Module: AtomicTenant::JwtToken

Included in:
CurrentApplicationInstanceMiddleware
Defined in:
lib/atomic_tenant/jwt_token.rb

Defined Under Namespace

Classes: InvalidTokenError

Constant Summary collapse

ALGORITHM = 
"HS512".freeze

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.decode(token, algorithm = ALGORITHM, validate: true) ⇒ Object 



7
8
9
10
11
12
13
14
15
16
17
18
19
 
# File 'lib/atomic_tenant/jwt_token.rb', line 7

def self.decode(token,  algorithm = ALGORITHM, validate: true)
  decoded_token = JWT.decode(
    token,
    AtomicTenant.jwt_secret,
    validate,
    { algorithm: algorithm },
  )
  if AtomicTenant.jwt_aud != decoded_token[0]["aud"]
    return nil
  end

  decoded_token
end

.valid?(token, algorithm = ALGORITHM) ⇒ Boolean

Returns:

  • (Boolean) 


21
22
23
 
# File 'lib/atomic_tenant/jwt_token.rb', line 21

def self.valid?(token, algorithm = ALGORITHM)
  decode(token, algorithm)
end

Instance Method Details

#decoded_jwt_token(req) ⇒ Object

Raises:



25
26
27
28
29
30
31
 
# File 'lib/atomic_tenant/jwt_token.rb', line 25

def decoded_jwt_token(req)
  token = valid?(encoded_token(req))
  raise InvalidTokenError, 'Unable to decode jwt token' if token.blank?
  raise InvalidTokenError, 'Invalid token payload' if token.empty?

  token[0]
end

#encoded_token(req) ⇒ Object 



53
54
55
56
57
58
59
 
# File 'lib/atomic_tenant/jwt_token.rb', line 53

def encoded_token(req)
  return req.params[:jwt] if req.params[:jwt]

  if header = req.headers['Authorization'] || req.headers[:authorization]
    header.split(' ').last
  end
end

#encoded_token!(req) ⇒ Object

Raises:



41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/atomic_tenant/jwt_token.rb', line 41

def encoded_token!(req)
  return req.params[:jwt] if req.params[:jwt]

  header = req.headers['Authorization'] || req.headers[:authorization]
  raise InvalidTokenError, 'No authorization header found' if header.nil?

  token = header.split(' ').last
  raise InvalidTokenError, 'Invalid authorization header string' if token.nil?

  token
end

#validate_token_with_secret(aud, secret, req = request) ⇒ Object 



33
34
35
36
37
38
39
 
# File 'lib/atomic_tenant/jwt_token.rb', line 33

def validate_token_with_secret(aud, secret, req = request)
  token = decoded_jwt_token(req, secret)
  raise InvalidTokenError if aud != token['aud']
rescue JWT::DecodeError, InvalidTokenError => e
  Rails.logger.error "JWT Error occured: #{e.inspect}"
  render json: { error: 'Unauthorized: Invalid token.' }, status: :unauthorized
end