Sha256: b48315fbb916a9551b24e3713536694d6ff1bc29776745bc23a08d5124e932d2
Contents?: true
Size: 863 Bytes
Versions: 2
Compression:
Stored size: 863 Bytes
Contents
module Keratin::AuthN
class IDTokenVerifier
def initialize(str, keychain)
@id_token = str
@keychain = keychain
@time = Time.now.to_i
end
def subject
jwt['sub']
end
def verified?
jwt.present? &&
token_for_us? &&
!token_expired? &&
token_intact?
end
def token_for_us?
jwt[:aud] == Keratin::AuthN.config.audience
end
def token_expired?
jwt[:exp] < @time
end
def token_intact?
jwt.verify!(@keychain.getset(jwt['iss']){ Issuer.new(jwt['iss']).signing_key })
rescue JSON::JWT::VerificationFailed, JSON::JWT::UnexpectedAlgorithm
false
end
private def jwt
return @jwt if defined? @jwt
@jwt = JSON::JWT.decode(@id_token || '', :skip_verification)
rescue JSON::JWT::InvalidFormat
@jwt = nil
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| keratin-authn-0.1.1 | lib/keratin/authn/id_token_verifier.rb |
| keratin-authn-0.1.0 | lib/keratin/authn/id_token_verifier.rb |