# frozen_string_literal: true # Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Auto-generated by gapic-generator-ruby. DO NOT EDIT! module Google module Cloud module RecaptchaEnterprise module V1 # The create assessment request message. # @!attribute [rw] parent # @return [::String] # Required. The name of the project in which the assessment will be created, # in the format "projects/\\{project}". # @!attribute [rw] assessment # @return [::Google::Cloud::RecaptchaEnterprise::V1::Assessment] # Required. The assessment details. class CreateAssessmentRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Describes an event in the lifecycle of a payment transaction. # @!attribute [rw] event_type # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionEvent::TransactionEventType] # Optional. The type of this transaction event. # @!attribute [rw] reason # @return [::String] # Optional. The reason or standardized code that corresponds with this # transaction event, if one exists. For example, a CHARGEBACK event with code # 6005. # @!attribute [rw] value # @return [::Float] # Optional. The value that corresponds with this transaction event, if one # exists. For example, a refund event where $5.00 was refunded. Currency is # obtained from the original transaction data. # @!attribute [rw] event_time # @return [::Google::Protobuf::Timestamp] # Optional. Timestamp when this transaction event occurred; otherwise assumed # to be the time of the API call. class TransactionEvent include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Enum that represents an event in the payment transaction lifecycle. module TransactionEventType # Default, unspecified event type. TRANSACTION_EVENT_TYPE_UNSPECIFIED = 0 # Indicates that the transaction is approved by the merchant. The # accompanying reasons can include terms such as 'INHOUSE', 'ACCERTIFY', # 'CYBERSOURCE', or 'MANUAL_REVIEW'. MERCHANT_APPROVE = 1 # Indicates that the transaction is denied and concluded due to risks # detected by the merchant. The accompanying reasons can include terms such # as 'INHOUSE', 'ACCERTIFY', 'CYBERSOURCE', or 'MANUAL_REVIEW'. MERCHANT_DENY = 2 # Indicates that the transaction is being evaluated by a human, due to # suspicion or risk. MANUAL_REVIEW = 3 # Indicates that the authorization attempt with the card issuer succeeded. AUTHORIZATION = 4 # Indicates that the authorization attempt with the card issuer failed. # The accompanying reasons can include Visa's '54' indicating that the card # is expired, or '82' indicating that the CVV is incorrect. AUTHORIZATION_DECLINE = 5 # Indicates that the transaction is completed because the funds were # settled. PAYMENT_CAPTURE = 6 # Indicates that the transaction could not be completed because the funds # were not settled. PAYMENT_CAPTURE_DECLINE = 7 # Indicates that the transaction has been canceled. Specify the reason # for the cancellation. For example, 'INSUFFICIENT_INVENTORY'. CANCEL = 8 # Indicates that the merchant has received a chargeback inquiry due to # fraud for the transaction, requesting additional information before a # fraud chargeback is officially issued and a formal chargeback # notification is sent. CHARGEBACK_INQUIRY = 9 # Indicates that the merchant has received a chargeback alert due to fraud # for the transaction. The process of resolving the dispute without # involving the payment network is started. CHARGEBACK_ALERT = 10 # Indicates that a fraud notification is issued for the transaction, sent # by the payment instrument's issuing bank because the transaction appears # to be fraudulent. We recommend including TC40 or SAFE data in the # `reason` field for this event type. For partial chargebacks, we recommend # that you include an amount in the `value` field. FRAUD_NOTIFICATION = 11 # Indicates that the merchant is informed by the payment network that the # transaction has entered the chargeback process due to fraud. Reason code # examples include Discover's '6005' and '6041'. For partial chargebacks, # we recommend that you include an amount in the `value` field. CHARGEBACK = 12 # Indicates that the transaction has entered the chargeback process due to # fraud, and that the merchant has chosen to enter representment. Reason # examples include Discover's '6005' and '6041'. For partial chargebacks, # we recommend that you include an amount in the `value` field. CHARGEBACK_REPRESENTMENT = 13 # Indicates that the transaction has had a fraud chargeback which was # illegitimate and was reversed as a result. For partial chargebacks, we # recommend that you include an amount in the `value` field. CHARGEBACK_REVERSE = 14 # Indicates that the merchant has received a refund for a completed # transaction. For partial refunds, we recommend that you include an amount # in the `value` field. Reason example: 'TAX_EXEMPT' (partial refund of # exempt tax) REFUND_REQUEST = 15 # Indicates that the merchant has received a refund request for this # transaction, but that they have declined it. For partial refunds, we # recommend that you include an amount in the `value` field. Reason # example: 'TAX_EXEMPT' (partial refund of exempt tax) REFUND_DECLINE = 16 # Indicates that the completed transaction was refunded by the merchant. # For partial refunds, we recommend that you include an amount in the # `value` field. Reason example: 'TAX_EXEMPT' (partial refund of exempt # tax) REFUND = 17 # Indicates that the completed transaction was refunded by the merchant, # and that this refund was reversed. For partial refunds, we recommend that # you include an amount in the `value` field. REFUND_REVERSE = 18 end end # The request message to annotate an Assessment. # @!attribute [rw] name # @return [::String] # Required. The resource name of the Assessment, in the format # "projects/\\{project}/assessments/\\{assessment}". # @!attribute [rw] annotation # @return [::Google::Cloud::RecaptchaEnterprise::V1::AnnotateAssessmentRequest::Annotation] # Optional. The annotation that will be assigned to the Event. This field can # be left empty to provide reasons that apply to an event without concluding # whether the event is legitimate or fraudulent. # @!attribute [rw] reasons # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::AnnotateAssessmentRequest::Reason>] # Optional. Optional reasons for the annotation that will be assigned to the # Event. # @!attribute [rw] hashed_account_id # @return [::String] # Optional. Unique stable hashed user identifier to apply to the assessment. # This is an alternative to setting the hashed_account_id in # CreateAssessment, for example when the account identifier is not yet known # in the initial request. It is recommended that the identifier is hashed # using hmac-sha256 with stable secret. # @!attribute [rw] transaction_event # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionEvent] # Optional. If the assessment is part of a payment transaction, provide # details on payment lifecycle events that occur in the transaction. class AnnotateAssessmentRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Enum that represents the types of annotations. module Annotation # Default unspecified type. ANNOTATION_UNSPECIFIED = 0 # Provides information that the event turned out to be legitimate. LEGITIMATE = 1 # Provides information that the event turned out to be fraudulent. FRAUDULENT = 2 # Provides information that the event was related to a login event in which # the user typed the correct password. Deprecated, prefer indicating # CORRECT_PASSWORD through the reasons field instead. PASSWORD_CORRECT = 3 # Provides information that the event was related to a login event in which # the user typed the incorrect password. Deprecated, prefer indicating # INCORRECT_PASSWORD through the reasons field instead. PASSWORD_INCORRECT = 4 end # Enum that represents potential reasons for annotating an assessment. module Reason # Default unspecified reason. REASON_UNSPECIFIED = 0 # Indicates that the transaction had a chargeback issued with no other # details. When possible, specify the type by using CHARGEBACK_FRAUD or # CHARGEBACK_DISPUTE instead. CHARGEBACK = 1 # Indicates that the transaction had a chargeback issued related to an # alleged unauthorized transaction from the cardholder's perspective (for # example, the card number was stolen). CHARGEBACK_FRAUD = 8 # Indicates that the transaction had a chargeback issued related to the # cardholder having provided their card details but allegedly not being # satisfied with the purchase (for example, misrepresentation, attempted # cancellation). CHARGEBACK_DISPUTE = 9 # Indicates that the completed payment transaction was refunded by the # seller. REFUND = 10 # Indicates that the completed payment transaction was determined to be # fraudulent by the seller, and was cancelled and refunded as a result. REFUND_FRAUD = 11 # Indicates that the payment transaction was accepted, and the user was # charged. TRANSACTION_ACCEPTED = 12 # Indicates that the payment transaction was declined, for example due to # invalid card details. TRANSACTION_DECLINED = 13 # Indicates the transaction associated with the assessment is suspected of # being fraudulent based on the payment method, billing details, shipping # address or other transaction information. PAYMENT_HEURISTICS = 2 # Indicates that the user was served a 2FA challenge. An old assessment # with `ENUM_VALUES.INITIATED_TWO_FACTOR` reason that has not been # overwritten with `PASSED_TWO_FACTOR` is treated as an abandoned 2FA flow. # This is equivalent to `FAILED_TWO_FACTOR`. INITIATED_TWO_FACTOR = 7 # Indicates that the user passed a 2FA challenge. PASSED_TWO_FACTOR = 3 # Indicates that the user failed a 2FA challenge. FAILED_TWO_FACTOR = 4 # Indicates the user provided the correct password. CORRECT_PASSWORD = 5 # Indicates the user provided an incorrect password. INCORRECT_PASSWORD = 6 # Indicates that the user sent unwanted and abusive messages to other users # of the platform, such as spam, scams, phishing, or social engineering. SOCIAL_SPAM = 14 end end # Empty response for AnnotateAssessment. class AnnotateAssessmentResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Information about a verification endpoint that can be used for 2FA. # @!attribute [rw] email_address # @return [::String] # Email address for which to trigger a verification request. # @!attribute [rw] phone_number # @return [::String] # Phone number for which to trigger a verification request. Should be given # in E.164 format. # @!attribute [r] request_token # @return [::String] # Output only. Token to provide to the client to trigger endpoint # verification. It must be used within 15 minutes. # @!attribute [r] last_verification_time # @return [::Google::Protobuf::Timestamp] # Output only. Timestamp of the last successful verification for the # endpoint, if any. class EndpointVerificationInfo include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Information about account verification, used for identity verification. # @!attribute [rw] endpoints # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::EndpointVerificationInfo>] # Endpoints that can be used for identity verification. # @!attribute [rw] language_code # @return [::String] # Language code preference for the verification message, set as a IETF BCP 47 # language code. # @!attribute [r] latest_verification_result # @return [::Google::Cloud::RecaptchaEnterprise::V1::AccountVerificationInfo::Result] # Output only. Result of the latest account verification challenge. # @!attribute [rw] username # @return [::String] # Username of the account that is being verified. Deprecated. Customers # should now provide the hashed account ID field in Event. class AccountVerificationInfo include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Result of the account verification as contained in the verdict token issued # at the end of the verification flow. module Result # No information about the latest account verification. RESULT_UNSPECIFIED = 0 # The user was successfully verified. This means the account verification # challenge was successfully completed. SUCCESS_USER_VERIFIED = 1 # The user failed the verification challenge. ERROR_USER_NOT_VERIFIED = 2 # The site is not properly onboarded to use the account verification # feature. ERROR_SITE_ONBOARDING_INCOMPLETE = 3 # The recipient is not allowed for account verification. This can occur # during integration but should not occur in production. ERROR_RECIPIENT_NOT_ALLOWED = 4 # The recipient has already been sent too many verification codes in a # short amount of time. ERROR_RECIPIENT_ABUSE_LIMIT_EXHAUSTED = 5 # The verification flow could not be completed due to a critical internal # error. ERROR_CRITICAL_INTERNAL = 6 # The client has exceeded their two factor request quota for this period of # time. ERROR_CUSTOMER_QUOTA_EXHAUSTED = 7 # The request cannot be processed at the time because of an incident. This # bypass can be restricted to a problematic destination email domain, a # customer, or could affect the entire service. ERROR_VERIFICATION_BYPASSED = 8 # The request parameters do not match with the token provided and cannot be # processed. ERROR_VERDICT_MISMATCH = 9 end end # Private password leak verification info. # @!attribute [rw] lookup_hash_prefix # @return [::String] # Optional. Exactly 26-bit prefix of the SHA-256 hash of the canonicalized # username. It is used to look up password leaks associated with that hash # prefix. # @!attribute [rw] encrypted_user_credentials_hash # @return [::String] # Optional. Encrypted Scrypt hash of the canonicalized username+password. It # is re-encrypted by the server and returned through # `reencrypted_user_credentials_hash`. # @!attribute [r] encrypted_leak_match_prefixes # @return [::Array<::String>] # Output only. List of prefixes of the encrypted potential password leaks # that matched the given parameters. They must be compared with the # client-side decryption prefix of `reencrypted_user_credentials_hash` # @!attribute [r] reencrypted_user_credentials_hash # @return [::String] # Output only. Corresponds to the re-encryption of the # `encrypted_user_credentials_hash` field. It is used to match potential # password leaks within `encrypted_leak_match_prefixes`. class PrivatePasswordLeakVerification include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A reCAPTCHA Enterprise assessment resource. # @!attribute [r] name # @return [::String] # Output only. The resource name for the Assessment in the format # "projects/\\{project}/assessments/\\{assessment}". # @!attribute [rw] event # @return [::Google::Cloud::RecaptchaEnterprise::V1::Event] # The event being assessed. # @!attribute [r] risk_analysis # @return [::Google::Cloud::RecaptchaEnterprise::V1::RiskAnalysis] # Output only. The risk analysis result for the event being assessed. # @!attribute [r] token_properties # @return [::Google::Cloud::RecaptchaEnterprise::V1::TokenProperties] # Output only. Properties of the provided event token. # @!attribute [rw] account_verification # @return [::Google::Cloud::RecaptchaEnterprise::V1::AccountVerificationInfo] # Account verification information for identity verification. The assessment # event must include a token and site key to use this feature. # @!attribute [rw] account_defender_assessment # @return [::Google::Cloud::RecaptchaEnterprise::V1::AccountDefenderAssessment] # Assessment returned by account defender when a hashed_account_id is # provided. # @!attribute [rw] private_password_leak_verification # @return [::Google::Cloud::RecaptchaEnterprise::V1::PrivatePasswordLeakVerification] # The private password leak verification field contains the parameters that # are used to to check for leaks privately without sharing user credentials. # @!attribute [rw] fraud_prevention_assessment # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment] # Assessment returned by Fraud Prevention when TransactionData is provided. class Assessment include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The event being assessed. # @!attribute [rw] token # @return [::String] # Optional. The user response token provided by the reCAPTCHA Enterprise # client-side integration on your site. # @!attribute [rw] site_key # @return [::String] # Optional. The site key that was used to invoke reCAPTCHA Enterprise on your # site and generate the token. # @!attribute [rw] user_agent # @return [::String] # Optional. The user agent present in the request from the user's device # related to this event. # @!attribute [rw] user_ip_address # @return [::String] # Optional. The IP address in the request from the user's device related to # this event. # @!attribute [rw] expected_action # @return [::String] # Optional. The expected action for this type of event. This should be the # same action provided at token generation time on client-side platforms # already integrated with recaptcha enterprise. # @!attribute [rw] hashed_account_id # @return [::String] # Optional. Unique stable hashed user identifier for the request. The # identifier must be hashed using hmac-sha256 with stable secret. # @!attribute [rw] transaction_data # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData] # Optional. Data describing a payment transaction to be assessed. Sending # this data enables reCAPTCHA Enterprise Fraud Prevention and the # FraudPreventionAssessment component in the response. class Event include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Transaction data associated with a payment protected by reCAPTCHA Enterprise. # All fields are optional. # @!attribute [rw] transaction_id # @return [::String] # Unique identifier for the transaction. This custom identifier can be used # to reference this transaction in the future, for example, labeling a refund # or chargeback event. Two attempts at the same transaction should use the # same transaction id. # @!attribute [rw] payment_method # @return [::String] # The payment method for the transaction. The allowed values are: # # * credit-card # * debit-card # * gift-card # * processor-\\{name} (If a third-party is used, for example, # processor-paypal) # * custom-\\{name} (If an alternative method is used, for example, # custom-crypto) # @!attribute [rw] card_bin # @return [::String] # The Bank Identification Number - generally the first 6 or 8 digits of the # card. # @!attribute [rw] card_last_four # @return [::String] # The last four digits of the card. # @!attribute [rw] currency_code # @return [::String] # The currency code in ISO-4217 format. # @!attribute [rw] value # @return [::Float] # The decimal value of the transaction in the specified currency. # @!attribute [rw] shipping_value # @return [::Float] # The value of shipping in the specified currency. 0 for free or no shipping. # @!attribute [rw] shipping_address # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::Address] # Destination address if this transaction involves shipping a physical item. # @!attribute [rw] billing_address # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::Address] # Address associated with the payment method when applicable. # @!attribute [rw] user # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::User] # Information about the user paying/initiating the transaction. # @!attribute [rw] merchants # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::User>] # Information about the user or users fulfilling the transaction. # @!attribute [rw] items # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::Item>] # Items purchased in this transaction. # @!attribute [rw] gateway_info # @return [::Google::Cloud::RecaptchaEnterprise::V1::TransactionData::GatewayInfo] # Information about the payment gateway's response to the transaction. class TransactionData include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Structured address format for billing and shipping addresses. # @!attribute [rw] recipient # @return [::String] # The recipient name, potentially including information such as "care of". # @!attribute [rw] address # @return [::Array<::String>] # The first lines of the address. The first line generally contains the # street name and number, and further lines may include information such as # an apartment number. # @!attribute [rw] locality # @return [::String] # The town/city of the address. # @!attribute [rw] administrative_area # @return [::String] # The state, province, or otherwise administrative area of the address. # @!attribute [rw] region_code # @return [::String] # The CLDR country/region of the address. # @!attribute [rw] postal_code # @return [::String] # The postal or ZIP code of the address. class Address include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Details about a user's account involved in the transaction. # @!attribute [rw] account_id # @return [::String] # Unique account identifier for this user. If using account defender, # this should match the hashed_account_id field. Otherwise, a unique and # persistent identifier for this account. # @!attribute [rw] creation_ms # @return [::Integer] # The epoch milliseconds of the user's account creation. # @!attribute [rw] email # @return [::String] # The email address of the user. # @!attribute [rw] email_verified # @return [::Boolean] # Whether the email has been verified to be accessible by the user (OTP or # similar). # @!attribute [rw] phone_number # @return [::String] # The phone number of the user, with country code. # @!attribute [rw] phone_verified # @return [::Boolean] # Whether the phone number has been verified to be accessible by the user # (OTP or similar). class User include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Line items being purchased in this transaction. # @!attribute [rw] name # @return [::String] # The full name of the item. # @!attribute [rw] value # @return [::Float] # The value per item that the user is paying, in the transaction currency, # after discounts. # @!attribute [rw] quantity # @return [::Integer] # The quantity of this item that is being purchased. # @!attribute [rw] merchant_account_id # @return [::String] # When a merchant is specified, its corresponding account_id. Necessary to # populate marketplace-style transactions. class Item include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Details about the transaction from the gateway. # @!attribute [rw] name # @return [::String] # Name of the gateway service (for example, stripe, square, paypal). # @!attribute [rw] gateway_response_code # @return [::String] # Gateway response code describing the state of the transaction. # @!attribute [rw] avs_response_code # @return [::String] # AVS response code from the gateway # (available only when reCAPTCHA Enterprise is called after authorization). # @!attribute [rw] cvv_response_code # @return [::String] # CVV response code from the gateway # (available only when reCAPTCHA Enterprise is called after authorization). class GatewayInfo include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # Risk analysis result for an event. # @!attribute [rw] score # @return [::Float] # Legitimate event score from 0.0 to 1.0. # (1.0 means very likely legitimate traffic while 0.0 means very likely # non-legitimate traffic). # @!attribute [rw] reasons # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::RiskAnalysis::ClassificationReason>] # Reasons contributing to the risk analysis verdict. class RiskAnalysis include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Reasons contributing to the risk analysis verdict. module ClassificationReason # Default unspecified type. CLASSIFICATION_REASON_UNSPECIFIED = 0 # Interactions matched the behavior of an automated agent. AUTOMATION = 1 # The event originated from an illegitimate environment. UNEXPECTED_ENVIRONMENT = 2 # Traffic volume from the event source is higher than normal. TOO_MUCH_TRAFFIC = 3 # Interactions with the site were significantly different than expected # patterns. UNEXPECTED_USAGE_PATTERNS = 4 # Too little traffic has been received from this site thus far to generate # quality risk analysis. LOW_CONFIDENCE_SCORE = 5 # The request matches behavioral characteristics of a carding attack. SUSPECTED_CARDING = 6 # The request matches behavioral characteristics of chargebacks for fraud. SUSPECTED_CHARGEBACK = 7 end end # Properties of the provided event token. # @!attribute [rw] valid # @return [::Boolean] # Whether the provided user response token is valid. When valid = false, the # reason could be specified in invalid_reason or it could also be due to # a user failing to solve a challenge or a sitekey mismatch (i.e the sitekey # used to generate the token was different than the one specified in the # assessment). # @!attribute [rw] invalid_reason # @return [::Google::Cloud::RecaptchaEnterprise::V1::TokenProperties::InvalidReason] # Reason associated with the response when valid = false. # @!attribute [rw] create_time # @return [::Google::Protobuf::Timestamp] # The timestamp corresponding to the generation of the token. # @!attribute [rw] hostname # @return [::String] # The hostname of the page on which the token was generated (Web keys only). # @!attribute [rw] android_package_name # @return [::String] # The name of the Android package with which the token was generated (Android # keys only). # @!attribute [rw] ios_bundle_id # @return [::String] # The ID of the iOS bundle with which the token was generated (iOS keys # only). # @!attribute [rw] action # @return [::String] # Action name provided at token generation. class TokenProperties include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Enum that represents the types of invalid token reasons. module InvalidReason # Default unspecified type. INVALID_REASON_UNSPECIFIED = 0 # If the failure reason was not accounted for. UNKNOWN_INVALID_REASON = 1 # The provided user verification token was malformed. MALFORMED = 2 # The user verification token had expired. EXPIRED = 3 # The user verification had already been seen. DUPE = 4 # The user verification token was not present. MISSING = 5 # A retriable error (such as network failure) occurred on the browser. # Could easily be simulated by an attacker. BROWSER_ERROR = 6 end end # Assessment for Fraud Prevention. # @!attribute [rw] transaction_risk # @return [::Float] # Probability (0-1) of this transaction being fraudulent. Summarizes the # combined risk of attack vectors below. # @!attribute [rw] stolen_instrument_verdict # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment::StolenInstrumentVerdict] # Assessment of this transaction for risk of a stolen instrument. # @!attribute [rw] card_testing_verdict # @return [::Google::Cloud::RecaptchaEnterprise::V1::FraudPreventionAssessment::CardTestingVerdict] # Assessment of this transaction for risk of being part of a card testing # attack. class FraudPreventionAssessment include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Information about stolen instrument fraud, where the user is not the # legitimate owner of the instrument being used for the purchase. # @!attribute [rw] risk # @return [::Float] # Probability (0-1) of this transaction being executed with a stolen # instrument. class StolenInstrumentVerdict include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Information about card testing fraud, where an adversary is testing # fraudulently obtained cards or brute forcing their details. # @!attribute [rw] risk # @return [::Float] # Probability (0-1) of this transaction attempt being part of a card # testing attack. class CardTestingVerdict include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # Account defender risk assessment. # @!attribute [rw] labels # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::AccountDefenderAssessment::AccountDefenderLabel>] # Labels for this request. class AccountDefenderAssessment include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Labels returned by account defender for this request. module AccountDefenderLabel # Default unspecified type. ACCOUNT_DEFENDER_LABEL_UNSPECIFIED = 0 # The request matches a known good profile for the user. PROFILE_MATCH = 1 # The request is potentially a suspicious login event and must be further # verified either through multi-factor authentication or another system. SUSPICIOUS_LOGIN_ACTIVITY = 2 # The request matched a profile that previously had suspicious account # creation behavior. This can mean that this is a fake account. SUSPICIOUS_ACCOUNT_CREATION = 3 # The account in the request has a high number of related accounts. It does # not necessarily imply that the account is bad but can require further # investigation. RELATED_ACCOUNTS_NUMBER_HIGH = 4 end end # The create key request message. # @!attribute [rw] parent # @return [::String] # Required. The name of the project in which the key will be created, in the # format "projects/\\{project}". # @!attribute [rw] key # @return [::Google::Cloud::RecaptchaEnterprise::V1::Key] # Required. Information to create a reCAPTCHA Enterprise key. class CreateKeyRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The list keys request message. # @!attribute [rw] parent # @return [::String] # Required. The name of the project that contains the keys that will be # listed, in the format "projects/\\{project}". # @!attribute [rw] page_size # @return [::Integer] # Optional. The maximum number of keys to return. Default is 10. Max limit is # 1000. # @!attribute [rw] page_token # @return [::String] # Optional. The next_page_token value returned from a previous. # ListKeysRequest, if any. class ListKeysRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Response to request to list keys in a project. # @!attribute [rw] keys # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::Key>] # Key details. # @!attribute [rw] next_page_token # @return [::String] # Token to retrieve the next page of results. It is set to empty if no keys # remain in results. class ListKeysResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The retrieve legacy secret key request message. # @!attribute [rw] key # @return [::String] # Required. The public key name linked to the requested secret key in the # format "projects/\\{project}/keys/\\{key}". class RetrieveLegacySecretKeyRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The get key request message. # @!attribute [rw] name # @return [::String] # Required. The name of the requested key, in the format # "projects/\\{project}/keys/\\{key}". class GetKeyRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The update key request message. # @!attribute [rw] key # @return [::Google::Cloud::RecaptchaEnterprise::V1::Key] # Required. The key to update. # @!attribute [rw] update_mask # @return [::Google::Protobuf::FieldMask] # Optional. The mask to control which fields of the key get updated. If the # mask is not present, all fields will be updated. class UpdateKeyRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The delete key request message. # @!attribute [rw] name # @return [::String] # Required. The name of the key to be deleted, in the format # "projects/\\{project}/keys/\\{key}". class DeleteKeyRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The migrate key request message. # @!attribute [rw] name # @return [::String] # Required. The name of the key to be migrated, in the format # "projects/\\{project}/keys/\\{key}". # @!attribute [rw] skip_billing_check # @return [::Boolean] # Optional. If true, skips the billing check. # A reCAPTCHA Enterprise key or migrated key behaves differently than a # reCAPTCHA (non-Enterprise version) key when you reach a quota limit (see # https://cloud.google.com/recaptcha-enterprise/quotas#quota_limit). To avoid # any disruption of your usage, we check that a billing account is present. # If your usage of reCAPTCHA is under the free quota, you can safely skip the # billing check and proceed with the migration. See # https://cloud.google.com/recaptcha-enterprise/docs/billing-information. class MigrateKeyRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The get metrics request message. # @!attribute [rw] name # @return [::String] # Required. The name of the requested metrics, in the format # "projects/\\{project}/keys/\\{key}/metrics". class GetMetricsRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Metrics for a single Key. # @!attribute [r] name # @return [::String] # Output only. The name of the metrics, in the format # "projects/\\{project}/keys/\\{key}/metrics". # @!attribute [rw] start_time # @return [::Google::Protobuf::Timestamp] # Inclusive start time aligned to a day (UTC). # @!attribute [rw] score_metrics # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::ScoreMetrics>] # Metrics will be continuous and in order by dates, and in the granularity # of day. All Key types should have score-based data. # @!attribute [rw] challenge_metrics # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::ChallengeMetrics>] # Metrics will be continuous and in order by dates, and in the granularity # of day. Only challenge-based keys (CHECKBOX, INVISIBLE), will have # challenge-based data. class Metrics include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Secret key is used only in legacy reCAPTCHA. It must be used in a 3rd party # integration with legacy reCAPTCHA. # @!attribute [rw] legacy_secret_key # @return [::String] # The secret key (also known as shared secret) authorizes communication # between your application backend and the reCAPTCHA Enterprise server to # create an assessment. # The secret key needs to be kept safe for security purposes. class RetrieveLegacySecretKeyResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A key used to identify and configure applications (web and/or mobile) that # use reCAPTCHA Enterprise. # @!attribute [rw] name # @return [::String] # The resource name for the Key in the format # "projects/\\{project}/keys/\\{key}". # @!attribute [rw] display_name # @return [::String] # Human-readable display name of this key. Modifiable by user. # @!attribute [rw] web_settings # @return [::Google::Cloud::RecaptchaEnterprise::V1::WebKeySettings] # Settings for keys that can be used by websites. # @!attribute [rw] android_settings # @return [::Google::Cloud::RecaptchaEnterprise::V1::AndroidKeySettings] # Settings for keys that can be used by Android apps. # @!attribute [rw] ios_settings # @return [::Google::Cloud::RecaptchaEnterprise::V1::IOSKeySettings] # Settings for keys that can be used by iOS apps. # @!attribute [rw] labels # @return [::Google::Protobuf::Map{::String => ::String}] # See # Creating and managing labels. # @!attribute [r] create_time # @return [::Google::Protobuf::Timestamp] # Output only. The timestamp corresponding to the creation of this Key. # @!attribute [rw] testing_options # @return [::Google::Cloud::RecaptchaEnterprise::V1::TestingOptions] # Options for user acceptance testing. # @!attribute [rw] waf_settings # @return [::Google::Cloud::RecaptchaEnterprise::V1::WafSettings] # Settings for WAF class Key include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # Options for user acceptance testing. # @!attribute [rw] testing_score # @return [::Float] # All assessments for this Key will return this score. Must be between 0 # (likely not legitimate) and 1 (likely legitimate) inclusive. # @!attribute [rw] testing_challenge # @return [::Google::Cloud::RecaptchaEnterprise::V1::TestingOptions::TestingChallenge] # For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests # for this site will return nocaptcha if NOCAPTCHA, or an unsolvable # challenge if CHALLENGE. class TestingOptions include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Enum that represents the challenge option for challenge-based (CHECKBOX, # INVISIBLE) testing keys. module TestingChallenge # Perform the normal risk analysis and return either nocaptcha or a # challenge depending on risk and trust factors. TESTING_CHALLENGE_UNSPECIFIED = 0 # Challenge requests for this key always return a nocaptcha, which # does not require a solution. NOCAPTCHA = 1 # Challenge requests for this key always return an unsolvable # challenge. UNSOLVABLE_CHALLENGE = 2 end end # Settings specific to keys that can be used by websites. # @!attribute [rw] allow_all_domains # @return [::Boolean] # If set to true, it means allowed_domains will not be enforced. # @!attribute [rw] allowed_domains # @return [::Array<::String>] # Domains or subdomains of websites allowed to use the key. All subdomains # of an allowed domain are automatically allowed. A valid domain requires a # host and must not include any path, port, query or fragment. # Examples: 'example.com' or 'subdomain.example.com' # @!attribute [rw] allow_amp_traffic # @return [::Boolean] # If set to true, the key can be used on AMP (Accelerated Mobile Pages) # websites. This is supported only for the SCORE integration type. # @!attribute [rw] integration_type # @return [::Google::Cloud::RecaptchaEnterprise::V1::WebKeySettings::IntegrationType] # Required. Describes how this key is integrated with the website. # @!attribute [rw] challenge_security_preference # @return [::Google::Cloud::RecaptchaEnterprise::V1::WebKeySettings::ChallengeSecurityPreference] # Settings for the frequency and difficulty at which this key triggers # captcha challenges. This should only be specified for IntegrationTypes # CHECKBOX and INVISIBLE. class WebKeySettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Enum that represents the integration types for web keys. module IntegrationType # Default type that indicates this enum hasn't been specified. This is not # a valid IntegrationType, one of the other types must be specified # instead. INTEGRATION_TYPE_UNSPECIFIED = 0 # Only used to produce scores. It doesn't display the "I'm not a robot" # checkbox and never shows captcha challenges. SCORE = 1 # Displays the "I'm not a robot" checkbox and may show captcha challenges # after it is checked. CHECKBOX = 2 # Doesn't display the "I'm not a robot" checkbox, but may show captcha # challenges after risk analysis. INVISIBLE = 3 end # Enum that represents the possible challenge frequency and difficulty # configurations for a web key. module ChallengeSecurityPreference # Default type that indicates this enum hasn't been specified. CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED = 0 # Key tends to show fewer and easier challenges. USABILITY = 1 # Key tends to show balanced (in amount and difficulty) challenges. BALANCE = 2 # Key tends to show more and harder challenges. SECURITY = 3 end end # Settings specific to keys that can be used by Android apps. # @!attribute [rw] allow_all_package_names # @return [::Boolean] # If set to true, allowed_package_names are not enforced. # @!attribute [rw] allowed_package_names # @return [::Array<::String>] # Android package names of apps allowed to use the key. # Example: 'com.companyname.appname' class AndroidKeySettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Settings specific to keys that can be used by iOS apps. # @!attribute [rw] allow_all_bundle_ids # @return [::Boolean] # If set to true, allowed_bundle_ids are not enforced. # @!attribute [rw] allowed_bundle_ids # @return [::Array<::String>] # iOS bundle ids of apps allowed to use the key. # Example: 'com.companyname.productname.appname' class IOSKeySettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Score distribution. # @!attribute [rw] score_buckets # @return [::Google::Protobuf::Map{::Integer => ::Integer}] # Map key is score value multiplied by 100. The scores are discrete values # between [0, 1]. The maximum number of buckets is on order of a few dozen, # but typically much lower (ie. 10). class ScoreDistribution include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::Integer] # @!attribute [rw] value # @return [::Integer] class ScoreBucketsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # Metrics related to scoring. # @!attribute [rw] overall_metrics # @return [::Google::Cloud::RecaptchaEnterprise::V1::ScoreDistribution] # Aggregated score metrics for all traffic. # @!attribute [rw] action_metrics # @return [::Google::Protobuf::Map{::String => ::Google::Cloud::RecaptchaEnterprise::V1::ScoreDistribution}] # Action-based metrics. The map key is the action name which specified by the # site owners at time of the "execute" client-side call. class ScoreMetrics include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::Google::Cloud::RecaptchaEnterprise::V1::ScoreDistribution] class ActionMetricsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # Metrics related to challenges. # @!attribute [rw] pageload_count # @return [::Integer] # Count of reCAPTCHA checkboxes or badges rendered. This is mostly equivalent # to a count of pageloads for pages that include reCAPTCHA. # @!attribute [rw] nocaptcha_count # @return [::Integer] # Count of nocaptchas (successful verification without a challenge) issued. # @!attribute [rw] failed_count # @return [::Integer] # Count of submitted challenge solutions that were incorrect or otherwise # deemed suspicious such that a subsequent challenge was triggered. # @!attribute [rw] passed_count # @return [::Integer] # Count of nocaptchas (successful verification without a challenge) plus # submitted challenge solutions that were correct and resulted in # verification. class ChallengeMetrics include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The request message to list memberships in a related account group. # @!attribute [rw] parent # @return [::String] # Required. The resource name for the related account group in the format # `projects/{project}/relatedaccountgroups/{relatedaccountgroup}`. # @!attribute [rw] page_size # @return [::Integer] # Optional. The maximum number of accounts to return. The service might # return fewer than this value. If unspecified, at most 50 accounts are # returned. The maximum value is 1000; values above 1000 are coerced to 1000. # @!attribute [rw] page_token # @return [::String] # Optional. A page token, received from a previous # `ListRelatedAccountGroupMemberships` call. # # When paginating, all other parameters provided to # `ListRelatedAccountGroupMemberships` must match the call that provided the # page token. class ListRelatedAccountGroupMembershipsRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The response to a `ListRelatedAccountGroupMemberships` call. # @!attribute [rw] related_account_group_memberships # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::RelatedAccountGroupMembership>] # The memberships listed by the query. # @!attribute [rw] next_page_token # @return [::String] # A token, which can be sent as `page_token` to retrieve the next page. # If this field is omitted, there are no subsequent pages. class ListRelatedAccountGroupMembershipsResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The request message to list related account groups. # @!attribute [rw] parent # @return [::String] # Required. The name of the project to list related account groups from, in # the format "projects/\\{project}". # @!attribute [rw] page_size # @return [::Integer] # Optional. The maximum number of groups to return. The service might return # fewer than this value. If unspecified, at most 50 groups are returned. The # maximum value is 1000; values above 1000 are coerced to 1000. # @!attribute [rw] page_token # @return [::String] # Optional. A page token, received from a previous `ListRelatedAccountGroups` # call. Provide this to retrieve the subsequent page. # # When paginating, all other parameters provided to # `ListRelatedAccountGroups` must match the call that provided the page # token. class ListRelatedAccountGroupsRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The response to a `ListRelatedAccountGroups` call. # @!attribute [rw] related_account_groups # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::RelatedAccountGroup>] # The groups of related accounts listed by the query. # @!attribute [rw] next_page_token # @return [::String] # A token, which can be sent as `page_token` to retrieve the next page. # If this field is omitted, there are no subsequent pages. class ListRelatedAccountGroupsResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The request message to search related account group memberships. # @!attribute [rw] project # @return [::String] # Required. The name of the project to search related account group # memberships from. Specify the project name in the following format: # "projects/\\{project}". # @!attribute [rw] hashed_account_id # @return [::String] # Optional. The unique stable hashed user identifier we should search # connections to. The identifier should correspond to a `hashed_account_id` # provided in a previous `CreateAssessment` or `AnnotateAssessment` call. # @!attribute [rw] page_size # @return [::Integer] # Optional. The maximum number of groups to return. The service might return # fewer than this value. If unspecified, at most 50 groups are returned. The # maximum value is 1000; values above 1000 are coerced to 1000. # @!attribute [rw] page_token # @return [::String] # Optional. A page token, received from a previous # `SearchRelatedAccountGroupMemberships` call. Provide this to retrieve the # subsequent page. # # When paginating, all other parameters provided to # `SearchRelatedAccountGroupMemberships` must match the call that provided # the page token. class SearchRelatedAccountGroupMembershipsRequest include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # The response to a `SearchRelatedAccountGroupMemberships` call. # @!attribute [rw] related_account_group_memberships # @return [::Array<::Google::Cloud::RecaptchaEnterprise::V1::RelatedAccountGroupMembership>] # The queried memberships. # @!attribute [rw] next_page_token # @return [::String] # A token, which can be sent as `page_token` to retrieve the next page. # If this field is omitted, there are no subsequent pages. class SearchRelatedAccountGroupMembershipsResponse include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A membership in a group of related accounts. # @!attribute [rw] name # @return [::String] # Required. The resource name for this membership in the format # `projects/{project}/relatedaccountgroups/{relatedaccountgroup}/memberships/{membership}`. # @!attribute [rw] hashed_account_id # @return [::String] # The unique stable hashed user identifier of the member. The identifier # corresponds to a `hashed_account_id` provided in a previous # `CreateAssessment` or `AnnotateAssessment` call. class RelatedAccountGroupMembership include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A group of related accounts. # @!attribute [rw] name # @return [::String] # Required. The resource name for the related account group in the format # `projects/{project}/relatedaccountgroups/{related_account_group}`. class RelatedAccountGroup include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # Settings specific to keys that can be used for WAF (Web Application # Firewall). # @!attribute [rw] waf_service # @return [::Google::Cloud::RecaptchaEnterprise::V1::WafSettings::WafService] # Required. The WAF service that uses this key. # @!attribute [rw] waf_feature # @return [::Google::Cloud::RecaptchaEnterprise::V1::WafSettings::WafFeature] # Required. The WAF feature for which this key is enabled. class WafSettings include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Supported WAF features. For more information, see # https://cloud.google.com/recaptcha-enterprise/docs/usecase#comparison_of_features. module WafFeature # Undefined feature. WAF_FEATURE_UNSPECIFIED = 0 # Redirects suspicious traffic to reCAPTCHA. CHALLENGE_PAGE = 1 # Use reCAPTCHA session-tokens to protect the whole user session on the # site's domain. SESSION_TOKEN = 2 # Use reCAPTCHA action-tokens to protect user actions. ACTION_TOKEN = 3 end # Web Application Firewalls supported by reCAPTCHA Enterprise. module WafService # Undefined WAF WAF_SERVICE_UNSPECIFIED = 0 # Cloud Armor CA = 1 end end end end end end