Regenerate networksecurity client (#8359)

Generated in GitHub action: https://togithub.com/googleapis/googleapis/google-api-php-client-services/actions/workflows/codegen.yaml

Author: yoshi-code-bot

src/NetworkSecurity/AuthzPolicy.php

@@ -35,6 +35,25 @@ class AuthzPolicy extends \Google\Collection
    * Delegate the authorization decision to an external authorization engine.
    */
   public const ACTION_CUSTOM = 'CUSTOM';
+  /**
+   * Unspecified policy profile.
+   */
+  public const POLICY_PROFILE_POLICY_PROFILE_UNSPECIFIED = 'POLICY_PROFILE_UNSPECIFIED';
+  /**
+   * Applies to request authorization. `CUSTOM` authorization policies with
+   * Authz extensions will be allowed with `EXT_AUTHZ_GRPC` or `EXT_PROC_GRPC`
+   * protocols. Extensions are invoked only for request header events.
+   */
+  public const POLICY_PROFILE_REQUEST_AUTHZ = 'REQUEST_AUTHZ';
+  /**
+   * Applies to content security, sanitization, etc. Only `CUSTOM` action is
+   * allowed in this policy profile. AuthzExtensions in the custom provider must
+   * support `EXT_PROC_GRPC` protocol only and be capable of receiving all
+   * `EXT_PROC_GRPC` events (REQUEST_HEADERS, REQUEST_BODY, REQUEST_TRAILERS,
+   * RESPONSE_HEADERS, RESPONSE_BODY, RESPONSE_TRAILERS) with
+   * `FULL_DUPLEX_STREAMED` body send mode.
+   */
+  public const POLICY_PROFILE_CONTENT_AUTHZ = 'CONTENT_AUTHZ';
   protected $collection_key = 'httpRules';
   /**
    * Required. Can be one of `ALLOW`, `DENY`, `CUSTOM`. When the action is
@@ -86,6 +105,14 @@ class AuthzPolicy extends \Google\Collection
    * @var string
    */
   public $name;
+  /**
+   * Optional. Immutable. Defines the type of authorization being performed. If
+   * not specified, `REQUEST_AUTHZ` is applied. This field cannot be changed
+   * once AuthzPolicy is created.
+   *
+   * @var string
+   */
+  public $policyProfile;
   protected $targetType = AuthzPolicyTarget::class;
   protected $targetDataType = '';
   /**
@@ -230,6 +257,26 @@ public function getName()
   {
     return $this->name;
   }
+  /**
+   * Optional. Immutable. Defines the type of authorization being performed. If
+   * not specified, `REQUEST_AUTHZ` is applied. This field cannot be changed
+   * once AuthzPolicy is created.
+   *
+   * Accepted values: POLICY_PROFILE_UNSPECIFIED, REQUEST_AUTHZ, CONTENT_AUTHZ
+   *
+   * @param self::POLICY_PROFILE_* $policyProfile
+   */
+  public function setPolicyProfile($policyProfile)
+  {
+    $this->policyProfile = $policyProfile;
+  }
+  /**
+   * @return self::POLICY_PROFILE_*
+   */
+  public function getPolicyProfile()
+  {
+    return $this->policyProfile;
+  }
   /**
    * Required. Specifies the set of resources to which this policy should be
    * applied to.

src/NetworkSecurity/AuthzPolicyAuthzRuleToRequestOperation.php

@@ -24,6 +24,8 @@ class AuthzPolicyAuthzRuleToRequestOperation extends \Google\Collection
   protected $headerSetDataType = '';
   protected $hostsType = AuthzPolicyAuthzRuleStringMatch::class;
   protected $hostsDataType = 'array';
+  protected $mcpType = AuthzPolicyAuthzRuleToRequestOperationMCP::class;
+  protected $mcpDataType = '';
   /**
    * Optional. A list of HTTP methods to match against. Each entry must be a
    * valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, OPTIONS). It
@@ -71,6 +73,25 @@ public function getHosts()
   {
     return $this->hosts;
   }
+  /**
+   * Optional. Defines the MCP protocol attributes to match on. If the MCP
+   * payload in the request body cannot be successfully parsed, the request will
+   * be denied. This field can be set only for AuthzPolicies targeting
+   * AgentGateway resources.
+   *
+   * @param AuthzPolicyAuthzRuleToRequestOperationMCP $mcp
+   */
+  public function setMcp(AuthzPolicyAuthzRuleToRequestOperationMCP $mcp)
+  {
+    $this->mcp = $mcp;
+  }
+  /**
+   * @return AuthzPolicyAuthzRuleToRequestOperationMCP
+   */
+  public function getMcp()
+  {
+    return $this->mcp;
+  }
   /**
    * Optional. A list of HTTP methods to match against. Each entry must be a
    * valid HTTP method name (GET, PUT, POST, HEAD, PATCH, DELETE, OPTIONS). It

src/NetworkSecurity/AuthzPolicyAuthzRuleToRequestOperationMCP.php

@@ -0,0 +1,90 @@
+<?php
+/*
+ * Copyright 2014 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+namespace Google\Service\NetworkSecurity;
+
+class AuthzPolicyAuthzRuleToRequestOperationMCP extends \Google\Collection
+{
+  /**
+   * Unspecified option. Defaults to SKIP_BASE_PROTOCOL_METHODS.
+   */
+  public const BASE_PROTOCOL_METHODS_OPTION_BASE_PROTOCOL_METHODS_OPTION_UNSPECIFIED = 'BASE_PROTOCOL_METHODS_OPTION_UNSPECIFIED';
+  /**
+   * Skip matching on the base MCP protocol methods.
+   */
+  public const BASE_PROTOCOL_METHODS_OPTION_SKIP_BASE_PROTOCOL_METHODS = 'SKIP_BASE_PROTOCOL_METHODS';
+  /**
+   * Match on the base MCP protocol methods.
+   */
+  public const BASE_PROTOCOL_METHODS_OPTION_MATCH_BASE_PROTOCOL_METHODS = 'MATCH_BASE_PROTOCOL_METHODS';
+  protected $collection_key = 'methods';
+  /**
+   * Optional. If specified, matches on the MCP protocol’s non-access specific
+   * methods namely: * initialize * completion/ * logging/ * notifications/ *
+   * ping Defaults to SKIP_BASE_PROTOCOL_METHODS if not specified.
+   *
+   * @var string
+   */
+  public $baseProtocolMethodsOption;
+  protected $methodsType = AuthzPolicyAuthzRuleToRequestOperationMCPMethod::class;
+  protected $methodsDataType = 'array';
+
+  /**
+   * Optional. If specified, matches on the MCP protocol’s non-access specific
+   * methods namely: * initialize * completion/ * logging/ * notifications/ *
+   * ping Defaults to SKIP_BASE_PROTOCOL_METHODS if not specified.
+   *
+   * Accepted values: BASE_PROTOCOL_METHODS_OPTION_UNSPECIFIED,
+   * SKIP_BASE_PROTOCOL_METHODS, MATCH_BASE_PROTOCOL_METHODS
+   *
+   * @param self::BASE_PROTOCOL_METHODS_OPTION_* $baseProtocolMethodsOption
+   */
+  public function setBaseProtocolMethodsOption($baseProtocolMethodsOption)
+  {
+    $this->baseProtocolMethodsOption = $baseProtocolMethodsOption;
+  }
+  /**
+   * @return self::BASE_PROTOCOL_METHODS_OPTION_*
+   */
+  public function getBaseProtocolMethodsOption()
+  {
+    return $this->baseProtocolMethodsOption;
+  }
+  /**
+   * Optional. A list of MCP methods and associated parameters to match on. It
+   * is recommended to use this field to match on tools, prompts and resource
+   * accesses while setting the baseProtocolMethodsOption to
+   * MATCH_BASE_PROTOCOL_METHODS to match on all the other MCP protocol methods.
+   * Limited to 10 MCP methods per Authorization Policy.
+   *
+   * @param AuthzPolicyAuthzRuleToRequestOperationMCPMethod[] $methods
+   */
+  public function setMethods($methods)
+  {
+    $this->methods = $methods;
+  }
+  /**
+   * @return AuthzPolicyAuthzRuleToRequestOperationMCPMethod[]
+   */
+  public function getMethods()
+  {
+    return $this->methods;
+  }
+}
+
+// Adding a class alias for backwards compatibility with the previous class name.
+class_alias(AuthzPolicyAuthzRuleToRequestOperationMCP::class, 'Google_Service_NetworkSecurity_AuthzPolicyAuthzRuleToRequestOperationMCP');

src/NetworkSecurity/AuthzPolicyAuthzRuleToRequestOperationMCPMethod.php

@@ -0,0 +1,80 @@
+<?php
+/*
+ * Copyright 2014 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+namespace Google\Service\NetworkSecurity;
+
+class AuthzPolicyAuthzRuleToRequestOperationMCPMethod extends \Google\Collection
+{
+  protected $collection_key = 'params';
+  /**
+   * Required. The MCP method to match against. Allowed values are as follows:
+   * 1. `tools`, `prompts`, `resources` - these will match against all sub
+   * methods under the respective methods. 2. `prompts/list`, `tools/list`,
+   * `resources/list`, `resources/templates/list` 3. `prompts/get`,
+   * `tools/call`, `resources/subscribe`, `resources/unsubscribe`,
+   * `resources/read` Params cannot be specified for categories 1 and 2.
+   *
+   * @var string
+   */
+  public $name;
+  protected $paramsType = AuthzPolicyAuthzRuleStringMatch::class;
+  protected $paramsDataType = 'array';
+
+  /**
+   * Required. The MCP method to match against. Allowed values are as follows:
+   * 1. `tools`, `prompts`, `resources` - these will match against all sub
+   * methods under the respective methods. 2. `prompts/list`, `tools/list`,
+   * `resources/list`, `resources/templates/list` 3. `prompts/get`,
+   * `tools/call`, `resources/subscribe`, `resources/unsubscribe`,
+   * `resources/read` Params cannot be specified for categories 1 and 2.
+   *
+   * @param string $name
+   */
+  public function setName($name)
+  {
+    $this->name = $name;
+  }
+  /**
+   * @return string
+   */
+  public function getName()
+  {
+    return $this->name;
+  }
+  /**
+   * Optional. A list of MCP method parameters to match against. The match can
+   * be one of exact, prefix, suffix, or contains (substring match). Matches are
+   * always case sensitive unless the ignoreCase is set. Limited to 10 MCP
+   * method parameters per Authorization Policy.
+   *
+   * @param AuthzPolicyAuthzRuleStringMatch[] $params
+   */
+  public function setParams($params)
+  {
+    $this->params = $params;
+  }
+  /**
+   * @return AuthzPolicyAuthzRuleStringMatch[]
+   */
+  public function getParams()
+  {
+    return $this->params;
+  }
+}
+
+// Adding a class alias for backwards compatibility with the previous class name.
+class_alias(AuthzPolicyAuthzRuleToRequestOperationMCPMethod::class, 'Google_Service_NetworkSecurity_AuthzPolicyAuthzRuleToRequestOperationMCPMethod');

src/NetworkSecurity/AuthzPolicyTarget.php

@@ -40,7 +40,7 @@ class AuthzPolicyTarget extends \Google\Collection
   public const LOAD_BALANCING_SCHEME_INTERNAL_SELF_MANAGED = 'INTERNAL_SELF_MANAGED';
   protected $collection_key = 'resources';
   /**
-   * Required. All gateways and forwarding rules referenced by this policy and
+   * Optional. All gateways and forwarding rules referenced by this policy and
    * extensions must share the same load balancing scheme. Supported values:
    * `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For more information, refer to
    * [Backend services overview](https://cloud.google.com/load-
@@ -58,7 +58,7 @@ class AuthzPolicyTarget extends \Google\Collection
   public $resources;
 
   /**
-   * Required. All gateways and forwarding rules referenced by this policy and
+   * Optional. All gateways and forwarding rules referenced by this policy and
    * extensions must share the same load balancing scheme. Supported values:
    * `INTERNAL_MANAGED` and `EXTERNAL_MANAGED`. For more information, refer to
    * [Backend services overview](https://cloud.google.com/load-

src/NetworkSecurity/FirewallEndpoint.php

@@ -54,7 +54,9 @@ class FirewallEndpoint extends \Google\Collection
   protected $associationsType = FirewallEndpointAssociationReference::class;
   protected $associationsDataType = 'array';
   /**
-   * Required. Project to bill on endpoint uptime usage.
+   * Optional. Project to charge for the deployed firewall endpoint. This field
+   * must be specified when creating the endpoint in the organization scope, and
+   * should be omitted otherwise.
    *
    * @var string
    */
@@ -158,7 +160,9 @@ public function getAssociations()
     return $this->associations;
   }
   /**
-   * Required. Project to bill on endpoint uptime usage.
+   * Optional. Project to charge for the deployed firewall endpoint. This field
+   * must be specified when creating the endpoint in the organization scope, and
+   * should be omitted otherwise.
    *
    * @param string $billingProjectId
    */

src/NetworkSecurity/InterceptEndpointGroupAssociation.php

@@ -98,6 +98,14 @@ class InterceptEndpointGroupAssociation extends \Google\Collection
    * @var string
    */
   public $network;
+  /**
+   * Output only. Identifier used by the data-path. See the NSI GENEVE format
+   * for more details: https://docs.cloud.google.com/network-security-
+   * integration/docs/understand-geneve#network_id
+   *
+   * @var string
+   */
+  public $networkCookie;
   /**
    * Output only. The current state of the resource does not match the user's
    * intended state, and the system is working to reconcile them. This part of
@@ -248,6 +256,24 @@ public function getNetwork()
   {
     return $this->network;
   }
+  /**
+   * Output only. Identifier used by the data-path. See the NSI GENEVE format
+   * for more details: https://docs.cloud.google.com/network-security-
+   * integration/docs/understand-geneve#network_id
+   *
+   * @param string $networkCookie
+   */
+  public function setNetworkCookie($networkCookie)
+  {
+    $this->networkCookie = $networkCookie;
+  }
+  /**
+   * @return string
+   */
+  public function getNetworkCookie()
+  {
+    return $this->networkCookie;
+  }
   /**
    * Output only. The current state of the resource does not match the user's
    * intended state, and the system is working to reconcile them. This part of

src/NetworkSecurity/Resource/ProjectsLocations.php

@@ -46,11 +46,16 @@ public function get($name, $optParams = [])
   }
   /**
    * Lists information about the supported locations for this service. This method
-   * can be called in two ways: * **List all public locations:** Use the path `GET
-   * /v1/locations`. * **List project-visible locations:** Use the path `GET
-   * /v1/projects/{project_id}/locations`. This may include public locations as
-   * well as private or other locations specifically visible to the project.
-   * (locations.listProjectsLocations)
+   * lists locations based on the resource scope provided in the
+   * [ListLocationsRequest.name] field: * **Global locations**: If `name` is
+   * empty, the method lists the public locations available to all projects. *
+   * **Project-specific locations**: If `name` follows the format
+   * `projects/{project}`, the method lists locations visible to that specific
+   * project. This includes public, private, or other project-specific locations
+   * enabled for the project. For gRPC and client library implementations, the
+   * resource name is passed as the `name` field. For direct service calls, the
+   * resource name is incorporated into the request path based on the specific
+   * service implementation and version. (locations.listProjectsLocations)
    *
    * @param string $name The resource that owns the locations collection, if
    * applicable.