feat: [confidentialcomputing] Add a new field token_type to `TokenO…

…ptions` message proto (#10051) - [ ] Regenerate this pull request now. chore: remove backend configuration from the service config PiperOrigin-RevId: 581042395 Source-Link: https://togithub.com/googleapis/googleapis/commit/2a4cbb9766ba13cd435d47ac91af4138d4821d22 Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/a8d92b254cf89d1c310ae58167fdd1fd3d1d4d03 Copy-Tag: eyJwIjoiamF2YS1jb25maWRlbnRpYWxjb21wdXRpbmcvLk93bEJvdC55YW1sIiwiaCI6ImE4ZDkyYjI1NGNmODlkMWMzMTBhZTU4MTY3ZmRkMWZkM2QxZDRkMDMifQ==
googleapis · Nov 16, 2023 · e8c974b · e8c974b
1 parent 7d1f4fe
commit e8c974b
Show file tree

Hide file tree

Showing 7 changed files with 430 additions and 51 deletions.
diff --git a/java-confidentialcomputing/README.md b/java-confidentialcomputing/README.md
@@ -23,7 +23,7 @@ If you are using Maven with [BOM][libraries-bom], add this to your pom.xml file:
     <dependency>
       <groupId>com.google.cloud</groupId>
       <artifactId>libraries-bom</artifactId>
-      <version>26.23.0</version>
+      <version>26.27.0</version>
       <type>pom</type>
       <scope>import</scope>
     </dependency>
@@ -201,7 +201,7 @@ Java is a registered trademark of Oracle and/or its affiliates.
 [kokoro-badge-link-5]: http://storage.googleapis.com/cloud-devrel-public/java/badges/java-confidentialcomputing/java11.html
 [stability-image]: https://img.shields.io/badge/stability-preview-yellow
 [maven-version-image]: https://img.shields.io/maven-central/v/com.google.cloud/google-cloud-confidentialcomputing.svg
-[maven-version-link]: https://central.sonatype.com/artifact/com.google.cloud/google-cloud-confidentialcomputing/0.10.0
+[maven-version-link]: https://central.sonatype.com/artifact/com.google.cloud/google-cloud-confidentialcomputing/0.16.0
 [authentication]: https://github.com/googleapis/google-cloud-java#authentication
 [auth-scopes]: https://developers.google.com/identity/protocols/oauth2/scopes
 [predefined-iam-roles]: https://cloud.google.com/iam/docs/understanding-roles#predefined_roles

diff --git a/...urces/META-INF/native-image/com.google.cloud.confidentialcomputing.v1/reflect-config.json b/...urces/META-INF/native-image/com.google.cloud.confidentialcomputing.v1/reflect-config.json
@@ -512,6 +512,15 @@
     "allDeclaredClasses": true,
     "allPublicClasses": true
   },
+  {
+    "name": "com.google.cloud.confidentialcomputing.v1.TokenType",
+    "queryAllDeclaredConstructors": true,
+    "queryAllPublicConstructors": true,
+    "queryAllDeclaredMethods": true,
+    "allPublicMethods": true,
+    "allDeclaredClasses": true,
+    "allPublicClasses": true
+  },
   {
     "name": "com.google.cloud.confidentialcomputing.v1.TpmAttestation",
     "queryAllDeclaredConstructors": true,

diff --git a/...ialcomputing-v1/src/main/java/com/google/cloud/confidentialcomputing/v1/ServiceProto.java b/...ialcomputing-v1/src/main/java/com/google/cloud/confidentialcomputing/v1/ServiceProto.java
@@ -117,54 +117,57 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
           + "testationResponse\022\037\n\021oidc_claims_token\030\002"
           + " \001(\tB\004\342A\001\003\0220\n\016partial_errors\030\003 \003(\0132\022.goo"
           + "gle.rpc.StatusB\004\342A\001\003\"3\n\016GcpCredentials\022!"
-          + "\n\031service_account_id_tokens\030\002 \003(\t\";\n\014Tok"
-          + "enOptions\022\026\n\010audience\030\001 \001(\tB\004\342A\001\001\022\023\n\005non"
-          + "ce\030\002 \003(\tB\004\342A\001\001\"\217\003\n\016TpmAttestation\022K\n\006quo"
-          + "tes\030\001 \003(\0132;.google.cloud.confidentialcom"
-          + "puting.v1.TpmAttestation.Quote\022\025\n\rtcg_ev"
-          + "ent_log\030\002 \001(\014\022\033\n\023canonical_event_log\030\003 \001"
-          + "(\014\022\017\n\007ak_cert\030\004 \001(\014\022\022\n\ncert_chain\030\005 \003(\014\032"
-          + "\326\001\n\005Quote\022\021\n\thash_algo\030\001 \001(\005\022^\n\npcr_valu"
-          + "es\030\002 \003(\0132J.google.cloud.confidentialcomp"
-          + "uting.v1.TpmAttestation.Quote.PcrValuesE"
-          + "ntry\022\021\n\traw_quote\030\003 \001(\014\022\025\n\rraw_signature"
-          + "\030\004 \001(\014\0320\n\016PcrValuesEntry\022\013\n\003key\030\001 \001(\005\022\r\n"
-          + "\005value\030\002 \001(\014:\0028\001\"k\n\025ConfidentialSpaceInf"
-          + "o\022R\n\017signed_entities\030\001 \003(\01323.google.clou"
-          + "d.confidentialcomputing.v1.SignedEntityB"
-          + "\004\342A\001\001\"x\n\014SignedEntity\022h\n\032container_image"
-          + "_signatures\030\001 \003(\0132>.google.cloud.confide"
-          + "ntialcomputing.v1.ContainerImageSignatur"
-          + "eB\004\342A\001\001\"\263\001\n\027ContainerImageSignature\022\025\n\007p"
-          + "ayload\030\001 \001(\014B\004\342A\001\001\022\027\n\tsignature\030\002 \001(\014B\004\342"
-          + "A\001\001\022\030\n\npublic_key\030\003 \001(\014B\004\342A\001\001\022N\n\007sig_alg"
-          + "\030\004 \001(\01627.google.cloud.confidentialcomput"
-          + "ing.v1.SigningAlgorithmB\004\342A\001\001*\177\n\020Signing"
-          + "Algorithm\022!\n\035SIGNING_ALGORITHM_UNSPECIFI"
-          + "ED\020\000\022\025\n\021RSASSA_PSS_SHA256\020\001\022\032\n\026RSASSA_PK"
-          + "CS1V15_SHA256\020\002\022\025\n\021ECDSA_P256_SHA256\020\0032\267"
-          + "\004\n\025ConfidentialComputing\022\330\001\n\017CreateChall"
-          + "enge\022=.google.cloud.confidentialcomputin"
-          + "g.v1.CreateChallengeRequest\0320.google.clo"
-          + "ud.confidentialcomputing.v1.Challenge\"T\332"
-          + "A\020parent,challenge\202\323\344\223\002;\"./v1/{parent=pr"
-          + "ojects/*/locations/*}/challenges:\tchalle"
-          + "nge\022\350\001\n\021VerifyAttestation\022?.google.cloud"
-          + ".confidentialcomputing.v1.VerifyAttestat"
-          + "ionRequest\032@.google.cloud.confidentialco"
-          + "mputing.v1.VerifyAttestationResponse\"P\202\323"
-          + "\344\223\002J\"E/v1/{challenge=projects/*/location"
-          + "s/*/challenges/*}:verifyAttestation:\001*\032X"
-          + "\312A$confidentialcomputing.googleapis.com\322"
-          + "A.https://www.googleapis.com/auth/cloud-"
-          + "platformB\227\002\n)com.google.cloud.confidenti"
-          + "alcomputing.v1B\014ServiceProtoP\001Z_cloud.go"
-          + "ogle.com/go/confidentialcomputing/apiv1/"
-          + "confidentialcomputingpb;confidentialcomp"
-          + "utingpb\252\002%Google.Cloud.ConfidentialCompu"
-          + "ting.V1\312\002%Google\\Cloud\\ConfidentialCompu"
-          + "ting\\V1\352\002(Google::Cloud::ConfidentialCom"
-          + "puting::V1b\006proto3"
+          + "\n\031service_account_id_tokens\030\002 \003(\t\"\207\001\n\014To"
+          + "kenOptions\022\026\n\010audience\030\001 \001(\tB\004\342A\001\001\022\023\n\005no"
+          + "nce\030\002 \003(\tB\004\342A\001\001\022J\n\ntoken_type\030\003 \001(\01620.go"
+          + "ogle.cloud.confidentialcomputing.v1.Toke"
+          + "nTypeB\004\342A\001\001\"\217\003\n\016TpmAttestation\022K\n\006quotes"
+          + "\030\001 \003(\0132;.google.cloud.confidentialcomput"
+          + "ing.v1.TpmAttestation.Quote\022\025\n\rtcg_event"
+          + "_log\030\002 \001(\014\022\033\n\023canonical_event_log\030\003 \001(\014\022"
+          + "\017\n\007ak_cert\030\004 \001(\014\022\022\n\ncert_chain\030\005 \003(\014\032\326\001\n"
+          + "\005Quote\022\021\n\thash_algo\030\001 \001(\005\022^\n\npcr_values\030"
+          + "\002 \003(\0132J.google.cloud.confidentialcomputi"
+          + "ng.v1.TpmAttestation.Quote.PcrValuesEntr"
+          + "y\022\021\n\traw_quote\030\003 \001(\014\022\025\n\rraw_signature\030\004 "
+          + "\001(\014\0320\n\016PcrValuesEntry\022\013\n\003key\030\001 \001(\005\022\r\n\005va"
+          + "lue\030\002 \001(\014:\0028\001\"k\n\025ConfidentialSpaceInfo\022R"
+          + "\n\017signed_entities\030\001 \003(\01323.google.cloud.c"
+          + "onfidentialcomputing.v1.SignedEntityB\004\342A"
+          + "\001\001\"x\n\014SignedEntity\022h\n\032container_image_si"
+          + "gnatures\030\001 \003(\0132>.google.cloud.confidenti"
+          + "alcomputing.v1.ContainerImageSignatureB\004"
+          + "\342A\001\001\"\263\001\n\027ContainerImageSignature\022\025\n\007payl"
+          + "oad\030\001 \001(\014B\004\342A\001\001\022\027\n\tsignature\030\002 \001(\014B\004\342A\001\001"
+          + "\022\030\n\npublic_key\030\003 \001(\014B\004\342A\001\001\022N\n\007sig_alg\030\004 "
+          + "\001(\01627.google.cloud.confidentialcomputing"
+          + ".v1.SigningAlgorithmB\004\342A\001\001*\177\n\020SigningAlg"
+          + "orithm\022!\n\035SIGNING_ALGORITHM_UNSPECIFIED\020"
+          + "\000\022\025\n\021RSASSA_PSS_SHA256\020\001\022\032\n\026RSASSA_PKCS1"
+          + "V15_SHA256\020\002\022\025\n\021ECDSA_P256_SHA256\020\003*<\n\tT"
+          + "okenType\022\032\n\026TOKEN_TYPE_UNSPECIFIED\020\000\022\023\n\017"
+          + "TOKEN_TYPE_OIDC\020\0012\267\004\n\025ConfidentialComput"
+          + "ing\022\330\001\n\017CreateChallenge\022=.google.cloud.c"
+          + "onfidentialcomputing.v1.CreateChallengeR"
+          + "equest\0320.google.cloud.confidentialcomput"
+          + "ing.v1.Challenge\"T\332A\020parent,challenge\202\323\344"
+          + "\223\002;\"./v1/{parent=projects/*/locations/*}"
+          + "/challenges:\tchallenge\022\350\001\n\021VerifyAttesta"
+          + "tion\022?.google.cloud.confidentialcomputin"
+          + "g.v1.VerifyAttestationRequest\032@.google.c"
+          + "loud.confidentialcomputing.v1.VerifyAtte"
+          + "stationResponse\"P\202\323\344\223\002J\"E/v1/{challenge="
+          + "projects/*/locations/*/challenges/*}:ver"
+          + "ifyAttestation:\001*\032X\312A$confidentialcomput"
+          + "ing.googleapis.com\322A.https://www.googlea"
+          + "pis.com/auth/cloud-platformB\227\002\n)com.goog"
+          + "le.cloud.confidentialcomputing.v1B\014Servi"
+          + "ceProtoP\001Z_cloud.google.com/go/confident"
+          + "ialcomputing/apiv1/confidentialcomputing"
+          + "pb;confidentialcomputingpb\252\002%Google.Clou"
+          + "d.ConfidentialComputing.V1\312\002%Google\\Clou"
+          + "d\\ConfidentialComputing\\V1\352\002(Google::Clo"
+          + "ud::ConfidentialComputing::V1b\006proto3"
     };
     descriptor =
         com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -227,7 +230,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
         new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
             internal_static_google_cloud_confidentialcomputing_v1_TokenOptions_descriptor,
             new java.lang.String[] {
-              "Audience", "Nonce",
+              "Audience", "Nonce", "TokenType",
             });
     internal_static_google_cloud_confidentialcomputing_v1_TpmAttestation_descriptor =
         getDescriptor().getMessageTypes().get(6);

diff --git a/...ialcomputing-v1/src/main/java/com/google/cloud/confidentialcomputing/v1/TokenOptions.java b/...ialcomputing-v1/src/main/java/com/google/cloud/confidentialcomputing/v1/TokenOptions.java
@@ -40,6 +40,7 @@ private TokenOptions(com.google.protobuf.GeneratedMessageV3.Builder<?> builder)
   private TokenOptions() {
     audience_ = "";
     nonce_ = com.google.protobuf.LazyStringArrayList.emptyList();
+    tokenType_ = 0;
   }
 
   @java.lang.Override
@@ -188,6 +189,47 @@ public com.google.protobuf.ByteString getNonceBytes(int index) {
     return nonce_.getByteString(index);
   }
 
+  public static final int TOKEN_TYPE_FIELD_NUMBER = 3;
+  private int tokenType_ = 0;
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Optional token type to select what type of token to return.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The enum numeric value on the wire for tokenType.
+   */
+  @java.lang.Override
+  public int getTokenTypeValue() {
+    return tokenType_;
+  }
+  /**
+   *
+   *
+   * <pre>
+   * Optional. Optional token type to select what type of token to return.
+   * </pre>
+   *
+   * <code>
+   * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+   * </code>
+   *
+   * @return The tokenType.
+   */
+  @java.lang.Override
+  public com.google.cloud.confidentialcomputing.v1.TokenType getTokenType() {
+    com.google.cloud.confidentialcomputing.v1.TokenType result =
+        com.google.cloud.confidentialcomputing.v1.TokenType.forNumber(tokenType_);
+    return result == null
+        ? com.google.cloud.confidentialcomputing.v1.TokenType.UNRECOGNIZED
+        : result;
+  }
+
   private byte memoizedIsInitialized = -1;
 
   @java.lang.Override
@@ -208,6 +250,10 @@ public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io
     for (int i = 0; i < nonce_.size(); i++) {
       com.google.protobuf.GeneratedMessageV3.writeString(output, 2, nonce_.getRaw(i));
     }
+    if (tokenType_
+        != com.google.cloud.confidentialcomputing.v1.TokenType.TOKEN_TYPE_UNSPECIFIED.getNumber()) {
+      output.writeEnum(3, tokenType_);
+    }
     getUnknownFields().writeTo(output);
   }
 
@@ -228,6 +274,10 @@ public int getSerializedSize() {
       size += dataSize;
       size += 1 * getNonceList().size();
     }
+    if (tokenType_
+        != com.google.cloud.confidentialcomputing.v1.TokenType.TOKEN_TYPE_UNSPECIFIED.getNumber()) {
+      size += com.google.protobuf.CodedOutputStream.computeEnumSize(3, tokenType_);
+    }
     size += getUnknownFields().getSerializedSize();
     memoizedSize = size;
     return size;
@@ -246,6 +296,7 @@ public boolean equals(final java.lang.Object obj) {
 
     if (!getAudience().equals(other.getAudience())) return false;
     if (!getNonceList().equals(other.getNonceList())) return false;
+    if (tokenType_ != other.tokenType_) return false;
     if (!getUnknownFields().equals(other.getUnknownFields())) return false;
     return true;
   }
@@ -263,6 +314,8 @@ public int hashCode() {
       hash = (37 * hash) + NONCE_FIELD_NUMBER;
       hash = (53 * hash) + getNonceList().hashCode();
     }
+    hash = (37 * hash) + TOKEN_TYPE_FIELD_NUMBER;
+    hash = (53 * hash) + tokenType_;
     hash = (29 * hash) + getUnknownFields().hashCode();
     memoizedHashCode = hash;
     return hash;
@@ -405,6 +458,7 @@ public Builder clear() {
       bitField0_ = 0;
       audience_ = "";
       nonce_ = com.google.protobuf.LazyStringArrayList.emptyList();
+      tokenType_ = 0;
       return this;
     }
 
@@ -448,6 +502,9 @@ private void buildPartial0(com.google.cloud.confidentialcomputing.v1.TokenOption
         nonce_.makeImmutable();
         result.nonce_ = nonce_;
       }
+      if (((from_bitField0_ & 0x00000004) != 0)) {
+        result.tokenType_ = tokenType_;
+      }
     }
 
     @java.lang.Override
@@ -511,6 +568,9 @@ public Builder mergeFrom(com.google.cloud.confidentialcomputing.v1.TokenOptions
         }
         onChanged();
       }
+      if (other.tokenType_ != 0) {
+        setTokenTypeValue(other.getTokenTypeValue());
+      }
       this.mergeUnknownFields(other.getUnknownFields());
       onChanged();
       return this;
@@ -550,6 +610,12 @@ public Builder mergeFrom(
                 nonce_.add(s);
                 break;
               } // case 18
+            case 24:
+              {
+                tokenType_ = input.readEnum();
+                bitField0_ |= 0x00000004;
+                break;
+              } // case 24
             default:
               {
                 if (!super.parseUnknownField(input, extensionRegistry, tag)) {
@@ -872,6 +938,108 @@ public Builder addNonceBytes(com.google.protobuf.ByteString value) {
       return this;
     }
 
+    private int tokenType_ = 0;
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Optional token type to select what type of token to return.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return The enum numeric value on the wire for tokenType.
+     */
+    @java.lang.Override
+    public int getTokenTypeValue() {
+      return tokenType_;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Optional token type to select what type of token to return.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @param value The enum numeric value on the wire for tokenType to set.
+     * @return This builder for chaining.
+     */
+    public Builder setTokenTypeValue(int value) {
+      tokenType_ = value;
+      bitField0_ |= 0x00000004;
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Optional token type to select what type of token to return.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return The tokenType.
+     */
+    @java.lang.Override
+    public com.google.cloud.confidentialcomputing.v1.TokenType getTokenType() {
+      com.google.cloud.confidentialcomputing.v1.TokenType result =
+          com.google.cloud.confidentialcomputing.v1.TokenType.forNumber(tokenType_);
+      return result == null
+          ? com.google.cloud.confidentialcomputing.v1.TokenType.UNRECOGNIZED
+          : result;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Optional token type to select what type of token to return.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @param value The tokenType to set.
+     * @return This builder for chaining.
+     */
+    public Builder setTokenType(com.google.cloud.confidentialcomputing.v1.TokenType value) {
+      if (value == null) {
+        throw new NullPointerException();
+      }
+      bitField0_ |= 0x00000004;
+      tokenType_ = value.getNumber();
+      onChanged();
+      return this;
+    }
+    /**
+     *
+     *
+     * <pre>
+     * Optional. Optional token type to select what type of token to return.
+     * </pre>
+     *
+     * <code>
+     * .google.cloud.confidentialcomputing.v1.TokenType token_type = 3 [(.google.api.field_behavior) = OPTIONAL];
+     * </code>
+     *
+     * @return This builder for chaining.
+     */
+    public Builder clearTokenType() {
+      bitField0_ = (bitField0_ & ~0x00000004);
+      tokenType_ = 0;
+      onChanged();
+      return this;
+    }
+
     @java.lang.Override
     public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
       return super.setUnknownFields(unknownFields);