All Downloads are FREE. Search and download functionalities are using the official Maven repository.

software.amazon.awssdk.services.elasticloadbalancingv2.model.AuthenticateOidcActionConfig Maven / Gradle / Ivy

Go to download

The AWS Java SDK for Elastic Load Balancing module holds the client classes that are used for communicating with Elastic Load Balancing Service (API Version 2015-12-01)

There is a newer version: 2.30.1
Show newest version
/*
 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */

package software.amazon.awssdk.services.elasticloadbalancingv2.model;

import java.io.Serializable;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.function.Function;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.core.SdkField;
import software.amazon.awssdk.core.SdkPojo;
import software.amazon.awssdk.core.protocol.MarshallLocation;
import software.amazon.awssdk.core.protocol.MarshallingType;
import software.amazon.awssdk.core.traits.LocationTrait;
import software.amazon.awssdk.core.traits.MapTrait;
import software.amazon.awssdk.core.util.DefaultSdkAutoConstructMap;
import software.amazon.awssdk.core.util.SdkAutoConstructMap;
import software.amazon.awssdk.utils.ToString;
import software.amazon.awssdk.utils.builder.CopyableBuilder;
import software.amazon.awssdk.utils.builder.ToCopyableBuilder;

/**
 * 

* Request parameters when using an identity provider (IdP) that is compliant with OpenID Connect (OIDC) to authenticate * users. *

*/ @Generated("software.amazon.awssdk:codegen") public final class AuthenticateOidcActionConfig implements SdkPojo, Serializable, ToCopyableBuilder { private static final SdkField ISSUER_FIELD = SdkField. builder(MarshallingType.STRING).memberName("Issuer") .getter(getter(AuthenticateOidcActionConfig::issuer)).setter(setter(Builder::issuer)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Issuer").build()).build(); private static final SdkField AUTHORIZATION_ENDPOINT_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("AuthorizationEndpoint").getter(getter(AuthenticateOidcActionConfig::authorizationEndpoint)) .setter(setter(Builder::authorizationEndpoint)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("AuthorizationEndpoint").build()) .build(); private static final SdkField TOKEN_ENDPOINT_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("TokenEndpoint").getter(getter(AuthenticateOidcActionConfig::tokenEndpoint)) .setter(setter(Builder::tokenEndpoint)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("TokenEndpoint").build()).build(); private static final SdkField USER_INFO_ENDPOINT_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("UserInfoEndpoint").getter(getter(AuthenticateOidcActionConfig::userInfoEndpoint)) .setter(setter(Builder::userInfoEndpoint)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("UserInfoEndpoint").build()).build(); private static final SdkField CLIENT_ID_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("ClientId").getter(getter(AuthenticateOidcActionConfig::clientId)).setter(setter(Builder::clientId)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("ClientId").build()).build(); private static final SdkField CLIENT_SECRET_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("ClientSecret").getter(getter(AuthenticateOidcActionConfig::clientSecret)) .setter(setter(Builder::clientSecret)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("ClientSecret").build()).build(); private static final SdkField SESSION_COOKIE_NAME_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("SessionCookieName").getter(getter(AuthenticateOidcActionConfig::sessionCookieName)) .setter(setter(Builder::sessionCookieName)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("SessionCookieName").build()).build(); private static final SdkField SCOPE_FIELD = SdkField. builder(MarshallingType.STRING).memberName("Scope") .getter(getter(AuthenticateOidcActionConfig::scope)).setter(setter(Builder::scope)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("Scope").build()).build(); private static final SdkField SESSION_TIMEOUT_FIELD = SdkField. builder(MarshallingType.LONG) .memberName("SessionTimeout").getter(getter(AuthenticateOidcActionConfig::sessionTimeout)) .setter(setter(Builder::sessionTimeout)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("SessionTimeout").build()).build(); private static final SdkField> AUTHENTICATION_REQUEST_EXTRA_PARAMS_FIELD = SdkField .> builder(MarshallingType.MAP) .memberName("AuthenticationRequestExtraParams") .getter(getter(AuthenticateOidcActionConfig::authenticationRequestExtraParams)) .setter(setter(Builder::authenticationRequestExtraParams)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("AuthenticationRequestExtraParams") .build(), MapTrait.builder() .keyLocationName("key") .valueLocationName("value") .valueFieldInfo( SdkField. builder(MarshallingType.STRING) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD) .locationName("value").build()).build()).build()).build(); private static final SdkField ON_UNAUTHENTICATED_REQUEST_FIELD = SdkField. builder(MarshallingType.STRING) .memberName("OnUnauthenticatedRequest") .getter(getter(AuthenticateOidcActionConfig::onUnauthenticatedRequestAsString)) .setter(setter(Builder::onUnauthenticatedRequest)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("OnUnauthenticatedRequest").build()) .build(); private static final SdkField USE_EXISTING_CLIENT_SECRET_FIELD = SdkField. builder(MarshallingType.BOOLEAN) .memberName("UseExistingClientSecret").getter(getter(AuthenticateOidcActionConfig::useExistingClientSecret)) .setter(setter(Builder::useExistingClientSecret)) .traits(LocationTrait.builder().location(MarshallLocation.PAYLOAD).locationName("UseExistingClientSecret").build()) .build(); private static final List> SDK_FIELDS = Collections.unmodifiableList(Arrays.asList(ISSUER_FIELD, AUTHORIZATION_ENDPOINT_FIELD, TOKEN_ENDPOINT_FIELD, USER_INFO_ENDPOINT_FIELD, CLIENT_ID_FIELD, CLIENT_SECRET_FIELD, SESSION_COOKIE_NAME_FIELD, SCOPE_FIELD, SESSION_TIMEOUT_FIELD, AUTHENTICATION_REQUEST_EXTRA_PARAMS_FIELD, ON_UNAUTHENTICATED_REQUEST_FIELD, USE_EXISTING_CLIENT_SECRET_FIELD)); private static final Map> SDK_NAME_TO_FIELD = memberNameToFieldInitializer(); private static final long serialVersionUID = 1L; private final String issuer; private final String authorizationEndpoint; private final String tokenEndpoint; private final String userInfoEndpoint; private final String clientId; private final String clientSecret; private final String sessionCookieName; private final String scope; private final Long sessionTimeout; private final Map authenticationRequestExtraParams; private final String onUnauthenticatedRequest; private final Boolean useExistingClientSecret; private AuthenticateOidcActionConfig(BuilderImpl builder) { this.issuer = builder.issuer; this.authorizationEndpoint = builder.authorizationEndpoint; this.tokenEndpoint = builder.tokenEndpoint; this.userInfoEndpoint = builder.userInfoEndpoint; this.clientId = builder.clientId; this.clientSecret = builder.clientSecret; this.sessionCookieName = builder.sessionCookieName; this.scope = builder.scope; this.sessionTimeout = builder.sessionTimeout; this.authenticationRequestExtraParams = builder.authenticationRequestExtraParams; this.onUnauthenticatedRequest = builder.onUnauthenticatedRequest; this.useExistingClientSecret = builder.useExistingClientSecret; } /** *

* The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the * path. *

* * @return The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, * and the path. */ public final String issuer() { return issuer; } /** *

* The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the * path. *

* * @return The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, * and the path. */ public final String authorizationEndpoint() { return authorizationEndpoint; } /** *

* The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. *

* * @return The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the * path. */ public final String tokenEndpoint() { return tokenEndpoint; } /** *

* The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the * path. *

* * @return The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and * the path. */ public final String userInfoEndpoint() { return userInfoEndpoint; } /** *

* The OAuth 2.0 client identifier. *

* * @return The OAuth 2.0 client identifier. */ public final String clientId() { return clientId; } /** *

* The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, * you can omit this parameter if you set UseExistingClientSecret to true. *

* * @return The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying * a rule, you can omit this parameter if you set UseExistingClientSecret to true. */ public final String clientSecret() { return clientSecret; } /** *

* The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. *

* * @return The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. */ public final String sessionCookieName() { return sessionCookieName; } /** *

* The set of user claims to be requested from the IdP. The default is openid. *

*

* To verify which scope values your IdP supports and how to separate multiple values, see the documentation for * your IdP. *

* * @return The set of user claims to be requested from the IdP. The default is openid.

*

* To verify which scope values your IdP supports and how to separate multiple values, see the documentation * for your IdP. */ public final String scope() { return scope; } /** *

* The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). *

* * @return The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). */ public final Long sessionTimeout() { return sessionTimeout; } /** * For responses, this returns true if the service returned a value for the AuthenticationRequestExtraParams * property. This DOES NOT check that the value is non-empty (for which, you should check the {@code isEmpty()} * method on the property). This is useful because the SDK will never return a null collection or map, but you may * need to differentiate between the service returning nothing (or null) and the service returning an empty * collection or map. For requests, this returns true if a value for the property was specified in the request * builder, and false if a value was not specified. */ public final boolean hasAuthenticationRequestExtraParams() { return authenticationRequestExtraParams != null && !(authenticationRequestExtraParams instanceof SdkAutoConstructMap); } /** *

* The query parameters (up to 10) to include in the redirect request to the authorization endpoint. *

*

* Attempts to modify the collection returned by this method will result in an UnsupportedOperationException. *

*

* This method will never return null. If you would like to know whether the service returned this field (so that * you can differentiate between null and empty), you can use the {@link #hasAuthenticationRequestExtraParams} * method. *

* * @return The query parameters (up to 10) to include in the redirect request to the authorization endpoint. */ public final Map authenticationRequestExtraParams() { return authenticationRequestExtraParams; } /** *

* The behavior if the user is not authenticated. The following are possible values: *

*
    *
  • *

    * deny - Return an HTTP 401 Unauthorized error. *

    *
  • *
  • *

    * allow - Allow the request to be forwarded to the target. *

    *
  • *
  • *

    * authenticate - Redirect the request to the IdP authorization endpoint. This is the default value. *

    *
  • *
*

* If the service returns an enum value that is not available in the current SDK version, * {@link #onUnauthenticatedRequest} will return * {@link AuthenticateOidcActionConditionalBehaviorEnum#UNKNOWN_TO_SDK_VERSION}. The raw value returned by the * service is available from {@link #onUnauthenticatedRequestAsString}. *

* * @return The behavior if the user is not authenticated. The following are possible values:

*
    *
  • *

    * deny - Return an HTTP 401 Unauthorized error. *

    *
  • *
  • *

    * allow - Allow the request to be forwarded to the target. *

    *
  • *
  • *

    * authenticate - Redirect the request to the IdP authorization endpoint. This is the default value. *

    *
  • * @see AuthenticateOidcActionConditionalBehaviorEnum */ public final AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest() { return AuthenticateOidcActionConditionalBehaviorEnum.fromValue(onUnauthenticatedRequest); } /** *

    * The behavior if the user is not authenticated. The following are possible values: *

    *
      *
    • *

      * deny - Return an HTTP 401 Unauthorized error. *

      *
    • *
    • *

      * allow - Allow the request to be forwarded to the target. *

      *
    • *
    • *

      * authenticate - Redirect the request to the IdP authorization endpoint. This is the default value. *

      *
    • *
    *

    * If the service returns an enum value that is not available in the current SDK version, * {@link #onUnauthenticatedRequest} will return * {@link AuthenticateOidcActionConditionalBehaviorEnum#UNKNOWN_TO_SDK_VERSION}. The raw value returned by the * service is available from {@link #onUnauthenticatedRequestAsString}. *

    * * @return The behavior if the user is not authenticated. The following are possible values:

    *
      *
    • *

      * deny - Return an HTTP 401 Unauthorized error. *

      *
    • *
    • *

      * allow - Allow the request to be forwarded to the target. *

      *
    • *
    • *

      * authenticate - Redirect the request to the IdP authorization endpoint. This is the default value. *

      *
    • * @see AuthenticateOidcActionConditionalBehaviorEnum */ public final String onUnauthenticatedRequestAsString() { return onUnauthenticatedRequest; } /** *

      * Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can * omit this parameter or set it to false. *

      * * @return Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, * you can omit this parameter or set it to false. */ public final Boolean useExistingClientSecret() { return useExistingClientSecret; } @Override public Builder toBuilder() { return new BuilderImpl(this); } public static Builder builder() { return new BuilderImpl(); } public static Class serializableBuilderClass() { return BuilderImpl.class; } @Override public final int hashCode() { int hashCode = 1; hashCode = 31 * hashCode + Objects.hashCode(issuer()); hashCode = 31 * hashCode + Objects.hashCode(authorizationEndpoint()); hashCode = 31 * hashCode + Objects.hashCode(tokenEndpoint()); hashCode = 31 * hashCode + Objects.hashCode(userInfoEndpoint()); hashCode = 31 * hashCode + Objects.hashCode(clientId()); hashCode = 31 * hashCode + Objects.hashCode(clientSecret()); hashCode = 31 * hashCode + Objects.hashCode(sessionCookieName()); hashCode = 31 * hashCode + Objects.hashCode(scope()); hashCode = 31 * hashCode + Objects.hashCode(sessionTimeout()); hashCode = 31 * hashCode + Objects.hashCode(hasAuthenticationRequestExtraParams() ? authenticationRequestExtraParams() : null); hashCode = 31 * hashCode + Objects.hashCode(onUnauthenticatedRequestAsString()); hashCode = 31 * hashCode + Objects.hashCode(useExistingClientSecret()); return hashCode; } @Override public final boolean equals(Object obj) { return equalsBySdkFields(obj); } @Override public final boolean equalsBySdkFields(Object obj) { if (this == obj) { return true; } if (obj == null) { return false; } if (!(obj instanceof AuthenticateOidcActionConfig)) { return false; } AuthenticateOidcActionConfig other = (AuthenticateOidcActionConfig) obj; return Objects.equals(issuer(), other.issuer()) && Objects.equals(authorizationEndpoint(), other.authorizationEndpoint()) && Objects.equals(tokenEndpoint(), other.tokenEndpoint()) && Objects.equals(userInfoEndpoint(), other.userInfoEndpoint()) && Objects.equals(clientId(), other.clientId()) && Objects.equals(clientSecret(), other.clientSecret()) && Objects.equals(sessionCookieName(), other.sessionCookieName()) && Objects.equals(scope(), other.scope()) && Objects.equals(sessionTimeout(), other.sessionTimeout()) && hasAuthenticationRequestExtraParams() == other.hasAuthenticationRequestExtraParams() && Objects.equals(authenticationRequestExtraParams(), other.authenticationRequestExtraParams()) && Objects.equals(onUnauthenticatedRequestAsString(), other.onUnauthenticatedRequestAsString()) && Objects.equals(useExistingClientSecret(), other.useExistingClientSecret()); } /** * Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be * redacted from this string using a placeholder value. */ @Override public final String toString() { return ToString .builder("AuthenticateOidcActionConfig") .add("Issuer", issuer()) .add("AuthorizationEndpoint", authorizationEndpoint()) .add("TokenEndpoint", tokenEndpoint()) .add("UserInfoEndpoint", userInfoEndpoint()) .add("ClientId", clientId()) .add("ClientSecret", clientSecret()) .add("SessionCookieName", sessionCookieName()) .add("Scope", scope()) .add("SessionTimeout", sessionTimeout()) .add("AuthenticationRequestExtraParams", hasAuthenticationRequestExtraParams() ? authenticationRequestExtraParams() : null) .add("OnUnauthenticatedRequest", onUnauthenticatedRequestAsString()) .add("UseExistingClientSecret", useExistingClientSecret()).build(); } public final Optional getValueForField(String fieldName, Class clazz) { switch (fieldName) { case "Issuer": return Optional.ofNullable(clazz.cast(issuer())); case "AuthorizationEndpoint": return Optional.ofNullable(clazz.cast(authorizationEndpoint())); case "TokenEndpoint": return Optional.ofNullable(clazz.cast(tokenEndpoint())); case "UserInfoEndpoint": return Optional.ofNullable(clazz.cast(userInfoEndpoint())); case "ClientId": return Optional.ofNullable(clazz.cast(clientId())); case "ClientSecret": return Optional.ofNullable(clazz.cast(clientSecret())); case "SessionCookieName": return Optional.ofNullable(clazz.cast(sessionCookieName())); case "Scope": return Optional.ofNullable(clazz.cast(scope())); case "SessionTimeout": return Optional.ofNullable(clazz.cast(sessionTimeout())); case "AuthenticationRequestExtraParams": return Optional.ofNullable(clazz.cast(authenticationRequestExtraParams())); case "OnUnauthenticatedRequest": return Optional.ofNullable(clazz.cast(onUnauthenticatedRequestAsString())); case "UseExistingClientSecret": return Optional.ofNullable(clazz.cast(useExistingClientSecret())); default: return Optional.empty(); } } @Override public final List> sdkFields() { return SDK_FIELDS; } @Override public final Map> sdkFieldNameToField() { return SDK_NAME_TO_FIELD; } private static Map> memberNameToFieldInitializer() { Map> map = new HashMap<>(); map.put("Issuer", ISSUER_FIELD); map.put("AuthorizationEndpoint", AUTHORIZATION_ENDPOINT_FIELD); map.put("TokenEndpoint", TOKEN_ENDPOINT_FIELD); map.put("UserInfoEndpoint", USER_INFO_ENDPOINT_FIELD); map.put("ClientId", CLIENT_ID_FIELD); map.put("ClientSecret", CLIENT_SECRET_FIELD); map.put("SessionCookieName", SESSION_COOKIE_NAME_FIELD); map.put("Scope", SCOPE_FIELD); map.put("SessionTimeout", SESSION_TIMEOUT_FIELD); map.put("AuthenticationRequestExtraParams", AUTHENTICATION_REQUEST_EXTRA_PARAMS_FIELD); map.put("OnUnauthenticatedRequest", ON_UNAUTHENTICATED_REQUEST_FIELD); map.put("UseExistingClientSecret", USE_EXISTING_CLIENT_SECRET_FIELD); return Collections.unmodifiableMap(map); } private static Function getter(Function g) { return obj -> g.apply((AuthenticateOidcActionConfig) obj); } private static BiConsumer setter(BiConsumer s) { return (obj, val) -> s.accept((Builder) obj, val); } public interface Builder extends SdkPojo, CopyableBuilder { /** *

      * The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and * the path. *

      * * @param issuer * The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the * domain, and the path. * @return Returns a reference to this object so that method calls can be chained together. */ Builder issuer(String issuer); /** *

      * The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and * the path. *

      * * @param authorizationEndpoint * The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the * domain, and the path. * @return Returns a reference to this object so that method calls can be chained together. */ Builder authorizationEndpoint(String authorizationEndpoint); /** *

      * The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the * path. *

      * * @param tokenEndpoint * The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and * the path. * @return Returns a reference to this object so that method calls can be chained together. */ Builder tokenEndpoint(String tokenEndpoint); /** *

      * The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the * path. *

      * * @param userInfoEndpoint * The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, * and the path. * @return Returns a reference to this object so that method calls can be chained together. */ Builder userInfoEndpoint(String userInfoEndpoint); /** *

      * The OAuth 2.0 client identifier. *

      * * @param clientId * The OAuth 2.0 client identifier. * @return Returns a reference to this object so that method calls can be chained together. */ Builder clientId(String clientId); /** *

      * The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a * rule, you can omit this parameter if you set UseExistingClientSecret to true. *

      * * @param clientSecret * The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are * modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true. * @return Returns a reference to this object so that method calls can be chained together. */ Builder clientSecret(String clientSecret); /** *

      * The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. *

      * * @param sessionCookieName * The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. * @return Returns a reference to this object so that method calls can be chained together. */ Builder sessionCookieName(String sessionCookieName); /** *

      * The set of user claims to be requested from the IdP. The default is openid. *

      *

      * To verify which scope values your IdP supports and how to separate multiple values, see the documentation for * your IdP. *

      * * @param scope * The set of user claims to be requested from the IdP. The default is openid.

      *

      * To verify which scope values your IdP supports and how to separate multiple values, see the * documentation for your IdP. * @return Returns a reference to this object so that method calls can be chained together. */ Builder scope(String scope); /** *

      * The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). *

      * * @param sessionTimeout * The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 * days). * @return Returns a reference to this object so that method calls can be chained together. */ Builder sessionTimeout(Long sessionTimeout); /** *

      * The query parameters (up to 10) to include in the redirect request to the authorization endpoint. *

      * * @param authenticationRequestExtraParams * The query parameters (up to 10) to include in the redirect request to the authorization endpoint. * @return Returns a reference to this object so that method calls can be chained together. */ Builder authenticationRequestExtraParams(Map authenticationRequestExtraParams); /** *

      * The behavior if the user is not authenticated. The following are possible values: *

      *
        *
      • *

        * deny - Return an HTTP 401 Unauthorized error. *

        *
      • *
      • *

        * allow - Allow the request to be forwarded to the target. *

        *
      • *
      • *

        * authenticate - Redirect the request to the IdP authorization endpoint. This is the default value. *

        *
      • *
      * * @param onUnauthenticatedRequest * The behavior if the user is not authenticated. The following are possible values:

      *
        *
      • *

        * deny - Return an HTTP 401 Unauthorized error. *

        *
      • *
      • *

        * allow - Allow the request to be forwarded to the target. *

        *
      • *
      • *

        * authenticate * - Redirect the request to the IdP authorization endpoint. This is the default value. *

        *
      • * @see AuthenticateOidcActionConditionalBehaviorEnum * @return Returns a reference to this object so that method calls can be chained together. * @see AuthenticateOidcActionConditionalBehaviorEnum */ Builder onUnauthenticatedRequest(String onUnauthenticatedRequest); /** *

        * The behavior if the user is not authenticated. The following are possible values: *

        *
          *
        • *

          * deny - Return an HTTP 401 Unauthorized error. *

          *
        • *
        • *

          * allow - Allow the request to be forwarded to the target. *

          *
        • *
        • *

          * authenticate - Redirect the request to the IdP authorization endpoint. This is the default value. *

          *
        • *
        * * @param onUnauthenticatedRequest * The behavior if the user is not authenticated. The following are possible values:

        *
          *
        • *

          * deny - Return an HTTP 401 Unauthorized error. *

          *
        • *
        • *

          * allow - Allow the request to be forwarded to the target. *

          *
        • *
        • *

          * authenticate * - Redirect the request to the IdP authorization endpoint. This is the default value. *

          *
        • * @see AuthenticateOidcActionConditionalBehaviorEnum * @return Returns a reference to this object so that method calls can be chained together. * @see AuthenticateOidcActionConditionalBehaviorEnum */ Builder onUnauthenticatedRequest(AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest); /** *

          * Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you * can omit this parameter or set it to false. *

          * * @param useExistingClientSecret * Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, * you can omit this parameter or set it to false. * @return Returns a reference to this object so that method calls can be chained together. */ Builder useExistingClientSecret(Boolean useExistingClientSecret); } static final class BuilderImpl implements Builder { private String issuer; private String authorizationEndpoint; private String tokenEndpoint; private String userInfoEndpoint; private String clientId; private String clientSecret; private String sessionCookieName; private String scope; private Long sessionTimeout; private Map authenticationRequestExtraParams = DefaultSdkAutoConstructMap.getInstance(); private String onUnauthenticatedRequest; private Boolean useExistingClientSecret; private BuilderImpl() { } private BuilderImpl(AuthenticateOidcActionConfig model) { issuer(model.issuer); authorizationEndpoint(model.authorizationEndpoint); tokenEndpoint(model.tokenEndpoint); userInfoEndpoint(model.userInfoEndpoint); clientId(model.clientId); clientSecret(model.clientSecret); sessionCookieName(model.sessionCookieName); scope(model.scope); sessionTimeout(model.sessionTimeout); authenticationRequestExtraParams(model.authenticationRequestExtraParams); onUnauthenticatedRequest(model.onUnauthenticatedRequest); useExistingClientSecret(model.useExistingClientSecret); } public final String getIssuer() { return issuer; } public final void setIssuer(String issuer) { this.issuer = issuer; } @Override public final Builder issuer(String issuer) { this.issuer = issuer; return this; } public final String getAuthorizationEndpoint() { return authorizationEndpoint; } public final void setAuthorizationEndpoint(String authorizationEndpoint) { this.authorizationEndpoint = authorizationEndpoint; } @Override public final Builder authorizationEndpoint(String authorizationEndpoint) { this.authorizationEndpoint = authorizationEndpoint; return this; } public final String getTokenEndpoint() { return tokenEndpoint; } public final void setTokenEndpoint(String tokenEndpoint) { this.tokenEndpoint = tokenEndpoint; } @Override public final Builder tokenEndpoint(String tokenEndpoint) { this.tokenEndpoint = tokenEndpoint; return this; } public final String getUserInfoEndpoint() { return userInfoEndpoint; } public final void setUserInfoEndpoint(String userInfoEndpoint) { this.userInfoEndpoint = userInfoEndpoint; } @Override public final Builder userInfoEndpoint(String userInfoEndpoint) { this.userInfoEndpoint = userInfoEndpoint; return this; } public final String getClientId() { return clientId; } public final void setClientId(String clientId) { this.clientId = clientId; } @Override public final Builder clientId(String clientId) { this.clientId = clientId; return this; } public final String getClientSecret() { return clientSecret; } public final void setClientSecret(String clientSecret) { this.clientSecret = clientSecret; } @Override public final Builder clientSecret(String clientSecret) { this.clientSecret = clientSecret; return this; } public final String getSessionCookieName() { return sessionCookieName; } public final void setSessionCookieName(String sessionCookieName) { this.sessionCookieName = sessionCookieName; } @Override public final Builder sessionCookieName(String sessionCookieName) { this.sessionCookieName = sessionCookieName; return this; } public final String getScope() { return scope; } public final void setScope(String scope) { this.scope = scope; } @Override public final Builder scope(String scope) { this.scope = scope; return this; } public final Long getSessionTimeout() { return sessionTimeout; } public final void setSessionTimeout(Long sessionTimeout) { this.sessionTimeout = sessionTimeout; } @Override public final Builder sessionTimeout(Long sessionTimeout) { this.sessionTimeout = sessionTimeout; return this; } public final Map getAuthenticationRequestExtraParams() { if (authenticationRequestExtraParams instanceof SdkAutoConstructMap) { return null; } return authenticationRequestExtraParams; } public final void setAuthenticationRequestExtraParams(Map authenticationRequestExtraParams) { this.authenticationRequestExtraParams = AuthenticateOidcActionAuthenticationRequestExtraParamsCopier .copy(authenticationRequestExtraParams); } @Override public final Builder authenticationRequestExtraParams(Map authenticationRequestExtraParams) { this.authenticationRequestExtraParams = AuthenticateOidcActionAuthenticationRequestExtraParamsCopier .copy(authenticationRequestExtraParams); return this; } public final String getOnUnauthenticatedRequest() { return onUnauthenticatedRequest; } public final void setOnUnauthenticatedRequest(String onUnauthenticatedRequest) { this.onUnauthenticatedRequest = onUnauthenticatedRequest; } @Override public final Builder onUnauthenticatedRequest(String onUnauthenticatedRequest) { this.onUnauthenticatedRequest = onUnauthenticatedRequest; return this; } @Override public final Builder onUnauthenticatedRequest(AuthenticateOidcActionConditionalBehaviorEnum onUnauthenticatedRequest) { this.onUnauthenticatedRequest(onUnauthenticatedRequest == null ? null : onUnauthenticatedRequest.toString()); return this; } public final Boolean getUseExistingClientSecret() { return useExistingClientSecret; } public final void setUseExistingClientSecret(Boolean useExistingClientSecret) { this.useExistingClientSecret = useExistingClientSecret; } @Override public final Builder useExistingClientSecret(Boolean useExistingClientSecret) { this.useExistingClientSecret = useExistingClientSecret; return this; } @Override public AuthenticateOidcActionConfig build() { return new AuthenticateOidcActionConfig(this); } @Override public List> sdkFields() { return SDK_FIELDS; } @Override public Map> sdkFieldNameToField() { return SDK_NAME_TO_FIELD; } } }