class Conjur::API::TokenFileAuthenticator

Obtains fresh tokens by reading them from a file. Some other process is assumed to be acquiring tokens and storing them to the file on a regular basis.

This authenticator assumes that the token was created immediately before it was written to the file.

Attributes

last_mtime[R]
token_file[R]

Public Class Methods

new(token_file) click to toggle source
# File lib/conjur/base.rb, line 270
def initialize token_file
  @token_file = token_file
end

Public Instance Methods

mtime() click to toggle source
# File lib/conjur/base.rb, line 276
def mtime
  File.mtime token_file
end
needs_token_refresh?() click to toggle source
# File lib/conjur/base.rb, line 290
def needs_token_refresh?
  mtime != last_mtime
end
refresh_token() click to toggle source
# File lib/conjur/base.rb, line 280
def refresh_token
  # There's a race condition here in which the file could be updated
  # after we read the mtime but before we read the file contents. So to be
  # conservative, use the oldest possible mtime.
  mtime = self.mtime
  File.open token_file, 'r' do |f|
    JSON.load(f.read).tap { @last_mtime = mtime }
  end
end