class SelfSDK::Messages::Attestation
Attributes
audience[RW]
expected_value[RW]
fact_name[RW]
operator[RW]
origin[RW]
source[RW]
to[RW]
value[RW]
verified[RW]
Public Class Methods
new(messaging)
click to toggle source
# File lib/messages/attestation.rb, line 12 def initialize(messaging) @messaging = messaging end
Public Instance Methods
parse(name, attestation)
click to toggle source
# File lib/messages/attestation.rb, line 16 def parse(name, attestation) payload = JSON.parse(@messaging.jwt.decode(attestation[:payload]), symbolize_names: true) @origin = payload[:iss] @to = payload[:sub] @audience = payload[:aud] @source = payload[:source] header = JSON.parse(@messaging.jwt.decode(attestation[:protected]), symbolize_names: true) @verified = valid_signature?(attestation, header[:kid]) @expected_value = payload[:expected_value] @operator = payload[:operator] @fact_name = name.to_s unless payload[name].nil? @value = payload[name] end end
signed()
click to toggle source
# File lib/messages/attestation.rb, line 43 def signed o = { sub: @to, iss: @origin, iat: SelfSDK::Time.now.strftime('%FT%TZ'), source: @source, fact: @fact_name, expected_value: @expected_value, operator: @operator, } o[:aud] = @audience unless @audience.nil? o[@fact_name.to_sym] = @value @messaging.jwt.signed(o) end
valid_signature?(body, kid)
click to toggle source
# File lib/messages/attestation.rb, line 32 def valid_signature?(body, kid) k = @messaging.client.public_key(@origin, kid).raw_public_key raise ::StandardError.new("invalid signature") unless @messaging.jwt.verify(body, k) true end
validate!(original)
click to toggle source
# File lib/messages/attestation.rb, line 39 def validate!(original) raise ::StandardError.new("invalid origin") if @to != original.to end