fix(sts): update the API

#### sts:v1beta

The following keys were changed:
- endpoints
- schemas.GoogleIdentityStsV1betaExchangeTokenRequest.properties.scope.description

#### sts:v1

The following keys were changed:
- endpoints
- schemas.GoogleIdentityStsV1ExchangeTokenRequest.properties.scope.description

Author: yoshi-automation

discovery/sts-v1.json

@@ -17,6 +17,11 @@
       "endpointUrl": "https://sts.asia-east1.rep.googleapis.com/",
       "location": "asia-east1"
     },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://sts.asia-east2.rep.googleapis.com/",
+      "location": "asia-east2"
+    },
     {
       "description": "Regional Endpoint",
       "endpointUrl": "https://sts.asia-northeast1.rep.googleapis.com/",
@@ -333,7 +338,7 @@
       }
     }
   },
-  "revision": "20250331",
+  "revision": "20250521",
   "rootUrl": "https://sts.googleapis.com/",
   "schemas": {
     "GoogleIamV1Binding": {
@@ -415,7 +420,7 @@
           "type": "string"
         },
         "scope": {
-          "description": "The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings. Required when exchanging an external credential for a Google access token.",
+          "description": "The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings; for example, `https://www.googleapis.com/auth/cloud-platform`. Required when exchanging an external credential for a Google access token. For a list of OAuth 2.0 scopes, see [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes).",
           "type": "string"
         },
         "subjectToken": {

discovery/sts-v1beta.json

@@ -17,6 +17,11 @@
       "endpointUrl": "https://sts.asia-east1.rep.googleapis.com/",
       "location": "asia-east1"
     },
+    {
+      "description": "Regional Endpoint",
+      "endpointUrl": "https://sts.asia-east2.rep.googleapis.com/",
+      "location": "asia-east2"
+    },
     {
       "description": "Regional Endpoint",
       "endpointUrl": "https://sts.asia-northeast1.rep.googleapis.com/",
@@ -333,7 +338,7 @@
       }
     }
   },
-  "revision": "20250331",
+  "revision": "20250521",
   "rootUrl": "https://sts.googleapis.com/",
   "schemas": {
     "GoogleIamV1Binding": {
@@ -466,7 +471,7 @@
           "type": "string"
         },
         "scope": {
-          "description": "The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings. Required when exchanging an external credential for a Google access token.",
+          "description": "The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings; for example, `https://www.googleapis.com/auth/cloud-platform`. Required when exchanging an external credential for a Google access token. For a list of OAuth 2.0 scopes, see [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes).",
           "type": "string"
         },
         "subjectToken": {

src/apis/sts/v1.ts

@@ -227,7 +227,7 @@ export namespace sts_v1 {
      */
     requestedTokenType?: string | null;
     /**
-     * The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings. Required when exchanging an external credential for a Google access token.
+     * The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings; for example, `https://www.googleapis.com/auth/cloud-platform`. Required when exchanging an external credential for a Google access token. For a list of OAuth 2.0 scopes, see [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes).
      */
     scope?: string | null;
     /**
@@ -307,6 +307,67 @@ export namespace sts_v1 {
 
     /**
      * Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within an identity pool, or it applies a Credential Access Boundary to a Google access token. Note that workforce pools do not support Credential Access Boundaries. When you call this method, do not send the `Authorization` HTTP header in the request. This method does not require the `Authorization` header, and using the header can cause the request to fail.
+     * @example
+     * ```js
+     * // Before running the sample:
+     * // - Enable the API at:
+     * //   https://console.developers.google.com/apis/api/sts.googleapis.com
+     * // - Login into gcloud by running:
+     * //   ```sh
+     * //   $ gcloud auth application-default login
+     * //   ```
+     * // - Install the npm module by running:
+     * //   ```sh
+     * //   $ npm install googleapis
+     * //   ```
+     *
+     * const {google} = require('googleapis');
+     * const sts = google.sts('v1');
+     *
+     * async function main() {
+     *   const auth = new google.auth.GoogleAuth({
+     *     // Scopes can be specified either as an array or as a single, space-delimited string.
+     *     scopes: [],
+     *   });
+     *
+     *   // Acquire an auth client, and bind it to all future calls
+     *   const authClient = await auth.getClient();
+     *   google.options({auth: authClient});
+     *
+     *   // Do the magic
+     *   const res = await sts.token({
+     *     // Request body metadata
+     *     requestBody: {
+     *       // request body parameters
+     *       // {
+     *       //   "audience": "my_audience",
+     *       //   "grantType": "my_grantType",
+     *       //   "options": "my_options",
+     *       //   "requestedTokenType": "my_requestedTokenType",
+     *       //   "scope": "my_scope",
+     *       //   "subjectToken": "my_subjectToken",
+     *       //   "subjectTokenType": "my_subjectTokenType"
+     *       // }
+     *     },
+     *   });
+     *   console.log(res.data);
+     *
+     *   // Example response
+     *   // {
+     *   //   "access_boundary_session_key": "my_access_boundary_session_key",
+     *   //   "access_token": "my_access_token",
+     *   //   "expires_in": 0,
+     *   //   "issued_token_type": "my_issued_token_type",
+     *   //   "token_type": "my_token_type"
+     *   // }
+     * }
+     *
+     * main().catch(e => {
+     *   console.error(e);
+     *   throw e;
+     * });
+     *
+     * ```
      *
      * @param params - Parameters for request
      * @param options - Optionally override request options, such as `url`, `method`, and `encoding`.

src/apis/sts/v1beta.ts

@@ -214,7 +214,7 @@ export namespace sts_v1beta {
      */
     requestedTokenType?: string | null;
     /**
-     * The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings. Required when exchanging an external credential for a Google access token.
+     * The OAuth 2.0 scopes to include on the resulting access token, formatted as a list of space-delimited, case-sensitive strings; for example, `https://www.googleapis.com/auth/cloud-platform`. Required when exchanging an external credential for a Google access token. For a list of OAuth 2.0 scopes, see [OAuth 2.0 Scopes for Google APIs](https://developers.google.com/identity/protocols/oauth2/scopes).
      */
     scope?: string | null;
     /**
@@ -303,6 +303,66 @@ export namespace sts_v1beta {
 
     /**
      * Exchanges a credential for a Google OAuth 2.0 access token. The token asserts an external identity within a workload identity pool, or it applies a Credential Access Boundary to a Google access token. When you call this method, do not send the `Authorization` HTTP header in the request. This method does not require the `Authorization` header, and using the header can cause the request to fail.
+     * @example
+     * ```js
+     * // Before running the sample:
+     * // - Enable the API at:
+     * //   https://console.developers.google.com/apis/api/sts.googleapis.com
+     * // - Login into gcloud by running:
+     * //   ```sh
+     * //   $ gcloud auth application-default login
+     * //   ```
+     * // - Install the npm module by running:
+     * //   ```sh
+     * //   $ npm install googleapis
+     * //   ```
+     *
+     * const {google} = require('googleapis');
+     * const sts = google.sts('v1beta');
+     *
+     * async function main() {
+     *   const auth = new google.auth.GoogleAuth({
+     *     // Scopes can be specified either as an array or as a single, space-delimited string.
+     *     scopes: [],
+     *   });
+     *
+     *   // Acquire an auth client, and bind it to all future calls
+     *   const authClient = await auth.getClient();
+     *   google.options({auth: authClient});
+     *
+     *   // Do the magic
+     *   const res = await sts.token({
+     *     // Request body metadata
+     *     requestBody: {
+     *       // request body parameters
+     *       // {
+     *       //   "audience": "my_audience",
+     *       //   "grantType": "my_grantType",
+     *       //   "options": "my_options",
+     *       //   "requestedTokenType": "my_requestedTokenType",
+     *       //   "scope": "my_scope",
+     *       //   "subjectToken": "my_subjectToken",
+     *       //   "subjectTokenType": "my_subjectTokenType"
+     *       // }
+     *     },
+     *   });
+     *   console.log(res.data);
+     *
+     *   // Example response
+     *   // {
+     *   //   "access_token": "my_access_token",
+     *   //   "expires_in": 0,
+     *   //   "issued_token_type": "my_issued_token_type",
+     *   //   "token_type": "my_token_type"
+     *   // }
+     * }
+     *
+     * main().catch(e => {
+     *   console.error(e);
+     *   throw e;
+     * });
+     *
+     * ```
      *
      * @param params - Parameters for request
      * @param options - Optionally override request options, such as `url`, `method`, and `encoding`.