Struct PingCredentialsProvider

Source

pub struct PingCredentialsProvider {
    pub ssl_insecure: bool,
    /* private fields */
}

Expand description

PingFederate identity provider plugin for SAML-based Redshift authentication.

See the Amazon Redshift IAM docs for setup instructions.

Fields§

§ssl_insecure: bool

When true, TLS certificate verification is disabled. Defaults to false.

Implementations§

Source §

impl PingCredentialsProvider

Source

pub fn new( partner_sp_id_option: Option<impl ToString>, idp_host: impl ToString, idp_port: Option<u16>, user_name: impl ToString, password: SecretString, ) -> Self

Creates a new PingCredentialsProvider.

partner_sp_id: The SP entity ID sent to PingFederate. None defaults to "urn%3Aamazon%3Awebservices".
idp_port: Defaults to 443 when None.

§Examples

use secrecy::SecretString;
use redshift_iam::PingCredentialsProvider;

let scp = PingCredentialsProvider::new(
    None::<String>,
    "pingfed.example.com",
    None,
    "alice",
    SecretString::new("s3cr3t".to_string().into_boxed_str()),
);
assert!(!scp.ssl_insecure);
assert!(scp.do_verify_ssl_cert());
assert_eq!(scp.user(), "alice");

Source

pub fn user(&self) -> String

user getter

Source

pub fn do_verify_ssl_cert(&self) -> bool

Returns true when TLS certificate verification is enabled (i.e. ssl_insecure is false).

Source

pub fn get_credentials( &self, preferred_role: impl ToString, ) -> Option<Credentials>

Synchronously retrieves temporary AWS credentials for preferred_role.

Drives the full SAML -> STS flow on a new Tokio runtime. Prefer the async get_credentials free function when already inside an async context.

Trait Implementations§

Source §

impl Debug for PingCredentialsProvider

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl SamlProvider for PingCredentialsProvider

Source §

async fn get_saml_assertion(&self) -> String

Logs in to the PingFederate IdP and returns a base64-encoded SAML assertion.

Issues a GET to the SSO start URL, parses the login form, submits credentials, and extracts the SAMLResponse value from the resulting page.

§Panics

If the login form cannot be parsed or credentials fields are missing.
If the POST to the IdP returns a non-200 status.
If no SAMLResponse input is found in the response.

Auto Trait Implementations§

§

impl UnwindSafe for PingCredentialsProvider

Blanket Implementations§

Source §

impl<T> Any for T
where T: 'static + ?Sized,

Source §

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

Source §

impl<T> Borrow<T> for T
where T: ?Sized,

Source §

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

Source §

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source §

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

Source §

impl<T> From<T> for T

Source §

fn from(t: T) -> T

Returns the argument unchanged.

Source §

impl<T> Instrument for T

Source §

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Source §

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Source §

impl<T, U> Into for T
where U: From<T>,

Source §

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source §

impl<T> IntoEither for T

Source §

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more

Source §