-
Notifications
You must be signed in to change notification settings - Fork 38
/
Copy pathJwtToken.rb
79 lines (67 loc) · 3.07 KB
/
JwtToken.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
require 'base64'
require 'openssl'
require 'jwt'
require 'json'
require 'active_support'
require 'time'
require_relative '../../core/ITokenGeneration.rb'
require_relative '../../util/Constants.rb'
require_relative '../../util/ExceptionHandler.rb'
require_relative '../../util/Cache.rb'
require_relative '../../authentication/payloadDigest/digest.rb'
require_relative '../../logging/log_factory.rb'
public
class GenerateJwtToken
@log_obj
#JWT Token-generated based on the Request type
def getToken(merchantconfig_obj,gmtDatetime)
@log_obj = Log.new merchantconfig_obj.log_config, "JwtToken"
jwtBody = ''
request_type = merchantconfig_obj.requestType.upcase
filePath = merchantconfig_obj.keysDirectory + '/' + merchantconfig_obj.keyFilename + '.p12'
if (!File.exist?(filePath))
raise Constants::ERROR_PREFIX + Constants::FILE_NOT_FOUND + File.expand_path(filePath)
end
p12File = File.binread(filePath)
jwtBody=getJwtBody(request_type, gmtDatetime, merchantconfig_obj)
claimSet = JSON.parse(jwtBody)
p12FilePath = OpenSSL::PKCS12.new(p12File, merchantconfig_obj.keyPass)
# Generating certificate.
cacheObj = ActiveSupport::Cache::MemoryStore.new
x5Cert = Cache.new.fetchCachedCertificate(filePath, p12File, merchantconfig_obj.keyPass, merchantconfig_obj.keyAlias, cacheObj)
# Generating Public key.
publicKey = OpenSSL::PKey::RSA.new(p12FilePath.key.public_key)
#Generating Private Key
privateKey = OpenSSL::PKey::RSA.new(p12FilePath.key)
# JWT token-Generates using RS256 algorithm only
x5clist = [x5Cert]
customHeaders = {}
customHeaders['v-c-merchant-id'] = merchantconfig_obj.keyAlias
customHeaders['x5c'] = x5clist
# Generating JWT token
token = JWT.encode(claimSet, privateKey, 'RS256', customHeaders)
return token
rescue StandardError => err
if err.message.include? 'PKCS12_parse: mac verify failure'
@log_obj.logger.error(ExceptionHandler.new.new_custom_error Constants::ERROR_PREFIX + Constants::INCORRECT_KEY_PASS)
# exit!
else
@log_obj.logger.error(ExceptionHandler.new.new_api_exception err)
# exit!
end
raise err
end
def getJwtBody(request_type, gmtDatetime, merchantconfig_obj)
if request_type == Constants::POST_REQUEST_TYPE || request_type == Constants::PUT_REQUEST_TYPE || request_type == Constants::PATCH_REQUEST_TYPE
payload = merchantconfig_obj.requestJsonData
# Note: Digest is not passed for GET calls
digest = DigestGeneration.new.generateDigest(payload)
jwtBody = "{\n \"digest\":\"" + digest + "\", \"digestAlgorithm\":\"SHA-256\", \"iat\":" + Time.parse(gmtDatetime).to_i.to_s + "}"
elsif request_type == Constants::GET_REQUEST_TYPE || request_type == Constants::DELETE_REQUEST_TYPE
jwtBody = "{\n \"iat\":" + Time.parse(gmtDatetime).to_i.to_s + "\n} \n\n"
else
raise StandardError.new(Constants::ERROR_PREFIX + Constants::INVALID_REQUEST_TYPE_METHOD)
end
end
implements TokenInterface
end