Module: PQCrypto::JWT::JWKS

Defined in:: lib/pq_crypto/jwt/jwks.rb

Constant Summary collapse

CACHE_EMPTY =

Object.new.freeze

KID_STRATEGIES =

%i[thumbprint thumbprint_uri].freeze

VALIDATION_CACHE_LIMIT =

Class Method Summary collapse

.clear_validation_cache! ⇒ Object
.find(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ Object
.find_all(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ Object
.from_keys(public_keys, kids: nil, kid_strategy: nil) ⇒ Object
.loader(jwks_hash_or_callable) ⇒ Object

Class Method Details

.clear_validation_cache! ⇒ `Object`



166
167
168

# File 'lib/pq_crypto/jwt/jwks.rb', line 166

def clear_validation_cache!
  VALIDATION_CACHE_MUTEX.synchronize { VALIDATION_CACHE.clear }
end

.find(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ `Object`

# File 'lib/pq_crypto/jwt/jwks.rb', line 27

def find(jwks, kid: nil, alg: nil, thumbprint: nil)
  each_candidate(jwks, kid, alg, thumbprint) do |key|
    return key
  end
  nil
end

.find_all(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ `Object`

# File 'lib/pq_crypto/jwt/jwks.rb', line 34

def find_all(jwks, kid: nil, alg: nil, thumbprint: nil)
  matches = []
  each_candidate(jwks, kid, alg, thumbprint) { |key| matches << key }
  matches
end

.from_keys(public_keys, kids: nil, kid_strategy: nil) ⇒ `Object`

# File 'lib/pq_crypto/jwt/jwks.rb', line 16

def from_keys(public_keys, kids: nil, kid_strategy: nil)
  keys = Array(public_keys)
  kids = normalize_kids!(keys, kids, kid_strategy)

  jwks = keys.each_with_index.map do |public_key, index|
    jwk = PQCrypto::JWT::JWK.from_public_key(public_key, kid: kids&.fetch(index))
    apply_kid_strategy(jwk, kid_strategy)
  end
  { "keys" => jwks }.freeze
end

.loader(jwks_hash_or_callable) ⇒ `Object`

# File 'lib/pq_crypto/jwt/jwks.rb', line 40

def loader(jwks_hash_or_callable)
  cached = CACHE_EMPTY
  mutex = Mutex.new

  lambda do |options = {}|
    options ||= {}
    invalidate = options[:invalidate]
    current = cached
    return current if !invalidate && !current.equal?(CACHE_EMPTY)

    mutex.synchronize do
      cached = CACHE_EMPTY if invalidate
      if cached.equal?(CACHE_EMPTY)
        cached = jwks_hash_or_callable.respond_to?(:call) ? jwks_hash_or_callable.call(options) : jwks_hash_or_callable
      end
      cached
    end
  end
end

Module: PQCrypto::JWT::JWKS

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.clear_validation_cache! ⇒ Object

.find(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ Object

.find_all(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ Object

.from_keys(public_keys, kids: nil, kid_strategy: nil) ⇒ Object

.loader(jwks_hash_or_callable) ⇒ Object

.clear_validation_cache! ⇒ `Object`

.find(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ `Object`

.find_all(jwks, kid: nil, alg: nil, thumbprint: nil) ⇒ `Object`

.from_keys(public_keys, kids: nil, kid_strategy: nil) ⇒ `Object`

.loader(jwks_hash_or_callable) ⇒ `Object`