Class: AWSCDK::BedrockAgentCore::CustomJwtConfiguration

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
bedrock_agent_core/custom_jwt_configuration.rb

Overview

Custom JWT authorizer configuration.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(discovery_url:, allowed_audience: nil, allowed_clients: nil, allowed_scopes: nil, custom_claims: nil) ⇒ CustomJwtConfiguration

Returns a new instance of CustomJwtConfiguration.

Parameters:

  • discovery_url (String)

    This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.

  • allowed_audience (Array<String>, nil) (defaults to: nil)

    Represents individual audience values that are validated in the incoming JWT token validation process.

  • allowed_clients (Array<String>, nil) (defaults to: nil)

    Represents individual client IDs that are validated in the incoming JWT token validation process.

  • allowed_scopes (Array<String>, nil) (defaults to: nil)

    Represents individual scopes that are validated in the incoming JWT token validation process.

  • custom_claims (Array<AWSCDK::BedrockAgentCore::GatewayCustomClaim>, nil) (defaults to: nil)

    Custom claims for additional JWT token validation.



12
13
14
15
16
17
18
19
20
21
22
23
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 12

def initialize(discovery_url:, allowed_audience: nil, allowed_clients: nil, allowed_scopes: nil, custom_claims: nil)
  @discovery_url = discovery_url
  Jsii::Type.check_type(@discovery_url, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "discoveryUrl")
  @allowed_audience = allowed_audience
  Jsii::Type.check_type(@allowed_audience, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedAudience") unless @allowed_audience.nil?
  @allowed_clients = allowed_clients
  Jsii::Type.check_type(@allowed_clients, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedClients") unless @allowed_clients.nil?
  @allowed_scopes = allowed_scopes
  Jsii::Type.check_type(@allowed_scopes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedScopes") unless @allowed_scopes.nil?
  @custom_claims = custom_claims
  Jsii::Type.check_type(@custom_claims, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7ImZxbiI6ImF3cy1jZGstbGliLmF3c19iZWRyb2NrYWdlbnRjb3JlLkdhdGV3YXlDdXN0b21DbGFpbSJ9LCJraW5kIjoiYXJyYXkifX0=")), "customClaims") unless @custom_claims.nil?
end

Instance Attribute Details

#allowed_audienceArray<String>? (readonly)

Note:

Default: - No audience validation

Represents individual audience values that are validated in the incoming JWT token validation process.

Returns:

  • (Array<String>, nil)


36
37
38
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 36

def allowed_audience
  @allowed_audience
end

#allowed_clientsArray<String>? (readonly)

Note:

Default: - No client ID validation

Represents individual client IDs that are validated in the incoming JWT token validation process.

Returns:

  • (Array<String>, nil)


41
42
43
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 41

def allowed_clients
  @allowed_clients
end

#allowed_scopesArray<String>? (readonly)

Note:

Default: - No scope validation

Represents individual scopes that are validated in the incoming JWT token validation process.

Returns:

  • (Array<String>, nil)


46
47
48
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 46

def allowed_scopes
  @allowed_scopes
end

#custom_claimsArray<AWSCDK::BedrockAgentCore::GatewayCustomClaim>? (readonly)

Note:

Default: - No custom claim validation

Custom claims for additional JWT token validation.

Allows you to validate additional fields in JWT tokens beyond the standard audience, client, and scope validations.



53
54
55
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 53

def custom_claims
  @custom_claims
end

#discovery_urlString (readonly)

This URL is used to fetch OpenID Connect configuration or authorization server metadata for validating incoming tokens.

Pattern: .+/.well-known/openid-configuration Required: Yes

Returns:

  • (String)


31
32
33
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 31

def discovery_url
  @discovery_url
end

Class Method Details

.jsii_propertiesObject



55
56
57
58
59
60
61
62
63
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 55

def self.jsii_properties
  {
    :discovery_url => "discoveryUrl",
    :allowed_audience => "allowedAudience",
    :allowed_clients => "allowedClients",
    :allowed_scopes => "allowedScopes",
    :custom_claims => "customClaims",
  }
end

Instance Method Details

#to_jsiiObject



65
66
67
68
69
70
71
72
73
74
75
# File 'bedrock_agent_core/custom_jwt_configuration.rb', line 65

def to_jsii
  result = {}
  result.merge!({
    "discoveryUrl" => @discovery_url,
    "allowedAudience" => @allowed_audience,
    "allowedClients" => @allowed_clients,
    "allowedScopes" => @allowed_scopes,
    "customClaims" => @custom_claims,
  })
  result.compact
end