api_op_CreateToken.go (8670B)
1 // Code generated by smithy-go-codegen DO NOT EDIT. 2 3 package ssooidc 4 5 import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 "github.com/aws/smithy-go/middleware" 10 smithyhttp "github.com/aws/smithy-go/transport/http" 11 ) 12 13 // Creates and returns access and refresh tokens for clients that are 14 // authenticated using client secrets. The access token can be used to fetch 15 // short-lived credentials for the assigned AWS accounts or to access application 16 // APIs using bearer authentication. 17 func (c *Client) CreateToken(ctx context.Context, params *CreateTokenInput, optFns ...func(*Options)) (*CreateTokenOutput, error) { 18 if params == nil { 19 params = &CreateTokenInput{} 20 } 21 22 result, metadata, err := c.invokeOperation(ctx, "CreateToken", params, optFns, c.addOperationCreateTokenMiddlewares) 23 if err != nil { 24 return nil, err 25 } 26 27 out := result.(*CreateTokenOutput) 28 out.ResultMetadata = metadata 29 return out, nil 30 } 31 32 type CreateTokenInput struct { 33 34 // The unique identifier string for the client or application. This value comes 35 // from the result of the RegisterClientAPI. 36 // 37 // This member is required. 38 ClientId *string 39 40 // A secret string generated for the client. This value should come from the 41 // persisted result of the RegisterClientAPI. 42 // 43 // This member is required. 44 ClientSecret *string 45 46 // Supports the following OAuth grant types: Authorization Code, Device Code, and 47 // Refresh Token. Specify one of the following values, depending on the grant type 48 // that you want: 49 // 50 // * Authorization Code - authorization_code 51 // 52 // * Device Code - urn:ietf:params:oauth:grant-type:device_code 53 // 54 // * Refresh Token - refresh_token 55 // 56 // This member is required. 57 GrantType *string 58 59 // Used only when calling this API for the Authorization Code grant type. The 60 // short-lived code is used to identify this authorization request. 61 Code *string 62 63 // Used only when calling this API for the Authorization Code grant type. This 64 // value is generated by the client and presented to validate the original code 65 // challenge value the client passed at authorization time. 66 CodeVerifier *string 67 68 // Used only when calling this API for the Device Code grant type. This 69 // short-lived code is used to identify this authorization request. This comes from 70 // the result of the StartDeviceAuthorizationAPI. 71 DeviceCode *string 72 73 // Used only when calling this API for the Authorization Code grant type. This 74 // value specifies the location of the client or application that has registered to 75 // receive the authorization code. 76 RedirectUri *string 77 78 // Used only when calling this API for the Refresh Token grant type. This token is 79 // used to refresh short-lived tokens, such as the access token, that might expire. 80 // 81 // For more information about the features and limitations of the current IAM 82 // Identity Center OIDC implementation, see Considerations for Using this Guide in 83 // the [IAM Identity Center OIDC API Reference]. 84 // 85 // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html 86 RefreshToken *string 87 88 // The list of scopes for which authorization is requested. This parameter has no 89 // effect; the access token will always include all scopes configured during client 90 // registration. 91 Scope []string 92 93 noSmithyDocumentSerde 94 } 95 96 type CreateTokenOutput struct { 97 98 // A bearer token to access Amazon Web Services accounts and applications assigned 99 // to a user. 100 AccessToken *string 101 102 // Indicates the time in seconds when an access token will expire. 103 ExpiresIn int32 104 105 // The idToken is not implemented or supported. For more information about the 106 // features and limitations of the current IAM Identity Center OIDC implementation, 107 // see Considerations for Using this Guide in the [IAM Identity Center OIDC API Reference]. 108 // 109 // A JSON Web Token (JWT) that identifies who is associated with the issued access 110 // token. 111 // 112 // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html 113 IdToken *string 114 115 // A token that, if present, can be used to refresh a previously issued access 116 // token that might have expired. 117 // 118 // For more information about the features and limitations of the current IAM 119 // Identity Center OIDC implementation, see Considerations for Using this Guide in 120 // the [IAM Identity Center OIDC API Reference]. 121 // 122 // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html 123 RefreshToken *string 124 125 // Used to notify the client that the returned token is an access token. The 126 // supported token type is Bearer . 127 TokenType *string 128 129 // Metadata pertaining to the operation's result. 130 ResultMetadata middleware.Metadata 131 132 noSmithyDocumentSerde 133 } 134 135 func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { 136 if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { 137 return err 138 } 139 err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateToken{}, middleware.After) 140 if err != nil { 141 return err 142 } 143 err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateToken{}, middleware.After) 144 if err != nil { 145 return err 146 } 147 if err := addProtocolFinalizerMiddlewares(stack, options, "CreateToken"); err != nil { 148 return fmt.Errorf("add protocol finalizers: %v", err) 149 } 150 151 if err = addlegacyEndpointContextSetter(stack, options); err != nil { 152 return err 153 } 154 if err = addSetLoggerMiddleware(stack, options); err != nil { 155 return err 156 } 157 if err = addClientRequestID(stack); err != nil { 158 return err 159 } 160 if err = addComputeContentLength(stack); err != nil { 161 return err 162 } 163 if err = addResolveEndpointMiddleware(stack, options); err != nil { 164 return err 165 } 166 if err = addRetry(stack, options); err != nil { 167 return err 168 } 169 if err = addRawResponseToMetadata(stack); err != nil { 170 return err 171 } 172 if err = addRecordResponseTiming(stack); err != nil { 173 return err 174 } 175 if err = addSpanRetryLoop(stack, options); err != nil { 176 return err 177 } 178 if err = addClientUserAgent(stack, options); err != nil { 179 return err 180 } 181 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 182 return err 183 } 184 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 185 return err 186 } 187 if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { 188 return err 189 } 190 if err = addTimeOffsetBuild(stack, c); err != nil { 191 return err 192 } 193 if err = addUserAgentRetryMode(stack, options); err != nil { 194 return err 195 } 196 if err = addCredentialSource(stack, options); err != nil { 197 return err 198 } 199 if err = addOpCreateTokenValidationMiddleware(stack); err != nil { 200 return err 201 } 202 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateToken(options.Region), middleware.Before); err != nil { 203 return err 204 } 205 if err = addRecursionDetection(stack); err != nil { 206 return err 207 } 208 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 209 return err 210 } 211 if err = addResponseErrorMiddleware(stack); err != nil { 212 return err 213 } 214 if err = addRequestResponseLogging(stack, options); err != nil { 215 return err 216 } 217 if err = addDisableHTTPSMiddleware(stack, options); err != nil { 218 return err 219 } 220 if err = addInterceptBeforeRetryLoop(stack, options); err != nil { 221 return err 222 } 223 if err = addInterceptAttempt(stack, options); err != nil { 224 return err 225 } 226 if err = addInterceptExecution(stack, options); err != nil { 227 return err 228 } 229 if err = addInterceptBeforeSerialization(stack, options); err != nil { 230 return err 231 } 232 if err = addInterceptAfterSerialization(stack, options); err != nil { 233 return err 234 } 235 if err = addInterceptBeforeSigning(stack, options); err != nil { 236 return err 237 } 238 if err = addInterceptAfterSigning(stack, options); err != nil { 239 return err 240 } 241 if err = addInterceptTransmit(stack, options); err != nil { 242 return err 243 } 244 if err = addInterceptBeforeDeserialization(stack, options); err != nil { 245 return err 246 } 247 if err = addInterceptAfterDeserialization(stack, options); err != nil { 248 return err 249 } 250 if err = addSpanInitializeStart(stack); err != nil { 251 return err 252 } 253 if err = addSpanInitializeEnd(stack); err != nil { 254 return err 255 } 256 if err = addSpanBuildRequestStart(stack); err != nil { 257 return err 258 } 259 if err = addSpanBuildRequestEnd(stack); err != nil { 260 return err 261 } 262 return nil 263 } 264 265 func newServiceMetadataMiddleware_opCreateToken(region string) *awsmiddleware.RegisterServiceMetadata { 266 return &awsmiddleware.RegisterServiceMetadata{ 267 Region: region, 268 ServiceID: ServiceID, 269 OperationName: "CreateToken", 270 } 271 }