Class: Aha::Auth::TokenCache

Inherits:

Object

• Object
• Aha::Auth::TokenCache

Defined in:

lib/aha/auth/token_cache.rb

Overview

Caches JWKS public keys for JWT verification

Instance Method Summary

• #clear! ⇒ Object

  Clear the cache.

• #get_key(kid, &fetcher) ⇒ OpenSSL::PKey::RSA^?

  Get a public key by key ID, fetching from server if not cached.

• #initialize(ttl:) ⇒ TokenCache constructor

  A new instance of TokenCache.

• #refresh!(&fetcher) ⇒ Object

  Force a refresh of the JWKS cache.

• #stale? ⇒ Boolean

  Check if the cache is stale.

Constructor Details

#initialize(ttl:) ⇒ TokenCache

Returns a new instance of TokenCache.

# File 'lib/aha/auth/token_cache.rb', line 9

def initialize(ttl:)
  @ttl = ttl
  @keys = {}
  @fetched_at = nil
  @mutex = Mutex.new
end

Instance Method Details

#clear! ⇒ Object

Clear the cache

# File 'lib/aha/auth/token_cache.rb', line 43

def clear!
  @mutex.synchronize do
    @keys = {}
    @fetched_at = nil
  end
end

#get_key(kid, &fetcher) ⇒ OpenSSL::PKey::RSA^?

Get a public key by key ID, fetching from server if not cached

Parameters:

• kid (String) —

  The key ID

• fetcher (Proc) —

  A proc that fetches the JWKS from the server

Returns:

• (OpenSSL::PKey::RSA, nil) —

  The public key or nil if not found

# File 'lib/aha/auth/token_cache.rb', line 21

def get_key(kid, &fetcher)
  @mutex.synchronize do
    refresh_if_needed(&fetcher)
    @keys[kid]
  end
end

#refresh!(&fetcher) ⇒ Object

Force a refresh of the JWKS cache

Parameters:

• fetcher (Proc) —

  A proc that fetches the JWKS from the server

# File 'lib/aha/auth/token_cache.rb', line 31

def refresh!(&fetcher)
  @mutex.synchronize do
    fetch_keys(&fetcher)
  end
end

#stale? ⇒ Boolean

Check if the cache is stale

Returns:

• (Boolean)

# File 'lib/aha/auth/token_cache.rb', line 38

def stale?
  @fetched_at.nil? || (Time.now.utc - @fetched_at) > @ttl
end