Class: Sitefull::Auth::Amazon

Inherits:

Base

• Object
• Base
• Sitefull::Auth::Amazon

Defined in:

lib/sitefull-cloud/auth/amazon.rb

Constant Summary

AUTHORIZATION_URI =

'https://www.amazon.com/ap/oa'.freeze

CALLBACK_URI =

'/oauth/amazon/callback'.freeze

SCOPE =

%w(profile).freeze

TOKEN_CREDENTIALS_URI =

'https://api.amazon.com/auth/o2/token'.freeze

PROVIDER_ID =

'www.amazon.com'.freeze

MISSING_ROLE_ARN =

'Missing Role ARN'.freeze

MISSING_REGION =

'Missing Region'.freeze

MISSING_SESSION_NAME =

'Missing session name'.freeze

Constants inherited from Base

Base::MISSING_AUTHORIZATION_URI, Base::MISSING_BASE_URI, Base::MISSING_BASE_URI_SCHEME, Base::MISSING_CALLBACK_URI, Base::MISSING_CLIENT_ID, Base::MISSING_CLIENT_SECRET, Base::MISSING_REDIRECT_URI_SCHEME, Base::MISSING_SCOPE, Base::MISSING_TOKEN_CREDENTIALS_URI

Instance Method Summary

• #authorization_uri(_) ⇒ Object
• #callback_uri ⇒ Object
• #credentials(token) ⇒ Object
• #scope ⇒ Object
• #token_credentials_uri(_) ⇒ Object

Methods inherited from Base

#authorization_url_options, #initialize, #required_settings, #token_options, #validate

Constructor Details

This class inherits a constructor from Sitefull::Auth::Base

Instance Method Details

#authorization_uri(_) ⇒ Object

# File 'lib/sitefull-cloud/auth/amazon.rb', line 35

def authorization_uri(_)
  AUTHORIZATION_URI
end

#callback_uri ⇒ Object

# File 'lib/sitefull-cloud/auth/amazon.rb', line 31

def callback_uri
  CALLBACK_URI
end

#credentials(token) ⇒ Object

# File 'lib/sitefull-cloud/auth/amazon.rb', line 18

def credentials(token)
  fail MISSING_ROLE_ARN if @options[:role_arn].to_s.empty?
  fail MISSING_REGION if @options[:region].to_s.empty?
  fail MISSING_SESSION_NAME if @options[:session_name].to_s.empty?

  sts = Aws::STS::Client.new(region: @options[:region])
  response = sts.assume_role_with_web_identity(role_arn: @options[:role_arn],
                                               role_session_name: @options[:session_name],
                                               provider_id: 'www.amazon.com',
                                               web_identity_token: token.access_token)
  Aws::Credentials.new(*response.credentials.to_h.values_at(:access_key_id, :secret_access_key, :session_token))
end

#scope ⇒ Object

# File 'lib/sitefull-cloud/auth/amazon.rb', line 39

def scope
  SCOPE
end

#token_credentials_uri(_) ⇒ Object

# File 'lib/sitefull-cloud/auth/amazon.rb', line 43

def token_credentials_uri(_)
  TOKEN_CREDENTIALS_URI
end