Class: Himari::Decisions::Authorization

Inherits:

Base

Object
Base
Himari::Decisions::Authorization

show all

Defined in:: lib/himari/decisions/authorization.rb

Defined Under Namespace

Classes: Context

Constant Summary collapse

DEFAULT_ALLOWED_CLAIMS =

%i(
  sub
  name
  nickname
  preferred_username
  profile
  picture
  website
  email
  email_verified
)

Instance Attribute Summary collapse

#allowed_claims ⇒ Object readonly

Returns the value of attribute allowed_claims.
#claims ⇒ Object readonly

Returns the value of attribute claims.
#lifetime ⇒ Object

Returns the value of attribute lifetime.
#mint_jwt_access_token ⇒ Object

When set by an authz rule, the issued access token is an RFC 9068 JWT instead of an opaque token (the token is still tracked and validated against storage either way).

Attributes inherited from Base

#effect, #effect_comment, #effect_suggestion, #effect_user_facing_message, #rule_name

Instance Method Summary collapse

#as_log ⇒ Object
#initialize(claims: {}, allowed_claims: DEFAULT_ALLOWED_CLAIMS, lifetime: 3600, mint_jwt_access_token: false) ⇒ Authorization constructor

A new instance of Authorization.
#output_claims ⇒ Object
#to_evolve_args ⇒ Object

Methods inherited from Base

#allow!, allow_effects, #continue!, #decide!, #deny!, #evolve, #set_rule_name, #skip!, #to_h

Constructor Details

#initialize(claims: {}, allowed_claims: DEFAULT_ALLOWED_CLAIMS, lifetime: 3600, mint_jwt_access_token: false) ⇒ `Authorization`

Returns a new instance of Authorization.

# File 'lib/himari/decisions/authorization.rb', line 28

def initialize(claims: {}, allowed_claims: DEFAULT_ALLOWED_CLAIMS, lifetime: 3600, mint_jwt_access_token: false)
  super()
  @claims = claims
  @allowed_claims = allowed_claims
  @mint_jwt_access_token = mint_jwt_access_token
  self.lifetime = lifetime
end

Instance Attribute Details

#allowed_claims ⇒ `Object` (readonly)

Returns the value of attribute allowed_claims.



36
37
38

# File 'lib/himari/decisions/authorization.rb', line 36

def allowed_claims
  @allowed_claims
end

#claims ⇒ `Object` (readonly)

Returns the value of attribute claims.



36
37
38

# File 'lib/himari/decisions/authorization.rb', line 36

def claims
  @claims
end

#lifetime ⇒ `Object`

Returns the value of attribute lifetime.



37
38
39

# File 'lib/himari/decisions/authorization.rb', line 37

def lifetime
  @lifetime
end

#mint_jwt_access_token ⇒ `Object`

When set by an authz rule, the issued access token is an RFC 9068 JWT instead of an opaque token (the token is still tracked and validated against storage either way).



41
42
43

# File 'lib/himari/decisions/authorization.rb', line 41

def mint_jwt_access_token
  @mint_jwt_access_token
end

Instance Method Details

#as_log ⇒ `Object`



61
62
63

# File 'lib/himari/decisions/authorization.rb', line 61

def as_log
  to_h.merge(claims: output_claims, lifetime: @lifetime.to_h, mint_jwt_access_token: @mint_jwt_access_token)
end

#output_claims ⇒ `Object`



65
66
67

# File 'lib/himari/decisions/authorization.rb', line 65

def output_claims
  claims.select { |k, _v| allowed_claims.include?(k) }
end

#to_evolve_args ⇒ `Object`

# File 'lib/himari/decisions/authorization.rb', line 52

def to_evolve_args
  {
    claims: @claims.dup,
    allowed_claims: @allowed_claims.dup,
    lifetime: @lifetime,
    mint_jwt_access_token: @mint_jwt_access_token,
  }
end

Class: Himari::Decisions::Authorization

Defined Under Namespace

Constant Summary collapse

Instance Attribute Summary collapse

Attributes inherited from Base

Instance Method Summary collapse

Methods inherited from Base

Constructor Details

#initialize(claims: {}, allowed_claims: DEFAULT_ALLOWED_CLAIMS, lifetime: 3600, mint_jwt_access_token: false) ⇒ Authorization

Instance Attribute Details

#allowed_claims ⇒ Object (readonly)

#claims ⇒ Object (readonly)

#lifetime ⇒ Object

#mint_jwt_access_token ⇒ Object