ssooidc

package
v1.41.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 12, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package ssooidc provides the client and types for making API requests to AWS SSO OIDC.

AWS Single Sign-On (SSO) OpenID Connect (OIDC) is a web service that enables a client (such as AWS CLI or a native application) to register with AWS SSO. The service also enables the client to fetch the user’s access token upon successful authentication and authorization with AWS SSO. This service conforms with the OAuth 2.0 based implementation of the device authorization grant standard (https://tools.ietf.org/html/rfc8628 (https://tools.ietf.org/html/rfc8628)).

For general information about AWS SSO, see What is AWS Single Sign-On? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the AWS SSO User Guide.

This API reference guide describes the AWS SSO OIDC operations that you can call programatically and includes detailed information on data types and errors.

AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms such as Java, Ruby, .Net, iOS, and Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/).

See https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10 for more information on this service.

See ssooidc package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/

Using the Client

To contact AWS SSO OIDC with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS SSO OIDC client SSOOIDC for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/#New

Index

Constants

View Source
const (

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// You do not have sufficient access to perform this action.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeAuthorizationPendingException for service response error code
	// "AuthorizationPendingException".
	//
	// Indicates that a request to authorize a client with an access user session
	// token is pending.
	ErrCodeAuthorizationPendingException = "AuthorizationPendingException"

	// ErrCodeExpiredTokenException for service response error code
	// "ExpiredTokenException".
	//
	// Indicates that the token issued by the service is expired and is no longer
	// valid.
	ErrCodeExpiredTokenException = "ExpiredTokenException"

	// ErrCodeInternalServerException for service response error code
	// "InternalServerException".
	//
	// Indicates that an error from the service occurred while trying to process
	// a request.
	ErrCodeInternalServerException = "InternalServerException"

	// ErrCodeInvalidClientException for service response error code
	// "InvalidClientException".
	//
	// Indicates that the clientId or clientSecret in the request is invalid. For
	// example, this can occur when a client sends an incorrect clientId or an expired
	// clientSecret.
	ErrCodeInvalidClientException = "InvalidClientException"

	// ErrCodeInvalidClientMetadataException for service response error code
	// "InvalidClientMetadataException".
	//
	// Indicates that the client information sent in the request during registration
	// is invalid.
	ErrCodeInvalidClientMetadataException = "InvalidClientMetadataException"

	// ErrCodeInvalidGrantException for service response error code
	// "InvalidGrantException".
	//
	// Indicates that a request contains an invalid grant. This can occur if a client
	// makes a CreateToken request with an invalid grant type.
	ErrCodeInvalidGrantException = "InvalidGrantException"

	// ErrCodeInvalidRequestException for service response error code
	// "InvalidRequestException".
	//
	// Indicates that something is wrong with the input to the request. For example,
	// a required parameter might be missing or out of range.
	ErrCodeInvalidRequestException = "InvalidRequestException"

	// ErrCodeInvalidScopeException for service response error code
	// "InvalidScopeException".
	//
	// Indicates that the scope provided in the request is invalid.
	ErrCodeInvalidScopeException = "InvalidScopeException"

	// ErrCodeSlowDownException for service response error code
	// "SlowDownException".
	//
	// Indicates that the client is making the request too frequently and is more
	// than the service can handle.
	ErrCodeSlowDownException = "SlowDownException"

	// ErrCodeUnauthorizedClientException for service response error code
	// "UnauthorizedClientException".
	//
	// Indicates that the client is not currently authorized to make the request.
	// This can happen when a clientId is not issued for a public client.
	ErrCodeUnauthorizedClientException = "UnauthorizedClientException"

	// ErrCodeUnsupportedGrantTypeException for service response error code
	// "UnsupportedGrantTypeException".
	//
	// Indicates that the grant type in the request is not supported by the service.
	ErrCodeUnsupportedGrantTypeException = "UnsupportedGrantTypeException"
)
View Source
const (
	ServiceName = "SSO OIDC" // Name of service.
	EndpointsID = "oidc"     // ID to lookup a service endpoint with.
	ServiceID   = "SSO OIDC" // ServiceID is a unique identifier of a specific service.
)

Service information constants

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessDeniedException

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

You do not have sufficient access to perform this action.

func (*AccessDeniedException) Code

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString

func (s AccessDeniedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessDeniedException) Message

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String

func (s AccessDeniedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AuthorizationPendingException

type AuthorizationPendingException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that a request to authorize a client with an access user session token is pending.

func (*AuthorizationPendingException) Code

Code returns the exception type name.

func (*AuthorizationPendingException) Error

func (AuthorizationPendingException) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AuthorizationPendingException) Message

Message returns the exception's message.

func (*AuthorizationPendingException) OrigErr

func (s *AuthorizationPendingException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AuthorizationPendingException) RequestID

func (s *AuthorizationPendingException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AuthorizationPendingException) StatusCode

func (s *AuthorizationPendingException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AuthorizationPendingException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateTokenInput

type CreateTokenInput struct {

	// The unique identifier string for each client. This value should come from
	// the persisted result of the RegisterClient API.
	//
	// ClientId is a required field
	ClientId *string `locationName:"clientId" type:"string" required:"true"`

	// A secret string generated for the client. This value should come from the
	// persisted result of the RegisterClient API.
	//
	// ClientSecret is a required field
	ClientSecret *string `locationName:"clientSecret" type:"string" required:"true"`

	// The authorization code received from the authorization service. This parameter
	// is required to perform an authorization grant request to get access to a
	// token.
	Code *string `locationName:"code" type:"string"`

	// Used only when calling this API for the device code grant type. This short-term
	// code is used to identify this authentication attempt. This should come from
	// an in-memory reference to the result of the StartDeviceAuthorization API.
	//
	// DeviceCode is a required field
	DeviceCode *string `locationName:"deviceCode" type:"string" required:"true"`

	// Supports grant types for authorization code, refresh token, and device code
	// request.
	//
	// GrantType is a required field
	GrantType *string `locationName:"grantType" type:"string" required:"true"`

	// The location of the application that will receive the authorization code.
	// Users authorize the service to send the request to this location.
	RedirectUri *string `locationName:"redirectUri" type:"string"`

	// The token used to obtain an access token in the event that the access token
	// is invalid or expired. This token is not issued by the service.
	RefreshToken *string `locationName:"refreshToken" type:"string"`

	// The list of scopes that is defined by the client. Upon authorization, this
	// list is used to restrict permissions when granting an access token.
	Scope []*string `locationName:"scope" type:"list"`
	// contains filtered or unexported fields
}

func (CreateTokenInput) GoString

func (s CreateTokenInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateTokenInput) SetClientId

func (s *CreateTokenInput) SetClientId(v string) *CreateTokenInput

SetClientId sets the ClientId field's value.

func (*CreateTokenInput) SetClientSecret

func (s *CreateTokenInput) SetClientSecret(v string) *CreateTokenInput

SetClientSecret sets the ClientSecret field's value.

func (*CreateTokenInput) SetCode

func (s *CreateTokenInput) SetCode(v string) *CreateTokenInput

SetCode sets the Code field's value.

func (*CreateTokenInput) SetDeviceCode

func (s *CreateTokenInput) SetDeviceCode(v string) *CreateTokenInput

SetDeviceCode sets the DeviceCode field's value.

func (*CreateTokenInput) SetGrantType

func (s *CreateTokenInput) SetGrantType(v string) *CreateTokenInput

SetGrantType sets the GrantType field's value.

func (*CreateTokenInput) SetRedirectUri

func (s *CreateTokenInput) SetRedirectUri(v string) *CreateTokenInput

SetRedirectUri sets the RedirectUri field's value.

func (*CreateTokenInput) SetRefreshToken

func (s *CreateTokenInput) SetRefreshToken(v string) *CreateTokenInput

SetRefreshToken sets the RefreshToken field's value.

func (*CreateTokenInput) SetScope

func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput

SetScope sets the Scope field's value.

func (CreateTokenInput) String

func (s CreateTokenInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateTokenInput) Validate

func (s *CreateTokenInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateTokenOutput

type CreateTokenOutput struct {

	// An opaque token to access AWS SSO resources assigned to a user.
	AccessToken *string `locationName:"accessToken" type:"string"`

	// Indicates the time in seconds when an access token will expire.
	ExpiresIn *int64 `locationName:"expiresIn" type:"integer"`

	// The identifier of the user that associated with the access token, if present.
	IdToken *string `locationName:"idToken" type:"string"`

	// A token that, if present, can be used to refresh a previously issued access
	// token that might have expired.
	RefreshToken *string `locationName:"refreshToken" type:"string"`

	// Used to notify the client that the returned token is an access token. The
	// supported type is BearerToken.
	TokenType *string `locationName:"tokenType" type:"string"`
	// contains filtered or unexported fields
}

func (CreateTokenOutput) GoString

func (s CreateTokenOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateTokenOutput) SetAccessToken

func (s *CreateTokenOutput) SetAccessToken(v string) *CreateTokenOutput

SetAccessToken sets the AccessToken field's value.

func (*CreateTokenOutput) SetExpiresIn

func (s *CreateTokenOutput) SetExpiresIn(v int64) *CreateTokenOutput

SetExpiresIn sets the ExpiresIn field's value.

func (*CreateTokenOutput) SetIdToken

func (s *CreateTokenOutput) SetIdToken(v string) *CreateTokenOutput

SetIdToken sets the IdToken field's value.

func (*CreateTokenOutput) SetRefreshToken

func (s *CreateTokenOutput) SetRefreshToken(v string) *CreateTokenOutput

SetRefreshToken sets the RefreshToken field's value.

func (*CreateTokenOutput) SetTokenType

func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput

SetTokenType sets the TokenType field's value.

func (CreateTokenOutput) String

func (s CreateTokenOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ExpiredTokenException

type ExpiredTokenException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the token issued by the service is expired and is no longer valid.

func (*ExpiredTokenException) Code

func (s *ExpiredTokenException) Code() string

Code returns the exception type name.

func (*ExpiredTokenException) Error

func (s *ExpiredTokenException) Error() string

func (ExpiredTokenException) GoString

func (s ExpiredTokenException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ExpiredTokenException) Message

func (s *ExpiredTokenException) Message() string

Message returns the exception's message.

func (*ExpiredTokenException) OrigErr

func (s *ExpiredTokenException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ExpiredTokenException) RequestID

func (s *ExpiredTokenException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ExpiredTokenException) StatusCode

func (s *ExpiredTokenException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ExpiredTokenException) String

func (s ExpiredTokenException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InternalServerException

type InternalServerException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that an error from the service occurred while trying to process a request.

func (*InternalServerException) Code

func (s *InternalServerException) Code() string

Code returns the exception type name.

func (*InternalServerException) Error

func (s *InternalServerException) Error() string

func (InternalServerException) GoString

func (s InternalServerException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InternalServerException) Message

func (s *InternalServerException) Message() string

Message returns the exception's message.

func (*InternalServerException) OrigErr

func (s *InternalServerException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InternalServerException) RequestID

func (s *InternalServerException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InternalServerException) StatusCode

func (s *InternalServerException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InternalServerException) String

func (s InternalServerException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidClientException

type InvalidClientException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the clientId or clientSecret in the request is invalid. For example, this can occur when a client sends an incorrect clientId or an expired clientSecret.

func (*InvalidClientException) Code

func (s *InvalidClientException) Code() string

Code returns the exception type name.

func (*InvalidClientException) Error

func (s *InvalidClientException) Error() string

func (InvalidClientException) GoString

func (s InvalidClientException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidClientException) Message

func (s *InvalidClientException) Message() string

Message returns the exception's message.

func (*InvalidClientException) OrigErr

func (s *InvalidClientException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidClientException) RequestID

func (s *InvalidClientException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidClientException) StatusCode

func (s *InvalidClientException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidClientException) String

func (s InvalidClientException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidClientMetadataException

type InvalidClientMetadataException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the client information sent in the request during registration is invalid.

func (*InvalidClientMetadataException) Code

Code returns the exception type name.

func (*InvalidClientMetadataException) Error

func (InvalidClientMetadataException) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidClientMetadataException) Message

Message returns the exception's message.

func (*InvalidClientMetadataException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidClientMetadataException) RequestID

func (s *InvalidClientMetadataException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidClientMetadataException) StatusCode

func (s *InvalidClientMetadataException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidClientMetadataException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidGrantException

type InvalidGrantException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that a request contains an invalid grant. This can occur if a client makes a CreateToken request with an invalid grant type.

func (*InvalidGrantException) Code

func (s *InvalidGrantException) Code() string

Code returns the exception type name.

func (*InvalidGrantException) Error

func (s *InvalidGrantException) Error() string

func (InvalidGrantException) GoString

func (s InvalidGrantException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidGrantException) Message

func (s *InvalidGrantException) Message() string

Message returns the exception's message.

func (*InvalidGrantException) OrigErr

func (s *InvalidGrantException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidGrantException) RequestID

func (s *InvalidGrantException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidGrantException) StatusCode

func (s *InvalidGrantException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidGrantException) String

func (s InvalidGrantException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidRequestException

type InvalidRequestException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that something is wrong with the input to the request. For example, a required parameter might be missing or out of range.

func (*InvalidRequestException) Code

func (s *InvalidRequestException) Code() string

Code returns the exception type name.

func (*InvalidRequestException) Error

func (s *InvalidRequestException) Error() string

func (InvalidRequestException) GoString

func (s InvalidRequestException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidRequestException) Message

func (s *InvalidRequestException) Message() string

Message returns the exception's message.

func (*InvalidRequestException) OrigErr

func (s *InvalidRequestException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidRequestException) RequestID

func (s *InvalidRequestException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidRequestException) StatusCode

func (s *InvalidRequestException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidRequestException) String

func (s InvalidRequestException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InvalidScopeException

type InvalidScopeException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the scope provided in the request is invalid.

func (*InvalidScopeException) Code

func (s *InvalidScopeException) Code() string

Code returns the exception type name.

func (*InvalidScopeException) Error

func (s *InvalidScopeException) Error() string

func (InvalidScopeException) GoString

func (s InvalidScopeException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InvalidScopeException) Message

func (s *InvalidScopeException) Message() string

Message returns the exception's message.

func (*InvalidScopeException) OrigErr

func (s *InvalidScopeException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InvalidScopeException) RequestID

func (s *InvalidScopeException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InvalidScopeException) StatusCode

func (s *InvalidScopeException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InvalidScopeException) String

func (s InvalidScopeException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RegisterClientInput

type RegisterClientInput struct {

	// The friendly name of the client.
	//
	// ClientName is a required field
	ClientName *string `locationName:"clientName" type:"string" required:"true"`

	// The type of client. The service supports only public as a client type. Anything
	// other than public will be rejected by the service.
	//
	// ClientType is a required field
	ClientType *string `locationName:"clientType" type:"string" required:"true"`

	// The list of scopes that are defined by the client. Upon authorization, this
	// list is used to restrict permissions when granting an access token.
	Scopes []*string `locationName:"scopes" type:"list"`
	// contains filtered or unexported fields
}

func (RegisterClientInput) GoString

func (s RegisterClientInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RegisterClientInput) SetClientName

func (s *RegisterClientInput) SetClientName(v string) *RegisterClientInput

SetClientName sets the ClientName field's value.

func (*RegisterClientInput) SetClientType

func (s *RegisterClientInput) SetClientType(v string) *RegisterClientInput

SetClientType sets the ClientType field's value.

func (*RegisterClientInput) SetScopes

func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput

SetScopes sets the Scopes field's value.

func (RegisterClientInput) String

func (s RegisterClientInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RegisterClientInput) Validate

func (s *RegisterClientInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RegisterClientOutput

type RegisterClientOutput struct {

	// The endpoint where the client can request authorization.
	AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"`

	// The unique identifier string for each client. This client uses this identifier
	// to get authenticated by the service in subsequent calls.
	ClientId *string `locationName:"clientId" type:"string"`

	// Indicates the time at which the clientId and clientSecret were issued.
	ClientIdIssuedAt *int64 `locationName:"clientIdIssuedAt" type:"long"`

	// A secret string generated for the client. The client will use this string
	// to get authenticated by the service in subsequent calls.
	ClientSecret *string `locationName:"clientSecret" type:"string"`

	// Indicates the time at which the clientId and clientSecret will become invalid.
	ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"`

	// The endpoint where the client can get an access token.
	TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"`
	// contains filtered or unexported fields
}

func (RegisterClientOutput) GoString

func (s RegisterClientOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RegisterClientOutput) SetAuthorizationEndpoint

func (s *RegisterClientOutput) SetAuthorizationEndpoint(v string) *RegisterClientOutput

SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value.

func (*RegisterClientOutput) SetClientId

SetClientId sets the ClientId field's value.

func (*RegisterClientOutput) SetClientIdIssuedAt

func (s *RegisterClientOutput) SetClientIdIssuedAt(v int64) *RegisterClientOutput

SetClientIdIssuedAt sets the ClientIdIssuedAt field's value.

func (*RegisterClientOutput) SetClientSecret

func (s *RegisterClientOutput) SetClientSecret(v string) *RegisterClientOutput

SetClientSecret sets the ClientSecret field's value.

func (*RegisterClientOutput) SetClientSecretExpiresAt

func (s *RegisterClientOutput) SetClientSecretExpiresAt(v int64) *RegisterClientOutput

SetClientSecretExpiresAt sets the ClientSecretExpiresAt field's value.

func (*RegisterClientOutput) SetTokenEndpoint

func (s *RegisterClientOutput) SetTokenEndpoint(v string) *RegisterClientOutput

SetTokenEndpoint sets the TokenEndpoint field's value.

func (RegisterClientOutput) String

func (s RegisterClientOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SSOOIDC

type SSOOIDC struct {
	*client.Client
}

SSOOIDC provides the API operation methods for making requests to AWS SSO OIDC. See this package's package overview docs for details on the service.

SSOOIDC methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC

New creates a new instance of the SSOOIDC client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

mySession := session.Must(session.NewSession())

// Create a SSOOIDC client from just a session.
svc := ssooidc.New(mySession)

// Create a SSOOIDC client with additional configuration
svc := ssooidc.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*SSOOIDC) CreateToken

func (c *SSOOIDC) CreateToken(input *CreateTokenInput) (*CreateTokenOutput, error)

CreateToken API operation for AWS SSO OIDC.

Creates and returns an access token for the authorized client. The access token issued will be used to fetch short-term credentials for the assigned roles in the AWS account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS SSO OIDC's API operation CreateToken for usage and error information.

Returned Error Types:

  • InvalidRequestException Indicates that something is wrong with the input to the request. For example, a required parameter might be missing or out of range.

  • InvalidClientException Indicates that the clientId or clientSecret in the request is invalid. For example, this can occur when a client sends an incorrect clientId or an expired clientSecret.

  • InvalidGrantException Indicates that a request contains an invalid grant. This can occur if a client makes a CreateToken request with an invalid grant type.

  • UnauthorizedClientException Indicates that the client is not currently authorized to make the request. This can happen when a clientId is not issued for a public client.

  • UnsupportedGrantTypeException Indicates that the grant type in the request is not supported by the service.

  • InvalidScopeException Indicates that the scope provided in the request is invalid.

  • AuthorizationPendingException Indicates that a request to authorize a client with an access user session token is pending.

  • SlowDownException Indicates that the client is making the request too frequently and is more than the service can handle.

  • AccessDeniedException You do not have sufficient access to perform this action.

  • ExpiredTokenException Indicates that the token issued by the service is expired and is no longer valid.

  • InternalServerException Indicates that an error from the service occurred while trying to process a request.

See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken

func (*SSOOIDC) CreateTokenRequest

func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Request, output *CreateTokenOutput)

CreateTokenRequest generates a "aws/request.Request" representing the client's request for the CreateToken operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateToken for more information on using the CreateToken API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateTokenRequest method.
req, resp := client.CreateTokenRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken

func (*SSOOIDC) CreateTokenWithContext

func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInput, opts ...request.Option) (*CreateTokenOutput, error)

CreateTokenWithContext is the same as CreateToken with the addition of the ability to pass a context and additional request options.

See CreateToken for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*SSOOIDC) RegisterClient

func (c *SSOOIDC) RegisterClient(input *RegisterClientInput) (*RegisterClientOutput, error)

RegisterClient API operation for AWS SSO OIDC.

Registers a client with AWS SSO. This allows clients to initiate device authorization. The output should be persisted for reuse through many authentication requests.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS SSO OIDC's API operation RegisterClient for usage and error information.

Returned Error Types:

  • InvalidRequestException Indicates that something is wrong with the input to the request. For example, a required parameter might be missing or out of range.

  • InvalidScopeException Indicates that the scope provided in the request is invalid.

  • InvalidClientMetadataException Indicates that the client information sent in the request during registration is invalid.

  • InternalServerException Indicates that an error from the service occurred while trying to process a request.

See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient

func (*SSOOIDC) RegisterClientRequest

func (c *SSOOIDC) RegisterClientRequest(input *RegisterClientInput) (req *request.Request, output *RegisterClientOutput)

RegisterClientRequest generates a "aws/request.Request" representing the client's request for the RegisterClient operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RegisterClient for more information on using the RegisterClient API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RegisterClientRequest method.
req, resp := client.RegisterClientRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient

func (*SSOOIDC) RegisterClientWithContext

func (c *SSOOIDC) RegisterClientWithContext(ctx aws.Context, input *RegisterClientInput, opts ...request.Option) (*RegisterClientOutput, error)

RegisterClientWithContext is the same as RegisterClient with the addition of the ability to pass a context and additional request options.

See RegisterClient for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*SSOOIDC) StartDeviceAuthorization

func (c *SSOOIDC) StartDeviceAuthorization(input *StartDeviceAuthorizationInput) (*StartDeviceAuthorizationOutput, error)

StartDeviceAuthorization API operation for AWS SSO OIDC.

Initiates device authorization by requesting a pair of verification codes from the authorization service.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS SSO OIDC's API operation StartDeviceAuthorization for usage and error information.

Returned Error Types:

  • InvalidRequestException Indicates that something is wrong with the input to the request. For example, a required parameter might be missing or out of range.

  • InvalidClientException Indicates that the clientId or clientSecret in the request is invalid. For example, this can occur when a client sends an incorrect clientId or an expired clientSecret.

  • UnauthorizedClientException Indicates that the client is not currently authorized to make the request. This can happen when a clientId is not issued for a public client.

  • SlowDownException Indicates that the client is making the request too frequently and is more than the service can handle.

  • InternalServerException Indicates that an error from the service occurred while trying to process a request.

See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization

func (*SSOOIDC) StartDeviceAuthorizationRequest

func (c *SSOOIDC) StartDeviceAuthorizationRequest(input *StartDeviceAuthorizationInput) (req *request.Request, output *StartDeviceAuthorizationOutput)

StartDeviceAuthorizationRequest generates a "aws/request.Request" representing the client's request for the StartDeviceAuthorization operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See StartDeviceAuthorization for more information on using the StartDeviceAuthorization API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the StartDeviceAuthorizationRequest method.
req, resp := client.StartDeviceAuthorizationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization

func (*SSOOIDC) StartDeviceAuthorizationWithContext

func (c *SSOOIDC) StartDeviceAuthorizationWithContext(ctx aws.Context, input *StartDeviceAuthorizationInput, opts ...request.Option) (*StartDeviceAuthorizationOutput, error)

StartDeviceAuthorizationWithContext is the same as StartDeviceAuthorization with the addition of the ability to pass a context and additional request options.

See StartDeviceAuthorization for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type SlowDownException

type SlowDownException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the client is making the request too frequently and is more than the service can handle.

func (*SlowDownException) Code

func (s *SlowDownException) Code() string

Code returns the exception type name.

func (*SlowDownException) Error

func (s *SlowDownException) Error() string

func (SlowDownException) GoString

func (s SlowDownException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SlowDownException) Message

func (s *SlowDownException) Message() string

Message returns the exception's message.

func (*SlowDownException) OrigErr

func (s *SlowDownException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*SlowDownException) RequestID

func (s *SlowDownException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*SlowDownException) StatusCode

func (s *SlowDownException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (SlowDownException) String

func (s SlowDownException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type StartDeviceAuthorizationInput

type StartDeviceAuthorizationInput struct {

	// The unique identifier string for the client that is registered with AWS SSO.
	// This value should come from the persisted result of the RegisterClient API
	// operation.
	//
	// ClientId is a required field
	ClientId *string `locationName:"clientId" type:"string" required:"true"`

	// A secret string that is generated for the client. This value should come
	// from the persisted result of the RegisterClient API operation.
	//
	// ClientSecret is a required field
	ClientSecret *string `locationName:"clientSecret" type:"string" required:"true"`

	// The URL for the AWS SSO user portal. For more information, see Using the
	// User Portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html)
	// in the AWS Single Sign-On User Guide.
	//
	// StartUrl is a required field
	StartUrl *string `locationName:"startUrl" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (StartDeviceAuthorizationInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartDeviceAuthorizationInput) SetClientId

SetClientId sets the ClientId field's value.

func (*StartDeviceAuthorizationInput) SetClientSecret

SetClientSecret sets the ClientSecret field's value.

func (*StartDeviceAuthorizationInput) SetStartUrl

SetStartUrl sets the StartUrl field's value.

func (StartDeviceAuthorizationInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartDeviceAuthorizationInput) Validate

func (s *StartDeviceAuthorizationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type StartDeviceAuthorizationOutput

type StartDeviceAuthorizationOutput struct {

	// The short-lived code that is used by the device when polling for a session
	// token.
	DeviceCode *string `locationName:"deviceCode" type:"string"`

	// Indicates the number of seconds in which the verification code will become
	// invalid.
	ExpiresIn *int64 `locationName:"expiresIn" type:"integer"`

	// Indicates the number of seconds the client must wait between attempts when
	// polling for a session.
	Interval *int64 `locationName:"interval" type:"integer"`

	// A one-time user verification code. This is needed to authorize an in-use
	// device.
	UserCode *string `locationName:"userCode" type:"string"`

	// The URI of the verification page that takes the userCode to authorize the
	// device.
	VerificationUri *string `locationName:"verificationUri" type:"string"`

	// An alternate URL that the client can use to automatically launch a browser.
	// This process skips the manual step in which the user visits the verification
	// page and enters their code.
	VerificationUriComplete *string `locationName:"verificationUriComplete" type:"string"`
	// contains filtered or unexported fields
}

func (StartDeviceAuthorizationOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*StartDeviceAuthorizationOutput) SetDeviceCode

SetDeviceCode sets the DeviceCode field's value.

func (*StartDeviceAuthorizationOutput) SetExpiresIn

SetExpiresIn sets the ExpiresIn field's value.

func (*StartDeviceAuthorizationOutput) SetInterval

SetInterval sets the Interval field's value.

func (*StartDeviceAuthorizationOutput) SetUserCode

SetUserCode sets the UserCode field's value.

func (*StartDeviceAuthorizationOutput) SetVerificationUri

SetVerificationUri sets the VerificationUri field's value.

func (*StartDeviceAuthorizationOutput) SetVerificationUriComplete

func (s *StartDeviceAuthorizationOutput) SetVerificationUriComplete(v string) *StartDeviceAuthorizationOutput

SetVerificationUriComplete sets the VerificationUriComplete field's value.

func (StartDeviceAuthorizationOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnauthorizedClientException

type UnauthorizedClientException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the client is not currently authorized to make the request. This can happen when a clientId is not issued for a public client.

func (*UnauthorizedClientException) Code

Code returns the exception type name.

func (*UnauthorizedClientException) Error

func (UnauthorizedClientException) GoString

func (s UnauthorizedClientException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnauthorizedClientException) Message

func (s *UnauthorizedClientException) Message() string

Message returns the exception's message.

func (*UnauthorizedClientException) OrigErr

func (s *UnauthorizedClientException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnauthorizedClientException) RequestID

func (s *UnauthorizedClientException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnauthorizedClientException) StatusCode

func (s *UnauthorizedClientException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnauthorizedClientException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UnsupportedGrantTypeException

type UnsupportedGrantTypeException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Error_ *string `locationName:"error" type:"string"`

	Error_description *string `locationName:"error_description" type:"string"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Indicates that the grant type in the request is not supported by the service.

func (*UnsupportedGrantTypeException) Code

Code returns the exception type name.

func (*UnsupportedGrantTypeException) Error

func (UnsupportedGrantTypeException) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UnsupportedGrantTypeException) Message

Message returns the exception's message.

func (*UnsupportedGrantTypeException) OrigErr

func (s *UnsupportedGrantTypeException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*UnsupportedGrantTypeException) RequestID

func (s *UnsupportedGrantTypeException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*UnsupportedGrantTypeException) StatusCode

func (s *UnsupportedGrantTypeException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (UnsupportedGrantTypeException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

Directories

Path Synopsis
Package ssooidciface provides an interface to enable mocking the AWS SSO OIDC service client for testing your code.
Package ssooidciface provides an interface to enable mocking the AWS SSO OIDC service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL