class FirebaseAuthRuby::Verifier::Base

Attributes

project_id[R]
public_key_fetcher[R]
token[R]

Public Class Methods

new(token:, project_id:, public_key_fetcher:) click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 12
def initialize(token:, project_id:, public_key_fetcher:)
  @token = token
  @project_id = project_id
  @public_key_fetcher = public_key_fetcher
end
verify!(token:, project_id:, public_key_fetcher: PublicKeyFetcher.new) click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 4
def self.verify!(token:, project_id:, public_key_fetcher: PublicKeyFetcher.new)
  new(
    token: token,
    project_id: project_id,
    public_key_fetcher: public_key_fetcher
  ).verify!
end

Public Instance Methods

verify!() click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 18
def verify!
  public_key = fetch_and_check_public_key!

  decode_with_pubkey!(public_key)
end

Private Instance Methods

decode_with_pubkey!(public_key) click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 47
def decode_with_pubkey!(public_key)
  cert = OpenSSL::X509::Certificate.new(public_key)
  decoded =
    JWT.decode token,
               cert.public_key,
               true,
               algorithm: 'RS256',
               iss: iss, verify_iss: true,
               aud: project_id, verify_aud: true,
               verify_iat: true

  decoded[0]
end
fetch_and_check_public_key!() click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 28
def fetch_and_check_public_key!
  public_keys = public_key_fetcher.fetch(public_key_url)

  decoded =
    JWT.decode token,
                nil,
                false,
                verify_iat: true,
                verify_aud: true, aud: project_id,
                verify_iss: true, iss: iss

  headers = decoded[1]
  kid = headers['kid'] || raise(Error, %("kid" not found in JWT header))

  raise Error, %("kid" claim does not correspond to a known public key.) unless public_keys.key?(kid)

  public_keys[kid]
end
iss() click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 61
def iss
  raise NotImplementedError
end
public_key_url() click to toggle source
# File lib/firebase_auth_ruby/verifier/base.rb, line 65
def public_key_url
  raise NotImplementedError
end