software.amazon.awscdk.services.elasticloadbalancingv2

Interface CfnListener.AuthenticateOidcConfigProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnListener.AuthenticateOidcConfigProperty.Jsii$Proxy

Enclosing class:

CfnListener

@Stability(value=Stable)
public static interface CfnListener.AuthenticateOidcConfigProperty
extends software.amazon.jsii.JsiiSerializable

Specifies information required using an identity provide (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.elasticloadbalancingv2.*;
 AuthenticateOidcConfigProperty authenticateOidcConfigProperty = AuthenticateOidcConfigProperty.builder()
         .authorizationEndpoint("authorizationEndpoint")
         .clientId("clientId")
         .issuer("issuer")
         .tokenEndpoint("tokenEndpoint")
         .userInfoEndpoint("userInfoEndpoint")
         // the properties below are optional
         .authenticationRequestExtraParams(Map.of(
                 "authenticationRequestExtraParamsKey", "authenticationRequestExtraParams"))
         .clientSecret("clientSecret")
         .onUnauthenticatedRequest("onUnauthenticatedRequest")
         .scope("scope")
         .sessionCookieName("sessionCookieName")
         .sessionTimeout("sessionTimeout")
         .useExistingClientSecret(false)
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	CfnListener.AuthenticateOidcConfigProperty.Builder A builder for CfnListener.AuthenticateOidcConfigProperty
static class	CfnListener.AuthenticateOidcConfigProperty.Jsii$Proxy An implementation for CfnListener.AuthenticateOidcConfigProperty

Method Summary

Modifier and Type	Method and Description
static CfnListener.AuthenticateOidcConfigProperty.Builder	builder()
default Object	getAuthenticationRequestExtraParams() The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
String	getAuthorizationEndpoint() The authorization endpoint of the IdP.
String	getClientId() The OAuth 2.0 client identifier.
default String	getClientSecret() The OAuth 2.0 client secret.
String	getIssuer() The OIDC issuer identifier of the IdP.
default String	getOnUnauthenticatedRequest() The behavior if the user is not authenticated.
default String	getScope() The set of user claims to be requested from the IdP.
default String	getSessionCookieName() The name of the cookie used to maintain session information.
default String	getSessionTimeout() The maximum duration of the authentication session, in seconds.
String	getTokenEndpoint() The token endpoint of the IdP.
default Object	getUseExistingClientSecret() `CfnListener.AuthenticateOidcConfigProperty.UseExistingClientSecret`.
String	getUserInfoEndpoint() The user info endpoint of the IdP.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Detail

getAuthorizationEndpoint

@Stability(value=Stable)
 @NotNull
String getAuthorizationEndpoint()

The authorization endpoint of the IdP.

This must be a full URL, including the HTTPS protocol, the domain, and the path.

getClientId

@Stability(value=Stable)
 @NotNull
String getClientId()

The OAuth 2.0 client identifier.

getIssuer

@Stability(value=Stable)
 @NotNull
String getIssuer()

The OIDC issuer identifier of the IdP.

This must be a full URL, including the HTTPS protocol, the domain, and the path.

getTokenEndpoint

@Stability(value=Stable)
 @NotNull
String getTokenEndpoint()

The token endpoint of the IdP.

This must be a full URL, including the HTTPS protocol, the domain, and the path.

getUserInfoEndpoint

@Stability(value=Stable)
 @NotNull
String getUserInfoEndpoint()

The user info endpoint of the IdP.

This must be a full URL, including the HTTPS protocol, the domain, and the path.

getAuthenticationRequestExtraParams

@Stability(value=Stable)
 @Nullable
default Object getAuthenticationRequestExtraParams()

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

getClientSecret

@Stability(value=Stable)
 @Nullable
default String getClientSecret()

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.

getOnUnauthenticatedRequest

@Stability(value=Stable)
 @Nullable
default String getOnUnauthenticatedRequest()

The behavior if the user is not authenticated. The following are possible values:.

• deny `` - Return an HTTP 401 Unauthorized error.
• allow `` - Allow the request to be forwarded to the target.
• authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.

getScope

@Stability(value=Stable)
 @Nullable
default String getScope()

The set of user claims to be requested from the IdP. The default is `openid` .

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

getSessionCookieName

@Stability(value=Stable)
 @Nullable
default String getSessionCookieName()

The name of the cookie used to maintain session information.

The default is AWSELBAuthSessionCookie.

getSessionTimeout

@Stability(value=Stable)
 @Nullable
default String getSessionTimeout()

The maximum duration of the authentication session, in seconds.

The default is 604800 seconds (7 days).

getUseExistingClientSecret

@Stability(value=Stable)
 @Nullable
default Object getUseExistingClientSecret()

`CfnListener.AuthenticateOidcConfigProperty.UseExistingClientSecret`.

builder

@Stability(value=Stable)
static CfnListener.AuthenticateOidcConfigProperty.Builder builder()

Returns:

a CfnListener.AuthenticateOidcConfigProperty.Builder of CfnListener.AuthenticateOidcConfigProperty