auth.rb in researchable_jwt-authenticable-1.0.1

- old
+ new

@@ -7,12 +7,10 @@
   # Module that adds jwt authentication methods to the client
   module Auth
     include Exceptions
     include Responses
 
-    ALGORITHM = JwtAuthenticable.config.algorithm
-
     # Authenticates a user.
     # @raise MissingAuthScope if the jwt does not have the right scope
     def authenticate_user!
       validate_jwt_token! token: authorization_token!
     rescue MissingAuth, MissingAuthScope, InvalidAuthScheme, JWT::VerificationError, JWT::ExpiredSignature => e
@@ -28,11 +26,12 @@
     # @param is_researcher [Boolean] Whether to validate the token as a researcher's or a participant's
     # @raise AuthorizationError if the user is trying to login with the incorrect rights.
     # @return [Hash] the JWT payload
     def validate_jwt_token!(token:)
       # NOTE: it is still safe if JWT_SECRET_KEY is not set. The method will trigger a JWT exception
-      JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true, { algorithm: ALGORITHM }).first
+      JWT.decode(token, JwtAuthenticable.config.jwt_secret_key, true,
+                 { algorithm: algorithm }).first
     end
 
     # Extracts the authorization token from the Authorization header
     # @note For now we only support Bearer schema with JWT
     # @raise [Exceptions::MissingAuth] Authorization header not present or empty
@@ -46,8 +45,16 @@
 
       raise MissingAuth if auth_token.nil? || auth_token == ''
       raise InvalidAuthScheme if auth_token[0..6] != 'Bearer '
 
       auth_token[7..]
+    end
+
+    def algorithm
+      supported_algos.find { |algo| algo == JwtAuthenticable.config.algorithm } || 'HS256'
+    end
+
+    def supported_algos
+      SUPPORTED_ALGOS.flat_map { |algo_class| algo_class.const_get(:SUPPORTED) }
     end
   end
 end