Class: OpenIDConnect::ResponseObject::IdToken

Inherits:

OpenIDConnect::ResponseObject

• Object
• OpenIDConnect::ResponseObject
• OpenIDConnect::ResponseObject::IdToken

Defined in:

lib/openid_connect/response_object/id_token.rb

Defined Under Namespace

Classes: InvalidToken

Class Method Summary

• .decode(jwt_string, key_or_client) ⇒ Object

Instance Method Summary

• #initialize(attributes = {}) ⇒ IdToken constructor

  A new instance of IdToken.

• #to_jwt(key, algorithm = :RS256) ⇒ Object
• #verify!(client_id) ⇒ Object

Methods inherited from OpenIDConnect::ResponseObject

#all_attributes, #as_json, #require_at_least_one_attributes, #validate!

Constructor Details

#initialize(attributes = {}) ⇒ IdToken

Returns a new instance of IdToken.

# File 'lib/openid_connect/response_object/id_token.rb', line 11

def initialize(attributes = {})
  super
  (all_attributes - [:exp]).each do |key|
    self.send "#{key}=", self.send(key).try(:to_s)
  end
  @exp = @exp.to_i
end

Class Method Details

.decode(jwt_string, key_or_client) ⇒ Object

# File 'lib/openid_connect/response_object/id_token.rb', line 33

def decode(jwt_string, key_or_client)
  attributes = case key_or_client
  when Client
    OpenIDConnect::AccessToken.new(
      :client => key_or_client,
      :access_token => jwt_string
    ).id_token!
  else
    new JSON::JWT.decode(jwt_string, key_or_client)
  end
end

Instance Method Details

#to_jwt(key, algorithm = :RS256) ⇒ Object

# File 'lib/openid_connect/response_object/id_token.rb', line 24

def to_jwt(key, algorithm = :RS256)
  token = JSON::JWT.new as_json
  if algorithm != :none
    token = token.sign key, algorithm
  end
  token.to_s
end

#verify!(client_id) ⇒ Object

# File 'lib/openid_connect/response_object/id_token.rb', line 19

def verify!(client_id)
  exp.to_i >= Time.now.to_i && aud == client_id or
  raise InvalidToken.new('Invalid audience or expired')
end