Class: SignIn::StatePayloadJwtDecoder

Inherits:

Object

• Object
• SignIn::StatePayloadJwtDecoder

Defined in:

app/services/sign_in/state_payload_jwt_decoder.rb

Instance Attribute Summary

• #state_payload_jwt ⇒ Object readonly

  Returns the value of attribute state_payload_jwt.

Instance Method Summary

• #create_state_payload ⇒ Object private
• #decode_key_array ⇒ Object private
• #decoded_jwt ⇒ Object private
• #initialize(state_payload_jwt:) ⇒ StatePayloadJwtDecoder constructor

  A new instance of StatePayloadJwtDecoder.

• #perform ⇒ Object
• #public_key ⇒ Object private
• #public_key_old ⇒ Object private

Constructor Details

#initialize(state_payload_jwt:) ⇒ StatePayloadJwtDecoder

Returns a new instance of StatePayloadJwtDecoder.

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 7

def initialize(state_payload_jwt:)
  @state_payload_jwt = state_payload_jwt
end

Instance Attribute Details

#state_payload_jwt ⇒ Object (readonly)

Returns the value of attribute state_payload_jwt.

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 5

def state_payload_jwt
  @state_payload_jwt
end

Instance Method Details

#create_state_payload ⇒ Object (private)

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 17

def create_state_payload
  StatePayload.new(
    acr: decoded_jwt.acr,
    client_id: decoded_jwt.client_id,
    type: decoded_jwt.type,
    code_challenge: decoded_jwt.code_challenge,
    client_state: decoded_jwt.client_state,
    code: decoded_jwt.code,
    created_at: decoded_jwt.created_at,
    scope: decoded_jwt.scope
  )
end

#decode_key_array ⇒ Object (private)

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 49

def decode_key_array
  [public_key, public_key_old].compact
end

#decoded_jwt ⇒ Object (private)

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 30

def decoded_jwt
  @decoded_jwt ||= begin
    with_validation = true
    decoded_jwt = JWT.decode(
      state_payload_jwt,
      decode_key_array,
      with_validation,
      {
        algorithm: Constants::Auth::JWT_ENCODE_ALGORITHM
      }
    )&.first
    OpenStruct.new(decoded_jwt)
  end
rescue JWT::VerificationError
  raise Errors::StatePayloadSignatureMismatchError.new message: 'State JWT body does not match signature'
rescue JWT::DecodeError
  raise Errors::StatePayloadMalformedJWTError.new message: 'State JWT is malformed'
end

#perform ⇒ Object

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 11

def perform
  create_state_payload
end

#public_key ⇒ Object (private)

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 53

def public_key
  OpenSSL::PKey::RSA.new(File.read(Settings.sign_in.jwt_encode_key)).public_key
end

#public_key_old ⇒ Object (private)

# File 'app/services/sign_in/state_payload_jwt_decoder.rb', line 57

def public_key_old
  return unless Settings.sign_in.jwt_old_encode_key

  OpenSSL::PKey::RSA.new(File.read(Settings.sign_in.jwt_old_encode_key)).public_key
end