Module: Supabase::Rails::JWT

Defined in:
lib/supabase/rails/jwt.rb

Constant Summary collapse

ALGORITHMS = 
%w[RS256 ES256 HS256].freeze
LEEWAY_SECONDS = 
30
CACHE_TTL_SECONDS = 
600
MISS_COOLDOWN_SECONDS = 
30

Class Method Summary collapse

Class Method Details

._reset_cache!Object 



49
50
51
 
# File 'lib/supabase/rails/jwt.rb', line 49

def _reset_cache!
  @cache_mutex.synchronize { @cache.clear }
end

.verify(token, env:) ⇒ Object 



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'lib/supabase/rails/jwt.rb', line 23

def verify(token, env:)
  raise AuthError.invalid_credentials if token.nil? || token.to_s.empty?

  jwks_source = env.jwks
  if jwks_source.nil?
    raise AuthError.new(
      "JWKS not configured for user auth mode",
      AuthError::AUTH_GENERIC_ERROR,
      500
    )
  end

  jwks = resolve_jwks(jwks_source)
  payload = decode(token, jwks)

  unless payload.is_a?(Hash) && payload["sub"].is_a?(String)
    raise AuthError.invalid_credentials
  end

  { user_claims: build_user_claims(payload), jwt_claims: payload }
rescue AuthError
  raise
rescue StandardError
  raise AuthError.invalid_credentials
end