config_server_agent 0.3.8 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/config_server_agent.rb +1 -92
- data/lib/config_server_agent/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4e3d6581bda6a587bc6628494ec47820bcf2e5670ba391e861e17fb689c8c0d7
|
4
|
+
data.tar.gz: 2969a8c10265b6dfef34051c8918bbabc1eda695d927b7ae56ff441002424545
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bfbeb9ac2b16410f4bfc1582f2a6ca76eb781f1653db46967ceef96939d74f851ffac2b37ea5df7ca57463d85e9314809e99a9ee4a5ab3a245ec72eaecc0ecc5
|
7
|
+
data.tar.gz: b12053703a2605979953cc311abcf53e6476ff4fab39e255360815047d860428659eb3b1c0153cb9a0b412464e6a6ff2905d8f4696cf713e38ed948bc9835c4b
|
data/CHANGELOG.md
CHANGED
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
|
|
4
4
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
5
5
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
6
6
|
|
7
|
+
## 0.4.0
|
8
|
+
### Changed
|
9
|
+
- Removed dependence on Auth0 M2M tokens
|
10
|
+
|
7
11
|
## 0.3.8
|
8
12
|
### Changed
|
9
13
|
- More resiliant cache file permission handling
|
data/lib/config_server_agent.rb
CHANGED
@@ -10,22 +10,11 @@ class ConfigServerAgent
|
|
10
10
|
class Error < StandardError; end
|
11
11
|
|
12
12
|
def initialize(
|
13
|
-
auth0_client_id: ENV['AUTH0_CLIENT_ID'],
|
14
|
-
auth0_client_secret: ENV['AUTH0_CLIENT_SECRET'],
|
15
|
-
auth0_host: ENV['AUTH0_HOST'],
|
16
|
-
config_server_audience: ENV['CONFIG_SERVER_AUDIENCE'],
|
17
13
|
config_server_api_key: ENV['CONFIG_SERVER_API_KEY'],
|
18
14
|
config_server_host: ENV['CONFIG_SERVER_HOST'],
|
19
15
|
user_agent: "ConfigServerAgent/#{ConfigServerAgent::VERSION}",
|
20
|
-
user_agent_comment: nil
|
21
|
-
token_ttl: nil,
|
22
|
-
use_cache: false,
|
23
|
-
cache_file: nil
|
16
|
+
user_agent_comment: nil
|
24
17
|
)
|
25
|
-
@auth0_client_id = auth0_client_id or raise ArgumentError, 'Missing auth0_client_id parameter'
|
26
|
-
@auth0_client_secret = auth0_client_secret or raise ArgumentError, 'Missing auth0_client_secret parameter'
|
27
|
-
@auth0_host = auth0_host or raise ArgumentError, 'Missing auth0_host parameter'
|
28
|
-
@config_server_audience = config_server_audience or raise ArgumentError, 'Missing config_server_audience parameter'
|
29
18
|
@config_server_api_key = config_server_api_key or raise ArgumentError, 'Missing config_server_api_key parameter'
|
30
19
|
@config_server_host = config_server_host or raise ArgumentError, 'Missing config_server_host parameter'
|
31
20
|
|
@@ -33,14 +22,6 @@ class ConfigServerAgent
|
|
33
22
|
@mutex = Mutex.new
|
34
23
|
@user_agent = user_agent
|
35
24
|
@user_agent += " (#{user_agent_comment})" if user_agent_comment
|
36
|
-
|
37
|
-
@token_expires = nil
|
38
|
-
@token = nil
|
39
|
-
@token_ttl = token_ttl
|
40
|
-
@token_buffer = 10 # seconds
|
41
|
-
|
42
|
-
@use_cache = use_cache
|
43
|
-
@cache_file = cache_file || '/tmp/' + Digest::SHA1.hexdigest("#{auth0_client_id}/#{ConfigServerAgent::VERSION}") + '.json'
|
44
25
|
end
|
45
26
|
|
46
27
|
def get_config
|
@@ -104,13 +85,11 @@ class ConfigServerAgent
|
|
104
85
|
|
105
86
|
request = yield url
|
106
87
|
request['user-agent'] = @user_agent
|
107
|
-
request['authorization'] = "Bearer #{get_token}"
|
108
88
|
request['content-type'] = 'application/json'
|
109
89
|
request['accept'] = 'application/json'
|
110
90
|
request['api-key'] = @config_server_api_key
|
111
91
|
|
112
92
|
process_response http.request(request)
|
113
|
-
|
114
93
|
end
|
115
94
|
|
116
95
|
def process_response(response)
|
@@ -127,74 +106,4 @@ class ConfigServerAgent
|
|
127
106
|
raise Error, "Invalid JSON received from #{@config_server_host}"
|
128
107
|
end
|
129
108
|
|
130
|
-
def get_token
|
131
|
-
if @token.nil? and @use_cache
|
132
|
-
read_token_cache
|
133
|
-
end
|
134
|
-
|
135
|
-
if @token.nil? or (@token_expires and @token_expires < Time.now.to_i)
|
136
|
-
request_new_token
|
137
|
-
write_token_cache if @use_cache
|
138
|
-
end
|
139
|
-
|
140
|
-
@token
|
141
|
-
end
|
142
|
-
|
143
|
-
def request_new_token
|
144
|
-
url = URI "https://#{@auth0_host}/oauth/token"
|
145
|
-
http = Net::HTTP.new url.host, url.port
|
146
|
-
http.use_ssl = url.scheme == 'https'
|
147
|
-
|
148
|
-
request = Net::HTTP::Post.new url
|
149
|
-
request['user-agent'] = @user_agent
|
150
|
-
request['content-type'] = 'application/json'
|
151
|
-
request.body = {
|
152
|
-
client_id: @auth0_client_id,
|
153
|
-
client_secret: @auth0_client_secret,
|
154
|
-
audience: @config_server_audience,
|
155
|
-
grant_type: 'client_credentials',
|
156
|
-
}.to_json
|
157
|
-
|
158
|
-
response = JSON.parse http.request(request).read_body
|
159
|
-
@token = response['access_token'] or raise Error, "No token from #{@auth0_host}"
|
160
|
-
@token_expires = Time.now.to_i + (@token_ttl || response['expires_in']) - @token_buffer
|
161
|
-
|
162
|
-
@token
|
163
|
-
|
164
|
-
rescue JSON::ParserError
|
165
|
-
raise Error, "Invalid JSON received from #{@auth0_host}"
|
166
|
-
end
|
167
|
-
|
168
|
-
def read_token_cache
|
169
|
-
with_lock do
|
170
|
-
@token, @token_expires = JSON.parse(File.read @cache_file).values_at 'token', 'token_expires'
|
171
|
-
end if File.file? @cache_file
|
172
|
-
end
|
173
|
-
|
174
|
-
def write_token_cache
|
175
|
-
with_lock do
|
176
|
-
File.write(@cache_file, {
|
177
|
-
'token' => @token,
|
178
|
-
'token_expires' => @token_expires
|
179
|
-
}.to_json)
|
180
|
-
|
181
|
-
# Check if o+wr bits are set on the cache file
|
182
|
-
if File.stat(@cache_file).mode & 06 > 0
|
183
|
-
begin
|
184
|
-
# Attempt to remove them if they are...
|
185
|
-
File.chmod 0660, @cache_file
|
186
|
-
rescue Errno::EPERM => e
|
187
|
-
# But don't raise an error if it fails because the file may have been created by another user
|
188
|
-
warn "File permissions are too open: #{@cache_file} - #{e.message}"
|
189
|
-
end
|
190
|
-
end
|
191
|
-
end
|
192
|
-
end
|
193
|
-
|
194
|
-
def with_lock
|
195
|
-
Lockfile.new("/var/lock/config_server_agent.rb.lock", retries: 3, poll_retries: 3) do
|
196
|
-
yield
|
197
|
-
end
|
198
|
-
end
|
199
|
-
|
200
109
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: config_server_agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Aidan Samuel
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-12-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: lockfile
|