{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.APIGateway.Types.Authorizer
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.APIGateway.Types.Authorizer where

import Amazonka.APIGateway.Types.AuthorizerType
import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude

-- | Represents an authorization layer for methods. If enabled on a method,
-- API Gateway will activate the authorizer when a client calls the method.
--
-- /See:/ 'newAuthorizer' smart constructor.
data Authorizer = Authorizer'
  { -- | Optional customer-defined field, used in OpenAPI imports and exports
    -- without functional impact.
    Authorizer -> Maybe Text
authType :: Prelude.Maybe Prelude.Text,
    -- | Specifies the required credentials as an IAM role for API Gateway to
    -- invoke the authorizer. To specify an IAM role for API Gateway to assume,
    -- use the role\'s Amazon Resource Name (ARN). To use resource-based
    -- permissions on the Lambda function, specify null.
    Authorizer -> Maybe Text
authorizerCredentials :: Prelude.Maybe Prelude.Text,
    -- | The TTL in seconds of cached authorizer results. If it equals 0,
    -- authorization caching is disabled. If it is greater than 0, API Gateway
    -- will cache authorizer responses. If this field is not set, the default
    -- value is 300. The maximum value is 3600, or 1 hour.
    Authorizer -> Maybe Int
authorizerResultTtlInSeconds :: Prelude.Maybe Prelude.Int,
    -- | Specifies the authorizer\'s Uniform Resource Identifier (URI). For
    -- @TOKEN@ or @REQUEST@ authorizers, this must be a well-formed Lambda
    -- function URI, for example,
    -- @arn:aws:apigateway:us-west-2:lambda:path\/2015-03-31\/functions\/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}\/invocations@.
    -- In general, the URI has this form
    -- @arn:aws:apigateway:{region}:lambda:path\/{service_api}@, where
    -- @{region}@ is the same as the region hosting the Lambda function, @path@
    -- indicates that the remaining substring in the URI should be treated as
    -- the path to the resource, including the initial @\/@. For Lambda
    -- functions, this is usually of the form
    -- @\/2015-03-31\/functions\/[FunctionARN]\/invocations@.
    Authorizer -> Maybe Text
authorizerUri :: Prelude.Maybe Prelude.Text,
    -- | The identifier for the authorizer resource.
    Authorizer -> Maybe Text
id :: Prelude.Maybe Prelude.Text,
    -- | The identity source for which authorization is requested. For a @TOKEN@
    -- or @COGNITO_USER_POOLS@ authorizer, this is required and specifies the
    -- request header mapping expression for the custom header holding the
    -- authorization token submitted by the client. For example, if the token
    -- header name is @Auth@, the header mapping expression is
    -- @method.request.header.Auth@. For the @REQUEST@ authorizer, this is
    -- required when authorization caching is enabled. The value is a
    -- comma-separated string of one or more mapping expressions of the
    -- specified request parameters. For example, if an @Auth@ header, a @Name@
    -- query string parameter are defined as identity sources, this value is
    -- @method.request.header.Auth@, @method.request.querystring.Name@. These
    -- parameters will be used to derive the authorization caching key and to
    -- perform runtime validation of the @REQUEST@ authorizer by verifying all
    -- of the identity-related request parameters are present, not null and
    -- non-empty. Only when this is true does the authorizer invoke the
    -- authorizer Lambda function, otherwise, it returns a 401 Unauthorized
    -- response without calling the Lambda function. The valid value is a
    -- string of comma-separated mapping expressions of the specified request
    -- parameters. When the authorization caching is not enabled, this property
    -- is optional.
    Authorizer -> Maybe Text
identitySource :: Prelude.Maybe Prelude.Text,
    -- | A validation expression for the incoming identity token. For @TOKEN@
    -- authorizers, this value is a regular expression. For
    -- @COGNITO_USER_POOLS@ authorizers, API Gateway will match the @aud@ field
    -- of the incoming token from the client against the specified regular
    -- expression. It will invoke the authorizer\'s Lambda function when there
    -- is a match. Otherwise, it will return a 401 Unauthorized response
    -- without calling the Lambda function. The validation expression does not
    -- apply to the @REQUEST@ authorizer.
    Authorizer -> Maybe Text
identityValidationExpression :: Prelude.Maybe Prelude.Text,
    -- | The name of the authorizer.
    Authorizer -> Maybe Text
name :: Prelude.Maybe Prelude.Text,
    -- | A list of the Amazon Cognito user pool ARNs for the @COGNITO_USER_POOLS@
    -- authorizer. Each element is of this format:
    -- @arn:aws:cognito-idp:{region}:{account_id}:userpool\/{user_pool_id}@.
    -- For a @TOKEN@ or @REQUEST@ authorizer, this is not defined.
    Authorizer -> Maybe [Text]
providerARNs :: Prelude.Maybe [Prelude.Text],
    -- | The authorizer type. Valid values are @TOKEN@ for a Lambda function
    -- using a single authorization token submitted in a custom header,
    -- @REQUEST@ for a Lambda function using incoming request parameters, and
    -- @COGNITO_USER_POOLS@ for using an Amazon Cognito user pool.
    Authorizer -> Maybe AuthorizerType
type' :: Prelude.Maybe AuthorizerType
  }
  deriving (Authorizer -> Authorizer -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: Authorizer -> Authorizer -> Bool
$c/= :: Authorizer -> Authorizer -> Bool
== :: Authorizer -> Authorizer -> Bool
$c== :: Authorizer -> Authorizer -> Bool
Prelude.Eq, ReadPrec [Authorizer]
ReadPrec Authorizer
Int -> ReadS Authorizer
ReadS [Authorizer]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [Authorizer]
$creadListPrec :: ReadPrec [Authorizer]
readPrec :: ReadPrec Authorizer
$creadPrec :: ReadPrec Authorizer
readList :: ReadS [Authorizer]
$creadList :: ReadS [Authorizer]
readsPrec :: Int -> ReadS Authorizer
$creadsPrec :: Int -> ReadS Authorizer
Prelude.Read, Int -> Authorizer -> ShowS
[Authorizer] -> ShowS
Authorizer -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [Authorizer] -> ShowS
$cshowList :: [Authorizer] -> ShowS
show :: Authorizer -> String
$cshow :: Authorizer -> String
showsPrec :: Int -> Authorizer -> ShowS
$cshowsPrec :: Int -> Authorizer -> ShowS
Prelude.Show, forall x. Rep Authorizer x -> Authorizer
forall x. Authorizer -> Rep Authorizer x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep Authorizer x -> Authorizer
$cfrom :: forall x. Authorizer -> Rep Authorizer x
Prelude.Generic)

-- |
-- Create a value of 'Authorizer' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'authType', 'authorizer_authType' - Optional customer-defined field, used in OpenAPI imports and exports
-- without functional impact.
--
-- 'authorizerCredentials', 'authorizer_authorizerCredentials' - Specifies the required credentials as an IAM role for API Gateway to
-- invoke the authorizer. To specify an IAM role for API Gateway to assume,
-- use the role\'s Amazon Resource Name (ARN). To use resource-based
-- permissions on the Lambda function, specify null.
--
-- 'authorizerResultTtlInSeconds', 'authorizer_authorizerResultTtlInSeconds' - The TTL in seconds of cached authorizer results. If it equals 0,
-- authorization caching is disabled. If it is greater than 0, API Gateway
-- will cache authorizer responses. If this field is not set, the default
-- value is 300. The maximum value is 3600, or 1 hour.
--
-- 'authorizerUri', 'authorizer_authorizerUri' - Specifies the authorizer\'s Uniform Resource Identifier (URI). For
-- @TOKEN@ or @REQUEST@ authorizers, this must be a well-formed Lambda
-- function URI, for example,
-- @arn:aws:apigateway:us-west-2:lambda:path\/2015-03-31\/functions\/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}\/invocations@.
-- In general, the URI has this form
-- @arn:aws:apigateway:{region}:lambda:path\/{service_api}@, where
-- @{region}@ is the same as the region hosting the Lambda function, @path@
-- indicates that the remaining substring in the URI should be treated as
-- the path to the resource, including the initial @\/@. For Lambda
-- functions, this is usually of the form
-- @\/2015-03-31\/functions\/[FunctionARN]\/invocations@.
--
-- 'id', 'authorizer_id' - The identifier for the authorizer resource.
--
-- 'identitySource', 'authorizer_identitySource' - The identity source for which authorization is requested. For a @TOKEN@
-- or @COGNITO_USER_POOLS@ authorizer, this is required and specifies the
-- request header mapping expression for the custom header holding the
-- authorization token submitted by the client. For example, if the token
-- header name is @Auth@, the header mapping expression is
-- @method.request.header.Auth@. For the @REQUEST@ authorizer, this is
-- required when authorization caching is enabled. The value is a
-- comma-separated string of one or more mapping expressions of the
-- specified request parameters. For example, if an @Auth@ header, a @Name@
-- query string parameter are defined as identity sources, this value is
-- @method.request.header.Auth@, @method.request.querystring.Name@. These
-- parameters will be used to derive the authorization caching key and to
-- perform runtime validation of the @REQUEST@ authorizer by verifying all
-- of the identity-related request parameters are present, not null and
-- non-empty. Only when this is true does the authorizer invoke the
-- authorizer Lambda function, otherwise, it returns a 401 Unauthorized
-- response without calling the Lambda function. The valid value is a
-- string of comma-separated mapping expressions of the specified request
-- parameters. When the authorization caching is not enabled, this property
-- is optional.
--
-- 'identityValidationExpression', 'authorizer_identityValidationExpression' - A validation expression for the incoming identity token. For @TOKEN@
-- authorizers, this value is a regular expression. For
-- @COGNITO_USER_POOLS@ authorizers, API Gateway will match the @aud@ field
-- of the incoming token from the client against the specified regular
-- expression. It will invoke the authorizer\'s Lambda function when there
-- is a match. Otherwise, it will return a 401 Unauthorized response
-- without calling the Lambda function. The validation expression does not
-- apply to the @REQUEST@ authorizer.
--
-- 'name', 'authorizer_name' - The name of the authorizer.
--
-- 'providerARNs', 'authorizer_providerARNs' - A list of the Amazon Cognito user pool ARNs for the @COGNITO_USER_POOLS@
-- authorizer. Each element is of this format:
-- @arn:aws:cognito-idp:{region}:{account_id}:userpool\/{user_pool_id}@.
-- For a @TOKEN@ or @REQUEST@ authorizer, this is not defined.
--
-- 'type'', 'authorizer_type' - The authorizer type. Valid values are @TOKEN@ for a Lambda function
-- using a single authorization token submitted in a custom header,
-- @REQUEST@ for a Lambda function using incoming request parameters, and
-- @COGNITO_USER_POOLS@ for using an Amazon Cognito user pool.
newAuthorizer ::
  Authorizer
newAuthorizer :: Authorizer
newAuthorizer =
  Authorizer'
    { $sel:authType:Authorizer' :: Maybe Text
authType = forall a. Maybe a
Prelude.Nothing,
      $sel:authorizerCredentials:Authorizer' :: Maybe Text
authorizerCredentials = forall a. Maybe a
Prelude.Nothing,
      $sel:authorizerResultTtlInSeconds:Authorizer' :: Maybe Int
authorizerResultTtlInSeconds = forall a. Maybe a
Prelude.Nothing,
      $sel:authorizerUri:Authorizer' :: Maybe Text
authorizerUri = forall a. Maybe a
Prelude.Nothing,
      $sel:id:Authorizer' :: Maybe Text
id = forall a. Maybe a
Prelude.Nothing,
      $sel:identitySource:Authorizer' :: Maybe Text
identitySource = forall a. Maybe a
Prelude.Nothing,
      $sel:identityValidationExpression:Authorizer' :: Maybe Text
identityValidationExpression = forall a. Maybe a
Prelude.Nothing,
      $sel:name:Authorizer' :: Maybe Text
name = forall a. Maybe a
Prelude.Nothing,
      $sel:providerARNs:Authorizer' :: Maybe [Text]
providerARNs = forall a. Maybe a
Prelude.Nothing,
      $sel:type':Authorizer' :: Maybe AuthorizerType
type' = forall a. Maybe a
Prelude.Nothing
    }

-- | Optional customer-defined field, used in OpenAPI imports and exports
-- without functional impact.
authorizer_authType :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_authType :: Lens' Authorizer (Maybe Text)
authorizer_authType = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
authType :: Maybe Text
$sel:authType:Authorizer' :: Authorizer -> Maybe Text
authType} -> Maybe Text
authType) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:authType:Authorizer' :: Maybe Text
authType = Maybe Text
a} :: Authorizer)

-- | Specifies the required credentials as an IAM role for API Gateway to
-- invoke the authorizer. To specify an IAM role for API Gateway to assume,
-- use the role\'s Amazon Resource Name (ARN). To use resource-based
-- permissions on the Lambda function, specify null.
authorizer_authorizerCredentials :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_authorizerCredentials :: Lens' Authorizer (Maybe Text)
authorizer_authorizerCredentials = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
authorizerCredentials :: Maybe Text
$sel:authorizerCredentials:Authorizer' :: Authorizer -> Maybe Text
authorizerCredentials} -> Maybe Text
authorizerCredentials) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:authorizerCredentials:Authorizer' :: Maybe Text
authorizerCredentials = Maybe Text
a} :: Authorizer)

-- | The TTL in seconds of cached authorizer results. If it equals 0,
-- authorization caching is disabled. If it is greater than 0, API Gateway
-- will cache authorizer responses. If this field is not set, the default
-- value is 300. The maximum value is 3600, or 1 hour.
authorizer_authorizerResultTtlInSeconds :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Int)
authorizer_authorizerResultTtlInSeconds :: Lens' Authorizer (Maybe Int)
authorizer_authorizerResultTtlInSeconds = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Int
authorizerResultTtlInSeconds :: Maybe Int
$sel:authorizerResultTtlInSeconds:Authorizer' :: Authorizer -> Maybe Int
authorizerResultTtlInSeconds} -> Maybe Int
authorizerResultTtlInSeconds) (\s :: Authorizer
s@Authorizer' {} Maybe Int
a -> Authorizer
s {$sel:authorizerResultTtlInSeconds:Authorizer' :: Maybe Int
authorizerResultTtlInSeconds = Maybe Int
a} :: Authorizer)

-- | Specifies the authorizer\'s Uniform Resource Identifier (URI). For
-- @TOKEN@ or @REQUEST@ authorizers, this must be a well-formed Lambda
-- function URI, for example,
-- @arn:aws:apigateway:us-west-2:lambda:path\/2015-03-31\/functions\/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}\/invocations@.
-- In general, the URI has this form
-- @arn:aws:apigateway:{region}:lambda:path\/{service_api}@, where
-- @{region}@ is the same as the region hosting the Lambda function, @path@
-- indicates that the remaining substring in the URI should be treated as
-- the path to the resource, including the initial @\/@. For Lambda
-- functions, this is usually of the form
-- @\/2015-03-31\/functions\/[FunctionARN]\/invocations@.
authorizer_authorizerUri :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_authorizerUri :: Lens' Authorizer (Maybe Text)
authorizer_authorizerUri = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
authorizerUri :: Maybe Text
$sel:authorizerUri:Authorizer' :: Authorizer -> Maybe Text
authorizerUri} -> Maybe Text
authorizerUri) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:authorizerUri:Authorizer' :: Maybe Text
authorizerUri = Maybe Text
a} :: Authorizer)

-- | The identifier for the authorizer resource.
authorizer_id :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_id :: Lens' Authorizer (Maybe Text)
authorizer_id = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
id :: Maybe Text
$sel:id:Authorizer' :: Authorizer -> Maybe Text
id} -> Maybe Text
id) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:id:Authorizer' :: Maybe Text
id = Maybe Text
a} :: Authorizer)

-- | The identity source for which authorization is requested. For a @TOKEN@
-- or @COGNITO_USER_POOLS@ authorizer, this is required and specifies the
-- request header mapping expression for the custom header holding the
-- authorization token submitted by the client. For example, if the token
-- header name is @Auth@, the header mapping expression is
-- @method.request.header.Auth@. For the @REQUEST@ authorizer, this is
-- required when authorization caching is enabled. The value is a
-- comma-separated string of one or more mapping expressions of the
-- specified request parameters. For example, if an @Auth@ header, a @Name@
-- query string parameter are defined as identity sources, this value is
-- @method.request.header.Auth@, @method.request.querystring.Name@. These
-- parameters will be used to derive the authorization caching key and to
-- perform runtime validation of the @REQUEST@ authorizer by verifying all
-- of the identity-related request parameters are present, not null and
-- non-empty. Only when this is true does the authorizer invoke the
-- authorizer Lambda function, otherwise, it returns a 401 Unauthorized
-- response without calling the Lambda function. The valid value is a
-- string of comma-separated mapping expressions of the specified request
-- parameters. When the authorization caching is not enabled, this property
-- is optional.
authorizer_identitySource :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_identitySource :: Lens' Authorizer (Maybe Text)
authorizer_identitySource = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
identitySource :: Maybe Text
$sel:identitySource:Authorizer' :: Authorizer -> Maybe Text
identitySource} -> Maybe Text
identitySource) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:identitySource:Authorizer' :: Maybe Text
identitySource = Maybe Text
a} :: Authorizer)

-- | A validation expression for the incoming identity token. For @TOKEN@
-- authorizers, this value is a regular expression. For
-- @COGNITO_USER_POOLS@ authorizers, API Gateway will match the @aud@ field
-- of the incoming token from the client against the specified regular
-- expression. It will invoke the authorizer\'s Lambda function when there
-- is a match. Otherwise, it will return a 401 Unauthorized response
-- without calling the Lambda function. The validation expression does not
-- apply to the @REQUEST@ authorizer.
authorizer_identityValidationExpression :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_identityValidationExpression :: Lens' Authorizer (Maybe Text)
authorizer_identityValidationExpression = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
identityValidationExpression :: Maybe Text
$sel:identityValidationExpression:Authorizer' :: Authorizer -> Maybe Text
identityValidationExpression} -> Maybe Text
identityValidationExpression) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:identityValidationExpression:Authorizer' :: Maybe Text
identityValidationExpression = Maybe Text
a} :: Authorizer)

-- | The name of the authorizer.
authorizer_name :: Lens.Lens' Authorizer (Prelude.Maybe Prelude.Text)
authorizer_name :: Lens' Authorizer (Maybe Text)
authorizer_name = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe Text
name :: Maybe Text
$sel:name:Authorizer' :: Authorizer -> Maybe Text
name} -> Maybe Text
name) (\s :: Authorizer
s@Authorizer' {} Maybe Text
a -> Authorizer
s {$sel:name:Authorizer' :: Maybe Text
name = Maybe Text
a} :: Authorizer)

-- | A list of the Amazon Cognito user pool ARNs for the @COGNITO_USER_POOLS@
-- authorizer. Each element is of this format:
-- @arn:aws:cognito-idp:{region}:{account_id}:userpool\/{user_pool_id}@.
-- For a @TOKEN@ or @REQUEST@ authorizer, this is not defined.
authorizer_providerARNs :: Lens.Lens' Authorizer (Prelude.Maybe [Prelude.Text])
authorizer_providerARNs :: Lens' Authorizer (Maybe [Text])
authorizer_providerARNs = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe [Text]
providerARNs :: Maybe [Text]
$sel:providerARNs:Authorizer' :: Authorizer -> Maybe [Text]
providerARNs} -> Maybe [Text]
providerARNs) (\s :: Authorizer
s@Authorizer' {} Maybe [Text]
a -> Authorizer
s {$sel:providerARNs:Authorizer' :: Maybe [Text]
providerARNs = Maybe [Text]
a} :: Authorizer) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall (f :: * -> *) (g :: * -> *) s t a b.
(Functor f, Functor g) =>
AnIso s t a b -> Iso (f s) (g t) (f a) (g b)
Lens.mapping forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

-- | The authorizer type. Valid values are @TOKEN@ for a Lambda function
-- using a single authorization token submitted in a custom header,
-- @REQUEST@ for a Lambda function using incoming request parameters, and
-- @COGNITO_USER_POOLS@ for using an Amazon Cognito user pool.
authorizer_type :: Lens.Lens' Authorizer (Prelude.Maybe AuthorizerType)
authorizer_type :: Lens' Authorizer (Maybe AuthorizerType)
authorizer_type = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\Authorizer' {Maybe AuthorizerType
type' :: Maybe AuthorizerType
$sel:type':Authorizer' :: Authorizer -> Maybe AuthorizerType
type'} -> Maybe AuthorizerType
type') (\s :: Authorizer
s@Authorizer' {} Maybe AuthorizerType
a -> Authorizer
s {$sel:type':Authorizer' :: Maybe AuthorizerType
type' = Maybe AuthorizerType
a} :: Authorizer)

instance Data.FromJSON Authorizer where
  parseJSON :: Value -> Parser Authorizer
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"Authorizer"
      ( \Object
x ->
          Maybe Text
-> Maybe Text
-> Maybe Int
-> Maybe Text
-> Maybe Text
-> Maybe Text
-> Maybe Text
-> Maybe Text
-> Maybe [Text]
-> Maybe AuthorizerType
-> Authorizer
Authorizer'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"authType")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"authorizerCredentials")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"authorizerResultTtlInSeconds")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"authorizerUri")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"id")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"identitySource")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"identityValidationExpression")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"name")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"providerARNs" forall a. Parser (Maybe a) -> a -> Parser a
Data..!= forall a. Monoid a => a
Prelude.mempty)
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"type")
      )

instance Prelude.Hashable Authorizer where
  hashWithSalt :: Int -> Authorizer -> Int
hashWithSalt Int
_salt Authorizer' {Maybe Int
Maybe [Text]
Maybe Text
Maybe AuthorizerType
type' :: Maybe AuthorizerType
providerARNs :: Maybe [Text]
name :: Maybe Text
identityValidationExpression :: Maybe Text
identitySource :: Maybe Text
id :: Maybe Text
authorizerUri :: Maybe Text
authorizerResultTtlInSeconds :: Maybe Int
authorizerCredentials :: Maybe Text
authType :: Maybe Text
$sel:type':Authorizer' :: Authorizer -> Maybe AuthorizerType
$sel:providerARNs:Authorizer' :: Authorizer -> Maybe [Text]
$sel:name:Authorizer' :: Authorizer -> Maybe Text
$sel:identityValidationExpression:Authorizer' :: Authorizer -> Maybe Text
$sel:identitySource:Authorizer' :: Authorizer -> Maybe Text
$sel:id:Authorizer' :: Authorizer -> Maybe Text
$sel:authorizerUri:Authorizer' :: Authorizer -> Maybe Text
$sel:authorizerResultTtlInSeconds:Authorizer' :: Authorizer -> Maybe Int
$sel:authorizerCredentials:Authorizer' :: Authorizer -> Maybe Text
$sel:authType:Authorizer' :: Authorizer -> Maybe Text
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
authType
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
authorizerCredentials
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Int
authorizerResultTtlInSeconds
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
authorizerUri
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
id
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
identitySource
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
identityValidationExpression
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
name
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe [Text]
providerARNs
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe AuthorizerType
type'

instance Prelude.NFData Authorizer where
  rnf :: Authorizer -> ()
rnf Authorizer' {Maybe Int
Maybe [Text]
Maybe Text
Maybe AuthorizerType
type' :: Maybe AuthorizerType
providerARNs :: Maybe [Text]
name :: Maybe Text
identityValidationExpression :: Maybe Text
identitySource :: Maybe Text
id :: Maybe Text
authorizerUri :: Maybe Text
authorizerResultTtlInSeconds :: Maybe Int
authorizerCredentials :: Maybe Text
authType :: Maybe Text
$sel:type':Authorizer' :: Authorizer -> Maybe AuthorizerType
$sel:providerARNs:Authorizer' :: Authorizer -> Maybe [Text]
$sel:name:Authorizer' :: Authorizer -> Maybe Text
$sel:identityValidationExpression:Authorizer' :: Authorizer -> Maybe Text
$sel:identitySource:Authorizer' :: Authorizer -> Maybe Text
$sel:id:Authorizer' :: Authorizer -> Maybe Text
$sel:authorizerUri:Authorizer' :: Authorizer -> Maybe Text
$sel:authorizerResultTtlInSeconds:Authorizer' :: Authorizer -> Maybe Int
$sel:authorizerCredentials:Authorizer' :: Authorizer -> Maybe Text
$sel:authType:Authorizer' :: Authorizer -> Maybe Text
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
authType
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
authorizerCredentials
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Int
authorizerResultTtlInSeconds
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
authorizerUri
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
id
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
identitySource
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
identityValidationExpression
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
name
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe [Text]
providerARNs
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe AuthorizerType
type'