Class: Doorkeeper::OpenidConnect::IdToken

Inherits:

Object

• Object
• Doorkeeper::OpenidConnect::IdToken

Includes:

ActiveModel::Validations

Defined in:

lib/doorkeeper/openid_connect/id_token.rb

Direct Known Subclasses

IdTokenToken

Instance Attribute Summary

• #nonce ⇒ Object readonly

  Returns the value of attribute nonce.

Instance Method Summary

• #as_json(*_) ⇒ Object
• #as_jws_token ⇒ Object
• #claims ⇒ Object
• #initialize(access_token, nonce = nil) ⇒ IdToken constructor

  A new instance of IdToken.

Constructor Details

#initialize(access_token, nonce = nil) ⇒ IdToken

Returns a new instance of IdToken.

# File 'lib/doorkeeper/openid_connect/id_token.rb', line 10

def initialize(access_token, nonce = nil)
  @access_token = access_token
  @nonce = nonce
  @resource_owner = Doorkeeper::OpenidConnect.configuration.resource_owner_from_access_token.call(access_token)
  @issued_at = Time.zone.now
end

Instance Attribute Details

#nonce ⇒ Object (readonly)

Returns the value of attribute nonce.

# File 'lib/doorkeeper/openid_connect/id_token.rb', line 8

def nonce
  @nonce
end

Instance Method Details

#as_json(*_) ⇒ Object

# File 'lib/doorkeeper/openid_connect/id_token.rb', line 29

def as_json(*_)
  claims.reject { |_, value| value.nil? || value == '' }
end

#as_jws_token ⇒ Object

# File 'lib/doorkeeper/openid_connect/id_token.rb', line 33

def as_jws_token
  JWT.encode(as_json,
    Doorkeeper::OpenidConnect.signing_key.keypair,
    Doorkeeper::OpenidConnect.signing_algorithm.to_s,
    { kid: Doorkeeper::OpenidConnect.signing_key.kid }
  ).to_s
end

#claims ⇒ Object

# File 'lib/doorkeeper/openid_connect/id_token.rb', line 17

def claims
  {
    iss: issuer,
    sub: subject,
    aud: audience,
    exp: expiration,
    iat: issued_at,
    nonce: nonce,
    auth_time: auth_time
  }.merge ClaimsBuilder.generate(@access_token, :id_token)
end