Package software.amazon.awscdk.services.elasticloadbalancingv2

Interface AuthenticateOidcOptions

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
AuthenticateOidcOptions.Jsii$Proxy
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:44.214Z") @Stability(Stable) public interface AuthenticateOidcOptions extends software.amazon.jsii.JsiiSerializable
Options for ListenerAction.authenciateOidc().

Example: 

 ApplicationListener listener;
 ApplicationTargetGroup myTargetGroup;
 listener.addAction("DefaultAction", AddApplicationActionProps.builder()
         .action(ListenerAction.authenticateOidc(AuthenticateOidcOptions.builder()
                 .authorizationEndpoint("https://example.com/openid")
                 // Other OIDC properties here
                 .clientId("...")
                 .clientSecret(SecretValue.secretsManager("..."))
                 .issuer("...")
                 .tokenEndpoint("...")
                 .userInfoEndpoint("...")
                 // Next
                 .next(ListenerAction.forward(List.of(myTargetGroup)))
                 .build()))
         .build());

  • Method Details

    • getAuthorizationEndpoint

      @Stability(Stable) @NotNull String getAuthorizationEndpoint()
      The authorization endpoint of the IdP.

      This must be a full URL, including the HTTPS protocol, the domain, and the path.

    • getClientId

      @Stability(Stable) @NotNull String getClientId()
      The OAuth 2.0 client identifier.

    • getClientSecret

      @Stability(Stable) @NotNull SecretValue getClientSecret()
      The OAuth 2.0 client secret.

    • getIssuer

      @Stability(Stable) @NotNull String getIssuer()
      The OIDC issuer identifier of the IdP.

      This must be a full URL, including the HTTPS protocol, the domain, and the path.

    • getNext

      @Stability(Stable) @NotNull ListenerAction getNext()
      What action to execute next.

    • getTokenEndpoint

      @Stability(Stable) @NotNull String getTokenEndpoint()
      The token endpoint of the IdP.

      This must be a full URL, including the HTTPS protocol, the domain, and the path.

    • getUserInfoEndpoint

      @Stability(Stable) @NotNull String getUserInfoEndpoint()
      The user info endpoint of the IdP.

      This must be a full URL, including the HTTPS protocol, the domain, and the path.

    • getAuthenticationRequestExtraParams

      @Stability(Stable) @Nullable default Map<String,String> getAuthenticationRequestExtraParams()
      The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

      Default: - No extra parameters

    • getOnUnauthenticatedRequest

      @Stability(Stable) @Nullable default UnauthenticatedAction getOnUnauthenticatedRequest()
      The behavior if the user is not authenticated.

      Default: UnauthenticatedAction.AUTHENTICATE

    • getScope

      @Stability(Stable) @Nullable default String getScope()
      The set of user claims to be requested from the IdP.

      To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

      Default: "openid"

    • getSessionCookieName

      @Stability(Stable) @Nullable default String getSessionCookieName()
      The name of the cookie used to maintain session information.

      Default: "AWSELBAuthSessionCookie"

    • getSessionTimeout

      @Stability(Stable) @Nullable default Duration getSessionTimeout()
      The maximum duration of the authentication session.

      Default: Duration.days(7)

    • builder

      @Stability(Stable) static AuthenticateOidcOptions.Builder builder()
      Returns:
      a AuthenticateOidcOptions.Builder of AuthenticateOidcOptions