class Keycloak::Service
Public Class Methods
new(key_resolver)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 4 def initialize(key_resolver) @key_resolver = key_resolver @skip_paths = Keycloak.config.skip_paths @logger = Keycloak.config.logger @token_expiration_tolerance_in_seconds = Keycloak.config.token_expiration_tolerance_in_seconds end
Public Instance Methods
decode_and_verify(token)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 11 def decode_and_verify(token) unless token.nil? || token&.empty? public_key = @key_resolver.find_public_keys decoded_token = JSON::JWT.decode(token, public_key) unless expired?(decoded_token) decoded_token.verify!(public_key) decoded_token else raise TokenError.expired(token) end else raise TokenError.no_token(token) end rescue JSON::JWT::VerificationFailed => e raise TokenError.verification_failed(token, e) rescue JSON::JWK::Set::KidNotFound => e raise TokenError.verification_failed(token, e) rescue JSON::JWT::InvalidFormat raise TokenError.invalid_format(token, e) end
need_authentication?(method, path, headers)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 37 def need_authentication?(method, path, headers) !should_skip?(method, path) && !is_preflight?(method, headers) end
read_token(uri, headers)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 33 def read_token(uri, headers) Helper.read_token_from_query_string(uri) || Helper.read_token_from_headers(headers) end
Private Instance Methods
expired?(token)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 54 def expired?(token) token_expiration = Time.at(token["exp"]).to_datetime token_expiration < Time.now + @token_expiration_tolerance_in_seconds.seconds end
is_preflight?(method, headers)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 49 def is_preflight?(method, headers) method_symbol = method&.downcase&.to_sym method_symbol == :options && !headers["HTTP_ACCESS_CONTROL_REQUEST_METHOD"].nil? end
should_skip?(method, path)
click to toggle source
# File lib/keycloak-api-rails/service.rb, line 43 def should_skip?(method, path) method_symbol = method&.downcase&.to_sym skip_paths = @skip_paths[method_symbol] !skip_paths.nil? && !skip_paths.empty? && !skip_paths.find_index { |skip_path| skip_path.match(path) }.nil? end