Class: AgentAdmit::IntrospectionClient::IntrospectionResult
- Inherits:
-
Struct
- Object
- Struct
- AgentAdmit::IntrospectionClient::IntrospectionResult
- Defined in:
- lib/agentadmit/introspection_client.rb
Instance Attribute Summary collapse
-
#agent_label ⇒ Object
Returns the value of attribute agent_label.
-
#app_id ⇒ Object
Returns the value of attribute app_id.
-
#connection_id ⇒ Object
Returns the value of attribute connection_id.
-
#consent ⇒ Object
Returns the value of attribute consent.
-
#exp ⇒ Object
Returns the value of attribute exp.
-
#jti ⇒ Object
Returns the value of attribute jti.
-
#presence ⇒ Object
Returns the value of attribute presence.
-
#role ⇒ Object
Returns the value of attribute role.
-
#scopes ⇒ Object
Returns the value of attribute scopes.
-
#sub ⇒ Object
Returns the value of attribute sub.
-
#user_id ⇒ Object
Returns the value of attribute user_id.
Instance Method Summary collapse
-
#consent_granted? ⇒ Boolean
Consent Ledger verdict for the external-agent path (additive; may be nil).
- #has_scope?(scope) ⇒ Boolean
-
#presence_verified? ⇒ Boolean
Human-presence fact from the WebAuthn step-up (additive; may be nil).
Instance Attribute Details
#agent_label ⇒ Object
Returns the value of attribute agent_label
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def agent_label @agent_label end |
#app_id ⇒ Object
Returns the value of attribute app_id
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def app_id @app_id end |
#connection_id ⇒ Object
Returns the value of attribute connection_id
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def connection_id @connection_id end |
#consent ⇒ Object
Returns the value of attribute consent
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def @consent end |
#exp ⇒ Object
Returns the value of attribute exp
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def exp @exp end |
#jti ⇒ Object
Returns the value of attribute jti
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def jti @jti end |
#presence ⇒ Object
Returns the value of attribute presence
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def presence @presence end |
#role ⇒ Object
Returns the value of attribute role
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def role @role end |
#scopes ⇒ Object
Returns the value of attribute scopes
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def scopes @scopes end |
#sub ⇒ Object
Returns the value of attribute sub
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def sub @sub end |
#user_id ⇒ Object
Returns the value of attribute user_id
18 19 20 |
# File 'lib/agentadmit/introspection_client.rb', line 18 def user_id @user_id end |
Instance Method Details
#consent_granted? ⇒ Boolean
Consent Ledger verdict for the external-agent path (additive; may be nil). A denied verdict means the app returns its own 403 -- the token itself stays valid (consent is orthogonal to revocation).
Contract (matches the PHP and Java SDKs): an ABSENT consent block means a legacy server that never sends one -- treated as allowed, which is also the platform default for the external-agent class. A PRESENT block grants only on an explicit boolean true; a missing or non-boolean granted value is treated as denied (malformed = deny).
34 35 36 37 |
# File 'lib/agentadmit/introspection_client.rb', line 34 def return true if .nil? ["granted"] == true end |
#has_scope?(scope) ⇒ Boolean
21 22 23 |
# File 'lib/agentadmit/introspection_client.rb', line 21 def has_scope?(scope) scopes.include?(scope) end |
#presence_verified? ⇒ Boolean
Human-presence fact from the WebAuthn step-up (additive; may be nil). True ONLY when the connection was authorized by a human who completed a presence ceremony on the consent page: verified must be the boolean true. Unlike consent, absence fails closed -- older servers never send the block, and connections minted without a ceremony carry verified: false, so nil/false/malformed all read as not verified.
45 46 47 |
# File 'lib/agentadmit/introspection_client.rb', line 45 def presence_verified? presence.is_a?(Hash) && presence["verified"] == true end |