Class: IDTokenDecoder

Inherits:

Object

• Object
• IDTokenDecoder

Defined in:

lib/omniauth/azure_activedirectory_v2/id_token_decoder.rb

Instance Method Summary

• #initialize(id_token:, client_id:, nonce:, keyset:) ⇒ IDTokenDecoder constructor

  A new instance of IDTokenDecoder.

• #run ⇒ Object

Constructor Details

#initialize(id_token:, client_id:, nonce:, keyset:) ⇒ IDTokenDecoder

Returns a new instance of IDTokenDecoder.

# File 'lib/omniauth/azure_activedirectory_v2/id_token_decoder.rb', line 2

def initialize(id_token:, client_id:, nonce:, keyset:)
  @id_token = id_token
  @client_id = client_id
  @nonce = nonce
  @keyset = keyset
end

Instance Method Details

#run ⇒ Object

# File 'lib/omniauth/azure_activedirectory_v2/id_token_decoder.rb', line 9

def run
  claims, header = JWT.decode(id_token, nil, true, verify_options) { |header|
    # There should always be one key from the discovery endpoint that
    # matches the id in the JWT header.
    # If not: 'No keys from key endpoint match the id token' will raised
    keyset.find(header['kid'])
  }

  return claims, header if claims['nonce'] == nonce
  fail JWT::DecodeError, 'Returned nonce did not match.'
end