Module: Legion::API::Token

Defined in:

lib/legion/api/token.rb

Class Method Summary

• .issue_human_token(msid:, name: nil, roles: [], ttl: 28_800) ⇒ Object
• .issue_worker_token(worker_id:, owner_msid:, ttl: 3600) ⇒ Object
• .signing_key ⇒ Object

Class Method Details

.issue_human_token(msid:, name: nil, roles: [], ttl: 28_800) ⇒ Object

# File 'lib/legion/api/token.rb', line 15

def self.issue_human_token(msid:, name: nil, roles: [], ttl: 28_800)
  Legion::Crypt::JWT.issue(
    { sub: msid, name: name, roles: roles, scope: 'human' },
    signing_key: signing_key,
    ttl:         ttl,
    issuer:      'legion'
  )
end

.issue_worker_token(worker_id:, owner_msid:, ttl: 3600) ⇒ Object

# File 'lib/legion/api/token.rb', line 6

def self.issue_worker_token(worker_id:, owner_msid:, ttl: 3600)
  Legion::Crypt::JWT.issue(
    { worker_id: worker_id, sub: owner_msid, scope: 'worker' },
    signing_key: signing_key,
    ttl:         ttl,
    issuer:      'legion'
  )
end

.signing_key ⇒ Object

# File 'lib/legion/api/token.rb', line 24

def self.signing_key
  return Legion::Crypt.cluster_secret if defined?(Legion::Crypt) && Legion::Crypt.respond_to?(:cluster_secret)

  raise 'no signing key available - Legion::Crypt not initialized'
end