Class: Fluence::Gateway::Configuration::Settings

Inherits:
Object
  • Object
show all
Includes:
Singleton
Defined in:
lib/fluence/gateway/configuration.rb

Overview

Singleton value object holding the SDK configuration.

Stores the OAuth2 credentials and the base URLs for the gateway and appcenter. Instantiated lazily the first time #config is called.

All attributes are read/write. Attributes other than timeout and tenants resolve their value in this order: explicit setter value, then the matching ENV variable, then a hard-coded default. Credential attributes (client_id, client_secret) have no hard-coded default and return nil when neither a setter nor the matching ENV var is set.

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#appcenter_urlString

Base URL of the appcenter OAuth2 server. Falls back to ENV['APPCENTER_URL'] when unset.

Returns:

  • (String)

    (default: 'https://appcenter.fluence.eu')

#client_idString?

OAuth2 client identifier. Falls back to ENV['APPCENTER_CLIENT_ID'] when unset.

Returns:

  • (String, nil)

    the configured client_id, or nil when unset

#client_secretString?

OAuth2 client secret. Falls back to ENV['APPCENTER_CLIENT_SECRET'] when unset.

Returns:

  • (String, nil)

    the configured client_secret, or nil when unset

#gateway_urlString

Base URL of the Fluence API gateway. Falls back to ENV['GATEWAY_URL'] when unset.

Returns:

  • (String)

    (default: 'https://gateway.fluence.eu')

#profileSymbol

Resolves the active profile. Order: explicit setter, then ENV['GATEWAY_PROFILE'], then :production. Raises ArgumentError when the resolved value is not a key of PROFILES — validation is eager on both the setter path and the ENV path.

Returns:

  • (Symbol)

Raises:

  • (ArgumentError)

    if the value is unknown

#scopeString

OAuth2 scope requested on the client_credentials grant. Falls back to ENV['APPCENTER_SCOPE'] when unset.

Returns:

  • (String)

    (default: 'public')

#ssl_ca_fileString?

Path to an additional CA certificate file (PEM) that OpenSSL will trust on top of the system trust store. Typical use case: a self-signed or internal-CA certificate in staging.

Takes precedence over the system store for hostnames signed by the configured CA; hosts signed by a system CA still validate. Ignored when #ssl_verify resolves to :none.

Falls back to ENV['GATEWAY_SSL_CA_FILE'] when unset.

Returns:

  • (String, nil)

    the configured path, or nil when unset

#ssl_optionsHash

Extra Faraday SSL options merged into the ssl: Hash passed to OAuth2::Client (and then to Faraday::Connection). Accepts any key supported by Faraday::SSLOptions (ca_path, cert_store, client_cert, client_key, verify_hostname, …). Keys in this Hash override the entries derived from #ssl_verify and #ssl_ca_file, so power users can bypass the dedicated settings if they need to.

Returns:

  • (Hash)

    (default: {})

#ssl_verifySymbol

Returns the normalised SSL verification mode, resolving (in order) the explicit setter value, ENV['GATEWAY_SSL_VERIFY'], then defaulting to :peer. Always returns one of :peer, :none, :client_once, :fail_if_no_peer_cert.

Returns:

  • (Symbol)

    the canonical SSL verification mode

Raises:

  • (ArgumentError)

    if the setter or ENV value is unrecognised

#ssr_tenantBoolean

Whether the configured gateway is a single-service (SSR) tenant. When true, calls that try to route through a backend service (via the service: kwarg or Fluence::Gateway::Client#with_service) raise ServiceNotAllowedError, because SSR tenants expose a single backend directly and the /backend/<service>/ prefix has no meaning. Falls back to ENV['GATEWAY_SSR_TENANT'] (presence = enabled) when unset.

Returns:

  • (Boolean)

    (default: false)

#tenantsHash{Symbol => Hash}

User-declared tenants. Each value is a Hash of overrides over the global settings (only keys that differ need to be listed). A user-declared tenant overrides a same-name entry in BUILT_IN_TENANTS.

Supported override keys: :client_id, :client_secret, :gateway_url, :appcenter_url, :timeout, :scope, :ssr_tenant, :ssl_verify, :ssl_options, :ssl_ca_file.

Returns:

  • (Hash{Symbol => Hash})

    (default: {})

#timeoutInteger

HTTP timeout in seconds.

Returns:

  • (Integer)

    (default: 30)

Instance Method Details

#tenant_config(name = nil) ⇒ TenantConfig

Resolves the effective configuration for a tenant.

When name is nil, returns the global configuration as a TenantConfig. Otherwise, looks up the tenant's overrides — first in #tenants (user-declared), then in BUILT_IN_TENANTS — and merges them over the global settings before wrapping the result in a TenantConfig. Raises UnknownTenantError if the name matches neither source.

Parameters:

  • name (Symbol, String, nil) (defaults to: nil)

    the tenant name

Returns:

  • (TenantConfig)

    the immutable effective configuration exposing client_id, client_secret, gateway_url, appcenter_url, timeout, scope, ssr_tenant, ssl_verify, ssl_ca_file, ssl_options as readers. The returned value is frozen and its nested ssl_options Hash is frozen too, so it can be safely used as a Hash key or cached without any defensive copying.

Raises: