class FireJWT::Certificates

Constants

URL

Attributes

expires_at[R]

Public Class Methods

new(url: URL) click to toggle source
Calls superclass method
# File lib/firejwt/certificates.rb, line 12
def initialize(url: URL)
  super()

  @url  = URI(url)
  @keys = {}

  expire!
  refresh!
end

Public Instance Methods

expire!() click to toggle source
# File lib/firejwt/certificates.rb, line 47
def expire!
  @expires_at = Time.at(0)
end
expired?() click to toggle source
# File lib/firejwt/certificates.rb, line 51
def expired?
  @expires_at < Time.now
end
expires_soon?() click to toggle source
# File lib/firejwt/certificates.rb, line 55
def expires_soon?
  @expires_at < (Time.now + 600)
end
get(kid) click to toggle source
# File lib/firejwt/certificates.rb, line 22
def get(kid)
  refresh! if expired?

  @keys[kid]
end
refresh!(limit = 5) click to toggle source
# File lib/firejwt/certificates.rb, line 28
def refresh!(limit = 5)
  resp = Net::HTTP.get_response(@url)
  unless resp.is_a?(Net::HTTPOK)
    raise "Server responded with #{resp.code}" if limit < 1

    refresh!(limit - 1)
  end

  raise ArgumentError, 'Expires header not included in the response' unless resp['expires']

  @expires_at = Time.httpdate(resp['expires'])
  @keys.clear

  JSON.parse(resp.body).each do |kid, pem|
    cert = OpenSSL::X509::Certificate.new(pem)
    @keys.store kid, cert.public_key
  end
end