Class: Teams::Auth::TokenManager

Inherits:
Object
  • Object
show all
Defined in:
lib/teams/auth/token_manager.rb

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(credentials:, cloud: PUBLIC_CLOUD, http: nil) ⇒ TokenManager

Returns a new instance of TokenManager.



10
11
12
13
14
15
16
17
18
19
# File 'lib/teams/auth/token_manager.rb', line 10

def initialize(credentials:, cloud: PUBLIC_CLOUD, http: nil)
  @credentials = credentials
  @cloud = cloud
  @http = http || Common::HttpClient.new
  @tokens = {}
  # One app-wide manager is shared across request threads; the mutex
  # prevents concurrent refreshes of the same token (the other SDKs
  # get this from MSAL, which locks internally).
  @mutex = Mutex.new
end

Instance Attribute Details

#cloudObject (readonly)

Returns the value of attribute cloud.



8
9
10
# File 'lib/teams/auth/token_manager.rb', line 8

def cloud
  @cloud
end

#credentialsObject (readonly)

Returns the value of attribute credentials.



8
9
10
# File 'lib/teams/auth/token_manager.rb', line 8

def credentials
  @credentials
end

#httpObject (readonly)

Returns the value of attribute http.



8
9
10
# File 'lib/teams/auth/token_manager.rb', line 8

def http
  @http
end

Class Method Details

.from_env(client_id: ENV["CLIENT_ID"], client_secret: ENV["CLIENT_SECRET"], tenant_id: ENV["TENANT_ID"], cloud: PUBLIC_CLOUD, http: nil) ⇒ Object



21
22
23
24
25
26
27
28
29
30
31
32
33
# File 'lib/teams/auth/token_manager.rb', line 21

def self.from_env(
  client_id: ENV["CLIENT_ID"],
  client_secret: ENV["CLIENT_SECRET"],
  tenant_id: ENV["TENANT_ID"],
  cloud: PUBLIC_CLOUD,
  http: nil
)
  credentials = if client_id && client_secret
    ClientSecretCredentials.new(client_id:, client_secret:, tenant_id:)
  end

  new(credentials:, cloud:, http:)
end

Instance Method Details

#bot_tokenObject



39
40
41
# File 'lib/teams/auth/token_manager.rb', line 39

def bot_token
  token_for(cloud.bot_scope, credentials&.tenant_id || cloud.)
end

#client_idObject



35
36
37
# File 'lib/teams/auth/token_manager.rb', line 35

def client_id
  credentials&.client_id
end

#token_for(scope, tenant_id) ⇒ Object



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'lib/teams/auth/token_manager.rb', line 43

def token_for(scope, tenant_id)
  @mutex.synchronize do
    cached = @tokens[[scope, tenant_id]]
    return cached.value if cached && !cached.expired?

    raise ConfigurationError, "CLIENT_ID and CLIENT_SECRET are required" unless credentials

    response = http.post(
      "#{cloud.}/#{tenant_id}/oauth2/v2.0/token",
      body: URI.encode_www_form(
        client_id: credentials.client_id,
        client_secret: credentials.client_secret,
        scope:,
        grant_type: "client_credentials"
      ),
      headers: { "Content-Type" => "application/x-www-form-urlencoded" }
    )

    access_token = response.fetch("access_token")
    @tokens[[scope, tenant_id]] = Token.new(access_token)
    access_token
  end
end