Class: OCI::Auth::Signers::EphemeralResourcePrincipalV21Signer
- Inherits:
-
SecurityTokenSigner
- Object
- BaseSigner
- SecurityTokenSigner
- OCI::Auth::Signers::EphemeralResourcePrincipalV21Signer
- Defined in:
- lib/oci/auth/signers/ephemeral_resource_principal_v21_signer.rb
Overview
rubocop:disable Metrics/ClassLength, Metrics/AbcSize, Metrics/LineLength, Metrics/CyclomaticComplexity, Metrics/ParameterLists Implementation of Resource Principal v2.1.1/v2.1.2 authentication
Constant Summary
Constants inherited from BaseSigner
BaseSigner::BODY_HEADERS, BaseSigner::GENERIC_HEADERS, BaseSigner::SIGNATURE_VERSION, BaseSigner::SIGNING_STRATEGY_ENUM
Instance Attribute Summary collapse
-
#region ⇒ Object
readonly
Returns the value of attribute region.
Instance Method Summary collapse
-
#initialize(resource_principal_token_endpoint: nil, resource_principal_session_token_endpoint: nil, resource_id: nil, tenancy_id: nil, rp_version: nil, region: nil, security_context: nil, private_key: nil, private_key_passphrase: nil, resource_principal_token_path: nil) ⇒ EphemeralResourcePrincipalV21Signer
constructor
A new instance of EphemeralResourcePrincipalV21Signer.
- #refresh_security_token ⇒ Object
- #security_token ⇒ Object
Methods inherited from BaseSigner
Constructor Details
#initialize(resource_principal_token_endpoint: nil, resource_principal_session_token_endpoint: nil, resource_id: nil, tenancy_id: nil, rp_version: nil, region: nil, security_context: nil, private_key: nil, private_key_passphrase: nil, resource_principal_token_path: nil) ⇒ EphemeralResourcePrincipalV21Signer
Returns a new instance of EphemeralResourcePrincipalV21Signer.
24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
# File 'lib/oci/auth/signers/ephemeral_resource_principal_v21_signer.rb', line 24 def initialize(resource_principal_token_endpoint: nil, resource_principal_session_token_endpoint: nil, resource_id: nil, tenancy_id: nil, rp_version: nil, region: nil, security_context: nil, private_key: nil, private_key_passphrase: nil, resource_principal_token_path: nil) validate_required_params!( resource_principal_token_endpoint, resource_principal_session_token_endpoint, resource_id, tenancy_id, rp_version, private_key ) @rp_version = rp_version @rpt_endpoint = resource_principal_token_endpoint @rpst_endpoint = resource_principal_session_token_endpoint @resource_id = resource_id @region = initialize_and_return_region(region) @retry_strategy = OCI::Auth::Util.default_imds_retry_policy @tenancy_id = tenancy_id @security_context = security_context @reset_signers_lock = Mutex.new @resource_principal_token_path = if @rp_version == '2.1.2' build_rpt_path_for_rpv212(resource_principal_token_path, resource_id) else "/20180711/resourcePrincipalTokenV2/#{resource_id}" end # Set up session key supplier @session_key_supplier = construct_session_key_supplier(private_key, private_key_passphrase) @api_client = OCI::ApiClient.new(OCI::Config.new, OCI::Auth::Signers::KeyPairSigner.new(rp_version, resource_id, tenancy_id, @session_key_supplier.key_pair[:private_key])) # Get initial tokens refresh_security_token super( @security_token.security_token, @session_key_supplier.key_pair[:private_key] ) end |
Instance Attribute Details
#region ⇒ Object (readonly)
Returns the value of attribute region.
23 24 25 |
# File 'lib/oci/auth/signers/ephemeral_resource_principal_v21_signer.rb', line 23 def region @region end |
Instance Method Details
#refresh_security_token ⇒ Object
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 |
# File 'lib/oci/auth/signers/ephemeral_resource_principal_v21_signer.rb', line 86 def refresh_security_token @reset_signers_lock.synchronize do begin # Refresh Session Keys @session_key_supplier.refresh # Get RPT and SPST @rpt, @spst = resource_principal_token_and_service_principal_session_token # Get RPST @security_token = OCI::Auth::SecurityTokenContainer.new(resource_principal_session_token) # Reset Signers reset_signers @security_token.security_token rescue StandardError => e raise "Failed to refresh security token: #{e}" end end end |
#security_token ⇒ Object
80 81 82 83 84 |
# File 'lib/oci/auth/signers/ephemeral_resource_principal_v21_signer.rb', line 80 def security_token return @security_token.security_token if @security_token && @security_token.token_valid? refresh_security_token end |