/* * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. * A copy of the License is located at * * http://aws.amazon.com/apache2.0 * * or in the "license" file accompanying this file. This file is distributed * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either * express or implied. See the License for the specific language governing * permissions and limitations under the License. */ /* * Do not modify this file. This file is generated from the cognito-idp-2016-04-18.normal.json service model. */ using System; using System.Collections.Generic; using System.Xml.Serialization; using System.Text; using System.IO; using System.Net; using Amazon.Runtime; using Amazon.Runtime.Internal; namespace Amazon.CognitoIdentityProvider.Model { ///

/// Container for the parameters to the UpdateUserPoolClient operation. /// Updates the specified user pool app client with the specified attributes. You can /// get a list of the current user pool app client settings using DescribeUserPoolClient. /// /// /// /// If you don't provide a value for an attribute, it will be set to the default value. /// /// /// /// You can also use this operation to enable token revocation for user pool clients. /// For more information about revoking tokens, see RevokeToken. /// ///

public partial class UpdateUserPoolClientRequest : AmazonCognitoIdentityProviderRequest { private int? _accessTokenValidity; private List _allowedOAuthFlows = new List(); private bool? _allowedOAuthFlowsUserPoolClient; private List _allowedOAuthScopes = new List(); private AnalyticsConfigurationType _analyticsConfiguration; private int? _authSessionValidity; private List _callbackURLs = new List(); private string _clientId; private string _clientName; private string _defaultRedirectURI; private bool? _enablePropagateAdditionalUserContextData; private bool? _enableTokenRevocation; private List _explicitAuthFlows = new List(); private int? _idTokenValidity; private List _logoutURLs = new List(); private PreventUserExistenceErrorTypes _preventUserExistenceErrors; private List _readAttributes = new List(); private int? _refreshTokenValidity; private List _supportedIdentityProviders = new List(); private TokenValidityUnitsType _tokenValidityUnits; private string _userPoolId; private List _writeAttributes = new List(); ///

/// Gets and sets the property AccessTokenValidity. /// /// The access token time limit. After this limit expires, your user can't use their access /// token. To specify the time unit for AccessTokenValidity as seconds, /// minutes, hours, or days, set a TokenValidityUnits /// value in your API request. /// /// /// /// For example, when you set AccessTokenValidity to 10 and /// TokenValidityUnits to hours, your user can authorize access /// with their access token for 10 hours. /// /// /// /// The default time unit for AccessTokenValidity in an API request is hours. /// Valid range is displayed below in seconds. /// /// /// /// If you don't specify otherwise in the configuration of your app client, your access /// tokens are valid for one hour. /// ///

[AWSProperty(Min=1, Max=86400)] public int AccessTokenValidity { get { return this._accessTokenValidity.GetValueOrDefault(); } set { this._accessTokenValidity = value; } } // Check to see if AccessTokenValidity property is set internal bool IsSetAccessTokenValidity() { return this._accessTokenValidity.HasValue; } ///

/// Gets and sets the property AllowedOAuthFlows. /// /// The allowed OAuth flows. /// ///

code: /// /// Use a code grant flow, which provides an authorization code as the response. This /// code can be exchanged for access tokens with the /oauth2/token endpoint. /// ///
implicit: /// /// Issue the access token (and, optionally, ID token, based on scopes) directly to your /// user. /// ///
client_credentials: /// /// Issue the access token from the /oauth2/token endpoint directly to a /// non-person user using a combination of the client ID and client secret. /// ///

///

[AWSProperty(Min=0, Max=3)] public List AllowedOAuthFlows { get { return this._allowedOAuthFlows; } set { this._allowedOAuthFlows = value; } } // Check to see if AllowedOAuthFlows property is set internal bool IsSetAllowedOAuthFlows() { return this._allowedOAuthFlows != null && this._allowedOAuthFlows.Count > 0; } ///

/// Gets and sets the property AllowedOAuthFlowsUserPoolClient. /// /// Set to true if the client is allowed to follow the OAuth protocol when interacting /// with Amazon Cognito user pools. /// ///

public bool AllowedOAuthFlowsUserPoolClient { get { return this._allowedOAuthFlowsUserPoolClient.GetValueOrDefault(); } set { this._allowedOAuthFlowsUserPoolClient = value; } } // Check to see if AllowedOAuthFlowsUserPoolClient property is set internal bool IsSetAllowedOAuthFlowsUserPoolClient() { return this._allowedOAuthFlowsUserPoolClient.HasValue; } ///

/// Gets and sets the property AllowedOAuthScopes. /// /// The allowed OAuth scopes. Possible values provided by OAuth are phone, /// email, openid, and profile. Possible values /// provided by Amazon Web Services are aws.cognito.signin.user.admin. Custom /// scopes created in Resource Servers are also supported. /// ///

[AWSProperty(Max=50)] public List AllowedOAuthScopes { get { return this._allowedOAuthScopes; } set { this._allowedOAuthScopes = value; } } // Check to see if AllowedOAuthScopes property is set internal bool IsSetAllowedOAuthScopes() { return this._allowedOAuthScopes != null && this._allowedOAuthScopes.Count > 0; } ///

/// Gets and sets the property AnalyticsConfiguration. /// /// The Amazon Pinpoint analytics configuration necessary to collect metrics for this /// user pool. /// /// /// /// In Amazon Web Services Regions where Amazon Pinpoint isn't available, user pools only /// support sending events to Amazon Pinpoint projects in us-east-1. In Regions where /// Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint /// projects within that same Region. /// /// ///

public AnalyticsConfigurationType AnalyticsConfiguration { get { return this._analyticsConfiguration; } set { this._analyticsConfiguration = value; } } // Check to see if AnalyticsConfiguration property is set internal bool IsSetAnalyticsConfiguration() { return this._analyticsConfiguration != null; } ///

/// Gets and sets the property AuthSessionValidity. /// /// Amazon Cognito creates a session token for each API request in an authentication flow. /// AuthSessionValidity is the duration, in minutes, of that session token. /// Your user pool native user must respond to each authentication challenge before the /// session expires. /// ///

[AWSProperty(Min=3, Max=15)] public int AuthSessionValidity { get { return this._authSessionValidity.GetValueOrDefault(); } set { this._authSessionValidity = value; } } // Check to see if AuthSessionValidity property is set internal bool IsSetAuthSessionValidity() { return this._authSessionValidity.HasValue; } ///

/// Gets and sets the property CallbackURLs. /// /// A list of allowed redirect (callback) URLs for the IdPs. /// /// /// /// A redirect URI must: /// ///

/// /// Be an absolute URI. /// ///
/// /// Be registered with the authorization server. /// ///
/// /// Not include a fragment component. /// ///

/// /// See OAuth 2.0 - Redirection /// Endpoint. /// /// /// /// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes /// only. /// /// /// /// App callback URLs such as myapp://example are also supported. /// ///

[AWSProperty(Min=0, Max=100)] public List CallbackURLs { get { return this._callbackURLs; } set { this._callbackURLs = value; } } // Check to see if CallbackURLs property is set internal bool IsSetCallbackURLs() { return this._callbackURLs != null && this._callbackURLs.Count > 0; } ///

/// Gets and sets the property ClientId. /// /// The ID of the client associated with the user pool. /// ///

[AWSProperty(Required=true, Sensitive=true, Min=1, Max=128)] public string ClientId { get { return this._clientId; } set { this._clientId = value; } } // Check to see if ClientId property is set internal bool IsSetClientId() { return this._clientId != null; } ///

/// Gets and sets the property ClientName. /// /// The client name from the update user pool client request. /// ///

[AWSProperty(Min=1, Max=128)] public string ClientName { get { return this._clientName; } set { this._clientName = value; } } // Check to see if ClientName property is set internal bool IsSetClientName() { return this._clientName != null; } ///

/// Gets and sets the property DefaultRedirectURI. /// /// The default redirect URI. Must be in the CallbackURLs list. /// /// /// /// A redirect URI must: /// ///

/// /// Be an absolute URI. /// ///
/// /// Be registered with the authorization server. /// ///
/// /// Not include a fragment component. /// ///

/// /// See OAuth 2.0 - Redirection /// Endpoint. /// /// /// /// Amazon Cognito requires HTTPS over HTTP except for http://localhost for /// testing purposes only. /// /// /// /// App callback URLs such as myapp://example are also supported. /// ///

[AWSProperty(Min=1, Max=1024)] public string DefaultRedirectURI { get { return this._defaultRedirectURI; } set { this._defaultRedirectURI = value; } } // Check to see if DefaultRedirectURI property is set internal bool IsSetDefaultRedirectURI() { return this._defaultRedirectURI != null; } ///

/// Gets and sets the property EnablePropagateAdditionalUserContextData. /// /// Activates the propagation of additional user context data. For more information about /// propagation of user context data, see /// Adding advanced security to a user pool. If you don’t include this parameter, /// you can't send device fingerprint information, including source IP address, to Amazon /// Cognito advanced security. You can only activate EnablePropagateAdditionalUserContextData /// in an app client that has a client secret. /// ///

public bool EnablePropagateAdditionalUserContextData { get { return this._enablePropagateAdditionalUserContextData.GetValueOrDefault(); } set { this._enablePropagateAdditionalUserContextData = value; } } // Check to see if EnablePropagateAdditionalUserContextData property is set internal bool IsSetEnablePropagateAdditionalUserContextData() { return this._enablePropagateAdditionalUserContextData.HasValue; } ///

/// Gets and sets the property EnableTokenRevocation. /// /// Activates or deactivates token revocation. For more information about revoking tokens, /// see RevokeToken. /// ///

public bool EnableTokenRevocation { get { return this._enableTokenRevocation.GetValueOrDefault(); } set { this._enableTokenRevocation = value; } } // Check to see if EnableTokenRevocation property is set internal bool IsSetEnableTokenRevocation() { return this._enableTokenRevocation.HasValue; } ///

/// Gets and sets the property ExplicitAuthFlows. /// /// The authentication flows that you want your user pool client to support. For each /// app client in your user pool, you can sign in your users with any combination of one /// or more flows, including with a user name and Secure Remote Password (SRP), a user /// name and password, or a custom authentication process that you define with Lambda /// functions. /// /// /// /// If you don't specify a value for ExplicitAuthFlows, your user client /// supports ALLOW_REFRESH_TOKEN_AUTH, ALLOW_USER_SRP_AUTH, /// and ALLOW_CUSTOM_AUTH. /// /// /// /// Valid values include: /// ///

/// /// ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication /// flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH /// setting. With this authentication flow, your app passes a user name and password to /// Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol /// to securely transmit the password. /// ///
/// /// ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication. /// ///
/// /// ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. /// In this flow, Amazon Cognito receives the password in the request instead of using /// the SRP protocol to verify passwords. /// ///
/// /// ALLOW_USER_SRP_AUTH: Enable SRP-based authentication. /// ///
/// /// ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens. /// ///

/// /// In some environments, you will see the values ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, /// or USER_PASSWORD_AUTH. You can't assign these legacy ExplicitAuthFlows /// values to user pool clients at the same time as values that begin with ALLOW_, /// like ALLOW_USER_SRP_AUTH. /// ///

public List ExplicitAuthFlows { get { return this._explicitAuthFlows; } set { this._explicitAuthFlows = value; } } // Check to see if ExplicitAuthFlows property is set internal bool IsSetExplicitAuthFlows() { return this._explicitAuthFlows != null && this._explicitAuthFlows.Count > 0; } ///

/// Gets and sets the property IdTokenValidity. /// /// The ID token time limit. After this limit expires, your user can't use their ID token. /// To specify the time unit for IdTokenValidity as seconds, /// minutes, hours, or days, set a TokenValidityUnits /// value in your API request. /// /// /// /// For example, when you set IdTokenValidity as 10 and TokenValidityUnits /// as hours, your user can authenticate their session with their ID token /// for 10 hours. /// /// /// /// The default time unit for AccessTokenValidity in an API request is hours. /// Valid range is displayed below in seconds. /// /// /// /// If you don't specify otherwise in the configuration of your app client, your ID tokens /// are valid for one hour. /// ///

[AWSProperty(Min=1, Max=86400)] public int IdTokenValidity { get { return this._idTokenValidity.GetValueOrDefault(); } set { this._idTokenValidity = value; } } // Check to see if IdTokenValidity property is set internal bool IsSetIdTokenValidity() { return this._idTokenValidity.HasValue; } ///

/// Gets and sets the property LogoutURLs. /// /// A list of allowed logout URLs for the IdPs. /// ///

[AWSProperty(Min=0, Max=100)] public List LogoutURLs { get { return this._logoutURLs; } set { this._logoutURLs = value; } } // Check to see if LogoutURLs property is set internal bool IsSetLogoutURLs() { return this._logoutURLs != null && this._logoutURLs.Count > 0; } ///

/// Gets and sets the property PreventUserExistenceErrors. /// /// Errors and responses that you want Amazon Cognito APIs to return during authentication, /// account confirmation, and password recovery when the user doesn't exist in the user /// pool. When set to ENABLED and the user doesn't exist, authentication /// returns an error indicating either the username or password was incorrect. Account /// confirmation and password recovery return a response indicating a code was sent to /// a simulated destination. When set to LEGACY, those APIs return a UserNotFoundException /// exception if the user doesn't exist in the user pool. /// /// /// /// Valid values include: /// ///

/// /// ENABLED - This prevents user existence-related errors. /// ///
/// /// LEGACY - This represents the early behavior of Amazon Cognito where /// user existence related errors aren't prevented. /// ///

///

public PreventUserExistenceErrorTypes PreventUserExistenceErrors { get { return this._preventUserExistenceErrors; } set { this._preventUserExistenceErrors = value; } } // Check to see if PreventUserExistenceErrors property is set internal bool IsSetPreventUserExistenceErrors() { return this._preventUserExistenceErrors != null; } ///

/// Gets and sets the property ReadAttributes. /// /// The read-only attributes of the user pool. /// ///

public List ReadAttributes { get { return this._readAttributes; } set { this._readAttributes = value; } } // Check to see if ReadAttributes property is set internal bool IsSetReadAttributes() { return this._readAttributes != null && this._readAttributes.Count > 0; } ///

/// Gets and sets the property RefreshTokenValidity. /// /// The refresh token time limit. After this limit expires, your user can't use their /// refresh token. To specify the time unit for RefreshTokenValidity as seconds, /// minutes, hours, or days, set a TokenValidityUnits /// value in your API request. /// /// /// /// For example, when you set RefreshTokenValidity as 10 and /// TokenValidityUnits as days, your user can refresh their /// session and retrieve new access and ID tokens for 10 days. /// /// /// /// The default time unit for RefreshTokenValidity in an API request is days. /// You can't set RefreshTokenValidity to 0. If you do, Amazon Cognito overrides /// the value with the default value of 30 days. Valid range is displayed below /// in seconds. /// /// /// /// If you don't specify otherwise in the configuration of your app client, your refresh /// tokens are valid for 30 days. /// ///

[AWSProperty(Min=0, Max=315360000)] public int RefreshTokenValidity { get { return this._refreshTokenValidity.GetValueOrDefault(); } set { this._refreshTokenValidity = value; } } // Check to see if RefreshTokenValidity property is set internal bool IsSetRefreshTokenValidity() { return this._refreshTokenValidity.HasValue; } ///

/// Gets and sets the property SupportedIdentityProviders. /// /// A list of provider names for the IdPs that this client supports. The following are /// supported: COGNITO, Facebook, Google, SignInWithApple, /// LoginWithAmazon, and the names of your own SAML and OIDC providers. /// ///

public List SupportedIdentityProviders { get { return this._supportedIdentityProviders; } set { this._supportedIdentityProviders = value; } } // Check to see if SupportedIdentityProviders property is set internal bool IsSetSupportedIdentityProviders() { return this._supportedIdentityProviders != null && this._supportedIdentityProviders.Count > 0; } ///

/// Gets and sets the property TokenValidityUnits. /// /// The units in which the validity times are represented. The default unit for RefreshToken /// is days, and the default for ID and access tokens is hours. /// ///

public TokenValidityUnitsType TokenValidityUnits { get { return this._tokenValidityUnits; } set { this._tokenValidityUnits = value; } } // Check to see if TokenValidityUnits property is set internal bool IsSetTokenValidityUnits() { return this._tokenValidityUnits != null; } ///

/// Gets and sets the property UserPoolId. /// /// The user pool ID for the user pool where you want to update the user pool client. /// ///

[AWSProperty(Required=true, Min=1, Max=55)] public string UserPoolId { get { return this._userPoolId; } set { this._userPoolId = value; } } // Check to see if UserPoolId property is set internal bool IsSetUserPoolId() { return this._userPoolId != null; } ///

/// Gets and sets the property WriteAttributes. /// /// The writeable attributes of the user pool. /// ///

public List WriteAttributes { get { return this._writeAttributes; } set { this._writeAttributes = value; } } // Check to see if WriteAttributes property is set internal bool IsSetWriteAttributes() { return this._writeAttributes != null && this._writeAttributes.Count > 0; } } }