Sha256: ade89582009d8ee23cc7f42d6021bd07985bdb6898f145abd67255db8da397fa
Contents?: true
Size: 1.48 KB
Versions: 2
Compression:
Stored size: 1.48 KB
Contents
require "jwt"
require "json/jwt"
require "rest-client"
module ServerlessHub
class AuthorizerTokenDecoder
def initialize(app)
@app = app
end
def call(env)
if env["HTTP_AUTHORIZATION"]
tokens = decoded_token(env["HTTP_AUTHORIZATION"])
if tokens.present?
claims = tokens[0]
env["lambda.event"]["requestContext"]["authorizer"] = {
"principalId" => claims["sub"],
"claims" => claims,
}
end
end
return @app.call(env)
end
def self.jwks
RestClient.get(ENV["JWKS_URL"] || "")
end
private
def decoded_token(token)
token = token.strip
if token.include? ' '
token = token.split(" ").last
end
decoded = JWT.decode token, jwk_set.first.to_key, false, { algorithm: "RS256" }
key_id = decoded[1]['kid']
key = jwk_set.find { |key_obj| key_obj['kid'] == key_id }
if key == nil
return ""
end
JWT.decode token, key.to_key, true, { algorithm: "RS256" } rescue ""
end
def jwk_set
@jwk_set ||= JSON::JWK::Set.new(
JSON.parse(
AuthorizerTokenDecoder.jwks
)
)
end
end
class Authorizer
def initialize(app)
@app = app
end
def call(env)
if env["lambda.event"] && env["lambda.event"]["requestContext"]
env["authorizer"] = env["lambda.event"]["requestContext"]["authorizer"]
end
return @app.call(env)
end
end
end
Version data entries
2 entries across 2 versions & 2 rubygems
| Version | Path |
|---|---|
| serverless_hub-1.1.1 | lib/serverless_hub/authorizer.rb |
| m_serverless_hub-0.0.1 | lib/serverless_hub/authorizer.rb |