Struct gapi_grpc::google::rpc::context::attribute_context::Auth

pub struct Auth {
    pub principal: String,
    pub audiences: Vec<String>,
    pub presenter: String,
    pub claims: Option<Struct>,
    pub access_levels: Vec<String>,
}

This message defines request authentication attributes. Terminology is based on the JSON Web Token (JWT) standard, but the terms also correlate to concepts in other standards.

Fields

principal: String

The authenticated principal. Reflects the issuer (iss) and subject (sub) claims within a JWT. The issuer and subject should be / delimited, with / percent-encoded within the subject fragment. For Google accounts, the principal format is: “https://accounts.google.com/{id}”

audiences: Vec<String>

The intended audience(s) for this authentication information. Reflects the audience (aud) claim within a JWT. The audience value(s) depends on the issuer, but typically include one or more of the following pieces of information:

• The services intended to receive the credential. For example, [“https://pubsub.googleapis.com/”, “https://storage.googleapis.com/”].
• A set of service-based scopes. For example, [“https://www.googleapis.com/auth/cloud-platform”].
• The client id of an app, such as the Firebase project id for JWTs from Firebase Auth.

Consult the documentation for the credential issuer to determine the information provided.

presenter: String

The authorized presenter of the credential. Reflects the optional Authorized Presenter (azp) claim within a JWT or the OAuth client id. For example, a Google Cloud Platform client id looks as follows: “123456789012.apps.googleusercontent.com”.

claims: Option<Struct>

Structured claims presented with the credential. JWTs include {key: value} pairs for standard and private claims. The following is a subset of the standard required and optional claims that would typically be presented for a Google-based JWT:

{‘iss’: ‘accounts.google.com’, ‘sub’: ‘113289723416554971153’, ‘aud’: [‘123456789012’, ‘pubsub.googleapis.com’], ‘azp’: ‘123456789012.apps.googleusercontent.com’, ‘email’: ‘jsmith@example.com’, ‘iat’: 1353601026, ‘exp’: 1353604926}

SAML assertions are similarly specified, but with an identity provider dependent structure.

access_levels: Vec<String>

A list of access level resource names that allow resources to be accessed by authenticated requester. It is part of Secure GCP processing for the incoming request. An access level string has the format: “//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}”

Example: “//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL”

Trait Implementations

impl Clone for Auth

fn clone(&self) -> Auth

Returns a copy of the value.

pub fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Auth

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Auth

fn default() -> Auth

Returns the “default value” for a type.

impl Message for Auth

fn encode_raw<B>(&self, buf: &mut B) where
    B: BufMut, 

fn merge_field<B>(
    &mut self,
    tag: u32,
    wire_type: WireType,
    buf: &mut B,
    ctx: DecodeContext
) -> Result<(), DecodeError> where
    B: Buf, 

fn encoded_len(&self) -> usize

Returns the encoded length of the message without a length delimiter.

fn clear(&mut self)

Clears the message, resetting all fields to their default.

pub fn encode<B>(&self, buf: &mut B) -> Result<(), EncodeError> where
    B: BufMut, 

Encodes the message to a buffer.

pub fn encode_length_delimited<B>(&self, buf: &mut B) -> Result<(), EncodeError> where
    B: BufMut, 

Encodes the message with a length-delimiter to a buffer.

pub fn decode<B>(buf: B) -> Result<Self, DecodeError> where
    Self: Default,
    B: Buf, 

Decodes an instance of the message from a buffer.

pub fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
    Self: Default,
    B: Buf, 

Decodes a length-delimited instance of the message from the buffer.

pub fn merge<B>(&mut self, buf: B) -> Result<(), DecodeError> where
    B: Buf, 

Decodes an instance of the message from a buffer, and merges it into self.

pub fn merge_length_delimited<B>(&mut self, buf: B) -> Result<(), DecodeError> where
    B: Buf, 

Decodes a length-delimited instance of the message from buffer, and merges it into self.

impl PartialEq<Auth> for Auth

fn eq(&self, other: &Auth) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Auth) -> bool

This method tests for !=.

impl StructuralPartialEq for Auth