AuthProvider class

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Constructors

AuthProvider()
AuthProvider.fromJson(Map _json)

Properties

audiences String
The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences: - "https://service.name/google.protobuf.Api.name" - "https://service.name/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences: - https://library-example.googleapis.com/google.example.library.v1.LibraryService [...]
read / write
authorizationUrl String
Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.
read / write
hashCode int
The hash code for this object. [...]
read-only, inherited
id String
The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id. Example: "bookstore_auth".
read / write
issuer String
Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address. Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com
read / write
jwksUri String
URL of the provider's public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document: - can be retrieved from OpenID Discovery(https://openid.net/specs/openid-connect-discovery-1_0.html of the issuer. - can be inferred from the email domain of the issuer (e.g. a Google service account). Example: https://www.googleapis.com/oauth2/v1/certs
read / write
jwtLocations List<JwtLocation>
Defines the locations to extract the JWT. JWT locations can be either from HTTP headers or URL query parameters. The rule is that the first match wins. The checking order is: checking all headers first, then URL query parameters. If not specified, default to use following 3 locations: 1) Authorization: Bearer 2) x-goog-iap-jwt-assertion 3) access_token query parameter Default locations can be specified as followings: jwt_locations: [...]
read / write
runtimeType Type
A representation of the runtime type of the object.
read-only, inherited

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a non-existent method or property is accessed. [...]
inherited
toJson() Map<String, Object>
toString() String
Returns a string representation of this object.
inherited

Operators

operator ==(Object other) bool
The equality operator. [...]
inherited