Class: AgentAdmit::IntrospectionClient::IntrospectionResult

Inherits:
Struct
  • Object
show all
Defined in:
lib/agentadmit/introspection_client.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#agent_labelObject

Returns the value of attribute agent_label

Returns:

  • (Object)

    the current value of agent_label



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def agent_label
  @agent_label
end

#app_idObject

Returns the value of attribute app_id

Returns:

  • (Object)

    the current value of app_id



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def app_id
  @app_id
end

#connection_idObject

Returns the value of attribute connection_id

Returns:

  • (Object)

    the current value of connection_id



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def connection_id
  @connection_id
end

Returns the value of attribute consent

Returns:

  • (Object)

    the current value of consent



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def consent
  @consent
end

#expObject

Returns the value of attribute exp

Returns:

  • (Object)

    the current value of exp



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def exp
  @exp
end

#jtiObject

Returns the value of attribute jti

Returns:

  • (Object)

    the current value of jti



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def jti
  @jti
end

#presenceObject

Returns the value of attribute presence

Returns:

  • (Object)

    the current value of presence



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def presence
  @presence
end

#roleObject

Returns the value of attribute role

Returns:

  • (Object)

    the current value of role



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def role
  @role
end

#scopesObject

Returns the value of attribute scopes

Returns:

  • (Object)

    the current value of scopes



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def scopes
  @scopes
end

#subObject

Returns the value of attribute sub

Returns:

  • (Object)

    the current value of sub



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def sub
  @sub
end

#user_idObject

Returns the value of attribute user_id

Returns:

  • (Object)

    the current value of user_id



18
19
20
# File 'lib/agentadmit/introspection_client.rb', line 18

def user_id
  @user_id
end

Instance Method Details

Consent Ledger verdict for the external-agent path (additive; may be nil). A denied verdict means the app returns its own 403 -- the token itself stays valid (consent is orthogonal to revocation).

Contract (matches the PHP and Java SDKs): an ABSENT consent block means a legacy server that never sends one -- treated as allowed, which is also the platform default for the external-agent class. A PRESENT block grants only on an explicit boolean true; a missing or non-boolean granted value is treated as denied (malformed = deny).

Returns:

  • (Boolean)


34
35
36
37
# File 'lib/agentadmit/introspection_client.rb', line 34

def consent_granted?
  return true if consent.nil?
  consent["granted"] == true
end

#has_scope?(scope) ⇒ Boolean

Returns:

  • (Boolean)


21
22
23
# File 'lib/agentadmit/introspection_client.rb', line 21

def has_scope?(scope)
  scopes.include?(scope)
end

#presence_verified?Boolean

Human-presence fact from the WebAuthn step-up (additive; may be nil). True ONLY when the connection was authorized by a human who completed a presence ceremony on the consent page: verified must be the boolean true. Unlike consent, absence fails closed -- older servers never send the block, and connections minted without a ceremony carry verified: false, so nil/false/malformed all read as not verified.

Returns:

  • (Boolean)


45
46
47
# File 'lib/agentadmit/introspection_client.rb', line 45

def presence_verified?
  presence.is_a?(Hash) && presence["verified"] == true
end