class WmOktaHelper::AuthenticateApiRequest
Attributes
okta_client_id[RW]
okta_domain[RW]
okta_org[RW]
request[RW]
Public Class Methods
new(options)
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 9 def initialize(options) @request = options[:request] @token = nil @okta_org = options[:okta_org] @okta_domain = options[:okta_domain] @okta_client_id = options[:okta_client_id] @ignore_validations = options[:ignore_validations] || false end
Public Instance Methods
call()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 18 def call authenticate_request end
Private Instance Methods
authenticate_request()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 34 def authenticate_request @token if token_valid? end
cache_key()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 26 def cache_key 'OKTA_PUBLIC_KEYS' end
client_id()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 38 def client_id okta_client_id end
dirty_kid()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 42 def dirty_kid dirty_token.last['kid'] end
dirty_token()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 46 def dirty_token JWT.decode(request_token, nil, false) end
okta_keys()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 50 def okta_keys Rails.cache.fetch(cache_key, expires_in: 1.month) do Rails.logger.info('Okta keys cache miss') okta_keys = {} uri = URI("#{site}/oauth2/v1/keys") data = Net::HTTP.get(uri) keys = JSON.parse(data) keys['keys'].each { |k| okta_keys[k['kid']] = k.except('alg') } okta_keys end end
parse_token()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 62 def parse_token JSON::JWT.decode request_token, public_key rescue JWT::ExpiredSignature => e if @ignore_validations JSON::JWT.decode request_token, :skip_verification else raise e end rescue StandardError JSON::JWT.decode request_token, public_key(true) end
public_key(clear_cache = false)
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 74 def public_key(clear_cache = false) Rails.cache.delete(cache_key) if clear_cache JSON::JWK.new(okta_keys[dirty_kid]) end
request_token()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 79 def request_token @request.headers['Authorization'] end
site()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 30 def site "https://#{okta_org}.#{okta_domain}.com" end
token_valid?()
click to toggle source
# File lib/wm_okta_helper/authenticate_api_request.rb, line 83 def token_valid? @token = parse_token @ignore_validations || ( @token['iss'] == site && @token['aud'] == client_id && @token['exp'].to_i >= Time.now.utc.to_i ) end