Class: RooOnRails::Rack::PopulateEnvFromJWT

Inherits:

Object

Object
RooOnRails::Rack::PopulateEnvFromJWT

Defined in:: lib/roo_on_rails/rack/populate_env_from_jwt.rb

Constant Summary collapse

UnacceptableKeyError =

Class.new(RuntimeError)

VALID_PREFIXES_KEY =

'VALID_IDENTITY_URL_PREFIXES'.freeze

DEFAULT_MAPPED_URLS =

{
  'https://test.deliveroo.co.uk/' => 'https://orderweb.rooenv-staging.io/',
  'https://deliveroo.co.uk/' => 'https://orderweb.deliverooapp.com/',
  'https://identity-staging.deliveroo.com/' => 'https://internal-identity.rooenv-staging.io/',
  'https://identity.deliveroo.com/' => 'https://internal-identity.deliverooapp.com/'
}.freeze

Class Method Summary collapse

.configured? ⇒ Boolean

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app, logger:, skip_sig_verify: true, url_mappings: DEFAULT_MAPPED_URLS) ⇒ PopulateEnvFromJWT constructor

A new instance of PopulateEnvFromJWT.

Constructor Details

#initialize(app, logger:, skip_sig_verify: true, url_mappings: DEFAULT_MAPPED_URLS) ⇒ `PopulateEnvFromJWT`

Returns a new instance of PopulateEnvFromJWT.

# File 'lib/roo_on_rails/rack/populate_env_from_jwt.rb', line 21

def initialize(app, logger:, skip_sig_verify: true, url_mappings: DEFAULT_MAPPED_URLS)
  @app = app
  @logger = logger
  @url_mappings = url_mappings
  @keys = {}
  @mapped_urls = {}

  if skip_sig_verify && non_prod?
    @logger.warn "JWTs signature verifification has been switched off in development."
    @verify_sigs = false
  else
    @verify_sigs = true
  end
end

Class Method Details

.configured? ⇒ `Boolean`

Returns:

(Boolean)



17
18
19

# File 'lib/roo_on_rails/rack/populate_env_from_jwt.rb', line 17

def self.configured?
  ENV[VALID_PREFIXES_KEY].present?
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/roo_on_rails/rack/populate_env_from_jwt.rb', line 36

def call(env)
  env['roo.identity'] = decode_authorization_header(env['HTTP_AUTHORIZATION'])
  @app.call(env)

# Other exceptions will bubble up, allowing the higher middleware to return a 500, which is
# intentional.
rescue UnacceptableKeyError, JSON::JWT::Exception => e
  # Identifying user is clearly attempting to hack or has been given a totally incorrect
  # token, log this and flag as Forbidden, without executing the rest of the middleware stack.
  Raven.report_exception(e) if defined?(Raven)
  [401, {}, []]
end

Class: RooOnRails::Rack::PopulateEnvFromJWT

Constant Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(app, logger:, skip_sig_verify: true, url_mappings: DEFAULT_MAPPED_URLS) ⇒ PopulateEnvFromJWT

Class Method Details

.configured? ⇒ Boolean

Instance Method Details

#call(env) ⇒ Object

#initialize(app, logger:, skip_sig_verify: true, url_mappings: DEFAULT_MAPPED_URLS) ⇒ `PopulateEnvFromJWT`

.configured? ⇒ `Boolean`

#call(env) ⇒ `Object`