Class: SimpleWebToken::SimpleWebTokenBuilder

Inherits:

Object

• Object
• SimpleWebToken::SimpleWebTokenBuilder

Defined in:

lib/simple_web_token_builder.rb

Overview

Creates a SimpleWebToken using the given parameters plus a hash containing “claims”

Instance Attribute Summary

• #audience ⇒ Object

  Returns the value of attribute audience.

• #expiration ⇒ Object

  Returns the value of attribute expiration.

• #issuer ⇒ Object

  Returns the value of attribute issuer.

• #shared_secret ⇒ Object

  Returns the value of attribute shared_secret.

Instance Method Summary

• #build(claims) ⇒ Object

  Creates and signs the token based on the given claims hash plus the default claims set (issuer, audience, expires_on).

• #claim_pair(key, value) ⇒ Object

  Creates a claim-value pair .

• #convert(claims) ⇒ Object

  Converts a hash of claims into a claim-value pair.

• #default_claim_set ⇒ Object

  Returns the default claim set (issuer, audience, expires_on).

• #initialize(opts = {}) ⇒ SimpleWebTokenBuilder constructor

  Creates a new instance of the SimpleTokenBuilder, if :shared_secret is not provided, an exception will be raised.

• #sign(bare_token) ⇒ Object

  Creates the HMAC-SHA256 signature based on the form-enconded-values representation of the token.

Constructor Details

#initialize(opts = {}) ⇒ SimpleWebTokenBuilder

Creates a new instance of the SimpleTokenBuilder, if :shared_secret is not provided, an exception will be raised

Raises:

• (InvalidOption)

# File 'lib/simple_web_token_builder.rb', line 13

def initialize(opts = {})
  raise InvalidOption, :shared_secret unless opts[:shared_secret]
  self.shared_secret = opts[:shared_secret]
  self.issuer = opts[:issuer]
  self.audience = opts[:audience]
  self.expiration = (opts[:expiration] or 3600)
end

Instance Attribute Details

#audience ⇒ Object

Returns the value of attribute audience.

# File 'lib/simple_web_token_builder.rb', line 9

def audience
  @audience
end

#expiration ⇒ Object

Returns the value of attribute expiration.

# File 'lib/simple_web_token_builder.rb', line 9

def expiration
  @expiration
end

#issuer ⇒ Object

Returns the value of attribute issuer.

# File 'lib/simple_web_token_builder.rb', line 9

def issuer
  @issuer
end

#shared_secret ⇒ Object

Returns the value of attribute shared_secret.

# File 'lib/simple_web_token_builder.rb', line 9

def shared_secret
  @shared_secret
end

Instance Method Details

#build(claims) ⇒ Object

Creates and signs the token based on the given claims hash plus the default claims set (issuer, audience, expires_on)

# File 'lib/simple_web_token_builder.rb', line 23

def build(claims)
  token = (convert(claims) + default_claim_set).join("&")
  return token += "&HMACSHA256=#{CGI.escape(sign(token))}"
end

#claim_pair(key, value) ⇒ Object

Creates a claim-value pair

The given key is converted to PascalCase and merged (_ are removed, words between _ are considered discrete terms hence are uppercased)

Values and Keys are encoded using CGI urlEscaping

NOTE: If the claim value is an array, the given claim value is built as csv (comma-separted-values)

# File 'lib/simple_web_token_builder.rb', line 57

def claim_pair(key, value)
  new_key = key.to_s.downcase.split("_").map{|l| l.capitalize.strip}.join("")
  value = [value].flatten.uniq.join(",")
  [new_key, value.to_s].map{|s| CGI.escape(s)}.join("=")
end

#convert(claims) ⇒ Object

Converts a hash of claims into a claim-value pair

# File 'lib/simple_web_token_builder.rb', line 35

def convert(claims)
  claims.map{|k, v| claim_pair(k, v)}
end

#default_claim_set ⇒ Object

Returns the default claim set (issuer, audience, expires_on)

# File 'lib/simple_web_token_builder.rb', line 40

def default_claim_set
  default_claims = []
  default_claims << claim_pair(:issuer, self.issuer) if(self.issuer)
  default_claims << claim_pair(:audience, self.audience) if(self.audience)
  default_claims << claim_pair(:expires_on, Time.now.to_i + self.expiration) 
  return default_claims
end

#sign(bare_token) ⇒ Object

Creates the HMAC-SHA256 signature based on the form-enconded-values representation of the token

# File 'lib/simple_web_token_builder.rb', line 30

def sign(bare_token)
  signature = Base64.encode64(HMAC::SHA256.new(Base64.decode64(self.shared_secret)).update(bare_token.toutf8).digest).strip
end