feat: added CreateSshPublicKey RPC (#3635)

- [ ] Regenerate this pull request now. chore: disallow "transport=rest" for services where numeric enums are not confirmed to be supported (except in PHP and Java) PiperOrigin-RevId: 493113566 Source-Link: https://togithub.com/googleapis/googleapis/commit/758f0d1217d9c7fe398aa5efb1057ce4b6409e55 Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/78bd8f05e1276363eb14eae70e91fe4bc20703ab Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLW9zbG9naW4vLk93bEJvdC55YW1sIiwiaCI6Ijc4YmQ4ZjA1ZTEyNzYzNjNlYjE0ZWFlNzBlOTFmZTRiYzIwNzAzYWIifQ== BEGIN_NESTED_COMMIT feat: added CreateSshPublicKey RPC PiperOrigin-RevId: 488460648 Source-Link: https://togithub.com/googleapis/googleapis/commit/236055995b64ba17e1441fe12908ca6e0f1953b9 Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/59576752785e41d49590c1ed00042827611f3438 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLW9zbG9naW4vLk93bEJvdC55YW1sIiwiaCI6IjU5NTc2NzUyNzg1ZTQxZDQ5NTkwYzFlZDAwMDQyODI3NjExZjM0MzgifQ== END_NESTED_COMMIT
googleapis · Dec 9, 2022 · 0489224 · 0489224
1 parent b47ea92
commit 0489224
Show file tree

Hide file tree

Showing 22 changed files with 3,095 additions and 31 deletions.
diff --git a/packages/google-cloud-oslogin/README.md b/packages/google-cloud-oslogin/README.md
@@ -102,12 +102,14 @@ Samples are in the [`samples/`](https://github.com/googleapis/google-cloud-node/
 
 | Sample                      | Source Code                       | Try it |
 | --------------------------- | --------------------------------- | ------ |
+| Os_login_service.create_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.create_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.create_ssh_public_key.js,samples/README.md) |
 | Os_login_service.delete_posix_account | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.delete_posix_account.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.delete_posix_account.js,samples/README.md) |
 | Os_login_service.delete_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.delete_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.delete_ssh_public_key.js,samples/README.md) |
 | Os_login_service.get_login_profile | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.get_login_profile.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.get_login_profile.js,samples/README.md) |
 | Os_login_service.get_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.get_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.get_ssh_public_key.js,samples/README.md) |
 | Os_login_service.import_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.import_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.import_ssh_public_key.js,samples/README.md) |
 | Os_login_service.update_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1/os_login_service.update_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1/os_login_service.update_ssh_public_key.js,samples/README.md) |
+| Os_login_service.create_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.create_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.create_ssh_public_key.js,samples/README.md) |
 | Os_login_service.delete_posix_account | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.delete_posix_account.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.delete_posix_account.js,samples/README.md) |
 | Os_login_service.delete_ssh_public_key | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.delete_ssh_public_key.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.delete_ssh_public_key.js,samples/README.md) |
 | Os_login_service.get_login_profile | [source code](https://github.com/googleapis/google-cloud-node/blob/main/packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.get_login_profile.js) | [![Open in Cloud Shell][shell_img]](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/googleapis/google-cloud-node&page=editor&open_in_editor=packages/google-cloud-oslogin/samples/generated/v1beta/os_login_service.get_login_profile.js,samples/README.md) |

diff --git a/packages/google-cloud-oslogin/protos/google/cloud/oslogin/common/common.proto b/packages/google-cloud-oslogin/protos/google/cloud/oslogin/common/common.proto
@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC.
+// Copyright 2022 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -11,7 +11,6 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-//
 
 syntax = "proto3";
 
@@ -26,8 +25,6 @@ option java_outer_classname = "OsLoginProto";
 option java_package = "com.google.cloud.oslogin.common";
 option php_namespace = "Google\\Cloud\\OsLogin\\Common";
 option ruby_package = "Google::Cloud::OsLogin::Common";
-
-// Define a "User" resource owned by OS Login.
 option (google.api.resource_definition) = {
   type: "oslogin.googleapis.com/User"
   pattern: "users/{user}"

diff --git a/packages/google-cloud-oslogin/protos/google/cloud/oslogin/v1/oslogin.proto b/packages/google-cloud-oslogin/protos/google/cloud/oslogin/v1/oslogin.proto
@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC.
+// Copyright 2022 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -11,7 +11,6 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-//
 
 syntax = "proto3";
 
@@ -41,7 +40,18 @@ service OsLoginService {
   option (google.api.default_host) = "oslogin.googleapis.com";
   option (google.api.oauth_scopes) =
       "https://www.googleapis.com/auth/cloud-platform,"
-      "https://www.googleapis.com/auth/compute";
+      "https://www.googleapis.com/auth/cloud-platform.read-only,"
+      "https://www.googleapis.com/auth/compute,"
+      "https://www.googleapis.com/auth/compute.readonly";
+
+  // Create an SSH public key
+  rpc CreateSshPublicKey(CreateSshPublicKeyRequest) returns (google.cloud.oslogin.common.SshPublicKey) {
+    option (google.api.http) = {
+      post: "/v1/{parent=users/*}/sshPublicKeys"
+      body: "ssh_public_key"
+    };
+    option (google.api.method_signature) = "parent,ssh_public_key";
+  }
 
   // Deletes a POSIX account.
   rpc DeletePosixAccount(DeletePosixAccountRequest) returns (google.protobuf.Empty) {
@@ -113,6 +123,20 @@ message LoginProfile {
   map<string, google.cloud.oslogin.common.SshPublicKey> ssh_public_keys = 3;
 }
 
+// A request message for creating an SSH public key.
+message CreateSshPublicKeyRequest {
+  // Required. The unique ID for the user in format `users/{user}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "oslogin.googleapis.com/SshPublicKey"
+    }
+  ];
+
+  // Required. The SSH public key and expiration time.
+  google.cloud.oslogin.common.SshPublicKey ssh_public_key = 2 [(google.api.field_behavior) = REQUIRED];
+}
+
 // A request message for deleting a POSIX account entry.
 message DeletePosixAccountRequest {
   // Required. A reference to the POSIX account to update. POSIX accounts are identified
@@ -190,6 +214,9 @@ message ImportSshPublicKeyRequest {
 message ImportSshPublicKeyResponse {
   // The login profile information for the user.
   LoginProfile login_profile = 1;
+
+  // Detailed information about import results.
+  string details = 2;
 }
 
 // A request message for updating an SSH public key.

diff --git a/packages/google-cloud-oslogin/protos/google/cloud/oslogin/v1beta/oslogin.proto b/packages/google-cloud-oslogin/protos/google/cloud/oslogin/v1beta/oslogin.proto
@@ -1,4 +1,4 @@
-// Copyright 2019 Google LLC.
+// Copyright 2022 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -11,7 +11,6 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-//
 
 syntax = "proto3";
 
@@ -45,6 +44,15 @@ service OsLoginService {
       "https://www.googleapis.com/auth/compute,"
       "https://www.googleapis.com/auth/compute.readonly";
 
+  // Create an SSH public key
+  rpc CreateSshPublicKey(CreateSshPublicKeyRequest) returns (google.cloud.oslogin.common.SshPublicKey) {
+    option (google.api.http) = {
+      post: "/v1beta/{parent=users/*}/sshPublicKeys"
+      body: "ssh_public_key"
+    };
+    option (google.api.method_signature) = "parent,ssh_public_key";
+  }
+
   // Deletes a POSIX account.
   rpc DeletePosixAccount(DeletePosixAccountRequest) returns (google.protobuf.Empty) {
     option (google.api.http) = {
@@ -113,6 +121,23 @@ message LoginProfile {
 
   // A map from SSH public key fingerprint to the associated key object.
   map<string, google.cloud.oslogin.common.SshPublicKey> ssh_public_keys = 3;
+
+  // The registered security key credentials for a user.
+  repeated SecurityKey security_keys = 5;
+}
+
+// A request message for creating an SSH public key.
+message CreateSshPublicKeyRequest {
+  // Required. The unique ID for the user in format `users/{user}`.
+  string parent = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {
+      child_type: "oslogin.googleapis.com/SshPublicKey"
+    }
+  ];
+
+  // Required. The SSH public key and expiration time.
+  google.cloud.oslogin.common.SshPublicKey ssh_public_key = 2 [(google.api.field_behavior) = REQUIRED];
 }
 
 // A request message for deleting a POSIX account entry.
@@ -146,13 +171,19 @@ message GetLoginProfileRequest {
   // Required. The unique ID for the user in format `users/{user}`.
   string name = 1 [
     (google.api.field_behavior) = REQUIRED,
-    (google.api.resource_reference).type = "oslogin.googleapis.com/User"];
+    (google.api.resource_reference) = {
+      type: "oslogin.googleapis.com/User"
+    }
+  ];
 
   // The project ID of the Google Cloud Platform project.
   string project_id = 2;
 
   // A system ID for filtering the results of the request.
   string system_id = 3;
+
+  // The view configures whether to retrieve security keys information.
+  LoginProfileView view = 4;
 }
 
 // A request message for retrieving an SSH public key.
@@ -180,12 +211,18 @@ message ImportSshPublicKeyRequest {
 
   // The project ID of the Google Cloud Platform project.
   string project_id = 3;
+
+  // The view configures whether to retrieve security keys information.
+  LoginProfileView view = 4;
 }
 
 // A response message for importing an SSH public key.
 message ImportSshPublicKeyResponse {
   // The login profile information for the user.
   LoginProfile login_profile = 1;
+
+  // Detailed information about import results.
+  string details = 2;
 }
 
 // A request message for updating an SSH public key.
@@ -206,3 +243,46 @@ message UpdateSshPublicKeyRequest {
   // Mask to control which fields get updated. Updates all if not present.
   google.protobuf.FieldMask update_mask = 3;
 }
+
+// The credential information for a Google registered security key.
+message SecurityKey {
+  // Public key text in SSH format, defined by
+  // [RFC4253]("https://www.ietf.org/rfc/rfc4253.txt") section 6.6.
+  string public_key = 1;
+
+  // Hardware-backed private key text in SSH format.
+  string private_key = 2;
+
+  // The FIDO protocol type used to register this credential.
+  oneof protocol_type {
+    // The U2F protocol type.
+    UniversalTwoFactor universal_two_factor = 3;
+
+    // The Web Authentication protocol type.
+    WebAuthn web_authn = 4;
+  }
+}
+
+// Security key information specific to the U2F protocol.
+message UniversalTwoFactor {
+  // Application ID for the U2F protocol.
+  string app_id = 1;
+}
+
+// Security key information specific to the Web Authentication protocol.
+message WebAuthn {
+  // Relying party ID for Web Authentication.
+  string rp_id = 1;
+}
+
+// The login profile view limits the user content retrieved.
+enum LoginProfileView {
+  // The default login profile view. The API defaults to the BASIC view.
+  LOGIN_PROFILE_VIEW_UNSPECIFIED = 0;
+
+  // Includes POSIX and SSH key information.
+  BASIC = 1;
+
+  // Include security key information for the user.
+  SECURITY_KEY = 2;
+}