Module: AgentHarness::Authentication

Defined in:
lib/agent_harness/authentication.rb

Overview

Authentication management for CLI agent providers

Provides methods for checking auth status, generating OAuth URLs, and refreshing credentials for providers that support it.

Class Method Summary collapse

Class Method Details

.auth_status(provider_name) ⇒ Hash

Get detailed authentication status for a provider

Parameters:

  • provider_name (Symbol)

    the provider name

Returns:

  • (Hash)

    status with :valid, :expires_at, :error keys



28
29
30
31
32
33
34
35
36
 
# File 'lib/agent_harness/authentication.rb', line 28

def auth_status(provider_name)
  provider_name = provider_name.to_sym
  case provider_name
  when :claude, :anthropic
    claude_auth_status
  else
    generic_auth_status(provider_name)
  end
end

.auth_url(provider_name) ⇒ String

Generate an OAuth URL for a provider

Only supported for :oauth auth type providers.

Parameters:

  • provider_name (Symbol)

    the provider name

Returns:

  • (String)

    the OAuth authorization URL

Raises:

  • (NotImplementedError)

    if provider doesn’t support OAuth



45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/agent_harness/authentication.rb', line 45

def auth_url(provider_name)
  provider_name = provider_name.to_sym
  provider = resolve_provider(provider_name)

  unless provider.auth_type == :oauth
    raise NotImplementedError,
      "Provider #{provider_name} uses #{provider.auth_type} auth and does not support OAuth URL generation"
  end

  case provider_name
  when :claude, :anthropic
    claude_auth_url
  else
    raise NotImplementedError,
      "OAuth URL generation is not yet implemented for provider #{provider_name}"
  end
end

.auth_valid?(provider_name) ⇒ Boolean

Check if authentication is valid for a provider

Parameters:

  • provider_name (Symbol)

    the provider name

Returns:

  • (Boolean)

    true if auth is valid, false otherwise



19
20
21
22
 
# File 'lib/agent_harness/authentication.rb', line 19

def auth_valid?(provider_name)
  status = auth_status(provider_name)
  !!status[:valid]
end

.refresh_auth(provider_name, token: nil) ⇒ Hash

Refresh authentication credentials for a provider

For OAuth providers, stores a pre-exchanged token directly. This method accepts a token (not an authorization code) because the OAuth code-exchange flow is provider-specific and should be handled by the caller or a CLI login command before calling this. For API key providers, raises NotImplementedError.

Parameters:

  • provider_name (Symbol)

    the provider name

  • token (String) (defaults to: nil)

    OAuth token to store (must be non-blank)

Returns:

  • (Hash)

    result with :success key

Raises:

  • (NotImplementedError)

    if provider doesn’t support credential refresh



75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 
# File 'lib/agent_harness/authentication.rb', line 75

def refresh_auth(provider_name, token: nil)
  provider_name = provider_name.to_sym
  provider = resolve_provider(provider_name)

  unless provider.auth_type == :oauth
    raise NotImplementedError,
      "Provider #{provider_name} uses #{provider.auth_type} auth and does not support credential refresh"
  end

  case provider_name
  when :claude, :anthropic
    refresh_claude_auth(token: token)
  else
    raise NotImplementedError,
      "Credential refresh is not yet implemented for provider #{provider_name}"
  end
end