class Mongo::Crypt::KMS::Azure::Credentials
Azure
KMS
Credentials
object contains credentials for using Azure
KMS
provider.
@api private
Constants
- FORMAT_HINT
Attributes
@return [ String | nil ] Azure
access token.
@return [ String ] Azure
client id.
@return [ String ] Azure
client secret.
@return [ String | nil ] Azure
identity platform endpoint.
@return [ String ] Azure
tenant id.
Public Class Methods
Creates an Azure
KMS
credentials object form a parameters hash.
@param [ Hash ] opts A hash that contains credentials for
Azure KMS provider
@option opts [ String ] :tenant_id Azure
tenant id. @option opts [ String ] :client_id Azure
client id. @option opts [ String ] :client_secret Azure
client secret. @option opts [ String | nil ] :identity_platform_endpoint Azure
identity platform endpoint, optional.
@raise [ ArgumentError ] If required options are missing or incorrectly
formatted.
# File lib/mongo/crypt/kms/azure/credentials.rb, line 61 def initialize(opts) @opts = opts return if empty? if opts[:access_token] @access_token = opts[:access_token] else @tenant_id = validate_param(:tenant_id, opts, FORMAT_HINT) @client_id = validate_param(:client_id, opts, FORMAT_HINT) @client_secret = validate_param(:client_secret, opts, FORMAT_HINT) @identity_platform_endpoint = validate_param( :identity_platform_endpoint, opts, FORMAT_HINT, required: false ) end end
Public Instance Methods
Convert credentials object to a BSON document in libmongocrypt format.
@return [ BSON::Document ] Azure
KMS
credentials in libmongocrypt format.
# File lib/mongo/crypt/kms/azure/credentials.rb, line 80 def to_document return BSON::Document.new if empty? if access_token BSON::Document.new({ accessToken: access_token }) else BSON::Document.new( { tenantId: @tenant_id, clientId: @client_id, clientSecret: @client_secret } ).tap do |bson| unless identity_platform_endpoint.nil? bson.update({ identityPlatformEndpoint: identity_platform_endpoint }) end end end end