Sha256: fdbd8f69f688d3342b0b90e633c90e8cea208868cbde29ee707e0d0019dfdb49
Contents?: true
Size: 1.89 KB
Versions: 1
Compression:
Stored size: 1.89 KB
Contents
require 'soar_xt'
require 'jwt'
module SoarAuthenticationToken
class TokenValidator
DEFAULT_CONFIGURATION = {
'mode' => 'local',
'expiry' => 604800, #a day in seconds
'public_key' => '',
'url' => ''
} unless defined? DEFAULT_CONFIGURATION; DEFAULT_CONFIGURATION.freeze
def initialize(configuration)
@configuration = merge_with_default_configuration(configuration)
validate_configuration
@public_key = OpenSSL::PKey::EC.new(@configuration['public_key'])
@public_key.private_key = nil
end
def validate(authentication_token)
return validate_locally(authentication_token) if 'local' == @configuration['mode']
return validate_remotely(authentication_token)
end
private
def validate_locally(authentication_token)
decoded_token_payload = decode(authentication_token)
return [false, nil] if expired?(decoded_token_payload[0]['issue_time'])
[true, decoded_token_payload[0]['authenticated_identifier']]
rescue JWT::VerificationError, JWT::DecodeError
[false, nil]
end
def validate_remotely(authentication_token)
[true, 'uuid']
end
def validate_configuration
raise "'mode' must be configured" unless @configuration['mode']
raise "'mode' must be configured as either 'local' or 'remote'" unless ['local','remote'].include?(@configuration['mode'])
raise "'expiry' must be configured" unless @configuration['expiry']
raise "'expiry' must be an integer" unless Integer(@configuration['expiry'])
end
def merge_with_default_configuration(configuration)
Hash.deep_merge(DEFAULT_CONFIGURATION,configuration)
end
def decode(authentication_token)
JWT.decode(authentication_token, @public_key, true, { :algorithm => 'ES512' })
end
def expired?(issue_time)
(Time.parse(issue_time) + @configuration['expiry']) < Time.now
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| soar_authentication_token-0.0.3 | lib/soar_authentication_token/token_validator.rb |