Class: NZCovidPass
- Inherits:
-
Object
- Object
- NZCovidPass
- Defined in:
- lib/nz_covid_pass.rb
Constant Summary collapse
- Error =
Class.new(StandardError)
- ParseError =
Class.new(Error)
- NetworkError =
Class.new(Error)
- NotYetValidError =
Class.new(Error)
- ExpiredError =
Class.new(Error)
- VERSION_IDENTIFIER =
"1"
- TRUSTED_ISSUER_IDENTIFIERS =
[ "did:web:nzcp.identity.health.nz", ]
- TEST_TRUSTED_ISSUER_IDENTIFIERS =
[ "did:web:nzcp.covid19.health.nz", ]
Instance Method Summary collapse
- #dob ⇒ Object
- #family_name ⇒ Object
- #given_name ⇒ Object
-
#initialize(code, allow_test_issuers: false, time: Time.now, cache: nil) ⇒ NZCovidPass
constructor
A new instance of NZCovidPass.
- #jti ⇒ Object
- #verify! ⇒ Object
- #version ⇒ Object
Constructor Details
#initialize(code, allow_test_issuers: false, time: Time.now, cache: nil) ⇒ NZCovidPass
Returns a new instance of NZCovidPass.
28 29 30 31 32 33 34 35 |
# File 'lib/nz_covid_pass.rb', line 28 def initialize(code, allow_test_issuers: false, time: Time.now, cache: nil) @code = code @allow_test_issuers = allow_test_issuers @time = time @cache = cache verify! end |
Instance Method Details
#dob ⇒ Object
64 65 66 |
# File 'lib/nz_covid_pass.rb', line 64 def dob credential_subject["dob"] && Date.parse(credential_subject["dob"]) end |
#family_name ⇒ Object
60 61 62 |
# File 'lib/nz_covid_pass.rb', line 60 def family_name credential_subject["familyName"] end |
#given_name ⇒ Object
56 57 58 |
# File 'lib/nz_covid_pass.rb', line 56 def given_name credential_subject["givenName"] end |
#jti ⇒ Object
68 69 70 71 72 73 74 |
# File 'lib/nz_covid_pass.rb', line 68 def jti cti = cwt.cti if cti.length == 16 match = cti.unpack("H32").first.match(/^(.{8})(.{4})(.{4})(.{4})(.{12})$/) "urn:uuid:#{match.captures.join("-")}" end end |
#verify! ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/nz_covid_pass.rb', line 37 def verify! raise ParseError, "invalid URL format" unless url_components raise ParseError, "scheme must be NZCP" unless url_components[:scheme] == "NZCP" raise ParseError, "version must be #{VERSION_IDENTIFIER}" unless url_components[:version] == VERSION_IDENTIFIER raise ParseError, "ALG must be ES256 (-7)" unless alg == -7 raise ParseError, "invalid issuer" unless trusted_issuer_identifiers.include?(cwt.iss) raise ParseError, "no vc claim" unless vc raise ParseError, "invalid vc @context" unless vc["@context"].first == "https://www.w3.org/2018/credentials/v1" raise ParseError, "invalid vc type" unless vc["type"] == ["VerifiableCredential", "PublicCovidPass"] raise NotYetValidError, "not yet valid" if cwt.nbf > @time.to_i raise ExpiredError, "expired" if cwt.exp < @time.to_i raise ParseError, "invalid jti" unless jti raise ParseError, "credentialSubject missing" unless credential_subject raise ParseError, "givenName missing" unless given_name raise ParseError, "dob missing" unless dob sign1.verify(retrieve_public_key) end |
#version ⇒ Object
76 77 78 |
# File 'lib/nz_covid_pass.rb', line 76 def version vc["version"] end |