Class: JSON::JWT

Inherits:

ActiveSupport::HashWithIndifferentAccess

• Object
• ActiveSupport::HashWithIndifferentAccess
• JSON::JWT

Includes:

JOSE

Defined in:

lib/json/jwt.rb

Direct Known Subclasses

JWS

Defined Under Namespace

Classes: Exception, InvalidFormat, UnexpectedAlgorithm, VerificationFailed

Constant Summary

VERSION =

::File.read(
  ::File.join(::File.dirname(__FILE__), '../../VERSION')
).chomp

Instance Attribute Summary

• #blank_payload ⇒ Object

  Returns the value of attribute blank_payload.

• #signature ⇒ Object

  Returns the value of attribute signature.

Class Method Summary

• .decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false) ⇒ Object
• .decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false) ⇒ Object
• .pretty_generate(jwt_string) ⇒ Object

Instance Method Summary

• #as_json(options = {}) ⇒ Object
• #encrypt(public_key_or_secret, algorithm = :RSA1_5, encryption_method = :'A128CBC-HS256') ⇒ Object
• #initialize(claims = {}) ⇒ JWT constructor

  A new instance of JWT.

• #pretty_generate ⇒ Object
• #sign(private_key_or_secret, algorithm = :autodetect) ⇒ Object
• #to_json(*args) ⇒ Object
• #to_s ⇒ Object
• #update(claims) ⇒ Object

Methods included from JOSE

#secure_compare, #with_jwk_support

Constructor Details

#initialize(claims = {}) ⇒ JWT

Returns a new instance of JWT.

# File 'lib/json/jwt.rb', line 25

def initialize(claims = {})
  @content_type = 'application/jwt'
  self.typ = :JWT
  self.alg = :none
  unless claims.nil?
    [:exp, :nbf, :iat].each do |key|
      claims[key] = claims[key].to_i if claims[key]
    end
  end
  update claims
end

Instance Attribute Details

#blank_payload ⇒ Object

Returns the value of attribute blank_payload.

# File 'lib/json/jwt.rb', line 15

def blank_payload
  @blank_payload
end

#signature ⇒ Object

Returns the value of attribute signature.

# File 'lib/json/jwt.rb', line 16

def signature
  @signature
end

Class Method Details

.decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false) ⇒ Object

# File 'lib/json/jwt.rb', line 107

def decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false)
  case jwt_string.count('.') + 1
  when JWS::NUM_OF_SEGMENTS
    JWS.decode_compact_serialized jwt_string, key_or_secret, algorithms, allow_blank_payload
  when JWE::NUM_OF_SEGMENTS
    if allow_blank_payload
      raise InvalidFormat.new("JWE w/ blank payload is not supported.")
    else
      JWE.decode_compact_serialized jwt_string, key_or_secret, algorithms, encryption_methods
    end
  else
    raise InvalidFormat.new("Invalid JWT Format. JWT should include #{JWS::NUM_OF_SEGMENTS} or #{JWE::NUM_OF_SEGMENTS} segments.")
  end
end

.decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false) ⇒ Object

# File 'lib/json/jwt.rb', line 122

def decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil, allow_blank_payload = false)
  input = input.with_indifferent_access
  if (input[:signatures] || input[:signature]).present?
    JWS.decode_json_serialized input, key_or_secret, algorithms, allow_blank_payload
  elsif input[:ciphertext].present?
    JWE.decode_json_serialized input, key_or_secret, algorithms, encryption_methods
  else
    raise InvalidFormat.new("Unexpected JOSE JSON Serialization Format.")
  end
end

.pretty_generate(jwt_string) ⇒ Object

# File 'lib/json/jwt.rb', line 133

def pretty_generate(jwt_string)
  decode(jwt_string, :skip_verification).pretty_generate
end

Instance Method Details

#as_json(options = {}) ⇒ Object

# File 'lib/json/jwt.rb', line 62

def as_json(options = {})
  case options[:syntax]
  when :general
    {
      payload: Base64.urlsafe_encode64(self.to_json, padding: false),
      signatures: [{
        protected: Base64.urlsafe_encode64(header.to_json, padding: false),
        signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
      }]
    }
  when :flattened
    {
      protected: Base64.urlsafe_encode64(header.to_json, padding: false),
      payload:   Base64.urlsafe_encode64(self.to_json, padding: false),
      signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
    }
  else
    super
  end
end

#encrypt(public_key_or_secret, algorithm = :RSA1_5, encryption_method = :'A128CBC-HS256') ⇒ Object

# File 'lib/json/jwt.rb', line 44

def encrypt(public_key_or_secret, algorithm = :RSA1_5, encryption_method = :'A128CBC-HS256')
  jwe = JWE.new self
  jwe.kid ||= public_key_or_secret[:kid] if public_key_or_secret.is_a? JSON::JWK
  jwe.alg = algorithm
  jwe.enc = encryption_method
  jwe.encrypt! public_key_or_secret
end

#pretty_generate ⇒ Object

# File 'lib/json/jwt.rb', line 99

def pretty_generate
  [
    JSON.pretty_generate(header),
    JSON.pretty_generate(self)
  ]
end

#sign(private_key_or_secret, algorithm = :autodetect) ⇒ Object

# File 'lib/json/jwt.rb', line 37

def sign(private_key_or_secret, algorithm = :autodetect)
  jws = JWS.new self
  jws.kid ||= private_key_or_secret[:kid] if private_key_or_secret.is_a? JSON::JWK
  jws.alg = algorithm
  jws.sign! private_key_or_secret
end

#to_json(*args) ⇒ Object

# File 'lib/json/jwt.rb', line 83

def to_json *args
  if @blank_payload && args.empty?
    ''
  else
    super
  end
end

#to_s ⇒ Object

# File 'lib/json/jwt.rb', line 52

def to_s
  [
    header.to_json,
    self.to_json,
    signature
  ].collect do |segment|
    Base64.urlsafe_encode64 segment.to_s, padding: false
  end.join('.')
end

#update(claims) ⇒ Object

# File 'lib/json/jwt.rb', line 91

def update claims
  if claims.nil?
    @blank_payload = true
  else
    super
  end
end