Class: KeycloakRack::DecodeAndVerify

Inherits:
Object
  • Object
show all
Defined in:
lib/keycloak_rack/decode_and_verify.rb

Overview

Accept an encoded JWT and return the raw token.

Instance Method Summary collapse

Instance Method Details

#call(token) ⇒ Dry::Monads::Success(Hash, Hash), ...

Parameters:

  • token (String)

Returns:

  • (Dry::Monads::Success(Hash, Hash))

    a tuple of the JWT payload and its headers

  • (Dry::Monads::Failure(:expired, String, String, Exception))
  • (Dry::Monads::Failure(:decoding_failed, String, Exception))


19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# File 'lib/keycloak_rack/decode_and_verify.rb', line 19

def call(token)
  jwks = yield key_resolver.find_public_keys

  algorithms = yield algorithms_for jwks

  options = {
    algorithms: algorithms,
    leeway: token_leeway,
    jwks: jwks
  }

  payload, headers = JWT.decode token, nil, true, options
rescue JWT::ExpiredSignature => e
  Failure[:expired, "JWT is expired", token, e]
rescue JWT::DecodeError => e
  Failure[:decoding_failed, "Failed to decode JWT", e]
else
  Success[payload, headers]
end