Class: OCI::IdentityDataPlane::DataplaneClient

Inherits:
Object
  • Object
show all
Defined in:
lib/oci/identity_data_plane/dataplane_client.rb

Overview

APIs for managing identity data plane services. For example, use this API to create a scoped-access security token. To manage identity domains (for example, creating or deleting an identity domain) or to manage resources (for example, users and groups) within the default identity domain, see IAM API.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ DataplaneClient

Creates a new DataplaneClient. Notes: If a config is not specified, then the global OCI.config will be used.

This client is not thread-safe

Either a region or an endpoint must be specified. If an endpoint is specified, it will be used instead of the region. A region may be specified in the config or via or the region parameter. If specified in both, then the region parameter will be used.

Parameters:

  • config (Config) (defaults to: nil)

    A Config object.

  • region (String) (defaults to: nil)

    A region used to determine the service endpoint. This will usually correspond to a value in Regions::REGION_ENUM, but may be an arbitrary string.

  • endpoint (String) (defaults to: nil)

    The fully qualified endpoint URL

  • signer (OCI::BaseSigner) (defaults to: nil)

    A signer implementation which can be used by this client. If this is not provided then a signer will be constructed via the provided config. One use case of this parameter is instance principals authentication, so that the instance principals signer can be provided to the client

  • proxy_settings (OCI::ApiClientProxySettings) (defaults to: nil)

    If your environment requires you to use a proxy server for outgoing HTTP requests the details for the proxy can be provided in this parameter

  • retry_config (OCI::Retry::RetryConfig) (defaults to: nil)

    The retry configuration for this service client. This represents the default retry configuration to apply across all operations. This can be overridden on a per-operation basis. The default retry configuration value is nil, which means that an operation will not perform any retries



55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 55

def initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil)
  # If the signer is an InstancePrincipalsSecurityTokenSigner or SecurityTokenSigner and no config was supplied (they are self-sufficient signers)
  # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals
  # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then
  # pass it to this constructor.
  #
  # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid
  # so try and load the config from the default file.
  config = OCI::Config.validate_and_build_config_with_signer(config, signer)

  signer = OCI::Signer.config_file_auth_builder(config) if signer.nil?

  @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings)
  @retry_config = retry_config

  if endpoint
    @endpoint = endpoint + '/v1'
  else
    region ||= config.region
    region ||= signer.region if signer.respond_to?(:region)
    self.region = region
  end
  logger.info "DataplaneClient endpoint set to '#{@endpoint}'." if logger
end

Instance Attribute Details

#api_clientOCI::ApiClient (readonly)

Client used to make HTTP requests.

Returns:



15
16
17
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 15

def api_client
  @api_client
end

#endpointString (readonly)

Fully qualified endpoint URL

Returns:

  • (String)


19
20
21
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 19

def endpoint
  @endpoint
end

#regionString

The region, which will usually correspond to a value in Regions::REGION_ENUM.

Returns:

  • (String)


29
30
31
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 29

def region
  @region
end

#retry_configOCI::Retry::RetryConfig (readonly)

The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is nil, which means that an operation will not perform any retries



25
26
27
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 25

def retry_config
  @retry_config
end

Instance Method Details

#generate_scoped_access_token(generate_scoped_access_token_details, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use generate_scoped_access_token API.

Based on the calling Principal and the input payload, derive the claims, and generate a scoped-access token for specific resources. For example, set scope to urn:oracle:db::id::<compartment-id> for access to a database in a compartment.

Parameters:

Options Hash (opts):

  • :retry_config (OCI::Retry::RetryConfig)

    The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

Returns:



112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 112

def generate_scoped_access_token(generate_scoped_access_token_details, opts = {})
  logger.debug 'Calling operation DataplaneClient#generate_scoped_access_token.' if logger

  raise "Missing the required parameter 'generate_scoped_access_token_details' when calling generate_scoped_access_token." if generate_scoped_access_token_details.nil?

  path = '/actions/generateScopedAccessToken'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(generate_scoped_access_token_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'DataplaneClient#generate_scoped_access_token') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::IdentityDataPlane::Models::SecurityToken'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#generate_user_security_token(generate_user_security_token_details, opts = {}) ⇒ Response

Note:

Click here to see an example of how to use generate_user_security_token API.

Exchanges a valid user token-based signature (API key and UPST) for a short-lived UPST of the authenticated user principal. When not specified, the user session duration is set to a default of 60 minutes in all realms. Resulting UPSTs are refreshable while the user session has not expired.

Parameters:

Options Hash (opts):

  • :retry_config (OCI::Retry::RetryConfig)

    The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

  • :opc_request_id (String)

    Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.

Returns:



170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 170

def generate_user_security_token(generate_user_security_token_details, opts = {})
  logger.debug 'Calling operation DataplaneClient#generate_user_security_token.' if logger

  raise "Missing the required parameter 'generate_user_security_token_details' when calling generate_user_security_token." if generate_user_security_token_details.nil?

  path = '/token/upst/actions/GenerateUpst'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(generate_user_security_token_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'DataplaneClient#generate_user_security_token') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::IdentityDataPlane::Models::SecurityToken'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#loggerLogger

Returns The logger for this client. May be nil.

Returns:

  • (Logger)

    The logger for this client. May be nil.



94
95
96
# File 'lib/oci/identity_data_plane/dataplane_client.rb', line 94

def logger
  @api_client.config.logger
end