Skip to content

Commit a64a415

Browse files
liminwbshaffer
liminw
authored and
bshaffer
committed
Update OpenApi config to use "security" instead of "x-security". (GoogleCloudPlatform#351)
1 parent 4b7bb2f commit a64a415

File tree

2 files changed

+13
-15
lines changed

2 files changed

+13
-15
lines changed

endpoints/getting-started/README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ The JWT client demonstrates how to use service accounts to authenticate to endpo
6161

6262
To use the service account for authentication:
6363

64-
1. Update the `google_jwt`'s `x-jwks_uri` in `openapi.yaml` with your service account's email address.
64+
1. Update the `google_jwt`'s `x-google-jwks_uri` in `openapi.yaml` with your service account's email address.
6565
2. Redeploy your application.
6666

6767
Now you can use the JWT client to make requests to the API:
@@ -79,7 +79,7 @@ The ID Token client demonstrates how to use user credentials to authenticate to
7979

8080
To use the client ID for authentication:
8181

82-
1. Update the `/auth/info/googleidtoken`'s `audiences` in `openapi.yaml` with your client ID.
82+
1. Update `google_id_token: x-google-audiences` in `openapi.yaml` with your client ID.
8383
2. Redeploy your application.
8484

8585
Now you can use the client ID to make requests to the API:

endpoints/getting-started/openapi.yaml

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -45,12 +45,8 @@ paths:
4545
description: "Authenication info."
4646
schema:
4747
$ref: "#/definitions/authInfoResponse"
48-
x-security:
49-
- google_jwt:
50-
audiences:
51-
# This must match the "aud" field in the JWT. You can add multiple
52-
# audiences to accept JWTs from multiple clients.
53-
- "echo.endpoints.sample.google.com"
48+
security:
49+
- google_jwt: []
5450
"/auth/info/googleidtoken":
5551
get:
5652
description: "Returns the requests' authentication information."
@@ -62,12 +58,8 @@ paths:
6258
description: "Authenication info."
6359
schema:
6460
$ref: "#/definitions/authInfoResponse"
65-
x-security:
66-
- google_id_token:
67-
audiences:
68-
# Your OAuth2 client's Client ID must be added here. You can add
69-
# multiple client IDs to accept tokens from multiple clients.
70-
- "YOUR-CLIENT-ID"
61+
security:
62+
- google_id_token: []
7163

7264
definitions:
7365
echoMessage:
@@ -98,6 +90,9 @@ securityDefinitions:
9890
x-google-issuer: "jwt-client.endpoints.sample.google.com"
9991
# Update this with your service account's email address.
10092
x-google-jwks_uri: "https://www.googleapis.com/service_accounts/v1/jwk/YOUR-SERVICE-ACCOUNT-EMAIL"
93+
# This must match the "aud" field in the JWT. You can add multiple
94+
# audiences to accept JWTs from multiple clients.
95+
x-google-audiences: "echo.endpoints.sample.google.com"
10196
# This section configures authentication using Google OAuth2 ID Tokens.
10297
# ID Tokens can be obtained using OAuth2 clients, and can be used to access
10398
# your API on behalf of a particular user.
@@ -106,4 +101,7 @@ securityDefinitions:
106101
flow: "implicit"
107102
type: "oauth2"
108103
x-google-issuer: "https://accounts.google.com"
109-
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v1/certs"
104+
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"
105+
# Your OAuth2 client's Client ID must be added here. You can add
106+
# multiple client IDs to accept tokens from multiple clients.
107+
x-google-audiences: "YOUR-CLIENT-ID"

0 commit comments

Comments
 (0)