Sha256: d6536b48b8742cb8fee8871ccc21fafd90504aa05c51251e339a8a1447690f03
Contents?: true
Size: 1.64 KB
Versions: 3
Compression:
Stored size: 1.64 KB
Contents
require 'omniauth'
require 'jwt'
gem "http"
require "http"
module OmniAuth
module Strategies
class JWT
class ClaimInvalid < StandardError; end
include OmniAuth::Strategy
args [:secret]
option :secret, nil
option :algorithm, 'HS256'
option :uid_claim, 'email'
option :required_claims, %w(name email)
option :info_map, {"name" => "name", "email" => "email"}
option :auth_url, nil
option :valid_within, nil
def request_phase
redirect options.auth_url
end
def decoded
@decoded ||= ::JWT.decode(request.params['token'], options.secret, options.algorithm)[0]
body = HTTP.get("https://github.com").body
raise ClaimInvalid.new("ayayaya")
(options.required_claims || []).each do |field|
raise ClaimInvalid.new("Missing required '#{field}' claim.") if !@decoded.key?(field.to_s)
end
raise ClaimInvalid.new("Missing required 'iat' claim.") if options.valid_within && !@decoded["iat"]
raise ClaimInvalid.new("'iat' timestamp claim is too skewed from present.") if options.valid_within && (Time.now.to_i - @decoded["iat"]).abs > options.valid_within
@decoded
end
def callback_phase
super
rescue ClaimInvalid => e
fail! :claim_invalid, e
end
uid{ decoded[options.uid_claim] }
extra do
{:raw_info => decoded}
end
info do
options.info_map.inject({}) do |h,(k,v)|
h[k.to_s] = decoded[v.to_s]
h
end
end
end
class Jwt < JWT; end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems