Class: Inferno::DSL::JWKS

Inherits:

Object

• Object
• Inferno::DSL::JWKS

Defined in:

lib/inferno/dsl/jwks.rb

Overview

The JWKS class provides methods to handle JSON Web Key Sets (JWKS) within Inferno.

This class allows users to fetch, parse, and manage JWKS, ensuring that the necessary keys for verifying tokens are available.

Class Method Summary

• .default_jwks_json ⇒ String

  Reads the JWKS content from the file located at the JWKS path.

• .default_jwks_path ⇒ String

  Provides the default file path to the JWKS file.

• .jwks(user_jwks: nil) ⇒ JWT::JWK::Set

  Parses and returns a ‘JWT::JWK::Set` object from the provided JWKS string or from the file located at the JWKS path.

• .jwks_json ⇒ String

  Returns a formatted JSON string of the JWKS public keys that are used for verification.

• .jwks_path ⇒ String

  Fetches the JWKS file path from the environment variable ‘INFERNO_JWKS_PATH`.

Class Method Details

.default_jwks_json ⇒ String

Reads the JWKS content from the file located at the JWKS path.

Returns:

• (String) —

  The json content of the JWKS file.

# File 'lib/inferno/dsl/jwks.rb', line 52

def default_jwks_json
  @default_jwks_json ||= File.read(jwks_path)
end

.default_jwks_path ⇒ String

Provides the default file path to the JWKS file. This method is primarily used internally to locate the default JWKS file.

Returns:

• (String) —

  The default JWKS file path.

# File 'lib/inferno/dsl/jwks.rb', line 31

def default_jwks_path
  @default_jwks_path ||= File.join(__dir__, 'jwks.json')
end

.jwks(user_jwks: nil) ⇒ JWT::JWK::Set

Parses and returns a ‘JWT::JWK::Set` object from the provided JWKS string or from the file located at the JWKS path. If a user-provided JWKS string is not available, it reads the JWKS from the file.

Examples:

# Using a user-provided JWKS string
user_jwks = '{"keys":[...]}'
jwks_set = Inferno::JWKS.jwks(user_jwks: user_jwks)

# Using the default JWKS file
jwks_set = Inferno::JWKS.jwks

Parameters:

• user_jwks (String, nil) (defaults to: nil) —

  An optional json containing the JWKS. If not provided, the method reads from the file.

Returns:

• (JWT::JWK::Set) —

  The parsed JWKS set.

# File 'lib/inferno/dsl/jwks.rb', line 71

def jwks(user_jwks: nil)
  JWT::JWK::Set.new(JSON.parse(user_jwks.presence || default_jwks_json))
end

.jwks_json ⇒ String

Returns a formatted JSON string of the JWKS public keys that are used for verification. This method filters out keys that do not have the ‘verify’ operation.

Examples:

jwks_json = Inferno::JWKS.jwks_json
puts jwks_json

Returns:

• (String) —

  The formatted JSON string of the JWKS public keys.

# File 'lib/inferno/dsl/jwks.rb', line 18

def jwks_json
  @jwks_json ||=
    JSON.pretty_generate(
      { keys: jwks.export[:keys].select { |key| key[:key_ops]&.include?('verify') } }
    )
end

.jwks_path ⇒ String

Fetches the JWKS file path from the environment variable ‘INFERNO_JWKS_PATH`. If the environment variable is not set, it falls back to the default path provided by `.default_jwks_path`.

Returns:

• (String) —

  The JWKS file path.

# File 'lib/inferno/dsl/jwks.rb', line 42

def jwks_path
  @jwks_path ||=
    ENV.fetch('INFERNO_JWKS_PATH', default_jwks_path)
end