Class: Warden::JWTAuth::UserDecoder

Inherits:

Object

Object
Warden::JWTAuth::UserDecoder

show all

Defined in:: lib/warden/jwt_auth/user_decoder.rb

Overview

Layer above token decoding which directly decodes a user from a JWT

Instance Attribute Summary collapse

#helper ⇒ Object readonly

Returns the value of attribute helper.

Instance Method Summary collapse

#call(token, scope) ⇒ Interfaces::User

Returns the user that is encoded in a JWT.
#initialize(*args) ⇒ UserDecoder constructor

A new instance of UserDecoder.

Constructor Details

#initialize(*args) ⇒ `UserDecoder`

Returns a new instance of UserDecoder.

# File 'lib/warden/jwt_auth/user_decoder.rb', line 13

def initialize(*args)
  super
  @helper = PayloadUserHelper
end

Instance Attribute Details

#helper ⇒ `Object` (readonly)

Returns the value of attribute helper.



11
12
13

# File 'lib/warden/jwt_auth/user_decoder.rb', line 11

def helper
  @helper
end

Instance Method Details

#call(token, scope) ⇒ `Interfaces::User`

Returns the user that is encoded in a JWT. The scope is used to choose the user repository to which send ‘#find_for_jwt_authentication(sub)` with decoded `sub` claim.

encoded user argument

Parameters:

token (String) —

a JWT
scope (Symbol) —

Warden scope

Returns:

(Interfaces::User) —

an user, whatever it is

Raises:

(Errors::RevokedToken) —

when token has been revoked for the
(Errors::WrongScope) —

when encoded scope does not match with scope

# File 'lib/warden/jwt_auth/user_decoder.rb', line 29

def call(token, scope)
  payload = TokenDecoder.new.call(token)
  raise Errors::WrongScope unless helper.scope_matches?(payload, scope)
  user = helper.find_user(payload)
  raise Errors::RevokedToken if revoked?(payload, user, scope)
  user
end