Class: IDTokenDecoder

Inherits:
Object
  • Object
show all
Defined in:
lib/omniauth/azure_adv2/id_token_decoder.rb

Instance Method Summary collapse

Constructor Details

#initialize(id_token:, client_id:, nonce:, keyset:) ⇒ IDTokenDecoder

Returns a new instance of IDTokenDecoder.



2
3
4
5
6
7
 
# File 'lib/omniauth/azure_adv2/id_token_decoder.rb', line 2

def initialize(id_token:, client_id:, nonce:, keyset:)
  @id_token = id_token
  @client_id = client_id
  @nonce = nonce
  @keyset = keyset
end

Instance Method Details

#runObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
 
# File 'lib/omniauth/azure_adv2/id_token_decoder.rb', line 9

def run
  fail(JWT::DecodeError, 'Nil JSON web token') unless id_token

  decoder = JWT::Decode.new(id_token, nil, true, verify_options)
  @header, payload, signature, signing_input = decoder.decode_segments
  decoder.verify

  algo, key = JWT.signature_algorithm_and_key(@header, matching_key)

  if 'RS256' != algo
    fail JWT::IncorrectAlgorithm, 'Expected a different algorithm'
  end

  JWT.verify_signature(algo, key, signing_input, signature)

  fail JWT::DecodeError, 'Returned nonce did not match.' unless payload['nonce'] == nonce

  [payload, @header]
end