Class: AWSCDK::ElasticLoadBalancingv2Actions::AuthenticateCognitoActionProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb

Overview

Properties for AuthenticateCognitoAction.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(_next:, user_pool:, user_pool_client:, user_pool_domain:, allow_https_outbound: nil, authentication_request_extra_params: nil, on_unauthenticated_request: nil, scope: nil, session_cookie_name: nil, session_timeout: nil) ⇒ AuthenticateCognitoActionProps

Returns a new instance of AuthenticateCognitoActionProps.

Parameters:

  • _next (AWSCDK::ElasticLoadBalancingv2::ListenerAction)

    What action to execute next.

  • user_pool (AWSCDK::Cognito::IUserPool)

    The Amazon Cognito user pool.

  • user_pool_client (AWSCDK::Cognito::IUserPoolClient)

    The Amazon Cognito user pool client.

  • user_pool_domain (AWSCDK::Cognito::IUserPoolDomain)

    The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.

  • allow_https_outbound (Boolean, nil) (defaults to: nil)

    Allow HTTPS outbound traffic to communicate with the IdP.

  • authentication_request_extra_params (Hash{String => String}, nil) (defaults to: nil)

    The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

  • on_unauthenticated_request (AWSCDK::ElasticLoadBalancingv2::UnauthenticatedAction, nil) (defaults to: nil)

    The behavior if the user is not authenticated.

  • scope (String, nil) (defaults to: nil)

    The set of user claims to be requested from the IdP.

  • session_cookie_name (String, nil) (defaults to: nil)

    The name of the cookie used to maintain session information.

  • session_timeout (AWSCDK::Duration, nil) (defaults to: nil)

    The maximum duration of the authentication session.



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 17

def initialize(_next:, user_pool:, user_pool_client:, user_pool_domain:, allow_https_outbound: nil, authentication_request_extra_params: nil, on_unauthenticated_request: nil, scope: nil, session_cookie_name: nil, session_timeout: nil)
  @_next = _next
  Jsii::Type.check_type(@_next, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfZWxhc3RpY2xvYWRiYWxhbmNpbmd2Mi5MaXN0ZW5lckFjdGlvbiJ9")), "next")
  @user_pool = user_pool
  Jsii::Type.check_type(@user_pool, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY29nbml0by5JVXNlclBvb2wifQ==")), "userPool")
  @user_pool_client = user_pool_client
  Jsii::Type.check_type(@user_pool_client, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY29nbml0by5JVXNlclBvb2xDbGllbnQifQ==")), "userPoolClient")
  @user_pool_domain = user_pool_domain
  Jsii::Type.check_type(@user_pool_domain, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY29nbml0by5JVXNlclBvb2xEb21haW4ifQ==")), "userPoolDomain")
  @allow_https_outbound = allow_https_outbound
  Jsii::Type.check_type(@allow_https_outbound, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJib29sZWFuIn0=")), "allowHttpsOutbound") unless @allow_https_outbound.nil?
  @authentication_request_extra_params = authentication_request_extra_params
  Jsii::Type.check_type(@authentication_request_extra_params, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoibWFwIn19")), "authenticationRequestExtraParams") unless @authentication_request_extra_params.nil?
  @on_unauthenticated_request = on_unauthenticated_request
  Jsii::Type.check_type(@on_unauthenticated_request, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfZWxhc3RpY2xvYWRiYWxhbmNpbmd2Mi5VbmF1dGhlbnRpY2F0ZWRBY3Rpb24ifQ==")), "onUnauthenticatedRequest") unless @on_unauthenticated_request.nil?
  @scope = scope
  Jsii::Type.check_type(@scope, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "scope") unless @scope.nil?
  @session_cookie_name = session_cookie_name
  Jsii::Type.check_type(@session_cookie_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "sessionCookieName") unless @session_cookie_name.nil?
  @session_timeout = session_timeout
  Jsii::Type.check_type(@session_timeout, JSON.parse(Base64.strict_decode64("eyJmcW4iOiJhd3MtY2RrLWxpYi5EdXJhdGlvbiJ9")), "sessionTimeout") unless @session_timeout.nil?
end

Instance Attribute Details

#_nextAWSCDK::ElasticLoadBalancingv2::ListenerAction (readonly)

What action to execute next.

Multiple actions form a linked chain; the chain must always terminate in a (weighted)forward, fixedResponse or redirect action.



46
47
48
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 46

def _next
  @_next
end

#allow_https_outboundBoolean? (readonly)

Note:

Default: true

Allow HTTPS outbound traffic to communicate with the IdP.

Set this property to false if the IP address used for the IdP endpoint is identifiable and you want to control outbound traffic. Then allow HTTPS outbound traffic to the IdP's IP address using the listener's connections property.



68
69
70
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 68

def allow_https_outbound
  @allow_https_outbound
end

#authentication_request_extra_paramsHash{String => String}? (readonly)

Note:

Default: - No extra parameters

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

Returns:

  • (Hash{String => String}, nil)


73
74
75
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 73

def authentication_request_extra_params
  @authentication_request_extra_params
end

#on_unauthenticated_requestAWSCDK::ElasticLoadBalancingv2::UnauthenticatedAction? (readonly)

Note:

Default: UnauthenticatedAction.AUTHENTICATE

The behavior if the user is not authenticated.



78
79
80
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 78

def on_unauthenticated_request
  @on_unauthenticated_request
end

#scopeString? (readonly)

Note:

Default: "openid"

The set of user claims to be requested from the IdP.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

Returns:

  • (String, nil)


85
86
87
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 85

def scope
  @scope
end
Note:

Default: "AWSELBAuthSessionCookie"

The name of the cookie used to maintain session information.

Returns:

  • (String, nil)


90
91
92
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 90

def session_cookie_name
  @session_cookie_name
end

#session_timeoutAWSCDK::Duration? (readonly)

Note:

Default: Duration.days(7)

The maximum duration of the authentication session.

Returns:



95
96
97
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 95

def session_timeout
  @session_timeout
end

#user_poolAWSCDK::Cognito::IUserPool (readonly)

The Amazon Cognito user pool.



50
51
52
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 50

def user_pool
  @user_pool
end

#user_pool_clientAWSCDK::Cognito::IUserPoolClient (readonly)

The Amazon Cognito user pool client.



54
55
56
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 54

def user_pool_client
  @user_pool_client
end

#user_pool_domainAWSCDK::Cognito::IUserPoolDomain (readonly)

The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.



58
59
60
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 58

def user_pool_domain
  @user_pool_domain
end

Class Method Details

.jsii_propertiesObject



97
98
99
100
101
102
103
104
105
106
107
108
109
110
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 97

def self.jsii_properties
  {
    :_next => "next",
    :user_pool => "userPool",
    :user_pool_client => "userPoolClient",
    :user_pool_domain => "userPoolDomain",
    :allow_https_outbound => "allowHttpsOutbound",
    :authentication_request_extra_params => "authenticationRequestExtraParams",
    :on_unauthenticated_request => "onUnauthenticatedRequest",
    :scope => "scope",
    :session_cookie_name => "sessionCookieName",
    :session_timeout => "sessionTimeout",
  }
end

Instance Method Details

#to_jsiiObject



112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# File 'elastic_load_balancingv2_actions/authenticate_cognito_action_props.rb', line 112

def to_jsii
  result = {}
  result.merge!({
    "next" => @_next,
    "userPool" => @user_pool,
    "userPoolClient" => @user_pool_client,
    "userPoolDomain" => @user_pool_domain,
    "allowHttpsOutbound" => @allow_https_outbound,
    "authenticationRequestExtraParams" => @authentication_request_extra_params,
    "onUnauthenticatedRequest" => @on_unauthenticated_request,
    "scope" => @scope,
    "sessionCookieName" => @session_cookie_name,
    "sessionTimeout" => @session_timeout,
  })
  result.compact
end