Class: Firefighter::TokenGenerator

Inherits:

Object

• Object
• Firefighter::TokenGenerator

Defined in:

lib/firefighter/token_generator.rb

Class Method Summary

• .from_env ⇒ Object

Instance Method Summary

• #create_access_token(expiration: 60 * 60) ⇒ Object
• #create_custom_token(uid, data: {}, expiration: 60 * 60) ⇒ Object
• #initialize(service_account_email:, private_key:, algorithm: 'RS256') ⇒ TokenGenerator constructor

  A new instance of TokenGenerator.

• #read_token(token) ⇒ Object

Constructor Details

#initialize(service_account_email:, private_key:, algorithm: 'RS256') ⇒ TokenGenerator

# File 'lib/firefighter/token_generator.rb', line 14

def initialize(service_account_email:, private_key:, algorithm: 'RS256')
  @service_account_email = service_account_email
  @private_key = private_key
  @algorithm = algorithm
end

Class Method Details

.from_env ⇒ Object

# File 'lib/firefighter/token_generator.rb', line 6

def self.from_env
  config = {
    service_account_email: ENV['FIREBASE_SERVICE_ACCOUNT_EMAIL'],
    private_key: OpenSSL::PKey::RSA.new(ENV['FIREBASE_PRIVATE_KEY_DATA']),
  }
  new(config)
end

Instance Method Details

#create_access_token(expiration: 60 * 60) ⇒ Object

# File 'lib/firefighter/token_generator.rb', line 21

def create_access_token(expiration: 60 * 60)
  now_seconds = Time.now.to_i
  payload = {
      iss: @service_account_email,
      scope: 'https://www.googleapis.com/auth/identitytoolkit',
      aud: 'https://accounts.google.com/o/oauth2/token',
      iat: now_seconds,
      exp: now_seconds + expiration, # Maximum expiration time is one hour
  }
  ::JWT.encode(payload, @private_key, @algorithm)
end

#create_custom_token(uid, data: {}, expiration: 60 * 60) ⇒ Object

# File 'lib/firefighter/token_generator.rb', line 33

def create_custom_token(uid, data: {}, expiration: 60 * 60)
  now_seconds = Time.now.to_i
  payload = {
    iss: @service_account_email,
    sub: @service_account_email,
    aud: 'https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit',
    iat: now_seconds,
    exp: now_seconds + expiration, # Maximum expiration time is one hour
    uid: uid,
    data: data,
  }

  ::JWT.encode(payload, @private_key, @algorithm)
end

#read_token(token) ⇒ Object

# File 'lib/firefighter/token_generator.rb', line 48

def read_token(token)
  JWT.decode(token, @private_key, true, algorithm: @algorithm).first
end