Class: Vonage::JWT

Inherits:
Object
  • Object
show all
Defined in:
lib/vonage/jwt.rb

Class Method Summary collapse

Class Method Details

.generate(payload, private_key = nil) ⇒ String

Generate an encoded JSON Web Token.

By default the Vonage Ruby SDK generates a short lived JWT per request.

To generate a long lived JWT for multiple requests or to specify JWT claims directly call generate to generate a token, and set the token attribute on the client object.

Documentation for the Vonage Ruby JWT generator gem can be found at https://www.rubydoc.info/github/Vonage/vonage-jwt-ruby

Examples:

claims = {
  application_id: application_id,
  ttl: 800,
  subject: 'My_Subject'
}

private_key = File.read('path/to/private.key')

client.config.token = Vonage::JWT.generate(claims, private_key)

Parameters:

  • payload (Hash)
  • private_key (String, OpenSSL::PKey::RSA) (defaults to: nil)

Returns:

  • (String)


36
37
38
39
40
41
# File 'lib/vonage/jwt.rb', line 36

def self.generate(payload, private_key = nil)
  raise "Expecting 'private_key' in either the payload or as a separate parameter" if !payload[:private_key] && !private_key

  payload[:private_key] = private_key if private_key && !payload[:private_key]
  @token = Vonage::JWTBuilder.new(payload).jwt.generate
end

.verify_hs256_signature(token:, signature_secret:) ⇒ Boolean

Validate a JSON Web Token from a Vonage Webhook.

Certain Vonage APIs include a JWT signed with a user's account signature secret in the Authorization header of Webhook requests. This method can be used to verify that those requests originate from the Vonage API.

Parameters:

  • :token (String, required)

    The JWT from the Webhook's Authorization header

  • :signature_secret (String, required)

    The account signature secret

Returns:

  • (Boolean)

    true, if the JWT is verified, false otherwise

See Also:



56
57
58
# File 'lib/vonage/jwt.rb', line 56

def self.verify_hs256_signature(token:, signature_secret:)
  verify_signature(token, signature_secret, 'HS256')
end