Package software.amazon.awssdk.services.elasticloadbalancingv2.model

Class AuthenticateOidcActionConfig

    • Method Detail

      • issuer

        public final String issuer()

        The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

        Returns:
        The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      • authorizationEndpoint

        public final String authorizationEndpoint()

        The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

        Returns:
        The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      • tokenEndpoint

        public final String tokenEndpoint()

        The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

        Returns:
        The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      • userInfoEndpoint

        public final String userInfoEndpoint()

        The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

        Returns:
        The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      • clientId

        public final String clientId()

        The OAuth 2.0 client identifier.

        Returns:
        The OAuth 2.0 client identifier.

      • clientSecret

        public final String clientSecret()

        The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

        Returns:
        The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

      • sessionCookieName

        public final String sessionCookieName()

        The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

        Returns:
        The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

      • scope

        public final String scope()

        The set of user claims to be requested from the IdP. The default is openid.

        To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

        Returns:
        The set of user claims to be requested from the IdP. The default is openid.

        To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

      • sessionTimeout

        public final Long sessionTimeout()

        The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

        Returns:
        The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

      • hasAuthenticationRequestExtraParams

        public final boolean hasAuthenticationRequestExtraParams()
        For responses, this returns true if the service returned a value for the AuthenticationRequestExtraParams property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

      • authenticationRequestExtraParams

        public final Map<String,​String> authenticationRequestExtraParams()

        The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

        Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

        This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAuthenticationRequestExtraParams() method.

        Returns:
        The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

      • onUnauthenticatedRequest

        public final AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest()

        The behavior if the user is not authenticated. The following are possible values:

        • deny - Return an HTTP 401 Unauthorized error.

        • allow - Allow the request to be forwarded to the target.

        • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

        If the service returns an enum value that is not available in the current SDK version, onUnauthenticatedRequest will return AuthenticateOidcActionConditionalBehaviorEnum.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from onUnauthenticatedRequestAsString().

        Returns:
        The behavior if the user is not authenticated. The following are possible values:

        • deny - Return an HTTP 401 Unauthorized error.

        • allow - Allow the request to be forwarded to the target.

        • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

        See Also:
        AuthenticateOidcActionConditionalBehaviorEnum

      • onUnauthenticatedRequestAsString

        public final String onUnauthenticatedRequestAsString()

        The behavior if the user is not authenticated. The following are possible values:

        • deny - Return an HTTP 401 Unauthorized error.

        • allow - Allow the request to be forwarded to the target.

        • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

        If the service returns an enum value that is not available in the current SDK version, onUnauthenticatedRequest will return AuthenticateOidcActionConditionalBehaviorEnum.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from onUnauthenticatedRequestAsString().

        Returns:
        The behavior if the user is not authenticated. The following are possible values:

        • deny - Return an HTTP 401 Unauthorized error.

        • allow - Allow the request to be forwarded to the target.

        • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

        See Also:
        AuthenticateOidcActionConditionalBehaviorEnum

      • useExistingClientSecret

        public final Boolean useExistingClientSecret()

        Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

        Returns:
        Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

      • hashCode

        public final int hashCode()
        Overrides:
        hashCode in class Object

      • equals

        public final boolean equals​(Object obj)
        Overrides:
        equals in class Object

      • toString

        public final String toString()
        Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
        Overrides:
        toString in class Object

      • getValueForField

        public final <T> Optional<T> getValueForField​(String fieldName,
                                              Class<T> clazz)