Class: JWT::JWK::KeyFinder

Inherits:

Object

• Object
• JWT::JWK::KeyFinder

Defined in:

lib/jwt/jwk/key_finder.rb

Overview

JSON Web Key keyfinder To find the key for a given kid

Instance Method Summary

• #call(token) ⇒ Object

  Returns the key for the given token.

• #initialize(options) ⇒ KeyFinder constructor

  Initializes a new KeyFinder instance.

• #key_for(kid) ⇒ Object

  Returns the verification key for the given kid.

Constructor Details

#initialize(options) ⇒ KeyFinder

Initializes a new KeyFinder instance.

Parameters:

• options (Hash) —

  the options to create a KeyFinder with

Options Hash (options):

• :jwks (Proc, JWT::JWK::Set) —

  the jwks or a loader proc

• :allow_nil_kid (Boolean) —

  whether to allow nil kid

# File 'lib/jwt/jwk/key_finder.rb', line 12

def initialize(options)
  @allow_nil_kid = options[:allow_nil_kid]
  jwks_or_loader = options[:jwks]

  @jwks_loader = if jwks_or_loader.respond_to?(:call)
                   jwks_or_loader
                 else
                   ->(_options) { jwks_or_loader }
                 end
end

Instance Method Details

#call(token) ⇒ Object

Returns the key for the given token

Parameters:

• token (JWT::EncodedToken) —

  the token

# File 'lib/jwt/jwk/key_finder.rb', line 39

def call(token)
  key_for(token.header['kid'])
end

#key_for(kid) ⇒ Object

Returns the verification key for the given kid

Parameters:

• kid (String) —

  the key id

Raises:

• (::JWT::DecodeError)

# File 'lib/jwt/jwk/key_finder.rb', line 25

def key_for(kid)
  raise ::JWT::DecodeError, 'No key id (kid) found from token headers' unless kid || @allow_nil_kid
  raise ::JWT::DecodeError, 'Invalid type for kid header parameter' unless kid.nil? || kid.is_a?(String)

  jwk = resolve_key(kid)

  raise ::JWT::DecodeError, 'No keys found in jwks' unless @jwks.any?
  raise ::JWT::DecodeError, "Could not find public key for kid #{kid}" unless jwk

  jwk.verify_key
end