{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.Grafana.Types.SamlConfiguration
-- Copyright   : (c) 2013-2021 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay <brendan.g.hay+amazonka@gmail.com>
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.Grafana.Types.SamlConfiguration where

import qualified Amazonka.Core as Core
import Amazonka.Grafana.Types.AssertionAttributes
import Amazonka.Grafana.Types.IdpMetadata
import Amazonka.Grafana.Types.RoleValues
import qualified Amazonka.Lens as Lens
import qualified Amazonka.Prelude as Prelude

-- | A structure containing information about how this workspace works with
-- SAML.
--
-- /See:/ 'newSamlConfiguration' smart constructor.
data SamlConfiguration = SamlConfiguration'
  { -- | How long a sign-on session by a SAML user is valid, before the user has
    -- to sign on again.
    SamlConfiguration -> Maybe Int
loginValidityDuration :: Prelude.Maybe Prelude.Int,
    -- | A structure that defines which attributes in the SAML assertion are to
    -- be used to define information about the users authenticated by that IdP
    -- to use the workspace.
    SamlConfiguration -> Maybe AssertionAttributes
assertionAttributes :: Prelude.Maybe AssertionAttributes,
    -- | Lists which organizations defined in the SAML assertion are allowed to
    -- use the Amazon Managed Grafana workspace. If this is empty, all
    -- organizations in the assertion attribute have access.
    SamlConfiguration -> Maybe [Text]
allowedOrganizations :: Prelude.Maybe [Prelude.Text],
    -- | A structure containing arrays that map group names in the SAML assertion
    -- to the Grafana @Admin@ and @Editor@ roles in the workspace.
    SamlConfiguration -> Maybe RoleValues
roleValues :: Prelude.Maybe RoleValues,
    -- | A structure containing the identity provider (IdP) metadata used to
    -- integrate the identity provider with this workspace.
    SamlConfiguration -> IdpMetadata
idpMetadata :: IdpMetadata
  }
  deriving (SamlConfiguration -> SamlConfiguration -> Bool
(SamlConfiguration -> SamlConfiguration -> Bool)
-> (SamlConfiguration -> SamlConfiguration -> Bool)
-> Eq SamlConfiguration
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: SamlConfiguration -> SamlConfiguration -> Bool
$c/= :: SamlConfiguration -> SamlConfiguration -> Bool
== :: SamlConfiguration -> SamlConfiguration -> Bool
$c== :: SamlConfiguration -> SamlConfiguration -> Bool
Prelude.Eq, ReadPrec [SamlConfiguration]
ReadPrec SamlConfiguration
Int -> ReadS SamlConfiguration
ReadS [SamlConfiguration]
(Int -> ReadS SamlConfiguration)
-> ReadS [SamlConfiguration]
-> ReadPrec SamlConfiguration
-> ReadPrec [SamlConfiguration]
-> Read SamlConfiguration
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [SamlConfiguration]
$creadListPrec :: ReadPrec [SamlConfiguration]
readPrec :: ReadPrec SamlConfiguration
$creadPrec :: ReadPrec SamlConfiguration
readList :: ReadS [SamlConfiguration]
$creadList :: ReadS [SamlConfiguration]
readsPrec :: Int -> ReadS SamlConfiguration
$creadsPrec :: Int -> ReadS SamlConfiguration
Prelude.Read, Int -> SamlConfiguration -> ShowS
[SamlConfiguration] -> ShowS
SamlConfiguration -> String
(Int -> SamlConfiguration -> ShowS)
-> (SamlConfiguration -> String)
-> ([SamlConfiguration] -> ShowS)
-> Show SamlConfiguration
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [SamlConfiguration] -> ShowS
$cshowList :: [SamlConfiguration] -> ShowS
show :: SamlConfiguration -> String
$cshow :: SamlConfiguration -> String
showsPrec :: Int -> SamlConfiguration -> ShowS
$cshowsPrec :: Int -> SamlConfiguration -> ShowS
Prelude.Show, (forall x. SamlConfiguration -> Rep SamlConfiguration x)
-> (forall x. Rep SamlConfiguration x -> SamlConfiguration)
-> Generic SamlConfiguration
forall x. Rep SamlConfiguration x -> SamlConfiguration
forall x. SamlConfiguration -> Rep SamlConfiguration x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep SamlConfiguration x -> SamlConfiguration
$cfrom :: forall x. SamlConfiguration -> Rep SamlConfiguration x
Prelude.Generic)

-- |
-- Create a value of 'SamlConfiguration' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'loginValidityDuration', 'samlConfiguration_loginValidityDuration' - How long a sign-on session by a SAML user is valid, before the user has
-- to sign on again.
--
-- 'assertionAttributes', 'samlConfiguration_assertionAttributes' - A structure that defines which attributes in the SAML assertion are to
-- be used to define information about the users authenticated by that IdP
-- to use the workspace.
--
-- 'allowedOrganizations', 'samlConfiguration_allowedOrganizations' - Lists which organizations defined in the SAML assertion are allowed to
-- use the Amazon Managed Grafana workspace. If this is empty, all
-- organizations in the assertion attribute have access.
--
-- 'roleValues', 'samlConfiguration_roleValues' - A structure containing arrays that map group names in the SAML assertion
-- to the Grafana @Admin@ and @Editor@ roles in the workspace.
--
-- 'idpMetadata', 'samlConfiguration_idpMetadata' - A structure containing the identity provider (IdP) metadata used to
-- integrate the identity provider with this workspace.
newSamlConfiguration ::
  -- | 'idpMetadata'
  IdpMetadata ->
  SamlConfiguration
newSamlConfiguration :: IdpMetadata -> SamlConfiguration
newSamlConfiguration IdpMetadata
pIdpMetadata_ =
  SamlConfiguration' :: Maybe Int
-> Maybe AssertionAttributes
-> Maybe [Text]
-> Maybe RoleValues
-> IdpMetadata
-> SamlConfiguration
SamlConfiguration'
    { $sel:loginValidityDuration:SamlConfiguration' :: Maybe Int
loginValidityDuration =
        Maybe Int
forall a. Maybe a
Prelude.Nothing,
      $sel:assertionAttributes:SamlConfiguration' :: Maybe AssertionAttributes
assertionAttributes = Maybe AssertionAttributes
forall a. Maybe a
Prelude.Nothing,
      $sel:allowedOrganizations:SamlConfiguration' :: Maybe [Text]
allowedOrganizations = Maybe [Text]
forall a. Maybe a
Prelude.Nothing,
      $sel:roleValues:SamlConfiguration' :: Maybe RoleValues
roleValues = Maybe RoleValues
forall a. Maybe a
Prelude.Nothing,
      $sel:idpMetadata:SamlConfiguration' :: IdpMetadata
idpMetadata = IdpMetadata
pIdpMetadata_
    }

-- | How long a sign-on session by a SAML user is valid, before the user has
-- to sign on again.
samlConfiguration_loginValidityDuration :: Lens.Lens' SamlConfiguration (Prelude.Maybe Prelude.Int)
samlConfiguration_loginValidityDuration :: (Maybe Int -> f (Maybe Int))
-> SamlConfiguration -> f SamlConfiguration
samlConfiguration_loginValidityDuration = (SamlConfiguration -> Maybe Int)
-> (SamlConfiguration -> Maybe Int -> SamlConfiguration)
-> Lens SamlConfiguration SamlConfiguration (Maybe Int) (Maybe Int)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SamlConfiguration' {Maybe Int
loginValidityDuration :: Maybe Int
$sel:loginValidityDuration:SamlConfiguration' :: SamlConfiguration -> Maybe Int
loginValidityDuration} -> Maybe Int
loginValidityDuration) (\s :: SamlConfiguration
s@SamlConfiguration' {} Maybe Int
a -> SamlConfiguration
s {$sel:loginValidityDuration:SamlConfiguration' :: Maybe Int
loginValidityDuration = Maybe Int
a} :: SamlConfiguration)

-- | A structure that defines which attributes in the SAML assertion are to
-- be used to define information about the users authenticated by that IdP
-- to use the workspace.
samlConfiguration_assertionAttributes :: Lens.Lens' SamlConfiguration (Prelude.Maybe AssertionAttributes)
samlConfiguration_assertionAttributes :: (Maybe AssertionAttributes -> f (Maybe AssertionAttributes))
-> SamlConfiguration -> f SamlConfiguration
samlConfiguration_assertionAttributes = (SamlConfiguration -> Maybe AssertionAttributes)
-> (SamlConfiguration
    -> Maybe AssertionAttributes -> SamlConfiguration)
-> Lens
     SamlConfiguration
     SamlConfiguration
     (Maybe AssertionAttributes)
     (Maybe AssertionAttributes)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SamlConfiguration' {Maybe AssertionAttributes
assertionAttributes :: Maybe AssertionAttributes
$sel:assertionAttributes:SamlConfiguration' :: SamlConfiguration -> Maybe AssertionAttributes
assertionAttributes} -> Maybe AssertionAttributes
assertionAttributes) (\s :: SamlConfiguration
s@SamlConfiguration' {} Maybe AssertionAttributes
a -> SamlConfiguration
s {$sel:assertionAttributes:SamlConfiguration' :: Maybe AssertionAttributes
assertionAttributes = Maybe AssertionAttributes
a} :: SamlConfiguration)

-- | Lists which organizations defined in the SAML assertion are allowed to
-- use the Amazon Managed Grafana workspace. If this is empty, all
-- organizations in the assertion attribute have access.
samlConfiguration_allowedOrganizations :: Lens.Lens' SamlConfiguration (Prelude.Maybe [Prelude.Text])
samlConfiguration_allowedOrganizations :: (Maybe [Text] -> f (Maybe [Text]))
-> SamlConfiguration -> f SamlConfiguration
samlConfiguration_allowedOrganizations = (SamlConfiguration -> Maybe [Text])
-> (SamlConfiguration -> Maybe [Text] -> SamlConfiguration)
-> Lens
     SamlConfiguration SamlConfiguration (Maybe [Text]) (Maybe [Text])
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SamlConfiguration' {Maybe [Text]
allowedOrganizations :: Maybe [Text]
$sel:allowedOrganizations:SamlConfiguration' :: SamlConfiguration -> Maybe [Text]
allowedOrganizations} -> Maybe [Text]
allowedOrganizations) (\s :: SamlConfiguration
s@SamlConfiguration' {} Maybe [Text]
a -> SamlConfiguration
s {$sel:allowedOrganizations:SamlConfiguration' :: Maybe [Text]
allowedOrganizations = Maybe [Text]
a} :: SamlConfiguration) ((Maybe [Text] -> f (Maybe [Text]))
 -> SamlConfiguration -> f SamlConfiguration)
-> ((Maybe [Text] -> f (Maybe [Text]))
    -> Maybe [Text] -> f (Maybe [Text]))
-> (Maybe [Text] -> f (Maybe [Text]))
-> SamlConfiguration
-> f SamlConfiguration
forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. AnIso [Text] [Text] [Text] [Text]
-> Iso (Maybe [Text]) (Maybe [Text]) (Maybe [Text]) (Maybe [Text])
forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping AnIso [Text] [Text] [Text] [Text]
forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | A structure containing arrays that map group names in the SAML assertion
-- to the Grafana @Admin@ and @Editor@ roles in the workspace.
samlConfiguration_roleValues :: Lens.Lens' SamlConfiguration (Prelude.Maybe RoleValues)
samlConfiguration_roleValues :: (Maybe RoleValues -> f (Maybe RoleValues))
-> SamlConfiguration -> f SamlConfiguration
samlConfiguration_roleValues = (SamlConfiguration -> Maybe RoleValues)
-> (SamlConfiguration -> Maybe RoleValues -> SamlConfiguration)
-> Lens
     SamlConfiguration
     SamlConfiguration
     (Maybe RoleValues)
     (Maybe RoleValues)
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SamlConfiguration' {Maybe RoleValues
roleValues :: Maybe RoleValues
$sel:roleValues:SamlConfiguration' :: SamlConfiguration -> Maybe RoleValues
roleValues} -> Maybe RoleValues
roleValues) (\s :: SamlConfiguration
s@SamlConfiguration' {} Maybe RoleValues
a -> SamlConfiguration
s {$sel:roleValues:SamlConfiguration' :: Maybe RoleValues
roleValues = Maybe RoleValues
a} :: SamlConfiguration)

-- | A structure containing the identity provider (IdP) metadata used to
-- integrate the identity provider with this workspace.
samlConfiguration_idpMetadata :: Lens.Lens' SamlConfiguration IdpMetadata
samlConfiguration_idpMetadata :: (IdpMetadata -> f IdpMetadata)
-> SamlConfiguration -> f SamlConfiguration
samlConfiguration_idpMetadata = (SamlConfiguration -> IdpMetadata)
-> (SamlConfiguration -> IdpMetadata -> SamlConfiguration)
-> Lens SamlConfiguration SamlConfiguration IdpMetadata IdpMetadata
forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SamlConfiguration' {IdpMetadata
idpMetadata :: IdpMetadata
$sel:idpMetadata:SamlConfiguration' :: SamlConfiguration -> IdpMetadata
idpMetadata} -> IdpMetadata
idpMetadata) (\s :: SamlConfiguration
s@SamlConfiguration' {} IdpMetadata
a -> SamlConfiguration
s {$sel:idpMetadata:SamlConfiguration' :: IdpMetadata
idpMetadata = IdpMetadata
a} :: SamlConfiguration)

instance Core.FromJSON SamlConfiguration where
  parseJSON :: Value -> Parser SamlConfiguration
parseJSON =
    String
-> (Object -> Parser SamlConfiguration)
-> Value
-> Parser SamlConfiguration
forall a. String -> (Object -> Parser a) -> Value -> Parser a
Core.withObject
      String
"SamlConfiguration"
      ( \Object
x ->
          Maybe Int
-> Maybe AssertionAttributes
-> Maybe [Text]
-> Maybe RoleValues
-> IdpMetadata
-> SamlConfiguration
SamlConfiguration'
            (Maybe Int
 -> Maybe AssertionAttributes
 -> Maybe [Text]
 -> Maybe RoleValues
 -> IdpMetadata
 -> SamlConfiguration)
-> Parser (Maybe Int)
-> Parser
     (Maybe AssertionAttributes
      -> Maybe [Text]
      -> Maybe RoleValues
      -> IdpMetadata
      -> SamlConfiguration)
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x Object -> Text -> Parser (Maybe Int)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"loginValidityDuration")
            Parser
  (Maybe AssertionAttributes
   -> Maybe [Text]
   -> Maybe RoleValues
   -> IdpMetadata
   -> SamlConfiguration)
-> Parser (Maybe AssertionAttributes)
-> Parser
     (Maybe [Text]
      -> Maybe RoleValues -> IdpMetadata -> SamlConfiguration)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe AssertionAttributes)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"assertionAttributes")
            Parser
  (Maybe [Text]
   -> Maybe RoleValues -> IdpMetadata -> SamlConfiguration)
-> Parser (Maybe [Text])
-> Parser (Maybe RoleValues -> IdpMetadata -> SamlConfiguration)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> ( Object
x Object -> Text -> Parser (Maybe (Maybe [Text]))
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"allowedOrganizations"
                            Parser (Maybe (Maybe [Text]))
-> Maybe [Text] -> Parser (Maybe [Text])
forall a. Parser (Maybe a) -> a -> Parser a
Core..!= Maybe [Text]
forall a. Monoid a => a
Prelude.mempty
                        )
            Parser (Maybe RoleValues -> IdpMetadata -> SamlConfiguration)
-> Parser (Maybe RoleValues)
-> Parser (IdpMetadata -> SamlConfiguration)
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser (Maybe RoleValues)
forall a. FromJSON a => Object -> Text -> Parser (Maybe a)
Core..:? Text
"roleValues")
            Parser (IdpMetadata -> SamlConfiguration)
-> Parser IdpMetadata -> Parser SamlConfiguration
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x Object -> Text -> Parser IdpMetadata
forall a. FromJSON a => Object -> Text -> Parser a
Core..: Text
"idpMetadata")
      )

instance Prelude.Hashable SamlConfiguration

instance Prelude.NFData SamlConfiguration

instance Core.ToJSON SamlConfiguration where
  toJSON :: SamlConfiguration -> Value
toJSON SamlConfiguration' {Maybe Int
Maybe [Text]
Maybe AssertionAttributes
Maybe RoleValues
IdpMetadata
idpMetadata :: IdpMetadata
roleValues :: Maybe RoleValues
allowedOrganizations :: Maybe [Text]
assertionAttributes :: Maybe AssertionAttributes
loginValidityDuration :: Maybe Int
$sel:idpMetadata:SamlConfiguration' :: SamlConfiguration -> IdpMetadata
$sel:roleValues:SamlConfiguration' :: SamlConfiguration -> Maybe RoleValues
$sel:allowedOrganizations:SamlConfiguration' :: SamlConfiguration -> Maybe [Text]
$sel:assertionAttributes:SamlConfiguration' :: SamlConfiguration -> Maybe AssertionAttributes
$sel:loginValidityDuration:SamlConfiguration' :: SamlConfiguration -> Maybe Int
..} =
    [Pair] -> Value
Core.object
      ( [Maybe Pair] -> [Pair]
forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Text
"loginValidityDuration" Text -> Int -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (Int -> Pair) -> Maybe Int -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe Int
loginValidityDuration,
            (Text
"assertionAttributes" Text -> AssertionAttributes -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              (AssertionAttributes -> Pair)
-> Maybe AssertionAttributes -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe AssertionAttributes
assertionAttributes,
            (Text
"allowedOrganizations" Text -> [Text] -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=)
              ([Text] -> Pair) -> Maybe [Text] -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe [Text]
allowedOrganizations,
            (Text
"roleValues" Text -> RoleValues -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..=) (RoleValues -> Pair) -> Maybe RoleValues -> Maybe Pair
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe RoleValues
roleValues,
            Pair -> Maybe Pair
forall a. a -> Maybe a
Prelude.Just (Text
"idpMetadata" Text -> IdpMetadata -> Pair
forall kv v. (KeyValue kv, ToJSON v) => Text -> v -> kv
Core..= IdpMetadata
idpMetadata)
          ]
      )