lib/omniauth/auth0/jwt_validator.rb in omniauth-auth0-2.1.0 vs lib/omniauth/auth0/jwt_validator.rb in omniauth-auth0-2.2.0
- old
+ new
@@ -5,22 +5,25 @@
module OmniAuth
module Auth0
# JWT Validator class
class JWTValidator
- attr_accessor :issuer
+ attr_accessor :issuer, :domain
# Initializer
# @param options object
# options.domain - Application domain.
+ # options.issuer - Application issuer (optional).
# options.client_id - Application Client ID.
# options.client_secret - Application Client Secret.
def initialize(options)
- temp_domain = URI(options.domain)
- temp_domain = URI("https://#{options.domain}") unless temp_domain.scheme
- @issuer = "#{temp_domain}/"
+ @domain = uri_string(options.domain)
+ # Use custom issuer if provided, otherwise use domain
+ @issuer = @domain
+ @issuer = uri_string(options.issuer) if options.respond_to?(:issuer)
+
@client_id = options.client_id
@client_secret = options.client_secret
end
# Decode a JWT.
@@ -95,14 +98,14 @@
raise JWT::VerificationError, :jwks_missing_x5c if jwks_x5c.nil?
jwks_public_cert(jwks_x5c.first)
end
- # Get a JWKS from the issuer
+ # Get a JWKS from the domain
# @return void
def jwks
- jwks_uri = URI(@issuer + '.well-known/jwks.json')
+ jwks_uri = URI(@domain + '.well-known/jwks.json')
@jwks ||= json_parse(Net::HTTP.get(jwks_uri))
end
# Rails Active Support blank method.
# @param obj object - Object to check for blankness.
@@ -114,9 +117,18 @@
# Parse JSON with symbolized names.
# @param json string - JSON to parse.
# @return hash
def json_parse(json)
JSON.parse(json, symbolize_names: true)
+ end
+
+ # Parse a URI into the desired string format
+ # @param uri - the URI to parse
+ # @return string
+ def uri_string(uri)
+ temp_domain = URI(uri)
+ temp_domain = URI("https://#{uri}") unless temp_domain.scheme
+ "#{temp_domain}/"
end
end
end
end