All Classes
-
All Classes Interface Summary Class Summary Enum Summary Exception Summary Class Description AccessToken Represents a temporary OAuth2 access token and its expiration information.AccessToken.Builder ActingParty The acting party as defined in OAuth 2.0 Token Exchange.ApiKeyCredentials Credentials class for calling Google APIs using an API key.AppEngineCredentials OAuth2 credentials representing the built-in service account for Google App Engine.AuthHttpConstants Constants used for auth in httpAutoValue_JwtClaims AutoValue_JwtClaims.Builder AwsCredentials Credentials representing an AWS third-party identity for calling Google APIs.AwsCredentials.Builder AwsCredentialSource The AWS credential source.AwsDates Formats dates required for AWS Signature V4 request signing.AwsRequestSignature Stores the AWS API request signature based on the AWS Signature Version 4 signing process, and the parameters used in the signing process.AwsRequestSignature.Builder AwsRequestSigner Internal utility that signs AWS API requests based on the AWS Signature Version 4 signing process.AwsRequestSigner.Builder AwsSecurityCredentials Defines AWS security credentials.AwsSecurityCredentialsSupplier Supplier for retrieving AWS Security credentials forAwsCredentials
to exchange for GCP access tokens.ClientId An OAuth2 user authorization Client ID and associated information.ClientId.Builder CloudShellCredentials OAuth2 credentials representing the built-in service account for Google Cloud Shell.CloudShellCredentials.Builder ComputeEngineCredentials OAuth2 credentials representing the built-in service account for a Google Compute Engine VM.ComputeEngineCredentials.Builder CredentialAccessBoundary Defines an upper bound of permissions available for a GCP credential viaCredentialAccessBoundary.AccessBoundaryRule
s.CredentialAccessBoundary.AccessBoundaryRule Defines an upper bound of permissions on a particular resource.CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition An optional condition that can be used as part of aCredentialAccessBoundary.AccessBoundaryRule
to further restrict permissions.CredentialAccessBoundary.AccessBoundaryRule.AvailabilityCondition.Builder CredentialAccessBoundary.AccessBoundaryRule.Builder CredentialAccessBoundary.Builder CredentialFormatException Indicates that the provided credential does not adhere to the required format.Credentials Represents an abstract authorized identity instance.CredentialTypeForMetrics Defines the different types of credentials that can be used for metrics.DefaultCredentialsProvider Provides the Application Default Credential from the environment.DefaultPKCEProvider Implements PKCE using only the Java standard library.DownscopedCredentials DownscopedCredentials enables the ability to downscope, or restrict, the Identity and Access Management (IAM) permissions that a short-lived credential can use for Cloud Storage.DownscopedCredentials.Builder EnvironmentProvider Interface for an environment provider.ExecutableHandler An interface for 3rd party executable handling.ExecutableHandler.ExecutableOptions An interface for required fields needed to call 3rd party executables.ExecutableResponse Encapsulates response values for the 3rd party executable response (e.g.ExternalAccountAuthorizedUserCredentials OAuth2 credentials sourced using external identities through Workforce Identity Federation.ExternalAccountAuthorizedUserCredentials.Builder Builder forExternalAccountAuthorizedUserCredentials
.ExternalAccountCredentials Base external account credentials class.ExternalAccountCredentials.Builder Base builder for external account credentials.ExternalAccountCredentials.CredentialSource Base credential source class.ExternalAccountCredentials.ServiceAccountImpersonationOptions Encapsulates the service account impersonation options portion of the configuration for ExternalAccountCredentials.ExternalAccountCredentials.SubjectTokenTypes Enum specifying values for the subjectTokenType field inExternalAccountCredentials
.ExternalAccountMetricsHandler A handler for generating the x-goog-api-client header value for BYOID external account credentials.ExternalAccountSupplierContext Context object to pass relevant variables from external account credentials to suppliers.ExternalAccountSupplierContext.Builder Builder for external account supplier context.FileIdentityPoolSubjectTokenSupplier Internal provider for retrieving subject tokens forIdentityPoolCredentials
to exchange for GCP access tokens via a local file.GdchCredentials GdchCredentials.Builder GdchCredentials.TransportFactoryForGdch GoogleAuthException Base class for the standard Auth error response.GoogleAuthUtils This public class provides shared utilities for common OAuth2 utils or ADC.GoogleCredentials Base type for credentials for authorizing calls to Google APIs using OAuth2.GoogleCredentials.Builder HttpCredentialsAdapter A wrapper for using Credentials with the Google API Client Libraries for Java with Http.HttpTransportFactory A base interface for allHttpTransport
factories.IamUtils This internal class provides shared utilities for interacting with the IAM API for common features like signing.IdentityPoolCredentials Url-sourced, file-sourced, or user provided supplier method-sourced external account credentials.IdentityPoolCredentials.Builder IdentityPoolCredentialSource The IdentityPool credential source.IdentityPoolCredentialSource.CredentialFormatType IdentityPoolCredentialSource.IdentityPoolCredentialSourceType IdentityPoolSubjectTokenSupplier IdToken Represents a temporary IdToken and its JsonWebSignature objectIdTokenCredentials IdTokenCredentials provides a Google Issued OpenIdConnect token.IdTokenCredentials.Builder IdTokenProvider Interface for an Google OIDC token provider.IdTokenProvider.Option Enum of various credential-specific options to apply to the token.ImpersonatedCredentials ImpersonatedCredentials allowing credentials issued to a user or service account to impersonate another.ImpersonatedCredentials.Builder InternalAuthHttpConstants Internal constants used for auth in httpInternalAwsSecurityCredentialsSupplier Internal provider for retrieving AWS security credentials forAwsCredentials
to exchange for GCP access tokens.JwtClaims Value class representing the set of fields used as the payload of a JWT token.JwtClaims.Builder JwtCredentials Credentials class for calling Google APIs using a JWT with custom claims.JwtCredentials.Builder JwtProvider Interface for creating custom JWT tokensMemoryTokensStorage Represents an in-memory storage of tokens.MetricsUtils MetricsUtils.RequestType OAuth2Credentials Base type for Credentials using OAuth2.OAuth2Credentials.AsyncRefreshResult Result fromOAuth2Credentials.getOrCreateRefreshTask()
.OAuth2Credentials.Builder OAuth2Credentials.CacheState OAuth2Credentials.CredentialsChangedListener Listener for changes to credentials.OAuth2Credentials.FutureCallbackToMetadataCallbackAdapter OAuth2Credentials.OAuthValue Stores an immutable snapshot of the accesstoken owned byOAuth2Credentials
OAuth2CredentialsWithRefresh A refreshable alternative toOAuth2Credentials
.OAuth2CredentialsWithRefresh.Builder OAuth2CredentialsWithRefresh.OAuth2RefreshHandler Interface for the refresh handler.OAuth2Utils Internal utilities for the com.google.auth.oauth2 namespace.OAuth2Utils.DefaultHttpTransportFactory OAuthException Encapsulates the standard OAuth error response.PKCEProvider PluggableAuthCredentials PluggableAuthCredentials enables the exchange of workload identity pool external credentials for Google access tokens by retrieving 3rd party tokens through a user supplied executable.PluggableAuthCredentials.Builder PluggableAuthCredentialSource Encapsulates the credential source portion of the configuration for PluggableAuthCredentials.PluggableAuthException Encapsulates the error response's for 3rd party executables defined by the executable spec.PluggableAuthHandler Internal handler for retrieving 3rd party tokens from user defined scripts/executables for workload identity federation.PluggableAuthHandler.DefaultProcessBuilder A default implementation forPluggableAuthHandler.InternalProcessBuilder
that wrapsProcessBuilder
.PluggableAuthHandler.InternalProcessBuilder An interface for creating and managing a process.QuotaProjectIdProvider Interface forGoogleCredentials
that return a quota project ID.RequestMetadataCallback The callback that receives the result of the asynchronousCredentials.getRequestMetadata(java.net.URI, java.util.concurrent.Executor, RequestMetadataCallback)
.Retryable SecureSessionAgent Utilities to fetch the S2A (Secure Session Agent) address from the mTLS configuration.SecureSessionAgent.Builder SecureSessionAgentConfig Holds an mTLS configuration (consists of address of S2A) retrieved from the Metadata Server.SecureSessionAgentConfig.Builder ServiceAccountCredentials OAuth2 credentials representing a Service Account for calling Google APIs.ServiceAccountCredentials.Builder ServiceAccountJwtAccessCredentials Service Account credentials for calling Google APIs using a JWT directly for access.ServiceAccountJwtAccessCredentials.Builder ServiceAccountSigner Interface for a service account signer.ServiceAccountSigner.SigningException StsRequestHandler Implements the OAuth 2.0 token exchange based on https://tools.ietf.org/html/rfc8693.StsRequestHandler.Builder StsTokenExchangeRequest Defines an OAuth 2.0 token exchange request.StsTokenExchangeRequest.Builder StsTokenExchangeResponse Defines an OAuth 2.0 token exchange successful response.StsTokenExchangeResponse.Builder SystemEnvironmentProvider Represents the default system environment provider.TokenStore Interface for long term storage of tokensTokenVerifier Handle verification of Google-signed JWT tokens.TokenVerifier.Builder TokenVerifier.PublicKeyLoader Custom CacheLoader for mapping certificate urls to the contained public keys.TokenVerifier.PublicKeyLoader.JsonWebKey Data class used for deserializing a single JSON Web Key.TokenVerifier.PublicKeyLoader.JsonWebKeySet Data class used for deserializing a JSON Web Key Set (JWKS) from an external HTTP request.TokenVerifier.VerificationException Custom exception for wrapping all verification errors.UrlIdentityPoolSubjectTokenSupplier Provider for retrieving subject tokens forIdentityPoolCredentials
to exchange for GCP access tokens.UserAuthorizer Handles an interactive 3-Legged-OAuth2 (3LO) user consent authorization.UserAuthorizer.Builder UserAuthorizer.ClientAuthenticationType Represents the client authentication types as specified in RFC 7591.UserAuthorizer.TokenResponseWithConfig Represents the response from an OAuth token exchange, including configuration details used to initiate the flow.UserAuthorizer.TokenResponseWithConfig.Builder UserCredentials OAuth2 Credentials representing a user's identity and consent.UserCredentials.Builder