Sha256: 9a9bf3a933d8de718c6afe75a409839768fae8f7bc946751a79f74886f835b17
Contents?: true
Size: 1.49 KB
Versions: 1
Compression:
Stored size: 1.49 KB
Contents
# encoding: utf-8
require "logstash/filters/base"
require "logstash/namespace"
require "jwt"
require "jsonpath"
class LogStash::Filters::JwtDecoder < LogStash::Filters::Base
config_name "jwt_decoder"
# The pattern to match the token
config :token_pattern, :validate => :string, :default => /^[Bb]earer\s+(.+)$/
# The capture group index of the matched token
config :match_group_index, :validate => :number, :default => 0
# The path to the access token field
config :access_token_field, :validate => :string, :default => "message"
# The output field
config :output_field, :validate => :string, :default => "jwt_decoded"
# fields to be extracted
config :extract, :validate => :hash, :default => { "userId" => "$..[0].sub"}
public
def register
# Add instance variables
end # def register
public
def filter(event)
# Replace the event message with our message as configured in the
# config file.
raw_message = event.get(@access_token_field)
if(raw_message)
if match = raw_message.match(@token_pattern)
token = match.captures[@match_group_index]
decoded_token = JWT.decode token, nil, false
result = Hash.new
@extract.each do |key, value|
jsonPath = JsonPath.new(value)
result[key] = jsonPath.first(decoded_token)
end
event.set(@output_field, result)
filter_matched(event)
end
end
end # def filter
end # class LogStash::Filters::JwtDecoder
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| logstash-filter-jwt-decoder-1.0.0 | lib/logstash/filters/jwt_decoder.rb |