class ShopifyAPI::Auth::JwtPayload
Constants
- JWT_EXPIRATION_LEEWAY
- JWT_LEEWAY
Attributes
Public Class Methods
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 24 def initialize(token) payload_hash = begin decode_token(token, Context.api_secret_key) rescue ShopifyAPI::Errors::InvalidJwtTokenError raise unless Context.old_api_secret_key decode_token(token, T.must(Context.old_api_secret_key)) end @iss = T.let(payload_hash["iss"], String) @dest = T.let(payload_hash["dest"], String) @aud = T.let(payload_hash["aud"], String) @sub = T.let(payload_hash["sub"], T.nilable(String)) @exp = T.let(payload_hash["exp"], Integer) @nbf = T.let(payload_hash["nbf"], Integer) @iat = T.let(payload_hash["iat"], Integer) @jti = T.let(payload_hash["jti"], String) @sid = T.let(payload_hash["sid"], T.nilable(String)) raise ShopifyAPI::Errors::InvalidJwtTokenError, "Session token had invalid API key" unless @aud == Context.api_key end
Public Instance Methods
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 60 def ==(other) return false unless other iss == other.iss && dest == other.dest && aud == other.aud && sub == other.sub && exp == other.exp && nbf == other.nbf && iat == other.iat && jti == other.jti && sid == other.sid end
Also aliased as: eql?
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 48 def shop @dest.gsub("https://", "") end
Also aliased as: shopify_domain
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 54 def shopify_user_id @sub.to_i if user_id_sub? && admin_session_token? end
Private Instance Methods
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 84 def admin_session_token? @iss.end_with?("/admin") end
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 77 def decode_token(token, api_secret_key) JWT.decode(token, api_secret_key, true, leeway: JWT_LEEWAY, algorithm: "HS256")[0] rescue JWT::DecodeError => err raise ShopifyAPI::Errors::InvalidJwtTokenError, "Error decoding session token: #{err.message}" end
Source
# File lib/shopify_api/auth/jwt_payload.rb, line 89 def user_id_sub? @sub&.match?(/\A\d+\z/) || false end