1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.actions.sdk.v2; 18 19import "google/api/field_behavior.proto"; 20 21option go_package = "google.golang.org/genproto/googleapis/actions/sdk/v2;sdk"; 22option java_multiple_files = true; 23option java_outer_classname = "AccountLinkingProto"; 24option java_package = "com.google.actions.sdk.v2"; 25 26// AccountLinking allows Google to guide the user to sign-in to the App's web 27// services. 28// 29// For Google Sign In and OAuth + Google Sign In linking types, Google generates 30// a client ID identifying your App to Google ("Client ID issued by Google to 31// your Actions" on Console UI). This field is read-only and can be checked by 32// navigating to the Console UI's Account Linking page. 33// See: https://developers.google.com/assistant/identity/google-sign-in 34// 35// Note: For all account linking setting types (except for Google Sign In), you 36// must provide a username and password for a test account in 37// Settings.testing_instructions for the review team to review the app (they 38// will not be visible to users). 39message AccountLinking { 40 // The type of Account Linking to perform. 41 enum LinkingType { 42 // Unspecified. 43 LINKING_TYPE_UNSPECIFIED = 0; 44 45 // Google Sign In linking type. 46 // If using this linking type, no OAuth-related fields need to be set below. 47 GOOGLE_SIGN_IN = 1; 48 49 // OAuth and Google Sign In linking type. 50 OAUTH_AND_GOOGLE_SIGN_IN = 2; 51 52 // OAuth linking type. 53 OAUTH = 3; 54 } 55 56 // The OAuth2 grant type Google uses to guide the user to sign in to your 57 // App's web service. 58 enum AuthGrantType { 59 // Unspecified. 60 AUTH_GRANT_TYPE_UNSPECIFIED = 0; 61 62 // Authorization code grant. Requires you to provide both 63 // authentication URL and access token URL. 64 AUTH_CODE = 1; 65 66 // Implicit code grant. Only requires you to provide authentication 67 // URL. 68 IMPLICIT = 2; 69 } 70 71 // Required. If `true`, users are allowed to sign up for new accounts via voice. 72 // If `false`, account creation is only allowed on your website. Select this 73 // option if you want to display your terms of service or obtain user consents 74 // during sign-up. 75 // linking_type cannot be GOOGLE_SIGN_IN when this is `false`. 76 // linking_type cannot be OAUTH when this is `true`. 77 bool enable_account_creation = 1 [(google.api.field_behavior) = REQUIRED]; 78 79 // Required. The linking type to use. 80 // See https://developers.google.com/assistant/identity for further details on 81 // the linking types. 82 LinkingType linking_type = 2 [(google.api.field_behavior) = REQUIRED]; 83 84 // Optional. Indicates the type of authentication for OAUTH linking_type. 85 AuthGrantType auth_grant_type = 3 [(google.api.field_behavior) = OPTIONAL]; 86 87 // Optional. Client ID issued by your App to Google. 88 // This is the OAuth2 Client ID identifying Google to your service. 89 // Only set when using OAuth. 90 string app_client_id = 4 [(google.api.field_behavior) = OPTIONAL]; 91 92 // Optional. Endpoint for your sign-in web page that supports OAuth2 code or 93 // implicit flows. 94 // URL must use HTTPS. 95 // Only set when using OAuth. 96 string authorization_url = 5 [(google.api.field_behavior) = OPTIONAL]; 97 98 // Optional. OAuth2 endpoint for token exchange. 99 // URL must use HTTPS. 100 // This is not set when only using OAuth with IMPLICIT grant as the 101 // linking type. 102 // Only set when using OAuth. 103 string token_url = 6 [(google.api.field_behavior) = OPTIONAL]; 104 105 // Optional. List of permissions the user must consent to in order to use 106 // your service. 107 // Only set when using OAuth. 108 // Make sure to provide a Terms of Service in the directory information in 109 // LocalizedSettings.terms_of_service_url section if specifying this field. 110 repeated string scopes = 7 [(google.api.field_behavior) = OPTIONAL]; 111 112 // Optional. This is the web page on your service which describes the 113 // permissions the user is granting to Google. 114 // Only set if using OAuth and Google Sign In. 115 // Make sure to provide a Terms of Service in the directory information in 116 // LocalizedSettings.terms_of_service_url section if specifying this field. 117 string learn_more_url = 8 [(google.api.field_behavior) = OPTIONAL]; 118 119 // Optional. If true, allow Google to transmit client ID and secret via HTTP 120 // basic auth header. Otherwise, Google uses the client ID and secret inside 121 // the post body. 122 // Only set when using OAuth. 123 // Make sure to provide a Terms of Service in the directory information in 124 // LocalizedSettings.terms_of_service_url section if specifying this field. 125 bool use_basic_auth_header = 9 [(google.api.field_behavior) = OPTIONAL]; 126} 127