Class: AWSCDK::Verifiedpermissions::CfnIdentitySource::OpenIdConnectTokenSelectionProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
verifiedpermissions/cfn_identity_source.rb

Overview

The token type that you want to process from your OIDC identity provider.

Your policy store can process either identity (ID) or access tokens from a given OIDC identity source.

This data type is part of a OpenIdConnectConfiguration structure, which is a parameter of CreateIdentitySource .

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(access_token_only: nil, identity_token_only: nil) ⇒ OpenIdConnectTokenSelectionProperty

Returns a new instance of OpenIdConnectTokenSelectionProperty.

Parameters:



992
993
994
995
996
997
# File 'verifiedpermissions/cfn_identity_source.rb', line 992

def initialize(access_token_only: nil, identity_token_only: nil)
  @access_token_only = access_token_only.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnIdentitySource::OpenIdConnectAccessTokenConfigurationProperty.new(**access_token_only.transform_keys(&:to_sym)) : access_token_only
  Jsii::Type.check_type(@access_token_only, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmbklkZW50aXR5U291cmNlLk9wZW5JZENvbm5lY3RBY2Nlc3NUb2tlbkNvbmZpZ3VyYXRpb25Qcm9wZXJ0eSJ9XX19")), "accessTokenOnly") unless @access_token_only.nil?
  @identity_token_only = identity_token_only.is_a?(Hash) ? ::AWSCDK::Verifiedpermissions::CfnIdentitySource::OpenIdConnectIdentityTokenConfigurationProperty.new(**identity_token_only.transform_keys(&:to_sym)) : identity_token_only
  Jsii::Type.check_type(@identity_token_only, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c192ZXJpZmllZHBlcm1pc3Npb25zLkNmbklkZW50aXR5U291cmNlLk9wZW5JZENvbm5lY3RJZGVudGl0eVRva2VuQ29uZmlndXJhdGlvblByb3BlcnR5In1dfX0=")), "identityTokenOnly") unless @identity_token_only.nil?
end

Instance Attribute Details

#access_token_onlyAWSCDK::IResolvable, ... (readonly)

The OIDC configuration for processing access tokens.

Contains allowed audience claims, for example https://auth.example.com , and the claim that you want to map to the principal, for example sub .



1005
1006
1007
# File 'verifiedpermissions/cfn_identity_source.rb', line 1005

def access_token_only
  @access_token_only
end

#identity_token_onlyAWSCDK::IResolvable, ... (readonly)

The OIDC configuration for processing identity (ID) tokens.

Contains allowed client ID claims, for example 1example23456789 , and the claim that you want to map to the principal, for example sub .



1012
1013
1014
# File 'verifiedpermissions/cfn_identity_source.rb', line 1012

def identity_token_only
  @identity_token_only
end

Class Method Details

.jsii_propertiesObject



1014
1015
1016
1017
1018
1019
# File 'verifiedpermissions/cfn_identity_source.rb', line 1014

def self.jsii_properties
  {
    :access_token_only => "accessTokenOnly",
    :identity_token_only => "identityTokenOnly",
  }
end

Instance Method Details

#to_jsiiObject



1021
1022
1023
1024
1025
1026
1027
1028
# File 'verifiedpermissions/cfn_identity_source.rb', line 1021

def to_jsii
  result = {}
  result.merge!({
    "accessTokenOnly" => @access_token_only,
    "identityTokenOnly" => @identity_token_only,
  })
  result.compact
end