search

Shopify / ruby-sigstore

Rubygems sigstore signing plugin
Apache License 2.0
7 stars 6 forks source link

Refactor openid #39

Closed doodzik closed 2 years ago

doodzik commented 2 years ago

I moved some refactors to allow for the introduction of a static token https://github.com/Shopify/ruby-sigstore/pull/30 out into this PR. This will make the next set of changes a bit easier to review since fewer things will change.

The main problem this PR solves is to enable the usage of an OpenID Provider (oidp) object to the GemSigner class, which will allow for the use of a static oidp.

I'm also renaming the current OpenId class to OpenId::Dynamic to allow for the usage of multiple authentication strategies. I'm also changing the interface of the OpenId::Dynamic class to expose a proof and token method, which will make it easier to substitute strategies.

doodzik commented 2 years ago

My only question is whether some method values should be memoized (eg fulcio_api).

The methods can be memorized, but there is no benefit in doing it, because the values aren't accessed multiple times. So I'm going to skip it for now.