+ ##
+ # Returns the method object for a given RPC name and service version.
+ #
+ # @param [String, Symbol] rpc_name The RPC name of the desired method.
+ # @param [String, Symbol] api The API the method is within.
+ # @param [String] version The desired version of the API.
+ #
+ # @return [Google::APIClient::Method] The method object.
+ def discovered_method(rpc_name, api, version=nil)
+ if !rpc_name.kind_of?(String) && !rpc_name.kind_of?(Symbol)
+ raise TypeError,
+ "Expected String or Symbol, got #{rpc_name.class}."
+ end
+ rpc_name = rpc_name.to_s
+ api = api.to_s
+ version = version || 'v1'
+ service = self.discovered_api(api, version)
+ if service.to_h[rpc_name]
+ return service.to_h[rpc_name]
+ else
+ return nil
+ end
+ end
+
+ ##
+ # Returns the service object with the highest version number.
+ #
+ # @note <em>Warning</em>: This method should be used with great care.
+ # As APIs are updated, minor differences between versions may cause
+ # incompatibilities. Requesting a specific version will avoid this issue.
+ #
+ # @param [String, Symbol] api The name of the service.
+ #
+ # @return [Google::APIClient::API] The service object.
+ def preferred_version(api)
+ if !api.kind_of?(String) && !api.kind_of?(Symbol)
+ raise TypeError,
+ "Expected String or Symbol, got #{api.class}."
+ end
+ api = api.to_s
+ return self.discovered_apis.detect do |a|
+ a.name == api && a.preferred == true
+ end
+ end
+
+ ##
+ # Verifies an ID token against a server certificate. Used to ensure that
+ # an ID token supplied by an untrusted client-side mechanism is valid.
+ # Raises an error if the token is invalid or missing.
+ def verify_id_token!
+ require 'jwt'
+ require 'openssl'
+ @certificates ||= {}
+ if !self.authorization.respond_to?(:id_token)
+ raise ArgumentError, (
+ "Current authorization mechanism does not support ID tokens: " +
+ "#{self.authorization.class.to_s}"
+ )
+ elsif !self.authorization.id_token
+ raise ArgumentError, (
+ "Could not verify ID token, ID token missing. " +
+ "Scopes were: #{self.authorization.scope.inspect}"
+ )
+ else
+ check_cached_certs = lambda do
+ valid = false
+ for key, cert in @certificates
+ begin
+ self.authorization.decoded_id_token(cert.public_key)
+ valid = true
+ rescue JWT::DecodeError, Signet::UnsafeOperationError
+ # Expected exception. Ignore, ID token has not been validated.
+ end
+ end
+ valid