{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-binds #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.CognitoIdentityProvider.CreateUserPoolClient
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
--
-- Creates the user pool client.
--
-- When you create a new user pool client, token revocation is
-- automatically enabled. For more information about revoking tokens, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html RevokeToken>.
module Amazonka.CognitoIdentityProvider.CreateUserPoolClient
  ( -- * Creating a Request
    CreateUserPoolClient (..),
    newCreateUserPoolClient,

    -- * Request Lenses
    createUserPoolClient_refreshTokenValidity,
    createUserPoolClient_explicitAuthFlows,
    createUserPoolClient_supportedIdentityProviders,
    createUserPoolClient_logoutURLs,
    createUserPoolClient_allowedOAuthFlowsUserPoolClient,
    createUserPoolClient_generateSecret,
    createUserPoolClient_idTokenValidity,
    createUserPoolClient_tokenValidityUnits,
    createUserPoolClient_defaultRedirectURI,
    createUserPoolClient_enableTokenRevocation,
    createUserPoolClient_writeAttributes,
    createUserPoolClient_preventUserExistenceErrors,
    createUserPoolClient_accessTokenValidity,
    createUserPoolClient_readAttributes,
    createUserPoolClient_allowedOAuthScopes,
    createUserPoolClient_allowedOAuthFlows,
    createUserPoolClient_analyticsConfiguration,
    createUserPoolClient_callbackURLs,
    createUserPoolClient_userPoolId,
    createUserPoolClient_clientName,

    -- * Destructuring the Response
    CreateUserPoolClientResponse (..),
    newCreateUserPoolClientResponse,

    -- * Response Lenses
    createUserPoolClientResponse_userPoolClient,
    createUserPoolClientResponse_httpStatus,
  )
where

import Amazonka.CognitoIdentityProvider.Types
import qualified Amazonka.Core as Core
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude
import qualified Amazonka.Request as Request
import qualified Amazonka.Response as Response

-- | Represents the request to create a user pool client.
--
-- /See:/ 'newCreateUserPoolClient' smart constructor.
data CreateUserPoolClient = CreateUserPoolClient'
  { -- | The time limit, in days, after which the refresh token is no longer
    -- valid and cannot be used.
    CreateUserPoolClient -> Maybe Natural
refreshTokenValidity :: Prelude.Maybe Prelude.Natural,
    -- | The authentication flows that are supported by the user pool clients.
    -- Flow names without the @ALLOW_@ prefix are deprecated in favor of new
    -- names with the @ALLOW_@ prefix. Note that values with @ALLOW_@ prefix
    -- cannot be used along with values without @ALLOW_@ prefix.
    --
    -- Valid values include:
    --
    -- -   @ALLOW_ADMIN_USER_PASSWORD_AUTH@: Enable admin based user password
    --     authentication flow @ADMIN_USER_PASSWORD_AUTH@. This setting
    --     replaces the @ADMIN_NO_SRP_AUTH@ setting. With this authentication
    --     flow, Cognito receives the password in the request instead of using
    --     the SRP (Secure Remote Password protocol) protocol to verify
    --     passwords.
    --
    -- -   @ALLOW_CUSTOM_AUTH@: Enable Lambda trigger based authentication.
    --
    -- -   @ALLOW_USER_PASSWORD_AUTH@: Enable user password-based
    --     authentication. In this flow, Cognito receives the password in the
    --     request instead of using the SRP protocol to verify passwords.
    --
    -- -   @ALLOW_USER_SRP_AUTH@: Enable SRP based authentication.
    --
    -- -   @ALLOW_REFRESH_TOKEN_AUTH@: Enable authflow to refresh tokens.
    CreateUserPoolClient -> Maybe [ExplicitAuthFlowsType]
explicitAuthFlows :: Prelude.Maybe [ExplicitAuthFlowsType],
    -- | A list of provider names for the identity providers that are supported
    -- on this client. The following are supported: @COGNITO@, @Facebook@,
    -- @Google@ and @LoginWithAmazon@.
    CreateUserPoolClient -> Maybe [Text]
supportedIdentityProviders :: Prelude.Maybe [Prelude.Text],
    -- | A list of allowed logout URLs for the identity providers.
    CreateUserPoolClient -> Maybe [Text]
logoutURLs :: Prelude.Maybe [Prelude.Text],
    -- | Set to true if the client is allowed to follow the OAuth protocol when
    -- interacting with Cognito user pools.
    CreateUserPoolClient -> Maybe Bool
allowedOAuthFlowsUserPoolClient :: Prelude.Maybe Prelude.Bool,
    -- | Boolean to specify whether you want to generate a secret for the user
    -- pool client being created.
    CreateUserPoolClient -> Maybe Bool
generateSecret :: Prelude.Maybe Prelude.Bool,
    -- | The time limit, between 5 minutes and 1 day, after which the ID token is
    -- no longer valid and cannot be used. This value will be overridden if you
    -- have entered a value in TokenValidityUnits.
    CreateUserPoolClient -> Maybe Natural
idTokenValidity :: Prelude.Maybe Prelude.Natural,
    -- | The units in which the validity times are represented in. Default for
    -- RefreshToken is days, and default for ID and access tokens are hours.
    CreateUserPoolClient -> Maybe TokenValidityUnitsType
tokenValidityUnits :: Prelude.Maybe TokenValidityUnitsType,
    -- | The default redirect URI. Must be in the @CallbackURLs@ list.
    --
    -- A redirect URI must:
    --
    -- -   Be an absolute URI.
    --
    -- -   Be registered with the authorization server.
    --
    -- -   Not include a fragment component.
    --
    -- See
    -- <https://tools.ietf.org/html/rfc6749#section-3.1.2 OAuth 2.0 - Redirection Endpoint>.
    --
    -- Amazon Cognito requires HTTPS over HTTP except for http:\/\/localhost
    -- for testing purposes only.
    --
    -- App callback URLs such as myapp:\/\/example are also supported.
    CreateUserPoolClient -> Maybe Text
defaultRedirectURI :: Prelude.Maybe Prelude.Text,
    -- | Enables or disables token revocation. For more information about
    -- revoking tokens, see
    -- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html RevokeToken>.
    --
    -- If you don\'t include this parameter, token revocation is automatically
    -- enabled for the new user pool client.
    CreateUserPoolClient -> Maybe Bool
enableTokenRevocation :: Prelude.Maybe Prelude.Bool,
    -- | The user pool attributes that the app client can write to.
    --
    -- If your app client allows users to sign in through an identity provider,
    -- this array must include all attributes that are mapped to identity
    -- provider attributes. Amazon Cognito updates mapped attributes when users
    -- sign in to your application through an identity provider. If your app
    -- client lacks write access to a mapped attribute, Amazon Cognito throws
    -- an error when it attempts to update the attribute. For more information,
    -- see
    -- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html Specifying Identity Provider Attribute Mappings for Your User Pool>.
    CreateUserPoolClient -> Maybe [Text]
writeAttributes :: Prelude.Maybe [Prelude.Text],
    -- | Use this setting to choose which errors and responses are returned by
    -- Cognito APIs during authentication, account confirmation, and password
    -- recovery when the user does not exist in the user pool. When set to
    -- @ENABLED@ and the user does not exist, authentication returns an error
    -- indicating either the username or password was incorrect, and account
    -- confirmation and password recovery return a response indicating a code
    -- was sent to a simulated destination. When set to @LEGACY@, those APIs
    -- will return a @UserNotFoundException@ exception if the user does not
    -- exist in the user pool.
    --
    -- Valid values include:
    --
    -- -   @ENABLED@ - This prevents user existence-related errors.
    --
    -- -   @LEGACY@ - This represents the old behavior of Cognito where user
    --     existence related errors are not prevented.
    --
    -- After February 15th 2020, the value of @PreventUserExistenceErrors@ will
    -- default to @ENABLED@ for newly created user pool clients if no value is
    -- provided.
    CreateUserPoolClient -> Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors :: Prelude.Maybe PreventUserExistenceErrorTypes,
    -- | The time limit, between 5 minutes and 1 day, after which the access
    -- token is no longer valid and cannot be used. This value will be
    -- overridden if you have entered a value in TokenValidityUnits.
    CreateUserPoolClient -> Maybe Natural
accessTokenValidity :: Prelude.Maybe Prelude.Natural,
    -- | The read attributes.
    CreateUserPoolClient -> Maybe [Text]
readAttributes :: Prelude.Maybe [Prelude.Text],
    -- | The allowed OAuth scopes. Possible values provided by OAuth are:
    -- @phone@, @email@, @openid@, and @profile@. Possible values provided by
    -- Amazon Web Services are: @aws.cognito.signin.user.admin@. Custom scopes
    -- created in Resource Servers are also supported.
    CreateUserPoolClient -> Maybe [Text]
allowedOAuthScopes :: Prelude.Maybe [Prelude.Text],
    -- | The allowed OAuth flows.
    --
    -- Set to @code@ to initiate a code grant flow, which provides an
    -- authorization code as the response. This code can be exchanged for
    -- access tokens with the token endpoint.
    --
    -- Set to @implicit@ to specify that the client should get the access token
    -- (and, optionally, ID token, based on scopes) directly.
    --
    -- Set to @client_credentials@ to specify that the client should get the
    -- access token (and, optionally, ID token, based on scopes) from the token
    -- endpoint using a combination of client and client_secret.
    CreateUserPoolClient -> Maybe [OAuthFlowType]
allowedOAuthFlows :: Prelude.Maybe [OAuthFlowType],
    -- | The Amazon Pinpoint analytics configuration for collecting metrics for
    -- this user pool.
    --
    -- In regions where Pinpoint is not available, Cognito User Pools only
    -- supports sending events to Amazon Pinpoint projects in us-east-1. In
    -- regions where Pinpoint is available, Cognito User Pools will support
    -- sending events to Amazon Pinpoint projects within that same region.
    CreateUserPoolClient -> Maybe AnalyticsConfigurationType
analyticsConfiguration :: Prelude.Maybe AnalyticsConfigurationType,
    -- | A list of allowed redirect (callback) URLs for the identity providers.
    --
    -- A redirect URI must:
    --
    -- -   Be an absolute URI.
    --
    -- -   Be registered with the authorization server.
    --
    -- -   Not include a fragment component.
    --
    -- See
    -- <https://tools.ietf.org/html/rfc6749#section-3.1.2 OAuth 2.0 - Redirection Endpoint>.
    --
    -- Amazon Cognito requires HTTPS over HTTP except for http:\/\/localhost
    -- for testing purposes only.
    --
    -- App callback URLs such as myapp:\/\/example are also supported.
    CreateUserPoolClient -> Maybe [Text]
callbackURLs :: Prelude.Maybe [Prelude.Text],
    -- | The user pool ID for the user pool where you want to create a user pool
    -- client.
    CreateUserPoolClient -> Text
userPoolId :: Prelude.Text,
    -- | The client name for the user pool client you would like to create.
    CreateUserPoolClient -> Text
clientName :: Prelude.Text
  }
  deriving (CreateUserPoolClient -> CreateUserPoolClient -> Bool
(CreateUserPoolClient -> CreateUserPoolClient -> Bool)
-> (CreateUserPoolClient -> CreateUserPoolClient -> Bool)
-> Eq CreateUserPoolClient
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CreateUserPoolClient -> CreateUserPoolClient -> Bool
$c/= :: CreateUserPoolClient -> CreateUserPoolClient -> Bool
== :: CreateUserPoolClient -> CreateUserPoolClient -> Bool
$c== :: CreateUserPoolClient -> CreateUserPoolClient -> Bool
Prelude.Eq, ReadPrec [CreateUserPoolClient]
ReadPrec CreateUserPoolClient
Int -> ReadS CreateUserPoolClient
ReadS [CreateUserPoolClient]
(Int -> ReadS CreateUserPoolClient)
-> ReadS [CreateUserPoolClient]
-> ReadPrec CreateUserPoolClient
-> ReadPrec [CreateUserPoolClient]
-> Read CreateUserPoolClient
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [CreateUserPoolClient]
$creadListPrec :: ReadPrec [CreateUserPoolClient]
readPrec :: ReadPrec CreateUserPoolClient
$creadPrec :: ReadPrec CreateUserPoolClient
readList :: ReadS [CreateUserPoolClient]
$creadList :: ReadS [CreateUserPoolClient]
readsPrec :: Int -> ReadS CreateUserPoolClient
$creadsPrec :: Int -> ReadS CreateUserPoolClient
Prelude.Read, Int -> CreateUserPoolClient -> ShowS
[CreateUserPoolClient] -> ShowS
CreateUserPoolClient -> String
(Int -> CreateUserPoolClient -> ShowS)
-> (CreateUserPoolClient -> String)
-> ([CreateUserPoolClient] -> ShowS)
-> Show CreateUserPoolClient
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [CreateUserPoolClient] -> ShowS
$cshowList :: [CreateUserPoolClient] -> ShowS
show :: CreateUserPoolClient -> String
$cshow :: CreateUserPoolClient -> String
showsPrec :: Int -> CreateUserPoolClient -> ShowS
$cshowsPrec :: Int -> CreateUserPoolClient -> ShowS
Prelude.Show, (forall x. CreateUserPoolClient -> Rep CreateUserPoolClient x)
-> (forall x. Rep CreateUserPoolClient x -> CreateUserPoolClient)
-> Generic CreateUserPoolClient
forall x. Rep CreateUserPoolClient x -> CreateUserPoolClient
forall x. CreateUserPoolClient -> Rep CreateUserPoolClient x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep CreateUserPoolClient x -> CreateUserPoolClient
$cfrom :: forall x. CreateUserPoolClient -> Rep CreateUserPoolClient x
Prelude.Generic)

-- |
-- Create a value of 'CreateUserPoolClient' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'refreshTokenValidity', 'createUserPoolClient_refreshTokenValidity' - The time limit, in days, after which the refresh token is no longer
-- valid and cannot be used.
--
-- 'explicitAuthFlows', 'createUserPoolClient_explicitAuthFlows' - The authentication flows that are supported by the user pool clients.
-- Flow names without the @ALLOW_@ prefix are deprecated in favor of new
-- names with the @ALLOW_@ prefix. Note that values with @ALLOW_@ prefix
-- cannot be used along with values without @ALLOW_@ prefix.
--
-- Valid values include:
--
-- -   @ALLOW_ADMIN_USER_PASSWORD_AUTH@: Enable admin based user password
--     authentication flow @ADMIN_USER_PASSWORD_AUTH@. This setting
--     replaces the @ADMIN_NO_SRP_AUTH@ setting. With this authentication
--     flow, Cognito receives the password in the request instead of using
--     the SRP (Secure Remote Password protocol) protocol to verify
--     passwords.
--
-- -   @ALLOW_CUSTOM_AUTH@: Enable Lambda trigger based authentication.
--
-- -   @ALLOW_USER_PASSWORD_AUTH@: Enable user password-based
--     authentication. In this flow, Cognito receives the password in the
--     request instead of using the SRP protocol to verify passwords.
--
-- -   @ALLOW_USER_SRP_AUTH@: Enable SRP based authentication.
--
-- -   @ALLOW_REFRESH_TOKEN_AUTH@: Enable authflow to refresh tokens.
--
-- 'supportedIdentityProviders', 'createUserPoolClient_supportedIdentityProviders' - A list of provider names for the identity providers that are supported
-- on this client. The following are supported: @COGNITO@, @Facebook@,
-- @Google@ and @LoginWithAmazon@.
--
-- 'logoutURLs', 'createUserPoolClient_logoutURLs' - A list of allowed logout URLs for the identity providers.
--
-- 'allowedOAuthFlowsUserPoolClient', 'createUserPoolClient_allowedOAuthFlowsUserPoolClient' - Set to true if the client is allowed to follow the OAuth protocol when
-- interacting with Cognito user pools.
--
-- 'generateSecret', 'createUserPoolClient_generateSecret' - Boolean to specify whether you want to generate a secret for the user
-- pool client being created.
--
-- 'idTokenValidity', 'createUserPoolClient_idTokenValidity' - The time limit, between 5 minutes and 1 day, after which the ID token is
-- no longer valid and cannot be used. This value will be overridden if you
-- have entered a value in TokenValidityUnits.
--
-- 'tokenValidityUnits', 'createUserPoolClient_tokenValidityUnits' - The units in which the validity times are represented in. Default for
-- RefreshToken is days, and default for ID and access tokens are hours.
--
-- 'defaultRedirectURI', 'createUserPoolClient_defaultRedirectURI' - The default redirect URI. Must be in the @CallbackURLs@ list.
--
-- A redirect URI must:
--
-- -   Be an absolute URI.
--
-- -   Be registered with the authorization server.
--
-- -   Not include a fragment component.
--
-- See
-- <https://tools.ietf.org/html/rfc6749#section-3.1.2 OAuth 2.0 - Redirection Endpoint>.
--
-- Amazon Cognito requires HTTPS over HTTP except for http:\/\/localhost
-- for testing purposes only.
--
-- App callback URLs such as myapp:\/\/example are also supported.
--
-- 'enableTokenRevocation', 'createUserPoolClient_enableTokenRevocation' - Enables or disables token revocation. For more information about
-- revoking tokens, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html RevokeToken>.
--
-- If you don\'t include this parameter, token revocation is automatically
-- enabled for the new user pool client.
--
-- 'writeAttributes', 'createUserPoolClient_writeAttributes' - The user pool attributes that the app client can write to.
--
-- If your app client allows users to sign in through an identity provider,
-- this array must include all attributes that are mapped to identity
-- provider attributes. Amazon Cognito updates mapped attributes when users
-- sign in to your application through an identity provider. If your app
-- client lacks write access to a mapped attribute, Amazon Cognito throws
-- an error when it attempts to update the attribute. For more information,
-- see
-- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html Specifying Identity Provider Attribute Mappings for Your User Pool>.
--
-- 'preventUserExistenceErrors', 'createUserPoolClient_preventUserExistenceErrors' - Use this setting to choose which errors and responses are returned by
-- Cognito APIs during authentication, account confirmation, and password
-- recovery when the user does not exist in the user pool. When set to
-- @ENABLED@ and the user does not exist, authentication returns an error
-- indicating either the username or password was incorrect, and account
-- confirmation and password recovery return a response indicating a code
-- was sent to a simulated destination. When set to @LEGACY@, those APIs
-- will return a @UserNotFoundException@ exception if the user does not
-- exist in the user pool.
--
-- Valid values include:
--
-- -   @ENABLED@ - This prevents user existence-related errors.
--
-- -   @LEGACY@ - This represents the old behavior of Cognito where user
--     existence related errors are not prevented.
--
-- After February 15th 2020, the value of @PreventUserExistenceErrors@ will
-- default to @ENABLED@ for newly created user pool clients if no value is
-- provided.
--
-- 'accessTokenValidity', 'createUserPoolClient_accessTokenValidity' - The time limit, between 5 minutes and 1 day, after which the access
-- token is no longer valid and cannot be used. This value will be
-- overridden if you have entered a value in TokenValidityUnits.
--
-- 'readAttributes', 'createUserPoolClient_readAttributes' - The read attributes.
--
-- 'allowedOAuthScopes', 'createUserPoolClient_allowedOAuthScopes' - The allowed OAuth scopes. Possible values provided by OAuth are:
-- @phone@, @email@, @openid@, and @profile@. Possible values provided by
-- Amazon Web Services are: @aws.cognito.signin.user.admin@. Custom scopes
-- created in Resource Servers are also supported.
--
-- 'allowedOAuthFlows', 'createUserPoolClient_allowedOAuthFlows' - The allowed OAuth flows.
--
-- Set to @code@ to initiate a code grant flow, which provides an
-- authorization code as the response. This code can be exchanged for
-- access tokens with the token endpoint.
--
-- Set to @implicit@ to specify that the client should get the access token
-- (and, optionally, ID token, based on scopes) directly.
--
-- Set to @client_credentials@ to specify that the client should get the
-- access token (and, optionally, ID token, based on scopes) from the token
-- endpoint using a combination of client and client_secret.
--
-- 'analyticsConfiguration', 'createUserPoolClient_analyticsConfiguration' - The Amazon Pinpoint analytics configuration for collecting metrics for
-- this user pool.
--
-- In regions where Pinpoint is not available, Cognito User Pools only
-- supports sending events to Amazon Pinpoint projects in us-east-1. In
-- regions where Pinpoint is available, Cognito User Pools will support
-- sending events to Amazon Pinpoint projects within that same region.
--
-- 'callbackURLs', 'createUserPoolClient_callbackURLs' - A list of allowed redirect (callback) URLs for the identity providers.
--
-- A redirect URI must:
--
-- -   Be an absolute URI.
--
-- -   Be registered with the authorization server.
--
-- -   Not include a fragment component.
--
-- See
-- <https://tools.ietf.org/html/rfc6749#section-3.1.2 OAuth 2.0 - Redirection Endpoint>.
--
-- Amazon Cognito requires HTTPS over HTTP except for http:\/\/localhost
-- for testing purposes only.
--
-- App callback URLs such as myapp:\/\/example are also supported.
--
-- 'userPoolId', 'createUserPoolClient_userPoolId' - The user pool ID for the user pool where you want to create a user pool
-- client.
--
-- 'clientName', 'createUserPoolClient_clientName' - The client name for the user pool client you would like to create.
newCreateUserPoolClient ::
  -- | 'userPoolId'
  Prelude.Text ->
  -- | 'clientName'
  Prelude.Text ->
  CreateUserPoolClient
newCreateUserPoolClient :: Text -> Text -> CreateUserPoolClient
newCreateUserPoolClient Text
pUserPoolId_ Text
pClientName_ =
  CreateUserPoolClient' :: Maybe Natural
-> Maybe [ExplicitAuthFlowsType]
-> Maybe [Text]
-> Maybe [Text]
-> Maybe Bool
-> Maybe Bool
-> Maybe Natural
-> Maybe TokenValidityUnitsType
-> Maybe Text
-> Maybe Bool
-> Maybe [Text]
-> Maybe PreventUserExistenceErrorTypes
-> Maybe Natural
-> Maybe [Text]
-> Maybe [Text]
-> Maybe [OAuthFlowType]
-> Maybe AnalyticsConfigurationType
-> Maybe [Text]
-> Text
-> Text
-> CreateUserPoolClient
CreateUserPoolClient'
    { $sel:refreshTokenValidity:CreateUserPoolClient' :: Maybe Natural
refreshTokenValidity =
        Maybe Natural
forall a. Maybe a
Prelude.Nothing,
      $sel:explicitAuthFlows:CreateUserPoolClient' :: Maybe [ExplicitAuthFlowsType]
explicitAuthFlows = Maybe [ExplicitAuthFlowsType]
forall a. Maybe a
Prelude.Nothing,
      $sel:supportedIdentityProviders:CreateUserPoolClient' :: Maybe [Text]
supportedIdentityProviders = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:logoutURLs:CreateUserPoolClient' :: Maybe [Text]
logoutURLs = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:allowedOAuthFlowsUserPoolClient:CreateUserPoolClient' :: Maybe Bool
allowedOAuthFlowsUserPoolClient = Maybe Bool
forall a. Maybe a
Prelude.Nothing,
      $sel:generateSecret:CreateUserPoolClient' :: Maybe Bool
generateSecret = Maybe Bool
forall a. Maybe a
Prelude.Nothing,
      $sel:idTokenValidity:CreateUserPoolClient' :: Maybe Natural
idTokenValidity = Maybe Natural
forall a. Maybe a
Prelude.Nothing,
      $sel:tokenValidityUnits:CreateUserPoolClient' :: Maybe TokenValidityUnitsType
tokenValidityUnits = Maybe TokenValidityUnitsType
forall a. Maybe a
Prelude.Nothing,
      $sel:defaultRedirectURI:CreateUserPoolClient' :: Maybe Text
defaultRedirectURI = Maybe Text
forall a. Maybe a
Prelude.Nothing,
      $sel:enableTokenRevocation:CreateUserPoolClient' :: Maybe Bool
enableTokenRevocation = Maybe Bool
forall a. Maybe a
Prelude.Nothing,
      $sel:writeAttributes:CreateUserPoolClient' :: Maybe [Text]
writeAttributes = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:preventUserExistenceErrors:CreateUserPoolClient' :: Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors = Maybe PreventUserExistenceErrorTypes
forall a. Maybe a
Prelude.Nothing,
      $sel:accessTokenValidity:CreateUserPoolClient' :: Maybe Natural
accessTokenValidity = Maybe Natural
forall a. Maybe a
Prelude.Nothing,
      $sel:readAttributes:CreateUserPoolClient' :: Maybe [Text]
readAttributes = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:allowedOAuthScopes:CreateUserPoolClient' :: Maybe [Text]
allowedOAuthScopes = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:allowedOAuthFlows:CreateUserPoolClient' :: Maybe [OAuthFlowType]
allowedOAuthFlows = Maybe [OAuthFlowType]
forall a. Maybe a
Prelude.Nothing,
      $sel:analyticsConfiguration:CreateUserPoolClient' :: Maybe AnalyticsConfigurationType
analyticsConfiguration = Maybe AnalyticsConfigurationType
forall a. Maybe a
Prelude.Nothing,
      $sel:callbackURLs:CreateUserPoolClient' :: Maybe [Text]
callbackURLs = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:userPoolId:CreateUserPoolClient' :: Text
userPoolId = Text
pUserPoolId_,
      $sel:clientName:CreateUserPoolClient' :: Text
clientName = Text
pClientName_
    }

-- | The time limit, in days, after which the refresh token is no longer
-- valid and cannot be used.
createUserPoolClient_refreshTokenValidity :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Natural)
createUserPoolClient_refreshTokenValidity :: (Maybe Natural -> f (Maybe Natural))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_refreshTokenValidity = (CreateUserPoolClient -> Maybe Natural)
-> (CreateUserPoolClient -> Maybe Natural -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe Natural)
     (Maybe Natural)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Natural
refreshTokenValidity :: Maybe Natural
$sel:refreshTokenValidity:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Natural
refreshTokenValidity} -> Maybe Natural
refreshTokenValidity) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Natural
a -> CreateUserPoolClient
s {$sel:refreshTokenValidity:CreateUserPoolClient' :: Maybe Natural
refreshTokenValidity = Maybe Natural
a} :: CreateUserPoolClient)

-- | The authentication flows that are supported by the user pool clients.
-- Flow names without the @ALLOW_@ prefix are deprecated in favor of new
-- names with the @ALLOW_@ prefix. Note that values with @ALLOW_@ prefix
-- cannot be used along with values without @ALLOW_@ prefix.
--
-- Valid values include:
--
-- -   @ALLOW_ADMIN_USER_PASSWORD_AUTH@: Enable admin based user password
--     authentication flow @ADMIN_USER_PASSWORD_AUTH@. This setting
--     replaces the @ADMIN_NO_SRP_AUTH@ setting. With this authentication
--     flow, Cognito receives the password in the request instead of using
--     the SRP (Secure Remote Password protocol) protocol to verify
--     passwords.
--
-- -   @ALLOW_CUSTOM_AUTH@: Enable Lambda trigger based authentication.
--
-- -   @ALLOW_USER_PASSWORD_AUTH@: Enable user password-based
--     authentication. In this flow, Cognito receives the password in the
--     request instead of using the SRP protocol to verify passwords.
--
-- -   @ALLOW_USER_SRP_AUTH@: Enable SRP based authentication.
--
-- -   @ALLOW_REFRESH_TOKEN_AUTH@: Enable authflow to refresh tokens.
createUserPoolClient_explicitAuthFlows :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [ExplicitAuthFlowsType])
createUserPoolClient_explicitAuthFlows :: (Maybe [ExplicitAuthFlowsType]
 -> f (Maybe [ExplicitAuthFlowsType]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_explicitAuthFlows = (CreateUserPoolClient -> Maybe [ExplicitAuthFlowsType])
-> (CreateUserPoolClient
    -> Maybe [ExplicitAuthFlowsType] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [ExplicitAuthFlowsType])
     (Maybe [ExplicitAuthFlowsType])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [ExplicitAuthFlowsType]
explicitAuthFlows :: Maybe [ExplicitAuthFlowsType]
$sel:explicitAuthFlows:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [ExplicitAuthFlowsType]
explicitAuthFlows} -> Maybe [ExplicitAuthFlowsType]
explicitAuthFlows) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [ExplicitAuthFlowsType]
a -> CreateUserPoolClient
s {$sel:explicitAuthFlows:CreateUserPoolClient' :: Maybe [ExplicitAuthFlowsType]
explicitAuthFlows = Maybe [ExplicitAuthFlowsType]
a} :: CreateUserPoolClient) ((Maybe [ExplicitAuthFlowsType]
  -> f (Maybe [ExplicitAuthFlowsType]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [ExplicitAuthFlowsType]
     -> f (Maybe [ExplicitAuthFlowsType]))
    -> Maybe [ExplicitAuthFlowsType]
    -> f (Maybe [ExplicitAuthFlowsType]))
-> (Maybe [ExplicitAuthFlowsType]
    -> f (Maybe [ExplicitAuthFlowsType]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso
  [ExplicitAuthFlowsType]
  [ExplicitAuthFlowsType]
  [ExplicitAuthFlowsType]
  [ExplicitAuthFlowsType]
-> Iso
     (Maybe [ExplicitAuthFlowsType])
     (Maybe [ExplicitAuthFlowsType])
     (Maybe [ExplicitAuthFlowsType])
     (Maybe [ExplicitAuthFlowsType])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso
  [ExplicitAuthFlowsType]
  [ExplicitAuthFlowsType]
  [ExplicitAuthFlowsType]
  [ExplicitAuthFlowsType]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | A list of provider names for the identity providers that are supported
-- on this client. The following are supported: @COGNITO@, @Facebook@,
-- @Google@ and @LoginWithAmazon@.
createUserPoolClient_supportedIdentityProviders :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [Prelude.Text])
createUserPoolClient_supportedIdentityProviders :: (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_supportedIdentityProviders = (CreateUserPoolClient -> Maybe [Text])
-> (CreateUserPoolClient -> Maybe [Text] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [Text])
     (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [Text]
supportedIdentityProviders :: Maybe [Text]
$sel:supportedIdentityProviders:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
supportedIdentityProviders} -> Maybe [Text]
supportedIdentityProviders) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [Text]
a -> CreateUserPoolClient
s {$sel:supportedIdentityProviders:CreateUserPoolClient' :: Maybe [Text]
supportedIdentityProviders = Maybe [Text]
a} :: CreateUserPoolClient) ((Maybe [Text] -> f (Maybe [Text]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | A list of allowed logout URLs for the identity providers.
createUserPoolClient_logoutURLs :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [Prelude.Text])
createUserPoolClient_logoutURLs :: (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_logoutURLs = (CreateUserPoolClient -> Maybe [Text])
-> (CreateUserPoolClient -> Maybe [Text] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [Text])
     (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [Text]
logoutURLs :: Maybe [Text]
$sel:logoutURLs:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
logoutURLs} -> Maybe [Text]
logoutURLs) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [Text]
a -> CreateUserPoolClient
s {$sel:logoutURLs:CreateUserPoolClient' :: Maybe [Text]
logoutURLs = Maybe [Text]
a} :: CreateUserPoolClient) ((Maybe [Text] -> f (Maybe [Text]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | Set to true if the client is allowed to follow the OAuth protocol when
-- interacting with Cognito user pools.
createUserPoolClient_allowedOAuthFlowsUserPoolClient :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Bool)
createUserPoolClient_allowedOAuthFlowsUserPoolClient :: (Maybe Bool -> f (Maybe Bool))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_allowedOAuthFlowsUserPoolClient = (CreateUserPoolClient -> Maybe Bool)
-> (CreateUserPoolClient -> Maybe Bool -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient CreateUserPoolClient (Maybe Bool) (Maybe Bool)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Bool
allowedOAuthFlowsUserPoolClient :: Maybe Bool
$sel:allowedOAuthFlowsUserPoolClient:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Bool
allowedOAuthFlowsUserPoolClient} -> Maybe Bool
allowedOAuthFlowsUserPoolClient) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Bool
a -> CreateUserPoolClient
s {$sel:allowedOAuthFlowsUserPoolClient:CreateUserPoolClient' :: Maybe Bool
allowedOAuthFlowsUserPoolClient = Maybe Bool
a} :: CreateUserPoolClient)

-- | Boolean to specify whether you want to generate a secret for the user
-- pool client being created.
createUserPoolClient_generateSecret :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Bool)
createUserPoolClient_generateSecret :: (Maybe Bool -> f (Maybe Bool))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_generateSecret = (CreateUserPoolClient -> Maybe Bool)
-> (CreateUserPoolClient -> Maybe Bool -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient CreateUserPoolClient (Maybe Bool) (Maybe Bool)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Bool
generateSecret :: Maybe Bool
$sel:generateSecret:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Bool
generateSecret} -> Maybe Bool
generateSecret) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Bool
a -> CreateUserPoolClient
s {$sel:generateSecret:CreateUserPoolClient' :: Maybe Bool
generateSecret = Maybe Bool
a} :: CreateUserPoolClient)

-- | The time limit, between 5 minutes and 1 day, after which the ID token is
-- no longer valid and cannot be used. This value will be overridden if you
-- have entered a value in TokenValidityUnits.
createUserPoolClient_idTokenValidity :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Natural)
createUserPoolClient_idTokenValidity :: (Maybe Natural -> f (Maybe Natural))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_idTokenValidity = (CreateUserPoolClient -> Maybe Natural)
-> (CreateUserPoolClient -> Maybe Natural -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe Natural)
     (Maybe Natural)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Natural
idTokenValidity :: Maybe Natural
$sel:idTokenValidity:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Natural
idTokenValidity} -> Maybe Natural
idTokenValidity) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Natural
a -> CreateUserPoolClient
s {$sel:idTokenValidity:CreateUserPoolClient' :: Maybe Natural
idTokenValidity = Maybe Natural
a} :: CreateUserPoolClient)

-- | The units in which the validity times are represented in. Default for
-- RefreshToken is days, and default for ID and access tokens are hours.
createUserPoolClient_tokenValidityUnits :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe TokenValidityUnitsType)
createUserPoolClient_tokenValidityUnits :: (Maybe TokenValidityUnitsType -> f (Maybe TokenValidityUnitsType))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_tokenValidityUnits = (CreateUserPoolClient -> Maybe TokenValidityUnitsType)
-> (CreateUserPoolClient
    -> Maybe TokenValidityUnitsType -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe TokenValidityUnitsType)
     (Maybe TokenValidityUnitsType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe TokenValidityUnitsType
tokenValidityUnits :: Maybe TokenValidityUnitsType
$sel:tokenValidityUnits:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe TokenValidityUnitsType
tokenValidityUnits} -> Maybe TokenValidityUnitsType
tokenValidityUnits) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe TokenValidityUnitsType
a -> CreateUserPoolClient
s {$sel:tokenValidityUnits:CreateUserPoolClient' :: Maybe TokenValidityUnitsType
tokenValidityUnits = Maybe TokenValidityUnitsType
a} :: CreateUserPoolClient)

-- | The default redirect URI. Must be in the @CallbackURLs@ list.
--
-- A redirect URI must:
--
-- -   Be an absolute URI.
--
-- -   Be registered with the authorization server.
--
-- -   Not include a fragment component.
--
-- See
-- <https://tools.ietf.org/html/rfc6749#section-3.1.2 OAuth 2.0 - Redirection Endpoint>.
--
-- Amazon Cognito requires HTTPS over HTTP except for http:\/\/localhost
-- for testing purposes only.
--
-- App callback URLs such as myapp:\/\/example are also supported.
createUserPoolClient_defaultRedirectURI :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Text)
createUserPoolClient_defaultRedirectURI :: (Maybe Text -> f (Maybe Text))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_defaultRedirectURI = (CreateUserPoolClient -> Maybe Text)
-> (CreateUserPoolClient -> Maybe Text -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient CreateUserPoolClient (Maybe Text) (Maybe Text)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Text
defaultRedirectURI :: Maybe Text
$sel:defaultRedirectURI:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Text
defaultRedirectURI} -> Maybe Text
defaultRedirectURI) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Text
a -> CreateUserPoolClient
s {$sel:defaultRedirectURI:CreateUserPoolClient' :: Maybe Text
defaultRedirectURI = Maybe Text
a} :: CreateUserPoolClient)

-- | Enables or disables token revocation. For more information about
-- revoking tokens, see
-- <https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html RevokeToken>.
--
-- If you don\'t include this parameter, token revocation is automatically
-- enabled for the new user pool client.
createUserPoolClient_enableTokenRevocation :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Bool)
createUserPoolClient_enableTokenRevocation :: (Maybe Bool -> f (Maybe Bool))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_enableTokenRevocation = (CreateUserPoolClient -> Maybe Bool)
-> (CreateUserPoolClient -> Maybe Bool -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient CreateUserPoolClient (Maybe Bool) (Maybe Bool)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Bool
enableTokenRevocation :: Maybe Bool
$sel:enableTokenRevocation:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Bool
enableTokenRevocation} -> Maybe Bool
enableTokenRevocation) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Bool
a -> CreateUserPoolClient
s {$sel:enableTokenRevocation:CreateUserPoolClient' :: Maybe Bool
enableTokenRevocation = Maybe Bool
a} :: CreateUserPoolClient)

-- | The user pool attributes that the app client can write to.
--
-- If your app client allows users to sign in through an identity provider,
-- this array must include all attributes that are mapped to identity
-- provider attributes. Amazon Cognito updates mapped attributes when users
-- sign in to your application through an identity provider. If your app
-- client lacks write access to a mapped attribute, Amazon Cognito throws
-- an error when it attempts to update the attribute. For more information,
-- see
-- <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html Specifying Identity Provider Attribute Mappings for Your User Pool>.
createUserPoolClient_writeAttributes :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [Prelude.Text])
createUserPoolClient_writeAttributes :: (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_writeAttributes = (CreateUserPoolClient -> Maybe [Text])
-> (CreateUserPoolClient -> Maybe [Text] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [Text])
     (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [Text]
writeAttributes :: Maybe [Text]
$sel:writeAttributes:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
writeAttributes} -> Maybe [Text]
writeAttributes) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [Text]
a -> CreateUserPoolClient
s {$sel:writeAttributes:CreateUserPoolClient' :: Maybe [Text]
writeAttributes = Maybe [Text]
a} :: CreateUserPoolClient) ((Maybe [Text] -> f (Maybe [Text]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | Use this setting to choose which errors and responses are returned by
-- Cognito APIs during authentication, account confirmation, and password
-- recovery when the user does not exist in the user pool. When set to
-- @ENABLED@ and the user does not exist, authentication returns an error
-- indicating either the username or password was incorrect, and account
-- confirmation and password recovery return a response indicating a code
-- was sent to a simulated destination. When set to @LEGACY@, those APIs
-- will return a @UserNotFoundException@ exception if the user does not
-- exist in the user pool.
--
-- Valid values include:
--
-- -   @ENABLED@ - This prevents user existence-related errors.
--
-- -   @LEGACY@ - This represents the old behavior of Cognito where user
--     existence related errors are not prevented.
--
-- After February 15th 2020, the value of @PreventUserExistenceErrors@ will
-- default to @ENABLED@ for newly created user pool clients if no value is
-- provided.
createUserPoolClient_preventUserExistenceErrors :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe PreventUserExistenceErrorTypes)
createUserPoolClient_preventUserExistenceErrors :: (Maybe PreventUserExistenceErrorTypes
 -> f (Maybe PreventUserExistenceErrorTypes))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_preventUserExistenceErrors = (CreateUserPoolClient -> Maybe PreventUserExistenceErrorTypes)
-> (CreateUserPoolClient
    -> Maybe PreventUserExistenceErrorTypes -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe PreventUserExistenceErrorTypes)
     (Maybe PreventUserExistenceErrorTypes)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors :: Maybe PreventUserExistenceErrorTypes
$sel:preventUserExistenceErrors:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors} -> Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe PreventUserExistenceErrorTypes
a -> CreateUserPoolClient
s {$sel:preventUserExistenceErrors:CreateUserPoolClient' :: Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors = Maybe PreventUserExistenceErrorTypes
a} :: CreateUserPoolClient)

-- | The time limit, between 5 minutes and 1 day, after which the access
-- token is no longer valid and cannot be used. This value will be
-- overridden if you have entered a value in TokenValidityUnits.
createUserPoolClient_accessTokenValidity :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe Prelude.Natural)
createUserPoolClient_accessTokenValidity :: (Maybe Natural -> f (Maybe Natural))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_accessTokenValidity = (CreateUserPoolClient -> Maybe Natural)
-> (CreateUserPoolClient -> Maybe Natural -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe Natural)
     (Maybe Natural)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe Natural
accessTokenValidity :: Maybe Natural
$sel:accessTokenValidity:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Natural
accessTokenValidity} -> Maybe Natural
accessTokenValidity) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe Natural
a -> CreateUserPoolClient
s {$sel:accessTokenValidity:CreateUserPoolClient' :: Maybe Natural
accessTokenValidity = Maybe Natural
a} :: CreateUserPoolClient)

-- | The read attributes.
createUserPoolClient_readAttributes :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [Prelude.Text])
createUserPoolClient_readAttributes :: (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_readAttributes = (CreateUserPoolClient -> Maybe [Text])
-> (CreateUserPoolClient -> Maybe [Text] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [Text])
     (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [Text]
readAttributes :: Maybe [Text]
$sel:readAttributes:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
readAttributes} -> Maybe [Text]
readAttributes) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [Text]
a -> CreateUserPoolClient
s {$sel:readAttributes:CreateUserPoolClient' :: Maybe [Text]
readAttributes = Maybe [Text]
a} :: CreateUserPoolClient) ((Maybe [Text] -> f (Maybe [Text]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The allowed OAuth scopes. Possible values provided by OAuth are:
-- @phone@, @email@, @openid@, and @profile@. Possible values provided by
-- Amazon Web Services are: @aws.cognito.signin.user.admin@. Custom scopes
-- created in Resource Servers are also supported.
createUserPoolClient_allowedOAuthScopes :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [Prelude.Text])
createUserPoolClient_allowedOAuthScopes :: (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_allowedOAuthScopes = (CreateUserPoolClient -> Maybe [Text])
-> (CreateUserPoolClient -> Maybe [Text] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [Text])
     (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [Text]
allowedOAuthScopes :: Maybe [Text]
$sel:allowedOAuthScopes:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
allowedOAuthScopes} -> Maybe [Text]
allowedOAuthScopes) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [Text]
a -> CreateUserPoolClient
s {$sel:allowedOAuthScopes:CreateUserPoolClient' :: Maybe [Text]
allowedOAuthScopes = Maybe [Text]
a} :: CreateUserPoolClient) ((Maybe [Text] -> f (Maybe [Text]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The allowed OAuth flows.
--
-- Set to @code@ to initiate a code grant flow, which provides an
-- authorization code as the response. This code can be exchanged for
-- access tokens with the token endpoint.
--
-- Set to @implicit@ to specify that the client should get the access token
-- (and, optionally, ID token, based on scopes) directly.
--
-- Set to @client_credentials@ to specify that the client should get the
-- access token (and, optionally, ID token, based on scopes) from the token
-- endpoint using a combination of client and client_secret.
createUserPoolClient_allowedOAuthFlows :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [OAuthFlowType])
createUserPoolClient_allowedOAuthFlows :: (Maybe [OAuthFlowType] -> f (Maybe [OAuthFlowType]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_allowedOAuthFlows = (CreateUserPoolClient -> Maybe [OAuthFlowType])
-> (CreateUserPoolClient
    -> Maybe [OAuthFlowType] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [OAuthFlowType])
     (Maybe [OAuthFlowType])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [OAuthFlowType]
allowedOAuthFlows :: Maybe [OAuthFlowType]
$sel:allowedOAuthFlows:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [OAuthFlowType]
allowedOAuthFlows} -> Maybe [OAuthFlowType]
allowedOAuthFlows) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [OAuthFlowType]
a -> CreateUserPoolClient
s {$sel:allowedOAuthFlows:CreateUserPoolClient' :: Maybe [OAuthFlowType]
allowedOAuthFlows = Maybe [OAuthFlowType]
a} :: CreateUserPoolClient) ((Maybe [OAuthFlowType] -> f (Maybe [OAuthFlowType]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [OAuthFlowType] -> f (Maybe [OAuthFlowType]))
    -> Maybe [OAuthFlowType] -> f (Maybe [OAuthFlowType]))
-> (Maybe [OAuthFlowType] -> f (Maybe [OAuthFlowType]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso
  [OAuthFlowType] [OAuthFlowType] [OAuthFlowType] [OAuthFlowType]
-> Iso
     (Maybe [OAuthFlowType])
     (Maybe [OAuthFlowType])
     (Maybe [OAuthFlowType])
     (Maybe [OAuthFlowType])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso
  [OAuthFlowType] [OAuthFlowType] [OAuthFlowType] [OAuthFlowType]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The Amazon Pinpoint analytics configuration for collecting metrics for
-- this user pool.
--
-- In regions where Pinpoint is not available, Cognito User Pools only
-- supports sending events to Amazon Pinpoint projects in us-east-1. In
-- regions where Pinpoint is available, Cognito User Pools will support
-- sending events to Amazon Pinpoint projects within that same region.
createUserPoolClient_analyticsConfiguration :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe AnalyticsConfigurationType)
createUserPoolClient_analyticsConfiguration :: (Maybe AnalyticsConfigurationType
 -> f (Maybe AnalyticsConfigurationType))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_analyticsConfiguration = (CreateUserPoolClient -> Maybe AnalyticsConfigurationType)
-> (CreateUserPoolClient
    -> Maybe AnalyticsConfigurationType -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe AnalyticsConfigurationType)
     (Maybe AnalyticsConfigurationType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe AnalyticsConfigurationType
analyticsConfiguration :: Maybe AnalyticsConfigurationType
$sel:analyticsConfiguration:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe AnalyticsConfigurationType
analyticsConfiguration} -> Maybe AnalyticsConfigurationType
analyticsConfiguration) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe AnalyticsConfigurationType
a -> CreateUserPoolClient
s {$sel:analyticsConfiguration:CreateUserPoolClient' :: Maybe AnalyticsConfigurationType
analyticsConfiguration = Maybe AnalyticsConfigurationType
a} :: CreateUserPoolClient)

-- | A list of allowed redirect (callback) URLs for the identity providers.
--
-- A redirect URI must:
--
-- -   Be an absolute URI.
--
-- -   Be registered with the authorization server.
--
-- -   Not include a fragment component.
--
-- See
-- <https://tools.ietf.org/html/rfc6749#section-3.1.2 OAuth 2.0 - Redirection Endpoint>.
--
-- Amazon Cognito requires HTTPS over HTTP except for http:\/\/localhost
-- for testing purposes only.
--
-- App callback URLs such as myapp:\/\/example are also supported.
createUserPoolClient_callbackURLs :: Lens.Lens' CreateUserPoolClient (Prelude.Maybe [Prelude.Text])
createUserPoolClient_callbackURLs :: (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_callbackURLs = (CreateUserPoolClient -> Maybe [Text])
-> (CreateUserPoolClient -> Maybe [Text] -> CreateUserPoolClient)
-> Lens
     CreateUserPoolClient
     CreateUserPoolClient
     (Maybe [Text])
     (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Maybe [Text]
callbackURLs :: Maybe [Text]
$sel:callbackURLs:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
callbackURLs} -> Maybe [Text]
callbackURLs) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Maybe [Text]
a -> CreateUserPoolClient
s {$sel:callbackURLs:CreateUserPoolClient' :: Maybe [Text]
callbackURLs = Maybe [Text]
a} :: CreateUserPoolClient) ((Maybe [Text] -> f (Maybe [Text]))
 -> CreateUserPoolClient -> f CreateUserPoolClient)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> CreateUserPoolClient
-> f CreateUserPoolClient
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The user pool ID for the user pool where you want to create a user pool
-- client.
createUserPoolClient_userPoolId :: Lens.Lens' CreateUserPoolClient Prelude.Text
createUserPoolClient_userPoolId :: (Text -> f Text) -> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_userPoolId = (CreateUserPoolClient -> Text)
-> (CreateUserPoolClient -> Text -> CreateUserPoolClient)
-> Lens CreateUserPoolClient CreateUserPoolClient Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Text
userPoolId :: Text
$sel:userPoolId:CreateUserPoolClient' :: CreateUserPoolClient -> Text
userPoolId} -> Text
userPoolId) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Text
a -> CreateUserPoolClient
s {$sel:userPoolId:CreateUserPoolClient' :: Text
userPoolId = Text
a} :: CreateUserPoolClient)

-- | The client name for the user pool client you would like to create.
createUserPoolClient_clientName :: Lens.Lens' CreateUserPoolClient Prelude.Text
createUserPoolClient_clientName :: (Text -> f Text) -> CreateUserPoolClient -> f CreateUserPoolClient
createUserPoolClient_clientName = (CreateUserPoolClient -> Text)
-> (CreateUserPoolClient -> Text -> CreateUserPoolClient)
-> Lens CreateUserPoolClient CreateUserPoolClient Text Text
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClient' {Text
clientName :: Text
$sel:clientName:CreateUserPoolClient' :: CreateUserPoolClient -> Text
clientName} -> Text
clientName) (\s :: CreateUserPoolClient
s@CreateUserPoolClient' {} Text
a -> CreateUserPoolClient
s {$sel:clientName:CreateUserPoolClient' :: Text
clientName = Text
a} :: CreateUserPoolClient)

instance Core.AWSRequest CreateUserPoolClient where
  type
    AWSResponse CreateUserPoolClient =
      CreateUserPoolClientResponse
  request :: CreateUserPoolClient -> Request CreateUserPoolClient
request = Service -> CreateUserPoolClient -> Request CreateUserPoolClient
forall a. (ToRequest a, ToJSON a) => Service -> a -> Request a
Request.postJSON Service
defaultService
  response :: Logger
-> Service
-> Proxy CreateUserPoolClient
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse CreateUserPoolClient)))
response =
    (Int
 -> ResponseHeaders
 -> Object
 -> Either String (AWSResponse CreateUserPoolClient))
-> Logger
-> Service
-> Proxy CreateUserPoolClient
-> ClientResponse ClientBody
-> m (Either
        Error (ClientResponse (AWSResponse CreateUserPoolClient)))
forall (m :: * -> *) a.
MonadResource m =>
(Int -> ResponseHeaders -> Object -> Either String (AWSResponse a))
-> Logger
-> Service
-> Proxy a
-> ClientResponse ClientBody
-> m (Either Error (ClientResponse (AWSResponse a)))
Response.receiveJSON
      ( \Int
s ResponseHeaders
h Object
x ->
          Maybe UserPoolClientType -> Int -> CreateUserPoolClientResponse
CreateUserPoolClientResponse'
            (Maybe UserPoolClientType -> Int -> CreateUserPoolClientResponse)
-> Either String (Maybe UserPoolClientType)
-> Either String (Int -> CreateUserPoolClientResponse)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Either String (Maybe UserPoolClientType)
forall a. FromJSON a => Object -> Text -> Either String (Maybe a)
Core..?> Text
"UserPoolClient")
            Either String (Int -> CreateUserPoolClientResponse)
-> Either String Int -> Either String CreateUserPoolClientResponse
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Int -> Either String Int
forall (f :: * -> *) a. Applicative f => a -> f a
Prelude.pure (Int -> Int
forall a. Enum a => a -> Int
Prelude.fromEnum Int
s))
      )

instance Prelude.Hashable CreateUserPoolClient

instance Prelude.NFData CreateUserPoolClient

instance Core.ToHeaders CreateUserPoolClient where
  toHeaders :: CreateUserPoolClient -> ResponseHeaders
toHeaders =
    ResponseHeaders -> CreateUserPoolClient -> ResponseHeaders
forall a b. a -> b -> a
Prelude.const
      ( [ResponseHeaders] -> ResponseHeaders
forall a. Monoid a => [a] -> a
Prelude.mconcat
          [ HeaderName
"X-Amz-Target"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"AWSCognitoIdentityProviderService.CreateUserPoolClient" ::
                          Prelude.ByteString
                      ),
            HeaderName
"Content-Type"
              HeaderName -> ByteString -> ResponseHeaders
forall a. ToHeader a => HeaderName -> a -> ResponseHeaders
Core.=# ( ByteString
"application/x-amz-json-1.1" ::
                          Prelude.ByteString
                      )
          ]
      )

instance Core.ToJSON CreateUserPoolClient where
  toJSON :: CreateUserPoolClient -> Value
toJSON CreateUserPoolClient' {Maybe Bool
Maybe Natural
Maybe [Text]
Maybe [ExplicitAuthFlowsType]
Maybe [OAuthFlowType]
Maybe Text
Maybe AnalyticsConfigurationType
Maybe PreventUserExistenceErrorTypes
Maybe TokenValidityUnitsType
Text
clientName :: Text
userPoolId :: Text
callbackURLs :: Maybe [Text]
analyticsConfiguration :: Maybe AnalyticsConfigurationType
allowedOAuthFlows :: Maybe [OAuthFlowType]
allowedOAuthScopes :: Maybe [Text]
readAttributes :: Maybe [Text]
accessTokenValidity :: Maybe Natural
preventUserExistenceErrors :: Maybe PreventUserExistenceErrorTypes
writeAttributes :: Maybe [Text]
enableTokenRevocation :: Maybe Bool
defaultRedirectURI :: Maybe Text
tokenValidityUnits :: Maybe TokenValidityUnitsType
idTokenValidity :: Maybe Natural
generateSecret :: Maybe Bool
allowedOAuthFlowsUserPoolClient :: Maybe Bool
logoutURLs :: Maybe [Text]
supportedIdentityProviders :: Maybe [Text]
explicitAuthFlows :: Maybe [ExplicitAuthFlowsType]
refreshTokenValidity :: Maybe Natural
$sel:clientName:CreateUserPoolClient' :: CreateUserPoolClient -> Text
$sel:userPoolId:CreateUserPoolClient' :: CreateUserPoolClient -> Text
$sel:callbackURLs:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
$sel:analyticsConfiguration:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe AnalyticsConfigurationType
$sel:allowedOAuthFlows:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [OAuthFlowType]
$sel:allowedOAuthScopes:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
$sel:readAttributes:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
$sel:accessTokenValidity:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Natural
$sel:preventUserExistenceErrors:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe PreventUserExistenceErrorTypes
$sel:writeAttributes:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
$sel:enableTokenRevocation:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Bool
$sel:defaultRedirectURI:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Text
$sel:tokenValidityUnits:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe TokenValidityUnitsType
$sel:idTokenValidity:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Natural
$sel:generateSecret:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Bool
$sel:allowedOAuthFlowsUserPoolClient:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Bool
$sel:logoutURLs:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
$sel:supportedIdentityProviders:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [Text]
$sel:explicitAuthFlows:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe [ExplicitAuthFlowsType]
$sel:refreshTokenValidity:CreateUserPoolClient' :: CreateUserPoolClient -> Maybe Natural
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Text
"RefreshTokenValidity" Text -> Natural -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Natural -> Pair) -> Maybe Natural -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Natural
refreshTokenValidity,
            (Text
"ExplicitAuthFlows" Text -> [ExplicitAuthFlowsType] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([ExplicitAuthFlowsType] -> Pair)
-> Maybe [ExplicitAuthFlowsType] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [ExplicitAuthFlowsType]
explicitAuthFlows,
            (Text
"SupportedIdentityProviders" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
supportedIdentityProviders,
            (Text
"LogoutURLs" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
logoutURLs,
            (Text
"AllowedOAuthFlowsUserPoolClient" Text -> Bool -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Bool -> Pair) -> Maybe Bool -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Bool
allowedOAuthFlowsUserPoolClient,
            (Text
"GenerateSecret" Text -> Bool -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Bool -> Pair) -> Maybe Bool -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Bool
generateSecret,
            (Text
"IdTokenValidity" Text -> Natural -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Natural -> Pair) -> Maybe Natural -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Natural
idTokenValidity,
            (Text
"TokenValidityUnits" Text -> TokenValidityUnitsType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (TokenValidityUnitsType -> Pair)
-> Maybe TokenValidityUnitsType -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe TokenValidityUnitsType
tokenValidityUnits,
            (Text
"DefaultRedirectURI" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Text -> Pair) -> Maybe Text -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Text
defaultRedirectURI,
            (Text
"EnableTokenRevocation" Text -> Bool -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Bool -> Pair) -> Maybe Bool -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Bool
enableTokenRevocation,
            (Text
"WriteAttributes" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
writeAttributes,
            (Text
"PreventUserExistenceErrors" Text -> PreventUserExistenceErrorTypes -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (PreventUserExistenceErrorTypes -> Pair)
-> Maybe PreventUserExistenceErrorTypes -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe PreventUserExistenceErrorTypes
preventUserExistenceErrors,
            (Text
"AccessTokenValidity" Text -> Natural -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Natural -> Pair) -> Maybe Natural -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Natural
accessTokenValidity,
            (Text
"ReadAttributes" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
readAttributes,
            (Text
"AllowedOAuthScopes" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
allowedOAuthScopes,
            (Text
"AllowedOAuthFlows" Text -> [OAuthFlowType] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([OAuthFlowType] -> Pair) -> Maybe [OAuthFlowType] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [OAuthFlowType]
allowedOAuthFlows,
            (Text
"AnalyticsConfiguration" Text -> AnalyticsConfigurationType -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (AnalyticsConfigurationType -> Pair)
-> Maybe AnalyticsConfigurationType -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe AnalyticsConfigurationType
analyticsConfiguration,
            (Text
"CallbackURLs" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
callbackURLs,
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"UserPoolId" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
userPoolId),
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"ClientName" Text -> Text -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= Text
clientName)
          ]
      )

instance Core.ToPath CreateUserPoolClient where
  toPath :: CreateUserPoolClient -> ByteString
toPath = ByteString -> CreateUserPoolClient -> ByteString
forall a b. a -> b -> a
Prelude.const ByteString
"/"

instance Core.ToQuery CreateUserPoolClient where
  toQuery :: CreateUserPoolClient -> QueryString
toQuery = QueryString -> CreateUserPoolClient -> QueryString
forall a b. a -> b -> a
Prelude.const QueryString
forall a. Monoid a => a
Prelude.mempty

-- | Represents the response from the server to create a user pool client.
--
-- /See:/ 'newCreateUserPoolClientResponse' smart constructor.
data CreateUserPoolClientResponse = CreateUserPoolClientResponse'
  { -- | The user pool client that was just created.
    CreateUserPoolClientResponse -> Maybe UserPoolClientType
userPoolClient :: Prelude.Maybe UserPoolClientType,
    -- | The response's http status code.
    CreateUserPoolClientResponse -> Int
httpStatus :: Prelude.Int
  }
  deriving (CreateUserPoolClientResponse
-> CreateUserPoolClientResponse -> Bool
(CreateUserPoolClientResponse
 -> CreateUserPoolClientResponse -> Bool)
-> (CreateUserPoolClientResponse
    -> CreateUserPoolClientResponse -> Bool)
-> Eq CreateUserPoolClientResponse
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: CreateUserPoolClientResponse
-> CreateUserPoolClientResponse -> Bool
$c/= :: CreateUserPoolClientResponse
-> CreateUserPoolClientResponse -> Bool
== :: CreateUserPoolClientResponse
-> CreateUserPoolClientResponse -> Bool
$c== :: CreateUserPoolClientResponse
-> CreateUserPoolClientResponse -> Bool
Prelude.Eq, Int -> CreateUserPoolClientResponse -> ShowS
[CreateUserPoolClientResponse] -> ShowS
CreateUserPoolClientResponse -> String
(Int -> CreateUserPoolClientResponse -> ShowS)
-> (CreateUserPoolClientResponse -> String)
-> ([CreateUserPoolClientResponse] -> ShowS)
-> Show CreateUserPoolClientResponse
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [CreateUserPoolClientResponse] -> ShowS
$cshowList :: [CreateUserPoolClientResponse] -> ShowS
show :: CreateUserPoolClientResponse -> String
$cshow :: CreateUserPoolClientResponse -> String
showsPrec :: Int -> CreateUserPoolClientResponse -> ShowS
$cshowsPrec :: Int -> CreateUserPoolClientResponse -> ShowS
Prelude.Show, (forall x.
 CreateUserPoolClientResponse -> Rep CreateUserPoolClientResponse x)
-> (forall x.
    Rep CreateUserPoolClientResponse x -> CreateUserPoolClientResponse)
-> Generic CreateUserPoolClientResponse
forall x.
Rep CreateUserPoolClientResponse x -> CreateUserPoolClientResponse
forall x.
CreateUserPoolClientResponse -> Rep CreateUserPoolClientResponse x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x.
Rep CreateUserPoolClientResponse x -> CreateUserPoolClientResponse
$cfrom :: forall x.
CreateUserPoolClientResponse -> Rep CreateUserPoolClientResponse x
Prelude.Generic)

-- |
-- Create a value of 'CreateUserPoolClientResponse' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'userPoolClient', 'createUserPoolClientResponse_userPoolClient' - The user pool client that was just created.
--
-- 'httpStatus', 'createUserPoolClientResponse_httpStatus' - The response's http status code.
newCreateUserPoolClientResponse ::
  -- | 'httpStatus'
  Prelude.Int ->
  CreateUserPoolClientResponse
newCreateUserPoolClientResponse :: Int -> CreateUserPoolClientResponse
newCreateUserPoolClientResponse Int
pHttpStatus_ =
  CreateUserPoolClientResponse' :: Maybe UserPoolClientType -> Int -> CreateUserPoolClientResponse
CreateUserPoolClientResponse'
    { $sel:userPoolClient:CreateUserPoolClientResponse' :: Maybe UserPoolClientType
userPoolClient =
        Maybe UserPoolClientType
forall a. Maybe a
Prelude.Nothing,
      $sel:httpStatus:CreateUserPoolClientResponse' :: Int
httpStatus = Int
pHttpStatus_
    }

-- | The user pool client that was just created.
createUserPoolClientResponse_userPoolClient :: Lens.Lens' CreateUserPoolClientResponse (Prelude.Maybe UserPoolClientType)
createUserPoolClientResponse_userPoolClient :: (Maybe UserPoolClientType -> f (Maybe UserPoolClientType))
-> CreateUserPoolClientResponse -> f CreateUserPoolClientResponse
createUserPoolClientResponse_userPoolClient = (CreateUserPoolClientResponse -> Maybe UserPoolClientType)
-> (CreateUserPoolClientResponse
    -> Maybe UserPoolClientType -> CreateUserPoolClientResponse)
-> Lens
     CreateUserPoolClientResponse
     CreateUserPoolClientResponse
     (Maybe UserPoolClientType)
     (Maybe UserPoolClientType)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClientResponse' {Maybe UserPoolClientType
userPoolClient :: Maybe UserPoolClientType
$sel:userPoolClient:CreateUserPoolClientResponse' :: CreateUserPoolClientResponse -> Maybe UserPoolClientType
userPoolClient} -> Maybe UserPoolClientType
userPoolClient) (\s :: CreateUserPoolClientResponse
s@CreateUserPoolClientResponse' {} Maybe UserPoolClientType
a -> CreateUserPoolClientResponse
s {$sel:userPoolClient:CreateUserPoolClientResponse' :: Maybe UserPoolClientType
userPoolClient = Maybe UserPoolClientType
a} :: CreateUserPoolClientResponse)

-- | The response's http status code.
createUserPoolClientResponse_httpStatus :: Lens.Lens' CreateUserPoolClientResponse Prelude.Int
createUserPoolClientResponse_httpStatus :: (Int -> f Int)
-> CreateUserPoolClientResponse -> f CreateUserPoolClientResponse
createUserPoolClientResponse_httpStatus = (CreateUserPoolClientResponse -> Int)
-> (CreateUserPoolClientResponse
    -> Int -> CreateUserPoolClientResponse)
-> Lens
     CreateUserPoolClientResponse CreateUserPoolClientResponse Int Int
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\CreateUserPoolClientResponse' {Int
httpStatus :: Int
$sel:httpStatus:CreateUserPoolClientResponse' :: CreateUserPoolClientResponse -> Int
httpStatus} -> Int
httpStatus) (\s :: CreateUserPoolClientResponse
s@CreateUserPoolClientResponse' {} Int
a -> CreateUserPoolClientResponse
s {$sel:httpStatus:CreateUserPoolClientResponse' :: Int
httpStatus = Int
a} :: CreateUserPoolClientResponse)

instance Prelude.NFData CreateUserPoolClientResponse