Struct taskcluster::Auth
source · pub struct Auth {
pub client: Client,
}
Expand description
Auth Service
Authentication related API end-points for Taskcluster and related services. These API end-points are of interest if you wish to:
- Authorize a request signed with Taskcluster credentials,
- Manage clients and roles,
- Inspect or audit clients and roles,
- Gain access to various services guarded by this API.
Fields§
§client: Client
The underlying client used to make API calls for this service.
Implementations§
source§impl Auth
impl Auth
sourcepub fn new<CB: Into<ClientBuilder>>(client_builder: CB) -> Result<Self, Error>
pub fn new<CB: Into<ClientBuilder>>(client_builder: CB) -> Result<Self, Error>
Create a new Auth instance, based on the given client builder
sourcepub async fn ping(&self) -> Result<(), Error>
pub async fn ping(&self) -> Result<(), Error>
Ping Server
Respond without doing anything. This endpoint is used to check that the service is up.
sourcepub fn ping_signed_url(&self, ttl: Duration) -> Result<String, Error>
pub fn ping_signed_url(&self, ttl: Duration) -> Result<String, Error>
Generate a signed URL for the ping endpoint
sourcepub async fn lbheartbeat(&self) -> Result<(), Error>
pub async fn lbheartbeat(&self) -> Result<(), Error>
Load Balancer Heartbeat
Respond without doing anything. This endpoint is used to check that the service is up.
sourcepub fn lbheartbeat_url(&self) -> Result<String, Error>
pub fn lbheartbeat_url(&self) -> Result<String, Error>
Generate an unsigned URL for the lbheartbeat endpoint
sourcepub fn lbheartbeat_signed_url(&self, ttl: Duration) -> Result<String, Error>
pub fn lbheartbeat_signed_url(&self, ttl: Duration) -> Result<String, Error>
Generate a signed URL for the lbheartbeat endpoint
sourcepub async fn version(&self) -> Result<(), Error>
pub async fn version(&self) -> Result<(), Error>
Taskcluster Version
Respond with the JSON version object. https://github.com/mozilla-services/Dockerflow/blob/main/docs/version_object.md
sourcepub fn version_url(&self) -> Result<String, Error>
pub fn version_url(&self) -> Result<String, Error>
Generate an unsigned URL for the version endpoint
sourcepub fn version_signed_url(&self, ttl: Duration) -> Result<String, Error>
pub fn version_signed_url(&self, ttl: Duration) -> Result<String, Error>
Generate a signed URL for the version endpoint
sourcepub async fn listClients(
&self,
prefix: Option<&str>,
continuationToken: Option<&str>,
limit: Option<&str>
) -> Result<Value, Error>
pub async fn listClients( &self, prefix: Option<&str>, continuationToken: Option<&str>, limit: Option<&str> ) -> Result<Value, Error>
List Clients
Get a list of all clients. With prefix
, only clients for which
it is a prefix of the clientId are returned.
By default this end-point will try to return up to 1000 clients in one
request. But it may return less, even none.
It may also return a continuationToken
even though there are no more
results. However, you can only be sure to have seen all results if you
keep calling listClients
with the last continuationToken
until you
get a result without a continuationToken
.
sourcepub fn listClients_url(
&self,
prefix: Option<&str>,
continuationToken: Option<&str>,
limit: Option<&str>
) -> Result<String, Error>
pub fn listClients_url( &self, prefix: Option<&str>, continuationToken: Option<&str>, limit: Option<&str> ) -> Result<String, Error>
Generate an unsigned URL for the listClients endpoint
sourcepub fn listClients_signed_url(
&self,
prefix: Option<&str>,
continuationToken: Option<&str>,
limit: Option<&str>,
ttl: Duration
) -> Result<String, Error>
pub fn listClients_signed_url( &self, prefix: Option<&str>, continuationToken: Option<&str>, limit: Option<&str>, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the listClients endpoint
sourcepub async fn client(&self, clientId: &str) -> Result<Value, Error>
pub async fn client(&self, clientId: &str) -> Result<Value, Error>
Get Client
Get information about a single client.
sourcepub fn client_url(&self, clientId: &str) -> Result<String, Error>
pub fn client_url(&self, clientId: &str) -> Result<String, Error>
Generate an unsigned URL for the client endpoint
sourcepub fn client_signed_url(
&self,
clientId: &str,
ttl: Duration
) -> Result<String, Error>
pub fn client_signed_url( &self, clientId: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the client endpoint
sourcepub async fn createClient(
&self,
clientId: &str,
payload: &Value
) -> Result<Value, Error>
pub async fn createClient( &self, clientId: &str, payload: &Value ) -> Result<Value, Error>
Create Client
Create a new client and get the accessToken
for this client.
You should store the accessToken
from this API call as there is no
other way to retrieve it.
If you loose the accessToken
you can call resetAccessToken
to reset
it, and a new accessToken
will be returned, but you cannot retrieve the
current accessToken
.
If a client with the same clientId
already exists this operation will
fail. Use updateClient
if you wish to update an existing client.
The caller’s scopes must satisfy scopes
.
sourcepub async fn resetAccessToken(&self, clientId: &str) -> Result<Value, Error>
pub async fn resetAccessToken(&self, clientId: &str) -> Result<Value, Error>
Reset accessToken
Reset a clients accessToken
, this will revoke the existing
accessToken
, generate a new accessToken
and return it from this
call.
There is no way to retrieve an existing accessToken
, so if you loose it
you must reset the accessToken to acquire it again.
sourcepub async fn updateClient(
&self,
clientId: &str,
payload: &Value
) -> Result<Value, Error>
pub async fn updateClient( &self, clientId: &str, payload: &Value ) -> Result<Value, Error>
Update Client
Update an exisiting client. The clientId
and accessToken
cannot be
updated, but scopes
can be modified. The caller’s scopes must
satisfy all scopes being added to the client in the update operation.
If no scopes are given in the request, the client’s scopes remain
unchanged
sourcepub async fn enableClient(&self, clientId: &str) -> Result<Value, Error>
pub async fn enableClient(&self, clientId: &str) -> Result<Value, Error>
Enable Client
Enable a client that was disabled with disableClient
. If the client
is already enabled, this does nothing.
This is typically used by identity providers to re-enable clients that had been disabled when the corresponding identity’s scopes changed.
sourcepub async fn disableClient(&self, clientId: &str) -> Result<Value, Error>
pub async fn disableClient(&self, clientId: &str) -> Result<Value, Error>
Disable Client
Disable a client. If the client is already disabled, this does nothing.
This is typically used by identity providers to disable clients when the corresponding identity’s scopes no longer satisfy the client’s scopes.
sourcepub async fn deleteClient(&self, clientId: &str) -> Result<(), Error>
pub async fn deleteClient(&self, clientId: &str) -> Result<(), Error>
Delete Client
Delete a client, please note that any roles related to this client must be deleted independently.
sourcepub async fn listRoles(&self) -> Result<Value, Error>
pub async fn listRoles(&self) -> Result<Value, Error>
List Roles (no pagination)
Get a list of all roles. Each role object also includes the list of scopes it expands to. This always returns all roles in a single HTTP request.
To get paginated results, use listRoles2
.
sourcepub fn listRoles_url(&self) -> Result<String, Error>
pub fn listRoles_url(&self) -> Result<String, Error>
Generate an unsigned URL for the listRoles endpoint
sourcepub fn listRoles_signed_url(&self, ttl: Duration) -> Result<String, Error>
pub fn listRoles_signed_url(&self, ttl: Duration) -> Result<String, Error>
Generate a signed URL for the listRoles endpoint
sourcepub async fn listRoles2(
&self,
continuationToken: Option<&str>,
limit: Option<&str>
) -> Result<Value, Error>
pub async fn listRoles2( &self, continuationToken: Option<&str>, limit: Option<&str> ) -> Result<Value, Error>
List Roles
Get a list of all roles. Each role object also includes the list of
scopes it expands to. This is similar to listRoles
but differs in the
format of the response.
If no limit is given, all roles are returned. Since this
list may become long, callers can use the limit
and continuationToken
query arguments to page through the responses.
sourcepub fn listRoles2_url(
&self,
continuationToken: Option<&str>,
limit: Option<&str>
) -> Result<String, Error>
pub fn listRoles2_url( &self, continuationToken: Option<&str>, limit: Option<&str> ) -> Result<String, Error>
Generate an unsigned URL for the listRoles2 endpoint
sourcepub fn listRoles2_signed_url(
&self,
continuationToken: Option<&str>,
limit: Option<&str>,
ttl: Duration
) -> Result<String, Error>
pub fn listRoles2_signed_url( &self, continuationToken: Option<&str>, limit: Option<&str>, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the listRoles2 endpoint
sourcepub async fn listRoleIds(
&self,
continuationToken: Option<&str>,
limit: Option<&str>
) -> Result<Value, Error>
pub async fn listRoleIds( &self, continuationToken: Option<&str>, limit: Option<&str> ) -> Result<Value, Error>
List Role IDs
Get a list of all role IDs.
If no limit is given, the roleIds of all roles are returned. Since this
list may become long, callers can use the limit
and continuationToken
query arguments to page through the responses.
sourcepub fn listRoleIds_url(
&self,
continuationToken: Option<&str>,
limit: Option<&str>
) -> Result<String, Error>
pub fn listRoleIds_url( &self, continuationToken: Option<&str>, limit: Option<&str> ) -> Result<String, Error>
Generate an unsigned URL for the listRoleIds endpoint
sourcepub fn listRoleIds_signed_url(
&self,
continuationToken: Option<&str>,
limit: Option<&str>,
ttl: Duration
) -> Result<String, Error>
pub fn listRoleIds_signed_url( &self, continuationToken: Option<&str>, limit: Option<&str>, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the listRoleIds endpoint
sourcepub async fn role(&self, roleId: &str) -> Result<Value, Error>
pub async fn role(&self, roleId: &str) -> Result<Value, Error>
Get Role
Get information about a single role, including the set of scopes that the role expands to.
sourcepub fn role_url(&self, roleId: &str) -> Result<String, Error>
pub fn role_url(&self, roleId: &str) -> Result<String, Error>
Generate an unsigned URL for the role endpoint
sourcepub fn role_signed_url(
&self,
roleId: &str,
ttl: Duration
) -> Result<String, Error>
pub fn role_signed_url( &self, roleId: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the role endpoint
sourcepub async fn createRole(
&self,
roleId: &str,
payload: &Value
) -> Result<Value, Error>
pub async fn createRole( &self, roleId: &str, payload: &Value ) -> Result<Value, Error>
Create Role
Create a new role.
The caller’s scopes must satisfy the new role’s scopes.
If there already exists a role with the same roleId
this operation
will fail. Use updateRole
to modify an existing role.
Creation of a role that will generate an infinite expansion will result in an error response.
sourcepub async fn updateRole(
&self,
roleId: &str,
payload: &Value
) -> Result<Value, Error>
pub async fn updateRole( &self, roleId: &str, payload: &Value ) -> Result<Value, Error>
Update Role
Update an existing role.
The caller’s scopes must satisfy all of the new scopes being added, but need not satisfy all of the role’s existing scopes.
An update of a role that will generate an infinite expansion will result in an error response.
sourcepub async fn deleteRole(&self, roleId: &str) -> Result<(), Error>
pub async fn deleteRole(&self, roleId: &str) -> Result<(), Error>
Delete Role
Delete a role. This operation will succeed regardless of whether or not the role exists.
sourcepub async fn expandScopes(&self, payload: &Value) -> Result<Value, Error>
pub async fn expandScopes(&self, payload: &Value) -> Result<Value, Error>
Expand Scopes
Return an expanded copy of the given scopeset, with scopes implied by any roles included.
sourcepub async fn currentScopes(&self) -> Result<Value, Error>
pub async fn currentScopes(&self) -> Result<Value, Error>
Get Current Scopes
Return the expanded scopes available in the request, taking into account all sources of scopes and scope restrictions (temporary credentials, assumeScopes, client scopes, and roles).
sourcepub fn currentScopes_url(&self) -> Result<String, Error>
pub fn currentScopes_url(&self) -> Result<String, Error>
Generate an unsigned URL for the currentScopes endpoint
sourcepub fn currentScopes_signed_url(&self, ttl: Duration) -> Result<String, Error>
pub fn currentScopes_signed_url(&self, ttl: Duration) -> Result<String, Error>
Generate a signed URL for the currentScopes endpoint
sourcepub async fn awsS3Credentials(
&self,
level: &str,
bucket: &str,
prefix: &str,
format: Option<&str>
) -> Result<Value, Error>
pub async fn awsS3Credentials( &self, level: &str, bucket: &str, prefix: &str, format: Option<&str> ) -> Result<Value, Error>
Get Temporary Read/Write Credentials S3
Get temporary AWS credentials for read-write
or read-only
access to
a given bucket
and prefix
within that bucket.
The level
parameter can be read-write
or read-only
and determines
which type of credentials are returned. Please note that the level
parameter is required in the scope guarding access. The bucket name must
not contain .
, as recommended by Amazon.
This method can only allow access to a whitelisted set of buckets, as configured in the Taskcluster deployment
The credentials are set to expire after an hour, but this behavior is
subject to change. Hence, you should always read the expires
property
from the response, if you intend to maintain active credentials in your
application.
Please note that your prefix
may not start with slash /
. Such a prefix
is allowed on S3, but we forbid it here to discourage bad behavior.
Also note that if your prefix
doesn’t end in a slash /
, the STS
credentials may allow access to unexpected keys, as S3 does not treat
slashes specially. For example, a prefix of my-folder
will allow
access to my-folder/file.txt
as expected, but also to my-folder.txt
,
which may not be intended.
Finally, note that the PutObjectAcl
call is not allowed. Passing a canned
ACL other than private
to PutObject
is treated as a PutObjectAcl
call, and
will result in an access-denied error from AWS. This limitation is due to a
security flaw in Amazon S3 which might otherwise allow indefinite access to
uploaded objects.
EC2 metadata compatibility, if the querystring parameter
?format=iam-role-compat
is given, the response will be compatible
with the JSON exposed by the EC2 metadata service. This aims to ease
compatibility for libraries and tools built to auto-refresh credentials.
For details on the format returned by EC2 metadata service see:
EC2 User Guide.
sourcepub fn awsS3Credentials_url(
&self,
level: &str,
bucket: &str,
prefix: &str,
format: Option<&str>
) -> Result<String, Error>
pub fn awsS3Credentials_url( &self, level: &str, bucket: &str, prefix: &str, format: Option<&str> ) -> Result<String, Error>
Generate an unsigned URL for the awsS3Credentials endpoint
sourcepub fn awsS3Credentials_signed_url(
&self,
level: &str,
bucket: &str,
prefix: &str,
format: Option<&str>,
ttl: Duration
) -> Result<String, Error>
pub fn awsS3Credentials_signed_url( &self, level: &str, bucket: &str, prefix: &str, format: Option<&str>, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the awsS3Credentials endpoint
sourcepub async fn azureAccounts(&self) -> Result<Value, Error>
pub async fn azureAccounts(&self) -> Result<Value, Error>
List Accounts Managed by Auth
Retrieve a list of all Azure accounts managed by Taskcluster Auth.
sourcepub fn azureAccounts_url(&self) -> Result<String, Error>
pub fn azureAccounts_url(&self) -> Result<String, Error>
Generate an unsigned URL for the azureAccounts endpoint
sourcepub fn azureAccounts_signed_url(&self, ttl: Duration) -> Result<String, Error>
pub fn azureAccounts_signed_url(&self, ttl: Duration) -> Result<String, Error>
Generate a signed URL for the azureAccounts endpoint
sourcepub async fn azureTables(
&self,
account: &str,
continuationToken: Option<&str>
) -> Result<Value, Error>
pub async fn azureTables( &self, account: &str, continuationToken: Option<&str> ) -> Result<Value, Error>
List Tables in an Account Managed by Auth
Retrieve a list of all tables in an account.
sourcepub fn azureTables_url(
&self,
account: &str,
continuationToken: Option<&str>
) -> Result<String, Error>
pub fn azureTables_url( &self, account: &str, continuationToken: Option<&str> ) -> Result<String, Error>
Generate an unsigned URL for the azureTables endpoint
sourcepub fn azureTables_signed_url(
&self,
account: &str,
continuationToken: Option<&str>,
ttl: Duration
) -> Result<String, Error>
pub fn azureTables_signed_url( &self, account: &str, continuationToken: Option<&str>, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the azureTables endpoint
sourcepub async fn azureTableSAS(
&self,
account: &str,
table: &str,
level: &str
) -> Result<Value, Error>
pub async fn azureTableSAS( &self, account: &str, table: &str, level: &str ) -> Result<Value, Error>
Get Shared-Access-Signature for Azure Table
Get a shared access signature (SAS) string for use with a specific Azure Table Storage table.
The level
parameter can be read-write
or read-only
and determines
which type of credentials are returned. If level is read-write, it will create the
table if it doesn’t already exist.
sourcepub fn azureTableSAS_url(
&self,
account: &str,
table: &str,
level: &str
) -> Result<String, Error>
pub fn azureTableSAS_url( &self, account: &str, table: &str, level: &str ) -> Result<String, Error>
Generate an unsigned URL for the azureTableSAS endpoint
sourcepub fn azureTableSAS_signed_url(
&self,
account: &str,
table: &str,
level: &str,
ttl: Duration
) -> Result<String, Error>
pub fn azureTableSAS_signed_url( &self, account: &str, table: &str, level: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the azureTableSAS endpoint
sourcepub async fn azureContainers(
&self,
account: &str,
continuationToken: Option<&str>
) -> Result<Value, Error>
pub async fn azureContainers( &self, account: &str, continuationToken: Option<&str> ) -> Result<Value, Error>
List containers in an Account Managed by Auth
Retrieve a list of all containers in an account.
sourcepub fn azureContainers_url(
&self,
account: &str,
continuationToken: Option<&str>
) -> Result<String, Error>
pub fn azureContainers_url( &self, account: &str, continuationToken: Option<&str> ) -> Result<String, Error>
Generate an unsigned URL for the azureContainers endpoint
sourcepub fn azureContainers_signed_url(
&self,
account: &str,
continuationToken: Option<&str>,
ttl: Duration
) -> Result<String, Error>
pub fn azureContainers_signed_url( &self, account: &str, continuationToken: Option<&str>, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the azureContainers endpoint
sourcepub async fn azureContainerSAS(
&self,
account: &str,
container: &str,
level: &str
) -> Result<Value, Error>
pub async fn azureContainerSAS( &self, account: &str, container: &str, level: &str ) -> Result<Value, Error>
Get Shared-Access-Signature for Azure Container
Get a shared access signature (SAS) string for use with a specific Azure Blob Storage container.
The level
parameter can be read-write
or read-only
and determines
which type of credentials are returned. If level is read-write, it will create the
container if it doesn’t already exist.
sourcepub fn azureContainerSAS_url(
&self,
account: &str,
container: &str,
level: &str
) -> Result<String, Error>
pub fn azureContainerSAS_url( &self, account: &str, container: &str, level: &str ) -> Result<String, Error>
Generate an unsigned URL for the azureContainerSAS endpoint
sourcepub fn azureContainerSAS_signed_url(
&self,
account: &str,
container: &str,
level: &str,
ttl: Duration
) -> Result<String, Error>
pub fn azureContainerSAS_signed_url( &self, account: &str, container: &str, level: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the azureContainerSAS endpoint
sourcepub async fn sentryDSN(&self, project: &str) -> Result<Value, Error>
pub async fn sentryDSN(&self, project: &str) -> Result<Value, Error>
Get DSN for Sentry Project
Get temporary DSN (access credentials) for a sentry project. The credentials returned can be used with any Sentry client for up to 24 hours, after which the credentials will be automatically disabled.
If the project doesn’t exist it will be created, and assigned to the initial team configured for this component. Contact a Sentry admin to have the project transferred to a team you have access to if needed
sourcepub fn sentryDSN_url(&self, project: &str) -> Result<String, Error>
pub fn sentryDSN_url(&self, project: &str) -> Result<String, Error>
Generate an unsigned URL for the sentryDSN endpoint
sourcepub fn sentryDSN_signed_url(
&self,
project: &str,
ttl: Duration
) -> Result<String, Error>
pub fn sentryDSN_signed_url( &self, project: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the sentryDSN endpoint
sourcepub async fn websocktunnelToken(
&self,
wstAudience: &str,
wstClient: &str
) -> Result<Value, Error>
pub async fn websocktunnelToken( &self, wstAudience: &str, wstClient: &str ) -> Result<Value, Error>
Get a client token for the Websocktunnel service
Get a temporary token suitable for use connecting to a websocktunnel server.
The resulting token will only be accepted by servers with a matching audience value. Reaching such a server is the callers responsibility. In general, a server URL or set of URLs should be provided to the caller as configuration along with the audience value.
The token is valid for a limited time (on the scale of hours). Callers should refresh it before expiration.
sourcepub fn websocktunnelToken_url(
&self,
wstAudience: &str,
wstClient: &str
) -> Result<String, Error>
pub fn websocktunnelToken_url( &self, wstAudience: &str, wstClient: &str ) -> Result<String, Error>
Generate an unsigned URL for the websocktunnelToken endpoint
sourcepub fn websocktunnelToken_signed_url(
&self,
wstAudience: &str,
wstClient: &str,
ttl: Duration
) -> Result<String, Error>
pub fn websocktunnelToken_signed_url( &self, wstAudience: &str, wstClient: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the websocktunnelToken endpoint
sourcepub async fn gcpCredentials(
&self,
projectId: &str,
serviceAccount: &str
) -> Result<Value, Error>
pub async fn gcpCredentials( &self, projectId: &str, serviceAccount: &str ) -> Result<Value, Error>
Get Temporary GCP Credentials
Get temporary GCP credentials for the given serviceAccount in the given project.
Only preconfigured projects and serviceAccounts are allowed, as defined in the deployment of the Taskcluster services.
The credentials are set to expire after an hour, but this behavior is
subject to change. Hence, you should always read the expires
property
from the response, if you intend to maintain active credentials in your
application.
sourcepub fn gcpCredentials_url(
&self,
projectId: &str,
serviceAccount: &str
) -> Result<String, Error>
pub fn gcpCredentials_url( &self, projectId: &str, serviceAccount: &str ) -> Result<String, Error>
Generate an unsigned URL for the gcpCredentials endpoint
sourcepub fn gcpCredentials_signed_url(
&self,
projectId: &str,
serviceAccount: &str,
ttl: Duration
) -> Result<String, Error>
pub fn gcpCredentials_signed_url( &self, projectId: &str, serviceAccount: &str, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the gcpCredentials endpoint
sourcepub async fn authenticateHawk(&self, payload: &Value) -> Result<Value, Error>
pub async fn authenticateHawk(&self, payload: &Value) -> Result<Value, Error>
Authenticate Hawk Request
Validate the request signature given on input and return list of scopes that the authenticating client has.
This method is used by other services that wish rely on Taskcluster credentials for authentication. This way we can use Hawk without having the secret credentials leave this service.
sourcepub async fn testAuthenticate(&self, payload: &Value) -> Result<Value, Error>
pub async fn testAuthenticate(&self, payload: &Value) -> Result<Value, Error>
Test Authentication
Utility method to test client implementations of Taskcluster authentication.
Rather than using real credentials, this endpoint accepts requests with
clientId tester
and accessToken no-secret
. That client’s scopes are
based on clientScopes
in the request body.
The request is validated, with any certificate, authorizedScopes, etc.
applied, and the resulting scopes are checked against requiredScopes
from the request body. On success, the response contains the clientId
and scopes as seen by the API method.
sourcepub async fn testAuthenticateGet(&self) -> Result<Value, Error>
pub async fn testAuthenticateGet(&self) -> Result<Value, Error>
Test Authentication (GET)
Utility method similar to testAuthenticate
, but with the GET method,
so it can be used with signed URLs (bewits).
Rather than using real credentials, this endpoint accepts requests with
clientId tester
and accessToken no-secret
. That client’s scopes are
['test:*', 'auth:create-client:test:*']
. The call fails if the
test:authenticate-get
scope is not available.
The request is validated, with any certificate, authorizedScopes, etc. applied, and the resulting scopes are checked, just like any API call. On success, the response contains the clientId and scopes as seen by the API method.
This method may later be extended to allow specification of client and required scopes via query arguments.
sourcepub fn testAuthenticateGet_url(&self) -> Result<String, Error>
pub fn testAuthenticateGet_url(&self) -> Result<String, Error>
Generate an unsigned URL for the testAuthenticateGet endpoint
sourcepub fn testAuthenticateGet_signed_url(
&self,
ttl: Duration
) -> Result<String, Error>
pub fn testAuthenticateGet_signed_url( &self, ttl: Duration ) -> Result<String, Error>
Generate a signed URL for the testAuthenticateGet endpoint
sourcepub async fn heartbeat(&self) -> Result<(), Error>
pub async fn heartbeat(&self) -> Result<(), Error>
Heartbeat
Respond with a service heartbeat.
This endpoint is used to check on backing services this service depends on.
sourcepub fn heartbeat_url(&self) -> Result<String, Error>
pub fn heartbeat_url(&self) -> Result<String, Error>
Generate an unsigned URL for the heartbeat endpoint