com.amazonaws.services.securitytoken.AWSSecurityTokenServiceAsyncClient Maven / Gradle / Ivy
Show all versions of aws-java-sdk-sts Show documentation
/*
* Copyright 2014-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.securitytoken;
import static java.util.concurrent.Executors.newFixedThreadPool;
import javax.annotation.Generated;
import com.amazonaws.services.securitytoken.model.*;
import com.amazonaws.client.AwsAsyncClientParams;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.AWSCredentialsProvider;
import java.util.concurrent.ExecutorService;
import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
/**
* Client for accessing AWS STS asynchronously. Each asynchronous method will return a Java Future object representing
* the asynchronous operation; overloads which accept an {@code AsyncHandler} can be used to receive notification when
* an asynchronous operation completes.
*
* AWS Security Token Service
*
* The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege
* credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).
* This guide provides descriptions of the STS API. For more detailed information about using this service, go to Temporary Security Credentials.
*
*
* For information about setting up signatures and authorization through the API, go to Signing AWS API Requests in
* the AWS General Reference. For general information about the Query API, go to Making Query Requests in Using
* IAM. For information about using security tokens with other AWS products, go to AWS Services
* That Work with IAM in the IAM User Guide.
*
*
* If you're new to AWS and need additional technical information about a specific AWS product, you can find the
* product's technical documentation at http://aws.amazon.com/documentation/.
*
*
* Endpoints
*
*
* By default, AWS Security Token Service (STS) is available as a global service, and all AWS STS requests go to a
* single endpoint at https://sts.amazonaws.com. Global requests map to the US East (N. Virginia) region.
* AWS recommends using Regional AWS STS endpoints instead of the global endpoint to reduce latency, build in
* redundancy, and increase session token validity. For more information, see Managing AWS STS in
* an AWS Region in the IAM User Guide.
*
*
* Most AWS Regions are enabled for operations in all AWS services by default. Those Regions are automatically activated
* for use with AWS STS. Some Regions, such as Asia Pacific (Hong Kong), must be manually enabled. To learn more about
* enabling and disabling AWS Regions, see Managing AWS Regions in the AWS General
* Reference. When you enable these AWS Regions, they are automatically activated for use with AWS STS. You cannot
* activate the STS endpoint for a Region that is disabled. Tokens that are valid in all AWS Regions are longer than
* tokens that are valid in Regions that are enabled by default. Changing this setting might affect existing systems
* where you temporarily store tokens. For more information, see Managing Global Endpoint Session Tokens in the IAM User Guide.
*
*
* After you activate a Region for use with AWS STS, you can direct AWS STS API calls to that Region. AWS STS recommends
* that you provide both the Region and endpoint when you make calls to a Regional endpoint. You can provide the Region
* alone for manually enabled Regions, such as Asia Pacific (Hong Kong). In this case, the calls are directed to the STS
* Regional endpoint. However, if you provide the Region alone for Regions enabled by default, the calls are directed to
* the global endpoint of https://sts.amazonaws.com.
*
*
* To view the list of AWS STS endpoints and whether they are active by default, see Writing Code to Use AWS STS Regions in the IAM User Guide.
*
*
* Recording API requests
*
*
* STS supports AWS CloudTrail, which is a service that records AWS calls for your AWS account and delivers log files to
* an Amazon S3 bucket. By using information collected by CloudTrail, you can determine what requests were successfully
* made to STS, who made the request, when it was made, and so on.
*
*
* If you activate AWS STS endpoints in Regions other than the default global endpoint, then you must also turn on
* CloudTrail logging in those Regions. This is necessary to record any AWS STS API calls that are made in those
* Regions. For more information, see Turning On
* CloudTrail in Additional Regions in the AWS CloudTrail User Guide.
*
*
* AWS Security Token Service (STS) is a global service with a single endpoint at https://sts.amazonaws.com
* . Calls to this endpoint are logged as calls to a global service. However, because this endpoint is physically
* located in the US East (N. Virginia) Region, your logs list us-east-1 as the event Region. CloudTrail
* does not write these logs to the US East (Ohio) Region unless you choose to include global service logs in that
* Region. CloudTrail writes calls to all Regional endpoints to their respective Regions. For example, calls to
* sts.us-east-2.amazonaws.com are published to the US East (Ohio) Region and calls to sts.eu-central-1.amazonaws.com
* are published to the EU (Frankfurt) Region.
*
*
* To learn more about CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail
* User Guide.
*
*/
@ThreadSafe
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AWSSecurityTokenServiceAsyncClient extends AWSSecurityTokenServiceClient implements AWSSecurityTokenServiceAsync {
private static final int DEFAULT_THREAD_POOL_SIZE = 50;
private final java.util.concurrent.ExecutorService executorService;
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS. A credentials provider chain will be
* used that searches for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Credential profiles file at the default location (~/.aws/credentials) shared by all AWS SDKs and the AWS CLI
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
* Asynchronous methods are delegated to a fixed-size thread pool containing 50 threads (to match the default
* maximum number of concurrent connections to the service).
*
* @see com.amazonaws.auth.DefaultAWSCredentialsProviderChain
* @see java.util.concurrent.Executors#newFixedThreadPool(int)
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#defaultClient()}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient() {
this(DefaultAWSCredentialsProviderChain.getInstance());
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS. A credentials provider chain will be
* used that searches for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Credential profiles file at the default location (~/.aws/credentials) shared by all AWS SDKs and the AWS CLI
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
* Asynchronous methods are delegated to a fixed-size thread pool containing a number of threads equal to the
* maximum number of concurrent connections configured via {@code ClientConfiguration.getMaxConnections()}.
*
* @param clientConfiguration
* The client configuration options controlling how this client connects to AWS STS (ex: proxy settings,
* retry counts, etc).
*
* @see com.amazonaws.auth.DefaultAWSCredentialsProviderChain
* @see java.util.concurrent.Executors#newFixedThreadPool(int)
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(ClientConfiguration clientConfiguration) {
this(DefaultAWSCredentialsProviderChain.getInstance(), clientConfiguration, newFixedThreadPool(clientConfiguration.getMaxConnections()));
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified AWS account
* credentials.
*
* Asynchronous methods are delegated to a fixed-size thread pool containing 50 threads (to match the default
* maximum number of concurrent connections to the service).
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @see java.util.concurrent.Executors#newFixedThreadPool(int)
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentials awsCredentials) {
this(awsCredentials, newFixedThreadPool(DEFAULT_THREAD_POOL_SIZE));
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified AWS account
* credentials and executor service. Default client settings will be used.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @param executorService
* The executor service by which all asynchronous requests will be executed.
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentials awsCredentials, ExecutorService executorService) {
this(awsCredentials, configFactory.getConfig(), executorService);
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified AWS account
* credentials, executor service, and client configuration options.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @param clientConfiguration
* Client configuration options (ex: max retry limit, proxy settings, etc).
* @param executorService
* The executor service by which all asynchronous requests will be executed.
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withClientConfiguration(ClientConfiguration)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration, ExecutorService executorService) {
super(awsCredentials, clientConfiguration);
this.executorService = executorService;
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified AWS account
* credentials provider. Default client settings will be used.
*
* Asynchronous methods are delegated to a fixed-size thread pool containing 50 threads (to match the default
* maximum number of concurrent connections to the service).
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @see java.util.concurrent.Executors#newFixedThreadPool(int)
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentialsProvider awsCredentialsProvider) {
this(awsCredentialsProvider, newFixedThreadPool(DEFAULT_THREAD_POOL_SIZE));
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the provided AWS account
* credentials provider and client configuration options.
*
* Asynchronous methods are delegated to a fixed-size thread pool containing a number of threads equal to the
* maximum number of concurrent connections configured via {@code ClientConfiguration.getMaxConnections()}.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* Client configuration options (ex: max retry limit, proxy settings, etc).
*
* @see com.amazonaws.auth.DefaultAWSCredentialsProviderChain
* @see java.util.concurrent.Executors#newFixedThreadPool(int)
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration) {
this(awsCredentialsProvider, clientConfiguration, newFixedThreadPool(clientConfiguration.getMaxConnections()));
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified AWS account
* credentials provider and executor service. Default client settings will be used.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param executorService
* The executor service by which all asynchronous requests will be executed.
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentialsProvider awsCredentialsProvider, ExecutorService executorService) {
this(awsCredentialsProvider, configFactory.getConfig(), executorService);
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified AWS account
* credentials provider, executor service, and client configuration options.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* Client configuration options (ex: max retry limit, proxy settings, etc).
* @param executorService
* The executor service by which all asynchronous requests will be executed.
* @deprecated use {@link AWSSecurityTokenServiceAsyncClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withClientConfiguration(ClientConfiguration)} and
* {@link AWSSecurityTokenServiceAsyncClientBuilder#withExecutorFactory(com.amazonaws.client.builder.ExecutorFactory)}
*/
@Deprecated
public AWSSecurityTokenServiceAsyncClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration,
ExecutorService executorService) {
super(awsCredentialsProvider, clientConfiguration);
this.executorService = executorService;
}
public static AWSSecurityTokenServiceAsyncClientBuilder asyncBuilder() {
return AWSSecurityTokenServiceAsyncClientBuilder.standard();
}
/**
* Constructs a new asynchronous client to invoke service methods on AWS STS using the specified parameters.
*
* @param asyncClientParams
* Object providing client parameters.
*/
AWSSecurityTokenServiceAsyncClient(AwsAsyncClientParams asyncClientParams) {
super(asyncClientParams);
this.executorService = asyncClientParams.getExecutor();
}
/**
* Returns the executor service used by this client to execute async requests.
*
* @return The executor service used by this client to execute async requests.
*/
public ExecutorService getExecutorService() {
return executorService;
}
@Override
public java.util.concurrent.Future assumeRoleAsync(AssumeRoleRequest request) {
return assumeRoleAsync(request, null);
}
@Override
public java.util.concurrent.Future assumeRoleAsync(final AssumeRoleRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final AssumeRoleRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public AssumeRoleResult call() throws Exception {
AssumeRoleResult result = null;
try {
result = executeAssumeRole(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future assumeRoleWithSAMLAsync(AssumeRoleWithSAMLRequest request) {
return assumeRoleWithSAMLAsync(request, null);
}
@Override
public java.util.concurrent.Future assumeRoleWithSAMLAsync(final AssumeRoleWithSAMLRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final AssumeRoleWithSAMLRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public AssumeRoleWithSAMLResult call() throws Exception {
AssumeRoleWithSAMLResult result = null;
try {
result = executeAssumeRoleWithSAML(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future assumeRoleWithWebIdentityAsync(AssumeRoleWithWebIdentityRequest request) {
return assumeRoleWithWebIdentityAsync(request, null);
}
@Override
public java.util.concurrent.Future assumeRoleWithWebIdentityAsync(final AssumeRoleWithWebIdentityRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final AssumeRoleWithWebIdentityRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public AssumeRoleWithWebIdentityResult call() throws Exception {
AssumeRoleWithWebIdentityResult result = null;
try {
result = executeAssumeRoleWithWebIdentity(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future decodeAuthorizationMessageAsync(DecodeAuthorizationMessageRequest request) {
return decodeAuthorizationMessageAsync(request, null);
}
@Override
public java.util.concurrent.Future decodeAuthorizationMessageAsync(final DecodeAuthorizationMessageRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final DecodeAuthorizationMessageRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public DecodeAuthorizationMessageResult call() throws Exception {
DecodeAuthorizationMessageResult result = null;
try {
result = executeDecodeAuthorizationMessage(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future getAccessKeyInfoAsync(GetAccessKeyInfoRequest request) {
return getAccessKeyInfoAsync(request, null);
}
@Override
public java.util.concurrent.Future getAccessKeyInfoAsync(final GetAccessKeyInfoRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final GetAccessKeyInfoRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public GetAccessKeyInfoResult call() throws Exception {
GetAccessKeyInfoResult result = null;
try {
result = executeGetAccessKeyInfo(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future getCallerIdentityAsync(GetCallerIdentityRequest request) {
return getCallerIdentityAsync(request, null);
}
@Override
public java.util.concurrent.Future getCallerIdentityAsync(final GetCallerIdentityRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final GetCallerIdentityRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public GetCallerIdentityResult call() throws Exception {
GetCallerIdentityResult result = null;
try {
result = executeGetCallerIdentity(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future getFederationTokenAsync(GetFederationTokenRequest request) {
return getFederationTokenAsync(request, null);
}
@Override
public java.util.concurrent.Future getFederationTokenAsync(final GetFederationTokenRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final GetFederationTokenRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public GetFederationTokenResult call() throws Exception {
GetFederationTokenResult result = null;
try {
result = executeGetFederationToken(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
@Override
public java.util.concurrent.Future getSessionTokenAsync(GetSessionTokenRequest request) {
return getSessionTokenAsync(request, null);
}
@Override
public java.util.concurrent.Future getSessionTokenAsync(final GetSessionTokenRequest request,
final com.amazonaws.handlers.AsyncHandler asyncHandler) {
final GetSessionTokenRequest finalRequest = beforeClientExecution(request);
return executorService.submit(new java.util.concurrent.Callable() {
@Override
public GetSessionTokenResult call() throws Exception {
GetSessionTokenResult result = null;
try {
result = executeGetSessionToken(finalRequest);
} catch (Exception ex) {
if (asyncHandler != null) {
asyncHandler.onError(ex);
}
throw ex;
}
if (asyncHandler != null) {
asyncHandler.onSuccess(finalRequest, result);
}
return result;
}
});
}
/**
* Simplified method form for invoking the GetSessionToken operation.
*
* @see #getSessionTokenAsync(GetSessionTokenRequest)
*/
@Override
public java.util.concurrent.Future getSessionTokenAsync() {
return getSessionTokenAsync(new GetSessionTokenRequest());
}
/**
* Simplified method form for invoking the GetSessionToken operation with an AsyncHandler.
*
* @see #getSessionTokenAsync(GetSessionTokenRequest, com.amazonaws.handlers.AsyncHandler)
*/
@Override
public java.util.concurrent.Future getSessionTokenAsync(
com.amazonaws.handlers.AsyncHandler asyncHandler) {
return getSessionTokenAsync(new GetSessionTokenRequest(), asyncHandler);
}
/**
* Shuts down the client, releasing all managed resources. This includes forcibly terminating all pending
* asynchronous service calls. Clients who wish to give pending asynchronous service calls time to complete should
* call {@code getExecutorService().shutdown()} followed by {@code getExecutorService().awaitTermination()} prior to
* calling this method.
*/
@Override
public void shutdown() {
super.shutdown();
executorService.shutdownNow();
}
}