Class: Legate::Auth::Coordinators::ServiceAccountCoordinator

Inherits:
Legate::Auth::Coordinator show all
Defined in:
lib/legate/auth/coordinators/service_account_coordinator.rb

Overview

ServiceAccountCoordinator handles non-interactive service account authentication with automatic token exchange and refresh. Unlike OAuth2 coordinators, service account authentication does not require user interaction.

Defined Under Namespace

Modules: Steps

Constant Summary

Constants inherited from Legate::Auth::Coordinator

Legate::Auth::Coordinator::DEFAULT_TIMEOUT

Instance Attribute Summary

Attributes inherited from Legate::Auth::Coordinator

#error, #result, #status

Instance Method Summary collapse

Methods inherited from Legate::Auth::Coordinator

#cancel, #complete?, #resume, #start, #success?

Constructor Details

#initialize(scheme:, credential:, session_service:, token_store: nil, timeout: DEFAULT_TIMEOUT) ⇒ ServiceAccountCoordinator

Initialize a new Service Account coordinator

Parameters:

Raises:

  • (ArgumentError) 


26
27
28
29
30
31
32
33
34
 
# File 'lib/legate/auth/coordinators/service_account_coordinator.rb', line 26

def initialize(scheme:, credential:, session_service:, token_store: nil, timeout: DEFAULT_TIMEOUT)
  super(scheme: scheme, credential: credential, session_service: session_service, token_store: token_store, timeout: timeout)

  raise ArgumentError, "Expected a ServiceAccount scheme, got #{scheme.class}" unless scheme.is_a?(Legate::Auth::Schemes::ServiceAccount)

  raise ArgumentError, "Credential must have auth_type :service_account, got #{credential.auth_type}" unless credential.auth_type.to_sym == :service_account

  @current_step = Steps::TOKEN_EXCHANGE
end