Class IAMAuthorizationProvider

Authorization provider used to to authorize operations using Oracle Cloud Infrastructure Identity and Access Management (IAM).

The driver uses this class internally for authorization with the Cloud Service. Normally, you do not need to use this class. Instead, create NoSQLClient instance by specifying iam property in AuthConfig as part of auth, as described in IAMConfig.

You may use this class as an alternative to specifying iam, as this may allow additional operations, e.g. retrieving resource principal claim information. Use this class as a value for provider property when creating NoSQLClient instance. This is shown in the example.

See

Example

Using IAMAuthorizationProvider when creating NoSQLClient instance.

const client = new NoSQLClient({
    region: Region.US_PHOENIX_1,
    compartment: "ocid1.compartment.oc1.............................",
    auth: {
        provider: new IAMAuthorizationProvider({
            configFile: "~/myapp/.oci/config",
            profileName: "Jane"
        })
    }
});

Hierarchy

IAMAuthorizationProvider

Implements

AuthorizationProvider

Index

Constructors

constructor

Methods

close getAuthorization getResourcePrincipalClaims onInit withInstancePrincipal withInstancePrincipalForDelegation withInstancePrincipalForDelegationFromFile withResourcePrincipal withSessionToken

Constructors

constructor

new IAMAuthorizationProvider(config?: IAMConfig): IAMAuthorizationProvider
Initializes a new instance of IAMAuthorizationProvider.

Throws
if the configuration is has invalid properties

See
IAMConfig
Parameters
- Optional config: IAMConfig
  
  Configuration to create IAMAuthorizationProvider specified as IAMConfig. You may omit this parameter (use no-argument constructor) if using cloud service with the default OCI configuration file with default profile name that contains credentials and region identifier, as described in IAMConfig.
Returns IAMAuthorizationProvider

Methods

close

close(): void | Promise<void>
Releases resources held by this provider.

See
close

Returns void | Promise<void>

Implementation of AuthorizationProvider.close

getAuthorization

getAuthorization(op: Operation): Promise<AuthResult>
Asynchronously acquires authorization information. This method is only used by the driver. You do not need to call this method. This method can only be used after onInit is called.

Async

Returns
Promise resolved with authorization information or rejected with an error
Parameters
- op: Operation
  
  Operation that requires authorization
Returns Promise<AuthResult>

Implementation of AuthorizationProvider.getAuthorization

getResourcePrincipalClaims

getResourcePrincipalClaims(): Promise<undefined | ResourcePrincipalClaims>
If using Resource Principal, gets the claims information in the resource principal session token (RPST) such as the resource tenant and compartment OCIDs.

Async

Returns
If using Resource Principal, promise of ResourcePrincipalClaims containing RPST claim information, otherwise promise of undefined.

Returns Promise<undefined | ResourcePrincipalClaims>

onInit

onInit(config: Config): void
Initialization callback.

See
onInit
Parameters
- config: Config
  
  Config object used to create NoSQLClient instance.
Returns void

Implementation of AuthorizationProvider.onInit

`Static` withInstancePrincipal

withInstancePrincipal(federationEndpoint?: string): IAMAuthorizationProvider
A convenience method to create new instance of IAMAuthorizationProvider using Instance Principal.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using Instance Principal

See
useInstancePrincipal
Parameters
- Optional federationEndpoint: string
  
  Optional federation endpoint. See federationEndpoint.
Returns IAMAuthorizationProvider

`Static` withInstancePrincipalForDelegation

withInstancePrincipalForDelegation(delegationToken: string, federationEndpoint?: string): IAMAuthorizationProvider
Overload
A convenience method to create new instance of IAMAuthorizationProvider using Instance Principal with delegation token.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using Instance Principal and specified delegation token

See
- useInstancePrincipal
- delegationToken
Parameters
- delegationToken: string
  
  Delegation token
- Optional federationEndpoint: string
  
  Optional federation endpoint. See federationEndpoint
Returns IAMAuthorizationProvider
withInstancePrincipalForDelegation(delegationTokenProvider: DelegationTokenProvider, federationEndpoint?: string): IAMAuthorizationProvider
Overload
A convenience method to create new instance of IAMAuthorizationProvider using Instance Principal with delegation token provider.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using Instance Principal and specified delegation token provider

See
- useInstancePrincipal
- delegationTokenProvider
Parameters
- delegationTokenProvider: DelegationTokenProvider
  
  Delegation token provider
- Optional federationEndpoint: string
  
  Optional federation endpoint. See federationEndpoint
Returns IAMAuthorizationProvider

`Static` withInstancePrincipalForDelegationFromFile

withInstancePrincipalForDelegationFromFile(delegationTokenFile: string, federationEndpoint?: string): IAMAuthorizationProvider
A convenience method to create new instance of IAMAuthorizationProvider using Instance Principal with delegation token file.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using Instance Principal and specified delegation token file

See
- useInstancePrincipal
- delegationTokenFile
Parameters
- delegationTokenFile: string
  
  Delegation token file
- Optional federationEndpoint: string
  
  Optional federation endpoint. See federationEndpoint
Returns IAMAuthorizationProvider

`Static` withResourcePrincipal

withResourcePrincipal(useResourcePrincipalCompartment?: boolean): IAMAuthorizationProvider
A convenience method to create new instance of IAMAuthorizationProvider using Resource Principal.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using Resource Principal

See
IAMConfig
Parameters
- Optional useResourcePrincipalCompartment: boolean
  
  Whether to use the resource compartment as default compartment for NoSQL Database operations. Defaults to false. See useResourcePrincipalCompartment
Returns IAMAuthorizationProvider

`Static` withSessionToken

withSessionToken(profileName?: string): IAMAuthorizationProvider
Overload
A convenience method to create new instance of IAMAuthorizationProvider for session token-based authentication using default OCI configuration file and specified or default profile name.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using session token-based authentication

See
- configFile
- profileName
Parameters
- Optional profileName: string
  
  Optional profile name in the default OCI configuration file. Defaults to value "DEFAULT"
Returns IAMAuthorizationProvider
withSessionToken(configFile: string, profileName?: string): IAMAuthorizationProvider
Overload
A convenience method to create new instance of IAMAuthorizationProvider for session token-based authentication using specified OCI configuration file and profile name.

Other applicable properties are initialized to their defaults as described in IAMConfig.
Returns
New instance of IAMAuthorizationProvider using session token-based authentication

See
- configFile
- profileName
Parameters
- configFile: string
  
  OCI configuration file path. See configFile
- Optional profileName: string
  
  Optional profile name in the default OCI configuration file. Defaults to value "DEFAULT"
Returns IAMAuthorizationProvider

Class IAMAuthorizationProvider

See

Example

Hierarchy

Implements

Index

Constructors

Methods

Constructors

constructor

Throws

See

Parameters

Optional config: IAMConfig

Returns IAMAuthorizationProvider

Methods

close

See

Returns void | Promise<void>

getAuthorization

Async

Returns

Parameters

op: Operation

Returns Promise<AuthResult>

getResourcePrincipalClaims

Async

Returns

Returns Promise<undefined | ResourcePrincipalClaims>

onInit

See

Parameters

config: Config

Returns void

Static withInstancePrincipal

Returns

See

Parameters

Optional federationEndpoint: string

Returns IAMAuthorizationProvider

Static withInstancePrincipalForDelegation

Returns

See

Parameters

delegationToken: string

Optional federationEndpoint: string

Returns IAMAuthorizationProvider

Returns

See

Parameters

delegationTokenProvider: DelegationTokenProvider

Optional federationEndpoint: string

Returns IAMAuthorizationProvider

Static withInstancePrincipalForDelegationFromFile

Returns

See

Parameters

delegationTokenFile: string

Optional federationEndpoint: string

Returns IAMAuthorizationProvider

Static withResourcePrincipal

Returns

See

Parameters

Optional useResourcePrincipalCompartment: boolean

Returns IAMAuthorizationProvider

Static withSessionToken

Returns

See

Parameters

Optional profileName: string

Returns IAMAuthorizationProvider

Returns

See

Parameters

configFile: string

Optional profileName: string

Returns IAMAuthorizationProvider

Settings

Member Visibility

`Optional` config: IAMConfig

`Static` withInstancePrincipal

`Optional` federationEndpoint: string

`Static` withInstancePrincipalForDelegation

`Optional` federationEndpoint: string

`Optional` federationEndpoint: string

`Static` withInstancePrincipalForDelegationFromFile

`Optional` federationEndpoint: string

`Static` withResourcePrincipal

`Optional` useResourcePrincipalCompartment: boolean

`Static` withSessionToken

`Optional` profileName: string

`Optional` profileName: string