C# Class Amazon.SecurityToken.SAML.StoredProfileSAMLCredentials

Inheritance: Amazon.Runtime.RefreshingAWSCredentials
Show file Open project: aws/aws-sdk-net

Public Properties

Property Type Description
MaximumCredentialTimespan System.TimeSpan
MinimumCredentialTimespan System.TimeSpan

Public Methods

Method Description
StoredProfileSAMLCredentials ( ) : System

Constructs an instance of StoredProfileSAMLCredentials. This constructor searches for details of the role to assume, and optional credentials to use with the endpoint, using the profile name specified in the App.config.

StoredProfileSAMLCredentials ( string profileName, string profilesLocation ) : System

Constructs an instance of StoredProfileSAMLCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials.

For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials.

The ini-format credentials file is not currently supported.

Protected Methods

Method Description
GenerateNewCredentials ( ) : CredentialsRefreshState

Refresh credentials after expiry. If the role profile is configured to not use the default user identity, an exception is thrown if the UserAuthenticationCallback property has not been set.

Validate ( ) : void

If non-default credentials are to be used for authentication, validates that the authentication required callback has been populated.

Private Methods

Method Description
Authenticate ( ICredentials userCredential, System.TimeSpan credentialDuration ) : CredentialsRefreshState

Method Details

GenerateNewCredentials() protected method

Refresh credentials after expiry. If the role profile is configured to not use the default user identity, an exception is thrown if the UserAuthenticationCallback property has not been set.
protected GenerateNewCredentials ( ) : CredentialsRefreshState
return CredentialsRefreshState

StoredProfileSAMLCredentials() public method

Constructs an instance of StoredProfileSAMLCredentials. This constructor searches for details of the role to assume, and optional credentials to use with the endpoint, using the profile name specified in the App.config.
public StoredProfileSAMLCredentials ( ) : System
return System

StoredProfileSAMLCredentials() public method

Constructs an instance of StoredProfileSAMLCredentials. After construction call one of the Authenticate methods to authenticate the user/process and obtain temporary AWS credentials.

For users who are domain joined (the role profile does not contain user identity information) the temporary credentials will be refreshed automatically as needed. Non domain-joined users (those with user identity data in the profile) are required to re-authenticate when credential refresh is required. An exception is thrown when attempt is made to refresh credentials in this scenario. The consuming code of this class should catch the exception and prompt the user for credentials, then call Authenticate to re-initialize with a new set of temporary AWS credentials.

The ini-format credentials file is not currently supported.
public StoredProfileSAMLCredentials ( string profileName, string profilesLocation ) : System
profileName string /// The name of the profile holding the necessary role data to enable authentication and credential generation. ///
profilesLocation string Reserved for future use.
return System

Validate() protected method

If non-default credentials are to be used for authentication, validates that the authentication required callback has been populated.
protected Validate ( ) : void
return void

Property Details

MaximumCredentialTimespan public static property

The maximum allowed timespan for generated credentials, per STS documentation.
public static TimeSpan,System MaximumCredentialTimespan
return System.TimeSpan

MinimumCredentialTimespan public static property

The minimum allowed timespan for generated credentials, per STS documentation.
public static TimeSpan,System MinimumCredentialTimespan
return System.TimeSpan