Class: JWT::JWK::AKP

Inherits:

KeyBase

• Object
• KeyBase
• JWT::JWK::AKP

Defined in:

lib/pq_crypto/jwt/jwk/akp.rb

Defined Under Namespace

Classes: NullKidGenerator

Constant Summary

KTY =

"AKP".freeze

KTYS =

[KTY, PQCrypto::Signature::PublicKey, JWT::JWK::AKP].freeze

AKP_KEY_ELEMENTS =

%i[kty alg pub priv].freeze

PRIVATE_EXPORT_OPTIONS =

%i[private include_private].freeze

Instance Method Summary

• #[]=(key, value) ⇒ Object
• #export(options = {}) ⇒ Object
• #initialize(key, params = nil, options = {}) ⇒ AKP constructor

  A new instance of AKP.

• #jwa ⇒ Object
• #key_digest ⇒ Object
• #members ⇒ Object
• #private? ⇒ Boolean
• #public_key ⇒ Object
• #secret_key ⇒ Object
• #signing_key ⇒ Object
• #verify_key ⇒ Object

Constructor Details

#initialize(key, params = nil, options = {}) ⇒ AKP

Returns a new instance of AKP.

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 18

def initialize(key, params = nil, options = {})
  params = params.is_a?(String) ? { kid: params } : (params || {})
  params = params.transform_keys(&:to_sym)
  key_params = extract_key_params(key)
  @checked_public_key = check_jwk_params!(key_params, params)
  super({ kid_generator: NullKidGenerator }.merge(options || {}), key_params.merge(params))
end

Instance Method Details

#[]=(key, value) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 54

def []=(key, value)
  raise ArgumentError, "cannot overwrite cryptographic key attributes" if AKP_KEY_ELEMENTS.include?(key.to_sym)

  super
end

#export(options = {}) ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 41

def export(options = {})
  include_private = PRIVATE_EXPORT_OPTIONS.any? { |key| (options || {})[key] }
  parameters.clone.tap { |exported| exported.delete(:priv) unless include_private }
end

#jwa ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 52

def jwa = PQCrypto::JWT.algorithm_for(self[:alg]) || super

#key_digest ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 51

def key_digest = PQCrypto::JWT::JWK.thumbprint(string_export)

#members ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 46

def members
  keys = private? ? %i[alg kty pub priv] : %i[alg kty pub]
  keys.each_with_object({}) { |key, out| out[key] = self[key] }
end

#private? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 26

def private? = parameters.key?(:priv) && !parameters[:priv].nil?

#public_key ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 29

def public_key
  @public_key ||= @checked_public_key || PQCrypto::JWT::JWK.public_key_from_jwk(string_export)
end

#secret_key ⇒ Object

Raises:

• (JWT::JWKError)

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 35

def secret_key
  raise JWT::JWKError, "AKP JWK does not contain private material" unless private?

  @secret_key ||= PQCrypto::JWT::JWK.secret_key_from_jwk(string_export(include_private: true))
end

#signing_key ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 33

def signing_key = private? ? secret_key : public_key

#verify_key ⇒ Object

# File 'lib/pq_crypto/jwt/jwk/akp.rb', line 27

def verify_key = public_key