1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
# frozen_string_literal: true
module JWT
module Claims
# Responsible of validation the crit header
class Crit
# Initializes a new Crit instance.
#
# @param expected_crits [String] the expected crit header values for the JWT token.
def initialize(expected_crits:)
@expected_crits = Array(expected_crits)
end
# Verifies the critical claim ('crit') in the JWT token header.
#
# @param context [Object] the context containing the JWT payload and header.
# @param _args [Hash] additional arguments (not used).
# @raise [JWT::InvalidCritError] if the crit claim is invalid.
# @return [nil]
def verify!(context:, **_args)
raise(JWT::InvalidCritError, 'Crit header missing') unless context.header['crit']
raise(JWT::InvalidCritError, 'Crit header should be an array') unless context.header['crit'].is_a?(Array)
missing = (expected_crits - context.header['crit'])
raise(JWT::InvalidCritError, "Crit header missing expected values: #{missing.join(', ')}") if missing.any?
nil
end
private
attr_reader :expected_crits
end
end
end
|
