com.amazonaws.services.securitytoken.model.AssumeRoleRequest Maven / Gradle / Ivy
Show all versions of aws-java-sdk Show documentation
/*
* Copyright 2010-2014 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
package com.amazonaws.services.securitytoken.model;
import java.io.Serializable;
import com.amazonaws.AmazonWebServiceRequest;
/**
* Container for the parameters to the {@link com.amazonaws.services.securitytoken.AWSSecurityTokenService#assumeRole(AssumeRoleRequest) AssumeRole operation}.
*
* Returns a set of temporary security credentials (consisting of an
* access key ID, a secret access key, and a security token) that you can
* use to access AWS resources that you might not normally have access
* to. Typically, you use AssumeRole for cross-account
* access or federation.
*
*
* Important: You cannot call AssumeRole by using
* AWS account credentials; access will be denied. You must use IAM user
* credentials or temporary security credentials to call
* AssumeRole .
*
*
*
* For cross-account access, imagine that you own multiple accounts and
* need to access resources in each account. You could create long-term
* credentials in each account to access those resources. However,
* managing all those credentials and remembering which one can access
* which account can be time consuming. Instead, you can create one set
* of long-term credentials in one account and then use temporary
* security credentials to access all the other accounts by assuming
* roles in those accounts. For more information about roles, see
* Roles
* in Using IAM .
*
*
* For federation, you can, for example, grant single sign-on access to
* the AWS Management Console. If you already have an identity and
* authentication system in your corporate network, you don't have to
* recreate user identities in AWS in order to grant those user
* identities access to AWS. Instead, after a user has been
* authenticated, you call AssumeRole (and specify the role
* with the appropriate permissions) to get temporary security
* credentials for that user. With those temporary security credentials,
* you construct a sign-in URL that users can use to access the console.
* For more information, see
* Scenarios for Granting Temporary Access
* in AWS Security Token Service .
*
*
* The temporary security credentials are valid for the duration that
* you specified when calling AssumeRole , which can be from
* 900 seconds (15 minutes) to 3600 seconds (1 hour). The default is 1
* hour.
*
*
* Optionally, you can pass an AWS IAM access policy to this operation.
* The temporary security credentials that are returned by the operation
* have the permissions that are associated with the access policy of the
* role that is being assumed, except for any permissions explicitly
* denied by the policy you pass. This gives you a way to further
* restrict the permissions for the resulting temporary security
* credentials. These policies and any applicable resource-based policies
* are evaluated when calls to AWS are made using the temporary security
* credentials.
*
*
* To assume a role, your AWS account must be trusted by the role. The
* trust relationship is defined in the role's trust policy when the IAM
* role is created. You must also have a policy that allows you to call
* sts:AssumeRole .
*
*
* Using MFA with AssumeRole
*
*
* You can optionally include multi-factor authentication (MFA)
* information when you call AssumeRole . This is useful for
* cross-account scenarios in which you want to make sure that the user
* who is assuming the role has been authenticated using an AWS MFA
* device. In that scenario, the trust policy of the role being assumed
* includes a condition that tests for MFA authentication; if the caller
* does not include valid MFA information, the request to assume the role
* is denied. The condition in a a trust policy that tests for MFA
* authentication might look like the following example.
*
*
* "Condition": {"Null": {"aws:MultiFactorAuthAge": false}}
*
*
* For more information, see
* Configuring MFA-Protected API Access
* in the Using AWS IAM guide.
*
*
* To use MFA with AssumeRole , you pass values for the
* SerialNumber and TokenCode parameters. The
* SerialNumber value identifies the user's hardware or
* virtual MFA device. The TokenCode is the temporary
* one-time password (TOTP) that the MFA devices produces.
*
*
*
*
*
*
*
*
*
*
*
*
* @see com.amazonaws.services.securitytoken.AWSSecurityTokenService#assumeRole(AssumeRoleRequest)
*/
public class AssumeRoleRequest extends AmazonWebServiceRequest implements Serializable {
/**
* The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*
* Constraints:
* Length: 20 - 2048
*/
private String roleArn;
/**
* An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*
* Constraints:
* Length: 2 - 32
* Pattern: [\w+=,.@-]*
*/
private String roleSessionName;
/**
* An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*
* Constraints:
* Length: 1 - 2048
* Pattern: [\u0009\u000A\u000D\u0020-\u00FF]+
*/
private String policy;
/**
* The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*
* Constraints:
* Range: 900 - 3600
*/
private Integer durationSeconds;
/**
* A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*
* Constraints:
* Length: 2 - 96
* Pattern: [\w+=,.@:-]*
*/
private String externalId;
/**
* The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*
* Constraints:
* Length: 9 - 256
* Pattern: [\w+=/:,.@-]*
*/
private String serialNumber;
/**
* The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*
* Constraints:
* Length: 6 - 6
* Pattern: [\d]*
*/
private String tokenCode;
/**
* The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*
* Constraints:
* Length: 20 - 2048
*
* @return The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*/
public String getRoleArn() {
return roleArn;
}
/**
* The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*
* Constraints:
* Length: 20 - 2048
*
* @param roleArn The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*/
public void setRoleArn(String roleArn) {
this.roleArn = roleArn;
}
/**
* The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Length: 20 - 2048
*
* @param roleArn The Amazon Resource Name (ARN) of the role that the caller is
* assuming.
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withRoleArn(String roleArn) {
this.roleArn = roleArn;
return this;
}
/**
* An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*
* Constraints:
* Length: 2 - 32
* Pattern: [\w+=,.@-]*
*
* @return An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*/
public String getRoleSessionName() {
return roleSessionName;
}
/**
* An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*
* Constraints:
* Length: 2 - 32
* Pattern: [\w+=,.@-]*
*
* @param roleSessionName An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*/
public void setRoleSessionName(String roleSessionName) {
this.roleSessionName = roleSessionName;
}
/**
* An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Length: 2 - 32
* Pattern: [\w+=,.@-]*
*
* @param roleSessionName An identifier for the assumed role session. The session name is
* included as part of the AssumedRoleUser.
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withRoleSessionName(String roleSessionName) {
this.roleSessionName = roleSessionName;
return this;
}
/**
* An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*
* Constraints:
* Length: 1 - 2048
* Pattern: [\u0009\u000A\u000D\u0020-\u00FF]+
*
* @return An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*/
public String getPolicy() {
return policy;
}
/**
* An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*
* Constraints:
* Length: 1 - 2048
* Pattern: [\u0009\u000A\u000D\u0020-\u00FF]+
*
* @param policy An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*/
public void setPolicy(String policy) {
this.policy = policy;
}
/**
* An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Length: 1 - 2048
* Pattern: [\u0009\u000A\u000D\u0020-\u00FF]+
*
* @param policy An AWS IAM policy in JSON format.
The temporary security
* credentials that are returned by the operation have the permissions
* that are associated with the access policy of the role being assumed,
* except for any permissions explicitly denied by the policy you pass.
* This gives you a way to further restrict the permissions for the
* resulting temporary security credentials. These policies and any
* applicable resource-based policies are evaluated when calls to AWS are
* made using the temporary security credentials.
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withPolicy(String policy) {
this.policy = policy;
return this;
}
/**
* The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*
* Constraints:
* Range: 900 - 3600
*
* @return The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*/
public Integer getDurationSeconds() {
return durationSeconds;
}
/**
* The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*
* Constraints:
* Range: 900 - 3600
*
* @param durationSeconds The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*/
public void setDurationSeconds(Integer durationSeconds) {
this.durationSeconds = durationSeconds;
}
/**
* The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Range: 900 - 3600
*
* @param durationSeconds The duration, in seconds, of the role session. The value can range
* from 900 seconds (15 minutes) to 3600 seconds (1 hour). By default,
* the value is set to 3600 seconds.
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withDurationSeconds(Integer durationSeconds) {
this.durationSeconds = durationSeconds;
return this;
}
/**
* A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*
* Constraints:
* Length: 2 - 96
* Pattern: [\w+=,.@:-]*
*
* @return A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*/
public String getExternalId() {
return externalId;
}
/**
* A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*
* Constraints:
* Length: 2 - 96
* Pattern: [\w+=,.@:-]*
*
* @param externalId A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*/
public void setExternalId(String externalId) {
this.externalId = externalId;
}
/**
* A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Length: 2 - 96
* Pattern: [\w+=,.@:-]*
*
* @param externalId A unique identifier that is used by third parties to assume a role in
* their customers' accounts. For each role that the third party can
* assume, they should instruct their customers to create a role with the
* external ID that the third party generated. Each time the third party
* assumes the role, they must pass the customer's external ID. The
* external ID is useful in order to help third parties bind a role to
* the customer who created it. For more information about the external
* ID, see About the External ID in Using Temporary
* Security Credentials.
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withExternalId(String externalId) {
this.externalId = externalId;
return this;
}
/**
* The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*
* Constraints:
* Length: 9 - 256
* Pattern: [\w+=/:,.@-]*
*
* @return The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*/
public String getSerialNumber() {
return serialNumber;
}
/**
* The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*
* Constraints:
* Length: 9 - 256
* Pattern: [\w+=/:,.@-]*
*
* @param serialNumber The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*/
public void setSerialNumber(String serialNumber) {
this.serialNumber = serialNumber;
}
/**
* The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Length: 9 - 256
* Pattern: [\w+=/:,.@-]*
*
* @param serialNumber The identification number of the MFA device that is associated with
* the user who is making the AssumeRole call. Specify this
* value if the trust policy of the role being assumed includes a
* condition that requires MFA authentication. The value is either the
* serial number for a hardware device (such as
* GAHT12345678) or an Amazon Resource Name (ARN) for a
* virtual device (such as
* arn:aws:iam::123456789012:mfa/user).
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withSerialNumber(String serialNumber) {
this.serialNumber = serialNumber;
return this;
}
/**
* The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*
* Constraints:
* Length: 6 - 6
* Pattern: [\d]*
*
* @return The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*/
public String getTokenCode() {
return tokenCode;
}
/**
* The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*
* Constraints:
* Length: 6 - 6
* Pattern: [\d]*
*
* @param tokenCode The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*/
public void setTokenCode(String tokenCode) {
this.tokenCode = tokenCode;
}
/**
* The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*
* Returns a reference to this object so that method calls can be chained together.
*
* Constraints:
* Length: 6 - 6
* Pattern: [\d]*
*
* @param tokenCode The value provided by the MFA device, if the trust policy of the role
* being assumed requires MFA (that is, if the policy includes a
* condition that tests for MFA). If the role being assumed requires MFA
* and if the TokenCode value is missing or expired, the
* AssumeRole call returns an "access denied" errror.
*
* @return A reference to this updated object so that method calls can be chained
* together.
*/
public AssumeRoleRequest withTokenCode(String tokenCode) {
this.tokenCode = tokenCode;
return this;
}
/**
* Returns a string representation of this object; useful for testing and
* debugging.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getRoleArn() != null) sb.append("RoleArn: " + getRoleArn() + ",");
if (getRoleSessionName() != null) sb.append("RoleSessionName: " + getRoleSessionName() + ",");
if (getPolicy() != null) sb.append("Policy: " + getPolicy() + ",");
if (getDurationSeconds() != null) sb.append("DurationSeconds: " + getDurationSeconds() + ",");
if (getExternalId() != null) sb.append("ExternalId: " + getExternalId() + ",");
if (getSerialNumber() != null) sb.append("SerialNumber: " + getSerialNumber() + ",");
if (getTokenCode() != null) sb.append("TokenCode: " + getTokenCode() );
sb.append("}");
return sb.toString();
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getRoleArn() == null) ? 0 : getRoleArn().hashCode());
hashCode = prime * hashCode + ((getRoleSessionName() == null) ? 0 : getRoleSessionName().hashCode());
hashCode = prime * hashCode + ((getPolicy() == null) ? 0 : getPolicy().hashCode());
hashCode = prime * hashCode + ((getDurationSeconds() == null) ? 0 : getDurationSeconds().hashCode());
hashCode = prime * hashCode + ((getExternalId() == null) ? 0 : getExternalId().hashCode());
hashCode = prime * hashCode + ((getSerialNumber() == null) ? 0 : getSerialNumber().hashCode());
hashCode = prime * hashCode + ((getTokenCode() == null) ? 0 : getTokenCode().hashCode());
return hashCode;
}
@Override
public boolean equals(Object obj) {
if (this == obj) return true;
if (obj == null) return false;
if (obj instanceof AssumeRoleRequest == false) return false;
AssumeRoleRequest other = (AssumeRoleRequest)obj;
if (other.getRoleArn() == null ^ this.getRoleArn() == null) return false;
if (other.getRoleArn() != null && other.getRoleArn().equals(this.getRoleArn()) == false) return false;
if (other.getRoleSessionName() == null ^ this.getRoleSessionName() == null) return false;
if (other.getRoleSessionName() != null && other.getRoleSessionName().equals(this.getRoleSessionName()) == false) return false;
if (other.getPolicy() == null ^ this.getPolicy() == null) return false;
if (other.getPolicy() != null && other.getPolicy().equals(this.getPolicy()) == false) return false;
if (other.getDurationSeconds() == null ^ this.getDurationSeconds() == null) return false;
if (other.getDurationSeconds() != null && other.getDurationSeconds().equals(this.getDurationSeconds()) == false) return false;
if (other.getExternalId() == null ^ this.getExternalId() == null) return false;
if (other.getExternalId() != null && other.getExternalId().equals(this.getExternalId()) == false) return false;
if (other.getSerialNumber() == null ^ this.getSerialNumber() == null) return false;
if (other.getSerialNumber() != null && other.getSerialNumber().equals(this.getSerialNumber()) == false) return false;
if (other.getTokenCode() == null ^ this.getTokenCode() == null) return false;
if (other.getTokenCode() != null && other.getTokenCode().equals(this.getTokenCode()) == false) return false;
return true;
}
}