Class: Himari::IdToken

Inherits:

Object

Object
Himari::IdToken

show all

Defined in:: lib/himari/id_token.rb

Instance Attribute Summary collapse

#claims ⇒ Object readonly

Returns the value of attribute claims.
#nonce ⇒ Object readonly

Returns the value of attribute nonce.
#signing_key ⇒ Object readonly

Returns the value of attribute signing_key.

Class Method Summary collapse

.from_authz(authz, **kwargs) ⇒ Object

Instance Method Summary collapse

#at_hash ⇒ Object
#final_claims ⇒ Object
#initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now) ⇒ IdToken constructor

A new instance of IdToken.
#to_jwt ⇒ Object

Constructor Details

#initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now) ⇒ `IdToken`

Returns a new instance of IdToken.

# File 'lib/himari/id_token.rb', line 18

def initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now)
  @claims = claims
  @client_id = client_id
  @nonce = nonce
  @signing_key = signing_key
  @issuer = issuer
  @access_token = access_token
  @time = time
end

Instance Attribute Details

#claims ⇒ `Object` (readonly)

Returns the value of attribute claims.



28
29
30

# File 'lib/himari/id_token.rb', line 28

def claims
  @claims
end

#nonce ⇒ `Object` (readonly)

Returns the value of attribute nonce.



28
29
30

# File 'lib/himari/id_token.rb', line 28

def nonce
  @nonce
end

#signing_key ⇒ `Object` (readonly)

Returns the value of attribute signing_key.



28
29
30

# File 'lib/himari/id_token.rb', line 28

def signing_key
  @signing_key
end

Class Method Details

.from_authz(authz, **kwargs) ⇒ `Object`

Parameters:

authz (Himari::AuthorizationCode)

# File 'lib/himari/id_token.rb', line 9

def self.from_authz(authz, **kwargs)
  new(
    claims: authz.claims,
    client_id: authz.client_id,
    nonce: authz.nonce,
    **kwargs
  )
end

Instance Method Details

#at_hash ⇒ `Object`

# File 'lib/himari/id_token.rb', line 45

def at_hash
  return nil unless @access_token
  dgst = @signing_key.hash_function.digest(@access_token)
  Base64.urlsafe_encode64(dgst[0, dgst.size/2], padding: false)
end

#final_claims ⇒ `Object`

# File 'lib/himari/id_token.rb', line 30

def final_claims
  # https://openid.net/specs/openid-connect-core-1_0.html#IDToken
  claims.merge(
    iss: @issuer,
    aud: @client_id,
    iat: @time.to_i,
    nbf: @time.to_i,
    exp: (@time + 3600).to_i, # TODO: lifetime
  ).merge(
    @nonce ? { nonce: @nonce } : {}
  ).merge(
    @access_token ? { at_hash: at_hash } : {}
  )
end

#to_jwt ⇒ `Object`

# File 'lib/himari/id_token.rb', line 51

def to_jwt
  jwt = JSON::JWT.new(final_claims)
  jwt.kid = @signing_key.id
  jwt.sign(@signing_key.pkey, @signing_key.alg.to_sym).to_s
end

Class: Himari::IdToken

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now) ⇒ IdToken

Instance Attribute Details

#claims ⇒ Object (readonly)

#nonce ⇒ Object (readonly)

#signing_key ⇒ Object (readonly)

Class Method Details

.from_authz(authz, **kwargs) ⇒ Object

Instance Method Details

#at_hash ⇒ Object

#final_claims ⇒ Object

#to_jwt ⇒ Object

#initialize(claims:, client_id:, nonce:, signing_key:, issuer:, access_token: nil, time: Time.now) ⇒ `IdToken`

#claims ⇒ `Object` (readonly)

#nonce ⇒ `Object` (readonly)

#signing_key ⇒ `Object` (readonly)

.from_authz(authz, **kwargs) ⇒ `Object`

#at_hash ⇒ `Object`

#final_claims ⇒ `Object`

#to_jwt ⇒ `Object`