Class: OCI::KeyManagement::KmsCryptoClient

Inherits:

Object

• Object
• OCI::KeyManagement::KmsCryptoClient

Defined in:

lib/oci/key_management/kms_crypto_client.rb

Overview

API for managing and performing operations with keys and vaults.

Instance Attribute Summary

• #api_client ⇒ OCI::ApiClient readonly

  Client used to make HTTP requests.

• #endpoint ⇒ String readonly

  Fully qualified endpoint URL.

• #retry_config ⇒ OCI::Retry::RetryConfig readonly

  The default retry configuration to apply to all operations in this service client.

Instance Method Summary

• #decrypt(decrypt_data_details, opts = {}) ⇒ Response

  Decrypts data using the given DecryptDataDetails resource.

• #encrypt(encrypt_data_details, opts = {}) ⇒ Response

  Encrypts data using the given EncryptDataDetails resource.

• #generate_data_encryption_key(generate_key_details, opts = {}) ⇒ Response

  Generates a key that you can use to encrypt or decrypt data.

• #initialize(config: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ KmsCryptoClient constructor

  Creates a new KmsCryptoClient.

• #logger ⇒ Logger

  The logger for this client.

Constructor Details

#initialize(config: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ KmsCryptoClient

Creates a new KmsCryptoClient. Notes:

If a config is not specified, then the global OCI.config will be used.

This client is not thread-safe

Parameters:

• config (Config) (defaults to: nil) —

  A Config object.

• endpoint (String) (defaults to: nil) —

  The fully qualified endpoint URL

• signer (OCI::BaseSigner) (defaults to: nil) —

  A signer implementation which can be used by this client. If this is not provided then a signer will be constructed via the provided config. One use case of this parameter is instance principals authentication, so that the instance principals signer can be provided to the client

• proxy_settings (OCI::ApiClientProxySettings) (defaults to: nil) —

  If your environment requires you to use a proxy server for outgoing HTTP requests the details for the proxy can be provided in this parameter

• retry_config (OCI::Retry::RetryConfig) (defaults to: nil) —

  The retry configuration for this service client. This represents the default retry configuration to apply across all operations. This can be overridden on a per-operation basis. The default retry configuration value is ‘nil`, which means that an operation will not perform any retries

# File 'lib/oci/key_management/kms_crypto_client.rb', line 42

def initialize(config: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil)
  raise 'A fully qualified endpoint URL must be defined' unless endpoint

  @endpoint = endpoint + '/'

  # If the signer is an InstancePrincipalsSecurityTokenSigner and no config was supplied (which is valid for instance principals)
  # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals
  # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then
  # pass it to this constructor.
  #
  # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid
  # so try and load the config from the default file.
  config ||= OCI.config unless signer.is_a?(OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner)
  config ||= OCI::Config.new if signer.is_a?(OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner)
  config.validate unless signer.is_a?(OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner)

  if signer.nil?
    signer = OCI::Signer.new(
      config.user,
      config.fingerprint,
      config.tenancy,
      config.key_file,
      pass_phrase: config.pass_phrase,
      private_key_content: config.key_content
    )
  end

  @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings)
  @retry_config = retry_config
  logger.info "KmsCryptoClient endpoint set to '#{@endpoint}'." if logger
end

Instance Attribute Details

#api_client ⇒ OCI::ApiClient (readonly)

Client used to make HTTP requests.

Returns:

• (OCI::ApiClient)

# File 'lib/oci/key_management/kms_crypto_client.rb', line 12

def api_client
  @api_client
end

#endpoint ⇒ String (readonly)

Fully qualified endpoint URL

Returns:

• (String)

# File 'lib/oci/key_management/kms_crypto_client.rb', line 16

def endpoint
  @endpoint
end

#retry_config ⇒ OCI::Retry::RetryConfig (readonly)

The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is ‘nil`, which means that an operation will not perform any retries

Returns:

• (OCI::Retry::RetryConfig)

# File 'lib/oci/key_management/kms_crypto_client.rb', line 22

def retry_config
  @retry_config
end

Instance Method Details

#decrypt(decrypt_data_details, opts = {}) ⇒ Response

Decrypts data using the given DecryptDataDetails resource.

Parameters:

• decrypt_data_details (OCI::KeyManagement::Models::DecryptDataDetails) —

  DecryptDataDetails

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit ‘nil` value is provided then the operation will not retry

• :opc_request_id (String) —

  Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.

Returns:

• (Response) —

  A Response object with data of type DecryptedData

# File 'lib/oci/key_management/kms_crypto_client.rb', line 96

def decrypt(decrypt_data_details, opts = {})
  logger.debug 'Calling operation KmsCryptoClient#decrypt.' if logger

  raise "Missing the required parameter 'decrypt_data_details' when calling decrypt." if decrypt_data_details.nil?

  path = '/20180608/decrypt'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(decrypt_data_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'KmsCryptoClient#decrypt') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::KeyManagement::Models::DecryptedData'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#encrypt(encrypt_data_details, opts = {}) ⇒ Response

Encrypts data using the given EncryptDataDetails resource. Plaintext included in the example request is a base64-encoded value of a UTF-8 string.

Parameters:

• encrypt_data_details (OCI::KeyManagement::Models::EncryptDataDetails) —

  EncryptDataDetails

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit ‘nil` value is provided then the operation will not retry

• :opc_request_id (String) —

  Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.

Returns:

• (Response) —

  A Response object with data of type EncryptedData

# File 'lib/oci/key_management/kms_crypto_client.rb', line 154

def encrypt(encrypt_data_details, opts = {})
  logger.debug 'Calling operation KmsCryptoClient#encrypt.' if logger

  raise "Missing the required parameter 'encrypt_data_details' when calling encrypt." if encrypt_data_details.nil?

  path = '/20180608/encrypt'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(encrypt_data_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'KmsCryptoClient#encrypt') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::KeyManagement::Models::EncryptedData'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#generate_data_encryption_key(generate_key_details, opts = {}) ⇒ Response

Generates a key that you can use to encrypt or decrypt data.

Parameters:

• generate_key_details (OCI::KeyManagement::Models::GenerateKeyDetails) —

  GenerateKeyDetails

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :retry_config (OCI::Retry::RetryConfig) —

  The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit ‘nil` value is provided then the operation will not retry

• :opc_request_id (String) —

  Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.

Returns:

• (Response) —

  A Response object with data of type GeneratedKey

# File 'lib/oci/key_management/kms_crypto_client.rb', line 210

def generate_data_encryption_key(generate_key_details, opts = {})
  logger.debug 'Calling operation KmsCryptoClient#generate_data_encryption_key.' if logger

  raise "Missing the required parameter 'generate_key_details' when calling generate_data_encryption_key." if generate_key_details.nil?

  path = '/20180608/generateDataEncryptionKey'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(generate_key_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'KmsCryptoClient#generate_data_encryption_key') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::KeyManagement::Models::GeneratedKey'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#logger ⇒ Logger

Returns The logger for this client. May be nil.

Returns:

• (Logger) —

  The logger for this client. May be nil.

# File 'lib/oci/key_management/kms_crypto_client.rb', line 76

def logger
  @api_client.config.logger
end