Struct aws_sdk_elasticloadbalancingv2::model::AuthenticateOidcActionConfig

#[non_exhaustive]
pub struct AuthenticateOidcActionConfig { /* private fields */ }

Request parameters when using an identity provider (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users.

Implementations

impl AuthenticateOidcActionConfig

pub fn issuer(&self) -> Option<&str>

The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

pub fn authorization_endpoint(&self) -> Option<&str>

The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

pub fn token_endpoint(&self) -> Option<&str>

The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

pub fn user_info_endpoint(&self) -> Option<&str>

The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.

pub fn client_id(&self) -> Option<&str>

The OAuth 2.0 client identifier.

pub fn client_secret(&self) -> Option<&str>

The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set UseExistingClientSecret to true.

pub fn session_cookie_name(&self) -> Option<&str>

The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.

pub fn scope(&self) -> Option<&str>

The set of user claims to be requested from the IdP. The default is openid.

To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.

pub fn session_timeout(&self) -> Option<i64>

The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).

pub fn authentication_request_extra_params(
    &self
) -> Option<&HashMap<String, String>>

The query parameters (up to 10) to include in the redirect request to the authorization endpoint.

pub fn on_unauthenticated_request(
    &self
) -> Option<&AuthenticateOidcActionConditionalBehaviorEnum>

The behavior if the user is not authenticated. The following are possible values:

• deny - Return an HTTP 401 Unauthorized error.

• allow - Allow the request to be forwarded to the target.

• authenticate - Redirect the request to the IdP authorization endpoint. This is the default value.

pub fn use_existing_client_secret(&self) -> Option<bool>

Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.

impl AuthenticateOidcActionConfig

pub fn builder() -> Builder

Creates a new builder-style object to manufacture AuthenticateOidcActionConfig.

Trait Implementations

impl Clone for AuthenticateOidcActionConfig

fn clone(&self) -> AuthenticateOidcActionConfig

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AuthenticateOidcActionConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl PartialEq<AuthenticateOidcActionConfig> for AuthenticateOidcActionConfig

fn eq(&self, other: &AuthenticateOidcActionConfig) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for AuthenticateOidcActionConfig