Class: Zaikio::JWTAuth::TokenData

Inherits:
Object
  • Object
show all
Defined in:
lib/zaikio/jwt_auth/token_data.rb

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(payload, token: nil) ⇒ TokenData

Returns a new instance of TokenData.



24
25
26
27
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 24

def initialize(payload, token: nil)
  @payload = payload
  @token = token
end

Class Method Details

.actions_by_permissionObject 



8
9
10
11
12
13
14
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 8

def self.actions_by_permission
  {
    "r" => %w[show index],
    "w" => %w[update create destroy],
    "rw" => %w[show index update create destroy]
  }.freeze
end

.permissions_by_typeObject 



16
17
18
19
20
21
22
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 16

def self.permissions_by_type
  {
    read: %w[r rw],
    write: %w[rw w],
    read_write: %w[r rw w]
  }
end

.subject_formatObject 



4
5
6
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 4

def self.subject_format
  %r{^((\w+)/((\w|-)+)>)?(\w+)/((\w|-)+)$}
end

Instance Method Details

#audienceObject 



33
34
35
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 33

def audience
  audiences.first
end

#audiencesObject 



37
38
39
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 37

def audiences
  @payload["aud"] || []
end

#expires_atObject 



49
50
51
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 49

def expires_at
  Time.zone.at(@payload["exp"]).to_datetime
end

#jtiObject 



45
46
47
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 45

def jti
  @payload["jti"]
end

#on_behalf_of_idObject 



86
87
88
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 86

def on_behalf_of_id
  subject_match[3]
end

#on_behalf_of_typeObject 



90
91
92
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 90

def on_behalf_of_type
  subject_match[2]
end

#scopeObject 



41
42
43
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 41

def scope
  @payload["scope"]
end

#scope?(allowed_scopes, action_name, app_name: nil, type: nil, scope: nil) ⇒ Boolean

rubocop:disable Metrics/AbcSize

Returns:

  • (Boolean) 


61
62
63
64
65
66
67
68
69
70
71
72
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 61

def scope?(allowed_scopes, action_name, app_name: nil, type: nil, scope: nil) # rubocop:disable Metrics/AbcSize
  app_name ||= Zaikio::JWTAuth.configuration.app_name
  scope ||= self.scope
  Array(allowed_scopes).map(&:to_s).any? do |allowed_scope|
    scope.any? do |s|
      parts = s.split(".")
      parts[0] == app_name &&
        parts[1] == allowed_scope &&
        action_permitted?(action_name, parts[2], type: type)
    end
  end
end

#scope_by_configurations?(configuration, action_name) ⇒ Boolean

scope_options is an array of objects with: scope, app_name (optional), except/only (array, optional), type (read, write, readwrite)

Returns:

  • (Boolean) 


55
56
57
58
59
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 55

def scope_by_configurations?(configuration, action_name)
  return true unless configuration

  scope?(configuration[:scopes], action_name, app_name: configuration[:app_name], type: configuration[:type])
end

#subjectObject 



82
83
84
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 82

def subject
  "#{subject_type}/#{subject_id}"
end

#subject_idObject 



74
75
76
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 74

def subject_id
  subject_match[6]
end

#subject_matchObject 



94
95
96
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 94

def subject_match
  self.class.subject_format.match(@payload["sub"]) || []
end

#subject_typeObject 



78
79
80
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 78

def subject_type
  subject_match[5]
end

#to_sObject 



29
30
31
 
# File 'lib/zaikio/jwt_auth/token_data.rb', line 29

def to_s
  @token
end