SsoTokenProvider
SsoTokenProvider provides a utility for refreshing SSO AccessTokens for Bearer Authentication. The provider can only be used to refresh already cached SSO Tokens. This utility cannot perform the initial SSO create token flow.
A utility such as the AWS CLI must be used to initially create the SSO session and cached token file before the application using the provider will need to retrieve the SSO token. If the token has not been cached already, this provider will return an error when attempting to retrieve the token. See Configure SSO
This provider will attempt to refresh the cached SSO token periodically if needed when resolve is called and a refresh token is available.
Parameters
the name of the SSO Session from the shared config file to load tokens for
the start URL (also known as the "User Portal URL") provided by the SSO service
the AWS region where the SSO directory for the given startUrl is hosted.
amount of time before the actual credential expiration time when credentials are considered expired. For example, if credentials are expiring in 15 minutes, and the buffer time is 10 seconds, then any requests made after 14 minutes and 50 seconds will load new credentials. Defaults to 5 minutes.
the HttpClientEngine instance to use to make requests. NOTE: This engine's resources and lifetime are NOT managed by the provider. Caller is responsible for closing.
the platform provider to use
the source of time for the provider