ssooidc – github.com/aws/aws-sdk-go-v2/service/ssooidc Index | Files | Directories

package ssooidc

import "github.com/aws/aws-sdk-go-v2/service/ssooidc"

Index

Constants 

const ServiceAPIVersion = "2019-06-10"
const ServiceID = "SSO OIDC"

Functions

func AddResolveEndpointMiddleware 

func AddResolveEndpointMiddleware(stack *middleware.Stack, options ResolveEndpointMiddlewareOptions)

func NewDefaultEndpointResolver 

func NewDefaultEndpointResolver() *internalendpoints.Resolver

NewDefaultEndpointResolver constructs a new service endpoint resolver

func RemoveResolveEndpointMiddleware 

func RemoveResolveEndpointMiddleware(stack *middleware.Stack) error

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

AWS Single Sign-On (SSO) OpenID Connect (OIDC) is a web service that enables a client (such as AWS CLI or a native application) to register with AWS SSO. The service also enables the client to fetch the user’s access token upon successful authentication and authorization with AWS SSO. This service conforms with the OAuth 2.0 based implementation of the device authorization grant standard (https://tools.ietf.org/html/rfc8628 (https://tools.ietf.org/html/rfc8628)). <p>For general information about AWS SSO, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html">What is AWS Single Sign-On?</a> in the <i>AWS SSO User Guide</i>.</p> <p>This API reference guide describes the AWS SSO OIDC operations that you can call programatically and includes detailed information on data types and errors.</p> <note> <p>AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms such as Java, Ruby, .Net, iOS, and Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see <a href="http://aws.amazon.com/tools/">Tools for Amazon Web Services</a>.</p> </note>

func New 

func New(options Options, optFns ...func(*Options)) *Client

New returns an initialized Client based on the functional options. Provide additional functional options to further configure the behavior of the client, such as changing the client's endpoint or adding custom middleware behavior.

func NewFromConfig 

func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client

NewFromConfig returns a new client from the provided config.

func (*Client) CreateToken 

func (c *Client) CreateToken(ctx context.Context, params *CreateTokenInput, optFns ...func(*Options)) (*CreateTokenOutput, error)

Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account.

func (*Client) RegisterClient 

func (c *Client) RegisterClient(ctx context.Context, params *RegisterClientInput, optFns ...func(*Options)) (*RegisterClientOutput, error)

Registers a client with AWS SSO. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.

func (*Client) StartDeviceAuthorization 

func (c *Client) StartDeviceAuthorization(ctx context.Context, params *StartDeviceAuthorizationInput, optFns ...func(*Options)) (*StartDeviceAuthorizationOutput, error)

Initiates device authorization by requesting a pair of verification codes from the authorization service.

type CreateTokenInput 

type CreateTokenInput struct {
	// The list of scopes that is defined by the client. Upon authorization, this list
	// is used to restrict permissions when granting an access token.
	Scope []*string
	// The unique identifier string for each client. This value should come from the
	// persisted result of the RegisterClient () API.
	ClientId *string
	// The location of the application that will receive the authorization code. Users
	// authorize the service to send the request to this location.
	RedirectUri *string
	// Supports grant types for authorization code, refresh token, and device code
	// request.
	GrantType *string
	// The token used to obtain an access token in the event that the access token is
	// invalid or expired. This token is not issued by the service.
	RefreshToken *string
	// Used only when calling this API for the device code grant type. This short-term
	// code is used to identify this authentication attempt. This should come from an
	// in-memory reference to the result of the StartDeviceAuthorization () API.
	DeviceCode *string
	// The authorization code received from the authorization service. This parameter
	// is required to perform an authorization grant request to get access to a token.
	Code *string
	// A secret string generated for the client. This value should come from the
	// persisted result of the RegisterClient () API.
	ClientSecret *string
}

type CreateTokenOutput 

type CreateTokenOutput struct {
	// Indicates the time in seconds when an access token will expire.
	ExpiresIn *int32
	// A token that, if present, can be used to refresh a previously issued access
	// token that might have expired.
	RefreshToken *string
	// An opaque token to access AWS SSO resources assigned to a user.
	AccessToken *string
	// The identifier of the user that associated with the access token, if present.
	IdToken *string
	// Used to notify the client that the returned token is an access token. The
	// supported type is BearerToken.
	TokenType *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type EndpointResolver 

type EndpointResolver interface {
	ResolveEndpoint(region string, options ResolverOptions) (aws.Endpoint, error)
}

EndpointResolver interface for resolving service endpoints.

func WithEndpointResolver 

func WithEndpointResolver(awsResolver aws.EndpointResolver, fallbackResolver EndpointResolver) EndpointResolver

WithEndpointResolver returns an EndpointResolver that first delegates endpoint resolution to the awsResolver. If awsResolver returns aws.EndpointNotFoundError error, the resolver will use the the provided fallbackResolver for resolution. awsResolver and fallbackResolver must not be nil

type EndpointResolverFunc 

type EndpointResolverFunc func(region string, options ResolverOptions) (aws.Endpoint, error)

EndpointResolverFunc is a helper utility that wraps a function so it satisfies the EndpointResolver interface. This is useful when you want to add additional endpoint resolving logic, or stub out specific endpoints with custom values.

func (EndpointResolverFunc) ResolveEndpoint 

func (fn EndpointResolverFunc) ResolveEndpoint(region string, options ResolverOptions) (endpoint aws.Endpoint, err error)

type HTTPClient 

type HTTPClient interface {
	Do(*http.Request) (*http.Response, error)
}

type HTTPSignerV4 

type HTTPSignerV4 interface {
	SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time) error
}

type Options 

type Options struct {
	// Set of options to modify how an operation is invoked. These apply to all
	// operations invoked for this client. Use functional options on operation call to
	// modify this list for per operation behavior.
	APIOptions []func(*middleware.Stack) error

	// The credentials object to use when signing requests.
	Credentials aws.CredentialsProvider

	// The endpoint options to be used when attempting to resolve an endpoint.
	EndpointOptions ResolverOptions

	// The service endpoint resolver.
	EndpointResolver EndpointResolver

	// Signature Version 4 (SigV4) Signer
	HTTPSignerV4 HTTPSignerV4

	// The region to send requests to. (Required)
	Region string

	// Retryer guides how HTTP requests should be retried in case of recoverable
	// failures. When nil the API client will use a default retryer.
	Retryer retry.Retryer

	// The HTTP client to invoke API calls with. Defaults to client's default HTTP
	// implementation if nil.
	HTTPClient HTTPClient
}

func (Options) Copy 

func (o Options) Copy() Options

Copy creates a clone where the APIOptions list is deep copied.

func (Options) GetCredentials 

func (o Options) GetCredentials() aws.CredentialsProvider

func (Options) GetEndpointOptions 

func (o Options) GetEndpointOptions() ResolverOptions

func (Options) GetEndpointResolver 

func (o Options) GetEndpointResolver() EndpointResolver

func (Options) GetHTTPSignerV4 

func (o Options) GetHTTPSignerV4() HTTPSignerV4

func (Options) GetRegion 

func (o Options) GetRegion() string

func (Options) GetRetryer 

func (o Options) GetRetryer() retry.Retryer

type RegisterClientInput 

type RegisterClientInput struct {
	// The type of client. The service supports only public as a client type. Anything
	// other than public will be rejected by the service.
	ClientType *string
	// The friendly name of the client.
	ClientName *string
	// The list of scopes that are defined by the client. Upon authorization, this list
	// is used to restrict permissions when granting an access token.
	Scopes []*string
}

type RegisterClientOutput 

type RegisterClientOutput struct {
	// The endpoint where the client can request authorization.
	AuthorizationEndpoint *string
	// A secret string generated for the client. The client will use this string to get
	// authenticated by the service in subsequent calls.
	ClientSecret *string
	// The endpoint where the client can get an access token.
	TokenEndpoint *string
	// The unique identifier string for each client. This client uses this identifier
	// to get authenticated by the service in subsequent calls.
	ClientId *string
	// Indicates the time at which the clientId and clientSecret will become invalid.
	ClientSecretExpiresAt *int64
	// Indicates the time at which the clientId and clientSecret were issued.
	ClientIdIssuedAt *int64

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

type ResolveEndpoint 

type ResolveEndpoint struct {
	Resolver EndpointResolver
	Options  ResolverOptions
}

func (*ResolveEndpoint) HandleSerialize 

func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) (
	out middleware.SerializeOutput, metadata middleware.Metadata, err error,
)

func (*ResolveEndpoint) ID 

func (*ResolveEndpoint) ID() string

type ResolveEndpointMiddlewareOptions 

type ResolveEndpointMiddlewareOptions interface {
	GetEndpointResolver() EndpointResolver
	GetEndpointOptions() ResolverOptions
}

type ResolverOptions 

type ResolverOptions = internalendpoints.Options

ResolverOptions is the service endpoint resolver options

type StartDeviceAuthorizationInput 

type StartDeviceAuthorizationInput struct {
	// A secret string that is generated for the client. This value should come from
	// the persisted result of the RegisterClient () API operation.
	ClientSecret *string
	// The URL for the AWS SSO user portal. For more information, see Using the User
	// Portal
	// (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html)
	// in the AWS Single Sign-On User Guide.
	StartUrl *string
	// The unique identifier string for the client that is registered with AWS SSO.
	// This value should come from the persisted result of the RegisterClient () API
	// operation.
	ClientId *string
}

type StartDeviceAuthorizationOutput 

type StartDeviceAuthorizationOutput struct {
	// The URI of the verification page that takes the userCode to authorize the
	// device.
	VerificationUri *string
	// A one-time user verification code. This is needed to authorize an in-use device.
	UserCode *string
	// Indicates the number of seconds the client must wait between attempts when
	// polling for a session.
	Interval *int32
	// Indicates the number of seconds in which the verification code will become
	// invalid.
	ExpiresIn *int32
	// An alternate URL that the client can use to automatically launch a browser. This
	// process skips the manual step in which the user visits the verification page and
	// enters their code.
	VerificationUriComplete *string
	// The short-lived code that is used by the device when polling for a session
	// token.
	DeviceCode *string

	// Metadata pertaining to the operation's result.
	ResultMetadata middleware.Metadata
}

Source Files

api_client.go api_op_CreateToken.go api_op_RegisterClient.go api_op_StartDeviceAuthorization.go deserializers.go endpoints.go serializers.go validators.go

Directories

PathSynopsis
internal
types
Version
v0.1.0
Published
Sep 29, 2020
Platform
darwin/amd64
Imports
25 packages
Last checked
now

Tools for package owners.