class JWT::Token

Represents a JWT token

Basic token signed using the HS256 algorithm:

token = JWT::Token.new(payload: {pay: 'load'})
token.sign!(algorithm: 'HS256', key: 'secret')
token.jwt # => eyJhb....

Custom headers will be combined with generated headers:

token = JWT::Token.new(payload: {pay: 'load'}, header: {custom: "value"})
token.sign!(algorithm: 'HS256', key: 'secret')
token.header # => {"custom"=>"value", "alg"=>"HS256"}

Attributes

header[R]

Returns the decoded header of the JWT token.

@return [Hash] the header of the JWT token.

payload[R]

Returns the payload of the JWT token.

@return [Hash] the payload of the JWT token.

Public Class Methods

new(payload:, header: {}) click to toggle source

Initializes a new Token instance.

@param header [Hash] the header of the JWT token. @param payload [Hash] the payload of the JWT token.

# File lib/jwt/token.rb, line 24
def initialize(payload:, header: {})
  @header  = header&.transform_keys(&:to_s)
  @payload = payload
end

Public Instance Methods

detach_payload!() click to toggle source

Detaches the payload according to datatracker.ietf.org/doc/html/rfc7515#appendix-F

# File lib/jwt/token.rb, line 84
def detach_payload!
  @detached_payload = true

  nil
end
encoded_header() click to toggle source

Returns the encoded header of the JWT token.

@return [String] the encoded header of the JWT token.

# File lib/jwt/token.rb, line 51
def encoded_header
  @encoded_header ||= ::JWT::Base64.url_encode(JWT::JSON.generate(header))
end
encoded_payload() click to toggle source

Returns the encoded payload of the JWT token.

@return [String] the encoded payload of the JWT token.

# File lib/jwt/token.rb, line 63
def encoded_payload
  @encoded_payload ||= ::JWT::Base64.url_encode(JWT::JSON.generate(payload))
end
encoded_signature() click to toggle source

Returns the encoded signature of the JWT token.

@return [String] the encoded signature of the JWT token.

# File lib/jwt/token.rb, line 39
def encoded_signature
  @encoded_signature ||= ::JWT::Base64.url_encode(signature)
end
jwt() click to toggle source

Returns the JWT token as a string.

@return [String] the JWT token as a string. @raise [JWT::EncodeError] if the token is not signed or other encoding issues

# File lib/jwt/token.rb, line 78
def jwt
  @jwt ||= (@signature && [encoded_header, @detached_payload ? '' : encoded_payload, encoded_signature].join('.')) || raise(::JWT::EncodeError, 'Token is not signed')
end
Also aliased as: to_s
sign!(algorithm:, key:) click to toggle source

Signs the JWT token.

@param algorithm [String, Object] the algorithm to use for signing. @param key [String] the key to use for signing. @return [void] @raise [JWT::EncodeError] if the token is already signed or other problems when signing

# File lib/jwt/token.rb, line 96
def sign!(algorithm:, key:)
  raise ::JWT::EncodeError, 'Token already signed' if @signature

  JWA.resolve(algorithm).tap do |algo|
    header.merge!(algo.header)
    @signature = algo.sign(data: signing_input, signing_key: key)
  end

  nil
end
signature() click to toggle source

Returns the decoded signature of the JWT token.

@return [String] the decoded signature of the JWT token.

# File lib/jwt/token.rb, line 32
def signature
  @signature ||= ::JWT::Base64.url_decode(encoded_signature || '')
end
signing_input() click to toggle source

Returns the signing input of the JWT token.

@return [String] the signing input of the JWT token.

# File lib/jwt/token.rb, line 70
def signing_input
  @signing_input ||= [encoded_header, encoded_payload].join('.')
end
to_s()

Returns the JWT token as a string.

@return [String] the JWT token as a string.

Alias for: jwt