Module: AtomicAdmin::JwtToken

Included in:: AuthenticatingApplicationController

Defined in:: lib/atomic_admin/jwt_token.rb

Defined Under Namespace

Constant Summary collapse

ALGORITHM =

"HS512".freeze

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.decode(token, secret = nil, validate = true, algorithm = ALGORITHM) ⇒ `Object`

# File 'lib/atomic_admin/jwt_token.rb', line 15

def self.decode(token, secret = nil, validate = true, algorithm = ALGORITHM)
  JWT.decode(
    token,
    secret || Rails.application.secrets.auth0_client_secret,
    validate,
    { algorithm: algorithm },
  )
end

.valid?(token, secret = nil, algorithm = ALGORITHM) ⇒ `Boolean`

Returns:

(Boolean)



11
12
13

# File 'lib/atomic_admin/jwt_token.rb', line 11

def self.valid?(token, secret = nil, algorithm = ALGORITHM)
  decode(token, secret, true, algorithm)
end

Instance Method Details

#decoded_jwt_token(req, secret = nil) ⇒ `Object`

Raises:

(InvalidTokenError)

# File 'lib/atomic_admin/jwt_token.rb', line 24

def decoded_jwt_token(req, secret = nil)
  token = AtomicAdmin::JwtToken.valid?(encoded_token(req), secret)
  raise InvalidTokenError, "Unable to decode jwt token" if token.blank?
  raise InvalidTokenError, "Invalid token payload" if token.empty?

  token[0]
end

#validate_token ⇒ `Object`

# File 'lib/atomic_admin/jwt_token.rb', line 32

def validate_token
  token = decoded_jwt_token(request)
  raise InvalidTokenError if Rails.application.secrets.auth0_client_id != token["aud"]
  
  current_application_instance_id = request.env['atomic.validated.application_instance_id']
  if current_application_instance_id && current_application_instance_id != token["application_instance_id"]
    raise InvalidTokenError
  end
  
  @user_tenant = token["user_tenant"] if token["user_tenant"].present?
  @user = User.find(token["user_id"])
  
  sign_in(@user, event: :authentication, store: false)
rescue JWT::DecodeError, InvalidTokenError => e
  Rails.logger.error "JWT Error occured #{e.inspect}"
  begin
    render json: { error: "Unauthorized: Invalid token." }, status: :unauthorized
  rescue NoMethodError
    raise GraphQL::ExecutionError, "Unauthorized: Invalid token."
  end
end

Module: AtomicAdmin::JwtToken

Defined Under Namespace

Constant Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.decode(token, secret = nil, validate = true, algorithm = ALGORITHM) ⇒ Object

.valid?(token, secret = nil, algorithm = ALGORITHM) ⇒ Boolean

Instance Method Details

#decoded_jwt_token(req, secret = nil) ⇒ Object

#validate_token ⇒ Object

.decode(token, secret = nil, validate = true, algorithm = ALGORITHM) ⇒ `Object`

.valid?(token, secret = nil, algorithm = ALGORITHM) ⇒ `Boolean`

#decoded_jwt_token(req, secret = nil) ⇒ `Object`

#validate_token ⇒ `Object`