aws-sdk-core 3.130.1 → 3.178.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (94) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +377 -1
  3. data/VERSION +1 -1
  4. data/lib/aws-defaults/default_configuration.rb +4 -4
  5. data/lib/aws-sdk-core/arn.rb +13 -0
  6. data/lib/aws-sdk-core/assume_role_credentials.rb +6 -11
  7. data/lib/aws-sdk-core/assume_role_web_identity_credentials.rb +8 -10
  8. data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
  9. data/lib/aws-sdk-core/credential_provider.rb +3 -0
  10. data/lib/aws-sdk-core/credential_provider_chain.rb +8 -5
  11. data/lib/aws-sdk-core/ecs_credentials.rb +116 -53
  12. data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
  13. data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
  14. data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
  15. data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
  16. data/lib/aws-sdk-core/endpoints/function.rb +80 -0
  17. data/lib/aws-sdk-core/endpoints/matchers.rb +127 -0
  18. data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
  19. data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
  20. data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
  21. data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
  22. data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
  23. data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
  24. data/lib/aws-sdk-core/endpoints/url.rb +60 -0
  25. data/lib/aws-sdk-core/endpoints.rb +78 -0
  26. data/lib/aws-sdk-core/errors.rb +13 -0
  27. data/lib/aws-sdk-core/ini_parser.rb +1 -1
  28. data/lib/aws-sdk-core/instance_profile_credentials.rb +5 -0
  29. data/lib/aws-sdk-core/json/error_handler.rb +20 -1
  30. data/lib/aws-sdk-core/log/formatter.rb +6 -0
  31. data/lib/aws-sdk-core/pageable_response.rb +10 -1
  32. data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
  33. data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +1 -1
  34. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +24 -0
  35. data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
  36. data/lib/aws-sdk-core/plugins/jsonvalue_converter.rb +34 -6
  37. data/lib/aws-sdk-core/plugins/recursion_detection.rb +14 -3
  38. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +111 -30
  39. data/lib/aws-sdk-core/plugins/request_compression.rb +217 -0
  40. data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +2 -1
  41. data/lib/aws-sdk-core/plugins/sign.rb +201 -0
  42. data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
  43. data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -7
  44. data/lib/aws-sdk-core/plugins/user_agent.rb +117 -14
  45. data/lib/aws-sdk-core/process_credentials.rb +6 -9
  46. data/lib/aws-sdk-core/refreshing_credentials.rb +2 -6
  47. data/lib/aws-sdk-core/refreshing_token.rb +71 -0
  48. data/lib/aws-sdk-core/rest/handler.rb +1 -1
  49. data/lib/aws-sdk-core/rest/request/headers.rb +2 -6
  50. data/lib/aws-sdk-core/shared_config.rb +101 -6
  51. data/lib/aws-sdk-core/sso_credentials.rb +85 -50
  52. data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
  53. data/lib/aws-sdk-core/static_token_provider.rb +14 -0
  54. data/lib/aws-sdk-core/structure.rb +6 -4
  55. data/lib/aws-sdk-core/token.rb +31 -0
  56. data/lib/aws-sdk-core/token_provider.rb +15 -0
  57. data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
  58. data/lib/aws-sdk-core/waiters/poller.rb +3 -1
  59. data/lib/aws-sdk-core/xml/error_handler.rb +7 -0
  60. data/lib/aws-sdk-core/xml/parser/engines/oga.rb +2 -0
  61. data/lib/aws-sdk-core.rb +14 -0
  62. data/lib/aws-sdk-sso/client.rb +71 -11
  63. data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
  64. data/lib/aws-sdk-sso/endpoint_provider.rb +51 -0
  65. data/lib/aws-sdk-sso/endpoints.rb +72 -0
  66. data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
  67. data/lib/aws-sdk-sso/types.rb +8 -43
  68. data/lib/aws-sdk-sso.rb +5 -1
  69. data/lib/aws-sdk-ssooidc/client.rb +626 -0
  70. data/lib/aws-sdk-ssooidc/client_api.rb +216 -0
  71. data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
  72. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
  73. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +51 -0
  74. data/lib/aws-sdk-ssooidc/endpoints.rb +58 -0
  75. data/lib/aws-sdk-ssooidc/errors.rb +290 -0
  76. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +74 -0
  77. data/lib/aws-sdk-ssooidc/resource.rb +26 -0
  78. data/lib/aws-sdk-ssooidc/types.rb +502 -0
  79. data/lib/aws-sdk-ssooidc.rb +59 -0
  80. data/lib/aws-sdk-sts/client.rb +289 -245
  81. data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
  82. data/lib/aws-sdk-sts/endpoint_provider.rb +112 -0
  83. data/lib/aws-sdk-sts/endpoints.rb +136 -0
  84. data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
  85. data/lib/aws-sdk-sts/presigner.rb +13 -15
  86. data/lib/aws-sdk-sts/types.rb +87 -195
  87. data/lib/aws-sdk-sts.rb +5 -1
  88. data/lib/seahorse/client/async_base.rb +0 -1
  89. data/lib/seahorse/client/configuration.rb +1 -5
  90. data/lib/seahorse/client/h2/connection.rb +12 -11
  91. data/lib/seahorse/client/plugins/request_callback.rb +9 -9
  92. data/lib/seahorse/model/operation.rb +3 -0
  93. data/lib/seahorse/util.rb +4 -0
  94. metadata +56 -8
@@ -0,0 +1,626 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
+ require 'aws-sdk-core/plugins/request_compression.rb'
32
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
33
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
34
+ require 'aws-sdk-core/plugins/sign.rb'
35
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
36
+
37
+ Aws::Plugins::GlobalConfiguration.add_identifier(:ssooidc)
38
+
39
+ module Aws::SSOOIDC
40
+ # An API client for SSOOIDC. To construct a client, you need to configure a `:region` and `:credentials`.
41
+ #
42
+ # client = Aws::SSOOIDC::Client.new(
43
+ # region: region_name,
44
+ # credentials: credentials,
45
+ # # ...
46
+ # )
47
+ #
48
+ # For details on configuring region and credentials see
49
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
50
+ #
51
+ # See {#initialize} for a full list of supported configuration options.
52
+ class Client < Seahorse::Client::Base
53
+
54
+ include Aws::ClientStubs
55
+
56
+ @identifier = :ssooidc
57
+
58
+ set_api(ClientApi::API)
59
+
60
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
61
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
62
+ add_plugin(Aws::Plugins::Logging)
63
+ add_plugin(Aws::Plugins::ParamConverter)
64
+ add_plugin(Aws::Plugins::ParamValidator)
65
+ add_plugin(Aws::Plugins::UserAgent)
66
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
67
+ add_plugin(Aws::Plugins::RetryErrors)
68
+ add_plugin(Aws::Plugins::GlobalConfiguration)
69
+ add_plugin(Aws::Plugins::RegionalEndpoint)
70
+ add_plugin(Aws::Plugins::EndpointDiscovery)
71
+ add_plugin(Aws::Plugins::EndpointPattern)
72
+ add_plugin(Aws::Plugins::ResponsePaging)
73
+ add_plugin(Aws::Plugins::StubResponses)
74
+ add_plugin(Aws::Plugins::IdempotencyToken)
75
+ add_plugin(Aws::Plugins::JsonvalueConverter)
76
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
77
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
78
+ add_plugin(Aws::Plugins::TransferEncoding)
79
+ add_plugin(Aws::Plugins::HttpChecksum)
80
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
81
+ add_plugin(Aws::Plugins::RequestCompression)
82
+ add_plugin(Aws::Plugins::DefaultsMode)
83
+ add_plugin(Aws::Plugins::RecursionDetection)
84
+ add_plugin(Aws::Plugins::Sign)
85
+ add_plugin(Aws::Plugins::Protocols::RestJson)
86
+ add_plugin(Aws::SSOOIDC::Plugins::Endpoints)
87
+
88
+ # @overload initialize(options)
89
+ # @param [Hash] options
90
+ # @option options [required, Aws::CredentialProvider] :credentials
91
+ # Your AWS credentials. This can be an instance of any one of the
92
+ # following classes:
93
+ #
94
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
95
+ # credentials.
96
+ #
97
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
98
+ # shared file, such as `~/.aws/config`.
99
+ #
100
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
101
+ #
102
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
103
+ # assume a role after providing credentials via the web.
104
+ #
105
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
106
+ # access token generated from `aws login`.
107
+ #
108
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
109
+ # process that outputs to stdout.
110
+ #
111
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
112
+ # from an EC2 IMDS on an EC2 instance.
113
+ #
114
+ # * `Aws::ECSCredentials` - Used for loading credentials from
115
+ # instances running in ECS.
116
+ #
117
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
118
+ # from the Cognito Identity service.
119
+ #
120
+ # When `:credentials` are not configured directly, the following
121
+ # locations will be searched for credentials:
122
+ #
123
+ # * `Aws.config[:credentials]`
124
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
125
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
126
+ # * `~/.aws/credentials`
127
+ # * `~/.aws/config`
128
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
129
+ # are very aggressive. Construct and pass an instance of
130
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
131
+ # enable retries and extended timeouts. Instance profile credential
132
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
133
+ # to true.
134
+ #
135
+ # @option options [required, String] :region
136
+ # The AWS region to connect to. The configured `:region` is
137
+ # used to determine the service `:endpoint`. When not passed,
138
+ # a default `:region` is searched for in the following locations:
139
+ #
140
+ # * `Aws.config[:region]`
141
+ # * `ENV['AWS_REGION']`
142
+ # * `ENV['AMAZON_REGION']`
143
+ # * `ENV['AWS_DEFAULT_REGION']`
144
+ # * `~/.aws/credentials`
145
+ # * `~/.aws/config`
146
+ #
147
+ # @option options [String] :access_key_id
148
+ #
149
+ # @option options [Boolean] :active_endpoint_cache (false)
150
+ # When set to `true`, a thread polling for endpoints will be running in
151
+ # the background every 60 secs (default). Defaults to `false`.
152
+ #
153
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
154
+ # Used only in `adaptive` retry mode. When true, the request will sleep
155
+ # until there is sufficent client side capacity to retry the request.
156
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
157
+ # not retry instead of sleeping.
158
+ #
159
+ # @option options [Boolean] :client_side_monitoring (false)
160
+ # When `true`, client-side metrics will be collected for all API requests from
161
+ # this client.
162
+ #
163
+ # @option options [String] :client_side_monitoring_client_id ("")
164
+ # Allows you to provide an identifier for this client which will be attached to
165
+ # all generated client side metrics. Defaults to an empty string.
166
+ #
167
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
168
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
169
+ # side monitoring agent is running on, where client metrics will be published via UDP.
170
+ #
171
+ # @option options [Integer] :client_side_monitoring_port (31000)
172
+ # Required for publishing client metrics. The port that the client side monitoring
173
+ # agent is running on, where client metrics will be published via UDP.
174
+ #
175
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
176
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
177
+ # will use the Client Side Monitoring Agent Publisher.
178
+ #
179
+ # @option options [Boolean] :convert_params (true)
180
+ # When `true`, an attempt is made to coerce request parameters into
181
+ # the required types.
182
+ #
183
+ # @option options [Boolean] :correct_clock_skew (true)
184
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
185
+ # a clock skew correction and retry requests with skewed client clocks.
186
+ #
187
+ # @option options [String] :defaults_mode ("legacy")
188
+ # See {Aws::DefaultsModeConfiguration} for a list of the
189
+ # accepted modes and the configuration defaults that are included.
190
+ #
191
+ # @option options [Boolean] :disable_host_prefix_injection (false)
192
+ # Set to true to disable SDK automatically adding host prefix
193
+ # to default service endpoint when available.
194
+ #
195
+ # @option options [Boolean] :disable_request_compression (false)
196
+ # When set to 'true' the request body will not be compressed
197
+ # for supported operations.
198
+ #
199
+ # @option options [String] :endpoint
200
+ # The client endpoint is normally constructed from the `:region`
201
+ # option. You should only configure an `:endpoint` when connecting
202
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
203
+ #
204
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
205
+ # Used for the maximum size limit of the LRU cache storing endpoints data
206
+ # for endpoint discovery enabled operations. Defaults to 1000.
207
+ #
208
+ # @option options [Integer] :endpoint_cache_max_threads (10)
209
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
210
+ #
211
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
212
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
213
+ # Use this option to config the time interval in seconds for making
214
+ # requests fetching endpoints information. Defaults to 60 sec.
215
+ #
216
+ # @option options [Boolean] :endpoint_discovery (false)
217
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
218
+ #
219
+ # @option options [Boolean] :ignore_configured_endpoint_urls
220
+ # Setting to true disables use of endpoint URLs provided via environment
221
+ # variables and the shared configuration file.
222
+ #
223
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
224
+ # The log formatter.
225
+ #
226
+ # @option options [Symbol] :log_level (:info)
227
+ # The log level to send messages to the `:logger` at.
228
+ #
229
+ # @option options [Logger] :logger
230
+ # The Logger instance to send log messages to. If this option
231
+ # is not set, logging will be disabled.
232
+ #
233
+ # @option options [Integer] :max_attempts (3)
234
+ # An integer representing the maximum number attempts that will be made for
235
+ # a single request, including the initial attempt. For example,
236
+ # setting this value to 5 will result in a request being retried up to
237
+ # 4 times. Used in `standard` and `adaptive` retry modes.
238
+ #
239
+ # @option options [String] :profile ("default")
240
+ # Used when loading credentials from the shared credentials file
241
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
242
+ #
243
+ # @option options [Integer] :request_min_compression_size_bytes (10240)
244
+ # The minimum size in bytes that triggers compression for request
245
+ # bodies. The value must be non-negative integer value between 0
246
+ # and 10485780 bytes inclusive.
247
+ #
248
+ # @option options [Proc] :retry_backoff
249
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
250
+ # This option is only used in the `legacy` retry mode.
251
+ #
252
+ # @option options [Float] :retry_base_delay (0.3)
253
+ # The base delay in seconds used by the default backoff function. This option
254
+ # is only used in the `legacy` retry mode.
255
+ #
256
+ # @option options [Symbol] :retry_jitter (:none)
257
+ # A delay randomiser function used by the default backoff function.
258
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
259
+ # otherwise a Proc that takes and returns a number. This option is only used
260
+ # in the `legacy` retry mode.
261
+ #
262
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
263
+ #
264
+ # @option options [Integer] :retry_limit (3)
265
+ # The maximum number of times to retry failed requests. Only
266
+ # ~ 500 level server errors and certain ~ 400 level client errors
267
+ # are retried. Generally, these are throttling errors, data
268
+ # checksum errors, networking errors, timeout errors, auth errors,
269
+ # endpoint discovery, and errors from expired credentials.
270
+ # This option is only used in the `legacy` retry mode.
271
+ #
272
+ # @option options [Integer] :retry_max_delay (0)
273
+ # The maximum number of seconds to delay between retries (0 for no limit)
274
+ # used by the default backoff function. This option is only used in the
275
+ # `legacy` retry mode.
276
+ #
277
+ # @option options [String] :retry_mode ("legacy")
278
+ # Specifies which retry algorithm to use. Values are:
279
+ #
280
+ # * `legacy` - The pre-existing retry behavior. This is default value if
281
+ # no retry mode is provided.
282
+ #
283
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
284
+ # This includes support for retry quotas, which limit the number of
285
+ # unsuccessful retries a client can make.
286
+ #
287
+ # * `adaptive` - An experimental retry mode that includes all the
288
+ # functionality of `standard` mode along with automatic client side
289
+ # throttling. This is a provisional mode that may change behavior
290
+ # in the future.
291
+ #
292
+ #
293
+ # @option options [String] :sdk_ua_app_id
294
+ # A unique and opaque application ID that is appended to the
295
+ # User-Agent header as app/<sdk_ua_app_id>. It should have a
296
+ # maximum length of 50.
297
+ #
298
+ # @option options [String] :secret_access_key
299
+ #
300
+ # @option options [String] :session_token
301
+ #
302
+ # @option options [Boolean] :stub_responses (false)
303
+ # Causes the client to return stubbed responses. By default
304
+ # fake responses are generated and returned. You can specify
305
+ # the response data to return or errors to raise by calling
306
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
307
+ #
308
+ # ** Please note ** When response stubbing is enabled, no HTTP
309
+ # requests are made, and retries are disabled.
310
+ #
311
+ # @option options [Aws::TokenProvider] :token_provider
312
+ # A Bearer Token Provider. This can be an instance of any one of the
313
+ # following classes:
314
+ #
315
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
316
+ # tokens.
317
+ #
318
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
319
+ # access token generated from `aws login`.
320
+ #
321
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
322
+ # will be used to search for tokens configured for your profile in shared configuration files.
323
+ #
324
+ # @option options [Boolean] :use_dualstack_endpoint
325
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
326
+ # will be used if available.
327
+ #
328
+ # @option options [Boolean] :use_fips_endpoint
329
+ # When set to `true`, fips compatible endpoints will be used if available.
330
+ # When a `fips` region is used, the region is normalized and this config
331
+ # is set to `true`.
332
+ #
333
+ # @option options [Boolean] :validate_params (true)
334
+ # When `true`, request parameters are validated before
335
+ # sending the request.
336
+ #
337
+ # @option options [Aws::SSOOIDC::EndpointProvider] :endpoint_provider
338
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSOOIDC::EndpointParameters`
339
+ #
340
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
341
+ # requests through. Formatted like 'http://proxy.com:123'.
342
+ #
343
+ # @option options [Float] :http_open_timeout (15) The number of
344
+ # seconds to wait when opening a HTTP session before raising a
345
+ # `Timeout::Error`.
346
+ #
347
+ # @option options [Float] :http_read_timeout (60) The default
348
+ # number of seconds to wait for response data. This value can
349
+ # safely be set per-request on the session.
350
+ #
351
+ # @option options [Float] :http_idle_timeout (5) The number of
352
+ # seconds a connection is allowed to sit idle before it is
353
+ # considered stale. Stale connections are closed and removed
354
+ # from the pool before making a request.
355
+ #
356
+ # @option options [Float] :http_continue_timeout (1) The number of
357
+ # seconds to wait for a 100-continue response before sending the
358
+ # request body. This option has no effect unless the request has
359
+ # "Expect" header set to "100-continue". Defaults to `nil` which
360
+ # disables this behaviour. This value can safely be set per
361
+ # request on the session.
362
+ #
363
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
364
+ # in seconds.
365
+ #
366
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
367
+ # HTTP debug output will be sent to the `:logger`.
368
+ #
369
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
370
+ # SSL peer certificates are verified when establishing a
371
+ # connection.
372
+ #
373
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
374
+ # certificate authority bundle file that should be used when
375
+ # verifying peer certificates. If you do not pass
376
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
377
+ # will be used if available.
378
+ #
379
+ # @option options [String] :ssl_ca_directory Full path of the
380
+ # directory that contains the unbundled SSL certificate
381
+ # authority files for verifying peer certificates. If you do
382
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
383
+ # system default will be used if available.
384
+ #
385
+ def initialize(*args)
386
+ super
387
+ end
388
+
389
+ # @!group API Operations
390
+
391
+ # Creates and returns an access token for the authorized client. The
392
+ # access token issued will be used to fetch short-term credentials for
393
+ # the assigned roles in the AWS account.
394
+ #
395
+ # @option params [required, String] :client_id
396
+ # The unique identifier string for each client. This value should come
397
+ # from the persisted result of the RegisterClient API.
398
+ #
399
+ # @option params [required, String] :client_secret
400
+ # A secret string generated for the client. This value should come from
401
+ # the persisted result of the RegisterClient API.
402
+ #
403
+ # @option params [required, String] :grant_type
404
+ # Supports grant types for the authorization code, refresh token, and
405
+ # device code request. For device code requests, specify the following
406
+ # value:
407
+ #
408
+ # `urn:ietf:params:oauth:grant-type:device_code `
409
+ #
410
+ # For information about how to obtain the device code, see the
411
+ # StartDeviceAuthorization topic.
412
+ #
413
+ # @option params [String] :device_code
414
+ # Used only when calling this API for the device code grant type. This
415
+ # short-term code is used to identify this authentication attempt. This
416
+ # should come from an in-memory reference to the result of the
417
+ # StartDeviceAuthorization API.
418
+ #
419
+ # @option params [String] :code
420
+ # The authorization code received from the authorization service. This
421
+ # parameter is required to perform an authorization grant request to get
422
+ # access to a token.
423
+ #
424
+ # @option params [String] :refresh_token
425
+ # Currently, `refreshToken` is not yet implemented and is not supported.
426
+ # For more information about the features and limitations of the current
427
+ # IAM Identity Center OIDC implementation, see *Considerations for Using
428
+ # this Guide* in the [IAM Identity Center OIDC API Reference][1].
429
+ #
430
+ # The token used to obtain an access token in the event that the access
431
+ # token is invalid or expired.
432
+ #
433
+ #
434
+ #
435
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html
436
+ #
437
+ # @option params [Array<String>] :scope
438
+ # The list of scopes that is defined by the client. Upon authorization,
439
+ # this list is used to restrict permissions when granting an access
440
+ # token.
441
+ #
442
+ # @option params [String] :redirect_uri
443
+ # The location of the application that will receive the authorization
444
+ # code. Users authorize the service to send the request to this
445
+ # location.
446
+ #
447
+ # @return [Types::CreateTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
448
+ #
449
+ # * {Types::CreateTokenResponse#access_token #access_token} => String
450
+ # * {Types::CreateTokenResponse#token_type #token_type} => String
451
+ # * {Types::CreateTokenResponse#expires_in #expires_in} => Integer
452
+ # * {Types::CreateTokenResponse#refresh_token #refresh_token} => String
453
+ # * {Types::CreateTokenResponse#id_token #id_token} => String
454
+ #
455
+ # @example Request syntax with placeholder values
456
+ #
457
+ # resp = client.create_token({
458
+ # client_id: "ClientId", # required
459
+ # client_secret: "ClientSecret", # required
460
+ # grant_type: "GrantType", # required
461
+ # device_code: "DeviceCode",
462
+ # code: "AuthCode",
463
+ # refresh_token: "RefreshToken",
464
+ # scope: ["Scope"],
465
+ # redirect_uri: "URI",
466
+ # })
467
+ #
468
+ # @example Response structure
469
+ #
470
+ # resp.access_token #=> String
471
+ # resp.token_type #=> String
472
+ # resp.expires_in #=> Integer
473
+ # resp.refresh_token #=> String
474
+ # resp.id_token #=> String
475
+ #
476
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken AWS API Documentation
477
+ #
478
+ # @overload create_token(params = {})
479
+ # @param [Hash] params ({})
480
+ def create_token(params = {}, options = {})
481
+ req = build_request(:create_token, params)
482
+ req.send_request(options)
483
+ end
484
+
485
+ # Registers a client with IAM Identity Center. This allows clients to
486
+ # initiate device authorization. The output should be persisted for
487
+ # reuse through many authentication requests.
488
+ #
489
+ # @option params [required, String] :client_name
490
+ # The friendly name of the client.
491
+ #
492
+ # @option params [required, String] :client_type
493
+ # The type of client. The service supports only `public` as a client
494
+ # type. Anything other than public will be rejected by the service.
495
+ #
496
+ # @option params [Array<String>] :scopes
497
+ # The list of scopes that are defined by the client. Upon authorization,
498
+ # this list is used to restrict permissions when granting an access
499
+ # token.
500
+ #
501
+ # @return [Types::RegisterClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
502
+ #
503
+ # * {Types::RegisterClientResponse#client_id #client_id} => String
504
+ # * {Types::RegisterClientResponse#client_secret #client_secret} => String
505
+ # * {Types::RegisterClientResponse#client_id_issued_at #client_id_issued_at} => Integer
506
+ # * {Types::RegisterClientResponse#client_secret_expires_at #client_secret_expires_at} => Integer
507
+ # * {Types::RegisterClientResponse#authorization_endpoint #authorization_endpoint} => String
508
+ # * {Types::RegisterClientResponse#token_endpoint #token_endpoint} => String
509
+ #
510
+ # @example Request syntax with placeholder values
511
+ #
512
+ # resp = client.register_client({
513
+ # client_name: "ClientName", # required
514
+ # client_type: "ClientType", # required
515
+ # scopes: ["Scope"],
516
+ # })
517
+ #
518
+ # @example Response structure
519
+ #
520
+ # resp.client_id #=> String
521
+ # resp.client_secret #=> String
522
+ # resp.client_id_issued_at #=> Integer
523
+ # resp.client_secret_expires_at #=> Integer
524
+ # resp.authorization_endpoint #=> String
525
+ # resp.token_endpoint #=> String
526
+ #
527
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient AWS API Documentation
528
+ #
529
+ # @overload register_client(params = {})
530
+ # @param [Hash] params ({})
531
+ def register_client(params = {}, options = {})
532
+ req = build_request(:register_client, params)
533
+ req.send_request(options)
534
+ end
535
+
536
+ # Initiates device authorization by requesting a pair of verification
537
+ # codes from the authorization service.
538
+ #
539
+ # @option params [required, String] :client_id
540
+ # The unique identifier string for the client that is registered with
541
+ # IAM Identity Center. This value should come from the persisted result
542
+ # of the RegisterClient API operation.
543
+ #
544
+ # @option params [required, String] :client_secret
545
+ # A secret string that is generated for the client. This value should
546
+ # come from the persisted result of the RegisterClient API operation.
547
+ #
548
+ # @option params [required, String] :start_url
549
+ # The URL for the AWS access portal. For more information, see [Using
550
+ # the AWS access portal][1] in the *IAM Identity Center User Guide*.
551
+ #
552
+ #
553
+ #
554
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html
555
+ #
556
+ # @return [Types::StartDeviceAuthorizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
557
+ #
558
+ # * {Types::StartDeviceAuthorizationResponse#device_code #device_code} => String
559
+ # * {Types::StartDeviceAuthorizationResponse#user_code #user_code} => String
560
+ # * {Types::StartDeviceAuthorizationResponse#verification_uri #verification_uri} => String
561
+ # * {Types::StartDeviceAuthorizationResponse#verification_uri_complete #verification_uri_complete} => String
562
+ # * {Types::StartDeviceAuthorizationResponse#expires_in #expires_in} => Integer
563
+ # * {Types::StartDeviceAuthorizationResponse#interval #interval} => Integer
564
+ #
565
+ # @example Request syntax with placeholder values
566
+ #
567
+ # resp = client.start_device_authorization({
568
+ # client_id: "ClientId", # required
569
+ # client_secret: "ClientSecret", # required
570
+ # start_url: "URI", # required
571
+ # })
572
+ #
573
+ # @example Response structure
574
+ #
575
+ # resp.device_code #=> String
576
+ # resp.user_code #=> String
577
+ # resp.verification_uri #=> String
578
+ # resp.verification_uri_complete #=> String
579
+ # resp.expires_in #=> Integer
580
+ # resp.interval #=> Integer
581
+ #
582
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization AWS API Documentation
583
+ #
584
+ # @overload start_device_authorization(params = {})
585
+ # @param [Hash] params ({})
586
+ def start_device_authorization(params = {}, options = {})
587
+ req = build_request(:start_device_authorization, params)
588
+ req.send_request(options)
589
+ end
590
+
591
+ # @!endgroup
592
+
593
+ # @param params ({})
594
+ # @api private
595
+ def build_request(operation_name, params = {})
596
+ handlers = @handlers.for(operation_name)
597
+ context = Seahorse::Client::RequestContext.new(
598
+ operation_name: operation_name,
599
+ operation: config.api.operation(operation_name),
600
+ client: self,
601
+ params: params,
602
+ config: config)
603
+ context[:gem_name] = 'aws-sdk-core'
604
+ context[:gem_version] = '3.178.0'
605
+ Seahorse::Client::Request.new(handlers, context)
606
+ end
607
+
608
+ # @api private
609
+ # @deprecated
610
+ def waiter_names
611
+ []
612
+ end
613
+
614
+ class << self
615
+
616
+ # @api private
617
+ attr_reader :identifier
618
+
619
+ # @api private
620
+ def errors_module
621
+ Errors
622
+ end
623
+
624
+ end
625
+ end
626
+ end