Class: Fridge::AccessToken

Inherits:

Object

• Object
• Fridge::AccessToken

Defined in:

lib/fridge/access_token.rb

Instance Attribute Summary

• #attributes ⇒ Object

  Returns the value of attribute attributes.

• #expires_at ⇒ Object

  Returns the value of attribute expires_at.

• #id ⇒ Object

  Returns the value of attribute id.

• #issuer ⇒ Object

  Returns the value of attribute issuer.

• #jwt ⇒ Object

  Returns the value of attribute jwt.

• #scope ⇒ Object

  Returns the value of attribute scope.

• #subject ⇒ Object

  Returns the value of attribute subject.

Instance Method Summary

• #algorithm ⇒ Object
• #config ⇒ Object
• #decode_and_verify(jwt) ⇒ Object

  rubocop:disable MethodLength.

• #encode_and_sign ⇒ Object
• #expired? ⇒ Boolean
• #initialize(jwt_or_options = nil) ⇒ AccessToken constructor

  rubocop:disable MethodLength.

• #private_key ⇒ Object
• #public_key ⇒ Object
• #serialize ⇒ Object
• #to_s ⇒ Object

  rubocop:enable MethodLength.

• #valid? ⇒ Boolean

  rubocop:enable MethodLength.

Constructor Details

#initialize(jwt_or_options = nil) ⇒ AccessToken

rubocop:disable MethodLength

# File 'lib/fridge/access_token.rb', line 9

def initialize(jwt_or_options = nil)
  options = case jwt_or_options
            when String
              self.jwt = jwt_or_options
              validate_public_key!
              decode_and_verify(jwt_or_options)
            when Hash then jwt_or_options
            else {}
            end
  [:id, :issuer, :subject, :scope, :expires_at].each do |key|
    send "#{key}=", options.delete(key)
  end
  self.attributes = options.reject { |k, v| v.nil? }
  self.attributes = Hash[attributes.map { |k, v| [k.to_sym, v] }]
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method, *args, &block) ⇒ Object (protected)

# File 'lib/fridge/access_token.rb', line 100

def method_missing(method, *args, &block)
  if attributes.key?(method)
    attributes[method]
  else
    super
  end
end

Instance Attribute Details

#attributes ⇒ Object

Returns the value of attribute attributes.

# File 'lib/fridge/access_token.rb', line 5

def attributes
  @attributes
end

#expires_at ⇒ Object

Returns the value of attribute expires_at.

# File 'lib/fridge/access_token.rb', line 5

def expires_at
  @expires_at
end

#id ⇒ Object

Returns the value of attribute id.

# File 'lib/fridge/access_token.rb', line 5

def id
  @id
end

#issuer ⇒ Object

Returns the value of attribute issuer.

# File 'lib/fridge/access_token.rb', line 5

def issuer
  @issuer
end

#jwt ⇒ Object

Returns the value of attribute jwt.

# File 'lib/fridge/access_token.rb', line 5

def jwt
  @jwt
end

#scope ⇒ Object

Returns the value of attribute scope.

# File 'lib/fridge/access_token.rb', line 5

def scope
  @scope
end

#subject ⇒ Object

Returns the value of attribute subject.

# File 'lib/fridge/access_token.rb', line 5

def subject
  @subject
end

Instance Method Details

#algorithm ⇒ Object

# File 'lib/fridge/access_token.rb', line 90

def algorithm
  config.signing_algorithm
end

#config ⇒ Object

# File 'lib/fridge/access_token.rb', line 94

def config
  Fridge.configuration
end

#decode_and_verify(jwt) ⇒ Object

rubocop:disable MethodLength

# File 'lib/fridge/access_token.rb', line 50

def decode_and_verify(jwt)
  hash = JWT.decode(jwt, public_key)
  base = {
    id: hash.delete('id'),
    issuer: hash.delete('iss'),
    subject: hash.delete('sub'),
    scope: hash.delete('scope'),
    expires_at: Time.at(hash.delete('exp'))
  }
  base.merge(hash)
rescue JWT::DecodeError
  raise InvalidToken, 'Invalid access token'
end

#encode_and_sign ⇒ Object

# File 'lib/fridge/access_token.rb', line 37

def encode_and_sign
  JWT.encode({
    id: id,
    iss: issuer,
    sub: subject,
    scope: scope,
    exp: expires_at.to_i
  }.merge(attributes), private_key, algorithm)
rescue
  raise SerializationError, 'Invalid private key or signing algorithm'
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fridge/access_token.rb', line 69

def expired?
  expires_at.nil? || expires_at < Time.now
end

#private_key ⇒ Object

# File 'lib/fridge/access_token.rb', line 73

def private_key
  return unless config.private_key
  @private_key ||= OpenSSL::PKey::RSA.new(config.private_key)
rescue
  nil
end

#public_key ⇒ Object

# File 'lib/fridge/access_token.rb', line 80

def public_key
  if config.private_key
    @public_key ||= OpenSSL::PKey::RSA.new(config.private_key).public_key
  elsif config.public_key
    @public_key ||= OpenSSL::PKey::RSA.new(config.public_key)
  end
rescue
  nil
end

#serialize ⇒ Object

# File 'lib/fridge/access_token.rb', line 30

def serialize
  return jwt if jwt
  validate_parameters!
  validate_private_key!
  encode_and_sign
end

#to_s ⇒ Object

rubocop:enable MethodLength

# File 'lib/fridge/access_token.rb', line 26

def to_s
  serialize
end

#valid? ⇒ Boolean

rubocop:enable MethodLength

Returns:

• (Boolean)

# File 'lib/fridge/access_token.rb', line 65

def valid?
  !expired?
end