConfigBasedIssuance; |
| |
| /// When true, allows callers to create Certificates by specifying a CSR. |
| /// |
| /// Optional. |
| core.bool? allowCsrBasedIssuance; |
| |
| IssuanceModes({this.allowConfigBasedIssuance, this.allowCsrBasedIssuance}); |
| |
| IssuanceModes.fromJson(core.Map json_) |
| : this( |
| allowConfigBasedIssuance: |
| json_['allowConfigBasedIssuance'] as core.bool?, |
| allowCsrBasedIssuance: json_['allowCsrBasedIssuance'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final allowConfigBasedIssuance = this.allowConfigBasedIssuance; |
| final allowCsrBasedIssuance = this.allowCsrBasedIssuance; |
| return { |
| 'allowConfigBasedIssuance': ?allowConfigBasedIssuance, |
| 'allowCsrBasedIssuance': ?allowCsrBasedIssuance, |
| }; |
| } |
| } |
| |
| /// Defines controls over all certificate issuance within a CaPool. |
| class IssuancePolicy { |
| /// If specified, then only methods allowed in the IssuanceModes may be used |
| /// to issue Certificates. |
| /// |
| /// Optional. |
| IssuanceModes? allowedIssuanceModes; |
| |
| /// If any AllowedKeyType is specified, then the certificate request's public |
| /// key must match one of the key types listed here. |
| /// |
| /// Otherwise, any key may be used. |
| /// |
| /// Optional. |
| core.List<AllowedKeyType>? allowedKeyTypes; |
| |
| /// If set, all certificates issued from this CaPool will be backdated by this |
| /// duration. |
| /// |
| /// The 'not_before_time' will be the issuance time minus this |
| /// backdate_duration, and the 'not_after_time' will be adjusted to preserve |
| /// the requested lifetime. The maximum duration that a certificate can be |
| /// backdated with these options is 48 hours in the past. This option cannot |
| /// be set if allow_requester_specified_not_before_time is set. |
| /// |
| /// Optional. |
| core.String? backdateDuration; |
| |
| /// A set of X.509 values that will be applied to all certificates issued |
| /// through this CaPool. |
| /// |
| /// If a certificate request includes conflicting values for the same |
| /// properties, they will be overwritten by the values defined here. If a |
| /// certificate request uses a CertificateTemplate that defines conflicting |
| /// predefined_values for the same properties, the certificate issuance |
| /// request will fail. |
| /// |
| /// Optional. |
| X509Parameters? baselineValues; |
| |
| /// Describes constraints on identities that may appear in Certificates issued |
| /// through this CaPool. |
| /// |
| /// If this is omitted, then this CaPool will not add restrictions on a |
| /// certificate's identity. |
| /// |
| /// Optional. |
| CertificateIdentityConstraints? identityConstraints; |
| |
| /// The maximum lifetime allowed for issued Certificates. |
| /// |
| /// Note that if the issuing CertificateAuthority expires before a Certificate |
| /// resource's requested maximum_lifetime, the effective lifetime will be |
| /// explicitly truncated to match it. |
| /// |
| /// Optional. |
| core.String? maximumLifetime; |
| |
| /// Describes the set of X.509 extensions that may appear in a Certificate |
| /// issued through this CaPool. |
| /// |
| /// If a certificate request sets extensions that don't appear in the |
| /// passthrough_extensions, those extensions will be dropped. If a certificate |
| /// request uses a CertificateTemplate with predefined_values that don't |
| /// appear here, the certificate issuance request will fail. If this is |
| /// omitted, then this CaPool will not add restrictions on a certificate's |
| /// X.509 extensions. These constraints do not apply to X.509 extensions set |
| /// in this CaPool's baseline_values. |
| /// |
| /// Optional. |
| CertificateExtensionConstraints? passthroughExtensions; |
| |
| IssuancePolicy({ |
| this.allowedIssuanceModes, |
| this.allowedKeyTypes, |
| this.backdateDuration, |
| this.baselineValues, |
| this.identityConstraints, |
| this.maximumLifetime, |
| this.passthroughExtensions, |
| }); |
| |
| IssuancePolicy.fromJson(core.Map json_) |
| : this( |
| allowedIssuanceModes: json_.containsKey('allowedIssuanceModes') |
| ? IssuanceModes.fromJson( |
| json_['allowedIssuanceModes'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| allowedKeyTypes: (json_['allowedKeyTypes'] as core.List?) |
| ?.map( |
| (value) => AllowedKeyType.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| backdateDuration: json_['backdateDuration'] as core.String?, |
| baselineValues: json_.containsKey('baselineValues') |
| ? X509Parameters.fromJson( |
| json_['baselineValues'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| identityConstraints: json_.containsKey('identityConstraints') |
| ? CertificateIdentityConstraints.fromJson( |
| json_['identityConstraints'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| maximumLifetime: json_['maximumLifetime'] as core.String?, |
| passthroughExtensions: json_.containsKey('passthroughExtensions') |
| ? CertificateExtensionConstraints.fromJson( |
| json_['passthroughExtensions'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final allowedIssuanceModes = this.allowedIssuanceModes; |
| final allowedKeyTypes = this.allowedKeyTypes; |
| final backdateDuration = this.backdateDuration; |
| final baselineValues = this.baselineValues; |
| final identityConstraints = this.identityConstraints; |
| final maximumLifetime = this.maximumLifetime; |
| final passthroughExtensions = this.passthroughExtensions; |
| return { |
| 'allowedIssuanceModes': ?allowedIssuanceModes, |
| 'allowedKeyTypes': ?allowedKeyTypes, |
| 'backdateDuration': ?backdateDuration, |
| 'baselineValues': ?baselineValues, |
| 'identityConstraints': ?identityConstraints, |
| 'maximumLifetime': ?maximumLifetime, |
| 'passthroughExtensions': ?passthroughExtensions, |
| }; |
| } |
| } |
| |
| /// A KeyId identifies a specific public key, usually by hashing the public key. |
| class KeyId { |
| /// The value of this KeyId encoded in lowercase hexadecimal. |
| /// |
| /// This is most likely the 160 bit SHA-1 hash of the public key. |
| /// |
| /// Optional. |
| core.String? keyId; |
| |
| KeyId({this.keyId}); |
| |
| KeyId.fromJson(core.Map json_) : this(keyId: json_['keyId'] as core.String?); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final keyId = this.keyId; |
| return {'keyId': ?keyId}; |
| } |
| } |
| |
| /// A KeyUsage describes key usage values that may appear in an X.509 |
| /// certificate. |
| class KeyUsage { |
| /// Describes high-level ways in which a key may be used. |
| KeyUsageOptions? baseKeyUsage; |
| |
| /// Detailed scenarios in which a key may be used. |
| ExtendedKeyUsageOptions? extendedKeyUsage; |
| |
| /// Used to describe extended key usages that are not listed in the |
| /// KeyUsage.ExtendedKeyUsageOptions message. |
| core.List<ObjectId>? unknownExtendedKeyUsages; |
| |
| KeyUsage({ |
| this.baseKeyUsage, |
| this.extendedKeyUsage, |
| this.unknownExtendedKeyUsages, |
| }); |
| |
| KeyUsage.fromJson(core.Map json_) |
| : this( |
| baseKeyUsage: json_.containsKey('baseKeyUsage') |
| ? KeyUsageOptions.fromJson( |
| json_['baseKeyUsage'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| extendedKeyUsage: json_.containsKey('extendedKeyUsage') |
| ? ExtendedKeyUsageOptions.fromJson( |
| json_['extendedKeyUsage'] |
| as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| unknownExtendedKeyUsages: |
| (json_['unknownExtendedKeyUsages'] as core.List?) |
| ?.map( |
| (value) => ObjectId.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final baseKeyUsage = this.baseKeyUsage; |
| final extendedKeyUsage = this.extendedKeyUsage; |
| final unknownExtendedKeyUsages = this.unknownExtendedKeyUsages; |
| return { |
| 'baseKeyUsage': ?baseKeyUsage, |
| 'extendedKeyUsage': ?extendedKeyUsage, |
| 'unknownExtendedKeyUsages': ?unknownExtendedKeyUsages, |
| }; |
| } |
| } |
| |
| /// KeyUsage.KeyUsageOptions corresponds to the key usage values described in |
| /// https://tools.ietf.org/html/rfc5280#section-4.2.1.3. |
| class KeyUsageOptions { |
| /// The key may be used to sign certificates. |
| core.bool? certSign; |
| |
| /// The key may be used for cryptographic commitments. |
| /// |
| /// Note that this may also be referred to as "non-repudiation". |
| core.bool? contentCommitment; |
| |
| /// The key may be used sign certificate revocation lists. |
| core.bool? crlSign; |
| |
| /// The key may be used to encipher data. |
| core.bool? dataEncipherment; |
| |
| /// The key may be used to decipher only. |
| core.bool? decipherOnly; |
| |
| /// The key may be used for digital signatures. |
| core.bool? digitalSignature; |
| |
| /// The key may be used to encipher only. |
| core.bool? encipherOnly; |
| |
| /// The key may be used in a key agreement protocol. |
| core.bool? keyAgreement; |
| |
| /// The key may be used to encipher other keys. |
| core.bool? keyEncipherment; |
| |
| KeyUsageOptions({ |
| this.certSign, |
| this.contentCommitment, |
| this.crlSign, |
| this.dataEncipherment, |
| this.decipherOnly, |
| this.digitalSignature, |
| this.encipherOnly, |
| this.keyAgreement, |
| this.keyEncipherment, |
| }); |
| |
| KeyUsageOptions.fromJson(core.Map json_) |
| : this( |
| certSign: json_['certSign'] as core.bool?, |
| contentCommitment: json_['contentCommitment'] as core.bool?, |
| crlSign: json_['crlSign'] as core.bool?, |
| dataEncipherment: json_['dataEncipherment'] as core.bool?, |
| decipherOnly: json_['decipherOnly'] as core.bool?, |
| digitalSignature: json_['digitalSignature'] as core.bool?, |
| encipherOnly: json_['encipherOnly'] as core.bool?, |
| keyAgreement: json_['keyAgreement'] as core.bool?, |
| keyEncipherment: json_['keyEncipherment'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certSign = this.certSign; |
| final contentCommitment = this.contentCommitment; |
| final crlSign = this.crlSign; |
| final dataEncipherment = this.dataEncipherment; |
| final decipherOnly = this.decipherOnly; |
| final digitalSignature = this.digitalSignature; |
| final encipherOnly = this.encipherOnly; |
| final keyAgreement = this.keyAgreement; |
| final keyEncipherment = this.keyEncipherment; |
| return { |
| 'certSign': ?certSign, |
| 'contentCommitment': ?contentCommitment, |
| 'crlSign': ?crlSign, |
| 'dataEncipherment': ?dataEncipherment, |
| 'decipherOnly': ?decipherOnly, |
| 'digitalSignature': ?digitalSignature, |
| 'encipherOnly': ?encipherOnly, |
| 'keyAgreement': ?keyAgreement, |
| 'keyEncipherment': ?keyEncipherment, |
| }; |
| } |
| } |
| |
| /// A Cloud KMS key configuration that a CertificateAuthority will use. |
| class KeyVersionSpec { |
| /// The algorithm to use for creating a managed Cloud KMS key for a for a |
| /// simplified experience. |
| /// |
| /// All managed keys will be have their ProtectionLevel as `HSM`. |
| /// Possible string values are: |
| /// - "SIGN_HASH_ALGORITHM_UNSPECIFIED" : Not specified. |
| /// - "RSA_PSS_2048_SHA256" : maps to |
| /// CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256 |
| /// - "RSA_PSS_3072_SHA256" : maps to CryptoKeyVersionAlgorithm. |
| /// RSA_SIGN_PSS_3072_SHA256 |
| /// - "RSA_PSS_4096_SHA256" : maps to |
| /// CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256 |
| /// - "RSA_PKCS1_2048_SHA256" : maps to |
| /// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256 |
| /// - "RSA_PKCS1_3072_SHA256" : maps to |
| /// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256 |
| /// - "RSA_PKCS1_4096_SHA256" : maps to |
| /// CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256 |
| /// - "EC_P256_SHA256" : maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256 |
| /// - "EC_P384_SHA384" : maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384 |
| core.String? algorithm; |
| |
| /// The resource name for an existing Cloud KMS CryptoKeyVersion in the format |
| /// `projects / * /locations / * /keyRings / * /cryptoKeys / * |
| /// /cryptoKeyVersions / * `. |
| /// |
| /// This option enables full flexibility in the key's capabilities and |
| /// properties. |
| core.String? cloudKmsKeyVersion; |
| |
| KeyVersionSpec({this.algorithm, this.cloudKmsKeyVersion}); |
| |
| KeyVersionSpec.fromJson(core.Map json_) |
| : this( |
| algorithm: json_['algorithm'] as core.String?, |
| cloudKmsKeyVersion: json_['cloudKmsKeyVersion'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final algorithm = this.algorithm; |
| final cloudKmsKeyVersion = this.cloudKmsKeyVersion; |
| return {'algorithm': ?algorithm, 'cloudKmsKeyVersion': ?cloudKmsKeyVersion}; |
| } |
| } |
| |
| /// Response message for CertificateAuthorityService.ListCaPools. |
| class ListCaPoolsResponse { |
| /// The list of CaPools. |
| core.List<CaPool>? caPools; |
| |
| /// A token to retrieve next page of results. |
| /// |
| /// Pass this value in ListCertificateAuthoritiesRequest.page_token to |
| /// retrieve the next page of results. |
| core.String? nextPageToken; |
| |
| /// A list of locations (e.g. "us-west1") that could not be reached. |
| core.List<core.String>? unreachable; |
| |
| ListCaPoolsResponse({this.caPools, this.nextPageToken, this.unreachable}); |
| |
| ListCaPoolsResponse.fromJson(core.Map json_) |
| : this( |
| caPools: (json_['caPools'] as core.List?) |
| ?.map( |
| (value) => |
| CaPool.fromJson(value as core.Map<core.String, core.dynamic>), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final caPools = this.caPools; |
| final nextPageToken = this.nextPageToken; |
| final unreachable = this.unreachable; |
| return { |
| 'caPools': ?caPools, |
| 'nextPageToken': ?nextPageToken, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// Response message for CertificateAuthorityService.ListCertificateAuthorities. |
| class ListCertificateAuthoritiesResponse { |
| /// The list of CertificateAuthorities. |
| core.List<CertificateAuthority>? certificateAuthorities; |
| |
| /// A token to retrieve next page of results. |
| /// |
| /// Pass this value in ListCertificateAuthoritiesRequest.page_token to |
| /// retrieve the next page of results. |
| core.String? nextPageToken; |
| |
| /// A list of locations (e.g. "us-west1") that could not be reached. |
| core.List<core.String>? unreachable; |
| |
| ListCertificateAuthoritiesResponse({ |
| this.certificateAuthorities, |
| this.nextPageToken, |
| this.unreachable, |
| }); |
| |
| ListCertificateAuthoritiesResponse.fromJson(core.Map json_) |
| : this( |
| certificateAuthorities: (json_['certificateAuthorities'] as core.List?) |
| ?.map( |
| (value) => CertificateAuthority.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateAuthorities = this.certificateAuthorities; |
| final nextPageToken = this.nextPageToken; |
| final unreachable = this.unreachable; |
| return { |
| 'certificateAuthorities': ?certificateAuthorities, |
| 'nextPageToken': ?nextPageToken, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// Response message for |
| /// CertificateAuthorityService.ListCertificateRevocationLists. |
| class ListCertificateRevocationListsResponse { |
| /// The list of CertificateRevocationLists. |
| core.List<CertificateRevocationList>? certificateRevocationLists; |
| |
| /// A token to retrieve next page of results. |
| /// |
| /// Pass this value in ListCertificateRevocationListsRequest.page_token to |
| /// retrieve the next page of results. |
| core.String? nextPageToken; |
| |
| /// A list of locations (e.g. "us-west1") that could not be reached. |
| core.List<core.String>? unreachable; |
| |
| ListCertificateRevocationListsResponse({ |
| this.certificateRevocationLists, |
| this.nextPageToken, |
| this.unreachable, |
| }); |
| |
| ListCertificateRevocationListsResponse.fromJson(core.Map json_) |
| : this( |
| certificateRevocationLists: |
| (json_['certificateRevocationLists'] as core.List?) |
| ?.map( |
| (value) => CertificateRevocationList.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateRevocationLists = this.certificateRevocationLists; |
| final nextPageToken = this.nextPageToken; |
| final unreachable = this.unreachable; |
| return { |
| 'certificateRevocationLists': ?certificateRevocationLists, |
| 'nextPageToken': ?nextPageToken, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// Response message for CertificateAuthorityService.ListCertificateTemplates. |
| class ListCertificateTemplatesResponse { |
| /// The list of CertificateTemplates. |
| core.List<CertificateTemplate>? certificateTemplates; |
| |
| /// A token to retrieve next page of results. |
| /// |
| /// Pass this value in ListCertificateTemplatesRequest.page_token to retrieve |
| /// the next page of results. |
| core.String? nextPageToken; |
| |
| /// A list of locations (e.g. "us-west1") that could not be reached. |
| core.List<core.String>? unreachable; |
| |
| ListCertificateTemplatesResponse({ |
| this.certificateTemplates, |
| this.nextPageToken, |
| this.unreachable, |
| }); |
| |
| ListCertificateTemplatesResponse.fromJson(core.Map json_) |
| : this( |
| certificateTemplates: (json_['certificateTemplates'] as core.List?) |
| ?.map( |
| (value) => CertificateTemplate.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateTemplates = this.certificateTemplates; |
| final nextPageToken = this.nextPageToken; |
| final unreachable = this.unreachable; |
| return { |
| 'certificateTemplates': ?certificateTemplates, |
| 'nextPageToken': ?nextPageToken, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// Response message for CertificateAuthorityService.ListCertificates. |
| class ListCertificatesResponse { |
| /// The list of Certificates. |
| core.List<Certificate>? certificates; |
| |
| /// A token to retrieve next page of results. |
| /// |
| /// Pass this value in ListCertificatesRequest.page_token to retrieve the next |
| /// page of results. |
| core.String? nextPageToken; |
| |
| /// A list of locations (e.g. "us-west1") that could not be reached. |
| core.List<core.String>? unreachable; |
| |
| ListCertificatesResponse({ |
| this.certificates, |
| this.nextPageToken, |
| this.unreachable, |
| }); |
| |
| ListCertificatesResponse.fromJson(core.Map json_) |
| : this( |
| certificates: (json_['certificates'] as core.List?) |
| ?.map( |
| (value) => Certificate.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificates = this.certificates; |
| final nextPageToken = this.nextPageToken; |
| final unreachable = this.unreachable; |
| return { |
| 'certificates': ?certificates, |
| 'nextPageToken': ?nextPageToken, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// The response message for Locations.ListLocations. |
| class ListLocationsResponse { |
| /// A list of locations that matches the specified filter in the request. |
| core.List<Location>? locations; |
| |
| /// The standard List next-page token. |
| core.String? nextPageToken; |
| |
| ListLocationsResponse({this.locations, this.nextPageToken}); |
| |
| ListLocationsResponse.fromJson(core.Map json_) |
| : this( |
| locations: (json_['locations'] as core.List?) |
| ?.map( |
| (value) => Location.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final locations = this.locations; |
| final nextPageToken = this.nextPageToken; |
| return {'locations': ?locations, 'nextPageToken': ?nextPageToken}; |
| } |
| } |
| |
| /// The response message for Operations.ListOperations. |
| class ListOperationsResponse { |
| /// The standard List next-page token. |
| core.String? nextPageToken; |
| |
| /// A list of operations that matches the specified filter in the request. |
| core.List<Operation>? operations; |
| |
| /// Unordered list. |
| /// |
| /// Unreachable resources. Populated when the request sets |
| /// `ListOperationsRequest.return_partial_success` and reads across |
| /// collections. For example, when attempting to list all resources across all |
| /// supported locations. |
| core.List<core.String>? unreachable; |
| |
| ListOperationsResponse({ |
| this.nextPageToken, |
| this.operations, |
| this.unreachable, |
| }); |
| |
| ListOperationsResponse.fromJson(core.Map json_) |
| : this( |
| nextPageToken: json_['nextPageToken'] as core.String?, |
| operations: (json_['operations'] as core.List?) |
| ?.map( |
| (value) => Operation.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| unreachable: (json_['unreachable'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final nextPageToken = this.nextPageToken; |
| final operations = this.operations; |
| final unreachable = this.unreachable; |
| return { |
| 'nextPageToken': ?nextPageToken, |
| 'operations': ?operations, |
| 'unreachable': ?unreachable, |
| }; |
| } |
| } |
| |
| /// A resource that represents a Google Cloud location. |
| typedef Location = $Location00; |
| |
| /// Describes the X.509 name constraints extension, per |
| /// https://tools.ietf.org/html/rfc5280#section-4.2.1.10 |
| class NameConstraints { |
| /// Indicates whether or not the name constraints are marked critical. |
| core.bool? critical; |
| |
| /// Contains excluded DNS names. |
| /// |
| /// Any DNS name that can be constructed by simply adding zero or more labels |
| /// to the left-hand side of the name satisfies the name constraint. For |
| /// example, `example.com`, `www.example.com`, `www.sub.example.com` would |
| /// satisfy `example.com` while `example1.com` does not. |
| core.List<core.String>? excludedDnsNames; |
| |
| /// Contains the excluded email addresses. |
| /// |
| /// The value can be a particular email address, a hostname to indicate all |
| /// email addresses on that host or a domain with a leading period (e.g. |
| /// `.example.com`) to indicate all email addresses in that domain. |
| core.List<core.String>? excludedEmailAddresses; |
| |
| /// Contains the excluded IP ranges. |
| /// |
| /// For IPv4 addresses, the ranges are expressed using CIDR notation as |
| /// specified in RFC 4632. For IPv6 addresses, the ranges are expressed in |
| /// similar encoding as IPv4 addresses. |
| core.List<core.String>? excludedIpRanges; |
| |
| /// Contains the excluded URIs that apply to the host part of the name. |
| /// |
| /// The value can be a hostname or a domain with a leading period (like |
| /// `.example.com`) |
| core.List<core.String>? excludedUris; |
| |
| /// Contains permitted DNS names. |
| /// |
| /// Any DNS name that can be constructed by simply adding zero or more labels |
| /// to the left-hand side of the name satisfies the name constraint. For |
| /// example, `example.com`, `www.example.com`, `www.sub.example.com` would |
| /// satisfy `example.com` while `example1.com` does not. |
| core.List<core.String>? permittedDnsNames; |
| |
| /// Contains the permitted email addresses. |
| /// |
| /// The value can be a particular email address, a hostname to indicate all |
| /// email addresses on that host or a domain with a leading period (e.g. |
| /// `.example.com`) to indicate all email addresses in that domain. |
| core.List<core.String>? permittedEmailAddresses; |
| |
| /// Contains the permitted IP ranges. |
| /// |
| /// For IPv4 addresses, the ranges are expressed using CIDR notation as |
| /// specified in RFC 4632. For IPv6 addresses, the ranges are expressed in |
| /// similar encoding as IPv4 addresses. |
| core.List<core.String>? permittedIpRanges; |
| |
| /// Contains the permitted URIs that apply to the host part of the name. |
| /// |
| /// The value can be a hostname or a domain with a leading period (like |
| /// `.example.com`) |
| core.List<core.String>? permittedUris; |
| |
| NameConstraints({ |
| this.critical, |
| this.excludedDnsNames, |
| this.excludedEmailAddresses, |
| this.excludedIpRanges, |
| this.excludedUris, |
| this.permittedDnsNames, |
| this.permittedEmailAddresses, |
| this.permittedIpRanges, |
| this.permittedUris, |
| }); |
| |
| NameConstraints.fromJson(core.Map json_) |
| : this( |
| critical: json_['critical'] as core.bool?, |
| excludedDnsNames: (json_['excludedDnsNames'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| excludedEmailAddresses: (json_['excludedEmailAddresses'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| excludedIpRanges: (json_['excludedIpRanges'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| excludedUris: (json_['excludedUris'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| permittedDnsNames: (json_['permittedDnsNames'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| permittedEmailAddresses: |
| (json_['permittedEmailAddresses'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| permittedIpRanges: (json_['permittedIpRanges'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| permittedUris: (json_['permittedUris'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final critical = this.critical; |
| final excludedDnsNames = this.excludedDnsNames; |
| final excludedEmailAddresses = this.excludedEmailAddresses; |
| final excludedIpRanges = this.excludedIpRanges; |
| final excludedUris = this.excludedUris; |
| final permittedDnsNames = this.permittedDnsNames; |
| final permittedEmailAddresses = this.permittedEmailAddresses; |
| final permittedIpRanges = this.permittedIpRanges; |
| final permittedUris = this.permittedUris; |
| return { |
| 'critical': ?critical, |
| 'excludedDnsNames': ?excludedDnsNames, |
| 'excludedEmailAddresses': ?excludedEmailAddresses, |
| 'excludedIpRanges': ?excludedIpRanges, |
| 'excludedUris': ?excludedUris, |
| 'permittedDnsNames': ?permittedDnsNames, |
| 'permittedEmailAddresses': ?permittedEmailAddresses, |
| 'permittedIpRanges': ?permittedIpRanges, |
| 'permittedUris': ?permittedUris, |
| }; |
| } |
| } |
| |
| /// An ObjectId specifies an object identifier (OID). |
| /// |
| /// These provide context and describe types in ASN.1 messages. |
| class ObjectId { |
| /// The parts of an OID path. |
| /// |
| /// The most significant parts of the path come first. |
| /// |
| /// Required. |
| core.List<core.int>? objectIdPath; |
| |
| ObjectId({this.objectIdPath}); |
| |
| ObjectId.fromJson(core.Map json_) |
| : this( |
| objectIdPath: (json_['objectIdPath'] as core.List?) |
| ?.map((value) => value as core.int) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final objectIdPath = this.objectIdPath; |
| return {'objectIdPath': ?objectIdPath}; |
| } |
| } |
| |
| /// This resource represents a long-running operation that is the result of a |
| /// network API call. |
| class Operation { |
| /// If the value is `false`, it means the operation is still in progress. |
| /// |
| /// If `true`, the operation is completed, and either `error` or `response` is |
| /// available. |
| core.bool? done; |
| |
| /// The error result of the operation in case of failure or cancellation. |
| Status? error; |
| |
| /// Service-specific metadata associated with the operation. |
| /// |
| /// It typically contains progress information and common metadata such as |
| /// create time. Some services might not provide such metadata. Any method |
| /// that returns a long-running operation should document the metadata type, |
| /// if any. |
| /// |
| /// The values for Object must be JSON objects. It can consist of `num`, |
| /// `String`, `bool` and `null` as well as `Map` and `List` values. |
| core.Map<core.String, core.Object?>? metadata; |
| |
| /// The server-assigned name, which is only unique within the same service |
| /// that originally returns it. |
| /// |
| /// If you use the default HTTP mapping, the `name` should be a resource name |
| /// ending with `operations/{unique_id}`. |
| core.String? name; |
| |
| /// The normal, successful response of the operation. |
| /// |
| /// If the original method returns no data on success, such as `Delete`, the |
| /// response is `google.protobuf.Empty`. If the original method is standard |
| /// `Get`/`Create`/`Update`, the response should be the resource. For other |
| /// methods, the response should have the type `XxxResponse`, where `Xxx` is |
| /// the original method name. For example, if the original method name is |
| /// `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`. |
| /// |
| /// The values for Object must be JSON objects. It can consist of `num`, |
| /// `String`, `bool` and `null` as well as `Map` and `List` values. |
| core.Map<core.String, core.Object?>? response; |
| |
| Operation({this.done, this.error, this.metadata, this.name, this.response}); |
| |
| Operation.fromJson(core.Map json_) |
| : this( |
| done: json_['done'] as core.bool?, |
| error: json_.containsKey('error') |
| ? Status.fromJson( |
| json_['error'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| metadata: json_.containsKey('metadata') |
| ? json_['metadata'] as core.Map<core.String, core.dynamic> |
| : null, |
| name: json_['name'] as core.String?, |
| response: json_.containsKey('response') |
| ? json_['response'] as core.Map<core.String, core.dynamic> |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final done = this.done; |
| final error = this.error; |
| final metadata = this.metadata; |
| final name = this.name; |
| final response = this.response; |
| return { |
| 'done': ?done, |
| 'error': ?error, |
| 'metadata': ?metadata, |
| 'name': ?name, |
| 'response': ?response, |
| }; |
| } |
| } |
| |
| /// An Identity and Access Management (IAM) policy, which specifies access |
| /// controls for Google Cloud resources. |
| /// |
| /// A `Policy` is a collection of `bindings`. A `binding` binds one or more |
| /// `members`, or principals, to a single `role`. Principals can be user |
| /// accounts, service accounts, Google groups, and domains (such as G Suite). A |
| /// `role` is a named list of permissions; each `role` can be an IAM predefined |
| /// role or a user-created custom role. For some types of Google Cloud |
| /// resources, a `binding` can also specify a `condition`, which is a logical |
| /// expression that allows access to a resource only if the expression evaluates |
| /// to `true`. A condition can add constraints based on attributes of the |
| /// request, the resource, or both. To learn which resources support conditions |
| /// in their IAM policies, see the |
| /// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| /// **JSON example:** ``` { "bindings": [ { "role": |
| /// "roles/resourcemanager.organizationAdmin", "members": [ |
| /// "user:mike@example.com", "group:admins@example.com", "domain:google.com", |
| /// "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": |
| /// "roles/resourcemanager.organizationViewer", "members": [ |
| /// "user:eve@example.com" ], "condition": { "title": "expirable access", |
| /// "description": "Does not grant access after Sep 2020", "expression": |
| /// "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": |
| /// "BwWWja0YfJA=", "version": 3 } ``` **YAML example:** ``` bindings: - |
| /// members: - user:mike@example.com - group:admins@example.com - |
| /// domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com |
| /// role: roles/resourcemanager.organizationAdmin - members: - |
| /// user:eve@example.com role: roles/resourcemanager.organizationViewer |
| /// condition: title: expirable access description: Does not grant access after |
| /// Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') |
| /// etag: BwWWja0YfJA= version: 3 ``` For a description of IAM and its features, |
| /// see the [IAM documentation](https://cloud.google.com/iam/docs/). |
| class Policy { |
| /// Specifies cloud audit logging configuration for this policy. |
| core.List<AuditConfig>? auditConfigs; |
| |
| /// Associates a list of `members`, or principals, with a `role`. |
| /// |
| /// Optionally, may specify a `condition` that determines how and when the |
| /// `bindings` are applied. Each of the `bindings` must contain at least one |
| /// principal. The `bindings` in a `Policy` can refer to up to 1,500 |
| /// principals; up to 250 of these principals can be Google groups. Each |
| /// occurrence of a principal counts towards these limits. For example, if the |
| /// `bindings` grant 50 different roles to `user:alice@example.com`, and not |
| /// to any other principal, then you can add another 1,450 principals to the |
| /// `bindings` in the `Policy`. |
| core.List<Binding>? bindings; |
| |
| /// `etag` is used for optimistic concurrency control as a way to help prevent |
| /// simultaneous updates of a policy from overwriting each other. |
| /// |
| /// It is strongly suggested that systems make use of the `etag` in the |
| /// read-modify-write cycle to perform policy updates in order to avoid race |
| /// conditions: An `etag` is returned in the response to `getIamPolicy`, and |
| /// systems are expected to put that etag in the request to `setIamPolicy` to |
| /// ensure that their change will be applied to the same version of the |
| /// policy. **Important:** If you use IAM Conditions, you must include the |
| /// `etag` field whenever you call `setIamPolicy`. If you omit this field, |
| /// then IAM allows you to overwrite a version `3` policy with a version `1` |
| /// policy, and all of the conditions in the version `3` policy are lost. |
| core.String? etag; |
| core.List<core.int> get etagAsBytes => convert.base64.decode(etag!); |
| |
| set etagAsBytes(core.List<core.int> bytes_) { |
| etag = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| /// Specifies the format of the policy. |
| /// |
| /// Valid values are `0`, `1`, and `3`. Requests that specify an invalid value |
| /// are rejected. Any operation that affects conditional role bindings must |
| /// specify version `3`. This requirement applies to the following operations: |
| /// * Getting a policy that includes a conditional role binding * Adding a |
| /// conditional role binding to a policy * Changing a conditional role binding |
| /// in a policy * Removing any role binding, with or without a condition, from |
| /// a policy that includes conditions **Important:** If you use IAM |
| /// Conditions, you must include the `etag` field whenever you call |
| /// `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a |
| /// version `3` policy with a version `1` policy, and all of the conditions in |
| /// the version `3` policy are lost. If a policy does not include any |
| /// conditions, operations on that policy may specify any valid version or |
| /// leave the field unset. To learn which resources support conditions in |
| /// their IAM policies, see the |
| /// [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). |
| core.int? version; |
| |
| Policy({this.auditConfigs, this.bindings, this.etag, this.version}); |
| |
| Policy.fromJson(core.Map json_) |
| : this( |
| auditConfigs: (json_['auditConfigs'] as core.List?) |
| ?.map( |
| (value) => AuditConfig.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| bindings: (json_['bindings'] as core.List?) |
| ?.map( |
| (value) => Binding.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| etag: json_['etag'] as core.String?, |
| version: json_['version'] as core.int?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final auditConfigs = this.auditConfigs; |
| final bindings = this.bindings; |
| final etag = this.etag; |
| final version = this.version; |
| return { |
| 'auditConfigs': ?auditConfigs, |
| 'bindings': ?bindings, |
| 'etag': ?etag, |
| 'version': ?version, |
| }; |
| } |
| } |
| |
| /// A PublicKey describes a public key. |
| class PublicKey { |
| /// The format of the public key. |
| /// |
| /// Required. |
| /// Possible string values are: |
| /// - "KEY_FORMAT_UNSPECIFIED" : Default unspecified value. |
| /// - "PEM" : The key is PEM-encoded as defined in |
| /// [RFC 7468](https://tools.ietf.org/html/rfc7468). It can be any of the |
| /// following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, an RFC |
| /// 5280 |
| /// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) or |
| /// a PEM-encoded X.509 certificate signing request (CSR). If a |
| /// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) is |
| /// specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey or |
| /// a NIST P-256/secp256r1/prime256v1 or P-384 key. If a CSR is specified, it |
| /// will used solely for the purpose of extracting the public key. When |
| /// generated by the service, it will always be an RFC 5280 |
| /// [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) |
| /// structure containing an algorithm identifier and a key. |
| core.String? format; |
| |
| /// A public key. |
| /// |
| /// The padding and encoding must match with the `KeyFormat` value specified |
| /// for the `format` field. |
| /// |
| /// Required. |
| core.String? key; |
| core.List<core.int> get keyAsBytes => convert.base64.decode(key!); |
| |
| set keyAsBytes(core.List<core.int> bytes_) { |
| key = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| PublicKey({this.format, this.key}); |
| |
| PublicKey.fromJson(core.Map json_) |
| : this( |
| format: json_['format'] as core.String?, |
| key: json_['key'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final format = this.format; |
| final key = this.key; |
| return {'format': ?format, 'key': ?key}; |
| } |
| } |
| |
| /// Options relating to the publication of each CertificateAuthority's CA |
| /// certificate and CRLs and their inclusion as extensions in issued |
| /// Certificates. |
| /// |
| /// The options set here apply to certificates issued by any |
| /// CertificateAuthority in the CaPool. |
| class PublishingOptions { |
| /// Specifies the encoding format of each CertificateAuthority resource's CA |
| /// certificate and CRLs. |
| /// |
| /// If this is omitted, CA certificates and CRLs will be published in PEM. |
| /// |
| /// Optional. |
| /// Possible string values are: |
| /// - "ENCODING_FORMAT_UNSPECIFIED" : Not specified. By default, PEM format |
| /// will be used. |
| /// - "PEM" : The CertificateAuthority's CA certificate and CRLs will be |
| /// published in PEM format. |
| /// - "DER" : The CertificateAuthority's CA certificate and CRLs will be |
| /// published in DER format. |
| core.String? encodingFormat; |
| |
| /// When true, publishes each CertificateAuthority's CA certificate and |
| /// includes its URL in the "Authority Information Access" X.509 extension in |
| /// all issued Certificates. |
| /// |
| /// If this is false, the CA certificate will not be published and the |
| /// corresponding X.509 extension will not be written in issued certificates. |
| /// |
| /// Optional. |
| core.bool? publishCaCert; |
| |
| /// When true, publishes each CertificateAuthority's CRL and includes its URL |
| /// in the "CRL Distribution Points" X.509 extension in all issued |
| /// Certificates. |
| /// |
| /// If this is false, CRLs will not be published and the corresponding X.509 |
| /// extension will not be written in issued certificates. CRLs will expire 7 |
| /// days from their creation. However, we will rebuild daily. CRLs are also |
| /// rebuilt shortly after a certificate is revoked. |
| /// |
| /// Optional. |
| core.bool? publishCrl; |
| |
| PublishingOptions({this.encodingFormat, this.publishCaCert, this.publishCrl}); |
| |
| PublishingOptions.fromJson(core.Map json_) |
| : this( |
| encodingFormat: json_['encodingFormat'] as core.String?, |
| publishCaCert: json_['publishCaCert'] as core.bool?, |
| publishCrl: json_['publishCrl'] as core.bool?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final encodingFormat = this.encodingFormat; |
| final publishCaCert = this.publishCaCert; |
| final publishCrl = this.publishCrl; |
| return { |
| 'encodingFormat': ?encodingFormat, |
| 'publishCaCert': ?publishCaCert, |
| 'publishCrl': ?publishCrl, |
| }; |
| } |
| } |
| |
| /// RelativeDistinguishedName specifies a relative distinguished name which will |
| /// be used to build a distinguished name. |
| class RelativeDistinguishedName { |
| /// Attributes describes the attribute value assertions in the RDN. |
| core.List<AttributeTypeAndValue>? attributes; |
| |
| RelativeDistinguishedName({this.attributes}); |
| |
| RelativeDistinguishedName.fromJson(core.Map json_) |
| : this( |
| attributes: (json_['attributes'] as core.List?) |
| ?.map( |
| (value) => AttributeTypeAndValue.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final attributes = this.attributes; |
| return {'attributes': ?attributes}; |
| } |
| } |
| |
| /// Describes fields that are relavent to the revocation of a Certificate. |
| class RevocationDetails { |
| /// Indicates why a Certificate was revoked. |
| /// Possible string values are: |
| /// - "REVOCATION_REASON_UNSPECIFIED" : Default unspecified value. This value |
| /// does indicate that a Certificate has been revoked, but that a reason has |
| /// not been recorded. |
| /// - "KEY_COMPROMISE" : Key material for this Certificate may have leaked. |
| /// - "CERTIFICATE_AUTHORITY_COMPROMISE" : The key material for a certificate |
| /// authority in the issuing path may have leaked. |
| /// - "AFFILIATION_CHANGED" : The subject or other attributes in this |
| /// Certificate have changed. |
| /// - "SUPERSEDED" : This Certificate has been superseded. |
| /// - "CESSATION_OF_OPERATION" : This Certificate or entities in the issuing |
| /// path have ceased to operate. |
| /// - "CERTIFICATE_HOLD" : This Certificate should not be considered valid, it |
| /// is expected that it may become valid in the future. |
| /// - "PRIVILEGE_WITHDRAWN" : This Certificate no longer has permission to |
| /// assert the listed attributes. |
| /// - "ATTRIBUTE_AUTHORITY_COMPROMISE" : The authority which determines |
| /// appropriate attributes for a Certificate may have been compromised. |
| core.String? revocationState; |
| |
| /// The time at which this Certificate was revoked. |
| core.String? revocationTime; |
| |
| RevocationDetails({this.revocationState, this.revocationTime}); |
| |
| RevocationDetails.fromJson(core.Map json_) |
| : this( |
| revocationState: json_['revocationState'] as core.String?, |
| revocationTime: json_['revocationTime'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final revocationState = this.revocationState; |
| final revocationTime = this.revocationTime; |
| return { |
| 'revocationState': ?revocationState, |
| 'revocationTime': ?revocationTime, |
| }; |
| } |
| } |
| |
| /// Request message for CertificateAuthorityService.RevokeCertificate. |
| class RevokeCertificateRequest { |
| /// The RevocationReason for revoking this certificate. |
| /// |
| /// Required. |
| /// Possible string values are: |
| /// - "REVOCATION_REASON_UNSPECIFIED" : Default unspecified value. This value |
| /// does indicate that a Certificate has been revoked, but that a reason has |
| /// not been recorded. |
| /// - "KEY_COMPROMISE" : Key material for this Certificate may have leaked. |
| /// - "CERTIFICATE_AUTHORITY_COMPROMISE" : The key material for a certificate |
| /// authority in the issuing path may have leaked. |
| /// - "AFFILIATION_CHANGED" : The subject or other attributes in this |
| /// Certificate have changed. |
| /// - "SUPERSEDED" : This Certificate has been superseded. |
| /// - "CESSATION_OF_OPERATION" : This Certificate or entities in the issuing |
| /// path have ceased to operate. |
| /// - "CERTIFICATE_HOLD" : This Certificate should not be considered valid, it |
| /// is expected that it may become valid in the future. |
| /// - "PRIVILEGE_WITHDRAWN" : This Certificate no longer has permission to |
| /// assert the listed attributes. |
| /// - "ATTRIBUTE_AUTHORITY_COMPROMISE" : The authority which determines |
| /// appropriate attributes for a Certificate may have been compromised. |
| core.String? reason; |
| |
| /// An ID to identify requests. |
| /// |
| /// Specify a unique request ID so that if you must retry your request, the |
| /// server will know to ignore the request if it has already been completed. |
| /// The server will guarantee that for at least 60 minutes since the first |
| /// request. For example, consider a situation where you make an initial |
| /// request and the request times out. If you make the request again with the |
| /// same request ID, the server can check if original operation with the same |
| /// request ID was received, and if so, will ignore the second request. This |
| /// prevents clients from accidentally creating duplicate commitments. The |
| /// request ID must be a valid UUID with the exception that zero UUID is not |
| /// supported (00000000-0000-0000-0000-000000000000). |
| /// |
| /// Optional. |
| core.String? requestId; |
| |
| RevokeCertificateRequest({this.reason, this.requestId}); |
| |
| RevokeCertificateRequest.fromJson(core.Map json_) |
| : this( |
| reason: json_['reason'] as core.String?, |
| requestId: json_['requestId'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final reason = this.reason; |
| final requestId = this.requestId; |
| return {'reason': ?reason, 'requestId': ?requestId}; |
| } |
| } |
| |
| /// Describes a revoked Certificate. |
| class RevokedCertificate { |
| /// The resource name for the Certificate in the format `projects / * |
| /// /locations / * /caPools / * /certificates / * `. |
| core.String? certificate; |
| |
| /// The serial number of the Certificate. |
| core.String? hexSerialNumber; |
| |
| /// The reason the Certificate was revoked. |
| /// Possible string values are: |
| /// - "REVOCATION_REASON_UNSPECIFIED" : Default unspecified value. This value |
| /// does indicate that a Certificate has been revoked, but that a reason has |
| /// not been recorded. |
| /// - "KEY_COMPROMISE" : Key material for this Certificate may have leaked. |
| /// - "CERTIFICATE_AUTHORITY_COMPROMISE" : The key material for a certificate |
| /// authority in the issuing path may have leaked. |
| /// - "AFFILIATION_CHANGED" : The subject or other attributes in this |
| /// Certificate have changed. |
| /// - "SUPERSEDED" : This Certificate has been superseded. |
| /// - "CESSATION_OF_OPERATION" : This Certificate or entities in the issuing |
| /// path have ceased to operate. |
| /// - "CERTIFICATE_HOLD" : This Certificate should not be considered valid, it |
| /// is expected that it may become valid in the future. |
| /// - "PRIVILEGE_WITHDRAWN" : This Certificate no longer has permission to |
| /// assert the listed attributes. |
| /// - "ATTRIBUTE_AUTHORITY_COMPROMISE" : The authority which determines |
| /// appropriate attributes for a Certificate may have been compromised. |
| core.String? revocationReason; |
| |
| RevokedCertificate({ |
| this.certificate, |
| this.hexSerialNumber, |
| this.revocationReason, |
| }); |
| |
| RevokedCertificate.fromJson(core.Map json_) |
| : this( |
| certificate: json_['certificate'] as core.String?, |
| hexSerialNumber: json_['hexSerialNumber'] as core.String?, |
| revocationReason: json_['revocationReason'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificate = this.certificate; |
| final hexSerialNumber = this.hexSerialNumber; |
| final revocationReason = this.revocationReason; |
| return { |
| 'certificate': ?certificate, |
| 'hexSerialNumber': ?hexSerialNumber, |
| 'revocationReason': ?revocationReason, |
| }; |
| } |
| } |
| |
| /// Describes an RSA key that may be used in a Certificate issued from a CaPool. |
| class RsaKeyType { |
| /// The maximum allowed RSA modulus size (inclusive), in bits. |
| /// |
| /// If this is not set, or if set to zero, the service will not enforce an |
| /// explicit upper bound on RSA modulus sizes. |
| /// |
| /// Optional. |
| core.String? maxModulusSize; |
| |
| /// The minimum allowed RSA modulus size (inclusive), in bits. |
| /// |
| /// If this is not set, or if set to zero, the service-level min RSA modulus |
| /// size will continue to apply. |
| /// |
| /// Optional. |
| core.String? minModulusSize; |
| |
| RsaKeyType({this.maxModulusSize, this.minModulusSize}); |
| |
| RsaKeyType.fromJson(core.Map json_) |
| : this( |
| maxModulusSize: json_['maxModulusSize'] as core.String?, |
| minModulusSize: json_['minModulusSize'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final maxModulusSize = this.maxModulusSize; |
| final minModulusSize = this.minModulusSize; |
| return { |
| 'maxModulusSize': ?maxModulusSize, |
| 'minModulusSize': ?minModulusSize, |
| }; |
| } |
| } |
| |
| /// Request message for `SetIamPolicy` method. |
| class SetIamPolicyRequest { |
| /// REQUIRED: The complete policy to be applied to the `resource`. |
| /// |
| /// The size of the policy is limited to a few 10s of KB. An empty policy is a |
| /// valid policy but certain Google Cloud services (such as Projects) might |
| /// reject them. |
| Policy? policy; |
| |
| /// OPTIONAL: A FieldMask specifying which fields of the policy to modify. |
| /// |
| /// Only the fields in the mask will be modified. If no mask is provided, the |
| /// following default mask is used: `paths: "bindings, etag"` |
| core.String? updateMask; |
| |
| SetIamPolicyRequest({this.policy, this.updateMask}); |
| |
| SetIamPolicyRequest.fromJson(core.Map json_) |
| : this( |
| policy: json_.containsKey('policy') |
| ? Policy.fromJson( |
| json_['policy'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| updateMask: json_['updateMask'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final policy = this.policy; |
| final updateMask = this.updateMask; |
| return {'policy': ?policy, 'updateMask': ?updateMask}; |
| } |
| } |
| |
| /// The `Status` type defines a logical error model that is suitable for |
| /// different programming environments, including REST APIs and RPC APIs. |
| /// |
| /// It is used by [gRPC](https://github.com/grpc). Each `Status` message |
| /// contains three pieces of data: error code, error message, and error details. |
| /// You can find out more about this error model and how to work with it in the |
| /// [API Design Guide](https://cloud.google.com/apis/design/errors). |
| typedef Status = $Status00; |
| |
| /// Subject describes parts of a distinguished name that, in turn, describes the |
| /// subject of the certificate. |
| class Subject { |
| /// The "common name" of the subject. |
| core.String? commonName; |
| |
| /// The country code of the subject. |
| core.String? countryCode; |
| |
| /// The locality or city of the subject. |
| core.String? locality; |
| |
| /// The organization of the subject. |
| core.String? organization; |
| |
| /// The organizational_unit of the subject. |
| core.String? organizationalUnit; |
| |
| /// The postal code of the subject. |
| core.String? postalCode; |
| |
| /// The province, territory, or regional state of the subject. |
| core.String? province; |
| |
| /// This field can be used in place of the named subject fields. |
| core.List<RelativeDistinguishedName>? rdnSequence; |
| |
| /// The street address of the subject. |
| core.String? streetAddress; |
| |
| Subject({ |
| this.commonName, |
| this.countryCode, |
| this.locality, |
| this.organization, |
| this.organizationalUnit, |
| this.postalCode, |
| this.province, |
| this.rdnSequence, |
| this.streetAddress, |
| }); |
| |
| Subject.fromJson(core.Map json_) |
| : this( |
| commonName: json_['commonName'] as core.String?, |
| countryCode: json_['countryCode'] as core.String?, |
| locality: json_['locality'] as core.String?, |
| organization: json_['organization'] as core.String?, |
| organizationalUnit: json_['organizationalUnit'] as core.String?, |
| postalCode: json_['postalCode'] as core.String?, |
| province: json_['province'] as core.String?, |
| rdnSequence: (json_['rdnSequence'] as core.List?) |
| ?.map( |
| (value) => RelativeDistinguishedName.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| streetAddress: json_['streetAddress'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final commonName = this.commonName; |
| final countryCode = this.countryCode; |
| final locality = this.locality; |
| final organization = this.organization; |
| final organizationalUnit = this.organizationalUnit; |
| final postalCode = this.postalCode; |
| final province = this.province; |
| final rdnSequence = this.rdnSequence; |
| final streetAddress = this.streetAddress; |
| return { |
| 'commonName': ?commonName, |
| 'countryCode': ?countryCode, |
| 'locality': ?locality, |
| 'organization': ?organization, |
| 'organizationalUnit': ?organizationalUnit, |
| 'postalCode': ?postalCode, |
| 'province': ?province, |
| 'rdnSequence': ?rdnSequence, |
| 'streetAddress': ?streetAddress, |
| }; |
| } |
| } |
| |
| /// SubjectAltNames corresponds to a more modern way of listing what the |
| /// asserted identity is in a certificate (i.e., compared to the "common name" |
| /// in the distinguished name). |
| class SubjectAltNames { |
| /// Contains additional subject alternative name values. |
| /// |
| /// For each custom_san, the `value` field must contain an ASN.1 encoded |
| /// UTF8String. |
| core.List<X509Extension>? customSans; |
| |
| /// Contains only valid, fully-qualified host names. |
| core.List<core.String>? dnsNames; |
| |
| /// Contains only valid RFC 2822 E-mail addresses. |
| core.List<core.String>? emailAddresses; |
| |
| /// Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses. |
| core.List<core.String>? ipAddresses; |
| |
| /// Contains only valid RFC 3986 URIs. |
| core.List<core.String>? uris; |
| |
| SubjectAltNames({ |
| this.customSans, |
| this.dnsNames, |
| this.emailAddresses, |
| this.ipAddresses, |
| this.uris, |
| }); |
| |
| SubjectAltNames.fromJson(core.Map json_) |
| : this( |
| customSans: (json_['customSans'] as core.List?) |
| ?.map( |
| (value) => X509Extension.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| dnsNames: (json_['dnsNames'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| emailAddresses: (json_['emailAddresses'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ipAddresses: (json_['ipAddresses'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| uris: (json_['uris'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final customSans = this.customSans; |
| final dnsNames = this.dnsNames; |
| final emailAddresses = this.emailAddresses; |
| final ipAddresses = this.ipAddresses; |
| final uris = this.uris; |
| return { |
| 'customSans': ?customSans, |
| 'dnsNames': ?dnsNames, |
| 'emailAddresses': ?emailAddresses, |
| 'ipAddresses': ?ipAddresses, |
| 'uris': ?uris, |
| }; |
| } |
| } |
| |
| /// These values are used to create the distinguished name and subject |
| /// alternative name fields in an X.509 certificate. |
| class SubjectConfig { |
| /// Contains distinguished name fields such as the common name, location and |
| /// organization. |
| /// |
| /// Optional. |
| Subject? subject; |
| |
| /// The subject alternative name fields. |
| /// |
| /// Optional. |
| SubjectAltNames? subjectAltName; |
| |
| SubjectConfig({this.subject, this.subjectAltName}); |
| |
| SubjectConfig.fromJson(core.Map json_) |
| : this( |
| subject: json_.containsKey('subject') |
| ? Subject.fromJson( |
| json_['subject'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectAltName: json_.containsKey('subjectAltName') |
| ? SubjectAltNames.fromJson( |
| json_['subjectAltName'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final subject = this.subject; |
| final subjectAltName = this.subjectAltName; |
| return {'subject': ?subject, 'subjectAltName': ?subjectAltName}; |
| } |
| } |
| |
| /// These values describe fields in an issued X.509 certificate such as the |
| /// distinguished name, subject alternative names, serial number, and lifetime. |
| class SubjectDescription { |
| /// The serial number encoded in lowercase hexadecimal. |
| core.String? hexSerialNumber; |
| |
| /// For convenience, the actual lifetime of an issued certificate. |
| core.String? lifetime; |
| |
| /// The time after which the certificate is expired. |
| /// |
| /// Per RFC 5280, the validity period for a certificate is the period of time |
| /// from not_before_time through not_after_time, inclusive. Corresponds to |
| /// 'not_before_time' + 'lifetime' - 1 second. |
| core.String? notAfterTime; |
| |
| /// The time at which the certificate becomes valid. |
| core.String? notBeforeTime; |
| |
| /// Contains distinguished name fields such as the common name, location and / |
| /// organization. |
| Subject? subject; |
| |
| /// The subject alternative name fields. |
| SubjectAltNames? subjectAltName; |
| |
| SubjectDescription({ |
| this.hexSerialNumber, |
| this.lifetime, |
| this.notAfterTime, |
| this.notBeforeTime, |
| this.subject, |
| this.subjectAltName, |
| }); |
| |
| SubjectDescription.fromJson(core.Map json_) |
| : this( |
| hexSerialNumber: json_['hexSerialNumber'] as core.String?, |
| lifetime: json_['lifetime'] as core.String?, |
| notAfterTime: json_['notAfterTime'] as core.String?, |
| notBeforeTime: json_['notBeforeTime'] as core.String?, |
| subject: json_.containsKey('subject') |
| ? Subject.fromJson( |
| json_['subject'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| subjectAltName: json_.containsKey('subjectAltName') |
| ? SubjectAltNames.fromJson( |
| json_['subjectAltName'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final hexSerialNumber = this.hexSerialNumber; |
| final lifetime = this.lifetime; |
| final notAfterTime = this.notAfterTime; |
| final notBeforeTime = this.notBeforeTime; |
| final subject = this.subject; |
| final subjectAltName = this.subjectAltName; |
| return { |
| 'hexSerialNumber': ?hexSerialNumber, |
| 'lifetime': ?lifetime, |
| 'notAfterTime': ?notAfterTime, |
| 'notBeforeTime': ?notBeforeTime, |
| 'subject': ?subject, |
| 'subjectAltName': ?subjectAltName, |
| }; |
| } |
| } |
| |
| /// Describes a subordinate CA's issuers. |
| /// |
| /// This is either a resource name to a known issuing CertificateAuthority, or a |
| /// PEM issuer certificate chain. |
| class SubordinateConfig { |
| /// This can refer to a CertificateAuthority that was used to create a |
| /// subordinate CertificateAuthority. |
| /// |
| /// This field is used for information and usability purposes only. The |
| /// resource name is in the format `projects / * /locations / * /caPools / * |
| /// /certificateAuthorities / * `. |
| /// |
| /// Required. |
| core.String? certificateAuthority; |
| |
| /// Contains the PEM certificate chain for the issuers of this |
| /// CertificateAuthority, but not pem certificate for this CA itself. |
| /// |
| /// Required. |
| SubordinateConfigChain? pemIssuerChain; |
| |
| SubordinateConfig({this.certificateAuthority, this.pemIssuerChain}); |
| |
| SubordinateConfig.fromJson(core.Map json_) |
| : this( |
| certificateAuthority: json_['certificateAuthority'] as core.String?, |
| pemIssuerChain: json_.containsKey('pemIssuerChain') |
| ? SubordinateConfigChain.fromJson( |
| json_['pemIssuerChain'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final certificateAuthority = this.certificateAuthority; |
| final pemIssuerChain = this.pemIssuerChain; |
| return { |
| 'certificateAuthority': ?certificateAuthority, |
| 'pemIssuerChain': ?pemIssuerChain, |
| }; |
| } |
| } |
| |
| /// This message describes a subordinate CA's issuer certificate chain. |
| /// |
| /// This wrapper exists for compatibility reasons. |
| class SubordinateConfigChain { |
| /// Expected to be in leaf-to-root order according to RFC 5246. |
| /// |
| /// Required. |
| core.List<core.String>? pemCertificates; |
| |
| SubordinateConfigChain({this.pemCertificates}); |
| |
| SubordinateConfigChain.fromJson(core.Map json_) |
| : this( |
| pemCertificates: (json_['pemCertificates'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final pemCertificates = this.pemCertificates; |
| return {'pemCertificates': ?pemCertificates}; |
| } |
| } |
| |
| /// Request message for `TestIamPermissions` method. |
| typedef TestIamPermissionsRequest = $TestIamPermissionsRequest00; |
| |
| /// Response message for `TestIamPermissions` method. |
| typedef TestIamPermissionsResponse = $PermissionsResponse; |
| |
| /// Request message for |
| /// CertificateAuthorityService.UndeleteCertificateAuthority. |
| typedef UndeleteCertificateAuthorityRequest = $Request03; |
| |
| /// User-defined URLs for accessing content published by this |
| /// CertificateAuthority. |
| class UserDefinedAccessUrls { |
| /// A list of URLs where the issuer CA certificate may be downloaded, which |
| /// appears in the "Authority Information Access" extension in the |
| /// certificate. |
| /// |
| /// If specified, the default Cloud Storage URLs will be omitted. |
| /// |
| /// Optional. |
| core.List<core.String>? aiaIssuingCertificateUrls; |
| |
| /// A list of URLs where to obtain CRL information, i.e. the |
| /// DistributionPoint.fullName described by |
| /// https://tools.ietf.org/html/rfc5280#section-4.2.1.13. |
| /// |
| /// If specified, the default Cloud Storage URLs will be omitted. |
| /// |
| /// Optional. |
| core.List<core.String>? crlAccessUrls; |
| |
| UserDefinedAccessUrls({this.aiaIssuingCertificateUrls, this.crlAccessUrls}); |
| |
| UserDefinedAccessUrls.fromJson(core.Map json_) |
| : this( |
| aiaIssuingCertificateUrls: |
| (json_['aiaIssuingCertificateUrls'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| crlAccessUrls: (json_['crlAccessUrls'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final aiaIssuingCertificateUrls = this.aiaIssuingCertificateUrls; |
| final crlAccessUrls = this.crlAccessUrls; |
| return { |
| 'aiaIssuingCertificateUrls': ?aiaIssuingCertificateUrls, |
| 'crlAccessUrls': ?crlAccessUrls, |
| }; |
| } |
| } |
| |
| /// An X509Extension specifies an X.509 extension, which may be used in |
| /// different parts of X.509 objects like certificates, CSRs, and CRLs. |
| class X509Extension { |
| /// Indicates whether or not this extension is critical (i.e., if the client |
| /// does not know how to handle this extension, the client should consider |
| /// this to be an error). |
| /// |
| /// Optional. |
| core.bool? critical; |
| |
| /// The OID for this X.509 extension. |
| /// |
| /// Required. |
| ObjectId? objectId; |
| |
| /// The value of this X.509 extension. |
| /// |
| /// Required. |
| core.String? value; |
| core.List<core.int> get valueAsBytes => convert.base64.decode(value!); |
| |
| set valueAsBytes(core.List<core.int> bytes_) { |
| value = convert.base64 |
| .encode(bytes_) |
| .replaceAll('/', '_') |
| .replaceAll('+', '-'); |
| } |
| |
| X509Extension({this.critical, this.objectId, this.value}); |
| |
| X509Extension.fromJson(core.Map json_) |
| : this( |
| critical: json_['critical'] as core.bool?, |
| objectId: json_.containsKey('objectId') |
| ? ObjectId.fromJson( |
| json_['objectId'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| value: json_['value'] as core.String?, |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final critical = this.critical; |
| final objectId = this.objectId; |
| final value = this.value; |
| return {'critical': ?critical, 'objectId': ?objectId, 'value': ?value}; |
| } |
| } |
| |
| /// An X509Parameters is used to describe certain fields of an X.509 |
| /// certificate, such as the key usage fields, fields specific to CA |
| /// certificates, certificate policy extensions and custom extensions. |
| class X509Parameters { |
| /// Describes custom X.509 extensions. |
| /// |
| /// Optional. |
| core.List<X509Extension>? additionalExtensions; |
| |
| /// Describes Online Certificate Status Protocol (OCSP) endpoint addresses |
| /// that appear in the "Authority Information Access" extension in the |
| /// certificate. |
| /// |
| /// Optional. |
| core.List<core.String>? aiaOcspServers; |
| |
| /// Describes options in this X509Parameters that are relevant in a CA |
| /// certificate. |
| /// |
| /// If not specified, a default basic constraints extension with `is_ca=false` |
| /// will be added for leaf certificates. |
| /// |
| /// Optional. |
| CaOptions? caOptions; |
| |
| /// Indicates the intended use for keys that correspond to a certificate. |
| /// |
| /// Optional. |
| KeyUsage? keyUsage; |
| |
| /// Describes the X.509 name constraints extension. |
| /// |
| /// Optional. |
| NameConstraints? nameConstraints; |
| |
| /// Describes the X.509 certificate policy object identifiers, per |
| /// https://tools.ietf.org/html/rfc5280#section-4.2.1.4. |
| /// |
| /// Optional. |
| core.List<ObjectId>? policyIds; |
| |
| X509Parameters({ |
| this.additionalExtensions, |
| this.aiaOcspServers, |
| this.caOptions, |
| this.keyUsage, |
| this.nameConstraints, |
| this.policyIds, |
| }); |
| |
| X509Parameters.fromJson(core.Map json_) |
| : this( |
| additionalExtensions: (json_['additionalExtensions'] as core.List?) |
| ?.map( |
| (value) => X509Extension.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| aiaOcspServers: (json_['aiaOcspServers'] as core.List?) |
| ?.map((value) => value as core.String) |
| .toList(), |
| caOptions: json_.containsKey('caOptions') |
| ? CaOptions.fromJson( |
| json_['caOptions'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| keyUsage: json_.containsKey('keyUsage') |
| ? KeyUsage.fromJson( |
| json_['keyUsage'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| nameConstraints: json_.containsKey('nameConstraints') |
| ? NameConstraints.fromJson( |
| json_['nameConstraints'] as core.Map<core.String, core.dynamic>, |
| ) |
| : null, |
| policyIds: (json_['policyIds'] as core.List?) |
| ?.map( |
| (value) => ObjectId.fromJson( |
| value as core.Map<core.String, core.dynamic>, |
| ), |
| ) |
| .toList(), |
| ); |
| |
| core.Map<core.String, core.dynamic> toJson() { |
| final additionalExtensions = this.additionalExtensions; |
| final aiaOcspServers = this.aiaOcspServers; |
| final caOptions = this.caOptions; |
| final keyUsage = this.keyUsage; |
| final nameConstraints = this.nameConstraints; |
| final policyIds = this.policyIds; |
| return { |
| 'additionalExtensions': ?additionalExtensions, |
| 'aiaOcspServers': ?aiaOcspServers, |
| 'caOptions': ?caOptions, |
| 'keyUsage': ?keyUsage, |
| 'nameConstraints': ?nameConstraints, |
| 'policyIds': ?policyIds, |
| }; |
| } |
| } |