11# frozen_string_literal: true
22
3- require 'base64'
4- require 'json'
5- require 'openssl'
6-
73module Sagittarius
84 module Velorum
95 class Client
106 def initialize (
117 host : Sagittarius ::Configuration . config [ :velorum ] [ :host ] ,
12- security_token : ENV . fetch ( 'VELORUM_SECURITY_TOKEN' , Sagittarius ::Configuration . config [ :velorum ] [ :security_token ] ) ,
8+ jwt_secret : Sagittarius ::Configuration . config [ :velorum ] [ :jwt_secret ] ,
139 jwt_ttl_minutes : Sagittarius ::Configuration . config [ :velorum ] [ :jwt_ttl_minutes ]
1410 )
1511 @host = host
16- @security_token = security_token
12+ @jwt_secret = jwt_secret
1713 @jwt_ttl_minutes = jwt_ttl_minutes
1814 end
1915
@@ -23,7 +19,7 @@ def models
2319
2420 private
2521
26- attr_reader :host , :security_token , :jwt_ttl_minutes
22+ attr_reader :host , :jwt_secret , :jwt_ttl_minutes
2723
2824 def stub
2925 @stub ||= Tucana ::Velorum ::InfoService ::Stub . new ( host , :this_channel_is_insecure )
@@ -36,9 +32,7 @@ def authentication_metadata
3632 end
3733
3834 def jwt
39- if security_token . to_s . empty?
40- raise ArgumentError , 'VELORUM_SECURITY_TOKEN or velorum.security_token must be configured'
41- end
35+ raise ArgumentError , 'velorum.jwt_secret must be configured' if jwt_secret . to_s . empty?
4236
4337 header = {
4438 alg : 'HS256' ,
@@ -50,7 +44,7 @@ def jwt
5044 exp : now + jwt_ttl_minutes . to_i . minutes . to_i ,
5145 }
5246 body = [ header , payload ] . map { |part | base64_url_encode ( part . to_json ) } . join ( '.' )
53- signature = OpenSSL ::HMAC . digest ( 'SHA256' , security_token , body )
47+ signature = OpenSSL ::HMAC . digest ( 'SHA256' , jwt_secret , body )
5448
5549 "#{ body } .#{ base64_url_encode ( signature ) } "
5650 end
0 commit comments