Class: Authentic::KeyStore

Inherits:

Object

• Object
• Authentic::KeyStore

Defined in:

lib/authentic/key_store.rb

Overview

Internal: Key store for caching JWKs.

Instance Attribute Summary

• #data ⇒ Object readonly

  Public: cache data.

• #max_age ⇒ Object readonly

  Public: cache data.

• #max_age_seconds ⇒ Object readonly

  Public: cache data.

Instance Method Summary

• #expires!(key) ⇒ Object

  Internal: Verifies if data is expired and unset it.

• #get(iss, kid) ⇒ Object

  Public: Sets data, and wraps it in OIDCKey class if not presented as that type.

• #get_key(iss, kid) ⇒ Object

  Internal: builds cache key.

• #human_time_to_seconds(time) ⇒ Object

  Internal: converts human time to seconds for consumption of the cache service.

• #initialize(max_age, data = {}) ⇒ KeyStore constructor

  A new instance of KeyStore.

• #set(iss, kid, new_data) ⇒ Object

  Public: Sets data, and wraps it in OIDCKey class if not presented as that type.

• #unset(key) ⇒ Object

  Internal: deletes data from cache.

Constructor Details

#initialize(max_age, data = {}) ⇒ KeyStore

Returns a new instance of KeyStore.

# File 'lib/authentic/key_store.rb', line 12

def initialize(max_age, data = {})
  @data = data
  @max_age_seconds = human_time_to_seconds(max_age)
end

Instance Attribute Details

#data ⇒ Object (readonly)

Public: cache data

# File 'lib/authentic/key_store.rb', line 10

def data
  @data
end

#max_age ⇒ Object (readonly)

Public: cache data

# File 'lib/authentic/key_store.rb', line 10

def max_age
  @max_age
end

#max_age_seconds ⇒ Object (readonly)

Public: cache data

# File 'lib/authentic/key_store.rb', line 10

def max_age_seconds
  @max_age_seconds
end

Instance Method Details

#expires!(key) ⇒ Object

Internal: Verifies if data is expired and unset it

# File 'lib/authentic/key_store.rb', line 53

def expires!(key)
  unset(key) if data[key]&.expired?
end

#get(iss, kid) ⇒ Object

Public: Sets data, and wraps it in OIDCKey class if not presented as that type.

iss - issuer kid - key id

Returns JSON::JWK

# File 'lib/authentic/key_store.rb', line 23

def get(iss, kid)
  key = get_key(iss, kid)
  expires!(key)
  data[key]&.value
end

#get_key(iss, kid) ⇒ Object

Internal: builds cache key

iss - issuer kid - key id

Returns string

# File 'lib/authentic/key_store.rb', line 35

def get_key(iss, kid)
  "#{iss}/#{kid}"
end

#human_time_to_seconds(time) ⇒ Object

Internal: converts human time to seconds for consumption of the cache service. Format example: ‘10h5m30s`. All units are optional.

time - time to convert, it is a string that represents time in hours, minutes, and seconds.

Returns seconds.

# File 'lib/authentic/key_store.rb', line 70

def human_time_to_seconds(time)
  m = /(?:(\d*)h)?\s?(?:(\d*)?m)?\s?(?:(\d*)?s)?/.match(time)
  h = ((m[1].to_i || 0) * 60) * 60
  mi = (m[2].to_i || 0) * 60
  s = (m[3].to_i || 0)
  h + mi + s
end

#set(iss, kid, new_data) ⇒ Object

Public: Sets data, and wraps it in OIDCKey class if not presented as that type.

iss - issuer kid - key id data - data to cache which is usually a single OIDC public key.

Returns JSON::JWK

# File 'lib/authentic/key_store.rb', line 46

def set(iss, kid, new_data)
  key = get_key(iss, kid)
  data[key] = new_data.is_a?(OIDCKey) ? new_data : OIDCKey.new(new_data, max_age_seconds)
  get(iss, kid)
end

#unset(key) ⇒ Object

Internal: deletes data from cache

# File 'lib/authentic/key_store.rb', line 58

def unset(key)
  data.delete(key)
end