Sha256: 2faeeb217dd059372a74b8bd8e3324ec1b68913fc40949d507030bf6aba0fa0b
Contents?: true
Size: 1.34 KB
Versions: 1
Compression:
Stored size: 1.34 KB
Contents
# frozen_string_literal: true
module JWT
module JWK
class KeyFinder
def initialize(options)
jwks_or_loader = options[:jwks]
@jwks = jwks_or_loader if jwks_or_loader.is_a?(Hash)
@jwk_loader = jwks_or_loader if jwks_or_loader.respond_to?(:call)
end
def key_for(kid)
raise ::JWT::DecodeError, 'No key id (kid) found from token headers' unless kid
jwk = resolve_key(kid)
raise ::JWT::DecodeError, 'No keys found in jwks' if jwks_keys.empty?
raise ::JWT::DecodeError, "Could not find public key for kid #{kid}" unless jwk
::JWT::JWK.import(jwk).keypair
end
private
def resolve_key(kid)
jwk = find_key(kid)
return jwk if jwk
if reloadable?
load_keys(invalidate: true, kid_not_found: true, kid: kid) # invalidate for backwards compatibility
return find_key(kid)
end
nil
end
def jwks
return @jwks if @jwks
load_keys
@jwks
end
def load_keys(opts = {})
@jwks = @jwk_loader.call(opts)
end
def jwks_keys
Array(jwks[:keys] || jwks['keys'])
end
def find_key(kid)
jwks_keys.find { |key| (key[:kid] || key['kid']) == kid }
end
def reloadable?
@jwk_loader
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| jwt-2.5.0 | lib/jwt/jwk/key_finder.rb |