Class: GoogleIDToken::Validator
- Inherits:
-
Object
- Object
- GoogleIDToken::Validator
- Defined in:
- lib/google-id-token.rb
Constant Summary collapse
- GOOGLE_CERTS_URI =
'https://www.googleapis.com/oauth2/v1/certs'
Instance Attribute Summary collapse
-
#problem ⇒ Object
readonly
Returns the value of attribute problem.
Instance Method Summary collapse
-
#check(token, aud, cid = nil) ⇒ Hash
If it validates, returns a hash with the JWT fields from the ID Token.
-
#initialize(keyopts = {}) ⇒ Validator
constructor
A new instance of Validator.
Constructor Details
#initialize(keyopts = {}) ⇒ Validator
Returns a new instance of Validator.
39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/google-id-token.rb', line 39 def initialize(keyopts = {}) if keyopts[:x509_cert] @certs_mode = :literal @certs = { :_ => keyopts[:x509_cert] } # elsif keyopts[:jwk_uri] # TODO # @certs_mode = :jwk # @certs = {} else @certs_mode = :old_skool @certs = {} end end |
Instance Attribute Details
#problem ⇒ Object (readonly)
Returns the value of attribute problem.
37 38 39 |
# File 'lib/google-id-token.rb', line 37 def problem @problem end |
Instance Method Details
#check(token, aud, cid = nil) ⇒ Hash
If it validates, returns a hash with the JWT fields from the ID Token.
You have to provide an "aud" value, which must match the
token's field with that name, and will similarly check cid if provided.
If something fails, returns nil; #problem returns error text
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 |
# File 'lib/google-id-token.rb', line 68 def check(token, aud, cid = nil) case check_cached_certs(token, aud, cid) when :valid @token when :problem nil else # no certs worked, might've expired, refresh if refresh_certs @problem = 'Unable to retrieve Google public keys' nil else case check_cached_certs(token, aud, cid) when :valid @token when :problem nil else @problem = 'Token not verified as issued by Google' nil end end end end |