Options
All
  • Public
  • Public/Protected
  • All
Menu

Class ResourcePrincipalAuthenticationDetailsProvider

Hierarchy

Implements

Constructors

Properties

Methods

Constructors

constructor

Properties

Protected federationClient

federationClient: FederationClient

Protected region

region: Region

Protected sessionKeySupplier

sessionKeySupplier: SessionKeySupplier

Static ClaimKeys

ClaimKeys: ClaimsKey = class ClaimsKey {/*** COMPARTMENT_ID is the claim name that the RPST holds for the resource compartment.* This can be passed to {@link #getStringClaim} to retrieve the resource's compartment OCID.*/public static COMPARTMENT_ID_CLAIM_KEY = "res_compartment";/*** TENANT_ID_CLAIM_KEY is the claim name that the RPST holds for the resource tenancy.* This can be passed to {@link #getStringClaim} to retrieve the resource's tenancy OCID.*/public static TENANT_ID_CLAIM_KEY = "res_tenant";}

Static OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM

OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM: string = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM"

Static OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE

OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE: string = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE"

Static OCI_RESOURCE_PRINCIPAL_REGION_ENV_VAR_NAME

OCI_RESOURCE_PRINCIPAL_REGION_ENV_VAR_NAME: string = "OCI_RESOURCE_PRINCIPAL_REGION"

Static OCI_RESOURCE_PRINCIPAL_RPST

OCI_RESOURCE_PRINCIPAL_RPST: string = "OCI_RESOURCE_PRINCIPAL_RPST"

Static OCI_RESOURCE_PRINCIPAL_VERSION

OCI_RESOURCE_PRINCIPAL_VERSION: string = "OCI_RESOURCE_PRINCIPAL_VERSION"

Static RP_VERSION_2_2

RP_VERSION_2_2: string = "2.2"

Static ResourcePrincipalAuthenticationDetailsProviderBuilder

ResourcePrincipalAuthenticationDetailsProviderBuilder: ResourcePrincipalAuthenticationDetailsProviderBuilder = class ResourcePrincipalAuthenticationDetailsProviderBuilder {constructor() {}public build(): ResourcePrincipalAuthenticationDetailsProvider {const OciResourcePrincipalVersion =process.env[ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_VERSION];if (!OciResourcePrincipalVersion) {throw Error("OCI_RESOURCE_PRINCIPAL_VERSION environment variable is missing " +RP_DEBUG_INFORMATION_LOG);}switch (OciResourcePrincipalVersion) {case ResourcePrincipalAuthenticationDetailsProvider.RP_VERSION_2_2:return ResourcePrincipalAuthenticationDetailsProviderBuilder.build_2_2();default:throw Error(`OCI_RESOURCE_PRINCIPAL_VERSION environment variable has an unknown value ${OciResourcePrincipalVersion}. ${RP_DEBUG_INFORMATION_LOG}`);}}/*** Helper method that interprets the runtime environment to build a v2.2-configured client* @return ResourcePrincipalAuthenticationDetailsProvider*/static build_2_2(): ResourcePrincipalAuthenticationDetailsProvider {let federationClient: FederationClient;let sessionKeySupplier: SessionKeySupplier;let region: Region;const ociResourcePrincipalPrivateKey =process.env[ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM];const ociResourcePrincipalPassphrase =process.env[ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE];const ociResourcePrincipalRPST =process.env[ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_RPST];const ociResourcePrincipalRegion =process.env[ResourcePrincipalAuthenticationDetailsProvider.OCI_RESOURCE_PRINCIPAL_REGION_ENV_VAR_NAME];if (!ociResourcePrincipalPrivateKey) {throw Error("OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM environment variable missing. " +RP_DEBUG_INFORMATION_LOG);}if (!ociResourcePrincipalRPST) {throw Error("OCI_RESOURCE_PRINCIPAL_RPST environment variable is missing. " + RP_DEBUG_INFORMATION_LOG);}if (!ociResourcePrincipalRegion) {throw Error("OCI_RESOURCE_PRINCIPAL_REGION_ENV_VAR_NAME environment variable missing. " +RP_DEBUG_INFORMATION_LOG);}// Do a check to see if the file path of privateKey and passphrase are absolute pathif (path.isAbsolute(ociResourcePrincipalPrivateKey)) {if (ociResourcePrincipalPassphrase && !path.isAbsolute(ociResourcePrincipalPassphrase)) {throw Error("cannot mix path and constant settings for \OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM and OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE");}sessionKeySupplier = new FileBasedKeySupplier(ociResourcePrincipalPrivateKey,ociResourcePrincipalPassphrase);} else {sessionKeySupplier = new FixedContentKeySupplier(ociResourcePrincipalPrivateKey,ociResourcePrincipalPassphrase);}if (path.isAbsolute(ociResourcePrincipalRPST)) {federationClient = new FileBasedResourcePrincipalFederationClient(sessionKeySupplier,ociResourcePrincipalRPST);} else {federationClient = new FixedContentResourcePrincipalFederationClient(ociResourcePrincipalRPST,sessionKeySupplier);}// The region should be something like "us-phoenix-1" but if we get "phx" then convert it.const regionId = Region.getRegionIdFromShortCode(ociResourcePrincipalRegion);region = Region.fromRegionId(regionId);return new ResourcePrincipalAuthenticationDetailsProvider(federationClient,sessionKeySupplier,region);}}

Builder for ResourcePrincipalAuthenticationDetailsProvider that understands the V2.2 configuration

Methods

getKeyId

  • getKeyId(): Promise<string>

getPassphrase

  • getPassphrase(): null

getPrivateKey

  • getPrivateKey(): string

getRegion

getStringClaim

  • getStringClaim(key: string): Promise<string | null>

  • Session tokens carry JWT-like claims. Permit the retrieval of the value of those claims from the token. At the least, the token should carry claims for {@link ClaimKeys#COMPARTMENT_ID_CLAIM_KEY} and {@link ClaimKeys#TENANT_ID_CLAIM_KEY}

    Parameters

    • key: string

      the name of a claim in the session token

    Returns Promise<string | null>

    the claim value.

refresh

  • refresh(): Promise<string>

Static builder