Class: Usps::JwtAuth::Decode

Inherits:

Object

• Object
• Usps::JwtAuth::Decode

Defined in:

lib/usps/jwt_auth/decode.rb

Overview

Decode and validate data from a JWT

Constant Summary

OPEN_TIMEOUT =

Keep a slow or unreachable store from tying up the caller (e.g. a web worker).

2

READ_TIMEOUT =

2

Class Method Summary

• .decode(token, audience: [], issuer: nil) ⇒ Object
• .token_options(audience: [], issuer: nil) ⇒ Object

Instance Method Summary

• #decode(token, audience: [], issuer: nil) ⇒ Object

Class Method Details

.decode(token, audience: [], issuer: nil) ⇒ Object

# File 'lib/usps/jwt_auth/decode.rb', line 16

def self.decode(token, audience: [], issuer: nil)
  new.decode(token, audience: audience, issuer: issuer)
end

.token_options(audience: [], issuer: nil) ⇒ Object

# File 'lib/usps/jwt_auth/decode.rb', line 20

def self.token_options(audience: [], issuer: nil)
  {
    required_claims: %w[iss exp],
    verify_iss: true,
    verify_aud: true,
    algorithm: JwtAuth.config.algorithm,
    aud: audience,
    iss: /\A#{JwtAuth.config.issuer_base}(?::#{issuer})?\z/
  }
end

Instance Method Details

#decode(token, audience: [], issuer: nil) ⇒ Object

# File 'lib/usps/jwt_auth/decode.rb', line 31

def decode(token, audience: [], issuer: nil)
  result = JWT.decode(
    token,
    public_key(token),
    true,
    self.class.token_options(audience:, issuer:)
  )
  result[0]['data']
end