lib/slosilo/keystore.rb in slosilo-0.0.0 vs lib/slosilo/keystore.rb in slosilo-0.1.2
- old
+ new
@@ -5,38 +5,30 @@
def adapter
Slosilo::adapter or raise "No Slosilo adapter is configured or available"
end
def put id, key
- id = id.to_s
- fail ArgumentError, "id can't be empty" if id.empty?
- adapter.put_key id, key
+ adapter.put_key id.to_s, key.to_der
end
- def get opts
- id, fingerprint = opts.is_a?(Hash) ? [nil, opts[:fingerprint]] : [opts, nil]
- if id
- key = adapter.get_key(id.to_s)
- elsif fingerprint
- key, _ = get_by_fingerprint(fingerprint)
- end
- key
+ def get id
+ key = adapter.get_key(id.to_s)
+ key && Key.new(key)
end
-
- def get_by_fingerprint fingerprint
- adapter.get_by_fingerprint fingerprint
- end
- def each &_
- adapter.each { |k, v| yield k, v }
+ def each(&block)
+ adapter.each(&block)
end
def any? &block
- each do |_, k|
- return true if yield k
+ catch :found do
+ adapter.each do |id, k|
+ throw :found if block.call(Key.new(k))
+ end
+ return false
end
- return false
+ true
end
end
class << self
def []= id, value
@@ -57,29 +49,9 @@
def token_valid? token
keystore.any? { |k| k.token_valid? token }
end
- # Looks up the signer by public key fingerprint and checks the validity
- # of the signature. If the token is JWT, exp and/or iat claims are also
- # verified; the caller is responsible for validating any other claims.
- def token_signer token
- begin
- # see if maybe it's a JWT
- token = JWT token
- fingerprint = token.header['kid']
- rescue ArgumentError
- fingerprint = token['key']
- end
-
- key, id = keystore.get_by_fingerprint fingerprint
- if key && key.token_valid?(token)
- return id
- else
- return nil
- end
- end
-
attr_accessor :adapter
private
def keystore
@keystore ||= Keystore.new