diff --git a/CHANGELOG.md b/CHANGELOG.md index b62a1b4e1..c58b1fbab 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +## Release (2026-xx-xx) + +- `serviceaccount`: [v0.5.0](services/serviceaccount/CHANGELOG.md#v050) + - **Feature:** add support for Federated Identity Providers + - new operations: `CreateFederatedIdentityProvider`, `DeleteServiceFederatedIdentityProvider`, `ListFederatedIdentityProviders`,`PartialUpdateServiceAccountFederatedIdentityProvider` + - new models: `CreateFederatedIdentityProviderPayload`, `CreateFederatedIdentityProviderPayloadAssertionsInner`, `CreateFederatedIdentityProviderResponse`, `CreateFederatedIdentityProviderResponseAssertionsInner`, `FederatedListFederatedIdentityProvidersResponse`, `PartialUpdateServiceAccountFederatedIdentityProviderPayload` + + ## Release (2026-02-18) - `ske`: [v1.6.0](services/ske/CHANGELOG.md#v160) diff --git a/services/serviceaccount/CHANGELOG.md b/services/serviceaccount/CHANGELOG.md index adcc09ca6..ef448afc6 100644 --- a/services/serviceaccount/CHANGELOG.md +++ b/services/serviceaccount/CHANGELOG.md @@ -1,3 +1,8 @@ +## v0.5.0 +- **Feature:** add support for Federated Identity Providers + - new operations: `CreateFederatedIdentityProvider`, `DeleteServiceFederatedIdentityProvider`, `ListFederatedIdentityProviders`,`PartialUpdateServiceAccountFederatedIdentityProvider` + - new models: `CreateFederatedIdentityProviderPayload`, `CreateFederatedIdentityProviderPayloadAssertionsInner`, `CreateFederatedIdentityProviderResponse`, `CreateFederatedIdentityProviderResponseAssertionsInner`, `FederatedListFederatedIdentityProvidersResponse`, `PartialUpdateServiceAccountFederatedIdentityProviderPayload` + ## v0.4.2 - **Bugfix:** Prevent year 0 timestamp issue diff --git a/services/serviceaccount/oas_commit b/services/serviceaccount/oas_commit new file mode 100644 index 000000000..a132a01fd --- /dev/null +++ b/services/serviceaccount/oas_commit @@ -0,0 +1 @@ +2590d9e04ed2c599864b96ceb02d77efa36e7b93 diff --git a/services/serviceaccount/pyproject.toml b/services/serviceaccount/pyproject.toml index bec0fd4be..ecb646069 100644 --- a/services/serviceaccount/pyproject.toml +++ b/services/serviceaccount/pyproject.toml @@ -3,7 +3,7 @@ name = "stackit-serviceaccount" [tool.poetry] name = "stackit-serviceaccount" -version = "v0.4.2" +version = "v0.5.0" authors = [ "STACKIT Developer Tools ", ] diff --git a/services/serviceaccount/src/stackit/serviceaccount/__init__.py b/services/serviceaccount/src/stackit/serviceaccount/__init__.py index ebb803453..b07d734ce 100644 --- a/services/serviceaccount/src/stackit/serviceaccount/__init__.py +++ b/services/serviceaccount/src/stackit/serviceaccount/__init__.py @@ -33,12 +33,17 @@ "AuthError", "AuthErrorError", "CreateAccessTokenPayload", + "CreateFederatedIdentityProviderPayload", + "CreateFederatedIdentityProviderPayloadAssertionsInner", + "CreateFederatedIdentityProviderResponse", + "CreateFederatedIdentityProviderResponseAssertionsInner", "CreateServiceAccountKeyPayload", "CreateServiceAccountKeyResponse", "CreateServiceAccountKeyResponseCredentials", "CreateServiceAccountPayload", "CreateShortLivedAccessTokenResponse", "Error", + "FederatedListFederatedIdentityProvidersResponse", "GetServiceAccountKeyResponse", "GetServiceAccountKeyResponseCredentials", "JWK", @@ -46,6 +51,7 @@ "ListAccessTokensResponse", "ListServiceAccountKeysResponse", "ListServiceAccountsResponse", + "PartialUpdateServiceAccountFederatedIdentityProviderPayload", "PartialUpdateServiceAccountKeyPayload", "PartialUpdateServiceAccountKeyResponse", "ServiceAccount", @@ -78,6 +84,18 @@ from stackit.serviceaccount.models.create_access_token_payload import ( CreateAccessTokenPayload as CreateAccessTokenPayload, ) +from stackit.serviceaccount.models.create_federated_identity_provider_payload import ( + CreateFederatedIdentityProviderPayload as CreateFederatedIdentityProviderPayload, +) +from stackit.serviceaccount.models.create_federated_identity_provider_payload_assertions_inner import ( + CreateFederatedIdentityProviderPayloadAssertionsInner as CreateFederatedIdentityProviderPayloadAssertionsInner, +) +from stackit.serviceaccount.models.create_federated_identity_provider_response import ( + CreateFederatedIdentityProviderResponse as CreateFederatedIdentityProviderResponse, +) +from stackit.serviceaccount.models.create_federated_identity_provider_response_assertions_inner import ( + CreateFederatedIdentityProviderResponseAssertionsInner as CreateFederatedIdentityProviderResponseAssertionsInner, +) from stackit.serviceaccount.models.create_service_account_key_payload import ( CreateServiceAccountKeyPayload as CreateServiceAccountKeyPayload, ) @@ -94,6 +112,9 @@ CreateShortLivedAccessTokenResponse as CreateShortLivedAccessTokenResponse, ) from stackit.serviceaccount.models.error import Error as Error +from stackit.serviceaccount.models.federated_list_federated_identity_providers_response import ( + FederatedListFederatedIdentityProvidersResponse as FederatedListFederatedIdentityProvidersResponse, +) from stackit.serviceaccount.models.get_service_account_key_response import ( GetServiceAccountKeyResponse as GetServiceAccountKeyResponse, ) @@ -111,6 +132,9 @@ from stackit.serviceaccount.models.list_service_accounts_response import ( ListServiceAccountsResponse as ListServiceAccountsResponse, ) +from stackit.serviceaccount.models.partial_update_service_account_federated_identity_provider_payload import ( + PartialUpdateServiceAccountFederatedIdentityProviderPayload as PartialUpdateServiceAccountFederatedIdentityProviderPayload, +) from stackit.serviceaccount.models.partial_update_service_account_key_payload import ( PartialUpdateServiceAccountKeyPayload as PartialUpdateServiceAccountKeyPayload, ) diff --git a/services/serviceaccount/src/stackit/serviceaccount/api/default_api.py b/services/serviceaccount/src/stackit/serviceaccount/api/default_api.py index 6a9f95810..5badda693 100644 --- a/services/serviceaccount/src/stackit/serviceaccount/api/default_api.py +++ b/services/serviceaccount/src/stackit/serviceaccount/api/default_api.py @@ -29,6 +29,12 @@ from stackit.serviceaccount.models.create_access_token_payload import ( CreateAccessTokenPayload, ) +from stackit.serviceaccount.models.create_federated_identity_provider_payload import ( + CreateFederatedIdentityProviderPayload, +) +from stackit.serviceaccount.models.create_federated_identity_provider_response import ( + CreateFederatedIdentityProviderResponse, +) from stackit.serviceaccount.models.create_service_account_key_payload import ( CreateServiceAccountKeyPayload, ) @@ -41,6 +47,9 @@ from stackit.serviceaccount.models.create_short_lived_access_token_response import ( CreateShortLivedAccessTokenResponse, ) +from stackit.serviceaccount.models.federated_list_federated_identity_providers_response import ( + FederatedListFederatedIdentityProvidersResponse, +) from stackit.serviceaccount.models.get_service_account_key_response import ( GetServiceAccountKeyResponse, ) @@ -54,6 +63,9 @@ from stackit.serviceaccount.models.list_service_accounts_response import ( ListServiceAccountsResponse, ) +from stackit.serviceaccount.models.partial_update_service_account_federated_identity_provider_payload import ( + PartialUpdateServiceAccountFederatedIdentityProviderPayload, +) from stackit.serviceaccount.models.partial_update_service_account_key_payload import ( PartialUpdateServiceAccountKeyPayload, ) @@ -362,6 +374,291 @@ def _create_access_token_serialize( _request_auth=_request_auth, ) + @validate_call + def create_federated_identity_provider( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + create_federated_identity_provider_payload: Annotated[ + Optional[CreateFederatedIdentityProviderPayload], Field(description="Federated identity provider request") + ] = None, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> CreateFederatedIdentityProviderResponse: + """Create a new Federated Identity Provider + + Federate the service account with an identity provider. + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param create_federated_identity_provider_payload: Federated identity provider request + :type create_federated_identity_provider_payload: CreateFederatedIdentityProviderPayload + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._create_federated_identity_provider_serialize( + project_id=project_id, + service_account_email=service_account_email, + create_federated_identity_provider_payload=create_federated_identity_provider_payload, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "201": "CreateFederatedIdentityProviderResponse", + "400": "Error", + "401": "AuthError", + "403": "Error", + "409": "Error", + "500": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ).data + + @validate_call + def create_federated_identity_provider_with_http_info( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + create_federated_identity_provider_payload: Annotated[ + Optional[CreateFederatedIdentityProviderPayload], Field(description="Federated identity provider request") + ] = None, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> ApiResponse[CreateFederatedIdentityProviderResponse]: + """Create a new Federated Identity Provider + + Federate the service account with an identity provider. + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param create_federated_identity_provider_payload: Federated identity provider request + :type create_federated_identity_provider_payload: CreateFederatedIdentityProviderPayload + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._create_federated_identity_provider_serialize( + project_id=project_id, + service_account_email=service_account_email, + create_federated_identity_provider_payload=create_federated_identity_provider_payload, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "201": "CreateFederatedIdentityProviderResponse", + "400": "Error", + "401": "AuthError", + "403": "Error", + "409": "Error", + "500": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ) + + @validate_call + def create_federated_identity_provider_without_preload_content( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + create_federated_identity_provider_payload: Annotated[ + Optional[CreateFederatedIdentityProviderPayload], Field(description="Federated identity provider request") + ] = None, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> RESTResponseType: + """Create a new Federated Identity Provider + + Federate the service account with an identity provider. + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param create_federated_identity_provider_payload: Federated identity provider request + :type create_federated_identity_provider_payload: CreateFederatedIdentityProviderPayload + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._create_federated_identity_provider_serialize( + project_id=project_id, + service_account_email=service_account_email, + create_federated_identity_provider_payload=create_federated_identity_provider_payload, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "201": "CreateFederatedIdentityProviderResponse", + "400": "Error", + "401": "AuthError", + "403": "Error", + "409": "Error", + "500": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + return response_data.response + + def _create_federated_identity_provider_serialize( + self, + project_id, + service_account_email, + create_federated_identity_provider_payload, + _request_auth, + _content_type, + _headers, + _host_index, + ) -> RequestSerialized: + + _host = None + + _collection_formats: Dict[str, str] = {} + + _path_params: Dict[str, str] = {} + _query_params: List[Tuple[str, str]] = [] + _header_params: Dict[str, Optional[str]] = _headers or {} + _form_params: List[Tuple[str, str]] = [] + _files: Dict[str, Union[str, bytes, List[str], List[bytes], List[Tuple[str, bytes]]]] = {} + _body_params: Optional[bytes] = None + + # process the path parameters + if project_id is not None: + _path_params["projectId"] = project_id + if service_account_email is not None: + _path_params["serviceAccountEmail"] = service_account_email + # process the query parameters + # process the header parameters + # process the form parameters + # process the body parameter + if create_federated_identity_provider_payload is not None: + _body_params = create_federated_identity_provider_payload + + # set the HTTP header `Accept` + if "Accept" not in _header_params: + _header_params["Accept"] = self.api_client.select_header_accept(["application/json"]) + + # set the HTTP header `Content-Type` + if _content_type: + _header_params["Content-Type"] = _content_type + else: + _default_content_type = self.api_client.select_header_content_type(["application/json"]) + if _default_content_type is not None: + _header_params["Content-Type"] = _default_content_type + + # authentication setting + _auth_settings: List[str] = [] + + return self.api_client.param_serialize( + method="POST", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/federations", + path_params=_path_params, + query_params=_query_params, + header_params=_header_params, + body=_body_params, + post_params=_form_params, + files=_files, + auth_settings=_auth_settings, + collection_formats=_collection_formats, + _host=_host, + _request_auth=_request_auth, + ) + @validate_call def create_service_account( self, @@ -2016,9 +2313,11 @@ def _delete_service_account_key_serialize( ) @validate_call - def get_jwks( + def delete_service_federated_identity_provider( self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + federation_id: Annotated[StrictStr, Field(description="ID of the Federated Identity Provider.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2028,12 +2327,278 @@ def get_jwks( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> JWKS: - """Get JSON Web Key set of the service account + ) -> None: + """Delete a service account Federated Identity Provider - Get JSON Web Key set of the service account + Delete a Federated Identity Provider - :param service_account_email: The email of the service account. (required) + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param federation_id: ID of the Federated Identity Provider. (required) + :type federation_id: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._delete_service_federated_identity_provider_serialize( + project_id=project_id, + service_account_email=service_account_email, + federation_id=federation_id, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "204": None, + "400": "Error", + "401": "AuthError", + "403": "AuthError", + "500": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ).data + + @validate_call + def delete_service_federated_identity_provider_with_http_info( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + federation_id: Annotated[StrictStr, Field(description="ID of the Federated Identity Provider.")], + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> ApiResponse[None]: + """Delete a service account Federated Identity Provider + + Delete a Federated Identity Provider + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param federation_id: ID of the Federated Identity Provider. (required) + :type federation_id: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._delete_service_federated_identity_provider_serialize( + project_id=project_id, + service_account_email=service_account_email, + federation_id=federation_id, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "204": None, + "400": "Error", + "401": "AuthError", + "403": "AuthError", + "500": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ) + + @validate_call + def delete_service_federated_identity_provider_without_preload_content( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + federation_id: Annotated[StrictStr, Field(description="ID of the Federated Identity Provider.")], + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> RESTResponseType: + """Delete a service account Federated Identity Provider + + Delete a Federated Identity Provider + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param federation_id: ID of the Federated Identity Provider. (required) + :type federation_id: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._delete_service_federated_identity_provider_serialize( + project_id=project_id, + service_account_email=service_account_email, + federation_id=federation_id, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "204": None, + "400": "Error", + "401": "AuthError", + "403": "AuthError", + "500": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + return response_data.response + + def _delete_service_federated_identity_provider_serialize( + self, + project_id, + service_account_email, + federation_id, + _request_auth, + _content_type, + _headers, + _host_index, + ) -> RequestSerialized: + + _host = None + + _collection_formats: Dict[str, str] = {} + + _path_params: Dict[str, str] = {} + _query_params: List[Tuple[str, str]] = [] + _header_params: Dict[str, Optional[str]] = _headers or {} + _form_params: List[Tuple[str, str]] = [] + _files: Dict[str, Union[str, bytes, List[str], List[bytes], List[Tuple[str, bytes]]]] = {} + _body_params: Optional[bytes] = None + + # process the path parameters + if project_id is not None: + _path_params["projectId"] = project_id + if service_account_email is not None: + _path_params["serviceAccountEmail"] = service_account_email + if federation_id is not None: + _path_params["federationId"] = federation_id + # process the query parameters + # process the header parameters + # process the form parameters + # process the body parameter + + # set the HTTP header `Accept` + if "Accept" not in _header_params: + _header_params["Accept"] = self.api_client.select_header_accept(["application/json"]) + + # authentication setting + _auth_settings: List[str] = [] + + return self.api_client.param_serialize( + method="DELETE", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/federations/{federationId}", + path_params=_path_params, + query_params=_query_params, + header_params=_header_params, + body=_body_params, + post_params=_form_params, + files=_files, + auth_settings=_auth_settings, + collection_formats=_collection_formats, + _host=_host, + _request_auth=_request_auth, + ) + + @validate_call + def get_jwks( + self, + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> JWKS: + """Get JSON Web Key set of the service account + + Get JSON Web Key set of the service account + + :param service_account_email: The email of the service account. (required) :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request @@ -2126,7 +2691,531 @@ def get_jwks_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "JWKS", + "200": "JWKS", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ) + + @validate_call + def get_jwks_without_preload_content( + self, + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> RESTResponseType: + """Get JSON Web Key set of the service account + + Get JSON Web Key set of the service account + + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._get_jwks_serialize( + service_account_email=service_account_email, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "200": "JWKS", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + return response_data.response + + def _get_jwks_serialize( + self, + service_account_email, + _request_auth, + _content_type, + _headers, + _host_index, + ) -> RequestSerialized: + + _host = None + + _collection_formats: Dict[str, str] = {} + + _path_params: Dict[str, str] = {} + _query_params: List[Tuple[str, str]] = [] + _header_params: Dict[str, Optional[str]] = _headers or {} + _form_params: List[Tuple[str, str]] = [] + _files: Dict[str, Union[str, bytes, List[str], List[bytes], List[Tuple[str, bytes]]]] = {} + _body_params: Optional[bytes] = None + + # process the path parameters + if service_account_email is not None: + _path_params["serviceAccountEmail"] = service_account_email + # process the query parameters + # process the header parameters + # process the form parameters + # process the body parameter + + # set the HTTP header `Accept` + if "Accept" not in _header_params: + _header_params["Accept"] = self.api_client.select_header_accept(["application/json"]) + + # authentication setting + _auth_settings: List[str] = [] + + return self.api_client.param_serialize( + method="GET", + resource_path="/v2/service-accounts/public/jwk/{serviceAccountEmail}", + path_params=_path_params, + query_params=_query_params, + header_params=_header_params, + body=_body_params, + post_params=_form_params, + files=_files, + auth_settings=_auth_settings, + collection_formats=_collection_formats, + _host=_host, + _request_auth=_request_auth, + ) + + @validate_call + def get_service_account_key( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + key_id: Annotated[StrictStr, Field(description="ID of the key.")], + format: Annotated[Optional[StrictStr], Field(description="Requested format for the public key")] = None, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> GetServiceAccountKeyResponse: + """Get service account key details + + Get key details + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param key_id: ID of the key. (required) + :type key_id: str + :param format: Requested format for the public key + :type format: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._get_service_account_key_serialize( + project_id=project_id, + service_account_email=service_account_email, + key_id=key_id, + format=format, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "200": "GetServiceAccountKeyResponse", + "400": "Error", + "401": "AuthError", + "403": "AuthError", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ).data + + @validate_call + def get_service_account_key_with_http_info( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + key_id: Annotated[StrictStr, Field(description="ID of the key.")], + format: Annotated[Optional[StrictStr], Field(description="Requested format for the public key")] = None, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> ApiResponse[GetServiceAccountKeyResponse]: + """Get service account key details + + Get key details + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param key_id: ID of the key. (required) + :type key_id: str + :param format: Requested format for the public key + :type format: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._get_service_account_key_serialize( + project_id=project_id, + service_account_email=service_account_email, + key_id=key_id, + format=format, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "200": "GetServiceAccountKeyResponse", + "400": "Error", + "401": "AuthError", + "403": "AuthError", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ) + + @validate_call + def get_service_account_key_without_preload_content( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + key_id: Annotated[StrictStr, Field(description="ID of the key.")], + format: Annotated[Optional[StrictStr], Field(description="Requested format for the public key")] = None, + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> RESTResponseType: + """Get service account key details + + Get key details + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param key_id: ID of the key. (required) + :type key_id: str + :param format: Requested format for the public key + :type format: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._get_service_account_key_serialize( + project_id=project_id, + service_account_email=service_account_email, + key_id=key_id, + format=format, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "200": "GetServiceAccountKeyResponse", + "400": "Error", + "401": "AuthError", + "403": "AuthError", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + return response_data.response + + def _get_service_account_key_serialize( + self, + project_id, + service_account_email, + key_id, + format, + _request_auth, + _content_type, + _headers, + _host_index, + ) -> RequestSerialized: + + _host = None + + _collection_formats: Dict[str, str] = {} + + _path_params: Dict[str, str] = {} + _query_params: List[Tuple[str, str]] = [] + _header_params: Dict[str, Optional[str]] = _headers or {} + _form_params: List[Tuple[str, str]] = [] + _files: Dict[str, Union[str, bytes, List[str], List[bytes], List[Tuple[str, bytes]]]] = {} + _body_params: Optional[bytes] = None + + # process the path parameters + if project_id is not None: + _path_params["projectId"] = project_id + if service_account_email is not None: + _path_params["serviceAccountEmail"] = service_account_email + if key_id is not None: + _path_params["keyId"] = key_id + # process the query parameters + if format is not None: + + _query_params.append(("format", format)) + + # process the header parameters + # process the form parameters + # process the body parameter + + # set the HTTP header `Accept` + if "Accept" not in _header_params: + _header_params["Accept"] = self.api_client.select_header_accept(["application/json"]) + + # authentication setting + _auth_settings: List[str] = [] + + return self.api_client.param_serialize( + method="GET", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/keys/{keyId}", + path_params=_path_params, + query_params=_query_params, + header_params=_header_params, + body=_body_params, + post_params=_form_params, + files=_files, + auth_settings=_auth_settings, + collection_formats=_collection_formats, + _host=_host, + _request_auth=_request_auth, + ) + + @validate_call + def list_access_tokens( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the Service Account.")], + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> ListAccessTokensResponse: + """List Access Tokens of Service Account + + Get all Access Tokens of a Service Account. The token itself is not returned, only the metadata about the access tokens. Access tokens are listed until they are expired. Revoked tokens are returned until expired. + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the Service Account. (required) + :type service_account_email: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._list_access_tokens_serialize( + project_id=project_id, + service_account_email=service_account_email, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "200": "ListAccessTokensResponse", + "400": "Error", + "401": "AuthError", + "403": "Error", + "404": "Error", + } + response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) + response_data.read() + return self.api_client.response_deserialize( + response_data=response_data, + response_types_map=_response_types_map, + ).data + + @validate_call + def list_access_tokens_with_http_info( + self, + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the Service Account.")], + _request_timeout: Union[ + None, + Annotated[StrictFloat, Field(gt=0)], + Tuple[Annotated[StrictFloat, Field(gt=0)], Annotated[StrictFloat, Field(gt=0)]], + ] = None, + _request_auth: Optional[Dict[StrictStr, Any]] = None, + _content_type: Optional[StrictStr] = None, + _headers: Optional[Dict[StrictStr, Any]] = None, + _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, + ) -> ApiResponse[ListAccessTokensResponse]: + """List Access Tokens of Service Account + + Get all Access Tokens of a Service Account. The token itself is not returned, only the metadata about the access tokens. Access tokens are listed until they are expired. Revoked tokens are returned until expired. + + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the Service Account. (required) + :type service_account_email: str + :param _request_timeout: timeout setting for this request. If one + number provided, it will be total request + timeout. It can also be a pair (tuple) of + (connection, read) timeouts. + :type _request_timeout: int, tuple(int, int), optional + :param _request_auth: set to override the auth_settings for an a single + request; this effectively ignores the + authentication in the spec for a single request. + :type _request_auth: dict, optional + :param _content_type: force content-type for the request. + :type _content_type: str, Optional + :param _headers: set to override the headers for a single + request; this effectively ignores the headers + in the spec for a single request. + :type _headers: dict, optional + :param _host_index: set to override the host_index for a single + request; this effectively ignores the host_index + in the spec for a single request. + :type _host_index: int, optional + :return: Returns the result object. + """ # noqa: E501 + + _param = self._list_access_tokens_serialize( + project_id=project_id, + service_account_email=service_account_email, + _request_auth=_request_auth, + _content_type=_content_type, + _headers=_headers, + _host_index=_host_index, + ) + + _response_types_map: Dict[str, Optional[str]] = { + "200": "ListAccessTokensResponse", + "400": "Error", + "401": "AuthError", + "403": "Error", + "404": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -2136,9 +3225,10 @@ def get_jwks_with_http_info( ) @validate_call - def get_jwks_without_preload_content( + def list_access_tokens_without_preload_content( self, - service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the Service Account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2149,11 +3239,13 @@ def get_jwks_without_preload_content( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> RESTResponseType: - """Get JSON Web Key set of the service account + """List Access Tokens of Service Account - Get JSON Web Key set of the service account + Get all Access Tokens of a Service Account. The token itself is not returned, only the metadata about the access tokens. Access tokens are listed until they are expired. Revoked tokens are returned until expired. - :param service_account_email: The email of the service account. (required) + :param project_id: The ID of the project. (required) + :type project_id: str + :param service_account_email: The email of the Service Account. (required) :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request @@ -2177,7 +3269,8 @@ def get_jwks_without_preload_content( :return: Returns the result object. """ # noqa: E501 - _param = self._get_jwks_serialize( + _param = self._list_access_tokens_serialize( + project_id=project_id, service_account_email=service_account_email, _request_auth=_request_auth, _content_type=_content_type, @@ -2186,13 +3279,18 @@ def get_jwks_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "JWKS", + "200": "ListAccessTokensResponse", + "400": "Error", + "401": "AuthError", + "403": "Error", + "404": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) return response_data.response - def _get_jwks_serialize( + def _list_access_tokens_serialize( self, + project_id, service_account_email, _request_auth, _content_type, @@ -2212,6 +3310,8 @@ def _get_jwks_serialize( _body_params: Optional[bytes] = None # process the path parameters + if project_id is not None: + _path_params["projectId"] = project_id if service_account_email is not None: _path_params["serviceAccountEmail"] = service_account_email # process the query parameters @@ -2228,7 +3328,7 @@ def _get_jwks_serialize( return self.api_client.param_serialize( method="GET", - resource_path="/v2/service-accounts/public/jwk/{serviceAccountEmail}", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/access-tokens", path_params=_path_params, query_params=_query_params, header_params=_header_params, @@ -2242,12 +3342,10 @@ def _get_jwks_serialize( ) @validate_call - def get_service_account_key( + def list_federated_identity_providers( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], - key_id: Annotated[StrictStr, Field(description="ID of the key.")], - format: Annotated[Optional[StrictStr], Field(description="Requested format for the public key")] = None, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2257,19 +3355,15 @@ def get_service_account_key( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> GetServiceAccountKeyResponse: - """Get service account key details + ) -> FederatedListFederatedIdentityProvidersResponse: + """List all federated identity providers - Get key details + List all the identity providers the service account is federated with. :param project_id: The ID of the project. (required) :type project_id: str :param service_account_email: The email of the service account. (required) :type service_account_email: str - :param key_id: ID of the key. (required) - :type key_id: str - :param format: Requested format for the public key - :type format: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -2292,11 +3386,9 @@ def get_service_account_key( :return: Returns the result object. """ # noqa: E501 - _param = self._get_service_account_key_serialize( + _param = self._list_federated_identity_providers_serialize( project_id=project_id, service_account_email=service_account_email, - key_id=key_id, - format=format, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -2304,10 +3396,11 @@ def get_service_account_key( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "GetServiceAccountKeyResponse", + "200": "FederatedListFederatedIdentityProvidersResponse", "400": "Error", "401": "AuthError", "403": "AuthError", + "500": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -2317,12 +3410,10 @@ def get_service_account_key( ).data @validate_call - def get_service_account_key_with_http_info( + def list_federated_identity_providers_with_http_info( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], - key_id: Annotated[StrictStr, Field(description="ID of the key.")], - format: Annotated[Optional[StrictStr], Field(description="Requested format for the public key")] = None, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2332,19 +3423,15 @@ def get_service_account_key_with_http_info( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ApiResponse[GetServiceAccountKeyResponse]: - """Get service account key details + ) -> ApiResponse[FederatedListFederatedIdentityProvidersResponse]: + """List all federated identity providers - Get key details + List all the identity providers the service account is federated with. :param project_id: The ID of the project. (required) :type project_id: str :param service_account_email: The email of the service account. (required) :type service_account_email: str - :param key_id: ID of the key. (required) - :type key_id: str - :param format: Requested format for the public key - :type format: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -2367,11 +3454,9 @@ def get_service_account_key_with_http_info( :return: Returns the result object. """ # noqa: E501 - _param = self._get_service_account_key_serialize( + _param = self._list_federated_identity_providers_serialize( project_id=project_id, service_account_email=service_account_email, - key_id=key_id, - format=format, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -2379,10 +3464,11 @@ def get_service_account_key_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "GetServiceAccountKeyResponse", + "200": "FederatedListFederatedIdentityProvidersResponse", "400": "Error", "401": "AuthError", "403": "AuthError", + "500": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -2392,12 +3478,10 @@ def get_service_account_key_with_http_info( ) @validate_call - def get_service_account_key_without_preload_content( + def list_federated_identity_providers_without_preload_content( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], - key_id: Annotated[StrictStr, Field(description="ID of the key.")], - format: Annotated[Optional[StrictStr], Field(description="Requested format for the public key")] = None, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2408,18 +3492,14 @@ def get_service_account_key_without_preload_content( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> RESTResponseType: - """Get service account key details + """List all federated identity providers - Get key details + List all the identity providers the service account is federated with. :param project_id: The ID of the project. (required) :type project_id: str :param service_account_email: The email of the service account. (required) :type service_account_email: str - :param key_id: ID of the key. (required) - :type key_id: str - :param format: Requested format for the public key - :type format: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -2442,11 +3522,9 @@ def get_service_account_key_without_preload_content( :return: Returns the result object. """ # noqa: E501 - _param = self._get_service_account_key_serialize( + _param = self._list_federated_identity_providers_serialize( project_id=project_id, service_account_email=service_account_email, - key_id=key_id, - format=format, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -2454,20 +3532,19 @@ def get_service_account_key_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "GetServiceAccountKeyResponse", + "200": "FederatedListFederatedIdentityProvidersResponse", "400": "Error", "401": "AuthError", "403": "AuthError", + "500": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) return response_data.response - def _get_service_account_key_serialize( + def _list_federated_identity_providers_serialize( self, project_id, service_account_email, - key_id, - format, _request_auth, _content_type, _headers, @@ -2490,13 +3567,7 @@ def _get_service_account_key_serialize( _path_params["projectId"] = project_id if service_account_email is not None: _path_params["serviceAccountEmail"] = service_account_email - if key_id is not None: - _path_params["keyId"] = key_id # process the query parameters - if format is not None: - - _query_params.append(("format", format)) - # process the header parameters # process the form parameters # process the body parameter @@ -2510,7 +3581,7 @@ def _get_service_account_key_serialize( return self.api_client.param_serialize( method="GET", - resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/keys/{keyId}", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/federations", path_params=_path_params, query_params=_query_params, header_params=_header_params, @@ -2524,10 +3595,10 @@ def _get_service_account_key_serialize( ) @validate_call - def list_access_tokens( + def list_service_account_keys( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], - service_account_email: Annotated[StrictStr, Field(description="The email of the Service Account.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2537,14 +3608,14 @@ def list_access_tokens( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ListAccessTokensResponse: - """List Access Tokens of Service Account + ) -> ListServiceAccountKeysResponse: + """List all keys that belong to the service account - Get all Access Tokens of a Service Account. The token itself is not returned, only the metadata about the access tokens. Access tokens are listed until they are expired. Revoked tokens are returned until expired. + List all keys that belong to the service account :param project_id: The ID of the project. (required) :type project_id: str - :param service_account_email: The email of the Service Account. (required) + :param service_account_email: The email of the service account. (required) :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request @@ -2568,7 +3639,7 @@ def list_access_tokens( :return: Returns the result object. """ # noqa: E501 - _param = self._list_access_tokens_serialize( + _param = self._list_service_account_keys_serialize( project_id=project_id, service_account_email=service_account_email, _request_auth=_request_auth, @@ -2578,11 +3649,10 @@ def list_access_tokens( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListAccessTokensResponse", + "200": "ListServiceAccountKeysResponse", "400": "Error", "401": "AuthError", - "403": "Error", - "404": "Error", + "403": "AuthError", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -2592,10 +3662,10 @@ def list_access_tokens( ).data @validate_call - def list_access_tokens_with_http_info( + def list_service_account_keys_with_http_info( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], - service_account_email: Annotated[StrictStr, Field(description="The email of the Service Account.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2605,14 +3675,14 @@ def list_access_tokens_with_http_info( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ApiResponse[ListAccessTokensResponse]: - """List Access Tokens of Service Account + ) -> ApiResponse[ListServiceAccountKeysResponse]: + """List all keys that belong to the service account - Get all Access Tokens of a Service Account. The token itself is not returned, only the metadata about the access tokens. Access tokens are listed until they are expired. Revoked tokens are returned until expired. + List all keys that belong to the service account :param project_id: The ID of the project. (required) :type project_id: str - :param service_account_email: The email of the Service Account. (required) + :param service_account_email: The email of the service account. (required) :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request @@ -2636,7 +3706,7 @@ def list_access_tokens_with_http_info( :return: Returns the result object. """ # noqa: E501 - _param = self._list_access_tokens_serialize( + _param = self._list_service_account_keys_serialize( project_id=project_id, service_account_email=service_account_email, _request_auth=_request_auth, @@ -2646,11 +3716,10 @@ def list_access_tokens_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListAccessTokensResponse", + "200": "ListServiceAccountKeysResponse", "400": "Error", "401": "AuthError", - "403": "Error", - "404": "Error", + "403": "AuthError", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -2660,10 +3729,10 @@ def list_access_tokens_with_http_info( ) @validate_call - def list_access_tokens_without_preload_content( + def list_service_account_keys_without_preload_content( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], - service_account_email: Annotated[StrictStr, Field(description="The email of the Service Account.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2674,13 +3743,13 @@ def list_access_tokens_without_preload_content( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> RESTResponseType: - """List Access Tokens of Service Account + """List all keys that belong to the service account - Get all Access Tokens of a Service Account. The token itself is not returned, only the metadata about the access tokens. Access tokens are listed until they are expired. Revoked tokens are returned until expired. + List all keys that belong to the service account :param project_id: The ID of the project. (required) :type project_id: str - :param service_account_email: The email of the Service Account. (required) + :param service_account_email: The email of the service account. (required) :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request @@ -2704,7 +3773,7 @@ def list_access_tokens_without_preload_content( :return: Returns the result object. """ # noqa: E501 - _param = self._list_access_tokens_serialize( + _param = self._list_service_account_keys_serialize( project_id=project_id, service_account_email=service_account_email, _request_auth=_request_auth, @@ -2714,16 +3783,15 @@ def list_access_tokens_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListAccessTokensResponse", + "200": "ListServiceAccountKeysResponse", "400": "Error", "401": "AuthError", - "403": "Error", - "404": "Error", + "403": "AuthError", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) return response_data.response - def _list_access_tokens_serialize( + def _list_service_account_keys_serialize( self, project_id, service_account_email, @@ -2763,7 +3831,7 @@ def _list_access_tokens_serialize( return self.api_client.param_serialize( method="GET", - resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/access-tokens", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/keys", path_params=_path_params, query_params=_query_params, header_params=_header_params, @@ -2777,10 +3845,9 @@ def _list_access_tokens_serialize( ) @validate_call - def list_service_account_keys( + def list_service_accounts( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], - service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2790,15 +3857,13 @@ def list_service_account_keys( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ListServiceAccountKeysResponse: - """List all keys that belong to the service account + ) -> ListServiceAccountsResponse: + """List all Service Accounts - List all keys that belong to the service account + List all Service Account resources in a project. Returns the service account resources, not the service accounts that has access to the project. :param project_id: The ID of the project. (required) :type project_id: str - :param service_account_email: The email of the service account. (required) - :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -2821,9 +3886,8 @@ def list_service_account_keys( :return: Returns the result object. """ # noqa: E501 - _param = self._list_service_account_keys_serialize( + _param = self._list_service_accounts_serialize( project_id=project_id, - service_account_email=service_account_email, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -2831,7 +3895,7 @@ def list_service_account_keys( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListServiceAccountKeysResponse", + "200": "ListServiceAccountsResponse", "400": "Error", "401": "AuthError", "403": "AuthError", @@ -2844,10 +3908,9 @@ def list_service_account_keys( ).data @validate_call - def list_service_account_keys_with_http_info( + def list_service_accounts_with_http_info( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], - service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2857,15 +3920,13 @@ def list_service_account_keys_with_http_info( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ApiResponse[ListServiceAccountKeysResponse]: - """List all keys that belong to the service account + ) -> ApiResponse[ListServiceAccountsResponse]: + """List all Service Accounts - List all keys that belong to the service account + List all Service Account resources in a project. Returns the service account resources, not the service accounts that has access to the project. :param project_id: The ID of the project. (required) :type project_id: str - :param service_account_email: The email of the service account. (required) - :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -2888,9 +3949,8 @@ def list_service_account_keys_with_http_info( :return: Returns the result object. """ # noqa: E501 - _param = self._list_service_account_keys_serialize( + _param = self._list_service_accounts_serialize( project_id=project_id, - service_account_email=service_account_email, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -2898,7 +3958,7 @@ def list_service_account_keys_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListServiceAccountKeysResponse", + "200": "ListServiceAccountsResponse", "400": "Error", "401": "AuthError", "403": "AuthError", @@ -2911,10 +3971,9 @@ def list_service_account_keys_with_http_info( ) @validate_call - def list_service_account_keys_without_preload_content( + def list_service_accounts_without_preload_content( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], - service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -2925,14 +3984,12 @@ def list_service_account_keys_without_preload_content( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> RESTResponseType: - """List all keys that belong to the service account + """List all Service Accounts - List all keys that belong to the service account + List all Service Account resources in a project. Returns the service account resources, not the service accounts that has access to the project. :param project_id: The ID of the project. (required) :type project_id: str - :param service_account_email: The email of the service account. (required) - :type service_account_email: str :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -2955,9 +4012,8 @@ def list_service_account_keys_without_preload_content( :return: Returns the result object. """ # noqa: E501 - _param = self._list_service_account_keys_serialize( + _param = self._list_service_accounts_serialize( project_id=project_id, - service_account_email=service_account_email, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -2965,7 +4021,7 @@ def list_service_account_keys_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListServiceAccountKeysResponse", + "200": "ListServiceAccountsResponse", "400": "Error", "401": "AuthError", "403": "AuthError", @@ -2973,10 +4029,9 @@ def list_service_account_keys_without_preload_content( response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) return response_data.response - def _list_service_account_keys_serialize( + def _list_service_accounts_serialize( self, project_id, - service_account_email, _request_auth, _content_type, _headers, @@ -2997,8 +4052,6 @@ def _list_service_account_keys_serialize( # process the path parameters if project_id is not None: _path_params["projectId"] = project_id - if service_account_email is not None: - _path_params["serviceAccountEmail"] = service_account_email # process the query parameters # process the header parameters # process the form parameters @@ -3013,7 +4066,7 @@ def _list_service_account_keys_serialize( return self.api_client.param_serialize( method="GET", - resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/keys", + resource_path="/v2/projects/{projectId}/service-accounts", path_params=_path_params, query_params=_query_params, header_params=_header_params, @@ -3027,9 +4080,15 @@ def _list_service_account_keys_serialize( ) @validate_call - def list_service_accounts( + def partial_update_service_account_federated_identity_provider( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + federation_id: Annotated[StrictStr, Field(description="ID of the Federated Identity Provider.")], + partial_update_service_account_federated_identity_provider_payload: Annotated[ + Optional[PartialUpdateServiceAccountFederatedIdentityProviderPayload], + Field(description="Delete a Federated Identity Provider"), + ] = None, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -3039,13 +4098,19 @@ def list_service_accounts( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ListServiceAccountsResponse: - """List all Service Accounts + ) -> CreateFederatedIdentityProviderResponse: + """Update Service Account Federated Identity Provider - List all Service Account resources in a project. Returns the service account resources, not the service accounts that has access to the project. + Update a Federated Identity Provider. :param project_id: The ID of the project. (required) :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param federation_id: ID of the Federated Identity Provider. (required) + :type federation_id: str + :param partial_update_service_account_federated_identity_provider_payload: Delete a Federated Identity Provider + :type partial_update_service_account_federated_identity_provider_payload: PartialUpdateServiceAccountFederatedIdentityProviderPayload :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -3068,8 +4133,11 @@ def list_service_accounts( :return: Returns the result object. """ # noqa: E501 - _param = self._list_service_accounts_serialize( + _param = self._partial_update_service_account_federated_identity_provider_serialize( project_id=project_id, + service_account_email=service_account_email, + federation_id=federation_id, + partial_update_service_account_federated_identity_provider_payload=partial_update_service_account_federated_identity_provider_payload, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -3077,10 +4145,12 @@ def list_service_accounts( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListServiceAccountsResponse", + "200": "CreateFederatedIdentityProviderResponse", "400": "Error", "401": "AuthError", - "403": "AuthError", + "403": "Error", + "409": "Error", + "500": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -3090,9 +4160,15 @@ def list_service_accounts( ).data @validate_call - def list_service_accounts_with_http_info( + def partial_update_service_account_federated_identity_provider_with_http_info( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + federation_id: Annotated[StrictStr, Field(description="ID of the Federated Identity Provider.")], + partial_update_service_account_federated_identity_provider_payload: Annotated[ + Optional[PartialUpdateServiceAccountFederatedIdentityProviderPayload], + Field(description="Delete a Federated Identity Provider"), + ] = None, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -3102,13 +4178,19 @@ def list_service_accounts_with_http_info( _content_type: Optional[StrictStr] = None, _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, - ) -> ApiResponse[ListServiceAccountsResponse]: - """List all Service Accounts + ) -> ApiResponse[CreateFederatedIdentityProviderResponse]: + """Update Service Account Federated Identity Provider - List all Service Account resources in a project. Returns the service account resources, not the service accounts that has access to the project. + Update a Federated Identity Provider. :param project_id: The ID of the project. (required) :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param federation_id: ID of the Federated Identity Provider. (required) + :type federation_id: str + :param partial_update_service_account_federated_identity_provider_payload: Delete a Federated Identity Provider + :type partial_update_service_account_federated_identity_provider_payload: PartialUpdateServiceAccountFederatedIdentityProviderPayload :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -3131,8 +4213,11 @@ def list_service_accounts_with_http_info( :return: Returns the result object. """ # noqa: E501 - _param = self._list_service_accounts_serialize( + _param = self._partial_update_service_account_federated_identity_provider_serialize( project_id=project_id, + service_account_email=service_account_email, + federation_id=federation_id, + partial_update_service_account_federated_identity_provider_payload=partial_update_service_account_federated_identity_provider_payload, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -3140,10 +4225,12 @@ def list_service_accounts_with_http_info( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListServiceAccountsResponse", + "200": "CreateFederatedIdentityProviderResponse", "400": "Error", "401": "AuthError", - "403": "AuthError", + "403": "Error", + "409": "Error", + "500": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) response_data.read() @@ -3153,9 +4240,15 @@ def list_service_accounts_with_http_info( ) @validate_call - def list_service_accounts_without_preload_content( + def partial_update_service_account_federated_identity_provider_without_preload_content( self, project_id: Annotated[StrictStr, Field(description="The ID of the project.")], + service_account_email: Annotated[StrictStr, Field(description="The email of the service account.")], + federation_id: Annotated[StrictStr, Field(description="ID of the Federated Identity Provider.")], + partial_update_service_account_federated_identity_provider_payload: Annotated[ + Optional[PartialUpdateServiceAccountFederatedIdentityProviderPayload], + Field(description="Delete a Federated Identity Provider"), + ] = None, _request_timeout: Union[ None, Annotated[StrictFloat, Field(gt=0)], @@ -3166,12 +4259,18 @@ def list_service_accounts_without_preload_content( _headers: Optional[Dict[StrictStr, Any]] = None, _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0, ) -> RESTResponseType: - """List all Service Accounts + """Update Service Account Federated Identity Provider - List all Service Account resources in a project. Returns the service account resources, not the service accounts that has access to the project. + Update a Federated Identity Provider. :param project_id: The ID of the project. (required) :type project_id: str + :param service_account_email: The email of the service account. (required) + :type service_account_email: str + :param federation_id: ID of the Federated Identity Provider. (required) + :type federation_id: str + :param partial_update_service_account_federated_identity_provider_payload: Delete a Federated Identity Provider + :type partial_update_service_account_federated_identity_provider_payload: PartialUpdateServiceAccountFederatedIdentityProviderPayload :param _request_timeout: timeout setting for this request. If one number provided, it will be total request timeout. It can also be a pair (tuple) of @@ -3194,8 +4293,11 @@ def list_service_accounts_without_preload_content( :return: Returns the result object. """ # noqa: E501 - _param = self._list_service_accounts_serialize( + _param = self._partial_update_service_account_federated_identity_provider_serialize( project_id=project_id, + service_account_email=service_account_email, + federation_id=federation_id, + partial_update_service_account_federated_identity_provider_payload=partial_update_service_account_federated_identity_provider_payload, _request_auth=_request_auth, _content_type=_content_type, _headers=_headers, @@ -3203,17 +4305,22 @@ def list_service_accounts_without_preload_content( ) _response_types_map: Dict[str, Optional[str]] = { - "200": "ListServiceAccountsResponse", + "200": "CreateFederatedIdentityProviderResponse", "400": "Error", "401": "AuthError", - "403": "AuthError", + "403": "Error", + "409": "Error", + "500": "Error", } response_data = self.api_client.call_api(*_param, _request_timeout=_request_timeout) return response_data.response - def _list_service_accounts_serialize( + def _partial_update_service_account_federated_identity_provider_serialize( self, project_id, + service_account_email, + federation_id, + partial_update_service_account_federated_identity_provider_payload, _request_auth, _content_type, _headers, @@ -3234,21 +4341,35 @@ def _list_service_accounts_serialize( # process the path parameters if project_id is not None: _path_params["projectId"] = project_id + if service_account_email is not None: + _path_params["serviceAccountEmail"] = service_account_email + if federation_id is not None: + _path_params["federationId"] = federation_id # process the query parameters # process the header parameters # process the form parameters # process the body parameter + if partial_update_service_account_federated_identity_provider_payload is not None: + _body_params = partial_update_service_account_federated_identity_provider_payload # set the HTTP header `Accept` if "Accept" not in _header_params: _header_params["Accept"] = self.api_client.select_header_accept(["application/json"]) + # set the HTTP header `Content-Type` + if _content_type: + _header_params["Content-Type"] = _content_type + else: + _default_content_type = self.api_client.select_header_content_type(["application/json"]) + if _default_content_type is not None: + _header_params["Content-Type"] = _default_content_type + # authentication setting _auth_settings: List[str] = [] return self.api_client.param_serialize( - method="GET", - resource_path="/v2/projects/{projectId}/service-accounts", + method="PATCH", + resource_path="/v2/projects/{projectId}/service-accounts/{serviceAccountEmail}/federations/{federationId}", path_params=_path_params, query_params=_query_params, header_params=_header_params, diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/__init__.py b/services/serviceaccount/src/stackit/serviceaccount/models/__init__.py index 5fff0f6a2..6326003fd 100644 --- a/services/serviceaccount/src/stackit/serviceaccount/models/__init__.py +++ b/services/serviceaccount/src/stackit/serviceaccount/models/__init__.py @@ -21,6 +21,18 @@ from stackit.serviceaccount.models.create_access_token_payload import ( CreateAccessTokenPayload, ) +from stackit.serviceaccount.models.create_federated_identity_provider_payload import ( + CreateFederatedIdentityProviderPayload, +) +from stackit.serviceaccount.models.create_federated_identity_provider_payload_assertions_inner import ( + CreateFederatedIdentityProviderPayloadAssertionsInner, +) +from stackit.serviceaccount.models.create_federated_identity_provider_response import ( + CreateFederatedIdentityProviderResponse, +) +from stackit.serviceaccount.models.create_federated_identity_provider_response_assertions_inner import ( + CreateFederatedIdentityProviderResponseAssertionsInner, +) from stackit.serviceaccount.models.create_service_account_key_payload import ( CreateServiceAccountKeyPayload, ) @@ -37,6 +49,9 @@ CreateShortLivedAccessTokenResponse, ) from stackit.serviceaccount.models.error import Error +from stackit.serviceaccount.models.federated_list_federated_identity_providers_response import ( + FederatedListFederatedIdentityProvidersResponse, +) from stackit.serviceaccount.models.get_service_account_key_response import ( GetServiceAccountKeyResponse, ) @@ -54,6 +69,9 @@ from stackit.serviceaccount.models.list_service_accounts_response import ( ListServiceAccountsResponse, ) +from stackit.serviceaccount.models.partial_update_service_account_federated_identity_provider_payload import ( + PartialUpdateServiceAccountFederatedIdentityProviderPayload, +) from stackit.serviceaccount.models.partial_update_service_account_key_payload import ( PartialUpdateServiceAccountKeyPayload, ) diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_payload.py b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_payload.py new file mode 100644 index 000000000..7aa7aba99 --- /dev/null +++ b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_payload.py @@ -0,0 +1,109 @@ +# coding: utf-8 + +""" + Service Account API + + API to manage Service Accounts and their Access Tokens. ### System for Cross-domain Identity Management (SCIM) Service Account Service offers SCIM APIs to query state. The SCIM protocol was created as standard for automating the exchange of user identity information between identity domains, or IT systems. Service accounts are be handled as indentites similar to SCIM users. A custom SCIM schema has been created: `/ServiceAccounts` #### Syntax ##### Attribute operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | eq | equal | | ne | not equal | | co | contains | | sw | starts with | | ew | ends with | ##### Logical operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | and | logical \"and\" | | or | logical \"or\" | ##### Grouping operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | () | precending grouping | ##### Example ``` filter=email eq \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email ne \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email co \"my-service-account\" filter=name sw \"my\" filter=name ew \"account\" filter=email co \"my-service-account\" and name sw \"my\" filter=email co \"my-service-account\" and (name sw \"my\" or name ew \"account\") ``` #### Sorting > Sorting is optional | PARAMETER | DESCRIPTION | |-----------|--------------------------------------| | sortBy | attribute response is ordered by | | sortOrder | 'ASCENDING' (default) or 'DESCENDING'| #### Pagination | PARAMETER | DESCRIPTION | |--------------|----------------------------------------------| | startIndex | index of first query result, default: 1 | | count | maximum number of query results, default: 100| + + The version of the OpenAPI document: 2.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + +from __future__ import annotations + +import json +import pprint +from typing import Any, ClassVar, Dict, List, Optional, Set + +from pydantic import BaseModel, ConfigDict, Field, StrictStr +from typing_extensions import Self + +from stackit.serviceaccount.models.create_federated_identity_provider_payload_assertions_inner import ( + CreateFederatedIdentityProviderPayloadAssertionsInner, +) + + +class CreateFederatedIdentityProviderPayload(BaseModel): + """ + CreateFederatedIdentityProviderPayload + """ # noqa: E501 + + assertions: Optional[List[CreateFederatedIdentityProviderPayloadAssertionsInner]] = Field( + default=None, description="list of assertions of the federated identity provider" + ) + issuer: StrictStr = Field(description="Issuer of the federated identity provider.") + name: StrictStr = Field(description="Unique name used as identifier of the federated identity provider.") + __properties: ClassVar[List[str]] = ["assertions", "issuer", "name"] + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderPayload from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + """ + excluded_fields: Set[str] = set([]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # override the default output from pydantic by calling `to_dict()` of each item in assertions (list) + _items = [] + if self.assertions: + for _item in self.assertions: + if _item: + _items.append(_item.to_dict()) + _dict["assertions"] = _items + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderPayload from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate( + { + "assertions": ( + [ + CreateFederatedIdentityProviderPayloadAssertionsInner.from_dict(_item) + for _item in obj["assertions"] + ] + if obj.get("assertions") is not None + else None + ), + "issuer": obj.get("issuer"), + "name": obj.get("name"), + } + ) + return _obj diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_payload_assertions_inner.py b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_payload_assertions_inner.py new file mode 100644 index 000000000..192d8b9ea --- /dev/null +++ b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_payload_assertions_inner.py @@ -0,0 +1,83 @@ +# coding: utf-8 + +""" + Service Account API + + API to manage Service Accounts and their Access Tokens. ### System for Cross-domain Identity Management (SCIM) Service Account Service offers SCIM APIs to query state. The SCIM protocol was created as standard for automating the exchange of user identity information between identity domains, or IT systems. Service accounts are be handled as indentites similar to SCIM users. A custom SCIM schema has been created: `/ServiceAccounts` #### Syntax ##### Attribute operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | eq | equal | | ne | not equal | | co | contains | | sw | starts with | | ew | ends with | ##### Logical operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | and | logical \"and\" | | or | logical \"or\" | ##### Grouping operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | () | precending grouping | ##### Example ``` filter=email eq \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email ne \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email co \"my-service-account\" filter=name sw \"my\" filter=name ew \"account\" filter=email co \"my-service-account\" and name sw \"my\" filter=email co \"my-service-account\" and (name sw \"my\" or name ew \"account\") ``` #### Sorting > Sorting is optional | PARAMETER | DESCRIPTION | |-----------|--------------------------------------| | sortBy | attribute response is ordered by | | sortOrder | 'ASCENDING' (default) or 'DESCENDING'| #### Pagination | PARAMETER | DESCRIPTION | |--------------|----------------------------------------------| | startIndex | index of first query result, default: 1 | | count | maximum number of query results, default: 100| + + The version of the OpenAPI document: 2.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + +from __future__ import annotations + +import json +import pprint +from typing import Any, ClassVar, Dict, List, Optional, Set + +from pydantic import BaseModel, ConfigDict, Field, StrictStr +from typing_extensions import Self + + +class CreateFederatedIdentityProviderPayloadAssertionsInner(BaseModel): + """ + CreateFederatedIdentityProviderPayloadAssertionsInner + """ # noqa: E501 + + item: Optional[StrictStr] = Field(default=None, description="Item to compare") + operator: Optional[StrictStr] = Field(default=None, description="Operator for the comparison") + value: Optional[StrictStr] = Field(default=None, description="Value which the item is compared to") + __properties: ClassVar[List[str]] = ["item", "operator", "value"] + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderPayloadAssertionsInner from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + """ + excluded_fields: Set[str] = set([]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderPayloadAssertionsInner from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({"item": obj.get("item"), "operator": obj.get("operator"), "value": obj.get("value")}) + return _obj diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_response.py b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_response.py new file mode 100644 index 000000000..4f2b939d0 --- /dev/null +++ b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_response.py @@ -0,0 +1,141 @@ +# coding: utf-8 + +""" + Service Account API + + API to manage Service Accounts and their Access Tokens. ### System for Cross-domain Identity Management (SCIM) Service Account Service offers SCIM APIs to query state. The SCIM protocol was created as standard for automating the exchange of user identity information between identity domains, or IT systems. Service accounts are be handled as indentites similar to SCIM users. A custom SCIM schema has been created: `/ServiceAccounts` #### Syntax ##### Attribute operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | eq | equal | | ne | not equal | | co | contains | | sw | starts with | | ew | ends with | ##### Logical operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | and | logical \"and\" | | or | logical \"or\" | ##### Grouping operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | () | precending grouping | ##### Example ``` filter=email eq \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email ne \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email co \"my-service-account\" filter=name sw \"my\" filter=name ew \"account\" filter=email co \"my-service-account\" and name sw \"my\" filter=email co \"my-service-account\" and (name sw \"my\" or name ew \"account\") ``` #### Sorting > Sorting is optional | PARAMETER | DESCRIPTION | |-----------|--------------------------------------| | sortBy | attribute response is ordered by | | sortOrder | 'ASCENDING' (default) or 'DESCENDING'| #### Pagination | PARAMETER | DESCRIPTION | |--------------|----------------------------------------------| | startIndex | index of first query result, default: 1 | | count | maximum number of query results, default: 100| + + The version of the OpenAPI document: 2.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + +from __future__ import annotations + +import json +import pprint +import re # noqa: F401 +from datetime import datetime +from typing import Any, ClassVar, Dict, List, Optional, Set + +from pydantic import BaseModel, ConfigDict, Field, StrictStr, field_validator +from typing_extensions import Self + +from stackit.serviceaccount.models.create_federated_identity_provider_response_assertions_inner import ( + CreateFederatedIdentityProviderResponseAssertionsInner, +) + + +class CreateFederatedIdentityProviderResponse(BaseModel): + """ + CreateFederatedIdentityProviderResponse + """ # noqa: E501 + + assertions: List[CreateFederatedIdentityProviderResponseAssertionsInner] = Field( + description="list of assertions of the federated identity provider" + ) + created_at: datetime = Field(description="Creation time of the federated identity provider.", alias="createdAt") + issuer: StrictStr = Field(description="Issuer of the federated identity provider.") + name: StrictStr = Field(description="Unique name of the federated identity provider.") + updated_at: datetime = Field(description="Last update time of the federated identity provider.", alias="updatedAt") + __properties: ClassVar[List[str]] = ["assertions", "createdAt", "issuer", "name", "updatedAt"] + + @field_validator("created_at", mode="before") + def created_at_change_year_zero_to_one(cls, value): + """Workaround which prevents year 0 issue""" + if isinstance(value, str): + # Check for year "0000" at the beginning of the string + # This assumes common date formats like YYYY-MM-DDTHH:MM:SS+00:00 or YYYY-MM-DDTHH:MM:SSZ + if value.startswith("0000-01-01T") and re.match( + r"^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\+\d{2}:\d{2}|Z)$", value + ): + # Workaround: Replace "0000" with "0001" + return "0001" + value[4:] # Take "0001" and append the rest of the string + return value + + @field_validator("updated_at", mode="before") + def updated_at_change_year_zero_to_one(cls, value): + """Workaround which prevents year 0 issue""" + if isinstance(value, str): + # Check for year "0000" at the beginning of the string + # This assumes common date formats like YYYY-MM-DDTHH:MM:SS+00:00 or YYYY-MM-DDTHH:MM:SSZ + if value.startswith("0000-01-01T") and re.match( + r"^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(\+\d{2}:\d{2}|Z)$", value + ): + # Workaround: Replace "0000" with "0001" + return "0001" + value[4:] # Take "0001" and append the rest of the string + return value + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderResponse from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + """ + excluded_fields: Set[str] = set([]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # override the default output from pydantic by calling `to_dict()` of each item in assertions (list) + _items = [] + if self.assertions: + for _item in self.assertions: + if _item: + _items.append(_item.to_dict()) + _dict["assertions"] = _items + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderResponse from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate( + { + "assertions": ( + [ + CreateFederatedIdentityProviderResponseAssertionsInner.from_dict(_item) + for _item in obj["assertions"] + ] + if obj.get("assertions") is not None + else None + ), + "createdAt": obj.get("createdAt"), + "issuer": obj.get("issuer"), + "name": obj.get("name"), + "updatedAt": obj.get("updatedAt"), + } + ) + return _obj diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_response_assertions_inner.py b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_response_assertions_inner.py new file mode 100644 index 000000000..43141cc2d --- /dev/null +++ b/services/serviceaccount/src/stackit/serviceaccount/models/create_federated_identity_provider_response_assertions_inner.py @@ -0,0 +1,83 @@ +# coding: utf-8 + +""" + Service Account API + + API to manage Service Accounts and their Access Tokens. ### System for Cross-domain Identity Management (SCIM) Service Account Service offers SCIM APIs to query state. The SCIM protocol was created as standard for automating the exchange of user identity information between identity domains, or IT systems. Service accounts are be handled as indentites similar to SCIM users. A custom SCIM schema has been created: `/ServiceAccounts` #### Syntax ##### Attribute operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | eq | equal | | ne | not equal | | co | contains | | sw | starts with | | ew | ends with | ##### Logical operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | and | logical \"and\" | | or | logical \"or\" | ##### Grouping operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | () | precending grouping | ##### Example ``` filter=email eq \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email ne \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email co \"my-service-account\" filter=name sw \"my\" filter=name ew \"account\" filter=email co \"my-service-account\" and name sw \"my\" filter=email co \"my-service-account\" and (name sw \"my\" or name ew \"account\") ``` #### Sorting > Sorting is optional | PARAMETER | DESCRIPTION | |-----------|--------------------------------------| | sortBy | attribute response is ordered by | | sortOrder | 'ASCENDING' (default) or 'DESCENDING'| #### Pagination | PARAMETER | DESCRIPTION | |--------------|----------------------------------------------| | startIndex | index of first query result, default: 1 | | count | maximum number of query results, default: 100| + + The version of the OpenAPI document: 2.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + +from __future__ import annotations + +import json +import pprint +from typing import Any, ClassVar, Dict, List, Optional, Set + +from pydantic import BaseModel, ConfigDict, Field, StrictStr +from typing_extensions import Self + + +class CreateFederatedIdentityProviderResponseAssertionsInner(BaseModel): + """ + CreateFederatedIdentityProviderResponseAssertionsInner + """ # noqa: E501 + + item: StrictStr = Field(description="Item to compare") + operator: StrictStr = Field(description="Operator for the comparison") + value: StrictStr = Field(description="Value which the item is compared to") + __properties: ClassVar[List[str]] = ["item", "operator", "value"] + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderResponseAssertionsInner from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + """ + excluded_fields: Set[str] = set([]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of CreateFederatedIdentityProviderResponseAssertionsInner from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate({"item": obj.get("item"), "operator": obj.get("operator"), "value": obj.get("value")}) + return _obj diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/federated_list_federated_identity_providers_response.py b/services/serviceaccount/src/stackit/serviceaccount/models/federated_list_federated_identity_providers_response.py new file mode 100644 index 000000000..10f9c2df5 --- /dev/null +++ b/services/serviceaccount/src/stackit/serviceaccount/models/federated_list_federated_identity_providers_response.py @@ -0,0 +1,112 @@ +# coding: utf-8 + +""" + Service Account API + + API to manage Service Accounts and their Access Tokens. ### System for Cross-domain Identity Management (SCIM) Service Account Service offers SCIM APIs to query state. The SCIM protocol was created as standard for automating the exchange of user identity information between identity domains, or IT systems. Service accounts are be handled as indentites similar to SCIM users. A custom SCIM schema has been created: `/ServiceAccounts` #### Syntax ##### Attribute operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | eq | equal | | ne | not equal | | co | contains | | sw | starts with | | ew | ends with | ##### Logical operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | and | logical \"and\" | | or | logical \"or\" | ##### Grouping operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | () | precending grouping | ##### Example ``` filter=email eq \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email ne \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email co \"my-service-account\" filter=name sw \"my\" filter=name ew \"account\" filter=email co \"my-service-account\" and name sw \"my\" filter=email co \"my-service-account\" and (name sw \"my\" or name ew \"account\") ``` #### Sorting > Sorting is optional | PARAMETER | DESCRIPTION | |-----------|--------------------------------------| | sortBy | attribute response is ordered by | | sortOrder | 'ASCENDING' (default) or 'DESCENDING'| #### Pagination | PARAMETER | DESCRIPTION | |--------------|----------------------------------------------| | startIndex | index of first query result, default: 1 | | count | maximum number of query results, default: 100| + + The version of the OpenAPI document: 2.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + +from __future__ import annotations + +import json +import pprint +from typing import Any, ClassVar, Dict, List, Optional, Set, Union + +from pydantic import BaseModel, ConfigDict, Field +from typing_extensions import Annotated, Self + +from stackit.serviceaccount.models.create_federated_identity_provider_response import ( + CreateFederatedIdentityProviderResponse, +) + + +class FederatedListFederatedIdentityProvidersResponse(BaseModel): + """ + FederatedListFederatedIdentityProvidersResponse + """ # noqa: E501 + + items_per_page: Union[Annotated[float, Field(strict=True, ge=1)], Annotated[int, Field(strict=True, ge=1)]] = Field( + alias="itemsPerPage" + ) + resources: List[CreateFederatedIdentityProviderResponse] + start_index: Union[Annotated[float, Field(strict=True, ge=1)], Annotated[int, Field(strict=True, ge=1)]] = Field( + alias="startIndex" + ) + total_results: Union[Annotated[float, Field(strict=True, ge=0)], Annotated[int, Field(strict=True, ge=0)]] = Field( + alias="totalResults" + ) + __properties: ClassVar[List[str]] = ["itemsPerPage", "resources", "startIndex", "totalResults"] + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of FederatedListFederatedIdentityProvidersResponse from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + """ + excluded_fields: Set[str] = set([]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # override the default output from pydantic by calling `to_dict()` of each item in resources (list) + _items = [] + if self.resources: + for _item in self.resources: + if _item: + _items.append(_item.to_dict()) + _dict["resources"] = _items + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of FederatedListFederatedIdentityProvidersResponse from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate( + { + "itemsPerPage": obj.get("itemsPerPage") if obj.get("itemsPerPage") is not None else 1, + "resources": ( + [CreateFederatedIdentityProviderResponse.from_dict(_item) for _item in obj["resources"]] + if obj.get("resources") is not None + else None + ), + "startIndex": obj.get("startIndex") if obj.get("startIndex") is not None else 1, + "totalResults": obj.get("totalResults") if obj.get("totalResults") is not None else 0, + } + ) + return _obj diff --git a/services/serviceaccount/src/stackit/serviceaccount/models/partial_update_service_account_federated_identity_provider_payload.py b/services/serviceaccount/src/stackit/serviceaccount/models/partial_update_service_account_federated_identity_provider_payload.py new file mode 100644 index 000000000..42cf91542 --- /dev/null +++ b/services/serviceaccount/src/stackit/serviceaccount/models/partial_update_service_account_federated_identity_provider_payload.py @@ -0,0 +1,109 @@ +# coding: utf-8 + +""" + Service Account API + + API to manage Service Accounts and their Access Tokens. ### System for Cross-domain Identity Management (SCIM) Service Account Service offers SCIM APIs to query state. The SCIM protocol was created as standard for automating the exchange of user identity information between identity domains, or IT systems. Service accounts are be handled as indentites similar to SCIM users. A custom SCIM schema has been created: `/ServiceAccounts` #### Syntax ##### Attribute operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | eq | equal | | ne | not equal | | co | contains | | sw | starts with | | ew | ends with | ##### Logical operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | and | logical \"and\" | | or | logical \"or\" | ##### Grouping operators | OPERATOR | DESCRIPTION | |----------|--------------------------| | () | precending grouping | ##### Example ``` filter=email eq \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email ne \"my-service-account-aBc2defg@sa.stackit.cloud\" filter=email co \"my-service-account\" filter=name sw \"my\" filter=name ew \"account\" filter=email co \"my-service-account\" and name sw \"my\" filter=email co \"my-service-account\" and (name sw \"my\" or name ew \"account\") ``` #### Sorting > Sorting is optional | PARAMETER | DESCRIPTION | |-----------|--------------------------------------| | sortBy | attribute response is ordered by | | sortOrder | 'ASCENDING' (default) or 'DESCENDING'| #### Pagination | PARAMETER | DESCRIPTION | |--------------|----------------------------------------------| | startIndex | index of first query result, default: 1 | | count | maximum number of query results, default: 100| + + The version of the OpenAPI document: 2.0 + Generated by OpenAPI Generator (https://openapi-generator.tech) + + Do not edit the class manually. +""" # noqa: E501 + +from __future__ import annotations + +import json +import pprint +from typing import Any, ClassVar, Dict, List, Optional, Set + +from pydantic import BaseModel, ConfigDict, Field, StrictStr +from typing_extensions import Self + +from stackit.serviceaccount.models.create_federated_identity_provider_payload_assertions_inner import ( + CreateFederatedIdentityProviderPayloadAssertionsInner, +) + + +class PartialUpdateServiceAccountFederatedIdentityProviderPayload(BaseModel): + """ + PartialUpdateServiceAccountFederatedIdentityProviderPayload + """ # noqa: E501 + + assertions: Optional[List[CreateFederatedIdentityProviderPayloadAssertionsInner]] = Field( + default=None, description="list of assertions of the federated identity provider" + ) + issuer: StrictStr = Field(description="Issuer of the federated identity provider.") + name: StrictStr = Field(description="Unique name used as identifier of the federated identity provider.") + __properties: ClassVar[List[str]] = ["assertions", "issuer", "name"] + + model_config = ConfigDict( + populate_by_name=True, + validate_assignment=True, + protected_namespaces=(), + ) + + def to_str(self) -> str: + """Returns the string representation of the model using alias""" + return pprint.pformat(self.model_dump(by_alias=True)) + + def to_json(self) -> str: + """Returns the JSON representation of the model using alias""" + # TODO: pydantic v2: use .model_dump_json(by_alias=True, exclude_unset=True) instead + return json.dumps(self.to_dict()) + + @classmethod + def from_json(cls, json_str: str) -> Optional[Self]: + """Create an instance of PartialUpdateServiceAccountFederatedIdentityProviderPayload from a JSON string""" + return cls.from_dict(json.loads(json_str)) + + def to_dict(self) -> Dict[str, Any]: + """Return the dictionary representation of the model using alias. + + This has the following differences from calling pydantic's + `self.model_dump(by_alias=True)`: + + * `None` is only added to the output dict for nullable fields that + were set at model initialization. Other fields with value `None` + are ignored. + """ + excluded_fields: Set[str] = set([]) + + _dict = self.model_dump( + by_alias=True, + exclude=excluded_fields, + exclude_none=True, + ) + # override the default output from pydantic by calling `to_dict()` of each item in assertions (list) + _items = [] + if self.assertions: + for _item in self.assertions: + if _item: + _items.append(_item.to_dict()) + _dict["assertions"] = _items + return _dict + + @classmethod + def from_dict(cls, obj: Optional[Dict[str, Any]]) -> Optional[Self]: + """Create an instance of PartialUpdateServiceAccountFederatedIdentityProviderPayload from a dict""" + if obj is None: + return None + + if not isinstance(obj, dict): + return cls.model_validate(obj) + + _obj = cls.model_validate( + { + "assertions": ( + [ + CreateFederatedIdentityProviderPayloadAssertionsInner.from_dict(_item) + for _item in obj["assertions"] + ] + if obj.get("assertions") is not None + else None + ), + "issuer": obj.get("issuer"), + "name": obj.get("name"), + } + ) + return _obj