class AppleSignIn::ClientSecretGenerator
Public Instance Methods
generate(identity_token)
click to toggle source
# File lib/apple_sign_in/client_secret_generator.rb, line 12 def generate(identity_token) apple_client_id = extract_apple_client_id(identity_token) claims = create_claims(apple_client_id) jwt(claims) end
Private Instance Methods
create_claims(apple_client_id)
click to toggle source
# File lib/apple_sign_in/client_secret_generator.rb, line 27 def create_claims(apple_client_id) { "iss" => apple_team_id, "iat" => Time.now.to_i, "exp" => 5.months.from_now.to_i, "aud" => apple_base_url, "sub" => apple_client_id } end
extract_apple_client_id(identity_token)
click to toggle source
# File lib/apple_sign_in/client_secret_generator.rb, line 47 def extract_apple_client_id(identity_token) token_payload = JSON::JWT.decode(identity_token, :skip_verification) token_payload["aud"] end
headers()
click to toggle source
# File lib/apple_sign_in/client_secret_generator.rb, line 41 def headers { "kid" => apple_key_id } end
jwt(claims)
click to toggle source
# File lib/apple_sign_in/client_secret_generator.rb, line 20 def jwt(claims) jwt = JSON::JWT.new(claims) jwt.kid = apple_key_id jws = jwt.sign(private_key, :ES256) jws.to_s end
private_key()
click to toggle source
# File lib/apple_sign_in/client_secret_generator.rb, line 37 def private_key OpenSSL::PKey::EC.new apple_private_key end