lib/conjur/api.rb in conjur-api-4.16.0 vs lib/conjur/api.rb in conjur-api-4.19.0

@@ -83,11 +83,16 @@
   # when the token expires (after about 8 minutes).  This is equivalent to creating
   # an {Conjur::API} instance with {Conjur::API.new_from_token}.
   #
   # @return {Conjur::API} the new api
   def conjur_api
-    Conjur::API.new_from_token token
+    api = Conjur::API.new_from_token token, remote_ip
+    if conjur_privilege
+      api.with_privilege conjur_privilege
+    else
+      api
+    end
   end
 
   # Get an authentication token from the clients Authorization header.
   #
   # Useful fields in the token include `"data"`, which holds the username for which the
@@ -101,9 +106,17 @@
     if authorization && authorization.to_s[/^Token token="(.*)"/]
       JSON.parse(Base64.decode64($1))
     else
       raise AuthorizationError.new("Authorization missing")
     end
+  end
+  
+  def remote_ip
+    options[:headers][:x_forwarded_for]
+  end
+  
+  def conjur_privilege
+    options[:headers][:x_conjur_privilege]
   end
 
   # The username this resource authenticates as.
   #
   # @return [String] the username