Class: Google::Auth::IDTokens::HttpKeySource

Inherits:

Object

• Object
• Google::Auth::IDTokens::HttpKeySource

Defined in:

lib/googleauth/id_tokens/key_sources.rb

Overview

A base key source that downloads keys from a URI. Subclasses should override #interpret_json to parse the response.

Direct Known Subclasses

JwkHttpKeySource, X509CertHttpKeySource

Constant Summary

DEFAULT_RETRY_INTERVAL =

The default interval between retries in seconds (3600s = 1hr).

Returns:

3600

Instance Attribute Summary

• #current_keys ⇒ Array<KeyInfo> readonly

  Return the current keys, without attempting to re-download.

• #uri ⇒ Array<KeyInfo> readonly

  The URI from which to download keys.

Instance Method Summary

• #initialize(uri, retry_interval: nil) ⇒ HttpKeySource constructor

  Create an HTTP key source.

• #refresh_keys ⇒ Array<KeyInfo>

  Attempt to re-download keys (if the retry interval has expired) and return the new keys.

Constructor Details

#initialize(uri, retry_interval: nil) ⇒ HttpKeySource

Create an HTTP key source.

Parameters:

• The URI from which to download keys.

• (defaults to: nil)

  Override the retry interval in seconds. This is the minimum time between retries of failed key downloads.

# File 'lib/googleauth/id_tokens/key_sources.rb', line 238

def initialize uri, retry_interval: nil
  @uri = URI uri
  @retry_interval = retry_interval || DEFAULT_RETRY_INTERVAL
  @allow_refresh_at = Time.now
  @current_keys = []
  @monitor = Monitor.new
end

Instance Attribute Details

#current_keys ⇒ Array<KeyInfo> (readonly)

Return the current keys, without attempting to re-download.

Returns:

# File 'lib/googleauth/id_tokens/key_sources.rb', line 257

def current_keys
  @current_keys
end

#uri ⇒ Array<KeyInfo> (readonly)

The URI from which to download keys.

Returns:

# File 'lib/googleauth/id_tokens/key_sources.rb', line 250

def uri
  @uri
end

Instance Method Details

#refresh_keys ⇒ Array<KeyInfo>

Attempt to re-download keys (if the retry interval has expired) and return the new keys.

Returns:

Raises:

• If key retrieval fails, JSON parsing fails, or the data cannot be interpreted as keys

# File 'lib/googleauth/id_tokens/key_sources.rb', line 267

def refresh_keys
  @monitor.synchronize do
    return @current_keys if Time.now < @allow_refresh_at
    @allow_refresh_at = Time.now + @retry_interval

    response = Net::HTTP.get_response uri
    raise KeySourceError, "Unable to retrieve data from #{uri}" unless response.is_a? Net::HTTPSuccess

    data = begin
      JSON.parse response.body
    rescue JSON::ParserError
      raise KeySourceError, "Unable to parse JSON"
    end

    @current_keys = Array(interpret_json(data))
  end
end