lib/conjur/api.rb in conjur-api-4.22.1 vs lib/conjur/api.rb in conjur-api-4.23.0

@@ -95,15 +95,14 @@
   # an {Conjur::API} instance with {Conjur::API.new_from_token}.
   #
   # @return {Conjur::API} the new api
   def conjur_api
     api = Conjur::API.new_from_token token, remote_ip
-    if conjur_privilege
-      api.with_privilege conjur_privilege
-    else
-      api
-    end
+    api = api.with_privilege(conjur_privilege) if conjur_privilege
+    api = api.with_audit_roles(audit_roles) if audit_roles
+    api = api.with_audit_resources(audit_resources) if audit_resources
+    api
   end
 
   # Get an authentication token from the clients Authorization header.
   #
   # Useful fields in the token include `"data"`, which holds the username for which the
@@ -125,9 +124,17 @@
     options[:headers][:x_forwarded_for]
   end
   
   def conjur_privilege
     options[:headers][:x_conjur_privilege]
+  end
+
+  def audit_roles
+    options[:headers][:conjur_audit_roles].try { |r| Conjur::API.decode_audit_ids(r) }
+  end
+
+  def audit_resources
+    options[:headers][:conjur_audit_resources].try { |r| Conjur::API.decode_audit_ids(r) }
   end
 
   # The username this resource authenticates as.
   #
   # @return [String] the username