Class: Fridge::AccessToken

Inherits:

Object

• Object
• Fridge::AccessToken

Defined in:

lib/fridge/access_token.rb

Instance Attribute Summary

• #actor ⇒ Object

  Returns the value of attribute actor.

• #attributes ⇒ Object

  Returns the value of attribute attributes.

• #expires_at ⇒ Object

  Returns the value of attribute expires_at.

• #id ⇒ Object

  Returns the value of attribute id.

• #issuer ⇒ Object

  Returns the value of attribute issuer.

• #jwt ⇒ Object

  Returns the value of attribute jwt.

• #scope ⇒ Object

  Returns the value of attribute scope.

• #subject ⇒ Object

  Returns the value of attribute subject.

Instance Method Summary

• #algorithm ⇒ Object
• #config ⇒ Object
• #decode_and_verify(jwt) ⇒ Object
• #downgrade ⇒ Object
• #encode_and_sign ⇒ Object
• #expired? ⇒ Boolean
• #initialize(jwt_or_options = nil) ⇒ AccessToken constructor

  A new instance of AccessToken.

• #private_key ⇒ Object
• #public_key ⇒ Object
• #serialize ⇒ Object
• #to_s ⇒ Object
• #valid? ⇒ Boolean

Constructor Details

#initialize(jwt_or_options = nil) ⇒ AccessToken

Returns a new instance of AccessToken.

# File 'lib/fridge/access_token.rb', line 8

def initialize(jwt_or_options = nil)
  options = case jwt_or_options
            when String
              self.jwt = jwt_or_options
              validate_public_key!
              decode_and_verify(jwt_or_options)
            when Hash then jwt_or_options
            else {}
            end

  [:id, :issuer, :subject, :scope, :expires_at, :actor].each do |key|
    send "#{key}=", options.delete(key)
  end
  self.attributes = options
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(method, *args, &block) ⇒ Object (protected)

# File 'lib/fridge/access_token.rb', line 97

def method_missing(method, *args, &block)
  if attributes.key?(method)
    attributes[method]
  else
    super
  end
end

Instance Attribute Details

#actor ⇒ Object

Returns the value of attribute actor.

# File 'lib/fridge/access_token.rb', line 5

def actor
  @actor
end

#attributes ⇒ Object

Returns the value of attribute attributes.

# File 'lib/fridge/access_token.rb', line 5

def attributes
  @attributes
end

#expires_at ⇒ Object

Returns the value of attribute expires_at.

# File 'lib/fridge/access_token.rb', line 5

def expires_at
  @expires_at
end

#id ⇒ Object

Returns the value of attribute id.

# File 'lib/fridge/access_token.rb', line 5

def id
  @id
end

#issuer ⇒ Object

Returns the value of attribute issuer.

# File 'lib/fridge/access_token.rb', line 5

def issuer
  @issuer
end

#jwt ⇒ Object

Returns the value of attribute jwt.

# File 'lib/fridge/access_token.rb', line 5

def jwt
  @jwt
end

#scope ⇒ Object

Returns the value of attribute scope.

# File 'lib/fridge/access_token.rb', line 5

def scope
  @scope
end

#subject ⇒ Object

Returns the value of attribute subject.

# File 'lib/fridge/access_token.rb', line 5

def subject
  @subject
end

Instance Method Details

#algorithm ⇒ Object

# File 'lib/fridge/access_token.rb', line 87

def algorithm
  config.signing_algorithm
end

#config ⇒ Object

# File 'lib/fridge/access_token.rb', line 91

def config
  Fridge.configuration
end

#decode_and_verify(jwt) ⇒ Object

# File 'lib/fridge/access_token.rb', line 48

def decode_and_verify(jwt)
  payload, _header = JWT.decode(jwt, public_key, true, algorithm: algorithm)
  decode_from_jwt(payload)
rescue JWT::ExpiredSignature => e
  raise ExpiredToken, e.message
rescue JWT::DecodeError => e
  raise InvalidToken, e.message
end

#downgrade ⇒ Object

# File 'lib/fridge/access_token.rb', line 57

def downgrade
  self.scope = 'read'
end

#encode_and_sign ⇒ Object

# File 'lib/fridge/access_token.rb', line 36

def encode_and_sign
  h = {}
  [:id, :issuer, :subject, :scope, :expires_at, :actor].each do |key|
    h[key] = send(key)
  end
  h.merge!(attributes)
  h = encode_for_jwt(h)
  JWT.encode(h, private_key, algorithm)
rescue StandardError
  raise SerializationError, 'Invalid private key or signing algorithm'
end

#expired? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fridge/access_token.rb', line 65

def expired?
  expires_at.nil? || expires_at < Time.now
end

#private_key ⇒ Object

# File 'lib/fridge/access_token.rb', line 69

def private_key
  return unless config.private_key

  @private_key ||= OpenSSL::PKey::RSA.new(config.private_key)
rescue StandardError
  nil
end

#public_key ⇒ Object

# File 'lib/fridge/access_token.rb', line 77

def public_key
  if config.private_key
    @public_key ||= OpenSSL::PKey::RSA.new(config.private_key).public_key
  elsif config.public_key
    @public_key ||= OpenSSL::PKey::RSA.new(config.public_key)
  end
rescue StandardError
  nil
end

#serialize ⇒ Object

# File 'lib/fridge/access_token.rb', line 28

def serialize
  return jwt if jwt

  validate_parameters!
  validate_private_key!
  encode_and_sign
end

#to_s ⇒ Object

# File 'lib/fridge/access_token.rb', line 24

def to_s
  serialize
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/fridge/access_token.rb', line 61

def valid?
  !expired?
end