class SelfSDK::Messages::Attestation

Attributes

audience[RW]
expected_value[RW]
fact_name[RW]
operator[RW]
origin[RW]
source[RW]
to[RW]
value[RW]
verified[RW]

Public Class Methods

new(messaging) click to toggle source
# File lib/messages/attestation.rb, line 12
def initialize(messaging)
  @messaging = messaging
end

Public Instance Methods

parse(name, attestation) click to toggle source
# File lib/messages/attestation.rb, line 16
def parse(name, attestation)
  payload = JSON.parse(@messaging.jwt.decode(attestation[:payload]), symbolize_names: true)
  @origin = payload[:iss]
  @to = payload[:sub]
  @audience = payload[:aud]
  @source = payload[:source]
  header = JSON.parse(@messaging.jwt.decode(attestation[:protected]), symbolize_names: true)
  @verified = valid_signature?(attestation, header[:kid])
  @expected_value = payload[:expected_value]
  @operator = payload[:operator]
  @fact_name = name.to_s
  unless payload[name].nil?
    @value = payload[name]
  end
end
signed() click to toggle source
# File lib/messages/attestation.rb, line 43
def signed
  o = {
      sub: @to,
      iss: @origin,
      iat: SelfSDK::Time.now.strftime('%FT%TZ'),
      source: @source,
      fact: @fact_name,
      expected_value: @expected_value,
      operator: @operator,
  }
  o[:aud] = @audience unless @audience.nil?
  o[@fact_name.to_sym] = @value
  @messaging.jwt.signed(o)
end
valid_signature?(body, kid) click to toggle source
# File lib/messages/attestation.rb, line 32
def valid_signature?(body, kid)
  k = @messaging.client.public_key(@origin, kid).raw_public_key
  raise ::StandardError.new("invalid signature") unless @messaging.jwt.verify(body, k)

  true
end
validate!(original) click to toggle source
# File lib/messages/attestation.rb, line 39
def validate!(original)
  raise ::StandardError.new("invalid origin") if @to != original.to
end