api_op_CreateOAuth2Token.go raw

   1  // Code generated by smithy-go-codegen DO NOT EDIT.
   2  
   3  package signin
   4  
   5  import (
   6  	"context"
   7  	"fmt"
   8  	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
   9  	"github.com/aws/aws-sdk-go-v2/service/signin/types"
  10  	"github.com/aws/smithy-go/middleware"
  11  	smithyhttp "github.com/aws/smithy-go/transport/http"
  12  )
  13  
  14  // CreateOAuth2Token API
  15  //
  16  // Path: /v1/token Request Method: POST Content-Type: application/json or
  17  // application/x-www-form-urlencoded
  18  //
  19  // This API implements OAuth 2.0 flows for AWS Sign-In CLI clients, supporting
  20  // both:
  21  //
  22  //   - Authorization code redemption (grant_type=authorization_code) - NOT
  23  //     idempotent
  24  //   - Token refresh (grant_type=refresh_token) - Idempotent within token validity
  25  //     window
  26  //
  27  // The operation behavior is determined by the grant_type parameter in the request
  28  // body:
  29  //
  30  // Authorization Code Flow (NOT Idempotent):
  31  //
  32  //   - JSON or form-encoded body with client_id, grant_type=authorization_code,
  33  //     code, redirect_uri, code_verifier
  34  //   - Returns access_token, token_type, expires_in, refresh_token, and id_token
  35  //   - Each authorization code can only be used ONCE for security (prevents replay
  36  //     attacks)
  37  //
  38  // Token Refresh Flow (Idempotent):
  39  //
  40  //   - JSON or form-encoded body with client_id, grant_type=refresh_token,
  41  //     refresh_token
  42  //   - Returns access_token, token_type, expires_in, and refresh_token (no
  43  //     id_token)
  44  //   - Multiple calls with same refresh_token return consistent results within
  45  //     validity window
  46  //
  47  // Authentication and authorization:
  48  //
  49  //   - Confidential clients: sigv4 signing required with signin:ExchangeToken
  50  //     permissions
  51  //   - CLI clients (public): authn/authz skipped based on client_id & grant_type
  52  //
  53  // Note: This operation cannot be marked as @idempotent because it handles both
  54  // idempotent (token refresh) and non-idempotent (auth code redemption) flows in a
  55  // single endpoint.
  56  func (c *Client) CreateOAuth2Token(ctx context.Context, params *CreateOAuth2TokenInput, optFns ...func(*Options)) (*CreateOAuth2TokenOutput, error) {
  57  	if params == nil {
  58  		params = &CreateOAuth2TokenInput{}
  59  	}
  60  
  61  	result, metadata, err := c.invokeOperation(ctx, "CreateOAuth2Token", params, optFns, c.addOperationCreateOAuth2TokenMiddlewares)
  62  	if err != nil {
  63  		return nil, err
  64  	}
  65  
  66  	out := result.(*CreateOAuth2TokenOutput)
  67  	out.ResultMetadata = metadata
  68  	return out, nil
  69  }
  70  
  71  // Input structure for CreateOAuth2Token operation
  72  //
  73  // Contains flattened token operation inputs for both authorization code and
  74  // refresh token flows. The operation type is determined by the grant_type
  75  // parameter in the request body.
  76  type CreateOAuth2TokenInput struct {
  77  
  78  	// Flattened token operation inputs The specific operation is determined by
  79  	// grant_type in the request body
  80  	//
  81  	// This member is required.
  82  	TokenInput *types.CreateOAuth2TokenRequestBody
  83  
  84  	noSmithyDocumentSerde
  85  }
  86  
  87  // Output structure for CreateOAuth2Token operation
  88  //
  89  // Contains flattened token operation outputs for both authorization code and
  90  // refresh token flows. The response content depends on the grant_type from the
  91  // original request.
  92  type CreateOAuth2TokenOutput struct {
  93  
  94  	// Flattened token operation outputs The specific response fields depend on the
  95  	// grant_type used in the request
  96  	//
  97  	// This member is required.
  98  	TokenOutput *types.CreateOAuth2TokenResponseBody
  99  
 100  	// Metadata pertaining to the operation's result.
 101  	ResultMetadata middleware.Metadata
 102  
 103  	noSmithyDocumentSerde
 104  }
 105  
 106  func (c *Client) addOperationCreateOAuth2TokenMiddlewares(stack *middleware.Stack, options Options) (err error) {
 107  	if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil {
 108  		return err
 109  	}
 110  	err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateOAuth2Token{}, middleware.After)
 111  	if err != nil {
 112  		return err
 113  	}
 114  	err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateOAuth2Token{}, middleware.After)
 115  	if err != nil {
 116  		return err
 117  	}
 118  	if err := addProtocolFinalizerMiddlewares(stack, options, "CreateOAuth2Token"); err != nil {
 119  		return fmt.Errorf("add protocol finalizers: %v", err)
 120  	}
 121  
 122  	if err = addlegacyEndpointContextSetter(stack, options); err != nil {
 123  		return err
 124  	}
 125  	if err = addSetLoggerMiddleware(stack, options); err != nil {
 126  		return err
 127  	}
 128  	if err = addClientRequestID(stack); err != nil {
 129  		return err
 130  	}
 131  	if err = addComputeContentLength(stack); err != nil {
 132  		return err
 133  	}
 134  	if err = addResolveEndpointMiddleware(stack, options); err != nil {
 135  		return err
 136  	}
 137  	if err = addRetry(stack, options); err != nil {
 138  		return err
 139  	}
 140  	if err = addRawResponseToMetadata(stack); err != nil {
 141  		return err
 142  	}
 143  	if err = addRecordResponseTiming(stack); err != nil {
 144  		return err
 145  	}
 146  	if err = addSpanRetryLoop(stack, options); err != nil {
 147  		return err
 148  	}
 149  	if err = addClientUserAgent(stack, options); err != nil {
 150  		return err
 151  	}
 152  	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
 153  		return err
 154  	}
 155  	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
 156  		return err
 157  	}
 158  	if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil {
 159  		return err
 160  	}
 161  	if err = addTimeOffsetBuild(stack, c); err != nil {
 162  		return err
 163  	}
 164  	if err = addUserAgentRetryMode(stack, options); err != nil {
 165  		return err
 166  	}
 167  	if err = addCredentialSource(stack, options); err != nil {
 168  		return err
 169  	}
 170  	if err = addOpCreateOAuth2TokenValidationMiddleware(stack); err != nil {
 171  		return err
 172  	}
 173  	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateOAuth2Token(options.Region), middleware.Before); err != nil {
 174  		return err
 175  	}
 176  	if err = addRecursionDetection(stack); err != nil {
 177  		return err
 178  	}
 179  	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
 180  		return err
 181  	}
 182  	if err = addResponseErrorMiddleware(stack); err != nil {
 183  		return err
 184  	}
 185  	if err = addRequestResponseLogging(stack, options); err != nil {
 186  		return err
 187  	}
 188  	if err = addDisableHTTPSMiddleware(stack, options); err != nil {
 189  		return err
 190  	}
 191  	if err = addInterceptBeforeRetryLoop(stack, options); err != nil {
 192  		return err
 193  	}
 194  	if err = addInterceptAttempt(stack, options); err != nil {
 195  		return err
 196  	}
 197  	if err = addInterceptors(stack, options); err != nil {
 198  		return err
 199  	}
 200  	return nil
 201  }
 202  
 203  func newServiceMetadataMiddleware_opCreateOAuth2Token(region string) *awsmiddleware.RegisterServiceMetadata {
 204  	return &awsmiddleware.RegisterServiceMetadata{
 205  		Region:        region,
 206  		ServiceID:     ServiceID,
 207  		OperationName: "CreateOAuth2Token",
 208  	}
 209  }
 210