lib/conjur/base.rb in conjur-api-4.25.0 vs lib/conjur/base.rb in conjur-api-4.25.1

@@ -102,11 +102,11 @@
       # @param [String] username the username to use when making authenticated requests.
       # @param [String] api_key the api key or password for `username`
       # @param [String] remote_ip the optional IP address to be recorded in the audit record.
       # @return [Conjur::API] an api that will authenticate with the given username and api key.
       def new_from_key(username, api_key, remote_ip = nil)
-        self.new username, api_key, nil, remote_ip
+        self.new.init_from_key username, api_key, remote_ip
       end
 
 
       # Create a new {Conjur::API} instance from a token issued by the
       # {http://developer.conjur.net/reference/services/authentication Conjur authentication service}
@@ -137,11 +137,11 @@
       #
       # @param [Hash] token the authentication token as parsed JSON to use when making authenticated requests
       # @param [String] remote_ip the optional IP address to be recorded in the audit record.
       # @return [Conjur::API] an api that will authenticate with the token
       def new_from_token(token, remote_ip = nil)
-        self.new nil, nil, token, remote_ip
+        self.new.init_from_token token, remote_ip
       end
       
       def encode_audit_ids(ids)
         ids.collect{|id| CGI::escape(id)}.join('&')
       end
@@ -149,33 +149,11 @@
       def decode_audit_ids(ids)
         ids.split('&').collect{|id| CGI::unescape(id)}
       end
 
     end
-    
-    # Create a new instance from a username and api key or a token.
-    #
-    # @note You should use {Conjur::API.new_from_token} or {Conjur::API.new_from_key} instead of calling this method
-    #   directly.
-    #
-    # This method requires that you pass **either** a username and api_key **or** a token Hash.
-    #
-    # @param [String] username the username to authenticate as
-    # @param [String] api_key the api key or password to use when authenticating
-    # @param [Hash] token the token to use when making authenticated requuests.
-    # @param [String] remote_ip the optional IP address to be recorded in the audit record.
-    #
-    # @api internal
-    def initialize username, api_key, token, remote_ip = nil
-      @username = username
-      @api_key = api_key
-      @token = token
-      @remote_ip = remote_ip
 
-      raise "Expecting ( username and api_key ) or token" unless ( username && api_key ) || token
-    end
-
     #@!attribute [r] api_key
     # The api key used to create this instance.  This is only present when you created the api with {Conjur::API.new_from_key}.#
     #
     # @return [String] the api key, or nil if this instance was created from a token.
     attr_reader :api_key
@@ -252,41 +230,54 @@
 
     # Return a new API object with the specified X-Conjur-Privilege.
     # 
     # @return The API instance.
     def with_privilege privilege
-      self.class.new(username, api_key, token, remote_ip).tap do |api|
+      self.clone.tap do |api|
         api.privilege = privilege
       end
     end
 
     def with_audit_roles role_ids
       role_ids = Array(role_ids)
-      self.class.new(username, api_key, token, remote_ip).tap do |api|
+      self.clone.tap do |api|
         # Ensure that all role ids are fully qualified
         api.audit_roles = role_ids.collect { |id| api.role(id).roleid }
       end
     end
 
     def with_audit_resources resource_ids
       resource_ids = Array(resource_ids)
-      self.class.new(username, api_key, token, remote_ip).tap do |api|
+      self.clone.tap do |api|
         # Ensure that all resource ids are fully qualified
         api.audit_resources = resource_ids.collect { |id| api.resource(id).resourceid }
       end
     end
 
-    private
+    def init_from_key username, api_key, remote_ip = nil
+      @username = username
+      @api_key = api_key
+      @remote_ip = remote_ip
+      self
+    end
 
+    def init_from_token token, remote_ip = nil
+      @token = token
+      @remote_ip = remote_ip
+      self
+    end
 
+    private
+    attr_accessor :token_born
+
     # Tries to refresh the token if possible.
     #
     # @return [Hash, false] false if the token couldn't be refreshed due to
     # unavailable API key; otherwise, the new token.
     def refresh_token
       return false unless @api_key
-      @token_born = gettime
+      self.token_born = gettime
       @token = Conjur::API.authenticate(@username, @api_key)
     end
 
     # The four minutes is to work around a bug in Conjur < 4.7 causing a 404 on 
     # long-running operations (when the token is used right around the 5 minute mark).
@@ -305,9 +296,9 @@
       # fall back to normal clock if there's no CLOCK_MONOTONIC
       Time.now.to_f
     end
 
     def token_age
-      @token_born && (gettime - @token_born)
+      token_born && (gettime - token_born)
     end
   end
 end