class Auth0RS256JWTVerifier

Public Class Methods

new(issuer:, audience:, jwks_url:, http: HTTP, exp_verifier: ExpVerifier.new) click to toggle source
# File lib/auth0_rs256_jwt_verifier.rb, line 16
def initialize(issuer:, audience:, jwks_url:, http: HTTP, exp_verifier: ExpVerifier.new)
  @audience        = audience
  @issuer          = issuer
  @jwks_url        = jwks_url
  @jwks_downloader = JWKSetDownloader.new(http)
  @exp_verifier    = exp_verifier
  @certificates    = nil
end

Public Instance Methods

verify(access_token) click to toggle source
# File lib/auth0_rs256_jwt_verifier.rb, line 25
def verify(access_token)
  payload = JWTDecoderWrapper.new(
    @audience,
    @issuer,
    certificates,
    exp_verifier: @exp_verifier,
    jwt_decoder: JWTDecoder.new,
  ).decode(access_token)
  Results::ValidAccessToken.new(UserId.new(payload.sub))
rescue JWTDecoderWrapper::Error
  Results::INVALID_ACCESS_TOKEN
end

Private Instance Methods

certificates() click to toggle source
# File lib/auth0_rs256_jwt_verifier.rb, line 40
def certificates
  return @certificates if @certificates
  @certificates = CertsSet.new(ValidJWKSet.new(@jwks_downloader.download(@jwks_url)))
end