Class: Armrest::Api::Auth::OIDC

Inherits:

Base

• Object
• Base
• Base
• Armrest::Api::Auth::OIDC

Includes:

Logging

Defined in:

lib/armrest/api/auth/oidc.rb

Overview

OIDC authentication provider for Azure

Constant Summary

Constants inherited from Base

Base::HTTP_READ_METHODS, Base::HTTP_WRITE_METHODS, Base::MAX_RETRIES

Class Method Summary

• .configured? ⇒ Boolean

  Check if OIDC authentication is configured via environment variables.

Instance Method Summary

• #creds ⇒ Object

  Get the credentials.

• #initialize(options = {}) ⇒ OIDC constructor

  Initialize with required Azure credentials.

• #token ⇒ Object

  Get the authentication token.

Methods included from Logging

#default_logger, #logger, #logger=

Methods inherited from Base

#append_api_version, #build_request, #headers, #http, #request, #send_request, #set_headers!, #standarize_path, #url, #with_open_timeout

Methods included from Settings

#client_id, #client_secret, #endpoint, #group, #location, #resource, #subscription_id, #tenant_id

Methods included from HandleResponse

#load_json, #ok?

Constructor Details

#initialize(options = {}) ⇒ OIDC

Initialize with required Azure credentials

# File 'lib/armrest/api/auth/oidc.rb', line 22

def initialize(options = {})
  super
  @client_id = options[:client_id] || ENV['ARM_CLIENT_ID'] || ENV['AZURE_CLIENT_ID']
  @tenant_id = options[:tenant_id] || ENV['ARM_TENANT_ID'] || ENV['AZURE_TENANT_ID']
  @subscription_id = options[:subscription_id] || ENV['ARM_SUBSCRIPTION_ID'] || ENV['AZURE_SUBSCRIPTION_ID']
  
  # Service connection ID for Azure DevOps
  @service_connection_id = options[:service_connection_id] || 
                            ENV['ARM_ADO_PIPELINE_SERVICE_CONNECTION_ID'] || 
                            ENV['ARM_OIDC_AZURE_SERVICE_CONNECTION_ID']
  
  # Debug logging
  logger.debug "Initialized OIDC Auth Provider with client_id: #{@client_id}, tenant_id: #{@tenant_id}"
end

Class Method Details

.configured? ⇒ Boolean

Check if OIDC authentication is configured via environment variables

Returns:

• (Boolean)

# File 'lib/armrest/api/auth/oidc.rb', line 7

def self.configured?
  # Check for ARM_USE_OIDC explicit flag
  use_oidc = ENV['ARM_USE_OIDC'] || ENV['AZURE_USE_OIDC']
  use_oidc = use_oidc.downcase if use_oidc
  case use_oidc
  when 'false' then return false
  when 'true'  then return true
  when nil
    return false
  else
    logger.warn "Unrecognized OIDC flag value: #{use_oidc}"
  end
end

Instance Method Details

#creds ⇒ Object

Get the credentials

# File 'lib/armrest/api/auth/oidc.rb', line 43

def creds
  return @creds if @creds
  token_info = acquire_token
  @creds = {
    'access_token' => token_info['access_token'],
    'expires_on'   => (Time.now.to_i + token_info['expires_in'].to_i).to_s,
    'token_type'   => token_info['token_type'] || 'Bearer'
  }
end

#token ⇒ Object

Get the authentication token

# File 'lib/armrest/api/auth/oidc.rb', line 38

def token
  @token ||= acquire_token
end