Class: A2A::Client::Auth::OAuth2

Inherits:

Object

• Object
• A2A::Client::Auth::OAuth2

Defined in:

lib/a2a/client/auth/oauth2.rb

Instance Attribute Summary

• #access_token ⇒ Object readonly

  Returns the value of attribute access_token.

• #client_id ⇒ Object readonly

  Returns the value of attribute client_id.

• #client_secret ⇒ Object readonly

  Returns the value of attribute client_secret.

• #expires_at ⇒ Object readonly

  Returns the value of attribute expires_at.

• #scope ⇒ Object readonly

  Returns the value of attribute scope.

• #token_url ⇒ Object readonly

  Returns the value of attribute token_url.

Instance Method Summary

• #apply_to_request(request) ⇒ Object

  Apply authentication to a Faraday request.

• #authorization_header ⇒ String

  Get authorization header value.

• #clear_token! ⇒ Object

  Clear the current token (force re-authentication).

• #initialize(client_id:, client_secret:, token_url:, scope: nil) ⇒ OAuth2 constructor

  Initialize OAuth2 authentication.

• #refresh_token ⇒ Object private

  Refresh the access token using client credentials flow.

• #refresh_token! ⇒ String

  Force refresh the access token.

• #token ⇒ String

  Get a valid access token, refreshing if necessary.

• #token_expired? ⇒ Boolean private

  Check if the token is expired.

• #token_valid? ⇒ Boolean

  Check if the current token is valid.

Constructor Details

#initialize(client_id:, client_secret:, token_url:, scope: nil) ⇒ OAuth2

Initialize OAuth2 authentication

Parameters:

• OAuth2 client ID

• OAuth2 client secret

• OAuth2 token endpoint URL

• (defaults to: nil)

  Optional scope for the token

# File 'lib/a2a/client/auth/oauth2.rb', line 26

def initialize(client_id:, client_secret:, token_url:, scope: nil)
  @client_id = client_id
  @client_secret = client_secret
  @token_url = token_url
  @scope = scope
  @access_token = nil
  @expires_at = nil
  @token_mutex = Mutex.new
end

Instance Attribute Details

#access_token ⇒ Object (readonly)

Returns the value of attribute access_token.

# File 'lib/a2a/client/auth/oauth2.rb', line 17

def access_token
  @access_token
end

#client_id ⇒ Object (readonly)

Returns the value of attribute client_id.

# File 'lib/a2a/client/auth/oauth2.rb', line 17

def client_id
  @client_id
end

#client_secret ⇒ Object (readonly)

Returns the value of attribute client_secret.

# File 'lib/a2a/client/auth/oauth2.rb', line 17

def client_secret
  @client_secret
end

#expires_at ⇒ Object (readonly)

Returns the value of attribute expires_at.

# File 'lib/a2a/client/auth/oauth2.rb', line 17

def expires_at
  @expires_at
end

#scope ⇒ Object (readonly)

Returns the value of attribute scope.

# File 'lib/a2a/client/auth/oauth2.rb', line 17

def scope
  @scope
end

#token_url ⇒ Object (readonly)

Returns the value of attribute token_url.

# File 'lib/a2a/client/auth/oauth2.rb', line 17

def token_url
  @token_url
end

Instance Method Details

#apply_to_request(request) ⇒ Object

Apply authentication to a Faraday request

Parameters:

• The request to authenticate

# File 'lib/a2a/client/auth/oauth2.rb', line 59

def apply_to_request(request)
  request.headers["Authorization"] = authorization_header
end

#authorization_header ⇒ String

Get authorization header value

Returns:

• The authorization header value

# File 'lib/a2a/client/auth/oauth2.rb', line 51

def authorization_header
  "Bearer #{token}"
end

#clear_token! ⇒ Object

Clear the current token (force re-authentication)

# File 'lib/a2a/client/auth/oauth2.rb', line 83

def clear_token!
  @token_mutex.synchronize do
    @access_token = nil
    @expires_at = nil
  end
end

#refresh_token ⇒ Object (private)

Refresh the access token using client credentials flow

# File 'lib/a2a/client/auth/oauth2.rb', line 105

def refresh_token
  connection = Faraday.new do |conn|
    conn.request :url_encoded
    conn.response :json
    conn.adapter Faraday.default_adapter
  end

  # Prepare request parameters
  params = {
    grant_type: "client_credentials",
    client_id: @client_id,
    client_secret: @client_secret
  }
  params[:scope] = @scope if @scope

  # Make token request
  response = connection.post(@token_url, params)

  unless response.success?
    raise A2A::Errors::AuthenticationError, "OAuth2 token request failed: #{response.status} - #{response.body}"
  end

  token_data = response.body

  unless token_data["access_token"]
    raise A2A::Errors::AuthenticationError, "OAuth2 response missing access_token: #{token_data}"
  end

  @access_token = token_data["access_token"]

  # Calculate expiration time
  expires_in = token_data["expires_in"]&.to_i || 3600 # Default to 1 hour
  @expires_at = Time.now + expires_in

  @access_token
rescue Faraday::Error => e
  raise A2A::Errors::AuthenticationError, "OAuth2 token request failed: #{e.message}"
end

#refresh_token! ⇒ String

Force refresh the access token

Returns:

• The new access token

# File 'lib/a2a/client/auth/oauth2.rb', line 75

def refresh_token!
  @token_mutex.synchronize do
    refresh_token
  end
end

#token ⇒ String

Get a valid access token, refreshing if necessary

Returns:

• The access token

# File 'lib/a2a/client/auth/oauth2.rb', line 40

def token
  @token_mutex.synchronize do
    refresh_token if token_expired?
    @access_token
  end
end

#token_expired? ⇒ Boolean (private)

Check if the token is expired

Returns:

• True if token is expired or will expire soon

# File 'lib/a2a/client/auth/oauth2.rb', line 96

def token_expired?
  return true unless @expires_at

  # Consider token expired if it expires within 30 seconds
  Time.now >= (@expires_at - 30)
end

#token_valid? ⇒ Boolean

Check if the current token is valid

Returns:

• True if token is valid and not expired

# File 'lib/a2a/client/auth/oauth2.rb', line 67

def token_valid?
  @access_token && !token_expired?
end