Sha256: c2f81de9fbfdec544cd6391bca5fe53a3a6dba49384d7de2bf306e94cd728856
Contents?: true
Size: 1.94 KB
Versions: 2
Compression:
Stored size: 1.94 KB
Contents
# frozen_string_literal: true
require "aws-cognito-srp"
module FmRest
module Cloud
class ClarisIdTokenManager
include TokenStore
COGNITO_CLIENT_ID = "4l9rvl4mv5es1eep1qe97cautn"
COGNITO_POOL_ID = "us-west-2_NqkuZcXQY"
AWS_REGION = "us-west-2"
TOKEN_STORE_PREFIX = "claris-cognito"
def initialize(settings)
@settings = settings
end
def fetch_token
if token = token_store.load(token_store_key)
return token
end
tokens = get_cognito_tokens
token_store.store(token_store_key, tokens.id_token)
token_store.store(token_store_key(:refresh), tokens.refresh_token) if tokens.refresh_token
tokens.id_token
end
def expire_token
token_store.delete(token_store_key)
end
private
def get_cognito_tokens
# Use refresh mechanism first if we have a refresh token
refresh_cognito_token || cognito_srp_client.authenticate
end
def refresh_cognito_token
return unless refresh_token = token_store.load(token_store_key(:refresh))
begin
cognito_srp_client.refresh_tokens(refresh_token)
rescue Aws::CognitoIdentityProvider::Errors::NotAuthorizedException
nil
end
end
def cognito_srp_client
@cognito_srp_client ||=
Aws::CognitoSrp.new(
username: @settings.username!,
password: @settings.password!,
pool_id: @settings.cognito_pool_id || COGNITO_POOL_ID,
client_id: @settings.cognito_client_id || COGNITO_CLIENT_ID,
aws_client: Aws::CognitoIdentityProvider::Client.new(region: @settings.aws_region || AWS_REGION)
)
end
def token_store_key(token_type = :id)
"#{TOKEN_STORE_PREFIX}:#{token_type}:#{@settings.username!}"
end
def token_store_option
@settings.token_store || FmRest.token_store
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| fmrest-cloud-0.19.0 | lib/fmrest/cloud/claris_id_token_manager.rb |
| fmrest-cloud-0.19.0.rc1 | lib/fmrest/cloud/claris_id_token_manager.rb |