Class: JSON::JWT

Inherits:
ActiveSupport::HashWithIndifferentAccess
  • Object
show all
Includes:
JOSE
Defined in:
lib/json/jwt.rb

Direct Known Subclasses

JWS

Defined Under Namespace

Classes: Exception, InvalidFormat, UnexpectedAlgorithm, VerificationFailed

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from JOSE

#secure_compare, #with_jwk_support

Constructor Details

#initialize(claims = {}) ⇒ JWT

Returns a new instance of JWT.


18
19
20
21
22
23
24
25
26
# File 'lib/json/jwt.rb', line 18

def initialize(claims = {})
  @content_type = 'application/jwt'
  self.typ = :JWT
  self.alg = :none
  [:exp, :nbf, :iat].each do |key|
    claims[key] = claims[key].to_i if claims[key]
  end
  update claims
end

Instance Attribute Details

#signatureObject

Returns the value of attribute signature


9
10
11
# File 'lib/json/jwt.rb', line 9

def signature
  @signature
end

Class Method Details

.decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil) ⇒ Object


82
83
84
85
86
87
88
89
90
91
# File 'lib/json/jwt.rb', line 82

def decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil)
  case jwt_string.count('.') + 1
  when JWS::NUM_OF_SEGMENTS
    JWS.decode_compact_serialized jwt_string, key_or_secret, algorithms
  when JWE::NUM_OF_SEGMENTS
    JWE.decode_compact_serialized jwt_string, key_or_secret, algorithms, encryption_methods
  else
    raise InvalidFormat.new("Invalid JWT Format. JWT should include #{JWS::NUM_OF_SEGMENTS} or #{JWE::NUM_OF_SEGMENTS} segments.")
  end
end

.decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil) ⇒ Object


93
94
95
96
97
98
99
100
101
102
# File 'lib/json/jwt.rb', line 93

def decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil)
  input = input.with_indifferent_access
  if (input[:signatures] || input[:signature]).present?
    JWS.decode_json_serialized input, key_or_secret, algorithms
  elsif input[:ciphertext].present?
    JWE.decode_json_serialized input, key_or_secret, algorithms, encryption_methods
  else
    raise InvalidFormat.new("Unexpected JOSE JSON Serialization Format.")
  end
end

.pretty_generate(jwt_string) ⇒ Object


104
105
106
# File 'lib/json/jwt.rb', line 104

def pretty_generate(jwt_string)
  decode(jwt_string, :skip_verification).pretty_generate
end

Instance Method Details

#as_json(options = {}) ⇒ Object


53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# File 'lib/json/jwt.rb', line 53

def as_json(options = {})
  case options[:syntax]
  when :general
    {
      payload: Base64.urlsafe_encode64(self.to_json, padding: false),
      signatures: [{
        protected: Base64.urlsafe_encode64(header.to_json, padding: false),
        signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
      }]
    }
  when :flattened
    {
      protected: Base64.urlsafe_encode64(header.to_json, padding: false),
      payload:   Base64.urlsafe_encode64(self.to_json, padding: false),
      signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
    }
  else
    super
  end
end

#encrypt(public_key_or_secret, algorithm = :RSA1_5, encryption_method = A128CBC-HS256) ⇒ Object


35
36
37
38
39
40
41
# File 'lib/json/jwt.rb', line 35

def encrypt(public_key_or_secret, algorithm = :RSA1_5, encryption_method = :'A128CBC-HS256')
  jwe = JWE.new self
  jwe.kid ||= public_key_or_secret[:kid] if public_key_or_secret.is_a? JSON::JWK
  jwe.alg = algorithm
  jwe.enc = encryption_method
  jwe.encrypt! public_key_or_secret
end

#pretty_generateObject


74
75
76
77
78
79
# File 'lib/json/jwt.rb', line 74

def pretty_generate
  [
    JSON.pretty_generate(header),
    JSON.pretty_generate(self)
  ]
end

#sign(private_key_or_secret, algorithm = :autodetect) ⇒ Object


28
29
30
31
32
33
# File 'lib/json/jwt.rb', line 28

def sign(private_key_or_secret, algorithm = :autodetect)
  jws = JWS.new self
  jws.kid ||= private_key_or_secret[:kid] if private_key_or_secret.is_a? JSON::JWK
  jws.alg = algorithm
  jws.sign! private_key_or_secret
end

#to_sObject


43
44
45
46
47
48
49
50
51
# File 'lib/json/jwt.rb', line 43

def to_s
  [
    header.to_json,
    self.to_json,
    signature
  ].collect do |segment|
    Base64.urlsafe_encode64 segment.to_s, padding: false
  end.join('.')
end