class JWT::Auth::Token

In-memory representation of JWT

Attributes

issued_at[RW]
subject[RW]
version[RW]

Public Class Methods

from_jwt(token) click to toggle source
# File lib/jwt/auth/token.rb, line 52
def from_jwt(token)
  payload = JWT.decode(token, JWT::Auth.secret).first

  token = token_for payload['typ']

  token ? token.new(parse payload) : nil
rescue JWT::DecodeError
  nil
end
new(params = {}) click to toggle source
# File lib/jwt/auth/token.rb, line 15
def initialize(params = {})
  params.each { |key, value| send "#{key}=", value }
end

Protected Class Methods

model() click to toggle source
# File lib/jwt/auth/token.rb, line 88
def model
  const_get JWT::Auth.model
end
parse(payload) click to toggle source

Parse raw JWT payload into params object used to initialize a token class

# File lib/jwt/auth/token.rb, line 67
def parse(payload)
  {
    :issued_at => payload['iat'],
    :version => payload['ver'],
    :subject => model.find_by_token(:id => payload['sub'],
                                    :token_version => payload['ver'])
  }
end
token_for(type) click to toggle source

Determine token class based on type identifier

# File lib/jwt/auth/token.rb, line 79
def token_for(type)
  case type
  when 'access'
    AccessToken
  when 'refresh'
    RefreshToken
  end
end

Public Instance Methods

lifetime() click to toggle source

Override this method in subclasses

# File lib/jwt/auth/token.rb, line 47
def lifetime
  raise NotImplementedError
end
to_jwt() click to toggle source
# File lib/jwt/auth/token.rb, line 33
def to_jwt
  JWT.encode payload, JWT::Auth.secret
end
type() click to toggle source

Override this method in subclasses

# File lib/jwt/auth/token.rb, line 40
def type
  raise NotImplementedError
end
valid?() click to toggle source
# File lib/jwt/auth/token.rb, line 19
def valid?
  # Reload subject to prevent caching the old token_version
  subject&.reload

  return false if subject.nil? || issued_at.nil? || version.nil?
  return false if Time.at(issued_at + lifetime.to_i).past?
  return false if Time.at(issued_at).future?
  return false if version != subject.token_version

  true
rescue ActiveRecord::RecordNotFound
  false
end

Private Instance Methods

payload() click to toggle source
# File lib/jwt/auth/token.rb, line 95
def payload
  {
    :iat => issued_at || Time.now.to_i,
    :sub => subject.id,
    :ver => version || subject.token_version,
    :typ => type
  }
end