Class: Himari::IdToken

Inherits:

JwtToken

• Object
• JwtToken
• Himari::IdToken

Defined in:

lib/himari/id_token.rb

Instance Attribute Summary

• #nonce ⇒ Object readonly

  Returns the value of attribute nonce.

Attributes inherited from JwtToken

#claims, #client_id, #issuer, #signing_key

Class Method Summary

• .from_authz(authz, **kwargs) ⇒ Object

Instance Method Summary

• #at_hash ⇒ Object
• #final_claims ⇒ Object
• #initialize(nonce:, access_token: nil, **kwargs) ⇒ IdToken constructor

  A new instance of IdToken.

Methods inherited from JwtToken

#jwt_header, #standard_claims, #to_jwt

Constructor Details

#initialize(nonce:, access_token: nil, **kwargs) ⇒ IdToken

Returns a new instance of IdToken.

# File 'lib/himari/id_token.rb', line 23

def initialize(nonce:, access_token: nil, **kwargs)
  super(**kwargs)
  @nonce = nonce
  @access_token = access_token
end

Instance Attribute Details

#nonce ⇒ Object (readonly)

Returns the value of attribute nonce.

# File 'lib/himari/id_token.rb', line 29

def nonce
  @nonce
end

Class Method Details

.from_authz(authz, **kwargs) ⇒ Object

Parameters:

• authz (Himari::AuthorizationCode)

# File 'lib/himari/id_token.rb', line 13

def self.from_authz(authz, **kwargs)
  new(
    claims: authz.claims,
    client_id: authz.client_id,
    nonce: authz.nonce,
    lifetime: authz.lifetime.is_a?(Integer) ? authz.lifetime : authz.lifetime.id_token, # compat
    **kwargs,
  )
end

Instance Method Details

#at_hash ⇒ Object

# File 'lib/himari/id_token.rb', line 40

def at_hash
  return unless @access_token

  dgst = signing_key.hash_function.digest(@access_token)
  Base64.urlsafe_encode64(dgst[0, dgst.size / 2], padding: false)
end

#final_claims ⇒ Object

# File 'lib/himari/id_token.rb', line 31

def final_claims
  # https://openid.net/specs/openid-connect-core-1_0.html#IDToken
  standard_claims.merge(
    @nonce ? {nonce: @nonce} : {},
  ).merge(
    @access_token ? {at_hash: at_hash} : {},
  )
end