Class: OmniAuth::Strategies::Globalid

Inherits:

OAuth2

• Object
• OAuth2
• OmniAuth::Strategies::Globalid

Defined in:

lib/omniauth/strategies/globalid.rb

Constant Summary

DEFAULT_SCOPE =

"public"

Class Method Summary

• .parse_jwt(id_token) ⇒ Object

Instance Method Summary

• #authorize_params ⇒ Object
• #callback_url ⇒ Object

  github.com/omniauth/omniauth-oauth2/issues/81.

• #decrypted_pii ⇒ Object
• #openid_token ⇒ Object
• #raw_info ⇒ Object

Class Method Details

.parse_jwt(id_token) ⇒ Object

# File 'lib/omniauth/strategies/globalid.rb', line 16

def self.parse_jwt(id_token)
  JWT.decode(id_token, nil, false).first
end

Instance Method Details

#authorize_params ⇒ Object

# File 'lib/omniauth/strategies/globalid.rb', line 25

def authorize_params
  auth_params = super # Get the OAuth2 omniauth params
  # Add the acrc_id if configured
  auth_params[:acrc_id] = options[:acrc_id] if options[:acrc_id]
  # If we are getting pii sharing, we need to have the openid scope
  if pii_sharing?
    auth_params[:scope] = "openid"
  end
  # If we are in the openid scope, we need a nonce
  if options[:scope]&.match?("openid")
    auth_params[:nonce] ||= SecureRandom.hex(24)
  end
  return auth_params unless acrc_id_in_request?
  auth_params.merge(acrc_id: request.params["acrc_id"] || request.params[:acrc_id])
end

#callback_url ⇒ Object

github.com/omniauth/omniauth-oauth2/issues/81

# File 'lib/omniauth/strategies/globalid.rb', line 21

def callback_url
  full_host + script_name + callback_path
end

#decrypted_pii ⇒ Object

# File 'lib/omniauth/strategies/globalid.rb', line 72

def decrypted_pii
  return {} unless openid_token.keys.any? && options[:decrypt_pii_on_login]
  @decrypted_pii ||= vault.decrypted_pii
end

#openid_token ⇒ Object

# File 'lib/omniauth/strategies/globalid.rb', line 61

def openid_token
  return @openid_token if defined?(@openid_token)
  id_token = access_token["id_token"]
  if !id_token
    @openid_token = {}
  else
    @openid_token = self.class.parse_jwt(id_token)
  end
  @openid_token
end

#raw_info ⇒ Object

# File 'lib/omniauth/strategies/globalid.rb', line 54

def raw_info
  return @raw_info if defined?(@raw_info)

  result = api_connection.get("/v1/identities/me")
  @raw_info = JSON.parse(result.body)
end