class Virgil::Jwt::JwtVerifier

Attributes

access_token_signer[R]

@return [AccessTokenSigner] that is used to verify token signature.

api_public_key[R]
Public Key which should be used to verify signatures

@return [PublicKey]

api_public_key_id[R]

Id of public key which should be used to verify signatures @return [String]

Public Class Methods

new(access_token_signer:, api_public_key:, api_public_key_id:) click to toggle source

Initializes a new instance of the class @param access_token_signer [AccessTokenSigner] @param api_public_key [PublicKey] @param api_public_key_id [String]

# File lib/virgil/jwt/jwt_verifier.rb, line 55
def initialize(access_token_signer:, api_public_key:, api_public_key_id:)
  @access_token_signer = access_token_signer
  @api_public_key = api_public_key
  @api_public_key_id = api_public_key_id
end

Public Instance Methods

verify_token(jwt) click to toggle source

Verifies specified token. @param jwt [Jwt] token to be virefied. @return true if token is verified, otherwise false.

# File lib/virgil/jwt/jwt_verifier.rb, line 64
def verify_token(jwt)
  if jwt.header_content.key_id != @api_public_key_id ||
     jwt.header_content.algorithm != @access_token_signer.algorithm ||
     jwt.header_content.content_type != JwtHeaderContent::VIRGIL_CONTENT_TYPE ||
     jwt.header_content.type != JwtHeaderContent::JWT_TYPE
    return false
  end

  @access_token_signer.verify_token_signature(jwt.signature_data,
                                              jwt.unsigned_data,
                                              api_public_key)
end