Class: M365ActiveStorage::Authentication

Inherits:

Object

• Object
• M365ActiveStorage::Authentication

Defined in:

lib/active_storage/authentication.rb

Overview

OAuth2 Authentication Handler

Manages OAuth2 authentication with Microsoft Azure AD to obtain and maintain access tokens for Microsoft Graph API calls.

Responsibilities

• Obtain OAuth2 access tokens using client credentials flow

• Cache tokens and automatically refresh when expired

• Handle authentication errors and retries

• Manage token lifecycle and expiration

Architecture

The Authentication class implements the OAuth2 Client Credentials flow:

1. Exchanges client ID and secret for an access token

2. Caches the token with its expiration time

3. Automatically refreshes tokens before expiration

4. Provides token to HTTP requests for API calls

Example Usage

config = M365ActiveStorage::Configuration.new(**config_params)
auth = M365ActiveStorage::Authentication.new(config)

# Ensure we have a valid token before making API calls
auth.ensure_valid_token

# Token is now available for HTTP requests
token = auth.token

See Also:

• Configuration
• Http

Instance Attribute Summary

• #config ⇒ Configuration readonly

  The SharePoint configuration.

• #token ⇒ String readonly

  The current OAuth2 access token.

• #token_expires_at ⇒ Time readonly

  The expiration time of the current token.

Instance Method Summary

• #ensure_valid_token ⇒ void

  Ensure a valid, non-expired token is available.

• #expire_token! ⇒ Time

  Force immediate token expiration.

• #initialize(config) ⇒ Authentication constructor

  Initialize the Authentication handler.

Constructor Details

#initialize(config) ⇒ Authentication

Initialize the Authentication handler

Parameters:

• config (Configuration) —

  The SharePoint configuration object containing authentication parameters (auth_host, tenant_id, app_id, secret)

# File 'lib/active_storage/authentication.rb', line 48

def initialize(config)
  @config = config
  @token = nil
  @token_expires_at = nil
end

Instance Attribute Details

#config ⇒ Configuration (readonly)

The SharePoint configuration

Returns:

• (Configuration) —

  the current value of config

# File 'lib/active_storage/authentication.rb', line 41

def config
  @config
end

#token ⇒ String (readonly)

The current OAuth2 access token

Returns:

• (String) —

  the current value of token

# File 'lib/active_storage/authentication.rb', line 41

def token
  @token
end

#token_expires_at ⇒ Time (readonly)

The expiration time of the current token

Returns:

• (Time) —

  the current value of token_expires_at

# File 'lib/active_storage/authentication.rb', line 41

def token_expires_at
  @token_expires_at
end

Instance Method Details

#ensure_valid_token ⇒ void

This method returns an undefined value.

Ensure a valid, non-expired token is available

Checks if the current token is nil or expired. If so, obtains a new token from the Azure AD authentication endpoint. This method is called automatically before making API requests.

If a valid token already exists and hasn’t expired, this method returns immediately.

Examples:

auth.ensure_valid_token  # Obtains token if needed
puts auth.token  # Token is now available

Raises:

• (StandardError) —

  if token retrieval fails

See Also:

• #token_expired?

# File 'lib/active_storage/authentication.rb', line 69

def ensure_valid_token
  return unless token.blank? || token_expired?

  obtain_app_token
end

#expire_token! ⇒ Time

Force immediate token expiration

Manually expires the current token by setting the expiration time to the past. This is useful for testing or forcing a token refresh.

Examples:

auth.expire_token!
auth.ensure_valid_token  # Will fetch a new token

Returns:

• (Time) —

  The new expiration time (1 minute in the past)

See Also:

• #ensure_valid_token

# File 'lib/active_storage/authentication.rb', line 86

def expire_token!
  @token_expires_at = Time.current - 1.minute
end