Class: Authify::Middleware::JWTAuth

Inherits:

Object

• Object
• Authify::Middleware::JWTAuth

Includes:

Core::Helpers::JWTSSL

Defined in:

lib/authify/middleware/jwt_auth.rb

Overview

Auth Middleware

Instance Method Summary

• #call(env) ⇒ Object

  rubocop:disable Metrics/MethodLength.

• #initialize(app) ⇒ JWTAuth constructor

  A new instance of JWTAuth.

Constructor Details

#initialize(app) ⇒ JWTAuth

# File 'lib/authify/middleware/jwt_auth.rb', line 7

def initialize(app)
  @app = app
end

Instance Method Details

#call(env) ⇒ Object

rubocop:disable Metrics/MethodLength

# File 'lib/authify/middleware/jwt_auth.rb', line 12

def call(env)
  options = { algorithm: 'ES256', iss: CONFIG[:jwt][:issuer] }
  bearer = env.fetch('HTTP_AUTHORIZATION', '').slice(7..-1)
  payload, _header = JWT.decode bearer, public_key, true, options

  env[:scopes] = payload['scopes']
  env[:user] = payload['user']

  @app.call env
rescue JWT::DecodeError
  [
    401,
    { 'Content-Type' => 'text/plain' },
    ['A token must be passed.']
  ]
rescue JWT::ExpiredSignature
  [
    403,
    { 'Content-Type' => 'text/plain' },
    ['The token has expired.']
  ]
rescue JWT::InvalidIssuerError
  [
    403,
    { 'Content-Type' => 'text/plain' },
    ['The token does not have a valid issuer.']
  ]
rescue JWT::InvalidIatError
  [
    403,
    { 'Content-Type' => 'text/plain' },
    ['The token does not have a valid "issued at" time.']
  ]
end