aws_sdk_ssooidc/operation/create_token_with_iam/builders.rs
1// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
2pub use crate::operation::create_token_with_iam::_create_token_with_iam_output::CreateTokenWithIamOutputBuilder;
3
4pub use crate::operation::create_token_with_iam::_create_token_with_iam_input::CreateTokenWithIamInputBuilder;
5
6impl crate::operation::create_token_with_iam::builders::CreateTokenWithIamInputBuilder {
7 /// Sends a request with this input using the given client.
8 pub async fn send_with(self, client: &crate::Client) -> ::std::result::Result<
9 crate::operation::create_token_with_iam::CreateTokenWithIamOutput,
10 ::aws_smithy_runtime_api::client::result::SdkError<
11 crate::operation::create_token_with_iam::CreateTokenWithIAMError,
12 ::aws_smithy_runtime_api::client::orchestrator::HttpResponse
13 >
14 > {
15 let mut fluent_builder = client.create_token_with_iam();
16 fluent_builder.inner = self;
17 fluent_builder.send().await
18 }
19 }
20/// Fluent builder constructing a request to `CreateTokenWithIAM`.
21///
22/// <p>Creates and returns access and refresh tokens for authorized client applications that are authenticated using any IAM entity, such as a service role or user. These tokens might contain defined scopes that specify permissions such as <code>read:profile</code> or <code>write:data</code>. Through downscoping, you can use the scopes parameter to request tokens with reduced permissions compared to the original client application's permissions or, if applicable, the refresh token's scopes. The access token can be used to fetch short-lived credentials for the assigned Amazon Web Services accounts or to access application APIs using <code>bearer</code> authentication.</p><note>
23/// <p>This API is used with Signature Version 4. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv.html">Amazon Web Services Signature Version 4 for API Requests</a>.</p>
24/// </note>
25#[derive(::std::clone::Clone, ::std::fmt::Debug)]
26pub struct CreateTokenWithIAMFluentBuilder {
27 handle: ::std::sync::Arc<crate::client::Handle>,
28 inner: crate::operation::create_token_with_iam::builders::CreateTokenWithIamInputBuilder,
29config_override: ::std::option::Option<crate::config::Builder>,
30 }
31impl
32 crate::client::customize::internal::CustomizableSend<
33 crate::operation::create_token_with_iam::CreateTokenWithIamOutput,
34 crate::operation::create_token_with_iam::CreateTokenWithIAMError,
35 > for CreateTokenWithIAMFluentBuilder
36 {
37 fn send(
38 self,
39 config_override: crate::config::Builder,
40 ) -> crate::client::customize::internal::BoxFuture<
41 crate::client::customize::internal::SendResult<
42 crate::operation::create_token_with_iam::CreateTokenWithIamOutput,
43 crate::operation::create_token_with_iam::CreateTokenWithIAMError,
44 >,
45 > {
46 ::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
47 }
48 }
49impl CreateTokenWithIAMFluentBuilder {
50 /// Creates a new `CreateTokenWithIAMFluentBuilder`.
51 pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
52 Self {
53 handle,
54 inner: ::std::default::Default::default(),
55 config_override: ::std::option::Option::None,
56 }
57 }
58 /// Access the CreateTokenWithIAM as a reference.
59 pub fn as_input(&self) -> &crate::operation::create_token_with_iam::builders::CreateTokenWithIamInputBuilder {
60 &self.inner
61 }
62 /// Sends the request and returns the response.
63 ///
64 /// If an error occurs, an `SdkError` will be returned with additional details that
65 /// can be matched against.
66 ///
67 /// By default, any retryable failures will be retried twice. Retry behavior
68 /// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
69 /// set when configuring the client. Note: retries are enabled by default when using
70 /// `aws_config::load_from_env()` or when using `BehaviorVersion::v2025_01_17()` or later.
71 pub async fn send(self) -> ::std::result::Result<crate::operation::create_token_with_iam::CreateTokenWithIamOutput, ::aws_smithy_runtime_api::client::result::SdkError<crate::operation::create_token_with_iam::CreateTokenWithIAMError, ::aws_smithy_runtime_api::client::orchestrator::HttpResponse>> {
72 let input = self.inner.build().map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
73 let runtime_plugins = crate::operation::create_token_with_iam::CreateTokenWithIAM::operation_runtime_plugins(
74 self.handle.runtime_plugins.clone(),
75 &self.handle.conf,
76 self.config_override,
77 );
78 crate::operation::create_token_with_iam::CreateTokenWithIAM::orchestrate(&runtime_plugins, input).await
79 }
80
81 /// Consumes this builder, creating a customizable operation that can be modified before being sent.
82 pub fn customize(
83 self,
84 ) -> crate::client::customize::CustomizableOperation<crate::operation::create_token_with_iam::CreateTokenWithIamOutput, crate::operation::create_token_with_iam::CreateTokenWithIAMError, Self> {
85 crate::client::customize::CustomizableOperation::new(self)
86 }
87 pub(crate) fn config_override(
88 mut self,
89 config_override: impl ::std::convert::Into<crate::config::Builder>,
90 ) -> Self {
91 self.set_config_override(::std::option::Option::Some(config_override.into()));
92 self
93 }
94
95 pub(crate) fn set_config_override(
96 &mut self,
97 config_override: ::std::option::Option<crate::config::Builder>,
98 ) -> &mut Self {
99 self.config_override = config_override;
100 self
101 }
102 /// <p>The unique identifier string for the client or application. This value is an application ARN that has OAuth grants configured.</p>
103 pub fn client_id(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
104 self.inner = self.inner.client_id(input.into());
105 self
106 }
107 /// <p>The unique identifier string for the client or application. This value is an application ARN that has OAuth grants configured.</p>
108 pub fn set_client_id(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
109 self.inner = self.inner.set_client_id(input);
110 self
111 }
112 /// <p>The unique identifier string for the client or application. This value is an application ARN that has OAuth grants configured.</p>
113 pub fn get_client_id(&self) -> &::std::option::Option<::std::string::String> {
114 self.inner.get_client_id()
115 }
116 /// <p>Supports the following OAuth grant types: Authorization Code, Refresh Token, JWT Bearer, and Token Exchange. Specify one of the following values, depending on the grant type that you want:</p>
117 /// <p>* Authorization Code - <code>authorization_code</code></p>
118 /// <p>* Refresh Token - <code>refresh_token</code></p>
119 /// <p>* JWT Bearer - <code>urn:ietf:params:oauth:grant-type:jwt-bearer</code></p>
120 /// <p>* Token Exchange - <code>urn:ietf:params:oauth:grant-type:token-exchange</code></p>
121 pub fn grant_type(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
122 self.inner = self.inner.grant_type(input.into());
123 self
124 }
125 /// <p>Supports the following OAuth grant types: Authorization Code, Refresh Token, JWT Bearer, and Token Exchange. Specify one of the following values, depending on the grant type that you want:</p>
126 /// <p>* Authorization Code - <code>authorization_code</code></p>
127 /// <p>* Refresh Token - <code>refresh_token</code></p>
128 /// <p>* JWT Bearer - <code>urn:ietf:params:oauth:grant-type:jwt-bearer</code></p>
129 /// <p>* Token Exchange - <code>urn:ietf:params:oauth:grant-type:token-exchange</code></p>
130 pub fn set_grant_type(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
131 self.inner = self.inner.set_grant_type(input);
132 self
133 }
134 /// <p>Supports the following OAuth grant types: Authorization Code, Refresh Token, JWT Bearer, and Token Exchange. Specify one of the following values, depending on the grant type that you want:</p>
135 /// <p>* Authorization Code - <code>authorization_code</code></p>
136 /// <p>* Refresh Token - <code>refresh_token</code></p>
137 /// <p>* JWT Bearer - <code>urn:ietf:params:oauth:grant-type:jwt-bearer</code></p>
138 /// <p>* Token Exchange - <code>urn:ietf:params:oauth:grant-type:token-exchange</code></p>
139 pub fn get_grant_type(&self) -> &::std::option::Option<::std::string::String> {
140 self.inner.get_grant_type()
141 }
142 /// <p>Used only when calling this API for the Authorization Code grant type. This short-lived code is used to identify this authorization request. The code is obtained through a redirect from IAM Identity Center to a redirect URI persisted in the Authorization Code GrantOptions for the application.</p>
143 pub fn code(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
144 self.inner = self.inner.code(input.into());
145 self
146 }
147 /// <p>Used only when calling this API for the Authorization Code grant type. This short-lived code is used to identify this authorization request. The code is obtained through a redirect from IAM Identity Center to a redirect URI persisted in the Authorization Code GrantOptions for the application.</p>
148 pub fn set_code(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
149 self.inner = self.inner.set_code(input);
150 self
151 }
152 /// <p>Used only when calling this API for the Authorization Code grant type. This short-lived code is used to identify this authorization request. The code is obtained through a redirect from IAM Identity Center to a redirect URI persisted in the Authorization Code GrantOptions for the application.</p>
153 pub fn get_code(&self) -> &::std::option::Option<::std::string::String> {
154 self.inner.get_code()
155 }
156 /// <p>Used only when calling this API for the Refresh Token grant type. This token is used to refresh short-lived tokens, such as the access token, that might expire.</p>
157 /// <p>For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see <i>Considerations for Using this Guide</i> in the <a href="https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html">IAM Identity Center OIDC API Reference</a>.</p>
158 pub fn refresh_token(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
159 self.inner = self.inner.refresh_token(input.into());
160 self
161 }
162 /// <p>Used only when calling this API for the Refresh Token grant type. This token is used to refresh short-lived tokens, such as the access token, that might expire.</p>
163 /// <p>For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see <i>Considerations for Using this Guide</i> in the <a href="https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html">IAM Identity Center OIDC API Reference</a>.</p>
164 pub fn set_refresh_token(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
165 self.inner = self.inner.set_refresh_token(input);
166 self
167 }
168 /// <p>Used only when calling this API for the Refresh Token grant type. This token is used to refresh short-lived tokens, such as the access token, that might expire.</p>
169 /// <p>For more information about the features and limitations of the current IAM Identity Center OIDC implementation, see <i>Considerations for Using this Guide</i> in the <a href="https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html">IAM Identity Center OIDC API Reference</a>.</p>
170 pub fn get_refresh_token(&self) -> &::std::option::Option<::std::string::String> {
171 self.inner.get_refresh_token()
172 }
173 /// <p>Used only when calling this API for the JWT Bearer grant type. This value specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize a trusted token issuer, configure the JWT Bearer GrantOptions for the application.</p>
174 pub fn assertion(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
175 self.inner = self.inner.assertion(input.into());
176 self
177 }
178 /// <p>Used only when calling this API for the JWT Bearer grant type. This value specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize a trusted token issuer, configure the JWT Bearer GrantOptions for the application.</p>
179 pub fn set_assertion(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
180 self.inner = self.inner.set_assertion(input);
181 self
182 }
183 /// <p>Used only when calling this API for the JWT Bearer grant type. This value specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize a trusted token issuer, configure the JWT Bearer GrantOptions for the application.</p>
184 pub fn get_assertion(&self) -> &::std::option::Option<::std::string::String> {
185 self.inner.get_assertion()
186 }
187 ///
188 /// Appends an item to `scope`.
189 ///
190 /// To override the contents of this collection use [`set_scope`](Self::set_scope).
191 ///
192 /// <p>The list of scopes for which authorization is requested. The access token that is issued is limited to the scopes that are granted. If the value is not specified, IAM Identity Center authorizes all scopes configured for the application, including the following default scopes: <code>openid</code>, <code>aws</code>, <code>sts:identity_context</code>.</p>
193 pub fn scope(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
194 self.inner = self.inner.scope(input.into());
195 self
196 }
197 /// <p>The list of scopes for which authorization is requested. The access token that is issued is limited to the scopes that are granted. If the value is not specified, IAM Identity Center authorizes all scopes configured for the application, including the following default scopes: <code>openid</code>, <code>aws</code>, <code>sts:identity_context</code>.</p>
198 pub fn set_scope(mut self, input: ::std::option::Option<::std::vec::Vec::<::std::string::String>>) -> Self {
199 self.inner = self.inner.set_scope(input);
200 self
201 }
202 /// <p>The list of scopes for which authorization is requested. The access token that is issued is limited to the scopes that are granted. If the value is not specified, IAM Identity Center authorizes all scopes configured for the application, including the following default scopes: <code>openid</code>, <code>aws</code>, <code>sts:identity_context</code>.</p>
203 pub fn get_scope(&self) -> &::std::option::Option<::std::vec::Vec::<::std::string::String>> {
204 self.inner.get_scope()
205 }
206 /// <p>Used only when calling this API for the Authorization Code grant type. This value specifies the location of the client or application that has registered to receive the authorization code.</p>
207 pub fn redirect_uri(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
208 self.inner = self.inner.redirect_uri(input.into());
209 self
210 }
211 /// <p>Used only when calling this API for the Authorization Code grant type. This value specifies the location of the client or application that has registered to receive the authorization code.</p>
212 pub fn set_redirect_uri(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
213 self.inner = self.inner.set_redirect_uri(input);
214 self
215 }
216 /// <p>Used only when calling this API for the Authorization Code grant type. This value specifies the location of the client or application that has registered to receive the authorization code.</p>
217 pub fn get_redirect_uri(&self) -> &::std::option::Option<::std::string::String> {
218 self.inner.get_redirect_uri()
219 }
220 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the subject of the exchange. The value of the subject token must be an access token issued by IAM Identity Center to a different client or application. The access token must have authorized scopes that indicate the requested application as a target audience.</p>
221 pub fn subject_token(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
222 self.inner = self.inner.subject_token(input.into());
223 self
224 }
225 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the subject of the exchange. The value of the subject token must be an access token issued by IAM Identity Center to a different client or application. The access token must have authorized scopes that indicate the requested application as a target audience.</p>
226 pub fn set_subject_token(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
227 self.inner = self.inner.set_subject_token(input);
228 self
229 }
230 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the subject of the exchange. The value of the subject token must be an access token issued by IAM Identity Center to a different client or application. The access token must have authorized scopes that indicate the requested application as a target audience.</p>
231 pub fn get_subject_token(&self) -> &::std::option::Option<::std::string::String> {
232 self.inner.get_subject_token()
233 }
234 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that is passed as the subject of the exchange. The following value is supported:</p>
235 /// <p>* Access Token - <code>urn:ietf:params:oauth:token-type:access_token</code></p>
236 pub fn subject_token_type(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
237 self.inner = self.inner.subject_token_type(input.into());
238 self
239 }
240 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that is passed as the subject of the exchange. The following value is supported:</p>
241 /// <p>* Access Token - <code>urn:ietf:params:oauth:token-type:access_token</code></p>
242 pub fn set_subject_token_type(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
243 self.inner = self.inner.set_subject_token_type(input);
244 self
245 }
246 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that is passed as the subject of the exchange. The following value is supported:</p>
247 /// <p>* Access Token - <code>urn:ietf:params:oauth:token-type:access_token</code></p>
248 pub fn get_subject_token_type(&self) -> &::std::option::Option<::std::string::String> {
249 self.inner.get_subject_token_type()
250 }
251 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that the requester can receive. The following values are supported:</p>
252 /// <p>* Access Token - <code>urn:ietf:params:oauth:token-type:access_token</code></p>
253 /// <p>* Refresh Token - <code>urn:ietf:params:oauth:token-type:refresh_token</code></p>
254 pub fn requested_token_type(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
255 self.inner = self.inner.requested_token_type(input.into());
256 self
257 }
258 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that the requester can receive. The following values are supported:</p>
259 /// <p>* Access Token - <code>urn:ietf:params:oauth:token-type:access_token</code></p>
260 /// <p>* Refresh Token - <code>urn:ietf:params:oauth:token-type:refresh_token</code></p>
261 pub fn set_requested_token_type(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
262 self.inner = self.inner.set_requested_token_type(input);
263 self
264 }
265 /// <p>Used only when calling this API for the Token Exchange grant type. This value specifies the type of token that the requester can receive. The following values are supported:</p>
266 /// <p>* Access Token - <code>urn:ietf:params:oauth:token-type:access_token</code></p>
267 /// <p>* Refresh Token - <code>urn:ietf:params:oauth:token-type:refresh_token</code></p>
268 pub fn get_requested_token_type(&self) -> &::std::option::Option<::std::string::String> {
269 self.inner.get_requested_token_type()
270 }
271 /// <p>Used only when calling this API for the Authorization Code grant type. This value is generated by the client and presented to validate the original code challenge value the client passed at authorization time.</p>
272 pub fn code_verifier(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
273 self.inner = self.inner.code_verifier(input.into());
274 self
275 }
276 /// <p>Used only when calling this API for the Authorization Code grant type. This value is generated by the client and presented to validate the original code challenge value the client passed at authorization time.</p>
277 pub fn set_code_verifier(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
278 self.inner = self.inner.set_code_verifier(input);
279 self
280 }
281 /// <p>Used only when calling this API for the Authorization Code grant type. This value is generated by the client and presented to validate the original code challenge value the client passed at authorization time.</p>
282 pub fn get_code_verifier(&self) -> &::std::option::Option<::std::string::String> {
283 self.inner.get_code_verifier()
284 }
285}
286