public class WebIdentityFederationSessionCredentialsProvider extends Object implements AWSSessionCredentialsProvider
Modifier and Type | Field and Description |
---|---|
static int |
DEFAULT_DURATION_SECONDS
Default duration for started sessions
|
static int |
DEFAULT_THRESHOLD_SECONDS
Default threshold for refreshing session credentials
|
Constructor and Description |
---|
WebIdentityFederationSessionCredentialsProvider(String wifToken,
String wifProvider,
String roleArn)
Constructs a new WebIdentityFederationSessionCredentialsProvider, which will use the
specified 3rd-party web identity provider to make a request to the AWS
Security Token Service (STS) to request short lived session credentials,
which will then be returned by this class's
getCredentials()
method. |
WebIdentityFederationSessionCredentialsProvider(String wifToken,
String wifProvider,
String roleArn,
AWSSecurityTokenService stsClient)
Constructs a new WebIdentityFederationSessionCredentialsProvider, which will use the
specified 3rd-party web identity provider to make a request to the AWS
Security Token Service (STS) using the provided client to request short
lived session credentials, which will then be returned by this class's
getCredentials() method. |
WebIdentityFederationSessionCredentialsProvider(String wifToken,
String wifProvider,
String roleArn,
ClientConfiguration clientConfiguration)
Constructs a new WebIdentityFederationSessionCredentialsProvider, which will use the
specified 3rd-party web identity provider to make a request to the AWS
Security Token Service (STS) to request short lived session credentials,
which will then be returned by this class's
getCredentials()
method. |
Modifier and Type | Method and Description |
---|---|
AWSSessionCredentials |
getCredentials()
Returns AWSCredentials which the caller can use to authorize an AWS request.
|
int |
getRefreshThreshold()
Get the refresh threshold for the session credentials created by this client in
seconds.
|
int |
getSessionDuration()
Get the duration of the session credentials created by this client in
seconds.
|
String |
getSubjectFromWIF()
Get the identifier returned from the Identity Provider for the
authenticated user.
|
void |
refresh()
Forces this credentials provider to refresh its credentials.
|
void |
setRefreshThreshold(int refreshThreshold)
Set the refresh threshold for the session credentials created by this client in
seconds.
|
void |
setSessionDuration(int sessionDuration)
Set the duration of the session credentials created by this client in
seconds.
|
WebIdentityFederationSessionCredentialsProvider |
withRefreshThreshold(int refreshThreshold)
Set the refresh threshold for the session credentials created by this client in
seconds.
|
WebIdentityFederationSessionCredentialsProvider |
withSessionDuration(int sessionDuration)
Set the duration of the session credentials created by this client in
seconds.
|
public static final int DEFAULT_DURATION_SECONDS
public static final int DEFAULT_THRESHOLD_SECONDS
public WebIdentityFederationSessionCredentialsProvider(String wifToken, String wifProvider, String roleArn)
getCredentials()
method.wifToken
- The OAuth/OpenID token from the the Identity ProviderwifProvider
- The name of the Identity Provider (null for OpenID providers)roleArn
- The ARN of the IAM Role that will be assumedpublic WebIdentityFederationSessionCredentialsProvider(String wifToken, String wifProvider, String roleArn, ClientConfiguration clientConfiguration)
getCredentials()
method.wifToken
- The OAuth/OpenID token from the the Identity ProviderwifProvider
- The name of the Identity Provider (null for OpenID providers)roleArn
- The ARN of the IAM Role that will be assumedclientConfiguation
- Configuration to apply to STS client createdpublic WebIdentityFederationSessionCredentialsProvider(String wifToken, String wifProvider, String roleArn, AWSSecurityTokenService stsClient)
getCredentials()
method.wifToken
- The OAuth/OpenID token from the the Identity ProviderwifProvider
- The name of the Identity Provider (null for OpenID providers)roleArn
- The ARN of the IAM Role that will be assumedstsClient
- Preconfigured STS client to make requests withpublic AWSSessionCredentials getCredentials()
AWSCredentialsProvider
getCredentials
in interface AWSCredentialsProvider
getCredentials
in interface AWSSessionCredentialsProvider
public void refresh()
AWSCredentialsProvider
refresh
in interface AWSCredentialsProvider
public void setSessionDuration(int sessionDuration)
sessionDuration
- The new duration for session credentials created by this
providerAssumeRoleWithWebIdentityRequest
public WebIdentityFederationSessionCredentialsProvider withSessionDuration(int sessionDuration)
sessionDuration
- The new duration for session credentials created by this
providerAssumeRoleWithWebIdentityRequest
public int getSessionDuration()
AssumeRoleWithWebIdentityRequest
public void setRefreshThreshold(int refreshThreshold)
refreshThreshold
- The new refresh threshold for session credentials created by this
providerAssumeRoleWithWebIdentityRequest
public WebIdentityFederationSessionCredentialsProvider withRefreshThreshold(int refreshThreshold)
refreshThreshold
- The new refresh threshold for session credentials created by this
providerAssumeRoleWithWebIdentityRequest
public int getRefreshThreshold()
AssumeRoleWithWebIdentityRequest
public String getSubjectFromWIF()
AssumeRoleWithWebIdentityResult