Sha256: 15f0d8bdb4bd90f243b9b03452aea0e66f63eb78ac8060dbb12f6d09afe11e6f
Contents?: true
Size: 1.33 KB
Versions: 2
Compression:
Stored size: 1.33 KB
Contents
require 'json/jwt'
module OpenIDConnect
class ResponseObject
class IdToken < ResponseObject
class InvalidToken < Exception; end
attr_required :iss, :user_id, :aud, :exp, :nonce
attr_optional :acr, :auth_time
validates :acr, :inclusion => {:in => [0, 1, 2, 3, 4]}, :allow_nil => true
def initialize(attributes = {})
super
(all_attributes - [:exp]).each do |key|
self.send "#{key}=", self.send(key).try(:to_s)
end
@exp = @exp.to_i
end
def verify!(expected = {})
exp.to_i >= Time.now.to_i &&
iss == expected[:issuer] &&
aud == expected[:client_id] &&
nonce == expected[:nonce] or
raise InvalidToken.new('Invalid ID Token')
end
def to_jwt(key, algorithm = :RS256)
token = JSON::JWT.new as_json
if algorithm != :none
token = token.sign key, algorithm
end
token.to_s
end
class << self
def decode(jwt_string, key_or_client)
case key_or_client
when Client
OpenIDConnect::AccessToken.new(
:client => key_or_client,
:access_token => jwt_string
).id_token!
else
new JSON::JWT.decode(jwt_string, key_or_client)
end
end
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| openid_connect-0.1.4 | lib/openid_connect/response_object/id_token.rb |
| openid_connect-0.1.3 | lib/openid_connect/response_object/id_token.rb |