config_server_agent 0.3.8 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/config_server_agent.rb +1 -92
- data/lib/config_server_agent/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e3d6581bda6a587bc6628494ec47820bcf2e5670ba391e861e17fb689c8c0d7
|
|
4
|
+
data.tar.gz: 2969a8c10265b6dfef34051c8918bbabc1eda695d927b7ae56ff441002424545
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bfbeb9ac2b16410f4bfc1582f2a6ca76eb781f1653db46967ceef96939d74f851ffac2b37ea5df7ca57463d85e9314809e99a9ee4a5ab3a245ec72eaecc0ecc5
|
|
7
|
+
data.tar.gz: b12053703a2605979953cc311abcf53e6476ff4fab39e255360815047d860428659eb3b1c0153cb9a0b412464e6a6ff2905d8f4696cf713e38ed948bc9835c4b
|
data/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
5
5
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
6
6
|
|
|
7
|
+
## 0.4.0
|
|
8
|
+
### Changed
|
|
9
|
+
- Removed dependence on Auth0 M2M tokens
|
|
10
|
+
|
|
7
11
|
## 0.3.8
|
|
8
12
|
### Changed
|
|
9
13
|
- More resiliant cache file permission handling
|
data/lib/config_server_agent.rb
CHANGED
|
@@ -10,22 +10,11 @@ class ConfigServerAgent
|
|
|
10
10
|
class Error < StandardError; end
|
|
11
11
|
|
|
12
12
|
def initialize(
|
|
13
|
-
auth0_client_id: ENV['AUTH0_CLIENT_ID'],
|
|
14
|
-
auth0_client_secret: ENV['AUTH0_CLIENT_SECRET'],
|
|
15
|
-
auth0_host: ENV['AUTH0_HOST'],
|
|
16
|
-
config_server_audience: ENV['CONFIG_SERVER_AUDIENCE'],
|
|
17
13
|
config_server_api_key: ENV['CONFIG_SERVER_API_KEY'],
|
|
18
14
|
config_server_host: ENV['CONFIG_SERVER_HOST'],
|
|
19
15
|
user_agent: "ConfigServerAgent/#{ConfigServerAgent::VERSION}",
|
|
20
|
-
user_agent_comment: nil
|
|
21
|
-
token_ttl: nil,
|
|
22
|
-
use_cache: false,
|
|
23
|
-
cache_file: nil
|
|
16
|
+
user_agent_comment: nil
|
|
24
17
|
)
|
|
25
|
-
@auth0_client_id = auth0_client_id or raise ArgumentError, 'Missing auth0_client_id parameter'
|
|
26
|
-
@auth0_client_secret = auth0_client_secret or raise ArgumentError, 'Missing auth0_client_secret parameter'
|
|
27
|
-
@auth0_host = auth0_host or raise ArgumentError, 'Missing auth0_host parameter'
|
|
28
|
-
@config_server_audience = config_server_audience or raise ArgumentError, 'Missing config_server_audience parameter'
|
|
29
18
|
@config_server_api_key = config_server_api_key or raise ArgumentError, 'Missing config_server_api_key parameter'
|
|
30
19
|
@config_server_host = config_server_host or raise ArgumentError, 'Missing config_server_host parameter'
|
|
31
20
|
|
|
@@ -33,14 +22,6 @@ class ConfigServerAgent
|
|
|
33
22
|
@mutex = Mutex.new
|
|
34
23
|
@user_agent = user_agent
|
|
35
24
|
@user_agent += " (#{user_agent_comment})" if user_agent_comment
|
|
36
|
-
|
|
37
|
-
@token_expires = nil
|
|
38
|
-
@token = nil
|
|
39
|
-
@token_ttl = token_ttl
|
|
40
|
-
@token_buffer = 10 # seconds
|
|
41
|
-
|
|
42
|
-
@use_cache = use_cache
|
|
43
|
-
@cache_file = cache_file || '/tmp/' + Digest::SHA1.hexdigest("#{auth0_client_id}/#{ConfigServerAgent::VERSION}") + '.json'
|
|
44
25
|
end
|
|
45
26
|
|
|
46
27
|
def get_config
|
|
@@ -104,13 +85,11 @@ class ConfigServerAgent
|
|
|
104
85
|
|
|
105
86
|
request = yield url
|
|
106
87
|
request['user-agent'] = @user_agent
|
|
107
|
-
request['authorization'] = "Bearer #{get_token}"
|
|
108
88
|
request['content-type'] = 'application/json'
|
|
109
89
|
request['accept'] = 'application/json'
|
|
110
90
|
request['api-key'] = @config_server_api_key
|
|
111
91
|
|
|
112
92
|
process_response http.request(request)
|
|
113
|
-
|
|
114
93
|
end
|
|
115
94
|
|
|
116
95
|
def process_response(response)
|
|
@@ -127,74 +106,4 @@ class ConfigServerAgent
|
|
|
127
106
|
raise Error, "Invalid JSON received from #{@config_server_host}"
|
|
128
107
|
end
|
|
129
108
|
|
|
130
|
-
def get_token
|
|
131
|
-
if @token.nil? and @use_cache
|
|
132
|
-
read_token_cache
|
|
133
|
-
end
|
|
134
|
-
|
|
135
|
-
if @token.nil? or (@token_expires and @token_expires < Time.now.to_i)
|
|
136
|
-
request_new_token
|
|
137
|
-
write_token_cache if @use_cache
|
|
138
|
-
end
|
|
139
|
-
|
|
140
|
-
@token
|
|
141
|
-
end
|
|
142
|
-
|
|
143
|
-
def request_new_token
|
|
144
|
-
url = URI "https://#{@auth0_host}/oauth/token"
|
|
145
|
-
http = Net::HTTP.new url.host, url.port
|
|
146
|
-
http.use_ssl = url.scheme == 'https'
|
|
147
|
-
|
|
148
|
-
request = Net::HTTP::Post.new url
|
|
149
|
-
request['user-agent'] = @user_agent
|
|
150
|
-
request['content-type'] = 'application/json'
|
|
151
|
-
request.body = {
|
|
152
|
-
client_id: @auth0_client_id,
|
|
153
|
-
client_secret: @auth0_client_secret,
|
|
154
|
-
audience: @config_server_audience,
|
|
155
|
-
grant_type: 'client_credentials',
|
|
156
|
-
}.to_json
|
|
157
|
-
|
|
158
|
-
response = JSON.parse http.request(request).read_body
|
|
159
|
-
@token = response['access_token'] or raise Error, "No token from #{@auth0_host}"
|
|
160
|
-
@token_expires = Time.now.to_i + (@token_ttl || response['expires_in']) - @token_buffer
|
|
161
|
-
|
|
162
|
-
@token
|
|
163
|
-
|
|
164
|
-
rescue JSON::ParserError
|
|
165
|
-
raise Error, "Invalid JSON received from #{@auth0_host}"
|
|
166
|
-
end
|
|
167
|
-
|
|
168
|
-
def read_token_cache
|
|
169
|
-
with_lock do
|
|
170
|
-
@token, @token_expires = JSON.parse(File.read @cache_file).values_at 'token', 'token_expires'
|
|
171
|
-
end if File.file? @cache_file
|
|
172
|
-
end
|
|
173
|
-
|
|
174
|
-
def write_token_cache
|
|
175
|
-
with_lock do
|
|
176
|
-
File.write(@cache_file, {
|
|
177
|
-
'token' => @token,
|
|
178
|
-
'token_expires' => @token_expires
|
|
179
|
-
}.to_json)
|
|
180
|
-
|
|
181
|
-
# Check if o+wr bits are set on the cache file
|
|
182
|
-
if File.stat(@cache_file).mode & 06 > 0
|
|
183
|
-
begin
|
|
184
|
-
# Attempt to remove them if they are...
|
|
185
|
-
File.chmod 0660, @cache_file
|
|
186
|
-
rescue Errno::EPERM => e
|
|
187
|
-
# But don't raise an error if it fails because the file may have been created by another user
|
|
188
|
-
warn "File permissions are too open: #{@cache_file} - #{e.message}"
|
|
189
|
-
end
|
|
190
|
-
end
|
|
191
|
-
end
|
|
192
|
-
end
|
|
193
|
-
|
|
194
|
-
def with_lock
|
|
195
|
-
Lockfile.new("/var/lock/config_server_agent.rb.lock", retries: 3, poll_retries: 3) do
|
|
196
|
-
yield
|
|
197
|
-
end
|
|
198
|
-
end
|
|
199
|
-
|
|
200
109
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: config_server_agent
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aidan Samuel
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-12-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: lockfile
|