aws-sdk-core 3.131.3 → 3.176.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (84) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +330 -1
  3. data/VERSION +1 -1
  4. data/lib/aws-defaults/default_configuration.rb +4 -4
  5. data/lib/aws-sdk-core/arn.rb +13 -0
  6. data/lib/aws-sdk-core/binary/encode_handler.rb +12 -1
  7. data/lib/aws-sdk-core/credential_provider.rb +3 -0
  8. data/lib/aws-sdk-core/credential_provider_chain.rb +8 -5
  9. data/lib/aws-sdk-core/ecs_credentials.rb +111 -53
  10. data/lib/aws-sdk-core/endpoints/condition.rb +41 -0
  11. data/lib/aws-sdk-core/endpoints/endpoint.rb +17 -0
  12. data/lib/aws-sdk-core/endpoints/endpoint_rule.rb +75 -0
  13. data/lib/aws-sdk-core/endpoints/error_rule.rb +42 -0
  14. data/lib/aws-sdk-core/endpoints/function.rb +80 -0
  15. data/lib/aws-sdk-core/endpoints/matchers.rb +127 -0
  16. data/lib/aws-sdk-core/endpoints/reference.rb +31 -0
  17. data/lib/aws-sdk-core/endpoints/rule.rb +25 -0
  18. data/lib/aws-sdk-core/endpoints/rule_set.rb +52 -0
  19. data/lib/aws-sdk-core/endpoints/rules_provider.rb +37 -0
  20. data/lib/aws-sdk-core/endpoints/templater.rb +58 -0
  21. data/lib/aws-sdk-core/endpoints/tree_rule.rb +45 -0
  22. data/lib/aws-sdk-core/endpoints/url.rb +60 -0
  23. data/lib/aws-sdk-core/endpoints.rb +78 -0
  24. data/lib/aws-sdk-core/errors.rb +13 -0
  25. data/lib/aws-sdk-core/json/error_handler.rb +20 -1
  26. data/lib/aws-sdk-core/log/formatter.rb +6 -0
  27. data/lib/aws-sdk-core/pageable_response.rb +10 -1
  28. data/lib/aws-sdk-core/plugins/bearer_authorization.rb +67 -0
  29. data/lib/aws-sdk-core/plugins/checksum_algorithm.rb +1 -1
  30. data/lib/aws-sdk-core/plugins/credentials_configuration.rb +24 -0
  31. data/lib/aws-sdk-core/plugins/endpoint_discovery.rb +6 -2
  32. data/lib/aws-sdk-core/plugins/recursion_detection.rb +14 -3
  33. data/lib/aws-sdk-core/plugins/regional_endpoint.rb +5 -0
  34. data/lib/aws-sdk-core/plugins/retries/error_inspector.rb +2 -1
  35. data/lib/aws-sdk-core/plugins/sign.rb +201 -0
  36. data/lib/aws-sdk-core/plugins/signature_v2.rb +1 -0
  37. data/lib/aws-sdk-core/plugins/signature_v4.rb +13 -7
  38. data/lib/aws-sdk-core/plugins/user_agent.rb +117 -14
  39. data/lib/aws-sdk-core/refreshing_credentials.rb +0 -6
  40. data/lib/aws-sdk-core/refreshing_token.rb +71 -0
  41. data/lib/aws-sdk-core/rest/request/headers.rb +2 -6
  42. data/lib/aws-sdk-core/shared_config.rb +78 -6
  43. data/lib/aws-sdk-core/sso_credentials.rb +80 -45
  44. data/lib/aws-sdk-core/sso_token_provider.rb +135 -0
  45. data/lib/aws-sdk-core/static_token_provider.rb +14 -0
  46. data/lib/aws-sdk-core/structure.rb +6 -4
  47. data/lib/aws-sdk-core/token.rb +31 -0
  48. data/lib/aws-sdk-core/token_provider.rb +15 -0
  49. data/lib/aws-sdk-core/token_provider_chain.rb +51 -0
  50. data/lib/aws-sdk-core/waiters/poller.rb +3 -1
  51. data/lib/aws-sdk-core/xml/parser/engines/oga.rb +2 -0
  52. data/lib/aws-sdk-core.rb +14 -0
  53. data/lib/aws-sdk-sso/client.rb +56 -11
  54. data/lib/aws-sdk-sso/endpoint_parameters.rb +66 -0
  55. data/lib/aws-sdk-sso/endpoint_provider.rb +51 -0
  56. data/lib/aws-sdk-sso/endpoints.rb +72 -0
  57. data/lib/aws-sdk-sso/plugins/endpoints.rb +76 -0
  58. data/lib/aws-sdk-sso/types.rb +8 -43
  59. data/lib/aws-sdk-sso.rb +5 -1
  60. data/lib/aws-sdk-ssooidc/client.rb +611 -0
  61. data/lib/aws-sdk-ssooidc/client_api.rb +216 -0
  62. data/lib/aws-sdk-ssooidc/customizations.rb +1 -0
  63. data/lib/aws-sdk-ssooidc/endpoint_parameters.rb +66 -0
  64. data/lib/aws-sdk-ssooidc/endpoint_provider.rb +51 -0
  65. data/lib/aws-sdk-ssooidc/endpoints.rb +58 -0
  66. data/lib/aws-sdk-ssooidc/errors.rb +290 -0
  67. data/lib/aws-sdk-ssooidc/plugins/endpoints.rb +74 -0
  68. data/lib/aws-sdk-ssooidc/resource.rb +26 -0
  69. data/lib/aws-sdk-ssooidc/types.rb +502 -0
  70. data/lib/aws-sdk-ssooidc.rb +59 -0
  71. data/lib/aws-sdk-sts/client.rb +263 -243
  72. data/lib/aws-sdk-sts/endpoint_parameters.rb +78 -0
  73. data/lib/aws-sdk-sts/endpoint_provider.rb +112 -0
  74. data/lib/aws-sdk-sts/endpoints.rb +136 -0
  75. data/lib/aws-sdk-sts/plugins/endpoints.rb +84 -0
  76. data/lib/aws-sdk-sts/presigner.rb +13 -15
  77. data/lib/aws-sdk-sts/types.rb +87 -195
  78. data/lib/aws-sdk-sts.rb +5 -1
  79. data/lib/seahorse/client/async_base.rb +0 -1
  80. data/lib/seahorse/client/configuration.rb +2 -2
  81. data/lib/seahorse/client/h2/connection.rb +12 -11
  82. data/lib/seahorse/client/plugins/request_callback.rb +9 -9
  83. data/lib/seahorse/util.rb +4 -0
  84. metadata +47 -6
@@ -0,0 +1,611 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
26
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
+ require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
31
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
32
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
33
+ require 'aws-sdk-core/plugins/sign.rb'
34
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
35
+
36
+ Aws::Plugins::GlobalConfiguration.add_identifier(:ssooidc)
37
+
38
+ module Aws::SSOOIDC
39
+ # An API client for SSOOIDC. To construct a client, you need to configure a `:region` and `:credentials`.
40
+ #
41
+ # client = Aws::SSOOIDC::Client.new(
42
+ # region: region_name,
43
+ # credentials: credentials,
44
+ # # ...
45
+ # )
46
+ #
47
+ # For details on configuring region and credentials see
48
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
49
+ #
50
+ # See {#initialize} for a full list of supported configuration options.
51
+ class Client < Seahorse::Client::Base
52
+
53
+ include Aws::ClientStubs
54
+
55
+ @identifier = :ssooidc
56
+
57
+ set_api(ClientApi::API)
58
+
59
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
60
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
61
+ add_plugin(Aws::Plugins::Logging)
62
+ add_plugin(Aws::Plugins::ParamConverter)
63
+ add_plugin(Aws::Plugins::ParamValidator)
64
+ add_plugin(Aws::Plugins::UserAgent)
65
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
66
+ add_plugin(Aws::Plugins::RetryErrors)
67
+ add_plugin(Aws::Plugins::GlobalConfiguration)
68
+ add_plugin(Aws::Plugins::RegionalEndpoint)
69
+ add_plugin(Aws::Plugins::EndpointDiscovery)
70
+ add_plugin(Aws::Plugins::EndpointPattern)
71
+ add_plugin(Aws::Plugins::ResponsePaging)
72
+ add_plugin(Aws::Plugins::StubResponses)
73
+ add_plugin(Aws::Plugins::IdempotencyToken)
74
+ add_plugin(Aws::Plugins::JsonvalueConverter)
75
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
76
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
77
+ add_plugin(Aws::Plugins::TransferEncoding)
78
+ add_plugin(Aws::Plugins::HttpChecksum)
79
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
80
+ add_plugin(Aws::Plugins::DefaultsMode)
81
+ add_plugin(Aws::Plugins::RecursionDetection)
82
+ add_plugin(Aws::Plugins::Sign)
83
+ add_plugin(Aws::Plugins::Protocols::RestJson)
84
+ add_plugin(Aws::SSOOIDC::Plugins::Endpoints)
85
+
86
+ # @overload initialize(options)
87
+ # @param [Hash] options
88
+ # @option options [required, Aws::CredentialProvider] :credentials
89
+ # Your AWS credentials. This can be an instance of any one of the
90
+ # following classes:
91
+ #
92
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
93
+ # credentials.
94
+ #
95
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
96
+ # shared file, such as `~/.aws/config`.
97
+ #
98
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
99
+ #
100
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
101
+ # assume a role after providing credentials via the web.
102
+ #
103
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
104
+ # access token generated from `aws login`.
105
+ #
106
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
107
+ # process that outputs to stdout.
108
+ #
109
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
110
+ # from an EC2 IMDS on an EC2 instance.
111
+ #
112
+ # * `Aws::ECSCredentials` - Used for loading credentials from
113
+ # instances running in ECS.
114
+ #
115
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
116
+ # from the Cognito Identity service.
117
+ #
118
+ # When `:credentials` are not configured directly, the following
119
+ # locations will be searched for credentials:
120
+ #
121
+ # * `Aws.config[:credentials]`
122
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
123
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
124
+ # * `~/.aws/credentials`
125
+ # * `~/.aws/config`
126
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
127
+ # are very aggressive. Construct and pass an instance of
128
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
129
+ # enable retries and extended timeouts. Instance profile credential
130
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
131
+ # to true.
132
+ #
133
+ # @option options [required, String] :region
134
+ # The AWS region to connect to. The configured `:region` is
135
+ # used to determine the service `:endpoint`. When not passed,
136
+ # a default `:region` is searched for in the following locations:
137
+ #
138
+ # * `Aws.config[:region]`
139
+ # * `ENV['AWS_REGION']`
140
+ # * `ENV['AMAZON_REGION']`
141
+ # * `ENV['AWS_DEFAULT_REGION']`
142
+ # * `~/.aws/credentials`
143
+ # * `~/.aws/config`
144
+ #
145
+ # @option options [String] :access_key_id
146
+ #
147
+ # @option options [Boolean] :active_endpoint_cache (false)
148
+ # When set to `true`, a thread polling for endpoints will be running in
149
+ # the background every 60 secs (default). Defaults to `false`.
150
+ #
151
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
152
+ # Used only in `adaptive` retry mode. When true, the request will sleep
153
+ # until there is sufficent client side capacity to retry the request.
154
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
155
+ # not retry instead of sleeping.
156
+ #
157
+ # @option options [Boolean] :client_side_monitoring (false)
158
+ # When `true`, client-side metrics will be collected for all API requests from
159
+ # this client.
160
+ #
161
+ # @option options [String] :client_side_monitoring_client_id ("")
162
+ # Allows you to provide an identifier for this client which will be attached to
163
+ # all generated client side metrics. Defaults to an empty string.
164
+ #
165
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
166
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
167
+ # side monitoring agent is running on, where client metrics will be published via UDP.
168
+ #
169
+ # @option options [Integer] :client_side_monitoring_port (31000)
170
+ # Required for publishing client metrics. The port that the client side monitoring
171
+ # agent is running on, where client metrics will be published via UDP.
172
+ #
173
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
174
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
175
+ # will use the Client Side Monitoring Agent Publisher.
176
+ #
177
+ # @option options [Boolean] :convert_params (true)
178
+ # When `true`, an attempt is made to coerce request parameters into
179
+ # the required types.
180
+ #
181
+ # @option options [Boolean] :correct_clock_skew (true)
182
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
183
+ # a clock skew correction and retry requests with skewed client clocks.
184
+ #
185
+ # @option options [String] :defaults_mode ("legacy")
186
+ # See {Aws::DefaultsModeConfiguration} for a list of the
187
+ # accepted modes and the configuration defaults that are included.
188
+ #
189
+ # @option options [Boolean] :disable_host_prefix_injection (false)
190
+ # Set to true to disable SDK automatically adding host prefix
191
+ # to default service endpoint when available.
192
+ #
193
+ # @option options [String] :endpoint
194
+ # The client endpoint is normally constructed from the `:region`
195
+ # option. You should only configure an `:endpoint` when connecting
196
+ # to test or custom endpoints. This should be a valid HTTP(S) URI.
197
+ #
198
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
199
+ # Used for the maximum size limit of the LRU cache storing endpoints data
200
+ # for endpoint discovery enabled operations. Defaults to 1000.
201
+ #
202
+ # @option options [Integer] :endpoint_cache_max_threads (10)
203
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
204
+ #
205
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
206
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
207
+ # Use this option to config the time interval in seconds for making
208
+ # requests fetching endpoints information. Defaults to 60 sec.
209
+ #
210
+ # @option options [Boolean] :endpoint_discovery (false)
211
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
212
+ #
213
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
214
+ # The log formatter.
215
+ #
216
+ # @option options [Symbol] :log_level (:info)
217
+ # The log level to send messages to the `:logger` at.
218
+ #
219
+ # @option options [Logger] :logger
220
+ # The Logger instance to send log messages to. If this option
221
+ # is not set, logging will be disabled.
222
+ #
223
+ # @option options [Integer] :max_attempts (3)
224
+ # An integer representing the maximum number attempts that will be made for
225
+ # a single request, including the initial attempt. For example,
226
+ # setting this value to 5 will result in a request being retried up to
227
+ # 4 times. Used in `standard` and `adaptive` retry modes.
228
+ #
229
+ # @option options [String] :profile ("default")
230
+ # Used when loading credentials from the shared credentials file
231
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
232
+ #
233
+ # @option options [Proc] :retry_backoff
234
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
235
+ # This option is only used in the `legacy` retry mode.
236
+ #
237
+ # @option options [Float] :retry_base_delay (0.3)
238
+ # The base delay in seconds used by the default backoff function. This option
239
+ # is only used in the `legacy` retry mode.
240
+ #
241
+ # @option options [Symbol] :retry_jitter (:none)
242
+ # A delay randomiser function used by the default backoff function.
243
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
244
+ # otherwise a Proc that takes and returns a number. This option is only used
245
+ # in the `legacy` retry mode.
246
+ #
247
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
248
+ #
249
+ # @option options [Integer] :retry_limit (3)
250
+ # The maximum number of times to retry failed requests. Only
251
+ # ~ 500 level server errors and certain ~ 400 level client errors
252
+ # are retried. Generally, these are throttling errors, data
253
+ # checksum errors, networking errors, timeout errors, auth errors,
254
+ # endpoint discovery, and errors from expired credentials.
255
+ # This option is only used in the `legacy` retry mode.
256
+ #
257
+ # @option options [Integer] :retry_max_delay (0)
258
+ # The maximum number of seconds to delay between retries (0 for no limit)
259
+ # used by the default backoff function. This option is only used in the
260
+ # `legacy` retry mode.
261
+ #
262
+ # @option options [String] :retry_mode ("legacy")
263
+ # Specifies which retry algorithm to use. Values are:
264
+ #
265
+ # * `legacy` - The pre-existing retry behavior. This is default value if
266
+ # no retry mode is provided.
267
+ #
268
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
269
+ # This includes support for retry quotas, which limit the number of
270
+ # unsuccessful retries a client can make.
271
+ #
272
+ # * `adaptive` - An experimental retry mode that includes all the
273
+ # functionality of `standard` mode along with automatic client side
274
+ # throttling. This is a provisional mode that may change behavior
275
+ # in the future.
276
+ #
277
+ #
278
+ # @option options [String] :sdk_ua_app_id
279
+ # A unique and opaque application ID that is appended to the
280
+ # User-Agent header as app/<sdk_ua_app_id>. It should have a
281
+ # maximum length of 50.
282
+ #
283
+ # @option options [String] :secret_access_key
284
+ #
285
+ # @option options [String] :session_token
286
+ #
287
+ # @option options [Boolean] :stub_responses (false)
288
+ # Causes the client to return stubbed responses. By default
289
+ # fake responses are generated and returned. You can specify
290
+ # the response data to return or errors to raise by calling
291
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
292
+ #
293
+ # ** Please note ** When response stubbing is enabled, no HTTP
294
+ # requests are made, and retries are disabled.
295
+ #
296
+ # @option options [Aws::TokenProvider] :token_provider
297
+ # A Bearer Token Provider. This can be an instance of any one of the
298
+ # following classes:
299
+ #
300
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
301
+ # tokens.
302
+ #
303
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
304
+ # access token generated from `aws login`.
305
+ #
306
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
307
+ # will be used to search for tokens configured for your profile in shared configuration files.
308
+ #
309
+ # @option options [Boolean] :use_dualstack_endpoint
310
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
311
+ # will be used if available.
312
+ #
313
+ # @option options [Boolean] :use_fips_endpoint
314
+ # When set to `true`, fips compatible endpoints will be used if available.
315
+ # When a `fips` region is used, the region is normalized and this config
316
+ # is set to `true`.
317
+ #
318
+ # @option options [Boolean] :validate_params (true)
319
+ # When `true`, request parameters are validated before
320
+ # sending the request.
321
+ #
322
+ # @option options [Aws::SSOOIDC::EndpointProvider] :endpoint_provider
323
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::SSOOIDC::EndpointParameters`
324
+ #
325
+ # @option options [URI::HTTP,String] :http_proxy A proxy to send
326
+ # requests through. Formatted like 'http://proxy.com:123'.
327
+ #
328
+ # @option options [Float] :http_open_timeout (15) The number of
329
+ # seconds to wait when opening a HTTP session before raising a
330
+ # `Timeout::Error`.
331
+ #
332
+ # @option options [Float] :http_read_timeout (60) The default
333
+ # number of seconds to wait for response data. This value can
334
+ # safely be set per-request on the session.
335
+ #
336
+ # @option options [Float] :http_idle_timeout (5) The number of
337
+ # seconds a connection is allowed to sit idle before it is
338
+ # considered stale. Stale connections are closed and removed
339
+ # from the pool before making a request.
340
+ #
341
+ # @option options [Float] :http_continue_timeout (1) The number of
342
+ # seconds to wait for a 100-continue response before sending the
343
+ # request body. This option has no effect unless the request has
344
+ # "Expect" header set to "100-continue". Defaults to `nil` which
345
+ # disables this behaviour. This value can safely be set per
346
+ # request on the session.
347
+ #
348
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
349
+ # in seconds.
350
+ #
351
+ # @option options [Boolean] :http_wire_trace (false) When `true`,
352
+ # HTTP debug output will be sent to the `:logger`.
353
+ #
354
+ # @option options [Boolean] :ssl_verify_peer (true) When `true`,
355
+ # SSL peer certificates are verified when establishing a
356
+ # connection.
357
+ #
358
+ # @option options [String] :ssl_ca_bundle Full path to the SSL
359
+ # certificate authority bundle file that should be used when
360
+ # verifying peer certificates. If you do not pass
361
+ # `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
362
+ # will be used if available.
363
+ #
364
+ # @option options [String] :ssl_ca_directory Full path of the
365
+ # directory that contains the unbundled SSL certificate
366
+ # authority files for verifying peer certificates. If you do
367
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
368
+ # system default will be used if available.
369
+ #
370
+ def initialize(*args)
371
+ super
372
+ end
373
+
374
+ # @!group API Operations
375
+
376
+ # Creates and returns an access token for the authorized client. The
377
+ # access token issued will be used to fetch short-term credentials for
378
+ # the assigned roles in the AWS account.
379
+ #
380
+ # @option params [required, String] :client_id
381
+ # The unique identifier string for each client. This value should come
382
+ # from the persisted result of the RegisterClient API.
383
+ #
384
+ # @option params [required, String] :client_secret
385
+ # A secret string generated for the client. This value should come from
386
+ # the persisted result of the RegisterClient API.
387
+ #
388
+ # @option params [required, String] :grant_type
389
+ # Supports grant types for the authorization code, refresh token, and
390
+ # device code request. For device code requests, specify the following
391
+ # value:
392
+ #
393
+ # `urn:ietf:params:oauth:grant-type:device_code `
394
+ #
395
+ # For information about how to obtain the device code, see the
396
+ # StartDeviceAuthorization topic.
397
+ #
398
+ # @option params [String] :device_code
399
+ # Used only when calling this API for the device code grant type. This
400
+ # short-term code is used to identify this authentication attempt. This
401
+ # should come from an in-memory reference to the result of the
402
+ # StartDeviceAuthorization API.
403
+ #
404
+ # @option params [String] :code
405
+ # The authorization code received from the authorization service. This
406
+ # parameter is required to perform an authorization grant request to get
407
+ # access to a token.
408
+ #
409
+ # @option params [String] :refresh_token
410
+ # Currently, `refreshToken` is not yet implemented and is not supported.
411
+ # For more information about the features and limitations of the current
412
+ # IAM Identity Center OIDC implementation, see *Considerations for Using
413
+ # this Guide* in the [IAM Identity Center OIDC API Reference][1].
414
+ #
415
+ # The token used to obtain an access token in the event that the access
416
+ # token is invalid or expired.
417
+ #
418
+ #
419
+ #
420
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html
421
+ #
422
+ # @option params [Array<String>] :scope
423
+ # The list of scopes that is defined by the client. Upon authorization,
424
+ # this list is used to restrict permissions when granting an access
425
+ # token.
426
+ #
427
+ # @option params [String] :redirect_uri
428
+ # The location of the application that will receive the authorization
429
+ # code. Users authorize the service to send the request to this
430
+ # location.
431
+ #
432
+ # @return [Types::CreateTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
433
+ #
434
+ # * {Types::CreateTokenResponse#access_token #access_token} => String
435
+ # * {Types::CreateTokenResponse#token_type #token_type} => String
436
+ # * {Types::CreateTokenResponse#expires_in #expires_in} => Integer
437
+ # * {Types::CreateTokenResponse#refresh_token #refresh_token} => String
438
+ # * {Types::CreateTokenResponse#id_token #id_token} => String
439
+ #
440
+ # @example Request syntax with placeholder values
441
+ #
442
+ # resp = client.create_token({
443
+ # client_id: "ClientId", # required
444
+ # client_secret: "ClientSecret", # required
445
+ # grant_type: "GrantType", # required
446
+ # device_code: "DeviceCode",
447
+ # code: "AuthCode",
448
+ # refresh_token: "RefreshToken",
449
+ # scope: ["Scope"],
450
+ # redirect_uri: "URI",
451
+ # })
452
+ #
453
+ # @example Response structure
454
+ #
455
+ # resp.access_token #=> String
456
+ # resp.token_type #=> String
457
+ # resp.expires_in #=> Integer
458
+ # resp.refresh_token #=> String
459
+ # resp.id_token #=> String
460
+ #
461
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken AWS API Documentation
462
+ #
463
+ # @overload create_token(params = {})
464
+ # @param [Hash] params ({})
465
+ def create_token(params = {}, options = {})
466
+ req = build_request(:create_token, params)
467
+ req.send_request(options)
468
+ end
469
+
470
+ # Registers a client with IAM Identity Center. This allows clients to
471
+ # initiate device authorization. The output should be persisted for
472
+ # reuse through many authentication requests.
473
+ #
474
+ # @option params [required, String] :client_name
475
+ # The friendly name of the client.
476
+ #
477
+ # @option params [required, String] :client_type
478
+ # The type of client. The service supports only `public` as a client
479
+ # type. Anything other than public will be rejected by the service.
480
+ #
481
+ # @option params [Array<String>] :scopes
482
+ # The list of scopes that are defined by the client. Upon authorization,
483
+ # this list is used to restrict permissions when granting an access
484
+ # token.
485
+ #
486
+ # @return [Types::RegisterClientResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
487
+ #
488
+ # * {Types::RegisterClientResponse#client_id #client_id} => String
489
+ # * {Types::RegisterClientResponse#client_secret #client_secret} => String
490
+ # * {Types::RegisterClientResponse#client_id_issued_at #client_id_issued_at} => Integer
491
+ # * {Types::RegisterClientResponse#client_secret_expires_at #client_secret_expires_at} => Integer
492
+ # * {Types::RegisterClientResponse#authorization_endpoint #authorization_endpoint} => String
493
+ # * {Types::RegisterClientResponse#token_endpoint #token_endpoint} => String
494
+ #
495
+ # @example Request syntax with placeholder values
496
+ #
497
+ # resp = client.register_client({
498
+ # client_name: "ClientName", # required
499
+ # client_type: "ClientType", # required
500
+ # scopes: ["Scope"],
501
+ # })
502
+ #
503
+ # @example Response structure
504
+ #
505
+ # resp.client_id #=> String
506
+ # resp.client_secret #=> String
507
+ # resp.client_id_issued_at #=> Integer
508
+ # resp.client_secret_expires_at #=> Integer
509
+ # resp.authorization_endpoint #=> String
510
+ # resp.token_endpoint #=> String
511
+ #
512
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient AWS API Documentation
513
+ #
514
+ # @overload register_client(params = {})
515
+ # @param [Hash] params ({})
516
+ def register_client(params = {}, options = {})
517
+ req = build_request(:register_client, params)
518
+ req.send_request(options)
519
+ end
520
+
521
+ # Initiates device authorization by requesting a pair of verification
522
+ # codes from the authorization service.
523
+ #
524
+ # @option params [required, String] :client_id
525
+ # The unique identifier string for the client that is registered with
526
+ # IAM Identity Center. This value should come from the persisted result
527
+ # of the RegisterClient API operation.
528
+ #
529
+ # @option params [required, String] :client_secret
530
+ # A secret string that is generated for the client. This value should
531
+ # come from the persisted result of the RegisterClient API operation.
532
+ #
533
+ # @option params [required, String] :start_url
534
+ # The URL for the AWS access portal. For more information, see [Using
535
+ # the AWS access portal][1] in the *IAM Identity Center User Guide*.
536
+ #
537
+ #
538
+ #
539
+ # [1]: https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html
540
+ #
541
+ # @return [Types::StartDeviceAuthorizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
542
+ #
543
+ # * {Types::StartDeviceAuthorizationResponse#device_code #device_code} => String
544
+ # * {Types::StartDeviceAuthorizationResponse#user_code #user_code} => String
545
+ # * {Types::StartDeviceAuthorizationResponse#verification_uri #verification_uri} => String
546
+ # * {Types::StartDeviceAuthorizationResponse#verification_uri_complete #verification_uri_complete} => String
547
+ # * {Types::StartDeviceAuthorizationResponse#expires_in #expires_in} => Integer
548
+ # * {Types::StartDeviceAuthorizationResponse#interval #interval} => Integer
549
+ #
550
+ # @example Request syntax with placeholder values
551
+ #
552
+ # resp = client.start_device_authorization({
553
+ # client_id: "ClientId", # required
554
+ # client_secret: "ClientSecret", # required
555
+ # start_url: "URI", # required
556
+ # })
557
+ #
558
+ # @example Response structure
559
+ #
560
+ # resp.device_code #=> String
561
+ # resp.user_code #=> String
562
+ # resp.verification_uri #=> String
563
+ # resp.verification_uri_complete #=> String
564
+ # resp.expires_in #=> Integer
565
+ # resp.interval #=> Integer
566
+ #
567
+ # @see http://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization AWS API Documentation
568
+ #
569
+ # @overload start_device_authorization(params = {})
570
+ # @param [Hash] params ({})
571
+ def start_device_authorization(params = {}, options = {})
572
+ req = build_request(:start_device_authorization, params)
573
+ req.send_request(options)
574
+ end
575
+
576
+ # @!endgroup
577
+
578
+ # @param params ({})
579
+ # @api private
580
+ def build_request(operation_name, params = {})
581
+ handlers = @handlers.for(operation_name)
582
+ context = Seahorse::Client::RequestContext.new(
583
+ operation_name: operation_name,
584
+ operation: config.api.operation(operation_name),
585
+ client: self,
586
+ params: params,
587
+ config: config)
588
+ context[:gem_name] = 'aws-sdk-core'
589
+ context[:gem_version] = '3.176.1'
590
+ Seahorse::Client::Request.new(handlers, context)
591
+ end
592
+
593
+ # @api private
594
+ # @deprecated
595
+ def waiter_names
596
+ []
597
+ end
598
+
599
+ class << self
600
+
601
+ # @api private
602
+ attr_reader :identifier
603
+
604
+ # @api private
605
+ def errors_module
606
+ Errors
607
+ end
608
+
609
+ end
610
+ end
611
+ end