Class: OpenAPIParser::Schemas::SecuritySchemes
- Defined in:
- lib/openapi_parser/schemas/classes.rb,
lib/openapi_parser/schemas/security_schemes.rb
Instance Attribute Summary
Attributes inherited from Base
#object_reference, #parent, #raw_schema, #root
Instance Method Summary collapse
Methods inherited from Base
#after_init, #initialize, #inspect
Methods included from Expandable
Methods included from Findable
#find_object, #purge_object_cache
Methods included from Parser
#_openapi_all_child_objects, #_update_child_object, included, #load_data
Constructor Details
This class inherits a constructor from OpenAPIParser::Schemas::Base
Instance Method Details
#validate_security_schemes(securityScheme, headers) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 |
# File 'lib/openapi_parser/schemas/security_schemes.rb', line 8 def validate_security_schemes(securityScheme, headers) if self.type == "http" && self.scheme == "bearer" && self.bearer_format == "JWT" raise "need authorization" unless headers["AUTHORIZATION"] raise "not bearer" unless headers["AUTHORIZATION"].split[0] == "Bearer" # check if the JWT token is being sent and try to decode. # if JWT token does not exist or token cannot decode, then deny access token = headers["AUTHORIZATION"].split[1] JWT.decode token, nil, false end end |