Class: Cent::Notary

Inherits:

Object

• Object
• Cent::Notary

Defined in:

lib/cent/notary.rb

Overview

Cent::Notary

Handle token generation

Instance Method Summary

• #initialize(secret:, algorithm: 'HS256') ⇒ Notary constructor

  A new instance of Notary.

• #issue_channel_token(client:, channel:, info: nil, exp: nil) ⇒ String

  Generate JWT for private channels.

• #issue_connection_token(sub:, info: nil, exp: nil) ⇒ String

  Generate connection JWT for the given user.

Constructor Details

#initialize(secret:, algorithm: 'HS256') ⇒ Notary

Returns a new instance of Notary.

Examples:

Construct new client instance

notary = Cent::Notary.new(secret: 'secret')

Parameters:

• secret (String | OpenSSL::PKey::RSA | OpenSSL::PKey::EC) —

  Secret key for the algorithm of your choice.

• algorithm (String) (defaults to: 'HS256') —

  Specify algorithm(one from HMAC, RSA or ECDSA family). Default is HS256.

Raises:

• (Error)

# File 'lib/cent/notary.rb', line 18

def initialize(secret:, algorithm: 'HS256')
  raise Error, 'Secret can not be nil' if secret.nil?

  @secret = secret
  @algorithm = algorithm
end

Instance Method Details

#issue_channel_token(client:, channel:, info: nil, exp: nil) ⇒ String

Generate JWT for private channels

Examples:

Get private channel JWT with expiration and extra info

notary.issue_channel_token(client: 'client', channel: 'channel', exp: 3600, info: { 'message' => 'wat' })
  #=> eyJhbGciOiJIUzI1NiJ9.eyJjbGllbnQiOiJjbG..."

Parameters:

• client (String) —

  Client ID which wants to subscribe on channel

• exp (Integer) (defaults to: nil) —

  (default: nil) UNIX timestamp seconds when token will expire.

• info (Hash) (defaults to: nil) —

  (default: {}) This claim is optional - this is additional information about client connection that can be provided for Centrifugo.

• channel (Hash) —

  a customizable set of options

Options Hash (channel:):

• Channel (String) —

  that client tries to subscribe to (string).

Returns:

• (String)

See Also:

• (https://centrifugal.github.io/centrifugo/server/private_channels/)

# File 'lib/cent/notary.rb', line 81

def issue_channel_token(client:, channel:, info: nil, exp: nil)
  payload = {
    'client' => client,
    'channel' => channel,
    'info' => info,
    'exp' => exp
  }.compact

  JWT.encode(payload, secret, algorithm)
end

#issue_connection_token(sub:, info: nil, exp: nil) ⇒ String

Generate connection JWT for the given user

Examples:

Get user JWT with expiration and extra info

notary.issue_connection_token(sub: '1', exp: 3600, info: { 'role' => 'admin' })
  #=> "eyJhbGciOiJIUzI1NiJ9.eyJzdWIi..."

Parameters:

• sub (String) —

  Standard JWT claim which must contain an ID of current application user.

• exp (Integer) (defaults to: nil) —

  (default: nil) UNIX timestamp seconds when token will expire.

• info (Hash) (defaults to: nil) —

  (default: {}) This claim is optional - this is additional information about client connection that can be provided for Centrifugo.

• channel (Hash) —

  a customizable set of options

Returns:

• (String)

See Also:

• (https://centrifugal.github.io/centrifugo/server/authentication/)

# File 'lib/cent/notary.rb', line 48

def issue_connection_token(sub:, info: nil, exp: nil)
  payload = {
    'sub' => sub,
    'info' => info,
    'exp' => exp
  }.compact

  JWT.encode(payload, secret, algorithm)
end