aws_sdk_verifiedpermissions/operation/is_authorized_with_token/builders.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242
// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
pub use crate::operation::is_authorized_with_token::_is_authorized_with_token_output::IsAuthorizedWithTokenOutputBuilder;
pub use crate::operation::is_authorized_with_token::_is_authorized_with_token_input::IsAuthorizedWithTokenInputBuilder;
impl crate::operation::is_authorized_with_token::builders::IsAuthorizedWithTokenInputBuilder {
/// Sends a request with this input using the given client.
pub async fn send_with(
self,
client: &crate::Client,
) -> ::std::result::Result<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let mut fluent_builder = client.is_authorized_with_token();
fluent_builder.inner = self;
fluent_builder.send().await
}
}
/// Fluent builder constructing a request to `IsAuthorizedWithToken`.
///
/// <p>Makes an authorization decision about a service request described in the parameters. The principal in this request comes from an external identity source in the form of an identity token formatted as a <a href="https://wikipedia.org/wiki/JSON_Web_Token">JSON web token (JWT)</a>. The information in the parameters can also define additional context that Verified Permissions can include in the evaluation. The request is evaluated against all matching policies in the specified policy store. The result of the decision is either <code>Allow</code> or <code>Deny</code>, along with a list of the policies that resulted in the decision.</p>
/// <p>Verified Permissions validates each token that is specified in a request by checking its expiration date and its signature.</p><important>
/// <p>Tokens from an identity source user continue to be usable until they expire. Token revocation and resource deletion have no effect on the validity of a token in your policy store</p>
/// </important>
#[derive(::std::clone::Clone, ::std::fmt::Debug)]
pub struct IsAuthorizedWithTokenFluentBuilder {
handle: ::std::sync::Arc<crate::client::Handle>,
inner: crate::operation::is_authorized_with_token::builders::IsAuthorizedWithTokenInputBuilder,
config_override: ::std::option::Option<crate::config::Builder>,
}
impl
crate::client::customize::internal::CustomizableSend<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenOutput,
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenError,
> for IsAuthorizedWithTokenFluentBuilder
{
fn send(
self,
config_override: crate::config::Builder,
) -> crate::client::customize::internal::BoxFuture<
crate::client::customize::internal::SendResult<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenOutput,
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenError,
>,
> {
::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
}
}
impl IsAuthorizedWithTokenFluentBuilder {
/// Creates a new `IsAuthorizedWithTokenFluentBuilder`.
pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
Self {
handle,
inner: ::std::default::Default::default(),
config_override: ::std::option::Option::None,
}
}
/// Access the IsAuthorizedWithToken as a reference.
pub fn as_input(&self) -> &crate::operation::is_authorized_with_token::builders::IsAuthorizedWithTokenInputBuilder {
&self.inner
}
/// Sends the request and returns the response.
///
/// If an error occurs, an `SdkError` will be returned with additional details that
/// can be matched against.
///
/// By default, any retryable failures will be retried twice. Retry behavior
/// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
/// set when configuring the client.
pub async fn send(
self,
) -> ::std::result::Result<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let input = self
.inner
.build()
.map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
let runtime_plugins = crate::operation::is_authorized_with_token::IsAuthorizedWithToken::operation_runtime_plugins(
self.handle.runtime_plugins.clone(),
&self.handle.conf,
self.config_override,
);
crate::operation::is_authorized_with_token::IsAuthorizedWithToken::orchestrate(&runtime_plugins, input).await
}
/// Consumes this builder, creating a customizable operation that can be modified before being sent.
pub fn customize(
self,
) -> crate::client::customize::CustomizableOperation<
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenOutput,
crate::operation::is_authorized_with_token::IsAuthorizedWithTokenError,
Self,
> {
crate::client::customize::CustomizableOperation::new(self)
}
pub(crate) fn config_override(mut self, config_override: impl ::std::convert::Into<crate::config::Builder>) -> Self {
self.set_config_override(::std::option::Option::Some(config_override.into()));
self
}
pub(crate) fn set_config_override(&mut self, config_override: ::std::option::Option<crate::config::Builder>) -> &mut Self {
self.config_override = config_override;
self
}
/// <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.</p>
pub fn policy_store_id(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.policy_store_id(input.into());
self
}
/// <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.</p>
pub fn set_policy_store_id(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_policy_store_id(input);
self
}
/// <p>Specifies the ID of the policy store. Policies in this policy store will be used to make an authorization decision for the input.</p>
pub fn get_policy_store_id(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_policy_store_id()
}
/// <p>Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an <code>accessToken</code>, an <code>identityToken</code>, or both.</p>
/// <p>Must be an ID token. Verified Permissions returns an error if the <code>token_use</code> claim in the submitted token isn't <code>id</code>.</p>
pub fn identity_token(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.identity_token(input.into());
self
}
/// <p>Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an <code>accessToken</code>, an <code>identityToken</code>, or both.</p>
/// <p>Must be an ID token. Verified Permissions returns an error if the <code>token_use</code> claim in the submitted token isn't <code>id</code>.</p>
pub fn set_identity_token(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_identity_token(input);
self
}
/// <p>Specifies an identity token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an <code>accessToken</code>, an <code>identityToken</code>, or both.</p>
/// <p>Must be an ID token. Verified Permissions returns an error if the <code>token_use</code> claim in the submitted token isn't <code>id</code>.</p>
pub fn get_identity_token(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_identity_token()
}
/// <p>Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an <code>accessToken</code>, an <code>identityToken</code>, or both.</p>
/// <p>Must be an access token. Verified Permissions returns an error if the <code>token_use</code> claim in the submitted token isn't <code>access</code>.</p>
pub fn access_token(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.access_token(input.into());
self
}
/// <p>Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an <code>accessToken</code>, an <code>identityToken</code>, or both.</p>
/// <p>Must be an access token. Verified Permissions returns an error if the <code>token_use</code> claim in the submitted token isn't <code>access</code>.</p>
pub fn set_access_token(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_access_token(input);
self
}
/// <p>Specifies an access token for the principal to be authorized. This token is provided to you by the identity provider (IdP) associated with the specified identity source. You must specify either an <code>accessToken</code>, an <code>identityToken</code>, or both.</p>
/// <p>Must be an access token. Verified Permissions returns an error if the <code>token_use</code> claim in the submitted token isn't <code>access</code>.</p>
pub fn get_access_token(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_access_token()
}
/// <p>Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.</p>
pub fn action(mut self, input: crate::types::ActionIdentifier) -> Self {
self.inner = self.inner.action(input);
self
}
/// <p>Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.</p>
pub fn set_action(mut self, input: ::std::option::Option<crate::types::ActionIdentifier>) -> Self {
self.inner = self.inner.set_action(input);
self
}
/// <p>Specifies the requested action to be authorized. Is the specified principal authorized to perform this action on the specified resource.</p>
pub fn get_action(&self) -> &::std::option::Option<crate::types::ActionIdentifier> {
self.inner.get_action()
}
/// <p>Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?</p>
pub fn resource(mut self, input: crate::types::EntityIdentifier) -> Self {
self.inner = self.inner.resource(input);
self
}
/// <p>Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?</p>
pub fn set_resource(mut self, input: ::std::option::Option<crate::types::EntityIdentifier>) -> Self {
self.inner = self.inner.set_resource(input);
self
}
/// <p>Specifies the resource for which the authorization decision is made. For example, is the principal allowed to perform the action on the resource?</p>
pub fn get_resource(&self) -> &::std::option::Option<crate::types::EntityIdentifier> {
self.inner.get_resource()
}
/// <p>Specifies additional context that can be used to make more granular authorization decisions.</p>
pub fn context(mut self, input: crate::types::ContextDefinition) -> Self {
self.inner = self.inner.context(input);
self
}
/// <p>Specifies additional context that can be used to make more granular authorization decisions.</p>
pub fn set_context(mut self, input: ::std::option::Option<crate::types::ContextDefinition>) -> Self {
self.inner = self.inner.set_context(input);
self
}
/// <p>Specifies additional context that can be used to make more granular authorization decisions.</p>
pub fn get_context(&self) -> &::std::option::Option<crate::types::ContextDefinition> {
self.inner.get_context()
}
/// <p>Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.</p><important>
/// <p>You can't include principals in this parameter, only resource and action entities. This parameter can't include any entities of a type that matches the user or group entity types that you defined in your identity source.</p>
/// <ul>
/// <li>
/// <p>The <code>IsAuthorizedWithToken</code> operation takes principal attributes from <b> <i>only</i> </b> the <code>identityToken</code> or <code>accessToken</code> passed to the operation.</p></li>
/// <li>
/// <p>For action entities, you can include only their <code>Identifier</code> and <code>EntityType</code>.</p></li>
/// </ul>
/// </important>
pub fn entities(mut self, input: crate::types::EntitiesDefinition) -> Self {
self.inner = self.inner.entities(input);
self
}
/// <p>Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.</p><important>
/// <p>You can't include principals in this parameter, only resource and action entities. This parameter can't include any entities of a type that matches the user or group entity types that you defined in your identity source.</p>
/// <ul>
/// <li>
/// <p>The <code>IsAuthorizedWithToken</code> operation takes principal attributes from <b> <i>only</i> </b> the <code>identityToken</code> or <code>accessToken</code> passed to the operation.</p></li>
/// <li>
/// <p>For action entities, you can include only their <code>Identifier</code> and <code>EntityType</code>.</p></li>
/// </ul>
/// </important>
pub fn set_entities(mut self, input: ::std::option::Option<crate::types::EntitiesDefinition>) -> Self {
self.inner = self.inner.set_entities(input);
self
}
/// <p>Specifies the list of resources and their associated attributes that Verified Permissions can examine when evaluating the policies.</p><important>
/// <p>You can't include principals in this parameter, only resource and action entities. This parameter can't include any entities of a type that matches the user or group entity types that you defined in your identity source.</p>
/// <ul>
/// <li>
/// <p>The <code>IsAuthorizedWithToken</code> operation takes principal attributes from <b> <i>only</i> </b> the <code>identityToken</code> or <code>accessToken</code> passed to the operation.</p></li>
/// <li>
/// <p>For action entities, you can include only their <code>Identifier</code> and <code>EntityType</code>.</p></li>
/// </ul>
/// </important>
pub fn get_entities(&self) -> &::std::option::Option<crate::types::EntitiesDefinition> {
self.inner.get_entities()
}
}