Class: FireJWT::KeySet

Inherits:
Hash
  • Object
show all
Defined in:
lib/firejwt/key_set.rb

Constant Summary collapse

URL = 
'https://www.googleapis.com/robot/v1/metadata/x509/[email protected]'.freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(url: URL) ⇒ KeySet

Returns a new instance of KeySet.



12
13
14
15
16
17
18
 
# File 'lib/firejwt/key_set.rb', line 12

def initialize(url: URL)
  super()

  @url = URI(url)
  expire!
  refresh!
end

Instance Attribute Details

#expires_atObject (readonly)

Returns the value of attribute expires_at.



10
11
12
 
# File 'lib/firejwt/key_set.rb', line 10

def expires_at
  @expires_at
end

Instance Method Details

#expire!Object 



41
42
43
 
# File 'lib/firejwt/key_set.rb', line 41

def expire!
  @expires_at = Time.at(0)
end

#expired?Boolean

Returns:

  • (Boolean) 


45
46
47
 
# File 'lib/firejwt/key_set.rb', line 45

def expired?
  @expires_at < Time.now
end

#expires_soon?Boolean

Returns:

  • (Boolean) 


49
50
51
 
# File 'lib/firejwt/key_set.rb', line 49

def expires_soon?
  @expires_at < (Time.now + 600)
end

#get(key) ⇒ Object 



20
21
22
23
 
# File 'lib/firejwt/key_set.rb', line 20

def get(key)
  refresh! if expired?
  self[key]
end

#refresh!(limit = 5) ⇒ Object

Raises:

  • (ArgumentError) 


25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/firejwt/key_set.rb', line 25

def refresh!(limit = 5)
  resp = Net::HTTP.get_response(@url)
  unless resp.is_a?(Net::HTTPOK)
    raise "Server responded with #{resp.code}" if limit < 1

    refresh!(limit - 1)
  end

  raise ArgumentError, 'Expires header not included in the response' unless resp['expires']

  @expires_at = Time.httpdate(resp['expires'])
  JSON.parse(resp.body).each do |kid, cert|
    store kid, OpenSSL::X509::Certificate.new(cert).public_key
  end
end