Class: Rack::PrxAuth

Inherits:
Object
  • Object
show all
Defined in:
lib/rack/prx_auth.rb,
lib/rack/prx_auth/token_data.rb,
lib/rack/prx_auth/certificate.rb,
lib/rack/prx_auth/auth_validator.rb

Defined Under Namespace

Classes: AuthValidator, Certificate, TokenData

Constant Summary collapse

INVALID_TOKEN = 
[
  401, {"Content-Type" => "application/json"},
  [{status: 401, error: "Invalid JSON Web Token"}.to_json]
]
DEFAULT_ISS = 
"id.prx.org"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, options = {}) ⇒ PrxAuth

Returns a new instance of PrxAuth.



18
19
20
21
22
 
# File 'lib/rack/prx_auth.rb', line 18

def initialize(app, options = {})
  @app = app
  @certificate = Certificate.new(options[:cert_location])
  @issuer = options[:issuer] || DEFAULT_ISS
end

Instance Attribute Details

#issuerObject (readonly)

Returns the value of attribute issuer.



16
17
18
 
# File 'lib/rack/prx_auth.rb', line 16

def issuer
  @issuer
end

Instance Method Details

#build_auth_validator(token) ⇒ Object 



24
25
26
 
# File 'lib/rack/prx_auth.rb', line 24

def build_auth_validator(token)
  AuthValidator.new(token, @certificate, @issuer)
end

#call(env) ⇒ Object 



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/rack/prx_auth.rb', line 28

def call(env)
  return @app.call(env) unless env["HTTP_AUTHORIZATION"]

  token = env["HTTP_AUTHORIZATION"].split[1]

  auth_validator = build_auth_validator(token)

  return @app.call(env) unless should_validate_token?(auth_validator)

  if auth_validator.valid?
    env["prx.auth"] = TokenData.new(auth_validator.claims)
    @app.call(env)
  else
    INVALID_TOKEN
  end
end