Class: Supabase::Auth::Api

Inherits:
Object
  • Object
show all
Defined in:
lib/supabase/auth/api.rb

Direct Known Subclasses

AdminApi, Supabase::Auth::Async::Api

Constant Summary collapse

CONTENT_TYPE = 
"application/json;charset=UTF-8"
UUID_REGEX = 
/\A[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}\z/i

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url:, headers: {}, http_client: nil, verify: true, proxy: nil, timeout: nil) ⇒ Api

Returns a new instance of Api.

Parameters:

  • url (String)

    The GoTrue API base URL

  • headers (Hash) (defaults to: {})

    Default headers to include on every request (e.g., apikey)

  • http_client (Faraday::Connection, nil) (defaults to: nil)

    Optional custom Faraday client

  • verify (Boolean) (defaults to: true)

    Verify TLS certificates (default true)

  • proxy (String, nil) (defaults to: nil)

    HTTP proxy URL

  • timeout (Numeric, nil) (defaults to: nil)

    Per-request timeout in seconds



21
22
23
24
25
26
27
28
 
# File 'lib/supabase/auth/api.rb', line 21

def initialize(url:, headers: {}, http_client: nil, verify: true, proxy: nil, timeout: nil)
  @url = url
  @headers = headers
  @http_client = http_client
  @verify = verify
  @proxy = proxy
  @timeout = timeout
end

Instance Attribute Details

#headersObject (readonly)

Returns the value of attribute headers.



13
14
15
 
# File 'lib/supabase/auth/api.rb', line 13

def headers
  @headers
end

#urlObject (readonly)

Returns the value of attribute url.



13
14
15
 
# File 'lib/supabase/auth/api.rb', line 13

def url
  @url
end

Instance Method Details

#_request(method, path, jwt: nil, body: nil, params: {}, headers: {}, redirect_to: nil, xform: nil, no_resolve_json: false) ⇒ Hash, Object

Central HTTP dispatch method. Builds URL, merges headers (including API version and Authorization), handles redirect_to as query param, parses JSON, applies optional transform, and maps errors via Helpers.handle_exception.

Parameters:

  • method (String, Symbol)

    HTTP method (GET, POST, PUT, DELETE)

  • path (String)

    Request path (relative to base URL)

  • jwt (String, nil) (defaults to: nil)

    Bearer token for Authorization header

  • body (Hash, nil) (defaults to: nil)

    Request body (serialized to JSON)

  • params (Hash) (defaults to: {})

    Query parameters

  • headers (Hash) (defaults to: {})

    Additional headers for this request

  • redirect_to (String, nil) (defaults to: nil)

    If present, added as redirect_to query param

  • xform (Proc, nil) (defaults to: nil)

    Optional transform function applied to parsed response

  • no_resolve_json (Boolean) (defaults to: false)

    If true, return raw Faraday::Response

Returns:

  • (Hash, Object)

    Parsed JSON response, transformed result, or raw response



44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
# File 'lib/supabase/auth/api.rb', line 44

def _request(method, path, jwt: nil, body: nil, params: {}, headers: {}, redirect_to: nil, xform: nil, no_resolve_json: false)
  merged_headers = @headers.merge(headers)
  merged_headers["Content-Type"] ||= CONTENT_TYPE
  merged_headers[Constants::API_VERSION_HEADER_NAME] ||= Constants::API_VERSIONS.keys.last
  merged_headers["Authorization"] = "Bearer #{jwt}" if jwt

  query = params.dup
  query["redirect_to"] = redirect_to if redirect_to

  full_path = build_path(path)
  json_body = body ? JSON.generate(body) : nil

  response = connection.run_request(method.to_s.downcase.to_sym, full_path, json_body, merged_headers) do |req|
    req.params.update(query) unless query.empty?
  end

  result = no_resolve_json ? response : parse_response(response)

  xform ? xform.call(result) : result
rescue Errors::AuthError
  # A domain error raised inside the request — typically by an `xform`
  # (e.g. JWKS parsing raising AuthInvalidJwtError) or response parsing —
  # is already the correct exception. Re-raise it unchanged. Without this
  # clause the blanket `rescue StandardError` below funnels it through
  # handle_exception, which masks every non-Faraday error as
  # AuthRetryableError(status: 0) — so callers of get_claims would see a
  # spurious "retryable" error instead of the real AuthInvalidJwtError.
  raise
rescue Faraday::Error => e
  raise Helpers.handle_exception(e)
rescue StandardError => e
  raise Helpers.handle_exception(e)
end

#_validate_uuid(id) ⇒ Object

Parameters:

  • id (String)

    UUID to validate

Raises:

  • (ArgumentError)

    if not a valid UUID format



80
81
82
83
84
 
# File 'lib/supabase/auth/api.rb', line 80

def _validate_uuid(id)
  unless id.is_a?(String) && id.match?(UUID_REGEX)
    raise ArgumentError, "Invalid id, '#{id}' is not a valid uuid"
  end
end

#delete(path, headers: {}, params: {}) ⇒ Object 



100
101
102
 
# File 'lib/supabase/auth/api.rb', line 100

def delete(path, headers: {}, params: {})
  _request(:delete, path, headers: headers, params: params)
end

#get(path, headers: {}, params: {}) ⇒ Object

Convenience methods that delegate to _request



88
89
90
 
# File 'lib/supabase/auth/api.rb', line 88

def get(path, headers: {}, params: {})
  _request(:get, path, headers: headers, params: params)
end

#post(path, body: {}, headers: {}, params: {}) ⇒ Object 



92
93
94
 
# File 'lib/supabase/auth/api.rb', line 92

def post(path, body: {}, headers: {}, params: {})
  _request(:post, path, body: body, headers: headers, params: params)
end

#put(path, body: {}, headers: {}, params: {}) ⇒ Object 



96
97
98
 
# File 'lib/supabase/auth/api.rb', line 96

def put(path, body: {}, headers: {}, params: {})
  _request(:put, path, body: body, headers: headers, params: params)
end