Class AuthenticateOidcActionConfig

java.lang.Object
software.amazon.awssdk.services.elasticloadbalancingv2.model.AuthenticateOidcActionConfig
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<AuthenticateOidcActionConfig.Builder,AuthenticateOidcActionConfig>

@Generated("software.amazon.awssdk:codegen") public final class AuthenticateOidcActionConfig extends Object implements SdkPojo, Serializable, ToCopyableBuilder<AuthenticateOidcActionConfig.Builder,AuthenticateOidcActionConfig>

Request parameters when using an identity provider (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.

See Also:
  • Method Details

    • issuer

      public final String issuer()

      The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      Returns:
      The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
    • authorizationEndpoint

      public final String authorizationEndpoint()

      The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      Returns:
      The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
    • tokenEndpoint

      public final String tokenEndpoint()

      The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      Returns:
      The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
    • userInfoEndpoint

      public final String userInfoEndpoint()

      The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

      Returns:
      The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.
    • clientId

      public final String clientId()

      The OAuth 2.0 client identifier.

      Returns:
      The OAuth 2.0 client identifier.
    • clientSecret

      public final String clientSecret()

      The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

      Returns:
      The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.
    • sessionCookieName

      public final String sessionCookieName()

      The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

      Returns:
      The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.
    • scope

      public final String scope()

      The set of user claims to be requested from the IdP. The default is openid.

      To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

      Returns:
      The set of user claims to be requested from the IdP. The default is openid.

      To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

    • sessionTimeout

      public final Long sessionTimeout()

      The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

      Returns:
      The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).
    • hasAuthenticationRequestExtraParams

      public final boolean hasAuthenticationRequestExtraParams()
      For responses, this returns true if the service returned a value for the AuthenticationRequestExtraParams property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.
    • authenticationRequestExtraParams

      public final Map<String,String> authenticationRequestExtraParams()

      The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

      Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

      This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasAuthenticationRequestExtraParams() method.

      Returns:
      The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
    • onUnauthenticatedRequest

      public final AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest()

      The behavior if the user is not authenticated. The following are possible values:

      • deny - Return an HTTP 401 Unauthorized error.

      • allow - Allow the request to be forwarded to the target.

      • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

      If the service returns an enum value that is not available in the current SDK version, onUnauthenticatedRequest will return AuthenticateOidcActionConditionalBehaviorEnum.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from onUnauthenticatedRequestAsString().

      Returns:
      The behavior if the user is not authenticated. The following are possible values:

      • deny - Return an HTTP 401 Unauthorized error.

      • allow - Allow the request to be forwarded to the target.

      • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

      See Also:
    • onUnauthenticatedRequestAsString

      public final String onUnauthenticatedRequestAsString()

      The behavior if the user is not authenticated. The following are possible values:

      • deny - Return an HTTP 401 Unauthorized error.

      • allow - Allow the request to be forwarded to the target.

      • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

      If the service returns an enum value that is not available in the current SDK version, onUnauthenticatedRequest will return AuthenticateOidcActionConditionalBehaviorEnum.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from onUnauthenticatedRequestAsString().

      Returns:
      The behavior if the user is not authenticated. The following are possible values:

      • deny - Return an HTTP 401 Unauthorized error.

      • allow - Allow the request to be forwarded to the target.

      • authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

      See Also:
    • useExistingClientSecret

      public final Boolean useExistingClientSecret()

      Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

      Returns:
      Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.
    • toBuilder

      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<AuthenticateOidcActionConfig.Builder,AuthenticateOidcActionConfig>
      Returns:
      a builder for type T
    • builder

      public static AuthenticateOidcActionConfig.Builder builder()
    • serializableBuilderClass

      public static Class<? extends AuthenticateOidcActionConfig.Builder> serializableBuilderClass()
    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object
    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object
    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.
    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object
    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)
    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.