Class: Jamf::Connection::Token
- Defined in:
- lib/jamf/api/connection/token.rb
Overview
A token used for a JSS connection
Constant Summary collapse
- JAMF_VERSION_RSRC =
'v1/jamf-pro-version'.freeze
- AUTH_RSRC =
'auth'.freeze
- NEW_TOKEN_RSRC =
"#{AUTH_RSRC}/tokens".freeze
- KEEP_ALIVE_RSRC =
"#{AUTH_RSRC}/keepAlive".freeze
- INVALIDATE_RSRC =
"#{AUTH_RSRC}/invalidateToken".freeze
- AUTH_TOKEN_PFX =
this string is prepended to the token data when used for transaction authorization.
'jamf-token '.freeze
- JAMF_TRYITOUT_HOST =
Recognize the tryitout server, cuz its /auth endpoint is disabled, and it needs no tokens
"tryitout#{Jamf::Connection::JAMFCLOUD_DOMAIN}".freeze
- JAMF_TRYITOUT_TOKEN_BODY =
{ token: 'This is a fake token, tryitout.jamfcloud.com uses internal tokens', expires: 2000000000000 }.freeze
Instance Attribute Summary collapse
-
#auth_token ⇒ String
readonly
The AUTH_TOKEN_PFX with the token data, used in the Authorization header of a request.
-
#base_url ⇒ URI
readonly
The base API url, e.g.
- #expires ⇒ Jamf::Timestamp (also: #expiration) readonly
-
#last_refresh_result ⇒ Symbol?
readonly
What happened the last time we tried to refresh? :expired_refreshed - token was expired, a new token was created with the pw :expired_pw_failed - token was expired, pw failed to make a new token :expired_no_pw - token was expired, but no pw was given to make a new one :refreshed - the token refresh worked with no need for the pw :refresh_failed - the token refresh failed, and no pw was given to make a new one :refreshed_with_pw - the token refresh failed, pw worked to make a new token :refresh_failed_no_pw - the token refresh failed, pw also failed to make a new token nil - no refresh has been attempted for this token.
-
#login_time ⇒ Jamf::Timestamp
readonly
When was this token created?.
-
#user ⇒ String
readonly
The user who generated this token.
Instance Method Summary collapse
-
#account ⇒ Object
the Jamf::Account object assciated with this token.
- #expired? ⇒ Boolean
- #host ⇒ String
-
#init_from_pw(pw) ⇒ Object
Initialize from password.
-
#init_from_token_string(str) ⇒ Object
Initialize from token string.
-
#init_jamf_tryitout ⇒ Object
Initialize from password.
-
#initialize(**params) ⇒ Token
constructor
A new instance of Token.
-
#invalidate ⇒ Object
(also: #destroy)
Make this token invalid.
- #jamf_build ⇒ String
- #jamf_version ⇒ String
- #port ⇒ Integer
-
#refresh(pw = nil) ⇒ Jamf::Timestamp
(also: #keep_alive)
Use this token to get a fresh one.
- #secs_remaining ⇒ Float
-
#time_remaining ⇒ String
E.g.
- #valid? ⇒ Boolean
Constructor Details
#initialize(**params) ⇒ Token
Returns a new instance of Token.
86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
# File 'lib/jamf/api/connection/token.rb', line 86 def initialize(**params) @valid = false @user = params[:user] @base_url = params[:base_url].is_a?(String) ? URI.parse(params[:base_url]) : params[:base_url] @timeout = params[:timeout] || Jamf::Connection::DFT_TIMEOUT @ssl_options = params[:ssl_options] || {} if @base_url.host == JAMF_TRYITOUT_HOST init_jamf_tryitout elsif params[:pw] init_from_pw params[:pw] elsif params[:token_string] init_from_token_string params[:token_string] else raise ArgumentError, 'Must provide either pw: or token_string:' end end |
Instance Attribute Details
#auth_token ⇒ String (readonly)
Returns The AUTH_TOKEN_PFX with the token data, used in the Authorization header of a request.
65 66 67 |
# File 'lib/jamf/api/connection/token.rb', line 65 def auth_token @auth_token end |
#base_url ⇒ URI (readonly)
Returns The base API url, e.g. myjamf.jamfcloud.com/uapi.
68 69 70 |
# File 'lib/jamf/api/connection/token.rb', line 68 def base_url @base_url end |
#expires ⇒ Jamf::Timestamp (readonly) Also known as: expiration
60 61 62 |
# File 'lib/jamf/api/connection/token.rb', line 60 def expires @expires end |
#last_refresh_result ⇒ Symbol? (readonly)
What happened the last time we tried to refresh?
:expired_refreshed - token was expired, a new token was created with the pw
:expired_pw_failed - token was expired, pw failed to make a new token
:expired_no_pw - token was expired, but no pw was given to make a new one
:refreshed - the token refresh worked with no need for the pw
:refresh_failed - the token refresh failed, and no pw was given to make a new one
:refreshed_with_pw - the token refresh failed, pw worked to make a new token
:refresh_failed_no_pw - the token refresh failed, pw also failed to make a new token
nil - no refresh has been attempted for this token.
84 85 86 |
# File 'lib/jamf/api/connection/token.rb', line 84 def last_refresh_result @last_refresh_result end |
#login_time ⇒ Jamf::Timestamp (readonly)
Returns when was this token created?.
71 72 73 |
# File 'lib/jamf/api/connection/token.rb', line 71 def login_time @login_time end |
#user ⇒ String (readonly)
Returns The user who generated this token.
57 58 59 |
# File 'lib/jamf/api/connection/token.rb', line 57 def user @user end |
Instance Method Details
#account ⇒ Object
the Jamf::Account object assciated with this token
199 200 201 202 203 204 205 206 |
# File 'lib/jamf/api/connection/token.rb', line 199 def account return @account if @account resp = token_connection(AUTH_RSRC, token: @auth_token).get return unless resp.success? @account = Jamf::APIAccount.new resp.body end |
#expired? ⇒ Boolean
166 167 168 169 170 |
# File 'lib/jamf/api/connection/token.rb', line 166 def expired? return unless @expires Time.now >= @expires end |
#host ⇒ String
146 147 148 |
# File 'lib/jamf/api/connection/token.rb', line 146 def host @base_url.host end |
#init_from_pw(pw) ⇒ Object
Initialize from password
114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 |
# File 'lib/jamf/api/connection/token.rb', line 114 def init_from_pw(pw) resp = token_connection( NEW_TOKEN_RSRC, pw: pw, timeout: @timeout, ssl_opts: @ssl_options ).post if resp.success? parse_token_from_response resp elsif resp.status == 401 raise Jamf::AuthenticationError, 'Incorrect name or password' else # TODO: better error reporting here raise Jamf::AuthenticationError, 'An error occurred while authenticating' end end |
#init_from_token_string(str) ⇒ Object
Initialize from token string
133 134 135 136 137 138 139 140 141 142 143 |
# File 'lib/jamf/api/connection/token.rb', line 133 def init_from_token_string(str) str = "#{AUTH_TOKEN_PFX}#{str}" unless str.start_with? AUTH_TOKEN_PFX resp = token_connection(AUTH_RSRC, token: str).get raise Jamf::InvalidDataError, 'Token string is not valid' unless resp.success? @auth_token = str @user = resp.body.dig :account, :username # use this token to get a fresh one with a known expiration refresh end |
#init_jamf_tryitout ⇒ Object
Initialize from password
105 106 107 108 109 110 111 |
# File 'lib/jamf/api/connection/token.rb', line 105 def init_jamf_tryitout @token_response_body = JAMF_TRYITOUT_TOKEN_BODY @auth_token = AUTH_TOKEN_PFX + @token_response_body[:token] @expires = Jamf::Timestamp.new @token_response_body[:expires] @login_time = Jamf::Timestamp.new Time.now @valid = true end |
#invalidate ⇒ Object Also known as: destroy
Make this token invalid
245 246 247 |
# File 'lib/jamf/api/connection/token.rb', line 245 def invalidate @valid = !token_connection(INVALIDATE_RSRC, token: @auth_token).post.success? end |
#jamf_build ⇒ String
161 162 163 |
# File 'lib/jamf/api/connection/token.rb', line 161 def jamf_build raw_jamf_version.split('-').last end |
#jamf_version ⇒ String
156 157 158 |
# File 'lib/jamf/api/connection/token.rb', line 156 def jamf_version raw_jamf_version.split('-').first end |
#port ⇒ Integer
151 152 153 |
# File 'lib/jamf/api/connection/token.rb', line 151 def port @base_url.port end |
#refresh(pw = nil) ⇒ Jamf::Timestamp Also known as: keep_alive
Use this token to get a fresh one. If a pw is provided try to use it to get a new token if a proper refresh fails.
216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 |
# File 'lib/jamf/api/connection/token.rb', line 216 def refresh(pw = nil) # gotta have a pw if expired if expired? # try the passwd return refresh_with_passwd(pw, :expired_refreshed, :expired_pw_failed) if pw # no passwd? no chance! @last_refresh_result = :expired_no_pw raise Jamf::InvalidTokenError, 'Token has expired' end # Now try a normal refresh of our non-expired token keep_alive_token_resp = token_connection(KEEP_ALIVE_RSRC, token: @auth_token).post if keep_alive_token_resp.success? parse_token_from_response keep_alive_token_resp @last_refresh_result = :refreshed return expires end # if we're here, the normal refresh failed, so try the pw return refresh_with_passwd(pw, :refreshed_with_pw, :refresh_failed_no_pw) if pw # if we're here, no pw? no chance! @last_refresh_result = :refresh_failed raise 'An error occurred while refreshing the token' unless pw end |
#secs_remaining ⇒ Float
173 174 175 176 177 |
# File 'lib/jamf/api/connection/token.rb', line 173 def secs_remaining return unless @expires @expires - Time.now end |
#time_remaining ⇒ String
Returns e.g. “1 week 6 days 23 hours 49 minutes 56 seconds”.
180 181 182 183 184 |
# File 'lib/jamf/api/connection/token.rb', line 180 def time_remaining return unless @expires Jamf.humanize_secs secs_remaining end |
#valid? ⇒ Boolean
187 188 189 190 191 192 193 194 195 196 |
# File 'lib/jamf/api/connection/token.rb', line 187 def valid? @valid = if expired? false elsif !@auth_token false else token_connection(AUTH_RSRC, token: @auth_token).get.success? end end |