Class: Auth0::Mixins::Validation::Algorithm::RS256

Inherits:
JWTAlgorithm
  • Object
show all
Includes:
HTTPProxy
Defined in:
lib/auth0/mixins/validation.rb

Overview

Represents the RS256 algorithm, which rely on public key certificates.

Constant Summary collapse

@@cache =
Zache.new.freeze

Constants included from HTTPProxy

HTTPProxy::BASE_DELAY, HTTPProxy::DEFAULT_RETRIES, HTTPProxy::MAX_ALLOWED_RETRIES, HTTPProxy::MAX_REQUEST_RETRY_DELAY, HTTPProxy::MAX_REQUEST_RETRY_JITTER, HTTPProxy::MIN_REQUEST_RETRY_DELAY

Instance Attribute Summary

Attributes included from HTTPProxy

#base_uri, #headers, #retry_count, #timeout

Class Method Summary collapse

Instance Method Summary collapse

Methods included from HTTPProxy

#add_headers, #call, #encode_uri, #request, #request_with_retry, #retry_options, #safe_parse_json, #url

Constructor Details

#initialize(jwks_url, lifetime) ⇒ RS256

Returns a new instance of RS256.



306
307
308
309
310
311
312
313
# File 'lib/auth0/mixins/validation.rb', line 306

def initialize(jwks_url, lifetime)
  raise Auth0::InvalidParameter, 'Must supply a valid jwks_url' if jwks_url.to_s.empty?
  raise Auth0::InvalidParameter, 'Must supply a valid lifetime' unless lifetime.is_a?(Integer) && lifetime >= 0

  @lifetime = lifetime
  @jwks_url = jwks_url
  @did_fetch_jwks = false
end

Class Method Details

.jwks_url(url, lifetime: 10 * 60) ⇒ RS256

Create a new instance passing the JWK set url.

Parameters:

  • url (string)

    The url where the JWK set is located.

  • lifetime (integer) (defaults to: 10 * 60)

    The lifetime of the JWK set in-memory cache in seconds. Must be a non-negative value. Defaults to *600 seconds* (10 minutes).

Returns:

  • (RS256)

    A new instance.



296
297
298
# File 'lib/auth0/mixins/validation.rb', line 296

def jwks_url(url, lifetime: 10 * 60)
  new url, lifetime
end

.remove_jwksObject

Clear the JWK set cache.



301
302
303
# File 'lib/auth0/mixins/validation.rb', line 301

def remove_jwks
  @@cache.remove_by { true }
end

Instance Method Details

#fetched_jwks?boolean

Returns whether or not the JWK set was fetched from the url.

Returns:

  • (boolean)

    true if a request to the JWK set url was made, false otherwise.



344
345
346
# File 'lib/auth0/mixins/validation.rb', line 344

def fetched_jwks?
  @did_fetch_jwks
end

#jwks(force: false) ⇒ hash

Fetches the JWK set from the in-memory cache or from the url.

Returns:

  • (hash)

    A JWK set.



323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
# File 'lib/auth0/mixins/validation.rb', line 323

def jwks(force: false)
  result = fetch_jwks if force

  if result
    @@cache.put(@jwks_url, result, lifetime: @lifetime)
    return result
  end

  previous_value = @@cache.last(@jwks_url)

  @@cache.get(@jwks_url, lifetime: @lifetime, dirty: true) do
    new_value = fetch_jwks

    raise Auth0::InvalidIdToken, 'Could not fetch the JWK set' unless new_value || previous_value

    new_value || previous_value
  end
end

#namestring

Returns the algorithm name.

Returns:

  • (string)

    The algorithm name.



317
318
319
# File 'lib/auth0/mixins/validation.rb', line 317

def name
  'RS256'
end