-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathopenid_configuration.rb
44 lines (36 loc) · 1.19 KB
/
openid_configuration.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
require 'faraday'
require_relative './config'
module LoginGov
module OidcSinatra
class OpenidConfiguration
def self.cached
@cached ||= live
end
def self.live
config = Config.new
begin
response = Faraday.get(URI.join(config.idp_url, '/.well-known/openid-configuration'))
if response.status == 200
JSON.parse(response.body).with_indifferent_access
else
msg = 'Error: Unable to retrieve OIDC configuration from IdP.'
msg += " #{config.idp_url} responded with #{response.status}."
if response.status == 401
msg += ' Perhaps we need to reimplement HTTP Basic Auth.'
end
raise AppError.new(msg)
end
end
end
def self.cached_idp_public_key(openid_configuration)
@cached_idp_public_key ||= live_idp_public_key(openid_configuration)
end
def self.live_idp_public_key(openid_configuration)
certs_response = JSON.parse(
Faraday.get(openid_configuration[:jwks_uri]).body,
).with_indifferent_access
JSON::JWK.new(certs_response[:keys].first).to_key
end
end
end
end