software.amazon.awssdk.services.apigateway.model.CreateAuthorizerRequest Maven / Gradle / Ivy
Show all versions of apigateway Show documentation
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.apigateway.model;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Consumer;
import java.util.function.Function;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration;
import software.amazon.awssdk.core.SdkField;
import software.amazon.awssdk.core.SdkPojo;
import software.amazon.awssdk.core.protocol.MarshallLocation;
import software.amazon.awssdk.core.protocol.MarshallingType;
import software.amazon.awssdk.core.traits.ListTrait;
import software.amazon.awssdk.core.traits.LocationTrait;
import software.amazon.awssdk.core.util.DefaultSdkAutoConstructList;
import software.amazon.awssdk.core.util.SdkAutoConstructList;
import software.amazon.awssdk.utils.ToString;
import software.amazon.awssdk.utils.builder.CopyableBuilder;
import software.amazon.awssdk.utils.builder.ToCopyableBuilder;
/**
*
* Request to add a new Authorizer to an existing RestApi resource.
*
*/
@Generated("software.amazon.awssdk:codegen")
public final class CreateAuthorizerRequest extends ApiGatewayRequest implements
ToCopyableBuilder {
private static final SdkField REST_API_ID_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::restApiId)).setter(setter(Builder::restApiId))
.traits(LocationTrait.builder().location(MarshallLocation.PATH).locationName("restapi_id").build()).build();
private static final SdkField NAME_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::name)).setter(setter(Builder::name))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("name").build()).build();
private static final SdkField TYPE_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::typeAsString)).setter(setter(Builder::type))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("type").build()).build();
private static final SdkField> PROVIDER_AR_NS_FIELD = SdkField
.> builder(MarshallingType.LIST)
.getter(getter(CreateAuthorizerRequest::providerARNs))
.setter(setter(Builder::providerARNs))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("providerARNs").build(),
ListTrait
.builder()
.memberLocationName(null)
.memberFieldInfo(
SdkField. builder(MarshallingType.STRING)
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD)
.locationName("member").build()).build()).build()).build();
private static final SdkField AUTH_TYPE_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::authType)).setter(setter(Builder::authType))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("authType").build()).build();
private static final SdkField AUTHORIZER_URI_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::authorizerUri)).setter(setter(Builder::authorizerUri))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("authorizerUri").build()).build();
private static final SdkField AUTHORIZER_CREDENTIALS_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::authorizerCredentials)).setter(setter(Builder::authorizerCredentials))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("authorizerCredentials").build())
.build();
private static final SdkField IDENTITY_SOURCE_FIELD = SdkField. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::identitySource)).setter(setter(Builder::identitySource))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("identitySource").build()).build();
private static final SdkField IDENTITY_VALIDATION_EXPRESSION_FIELD = SdkField
. builder(MarshallingType.STRING)
.getter(getter(CreateAuthorizerRequest::identityValidationExpression))
.setter(setter(Builder::identityValidationExpression))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("identityValidationExpression")
.build()).build();
private static final SdkField AUTHORIZER_RESULT_TTL_IN_SECONDS_FIELD = SdkField
. builder(MarshallingType.INTEGER)
.getter(getter(CreateAuthorizerRequest::authorizerResultTtlInSeconds))
.setter(setter(Builder::authorizerResultTtlInSeconds))
.traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("authorizerResultTtlInSeconds")
.build()).build();
private static final List> SDK_FIELDS = Collections.unmodifiableList(Arrays.asList(REST_API_ID_FIELD, NAME_FIELD,
TYPE_FIELD, PROVIDER_AR_NS_FIELD, AUTH_TYPE_FIELD, AUTHORIZER_URI_FIELD, AUTHORIZER_CREDENTIALS_FIELD,
IDENTITY_SOURCE_FIELD, IDENTITY_VALIDATION_EXPRESSION_FIELD, AUTHORIZER_RESULT_TTL_IN_SECONDS_FIELD));
private final String restApiId;
private final String name;
private final String type;
private final List providerARNs;
private final String authType;
private final String authorizerUri;
private final String authorizerCredentials;
private final String identitySource;
private final String identityValidationExpression;
private final Integer authorizerResultTtlInSeconds;
private CreateAuthorizerRequest(BuilderImpl builder) {
super(builder);
this.restApiId = builder.restApiId;
this.name = builder.name;
this.type = builder.type;
this.providerARNs = builder.providerARNs;
this.authType = builder.authType;
this.authorizerUri = builder.authorizerUri;
this.authorizerCredentials = builder.authorizerCredentials;
this.identitySource = builder.identitySource;
this.identityValidationExpression = builder.identityValidationExpression;
this.authorizerResultTtlInSeconds = builder.authorizerResultTtlInSeconds;
}
/**
*
* [Required] The string identifier of the associated RestApi.
*
*
* @return [Required] The string identifier of the associated RestApi.
*/
public String restApiId() {
return restApiId;
}
/**
*
* [Required] The name of the authorizer.
*
*
* @return [Required] The name of the authorizer.
*/
public String name() {
return name;
}
/**
*
* [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a single
* authorization token submitted in a custom header, REQUEST for a Lambda function using incoming
* request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito user pool.
*
*
* If the service returns an enum value that is not available in the current SDK version, {@link #type} will return
* {@link AuthorizerType#UNKNOWN_TO_SDK_VERSION}. The raw value returned by the service is available from
* {@link #typeAsString}.
*
*
* @return [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a single
* authorization token submitted in a custom header, REQUEST for a Lambda function using
* incoming request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito user pool.
* @see AuthorizerType
*/
public AuthorizerType type() {
return AuthorizerType.fromValue(type);
}
/**
*
* [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a single
* authorization token submitted in a custom header, REQUEST for a Lambda function using incoming
* request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito user pool.
*
*
* If the service returns an enum value that is not available in the current SDK version, {@link #type} will return
* {@link AuthorizerType#UNKNOWN_TO_SDK_VERSION}. The raw value returned by the service is available from
* {@link #typeAsString}.
*
*
* @return [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a single
* authorization token submitted in a custom header, REQUEST for a Lambda function using
* incoming request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito user pool.
* @see AuthorizerType
*/
public String typeAsString() {
return type;
}
/**
* Returns true if the ProviderARNs property was specified by the sender (it may be empty), or false if the sender
* did not specify the value (it will be empty). For responses returned by the SDK, the sender is the AWS service.
*/
public boolean hasProviderARNs() {
return providerARNs != null && !(providerARNs instanceof SdkAutoConstructList);
}
/**
*
* A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element is
* of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
* TOKEN or REQUEST authorizer, this is not defined.
*
*
* Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
*
*
* You can use {@link #hasProviderARNs()} to see if a value was sent in this field.
*
*
* @return A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each
* element is of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}
* . For a TOKEN or REQUEST authorizer, this is not defined.
*/
public List providerARNs() {
return providerARNs;
}
/**
*
* Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
*
*
* @return Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
*/
public String authType() {
return authType;
}
/**
*
* Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
* authorizers, this must be a well-formed Lambda function URI, for example,
* arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
* . In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
* {region} is the same as the region hosting the Lambda function, path indicates that the
* remaining substring in the URI should be treated as the path to the resource, including the initial
* /. For Lambda functions, this is usually of the form
* /2015-03-31/functions/[FunctionARN]/invocations.
*
*
* @return Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or
* REQUEST authorizers, this must be a well-formed Lambda function URI, for example,
* arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
* . In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api},
* where {region} is the same as the region hosting the Lambda function, path
* indicates that the remaining substring in the URI should be treated as the path to the resource,
* including the initial /. For Lambda functions, this is usually of the form
* /2015-03-31/functions/[FunctionARN]/invocations.
*/
public String authorizerUri() {
return authorizerUri;
}
/**
*
* Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM
* role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on
* the Lambda function, specify null.
*
*
* @return Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an
* IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based
* permissions on the Lambda function, specify null.
*/
public String authorizerCredentials() {
return authorizerCredentials;
}
/**
*
* The identity source for which authorization is requested.
*
* - For a
TOKEN or COGNITO_USER_POOLS authorizer, this is required and specifies the
* request header mapping expression for the custom header holding the authorization token submitted by the client.
* For example, if the token header name is Auth, the header mapping expression is
* method.request.header.Auth.
* - For the
REQUEST authorizer, this is required when authorization caching is enabled. The value is
* a comma-separated string of one or more mapping expressions of the specified request parameters. For example, if
* an Auth header, a Name query string parameter are defined as identity sources, this
* value is method.request.header.Auth, method.request.querystring.Name. These parameters will be used
* to derive the authorization caching key and to perform runtime validation of the REQUEST authorizer
* by verifying all of the identity-related request parameters are present, not null and non-empty. Only when this
* is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 Unauthorized
* response without calling the Lambda function. The valid value is a string of comma-separated mapping expressions
* of the specified request parameters. When the authorization caching is not enabled, this property is optional.
*
*
*
* @return The identity source for which authorization is requested.
*
* - For a
TOKEN or COGNITO_USER_POOLS authorizer, this is required and
* specifies the request header mapping expression for the custom header holding the authorization token
* submitted by the client. For example, if the token header name is Auth, the header mapping
* expression is method.request.header.Auth.
* - For the
REQUEST authorizer, this is required when authorization caching is enabled. The
* value is a comma-separated string of one or more mapping expressions of the specified request parameters.
* For example, if an Auth header, a Name query string parameter are defined as
* identity sources, this value is method.request.header.Auth, method.request.querystring.Name.
* These parameters will be used to derive the authorization caching key and to perform runtime validation
* of the REQUEST authorizer by verifying all of the identity-related request parameters are
* present, not null and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda
* function, otherwise, it returns a 401 Unauthorized response without calling the Lambda function. The
* valid value is a string of comma-separated mapping expressions of the specified request parameters. When
* the authorization caching is not enabled, this property is optional.
*
*/
public String identitySource() {
return identitySource;
}
/**
*
* A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
* regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the aud
* field of the incoming token from the client against the specified regular expression. It will invoke the
* authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without
* calling the Lambda function. The validation expression does not apply to the REQUEST authorizer.
*
*
* @return A validation expression for the incoming identity token. For TOKEN authorizers, this value
* is a regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the
* aud field of the incoming token from the client against the specified regular expression. It
* will invoke the authorizer's Lambda function when there is a match. Otherwise, it will return a 401
* Unauthorized response without calling the Lambda function. The validation expression does not apply to
* the REQUEST authorizer.
*/
public String identityValidationExpression() {
return identityValidationExpression;
}
/**
*
* The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is
* greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300.
* The maximum value is 3600, or 1 hour.
*
*
* @return The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it
* is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default
* value is 300. The maximum value is 3600, or 1 hour.
*/
public Integer authorizerResultTtlInSeconds() {
return authorizerResultTtlInSeconds;
}
@Override
public Builder toBuilder() {
return new BuilderImpl(this);
}
public static Builder builder() {
return new BuilderImpl();
}
public static Class serializableBuilderClass() {
return BuilderImpl.class;
}
@Override
public int hashCode() {
int hashCode = 1;
hashCode = 31 * hashCode + super.hashCode();
hashCode = 31 * hashCode + Objects.hashCode(restApiId());
hashCode = 31 * hashCode + Objects.hashCode(name());
hashCode = 31 * hashCode + Objects.hashCode(typeAsString());
hashCode = 31 * hashCode + Objects.hashCode(providerARNs());
hashCode = 31 * hashCode + Objects.hashCode(authType());
hashCode = 31 * hashCode + Objects.hashCode(authorizerUri());
hashCode = 31 * hashCode + Objects.hashCode(authorizerCredentials());
hashCode = 31 * hashCode + Objects.hashCode(identitySource());
hashCode = 31 * hashCode + Objects.hashCode(identityValidationExpression());
hashCode = 31 * hashCode + Objects.hashCode(authorizerResultTtlInSeconds());
return hashCode;
}
@Override
public boolean equals(Object obj) {
return super.equals(obj) && equalsBySdkFields(obj);
}
@Override
public boolean equalsBySdkFields(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof CreateAuthorizerRequest)) {
return false;
}
CreateAuthorizerRequest other = (CreateAuthorizerRequest) obj;
return Objects.equals(restApiId(), other.restApiId()) && Objects.equals(name(), other.name())
&& Objects.equals(typeAsString(), other.typeAsString()) && Objects.equals(providerARNs(), other.providerARNs())
&& Objects.equals(authType(), other.authType()) && Objects.equals(authorizerUri(), other.authorizerUri())
&& Objects.equals(authorizerCredentials(), other.authorizerCredentials())
&& Objects.equals(identitySource(), other.identitySource())
&& Objects.equals(identityValidationExpression(), other.identityValidationExpression())
&& Objects.equals(authorizerResultTtlInSeconds(), other.authorizerResultTtlInSeconds());
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*/
@Override
public String toString() {
return ToString.builder("CreateAuthorizerRequest").add("RestApiId", restApiId()).add("Name", name())
.add("Type", typeAsString()).add("ProviderARNs", providerARNs()).add("AuthType", authType())
.add("AuthorizerUri", authorizerUri()).add("AuthorizerCredentials", authorizerCredentials())
.add("IdentitySource", identitySource()).add("IdentityValidationExpression", identityValidationExpression())
.add("AuthorizerResultTtlInSeconds", authorizerResultTtlInSeconds()).build();
}
public Optional getValueForField(String fieldName, Class clazz) {
switch (fieldName) {
case "restApiId":
return Optional.ofNullable(clazz.cast(restApiId()));
case "name":
return Optional.ofNullable(clazz.cast(name()));
case "type":
return Optional.ofNullable(clazz.cast(typeAsString()));
case "providerARNs":
return Optional.ofNullable(clazz.cast(providerARNs()));
case "authType":
return Optional.ofNullable(clazz.cast(authType()));
case "authorizerUri":
return Optional.ofNullable(clazz.cast(authorizerUri()));
case "authorizerCredentials":
return Optional.ofNullable(clazz.cast(authorizerCredentials()));
case "identitySource":
return Optional.ofNullable(clazz.cast(identitySource()));
case "identityValidationExpression":
return Optional.ofNullable(clazz.cast(identityValidationExpression()));
case "authorizerResultTtlInSeconds":
return Optional.ofNullable(clazz.cast(authorizerResultTtlInSeconds()));
default:
return Optional.empty();
}
}
@Override
public List> sdkFields() {
return SDK_FIELDS;
}
private static Function getter(Function g) {
return obj -> g.apply((CreateAuthorizerRequest) obj);
}
private static BiConsumer setter(BiConsumer s) {
return (obj, val) -> s.accept((Builder) obj, val);
}
public interface Builder extends ApiGatewayRequest.Builder, SdkPojo, CopyableBuilder {
/**
*
* [Required] The string identifier of the associated RestApi.
*
*
* @param restApiId
* [Required] The string identifier of the associated RestApi.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder restApiId(String restApiId);
/**
*
* [Required] The name of the authorizer.
*
*
* @param name
* [Required] The name of the authorizer.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder name(String name);
/**
*
* [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a single
* authorization token submitted in a custom header, REQUEST for a Lambda function using incoming
* request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito user pool.
*
*
* @param type
* [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a
* single authorization token submitted in a custom header, REQUEST for a Lambda function
* using incoming request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito
* user pool.
* @see AuthorizerType
* @return Returns a reference to this object so that method calls can be chained together.
* @see AuthorizerType
*/
Builder type(String type);
/**
*
* [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a single
* authorization token submitted in a custom header, REQUEST for a Lambda function using incoming
* request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito user pool.
*
*
* @param type
* [Required] The authorizer type. Valid values are TOKEN for a Lambda function using a
* single authorization token submitted in a custom header, REQUEST for a Lambda function
* using incoming request parameters, and COGNITO_USER_POOLS for using an Amazon Cognito
* user pool.
* @see AuthorizerType
* @return Returns a reference to this object so that method calls can be chained together.
* @see AuthorizerType
*/
Builder type(AuthorizerType type);
/**
*
* A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element
* is of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
* TOKEN or REQUEST authorizer, this is not defined.
*
*
* @param providerARNs
* A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each
* element is of this format:
* arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
* TOKEN or REQUEST authorizer, this is not defined.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder providerARNs(Collection providerARNs);
/**
*
* A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element
* is of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
* TOKEN or REQUEST authorizer, this is not defined.
*
*
* @param providerARNs
* A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each
* element is of this format:
* arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
* TOKEN or REQUEST authorizer, this is not defined.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder providerARNs(String... providerARNs);
/**
*
* Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
*
*
* @param authType
* Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder authType(String authType);
/**
*
* Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
* authorizers, this must be a well-formed Lambda function URI, for example,
* arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
* . In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
* {region} is the same as the region hosting the Lambda function, path indicates that
* the remaining substring in the URI should be treated as the path to the resource, including the initial
* /. For Lambda functions, this is usually of the form
* /2015-03-31/functions/[FunctionARN]/invocations.
*
*
* @param authorizerUri
* Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or
* REQUEST authorizers, this must be a well-formed Lambda function URI, for example,
* arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
* . In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}
* , where {region} is the same as the region hosting the Lambda function, path
* indicates that the remaining substring in the URI should be treated as the path to the resource,
* including the initial /. For Lambda functions, this is usually of the form
* /2015-03-31/functions/[FunctionARN]/invocations.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder authorizerUri(String authorizerUri);
/**
*
* Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM
* role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions
* on the Lambda function, specify null.
*
*
* @param authorizerCredentials
* Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify
* an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use
* resource-based permissions on the Lambda function, specify null.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder authorizerCredentials(String authorizerCredentials);
/**
*
* The identity source for which authorization is requested.
*
* - For a
TOKEN or COGNITO_USER_POOLS authorizer, this is required and specifies
* the request header mapping expression for the custom header holding the authorization token submitted by the
* client. For example, if the token header name is Auth, the header mapping expression is
* method.request.header.Auth.
* - For the
REQUEST authorizer, this is required when authorization caching is enabled. The
* value is a comma-separated string of one or more mapping expressions of the specified request parameters. For
* example, if an Auth header, a Name query string parameter are defined as identity
* sources, this value is method.request.header.Auth, method.request.querystring.Name. These
* parameters will be used to derive the authorization caching key and to perform runtime validation of the
* REQUEST authorizer by verifying all of the identity-related request parameters are present, not
* null and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function,
* otherwise, it returns a 401 Unauthorized response without calling the Lambda function. The valid value is a
* string of comma-separated mapping expressions of the specified request parameters. When the authorization
* caching is not enabled, this property is optional.
*
*
*
* @param identitySource
* The identity source for which authorization is requested.
*
* - For a
TOKEN or COGNITO_USER_POOLS authorizer, this is required and
* specifies the request header mapping expression for the custom header holding the authorization token
* submitted by the client. For example, if the token header name is Auth, the header
* mapping expression is method.request.header.Auth.
* - For the
REQUEST authorizer, this is required when authorization caching is enabled.
* The value is a comma-separated string of one or more mapping expressions of the specified request
* parameters. For example, if an Auth header, a Name query string parameter
* are defined as identity sources, this value is
* method.request.header.Auth, method.request.querystring.Name. These parameters will be
* used to derive the authorization caching key and to perform runtime validation of the
* REQUEST authorizer by verifying all of the identity-related request parameters are
* present, not null and non-empty. Only when this is true does the authorizer invoke the authorizer
* Lambda function, otherwise, it returns a 401 Unauthorized response without calling the Lambda
* function. The valid value is a string of comma-separated mapping expressions of the specified request
* parameters. When the authorization caching is not enabled, this property is optional.
*
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder identitySource(String identitySource);
/**
*
* A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
* regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the
* aud field of the incoming token from the client against the specified regular expression. It
* will invoke the authorizer's Lambda function when there is a match. Otherwise, it will return a 401
* Unauthorized response without calling the Lambda function. The validation expression does not apply to the
* REQUEST authorizer.
*
*
* @param identityValidationExpression
* A validation expression for the incoming identity token. For TOKEN authorizers, this
* value is a regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match
* the aud field of the incoming token from the client against the specified regular
* expression. It will invoke the authorizer's Lambda function when there is a match. Otherwise, it will
* return a 401 Unauthorized response without calling the Lambda function. The validation expression does
* not apply to the REQUEST authorizer.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder identityValidationExpression(String identityValidationExpression);
/**
*
* The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is
* greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is
* 300. The maximum value is 3600, or 1 hour.
*
*
* @param authorizerResultTtlInSeconds
* The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If
* it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the
* default value is 300. The maximum value is 3600, or 1 hour.
* @return Returns a reference to this object so that method calls can be chained together.
*/
Builder authorizerResultTtlInSeconds(Integer authorizerResultTtlInSeconds);
@Override
Builder overrideConfiguration(AwsRequestOverrideConfiguration overrideConfiguration);
@Override
Builder overrideConfiguration(Consumer builderConsumer);
}
static final class BuilderImpl extends ApiGatewayRequest.BuilderImpl implements Builder {
private String restApiId;
private String name;
private String type;
private List providerARNs = DefaultSdkAutoConstructList.getInstance();
private String authType;
private String authorizerUri;
private String authorizerCredentials;
private String identitySource;
private String identityValidationExpression;
private Integer authorizerResultTtlInSeconds;
private BuilderImpl() {
}
private BuilderImpl(CreateAuthorizerRequest model) {
super(model);
restApiId(model.restApiId);
name(model.name);
type(model.type);
providerARNs(model.providerARNs);
authType(model.authType);
authorizerUri(model.authorizerUri);
authorizerCredentials(model.authorizerCredentials);
identitySource(model.identitySource);
identityValidationExpression(model.identityValidationExpression);
authorizerResultTtlInSeconds(model.authorizerResultTtlInSeconds);
}
public final String getRestApiId() {
return restApiId;
}
@Override
public final Builder restApiId(String restApiId) {
this.restApiId = restApiId;
return this;
}
public final void setRestApiId(String restApiId) {
this.restApiId = restApiId;
}
public final String getName() {
return name;
}
@Override
public final Builder name(String name) {
this.name = name;
return this;
}
public final void setName(String name) {
this.name = name;
}
public final String getType() {
return type;
}
@Override
public final Builder type(String type) {
this.type = type;
return this;
}
@Override
public final Builder type(AuthorizerType type) {
this.type(type == null ? null : type.toString());
return this;
}
public final void setType(String type) {
this.type = type;
}
public final Collection getProviderARNs() {
return providerARNs;
}
@Override
public final Builder providerARNs(Collection providerARNs) {
this.providerARNs = ListOfARNsCopier.copy(providerARNs);
return this;
}
@Override
@SafeVarargs
public final Builder providerARNs(String... providerARNs) {
providerARNs(Arrays.asList(providerARNs));
return this;
}
public final void setProviderARNs(Collection providerARNs) {
this.providerARNs = ListOfARNsCopier.copy(providerARNs);
}
public final String getAuthType() {
return authType;
}
@Override
public final Builder authType(String authType) {
this.authType = authType;
return this;
}
public final void setAuthType(String authType) {
this.authType = authType;
}
public final String getAuthorizerUri() {
return authorizerUri;
}
@Override
public final Builder authorizerUri(String authorizerUri) {
this.authorizerUri = authorizerUri;
return this;
}
public final void setAuthorizerUri(String authorizerUri) {
this.authorizerUri = authorizerUri;
}
public final String getAuthorizerCredentials() {
return authorizerCredentials;
}
@Override
public final Builder authorizerCredentials(String authorizerCredentials) {
this.authorizerCredentials = authorizerCredentials;
return this;
}
public final void setAuthorizerCredentials(String authorizerCredentials) {
this.authorizerCredentials = authorizerCredentials;
}
public final String getIdentitySource() {
return identitySource;
}
@Override
public final Builder identitySource(String identitySource) {
this.identitySource = identitySource;
return this;
}
public final void setIdentitySource(String identitySource) {
this.identitySource = identitySource;
}
public final String getIdentityValidationExpression() {
return identityValidationExpression;
}
@Override
public final Builder identityValidationExpression(String identityValidationExpression) {
this.identityValidationExpression = identityValidationExpression;
return this;
}
public final void setIdentityValidationExpression(String identityValidationExpression) {
this.identityValidationExpression = identityValidationExpression;
}
public final Integer getAuthorizerResultTtlInSeconds() {
return authorizerResultTtlInSeconds;
}
@Override
public final Builder authorizerResultTtlInSeconds(Integer authorizerResultTtlInSeconds) {
this.authorizerResultTtlInSeconds = authorizerResultTtlInSeconds;
return this;
}
public final void setAuthorizerResultTtlInSeconds(Integer authorizerResultTtlInSeconds) {
this.authorizerResultTtlInSeconds = authorizerResultTtlInSeconds;
}
@Override
public Builder overrideConfiguration(AwsRequestOverrideConfiguration overrideConfiguration) {
super.overrideConfiguration(overrideConfiguration);
return this;
}
@Override
public Builder overrideConfiguration(Consumer builderConsumer) {
super.overrideConfiguration(builderConsumer);
return this;
}
@Override
public CreateAuthorizerRequest build() {
return new CreateAuthorizerRequest(this);
}
@Override
public List> sdkFields() {
return SDK_FIELDS;
}
}
}