Class: OAuth2::MCP::TokenClaims

Inherits:

Object

• Object
• OAuth2::MCP::TokenClaims

Defined in:

lib/oauth2/mcp.rb

Overview

Normalized token claims returned by provider-specific validators.

Instance Attribute Summary

• #audience ⇒ Object readonly

  Returns the value of attribute audience.

• #expires_at ⇒ Object readonly

  Returns the value of attribute expires_at.

• #issuer ⇒ Object readonly

  Returns the value of attribute issuer.

• #raw ⇒ Object readonly

  Returns the value of attribute raw.

• #scopes ⇒ Object readonly

  Returns the value of attribute scopes.

• #subject ⇒ Object readonly

  Returns the value of attribute subject.

Class Method Summary

• .from_hash(hash) ⇒ Object

Instance Method Summary

• #audience_includes?(resource) ⇒ Boolean
• #expired?(now: Time.now) ⇒ Boolean
• #initialize(subject: nil, scopes: [], audience: [], **claims) ⇒ TokenClaims constructor

  A new instance of TokenClaims.

• #scopes_include?(required_scopes) ⇒ Boolean

Constructor Details

#initialize(subject: nil, scopes: [], audience: [], **claims) ⇒ TokenClaims

Returns a new instance of TokenClaims.

# File 'lib/oauth2/mcp.rb', line 25

def initialize(subject: nil, scopes: [], audience: [], **claims)
  @subject = subject
  @scopes = Array(scopes).flat_map { |scope| scope.to_s.split(/\s+/) }.reject(&:empty?).freeze
  @audience = Array(audience).map(&:to_s).reject(&:empty?).freeze
  @issuer = claims[:issuer]
  @expires_at = claims[:expires_at]
  @raw = (claims[:raw] || {}).freeze
end

Instance Attribute Details

#audience ⇒ Object (readonly)

Returns the value of attribute audience.

# File 'lib/oauth2/mcp.rb', line 23

def audience
  @audience
end

#expires_at ⇒ Object (readonly)

Returns the value of attribute expires_at.

# File 'lib/oauth2/mcp.rb', line 23

def expires_at
  @expires_at
end

#issuer ⇒ Object (readonly)

Returns the value of attribute issuer.

# File 'lib/oauth2/mcp.rb', line 23

def issuer
  @issuer
end

#raw ⇒ Object (readonly)

Returns the value of attribute raw.

# File 'lib/oauth2/mcp.rb', line 23

def raw
  @raw
end

#scopes ⇒ Object (readonly)

Returns the value of attribute scopes.

# File 'lib/oauth2/mcp.rb', line 23

def scopes
  @scopes
end

#subject ⇒ Object (readonly)

Returns the value of attribute subject.

# File 'lib/oauth2/mcp.rb', line 23

def subject
  @subject
end

Class Method Details

.from_hash(hash) ⇒ Object

# File 'lib/oauth2/mcp.rb', line 35

def from_hash(hash)
  new(
    subject: first_value(hash, :subject, "subject", :sub, "sub"),
    scopes: first_value(hash, :scopes, "scopes", :scope, "scope") || [],
    audience: first_value(hash, :audience, "audience", :aud, "aud") || [],
    issuer: first_value(hash, :issuer, "issuer", :iss, "iss"),
    expires_at: first_value(hash, :expires_at, "expires_at", :exp, "exp"),
    raw: hash,
  )
end

Instance Method Details

#audience_includes?(resource) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/oauth2/mcp.rb', line 66

def audience_includes?(resource)
  audience.include?(resource.to_s)
end

#expired?(now: Time.now) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/oauth2/mcp.rb', line 56

def expired?(now: Time.now)
  return false unless expires_at

  Time.at(expires_at.to_i) <= now
end

#scopes_include?(required_scopes) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/oauth2/mcp.rb', line 62

def scopes_include?(required_scopes)
  (Array(required_scopes).map(&:to_s) - scopes).empty?
end