feat: [google-cloud-confidentialcomputing] Add a new field `token_typ…

…e` to `TokenOptions` message proto (#12011)

- [ ] Regenerate this pull request now.

chore: remove backend configuration from the service config

PiperOrigin-RevId: 581042395

Source-Link:
googleapis/googleapis@2a4cbb9

Source-Link:
googleapis/googleapis-gen@a8d92b2
Copy-Tag:
eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLWNvbmZpZGVudGlhbGNvbXB1dGluZy8uT3dsQm90LnlhbWwiLCJoIjoiYThkOTJiMjU0Y2Y4OWQxYzMxMGFlNTgxNjdmZGQxZmQzZDFkNGQwMyJ9

---------

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

packages/google-cloud-confidentialcomputing/google/cloud/confidentialcomputing/__init__.py

@@ -33,6 +33,7 @@
     SignedEntity,
     SigningAlgorithm,
     TokenOptions,
+    TokenType,
     TpmAttestation,
     VerifyAttestationRequest,
     VerifyAttestationResponse,
@@ -52,4 +53,5 @@
     "VerifyAttestationRequest",
     "VerifyAttestationResponse",
     "SigningAlgorithm",
+    "TokenType",
 )

packages/google-cloud-confidentialcomputing/google/cloud/confidentialcomputing_v1/__init__.py

@@ -31,6 +31,7 @@
     SignedEntity,
     SigningAlgorithm,
     TokenOptions,
+    TokenType,
     TpmAttestation,
     VerifyAttestationRequest,
     VerifyAttestationResponse,
@@ -47,6 +48,7 @@
     "SignedEntity",
     "SigningAlgorithm",
     "TokenOptions",
+    "TokenType",
     "TpmAttestation",
     "VerifyAttestationRequest",
     "VerifyAttestationResponse",

packages/google-cloud-confidentialcomputing/google/cloud/confidentialcomputing_v1/types/__init__.py

@@ -22,6 +22,7 @@
     SignedEntity,
     SigningAlgorithm,
     TokenOptions,
+    TokenType,
     TpmAttestation,
     VerifyAttestationRequest,
     VerifyAttestationResponse,
@@ -39,4 +40,5 @@
     "VerifyAttestationRequest",
     "VerifyAttestationResponse",
     "SigningAlgorithm",
+    "TokenType",
 )

packages/google-cloud-confidentialcomputing/google/cloud/confidentialcomputing_v1/types/service.py

@@ -25,6 +25,7 @@
     package="google.cloud.confidentialcomputing.v1",
     manifest={
         "SigningAlgorithm",
+        "TokenType",
         "Challenge",
         "CreateChallengeRequest",
         "VerifyAttestationRequest",
@@ -60,6 +61,20 @@ class SigningAlgorithm(proto.Enum):
     ECDSA_P256_SHA256 = 3
 
 
+class TokenType(proto.Enum):
+    r"""Token type enum contains the different types of token
+    responses Confidential Space supports
+
+    Values:
+        TOKEN_TYPE_UNSPECIFIED (0):
+            Unspecified token type
+        TOKEN_TYPE_OIDC (1):
+            OpenID Connect (OIDC) token type
+    """
+    TOKEN_TYPE_UNSPECIFIED = 0
+    TOKEN_TYPE_OIDC = 1
+
+
 class Challenge(proto.Message):
     r"""A Challenge from the server used to guarantee freshness of
     attestations
@@ -240,6 +255,9 @@ class TokenOptions(proto.Message):
             the eat_nonce claim in the output token. The minimum size
             for JSON-encoded EATs is 10 bytes and the maximum size is 74
             bytes.
+        token_type (google.cloud.confidentialcomputing_v1.types.TokenType):
+            Optional. Optional token type to select what
+            type of token to return.
     """
 
     audience: str = proto.Field(
@@ -250,6 +268,11 @@ class TokenOptions(proto.Message):
         proto.STRING,
         number=2,
     )
+    token_type: "TokenType" = proto.Field(
+        proto.ENUM,
+        number=3,
+        enum="TokenType",
+    )
 
 
 class TpmAttestation(proto.Message):

packages/google-cloud-confidentialcomputing/noxfile.py

@@ -29,8 +29,10 @@
 
 BLACK_VERSION = "black[jupyter]==23.7.0"
 ISORT_VERSION = "isort==5.11.0"
+
 LINT_PATHS = ["docs", "google", "tests", "noxfile.py", "setup.py"]
 
+
 DEFAULT_PYTHON_VERSION = "3.10"
 
 UNIT_TEST_PYTHON_VERSIONS: List[str] = ["3.7", "3.8", "3.9", "3.10", "3.11"]
@@ -89,6 +91,7 @@ def lint(session):
         "--check",
         *LINT_PATHS,
     )
+
     session.run("flake8", "google", "tests")