class OmniAuth::Fishbrain::DecodeIdToken
Constants
- AWS_REGION
- USER_POOL_ID
Attributes
aws_region[R]
client_id[R]
jwt_leeway[R]
user_pool_id[R]
Public Class Methods
new(client_id, user_pool_id = USER_POOL_ID, aws_region = AWS_REGION)
click to toggle source
# File lib/omniauth/fishbrain/decode_id_token.rb, line 16 def initialize(client_id, user_pool_id = USER_POOL_ID, aws_region = AWS_REGION) @client_id = client_id @user_pool_id = user_pool_id @aws_region = aws_region @jwt_leeway = 60 end
Public Instance Methods
decode(raw_id_token)
click to toggle source
# File lib/omniauth/fishbrain/decode_id_token.rb, line 23 def decode(raw_id_token) JWT.decode(raw_id_token, nil, true, decode_options).first end
Private Instance Methods
decode_options()
click to toggle source
# File lib/omniauth/fishbrain/decode_id_token.rb, line 29 def decode_options { iss: iss, aud: client_id, verify_aud: false, verify_expiration: true, verify_iat: true, verify_iss: true, verify_not_before: true, leeway: jwt_leeway, algorithm: 'RS256', jwks: jwks, } end
iss()
click to toggle source
# File lib/omniauth/fishbrain/decode_id_token.rb, line 44 def iss "https://cognito-idp.#{aws_region}.amazonaws.com/#{user_pool_id}" end
jwks()
click to toggle source
# File lib/omniauth/fishbrain/decode_id_token.rb, line 48 def jwks get_json("#{iss}/.well-known/jwks.json") end