Class: AWSCDK::BedrockAgentCore::CustomOAuth2CredentialProviderProps

Inherits:
OAuth2CredentialProviderFactoryBaseProps
  • Object
show all
Defined in:
bedrock_agent_core/custom_o_auth2_credential_provider_props.rb

Overview

Props for OAuth2CredentialProvider.usingCustom.

Set exactly one of discoveryUrl (OIDC discovery document) or authorizationServerMetadata (static OAuth2 server metadata). Do not pass both.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(o_auth2_credential_provider_name: nil, tags: nil, client_id:, client_secret:, authorization_server_metadata: nil, discovery_url: nil) ⇒ CustomOAuth2CredentialProviderProps

Returns a new instance of CustomOAuth2CredentialProviderProps.

Parameters:

  • o_auth2_credential_provider_name (String, nil) (defaults to: nil)

    Name of the credential provider.

  • tags (Hash{String => String}, nil) (defaults to: nil)

    Tags for this credential provider.

  • client_id (String)

    OAuth2 client identifier.

  • client_secret (AWSCDK::SecretValue)

    OAuth2 client secret.

  • authorization_server_metadata (AWSCDK::BedrockAgentCore::OAuth2AuthorizationServerMetadata, nil) (defaults to: nil)

    Authorization server metadata (issuer, authorization and token endpoints) when not using a discovery URL.

  • discovery_url (String, nil) (defaults to: nil)

    OIDC/OAuth2 discovery document URL for dynamic integration with the identity provider.



16
17
18
19
20
21
22
23
24
25
26
27
28
29
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 16

def initialize(o_auth2_credential_provider_name: nil, tags: nil, client_id:, client_secret:, authorization_server_metadata: nil, discovery_url: nil)
  @o_auth2_credential_provider_name = o_auth2_credential_provider_name
  Jsii::Type.check_type(@o_auth2_credential_provider_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "oAuth2CredentialProviderName") unless @o_auth2_credential_provider_name.nil?
  @tags = tags
  Jsii::Type.check_type(@tags, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoibWFwIn19")), "tags") unless @tags.nil?
  @client_id = client_id
  Jsii::Type.check_type(@client_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "clientId")
  @client_secret = client_secret
  Jsii::Type.check_type(@client_secret, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5TZWNyZXRWYWx1ZSJ9")), "clientSecret")
  @authorization_server_metadata = .is_a?(Hash) ? ::AWSCDK::BedrockAgentCore::OAuth2AuthorizationServerMetadata.new(**.transform_keys(&:to_sym)) : 
  Jsii::Type.check_type(@authorization_server_metadata, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfYmVkcm9ja2FnZW50Y29yZS5PQXV0aDJBdXRob3JpemF0aW9uU2VydmVyTWV0YWRhdGEifQ==")), "authorizationServerMetadata") unless @authorization_server_metadata.nil?
  @discovery_url = discovery_url
  Jsii::Type.check_type(@discovery_url, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "discoveryUrl") unless @discovery_url.nil?
end

Instance Attribute Details

#authorization_server_metadataAWSCDK::BedrockAgentCore::OAuth2AuthorizationServerMetadata? (readonly)

Note:

Default: - not used when {@link discoveryUrl } is set

Authorization server metadata (issuer, authorization and token endpoints) when not using a discovery URL.



59
60
61
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 59

def 
  @authorization_server_metadata
end

#client_idString (readonly)

OAuth2 client identifier.

Returns:

  • (String)


44
45
46
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 44

def client_id
  @client_id
end

#client_secretAWSCDK::SecretValue (readonly)

OAuth2 client secret.

NOTE: The client secret will be included in the CloudFormation template as part of synthesis. The service stores the secret in Secrets Manager after creation, but the value is visible in the template and deployment history. Use SecretValue.unsafePlainText() to explicitly acknowledge plaintext, or pass a reference from another construct to avoid embedding the literal value.

Returns:



54
55
56
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 54

def client_secret
  @client_secret
end

#discovery_urlString? (readonly)

Note:

Default: - not used when {@link authorizationServerMetadata } is set

OIDC/OAuth2 discovery document URL for dynamic integration with the identity provider.

Returns:

  • (String, nil)


64
65
66
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 64

def discovery_url
  @discovery_url
end

#o_auth2_credential_provider_nameString? (readonly)

Note:

Default: a name generated by CDK

Name of the credential provider.

Returns:

  • (String, nil)


35
36
37
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 35

def o_auth2_credential_provider_name
  @o_auth2_credential_provider_name
end

#tagsHash{String => String}? (readonly)

Note:

Default: - no tags

Tags for this credential provider.

Returns:

  • (Hash{String => String}, nil)


40
41
42
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 40

def tags
  @tags
end

Class Method Details

.jsii_propertiesObject



66
67
68
69
70
71
72
73
74
75
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 66

def self.jsii_properties
  {
    :o_auth2_credential_provider_name => "oAuth2CredentialProviderName",
    :tags => "tags",
    :client_id => "clientId",
    :client_secret => "clientSecret",
    :authorization_server_metadata => "authorizationServerMetadata",
    :discovery_url => "discoveryUrl",
  }
end

Instance Method Details

#to_jsiiObject



77
78
79
80
81
82
83
84
85
86
87
88
89
# File 'bedrock_agent_core/custom_o_auth2_credential_provider_props.rb', line 77

def to_jsii
  result = {}
  result.merge!(super)
  result.merge!({
    "oAuth2CredentialProviderName" => @o_auth2_credential_provider_name,
    "tags" => @tags,
    "clientId" => @client_id,
    "clientSecret" => @client_secret,
    "authorizationServerMetadata" => @authorization_server_metadata,
    "discoveryUrl" => @discovery_url,
  })
  result.compact
end