Class: Mongo::Crypt::KMS::Azure::Credentials Private

Inherits:
Object
  • Object
show all
Extended by:
Forwardable
Includes:
Validations
Defined in:
build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Azure KMS Credentials object contains credentials for using Azure KMS provider.

Constant Summary collapse

FORMAT_HINT =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

"Azure KMS provider options must be in the format: " +
"{ tenant_id: 'TENANT-ID', client_id: 'TENANT_ID', client_secret: 'CLIENT_SECRET' }"

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Validations

#validate_param, validate_tls_options

Constructor Details

#initialize(opts) ⇒ Credentials

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Creates an Azure KMS credentials object form a parameters hash.

Parameters:

  • opts (Hash)

    A hash that contains credentials for Azure KMS provider

Options Hash (opts):

  • :tenant_id (String)

    Azure tenant id.

  • :client_id (String)

    Azure client id.

  • :client_secret (String)

    Azure client secret.

  • :identity_platform_endpoint (String | nil)

    Azure identity platform endpoint, optional.

Raises:

  • (ArgumentError)

    If required options are missing or incorrectly formatted.



59
60
61
62
63
64
65
66
67
68
69
# File 'build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb', line 59

def initialize(opts)
  @opts = opts
  unless empty?
    @tenant_id = validate_param(:tenant_id, opts, FORMAT_HINT)
    @client_id = validate_param(:client_id, opts, FORMAT_HINT)
    @client_secret = validate_param(:client_secret, opts, FORMAT_HINT)
    @identity_platform_endpoint = validate_param(
      :identity_platform_endpoint, opts, FORMAT_HINT, required: false
    )
  end
end

Instance Attribute Details

#client_idString (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns Azure client id.

Returns:

  • (String)

    Azure client id.



33
34
35
# File 'build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb', line 33

def client_id
  @client_id
end

#client_secretString (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns Azure client secret.

Returns:

  • (String)

    Azure client secret.



36
37
38
# File 'build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb', line 36

def client_secret
  @client_secret
end

#identity_platform_endpointString | nil (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns Azure identity platform endpoint.

Returns:

  • (String | nil)

    Azure identity platform endpoint.



39
40
41
# File 'build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb', line 39

def identity_platform_endpoint
  @identity_platform_endpoint
end

#tenant_idString (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns Azure tenant id.

Returns:

  • (String)

    Azure tenant id.



30
31
32
# File 'build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb', line 30

def tenant_id
  @tenant_id
end

Instance Method Details

#to_documentBSON::Document

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Convert credentials object to a BSON document in libmongocrypt format.

Returns:

  • (BSON::Document)

    Azure KMS credentials in libmongocrypt format.



74
75
76
77
78
79
80
81
82
83
84
85
# File 'build/ruby-driver-v2.18/lib/mongo/crypt/kms/azure.rb', line 74

def to_document
  return BSON::Document.new if empty?
  BSON::Document.new({
    tenantId: @tenant_id,
    clientId: @client_id,
    clientSecret: @client_secret,
  }).tap do |bson|
    unless identity_platform_endpoint.nil?
      bson.update({ identityPlatformEndpoint: identity_platform_endpoint })
    end
  end
end