File: numeric.rb

package info (click to toggle)
ruby-jwt 3.1.2-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 876 kB
  • sloc: ruby: 5,550; makefile: 4
file content (45 lines) | stat: -rw-r--r-- 1,299 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# frozen_string_literal: true

module JWT
  module Claims
    # The Numeric class is responsible for validating numeric claims in a JWT token.
    # The numeric claims are: exp, iat and nbf
    class Numeric
      # List of numeric claims that can be validated.
      NUMERIC_CLAIMS = %i[
        exp
        iat
        nbf
      ].freeze

      private_constant(:NUMERIC_CLAIMS)

      # Verifies the numeric claims in the JWT context.
      #
      # @param context [Object] the context containing the JWT payload.
      # @raise [JWT::InvalidClaimError] if any numeric claim is invalid.
      # @return [nil]
      def verify!(context:)
        validate_numeric_claims(context.payload)
      end

      private

      def validate_numeric_claims(payload)
        NUMERIC_CLAIMS.each do |claim|
          validate_is_numeric(payload, claim)
        end
      end

      def validate_is_numeric(payload, claim)
        return unless payload.is_a?(Hash)
        return unless payload.key?(claim) ||
                      payload.key?(claim.to_s)

        return if payload[claim].is_a?(::Numeric) || payload[claim.to_s].is_a?(::Numeric)

        raise InvalidPayload, "#{claim} claim must be a Numeric value but it is a #{(payload[claim] || payload[claim.to_s]).class}"
      end
    end
  end
end