class Drillbit::Tokens::JsonWebToken
Constants
- TRANSFORMATION_EXCEPTIONS
Attributes
data[RW]
headers[RW]
private_key[RW]
Public Class Methods
build(id: SecureRandom.uuid, audience: Drillbit.configuration.default_token_audience, expiration: Time.now.utc.to_i + (60 * Drillbit.configuration.default_token_expiration_in_minutes), issuer: Drillbit.configuration.default_token_issuer || 'Drillbit', issued_at: Time.now.utc, not_before: Time.now.utc, owner: nil, roles: Drillbit.configuration.default_token_roles, subject: Drillbit.configuration.default_token_subject, subject_id:, token_private_key: Drillbit.configuration.token_private_key)
click to toggle source
rubocop:disable Metrics/ParameterLists, Metrics/LineLength
# File lib/drillbit/tokens/json_web_token.rb, line 53 def self.build(id: SecureRandom.uuid, audience: Drillbit.configuration.default_token_audience, expiration: Time.now.utc.to_i + (60 * Drillbit.configuration.default_token_expiration_in_minutes), issuer: Drillbit.configuration.default_token_issuer || 'Drillbit', issued_at: Time.now.utc, not_before: Time.now.utc, owner: nil, roles: Drillbit.configuration.default_token_roles, subject: Drillbit.configuration.default_token_subject, subject_id:, token_private_key: Drillbit.configuration.token_private_key) owner ||= subject_id new( private_key: token_private_key, data: { 'aud' => audience, 'exp' => expiration.to_i, 'iat' => issued_at.to_i, 'iss' => issuer, 'jti' => id, 'nbf' => not_before.to_i, 'own' => owner, 'rol' => roles.join(','), 'sid' => subject_id, 'sub' => subject, }, ) end
build_from_request(request_token)
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 44 def self.build_from_request(request_token) return Tokens::JsonWebTokens::Null.instance unless request_token data, headers = *request_token new(data: data, headers: headers) end
from_jwe(encrypted_token, private_key: Drillbit.configuration.token_private_key)
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 175 def self.from_jwe(encrypted_token, private_key: Drillbit.configuration.token_private_key) return JsonWebTokens::Null.instance if encrypted_token.to_s == '' decrypted_token = JSON::JWT .decode(encrypted_token, private_key) .plain_text from_jws(decrypted_token, private_key: private_key) rescue *TRANSFORMATION_EXCEPTIONS JsonWebTokens::Invalid.instance end
from_jws(signed_token, private_key: Drillbit.configuration.token_private_key)
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 189 def self.from_jws(signed_token, private_key: Drillbit.configuration.token_private_key) return JsonWebTokens::Null.instance if signed_token.to_s == '' decoded = JWT.decode( signed_token, private_key, true, algorithm: 'RS256', verify_expiration: true, verify_not_before: true, verify_iat: true, leeway: 5, ) data, headers = *decoded new(data: data, headers: headers, private_key: private_key) rescue *TRANSFORMATION_EXCEPTIONS JsonWebTokens::Invalid.instance end
new(data:, headers: {}, private_key: Drillbit.configuration.token_private_key)
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 35 def initialize(data:, headers: {}, private_key: Drillbit.configuration.token_private_key) self.data = data self.headers = headers self.private_key = private_key end
Public Instance Methods
audience()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 105 def audience data['aud'] end
blank?()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 89 def blank? data.empty? end
empty?()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 97 def empty? data.empty? end
expiration()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 117 def expiration data['exp'] end
id()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 121 def id data['jti'] end
issued_at()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 109 def issued_at data['iat'] end
issuer()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 113 def issuer data['iss'] end
not_before()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 125 def not_before data['nbf'] end
owner_id()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 129 def owner_id data['own'] end
present?()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 93 def present? data.any? end
roles()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 147 def roles @roles ||= data.fetch('rol', '').split(',') end
subject()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 137 def subject data['sub'] end
subject_id()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 133 def subject_id data['sid'] end
to_h()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 101 def to_h [data, headers] end
to_jwe()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 167 def to_jwe @jwe ||= to_jws.encrypt(private_key, 'RSA-OAEP', 'A256GCM') end
to_jwe_s()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 171 def to_jwe_s @jwe_s ||= to_jwe.to_s end
to_jws()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 159 def to_jws @jws ||= to_jwt.sign(private_key, 'RS256') end
to_jws_s()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 163 def to_jws_s @jws_s ||= to_jws.to_s end
to_jwt()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 151 def to_jwt @jwt ||= JSON::JWT.new(data) end
to_jwt_s()
click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 155 def to_jwt_s @jwt_s ||= to_jwt.to_s end
valid?()
click to toggle source
rubocop:enable Metrics/ParameterLists, Metrics/AbcSize, Metrics/LineLength
# File lib/drillbit/tokens/json_web_token.rb, line 85 def valid? true end