#[non_exhaustive]pub struct Auth {
pub principal: String,
pub audiences: Vec<String>,
pub presenter: String,
pub claims: Option<Struct>,
pub access_levels: Vec<String>,
/* private fields */
}Expand description
This message defines request authentication attributes. Terminology is based on the JSON Web Token (JWT) standard, but the terms also correlate to concepts in other standards.
Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.principal: StringThe authenticated principal. Reflects the issuer (iss) and subject
(sub) claims within a JWT. The issuer and subject should be /
delimited, with / percent-encoded within the subject fragment. For
Google accounts, the principal format is:
https://accounts.google.com/{id}
audiences: Vec<String>The intended audience(s) for this authentication information. Reflects
the audience (aud) claim within a JWT. The audience
value(s) depends on the issuer, but typically include one or more of
the following pieces of information:
- The services intended to receive the credential. For example,
[
https://pubsub.googleapis.com/,https://storage.googleapis.com/]. - A set of service-based scopes. For example,
[
https://www.googleapis.com/auth/cloud-platform]. - The client id of an app, such as the Firebase project id for JWTs from Firebase Auth.
Consult the documentation for the credential issuer to determine the information provided.
presenter: StringThe authorized presenter of the credential. Reflects the optional
Authorized Presenter (azp) claim within a JWT or the
OAuth client id. For example, a Google Cloud Platform client id looks
as follows: “123456789012.apps.googleusercontent.com”.
claims: Option<Struct>Structured claims presented with the credential. JWTs include
{key: value} pairs for standard and private claims. The following
is a subset of the standard required and optional claims that would
typically be presented for a Google-based JWT:
{‘iss’: ‘accounts.google.com’, ‘sub’: ‘113289723416554971153’, ‘aud’: [‘123456789012’, ‘pubsub.googleapis.com’], ‘azp’: ‘123456789012.apps.googleusercontent.com’, ‘email’: ‘jsmith@example.com’, ‘iat’: 1353601026, ‘exp’: 1353604926}
SAML assertions are similarly specified, but with an identity provider dependent structure.
access_levels: Vec<String>A list of access level resource names that allow resources to be accessed by authenticated requester. It is part of Secure GCP processing for the incoming request. An access level string has the format: “//{api_service_name}/accessPolicies/{policy_id}/accessLevels/{short_name}”
Example: “//accesscontextmanager.googleapis.com/accessPolicies/MY_POLICY_ID/accessLevels/MY_LEVEL”
Implementations§
Source§impl Auth
impl Auth
pub fn new() -> Self
Sourcepub fn set_principal<T: Into<String>>(self, v: T) -> Self
pub fn set_principal<T: Into<String>>(self, v: T) -> Self
Sets the value of principal.
Sourcepub fn set_audiences<T, V>(self, v: T) -> Self
pub fn set_audiences<T, V>(self, v: T) -> Self
Sets the value of audiences.
Sourcepub fn set_presenter<T: Into<String>>(self, v: T) -> Self
pub fn set_presenter<T: Into<String>>(self, v: T) -> Self
Sets the value of presenter.
Sourcepub fn set_claims<T>(self, v: T) -> Self
pub fn set_claims<T>(self, v: T) -> Self
Sets the value of claims.
Sourcepub fn set_or_clear_claims<T>(self, v: Option<T>) -> Self
pub fn set_or_clear_claims<T>(self, v: Option<T>) -> Self
Sets or clears the value of claims.
Sourcepub fn set_access_levels<T, V>(self, v: T) -> Self
pub fn set_access_levels<T, V>(self, v: T) -> Self
Sets the value of access_levels.