ms_rest_azure 0.10.0 → 0.10.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/ms_rest_azure/credentials/msi_token_provider.rb +45 -3
- data/lib/ms_rest_azure/version.rb +1 -1
- metadata +8 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5b98fe0324137867e177762f31508d6a0730921c
|
|
4
|
+
data.tar.gz: 47b51bff9a9f10aac58e0eca9f28158071248420
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 085b85de70909d6a8e2fea89046659fb1aa4f09989b4ab09b88bc09ba588b5b7c27cd316eec1ebeb9b2a117fc53c0baf709252c74f91c6c725c885f01a9afbb3
|
|
7
|
+
data.tar.gz: bbb9cc38742419e2572f9056b832b4e3795ea4264637795e0dfb1b867d5e6ea7119a3bfa0f0b06482f9b226aba3ef274e96838d4e7409f7f66c46ec4c3d6a180
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
##2017.12.19 ms_rest_azure version 0.10.1
|
|
2
|
+
* Added support for user assigned identity to MSITokenProvider Modified portal URLs for Azure cloud environments. Refer [Issue #1175](https://github.com/Azure/azure-sdk-for-ruby/issues/1175) for further details.
|
|
3
|
+
|
|
1
4
|
##2017.11.10 ms_rest_azure version 0.10.0
|
|
2
5
|
* Modified portal URLs for Azure cloud environments. Refer [PR #1106](https://github.com/Azure/azure-sdk-for-ruby/pull/1106) for further details.
|
|
3
6
|
* [Breaking Change] Removed Resource and SubResource classes. Refer [PR #1106](https://github.com/Azure/azure-sdk-for-ruby/pull/1106) for further details.
|
|
@@ -12,6 +12,7 @@ module MsRestAzure
|
|
|
12
12
|
|
|
13
13
|
TOKEN_ACQUIRE_URL = 'http://localhost:{port}/oauth2/token'
|
|
14
14
|
REQUEST_BODY_PATTERN = 'resource={resource_uri}'
|
|
15
|
+
USER_ASSIGNED_IDENTITY = '{id_type}={user_assigned_identity}'
|
|
15
16
|
DEFAULT_SCHEME = 'Bearer'
|
|
16
17
|
|
|
17
18
|
# @return [MSIActiveDirectoryServiceSettings] settings.
|
|
@@ -20,6 +21,15 @@ module MsRestAzure
|
|
|
20
21
|
# @return [Integer] port number where MSI service is running.
|
|
21
22
|
attr_accessor :port
|
|
22
23
|
|
|
24
|
+
# @return [String] client id for user assigned managed identity
|
|
25
|
+
attr_accessor :client_id
|
|
26
|
+
|
|
27
|
+
# @return [String] object id for user assigned managed identity
|
|
28
|
+
attr_accessor :object_id
|
|
29
|
+
|
|
30
|
+
# @return [String] ms_res id for user assigned managed identity
|
|
31
|
+
attr_accessor :msi_res_id
|
|
32
|
+
|
|
23
33
|
# @return [String] auth token.
|
|
24
34
|
attr_accessor :token
|
|
25
35
|
|
|
@@ -38,13 +48,26 @@ module MsRestAzure
|
|
|
38
48
|
# Creates and initialize new instance of the MSITokenProvider class.
|
|
39
49
|
# @param port [Integer] port number where MSI service is running.
|
|
40
50
|
# @param settings [ActiveDirectoryServiceSettings] active directory setting.
|
|
41
|
-
|
|
51
|
+
# @param msi_id [Hash] MSI id for user assigned managed service identity,
|
|
52
|
+
# msi_id = {'client_id': 'client id of user assigned identity'}
|
|
53
|
+
# or
|
|
54
|
+
# msi_id = {'object_id': 'object id of user assigned identity'}
|
|
55
|
+
# or
|
|
56
|
+
# msi_id = {'msi_rest_id': 'resource id of user assigned identity'}
|
|
57
|
+
# The above key,value pairs are mutually exclusive.
|
|
58
|
+
def initialize(port = 50342, settings = ActiveDirectoryServiceSettings.get_azure_settings, msi_id = nil)
|
|
42
59
|
fail ArgumentError, 'Port cannot be nil' if port.nil?
|
|
43
60
|
fail ArgumentError, 'Port must be an Integer' unless port.is_a? Integer
|
|
44
61
|
fail ArgumentError, 'Azure AD settings cannot be nil' if settings.nil?
|
|
62
|
+
fail ArgumentError, 'msi_id must include either client_id, object_id or msi_res_id exclusively' if (!msi_id.nil? && msi_id.length > 1)
|
|
45
63
|
|
|
46
64
|
@port = port
|
|
47
65
|
@settings = settings
|
|
66
|
+
if !msi_id.nil?
|
|
67
|
+
@client_id = msi_id[:client_id] unless msi_id[:client_id].nil?
|
|
68
|
+
@object_id = msi_id[:object_id] unless msi_id[:object_id].nil?
|
|
69
|
+
@msi_res_id = msi_id[:msi_res_id] unless msi_id[:msi_res_id].nil?
|
|
70
|
+
end
|
|
48
71
|
|
|
49
72
|
@expiration_threshold = 5 * 60
|
|
50
73
|
end
|
|
@@ -85,6 +108,9 @@ module MsRestAzure
|
|
|
85
108
|
|
|
86
109
|
request_body = REQUEST_BODY_PATTERN.dup
|
|
87
110
|
request_body['{resource_uri}'] = ERB::Util.url_encode(@settings.token_audience)
|
|
111
|
+
request_body = set_msi_id(request_body, 'client_id', @client_id) unless @client_id.nil?
|
|
112
|
+
request_body = set_msi_id(request_body, 'object_id', @object_id) unless @object_id.nil?
|
|
113
|
+
request_body = set_msi_id(request_body, 'msi_res_id', @msi_res_id) unless @msi_res_id.nil?
|
|
88
114
|
|
|
89
115
|
response = connection.post do |request|
|
|
90
116
|
request.headers['content-type'] = 'application/x-www-form-urlencoded'
|
|
@@ -93,13 +119,29 @@ module MsRestAzure
|
|
|
93
119
|
end
|
|
94
120
|
|
|
95
121
|
fail AzureOperationError,
|
|
96
|
-
|
|
122
|
+
'Couldn\'t acquire access token from Managed Service Identity, please verify your tenant id, port and settings' unless response.status == 200
|
|
97
123
|
|
|
98
124
|
response_body = JSON.load(response.body)
|
|
99
125
|
@token = response_body['access_token']
|
|
100
126
|
@token_expires_on = Time.at(Integer(response_body['expires_on']))
|
|
101
127
|
@token_type = response_body['token_type']
|
|
102
128
|
end
|
|
129
|
+
|
|
130
|
+
#
|
|
131
|
+
# Sets user assigned identity value in request body
|
|
132
|
+
# @param request_body [String] body of the request used to acquire token
|
|
133
|
+
# @param id_type [String] type of id to send 'client_id', 'object_id' or 'msi_res_id'
|
|
134
|
+
# @param id_value [String] id of the user assigned identity
|
|
135
|
+
#
|
|
136
|
+
# @return [String] new request body with the addition of <id_type>=<id_value>.
|
|
137
|
+
def set_msi_id(request_body, id_type, id_value)
|
|
138
|
+
user_assigned_identity = USER_ASSIGNED_IDENTITY.dup
|
|
139
|
+
request_body = [request_body, user_assigned_identity].join(',')
|
|
140
|
+
request_body['{id_type}'] = id_type
|
|
141
|
+
request_body['{user_assigned_identity}'] = ERB::Util.url_encode(id_value)
|
|
142
|
+
|
|
143
|
+
return request_body
|
|
144
|
+
end
|
|
103
145
|
end
|
|
104
146
|
|
|
105
|
-
end
|
|
147
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ms_rest_azure
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.10.
|
|
4
|
+
version: 0.10.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Microsoft Corporation
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-12-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -135,7 +135,12 @@ files:
|
|
|
135
135
|
homepage: https://aka.ms/ms_rest_azure
|
|
136
136
|
licenses:
|
|
137
137
|
- MIT
|
|
138
|
-
metadata:
|
|
138
|
+
metadata:
|
|
139
|
+
bug_tracker_uri: https://github.com/Azure/azure-sdk-for-ruby/issues
|
|
140
|
+
changelog_uri: https://github.com/Azure/azure-sdk-for-ruby/blob/master/runtime/ms_rest_azure/CHANGELOG.md
|
|
141
|
+
documentation_uri: https://azure.microsoft.com/en-us/develop/ruby/
|
|
142
|
+
homepage_uri: https://aka.ms/azure-sdk-for-ruby
|
|
143
|
+
source_code_uri: https://github.com/Azure/azure-sdk-for-ruby/tree/ms_rest_azure-v0.10.1
|
|
139
144
|
post_install_message:
|
|
140
145
|
rdoc_options: []
|
|
141
146
|
require_paths:
|