Interface AuthenticateCognitoActionProps

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
AuthenticateCognitoActionProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:45.487Z") @Stability(Stable) public interface AuthenticateCognitoActionProps extends software.amazon.jsii.JsiiSerializable
Properties for AuthenticateCognitoAction.

Example:

 import software.amazon.awscdk.services.cognito.*;
 import software.amazon.awscdk.services.ec2.*;
 import software.amazon.awscdk.services.elasticloadbalancingv2.*;
 import software.amazon.awscdk.core.App;
 import software.amazon.awscdk.core.CfnOutput;
 import software.amazon.awscdk.core.Stack;
 import software.constructs.Construct;
 import software.amazon.awscdk.services.elasticloadbalancingv2.actions.*;
 CognitoStack extends Stack {CognitoStack(ApplicationLoadBalancer lb = ApplicationLoadBalancer.Builder.create(this, "LB")
         .vpc(vpc)
         .internetFacing(true)
         .build();
 UserPool userPool = new UserPool(this, "UserPool");
 UserPoolClient userPoolClient = UserPoolClient.Builder.create(this, "Client")
         .userPool(userPool)
         // Required minimal configuration for use with an ELB
         .generateSecret(true)
         .authFlows(AuthFlow.builder()
                 .userPassword(true)
                 .build())
         .oAuth(OAuthSettings.builder()
                 .flows(OAuthFlows.builder()
                         .authorizationCodeGrant(true)
                         .build())
                 .scopes(List.of(OAuthScope.EMAIL))
                 .callbackUrls(List.of(String.format("https://%s/oauth2/idpresponse", lb.getLoadBalancerDnsName())))
                 .build())
         .build();
 CfnUserPoolClient cfnClient = (CfnUserPoolClient)userPoolClient.getNode().getDefaultChild();
 cfnClient.addPropertyOverride("RefreshTokenValidity", 1);
 cfnClient.addPropertyOverride("SupportedIdentityProviders", List.of("COGNITO"));
 UserPoolDomain userPoolDomain = UserPoolDomain.Builder.create(this, "Domain")
         .userPool(userPool)
         .cognitoDomain(CognitoDomainOptions.builder()
                 .domainPrefix("test-cdk-prefix")
                 .build())
         .build();
 lb.addListener("Listener", BaseApplicationListenerProps.builder()
         .port(443)
         .certificates(List.of(certificate))
         .defaultAction(AuthenticateCognitoAction.Builder.create()
                 .userPool(userPool)
                 .userPoolClient(userPoolClient)
                 .userPoolDomain(userPoolDomain)
                 .next(ListenerAction.fixedResponse(200, FixedResponseOptions.builder()
                         .contentType("text/plain")
                         .messageBody("Authenticated")
                         .build()))
                 .build())
         .build());
 CfnOutput.Builder.create(this, "DNS")
         .value(lb.getLoadBalancerDnsName())
         .build();
 App app = new App();
 new CognitoStack(app, "integ-cognito");
 app.synth();
 
  • Method Details

    • getNext

      @Stability(Stable) @NotNull ListenerAction getNext()
      What action to execute next.

      Multiple actions form a linked chain; the chain must always terminate in a (weighted)forward, fixedResponse or redirect action.

    • getUserPool

      @Stability(Stable) @NotNull IUserPool getUserPool()
      The Amazon Cognito user pool.
    • getUserPoolClient

      @Stability(Stable) @NotNull IUserPoolClient getUserPoolClient()
      The Amazon Cognito user pool client.
    • getUserPoolDomain

      @Stability(Stable) @NotNull IUserPoolDomain getUserPoolDomain()
      The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.
    • getAuthenticationRequestExtraParams

      @Stability(Stable) @Nullable default Map<String,String> getAuthenticationRequestExtraParams()
      The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

      Default: - No extra parameters

    • getOnUnauthenticatedRequest

      @Stability(Stable) @Nullable default UnauthenticatedAction getOnUnauthenticatedRequest()
      The behavior if the user is not authenticated.

      Default: UnauthenticatedAction.AUTHENTICATE

    • getScope

      @Stability(Stable) @Nullable default String getScope()
      The set of user claims to be requested from the IdP.

      To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

      Default: "openid"

    • getSessionCookieName

      @Stability(Stable) @Nullable default String getSessionCookieName()
      The name of the cookie used to maintain session information.

      Default: "AWSELBAuthSessionCookie"

    • getSessionTimeout

      @Stability(Stable) @Nullable default Duration getSessionTimeout()
      The maximum duration of the authentication session.

      Default: Duration.days(7)

    • builder

      @Stability(Stable) static AuthenticateCognitoActionProps.Builder builder()
      Returns:
      a AuthenticateCognitoActionProps.Builder of AuthenticateCognitoActionProps