Class: TrainPlugins::Rest::AWSV4

Inherits:

AuthHandler

• Object
• AuthHandler
• TrainPlugins::Rest::AWSV4

Defined in:

lib/train-rest/auth_handler/awsv4.rb

Constant Summary

VALID_CREDENTIALS =

%w[
  access_keys
].freeze

SIGNED_HEADERS =

%w[
  content-type host x-amz-date x-amz-target
].freeze

Instance Attribute Summary

Attributes inherited from AuthHandler

#connection, #options

Instance Method Summary

• #access_key ⇒ Object
• #check_options ⇒ Object
• #process(payload: "", headers: {}, url: "", method: nil) ⇒ Object
• #process_error(error) ⇒ Object
• #region(url = default_url) ⇒ Object
• #signature_based? ⇒ Boolean

Methods inherited from AuthHandler

#auth_headers, #auth_parameters, descendants, #initialize, #login, #logout, name, #renew_session, #renewal_needed?

Constructor Details

This class inherits a constructor from TrainPlugins::Rest::AuthHandler

Instance Method Details

#access_key ⇒ Object

# File 'lib/train-rest/auth_handler/awsv4.rb', line 70

def access_key
  options[:access_key] || ENV['AWS_ACCESS_KEY_ID']
end

#check_options ⇒ Object

# File 'lib/train-rest/auth_handler/awsv4.rb', line 17

def check_options
  options[:credentials] ||= "access_keys"

  unless VALID_CREDENTIALS.include? credentials
    raise ArgumentError.new("Invalid type of credentials: #{credentials}")
  end

  if access_keys?
    raise ArgumentError.new('Missing `access_key` credential') unless access_key
    raise ArgumentError.new('Missing `secret_access_key` credential') unless secret_access_key
  end
end

#process(payload: "", headers: {}, url: "", method: nil) ⇒ Object

# File 'lib/train-rest/auth_handler/awsv4.rb', line 34

def process(payload: "", headers: {}, url: "", method: nil)
  headers.merge! ({
    'Accept-Encoding' => 'identity',
    'User-Agent' => "train-rest/#{TrainPlugins::Rest::VERSION}",
    'Content-Type' => 'application/x-amz-json-1.0'
  })

  signed_headers = headers.select do |name, _value|
    SIGNED_HEADERS.include? name.downcase
  end

	@url = url

  signature = signer(url).sign_request(
    http_method: method.to_s.upcase,
    url: url,
    headers: signed_headers,
    body: payload.to_json
  )

  {
    headers: headers.merge(signature.headers)
  }
end

#process_error(error) ⇒ Object

# File 'lib/train-rest/auth_handler/awsv4.rb', line 59

def process_error(error)
  raise AuthenticationError.new("Authentication failed: #{error.response.to_s.chop}") if error.response.code == 401
  raise BadRequest.new("Bad request: #{error.response.to_s.chop}") if error.response.code == 400

  message = JSON.parse(error.response.to_s)

  raise AuthenticationError.new(message["message"] || message["__type"])
rescue JSON::ParserError => e
  raise AuthenticationError.new(error.response.to_s)
end

#region(url = default_url) ⇒ Object

# File 'lib/train-rest/auth_handler/awsv4.rb', line 74

def region(url = default_url)
  url.delete_prefix('https://').split('.').at(1)
end

#signature_based? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/train-rest/auth_handler/awsv4.rb', line 30

def signature_based?
  true
end