Class: OCI::Auth::Signers::X509FederationClientBasedSecurityTokenSigner

Inherits:

SecurityTokenSigner

• Object
• BaseSigner
• SecurityTokenSigner
• OCI::Auth::Signers::X509FederationClientBasedSecurityTokenSigner

Defined in:

lib/oci/auth/signers/x509_federation_client_based_security_token_signer.rb

Overview

A SecurityTokenSigner where the token and private key are sourced from a provided federation_client. The token is retrieved via the client’s security_token method, and the private key is retrieved by reading it from the session_key_supplier in the client.

Direct Known Subclasses

InstancePrincipalsSecurityTokenSigner

Constant Summary

Constants inherited from BaseSigner

BaseSigner::BODY_HEADERS, BaseSigner::GENERIC_HEADERS, BaseSigner::SIGNATURE_VERSION, BaseSigner::SIGNING_STRATEGY_ENUM

Instance Method Summary

• #initialize(federation_client, signing_strategy: OCI::BaseSigner::STANDARD, headers_to_sign_in_all_requests: OCI::BaseSigner::GENERIC_HEADERS, body_headers_to_sign: OCI::BaseSigner::BODY_HEADERS) ⇒ X509FederationClientBasedSecurityTokenSigner constructor

  Creates a new X509FederationClientBasedSecurityTokenSigner.

• #refresh_security_token ⇒ String

  Refreshes the security token in the federation_client used by this class.

• #sign(method, uri, headers, body, operation_signing_strategy = :standard) ⇒ Object

  Generates the correct signature and adds it to the headers that are passed in.

Constructor Details

#initialize(federation_client, signing_strategy: OCI::BaseSigner::STANDARD, headers_to_sign_in_all_requests: OCI::BaseSigner::GENERIC_HEADERS, body_headers_to_sign: OCI::BaseSigner::BODY_HEADERS) ⇒ X509FederationClientBasedSecurityTokenSigner

Creates a new X509FederationClientBasedSecurityTokenSigner

# File 'lib/oci/auth/signers/x509_federation_client_based_security_token_signer.rb', line 21

def initialize(
  federation_client,
  signing_strategy: OCI::BaseSigner::STANDARD,
  headers_to_sign_in_all_requests: OCI::BaseSigner::GENERIC_HEADERS,
  body_headers_to_sign: OCI::BaseSigner::BODY_HEADERS
)
  @federation_client = federation_client
  @refresh_lock = Mutex.new

  super(
    federation_client.security_token,
    federation_client.session_key_supplier.key_pair[:private_key],
    signing_strategy: signing_strategy,
    headers_to_sign_in_all_requests: headers_to_sign_in_all_requests,
    body_headers_to_sign: body_headers_to_sign
  )
end

Instance Method Details

#refresh_security_token ⇒ String

Refreshes the security token in the federation_client used by this class

# File 'lib/oci/auth/signers/x509_federation_client_based_security_token_signer.rb', line 41

def refresh_security_token
  @federation_client.security_token!
end

#sign(method, uri, headers, body, operation_signing_strategy = :standard) ⇒ Object

Generates the correct signature and adds it to the headers that are passed in. Also injects any required headers that might be missing.

# File 'lib/oci/auth/signers/x509_federation_client_based_security_token_signer.rb', line 54

def sign(method, uri, headers, body, operation_signing_strategy = :standard)
  reset_signer
  super
end