ibm_cloud_sdk_core 0.3.3 → 1.0.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/ibm_cloud_sdk_core/authenticators/authenticator.rb +22 -0
- data/lib/ibm_cloud_sdk_core/authenticators/basic_authenticator.rb +35 -0
- data/lib/ibm_cloud_sdk_core/authenticators/bearer_token_authenticator.rb +31 -0
- data/lib/ibm_cloud_sdk_core/authenticators/config_based_authenticator_factory.rb +36 -0
- data/lib/ibm_cloud_sdk_core/authenticators/cp4d_authenticator.rb +49 -0
- data/lib/ibm_cloud_sdk_core/authenticators/iam_authenticator.rb +60 -0
- data/lib/ibm_cloud_sdk_core/authenticators/no_auth_authenticator.rb +21 -0
- data/lib/ibm_cloud_sdk_core/base_service.rb +13 -169
- data/lib/ibm_cloud_sdk_core/{icp4d_token_manager.rb → token_managers/cp4d_token_manager.rb} +7 -6
- data/lib/ibm_cloud_sdk_core/token_managers/iam_token_manager.rb +60 -0
- data/lib/ibm_cloud_sdk_core/{jwt_token_manager.rb → token_managers/jwt_token_manager.rb} +5 -8
- data/lib/ibm_cloud_sdk_core/utils.rb +78 -0
- data/lib/ibm_cloud_sdk_core/version.rb +1 -1
- data/test/unit/test_base_service.rb +63 -241
- data/test/unit/test_iam_token_manager.rb +26 -62
- data/test/unit/test_icp4d_token_manager.rb +4 -6
- data/test/unit/test_jwt_token_manager.rb +3 -16
- metadata +16 -8
- data/lib/ibm_cloud_sdk_core/iam_token_manager.rb +0 -66
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 83ac24e7cd38e3b1bfa169bf354347c35f10f36ebd99c68aac6153d12a5a45c0
|
4
|
+
data.tar.gz: af948abbdfa2ba7081e12c6f49ad401ec95bd1323478ffd6fd7ea21d48fd9205
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: da1b2b737e578f293a15595382da13fa7d961e382b76ea919de5d6ae1c2472c585b25ecf3153c6c5a26f6f46b1095fb2c555be323450858e195b902a43e9df88
|
7
|
+
data.tar.gz: 6d3d192c519dcd95b011ded3dc56a81965fe628ef18c3ac1a6036cf3a65e070e2c2f5b8ae73aa9992be84da5cf87eaae944b808571be182437a074b963408a5e
|
@@ -0,0 +1,22 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
|
5
|
+
module IBMCloudSdkCore
|
6
|
+
# Authenticator
|
7
|
+
class Authenticator
|
8
|
+
AUTH_TYPE_BASIC = "basic"
|
9
|
+
AUTH_TYPE_BEARER_TOKEN = "bearerToken"
|
10
|
+
AUTH_TYPE_CP4D = "cp4d"
|
11
|
+
AUTH_TYPE_IAM = "iam"
|
12
|
+
AUTH_TYPE_NO_AUTH = "noAuth"
|
13
|
+
|
14
|
+
def authenticate
|
15
|
+
# Adds the Authorization header, if possible
|
16
|
+
end
|
17
|
+
|
18
|
+
def validate
|
19
|
+
# Checks if all the inputs needed are present
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
@@ -0,0 +1,35 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
require_relative("./authenticator.rb")
|
5
|
+
require_relative("../utils.rb")
|
6
|
+
|
7
|
+
module IBMCloudSdkCore
|
8
|
+
# Basic Authenticator
|
9
|
+
class BasicAuthenticator < Authenticator
|
10
|
+
attr_accessor :username, :password
|
11
|
+
def initialize(vars)
|
12
|
+
defaults = {
|
13
|
+
username: nil,
|
14
|
+
password: nil
|
15
|
+
}
|
16
|
+
vars = defaults.merge(vars)
|
17
|
+
@username = vars[:username]
|
18
|
+
@password = vars[:password]
|
19
|
+
@authentication_type = AUTH_TYPE_BASIC
|
20
|
+
validate
|
21
|
+
end
|
22
|
+
|
23
|
+
# Adds the Authorization header, if possible
|
24
|
+
def authenticate(req)
|
25
|
+
req.basic_auth(user: @username, pass: @password)
|
26
|
+
end
|
27
|
+
|
28
|
+
# Checks if all the inputs needed are present
|
29
|
+
def validate
|
30
|
+
raise ArgumentError.new("The username and password shouldn\'t be None.") if @username.nil? || @password.nil?
|
31
|
+
raise ArgumentError.new('The username shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your username') if check_bad_first_or_last_char(@username)
|
32
|
+
raise ArgumentError.new('The password shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your password') if check_bad_first_or_last_char(@password)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
require_relative("./authenticator.rb")
|
5
|
+
require_relative("../utils.rb")
|
6
|
+
|
7
|
+
module IBMCloudSdkCore
|
8
|
+
# Basic Authenticator
|
9
|
+
class BearerTokenAuthenticator < Authenticator
|
10
|
+
attr_accessor :authentication_type
|
11
|
+
def initialize(vars)
|
12
|
+
defaults = {
|
13
|
+
bearer_token: nil
|
14
|
+
}
|
15
|
+
vars = defaults.merge(vars)
|
16
|
+
@bearer_token = vars[:bearer_token]
|
17
|
+
@authentication_type = AUTH_TYPE_BEARER_TOKEN
|
18
|
+
validate
|
19
|
+
end
|
20
|
+
|
21
|
+
# Adds the Authorization header, if possible
|
22
|
+
def authenticate(connector)
|
23
|
+
connector.default_options.headers.add("Authorization", "Bearer #{@bearer_token}")
|
24
|
+
end
|
25
|
+
|
26
|
+
# Checks if all the inputs needed are present
|
27
|
+
def validate
|
28
|
+
raise ArgumentError.new("The bearer token shouldn\'t be None.") if @bearer_token.nil?
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
require_relative("./authenticator.rb")
|
5
|
+
require_relative("./basic_authenticator.rb")
|
6
|
+
require_relative("./bearer_token_authenticator.rb")
|
7
|
+
require_relative("./cp4d_authenticator.rb")
|
8
|
+
require_relative("./iam_authenticator.rb")
|
9
|
+
require_relative("./no_auth_authenticator.rb")
|
10
|
+
require_relative("../utils.rb")
|
11
|
+
|
12
|
+
module IBMCloudSdkCore
|
13
|
+
# Authenticator
|
14
|
+
class ConfigBasedAuthenticatorFactory < Authenticator
|
15
|
+
# Checks the credentials file and VCAP_SERVICES environment variable
|
16
|
+
# :param service_name: The service name
|
17
|
+
# :return: the authenticator
|
18
|
+
def get_authenticator(service_name:)
|
19
|
+
config = get_service_properties(service_name)
|
20
|
+
return construct_authenticator(config) unless config.nil? || config.empty?
|
21
|
+
end
|
22
|
+
|
23
|
+
def construct_authenticator(config)
|
24
|
+
if config[:auth_type].nil?
|
25
|
+
auth_type = "iam"
|
26
|
+
else
|
27
|
+
auth_type = config[:auth_type]
|
28
|
+
end
|
29
|
+
return BasicAuthenticator.new(config) if auth_type == AUTH_TYPE_BASIC
|
30
|
+
return BearerTokenAuthenticator.new(config) if auth_type == AUTH_TYPE_BEARER_TOKEN
|
31
|
+
return CloudPakForDataAuthenticator.new(config) if auth_type == AUTH_TYPE_CP4D
|
32
|
+
return IamAuthenticator.new(config) if auth_type == AUTH_TYPE_IAM
|
33
|
+
return NoAuthAUthenticator.new if auth_type == AUTH_TYPE_NO_AUTH
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
require_relative("./authenticator.rb")
|
5
|
+
require_relative("../token_managers/cp4d_token_manager.rb")
|
6
|
+
require_relative("../utils.rb")
|
7
|
+
|
8
|
+
module IBMCloudSdkCore
|
9
|
+
# Basic Authenticator
|
10
|
+
class CloudPakForDataAuthenticator < Authenticator
|
11
|
+
attr_accessor :authentication_type
|
12
|
+
def initialize(vars)
|
13
|
+
defaults = {
|
14
|
+
username: nil,
|
15
|
+
password: nil,
|
16
|
+
url: nil,
|
17
|
+
disable_ssl_verification: false
|
18
|
+
}
|
19
|
+
vars = defaults.merge(vars)
|
20
|
+
@username = vars[:username]
|
21
|
+
@password = vars[:password]
|
22
|
+
@url = vars[:url]
|
23
|
+
@disable_ssl_verification = vars[:disable_ssl_verification]
|
24
|
+
@authentication_type = AUTH_TYPE_CP4D
|
25
|
+
|
26
|
+
validate
|
27
|
+
@token_manager = CP4DTokenManager.new(
|
28
|
+
username: @username,
|
29
|
+
password: @password,
|
30
|
+
url: @url,
|
31
|
+
disable_ssl_verification: @disable_ssl_verification
|
32
|
+
)
|
33
|
+
end
|
34
|
+
|
35
|
+
# Adds the Authorization header, if possible
|
36
|
+
def authenticate(connector)
|
37
|
+
connector.default_options.headers.add("Authorization", "Bearer #{@token_manager.access_token}")
|
38
|
+
end
|
39
|
+
|
40
|
+
# Checks if all the inputs needed are present
|
41
|
+
def validate
|
42
|
+
raise ArgumentError.new("The username or password shouldn\'t be None.") if @username.nil? || @password.nil?
|
43
|
+
raise ArgumentError.new("The url or password shouldn\'t be None.") if @url.nil?
|
44
|
+
raise ArgumentError.new('The username shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your username') if check_bad_first_or_last_char(@username)
|
45
|
+
raise ArgumentError.new('The password shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your password') if check_bad_first_or_last_char(@password)
|
46
|
+
raise ArgumentError.new('The url shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your url') if check_bad_first_or_last_char(@url)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
require_relative("./authenticator.rb")
|
5
|
+
require_relative("../token_managers/iam_token_manager.rb")
|
6
|
+
require_relative("../utils.rb")
|
7
|
+
|
8
|
+
module IBMCloudSdkCore
|
9
|
+
# Basic Authenticator
|
10
|
+
class IamAuthenticator < Authenticator
|
11
|
+
DEFAULT_CLIENT_ID = "bx"
|
12
|
+
DEFAULT_CLIENT_SECRET = "bx"
|
13
|
+
|
14
|
+
attr_accessor :authentication_type
|
15
|
+
def initialize(vars)
|
16
|
+
defaults = {
|
17
|
+
url: nil,
|
18
|
+
client_id: nil,
|
19
|
+
client_secret: nil,
|
20
|
+
disable_ssl_verification: nil
|
21
|
+
}
|
22
|
+
vars = defaults.merge(vars)
|
23
|
+
@apikey = vars[:apikey]
|
24
|
+
@url = vars[:url]
|
25
|
+
@client_id = vars[:client_id]
|
26
|
+
@client_secret = vars[:client_secret]
|
27
|
+
@disable_ssl_verification = vars[:disable_ssl_verification]
|
28
|
+
@authentication_type = AUTH_TYPE_IAM
|
29
|
+
validate
|
30
|
+
@token_manager = iam_token_manager(
|
31
|
+
apikey: @apikey,
|
32
|
+
url: @url,
|
33
|
+
client_id: @client_id,
|
34
|
+
client_secret: @client_secret,
|
35
|
+
disable_ssl_verification: @disable_ssl_verification
|
36
|
+
)
|
37
|
+
end
|
38
|
+
|
39
|
+
def authenticate(connector)
|
40
|
+
connector.default_options.headers.add("Authorization", "Bearer #{@token_manager.access_token}")
|
41
|
+
end
|
42
|
+
|
43
|
+
def validate
|
44
|
+
# Adds the Authorization header, if possible
|
45
|
+
raise ArgumentError.new("The apikey shouldn\'t be None.") if @apikey.nil?
|
46
|
+
raise ArgumentError.new('The apikey shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your apikey') if check_bad_first_or_last_char(@apikey)
|
47
|
+
|
48
|
+
# Both the client id and secret should be provided or neither should be provided.
|
49
|
+
if !iam_client_id.nil? && !iam_client_secret.nil?
|
50
|
+
@iam_client_id = iam_client_id
|
51
|
+
@iam_client_secret = iam_client_secret
|
52
|
+
elsif iam_client_id.nil? && iam_client_secret.nil?
|
53
|
+
@iam_client_id = DEFAULT_CLIENT_ID
|
54
|
+
@iam_client_secret = DEFAULT_CLIENT_SECRET
|
55
|
+
else
|
56
|
+
raise ArgumentError.new("Only one of 'iam_client_id' or 'iam_client_secret' were specified, but both parameters should be specified together.")
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("json")
|
4
|
+
require_relative("./authenticator.rb")
|
5
|
+
|
6
|
+
module IBMCloudSdkCore
|
7
|
+
# Authenticator
|
8
|
+
class NoAuthAuthenticator < Authenticator
|
9
|
+
def initialize
|
10
|
+
@authentication_type = AUTH_TYPE_NO_AUTH
|
11
|
+
end
|
12
|
+
|
13
|
+
def authenticate
|
14
|
+
nil
|
15
|
+
end
|
16
|
+
|
17
|
+
def validate
|
18
|
+
nil
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -4,13 +4,12 @@ require("http")
|
|
4
4
|
require("rbconfig")
|
5
5
|
require("stringio")
|
6
6
|
require("json")
|
7
|
+
require_relative("./version.rb")
|
7
8
|
require_relative("./detailed_response.rb")
|
8
9
|
require_relative("./api_exception.rb")
|
9
|
-
require_relative("./
|
10
|
-
require_relative("./
|
11
|
-
require_relative("./version.rb")
|
10
|
+
require_relative("./utils.rb")
|
11
|
+
require_relative("./authenticators/authenticator")
|
12
12
|
|
13
|
-
DEFAULT_CREDENTIALS_FILE_NAME = "ibm-credentials.env"
|
14
13
|
NORMALIZER = lambda do |uri| # Custom URI normalizer when using HTTP Client
|
15
14
|
HTTP::URI.parse uri
|
16
15
|
end
|
@@ -18,143 +17,37 @@ end
|
|
18
17
|
module IBMCloudSdkCore
|
19
18
|
# Class for interacting with the API
|
20
19
|
class BaseService
|
21
|
-
attr_accessor :
|
22
|
-
attr_reader :conn, :
|
20
|
+
attr_accessor :display_name
|
21
|
+
attr_reader :conn, :authenticator
|
23
22
|
def initialize(vars)
|
24
23
|
defaults = {
|
25
|
-
|
26
|
-
|
27
|
-
authentication_type: nil,
|
28
|
-
username: nil,
|
29
|
-
password: nil,
|
30
|
-
icp4d_access_token: nil,
|
31
|
-
icp4d_url: nil,
|
32
|
-
iam_apikey: nil,
|
33
|
-
iam_access_token: nil,
|
34
|
-
iam_url: nil,
|
35
|
-
iam_client_id: nil,
|
36
|
-
iam_client_secret: nil,
|
24
|
+
authenticator: nil,
|
25
|
+
disable_ssl_verification: false,
|
37
26
|
display_name: nil
|
38
27
|
}
|
39
28
|
vars = defaults.merge(vars)
|
40
29
|
@url = vars[:url]
|
41
|
-
@
|
42
|
-
@
|
43
|
-
@icp_prefix = vars[:password]&.start_with?("icp-") || vars[:iam_apikey]&.start_with?("icp-") ? true : false
|
44
|
-
@icp4d_access_token = vars[:icp4d_access_token]
|
45
|
-
@icp4d_url = vars[:icp4d_url]
|
46
|
-
@iam_url = vars[:iam_url]
|
47
|
-
@iam_apikey = vars[:iam_apikey]
|
48
|
-
@iam_access_token = vars[:iam_access_token]
|
49
|
-
@token_manager = nil
|
50
|
-
@authentication_type = vars[:authentication_type].downcase unless vars[:authentication_type].nil?
|
51
|
-
@temp_headers = nil
|
52
|
-
@disable_ssl_verification = false
|
30
|
+
@authenticator = vars[:authenticator]
|
31
|
+
@disable_ssl_verification = vars[:disable_ssl_verification]
|
53
32
|
@display_name = vars[:display_name]
|
33
|
+
@service_name = @display_name.tr(" ", "_").downcase unless @display_name.nil?
|
54
34
|
|
55
|
-
if
|
56
|
-
|
57
|
-
|
58
|
-
@url = @vcap_service_credentials["url"]
|
59
|
-
@username = @vcap_service_credentials["username"] if @vcap_service_credentials.key?("username")
|
60
|
-
@password = @vcap_service_credentials["password"] if @vcap_service_credentials.key?("password")
|
61
|
-
@iam_apikey = @vcap_service_credentials["iam_apikey"] if @vcap_service_credentials.key?("iam_apikey")
|
62
|
-
@iam_access_token = @vcap_service_credentials["iam_access_token"] if @vcap_service_credentials.key?("iam_access_token")
|
63
|
-
@icp4d_access_token = @vcap_service_credentials["icp4d_access_token"] if @vcap_service_credentials.key?("icp4d_access_token")
|
64
|
-
@icp4d_url = @vcap_service_credentials["icp4d_url"] if @vcap_service_credentials.key?("icp4d_url")
|
65
|
-
@iam_url = @vcap_service_credentials["iam_url"] if @vcap_service_credentials.key?("iam_url")
|
66
|
-
@icp_prefix = @password&.start_with?("icp-") || @iam_apikey&.start_with?("icp-") ? true : false
|
67
|
-
end
|
68
|
-
end
|
69
|
-
|
70
|
-
if @display_name && !@username && !@iam_apikey
|
71
|
-
service_name = @display_name.tr(" ", "_").downcase
|
72
|
-
load_from_credential_file(service_name)
|
73
|
-
@icp_prefix = @password&.start_with?("icp-") || @iam_apikey&.start_with?("icp-") ? true : false
|
74
|
-
end
|
75
|
-
|
76
|
-
if @authentication_type == "iam" || ((!@iam_access_token.nil? || !@iam_apikey.nil?) && !@icp_prefix)
|
77
|
-
iam_token_manager(iam_apikey: @iam_apikey, iam_access_token: @iam_access_token,
|
78
|
-
iam_url: @iam_url, iam_client_id: @iam_client_id,
|
79
|
-
iam_client_secret: @iam_client_secret)
|
80
|
-
elsif !@iam_apikey.nil? && @icp_prefix
|
81
|
-
@username = "apikey"
|
82
|
-
@password = vars[:iam_apikey]
|
83
|
-
elsif @authentication_type == "icp4d" || !@icp4d_access_token.nil?
|
84
|
-
icp4d_token_manager(icp4d_access_token: @icp4d_access_token, icp4d_url: @icp4d_url,
|
85
|
-
username: @username, password: @password)
|
86
|
-
elsif !@username.nil? && !@password.nil?
|
87
|
-
if @username == "apikey" && !@icp_prefix
|
88
|
-
iam_apikey(iam_apikey: @password)
|
89
|
-
else
|
90
|
-
@username = @username
|
91
|
-
@password = @password
|
92
|
-
end
|
35
|
+
if @service_name && !@url
|
36
|
+
config = get_service_properties(@service_name)
|
37
|
+
@url = config[:url] unless config.nil?
|
93
38
|
end
|
94
39
|
|
95
|
-
raise ArgumentError.new('The username shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your username') if check_bad_first_or_last_char(@username)
|
96
|
-
raise ArgumentError.new('The password shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your password') if check_bad_first_or_last_char(@password)
|
97
|
-
raise ArgumentError.new('The url shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your url') if check_bad_first_or_last_char(@url)
|
98
|
-
raise ArgumentError.new('The apikey shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your apikey') if check_bad_first_or_last_char(@iam_apikey)
|
99
|
-
raise ArgumentError.new('The iam access token shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your iam access token') if check_bad_first_or_last_char(@iam_access_token)
|
100
|
-
raise ArgumentError.new('The icp4d access token shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your icp4d access token') if check_bad_first_or_last_char(@icp4d_access_token)
|
101
|
-
raise ArgumentError.new('The icp4d url shouldn\'t start or end with curly brackets or quotes. Be sure to remove any {} and \" characters surrounding your icp4d url') if check_bad_first_or_last_char(@icp4d_url)
|
102
|
-
|
103
40
|
@conn = HTTP::Client.new(
|
104
41
|
headers: {}
|
105
42
|
).use normalize_uri: { normalizer: NORMALIZER }
|
106
43
|
end
|
107
44
|
|
108
|
-
# Initiates the credentials based on the credential file
|
109
|
-
def load_from_credential_file(service_name, separator = "=")
|
110
|
-
credential_file_path = ENV["IBM_CREDENTIALS_FILE"]
|
111
|
-
|
112
|
-
# Home directory
|
113
|
-
if credential_file_path.nil?
|
114
|
-
file_path = ENV["HOME"] + "/" + DEFAULT_CREDENTIALS_FILE_NAME
|
115
|
-
credential_file_path = file_path if File.exist?(file_path)
|
116
|
-
end
|
117
|
-
|
118
|
-
# Top-level directory of the project
|
119
|
-
if credential_file_path.nil?
|
120
|
-
file_path = File.join(File.dirname(__FILE__), "/../../" + DEFAULT_CREDENTIALS_FILE_NAME)
|
121
|
-
credential_file_path = file_path if File.exist?(file_path)
|
122
|
-
end
|
123
|
-
|
124
|
-
return if credential_file_path.nil?
|
125
|
-
|
126
|
-
file_contents = File.open(credential_file_path, "r")
|
127
|
-
file_contents.each_line do |line|
|
128
|
-
key_val = line.strip.split(separator)
|
129
|
-
set_credential_based_on_type(service_name, key_val[0].downcase, key_val[1]) if key_val.length == 2
|
130
|
-
end
|
131
|
-
end
|
132
|
-
|
133
|
-
def load_from_vcap_services(service_name:)
|
134
|
-
vcap_services = ENV["VCAP_SERVICES"]
|
135
|
-
unless vcap_services.nil?
|
136
|
-
services = JSON.parse(vcap_services)
|
137
|
-
return services[service_name][0]["credentials"] if services.key?(service_name)
|
138
|
-
end
|
139
|
-
nil
|
140
|
-
end
|
141
|
-
|
142
45
|
def add_default_headers(headers: {})
|
143
46
|
raise TypeError unless headers.instance_of?(Hash)
|
144
47
|
|
145
48
|
headers.each_pair { |k, v| @conn.default_options.headers.add(k, v) }
|
146
49
|
end
|
147
50
|
|
148
|
-
def iam_access_token(iam_access_token:)
|
149
|
-
@token_manager = IAMTokenManager.new(iam_access_token: iam_access_token) if @token_manager.nil?
|
150
|
-
@iam_access_token = iam_access_token
|
151
|
-
end
|
152
|
-
|
153
|
-
def iam_apikey(iam_apikey:)
|
154
|
-
@token_manager = IAMTokenManager.new(iam_apikey: iam_apikey) if @token_manager.nil?
|
155
|
-
@iam_apikey = iam_apikey
|
156
|
-
end
|
157
|
-
|
158
51
|
# @return [DetailedResponse]
|
159
52
|
def request(args)
|
160
53
|
defaults = { method: nil, url: nil, accept_json: false, headers: nil, params: nil, json: {}, data: nil }
|
@@ -172,20 +65,7 @@ module IBMCloudSdkCore
|
|
172
65
|
args.delete_if { |_, v| v.nil? }
|
173
66
|
args[:headers].delete("Content-Type") if args.key?(:form) || args[:json].nil?
|
174
67
|
|
175
|
-
if @username == "apikey" && !@icp_prefix
|
176
|
-
iam_apikey(iam_apikey: @password)
|
177
|
-
@username = nil
|
178
|
-
end
|
179
|
-
|
180
68
|
conn = @conn
|
181
|
-
if !@iam_apikey.nil? && @icp_prefix
|
182
|
-
conn = @conn.basic_auth(user: "apikey", pass: @iam_apikey)
|
183
|
-
elsif !@token_manager.nil?
|
184
|
-
access_token = @token_manager.token
|
185
|
-
args[:headers]["Authorization"] = "Bearer #{access_token}"
|
186
|
-
elsif !@username.nil? && !@password.nil?
|
187
|
-
conn = @conn.basic_auth(user: @username, pass: @password)
|
188
|
-
end
|
189
69
|
|
190
70
|
args[:headers] = args[:headers].merge(@temp_headers) unless @temp_headers.nil?
|
191
71
|
@temp_headers = nil unless @temp_headers.nil?
|
@@ -253,42 +133,6 @@ module IBMCloudSdkCore
|
|
253
133
|
|
254
134
|
private
|
255
135
|
|
256
|
-
def set_credential_based_on_type(service_name, key, value)
|
257
|
-
return unless key.include?(service_name)
|
258
|
-
|
259
|
-
@iam_apikey = value if key.include?("iam_apikey") || key.include?("apikey")
|
260
|
-
@iam_url = value if key.include?("iam_url")
|
261
|
-
@url = value if key.include?("url")
|
262
|
-
@username = value if key.include?("username")
|
263
|
-
@password = value if key.include?("password")
|
264
|
-
end
|
265
|
-
|
266
|
-
def check_bad_first_or_last_char(str)
|
267
|
-
return str.start_with?("{", "\"") || str.end_with?("}", "\"") unless str.nil?
|
268
|
-
end
|
269
|
-
|
270
|
-
def iam_token_manager(iam_apikey: nil, iam_access_token: nil, iam_url: nil,
|
271
|
-
iam_client_id: nil, iam_client_secret: nil)
|
272
|
-
@iam_apikey = iam_apikey
|
273
|
-
@iam_access_token = iam_access_token
|
274
|
-
@iam_url = iam_url
|
275
|
-
@iam_client_id = iam_client_id
|
276
|
-
@iam_client_secret = iam_client_secret
|
277
|
-
@token_manager =
|
278
|
-
IAMTokenManager.new(iam_apikey: iam_apikey, iam_access_token: iam_access_token,
|
279
|
-
iam_url: iam_url, iam_client_id: iam_client_id, iam_client_secret: iam_client_secret)
|
280
|
-
end
|
281
|
-
|
282
|
-
def icp4d_token_manager(icp4d_access_token: nil, icp4d_url: nil, username: nil, password: nil)
|
283
|
-
if !@token_manager.nil?
|
284
|
-
@token_manager.access_token(icp4d_access_token)
|
285
|
-
else
|
286
|
-
raise ArgumentError.new("The icp4d_url is mandatory for ICP4D.") if icp4d_url.nil? && icp4d_access_token.nil?
|
287
|
-
|
288
|
-
@token_manager = ICP4DTokenManager.new(url: icp4d_url, access_token: icp4d_access_token, username: username, password: password)
|
289
|
-
end
|
290
|
-
end
|
291
|
-
|
292
136
|
def add_timeout(timeout)
|
293
137
|
if timeout.key?(:per_operation)
|
294
138
|
raise TypeError("per_operation in timeout must be a Hash") unless timeout[:per_operation].instance_of?(Hash)
|
@@ -3,20 +3,21 @@
|
|
3
3
|
require("http")
|
4
4
|
require("json")
|
5
5
|
require("rbconfig")
|
6
|
-
require_relative("
|
6
|
+
require_relative("./../version.rb")
|
7
7
|
require_relative("./jwt_token_manager")
|
8
8
|
|
9
9
|
module IBMCloudSdkCore
|
10
|
-
# Class to manage
|
11
|
-
class
|
10
|
+
# Class to manage CP4D Token Authentication
|
11
|
+
class CP4DTokenManager < JWTTokenManager
|
12
12
|
TOKEN_NAME = "accessToken"
|
13
|
-
def initialize(url: nil, username: nil, password: nil,
|
14
|
-
raise ArgumentError.new("The url is mandatory for
|
13
|
+
def initialize(url: nil, username: nil, password: nil, disable_ssl_verification: nil)
|
14
|
+
raise ArgumentError.new("The url is mandatory for CP4D.") if url.nil?
|
15
15
|
|
16
16
|
url += "/v1/preauth/validateAuth"
|
17
17
|
@username = username
|
18
18
|
@password = password
|
19
|
-
|
19
|
+
@disable_ssl_verification = disable_ssl_verification
|
20
|
+
super(url: url, token_name: TOKEN_NAME)
|
20
21
|
end
|
21
22
|
|
22
23
|
def request_token
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require("http")
|
4
|
+
require("json")
|
5
|
+
require("rbconfig")
|
6
|
+
require_relative("./../version.rb")
|
7
|
+
require_relative("./jwt_token_manager")
|
8
|
+
|
9
|
+
module IBMCloudSdkCore
|
10
|
+
# Class to manage IAM Token Authentication
|
11
|
+
class IAMTokenManager < JWTTokenManager
|
12
|
+
DEFAULT_IAM_URL = "https://iam.cloud.ibm.com/identity/token"
|
13
|
+
CONTENT_TYPE = "application/x-www-form-urlencoded"
|
14
|
+
ACCEPT = "application/json"
|
15
|
+
REQUEST_TOKEN_GRANT_TYPE = "urn:ibm:params:oauth:grant-type:apikey"
|
16
|
+
REQUEST_TOKEN_RESPONSE_TYPE = "cloud_iam"
|
17
|
+
TOKEN_NAME = "access_token"
|
18
|
+
|
19
|
+
attr_accessor :token_info, :user_access_token
|
20
|
+
def initialize(
|
21
|
+
apikey: nil,
|
22
|
+
url: nil,
|
23
|
+
client_id: nil,
|
24
|
+
client_secret: nil,
|
25
|
+
disable_ssl_verification: nil
|
26
|
+
)
|
27
|
+
@apikey = apikey
|
28
|
+
@url = url.nil? ? DEFAULT_IAM_URL : url
|
29
|
+
@client_id = client_id
|
30
|
+
@client_secret = client_secret
|
31
|
+
@disable_ssl_verification = disable_ssl_verification
|
32
|
+
super(url: url, token_name: TOKEN_NAME)
|
33
|
+
end
|
34
|
+
|
35
|
+
private
|
36
|
+
|
37
|
+
# Request an IAM token using an API key
|
38
|
+
def request_token
|
39
|
+
headers = {
|
40
|
+
"Content-Type" => CONTENT_TYPE,
|
41
|
+
"Accept" => ACCEPT
|
42
|
+
}
|
43
|
+
data = {
|
44
|
+
"grant_type" => REQUEST_TOKEN_GRANT_TYPE,
|
45
|
+
"apikey" => @apikey,
|
46
|
+
"response_type" => REQUEST_TOKEN_RESPONSE_TYPE
|
47
|
+
}
|
48
|
+
# @headers.add
|
49
|
+
response = request(
|
50
|
+
method: "POST",
|
51
|
+
url: @url,
|
52
|
+
headers: headers,
|
53
|
+
data: HTTP::URI.form_encode(data),
|
54
|
+
username: @client_id,
|
55
|
+
password: @client_secret
|
56
|
+
)
|
57
|
+
response
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
@@ -4,7 +4,7 @@ require("http")
|
|
4
4
|
require("json")
|
5
5
|
require("jwt")
|
6
6
|
require("rbconfig")
|
7
|
-
require_relative("
|
7
|
+
require_relative("./../version.rb")
|
8
8
|
|
9
9
|
module IBMCloudSdkCore
|
10
10
|
# Class to manage JWT Token Authentication
|
@@ -19,7 +19,6 @@ module IBMCloudSdkCore
|
|
19
19
|
|
20
20
|
@url = vars[:url]
|
21
21
|
@token_info = vars[:token_info]
|
22
|
-
@user_access_token = vars[:access_token]
|
23
22
|
@token_name = vars[:token_name]
|
24
23
|
@time_to_live = nil
|
25
24
|
@expire_time = nil
|
@@ -27,9 +26,7 @@ module IBMCloudSdkCore
|
|
27
26
|
end
|
28
27
|
|
29
28
|
def token
|
30
|
-
if
|
31
|
-
@user_access_token
|
32
|
-
elsif @token_info.nil? || token_expired?
|
29
|
+
if @token_info.nil? || token_expired?
|
33
30
|
token_info = request_token
|
34
31
|
save_token_info(token_info: token_info)
|
35
32
|
@token_info[@token_name]
|
@@ -38,8 +35,8 @@ module IBMCloudSdkCore
|
|
38
35
|
end
|
39
36
|
end
|
40
37
|
|
41
|
-
def access_token
|
42
|
-
@
|
38
|
+
def access_token
|
39
|
+
@token_info[@token_name]
|
43
40
|
end
|
44
41
|
|
45
42
|
def ssl_verification(disable_ssl_verification)
|
@@ -94,7 +91,7 @@ module IBMCloudSdkCore
|
|
94
91
|
end
|
95
92
|
return JSON.parse(response.body.to_s) if (200..299).cover?(response.code)
|
96
93
|
|
97
|
-
require_relative("
|
94
|
+
require_relative("./../api_exception.rb")
|
98
95
|
raise ApiException.new(response: response)
|
99
96
|
end
|
100
97
|
end
|