sso

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 21, 2019 License: Apache-2.0 Imports: 6 Imported by: 38

Documentation

Overview

Package sso provides the client and types for making API requests to SSO.

AWS Single Sign-On Portal is a web service that makes it easy for you to assign user access to AWS SSO resources such as the user portal. Users can get AWS account applications and roles assigned to them and get federated into the application.

For general information about AWS SSO, see What is AWS Single Sign-On? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) in the AWS SSO User Guide.

This API reference guide describes the AWS SSO Portal operations that you can call programatically and includes detailed information on data types and errors.

AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to AWS SSO and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/).

See https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10 for more information on this service.

See sso package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/sso/

Using the Client

To use SSO with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the SSO client for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/sso/#New

Index

Constants

View Source
const (
	ServiceName = "SSO"        // Service's name
	ServiceID   = "SSO"        // Service's identifier
	EndpointsID = "portal.sso" // Service's Endpoint identifier
)
View Source
const (

	// ErrCodeInvalidRequestException for service response error code
	// "InvalidRequestException".
	//
	// Indicates that a problem occurred with the input to the request. For example,
	// a required parameter might be missing or out of range.
	ErrCodeInvalidRequestException = "InvalidRequestException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// The specified resource doesn't exist.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"

	// ErrCodeTooManyRequestsException for service response error code
	// "TooManyRequestsException".
	//
	// Indicates that the request is being made too frequently and is more than
	// what the server can handle.
	ErrCodeTooManyRequestsException = "TooManyRequestsException"

	// ErrCodeUnauthorizedException for service response error code
	// "UnauthorizedException".
	//
	// Indicates that the request is not authorized. This can happen due to an invalid
	// access token in the request.
	ErrCodeUnauthorizedException = "UnauthorizedException"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccountInfo

type AccountInfo struct {

	// The identifier of the AWS account that is assigned to the user.
	AccountId *string `locationName:"accountId" type:"string"`

	// The display name of the AWS account that is assigned to the user.
	AccountName *string `locationName:"accountName" type:"string"`

	// The email address of the AWS account that is assigned to the user.
	EmailAddress *string `locationName:"emailAddress" min:"1" type:"string"`
	// contains filtered or unexported fields
}

Provides information about your AWS account.

func (AccountInfo) MarshalFields

func (s AccountInfo) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (AccountInfo) String

func (s AccountInfo) String() string

String returns the string representation

type Client

type Client struct {
	*aws.Client
}

Client provides the API operation methods for making requests to SSO. See this package's package overview docs for details on the service.

The client's methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(config aws.Config) *Client

New creates a new instance of the client from the provided Config.

Example:

// Create a client from just a config.
svc := sso.New(myConfig)

func (*Client) GetRoleCredentialsRequest

func (c *Client) GetRoleCredentialsRequest(input *GetRoleCredentialsInput) GetRoleCredentialsRequest

GetRoleCredentialsRequest returns a request value for making API operation for AWS Single Sign-On.

Returns the STS short-term credentials for a given role name that is assigned to the user.

// Example sending a request using GetRoleCredentialsRequest.
req := client.GetRoleCredentialsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials

func (*Client) ListAccountRolesRequest

func (c *Client) ListAccountRolesRequest(input *ListAccountRolesInput) ListAccountRolesRequest

ListAccountRolesRequest returns a request value for making API operation for AWS Single Sign-On.

Lists all roles that are assigned to the user for a given AWS account.

// Example sending a request using ListAccountRolesRequest.
req := client.ListAccountRolesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles

func (*Client) ListAccountsRequest

func (c *Client) ListAccountsRequest(input *ListAccountsInput) ListAccountsRequest

ListAccountsRequest returns a request value for making API operation for AWS Single Sign-On.

Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account. For more information, see Assign User Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers) in the AWS SSO User Guide. This operation returns a paginated response.

// Example sending a request using ListAccountsRequest.
req := client.ListAccountsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts

func (*Client) LogoutRequest

func (c *Client) LogoutRequest(input *LogoutInput) LogoutRequest

LogoutRequest returns a request value for making API operation for AWS Single Sign-On.

Removes the client- and server-side session that is associated with the user.

// Example sending a request using LogoutRequest.
req := client.LogoutRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout

type GetRoleCredentialsInput

type GetRoleCredentialsInput struct {

	// The token issued by the CreateToken API call. For more information, see CreateToken
	// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
	// in the AWS SSO OIDC API Reference Guide.
	//
	// AccessToken is a required field
	AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"`

	// The identifier for the AWS account that is assigned to the user.
	//
	// AccountId is a required field
	AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"`

	// The friendly name of the role that is assigned to the user.
	//
	// RoleName is a required field
	RoleName *string `location:"querystring" locationName:"role_name" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRoleCredentialsInput) MarshalFields

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (GetRoleCredentialsInput) String

func (s GetRoleCredentialsInput) String() string

String returns the string representation

func (*GetRoleCredentialsInput) Validate

func (s *GetRoleCredentialsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRoleCredentialsOutput

type GetRoleCredentialsOutput struct {

	// The credentials for the role that is assigned to the user.
	RoleCredentials *RoleCredentials `locationName:"roleCredentials" type:"structure"`
	// contains filtered or unexported fields
}

func (GetRoleCredentialsOutput) MarshalFields

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (GetRoleCredentialsOutput) String

func (s GetRoleCredentialsOutput) String() string

String returns the string representation

type GetRoleCredentialsRequest

type GetRoleCredentialsRequest struct {
	*aws.Request
	Input *GetRoleCredentialsInput
	Copy  func(*GetRoleCredentialsInput) GetRoleCredentialsRequest
}

GetRoleCredentialsRequest is the request type for the GetRoleCredentials API operation.

func (GetRoleCredentialsRequest) Send

Send marshals and sends the GetRoleCredentials API request.

type GetRoleCredentialsResponse

type GetRoleCredentialsResponse struct {
	*GetRoleCredentialsOutput
	// contains filtered or unexported fields
}

GetRoleCredentialsResponse is the response type for the GetRoleCredentials API operation.

func (*GetRoleCredentialsResponse) SDKResponseMetdata

func (r *GetRoleCredentialsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetRoleCredentials request.

type ListAccountRolesInput

type ListAccountRolesInput struct {

	// The token issued by the CreateToken API call. For more information, see CreateToken
	// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
	// in the AWS SSO OIDC API Reference Guide.
	//
	// AccessToken is a required field
	AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"`

	// The identifier for the AWS account that is assigned to the user.
	//
	// AccountId is a required field
	AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"`

	// The number of items that clients can request per page.
	MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"`

	// The page token from the previous response output when you request subsequent
	// pages.
	NextToken *string `location:"querystring" locationName:"next_token" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccountRolesInput) MarshalFields

func (s ListAccountRolesInput) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (ListAccountRolesInput) String

func (s ListAccountRolesInput) String() string

String returns the string representation

func (*ListAccountRolesInput) Validate

func (s *ListAccountRolesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccountRolesOutput

type ListAccountRolesOutput struct {

	// The page token client that is used to retrieve the list of accounts.
	NextToken *string `locationName:"nextToken" type:"string"`

	// A paginated response with the list of roles and the next token if more results
	// are available.
	RoleList []RoleInfo `locationName:"roleList" type:"list"`
	// contains filtered or unexported fields
}

func (ListAccountRolesOutput) MarshalFields

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (ListAccountRolesOutput) String

func (s ListAccountRolesOutput) String() string

String returns the string representation

type ListAccountRolesPaginator

type ListAccountRolesPaginator struct {
	aws.Pager
}

ListAccountRolesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAccountRolesPaginator

func NewListAccountRolesPaginator(req ListAccountRolesRequest) ListAccountRolesPaginator

NewListAccountRolesRequestPaginator returns a paginator for ListAccountRoles. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAccountRolesRequest(input)
p := sso.NewListAccountRolesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAccountRolesPaginator) CurrentPage

type ListAccountRolesRequest

type ListAccountRolesRequest struct {
	*aws.Request
	Input *ListAccountRolesInput
	Copy  func(*ListAccountRolesInput) ListAccountRolesRequest
}

ListAccountRolesRequest is the request type for the ListAccountRoles API operation.

func (ListAccountRolesRequest) Send

Send marshals and sends the ListAccountRoles API request.

type ListAccountRolesResponse

type ListAccountRolesResponse struct {
	*ListAccountRolesOutput
	// contains filtered or unexported fields
}

ListAccountRolesResponse is the response type for the ListAccountRoles API operation.

func (*ListAccountRolesResponse) SDKResponseMetdata

func (r *ListAccountRolesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAccountRoles request.

type ListAccountsInput

type ListAccountsInput struct {

	// The token issued by the CreateToken API call. For more information, see CreateToken
	// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
	// in the AWS SSO OIDC API Reference Guide.
	//
	// AccessToken is a required field
	AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"`

	// This is the number of items clients can request per page.
	MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"`

	// (Optional) When requesting subsequent pages, this is the page token from
	// the previous response output.
	NextToken *string `location:"querystring" locationName:"next_token" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccountsInput) MarshalFields

func (s ListAccountsInput) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (ListAccountsInput) String

func (s ListAccountsInput) String() string

String returns the string representation

func (*ListAccountsInput) Validate

func (s *ListAccountsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccountsOutput

type ListAccountsOutput struct {

	// A paginated response with the list of account information and the next token
	// if more results are available.
	AccountList []AccountInfo `locationName:"accountList" type:"list"`

	// The page token client that is used to retrieve the list of accounts.
	NextToken *string `locationName:"nextToken" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccountsOutput) MarshalFields

func (s ListAccountsOutput) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (ListAccountsOutput) String

func (s ListAccountsOutput) String() string

String returns the string representation

type ListAccountsPaginator

type ListAccountsPaginator struct {
	aws.Pager
}

ListAccountsPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAccountsPaginator

func NewListAccountsPaginator(req ListAccountsRequest) ListAccountsPaginator

NewListAccountsRequestPaginator returns a paginator for ListAccounts. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAccountsRequest(input)
p := sso.NewListAccountsRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAccountsPaginator) CurrentPage

func (p *ListAccountsPaginator) CurrentPage() *ListAccountsOutput

type ListAccountsRequest

type ListAccountsRequest struct {
	*aws.Request
	Input *ListAccountsInput
	Copy  func(*ListAccountsInput) ListAccountsRequest
}

ListAccountsRequest is the request type for the ListAccounts API operation.

func (ListAccountsRequest) Send

Send marshals and sends the ListAccounts API request.

type ListAccountsResponse

type ListAccountsResponse struct {
	*ListAccountsOutput
	// contains filtered or unexported fields
}

ListAccountsResponse is the response type for the ListAccounts API operation.

func (*ListAccountsResponse) SDKResponseMetdata

func (r *ListAccountsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAccounts request.

type LogoutInput

type LogoutInput struct {

	// The token issued by the CreateToken API call. For more information, see CreateToken
	// (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html)
	// in the AWS SSO OIDC API Reference Guide.
	//
	// AccessToken is a required field
	AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (LogoutInput) MarshalFields

func (s LogoutInput) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (LogoutInput) String

func (s LogoutInput) String() string

String returns the string representation

func (*LogoutInput) Validate

func (s *LogoutInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type LogoutOutput

type LogoutOutput struct {
	// contains filtered or unexported fields
}

func (LogoutOutput) MarshalFields

func (s LogoutOutput) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (LogoutOutput) String

func (s LogoutOutput) String() string

String returns the string representation

type LogoutRequest

type LogoutRequest struct {
	*aws.Request
	Input *LogoutInput
	Copy  func(*LogoutInput) LogoutRequest
}

LogoutRequest is the request type for the Logout API operation.

func (LogoutRequest) Send

Send marshals and sends the Logout API request.

type LogoutResponse

type LogoutResponse struct {
	*LogoutOutput
	// contains filtered or unexported fields
}

LogoutResponse is the response type for the Logout API operation.

func (*LogoutResponse) SDKResponseMetdata

func (r *LogoutResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the Logout request.

type RoleCredentials

type RoleCredentials struct {

	// The identifier used for the temporary security credentials. For more information,
	// see Using Temporary Security Credentials to Request Access to AWS Resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
	// in the AWS IAM User Guide.
	AccessKeyId *string `locationName:"accessKeyId" type:"string"`

	// The date on which temporary security credentials expire.
	Expiration *int64 `locationName:"expiration" type:"long"`

	// The key that is used to sign the request. For more information, see Using
	// Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
	// in the AWS IAM User Guide.
	SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"`

	// The token used for temporary credentials. For more information, see Using
	// Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html)
	// in the AWS IAM User Guide.
	SessionToken *string `locationName:"sessionToken" type:"string" sensitive:"true"`
	// contains filtered or unexported fields
}

Provides information about the role credentials that are assigned to the user.

func (RoleCredentials) MarshalFields

func (s RoleCredentials) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (RoleCredentials) String

func (s RoleCredentials) String() string

String returns the string representation

type RoleInfo

type RoleInfo struct {

	// The identifier of the AWS account assigned to the user.
	AccountId *string `locationName:"accountId" type:"string"`

	// The friendly name of the role that is assigned to the user.
	RoleName *string `locationName:"roleName" type:"string"`
	// contains filtered or unexported fields
}

Provides information about the role that is assigned to the user.

func (RoleInfo) MarshalFields

func (s RoleInfo) MarshalFields(e protocol.FieldEncoder) error

MarshalFields encodes the AWS API shape using the passed in protocol encoder.

func (RoleInfo) String

func (s RoleInfo) String() string

String returns the string representation

Directories

Path Synopsis
Package ssoiface provides an interface to enable mocking the AWS Single Sign-On service client for testing your code.
Package ssoiface provides an interface to enable mocking the AWS Single Sign-On service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL