aws-sdk-cognitoidentityprovider 1.52.0 → 1.53.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: be13d2b8566a685d618491947b99c96481d64beeaf99c92caf50e8d23326be96
-  data.tar.gz: fde0fc9c7ade2ea51df0fab0a4f2c56a50ff16078189c15b964882cfc4ad8838
+  metadata.gz: 1af9b5f06b1963253ed3dd35948da0475bd3a872631843a3b90e605adee8e33c
+  data.tar.gz: ce8310c2ec0576f3f2971b0493695b98c64f5e7bde6f1bcd2255a23158dcf60d
 SHA512:
-  metadata.gz: 132a83ca21f4a8a35f272bafbbd644014a2cd5919732db6663ae51435f280a61e378685506b49616bb435b04cd4049e086f8fea899596ecf2ad262a065987bc5
-  data.tar.gz: d2762571d2100c675049202761bb5ccc1bbe2644b9e9cfd0592d2c15072bc583103f9832023b9ad372723a10d0ab0bc60168e4a3e410d82becdda330fc8197ea
+  metadata.gz: 256b1a7a95d7e25aa4939d3f1534d9a641c715f3072deecc1e678ebf757855477da62e4611a9b3299352f2ad45d22fc7f805b078c97b2eddfa7d23f19b6ade45
+  data.tar.gz: 26efbb5741917d179acaf1354f04b4cc21daf736fe06901f1eda615802285b91a3eefbd1e59461585d7cc12cb34cc1491efc69a8993ffa46a9d803f6daaab6a6

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.53.0 (2021-06-10)
+------------------
+
+* Feature - Amazon Cognito now supports targeted sign out through refresh token revocation
+
 1.52.0 (2021-06-08)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.52.0
+1.53.0

data/lib/aws-sdk-cognitoidentityprovider.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-cognitoidentityprovider/customizations'
 # @!group service
 module Aws::CognitoIdentityProvider
 
-  GEM_VERSION = '1.52.0'
+  GEM_VERSION = '1.53.0'
 
 end

data/lib/aws-sdk-cognitoidentityprovider/client.rb

@@ -3195,6 +3195,14 @@ module Aws::CognitoIdentityProvider
 
     # Creates the user pool client.
     #
+    # When you create a new user pool client, token revocation is
+    # automatically enabled. For more information about revoking tokens, see
+    # [RevokeToken][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
+    #
     # @option params [required, String] :user_pool_id
     #   The user pool ID for the user pool where you want to create a user
     #   pool client.
@@ -3379,6 +3387,17 @@ module Aws::CognitoIdentityProvider
     #
     #    </note>
     #
+    # @option params [Boolean] :enable_token_revocation
+    #   Enables or disables token revocation. For more information about
+    #   revoking tokens, see [RevokeToken][1].
+    #
+    #   If you don't include this parameter, token revocation is
+    #   automatically enabled for the new user pool client.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
+    #
     # @return [Types::CreateUserPoolClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateUserPoolClientResponse#user_pool_client #user_pool_client} => Types::UserPoolClientType
@@ -3415,6 +3434,7 @@ module Aws::CognitoIdentityProvider
     #       user_data_shared: false,
     #     },
     #     prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
+    #     enable_token_revocation: false,
     #   })
     #
     # @example Response structure
@@ -3455,6 +3475,7 @@ module Aws::CognitoIdentityProvider
     #   resp.user_pool_client.analytics_configuration.external_id #=> String
     #   resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
     #   resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
+    #   resp.user_pool_client.enable_token_revocation #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClient AWS API Documentation
     #
@@ -4071,6 +4092,7 @@ module Aws::CognitoIdentityProvider
     #   resp.user_pool_client.analytics_configuration.external_id #=> String
     #   resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
     #   resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
+    #   resp.user_pool_client.enable_token_revocation #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/DescribeUserPoolClient AWS API Documentation
     #
@@ -5764,6 +5786,39 @@ module Aws::CognitoIdentityProvider
       req.send_request(options)
     end
 
+    # Revokes all of the access tokens generated by the specified refresh
+    # token. After the token is revoked, you can not use the revoked token
+    # to access Cognito authenticated APIs.
+    #
+    # @option params [required, String] :token
+    #   The token that you want to revoke.
+    #
+    # @option params [required, String] :client_id
+    #   The client ID for the token that you want to revoke.
+    #
+    # @option params [String] :client_secret
+    #   The secret for the client ID. This is required only if the client ID
+    #   has a secret.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.revoke_token({
+    #     token: "TokenModelType", # required
+    #     client_id: "ClientIdType", # required
+    #     client_secret: "ClientSecretType",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeToken AWS API Documentation
+    #
+    # @overload revoke_token(params = {})
+    # @param [Hash] params ({})
+    def revoke_token(params = {}, options = {})
+      req = build_request(:revoke_token, params)
+      req.send_request(options)
+    end
+
     # Configures actions on detected risks. To delete the risk configuration
     # for `UserPoolId` or `ClientId`, pass null values for all four
     # configuration types.
@@ -7011,9 +7066,14 @@ module Aws::CognitoIdentityProvider
     # If you don't provide a value for an attribute, it will be set to the
     # default value.
     #
+    # You can also use this operation to enable token revocation for user
+    # pool clients. For more information about revoking tokens, see
+    # [RevokeToken][2].
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPoolClient.html
+    # [2]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
     #
     # @option params [required, String] :user_pool_id
     #   The user pool ID for the user pool where you want to update the user
@@ -7182,6 +7242,14 @@ module Aws::CognitoIdentityProvider
     #
     #    </note>
     #
+    # @option params [Boolean] :enable_token_revocation
+    #   Enables or disables token revocation. For more information about
+    #   revoking tokens, see [RevokeToken][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
+    #
     # @return [Types::UpdateUserPoolClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateUserPoolClientResponse#user_pool_client #user_pool_client} => Types::UserPoolClientType
@@ -7218,6 +7286,7 @@ module Aws::CognitoIdentityProvider
     #       user_data_shared: false,
     #     },
     #     prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
+    #     enable_token_revocation: false,
     #   })
     #
     # @example Response structure
@@ -7258,6 +7327,7 @@ module Aws::CognitoIdentityProvider
     #   resp.user_pool_client.analytics_configuration.external_id #=> String
     #   resp.user_pool_client.analytics_configuration.user_data_shared #=> Boolean
     #   resp.user_pool_client.prevent_user_existence_errors #=> String, one of "LEGACY", "ENABLED"
+    #   resp.user_pool_client.enable_token_revocation #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClient AWS API Documentation
     #
@@ -7440,7 +7510,7 @@ module Aws::CognitoIdentityProvider
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
-      context[:gem_version] = '1.52.0'
+      context[:gem_version] = '1.53.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cognitoidentityprovider/client_api.rb

@@ -345,6 +345,8 @@ module Aws::CognitoIdentityProvider
     ResourceServersListType = Shapes::ListShape.new(name: 'ResourceServersListType')
     RespondToAuthChallengeRequest = Shapes::StructureShape.new(name: 'RespondToAuthChallengeRequest')
     RespondToAuthChallengeResponse = Shapes::StructureShape.new(name: 'RespondToAuthChallengeResponse')
+    RevokeTokenRequest = Shapes::StructureShape.new(name: 'RevokeTokenRequest')
+    RevokeTokenResponse = Shapes::StructureShape.new(name: 'RevokeTokenResponse')
     RiskConfigurationType = Shapes::StructureShape.new(name: 'RiskConfigurationType')
     RiskDecisionType = Shapes::StringShape.new(name: 'RiskDecisionType')
     RiskExceptionConfigurationType = Shapes::StructureShape.new(name: 'RiskExceptionConfigurationType')
@@ -401,8 +403,11 @@ module Aws::CognitoIdentityProvider
     TooManyFailedAttemptsException = Shapes::StructureShape.new(name: 'TooManyFailedAttemptsException')
     TooManyRequestsException = Shapes::StructureShape.new(name: 'TooManyRequestsException')
     UICustomizationType = Shapes::StructureShape.new(name: 'UICustomizationType')
+    UnauthorizedException = Shapes::StructureShape.new(name: 'UnauthorizedException')
     UnexpectedLambdaException = Shapes::StructureShape.new(name: 'UnexpectedLambdaException')
     UnsupportedIdentityProviderException = Shapes::StructureShape.new(name: 'UnsupportedIdentityProviderException')
+    UnsupportedOperationException = Shapes::StructureShape.new(name: 'UnsupportedOperationException')
+    UnsupportedTokenTypeException = Shapes::StructureShape.new(name: 'UnsupportedTokenTypeException')
     UnsupportedUserStateException = Shapes::StructureShape.new(name: 'UnsupportedUserStateException')
     UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
     UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
@@ -917,6 +922,7 @@ module Aws::CognitoIdentityProvider
     CreateUserPoolClientRequest.add_member(:allowed_o_auth_flows_user_pool_client, Shapes::ShapeRef.new(shape: BooleanType, location_name: "AllowedOAuthFlowsUserPoolClient"))
     CreateUserPoolClientRequest.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
     CreateUserPoolClientRequest.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
+    CreateUserPoolClientRequest.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
     CreateUserPoolClientRequest.struct_class = Types::CreateUserPoolClientRequest
 
     CreateUserPoolClientResponse.add_member(:user_pool_client, Shapes::ShapeRef.new(shape: UserPoolClientType, location_name: "UserPoolClient"))
@@ -1506,6 +1512,13 @@ module Aws::CognitoIdentityProvider
     RespondToAuthChallengeResponse.add_member(:authentication_result, Shapes::ShapeRef.new(shape: AuthenticationResultType, location_name: "AuthenticationResult"))
     RespondToAuthChallengeResponse.struct_class = Types::RespondToAuthChallengeResponse
 
+    RevokeTokenRequest.add_member(:token, Shapes::ShapeRef.new(shape: TokenModelType, required: true, location_name: "Token"))
+    RevokeTokenRequest.add_member(:client_id, Shapes::ShapeRef.new(shape: ClientIdType, required: true, location_name: "ClientId"))
+    RevokeTokenRequest.add_member(:client_secret, Shapes::ShapeRef.new(shape: ClientSecretType, location_name: "ClientSecret"))
+    RevokeTokenRequest.struct_class = Types::RevokeTokenRequest
+
+    RevokeTokenResponse.struct_class = Types::RevokeTokenResponse
+
     RiskConfigurationType.add_member(:user_pool_id, Shapes::ShapeRef.new(shape: UserPoolIdType, location_name: "UserPoolId"))
     RiskConfigurationType.add_member(:client_id, Shapes::ShapeRef.new(shape: ClientIdType, location_name: "ClientId"))
     RiskConfigurationType.add_member(:compromised_credentials_risk_configuration, Shapes::ShapeRef.new(shape: CompromisedCredentialsRiskConfigurationType, location_name: "CompromisedCredentialsRiskConfiguration"))
@@ -1665,12 +1678,21 @@ module Aws::CognitoIdentityProvider
     UICustomizationType.add_member(:creation_date, Shapes::ShapeRef.new(shape: DateType, location_name: "CreationDate"))
     UICustomizationType.struct_class = Types::UICustomizationType
 
+    UnauthorizedException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
+    UnauthorizedException.struct_class = Types::UnauthorizedException
+
     UnexpectedLambdaException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
     UnexpectedLambdaException.struct_class = Types::UnexpectedLambdaException
 
     UnsupportedIdentityProviderException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
     UnsupportedIdentityProviderException.struct_class = Types::UnsupportedIdentityProviderException
 
+    UnsupportedOperationException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
+    UnsupportedOperationException.struct_class = Types::UnsupportedOperationException
+
+    UnsupportedTokenTypeException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
+    UnsupportedTokenTypeException.struct_class = Types::UnsupportedTokenTypeException
+
     UnsupportedUserStateException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))
     UnsupportedUserStateException.struct_class = Types::UnsupportedUserStateException
 
@@ -1752,6 +1774,7 @@ module Aws::CognitoIdentityProvider
     UpdateUserPoolClientRequest.add_member(:allowed_o_auth_flows_user_pool_client, Shapes::ShapeRef.new(shape: BooleanType, location_name: "AllowedOAuthFlowsUserPoolClient"))
     UpdateUserPoolClientRequest.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
     UpdateUserPoolClientRequest.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
+    UpdateUserPoolClientRequest.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
     UpdateUserPoolClientRequest.struct_class = Types::UpdateUserPoolClientRequest
 
     UpdateUserPoolClientResponse.add_member(:user_pool_client, Shapes::ShapeRef.new(shape: UserPoolClientType, location_name: "UserPoolClient"))
@@ -1855,6 +1878,7 @@ module Aws::CognitoIdentityProvider
     UserPoolClientType.add_member(:allowed_o_auth_flows_user_pool_client, Shapes::ShapeRef.new(shape: BooleanType, location_name: "AllowedOAuthFlowsUserPoolClient", metadata: {"box"=>true}))
     UserPoolClientType.add_member(:analytics_configuration, Shapes::ShapeRef.new(shape: AnalyticsConfigurationType, location_name: "AnalyticsConfiguration"))
     UserPoolClientType.add_member(:prevent_user_existence_errors, Shapes::ShapeRef.new(shape: PreventUserExistenceErrorTypes, location_name: "PreventUserExistenceErrors"))
+    UserPoolClientType.add_member(:enable_token_revocation, Shapes::ShapeRef.new(shape: WrappedBooleanType, location_name: "EnableTokenRevocation"))
     UserPoolClientType.struct_class = Types::UserPoolClientType
 
     UserPoolDescriptionType.add_member(:id, Shapes::ShapeRef.new(shape: UserPoolIdType, location_name: "Id"))
@@ -3276,6 +3300,20 @@ module Aws::CognitoIdentityProvider
         o.errors << Shapes::ShapeRef.new(shape: SoftwareTokenMFANotFoundException)
       end)
 
+      api.add_operation(:revoke_token, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "RevokeToken"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: RevokeTokenRequest)
+        o.output = Shapes::ShapeRef.new(shape: RevokeTokenResponse)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: UnauthorizedException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedTokenTypeException)
+      end)
+
       api.add_operation(:set_risk_configuration, Seahorse::Model::Operation.new.tap do |o|
         o.name = "SetRiskConfiguration"
         o.http_method = "POST"

data/lib/aws-sdk-cognitoidentityprovider/errors.rb

@@ -54,8 +54,11 @@ module Aws::CognitoIdentityProvider
   # * {SoftwareTokenMFANotFoundException}
   # * {TooManyFailedAttemptsException}
   # * {TooManyRequestsException}
+  # * {UnauthorizedException}
   # * {UnexpectedLambdaException}
   # * {UnsupportedIdentityProviderException}
+  # * {UnsupportedOperationException}
+  # * {UnsupportedTokenTypeException}
   # * {UnsupportedUserStateException}
   # * {UserImportInProgressException}
   # * {UserLambdaValidationException}
@@ -476,6 +479,21 @@ module Aws::CognitoIdentityProvider
       end
     end
 
+    class UnauthorizedException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::CognitoIdentityProvider::Types::UnauthorizedException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class UnexpectedLambdaException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -506,6 +524,36 @@ module Aws::CognitoIdentityProvider
       end
     end
 
+    class UnsupportedOperationException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::CognitoIdentityProvider::Types::UnsupportedOperationException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class UnsupportedTokenTypeException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::CognitoIdentityProvider::Types::UnsupportedTokenTypeException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class UnsupportedUserStateException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-cognitoidentityprovider/types.rb

@@ -3310,6 +3310,7 @@ module Aws::CognitoIdentityProvider
     #           user_data_shared: false,
     #         },
     #         prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
+    #         enable_token_revocation: false,
     #       }
     #
     # @!attribute [rw] user_pool_id
@@ -3518,6 +3519,18 @@ module Aws::CognitoIdentityProvider
     #    </note>
     #   @return [String]
     #
+    # @!attribute [rw] enable_token_revocation
+    #   Enables or disables token revocation. For more information about
+    #   revoking tokens, see [RevokeToken][1].
+    #
+    #   If you don't include this parameter, token revocation is
+    #   automatically enabled for the new user pool client.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolClientRequest AWS API Documentation
     #
     class CreateUserPoolClientRequest < Struct.new(
@@ -3539,7 +3552,8 @@ module Aws::CognitoIdentityProvider
       :allowed_o_auth_scopes,
       :allowed_o_auth_flows_user_pool_client,
       :analytics_configuration,
-      :prevent_user_existence_errors)
+      :prevent_user_existence_errors,
+      :enable_token_revocation)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7608,6 +7622,42 @@ module Aws::CognitoIdentityProvider
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass RevokeTokenRequest
+    #   data as a hash:
+    #
+    #       {
+    #         token: "TokenModelType", # required
+    #         client_id: "ClientIdType", # required
+    #         client_secret: "ClientSecretType",
+    #       }
+    #
+    # @!attribute [rw] token
+    #   The token that you want to revoke.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_id
+    #   The client ID for the token that you want to revoke.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_secret
+    #   The secret for the client ID. This is required only if the client ID
+    #   has a secret.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeTokenRequest AWS API Documentation
+    #
+    class RevokeTokenRequest < Struct.new(
+      :token,
+      :client_id,
+      :client_secret)
+      SENSITIVE = [:token, :client_id, :client_secret]
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/RevokeTokenResponse AWS API Documentation
+    #
+    class RevokeTokenResponse < Aws::EmptyStructure; end
+
     # The risk configuration type.
     #
     # @!attribute [rw] user_pool_id
@@ -8714,6 +8764,20 @@ module Aws::CognitoIdentityProvider
       include Aws::Structure
     end
 
+    # This exception is thrown when the request is not authorized. This can
+    # happen due to an invalid access token in the request.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnauthorizedException AWS API Documentation
+    #
+    class UnauthorizedException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # This exception is thrown when the Amazon Cognito service encounters an
     # unexpected exception with the AWS Lambda service.
     #
@@ -8744,6 +8808,34 @@ module Aws::CognitoIdentityProvider
       include Aws::Structure
     end
 
+    # This exception is thrown when you attempt to perform an operation that
+    # is not enabled for the user pool client.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnsupportedOperationException AWS API Documentation
+    #
+    class UnsupportedOperationException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # This exception is thrown when an unsupported token is passed to an
+    # operation.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UnsupportedTokenTypeException AWS API Documentation
+    #
+    class UnsupportedTokenTypeException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The request failed because the user is in an unsupported state.
     #
     # @!attribute [rw] message
@@ -9178,6 +9270,7 @@ module Aws::CognitoIdentityProvider
     #           user_data_shared: false,
     #         },
     #         prevent_user_existence_errors: "LEGACY", # accepts LEGACY, ENABLED
+    #         enable_token_revocation: false,
     #       }
     #
     # @!attribute [rw] user_pool_id
@@ -9369,6 +9462,15 @@ module Aws::CognitoIdentityProvider
     #    </note>
     #   @return [String]
     #
+    # @!attribute [rw] enable_token_revocation
+    #   Enables or disables token revocation. For more information about
+    #   revoking tokens, see [RevokeToken][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UpdateUserPoolClientRequest AWS API Documentation
     #
     class UpdateUserPoolClientRequest < Struct.new(
@@ -9390,7 +9492,8 @@ module Aws::CognitoIdentityProvider
       :allowed_o_auth_scopes,
       :allowed_o_auth_flows_user_pool_client,
       :analytics_configuration,
-      :prevent_user_existence_errors)
+      :prevent_user_existence_errors,
+      :enable_token_revocation)
       SENSITIVE = [:client_id]
       include Aws::Structure
     end
@@ -10130,6 +10233,17 @@ module Aws::CognitoIdentityProvider
     #    </note>
     #   @return [String]
     #
+    # @!attribute [rw] enable_token_revocation
+    #   Indicates whether token revocation is enabled for the user pool
+    #   client. When you create a new user pool client, token revocation is
+    #   enabled by default. For more information about revoking tokens, see
+    #   [RevokeToken][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/UserPoolClientType AWS API Documentation
     #
     class UserPoolClientType < Struct.new(
@@ -10154,7 +10268,8 @@ module Aws::CognitoIdentityProvider
       :allowed_o_auth_scopes,
       :allowed_o_auth_flows_user_pool_client,
       :analytics_configuration,
-      :prevent_user_existence_errors)
+      :prevent_user_existence_errors,
+      :enable_token_revocation)
       SENSITIVE = [:client_id, :client_secret]
       include Aws::Structure
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cognitoidentityprovider
 version: !ruby/object:Gem::Version
-  version: 1.52.0
+  version: 1.53.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-08 00:00:00.000000000 Z
+date: 2021-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core