@depup/aws-sdk__client-sso-oidc 3.1010.0-depup.0

package/dist-types/commands/RegisterClientCommand.d.ts

@@ -0,0 +1,151 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import type { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import type { RegisterClientRequest, RegisterClientResponse } from "../models/models_0";
+import type { ServiceInputTypes, ServiceOutputTypes, SSOOIDCClientResolvedConfig } from "../SSOOIDCClient";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link RegisterClientCommand}.
+ */
+export interface RegisterClientCommandInput extends RegisterClientRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link RegisterClientCommand}.
+ */
+export interface RegisterClientCommandOutput extends RegisterClientResponse, __MetadataBearer {
+}
+declare const RegisterClientCommand_base: {
+    new (input: RegisterClientCommandInput): import("@smithy/smithy-client").CommandImpl<RegisterClientCommandInput, RegisterClientCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (input: RegisterClientCommandInput): import("@smithy/smithy-client").CommandImpl<RegisterClientCommandInput, RegisterClientCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Registers a public client with IAM Identity Center. This allows clients to perform authorization using
+ *       the authorization code grant with Proof Key for Code Exchange (PKCE) or the device
+ *       code grant.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SSOOIDCClient, RegisterClientCommand } from "@aws-sdk/client-sso-oidc"; // ES Modules import
+ * // const { SSOOIDCClient, RegisterClientCommand } = require("@aws-sdk/client-sso-oidc"); // CommonJS import
+ * // import type { SSOOIDCClientConfig } from "@aws-sdk/client-sso-oidc";
+ * const config = {}; // type is SSOOIDCClientConfig
+ * const client = new SSOOIDCClient(config);
+ * const input = { // RegisterClientRequest
+ *   clientName: "STRING_VALUE", // required
+ *   clientType: "STRING_VALUE", // required
+ *   scopes: [ // Scopes
+ *     "STRING_VALUE",
+ *   ],
+ *   redirectUris: [ // RedirectUris
+ *     "STRING_VALUE",
+ *   ],
+ *   grantTypes: [ // GrantTypes
+ *     "STRING_VALUE",
+ *   ],
+ *   issuerUrl: "STRING_VALUE",
+ *   entitledApplicationArn: "STRING_VALUE",
+ * };
+ * const command = new RegisterClientCommand(input);
+ * const response = await client.send(command);
+ * // { // RegisterClientResponse
+ * //   clientId: "STRING_VALUE",
+ * //   clientSecret: "STRING_VALUE",
+ * //   clientIdIssuedAt: Number("long"),
+ * //   clientSecretExpiresAt: Number("long"),
+ * //   authorizationEndpoint: "STRING_VALUE",
+ * //   tokenEndpoint: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param RegisterClientCommandInput - {@link RegisterClientCommandInput}
+ * @returns {@link RegisterClientCommandOutput}
+ * @see {@link RegisterClientCommandInput} for command's `input` shape.
+ * @see {@link RegisterClientCommandOutput} for command's `response` shape.
+ * @see {@link SSOOIDCClientResolvedConfig | config} for SSOOIDCClient's `config` shape.
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ *
+ * @throws {@link InvalidClientMetadataException} (client fault)
+ *  <p>Indicates that the client information sent in the request during registration is
+ *       invalid.</p>
+ *
+ * @throws {@link InvalidRedirectUriException} (client fault)
+ *  <p>Indicates that one or more redirect URI in the request is not supported for this
+ *       operation.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ *
+ * @throws {@link InvalidScopeException} (client fault)
+ *  <p>Indicates that the scope provided in the request is invalid.</p>
+ *
+ * @throws {@link SlowDownException} (client fault)
+ *  <p>Indicates that the client is making the request too frequently and is more than the
+ *       service can handle. </p>
+ *
+ * @throws {@link UnsupportedGrantTypeException} (client fault)
+ *  <p>Indicates that the grant type in the request is not supported by the service.</p>
+ *
+ * @throws {@link SSOOIDCServiceException}
+ * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
+ *
+ *
+ * @example Call OAuth/OIDC /register-client endpoint
+ * ```javascript
+ * //
+ * const input = {
+ *   clientName: "My IDE Plugin",
+ *   clientType: "public",
+ *   entitledApplicationArn: "arn:aws:sso::ACCOUNTID:application/ssoins-1111111111111111/apl-1111111111111111",
+ *   grantTypes: [
+ *     "authorization_code",
+ *     "refresh_token"
+ *   ],
+ *   issuerUrl: "https://identitycenter.amazonaws.com/ssoins-1111111111111111",
+ *   redirectUris: [
+ *     "127.0.0.1:PORT/oauth/callback"
+ *   ],
+ *   scopes: [
+ *     "sso:account:access",
+ *     "codewhisperer:completions"
+ *   ]
+ * };
+ * const command = new RegisterClientCommand(input);
+ * const response = await client.send(command);
+ * /* response is
+ * {
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientIdIssuedAt: 1579725929,
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   clientSecretExpiresAt: 1587584729
+ * }
+ * *\/
+ * ```
+ *
+ * @public
+ */
+export declare class RegisterClientCommand extends RegisterClientCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: RegisterClientRequest;
+            output: RegisterClientResponse;
+        };
+        sdk: {
+            input: RegisterClientCommandInput;
+            output: RegisterClientCommandOutput;
+        };
+    };
+}

package/dist-types/commands/StartDeviceAuthorizationCommand.d.ts

@@ -0,0 +1,125 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import type { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import type { StartDeviceAuthorizationRequest, StartDeviceAuthorizationResponse } from "../models/models_0";
+import type { ServiceInputTypes, ServiceOutputTypes, SSOOIDCClientResolvedConfig } from "../SSOOIDCClient";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link StartDeviceAuthorizationCommand}.
+ */
+export interface StartDeviceAuthorizationCommandInput extends StartDeviceAuthorizationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link StartDeviceAuthorizationCommand}.
+ */
+export interface StartDeviceAuthorizationCommandOutput extends StartDeviceAuthorizationResponse, __MetadataBearer {
+}
+declare const StartDeviceAuthorizationCommand_base: {
+    new (input: StartDeviceAuthorizationCommandInput): import("@smithy/smithy-client").CommandImpl<StartDeviceAuthorizationCommandInput, StartDeviceAuthorizationCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (input: StartDeviceAuthorizationCommandInput): import("@smithy/smithy-client").CommandImpl<StartDeviceAuthorizationCommandInput, StartDeviceAuthorizationCommandOutput, SSOOIDCClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Initiates device authorization by requesting a pair of verification codes from the
+ *       authorization service.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SSOOIDCClient, StartDeviceAuthorizationCommand } from "@aws-sdk/client-sso-oidc"; // ES Modules import
+ * // const { SSOOIDCClient, StartDeviceAuthorizationCommand } = require("@aws-sdk/client-sso-oidc"); // CommonJS import
+ * // import type { SSOOIDCClientConfig } from "@aws-sdk/client-sso-oidc";
+ * const config = {}; // type is SSOOIDCClientConfig
+ * const client = new SSOOIDCClient(config);
+ * const input = { // StartDeviceAuthorizationRequest
+ *   clientId: "STRING_VALUE", // required
+ *   clientSecret: "STRING_VALUE", // required
+ *   startUrl: "STRING_VALUE", // required
+ * };
+ * const command = new StartDeviceAuthorizationCommand(input);
+ * const response = await client.send(command);
+ * // { // StartDeviceAuthorizationResponse
+ * //   deviceCode: "STRING_VALUE",
+ * //   userCode: "STRING_VALUE",
+ * //   verificationUri: "STRING_VALUE",
+ * //   verificationUriComplete: "STRING_VALUE",
+ * //   expiresIn: Number("int"),
+ * //   interval: Number("int"),
+ * // };
+ *
+ * ```
+ *
+ * @param StartDeviceAuthorizationCommandInput - {@link StartDeviceAuthorizationCommandInput}
+ * @returns {@link StartDeviceAuthorizationCommandOutput}
+ * @see {@link StartDeviceAuthorizationCommandInput} for command's `input` shape.
+ * @see {@link StartDeviceAuthorizationCommandOutput} for command's `response` shape.
+ * @see {@link SSOOIDCClientResolvedConfig | config} for SSOOIDCClient's `config` shape.
+ *
+ * @throws {@link InternalServerException} (server fault)
+ *  <p>Indicates that an error from the service occurred while trying to process a
+ *       request.</p>
+ *
+ * @throws {@link InvalidClientException} (client fault)
+ *  <p>Indicates that the <code>clientId</code> or <code>clientSecret</code> in the request is
+ *       invalid. For example, this can occur when a client sends an incorrect <code>clientId</code> or
+ *       an expired <code>clientSecret</code>.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>Indicates that something is wrong with the input to the request. For example, a required
+ *       parameter might be missing or out of range.</p>
+ *
+ * @throws {@link SlowDownException} (client fault)
+ *  <p>Indicates that the client is making the request too frequently and is more than the
+ *       service can handle. </p>
+ *
+ * @throws {@link UnauthorizedClientException} (client fault)
+ *  <p>Indicates that the client is not currently authorized to make the request. This can happen
+ *       when a <code>clientId</code> is not issued for a public client.</p>
+ *
+ * @throws {@link SSOOIDCServiceException}
+ * <p>Base exception class for all service exceptions from SSOOIDC service.</p>
+ *
+ *
+ * @example Call OAuth/OIDC /start-device-authorization endpoint
+ * ```javascript
+ * //
+ * const input = {
+ *   clientId: "_yzkThXVzLWVhc3QtMQEXAMPLECLIENTID",
+ *   clientSecret: "VERYLONGSECRETeyJraWQiOiJrZXktMTU2NDAyODA5OSIsImFsZyI6IkhTMzg0In0",
+ *   startUrl: "https://identitycenter.amazonaws.com/ssoins-111111111111"
+ * };
+ * const command = new StartDeviceAuthorizationCommand(input);
+ * const response = await client.send(command);
+ * /* response is
+ * {
+ *   deviceCode: "yJraWQiOiJrZXktMTU2Njk2ODA4OCIsImFsZyI6IkhTMzIn0EXAMPLEDEVICECODE",
+ *   expiresIn: 1579729529,
+ *   interval: 1,
+ *   userCode: "makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE",
+ *   verificationUri: "https://directory-alias-example.awsapps.com/start/#/device",
+ *   verificationUriComplete: "https://directory-alias-example.awsapps.com/start/#/device?user_code=makdfsk83yJraWQiOiJrZXktMTU2Njk2sImFsZyI6IkhTMzIn0EXAMPLEUSERCODE"
+ * }
+ * *\/
+ * ```
+ *
+ * @public
+ */
+export declare class StartDeviceAuthorizationCommand extends StartDeviceAuthorizationCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: StartDeviceAuthorizationRequest;
+            output: StartDeviceAuthorizationResponse;
+        };
+        sdk: {
+            input: StartDeviceAuthorizationCommandInput;
+            output: StartDeviceAuthorizationCommandOutput;
+        };
+    };
+}

package/dist-types/commands/index.d.ts

@@ -0,0 +1,4 @@
+export * from "./CreateTokenCommand";
+export * from "./CreateTokenWithIAMCommand";
+export * from "./RegisterClientCommand";
+export * from "./StartDeviceAuthorizationCommand";

package/dist-types/endpoint/EndpointParameters.d.ts

@@ -0,0 +1,50 @@
+import type { Endpoint, EndpointParameters as __EndpointParameters, EndpointV2, Provider } from "@smithy/types";
+/**
+ * @public
+ */
+export interface ClientInputEndpointParameters {
+    region?: string | undefined | Provider<string | undefined>;
+    useDualstackEndpoint?: boolean | undefined | Provider<boolean | undefined>;
+    useFipsEndpoint?: boolean | undefined | Provider<boolean | undefined>;
+    endpoint?: string | Provider<string> | Endpoint | Provider<Endpoint> | EndpointV2 | Provider<EndpointV2>;
+}
+/**
+ * @public
+ */
+export type ClientResolvedEndpointParameters = Omit<ClientInputEndpointParameters, "endpoint"> & {
+    defaultSigningName: string;
+};
+/**
+ * @internal
+ */
+export declare const resolveClientEndpointParameters: <T>(options: T & ClientInputEndpointParameters) => T & ClientResolvedEndpointParameters;
+/**
+ * @internal
+ */
+export declare const commonParams: {
+    readonly UseFIPS: {
+        readonly type: "builtInParams";
+        readonly name: "useFipsEndpoint";
+    };
+    readonly Endpoint: {
+        readonly type: "builtInParams";
+        readonly name: "endpoint";
+    };
+    readonly Region: {
+        readonly type: "builtInParams";
+        readonly name: "region";
+    };
+    readonly UseDualStack: {
+        readonly type: "builtInParams";
+        readonly name: "useDualstackEndpoint";
+    };
+};
+/**
+ * @internal
+ */
+export interface EndpointParameters extends __EndpointParameters {
+    Region?: string | undefined;
+    UseDualStack?: boolean | undefined;
+    UseFIPS?: boolean | undefined;
+    Endpoint?: string | undefined;
+}

package/dist-types/endpoint/endpointResolver.d.ts

@@ -0,0 +1,8 @@
+import type { EndpointV2, Logger } from "@smithy/types";
+import type { EndpointParameters } from "./EndpointParameters";
+/**
+ * @internal
+ */
+export declare const defaultEndpointResolver: (endpointParams: EndpointParameters, context?: {
+    logger?: Logger;
+}) => EndpointV2;

package/dist-types/endpoint/ruleset.d.ts

@@ -0,0 +1,2 @@
+import { RuleSetObject } from "@smithy/types";
+export declare const ruleSet: RuleSetObject;

package/dist-types/extensionConfiguration.d.ts

@@ -0,0 +1,9 @@
+import type { AwsRegionExtensionConfiguration } from "@aws-sdk/types";
+import type { HttpHandlerExtensionConfiguration } from "@smithy/protocol-http";
+import type { DefaultExtensionConfiguration } from "@smithy/types";
+import type { HttpAuthExtensionConfiguration } from "./auth/httpAuthExtensionConfiguration";
+/**
+ * @internal
+ */
+export interface SSOOIDCExtensionConfiguration extends HttpHandlerExtensionConfiguration, DefaultExtensionConfiguration, AwsRegionExtensionConfiguration, HttpAuthExtensionConfiguration {
+}

package/dist-types/index.d.ts

@@ -0,0 +1,54 @@
+/**
+ * <p>IAM Identity Center OpenID Connect (OIDC) is a web service that enables a client (such as CLI or a
+ *       native application) to register with IAM Identity Center. The service also enables the client to fetch the
+ *       user’s access token upon successful authentication and authorization with IAM Identity Center.</p>
+ *          <p>
+ *             <b>API namespaces</b>
+ *          </p>
+ *          <p>IAM Identity Center uses the <code>sso</code> and <code>identitystore</code> API namespaces. IAM Identity Center
+ *       OpenID Connect uses the <code>sso-oauth</code> namespace.</p>
+ *          <p>
+ *             <b>Considerations for using this guide</b>
+ *          </p>
+ *          <p>Before you begin using this guide, we recommend that you first review the following
+ *       important information about how the IAM Identity Center OIDC service works.</p>
+ *          <ul>
+ *             <li>
+ *                <p>The IAM Identity Center OIDC service currently implements only the portions of the OAuth 2.0 Device
+ *           Authorization Grant standard (<a href="https://tools.ietf.org/html/rfc8628">https://tools.ietf.org/html/rfc8628</a>) that are necessary to enable single
+ *           sign-on authentication with the CLI. </p>
+ *             </li>
+ *             <li>
+ *                <p>With older versions of the CLI, the service only emits OIDC access tokens, so to
+ *           obtain a new token, users must explicitly re-authenticate. To access the OIDC flow that
+ *           supports token refresh and doesn’t require re-authentication, update to the latest CLI
+ *           version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with support for OIDC token refresh
+ *           and configurable IAM Identity Center session durations. For more information, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html">Configure Amazon Web Services access portal session duration </a>. </p>
+ *             </li>
+ *             <li>
+ *                <p>The access tokens provided by this service grant access to all Amazon Web Services account
+ *           entitlements assigned to an IAM Identity Center user, not just a particular application.</p>
+ *             </li>
+ *             <li>
+ *                <p>The documentation in this guide does not describe the mechanism to convert the access
+ *           token into Amazon Web Services Auth (“sigv4”) credentials for use with IAM-protected Amazon Web Services service
+ *           endpoints. For more information, see <a href="https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html">GetRoleCredentials</a> in the <i>IAM Identity Center Portal API Reference
+ *           Guide</i>.</p>
+ *             </li>
+ *          </ul>
+ *          <p>For general information about IAM Identity Center, see <a href="https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html">What is
+ *         IAM Identity Center?</a> in the <i>IAM Identity Center User Guide</i>.</p>
+ *
+ * @packageDocumentation
+ */
+export * from "./SSOOIDCClient";
+export * from "./SSOOIDC";
+export { ClientInputEndpointParameters } from "./endpoint/EndpointParameters";
+export type { RuntimeExtension } from "./runtimeExtensions";
+export type { SSOOIDCExtensionConfiguration } from "./extensionConfiguration";
+export * from "./commands";
+export * from "./schemas/schemas_0";
+export * from "./models/enums";
+export * from "./models/errors";
+export * from "./models/models_0";
+export { SSOOIDCServiceException } from "./models/SSOOIDCServiceException";

package/dist-types/models/SSOOIDCServiceException.d.ts

@@ -0,0 +1,14 @@
+import { type ServiceExceptionOptions as __ServiceExceptionOptions, ServiceException as __ServiceException } from "@smithy/smithy-client";
+export type { __ServiceExceptionOptions };
+export { __ServiceException };
+/**
+ * @public
+ *
+ * Base exception class for all service exceptions from SSOOIDC service.
+ */
+export declare class SSOOIDCServiceException extends __ServiceException {
+    /**
+     * @internal
+     */
+    constructor(options: __ServiceExceptionOptions);
+}

package/dist-types/models/enums.d.ts

@@ -0,0 +1,25 @@
+/**
+ * @public
+ * @enum
+ */
+export declare const AccessDeniedExceptionReason: {
+    readonly KMS_ACCESS_DENIED: "KMS_AccessDeniedException";
+};
+/**
+ * @public
+ */
+export type AccessDeniedExceptionReason = (typeof AccessDeniedExceptionReason)[keyof typeof AccessDeniedExceptionReason];
+/**
+ * @public
+ * @enum
+ */
+export declare const InvalidRequestExceptionReason: {
+    readonly KMS_DISABLED_KEY: "KMS_DisabledException";
+    readonly KMS_INVALID_KEY_USAGE: "KMS_InvalidKeyUsageException";
+    readonly KMS_INVALID_STATE: "KMS_InvalidStateException";
+    readonly KMS_KEY_NOT_FOUND: "KMS_NotFoundException";
+};
+/**
+ * @public
+ */
+export type InvalidRequestExceptionReason = (typeof InvalidRequestExceptionReason)[keyof typeof InvalidRequestExceptionReason];