Package software.amazon.awscdk.services.cognito

Class CfnUserPoolIdentityProviderProps.Jsii$Proxy

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.cognito.CfnUserPoolIdentityProviderProps.Jsii$Proxy
All Implemented Interfaces:
CfnUserPoolIdentityProviderProps, software.amazon.jsii.JsiiSerializable
Enclosing interface:
CfnUserPoolIdentityProviderProps
@Stability(Stable) @Internal public static final class CfnUserPoolIdentityProviderProps.Jsii$Proxy extends software.amazon.jsii.JsiiObject implements CfnUserPoolIdentityProviderProps
An implementation for CfnUserPoolIdentityProviderProps

  • Constructor Details

    • Jsii$Proxy

      protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)
      Constructor that initializes the object based on values retrieved from the JsiiObject.
      Parameters:
      objRef - Reference to the JSII managed object.

    • Jsii$Proxy

      protected Jsii$Proxy(CfnUserPoolIdentityProviderProps.Builder builder)
      Constructor that initializes the object based on literal property values passed by the CfnUserPoolIdentityProviderProps.Builder.

  • Method Details

    • getProviderDetails

      public final Object getProviderDetails()
      Description copied from interface: CfnUserPoolIdentityProviderProps
      The scopes, URLs, and identifiers for your external identity provider.

      The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP authorize_scopes values must match the values listed here.

      • OpenID Connect (OIDC) - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from oidc_issuer : attributes_url , authorize_url , jwks_uri , token_url .

      Create or update request: "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }

      Describe response: "ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }

      • SAML - Create or update request with Metadata URL: "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }

      Create or update request with Metadata file: "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }

      The value of MetadataFile must be the plaintext metadata document with all quote (") characters escaped by backslashes.

      Describe response: "ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }

      • LoginWithAmazon - Create or update request: "ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"

      Describe response: "ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }

      • Google - Create or update request: "ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }

      Describe response: "ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }

      • SignInWithApple - Create or update request: "ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }

      Describe response: "ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }

      • Facebook - Create or update request: "ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }

      Describe response: "ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }

      Specified by:
      getProviderDetails in interface CfnUserPoolIdentityProviderProps
      See Also:

    • getProviderName

      public final String getProviderName()
      Description copied from interface: CfnUserPoolIdentityProviderProps
      The IdP name.

      Specified by:
      getProviderName in interface CfnUserPoolIdentityProviderProps
      See Also:

    • getProviderType

      public final String getProviderType()
      Description copied from interface: CfnUserPoolIdentityProviderProps
      The IdP type.

      Specified by:
      getProviderType in interface CfnUserPoolIdentityProviderProps
      See Also:

    • getUserPoolId

      public final String getUserPoolId()
      Description copied from interface: CfnUserPoolIdentityProviderProps
      The user pool ID.

      Specified by:
      getUserPoolId in interface CfnUserPoolIdentityProviderProps
      See Also:

    • getAttributeMapping

      public final Object getAttributeMapping()
      Description copied from interface: CfnUserPoolIdentityProviderProps
      A mapping of IdP attributes to standard and custom user pool attributes.

      Specified by:
      getAttributeMapping in interface CfnUserPoolIdentityProviderProps
      See Also:

    • getIdpIdentifiers

      public final List<String> getIdpIdentifiers()
      Description copied from interface: CfnUserPoolIdentityProviderProps
      A list of IdP identifiers.

      Specified by:
      getIdpIdentifiers in interface CfnUserPoolIdentityProviderProps
      See Also:

    • $jsii$toJson

      @Internal public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()
      Specified by:
      $jsii$toJson in interface software.amazon.jsii.JsiiSerializable

    • equals

      public final boolean equals(Object o)
      Overrides:
      equals in class Object

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object