Interface AuthenticateCognitoActionProps
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
AuthenticateCognitoActionProps.Jsii$Proxy
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:30:45.487Z")
@Stability(Stable)
public interface AuthenticateCognitoActionProps
extends software.amazon.jsii.JsiiSerializable
Properties for AuthenticateCognitoAction.
Example:
import software.amazon.awscdk.services.cognito.*; import software.amazon.awscdk.services.ec2.*; import software.amazon.awscdk.services.elasticloadbalancingv2.*; import software.amazon.awscdk.core.App; import software.amazon.awscdk.core.CfnOutput; import software.amazon.awscdk.core.Stack; import software.constructs.Construct; import software.amazon.awscdk.services.elasticloadbalancingv2.actions.*; CognitoStack extends Stack {CognitoStack(ApplicationLoadBalancer lb = ApplicationLoadBalancer.Builder.create(this, "LB") .vpc(vpc) .internetFacing(true) .build(); UserPool userPool = new UserPool(this, "UserPool"); UserPoolClient userPoolClient = UserPoolClient.Builder.create(this, "Client") .userPool(userPool) // Required minimal configuration for use with an ELB .generateSecret(true) .authFlows(AuthFlow.builder() .userPassword(true) .build()) .oAuth(OAuthSettings.builder() .flows(OAuthFlows.builder() .authorizationCodeGrant(true) .build()) .scopes(List.of(OAuthScope.EMAIL)) .callbackUrls(List.of(String.format("https://%s/oauth2/idpresponse", lb.getLoadBalancerDnsName()))) .build()) .build(); CfnUserPoolClient cfnClient = (CfnUserPoolClient)userPoolClient.getNode().getDefaultChild(); cfnClient.addPropertyOverride("RefreshTokenValidity", 1); cfnClient.addPropertyOverride("SupportedIdentityProviders", List.of("COGNITO")); UserPoolDomain userPoolDomain = UserPoolDomain.Builder.create(this, "Domain") .userPool(userPool) .cognitoDomain(CognitoDomainOptions.builder() .domainPrefix("test-cdk-prefix") .build()) .build(); lb.addListener("Listener", BaseApplicationListenerProps.builder() .port(443) .certificates(List.of(certificate)) .defaultAction(AuthenticateCognitoAction.Builder.create() .userPool(userPool) .userPoolClient(userPoolClient) .userPoolDomain(userPoolDomain) .next(ListenerAction.fixedResponse(200, FixedResponseOptions.builder() .contentType("text/plain") .messageBody("Authenticated") .build())) .build()) .build()); CfnOutput.Builder.create(this, "DNS") .value(lb.getLoadBalancerDnsName()) .build(); App app = new App(); new CognitoStack(app, "integ-cognito"); app.synth();
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forAuthenticateCognitoActionProps
static final class
An implementation forAuthenticateCognitoActionProps
-
Method Summary
Modifier and TypeMethodDescriptionbuilder()
The query parameters (up to 10) to include in the redirect request to the authorization endpoint.getNext()
What action to execute next.default UnauthenticatedAction
The behavior if the user is not authenticated.default String
getScope()
The set of user claims to be requested from the IdP.default String
The name of the cookie used to maintain session information.default Duration
The maximum duration of the authentication session.The Amazon Cognito user pool.The Amazon Cognito user pool client.The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getNext
What action to execute next.Multiple actions form a linked chain; the chain must always terminate in a (weighted)forward, fixedResponse or redirect action.
-
getUserPool
The Amazon Cognito user pool. -
getUserPoolClient
The Amazon Cognito user pool client. -
getUserPoolDomain
The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. -
getAuthenticationRequestExtraParams
The query parameters (up to 10) to include in the redirect request to the authorization endpoint.Default: - No extra parameters
-
getOnUnauthenticatedRequest
The behavior if the user is not authenticated.Default: UnauthenticatedAction.AUTHENTICATE
-
getScope
The set of user claims to be requested from the IdP.To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.
Default: "openid"
-
getSessionCookieName
The name of the cookie used to maintain session information.Default: "AWSELBAuthSessionCookie"
-
getSessionTimeout
The maximum duration of the authentication session.Default: Duration.days(7)
-
builder
-