class KeycloakRack::DecodedToken

PORO that wraps the result of decoding the JWT into something slightly more usable, with some type-safety and role checking features.

Constants

ALIASES
KEY_MAP

Mapping used to remap keys from a Keycloak JWT payload into something more legible. @api private

Public Instance Methods

fetch(key) click to toggle source

@param [#to_sym] key @raise [KeycloakRack::DecodedToken::UnknownAttribute] if it is an unknown attribute @return [Object]

# File lib/keycloak_rack/decoded_token.rb, line 146
def fetch(key)
  key = key.to_sym

  if key.in?(attribute_names)
    self[key]
  elsif key.in?(ALIASES)
    public_send(key)
  elsif key.in?(original_payload)
    original_payload[key]
  else
    raise UnknownAttribute, "Cannot fetch #{key.inspect}"
  end
end
has_realm_role?(name) click to toggle source

Check if the current user has a certain realm role

@param [#to_s] name

# File lib/keycloak_rack/decoded_token.rb, line 163
def has_realm_role?(name)
  name.to_s.in? realm_access.roles
end
has_resource_role?(resource_name, role_name) click to toggle source

Check if the user has a certain role on a certain resource.

@param [#to_s] resource_name @param [#to_s] role_name

# File lib/keycloak_rack/decoded_token.rb, line 171
def has_resource_role?(resource_name, role_name)
  resource_access[resource_name.to_s]&.has_role?(role_name)
end
slice(*keys) click to toggle source

Extract keys into something hash-like

@param [<String, Symbol>] keys @return [ActiveSupport::HashWithIndifferentAccess]

# File lib/keycloak_rack/decoded_token.rb, line 179
def slice(*keys)
  keys.flatten!

  keys.each_with_object({}.with_indifferent_access) do |key, h|
    h[key] = fetch(key)
  end
end