Class: JWT::Decode

Inherits:

Object

• Object
• JWT::Decode

Defined in:

lib/jwt/decode.rb

Overview

The Decode class is responsible for decoding and verifying JWT tokens.

Constant Summary

ALGORITHM_KEYS =

Order is very important - first check for string keys, next for symbols

['algorithm',
:algorithm,
'algorithms',
:algorithms].freeze

Instance Method Summary

• #decode_segments ⇒ Array<Hash>

  Decodes the JWT token and verifies its segments if verification is enabled.

• #initialize(jwt, key, verify, options, &keyfinder) ⇒ Decode constructor

  Initializes a new Decode instance.

Constructor Details

#initialize(jwt, key, verify, options, &keyfinder) ⇒ Decode

Initializes a new Decode instance.

Parameters:

• jwt (String) —

  the JWT to decode.

• key (String, Array<String>) —

  the key(s) to use for verification.

• verify (Boolean) —

  whether to verify the token’s signature.

• options (Hash) —

  additional options for decoding and verification.

• keyfinder (Proc) —

  an optional key finder block to dynamically find the key for verification.

Raises:

• (JWT::DecodeError) —

  if decoding or verification fails.

# File 'lib/jwt/decode.rb', line 22

def initialize(jwt, key, verify, options, &keyfinder)
  raise JWT::DecodeError, 'Nil JSON web token' unless jwt

  @token = EncodedToken.new(jwt)
  @key = key
  @options = options
  @verify = verify
  @keyfinder = keyfinder
end

Instance Method Details

#decode_segments ⇒ Array<Hash>

Decodes the JWT token and verifies its segments if verification is enabled.

Returns:

• (Array<Hash>) —

  an array containing the decoded payload and header.

# File 'lib/jwt/decode.rb', line 35

def decode_segments
  validate_segment_count!
  if @verify
    verify_algo
    set_key
    verify_signature
    Claims::DecodeVerifier.verify!(token.unverified_payload, @options)
  end

  [token.unverified_payload, token.header]
end