Class: Aspera::OAuth::Jwt

Inherits:
Base
  • Object
show all
Defined in:
lib/aspera/oauth/jwt.rb

Overview

Authentication using private key tools.ietf.org/html/rfc7523 tools.ietf.org/html/rfc7519

Instance Attribute Summary

Attributes inherited from Base

#scope

Instance Method Summary collapse

Methods inherited from Base

#create_token_call, #optional_scope_client_id, #token

Constructor Details

#initialize(private_key_obj:, payload:, headers: {}, **base_params) ⇒ Jwt

Returns a new instance of Jwt.

Parameters:

  • private_key_obj

    private key object

  • payload

    payload to be included in the JWT

  • headers (defaults to: {})

    headers to be included in the JWT



19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/aspera/oauth/jwt.rb', line 19

def initialize(
  private_key_obj:,
  payload:,
  headers: {},
  **base_params
)
  Aspera.assert_type(private_key_obj, OpenSSL::PKey::RSA){'private_key_obj'}
  Aspera.assert_type(payload, Hash){'payload'}
  Aspera.assert_type(headers, Hash){'headers'}
  super(**base_params)
  @private_key_obj = private_key_obj
  @additional_payload = payload
  @headers = headers
  @identifiers.push(@additional_payload[:sub])
end

Instance Method Details

#create_tokenObject 



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
 
# File 'lib/aspera/oauth/jwt.rb', line 35

def create_token
  require 'jwt'
  seconds_since_epoch = Time.new.to_i
  Log.log.debug{"seconds_since_epoch=#{seconds_since_epoch}"}
  jwt_payload = {
    exp: seconds_since_epoch + OAuth::Factory.instance.parameters[:jwt_expiry_offset_sec], # expiration time
    nbf: seconds_since_epoch - OAuth::Factory.instance.parameters[:jwt_accepted_offset_sec], # not before
    iat: seconds_since_epoch - OAuth::Factory.instance.parameters[:jwt_accepted_offset_sec] + 1, # issued at
    jti: SecureRandom.uuid # JWT id
  }.merge(@additional_payload)
  Log.log.debug{Log.dump(:jwt_payload, jwt_payload)}
  Log.log.debug{"private=[#{@private_key_obj}]"}
  assertion = JWT.encode(jwt_payload, @private_key_obj, 'RS256', @headers)
  Log.log.debug{"assertion=[#{assertion}]"}
  return create_token_call(optional_scope_client_id.merge(grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', assertion: assertion))
end