class KeycloakRack::DecodedToken
PORO that wraps the result of decoding the JWT into something slightly more usable, with some type-safety and role checking features.
Constants
- ALIASES
- KEY_MAP
Mapping used to remap keys from a Keycloak JWT payload into something more legible. @api private
Public Instance Methods
fetch(key)
click to toggle source
@param [#to_sym] key @raise [KeycloakRack::DecodedToken::UnknownAttribute] if it is an unknown attribute @return [Object]
# File lib/keycloak_rack/decoded_token.rb, line 146 def fetch(key) key = key.to_sym if key.in?(attribute_names) self[key] elsif key.in?(ALIASES) public_send(key) elsif key.in?(original_payload) original_payload[key] else raise UnknownAttribute, "Cannot fetch #{key.inspect}" end end
has_realm_role?(name)
click to toggle source
Check if the current user has a certain realm role
@param [#to_s] name
# File lib/keycloak_rack/decoded_token.rb, line 163 def has_realm_role?(name) name.to_s.in? realm_access.roles end
has_resource_role?(resource_name, role_name)
click to toggle source
Check if the user has a certain role on a certain resource.
@param [#to_s] resource_name @param [#to_s] role_name
# File lib/keycloak_rack/decoded_token.rb, line 171 def has_resource_role?(resource_name, role_name) resource_access[resource_name.to_s]&.has_role?(role_name) end
slice(*keys)
click to toggle source
Extract keys into something hash-like
@param [<String, Symbol>] keys @return [ActiveSupport::HashWithIndifferentAccess]
# File lib/keycloak_rack/decoded_token.rb, line 179 def slice(*keys) keys.flatten! keys.each_with_object({}.with_indifferent_access) do |key, h| h[key] = fetch(key) end end