class Sitefull::Auth::Amazon

Constants

AUTHORIZATION_URI
CALLBACK_URI
MISSING_REGION
MISSING_ROLE_ARN
MISSING_SESSION_NAME
PROVIDER_ID
SCOPE
TOKEN_CREDENTIALS_URI

Public Instance Methods

authorization_uri(_) click to toggle source
# File lib/sitefull-cloud/auth/amazon.rb, line 35
def authorization_uri(_)
  AUTHORIZATION_URI
end
callback_uri() click to toggle source
# File lib/sitefull-cloud/auth/amazon.rb, line 31
def callback_uri
  CALLBACK_URI
end
credentials(token) click to toggle source
# File lib/sitefull-cloud/auth/amazon.rb, line 18
def credentials(token)
  fail MISSING_ROLE_ARN if @options[:role_arn].to_s.empty?
  fail MISSING_REGION if @options[:region].to_s.empty?
  fail MISSING_SESSION_NAME if @options[:session_name].to_s.empty?

  sts = Aws::STS::Client.new(region: @options[:region])
  response = sts.assume_role_with_web_identity(role_arn: @options[:role_arn],
                                               role_session_name: @options[:session_name],
                                               provider_id: 'www.amazon.com',
                                               web_identity_token: token.access_token)
  Aws::Credentials.new(*response.credentials.to_h.values_at(:access_key_id, :secret_access_key, :session_token))
end
scope() click to toggle source
# File lib/sitefull-cloud/auth/amazon.rb, line 39
def scope
  SCOPE
end
token_credentials_uri(_) click to toggle source
# File lib/sitefull-cloud/auth/amazon.rb, line 43
def token_credentials_uri(_)
  TOKEN_CREDENTIALS_URI
end