Class: SesDashboard::Auth::CloudflareAdapter

Inherits:
Base
  • Object
show all
Defined in:
lib/ses_dashboard/auth/cloudflare_adapter.rb

Overview

Validates Cloudflare Zero Trust JWT tokens.

Configure in your initializer:

SesDashboard.configure do |c|
  c.authentication_adapter  = :cloudflare
  c.cloudflare_team_domain  = "myteam.cloudflareaccess.com"
  c.cloudflare_aud          = "your-application-audience-tag"
end

Constant Summary collapse

JWKS_CACHE_TTL =

seconds

600

Instance Method Summary collapse

Methods inherited from Base

#call, #initialize

Constructor Details

This class inherits a constructor from SesDashboard::Auth::Base

Instance Method Details

#authenticate(request = nil) ⇒ Object 



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# File 'lib/ses_dashboard/auth/cloudflare_adapter.rb', line 21

def authenticate(request = nil)
  return false unless request
  token = extract_token(request)
  return false unless token

  payload = validate_jwt(token)
  return false unless payload

  config = SesDashboard.configuration
  return false if config.cloudflare_aud && payload["aud"] != [config.cloudflare_aud]

  true
rescue => e
  log_error("Cloudflare JWT validation failed: #{e.message}")
  false
end