Module: Kessel::Auth

Included in:: OAuth2ClientCredentials

Defined in:: lib/kessel/auth.rb

Overview

OpenID Connect authentication module for Kessel services.

This module provides OIDC Client Credentials flow authentication with automatic discovery. Works seamlessly with OIDC-compliant providers.

Examples:

Basic usage

auth = Kessel::Auth::OAuth2ClientCredentials.new.new(
  client_id: 'my-app',
  client_secret: 'secret',
  token_endpoint: 'https://my-domain/auth/realms/my-realm/protocol/openid-connect/token'
)
token = auth.get_token

Author:

Project Kessel

Since:

1.0.0

Defined Under Namespace

Modules: AuthRequest Classes: OAuth2AuthRequest, OAuth2ClientCredentials, OAuthAuthenticationError, OAuthDependencyError, OIDCDiscoveryMetadata, RefreshTokenResponse

Constant Summary collapse

EXPIRATION_WINDOW = 5 minutes in seconds Since: 1.0.0

DEFAULT_EXPIRES_IN = 1 hour in seconds Since: 1.0.0

Instance Method Summary collapse

Instance Method Details

#fetch_oidc_discovery(provider_url) ⇒ `Object`

Since:

1.0.0

# File 'lib/kessel/auth.rb', line 55

def fetch_oidc_discovery(provider_url)
  check_dependencies!
  discovery = ::OpenIDConnect::Discovery::Provider::Config.discover!(provider_url)
  OIDCDiscoveryMetadata.new(discovery.token_endpoint)
rescue StandardError => e
  raise OAuthAuthenticationError, "Failed to discover OIDC configuration from #{provider_url}: #{e.message}"
end

#oauth2_auth_request(credentials) ⇒ `Object`

Since:

1.0.0



63
64
65

# File 'lib/kessel/auth.rb', line 63

def oauth2_auth_request(credentials)
  OAuth2AuthRequest.new(credentials)
end

Module: Kessel::Auth

Overview

Examples:

Basic usage

Defined Under Namespace

Constant Summary collapse

Instance Method Summary collapse

Instance Method Details

#fetch_oidc_discovery(provider_url) ⇒ Object

#oauth2_auth_request(credentials) ⇒ Object

#fetch_oidc_discovery(provider_url) ⇒ `Object`

#oauth2_auth_request(credentials) ⇒ `Object`