Class: Safire::Protocols::Udap Private

Inherits:

Object

Object
Safire::Protocols::Udap

show all

Includes:: Behaviours

Defined in:: lib/safire/protocols/udap.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Note:

For internal use by Client only.

UDAP Security STU2 protocol implementation.

Handles server metadata discovery from the UDAP well-known endpoint (per STU2 §2). Results are cached per community within each instance.

All other UDAP flows (B2B client credentials, B2C authorization code, Tiered OAuth, Dynamic Client Registration) raise NotImplementedError and are planned for future PRs.

This is an internal class used exclusively by Client. Do not instantiate it directly — use Client instead.

Constant Summary collapse

WELL_KNOWN_PATH =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

'/.well-known/udap'.freeze

Instance Method Summary collapse

#initialize(config) ⇒ Udap constructor private
A new instance of Udap.
#server_metadata(community: nil) ⇒ Safire::Protocols::UdapMetadata private
Retrieves and parses UDAP server metadata from the well-known endpoint.

Methods included from Behaviours

#authorization_url, #refresh_token, #register_client, #request_access_token, #request_backend_token, #token_response_valid?

Constructor Details

#initialize(config) ⇒ `Udap`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns a new instance of Udap.

# File 'lib/safire/protocols/udap.rb', line 23

def initialize(config)
  @base_url       = config.base_url
  @http_client    = Safire::HTTPClient.new
  @metadata_cache = {}
end

Instance Method Details

#server_metadata(community: nil) ⇒ `Safire::Protocols::UdapMetadata`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Retrieves and parses UDAP server metadata from the well-known endpoint.

When a community URI is provided, the request is scoped to that community by appending ?community=<encoded-uri> to the endpoint URL. Results are cached per community — subsequent calls with the same community return the cached result without a second HTTP request.

Parameters:

community (String, nil) (defaults to: nil) —
optional UDAP community URI; scopes discovery

Returns:

(Safire::Protocols::UdapMetadata) —
parsed UDAP metadata

Raises:

(Safire::Errors::DiscoveryError) —
if the server returns an HTTP error, a 204 response, or a body that is not a JSON object
(Safire::Errors::NetworkError) —
on connection failure, timeout, SSL error, or a redirect to a non-HTTPS URL
(Safire::Errors::ConfigurationError) —
if community is not a URI

# File 'lib/safire/protocols/udap.rb', line 43

def server_metadata(community: nil)
  community = normalize_community(community)
  cache_key = community || :default
  return @metadata_cache[cache_key] if @metadata_cache.key?(cache_key)

  @metadata_cache[cache_key] = fetch_metadata(community:)
end