Class: OIDCProvider::IdToken

Inherits:
ApplicationRecord show all
Defined in:
app/models/oidc_provider/id_token.rb

Constant Summary collapse

PASSPHRASE_ENV_VAR = 
'OIDC_PROVIDER_KEY_PASSPHRASE'

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.configObject 



31
32
33
34
35
36
 
# File 'app/models/oidc_provider/id_token.rb', line 31

def config
  {
    issuer: OIDCProvider.issuer,
    jwk_set: JSON::JWK::Set.new(public_jwk)
  }
end

.key_pairObject 



42
43
44
 
# File 'app/models/oidc_provider/id_token.rb', line 42

def key_pair
  @key_pair ||= OpenSSL::PKey::RSA.new(File.read(oidc_provider_key_path), ENV[PASSPHRASE_ENV_VAR])
end

.oidc_provider_key_pathObject 



38
39
40
 
# File 'app/models/oidc_provider/id_token.rb', line 38

def oidc_provider_key_path
  Rails.root.join("lib/oidc_provider_key.pem")
end

.private_jwkObject 



46
47
48
 
# File 'app/models/oidc_provider/id_token.rb', line 46

def private_jwk
  JSON::JWK.new key_pair
end

.public_jwkObject 



50
51
52
 
# File 'app/models/oidc_provider/id_token.rb', line 50

def public_jwk
  JSON::JWK.new key_pair.public_key
end

Instance Method Details

#to_jwtObject 



24
25
26
 
# File 'app/models/oidc_provider/id_token.rb', line 24

def to_jwt
  to_response_object.to_jwt(self.class.private_jwk)
end

#to_response_objectObject 



13
14
15
16
17
18
19
20
21
22
 
# File 'app/models/oidc_provider/id_token.rb', line 13

def to_response_object
  OpenIDConnect::ResponseObject::IdToken.new(
    iss: OIDCProvider.issuer,
    sub: .send(OIDCProvider.),
    aud: authorization.client_id,
    nonce: nonce,
    exp: expires_at.to_i,
    iat: created_at.to_i
  )
end