class IMS::LTI::Services::AuthenticationService

Attributes

additional_claims[RW]
additional_params[RW]
aud[RW]
connection[RW]
grant_type[RW]
iss[RW]
secret[RW]
sub[RW]

Public Class Methods

new(iss:, aud:, sub:, secret:) click to toggle source
# File lib/ims/lti/services/authentication_service.rb, line 8
def initialize(iss:, aud:, sub:, secret:)
  @iss = iss
  @aud = aud
  @sub = sub
  @secret = secret
  @additional_claims = {}
  @additional_params = {}
  @grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
end

Public Instance Methods

access_token() click to toggle source
# File lib/ims/lti/services/authentication_service.rb, line 22
def access_token
  access_token_request['access_token']
end
expiration() click to toggle source
# File lib/ims/lti/services/authentication_service.rb, line 26
def expiration
  expires_in = access_token_request['expires_in'].to_i
  @_response_time + expires_in
end
expired?() click to toggle source
# File lib/ims/lti/services/authentication_service.rb, line 31
def expired?
  expiration < Time.now
end
invalidate!() click to toggle source
# File lib/ims/lti/services/authentication_service.rb, line 35
def invalidate!
  @_access_token_request = nil
  @_response_time = nil
end

Private Instance Methods

access_token_request() click to toggle source
# File lib/ims/lti/services/authentication_service.rb, line 42
def access_token_request
  @_access_token_request ||= begin
    assertion = JSON::JWT.new(
      iss: iss,
      sub: sub,
      aud: aud.to_s,
      iat: Time.now.to_i,
      exp: 1.minute.from_now,
      jti: SecureRandom.uuid
    )
    assertion.merge!(@additional_claims)
    assertion = assertion.sign(@secret, :HS256).to_s
    body = {
      grant_type: grant_type,
      assertion: assertion
    }
    body.merge!(@additional_params)
    response = connection.post(aud, body)
    raise IMS::LTI::Errors::AuthenticationFailedError.new(response: response) unless response.success?
    @_response_time = Time.now
    response.body
  end
end