Class: Unrestful::JsonWebToken

Inherits:
Object
  • Object
show all
Defined in:
lib/unrestful/json_web_token.rb

Constant Summary collapse

LEEWAY = 
30

Class Method Summary collapse

Class Method Details

.jwks_hashObject 



21
22
23
24
25
26
27
28
29
30
31
32
 
# File 'lib/unrestful/json_web_token.rb', line 21

def self.jwks_hash
  jwks_raw = Net::HTTP.get URI("#{Unrestful.configuration.issuer}.well-known/jwks.json")
  jwks_keys = Array(JSON.parse(jwks_raw)['keys'])
  Hash[
    jwks_keys.map do |k|
      [
        k['kid'],
        OpenSSL::X509::Certificate.new(Base64.decode64(k['x5c'].first)).public_key
      ]
    end
  ]
end

.verify(token) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
19
 
# File 'lib/unrestful/json_web_token.rb', line 9

def self.verify(token)
  JWT.decode(token, nil,
             true,
             algorithm: 'RS256',
             iss: Unrestful.configuration.issuer,
             verify_iss: true,
             aud: Unrestful.configuration.audience,
             verify_aud: true) do |header|
    jwks_hash[header['kid']]
  end
end