class Signet::OAuth2::Client
Signet::OAuth2::Client
creates an OAuth2
client
This reopens Client
to add apply
and apply!
methods which update a hash with the fetched authentication token.
Attributes
universe_domain[RW]
Set the universe domain
Public Instance Methods
build_default_connection()
click to toggle source
# File lib/googleauth/signet.rb, line 86 def build_default_connection if !defined?(@connection_info) nil elsif @connection_info.respond_to? :call @connection_info.call else @connection_info end end
configure_connection(options)
click to toggle source
# File lib/googleauth/signet.rb, line 41 def configure_connection options @connection_info = options[:connection_builder] || options[:default_connection] self end
fetch_access_token!(options = {})
click to toggle source
# File lib/googleauth/signet.rb, line 56 def fetch_access_token! options = {} unless options[:connection] connection = build_default_connection options = options.merge connection: connection if connection end info = retry_with_error do orig_fetch_access_token! options end notify_refresh_listeners info end
Also aliased as: orig_fetch_access_token!
generate_access_token_request(options = {})
click to toggle source
# File lib/googleauth/signet.rb, line 69 def generate_access_token_request options = {} parameters = googleauth_orig_generate_access_token_request options logger&.info do Google::Logging::Message.from( message: "Requesting access token from #{parameters['grant_type']}", "credentialsId" => object_id ) end logger&.debug do Google::Logging::Message.from( message: "Token fetch params: #{parameters}", "credentialsId" => object_id ) end parameters end
Also aliased as: googleauth_orig_generate_access_token_request
googleauth_orig_generate_access_token_request(options = {})
Alias for: generate_access_token_request
retry_with_error(max_retry_count = 5) { || ... }
click to toggle source
# File lib/googleauth/signet.rb, line 96 def retry_with_error max_retry_count = 5 retry_count = 0 begin yield.tap { |resp| log_response resp } rescue StandardError => e if e.is_a?(Signet::AuthorizationError) || e.is_a?(Signet::ParseError) log_auth_error e raise e end if retry_count < max_retry_count log_transient_error e retry_count += 1 sleep retry_count * 0.3 retry else log_retries_exhausted e msg = "Unexpected error: #{e.inspect}" raise Signet::AuthorizationError, msg end end end
token_type()
click to toggle source
The token type as symbol, either :id_token or :access_token
# File lib/googleauth/signet.rb, line 48 def token_type target_audience ? :id_token : :access_token end
update_token!(options = {})
click to toggle source
# File lib/googleauth/signet.rb, line 32 def update_token! options = {} options = deep_hash_normalize options id_token_expires_at = expires_at_from_id_token options[:id_token] options[:expires_at] = id_token_expires_at if id_token_expires_at update_token_signet_base options self.universe_domain = options[:universe_domain] if options.key? :universe_domain self end
Also aliased as: update_token_signet_base
Private Instance Methods
expires_at_from_id_token(id_token)
click to toggle source
# File lib/googleauth/signet.rb, line 122 def expires_at_from_id_token id_token match = /^[\w=-]+\.([\w=-]+)\.[\w=-]+$/.match id_token.to_s return unless match json = JSON.parse Base64.urlsafe_decode64 match[1] return unless json.key? "exp" Time.at json["exp"].to_i rescue StandardError # Shouldn't happen unless we get a garbled ID token nil end
log_auth_error(err)
click to toggle source
# File lib/googleauth/signet.rb, line 149 def log_auth_error err logger&.info do Google::Logging::Message.from( message: "Auth error when fetching auth token: #{err}", "credentialsId" => object_id ) end end
log_response(token_response)
click to toggle source
# File lib/googleauth/signet.rb, line 133 def log_response token_response response_hash = JSON.parse token_response rescue {} if response_hash["access_token"] digest = Digest::SHA256.hexdigest response_hash["access_token"] response_hash["access_token"] = "(sha256:#{digest})" end if response_hash["id_token"] digest = Digest::SHA256.hexdigest response_hash["id_token"] response_hash["id_token"] = "(sha256:#{digest})" end Google::Logging::Message.from( message: "Received auth token response: #{response_hash}", "credentialsId" => object_id ) end
log_retries_exhausted(err)
click to toggle source
# File lib/googleauth/signet.rb, line 167 def log_retries_exhausted err logger&.info do Google::Logging::Message.from( message: "Exhausted retries when fetching auth token: #{err}", "credentialsId" => object_id ) end end
log_transient_error(err)
click to toggle source
# File lib/googleauth/signet.rb, line 158 def log_transient_error err logger&.info do Google::Logging::Message.from( message: "Transient error when fetching auth token: #{err}", "credentialsId" => object_id ) end end