Module: OCI::Auth::Util
- Defined in:
- lib/oci/auth/util.rb
Overview
Contains utility methods to support functionality in the OCI::Auth module, for example being able to extract information from certificates and scrubbing certificate information for calls to Auth Service
Constant Summary collapse
- AUTHORIZATION_HEADER =
'Authorization'.freeze
- AUTHORIZATION_HEADER_VALUE =
'Bearer Oracle'.freeze
Class Method Summary collapse
- .colon_separate_fingerprint(raw_fingerprint) ⇒ Object
- .get_metadata_request(request_url, type) ⇒ Object
- .get_tenancy_id_from_certificate(x509_certificate) ⇒ Object
- .load_private_key(private_key_date, passphrase) ⇒ Object
- .load_private_key_from_file(private_key_file, passphrase) ⇒ Object
- .sanitize_certificate_string(cert_string) ⇒ Object
Class Method Details
.colon_separate_fingerprint(raw_fingerprint) ⇒ Object
29 30 31 |
# File 'lib/oci/auth/util.rb', line 29 def self.colon_separate_fingerprint(raw_fingerprint) raw_fingerprint.gsub(/(.{2})(?=.)/, '\1:\2') end |
.get_metadata_request(request_url, type) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/oci/auth/util.rb', line 41 def self.(request_url, type) case type when 'post' request = Net::HTTP::Post.new(request_url) when 'get' request = Net::HTTP::Get.new(request_url) when 'put' request = Net::HTTP::Put.new(request_url) else raise "Unknown request-type #{type} provided." end request[AUTHORIZATION_HEADER] = AUTHORIZATION_HEADER_VALUE request end |
.get_tenancy_id_from_certificate(x509_certificate) ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 |
# File 'lib/oci/auth/util.rb', line 15 def self.get_tenancy_id_from_certificate(x509_certificate) subject_array = x509_certificate.subject.to_a subject_array.each do |subject_name| # subject_name is actually a triple like: # ["OU", "<name>", "<number>"] if subject_name[0] == 'OU' && subject_name[1].include?('opc-tenant:') # 'opc-tenant:' is 11 character long, so we want to start at the index after that and to the end of the string (-1) return subject_name[1][11..-1] end end raise 'Certificate did not contain a tenancy in its subject' end |
.load_private_key(private_key_date, passphrase) ⇒ Object
61 62 63 64 65 66 |
# File 'lib/oci/auth/util.rb', line 61 def self.load_private_key(private_key_date, passphrase) OpenSSL::PKey::RSA.new( private_key_date, passphrase || SecureRandom.uuid ) end |
.load_private_key_from_file(private_key_file, passphrase) ⇒ Object
56 57 58 59 |
# File 'lib/oci/auth/util.rb', line 56 def self.load_private_key_from_file(private_key_file, passphrase) private_key_data = File.read(File.(private_key_file)).to_s.strip load_private_key(private_key_data, passphrase) end |
.sanitize_certificate_string(cert_string) ⇒ Object
33 34 35 36 37 38 39 |
# File 'lib/oci/auth/util.rb', line 33 def self.sanitize_certificate_string(cert_string) cert_string.gsub('-----BEGIN CERTIFICATE-----', '') .gsub('-----END CERTIFICATE-----', '') .gsub('-----BEGIN PUBLIC KEY-----', '') .gsub('-----END PUBLIC KEY-----', '') .delete("\n") end |