Module: Legate::Auth::ToolContextExtension

Included in:
ToolContext
Defined in:
lib/legate/auth/tool_context_extension.rb

Overview

Extension for Legate::ToolContext that adds fiber-based authentication support This module is meant to be included in the Legate::ToolContext class to add authentication-related methods for tools.

Instance Method Summary collapse

Instance Method Details

#auth_runnerLegate::Auth::Runner

Get or create an authentication runner for this context

Returns:



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/legate/auth/tool_context_extension.rb', line 15

def auth_runner
  @auth_runner ||= begin
    # Create the token store
    token_store = get_token_store

    # Create a token manager
    token_manager = Legate::Auth::TokenManager.new(token_store)

    # Create the runner
    Legate::Auth::Runner.new(
      session_service: session_service,
      token_store: token_store,
      token_manager: token_manager
    )
  end
end

#auth_session(scheme, credential, **options) ⇒ Legate::Auth::ExchangedCredential

Start an authentication session

Parameters:

Returns:

Raises:

  • (NotImplementedError) 


68
69
70
71
72
73
 
# File 'lib/legate/auth/tool_context_extension.rb', line 68

def auth_session(scheme, credential, **options)
  # This method will be dynamically replaced by the auth_runner when
  # running in a fiber context. This implementation is just for fallback
  # when not running in a fiber.
  raise NotImplementedError, 'Authentication session not available outside of with_authentication block'
end

#cancel_auth_flow(request_id, reason = nil) ⇒ Boolean

Cancel an authentication flow (for tools that handle responses)

Parameters:

  • request_id (String)

    The request ID

  • reason (String, nil) (defaults to: nil)

    Optional reason for cancellation

Returns:

  • (Boolean)

    True if the flow was successfully cancelled



88
89
90
91
 
# File 'lib/legate/auth/tool_context_extension.rb', line 88

def cancel_auth_flow(request_id, reason = nil)
  runner = auth_runner
  runner.cancel_auth_flow(request_id, reason)
end

#get_token_storeLegate::Auth::TokenStore

Get a token store for this context

Returns:



34
35
36
37
38
39
40
41
42
 
# File 'lib/legate/auth/tool_context_extension.rb', line 34

def get_token_store
  @token_store ||= if session_service.respond_to?(:scoped_state_container)
                     Legate::Auth::TokenStore.new(session_service)
                   elsif defined?(Legate::Auth) && Legate::Auth.respond_to?(:token_store)
                     Legate::Auth.token_store
                   else
                     Legate::Auth::TokenStore.new
                   end
end

#handle_auth_response(request_id, response) ⇒ Hash

Handle an authentication response (for tools that handle responses)

Parameters:

  • request_id (String)

    The request ID

  • response (Hash)

    The response

Returns:

  • (Hash)

    The result of handling the response



79
80
81
82
 
# File 'lib/legate/auth/tool_context_extension.rb', line 79

def handle_auth_response(request_id, response)
  runner = auth_runner
  runner.handle_auth_response(request_id, response)
end

#with_authentication { ... } ⇒ Object

Run a block with authentication support

Parameters:

  • handler (Proc, nil)

    Optional handler for authentication requests

Yields:

  • The block to run

Returns:

  • (Object)

    The result of the block

Raises:

  • (ArgumentError) 


48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/legate/auth/tool_context_extension.rb', line 48

def with_authentication(&block)
  raise ArgumentError, 'Block is required' unless block_given?

  # Get or create the authentication runner
  runner = auth_runner

  # Run the block with authentication support
  runner.run(block, self) do |auth_request|
    # Here we return nil to indicate that the auth request should be yielded
    # to the tool's caller for handling. In a real implementation, this could
    # handle authentication UI or delegate to another component.
    nil
  end
end