Sha256: a95c7c066bf548c37a70d2e93b9481daf11c48f72c90e7830c515c0eaca50359
Contents?: true
Size: 1.17 KB
Versions: 3
Compression:
Stored size: 1.17 KB
Contents
require 'json/jwt'
require 'rack/prx_auth/certificate'
require 'rack/prx_auth/token_data'
require 'rack/prx_auth/auth_validator'
require 'prx_auth'
module Rack
class PrxAuth
INVALID_TOKEN = [
401, {'Content-Type' => 'application/json'},
[{status: 401, error: 'Invalid JSON Web Token'}.to_json]
]
DEFAULT_ISS = 'id.prx.org'
attr_reader :issuer
def initialize(app, options = {})
@app = app
@certificate = Certificate.new(options[:cert_location])
@issuer = options[:issuer] || DEFAULT_ISS
end
def build_auth_validator(token)
AuthValidator.new(token, @certificate, @issuer)
end
def call(env)
return @app.call(env) unless env['HTTP_AUTHORIZATION']
token = env['HTTP_AUTHORIZATION'].split[1]
auth_validator = build_auth_validator(token)
return @app.call(env) unless should_validate_token?(auth_validator)
if auth_validator.valid?
env['prx.auth'] = TokenData.new(auth_validator.claims)
@app.call(env)
else
INVALID_TOKEN
end
end
private
def should_validate_token?(auth_validator)
auth_validator.token_issuer_matches?
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| prx_auth-1.7.1 | lib/rack/prx_auth.rb |
| prx_auth-1.7.0 | lib/rack/prx_auth.rb |
| prx_auth-1.6.0 | lib/rack/prx_auth.rb |