Class: StandardId::Api::TokenManager

Inherits:

Object

• Object
• StandardId::Api::TokenManager

Defined in:

lib/standard_id/api/token_manager.rb

Instance Attribute Summary

• #request ⇒ Object readonly

  Returns the value of attribute request.

Instance Method Summary

• #bearer_token ⇒ Object
• #create_device_session(account, device_id: nil, device_agent: nil) ⇒ Object
• #create_service_session(account, service_name:, service_version:, owner:, metadata: {}) ⇒ Object
• #generate_lookup_hash(token) ⇒ Object
• #initialize(request) ⇒ TokenManager constructor

  A new instance of TokenManager.

• #verify_jwt_token(token: bearer_token) ⇒ Object

Constructor Details

#initialize(request) ⇒ TokenManager

Returns a new instance of TokenManager.

# File 'lib/standard_id/api/token_manager.rb', line 6

def initialize(request)
  @request = request
end

Instance Attribute Details

#request ⇒ Object (readonly)

Returns the value of attribute request.

# File 'lib/standard_id/api/token_manager.rb', line 4

def request
  @request
end

Instance Method Details

#bearer_token ⇒ Object

# File 'lib/standard_id/api/token_manager.rb', line 50

def bearer_token
  return @bearer_token if defined?(@bearer_token)

  @bearer_token = StandardId::BearerTokenExtraction.extract(@request.headers["Authorization"])
end

#create_device_session(account, device_id: nil, device_agent: nil) ⇒ Object

# File 'lib/standard_id/api/token_manager.rb', line 10

def create_device_session(account, device_id: nil, device_agent: nil)
  session_class = StandardId::SessionTypeResolver.resolve!(
    request: @request,
    account: account,
    flow: :api_device_auth
  )

  create_session_for(
    session_class,
    account: account,
    device_id: device_id,
    device_agent: device_agent
  )
end

#create_service_session(account, service_name:, service_version:, owner:, metadata: {}) ⇒ Object

# File 'lib/standard_id/api/token_manager.rb', line 25

def create_service_session(account, service_name:, service_version:, owner:, metadata: {})
  session_class = StandardId::SessionTypeResolver.resolve!(
    request: @request,
    account: account,
    flow: :api_service_auth
  )

  unless session_class == StandardId::ServiceSession
    raise StandardId::ConfigurationError,
      "session_type_resolver returned #{session_class.name} for flow :api_service_auth, " \
      "but service-session creation requires StandardId::ServiceSession " \
      "(service_name / service_version / owner are not applicable to other session types)."
  end

  StandardId::ServiceSession.create!(
    account: account,
    owner: owner,
    ip_address: StandardId::Utils::IpNormalizer.normalize(@request.remote_ip),
    service_name: service_name,
    service_version: service_version,
    metadata: metadata || {},
    expires_at: StandardId::ServiceSession.default_expiry
  )
end

#generate_lookup_hash(token) ⇒ Object

# File 'lib/standard_id/api/token_manager.rb', line 60

def generate_lookup_hash(token)
  Digest::SHA256.hexdigest("#{token}:#{Rails.application.secret_key_base}")
end

#verify_jwt_token(token: bearer_token) ⇒ Object

# File 'lib/standard_id/api/token_manager.rb', line 56

def verify_jwt_token(token: bearer_token)
  StandardId::JwtService.decode_session(token)
end