Sha256: ddff670b100e9ad7a6057047a1344d00f3556667caf5c113f6b891b4a02ac498
Contents?: true
Size: 1.25 KB
Versions: 1
Compression:
Stored size: 1.25 KB
Contents
require 'json/jwt'
module OpenIDConnect
class ResponseObject
class IdToken < ResponseObject
class InvalidToken < Exception; end
attr_required :iss, :user_id, :aud, :exp, :nonce
attr_optional :acr, :auth_time
validates :acr, :inclusion => {:in => [0, 1, 2, 3, 4]}, :allow_nil => true
def initialize(attributes = {})
super
(all_attributes - [:exp]).each do |key|
self.send "#{key}=", self.send(key).try(:to_s)
end
@exp = @exp.to_i
end
def verify!(client_id)
exp.to_i >= Time.now.to_i && aud == client_id or
raise InvalidToken.new('Invalid audience or expired')
end
def to_jwt(key, algorithm = :RS256)
token = JSON::JWT.new as_json
if algorithm != :none
token = token.sign key, algorithm
end
token.to_s
end
class << self
def decode(jwt_string, key_or_client)
attributes = case key_or_client
when Client
OpenIDConnect::AccessToken.new(
:client => key_or_client,
:access_token => jwt_string
).id_token!
else
new JSON::JWT.decode(jwt_string, key_or_client)
end
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| openid_connect-0.1.2 | lib/openid_connect/response_object/id_token.rb |