class JWTSessions::Session
Attributes
access_token[R]
csrf_token[R]
namespace[RW]
payload[RW]
refresh_by_access_allowed[RW]
refresh_payload[RW]
refresh_token[R]
store[RW]
Public Class Methods
flush_all(store = JWTSessions.token_store)
click to toggle source
# File lib/jwt_sessions/session.rb, line 105 def self.flush_all(store = JWTSessions.token_store) tokens = RefreshToken.all(nil, store) tokens.each do |token| AccessToken.destroy(token.access_uid, store) token.destroy end.count end
new(options = {})
click to toggle source
# File lib/jwt_sessions/session.rb, line 15 def initialize(options = {}) @store = options.fetch(:store, JWTSessions.token_store) @refresh_payload = options.fetch(:refresh_payload, {}) @payload = options.fetch(:payload, {}) @access_claims = options.fetch(:access_claims, {}) @refresh_claims = options.fetch(:refresh_claims, {}) @namespace = options.fetch(:namespace, nil) @refresh_by_access_allowed = options.fetch(:refresh_by_access_allowed, false) @_access_exp = options.fetch(:access_exp, nil) @_refresh_exp = options.fetch(:refresh_exp, nil) end
Public Instance Methods
flush_by_access_payload()
click to toggle source
# File lib/jwt_sessions/session.rb, line 65 def flush_by_access_payload raise Errors::InvalidPayload if payload.nil? ruid = retrieve_val_from(payload, :access, "ruid", "refresh uid") flush_by_uid(ruid) end
flush_by_token(token)
click to toggle source
flush the session by refresh token
# File lib/jwt_sessions/session.rb, line 72 def flush_by_token(token) uid = token_uid(token, :refresh, @refresh_claims) flush_by_uid(uid) end
flush_by_uid(uid)
click to toggle source
flush the session by refresh token uid
# File lib/jwt_sessions/session.rb, line 78 def flush_by_uid(uid) token = retrieve_refresh_token(uid) AccessToken.destroy(token.access_uid, store) token.destroy end
flush_namespaced()
click to toggle source
# File lib/jwt_sessions/session.rb, line 96 def flush_namespaced return 0 unless namespace tokens = RefreshToken.all(namespace, store) tokens.each do |token| AccessToken.destroy(token.access_uid, store) token.destroy end.count end
flush_namespaced_access_tokens()
click to toggle source
flush access tokens only and keep refresh
# File lib/jwt_sessions/session.rb, line 86 def flush_namespaced_access_tokens return 0 unless namespace tokens = RefreshToken.all(namespace, store) tokens.each do |token| AccessToken.destroy(token.access_uid, store) # unlink refresh token from the current access token token.update(nil, nil, token.csrf) end.count end
login()
click to toggle source
# File lib/jwt_sessions/session.rb, line 27 def login create_csrf_token create_access_token create_refresh_token tokens_hash end
masked_csrf(access_token)
click to toggle source
# File lib/jwt_sessions/session.rb, line 46 def masked_csrf(access_token) csrf(access_token).token end
refresh(refresh_token, &block)
click to toggle source
# File lib/jwt_sessions/session.rb, line 50 def refresh(refresh_token, &block) refresh_token_data(refresh_token) refresh_by_uid(&block) end
refresh_by_access_payload(&block)
click to toggle source
# File lib/jwt_sessions/session.rb, line 55 def refresh_by_access_payload(&block) raise Errors::InvalidPayload if payload.nil? ruid = retrieve_val_from(payload, :access, "ruid", "refresh uid") retrieve_refresh_token(ruid) check_access_uid_within_refresh_token(&block) if block_given? refresh_by_uid(&block) end
session_exists?(token, token_type = :access)
click to toggle source
# File lib/jwt_sessions/session.rb, line 39 def session_exists?(token, token_type = :access) send(:"#{token_type}_token_data", token, true) true rescue Errors::Unauthorized false end
valid_access_request?(external_csrf_token, external_payload)
click to toggle source
# File lib/jwt_sessions/session.rb, line 113 def valid_access_request?(external_csrf_token, external_payload) ruid = retrieve_val_from(external_payload, :access, "ruid", "refresh uid") uid = retrieve_val_from(external_payload, :access, "uid", "access uid") refresh_token = RefreshToken.find(ruid, JWTSessions.token_store, first_match: true) return false unless uid == refresh_token.access_uid CSRFToken.new(refresh_token.csrf).valid_authenticity_token?(external_csrf_token) end
valid_csrf?(token, csrf_token, token_type = :access)
click to toggle source
# File lib/jwt_sessions/session.rb, line 35 def valid_csrf?(token, csrf_token, token_type = :access) send(:"valid_#{token_type}_csrf?", token, csrf_token) end
Private Instance Methods
access_token_data(token, _first_match = false)
click to toggle source
# File lib/jwt_sessions/session.rb, line 149 def access_token_data(token, _first_match = false) uid = token_uid(token, :access, @access_claims) data = store.fetch_access(uid) raise Errors::Unauthorized, "Access token not found" if data.empty? data end
check_access_uid_within_refresh_token() { |uid, access_expiration| ... }
click to toggle source
# File lib/jwt_sessions/session.rb, line 208 def check_access_uid_within_refresh_token uid = retrieve_val_from(payload, :access, "uid", "access uid") access_uid = @_refresh.access_uid return if access_uid.size.zero? yield @_refresh.uid, @_refresh.access_expiration if access_uid != uid end
check_refresh_on_time() { |uid, expiration| ... }
click to toggle source
# File lib/jwt_sessions/session.rb, line 202 def check_refresh_on_time expiration = @_refresh.access_expiration return if expiration.size.zero? yield @_refresh.uid, expiration if expiration.to_i > Time.now.to_i end
create_access_token()
click to toggle source
# File lib/jwt_sessions/session.rb, line 255 def create_access_token @_access = AccessToken.create( @_csrf.encoded, payload, store, JWTSessions.custom_access_expiration(@_access_exp) ) @access_token = @_access.token end
create_csrf_token()
click to toggle source
# File lib/jwt_sessions/session.rb, line 236 def create_csrf_token @_csrf = CSRFToken.new @csrf_token = @_csrf.token end
create_refresh_token()
click to toggle source
# File lib/jwt_sessions/session.rb, line 241 def create_refresh_token @_refresh = RefreshToken.create( @_csrf.encoded, @_access.uid, @_access.expiration, store, refresh_payload, namespace, JWTSessions.custom_refresh_expiration(@_refresh_exp) ) @refresh_token = @_refresh.token link_access_to_refresh end
csrf(access_token)
click to toggle source
# File lib/jwt_sessions/session.rb, line 139 def csrf(access_token) token_data = access_token_data(access_token) CSRFToken.new(token_data[:csrf]) end
issue_tokens_after_refresh()
click to toggle source
# File lib/jwt_sessions/session.rb, line 215 def issue_tokens_after_refresh create_csrf_token create_access_token update_refresh_token refresh_tokens_hash end
link_access_to_refresh()
click to toggle source
# File lib/jwt_sessions/session.rb, line 229 def link_access_to_refresh return unless refresh_by_access_allowed @_access.refresh_uid = @_refresh.uid @access_token = @_access.token @payload = @_access.payload end
refresh_by_uid(&block)
click to toggle source
# File lib/jwt_sessions/session.rb, line 133 def refresh_by_uid(&block) check_refresh_on_time(&block) if block_given? AccessToken.destroy(@_refresh.access_uid, store) issue_tokens_after_refresh end
refresh_csrf(refresh_token)
click to toggle source
# File lib/jwt_sessions/session.rb, line 144 def refresh_csrf(refresh_token) refresh_token_instance = refresh_token_data(refresh_token, true) CSRFToken.new(refresh_token_instance.csrf) end
refresh_token_data(token, first_match = false)
click to toggle source
# File lib/jwt_sessions/session.rb, line 156 def refresh_token_data(token, first_match = false) uid = token_uid(token, :refresh, @refresh_claims) retrieve_refresh_token(uid, first_match: first_match) end
refresh_tokens_hash()
click to toggle source
# File lib/jwt_sessions/session.rb, line 194 def refresh_tokens_hash { csrf: csrf_token, access: access_token, access_expires_at: Time.at(@_access.expiration.to_i) } end
retrieve_refresh_token(uid, first_match: false)
click to toggle source
# File lib/jwt_sessions/session.rb, line 180 def retrieve_refresh_token(uid, first_match: false) @_refresh = RefreshToken.find(uid, store, namespace, first_match: first_match) end
retrieve_val_from(token_payload, type, val_key, val_name)
click to toggle source
# File lib/jwt_sessions/session.rb, line 171 def retrieve_val_from(token_payload, type, val_key, val_name) val = token_payload.fetch(val_key, nil) if val.nil? message = "#{type.to_s.capitalize} token payload does not contain #{val_name}" raise Errors::InvalidPayload, message end val end
token_uid(token, type, claims)
click to toggle source
# File lib/jwt_sessions/session.rb, line 161 def token_uid(token, type, claims) token_payload = JWTSessions::Token.decode(token, claims).first uid = token_payload.fetch("uid", nil) if uid.nil? message = "#{type.to_s.capitalize} token payload does not contain token uid" raise Errors::InvalidPayload, message end uid end
tokens_hash()
click to toggle source
# File lib/jwt_sessions/session.rb, line 184 def tokens_hash { csrf: csrf_token, access: access_token, access_expires_at: Time.at(@_access.expiration.to_i), refresh: refresh_token, refresh_expires_at: Time.at(@_refresh.expiration.to_i) } end
update_refresh_token()
click to toggle source
# File lib/jwt_sessions/session.rb, line 223 def update_refresh_token @_refresh.update(@_access.uid, @_access.expiration, @_csrf.encoded) @refresh_token = @_refresh.token link_access_to_refresh end
valid_access_csrf?(access_token, csrf_token)
click to toggle source
# File lib/jwt_sessions/session.rb, line 125 def valid_access_csrf?(access_token, csrf_token) csrf(access_token).valid_authenticity_token?(csrf_token) end
valid_refresh_csrf?(refresh_token, csrf_token)
click to toggle source
# File lib/jwt_sessions/session.rb, line 129 def valid_refresh_csrf?(refresh_token, csrf_token) refresh_csrf(refresh_token).valid_authenticity_token?(csrf_token) end