{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.SSO.Types.RoleCredentials
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.SSO.Types.RoleCredentials where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude

-- | Provides information about the role credentials that are assigned to the
-- user.
--
-- /See:/ 'newRoleCredentials' smart constructor.
data RoleCredentials = RoleCredentials'
  { -- | The date on which temporary security credentials expire.
    RoleCredentials -> Maybe Integer
expiration :: Prelude.Maybe Prelude.Integer,
    -- | The token used for temporary credentials. For more information, see
    -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
    -- in the /AWS IAM User Guide/.
    RoleCredentials -> Maybe (Sensitive SessionToken)
sessionToken :: Prelude.Maybe (Data.Sensitive Core.SessionToken),
    -- | The identifier used for the temporary security credentials. For more
    -- information, see
    -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
    -- in the /AWS IAM User Guide/.
    RoleCredentials -> AccessKey
accessKeyId :: Core.AccessKey,
    -- | The key that is used to sign the request. For more information, see
    -- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
    -- in the /AWS IAM User Guide/.
    RoleCredentials -> Sensitive SecretKey
secretAccessKey :: Data.Sensitive Core.SecretKey
  }
  deriving (RoleCredentials -> RoleCredentials -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: RoleCredentials -> RoleCredentials -> Bool
$c/= :: RoleCredentials -> RoleCredentials -> Bool
== :: RoleCredentials -> RoleCredentials -> Bool
$c== :: RoleCredentials -> RoleCredentials -> Bool
Prelude.Eq, Int -> RoleCredentials -> ShowS
[RoleCredentials] -> ShowS
RoleCredentials -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [RoleCredentials] -> ShowS
$cshowList :: [RoleCredentials] -> ShowS
show :: RoleCredentials -> String
$cshow :: RoleCredentials -> String
showsPrec :: Int -> RoleCredentials -> ShowS
$cshowsPrec :: Int -> RoleCredentials -> ShowS
Prelude.Show, forall x. Rep RoleCredentials x -> RoleCredentials
forall x. RoleCredentials -> Rep RoleCredentials x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep RoleCredentials x -> RoleCredentials
$cfrom :: forall x. RoleCredentials -> Rep RoleCredentials x
Prelude.Generic)

-- |
-- Create a value of 'RoleCredentials' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'expiration', 'roleCredentials_expiration' - The date on which temporary security credentials expire.
--
-- 'sessionToken', 'roleCredentials_sessionToken' - The token used for temporary credentials. For more information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
-- in the /AWS IAM User Guide/.
--
-- 'accessKeyId', 'roleCredentials_accessKeyId' - The identifier used for the temporary security credentials. For more
-- information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
-- in the /AWS IAM User Guide/.
--
-- 'secretAccessKey', 'roleCredentials_secretAccessKey' - The key that is used to sign the request. For more information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
-- in the /AWS IAM User Guide/.
newRoleCredentials ::
  -- | 'accessKeyId'
  Core.AccessKey ->
  -- | 'secretAccessKey'
  Core.SecretKey ->
  RoleCredentials
newRoleCredentials :: AccessKey -> SecretKey -> RoleCredentials
newRoleCredentials AccessKey
pAccessKeyId_ SecretKey
pSecretAccessKey_ =
  RoleCredentials'
    { $sel:expiration:RoleCredentials' :: Maybe Integer
expiration = forall a. Maybe a
Prelude.Nothing,
      $sel:sessionToken:RoleCredentials' :: Maybe (Sensitive SessionToken)
sessionToken = forall a. Maybe a
Prelude.Nothing,
      $sel:accessKeyId:RoleCredentials' :: AccessKey
accessKeyId = AccessKey
pAccessKeyId_,
      $sel:secretAccessKey:RoleCredentials' :: Sensitive SecretKey
secretAccessKey =
        forall a. Iso' (Sensitive a) a
Data._Sensitive forall t b. AReview t b -> b -> t
Lens.# SecretKey
pSecretAccessKey_
    }

-- | The date on which temporary security credentials expire.
roleCredentials_expiration :: Lens.Lens' RoleCredentials (Prelude.Maybe Prelude.Integer)
roleCredentials_expiration :: Lens' RoleCredentials (Maybe Integer)
roleCredentials_expiration = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RoleCredentials' {Maybe Integer
expiration :: Maybe Integer
$sel:expiration:RoleCredentials' :: RoleCredentials -> Maybe Integer
expiration} -> Maybe Integer
expiration) (\s :: RoleCredentials
s@RoleCredentials' {} Maybe Integer
a -> RoleCredentials
s {$sel:expiration:RoleCredentials' :: Maybe Integer
expiration = Maybe Integer
a} :: RoleCredentials)

-- | The token used for temporary credentials. For more information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
-- in the /AWS IAM User Guide/.
roleCredentials_sessionToken :: Lens.Lens' RoleCredentials (Prelude.Maybe Core.SessionToken)
roleCredentials_sessionToken :: Lens' RoleCredentials (Maybe SessionToken)
roleCredentials_sessionToken = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RoleCredentials' {Maybe (Sensitive SessionToken)
sessionToken :: Maybe (Sensitive SessionToken)
$sel:sessionToken:RoleCredentials' :: RoleCredentials -> Maybe (Sensitive SessionToken)
sessionToken} -> Maybe (Sensitive SessionToken)
sessionToken) (\s :: RoleCredentials
s@RoleCredentials' {} Maybe (Sensitive SessionToken)
a -> RoleCredentials
s {$sel:sessionToken:RoleCredentials' :: Maybe (Sensitive SessionToken)
sessionToken = Maybe (Sensitive SessionToken)
a} :: RoleCredentials) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall a. Iso' (Sensitive a) a
Data._Sensitive

-- | The identifier used for the temporary security credentials. For more
-- information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
-- in the /AWS IAM User Guide/.
roleCredentials_accessKeyId :: Lens.Lens' RoleCredentials Core.AccessKey
roleCredentials_accessKeyId :: Lens' RoleCredentials AccessKey
roleCredentials_accessKeyId = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RoleCredentials' {AccessKey
accessKeyId :: AccessKey
$sel:accessKeyId:RoleCredentials' :: RoleCredentials -> AccessKey
accessKeyId} -> AccessKey
accessKeyId) (\s :: RoleCredentials
s@RoleCredentials' {} AccessKey
a -> RoleCredentials
s {$sel:accessKeyId:RoleCredentials' :: AccessKey
accessKeyId = AccessKey
a} :: RoleCredentials)

-- | The key that is used to sign the request. For more information, see
-- <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html Using Temporary Security Credentials to Request Access to AWS Resources>
-- in the /AWS IAM User Guide/.
roleCredentials_secretAccessKey :: Lens.Lens' RoleCredentials Core.SecretKey
roleCredentials_secretAccessKey :: Lens' RoleCredentials SecretKey
roleCredentials_secretAccessKey = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\RoleCredentials' {Sensitive SecretKey
secretAccessKey :: Sensitive SecretKey
$sel:secretAccessKey:RoleCredentials' :: RoleCredentials -> Sensitive SecretKey
secretAccessKey} -> Sensitive SecretKey
secretAccessKey) (\s :: RoleCredentials
s@RoleCredentials' {} Sensitive SecretKey
a -> RoleCredentials
s {$sel:secretAccessKey:RoleCredentials' :: Sensitive SecretKey
secretAccessKey = Sensitive SecretKey
a} :: RoleCredentials) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall a. Iso' (Sensitive a) a
Data._Sensitive

instance Data.FromJSON RoleCredentials where
  parseJSON :: Value -> Parser RoleCredentials
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"RoleCredentials"
      ( \Object
x ->
          Maybe Integer
-> Maybe (Sensitive SessionToken)
-> AccessKey
-> Sensitive SecretKey
-> RoleCredentials
RoleCredentials'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"expiration")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"sessionToken")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"accessKeyId")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"secretAccessKey")
      )

instance Prelude.Hashable RoleCredentials where
  hashWithSalt :: Int -> RoleCredentials -> Int
hashWithSalt Int
_salt RoleCredentials' {Maybe Integer
Maybe (Sensitive SessionToken)
AccessKey
Sensitive SecretKey
secretAccessKey :: Sensitive SecretKey
accessKeyId :: AccessKey
sessionToken :: Maybe (Sensitive SessionToken)
expiration :: Maybe Integer
$sel:secretAccessKey:RoleCredentials' :: RoleCredentials -> Sensitive SecretKey
$sel:accessKeyId:RoleCredentials' :: RoleCredentials -> AccessKey
$sel:sessionToken:RoleCredentials' :: RoleCredentials -> Maybe (Sensitive SessionToken)
$sel:expiration:RoleCredentials' :: RoleCredentials -> Maybe Integer
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Integer
expiration
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe (Sensitive SessionToken)
sessionToken
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` AccessKey
accessKeyId
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Sensitive SecretKey
secretAccessKey

instance Prelude.NFData RoleCredentials where
  rnf :: RoleCredentials -> ()
rnf RoleCredentials' {Maybe Integer
Maybe (Sensitive SessionToken)
AccessKey
Sensitive SecretKey
secretAccessKey :: Sensitive SecretKey
accessKeyId :: AccessKey
sessionToken :: Maybe (Sensitive SessionToken)
expiration :: Maybe Integer
$sel:secretAccessKey:RoleCredentials' :: RoleCredentials -> Sensitive SecretKey
$sel:accessKeyId:RoleCredentials' :: RoleCredentials -> AccessKey
$sel:sessionToken:RoleCredentials' :: RoleCredentials -> Maybe (Sensitive SessionToken)
$sel:expiration:RoleCredentials' :: RoleCredentials -> Maybe Integer
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Integer
expiration
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe (Sensitive SessionToken)
sessionToken
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf AccessKey
accessKeyId
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Sensitive SecretKey
secretAccessKey