@aws-sdk/client-verifiedpermissions 3.590.0 → 3.593.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/index.js +239 -32
- package/dist-es/models/models_0.js +191 -3
- package/dist-types/commands/BatchIsAuthorizedCommand.d.ts +2 -1
- package/dist-types/commands/BatchIsAuthorizedWithTokenCommand.d.ts +2 -1
- package/dist-types/commands/CreateIdentitySourceCommand.d.ts +49 -21
- package/dist-types/commands/CreatePolicyCommand.d.ts +2 -1
- package/dist-types/commands/CreatePolicyStoreCommand.d.ts +2 -1
- package/dist-types/commands/CreatePolicyTemplateCommand.d.ts +2 -1
- package/dist-types/commands/DeleteIdentitySourceCommand.d.ts +2 -1
- package/dist-types/commands/DeletePolicyCommand.d.ts +2 -1
- package/dist-types/commands/DeletePolicyStoreCommand.d.ts +2 -1
- package/dist-types/commands/DeletePolicyTemplateCommand.d.ts +2 -1
- package/dist-types/commands/GetIdentitySourceCommand.d.ts +22 -1
- package/dist-types/commands/GetPolicyCommand.d.ts +2 -1
- package/dist-types/commands/GetPolicyStoreCommand.d.ts +2 -1
- package/dist-types/commands/GetPolicyTemplateCommand.d.ts +2 -1
- package/dist-types/commands/GetSchemaCommand.d.ts +2 -1
- package/dist-types/commands/IsAuthorizedCommand.d.ts +2 -1
- package/dist-types/commands/IsAuthorizedWithTokenCommand.d.ts +4 -2
- package/dist-types/commands/ListIdentitySourcesCommand.d.ts +22 -1
- package/dist-types/commands/ListPoliciesCommand.d.ts +2 -1
- package/dist-types/commands/ListPolicyStoresCommand.d.ts +2 -1
- package/dist-types/commands/ListPolicyTemplatesCommand.d.ts +2 -1
- package/dist-types/commands/PutSchemaCommand.d.ts +2 -1
- package/dist-types/commands/UpdateIdentitySourceCommand.d.ts +25 -2
- package/dist-types/commands/UpdatePolicyCommand.d.ts +2 -1
- package/dist-types/commands/UpdatePolicyStoreCommand.d.ts +2 -1
- package/dist-types/commands/UpdatePolicyTemplateCommand.d.ts +2 -1
- package/dist-types/index.d.ts +2 -2
- package/dist-types/models/VerifiedPermissionsServiceException.d.ts +2 -1
- package/dist-types/models/models_0.d.ts +779 -25
- package/dist-types/ts3.4/commands/BatchIsAuthorizedCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/BatchIsAuthorizedWithTokenCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/CreateIdentitySourceCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/CreatePolicyCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/CreatePolicyStoreCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/CreatePolicyTemplateCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/DeleteIdentitySourceCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/DeletePolicyCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/DeletePolicyStoreCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/DeletePolicyTemplateCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/GetIdentitySourceCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/GetPolicyCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/GetPolicyStoreCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/GetPolicyTemplateCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/GetSchemaCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/IsAuthorizedCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/IsAuthorizedWithTokenCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/ListIdentitySourcesCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/ListPoliciesCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/ListPolicyStoresCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/ListPolicyTemplatesCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/PutSchemaCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/UpdateIdentitySourceCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/UpdatePolicyCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/UpdatePolicyStoreCommand.d.ts +2 -1
- package/dist-types/ts3.4/commands/UpdatePolicyTemplateCommand.d.ts +2 -1
- package/dist-types/ts3.4/models/VerifiedPermissionsServiceException.d.ts +2 -1
- package/dist-types/ts3.4/models/models_0.d.ts +294 -0
- package/package.json +6 -6
|
@@ -80,27 +80,63 @@ export class ValidationException extends __BaseException {
|
|
|
80
80
|
this.fieldList = opts.fieldList;
|
|
81
81
|
}
|
|
82
82
|
}
|
|
83
|
+
export var OpenIdConnectTokenSelection;
|
|
84
|
+
(function (OpenIdConnectTokenSelection) {
|
|
85
|
+
OpenIdConnectTokenSelection.visit = (value, visitor) => {
|
|
86
|
+
if (value.accessTokenOnly !== undefined)
|
|
87
|
+
return visitor.accessTokenOnly(value.accessTokenOnly);
|
|
88
|
+
if (value.identityTokenOnly !== undefined)
|
|
89
|
+
return visitor.identityTokenOnly(value.identityTokenOnly);
|
|
90
|
+
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
91
|
+
};
|
|
92
|
+
})(OpenIdConnectTokenSelection || (OpenIdConnectTokenSelection = {}));
|
|
83
93
|
export var Configuration;
|
|
84
94
|
(function (Configuration) {
|
|
85
95
|
Configuration.visit = (value, visitor) => {
|
|
86
96
|
if (value.cognitoUserPoolConfiguration !== undefined)
|
|
87
97
|
return visitor.cognitoUserPoolConfiguration(value.cognitoUserPoolConfiguration);
|
|
98
|
+
if (value.openIdConnectConfiguration !== undefined)
|
|
99
|
+
return visitor.openIdConnectConfiguration(value.openIdConnectConfiguration);
|
|
88
100
|
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
89
101
|
};
|
|
90
102
|
})(Configuration || (Configuration = {}));
|
|
103
|
+
export var OpenIdConnectTokenSelectionDetail;
|
|
104
|
+
(function (OpenIdConnectTokenSelectionDetail) {
|
|
105
|
+
OpenIdConnectTokenSelectionDetail.visit = (value, visitor) => {
|
|
106
|
+
if (value.accessTokenOnly !== undefined)
|
|
107
|
+
return visitor.accessTokenOnly(value.accessTokenOnly);
|
|
108
|
+
if (value.identityTokenOnly !== undefined)
|
|
109
|
+
return visitor.identityTokenOnly(value.identityTokenOnly);
|
|
110
|
+
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
111
|
+
};
|
|
112
|
+
})(OpenIdConnectTokenSelectionDetail || (OpenIdConnectTokenSelectionDetail = {}));
|
|
91
113
|
export var ConfigurationDetail;
|
|
92
114
|
(function (ConfigurationDetail) {
|
|
93
115
|
ConfigurationDetail.visit = (value, visitor) => {
|
|
94
116
|
if (value.cognitoUserPoolConfiguration !== undefined)
|
|
95
117
|
return visitor.cognitoUserPoolConfiguration(value.cognitoUserPoolConfiguration);
|
|
118
|
+
if (value.openIdConnectConfiguration !== undefined)
|
|
119
|
+
return visitor.openIdConnectConfiguration(value.openIdConnectConfiguration);
|
|
96
120
|
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
97
121
|
};
|
|
98
122
|
})(ConfigurationDetail || (ConfigurationDetail = {}));
|
|
123
|
+
export var OpenIdConnectTokenSelectionItem;
|
|
124
|
+
(function (OpenIdConnectTokenSelectionItem) {
|
|
125
|
+
OpenIdConnectTokenSelectionItem.visit = (value, visitor) => {
|
|
126
|
+
if (value.accessTokenOnly !== undefined)
|
|
127
|
+
return visitor.accessTokenOnly(value.accessTokenOnly);
|
|
128
|
+
if (value.identityTokenOnly !== undefined)
|
|
129
|
+
return visitor.identityTokenOnly(value.identityTokenOnly);
|
|
130
|
+
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
131
|
+
};
|
|
132
|
+
})(OpenIdConnectTokenSelectionItem || (OpenIdConnectTokenSelectionItem = {}));
|
|
99
133
|
export var ConfigurationItem;
|
|
100
134
|
(function (ConfigurationItem) {
|
|
101
135
|
ConfigurationItem.visit = (value, visitor) => {
|
|
102
136
|
if (value.cognitoUserPoolConfiguration !== undefined)
|
|
103
137
|
return visitor.cognitoUserPoolConfiguration(value.cognitoUserPoolConfiguration);
|
|
138
|
+
if (value.openIdConnectConfiguration !== undefined)
|
|
139
|
+
return visitor.openIdConnectConfiguration(value.openIdConnectConfiguration);
|
|
104
140
|
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
105
141
|
};
|
|
106
142
|
})(ConfigurationItem || (ConfigurationItem = {}));
|
|
@@ -178,11 +214,23 @@ export var PolicyDefinitionDetail;
|
|
|
178
214
|
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
179
215
|
};
|
|
180
216
|
})(PolicyDefinitionDetail || (PolicyDefinitionDetail = {}));
|
|
217
|
+
export var UpdateOpenIdConnectTokenSelection;
|
|
218
|
+
(function (UpdateOpenIdConnectTokenSelection) {
|
|
219
|
+
UpdateOpenIdConnectTokenSelection.visit = (value, visitor) => {
|
|
220
|
+
if (value.accessTokenOnly !== undefined)
|
|
221
|
+
return visitor.accessTokenOnly(value.accessTokenOnly);
|
|
222
|
+
if (value.identityTokenOnly !== undefined)
|
|
223
|
+
return visitor.identityTokenOnly(value.identityTokenOnly);
|
|
224
|
+
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
225
|
+
};
|
|
226
|
+
})(UpdateOpenIdConnectTokenSelection || (UpdateOpenIdConnectTokenSelection = {}));
|
|
181
227
|
export var UpdateConfiguration;
|
|
182
228
|
(function (UpdateConfiguration) {
|
|
183
229
|
UpdateConfiguration.visit = (value, visitor) => {
|
|
184
230
|
if (value.cognitoUserPoolConfiguration !== undefined)
|
|
185
231
|
return visitor.cognitoUserPoolConfiguration(value.cognitoUserPoolConfiguration);
|
|
232
|
+
if (value.openIdConnectConfiguration !== undefined)
|
|
233
|
+
return visitor.openIdConnectConfiguration(value.openIdConnectConfiguration);
|
|
186
234
|
return visitor._(value.$unknown[0], value.$unknown[1]);
|
|
187
235
|
};
|
|
188
236
|
})(UpdateConfiguration || (UpdateConfiguration = {}));
|
|
@@ -292,27 +340,131 @@ export const CognitoUserPoolConfigurationItemFilterSensitiveLog = (obj) => ({
|
|
|
292
340
|
groupConfiguration: CognitoGroupConfigurationItemFilterSensitiveLog(obj.groupConfiguration),
|
|
293
341
|
}),
|
|
294
342
|
});
|
|
343
|
+
export const OpenIdConnectGroupConfigurationFilterSensitiveLog = (obj) => ({
|
|
344
|
+
...obj,
|
|
345
|
+
...(obj.groupClaim && { groupClaim: SENSITIVE_STRING }),
|
|
346
|
+
...(obj.groupEntityType && { groupEntityType: SENSITIVE_STRING }),
|
|
347
|
+
});
|
|
348
|
+
export const OpenIdConnectAccessTokenConfigurationFilterSensitiveLog = (obj) => ({
|
|
349
|
+
...obj,
|
|
350
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
351
|
+
});
|
|
352
|
+
export const OpenIdConnectIdentityTokenConfigurationFilterSensitiveLog = (obj) => ({
|
|
353
|
+
...obj,
|
|
354
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
355
|
+
...(obj.clientIds && { clientIds: SENSITIVE_STRING }),
|
|
356
|
+
});
|
|
357
|
+
export const OpenIdConnectTokenSelectionFilterSensitiveLog = (obj) => {
|
|
358
|
+
if (obj.accessTokenOnly !== undefined)
|
|
359
|
+
return { accessTokenOnly: OpenIdConnectAccessTokenConfigurationFilterSensitiveLog(obj.accessTokenOnly) };
|
|
360
|
+
if (obj.identityTokenOnly !== undefined)
|
|
361
|
+
return { identityTokenOnly: OpenIdConnectIdentityTokenConfigurationFilterSensitiveLog(obj.identityTokenOnly) };
|
|
362
|
+
if (obj.$unknown !== undefined)
|
|
363
|
+
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
364
|
+
};
|
|
365
|
+
export const OpenIdConnectConfigurationFilterSensitiveLog = (obj) => ({
|
|
366
|
+
...obj,
|
|
367
|
+
...(obj.entityIdPrefix && { entityIdPrefix: SENSITIVE_STRING }),
|
|
368
|
+
...(obj.groupConfiguration && {
|
|
369
|
+
groupConfiguration: OpenIdConnectGroupConfigurationFilterSensitiveLog(obj.groupConfiguration),
|
|
370
|
+
}),
|
|
371
|
+
...(obj.tokenSelection && { tokenSelection: OpenIdConnectTokenSelectionFilterSensitiveLog(obj.tokenSelection) }),
|
|
372
|
+
});
|
|
295
373
|
export const ConfigurationFilterSensitiveLog = (obj) => {
|
|
296
374
|
if (obj.cognitoUserPoolConfiguration !== undefined)
|
|
297
375
|
return {
|
|
298
376
|
cognitoUserPoolConfiguration: CognitoUserPoolConfigurationFilterSensitiveLog(obj.cognitoUserPoolConfiguration),
|
|
299
377
|
};
|
|
378
|
+
if (obj.openIdConnectConfiguration !== undefined)
|
|
379
|
+
return { openIdConnectConfiguration: OpenIdConnectConfigurationFilterSensitiveLog(obj.openIdConnectConfiguration) };
|
|
380
|
+
if (obj.$unknown !== undefined)
|
|
381
|
+
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
382
|
+
};
|
|
383
|
+
export const OpenIdConnectGroupConfigurationDetailFilterSensitiveLog = (obj) => ({
|
|
384
|
+
...obj,
|
|
385
|
+
...(obj.groupClaim && { groupClaim: SENSITIVE_STRING }),
|
|
386
|
+
...(obj.groupEntityType && { groupEntityType: SENSITIVE_STRING }),
|
|
387
|
+
});
|
|
388
|
+
export const OpenIdConnectAccessTokenConfigurationDetailFilterSensitiveLog = (obj) => ({
|
|
389
|
+
...obj,
|
|
390
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
391
|
+
});
|
|
392
|
+
export const OpenIdConnectIdentityTokenConfigurationDetailFilterSensitiveLog = (obj) => ({
|
|
393
|
+
...obj,
|
|
394
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
395
|
+
...(obj.clientIds && { clientIds: SENSITIVE_STRING }),
|
|
396
|
+
});
|
|
397
|
+
export const OpenIdConnectTokenSelectionDetailFilterSensitiveLog = (obj) => {
|
|
398
|
+
if (obj.accessTokenOnly !== undefined)
|
|
399
|
+
return { accessTokenOnly: OpenIdConnectAccessTokenConfigurationDetailFilterSensitiveLog(obj.accessTokenOnly) };
|
|
400
|
+
if (obj.identityTokenOnly !== undefined)
|
|
401
|
+
return {
|
|
402
|
+
identityTokenOnly: OpenIdConnectIdentityTokenConfigurationDetailFilterSensitiveLog(obj.identityTokenOnly),
|
|
403
|
+
};
|
|
300
404
|
if (obj.$unknown !== undefined)
|
|
301
405
|
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
302
406
|
};
|
|
407
|
+
export const OpenIdConnectConfigurationDetailFilterSensitiveLog = (obj) => ({
|
|
408
|
+
...obj,
|
|
409
|
+
...(obj.entityIdPrefix && { entityIdPrefix: SENSITIVE_STRING }),
|
|
410
|
+
...(obj.groupConfiguration && {
|
|
411
|
+
groupConfiguration: OpenIdConnectGroupConfigurationDetailFilterSensitiveLog(obj.groupConfiguration),
|
|
412
|
+
}),
|
|
413
|
+
...(obj.tokenSelection && {
|
|
414
|
+
tokenSelection: OpenIdConnectTokenSelectionDetailFilterSensitiveLog(obj.tokenSelection),
|
|
415
|
+
}),
|
|
416
|
+
});
|
|
303
417
|
export const ConfigurationDetailFilterSensitiveLog = (obj) => {
|
|
304
418
|
if (obj.cognitoUserPoolConfiguration !== undefined)
|
|
305
419
|
return {
|
|
306
420
|
cognitoUserPoolConfiguration: CognitoUserPoolConfigurationDetailFilterSensitiveLog(obj.cognitoUserPoolConfiguration),
|
|
307
421
|
};
|
|
422
|
+
if (obj.openIdConnectConfiguration !== undefined)
|
|
423
|
+
return {
|
|
424
|
+
openIdConnectConfiguration: OpenIdConnectConfigurationDetailFilterSensitiveLog(obj.openIdConnectConfiguration),
|
|
425
|
+
};
|
|
308
426
|
if (obj.$unknown !== undefined)
|
|
309
427
|
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
310
428
|
};
|
|
429
|
+
export const OpenIdConnectGroupConfigurationItemFilterSensitiveLog = (obj) => ({
|
|
430
|
+
...obj,
|
|
431
|
+
...(obj.groupClaim && { groupClaim: SENSITIVE_STRING }),
|
|
432
|
+
...(obj.groupEntityType && { groupEntityType: SENSITIVE_STRING }),
|
|
433
|
+
});
|
|
434
|
+
export const OpenIdConnectAccessTokenConfigurationItemFilterSensitiveLog = (obj) => ({
|
|
435
|
+
...obj,
|
|
436
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
437
|
+
});
|
|
438
|
+
export const OpenIdConnectIdentityTokenConfigurationItemFilterSensitiveLog = (obj) => ({
|
|
439
|
+
...obj,
|
|
440
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
441
|
+
...(obj.clientIds && { clientIds: SENSITIVE_STRING }),
|
|
442
|
+
});
|
|
443
|
+
export const OpenIdConnectTokenSelectionItemFilterSensitiveLog = (obj) => {
|
|
444
|
+
if (obj.accessTokenOnly !== undefined)
|
|
445
|
+
return { accessTokenOnly: OpenIdConnectAccessTokenConfigurationItemFilterSensitiveLog(obj.accessTokenOnly) };
|
|
446
|
+
if (obj.identityTokenOnly !== undefined)
|
|
447
|
+
return { identityTokenOnly: OpenIdConnectIdentityTokenConfigurationItemFilterSensitiveLog(obj.identityTokenOnly) };
|
|
448
|
+
if (obj.$unknown !== undefined)
|
|
449
|
+
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
450
|
+
};
|
|
451
|
+
export const OpenIdConnectConfigurationItemFilterSensitiveLog = (obj) => ({
|
|
452
|
+
...obj,
|
|
453
|
+
...(obj.entityIdPrefix && { entityIdPrefix: SENSITIVE_STRING }),
|
|
454
|
+
...(obj.groupConfiguration && {
|
|
455
|
+
groupConfiguration: OpenIdConnectGroupConfigurationItemFilterSensitiveLog(obj.groupConfiguration),
|
|
456
|
+
}),
|
|
457
|
+
...(obj.tokenSelection && { tokenSelection: OpenIdConnectTokenSelectionItemFilterSensitiveLog(obj.tokenSelection) }),
|
|
458
|
+
});
|
|
311
459
|
export const ConfigurationItemFilterSensitiveLog = (obj) => {
|
|
312
460
|
if (obj.cognitoUserPoolConfiguration !== undefined)
|
|
313
461
|
return {
|
|
314
462
|
cognitoUserPoolConfiguration: CognitoUserPoolConfigurationItemFilterSensitiveLog(obj.cognitoUserPoolConfiguration),
|
|
315
463
|
};
|
|
464
|
+
if (obj.openIdConnectConfiguration !== undefined)
|
|
465
|
+
return {
|
|
466
|
+
openIdConnectConfiguration: OpenIdConnectConfigurationItemFilterSensitiveLog(obj.openIdConnectConfiguration),
|
|
467
|
+
};
|
|
316
468
|
if (obj.$unknown !== undefined)
|
|
317
469
|
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
318
470
|
};
|
|
@@ -450,11 +602,49 @@ export const UpdateCognitoUserPoolConfigurationFilterSensitiveLog = (obj) => ({
|
|
|
450
602
|
groupConfiguration: UpdateCognitoGroupConfigurationFilterSensitiveLog(obj.groupConfiguration),
|
|
451
603
|
}),
|
|
452
604
|
});
|
|
605
|
+
export const UpdateOpenIdConnectGroupConfigurationFilterSensitiveLog = (obj) => ({
|
|
606
|
+
...obj,
|
|
607
|
+
...(obj.groupClaim && { groupClaim: SENSITIVE_STRING }),
|
|
608
|
+
...(obj.groupEntityType && { groupEntityType: SENSITIVE_STRING }),
|
|
609
|
+
});
|
|
610
|
+
export const UpdateOpenIdConnectAccessTokenConfigurationFilterSensitiveLog = (obj) => ({
|
|
611
|
+
...obj,
|
|
612
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
613
|
+
});
|
|
614
|
+
export const UpdateOpenIdConnectIdentityTokenConfigurationFilterSensitiveLog = (obj) => ({
|
|
615
|
+
...obj,
|
|
616
|
+
...(obj.principalIdClaim && { principalIdClaim: SENSITIVE_STRING }),
|
|
617
|
+
...(obj.clientIds && { clientIds: SENSITIVE_STRING }),
|
|
618
|
+
});
|
|
619
|
+
export const UpdateOpenIdConnectTokenSelectionFilterSensitiveLog = (obj) => {
|
|
620
|
+
if (obj.accessTokenOnly !== undefined)
|
|
621
|
+
return { accessTokenOnly: UpdateOpenIdConnectAccessTokenConfigurationFilterSensitiveLog(obj.accessTokenOnly) };
|
|
622
|
+
if (obj.identityTokenOnly !== undefined)
|
|
623
|
+
return {
|
|
624
|
+
identityTokenOnly: UpdateOpenIdConnectIdentityTokenConfigurationFilterSensitiveLog(obj.identityTokenOnly),
|
|
625
|
+
};
|
|
626
|
+
if (obj.$unknown !== undefined)
|
|
627
|
+
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
628
|
+
};
|
|
629
|
+
export const UpdateOpenIdConnectConfigurationFilterSensitiveLog = (obj) => ({
|
|
630
|
+
...obj,
|
|
631
|
+
...(obj.entityIdPrefix && { entityIdPrefix: SENSITIVE_STRING }),
|
|
632
|
+
...(obj.groupConfiguration && {
|
|
633
|
+
groupConfiguration: UpdateOpenIdConnectGroupConfigurationFilterSensitiveLog(obj.groupConfiguration),
|
|
634
|
+
}),
|
|
635
|
+
...(obj.tokenSelection && {
|
|
636
|
+
tokenSelection: UpdateOpenIdConnectTokenSelectionFilterSensitiveLog(obj.tokenSelection),
|
|
637
|
+
}),
|
|
638
|
+
});
|
|
453
639
|
export const UpdateConfigurationFilterSensitiveLog = (obj) => {
|
|
454
640
|
if (obj.cognitoUserPoolConfiguration !== undefined)
|
|
455
641
|
return {
|
|
456
642
|
cognitoUserPoolConfiguration: UpdateCognitoUserPoolConfigurationFilterSensitiveLog(obj.cognitoUserPoolConfiguration),
|
|
457
643
|
};
|
|
644
|
+
if (obj.openIdConnectConfiguration !== undefined)
|
|
645
|
+
return {
|
|
646
|
+
openIdConnectConfiguration: UpdateOpenIdConnectConfigurationFilterSensitiveLog(obj.openIdConnectConfiguration),
|
|
647
|
+
};
|
|
458
648
|
if (obj.$unknown !== undefined)
|
|
459
649
|
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
460
650
|
};
|
|
@@ -593,9 +783,7 @@ export const AttributeValueFilterSensitiveLog = (obj) => {
|
|
|
593
783
|
};
|
|
594
784
|
export const ContextDefinitionFilterSensitiveLog = (obj) => {
|
|
595
785
|
if (obj.contextMap !== undefined)
|
|
596
|
-
return {
|
|
597
|
-
contextMap: Object.entries(obj.contextMap).reduce((acc, [key, value]) => ((acc[key] = AttributeValueFilterSensitiveLog(value)), acc), {}),
|
|
598
|
-
};
|
|
786
|
+
return { contextMap: SENSITIVE_STRING };
|
|
599
787
|
if (obj.$unknown !== undefined)
|
|
600
788
|
return { [obj.$unknown[0]]: "UNKNOWN" };
|
|
601
789
|
};
|
|
@@ -5,7 +5,8 @@ import { ServiceInputTypes, ServiceOutputTypes, VerifiedPermissionsClientResolve
|
|
|
5
5
|
/**
|
|
6
6
|
* @public
|
|
7
7
|
*/
|
|
8
|
-
export { __MetadataBearer
|
|
8
|
+
export type { __MetadataBearer };
|
|
9
|
+
export { $Command };
|
|
9
10
|
/**
|
|
10
11
|
* @public
|
|
11
12
|
*
|
|
@@ -26,31 +27,36 @@ declare const CreateIdentitySourceCommand_base: {
|
|
|
26
27
|
getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
|
|
27
28
|
};
|
|
28
29
|
/**
|
|
29
|
-
* <p>
|
|
30
|
+
* <p>Adds an identity source to a policy store–an Amazon Cognito user pool or OpenID Connect
|
|
31
|
+
* (OIDC) identity provider (IdP).
|
|
30
32
|
* </p>
|
|
31
33
|
* <p>After you create an identity source, you can use the identities provided by the IdP as proxies
|
|
32
|
-
* for the principal in authorization queries that use the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a>
|
|
33
|
-
*
|
|
34
|
-
*
|
|
35
|
-
*
|
|
36
|
-
*
|
|
37
|
-
*
|
|
38
|
-
*
|
|
39
|
-
* different information, the tokens you choose to use determine which principal attributes
|
|
40
|
-
* are available to access when evaluating Cedar policies.</p>
|
|
34
|
+
* for the principal in authorization queries that use the <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_IsAuthorizedWithToken.html">IsAuthorizedWithToken</a> or
|
|
35
|
+
* <a href="https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_BatchIsAuthorizedWithToken.html">BatchIsAuthorizedWithToken</a> API operations. These identities take the form
|
|
36
|
+
* of tokens that contain claims about the user, such as IDs, attributes and group
|
|
37
|
+
* memberships. Identity sources provide identity (ID) tokens and access tokens. Verified Permissions
|
|
38
|
+
* derives information about your user and session from token claims. Access tokens provide
|
|
39
|
+
* action <code>context</code> to your policies, and ID tokens provide principal
|
|
40
|
+
* <code>Attributes</code>.</p>
|
|
41
41
|
* <important>
|
|
42
|
-
* <p>
|
|
42
|
+
* <p>Tokens from an identity source user continue to be usable until they expire.
|
|
43
|
+
* Token revocation and resource deletion have no effect on the validity of a token in your policy store</p>
|
|
43
44
|
* </important>
|
|
44
45
|
* <note>
|
|
45
|
-
* <p>To reference a user from this identity source in your Cedar policies,
|
|
46
|
-
* syntax.</p>
|
|
47
|
-
* <
|
|
48
|
-
* <
|
|
49
|
-
*
|
|
50
|
-
*
|
|
51
|
-
*
|
|
52
|
-
*
|
|
53
|
-
*
|
|
46
|
+
* <p>To reference a user from this identity source in your Cedar policies, refer to the
|
|
47
|
+
* following syntax examples.</p>
|
|
48
|
+
* <ul>
|
|
49
|
+
* <li>
|
|
50
|
+
* <p>Amazon Cognito user pool: <code>Namespace::[Entity type]::[User pool ID]|[user
|
|
51
|
+
* principal attribute]</code>, for example
|
|
52
|
+
* <code>MyCorp::User::us-east-1_EXAMPLE|a1b2c3d4-5678-90ab-cdef-EXAMPLE11111</code>.</p>
|
|
53
|
+
* </li>
|
|
54
|
+
* <li>
|
|
55
|
+
* <p>OpenID Connect (OIDC) provider: <code>Namespace::[Entity
|
|
56
|
+
* type]::[principalIdClaim]|[user principal attribute]</code>, for example
|
|
57
|
+
* <code>MyCorp::User::MyOIDCProvider|a1b2c3d4-5678-90ab-cdef-EXAMPLE22222</code>.</p>
|
|
58
|
+
* </li>
|
|
59
|
+
* </ul>
|
|
54
60
|
* </note>
|
|
55
61
|
* <note>
|
|
56
62
|
* <p>Verified Permissions is <i>
|
|
@@ -77,6 +83,28 @@ declare const CreateIdentitySourceCommand_base: {
|
|
|
77
83
|
* groupEntityType: "STRING_VALUE", // required
|
|
78
84
|
* },
|
|
79
85
|
* },
|
|
86
|
+
* openIdConnectConfiguration: { // OpenIdConnectConfiguration
|
|
87
|
+
* issuer: "STRING_VALUE", // required
|
|
88
|
+
* entityIdPrefix: "STRING_VALUE",
|
|
89
|
+
* groupConfiguration: { // OpenIdConnectGroupConfiguration
|
|
90
|
+
* groupClaim: "STRING_VALUE", // required
|
|
91
|
+
* groupEntityType: "STRING_VALUE", // required
|
|
92
|
+
* },
|
|
93
|
+
* tokenSelection: { // OpenIdConnectTokenSelection Union: only one key present
|
|
94
|
+
* accessTokenOnly: { // OpenIdConnectAccessTokenConfiguration
|
|
95
|
+
* principalIdClaim: "STRING_VALUE",
|
|
96
|
+
* audiences: [ // Audiences
|
|
97
|
+
* "STRING_VALUE",
|
|
98
|
+
* ],
|
|
99
|
+
* },
|
|
100
|
+
* identityTokenOnly: { // OpenIdConnectIdentityTokenConfiguration
|
|
101
|
+
* principalIdClaim: "STRING_VALUE",
|
|
102
|
+
* clientIds: [
|
|
103
|
+
* "STRING_VALUE",
|
|
104
|
+
* ],
|
|
105
|
+
* },
|
|
106
|
+
* },
|
|
107
|
+
* },
|
|
80
108
|
* },
|
|
81
109
|
* principalEntityType: "STRING_VALUE",
|
|
82
110
|
* };
|
|
@@ -5,7 +5,8 @@ import { ServiceInputTypes, ServiceOutputTypes, VerifiedPermissionsClientResolve
|
|
|
5
5
|
/**
|
|
6
6
|
* @public
|
|
7
7
|
*/
|
|
8
|
-
export { __MetadataBearer
|
|
8
|
+
export type { __MetadataBearer };
|
|
9
|
+
export { $Command };
|
|
9
10
|
/**
|
|
10
11
|
* @public
|
|
11
12
|
*
|
|
@@ -64,6 +65,26 @@ declare const GetIdentitySourceCommand_base: {
|
|
|
64
65
|
* // groupEntityType: "STRING_VALUE",
|
|
65
66
|
* // },
|
|
66
67
|
* // },
|
|
68
|
+
* // openIdConnectConfiguration: { // OpenIdConnectConfigurationDetail
|
|
69
|
+
* // issuer: "STRING_VALUE", // required
|
|
70
|
+
* // entityIdPrefix: "STRING_VALUE",
|
|
71
|
+
* // groupConfiguration: { // OpenIdConnectGroupConfigurationDetail
|
|
72
|
+
* // groupClaim: "STRING_VALUE", // required
|
|
73
|
+
* // groupEntityType: "STRING_VALUE", // required
|
|
74
|
+
* // },
|
|
75
|
+
* // tokenSelection: { // OpenIdConnectTokenSelectionDetail Union: only one key present
|
|
76
|
+
* // accessTokenOnly: { // OpenIdConnectAccessTokenConfigurationDetail
|
|
77
|
+
* // principalIdClaim: "STRING_VALUE",
|
|
78
|
+
* // audiences: [ // Audiences
|
|
79
|
+
* // "STRING_VALUE",
|
|
80
|
+
* // ],
|
|
81
|
+
* // },
|
|
82
|
+
* // identityTokenOnly: { // OpenIdConnectIdentityTokenConfigurationDetail
|
|
83
|
+
* // principalIdClaim: "STRING_VALUE",
|
|
84
|
+
* // clientIds: "<ClientIds>",
|
|
85
|
+
* // },
|
|
86
|
+
* // },
|
|
87
|
+
* // },
|
|
67
88
|
* // },
|
|
68
89
|
* // };
|
|
69
90
|
*
|
|
@@ -5,7 +5,8 @@ import { ServiceInputTypes, ServiceOutputTypes, VerifiedPermissionsClientResolve
|
|
|
5
5
|
/**
|
|
6
6
|
* @public
|
|
7
7
|
*/
|
|
8
|
-
export { __MetadataBearer
|
|
8
|
+
export type { __MetadataBearer };
|
|
9
|
+
export { $Command };
|
|
9
10
|
/**
|
|
10
11
|
* @public
|
|
11
12
|
*
|
|
@@ -38,7 +39,8 @@ declare const IsAuthorizedWithTokenCommand_base: {
|
|
|
38
39
|
* <p>Verified Permissions validates each token that is specified in a request by checking its expiration
|
|
39
40
|
* date and its signature.</p>
|
|
40
41
|
* <important>
|
|
41
|
-
* <p>
|
|
42
|
+
* <p>Tokens from an identity source user continue to be usable until they expire.
|
|
43
|
+
* Token revocation and resource deletion have no effect on the validity of a token in your policy store</p>
|
|
42
44
|
* </important>
|
|
43
45
|
* @example
|
|
44
46
|
* Use a bare-bones client and the command you need to make an API call.
|
|
@@ -5,7 +5,8 @@ import { ServiceInputTypes, ServiceOutputTypes, VerifiedPermissionsClientResolve
|
|
|
5
5
|
/**
|
|
6
6
|
* @public
|
|
7
7
|
*/
|
|
8
|
-
export { __MetadataBearer
|
|
8
|
+
export type { __MetadataBearer };
|
|
9
|
+
export { $Command };
|
|
9
10
|
/**
|
|
10
11
|
* @public
|
|
11
12
|
*
|
|
@@ -73,6 +74,26 @@ declare const ListIdentitySourcesCommand_base: {
|
|
|
73
74
|
* // groupEntityType: "STRING_VALUE",
|
|
74
75
|
* // },
|
|
75
76
|
* // },
|
|
77
|
+
* // openIdConnectConfiguration: { // OpenIdConnectConfigurationItem
|
|
78
|
+
* // issuer: "STRING_VALUE", // required
|
|
79
|
+
* // entityIdPrefix: "STRING_VALUE",
|
|
80
|
+
* // groupConfiguration: { // OpenIdConnectGroupConfigurationItem
|
|
81
|
+
* // groupClaim: "STRING_VALUE", // required
|
|
82
|
+
* // groupEntityType: "STRING_VALUE", // required
|
|
83
|
+
* // },
|
|
84
|
+
* // tokenSelection: { // OpenIdConnectTokenSelectionItem Union: only one key present
|
|
85
|
+
* // accessTokenOnly: { // OpenIdConnectAccessTokenConfigurationItem
|
|
86
|
+
* // principalIdClaim: "STRING_VALUE",
|
|
87
|
+
* // audiences: [ // Audiences
|
|
88
|
+
* // "STRING_VALUE",
|
|
89
|
+
* // ],
|
|
90
|
+
* // },
|
|
91
|
+
* // identityTokenOnly: { // OpenIdConnectIdentityTokenConfigurationItem
|
|
92
|
+
* // principalIdClaim: "STRING_VALUE",
|
|
93
|
+
* // clientIds: "<ClientIds>",
|
|
94
|
+
* // },
|
|
95
|
+
* // },
|
|
96
|
+
* // },
|
|
76
97
|
* // },
|
|
77
98
|
* // },
|
|
78
99
|
* // ],
|