Claims a certificate provisioning process. For each certificate provisioning process, this operation can succeed only for one `caller_instance_id`.

Requests the client that initiated a certificate provisioning process to sign data. This should only be called after `ClaimCertificateProvisioningProcess` has been successfully executed.

Uploads a successfully issued certificate for a certificate provisioning process.

Method Details

claim(name, body=None, x__xgafv=None)

Claims a certificate provisioning process. For each certificate provisioning process, this operation can succeed only for one `caller_instance_id`.

Args:
  name: string, Required. Resource name of the `CertificateProvisioningProcess` to claim. The name pattern is given as `customers/{customer}/certificateProvisioningProcesses/{certificate_provisioning_process}` with `{customer}` being the obfuscated customer id and `{certificate_provisioning_process}` being the certificate provisioning process id. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for claiming a certificate provisioning process.
  "callerInstanceId": "A String", # Required. The instance id of the caller.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for claiming a certificate provisioning process.
}

close()

Close httplib2 connections.

get(name, x__xgafv=None)

Retrieves a certificate provisioning process.

Args:
name: string, Required. Resource name of the `CertificateProvisioningProcess` to return. The name pattern is given as `customers/{customer}/certificateProvisioningProcesses/{certificate_provisioning_process}` with `{customer}` being the obfuscated customer id and `{certificate_provisioning_process}` being the certificate provisioning process id. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format

Returns:
An object of the form:

{ # A certificate provisioning process.
"chromeOsDevice": { # Describes the ChromeOS device that a `CertificateProvisioningProcess` belongs to. # Output only. The client certificate is being provisioned for a ChromeOS device. This contains information about the device.
"deviceDirectoryApiId": "A String", # Output only. The unique Directory API ID of the device. This value is the same as the Admin Console's Directory API ID in the ChromeOS Devices tab.
"serialNumber": "A String", # Output only. Device serial number. This value is the same as the Admin Console's Serial Number in the ChromeOS Devices tab.
},
"chromeOsUserSession": { # Describes the ChromeOS user session that a `CertificateProvisioningProcess` belongs to. # Output only. The client certificate is being provisioned for a ChromeOS user. This contains information about the current user session.
"chromeOsDevice": { # Describes the ChromeOS device that a `CertificateProvisioningProcess` belongs to. # Output only. This field contains information about the ChromeOS device that the user session is running on. It is only set if the user is affiliated, i.e., if the user is managed by the same organization that manages the ChromeOS device.
"deviceDirectoryApiId": "A String", # Output only. The unique Directory API ID of the device. This value is the same as the Admin Console's Directory API ID in the ChromeOS Devices tab.
"serialNumber": "A String", # Output only. Device serial number. This value is the same as the Admin Console's Serial Number in the ChromeOS Devices tab.
},
"userDirectoryApiId": "A String", # Output only. The unique Directory API ID of the user.
"userPrimaryEmail": "A String", # Output only. The primary e-mail address of the user.
},
"failureMessage": "A String", # Output only. A message describing why this `CertificateProvisioningProcess` has failed. Presence of this field indicates that the `CertificateProvisioningProcess` has failed.
"genericCaConnection": { # Describes a generic Certificate Authority Connection. # Output only. The CA connection is a generic CA connection.
"caConnectionAdapterConfigReference": "A String", # Output only. A string that references the administrator-provided configuration for the certification authority service.
},
"genericProfile": { # Describes a generic certificate provisioning profile. # Output only. The profile is a generic certificate provisioning profile.
"profileAdapterConfigReference": "A String", # Output only. A string that references the administrator-provided configuration for the certificate provisioning profile.
},
"issuedCertificate": "A String", # Output only. The issued certificate for this `CertificateProvisioningProcess` in PEM format.
"name": "A String", # Identifier. Resource name of the `CertificateProvisioningProcess`. The name pattern is given as `customers/{customer}/certificateProvisioningProcesses/{certificate_provisioning_process}` with `{customer}` being the obfuscated customer id and `{certificate_provisioning_process}` being the certificate provisioning process id.
"provisioningProfileId": "A String", # Output only. The ID of the certificate provisioning profile.
"scepCaConnection": { # Describes a SCEP Certificate Authority Connection. # Output only. The CA connection is a SCEP CA connection.
"caConnectionAdapterConfigReference": "A String", # Output only. A string that references the administrator-provided configuration for the certification authority service.
},
"scepProfile": { # Describes a SCEP certificate provisioning profile. # Output only. The profile is a SCEP certificate provisioning profile.
"certificateTemplateName": "A String", # Output only. The certificate template name as defined by the admin on their on-prem infrastructure. The Certificate Authority uses this name to identify the certificate template.
"country": "A String", # Output only. The country of the subject.
"keyUsages": [ # Output only. The allowed key usages for certificate's key.
"A String",
],
"locality": "A String", # Output only. The locality of the subject.
"organization": "A String", # Output only. The name of the organization the subject belongs to.
"organizationalUnits": [ # Output only. The organizational units of the subject.
"A String",
],
"state": "A String", # Output only. The state of the subject.
"subjectAltNames": [ # Output only. The subject alternative names.
{ # Describes a subject alternative name.
"type": "A String", # Output only. The type of the SubjectAltName extension.
"value": "A String", # Output only. The value of the subject alternative name with respect to the `type`.
},
],
"subjectCommonName": "A String", # Output only. The common name of the subject.
},
"signData": "A String", # Output only. The data that the client was asked to sign. This field is only present after the `SignData` operation has been initiated.
"signature": "A String", # Output only. The signature of `signature_algorithm`, generated using the client's private key using `signature_algorithm`. This field is only present after the `SignData` operation has finished.
"signatureAlgorithm": "A String", # Output only. The signature algorithm that the client and backend components use when processing `sign_data`. If the `profile_type` is a `GenericProfile`, this field will only be present after the `SignData` operation was initiated. If the `profile_type` is a `ScepProfile`, the field will always be present.
"startTime": "A String", # Output only. Server-generated timestamp of when the certificate provisioning process has been created.
"subjectPublicKeyInfo": "A String", # Output only. The public key for which a certificate should be provisioned. Represented as a DER-encoded X.509 SubjectPublicKeyInfo.
}

setFailure(name, body=None, x__xgafv=None)

Marks a certificate provisioning process as failed.

Args:
  name: string, Required. Resource name of the `CertificateProvisioningProcess` to return. The name pattern is given as `customers/{customer}/certificateProvisioningProcesses/{certificate_provisioning_process}` with `{customer}` being the obfuscated customer id and `{certificate_provisioning_process}` being the certificate provisioning process id. (required)
  body: object, The request body.
    The object takes the form of:

{ # Request message for marking a certificate provisioning process as failed.
  "errorMessage": "A String", # Required. A message describing the failure details. It is displayed on the ChromeOS client device.
}

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for publishing a failure for a certificate provisioning process.
}

signData(name, body=None, x__xgafv=None)

Requests the client that initiated a certificate provisioning process to sign data. This should only be called after `ClaimCertificateProvisioningProcess` has been successfully executed.

Args:
name: string, Required. Resource name of the `CertificateProvisioningProcess` to return. The name pattern is given as `customers/{customer}/certificateProvisioningProcesses/{certificate_provisioning_process}` with `{customer}` being the obfuscated customer id and `{certificate_provisioning_process}` being the certificate provisioning process id. (required)
body: object, The request body.
The object takes the form of:

{ # Request message for requesting a signature from the client that initated a certificate provisioning process.
"signData": "A String", # Required. The data that the client was asked to sign.
"signatureAlgorithm": "A String", # Required. The signature algorithm that the adapter expects the client and backend components to use when processing `sign_data`.
}

x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format

Returns:
An object of the form:

{ # This resource represents a long-running operation that is the result of a network API call.
"done": True or False, # If the value is `false`, it means the operation is still in progress. If `true`, the operation is completed, and either `error` or `response` is available.
"error": { # The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors). # The error result of the operation in case of failure or cancellation.
"code": 42, # The status code, which should be an enum value of google.rpc.Code.
"details": [ # A list of messages that carry the error details. There is a common set of message types for APIs to use.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
"message": "A String", # A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
},
"metadata": { # Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
"name": "A String", # The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the `name` should be a resource name ending with `operations/{unique_id}`.
"response": { # The normal, successful response of the operation. If the original method returns no data on success, such as `Delete`, the response is `google.protobuf.Empty`. If the original method is standard `Get`/`Create`/`Update`, the response should be the resource. For other methods, the response should have the type `XxxResponse`, where `Xxx` is the original method name. For example, if the original method name is `TakeSnapshot()`, the inferred response type is `TakeSnapshotResponse`.
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
}

Chrome Management API . customers . certificateProvisioningProcesses

Instance Methods

Method Details