class Rack::PrxAuth::Certificate
Constants
- DEFAULT_CERT_LOC
- EXPIRES_IN
Attributes
cert_location[R]
Public Class Methods
new(cert_uri = nil)
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 12 def initialize(cert_uri = nil) @cert_location = cert_uri.nil? ? DEFAULT_CERT_LOC : URI(cert_uri) end
Public Instance Methods
valid?(token)
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 16 def valid?(token) begin JSON::JWT.decode(token, public_key) rescue JSON::JWT::VerificationFailed false else true end end
Private Instance Methods
certificate()
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 32 def certificate if @certificate.nil? || needs_refresh? @certificate = fetch end @certificate end
expired?()
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 50 def expired? @certificate.not_after < Time.now end
fetch()
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 39 def fetch certs = JSON.parse(Net::HTTP.get(cert_location)) cert_string = certs['certificates'].values[0] @refresh_at = Time.now.to_i + EXPIRES_IN OpenSSL::X509::Certificate.new(cert_string) end
needs_refresh?()
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 46 def needs_refresh? expired? || @refresh_at <= Time.now.to_i end
public_key()
click to toggle source
# File lib/rack/prx_auth/certificate.rb, line 28 def public_key certificate.public_key end