Class: OAuth2::MCP::JWTValidator

Inherits:
Object
  • Object
show all
Defined in:
lib/oauth2/mcp.rb

Overview

Validates JWT bearer tokens with a configured JWKS.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(jwks:, issuer: nil, audience: nil, algorithms: ["RS256"], leeway: 60) ⇒ JWTValidator

Returns a new instance of JWTValidator.



140
141
142
143
144
145
146
 
# File 'lib/oauth2/mcp.rb', line 140

def initialize(jwks:, issuer: nil, audience: nil, algorithms: ["RS256"], leeway: 60)
  @jwk_set = build_jwk_set(jwks)
  @issuer = issuer
  @audience = audience
  @algorithms = Array(algorithms).map(&:to_s).freeze
  @leeway = leeway
end

Instance Attribute Details

#algorithmsObject (readonly)

Returns the value of attribute algorithms.



138
139
140
 
# File 'lib/oauth2/mcp.rb', line 138

def algorithms
  @algorithms
end

#audienceObject (readonly)

Returns the value of attribute audience.



138
139
140
 
# File 'lib/oauth2/mcp.rb', line 138

def audience
  @audience
end

#issuerObject (readonly)

Returns the value of attribute issuer.



138
139
140
 
# File 'lib/oauth2/mcp.rb', line 138

def issuer
  @issuer
end

#leewayObject (readonly)

Returns the value of attribute leeway.



138
139
140
 
# File 'lib/oauth2/mcp.rb', line 138

def leeway
  @leeway
end

Instance Method Details

#call(token) ⇒ Object 



148
149
150
151
152
153
 
# File 'lib/oauth2/mcp.rb', line 148

def call(token)
  decoded, = JWT.decode(token, nil, true, decode_options)
  TokenClaims.from_hash(decoded)
rescue JWT::DecodeError => e
  raise InvalidToken, e.message
end