module Keratin::AuthN
Constants
- VERSION
Public Class Methods
config()
click to toggle source
# File lib/keratin/authn.rb, line 53 def self.config @config ||= Config.new.tap do |config| config.keychain_ttl = 3600 end end
debug() { || ... }
click to toggle source
# File lib/keratin/authn.rb, line 59 def self.debug config.logger.debug{ yield } if config.logger end
keychain()
click to toggle source
The default keychain will fetch JWKs from AuthN
and return the correct key by id. Keys are cached in memory to reduce network traffic.
# File lib/keratin/authn.rb, line 65 def self.keychain @keychain ||= FetchingKeychain.new(issuer: config.authn_url, ttl: config.keychain_ttl) end
keychain=(val)
click to toggle source
If the default keychain is not desired (as in host application tests), different keychain may be specified here. The keychain must define a `[](kid)` method.
# File lib/keratin/authn.rb, line 71 def self.keychain=(val) unless val.respond_to?(:[]) && val.method(:[]).arity == 1 raise ArgumentError, 'Please ensure that your keychain has been instantiated and implements `[](kid)`.' end @keychain = val end
subject_from(id_token, audience: Keratin::AuthN.config.audience)
click to toggle source
safely fetches a subject from the id token after checking relevant claims and verifying the signature.
# File lib/keratin/authn.rb, line 82 def subject_from(id_token, audience: Keratin::AuthN.config.audience) verifier = IDTokenVerifier.new(id_token, keychain, audience) verifier.subject if verifier.verified? end