Class: Legate::Auth::Schemes::HTTPBearer

Inherits:

Legate::Auth::Scheme

• Object
• Legate::Auth::Scheme
• Legate::Auth::Schemes::HTTPBearer

Defined in:

lib/legate/auth/schemes/http_bearer.rb

Overview

HTTP Bearer authentication scheme. This scheme applies a bearer token to requests via the Authorization header.

Instance Method Summary

• #apply_to_request(request, credential) ⇒ Hash

  Apply authentication to a request.

• #exchange_token(credential) ⇒ Legate::Auth::ExchangedCredential

  Exchange a credential for a token.

• #scheme_type ⇒ Symbol

  Get the type of authentication scheme.

• #to_h ⇒ Hash

  Get hash representation of the scheme.

Methods inherited from Legate::Auth::Scheme

#authentication_error?, #build_authorization_uri, #refresh_token, #revoke_token, #supports_refresh?, #to_s, #validate!

Instance Method Details

#apply_to_request(request, credential) ⇒ Hash

Apply authentication to a request

Parameters:

• request (Hash) —

  The request hash to modify

• credential (Legate::Auth::Credential, Legate::Auth::ExchangedCredential) —

  The credential to use

Returns:

• (Hash) —

  The modified request with authentication applied

Raises:

• (Legate::Auth::Error) —

  If the bearer token cannot be applied

# File 'lib/legate/auth/schemes/http_bearer.rb', line 26

def apply_to_request(request, credential)
  # Create a deep copy of the request to avoid modifying the original
  request_copy = Marshal.load(Marshal.dump(request))

  # Handle the case where we get a stack object from Excon
  if request_copy.is_a?(Hash)
    if request_copy[:stack]
      # Extract the data from stack (Excon middleware format)
      %i[scheme method path host port query].each do |key|
        request_copy[key] = request_copy[:stack][key] if request_copy[:stack][key] && !request_copy[key]
      end
    end

    # Ensure headers hash exists
    request_copy[:headers] ||= {}
  end

  # Extract the bearer token from the credential
  bearer_token = extract_bearer_token(credential)
  raise Legate::Auth::Error, 'Bearer token not found in credential' unless bearer_token

  # Apply the bearer token to the Authorization header
  validate_header_value!(bearer_token, 'Bearer token')
  request_copy[:headers]['Authorization'] = "Bearer #{bearer_token}"
  request_copy
end

#exchange_token(credential) ⇒ Legate::Auth::ExchangedCredential

Exchange a credential for a token

Parameters:

• credential (Legate::Auth::Credential) —

  The credential to exchange

Returns:

• (Legate::Auth::ExchangedCredential) —

  The exchanged token

Raises:

• (Legate::Auth::TokenExchangeError)

# File 'lib/legate/auth/schemes/http_bearer.rb', line 56

def exchange_token(credential)
  # For bearer tokens, we simply create a "token" that wraps the bearer token
  # This is useful for token management consistency
  bearer_token = extract_bearer_token(credential)
  raise Legate::Auth::TokenExchangeError, 'Bearer token not found in credential' unless bearer_token

  # Create a simple exchanged credential that never expires
  Legate::Auth::ExchangedCredential.new(
    auth_type: :http_bearer,
    access_token: bearer_token
  )
end

#scheme_type ⇒ Symbol

Get the type of authentication scheme

Returns:

• (Symbol) —

  The scheme type identifier

# File 'lib/legate/auth/schemes/http_bearer.rb', line 17

def scheme_type
  :http_bearer
end

#to_h ⇒ Hash

Get hash representation of the scheme

Returns:

• (Hash) —

  Scheme configuration as a hash

# File 'lib/legate/auth/schemes/http_bearer.rb', line 71

def to_h
  {
    type: scheme_type
  }
end