Class: Candid::Auth::Default::Client

Inherits:

Object

• Object
• Candid::Auth::Default::Client

Defined in:

lib/candid/auth/default/client.rb

Instance Method Summary

• #get_token(request_options: {}, **params) ⇒ Candid::Auth::Default::Types::AuthGetTokenResponse

  <Callout intent=“info”> Candid Health SDKs automatically handle authentication workflows after configuring them with the ‘client_id` and `client_secret`.

• #initialize(client:, base_url: nil, environment: nil) ⇒ void constructor

Constructor Details

#initialize(client:, base_url: nil, environment: nil) ⇒ void

Parameters:

• client (Candid::Internal::Http::RawClient)
• base_url (String, nil) (defaults to: nil)
• environment (Hash[Symbol, String], nil) (defaults to: nil)

# File 'lib/candid/auth/default/client.rb', line 12

def initialize(client:, base_url: nil, environment: nil)
  @client = client
  @base_url = base_url
  @environment = environment
end

Instance Method Details

#get_token(request_options: {}, **params) ⇒ Candid::Auth::Default::Types::AuthGetTokenResponse

<Callout intent=“info”> Candid Health SDKs automatically handle authentication workflows after configuring them with the ‘client_id` and `client_secret`. </Callout>

Candid Health utilizes the [OAuth 2.0 bearer token authentication scheme](developer.mozilla.org/en-US/docs/Web/HTTP/Authentication) in our auth flow. You obtain the bearer token for all subsequent API requests via the ‘/auth/v2/token` endpoint defined below, which requires you to provide your `client_id` and `client_secret`. Your `client_id` and `client_secret` can be [generated](support.joincandidhealth.com/hc/en-us/articles/23065219476244–Generating-Candid-API-Keys) from the “Users & Credentials” tab by your org admin.

The ‘/auth/v2/token` endpoint accepts both `Content-Type: application/json` and `Content-Type: application/x-www-form-urlencoded`. The request body should contain the `client_id` and `client_secret` as follows:

“‘json

"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET"

“‘ or as URL-encoded form data:

“‘ client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET “`

The bearer token is a signed [JWT](jwt.io/). The public key for the JWT can be found [here](candidhealth.auth0.com/pem) for any verification workflows.

The bearer token should be provided in the ‘Authorization` header for all subsequent API calls.

<Callout intent=“warning”> The bearer token expires 5 hours after it has been created. After it has expired, the client will receive an “HTTP 401 Unauthorized” error, at which point the client should generate a new token. It is important that tokens be reused between requests; if the client attempts to generate a token too often, it will be rate-limited and will receive an ‘HTTP 429 Too Many Requests` error. </Callout>

Parameters:

• request_options (Hash) (defaults to: {})
• params (Candid::Auth::Default::Types::AuthGetTokenRequest)

Options Hash (request_options:):

• :base_url (String)
• :additional_headers (Hash{String => Object})
• :additional_query_parameters (Hash{String => Object})
• :additional_body_parameters (Hash{String => Object})
• :timeout_in_seconds (Integer)

Returns:

• (Candid::Auth::Default::Types::AuthGetTokenResponse)

# File 'lib/candid/auth/default/client.rb', line 71

def get_token(request_options: {}, **params)
  params = Candid::Internal::Types::Utils.normalize_keys(params)
  request = Candid::Internal::JSON::Request.new(
    base_url: request_options[:base_url] || @base_url || @environment&.dig(:candid_api),
    method: "POST",
    path: "/api/auth/v2/token",
    body: Candid::Auth::Default::Types::AuthGetTokenRequest.new(params).to_h,
    request_options: request_options
  )
  begin
    response = @client.send(request)
  rescue Net::HTTPRequestTimeout
    raise Candid::Errors::TimeoutError
  end
  code = response.code.to_i
  if code.between?(200, 299)
    Candid::Auth::Default::Types::AuthGetTokenResponse.load(response.body)
  else
    error_class = Candid::Errors::ResponseError.subclass_for_code(code)
    raise error_class.new(response.body, code: code)
  end
end