@@ -65,6 +65,12 @@ final class TrustBoundary {
6565 private final String encodedLocations ;
6666 private final List <String > locations ;
6767
68+ /**
69+ * Creates a new TrustBoundary instance.
70+ *
71+ * @param encodedLocations The encoded string representation of the allowed locations.
72+ * @param locations A list of human-readable location strings.
73+ */
6874 public TrustBoundary (String encodedLocations , List <String > locations ) {
6975 this .encodedLocations = encodedLocations ;
7076 this .locations =
@@ -75,14 +81,21 @@ public TrustBoundary(String encodedLocations, List<String> locations) {
7581
7682 private static EnvironmentProvider environmentProvider = SystemEnvironmentProvider .getInstance ();
7783
84+ /** Returns the encoded string representation of the allowed locations. */
7885 public String getEncodedLocations () {
7986 return encodedLocations ;
8087 }
8188
89+ /** Returns a list of human-readable location strings. */
8290 public List <String > getLocations () {
8391 return locations ;
8492 }
8593
94+ /**
95+ * Checks if this TrustBoundary represents a "no-op" (no restrictions).
96+ *
97+ * @return True if the encoded locations indicate no restrictions, false otherwise.
98+ */
8699 public boolean isNoOp () {
87100 return NO_OP_VALUE .equals (encodedLocations );
88101 }
@@ -95,15 +108,18 @@ public static class TrustBoundaryResponse extends GenericJson {
95108 @ Key ("locations" )
96109 private List <String > locations ;
97110
111+ /** Returns the encoded string representation of the allowed locations from the API response. */
98112 public String getEncodedLocations () {
99113 return encodedLocations ;
100114 }
101115
116+ /** Returns a list of human-readable location strings from the API response. */
102117 public List <String > getLocations () {
103118 return locations ;
104119 }
105120
106121 @ Override
122+ /** Returns a string representation of the TrustBoundaryResponse. */
107123 public String toString () {
108124 return MoreObjects .toStringHelper (this )
109125 .add ("encodedLocations" , encodedLocations )
@@ -117,6 +133,13 @@ static void setEnvironmentProviderForTest(@Nullable EnvironmentProvider provider
117133 environmentProvider = provider == null ? SystemEnvironmentProvider .getInstance () : provider ;
118134 }
119135
136+ /**
137+ * Checks if the trust boundary feature is enabled based on an environment variable. The feature
138+ * is enabled if the environment variable is set to "true" or "1" (case-insensitive). Any other
139+ * value, or if the variable is unset, will result in the feature being disabled.
140+ *
141+ * @return True if the trust boundary feature is enabled, false otherwise.
142+ */
120143 static boolean isTrustBoundaryEnabled () {
121144 String trustBoundaryEnabled =
122145 environmentProvider .getEnv (GOOGLE_AUTH_TRUST_BOUNDARY_ENABLED_ENV_VAR );
@@ -127,6 +150,18 @@ static boolean isTrustBoundaryEnabled() {
127150 return "true" .equals (lowercasedTrustBoundaryEnabled ) || "1" .equals (trustBoundaryEnabled );
128151 }
129152
153+ /**
154+ * Refreshes the trust boundary by making a network call to the trust boundary endpoint.
155+ *
156+ * @param transportFactory The HTTP transport factory to use for the network request.
157+ * @param url The URL of the trust boundary endpoint.
158+ * @param accessToken The access token to authenticate the request.
159+ * @param cachedTrustBoundary An optional previously cached trust boundary, which may be used in
160+ * the request headers.
161+ * @return A new TrustBoundary object containing the refreshed information.
162+ * @throws IllegalArgumentException If the provided access token is null or expired.
163+ * @throws IOException If a network error occurs or the response is malformed.
164+ */
130165 static TrustBoundary refresh (
131166 HttpTransportFactory transportFactory ,
132167 String url ,
0 commit comments