Module: XeroKiwi::Identity
- Defined in:
- lib/xero_kiwi/identity.rb
Overview
Internal helpers for talking to Xero’s identity infrastructure (the OAuth authorisation server at login.xero.com and the token/JWKS endpoints at identity.xero.com). Used by both XeroKiwi::TokenRefresher and XeroKiwi::OAuth —they POST to the same /connect/token endpoint with the same Basic auth header, just different grant types.
Constant Summary collapse
- URL =
"https://identity.xero.com"- AUTHORIZE_URL =
"https://login.xero.com/identity/connect/authorize"- TOKEN_PATH =
"/connect/token"- REVOKE_PATH =
"/connect/revocation"- JWKS_PATH =
"/.well-known/openid-configuration/jwks"- JWKS_URL =
"#{URL}#{JWKS_PATH}".freeze
Class Method Summary collapse
- .basic_auth_header(client_id, client_secret) ⇒ Object
-
.build_http(adapter: nil) ⇒ Object
Builds a Faraday connection configured for the Xero identity host: JSON response parsing and our exception mapping.
Class Method Details
.basic_auth_header(client_id, client_secret) ⇒ Object
35 36 37 38 |
# File 'lib/xero_kiwi/identity.rb', line 35 def basic_auth_header(client_id, client_secret) encoded = Base64.strict_encode64("#{client_id}:#{client_secret}") "Basic #{encoded}" end |
.build_http(adapter: nil) ⇒ Object
Builds a Faraday connection configured for the Xero identity host: JSON response parsing and our exception mapping. No retry middleware — token endpoints aren’t subject to the same rate limits as the API, and retrying a failed token call usually masks a real configuration problem instead of fixing a transient one.
27 28 29 30 31 32 33 |
# File 'lib/xero_kiwi/identity.rb', line 27 def build_http(adapter: nil) Faraday.new(url: URL) do |f| f.use Client::ResponseHandler f.response :json, content_type: /\bjson/ f.adapter(adapter || Faraday.default_adapter) end end |