Sha256: cc34f8f72cbe2ef123eaa23be46e531621f905040aab52d143b46887d9e14c0d

Contents?: true

Size: 1.81 KB

Versions: 5

Compression:

Stored size: 1.81 KB

Contents

# frozen_string_literal: true

module Doorkeeper
  module OpenidConnect
    class IdToken
      include ActiveModel::Validations

      attr_reader :nonce

      def initialize(access_token, nonce = nil)
        @access_token = access_token
        @nonce = nonce
        @resource_owner = Doorkeeper::OpenidConnect.configuration.resource_owner_from_access_token.call(access_token)
        @issued_at = Time.zone.now
      end

      def claims
        {
          iss: issuer,
          sub: subject,
          aud: audience,
          exp: expiration,
          iat: issued_at,
          nonce: nonce,
          auth_time: auth_time
        }.merge ClaimsBuilder.generate(@access_token, :id_token)
      end

      def as_json(*_)
        claims.reject { |_, value| value.nil? || value == '' }
      end

      def as_jws_token
        JSON::JWT.new(as_json).sign(
          Doorkeeper::OpenidConnect.signing_key,
          Doorkeeper::OpenidConnect.signing_algorithm
        ).to_s
      end

      private

      def issuer
        if Doorkeeper::OpenidConnect.configuration.issuer.respond_to?(:call)
          Doorkeeper::OpenidConnect.configuration.issuer.call(@resource_owner, @access_token.application).to_s
        else
          Doorkeeper::OpenidConnect.configuration.issuer
        end
      end

      def subject
        Doorkeeper::OpenidConnect.configuration.subject.call(@resource_owner, @access_token.application).to_s
      end

      def audience
        @access_token.application.try(:uid)
      end

      def expiration
        (@issued_at.utc + Doorkeeper::OpenidConnect.configuration.expiration).to_i
      end

      def issued_at
        @issued_at.utc.to_i
      end

      def auth_time
        Doorkeeper::OpenidConnect.configuration.auth_time_from_resource_owner.call(@resource_owner).try(:to_i)
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
doorkeeper-openid_connect-1.8.3 lib/doorkeeper/openid_connect/id_token.rb
doorkeeper-openid_connect-1.8.2 lib/doorkeeper/openid_connect/id_token.rb
doorkeeper-openid_connect-1.8.1 lib/doorkeeper/openid_connect/id_token.rb
doorkeeper-openid_connect-1.8.0 lib/doorkeeper/openid_connect/id_token.rb
doorkeeper-openid_connect-1.8.0.pre.rc1 lib/doorkeeper/openid_connect/id_token.rb