software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoAction Maven / Gradle / Ivy
package software.amazon.awscdk.services.elasticloadbalancingv2.actions;
/**
* A Listener Action to authenticate with Cognito.
*
* Example:
*
*
* import software.amazon.awscdk.services.cognito.*;
* import software.amazon.awscdk.services.ec2.*;
* import software.amazon.awscdk.services.elasticloadbalancingv2.*;
* import software.amazon.awscdk.core.App;
* import software.amazon.awscdk.core.CfnOutput;
* import software.amazon.awscdk.core.Stack;
* import constructs.Construct;
* import software.amazon.awscdk.services.elasticloadbalancingv2.actions.*;
* CognitoStack extends Stack {CognitoStack(ApplicationLoadBalancer lb = ApplicationLoadBalancer.Builder.create(this, "LB")
* .vpc(vpc)
* .internetFacing(true)
* .build();
* UserPool userPool = new UserPool(this, "UserPool");
* UserPoolClient userPoolClient = UserPoolClient.Builder.create(this, "Client")
* .userPool(userPool)
* // Required minimal configuration for use with an ELB
* .generateSecret(true)
* .authFlows(AuthFlow.builder()
* .userPassword(true)
* .build())
* .oAuth(OAuthSettings.builder()
* .flows(OAuthFlows.builder()
* .authorizationCodeGrant(true)
* .build())
* .scopes(List.of(OAuthScope.EMAIL))
* .callbackUrls(List.of(String.format("https://%s/oauth2/idpresponse", lb.getLoadBalancerDnsName())))
* .build())
* .build();
* CfnUserPoolClient cfnClient = (CfnUserPoolClient)userPoolClient.getNode().getDefaultChild();
* cfnClient.addPropertyOverride("RefreshTokenValidity", 1);
* cfnClient.addPropertyOverride("SupportedIdentityProviders", List.of("COGNITO"));
* UserPoolDomain userPoolDomain = UserPoolDomain.Builder.create(this, "Domain")
* .userPool(userPool)
* .cognitoDomain(CognitoDomainOptions.builder()
* .domainPrefix("test-cdk-prefix")
* .build())
* .build();
* lb.addListener("Listener", BaseApplicationListenerProps.builder()
* .port(443)
* .certificates(List.of(certificate))
* .defaultAction(AuthenticateCognitoAction.Builder.create()
* .userPool(userPool)
* .userPoolClient(userPoolClient)
* .userPoolDomain(userPoolDomain)
* .next(ListenerAction.fixedResponse(200, FixedResponseOptions.builder()
* .contentType("text/plain")
* .messageBody("Authenticated")
* .build()))
* .build())
* .build());
* CfnOutput.Builder.create(this, "DNS")
* .value(lb.getLoadBalancerDnsName())
* .build();
* App app = new App();
* new CognitoStack(app, "integ-cognito");
* app.synth();
*
*/
@javax.annotation.Generated(value = "jsii-pacmak/1.47.0 (build 86d2c33)", date = "2021-12-21T16:39:03.510Z")
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
@software.amazon.jsii.Jsii(module = software.amazon.awscdk.services.elasticloadbalancingv2.actions.$Module.class, fqn = "@aws-cdk/aws-elasticloadbalancingv2-actions.AuthenticateCognitoAction")
public class AuthenticateCognitoAction extends software.amazon.awscdk.services.elasticloadbalancingv2.ListenerAction {
protected AuthenticateCognitoAction(final software.amazon.jsii.JsiiObjectRef objRef) {
super(objRef);
}
protected AuthenticateCognitoAction(final software.amazon.jsii.JsiiObject.InitializationMode initializationMode) {
super(initializationMode);
}
/**
* Authenticate using an identity provide (IdP) that is compliant with OpenID Connect (OIDC).
*
* @param options This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public AuthenticateCognitoAction(final @org.jetbrains.annotations.NotNull software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoActionProps options) {
super(software.amazon.jsii.JsiiObject.InitializationMode.JSII);
software.amazon.jsii.JsiiEngine.getInstance().createNewObject(this, new Object[] { java.util.Objects.requireNonNull(options, "options is required") });
}
/**
* A fluent builder for {@link software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoAction}.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public static final class Builder implements software.amazon.jsii.Builder {
/**
* @return a new instance of {@link Builder}.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public static Builder create() {
return new Builder();
}
private final software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoActionProps.Builder options;
private Builder() {
this.options = new software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoActionProps.Builder();
}
/**
* What action to execute next.
*
* Multiple actions form a linked chain; the chain must always terminate in a
* (weighted)forward, fixedResponse or redirect action.
*
* @return {@code this}
* @param next What action to execute next. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder next(final software.amazon.awscdk.services.elasticloadbalancingv2.ListenerAction next) {
this.options.next(next);
return this;
}
/**
* The Amazon Cognito user pool.
*
* @return {@code this}
* @param userPool The Amazon Cognito user pool. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder userPool(final software.amazon.awscdk.services.cognito.IUserPool userPool) {
this.options.userPool(userPool);
return this;
}
/**
* The Amazon Cognito user pool client.
*
* @return {@code this}
* @param userPoolClient The Amazon Cognito user pool client. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder userPoolClient(final software.amazon.awscdk.services.cognito.IUserPoolClient userPoolClient) {
this.options.userPoolClient(userPoolClient);
return this;
}
/**
* The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.
*
* @return {@code this}
* @param userPoolDomain The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder userPoolDomain(final software.amazon.awscdk.services.cognito.IUserPoolDomain userPoolDomain) {
this.options.userPoolDomain(userPoolDomain);
return this;
}
/**
* The query parameters (up to 10) to include in the redirect request to the authorization endpoint.
*
* Default: - No extra parameters
*
* @return {@code this}
* @param authenticationRequestExtraParams The query parameters (up to 10) to include in the redirect request to the authorization endpoint. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder authenticationRequestExtraParams(final java.util.Map authenticationRequestExtraParams) {
this.options.authenticationRequestExtraParams(authenticationRequestExtraParams);
return this;
}
/**
* The behavior if the user is not authenticated.
*
* Default: UnauthenticatedAction.AUTHENTICATE
*
* @return {@code this}
* @param onUnauthenticatedRequest The behavior if the user is not authenticated. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder onUnauthenticatedRequest(final software.amazon.awscdk.services.elasticloadbalancingv2.UnauthenticatedAction onUnauthenticatedRequest) {
this.options.onUnauthenticatedRequest(onUnauthenticatedRequest);
return this;
}
/**
* The set of user claims to be requested from the IdP.
*
* To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
*
* Default: "openid"
*
* @return {@code this}
* @param scope The set of user claims to be requested from the IdP. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder scope(final java.lang.String scope) {
this.options.scope(scope);
return this;
}
/**
* The name of the cookie used to maintain session information.
*
* Default: "AWSELBAuthSessionCookie"
*
* @return {@code this}
* @param sessionCookieName The name of the cookie used to maintain session information. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder sessionCookieName(final java.lang.String sessionCookieName) {
this.options.sessionCookieName(sessionCookieName);
return this;
}
/**
* The maximum duration of the authentication session.
*
* Default: Duration.days(7)
*
* @return {@code this}
* @param sessionTimeout The maximum duration of the authentication session. This parameter is required.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
public Builder sessionTimeout(final software.amazon.awscdk.core.Duration sessionTimeout) {
this.options.sessionTimeout(sessionTimeout);
return this;
}
/**
* @returns a newly built instance of {@link software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoAction}.
*/
@software.amazon.jsii.Stability(software.amazon.jsii.Stability.Level.Stable)
@Override
public software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoAction build() {
return new software.amazon.awscdk.services.elasticloadbalancingv2.actions.AuthenticateCognitoAction(
this.options.build()
);
}
}
}