Class: KeyVault::Auth

Inherits:
Object
  • Object
show all
Defined in:
lib/key_vault/auth.rb

Overview

Authenticater for Azure Key Vault

Instance Method Summary collapse

Constructor Details

#initialize(tenant_id, client_id, client_secret) ⇒ Auth

Create authenticator using Azure principal

Parameters:

tenant_id

Azure tenant id

client_id

Azure client id or (key)

client_secret

Azure client secret


11
12
13
14
15
# File 'lib/key_vault/auth.rb', line 11

def initialize(tenant_id, client_id, client_secret)
  @tenant_id = tenant_id
  @client_id = client_id
  @client_secret = client_secret
end

Instance Method Details

#bearer_tokenObject

Authenticates with Azure using OAUTH 2.0

Returns:

A string containing the bearer token for insertion into request headers

Raises:

ArgumentError

If the authentication request format is invalid

KeyVault::Unauthorized

If authentication fails authorization


23
24
25
26
27
28
29
30
31
32
33
34
# File 'lib/key_vault/auth.rb', line 23

def bearer_token
  result = RestClient::Request.execute(method: :post,
                                       url: url,
                                       payload: body,
                                       headers: headers)
  token_resp = JSON.parse(result)
  "Bearer #{token_resp['access_token']}"
rescue RestClient::BadRequest
  raise ArgumentError, 'Could not authenticate to Azure (Bad Request)'
rescue RestClient::Unauthorized
  raise KeyVault::Unauthorized
end