api_op_CreateToken.go (7043B)
1 // Code generated by smithy-go-codegen DO NOT EDIT. 2 3 package ssooidc 4 5 import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 "github.com/aws/smithy-go/middleware" 10 smithyhttp "github.com/aws/smithy-go/transport/http" 11 ) 12 13 // Creates and returns access and refresh tokens for clients that are 14 // authenticated using client secrets. The access token can be used to fetch 15 // short-term credentials for the assigned AWS accounts or to access application 16 // APIs using bearer authentication. 17 func (c *Client) CreateToken(ctx context.Context, params *CreateTokenInput, optFns ...func(*Options)) (*CreateTokenOutput, error) { 18 if params == nil { 19 params = &CreateTokenInput{} 20 } 21 22 result, metadata, err := c.invokeOperation(ctx, "CreateToken", params, optFns, c.addOperationCreateTokenMiddlewares) 23 if err != nil { 24 return nil, err 25 } 26 27 out := result.(*CreateTokenOutput) 28 out.ResultMetadata = metadata 29 return out, nil 30 } 31 32 type CreateTokenInput struct { 33 34 // The unique identifier string for the client or application. This value comes 35 // from the result of the RegisterClient API. 36 // 37 // This member is required. 38 ClientId *string 39 40 // A secret string generated for the client. This value should come from the 41 // persisted result of the RegisterClient API. 42 // 43 // This member is required. 44 ClientSecret *string 45 46 // Supports the following OAuth grant types: Device Code and Refresh Token. 47 // Specify either of the following values, depending on the grant type that you 48 // want: * Device Code - urn:ietf:params:oauth:grant-type:device_code * Refresh 49 // Token - refresh_token For information about how to obtain the device code, see 50 // the StartDeviceAuthorization topic. 51 // 52 // This member is required. 53 GrantType *string 54 55 // Used only when calling this API for the Authorization Code grant type. The 56 // short-term code is used to identify this authorization request. This grant type 57 // is currently unsupported for the CreateToken API. 58 Code *string 59 60 // Used only when calling this API for the Device Code grant type. This short-term 61 // code is used to identify this authorization request. This comes from the result 62 // of the StartDeviceAuthorization API. 63 DeviceCode *string 64 65 // Used only when calling this API for the Authorization Code grant type. This 66 // value specifies the location of the client or application that has registered to 67 // receive the authorization code. 68 RedirectUri *string 69 70 // Used only when calling this API for the Refresh Token grant type. This token is 71 // used to refresh short-term tokens, such as the access token, that might expire. 72 // For more information about the features and limitations of the current IAM 73 // Identity Center OIDC implementation, see Considerations for Using this Guide in 74 // the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) 75 // . 76 RefreshToken *string 77 78 // The list of scopes for which authorization is requested. The access token that 79 // is issued is limited to the scopes that are granted. If this value is not 80 // specified, IAM Identity Center authorizes all scopes that are configured for the 81 // client during the call to RegisterClient . 82 Scope []string 83 84 noSmithyDocumentSerde 85 } 86 87 type CreateTokenOutput struct { 88 89 // A bearer token to access AWS accounts and applications assigned to a user. 90 AccessToken *string 91 92 // Indicates the time in seconds when an access token will expire. 93 ExpiresIn int32 94 95 // The idToken is not implemented or supported. For more information about the 96 // features and limitations of the current IAM Identity Center OIDC implementation, 97 // see Considerations for Using this Guide in the IAM Identity Center OIDC API 98 // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) 99 // . A JSON Web Token (JWT) that identifies who is associated with the issued 100 // access token. 101 IdToken *string 102 103 // A token that, if present, can be used to refresh a previously issued access 104 // token that might have expired. For more information about the features and 105 // limitations of the current IAM Identity Center OIDC implementation, see 106 // Considerations for Using this Guide in the IAM Identity Center OIDC API 107 // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html) 108 // . 109 RefreshToken *string 110 111 // Used to notify the client that the returned token is an access token. The 112 // supported token type is Bearer . 113 TokenType *string 114 115 // Metadata pertaining to the operation's result. 116 ResultMetadata middleware.Metadata 117 118 noSmithyDocumentSerde 119 } 120 121 func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { 122 if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { 123 return err 124 } 125 err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateToken{}, middleware.After) 126 if err != nil { 127 return err 128 } 129 err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateToken{}, middleware.After) 130 if err != nil { 131 return err 132 } 133 if err := addProtocolFinalizerMiddlewares(stack, options, "CreateToken"); err != nil { 134 return fmt.Errorf("add protocol finalizers: %v", err) 135 } 136 137 if err = addlegacyEndpointContextSetter(stack, options); err != nil { 138 return err 139 } 140 if err = addSetLoggerMiddleware(stack, options); err != nil { 141 return err 142 } 143 if err = addClientRequestID(stack); err != nil { 144 return err 145 } 146 if err = addComputeContentLength(stack); err != nil { 147 return err 148 } 149 if err = addResolveEndpointMiddleware(stack, options); err != nil { 150 return err 151 } 152 if err = addRetry(stack, options); err != nil { 153 return err 154 } 155 if err = addRawResponseToMetadata(stack); err != nil { 156 return err 157 } 158 if err = addRecordResponseTiming(stack); err != nil { 159 return err 160 } 161 if err = addClientUserAgent(stack, options); err != nil { 162 return err 163 } 164 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 165 return err 166 } 167 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 168 return err 169 } 170 if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { 171 return err 172 } 173 if err = addOpCreateTokenValidationMiddleware(stack); err != nil { 174 return err 175 } 176 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateToken(options.Region), middleware.Before); err != nil { 177 return err 178 } 179 if err = addRecursionDetection(stack); err != nil { 180 return err 181 } 182 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 183 return err 184 } 185 if err = addResponseErrorMiddleware(stack); err != nil { 186 return err 187 } 188 if err = addRequestResponseLogging(stack, options); err != nil { 189 return err 190 } 191 if err = addDisableHTTPSMiddleware(stack, options); err != nil { 192 return err 193 } 194 return nil 195 } 196 197 func newServiceMetadataMiddleware_opCreateToken(region string) *awsmiddleware.RegisterServiceMetadata { 198 return &awsmiddleware.RegisterServiceMetadata{ 199 Region: region, 200 ServiceID: ServiceID, 201 OperationName: "CreateToken", 202 } 203 }