Module: Verikloak::BFF::JwtUtils
- Defined in:
- lib/verikloak/bff/jwt_utils.rb
Overview
Lightweight helpers around JWT decoding without verification.
Class Method Summary collapse
-
.decode_claims(token) ⇒ Hash
Return the decoded JWT payload without verification.
-
.decode_unverified(token) ⇒ Array<Hash>
Decode JWT header and payload without verification, guarding against oversized input.
Class Method Details
.decode_claims(token) ⇒ Hash
Return the decoded JWT payload without verification.
28 29 30 |
# File 'lib/verikloak/bff/jwt_utils.rb', line 28 def decode_claims(token) decode_unverified(token).first end |
.decode_unverified(token) ⇒ Array<Hash>
Decode JWT header and payload without verification, guarding against oversized input.
16 17 18 19 20 21 22 |
# File 'lib/verikloak/bff/jwt_utils.rb', line 16 def decode_unverified(token) return [{}, {}] if token.nil? || token.bytesize > Constants::MAX_TOKEN_BYTES JWT.decode(token, nil, false) rescue StandardError [{}, {}] end |