ms_rest_azure 0.10.3 → 0.10.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/ms_rest_azure/credentials/msi_token_provider.rb +62 -4
- data/lib/ms_rest_azure/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: def20235f4da031c59b0b4639261aa3e46ba4e73
|
|
4
|
+
data.tar.gz: aed68ba54b3ae17b309edc3aa7bed16fd2aa4bd9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e13f97fdeb769da2e259c5634ad7caffc483c7d3d1bd7fe2a57d85ad9d818b58489b6b7577191cd04ea2fc9de25ea7b7d90169f0d96e158c022405566275f6a5
|
|
7
|
+
data.tar.gz: bcacd4fe74720998007fed9cadc8c7b25e02bc5771dbd224674cea6693dcfc2d0e930f148543d3284aaff370018094e36637fc55879ea35e8c92229984e9d879
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
##2018.04.04 ms_rest_azure version 0.10.4
|
|
2
|
+
* Added IMDS Support for MSI Token Provider class. Refer [PR #1282](https://github.com/Azure/azure-sdk-for-ruby/pull/1282) for further details.
|
|
3
|
+
|
|
1
4
|
##2018.02.06 ms_rest_azure version 0.10.3
|
|
2
5
|
* Removed subscription_id check from configurable. Refer [PR# 1261](https://github.com/Azure/azure-sdk-for-ruby/pull/1261) for further details.
|
|
3
6
|
|
|
@@ -14,6 +14,7 @@ module MsRestAzure
|
|
|
14
14
|
REQUEST_BODY_PATTERN = 'resource={resource_uri}'
|
|
15
15
|
USER_ASSIGNED_IDENTITY = '{id_type}={user_assigned_identity}'
|
|
16
16
|
DEFAULT_SCHEME = 'Bearer'
|
|
17
|
+
IMDS_TOKEN_ACQUIRE_URL = 'http://169.254.169.254/metadata/identity/oauth2/token'
|
|
17
18
|
|
|
18
19
|
# @return [MSIActiveDirectoryServiceSettings] settings.
|
|
19
20
|
attr_accessor :settings
|
|
@@ -56,11 +57,10 @@ module MsRestAzure
|
|
|
56
57
|
# msi_id = {'msi_rest_id': 'resource id of user assigned identity'}
|
|
57
58
|
# The above key,value pairs are mutually exclusive.
|
|
58
59
|
def initialize(port = 50342, settings = ActiveDirectoryServiceSettings.get_azure_settings, msi_id = nil)
|
|
59
|
-
fail ArgumentError, 'Port cannot be nil' if port.nil?
|
|
60
|
-
fail ArgumentError, 'Port must be an Integer' unless port.is_a? Integer
|
|
61
60
|
fail ArgumentError, 'Azure AD settings cannot be nil' if settings.nil?
|
|
62
61
|
fail ArgumentError, 'msi_id must include either client_id, object_id or msi_res_id exclusively' if (!msi_id.nil? && msi_id.length > 1)
|
|
63
62
|
|
|
63
|
+
warn "The 'port' argument is no longer used, and will be removed in a future release" if port != 50342
|
|
64
64
|
@port = port
|
|
65
65
|
@settings = settings
|
|
66
66
|
if !msi_id.nil?
|
|
@@ -78,12 +78,69 @@ module MsRestAzure
|
|
|
78
78
|
#
|
|
79
79
|
# @return [String] authentication headers.
|
|
80
80
|
def get_authentication_header
|
|
81
|
-
|
|
81
|
+
if !ENV['MSI_VM'].nil? && ENV['MSI_VM'].downcase == 'true'
|
|
82
|
+
acquire_token if token_expired
|
|
83
|
+
else
|
|
84
|
+
acquire_token_from_imds_with_retry if token_expired
|
|
85
|
+
end
|
|
82
86
|
"#{token_type} #{token}"
|
|
83
87
|
end
|
|
84
88
|
|
|
85
89
|
private
|
|
86
90
|
|
|
91
|
+
def append_header(name, value)
|
|
92
|
+
"#{name}=#{value}"
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
def acquire_token_from_imds_with_retry
|
|
96
|
+
token_acquire_url = IMDS_TOKEN_ACQUIRE_URL.dup + "?" + append_header('resource', ERB::Util.url_encode(@settings.token_audience)) + '&' + append_header('api-version', '2018-02-01')
|
|
97
|
+
token_acquire_url = (token_acquire_url + '&' + append_header('client_id', @client_id)) unless @client_id.nil?
|
|
98
|
+
token_acquire_url = (token_acquire_url + '&' + append_header('object_id', @object_id)) unless @object_id.nil?
|
|
99
|
+
token_acquire_url = (token_acquire_url + '&' + append_header('msi_res_id', @msi_res_id)) unless @msi_res_id.nil?
|
|
100
|
+
url = URI.parse(token_acquire_url)
|
|
101
|
+
|
|
102
|
+
connection = Faraday.new(:url => url, :ssl => MsRest.ssl_options) do |builder|
|
|
103
|
+
builder.adapter Faraday.default_adapter
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
retry_value = 1
|
|
107
|
+
max_retry = 20
|
|
108
|
+
response = nil
|
|
109
|
+
|
|
110
|
+
slots = []
|
|
111
|
+
(0..max_retry-1).each do |i|
|
|
112
|
+
slots << (100 * ((2 << i) - 1) /1000.to_f)
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
while retry_value <= max_retry
|
|
116
|
+
response = connection.get do |request|
|
|
117
|
+
request.headers['Metadata'] = 'true'
|
|
118
|
+
request.headers['User-Agent'] = "Azure-SDK-For-Ruby/ms_rest_azure/#{MsRestAzure::VERSION}"
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
if response.status == 429
|
|
122
|
+
puts slots.inspect
|
|
123
|
+
wait = slots[0..retry_value].sample
|
|
124
|
+
wait = wait < 1 ? 3 : wait
|
|
125
|
+
sleep(wait)
|
|
126
|
+
retry_value += 1
|
|
127
|
+
elsif response.status != 200
|
|
128
|
+
fail AzureOperationError, "Couldn't acquire access token from Managed Service Identity, please verify your tenant id, port and settings"
|
|
129
|
+
else
|
|
130
|
+
break
|
|
131
|
+
end
|
|
132
|
+
end
|
|
133
|
+
|
|
134
|
+
if retry_value > max_retry
|
|
135
|
+
fail AzureOperationError, "MSI: Failed to acquire tokens after #{max_retry} times"
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
response_body = JSON.load(response.body)
|
|
139
|
+
@token = response_body['access_token']
|
|
140
|
+
@token_expires_on = Time.at(Integer(response_body['expires_on']))
|
|
141
|
+
@token_type = response_body['token_type']
|
|
142
|
+
end
|
|
143
|
+
|
|
87
144
|
#
|
|
88
145
|
# Checks whether token is about to expire.
|
|
89
146
|
#
|
|
@@ -144,4 +201,5 @@ module MsRestAzure
|
|
|
144
201
|
end
|
|
145
202
|
end
|
|
146
203
|
|
|
147
|
-
end
|
|
204
|
+
end
|
|
205
|
+
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ms_rest_azure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.10.
|
|
4
|
+
version: 0.10.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Microsoft Corporation
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-
|
|
11
|
+
date: 2018-04-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -142,7 +142,7 @@ metadata:
|
|
|
142
142
|
changelog_uri: https://github.com/Azure/azure-sdk-for-ruby/blob/master/runtime/ms_rest_azure/CHANGELOG.md
|
|
143
143
|
documentation_uri: https://azure.microsoft.com/en-us/develop/ruby/
|
|
144
144
|
homepage_uri: https://aka.ms/azure-sdk-for-ruby
|
|
145
|
-
source_code_uri: https://github.com/Azure/azure-sdk-for-ruby/tree/ms_rest_azure-v0.10.
|
|
145
|
+
source_code_uri: https://github.com/Azure/azure-sdk-for-ruby/tree/ms_rest_azure-v0.10.4
|
|
146
146
|
post_install_message:
|
|
147
147
|
rdoc_options: []
|
|
148
148
|
require_paths:
|