Module: Zaikio::JWTAuth::InstanceMethods

Defined in:: lib/zaikio/jwt_auth.rb

Instance Method Summary collapse

Instance Method Details

#authenticate_by_jwt ⇒ `Object`

# File 'lib/zaikio/jwt_auth.rb', line 118

def authenticate_by_jwt
  token_data = Zaikio::JWTAuth.extract(request.headers["Authorization"], **jwt_options)
  return render_error("no_jwt_passed", status: :unauthorized) unless token_data

  return if show_error_if_token_is_revoked(token_data)

  return if show_error_if_authorize_by_jwt_subject_type_fails(token_data)

  return if show_error_if_authorize_by_jwt_scopes_fails(token_data)

  send(:after_jwt_auth, token_data) if respond_to?(:after_jwt_auth, true)
rescue JWT::ExpiredSignature
  render_error("jwt_expired") && (return)
rescue JWT::DecodeError
  render_error("invalid_jwt") && (return)
end

#update_revoked_access_tokens_by_webhook ⇒ `Object`

# File 'lib/zaikio/jwt_auth.rb', line 135

def update_revoked_access_tokens_by_webhook
  return unless %w[directory.revoked_access_token zaikio.revoked_access_token].include?(params[:name])

  DirectoryCache.update("api/v1/revoked_access_tokens.json", expires_after: 60.minutes) do |data|
    data["revoked_token_ids"] << params[:payload][:access_token_id]
    data
  end

  render json: { received: true }
end

Module: Zaikio::JWTAuth::InstanceMethods

Instance Method Summary collapse

Instance Method Details

#authenticate_by_jwt ⇒ Object

#update_revoked_access_tokens_by_webhook ⇒ Object

#authenticate_by_jwt ⇒ `Object`

#update_revoked_access_tokens_by_webhook ⇒ `Object`