class Warden::Cognito::TokenDecoder

Attributes

jwk_loader[R]
token[R]

Public Class Methods

new(token, pool_identifier = nil) click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 6
def initialize(token, pool_identifier = nil)
  @token = token
  @jwk_loader = find_loader(pool_identifier)
end

Public Instance Methods

cognito_user() click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 24
def cognito_user
  @cognito_user ||= CognitoClient.scope(pool_identifier).fetch(token)
end
decoded_token() click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 19
def decoded_token
  @decoded_token ||= ::JWT.decode(token, nil, true, iss: jwk_loader.jwt_issuer, verify_iss: true,
                                                    algorithms: ['RS256'], jwks: jwk_loader)
end
pool_identifier() click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 32
def pool_identifier
  jwk_loader.pool_identifier
end
sub() click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 15
def sub
  decoded_token.first['sub']
end
user_attribute(attribute_name) click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 28
def user_attribute(attribute_name)
  token_attribute(attribute_name).presence || cognito_user_attribute(attribute_name)
end
validate!() click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 11
def validate!
  decoded_token.present?
end

Private Instance Methods

cognito_user_attribute(attribute_name) click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 42
def cognito_user_attribute(attribute_name)
  cognito_user.user_attributes.detect do |attribute|
    attribute.name == attribute_name
  end&.value
end
find_loader(pool_identifier) click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 48
def find_loader(pool_identifier)
  if pool_identifier.present?
    return JwkLoader.new.tap do |loader|
      loader.user_pool = pool_identifier
    end
  end
  JwkLoader.pool_iterator.detect(JwkLoader.invalid_issuer_error) do |loader|
    loader.issued? token
  end
end
token_attribute(attribute_name) click to toggle source
# File lib/warden/cognito/token_decoder.rb, line 38
def token_attribute(attribute_name)
  decoded_token.first[attribute_name] if decoded_token.first.key? attribute_name
end