class Rack::PrxAuth
Constants
- DEFAULT_ISS
- INVALID_TOKEN
- VERSION
Attributes
issuer[R]
Public Class Methods
new(app, options = {})
click to toggle source
# File lib/rack/prx_auth.rb, line 18 def initialize(app, options = {}) @app = app @certificate = Certificate.new(options[:cert_location]) @issuer = options[:issuer] || DEFAULT_ISS end
Public Instance Methods
call(env)
click to toggle source
# File lib/rack/prx_auth.rb, line 24 def call(env) return @app.call(env) unless env['HTTP_AUTHORIZATION'] token = env['HTTP_AUTHORIZATION'].split[1] claims = decode_token(token) return @app.call(env) unless should_validate_token?(claims) if valid?(claims, token) env['prx.auth'] = TokenData.new(claims) @app.call(env) else INVALID_TOKEN end end
Private Instance Methods
decode_token(token)
click to toggle source
# File lib/rack/prx_auth.rb, line 46 def decode_token(token) return {} if token.nil? begin JSON::JWT.decode(token, :skip_verification) rescue JSON::JWT::InvalidFormat {} end end
expired?(claims)
click to toggle source
# File lib/rack/prx_auth.rb, line 56 def expired?(claims) Time.now.to_i > (claims['iat'] + claims['exp']) end
should_validate_token?(claims)
click to toggle source
# File lib/rack/prx_auth.rb, line 60 def should_validate_token?(claims) claims['iss'] == @issuer end
valid?(claims, token)
click to toggle source
# File lib/rack/prx_auth.rb, line 42 def valid?(claims, token) !expired?(claims) && @certificate.valid?(token) end