Class: Cerberus::DefaultCredentialsProviderChain

Inherits:

Object

• Object
• Cerberus::DefaultCredentialsProviderChain

Defined in:

lib/cerberus/default_credentials_provider_chain.rb

Overview

Default credentials provider chain

Instance Method Summary

• #getCredentialsProvider ⇒ Object

  Return the first provider in the default hierarchy that has a valid token.

• #initialize(urlResolver, instanceMdSvcBaseUrl = nil) ⇒ DefaultCredentialsProviderChain constructor

  A new instance of DefaultCredentialsProviderChain.

Constructor Details

#initialize(urlResolver, instanceMdSvcBaseUrl = nil) ⇒ DefaultCredentialsProviderChain

Returns a new instance of DefaultCredentialsProviderChain.

# File 'lib/cerberus/default_credentials_provider_chain.rb', line 16

def initialize(urlResolver, instanceMdSvcBaseUrl = nil)
  vaultBaseUrl = CerberusClient.getUrlFromResolver(urlResolver)

  # return default array of providers
  @providers = [Cerberus::EnvCredentialsProvider.new,
                Cerberus::AwsRoleCredentialsProvider.new(vaultBaseUrl, instanceMdSvcBaseUrl),
                Cerberus::AwsPrincipalCredentialsProvider.new(vaultBaseUrl)]
end

Instance Method Details

#getCredentialsProvider ⇒ Object

Return the first provider in the default hierarchy that has a valid token

Raises:

• (Cerberus::Exception::NoValidProviders)

# File 'lib/cerberus/default_credentials_provider_chain.rb', line 28

def getCredentialsProvider
  @providers.each { |p|
    begin
      # if token is assigned, that's the provider we want.
      # providers must throw NoValueError so that we can fall to the next provider if necessary
      CerberusClient.getCredentialsFromProvider(p)
      return p

    rescue Cerberus::Exception::NoValueError
      next
    end
  }

  # we should have found and returned a valid provider above, else there's a problem
  CerberusClient::Log.instance.error(" could not find a valid provider")
  raise Cerberus::Exception::NoValidProviders.new
end