Module: JIRA::Atlassian::Jwt

Defined in:

lib/jira/atlassian/jwt.rb

Constant Summary

CANONICAL_QUERY_SEPARATOR =

'&'

ESCAPED_CANONICAL_QUERY_SEPARATOR =

'%26'

Class Method Summary

• .build_claims(issuer, url, http_method, base_url = '', issued_at = nil, expires = nil, attributes = {}) ⇒ Object

  rubocop:disable Metrics/ParameterLists.

• .canonicalize_query_string(query) ⇒ Object
• .canonicalize_uri(uri, base_uri) ⇒ Object
• .create_canonical_request(uri, http_method, base_uri) ⇒ Object

Class Method Details

.build_claims(issuer, url, http_method, base_url = '', issued_at = nil, expires = nil, attributes = {}) ⇒ Object

rubocop:disable Metrics/ParameterLists

# File 'lib/jira/atlassian/jwt.rb', line 39

def build_claims(issuer, url, http_method, base_url = '', issued_at = nil, expires = nil, attributes = {}) # rubocop:disable Metrics/ParameterLists
  issued_at ||= Time.now.to_i
  expires ||= issued_at + 60
  qsh = Digest::SHA256.hexdigest(create_canonical_request(url, http_method, base_url))

  {
    iss: issuer,
    iat: issued_at,
    exp: expires,
    qsh: qsh
  }.merge(attributes)
end

.canonicalize_query_string(query) ⇒ Object

# File 'lib/jira/atlassian/jwt.rb', line 60

def canonicalize_query_string(query)
  return '' if query.nil? || query.empty?

  query = CGI.parse(query)
  query.delete('jwt')
  query.each do |k, v|
    query[k] = v.map { |a| CGI.escape a }.join(',') if v.is_a? Array
    query[k].gsub!('+', '%20')  # Use %20, not CGI.escape default of "+"
    query[k].gsub!('%7E', '~')  # Unescape "~" per JS tests
  end
  query = query.sort.to_h
  query.map { |k, v| "#{CGI.escape k}=#{v}" }.join(CANONICAL_QUERY_SEPARATOR)
end

.canonicalize_uri(uri, base_uri) ⇒ Object

# File 'lib/jira/atlassian/jwt.rb', line 52

def canonicalize_uri(uri, base_uri)
  path = uri.path.sub(/^#{base_uri.path}/, '')
  path = '/' if path.nil? || path.empty?
  path = "/#{path}" unless path.start_with? '/'
  path.chomp!('/') if path.length > 1
  path.gsub(CANONICAL_QUERY_SEPARATOR, ESCAPED_CANONICAL_QUERY_SEPARATOR)
end

.create_canonical_request(uri, http_method, base_uri) ⇒ Object

# File 'lib/jira/atlassian/jwt.rb', line 28

def create_canonical_request(uri, http_method, base_uri)
  uri = URI.parse(uri) unless uri.is_a? URI
  base_uri = URI.parse(base_uri) unless base_uri.is_a? URI

  [
    http_method.upcase,
    canonicalize_uri(uri, base_uri),
    canonicalize_query_string(uri.query)
  ].join(CANONICAL_QUERY_SEPARATOR)
end