xref: /aosp_15_r20/external/googleapis/google/api/backend.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2023 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.api;
18
19option go_package = "google.golang.org/genproto/googleapis/api/serviceconfig;serviceconfig";
20option java_multiple_files = true;
21option java_outer_classname = "BackendProto";
22option java_package = "com.google.api";
23option objc_class_prefix = "GAPI";
24
25// `Backend` defines the backend configuration for a service.
26message Backend {
27  // A list of API backend rules that apply to individual API methods.
28  //
29  // **NOTE:** All service configuration rules follow "last one wins" order.
30  repeated BackendRule rules = 1;
31}
32
33// A backend rule provides configuration for an individual API element.
34message BackendRule {
35  // Path Translation specifies how to combine the backend address with the
36  // request path in order to produce the appropriate forwarding URL for the
37  // request.
38  //
39  // Path Translation is applicable only to HTTP-based backends. Backends which
40  // do not accept requests over HTTP/HTTPS should leave `path_translation`
41  // unspecified.
42  enum PathTranslation {
43    PATH_TRANSLATION_UNSPECIFIED = 0;
44
45    // Use the backend address as-is, with no modification to the path. If the
46    // URL pattern contains variables, the variable names and values will be
47    // appended to the query string. If a query string parameter and a URL
48    // pattern variable have the same name, this may result in duplicate keys in
49    // the query string.
50    //
51    // # Examples
52    //
53    // Given the following operation config:
54    //
55    //     Method path:        /api/company/{cid}/user/{uid}
56    //     Backend address:    https://example.cloudfunctions.net/getUser
57    //
58    // Requests to the following request paths will call the backend at the
59    // translated path:
60    //
61    //     Request path: /api/company/widgetworks/user/johndoe
62    //     Translated:
63    //     https://example.cloudfunctions.net/getUser?cid=widgetworks&uid=johndoe
64    //
65    //     Request path: /api/company/widgetworks/user/johndoe?timezone=EST
66    //     Translated:
67    //     https://example.cloudfunctions.net/getUser?timezone=EST&cid=widgetworks&uid=johndoe
68    CONSTANT_ADDRESS = 1;
69
70    // The request path will be appended to the backend address.
71    //
72    // # Examples
73    //
74    // Given the following operation config:
75    //
76    //     Method path:        /api/company/{cid}/user/{uid}
77    //     Backend address:    https://example.appspot.com
78    //
79    // Requests to the following request paths will call the backend at the
80    // translated path:
81    //
82    //     Request path: /api/company/widgetworks/user/johndoe
83    //     Translated:
84    //     https://example.appspot.com/api/company/widgetworks/user/johndoe
85    //
86    //     Request path: /api/company/widgetworks/user/johndoe?timezone=EST
87    //     Translated:
88    //     https://example.appspot.com/api/company/widgetworks/user/johndoe?timezone=EST
89    APPEND_PATH_TO_ADDRESS = 2;
90  }
91
92  // Selects the methods to which this rule applies.
93  //
94  // Refer to [selector][google.api.DocumentationRule.selector] for syntax
95  // details.
96  string selector = 1;
97
98  // The address of the API backend.
99  //
100  // The scheme is used to determine the backend protocol and security.
101  // The following schemes are accepted:
102  //
103  //    SCHEME        PROTOCOL    SECURITY
104  //    http://       HTTP        None
105  //    https://      HTTP        TLS
106  //    grpc://       gRPC        None
107  //    grpcs://      gRPC        TLS
108  //
109  // It is recommended to explicitly include a scheme. Leaving out the scheme
110  // may cause constrasting behaviors across platforms.
111  //
112  // If the port is unspecified, the default is:
113  // - 80 for schemes without TLS
114  // - 443 for schemes with TLS
115  //
116  // For HTTP backends, use [protocol][google.api.BackendRule.protocol]
117  // to specify the protocol version.
118  string address = 2;
119
120  // The number of seconds to wait for a response from a request. The default
121  // varies based on the request protocol and deployment environment.
122  double deadline = 3;
123
124  // Deprecated, do not use.
125  double min_deadline = 4 [deprecated = true];
126
127  // The number of seconds to wait for the completion of a long running
128  // operation. The default is no deadline.
129  double operation_deadline = 5;
130
131  PathTranslation path_translation = 6;
132
133  // Authentication settings used by the backend.
134  //
135  // These are typically used to provide service management functionality to
136  // a backend served on a publicly-routable URL. The `authentication`
137  // details should match the authentication behavior used by the backend.
138  //
139  // For example, specifying `jwt_audience` implies that the backend expects
140  // authentication via a JWT.
141  //
142  // When authentication is unspecified, the resulting behavior is the same
143  // as `disable_auth` set to `true`.
144  //
145  // Refer to https://developers.google.com/identity/protocols/OpenIDConnect for
146  // JWT ID token.
147  oneof authentication {
148    // The JWT audience is used when generating a JWT ID token for the backend.
149    // This ID token will be added in the HTTP "authorization" header, and sent
150    // to the backend.
151    string jwt_audience = 7;
152
153    // When disable_auth is true, a JWT ID token won't be generated and the
154    // original "Authorization" HTTP header will be preserved. If the header is
155    // used to carry the original token and is expected by the backend, this
156    // field must be set to true to preserve the header.
157    bool disable_auth = 8;
158  }
159
160  // The protocol used for sending a request to the backend.
161  // The supported values are "http/1.1" and "h2".
162  //
163  // The default value is inferred from the scheme in the
164  // [address][google.api.BackendRule.address] field:
165  //
166  //    SCHEME        PROTOCOL
167  //    http://       http/1.1
168  //    https://      http/1.1
169  //    grpc://       h2
170  //    grpcs://      h2
171  //
172  // For secure HTTP backends (https://) that support HTTP/2, set this field
173  // to "h2" for improved performance.
174  //
175  // Configuring this field to non-default values is only supported for secure
176  // HTTP backends. This field will be ignored for all other backends.
177  //
178  // See
179  // https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
180  // for more details on the supported values.
181  string protocol = 9;
182
183  // The map between request protocol and the backend address.
184  map<string, BackendRule> overrides_by_request_protocol = 10;
185}
186