module AuthJwt::UserModelAdditions::ClassMethods

Public Instance Methods

from_jwe(jwe_string) click to toggle source
# File lib/auth_jwt/user_model_additions.rb, line 29
def from_jwe(jwe_string)
  jwe = JSON::JWE.new jwe_string
  jwe.alg, jwe.enc = :RSA1_5, :'A128CBC-HS256'
  jws = jwe.decrypt!(AuthJwt.configuration.private_key).to_s
  jwt = JSON::JWT.decode(jws, AuthJwt.configuration.jwt_sign_key)
  verify_jwt_integrity! jwt
  AuthJwt.configuration.user_class.constantize.find jwt['payload']['user_id']
end

Private Instance Methods

verify_jwt_integrity!(jwt) click to toggle source
# File lib/auth_jwt/user_model_additions.rb, line 40
def verify_jwt_integrity!(jwt)
  fail AuthJwt::Unauthorized, 'Unknown Issuer' if jwt['iss'].nil? || jwt['iss'] != AuthJwt.configuration.iss
  fail AuthJwt::Unauthorized, 'Unknown Audience' if jwt['aud'].nil? || jwt['aud'] != AuthJwt.configuration.aud
  fail AuthJwt::Unauthorized, 'Not Yet Valid' if jwt['nbf'].nil? || Time.new(jwt['nbf']) < Time.now
  fail AuthJwt::Unauthorized, 'Expired' if jwt['exp'].nil? || Time.new(jwt['exp']) < Time.now
  fail AuthJwt::Unauthorized, 'Missing Payload' if jwt['payload'].nil? || jwt['payload']['user_id'].nil?
end