class Drillbit::Tokens::JsonWebToken

Constants

TRANSFORMATION_EXCEPTIONS

Attributes

data[RW]
headers[RW]
private_key[RW]

Public Class Methods

build(id: SecureRandom.uuid, audience: Drillbit.configuration.default_token_audience, expiration: Time.now.utc.to_i + (60 * Drillbit.configuration.default_token_expiration_in_minutes), issuer: Drillbit.configuration.default_token_issuer || 'Drillbit', issued_at: Time.now.utc, not_before: Time.now.utc, owner: nil, roles: Drillbit.configuration.default_token_roles, subject: Drillbit.configuration.default_token_subject, subject_id:, token_private_key: Drillbit.configuration.token_private_key) click to toggle source

rubocop:disable Metrics/ParameterLists, Metrics/LineLength

# File lib/drillbit/tokens/json_web_token.rb, line 53
def self.build(id:                SecureRandom.uuid,
               audience:          Drillbit.configuration.default_token_audience,
               expiration:        Time.now.utc.to_i + (60 * Drillbit.configuration.default_token_expiration_in_minutes),
               issuer:            Drillbit.configuration.default_token_issuer || 'Drillbit',
               issued_at:         Time.now.utc,
               not_before:        Time.now.utc,
               owner:             nil,
               roles:             Drillbit.configuration.default_token_roles,
               subject:           Drillbit.configuration.default_token_subject,
               subject_id:,
               token_private_key: Drillbit.configuration.token_private_key)

  owner ||= subject_id

  new(
    private_key: token_private_key,
    data:        {
      'aud' => audience,
      'exp' => expiration.to_i,
      'iat' => issued_at.to_i,
      'iss' => issuer,
      'jti' => id,
      'nbf' => not_before.to_i,
      'own' => owner,
      'rol' => roles.join(','),
      'sid' => subject_id,
      'sub' => subject,
    },
  )
end
build_from_request(request_token) click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 44
def self.build_from_request(request_token)
  return Tokens::JsonWebTokens::Null.instance unless request_token

  data, headers = *request_token

  new(data: data, headers: headers)
end
from_jwe(encrypted_token, private_key: Drillbit.configuration.token_private_key) click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 175
def self.from_jwe(encrypted_token,
                  private_key: Drillbit.configuration.token_private_key)

  return JsonWebTokens::Null.instance if encrypted_token.to_s == ''

  decrypted_token = JSON::JWT
                      .decode(encrypted_token, private_key)
                      .plain_text

  from_jws(decrypted_token, private_key: private_key)
rescue *TRANSFORMATION_EXCEPTIONS
  JsonWebTokens::Invalid.instance
end
from_jws(signed_token, private_key: Drillbit.configuration.token_private_key) click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 189
def self.from_jws(signed_token,
                  private_key: Drillbit.configuration.token_private_key)

  return JsonWebTokens::Null.instance if signed_token.to_s == ''

  decoded = JWT.decode(
                        signed_token,
                        private_key,
                        true,
                        algorithm:         'RS256',
                        verify_expiration: true,
                        verify_not_before: true,
                        verify_iat:        true,
                        leeway:            5,
  )

  data, headers = *decoded

  new(data:        data,
      headers:     headers,
      private_key: private_key)
rescue *TRANSFORMATION_EXCEPTIONS
  JsonWebTokens::Invalid.instance
end
new(data:, headers: {}, private_key: Drillbit.configuration.token_private_key) click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 35
def initialize(data:,
               headers:     {},
               private_key: Drillbit.configuration.token_private_key)

  self.data        = data
  self.headers     = headers
  self.private_key = private_key
end

Public Instance Methods

audience() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 105
def audience
  data['aud']
end
blank?() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 89
def blank?
  data.empty?
end
empty?() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 97
def empty?
  data.empty?
end
expiration() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 117
def expiration
  data['exp']
end
id() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 121
def id
  data['jti']
end
issued_at() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 109
def issued_at
  data['iat']
end
issuer() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 113
def issuer
  data['iss']
end
not_before() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 125
def not_before
  data['nbf']
end
owner_id() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 129
def owner_id
  data['own']
end
present?() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 93
def present?
  data.any?
end
roles() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 147
def roles
  @roles ||= data.fetch('rol', '').split(',')
end
subject() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 137
def subject
  data['sub']
end
subject_id() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 133
def subject_id
  data['sid']
end
to_h() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 101
def to_h
  [data, headers]
end
to_jwe() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 167
def to_jwe
  @jwe ||= to_jws.encrypt(private_key, 'RSA-OAEP', 'A256GCM')
end
to_jwe_s() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 171
def to_jwe_s
  @jwe_s ||= to_jwe.to_s
end
to_jws() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 159
def to_jws
  @jws ||= to_jwt.sign(private_key, 'RS256')
end
to_jws_s() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 163
def to_jws_s
  @jws_s ||= to_jws.to_s
end
to_jwt() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 151
def to_jwt
  @jwt ||= JSON::JWT.new(data)
end
to_jwt_s() click to toggle source
# File lib/drillbit/tokens/json_web_token.rb, line 155
def to_jwt_s
  @jwt_s ||= to_jwt.to_s
end
valid?() click to toggle source

rubocop:enable Metrics/ParameterLists, Metrics/AbcSize, Metrics/LineLength

# File lib/drillbit/tokens/json_web_token.rb, line 85
def valid?
  true
end