1// Code generated by smithy-go-codegen DO NOT EDIT.
2
3package apigateway
4
5import (
6	"context"
7	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
8	"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
9	"github.com/aws/aws-sdk-go-v2/service/apigateway/types"
10	"github.com/aws/smithy-go/middleware"
11	smithyhttp "github.com/aws/smithy-go/transport/http"
12)
13
14// Updates an existing Authorizer resource. AWS CLI
15// (https://docs.aws.amazon.com/cli/latest/reference/apigateway/update-authorizer.html)
16func (c *Client) UpdateAuthorizer(ctx context.Context, params *UpdateAuthorizerInput, optFns ...func(*Options)) (*UpdateAuthorizerOutput, error) {
17	if params == nil {
18		params = &UpdateAuthorizerInput{}
19	}
20
21	result, metadata, err := c.invokeOperation(ctx, "UpdateAuthorizer", params, optFns, addOperationUpdateAuthorizerMiddlewares)
22	if err != nil {
23		return nil, err
24	}
25
26	out := result.(*UpdateAuthorizerOutput)
27	out.ResultMetadata = metadata
28	return out, nil
29}
30
31// Request to update an existing Authorizer resource.
32type UpdateAuthorizerInput struct {
33
34	// [Required] The identifier of the Authorizer resource.
35	//
36	// This member is required.
37	AuthorizerId *string
38
39	// [Required] The string identifier of the associated RestApi.
40	//
41	// This member is required.
42	RestApiId *string
43
44	// A list of update operations to be applied to the specified resource and in the
45	// order specified in this list.
46	PatchOperations []types.PatchOperation
47}
48
49// Represents an authorization layer for methods. If enabled on a method, API
50// Gateway will activate the authorizer when a client calls the method. Use Lambda
51// Function as Authorizer
52// (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-use-lambda-authorizer.html)Use
53// Cognito User Pool as Authorizer
54// (https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html)
55type UpdateAuthorizerOutput struct {
56
57	// Optional customer-defined field, used in OpenAPI imports and exports without
58	// functional impact.
59	AuthType *string
60
61	// Specifies the required credentials as an IAM role for API Gateway to invoke the
62	// authorizer. To specify an IAM role for API Gateway to assume, use the role's
63	// Amazon Resource Name (ARN). To use resource-based permissions on the Lambda
64	// function, specify null.
65	AuthorizerCredentials *string
66
67	// The TTL in seconds of cached authorizer results. If it equals 0, authorization
68	// caching is disabled. If it is greater than 0, API Gateway will cache authorizer
69	// responses. If this field is not set, the default value is 300. The maximum value
70	// is 3600, or 1 hour.
71	AuthorizerResultTtlInSeconds *int32
72
73	// Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or
74	// REQUEST authorizers, this must be a well-formed Lambda function URI, for
75	// example,
76	// arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations.
77	// In general, the URI has this form
78	// arn:aws:apigateway:{region}:lambda:path/{service_api}, where {region} is the
79	// same as the region hosting the Lambda function, path indicates that the
80	// remaining substring in the URI should be treated as the path to the resource,
81	// including the initial /. For Lambda functions, this is usually of the form
82	// /2015-03-31/functions/[FunctionARN]/invocations.
83	AuthorizerUri *string
84
85	// The identifier for the authorizer resource.
86	Id *string
87
88	// The identity source for which authorization is requested.
89	//
90	// * For a TOKEN or
91	// COGNITO_USER_POOLS authorizer, this is required and specifies the request header
92	// mapping expression for the custom header holding the authorization token
93	// submitted by the client. For example, if the token header name is Auth, the
94	// header mapping expression is method.request.header.Auth.
95	//
96	// * For the REQUEST
97	// authorizer, this is required when authorization caching is enabled. The value is
98	// a comma-separated string of one or more mapping expressions of the specified
99	// request parameters. For example, if an Auth header, a Name query string
100	// parameter are defined as identity sources, this value is
101	// method.request.header.Auth, method.request.querystring.Name. These parameters
102	// will be used to derive the authorization caching key and to perform runtime
103	// validation of the REQUEST authorizer by verifying all of the identity-related
104	// request parameters are present, not null and non-empty. Only when this is true
105	// does the authorizer invoke the authorizer Lambda function, otherwise, it returns
106	// a 401 Unauthorized response without calling the Lambda function. The valid value
107	// is a string of comma-separated mapping expressions of the specified request
108	// parameters. When the authorization caching is not enabled, this property is
109	// optional.
110	IdentitySource *string
111
112	// A validation expression for the incoming identity token. For TOKEN authorizers,
113	// this value is a regular expression. For COGNITO_USER_POOLS authorizers, API
114	// Gateway will match the aud field of the incoming token from the client against
115	// the specified regular expression. It will invoke the authorizer's Lambda
116	// function when there is a match. Otherwise, it will return a 401 Unauthorized
117	// response without calling the Lambda function. The validation expression does not
118	// apply to the REQUEST authorizer.
119	IdentityValidationExpression *string
120
121	// [Required] The name of the authorizer.
122	Name *string
123
124	// A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS
125	// authorizer. Each element is of this format:
126	// arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a TOKEN
127	// or REQUEST authorizer, this is not defined.
128	ProviderARNs []string
129
130	// The authorizer type. Valid values are TOKEN for a Lambda function using a single
131	// authorization token submitted in a custom header, REQUEST for a Lambda function
132	// using incoming request parameters, and COGNITO_USER_POOLS for using an Amazon
133	// Cognito user pool.
134	Type types.AuthorizerType
135
136	// Metadata pertaining to the operation's result.
137	ResultMetadata middleware.Metadata
138}
139
140func addOperationUpdateAuthorizerMiddlewares(stack *middleware.Stack, options Options) (err error) {
141	err = stack.Serialize.Add(&awsRestjson1_serializeOpUpdateAuthorizer{}, middleware.After)
142	if err != nil {
143		return err
144	}
145	err = stack.Deserialize.Add(&awsRestjson1_deserializeOpUpdateAuthorizer{}, middleware.After)
146	if err != nil {
147		return err
148	}
149	if err = addSetLoggerMiddleware(stack, options); err != nil {
150		return err
151	}
152	if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
153		return err
154	}
155	if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
156		return err
157	}
158	if err = addResolveEndpointMiddleware(stack, options); err != nil {
159		return err
160	}
161	if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
162		return err
163	}
164	if err = addRetryMiddlewares(stack, options); err != nil {
165		return err
166	}
167	if err = addHTTPSignerV4Middleware(stack, options); err != nil {
168		return err
169	}
170	if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
171		return err
172	}
173	if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
174		return err
175	}
176	if err = addClientUserAgent(stack); err != nil {
177		return err
178	}
179	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
180		return err
181	}
182	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
183		return err
184	}
185	if err = addOpUpdateAuthorizerValidationMiddleware(stack); err != nil {
186		return err
187	}
188	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateAuthorizer(options.Region), middleware.Before); err != nil {
189		return err
190	}
191	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
192		return err
193	}
194	if err = addResponseErrorMiddleware(stack); err != nil {
195		return err
196	}
197	if err = addAcceptHeader(stack); err != nil {
198		return err
199	}
200	if err = addRequestResponseLogging(stack, options); err != nil {
201		return err
202	}
203	return nil
204}
205
206func newServiceMetadataMiddleware_opUpdateAuthorizer(region string) *awsmiddleware.RegisterServiceMetadata {
207	return &awsmiddleware.RegisterServiceMetadata{
208		Region:        region,
209		ServiceID:     ServiceID,
210		SigningName:   "apigateway",
211		OperationName: "UpdateAuthorizer",
212	}
213}
214