aws-sdk-core 3.100.0 → 3.191.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (258) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +1815 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -1
  5. data/lib/aws-defaults/default_configuration.rb +153 -0
  6. data/lib/aws-defaults/defaults_mode_config_resolver.rb +107 -0
  7. data/lib/aws-defaults.rb +3 -0
  8. data/lib/aws-sdk-core/arn.rb +28 -0
  9. data/lib/aws-sdk-core/arn_parser.rb +2 -0
  10. data/lib/aws-sdk-core/assume_role_credentials.rb +23 -7
  11. data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +16 -10
  12. data/lib/aws-sdk-core/async_client_stubs.rb +2 -0
  13. data/lib/aws-sdk-core/binary/decode_handler.rb +2 -0
  14. data/lib/aws-sdk-core/binary/encode_handler.rb +14 -1
  15. data/lib/aws-sdk-core/binary/event_builder.rb +2 -0
  16. data/lib/aws-sdk-core/binary/event_parser.rb +2 -0
  17. data/lib/aws-sdk-core/binary/event_stream_decoder.rb +2 -0
  18. data/lib/aws-sdk-core/binary/event_stream_encoder.rb +2 -0
  19. data/lib/aws-sdk-core/binary.rb +2 -0
  20. data/lib/aws-sdk-core/client_side_monitoring/publisher.rb +2 -0
  21. data/lib/aws-sdk-core/client_side_monitoring/request_metrics.rb +2 -0
  22. data/lib/aws-sdk-core/client_stubs.rb +22 -13
  23. data/lib/aws-sdk-core/credential_provider.rb +5 -0
  24. data/lib/aws-sdk-core/credential_provider_chain.rb +31 -6
  25. data/lib/aws-sdk-core/credentials.rb +2 -0
  26. data/lib/aws-sdk-core/deprecations.rb +2 -0
  27. data/lib/aws-sdk-core/eager_loader.rb +2 -0
  28. data/lib/aws-sdk-core/ec2_metadata.rb +238 -0
  29. data/lib/aws-sdk-core/ecs_credentials.rb +188 -53
  30. data/lib/aws-sdk-core/endpoint_cache.rb +2 -0
  31. data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
  32. data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
  33. data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
  34. data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
  35. data/lib/aws-sdk-core/endpoints/function.rb +80 -0
  36. data/lib/aws-sdk-core/endpoints/matchers.rb +131 -0
  37. data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
  38. data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
  39. data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
  40. data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
  41. data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
  42. data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
  43. data/lib/aws-sdk-core/endpoints/url.rb +60 -0
  44. data/lib/aws-sdk-core/endpoints.rb +78 -0
  45. data/lib/aws-sdk-core/errors.rb +27 -5
  46. data/lib/aws-sdk-core/event_emitter.rb +2 -0
  47. data/lib/aws-sdk-core/ini_parser.rb +9 -0
  48. data/lib/aws-sdk-core/instance_profile_credentials.rb +167 -38
  49. data/lib/aws-sdk-core/json/builder.rb +2 -0
  50. data/lib/aws-sdk-core/json/error_handler.rb +22 -1
  51. data/lib/aws-sdk-core/json/handler.rb +10 -1
  52. data/lib/aws-sdk-core/json/json_engine.rb +12 -8
  53. data/lib/aws-sdk-core/json/oj_engine.rb +35 -6
  54. data/lib/aws-sdk-core/json/parser.rb +36 -1
  55. data/lib/aws-sdk-core/json.rb +10 -26
  56. data/lib/aws-sdk-core/log/formatter.rb +15 -3
  57. data/lib/aws-sdk-core/log/handler.rb +2 -0
  58. data/lib/aws-sdk-core/log/param_filter.rb +37 -12
  59. data/lib/aws-sdk-core/log/param_formatter.rb +2 -0
  60. data/lib/aws-sdk-core/pageable_response.rb +91 -32
  61. data/lib/aws-sdk-core/pager.rb +5 -0
  62. data/lib/aws-sdk-core/param_converter.rb +2 -0
  63. data/lib/aws-sdk-core/param_validator.rb +56 -6
  64. data/lib/aws-sdk-core/plugins/api_key.rb +5 -1
  65. data/lib/aws-sdk-core/plugins/apig_authorizer_token.rb +2 -0
  66. data/lib/aws-sdk-core/plugins/apig_credentials_configuration.rb +2 -0
  67. data/lib/aws-sdk-core/plugins/apig_user_agent.rb +2 -0
  68. data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
  69. data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +342 -0
  70. data/lib/aws-sdk-core/plugins/client_metrics_plugin.rb +3 -0
  71. data/lib/aws-sdk-core/plugins/client_metrics_send_plugin.rb +2 -0
  72. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +52 -7
  73. data/lib/aws-sdk-core/plugins/defaults_mode.rb +40 -0
  74. data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +8 -2
  75. data/lib/aws-sdk-core/plugins/endpoint_pattern.rb +8 -6
  76. data/lib/aws-sdk-core/plugins/event_stream_configuration.rb +2 -0
  77. data/lib/aws-sdk-core/plugins/global_configuration.rb +2 -0
  78. data/lib/aws-sdk-core/plugins/helpful_socket_errors.rb +2 -0
  79. data/lib/aws-sdk-core/plugins/http_checksum.rb +11 -1
  80. data/lib/aws-sdk-core/plugins/idempotency_token.rb +2 -0
  81. data/lib/aws-sdk-core/plugins/invocation_id.rb +2 -0
  82. data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +36 -6
  83. data/lib/aws-sdk-core/plugins/logging.rb +4 -0
  84. data/lib/aws-sdk-core/plugins/param_converter.rb +2 -0
  85. data/lib/aws-sdk-core/plugins/param_validator.rb +2 -0
  86. data/lib/aws-sdk-core/plugins/protocols/api_gateway.rb +19 -0
  87. data/lib/aws-sdk-core/plugins/protocols/ec2.rb +2 -0
  88. data/lib/aws-sdk-core/plugins/protocols/json_rpc.rb +2 -0
  89. data/lib/aws-sdk-core/plugins/protocols/query.rb +2 -0
  90. data/lib/aws-sdk-core/plugins/protocols/rest_json.rb +18 -1
  91. data/lib/aws-sdk-core/plugins/protocols/rest_xml.rb +2 -0
  92. data/lib/aws-sdk-core/plugins/recursion_detection.rb +38 -0
  93. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +146 -17
  94. data/lib/aws-sdk-core/plugins/request_compression.rb +217 -0
  95. data/lib/aws-sdk-core/plugins/response_paging.rb +3 -1
  96. data/lib/aws-sdk-core/plugins/retries/client_rate_limiter.rb +2 -0
  97. data/lib/aws-sdk-core/plugins/retries/clock_skew.rb +2 -0
  98. data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +9 -4
  99. data/lib/aws-sdk-core/plugins/retries/retry_quota.rb +2 -0
  100. data/lib/aws-sdk-core/plugins/retry_errors.rb +29 -8
  101. data/lib/aws-sdk-core/plugins/sign.rb +206 -0
  102. data/lib/aws-sdk-core/plugins/signature_v2.rb +3 -0
  103. data/lib/aws-sdk-core/plugins/signature_v4.rb +30 -31
  104. data/lib/aws-sdk-core/plugins/stub_responses.rb +10 -1
  105. data/lib/aws-sdk-core/plugins/transfer_encoding.rb +2 -0
  106. data/lib/aws-sdk-core/plugins/user_agent.rb +119 -14
  107. data/lib/aws-sdk-core/process_credentials.rb +14 -15
  108. data/lib/aws-sdk-core/query/ec2_param_builder.rb +2 -0
  109. data/lib/aws-sdk-core/query/handler.rb +2 -0
  110. data/lib/aws-sdk-core/query/param.rb +2 -0
  111. data/lib/aws-sdk-core/query/param_builder.rb +2 -0
  112. data/lib/aws-sdk-core/query/param_list.rb +2 -0
  113. data/lib/aws-sdk-core/query.rb +2 -0
  114. data/lib/aws-sdk-core/refreshing_credentials.rb +50 -17
  115. data/lib/aws-sdk-core/refreshing_token.rb +71 -0
  116. data/lib/aws-sdk-core/resources/collection.rb +2 -0
  117. data/lib/aws-sdk-core/rest/handler.rb +3 -1
  118. data/lib/aws-sdk-core/rest/request/body.rb +21 -1
  119. data/lib/aws-sdk-core/rest/request/builder.rb +2 -0
  120. data/lib/aws-sdk-core/rest/request/endpoint.rb +2 -0
  121. data/lib/aws-sdk-core/rest/request/headers.rb +16 -6
  122. data/lib/aws-sdk-core/rest/request/querystring_builder.rb +45 -29
  123. data/lib/aws-sdk-core/rest/response/body.rb +2 -0
  124. data/lib/aws-sdk-core/rest/response/headers.rb +6 -3
  125. data/lib/aws-sdk-core/rest/response/parser.rb +2 -0
  126. data/lib/aws-sdk-core/rest/response/status_code.rb +2 -0
  127. data/lib/aws-sdk-core/rest.rb +2 -0
  128. data/lib/aws-sdk-core/shared_config.rb +163 -8
  129. data/lib/aws-sdk-core/shared_credentials.rb +9 -1
  130. data/lib/aws-sdk-core/sso_credentials.rb +172 -0
  131. data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
  132. data/lib/aws-sdk-core/static_token_provider.rb +14 -0
  133. data/lib/aws-sdk-core/structure.rb +19 -6
  134. data/lib/aws-sdk-core/stubbing/data_applicator.rb +2 -0
  135. data/lib/aws-sdk-core/stubbing/empty_stub.rb +2 -0
  136. data/lib/aws-sdk-core/stubbing/protocols/api_gateway.rb +2 -0
  137. data/lib/aws-sdk-core/stubbing/protocols/ec2.rb +2 -0
  138. data/lib/aws-sdk-core/stubbing/protocols/json.rb +3 -1
  139. data/lib/aws-sdk-core/stubbing/protocols/query.rb +2 -0
  140. data/lib/aws-sdk-core/stubbing/protocols/rest.rb +3 -1
  141. data/lib/aws-sdk-core/stubbing/protocols/rest_json.rb +3 -1
  142. data/lib/aws-sdk-core/stubbing/protocols/rest_xml.rb +2 -2
  143. data/lib/aws-sdk-core/stubbing/stub_data.rb +13 -0
  144. data/lib/aws-sdk-core/stubbing/xml_error.rb +2 -0
  145. data/lib/aws-sdk-core/token.rb +31 -0
  146. data/lib/aws-sdk-core/token_provider.rb +15 -0
  147. data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
  148. data/lib/aws-sdk-core/type_builder.rb +2 -0
  149. data/lib/aws-sdk-core/util.rb +2 -0
  150. data/lib/aws-sdk-core/waiters/errors.rb +2 -0
  151. data/lib/aws-sdk-core/waiters/poller.rb +6 -2
  152. data/lib/aws-sdk-core/waiters/waiter.rb +2 -0
  153. data/lib/aws-sdk-core/waiters.rb +2 -0
  154. data/lib/aws-sdk-core/xml/builder.rb +4 -2
  155. data/lib/aws-sdk-core/xml/default_list.rb +2 -0
  156. data/lib/aws-sdk-core/xml/default_map.rb +2 -0
  157. data/lib/aws-sdk-core/xml/doc_builder.rb +8 -1
  158. data/lib/aws-sdk-core/xml/error_handler.rb +9 -0
  159. data/lib/aws-sdk-core/xml/parser/engines/libxml.rb +2 -0
  160. data/lib/aws-sdk-core/xml/parser/engines/nokogiri.rb +2 -0
  161. data/lib/aws-sdk-core/xml/parser/engines/oga.rb +4 -0
  162. data/lib/aws-sdk-core/xml/parser/engines/ox.rb +3 -1
  163. data/lib/aws-sdk-core/xml/parser/engines/rexml.rb +2 -0
  164. data/lib/aws-sdk-core/xml/parser/frame.rb +25 -0
  165. data/lib/aws-sdk-core/xml/parser/parsing_error.rb +2 -0
  166. data/lib/aws-sdk-core/xml/parser/stack.rb +2 -0
  167. data/lib/aws-sdk-core/xml/parser.rb +7 -0
  168. data/lib/aws-sdk-core/xml.rb +2 -0
  169. data/lib/aws-sdk-core.rb +29 -3
  170. data/lib/aws-sdk-sso/client.rb +630 -0
  171. data/lib/aws-sdk-sso/client_api.rb +190 -0
  172. data/lib/aws-sdk-sso/customizations.rb +1 -0
  173. data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
  174. data/lib/aws-sdk-sso/endpoint_provider.rb +57 -0
  175. data/lib/aws-sdk-sso/endpoints.rb +72 -0
  176. data/lib/aws-sdk-sso/errors.rb +102 -0
  177. data/lib/aws-sdk-sso/plugins/endpoints.rb +78 -0
  178. data/lib/aws-sdk-sso/resource.rb +26 -0
  179. data/lib/aws-sdk-sso/types.rb +317 -0
  180. data/lib/aws-sdk-sso.rb +59 -0
  181. data/lib/aws-sdk-ssooidc/client.rb +935 -0
  182. data/lib/aws-sdk-ssooidc/client_api.rb +271 -0
  183. data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
  184. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
  185. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +57 -0
  186. data/lib/aws-sdk-ssooidc/endpoints.rb +72 -0
  187. data/lib/aws-sdk-ssooidc/errors.rb +321 -0
  188. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +78 -0
  189. data/lib/aws-sdk-ssooidc/resource.rb +26 -0
  190. data/lib/aws-sdk-ssooidc/types.rb +755 -0
  191. data/lib/aws-sdk-ssooidc.rb +59 -0
  192. data/lib/aws-sdk-sts/client.rb +655 -490
  193. data/lib/aws-sdk-sts/client_api.rb +21 -2
  194. data/lib/aws-sdk-sts/customizations.rb +2 -0
  195. data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
  196. data/lib/aws-sdk-sts/endpoint_provider.rb +112 -0
  197. data/lib/aws-sdk-sts/endpoints.rb +136 -0
  198. data/lib/aws-sdk-sts/errors.rb +3 -1
  199. data/lib/aws-sdk-sts/plugins/endpoints.rb +86 -0
  200. data/lib/aws-sdk-sts/plugins/sts_regional_endpoints.rb +7 -1
  201. data/lib/aws-sdk-sts/presigner.rb +16 -10
  202. data/lib/aws-sdk-sts/resource.rb +3 -1
  203. data/lib/aws-sdk-sts/types.rb +416 -316
  204. data/lib/aws-sdk-sts.rb +14 -3
  205. data/lib/seahorse/client/async_base.rb +2 -1
  206. data/lib/seahorse/client/async_response.rb +2 -0
  207. data/lib/seahorse/client/base.rb +3 -0
  208. data/lib/seahorse/client/block_io.rb +5 -2
  209. data/lib/seahorse/client/configuration.rb +7 -5
  210. data/lib/seahorse/client/events.rb +2 -0
  211. data/lib/seahorse/client/h2/connection.rb +29 -24
  212. data/lib/seahorse/client/h2/handler.rb +6 -5
  213. data/lib/seahorse/client/handler.rb +2 -0
  214. data/lib/seahorse/client/handler_builder.rb +2 -0
  215. data/lib/seahorse/client/handler_list.rb +2 -0
  216. data/lib/seahorse/client/handler_list_entry.rb +2 -0
  217. data/lib/seahorse/client/http/async_response.rb +2 -0
  218. data/lib/seahorse/client/http/headers.rb +2 -0
  219. data/lib/seahorse/client/http/request.rb +2 -0
  220. data/lib/seahorse/client/http/response.rb +3 -1
  221. data/lib/seahorse/client/logging/formatter.rb +2 -0
  222. data/lib/seahorse/client/logging/handler.rb +2 -0
  223. data/lib/seahorse/client/managed_file.rb +2 -0
  224. data/lib/seahorse/client/net_http/connection_pool.rb +12 -4
  225. data/lib/seahorse/client/net_http/handler.rb +19 -8
  226. data/lib/seahorse/client/net_http/patches.rb +14 -86
  227. data/lib/seahorse/client/networking_error.rb +2 -0
  228. data/lib/seahorse/client/plugin.rb +3 -0
  229. data/lib/seahorse/client/plugin_list.rb +2 -0
  230. data/lib/seahorse/client/plugins/content_length.rb +13 -5
  231. data/lib/seahorse/client/plugins/endpoint.rb +2 -0
  232. data/lib/seahorse/client/plugins/h2.rb +9 -4
  233. data/lib/seahorse/client/plugins/logging.rb +2 -0
  234. data/lib/seahorse/client/plugins/net_http.rb +39 -3
  235. data/lib/seahorse/client/plugins/operation_methods.rb +2 -0
  236. data/lib/seahorse/client/plugins/raise_response_errors.rb +2 -0
  237. data/lib/seahorse/client/plugins/request_callback.rb +141 -0
  238. data/lib/seahorse/client/plugins/response_target.rb +8 -8
  239. data/lib/seahorse/client/request.rb +2 -0
  240. data/lib/seahorse/client/request_context.rb +2 -0
  241. data/lib/seahorse/client/response.rb +8 -0
  242. data/lib/seahorse/model/api.rb +2 -0
  243. data/lib/seahorse/model/authorizer.rb +2 -0
  244. data/lib/seahorse/model/operation.rb +8 -0
  245. data/lib/seahorse/model/shapes.rb +27 -0
  246. data/lib/seahorse/util.rb +12 -1
  247. data/lib/seahorse/version.rb +2 -0
  248. data/lib/seahorse.rb +3 -0
  249. data/sig/aws-sdk-core/client_stubs.rbs +10 -0
  250. data/sig/aws-sdk-core/errors.rbs +22 -0
  251. data/sig/aws-sdk-core/resources/collection.rbs +21 -0
  252. data/sig/aws-sdk-core/structure.rbs +4 -0
  253. data/sig/aws-sdk-core/waiters/errors.rbs +20 -0
  254. data/sig/aws-sdk-core.rbs +7 -0
  255. data/sig/seahorse/client/base.rbs +25 -0
  256. data/sig/seahorse/client/handler_builder.rbs +16 -0
  257. data/sig/seahorse/client/response.rbs +61 -0
  258. metadata +93 -19
@@ -0,0 +1,935 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
+ require 'aws-sdk-core/plugins/request_compression.rb'
32
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
33
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
34
+ require 'aws-sdk-core/plugins/sign.rb'
35
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
36
+
37
+ Aws::Plugins::GlobalConfiguration.add_identifier(:ssooidc)
38
+
39
+ module Aws::SSOOIDC
40
+ # An API client for SSOOIDC. To construct a client, you need to configure a `:region` and `:credentials`.
41
+ #
42
+ # client = Aws::SSOOIDC::Client.new(
43
+ # region: region_name,
44
+ # credentials: credentials,
45
+ # # ...
46
+ # )
47
+ #
48
+ # For details on configuring region and credentials see
49
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
50
+ #
51
+ # See {#initialize} for a full list of supported configuration options.
52
+ class Client < Seahorse::Client::Base
53
+
54
+ include Aws::ClientStubs
55
+
56
+ @identifier = :ssooidc
57
+
58
+ set_api(ClientApi::API)
59
+
60
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
61
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
62
+ add_plugin(Aws::Plugins::Logging)
63
+ add_plugin(Aws::Plugins::ParamConverter)
64
+ add_plugin(Aws::Plugins::ParamValidator)
65
+ add_plugin(Aws::Plugins::UserAgent)
66
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
67
+ add_plugin(Aws::Plugins::RetryErrors)
68
+ add_plugin(Aws::Plugins::GlobalConfiguration)
69
+ add_plugin(Aws::Plugins::RegionalEndpoint)
70
+ add_plugin(Aws::Plugins::EndpointDiscovery)
71
+ add_plugin(Aws::Plugins::EndpointPattern)
72
+ add_plugin(Aws::Plugins::ResponsePaging)
73
+ add_plugin(Aws::Plugins::StubResponses)
74
+ add_plugin(Aws::Plugins::IdempotencyToken)
75
+ add_plugin(Aws::Plugins::JsonvalueConverter)
76
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
77
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
78
+ add_plugin(Aws::Plugins::TransferEncoding)
79
+ add_plugin(Aws::Plugins::HttpChecksum)
80
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
81
+ add_plugin(Aws::Plugins::RequestCompression)
82
+ add_plugin(Aws::Plugins::DefaultsMode)
83
+ add_plugin(Aws::Plugins::RecursionDetection)
84
+ add_plugin(Aws::Plugins::Sign)
85
+ add_plugin(Aws::Plugins::Protocols::RestJson)
86
+ add_plugin(Aws::SSOOIDC::Plugins::Endpoints)
87
+
88
+ # @overload initialize(options)
89
+ # @param [Hash] options
90
+ # @option options [required, Aws::CredentialProvider] :credentials
91
+ # Your AWS credentials. This can be an instance of any one of the
92
+ # following classes:
93
+ #
94
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
95
+ # credentials.
96
+ #
97
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
98
+ # shared file, such as `~/.aws/config`.
99
+ #
100
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
101
+ #
102
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
103
+ # assume a role after providing credentials via the web.
104
+ #
105
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
106
+ # access token generated from `aws login`.
107
+ #
108
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
109
+ # process that outputs to stdout.
110
+ #
111
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
112
+ # from an EC2 IMDS on an EC2 instance.
113
+ #
114
+ # * `Aws::ECSCredentials` - Used for loading credentials from
115
+ # instances running in ECS.
116
+ #
117
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
118
+ # from the Cognito Identity service.
119
+ #
120
+ # When `:credentials` are not configured directly, the following
121
+ # locations will be searched for credentials:
122
+ #
123
+ # * `Aws.config[:credentials]`
124
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
125
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
126
+ # * `~/.aws/credentials`
127
+ # * `~/.aws/config`
128
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
129
+ # are very aggressive. Construct and pass an instance of
130
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
131
+ # enable retries and extended timeouts. Instance profile credential
132
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
133
+ # to true.
134
+ #
135
+ # @option options [required, String] :region
136
+ # The AWS region to connect to. The configured `:region` is
137
+ # used to determine the service `:endpoint`. When not passed,
138
+ # a default `:region` is searched for in the following locations:
139
+ #
140
+ # * `Aws.config[:region]`
141
+ # * `ENV['AWS_REGION']`
142
+ # * `ENV['AMAZON_REGION']`
143
+ # * `ENV['AWS_DEFAULT_REGION']`
144
+ # * `~/.aws/credentials`
145
+ # * `~/.aws/config`
146
+ #
147
+ # @option options [String] :access_key_id
148
+ #
149
+ # @option options [Boolean] :active_endpoint_cache (false)
150
+ # When set to `true`, a thread polling for endpoints will be running in
151
+ # the background every 60 secs (default). Defaults to `false`.
152
+ #
153
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
154
+ # Used only in `adaptive` retry mode. When true, the request will sleep
155
+ # until there is sufficent client side capacity to retry the request.
156
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
157
+ # not retry instead of sleeping.
158
+ #
159
+ # @option options [Boolean] :client_side_monitoring (false)
160
+ # When `true`, client-side metrics will be collected for all API requests from
161
+ # this client.
162
+ #
163
+ # @option options [String] :client_side_monitoring_client_id ("")
164
+ # Allows you to provide an identifier for this client which will be attached to
165
+ # all generated client side metrics. Defaults to an empty string.
166
+ #
167
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
168
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
169
+ # side monitoring agent is running on, where client metrics will be published via UDP.
170
+ #
171
+ # @option options [Integer] :client_side_monitoring_port (31000)
172
+ # Required for publishing client metrics. The port that the client side monitoring
173
+ # agent is running on, where client metrics will be published via UDP.
174
+ #
175
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
176
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
177
+ # will use the Client Side Monitoring Agent Publisher.
178
+ #
179
+ # @option options [Boolean] :convert_params (true)
180
+ # When `true`, an attempt is made to coerce request parameters into
181
+ # the required types.
182
+ #
183
+ # @option options [Boolean] :correct_clock_skew (true)
184
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
185
+ # a clock skew correction and retry requests with skewed client clocks.
186
+ #
187
+ # @option options [String] :defaults_mode ("legacy")
188
+ # See {Aws::DefaultsModeConfiguration} for a list of the
189
+ # accepted modes and the configuration defaults that are included.
190
+ #
191
+ # @option options [Boolean] :disable_host_prefix_injection (false)
192
+ # Set to true to disable SDK automatically adding host prefix
193
+ # to default service endpoint when available.
194
+ #
195
+ # @option options [Boolean] :disable_request_compression (false)
196
+ # When set to 'true' the request body will not be compressed
197
+ # for supported operations.
198
+ #
199
+ # @option options [String] :endpoint
200
+ # The client endpoint is normally constructed from the `:region`
201
+ # option. You should only configure an `:endpoint` when connecting
202
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
203
+ #
204
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
205
+ # Used for the maximum size limit of the LRU cache storing endpoints data
206
+ # for endpoint discovery enabled operations. Defaults to 1000.
207
+ #
208
+ # @option options [Integer] :endpoint_cache_max_threads (10)
209
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
210
+ #
211
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
212
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
213
+ # Use this option to config the time interval in seconds for making
214
+ # requests fetching endpoints information. Defaults to 60 sec.
215
+ #
216
+ # @option options [Boolean] :endpoint_discovery (false)
217
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
218
+ #
219
+ # @option options [Boolean] :ignore_configured_endpoint_urls
220
+ # Setting to true disables use of endpoint URLs provided via environment
221
+ # variables and the shared configuration file.
222
+ #
223
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
224
+ # The log formatter.
225
+ #
226
+ # @option options [Symbol] :log_level (:info)
227
+ # The log level to send messages to the `:logger` at.
228
+ #
229
+ # @option options [Logger] :logger
230
+ # The Logger instance to send log messages to. If this option
231
+ # is not set, logging will be disabled.
232
+ #
233
+ # @option options [Integer] :max_attempts (3)
234
+ # An integer representing the maximum number attempts that will be made for
235
+ # a single request, including the initial attempt. For example,
236
+ # setting this value to 5 will result in a request being retried up to
237
+ # 4 times. Used in `standard` and `adaptive` retry modes.
238
+ #
239
+ # @option options [String] :profile ("default")
240
+ # Used when loading credentials from the shared credentials file
241
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
242
+ #
243
+ # @option options [Integer] :request_min_compression_size_bytes (10240)
244
+ # The minimum size in bytes that triggers compression for request
245
+ # bodies. The value must be non-negative integer value between 0
246
+ # and 10485780 bytes inclusive.
247
+ #
248
+ # @option options [Proc] :retry_backoff
249
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
250
+ # This option is only used in the `legacy` retry mode.
251
+ #
252
+ # @option options [Float] :retry_base_delay (0.3)
253
+ # The base delay in seconds used by the default backoff function. This option
254
+ # is only used in the `legacy` retry mode.
255
+ #
256
+ # @option options [Symbol] :retry_jitter (:none)
257
+ # A delay randomiser function used by the default backoff function.
258
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
259
+ # otherwise a Proc that takes and returns a number. This option is only used
260
+ # in the `legacy` retry mode.
261
+ #
262
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
263
+ #
264
+ # @option options [Integer] :retry_limit (3)
265
+ # The maximum number of times to retry failed requests. Only
266
+ # ~ 500 level server errors and certain ~ 400 level client errors
267
+ # are retried. Generally, these are throttling errors, data
268
+ # checksum errors, networking errors, timeout errors, auth errors,
269
+ # endpoint discovery, and errors from expired credentials.
270
+ # This option is only used in the `legacy` retry mode.
271
+ #
272
+ # @option options [Integer] :retry_max_delay (0)
273
+ # The maximum number of seconds to delay between retries (0 for no limit)
274
+ # used by the default backoff function. This option is only used in the
275
+ # `legacy` retry mode.
276
+ #
277
+ # @option options [String] :retry_mode ("legacy")
278
+ # Specifies which retry algorithm to use. Values are:
279
+ #
280
+ # * `legacy` - The pre-existing retry behavior. This is default value if
281
+ # no retry mode is provided.
282
+ #
283
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
284
+ # This includes support for retry quotas, which limit the number of
285
+ # unsuccessful retries a client can make.
286
+ #
287
+ # * `adaptive` - An experimental retry mode that includes all the
288
+ # functionality of `standard` mode along with automatic client side
289
+ # throttling. This is a provisional mode that may change behavior
290
+ # in the future.
291
+ #
292
+ #
293
+ # @option options [String] :sdk_ua_app_id
294
+ # A unique and opaque application ID that is appended to the
295
+ # User-Agent header as app/<sdk_ua_app_id>. It should have a
296
+ # maximum length of 50.
297
+ #
298
+ # @option options [String] :secret_access_key
299
+ #
300
+ # @option options [String] :session_token
301
+ #
302
+ # @option options [Boolean] :stub_responses (false)
303
+ # Causes the client to return stubbed responses. By default
304
+ # fake responses are generated and returned. You can specify
305
+ # the response data to return or errors to raise by calling
306
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
307
+ #
308
+ # ** Please note ** When response stubbing is enabled, no HTTP
309
+ # requests are made, and retries are disabled.
310
+ #
311
+ # @option options [Aws::TokenProvider] :token_provider
312
+ # A Bearer Token Provider. This can be an instance of any one of the
313
+ # following classes:
314
+ #
315
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
316
+ # tokens.
317
+ #
318
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
319
+ # access token generated from `aws login`.
320
+ #
321
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
322
+ # will be used to search for tokens configured for your profile in shared configuration files.
323
+ #
324
+ # @option options [Boolean] :use_dualstack_endpoint
325
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
326
+ # will be used if available.
327
+ #
328
+ # @option options [Boolean] :use_fips_endpoint
329
+ # When set to `true`, fips compatible endpoints will be used if available.
330
+ # When a `fips` region is used, the region is normalized and this config
331
+ # is set to `true`.
332
+ #
333
+ # @option options [Boolean] :validate_params (true)
334
+ # When `true`, request parameters are validated before
335
+ # sending the request.
336
+ #
337
+ # @option options [Aws::SSOOIDC::EndpointProvider] :endpoint_provider
338
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSOOIDC::EndpointParameters`
339
+ #
340
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
341
+ # requests through. Formatted like 'http://proxy.com:123'.
342
+ #
343
+ # @option options [Float] :http_open_timeout (15) The number of
344
+ # seconds to wait when opening a HTTP session before raising a
345
+ # `Timeout::Error`.
346
+ #
347
+ # @option options [Float] :http_read_timeout (60) The default
348
+ # number of seconds to wait for response data. This value can
349
+ # safely be set per-request on the session.
350
+ #
351
+ # @option options [Float] :http_idle_timeout (5) The number of
352
+ # seconds a connection is allowed to sit idle before it is
353
+ # considered stale. Stale connections are closed and removed
354
+ # from the pool before making a request.
355
+ #
356
+ # @option options [Float] :http_continue_timeout (1) The number of
357
+ # seconds to wait for a 100-continue response before sending the
358
+ # request body. This option has no effect unless the request has
359
+ # "Expect" header set to "100-continue". Defaults to `nil` which
360
+ # disables this behaviour. This value can safely be set per
361
+ # request on the session.
362
+ #
363
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
364
+ # in seconds.
365
+ #
366
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
367
+ # HTTP debug output will be sent to the `:logger`.
368
+ #
369
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
370
+ # SSL peer certificates are verified when establishing a
371
+ # connection.
372
+ #
373
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
374
+ # certificate authority bundle file that should be used when
375
+ # verifying peer certificates. If you do not pass
376
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
377
+ # will be used if available.
378
+ #
379
+ # @option options [String] :ssl_ca_directory Full path of the
380
+ # directory that contains the unbundled SSL certificate
381
+ # authority files for verifying peer certificates. If you do
382
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
383
+ # system default will be used if available.
384
+ #
385
+ def initialize(*args)
386
+ super
387
+ end
388
+
389
+ # @!group API Operations
390
+
391
+ # Creates and returns access and refresh tokens for clients that are
392
+ # authenticated using client secrets. The access token can be used to
393
+ # fetch short-term credentials for the assigned AWS accounts or to
394
+ # access application APIs using `bearer` authentication.
395
+ #
396
+ # @option params [required, String] :client_id
397
+ # The unique identifier string for the client or application. This value
398
+ # comes from the result of the RegisterClient API.
399
+ #
400
+ # @option params [required, String] :client_secret
401
+ # A secret string generated for the client. This value should come from
402
+ # the persisted result of the RegisterClient API.
403
+ #
404
+ # @option params [required, String] :grant_type
405
+ # Supports the following OAuth grant types: Device Code and Refresh
406
+ # Token. Specify either of the following values, depending on the grant
407
+ # type that you want:
408
+ #
409
+ # * Device Code - `urn:ietf:params:oauth:grant-type:device_code`
410
+ #
411
+ # * Refresh Token - `refresh_token`
412
+ #
413
+ # For information about how to obtain the device code, see the
414
+ # StartDeviceAuthorization topic.
415
+ #
416
+ # @option params [String] :device_code
417
+ # Used only when calling this API for the Device Code grant type. This
418
+ # short-term code is used to identify this authorization request. This
419
+ # comes from the result of the StartDeviceAuthorization API.
420
+ #
421
+ # @option params [String] :code
422
+ # Used only when calling this API for the Authorization Code grant type.
423
+ # The short-term code is used to identify this authorization request.
424
+ # This grant type is currently unsupported for the CreateToken API.
425
+ #
426
+ # @option params [String] :refresh_token
427
+ # Used only when calling this API for the Refresh Token grant type. This
428
+ # token is used to refresh short-term tokens, such as the access token,
429
+ # that might expire.
430
+ #
431
+ # For more information about the features and limitations of the current
432
+ # IAM Identity Center OIDC implementation, see *Considerations for Using
433
+ # this Guide* in the [IAM Identity Center OIDC API Reference][1].
434
+ #
435
+ #
436
+ #
437
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html
438
+ #
439
+ # @option params [Array<String>] :scope
440
+ # The list of scopes for which authorization is requested. The access
441
+ # token that is issued is limited to the scopes that are granted. If
442
+ # this value is not specified, IAM Identity Center authorizes all scopes
443
+ # that are configured for the client during the call to RegisterClient.
444
+ #
445
+ # @option params [String] :redirect_uri
446
+ # Used only when calling this API for the Authorization Code grant type.
447
+ # This value specifies the location of the client or application that
448
+ # has registered to receive the authorization code.
449
+ #
450
+ # @return [Types::CreateTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
451
+ #
452
+ # * {Types::CreateTokenResponse#access_token #access_token} => String
453
+ # * {Types::CreateTokenResponse#token_type #token_type} => String
454
+ # * {Types::CreateTokenResponse#expires_in #expires_in} => Integer
455
+ # * {Types::CreateTokenResponse#refresh_token #refresh_token} => String
456
+ # * {Types::CreateTokenResponse#id_token #id_token} => String
457
+ #
458
+ #
459
+ # @example Example: Call OAuth/OIDC /token endpoint for Device Code grant with Secret authentication
460
+ #
461
+ # resp = client.create_token({
462
+ # client_id: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
463
+ # client_secret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
464
+ # device_code: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
465
+ # grant_type: "urn:ietf:params:oauth:grant-type:device-code",
466
+ # })
467
+ #
468
+ # resp.to_h outputs the following:
469
+ # {
470
+ # access_token: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
471
+ # expires_in: 1579729529,
472
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
473
+ # token_type: "Bearer",
474
+ # }
475
+ #
476
+ # @example Example: Call OAuth/OIDC /token endpoint for Refresh Token grant with Secret authentication
477
+ #
478
+ # resp = client.create_token({
479
+ # client_id: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
480
+ # client_secret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
481
+ # grant_type: "refresh_token",
482
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
483
+ # scope: [
484
+ # "codewhisperer:completions",
485
+ # ],
486
+ # })
487
+ #
488
+ # resp.to_h outputs the following:
489
+ # {
490
+ # access_token: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
491
+ # expires_in: 1579729529,
492
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
493
+ # token_type: "Bearer",
494
+ # }
495
+ #
496
+ # @example Request syntax with placeholder values
497
+ #
498
+ # resp = client.create_token({
499
+ # client_id: "ClientId", # required
500
+ # client_secret: "ClientSecret", # required
501
+ # grant_type: "GrantType", # required
502
+ # device_code: "DeviceCode",
503
+ # code: "AuthCode",
504
+ # refresh_token: "RefreshToken",
505
+ # scope: ["Scope"],
506
+ # redirect_uri: "URI",
507
+ # })
508
+ #
509
+ # @example Response structure
510
+ #
511
+ # resp.access_token #=> String
512
+ # resp.token_type #=> String
513
+ # resp.expires_in #=> Integer
514
+ # resp.refresh_token #=> String
515
+ # resp.id_token #=> String
516
+ #
517
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken AWS API Documentation
518
+ #
519
+ # @overload create_token(params = {})
520
+ # @param [Hash] params ({})
521
+ def create_token(params = {}, options = {})
522
+ req = build_request(:create_token, params)
523
+ req.send_request(options)
524
+ end
525
+
526
+ # Creates and returns access and refresh tokens for clients and
527
+ # applications that are authenticated using IAM entities. The access
528
+ # token can be used to fetch short-term credentials for the assigned AWS
529
+ # accounts or to access application APIs using `bearer` authentication.
530
+ #
531
+ # @option params [required, String] :client_id
532
+ # The unique identifier string for the client or application. This value
533
+ # is an application ARN that has OAuth grants configured.
534
+ #
535
+ # @option params [required, String] :grant_type
536
+ # Supports the following OAuth grant types: Authorization Code, Refresh
537
+ # Token, JWT Bearer, and Token Exchange. Specify one of the following
538
+ # values, depending on the grant type that you want:
539
+ #
540
+ # * Authorization Code - `authorization_code`
541
+ #
542
+ # * Refresh Token - `refresh_token`
543
+ #
544
+ # * JWT Bearer - `urn:ietf:params:oauth:grant-type:jwt-bearer`
545
+ #
546
+ # * Token Exchange - `urn:ietf:params:oauth:grant-type:token-exchange`
547
+ #
548
+ # @option params [String] :code
549
+ # Used only when calling this API for the Authorization Code grant type.
550
+ # This short-term code is used to identify this authorization request.
551
+ # The code is obtained through a redirect from IAM Identity Center to a
552
+ # redirect URI persisted in the Authorization Code GrantOptions for the
553
+ # application.
554
+ #
555
+ # @option params [String] :refresh_token
556
+ # Used only when calling this API for the Refresh Token grant type. This
557
+ # token is used to refresh short-term tokens, such as the access token,
558
+ # that might expire.
559
+ #
560
+ # For more information about the features and limitations of the current
561
+ # IAM Identity Center OIDC implementation, see *Considerations for Using
562
+ # this Guide* in the [IAM Identity Center OIDC API Reference][1].
563
+ #
564
+ #
565
+ #
566
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html
567
+ #
568
+ # @option params [String] :assertion
569
+ # Used only when calling this API for the JWT Bearer grant type. This
570
+ # value specifies the JSON Web Token (JWT) issued by a trusted token
571
+ # issuer. To authorize a trusted token issuer, configure the JWT Bearer
572
+ # GrantOptions for the application.
573
+ #
574
+ # @option params [Array<String>] :scope
575
+ # The list of scopes for which authorization is requested. The access
576
+ # token that is issued is limited to the scopes that are granted. If the
577
+ # value is not specified, IAM Identity Center authorizes all scopes
578
+ # configured for the application, including the following default
579
+ # scopes: `openid`, `aws`, `sts:identity_context`.
580
+ #
581
+ # @option params [String] :redirect_uri
582
+ # Used only when calling this API for the Authorization Code grant type.
583
+ # This value specifies the location of the client or application that
584
+ # has registered to receive the authorization code.
585
+ #
586
+ # @option params [String] :subject_token
587
+ # Used only when calling this API for the Token Exchange grant type.
588
+ # This value specifies the subject of the exchange. The value of the
589
+ # subject token must be an access token issued by IAM Identity Center to
590
+ # a different client or application. The access token must have
591
+ # authorized scopes that indicate the requested application as a target
592
+ # audience.
593
+ #
594
+ # @option params [String] :subject_token_type
595
+ # Used only when calling this API for the Token Exchange grant type.
596
+ # This value specifies the type of token that is passed as the subject
597
+ # of the exchange. The following value is supported:
598
+ #
599
+ # * Access Token - `urn:ietf:params:oauth:token-type:access_token`
600
+ #
601
+ # @option params [String] :requested_token_type
602
+ # Used only when calling this API for the Token Exchange grant type.
603
+ # This value specifies the type of token that the requester can receive.
604
+ # The following values are supported:
605
+ #
606
+ # * Access Token - `urn:ietf:params:oauth:token-type:access_token`
607
+ #
608
+ # * Refresh Token - `urn:ietf:params:oauth:token-type:refresh_token`
609
+ #
610
+ # @return [Types::CreateTokenWithIAMResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
611
+ #
612
+ # * {Types::CreateTokenWithIAMResponse#access_token #access_token} => String
613
+ # * {Types::CreateTokenWithIAMResponse#token_type #token_type} => String
614
+ # * {Types::CreateTokenWithIAMResponse#expires_in #expires_in} => Integer
615
+ # * {Types::CreateTokenWithIAMResponse#refresh_token #refresh_token} => String
616
+ # * {Types::CreateTokenWithIAMResponse#id_token #id_token} => String
617
+ # * {Types::CreateTokenWithIAMResponse#issued_token_type #issued_token_type} => String
618
+ # * {Types::CreateTokenWithIAMResponse#scope #scope} => Array&lt;String&gt;
619
+ #
620
+ #
621
+ # @example Example: Call OAuth/OIDC /token endpoint for Authorization Code grant with IAM authentication
622
+ #
623
+ # resp = client.create_token_with_iam({
624
+ # client_id: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
625
+ # code: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzg0In0EXAMPLEAUTHCODE",
626
+ # grant_type: "authorization_code",
627
+ # redirect_uri: "https://mywebapp.example/redirect",
628
+ # scope: [
629
+ # "openid",
630
+ # "aws",
631
+ # "sts:identity_context",
632
+ # ],
633
+ # })
634
+ #
635
+ # resp.to_h outputs the following:
636
+ # {
637
+ # access_token: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
638
+ # expires_in: 1579729529,
639
+ # id_token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
640
+ # issued_token_type: "urn:ietf:params:oauth:token-type:refresh_token",
641
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
642
+ # scope: [
643
+ # "openid",
644
+ # "aws",
645
+ # "sts:identity_context",
646
+ # ],
647
+ # token_type: "Bearer",
648
+ # }
649
+ #
650
+ # @example Example: Call OAuth/OIDC /token endpoint for Refresh Token grant with IAM authentication
651
+ #
652
+ # resp = client.create_token_with_iam({
653
+ # client_id: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
654
+ # grant_type: "refresh_token",
655
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
656
+ # })
657
+ #
658
+ # resp.to_h outputs the following:
659
+ # {
660
+ # access_token: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
661
+ # expires_in: 1579729529,
662
+ # issued_token_type: "urn:ietf:params:oauth:token-type:refresh_token",
663
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
664
+ # scope: [
665
+ # "openid",
666
+ # "aws",
667
+ # "sts:identity_context",
668
+ # ],
669
+ # token_type: "Bearer",
670
+ # }
671
+ #
672
+ # @example Example: Call OAuth/OIDC /token endpoint for JWT Bearer grant with IAM authentication
673
+ #
674
+ # resp = client.create_token_with_iam({
675
+ # assertion: "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw",
676
+ # client_id: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
677
+ # grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
678
+ # })
679
+ #
680
+ # resp.to_h outputs the following:
681
+ # {
682
+ # access_token: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
683
+ # expires_in: 1579729529,
684
+ # id_token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsInN0czphdWRpdF9jb250ZXh0IjoiRVhBTVBMRUFVRElUQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.Xyah6qbk78qThzJ41iFU2yfGuRqqtKXHrJYwQ8L9Ip0",
685
+ # issued_token_type: "urn:ietf:params:oauth:token-type:refresh_token",
686
+ # refresh_token: "aorvJYubGpU6i91YnH7Mfo-AT2fIVa1zCfA_Rvq9yjVKIP3onFmmykuQ7E93y2I-9Nyj-A_sVvMufaLNL0bqnDRtgAkc0:MGUCMFrRsktMRVlWaOR70XGMFGLL0SlcCw4DiYveIiOVx1uK9BbD0gvAddsW3UTLozXKMgIxAJ3qxUvjpnlLIOaaKOoa/FuNgqJVvr9GMwDtnAtlh9iZzAkEXAMPLEREFRESHTOKEN",
687
+ # scope: [
688
+ # "openid",
689
+ # "aws",
690
+ # "sts:identity_context",
691
+ # ],
692
+ # token_type: "Bearer",
693
+ # }
694
+ #
695
+ # @example Example: Call OAuth/OIDC /token endpoint for Token Exchange grant with IAM authentication
696
+ #
697
+ # resp = client.create_token_with_iam({
698
+ # client_id: "arn:aws:sso::123456789012:application/ssoins-111111111111/apl-222222222222",
699
+ # grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
700
+ # requested_token_type: "urn:ietf:params:oauth:token-type:access_token",
701
+ # subject_token: "aoak-Hig8TUDPNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZDIFFERENTACCESSTOKEN",
702
+ # subject_token_type: "urn:ietf:params:oauth:token-type:access_token",
703
+ # })
704
+ #
705
+ # resp.to_h outputs the following:
706
+ # {
707
+ # access_token: "aoal-YigITUDiNX1xZwOMXM5MxOWDL0E0jg9P6_C_jKQPxS_SKCP6f0kh1Up4g7TtvQqkMnD-GJiU_S1gvug6SrggAkc0:MGYCMQD3IatVjV7jAJU91kK3PkS/SfA2wtgWzOgZWDOR7sDGN9t0phCZz5It/aes/3C1Zj0CMQCKWOgRaiz6AIhza3DSXQNMLjRKXC8F8ceCsHlgYLMZ7hZidEXAMPLEACCESSTOKEN",
708
+ # expires_in: 1579729529,
709
+ # id_token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhd3M6aWRlbnRpdHlfc3RvcmVfaWQiOiJkLTMzMzMzMzMzMzMiLCJzdWIiOiI3MzA0NDhmMi1lMGExLTcwYTctYzk1NC0wMDAwMDAwMDAwMDAiLCJhd3M6aW5zdGFuY2VfYWNjb3VudCI6IjExMTExMTExMTExMSIsInN0czppZGVudGl0eV9jb250ZXh0IjoiRVhBTVBMRUlERU5USVRZQ09OVEVYVCIsImlzcyI6Imh0dHBzOi8vaWRlbnRpdHljZW50ZXIuYW1hem9uYXdzLmNvbS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmlkZW50aXR5X3N0b3JlX2FybiI6ImFybjphd3M6aWRlbnRpdHlzdG9yZTo6MTExMTExMTExMTExOmlkZW50aXR5c3RvcmUvZC0zMzMzMzMzMzMzIiwiYXVkIjoiYXJuOmF3czpzc286OjEyMzQ1Njc4OTAxMjphcHBsaWNhdGlvbi9zc29pbnMtMTExMTExMTExMTExL2FwbC0yMjIyMjIyMjIyMjIiLCJhd3M6aW5zdGFuY2VfYXJuIjoiYXJuOmF3czpzc286OjppbnN0YW5jZS9zc29pbnMtMTExMTExMTExMTExIiwiYXdzOmNyZWRlbnRpYWxfaWQiOiJfWlIyTjZhVkJqMjdGUEtheWpfcEtwVjc3QVBERl80MXB4ZXRfWWpJdUpONlVJR2RBdkpFWEFNUExFQ1JFRElEIiwiYXV0aF90aW1lIjoiMjAyMC0wMS0yMlQxMjo0NToyOVoiLCJleHAiOjE1Nzk3Mjk1MjksImlhdCI6MTU3OTcyNTkyOX0.5SYiW1kMsuUr7nna-l5tlakM0GNbMHvIM2_n0QD23jM",
710
+ # issued_token_type: "urn:ietf:params:oauth:token-type:access_token",
711
+ # scope: [
712
+ # "openid",
713
+ # "aws",
714
+ # "sts:identity_context",
715
+ # ],
716
+ # token_type: "Bearer",
717
+ # }
718
+ #
719
+ # @example Request syntax with placeholder values
720
+ #
721
+ # resp = client.create_token_with_iam({
722
+ # client_id: "ClientId", # required
723
+ # grant_type: "GrantType", # required
724
+ # code: "AuthCode",
725
+ # refresh_token: "RefreshToken",
726
+ # assertion: "Assertion",
727
+ # scope: ["Scope"],
728
+ # redirect_uri: "URI",
729
+ # subject_token: "SubjectToken",
730
+ # subject_token_type: "TokenTypeURI",
731
+ # requested_token_type: "TokenTypeURI",
732
+ # })
733
+ #
734
+ # @example Response structure
735
+ #
736
+ # resp.access_token #=> String
737
+ # resp.token_type #=> String
738
+ # resp.expires_in #=> Integer
739
+ # resp.refresh_token #=> String
740
+ # resp.id_token #=> String
741
+ # resp.issued_token_type #=> String
742
+ # resp.scope #=> Array
743
+ # resp.scope[0] #=> String
744
+ #
745
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM AWS API Documentation
746
+ #
747
+ # @overload create_token_with_iam(params = {})
748
+ # @param [Hash] params ({})
749
+ def create_token_with_iam(params = {}, options = {})
750
+ req = build_request(:create_token_with_iam, params)
751
+ req.send_request(options)
752
+ end
753
+
754
+ # Registers a client with IAM Identity Center. This allows clients to
755
+ # initiate device authorization. The output should be persisted for
756
+ # reuse through many authentication requests.
757
+ #
758
+ # @option params [required, String] :client_name
759
+ # The friendly name of the client.
760
+ #
761
+ # @option params [required, String] :client_type
762
+ # The type of client. The service supports only `public` as a client
763
+ # type. Anything other than public will be rejected by the service.
764
+ #
765
+ # @option params [Array<String>] :scopes
766
+ # The list of scopes that are defined by the client. Upon authorization,
767
+ # this list is used to restrict permissions when granting an access
768
+ # token.
769
+ #
770
+ # @return [Types::RegisterClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
771
+ #
772
+ # * {Types::RegisterClientResponse#client_id #client_id} => String
773
+ # * {Types::RegisterClientResponse#client_secret #client_secret} => String
774
+ # * {Types::RegisterClientResponse#client_id_issued_at #client_id_issued_at} => Integer
775
+ # * {Types::RegisterClientResponse#client_secret_expires_at #client_secret_expires_at} => Integer
776
+ # * {Types::RegisterClientResponse#authorization_endpoint #authorization_endpoint} => String
777
+ # * {Types::RegisterClientResponse#token_endpoint #token_endpoint} => String
778
+ #
779
+ #
780
+ # @example Example: Call OAuth/OIDC /register-client endpoint
781
+ #
782
+ # resp = client.register_client({
783
+ # client_name: "My IDE Plugin",
784
+ # client_type: "public",
785
+ # scopes: [
786
+ # "sso:account:access",
787
+ # "codewhisperer:completions",
788
+ # ],
789
+ # })
790
+ #
791
+ # resp.to_h outputs the following:
792
+ # {
793
+ # client_id: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
794
+ # client_id_issued_at: 1579725929,
795
+ # client_secret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
796
+ # client_secret_expires_at: 1587584729,
797
+ # }
798
+ #
799
+ # @example Request syntax with placeholder values
800
+ #
801
+ # resp = client.register_client({
802
+ # client_name: "ClientName", # required
803
+ # client_type: "ClientType", # required
804
+ # scopes: ["Scope"],
805
+ # })
806
+ #
807
+ # @example Response structure
808
+ #
809
+ # resp.client_id #=> String
810
+ # resp.client_secret #=> String
811
+ # resp.client_id_issued_at #=> Integer
812
+ # resp.client_secret_expires_at #=> Integer
813
+ # resp.authorization_endpoint #=> String
814
+ # resp.token_endpoint #=> String
815
+ #
816
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient AWS API Documentation
817
+ #
818
+ # @overload register_client(params = {})
819
+ # @param [Hash] params ({})
820
+ def register_client(params = {}, options = {})
821
+ req = build_request(:register_client, params)
822
+ req.send_request(options)
823
+ end
824
+
825
+ # Initiates device authorization by requesting a pair of verification
826
+ # codes from the authorization service.
827
+ #
828
+ # @option params [required, String] :client_id
829
+ # The unique identifier string for the client that is registered with
830
+ # IAM Identity Center. This value should come from the persisted result
831
+ # of the RegisterClient API operation.
832
+ #
833
+ # @option params [required, String] :client_secret
834
+ # A secret string that is generated for the client. This value should
835
+ # come from the persisted result of the RegisterClient API operation.
836
+ #
837
+ # @option params [required, String] :start_url
838
+ # The URL for the Amazon Web Services access portal. For more
839
+ # information, see [Using the Amazon Web Services access portal][1] in
840
+ # the *IAM Identity Center User Guide*.
841
+ #
842
+ #
843
+ #
844
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html
845
+ #
846
+ # @return [Types::StartDeviceAuthorizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
847
+ #
848
+ # * {Types::StartDeviceAuthorizationResponse#device_code #device_code} => String
849
+ # * {Types::StartDeviceAuthorizationResponse#user_code #user_code} => String
850
+ # * {Types::StartDeviceAuthorizationResponse#verification_uri #verification_uri} => String
851
+ # * {Types::StartDeviceAuthorizationResponse#verification_uri_complete #verification_uri_complete} => String
852
+ # * {Types::StartDeviceAuthorizationResponse#expires_in #expires_in} => Integer
853
+ # * {Types::StartDeviceAuthorizationResponse#interval #interval} => Integer
854
+ #
855
+ #
856
+ # @example Example: Call OAuth/OIDC /start-device-authorization endpoint
857
+ #
858
+ # resp = client.start_device_authorization({
859
+ # client_id: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
860
+ # client_secret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
861
+ # start_url: "https://identitycenter.amazonaws.com/ssoins-111111111111",
862
+ # })
863
+ #
864
+ # resp.to_h outputs the following:
865
+ # {
866
+ # device_code: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
867
+ # expires_in: 1579729529,
868
+ # interval: 1,
869
+ # user_code: "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
870
+ # verification_uri: "https://device.sso.us-west-2.amazonaws.com",
871
+ # verification_uri_complete: "https://device.sso.us-west-2.amazonaws.com?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
872
+ # }
873
+ #
874
+ # @example Request syntax with placeholder values
875
+ #
876
+ # resp = client.start_device_authorization({
877
+ # client_id: "ClientId", # required
878
+ # client_secret: "ClientSecret", # required
879
+ # start_url: "URI", # required
880
+ # })
881
+ #
882
+ # @example Response structure
883
+ #
884
+ # resp.device_code #=> String
885
+ # resp.user_code #=> String
886
+ # resp.verification_uri #=> String
887
+ # resp.verification_uri_complete #=> String
888
+ # resp.expires_in #=> Integer
889
+ # resp.interval #=> Integer
890
+ #
891
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization AWS API Documentation
892
+ #
893
+ # @overload start_device_authorization(params = {})
894
+ # @param [Hash] params ({})
895
+ def start_device_authorization(params = {}, options = {})
896
+ req = build_request(:start_device_authorization, params)
897
+ req.send_request(options)
898
+ end
899
+
900
+ # @!endgroup
901
+
902
+ # @param params ({})
903
+ # @api private
904
+ def build_request(operation_name, params = {})
905
+ handlers = @handlers.for(operation_name)
906
+ context = Seahorse::Client::RequestContext.new(
907
+ operation_name: operation_name,
908
+ operation: config.api.operation(operation_name),
909
+ client: self,
910
+ params: params,
911
+ config: config)
912
+ context[:gem_name] = 'aws-sdk-core'
913
+ context[:gem_version] = '3.191.0'
914
+ Seahorse::Client::Request.new(handlers, context)
915
+ end
916
+
917
+ # @api private
918
+ # @deprecated
919
+ def waiter_names
920
+ []
921
+ end
922
+
923
+ class << self
924
+
925
+ # @api private
926
+ attr_reader :identifier
927
+
928
+ # @api private
929
+ def errors_module
930
+ Errors
931
+ end
932
+
933
+ end
934
+ end
935
+ end