class Stormpath::Oauth::LocalAccessTokenVerification

Attributes

access_token[R]
application[R]

Public Class Methods

new(application, access_token) click to toggle source
  # File lib/stormpath-sdk/oauth/local_access_token_verification.rb
6 def initialize(application, access_token)
7   @application = application
8   @access_token = access_token
9 end

Public Instance Methods

verify() click to toggle source
   # File lib/stormpath-sdk/oauth/local_access_token_verification.rb
11 def verify
12   validate_jwt_is_an_access_token
13   validate_jwt_has_a_valid_issuer
14   LocalAccessTokenVerificationResult.new(application, decoded_jwt)
15 end

Private Instance Methods

decoded_jwt() click to toggle source
   # File lib/stormpath-sdk/oauth/local_access_token_verification.rb
19 def decoded_jwt
20   begin
21     @decoded_jwt ||= JWT.decode(access_token, application.client.data_store.api_key.secret)
22   rescue JWT::ExpiredSignature
23     raise Stormpath::Oauth::Error, :jwt_expired
24   end
25 end
validate_jwt_has_a_valid_issuer() click to toggle source
   # File lib/stormpath-sdk/oauth/local_access_token_verification.rb
32 def validate_jwt_has_a_valid_issuer
33   return if decoded_jwt.first['iss'] == application.href
34   raise Stormpath::Oauth::Error, :jwt_invalid_issuer
35 end
validate_jwt_is_an_access_token() click to toggle source
   # File lib/stormpath-sdk/oauth/local_access_token_verification.rb
27 def validate_jwt_is_an_access_token
28   return if decoded_jwt.second['stt'] == 'access'
29   raise Stormpath::Oauth::Error, :jwt_invalid_stt
30 end