Interface AuthenticateOidcActionConfig.Builder
- All Superinterfaces:
Buildable
,CopyableBuilder<AuthenticateOidcActionConfig.Builder,
,AuthenticateOidcActionConfig> SdkBuilder<AuthenticateOidcActionConfig.Builder,
,AuthenticateOidcActionConfig> SdkPojo
- Enclosing class:
AuthenticateOidcActionConfig
-
Method Summary
Modifier and TypeMethodDescriptionauthenticationRequestExtraParams
(Map<String, String> authenticationRequestExtraParams) The query parameters (up to 10) to include in the redirect request to the authorization endpoint.authorizationEndpoint
(String authorizationEndpoint) The authorization endpoint of the IdP.The OAuth 2.0 client identifier.clientSecret
(String clientSecret) The OAuth 2.0 client secret.The OIDC issuer identifier of the IdP.onUnauthenticatedRequest
(String onUnauthenticatedRequest) The behavior if the user is not authenticated.onUnauthenticatedRequest
(AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest) The behavior if the user is not authenticated.The set of user claims to be requested from the IdP.sessionCookieName
(String sessionCookieName) The name of the cookie used to maintain session information.sessionTimeout
(Long sessionTimeout) The maximum duration of the authentication session, in seconds.tokenEndpoint
(String tokenEndpoint) The token endpoint of the IdP.useExistingClientSecret
(Boolean useExistingClientSecret) Indicates whether to use the existing client secret when modifying a rule.userInfoEndpoint
(String userInfoEndpoint) The user info endpoint of the IdP.Methods inherited from interface software.amazon.awssdk.utils.builder.CopyableBuilder
copy
Methods inherited from interface software.amazon.awssdk.utils.builder.SdkBuilder
applyMutation, build
Methods inherited from interface software.amazon.awssdk.core.SdkPojo
equalsBySdkFields, sdkFields
-
Method Details
-
issuer
The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
- Parameters:
issuer
- The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
authorizationEndpoint
The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
- Parameters:
authorizationEndpoint
- The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
tokenEndpoint
The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
- Parameters:
tokenEndpoint
- The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
userInfoEndpoint
The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
- Parameters:
userInfoEndpoint
- The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
clientId
The OAuth 2.0 client identifier.
- Parameters:
clientId
- The OAuth 2.0 client identifier.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
clientSecret
The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set
UseExistingClientSecret
to true.- Parameters:
clientSecret
- The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you setUseExistingClientSecret
to true.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
sessionCookieName
The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.
- Parameters:
sessionCookieName
- The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
scope
The set of user claims to be requested from the IdP. The default is
openid
.To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
- Parameters:
scope
- The set of user claims to be requested from the IdP. The default isopenid
.To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
sessionTimeout
The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).
- Parameters:
sessionTimeout
- The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
authenticationRequestExtraParams
AuthenticateOidcActionConfig.Builder authenticationRequestExtraParams(Map<String, String> authenticationRequestExtraParams) The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
- Parameters:
authenticationRequestExtraParams
- The query parameters (up to 10) to include in the redirect request to the authorization endpoint.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-
onUnauthenticatedRequest
The behavior if the user is not authenticated. The following are possible values:
-
deny
- Return an HTTP 401 Unauthorized error.
-
allow
- Allow the request to be forwarded to the target.
-
authenticate
- Redirect the request to the IdP authorization endpoint. This is the default value.
- Parameters:
onUnauthenticatedRequest
- The behavior if the user is not authenticated. The following are possible values:-
deny
- Return an HTTP 401 Unauthorized error.
-
allow
- Allow the request to be forwarded to the target.
-
authenticate
- Redirect the request to the IdP authorization endpoint. This is the default value.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
onUnauthenticatedRequest
AuthenticateOidcActionConfig.Builder onUnauthenticatedRequest(AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest) The behavior if the user is not authenticated. The following are possible values:
-
deny
- Return an HTTP 401 Unauthorized error.
-
allow
- Allow the request to be forwarded to the target.
-
authenticate
- Redirect the request to the IdP authorization endpoint. This is the default value.
- Parameters:
onUnauthenticatedRequest
- The behavior if the user is not authenticated. The following are possible values:-
deny
- Return an HTTP 401 Unauthorized error.
-
allow
- Allow the request to be forwarded to the target.
-
authenticate
- Redirect the request to the IdP authorization endpoint. This is the default value.
-
- Returns:
- Returns a reference to this object so that method calls can be chained together.
- See Also:
-
-
useExistingClientSecret
Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.
- Parameters:
useExistingClientSecret
- Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.- Returns:
- Returns a reference to this object so that method calls can be chained together.
-