Method: InstAccess::Token.from_token_string

Defined in:
lib/inst_access/token.rb

.from_token_string(jws) ⇒ Object

Takes an unencrypted (but signed) token string

Raises:



139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
 
# File 'lib/inst_access/token.rb', line 139

def from_token_string(jws)
  service_jwks = InstAccess.config.service_jwks
  jwt = if service_jwks.present?
    begin
      JSON::JWT.decode(jws, service_jwks)
    rescue StandardError
      nil
    end
  end

  sig_key = InstAccess.config.signing_key
  jwt ||= begin
    JSON::JWT.decode(jws, sig_key)
  rescue StandardError => e
    raise InvalidToken, e
  end
  raise TokenExpired if jwt[:exp] < Time.now.to_i

  new(jwt.to_hash)
end