1# frozen_string_literal: true
 2
 3class BearerToken
 4  def initialize(private_key = Rails.application.config.x.jwt.private_key)
 5    @private_key = private_key
 6    @public_key = private_key.public_key
 7  end
 8
 9  def encode(payload)
10    JWT.encode(defaults.merge(payload), private_key, 'RS256')
11  end
12
13  def decode(token)
14    decoded = JWT.decode(token, public_key, true, algorithm: 'RS256')[0]
15    decoded.with_indifferent_access
16  rescue StandardError => error
17    Rails.logger.error(error)
18    {}
19  end
20
21  private
22
23  attr_reader :private_key, :public_key
24
25  def defaults
26    issued_at = Time.current.to_i
27    {
28      exp: 1.hour.from_now.to_i,
29      iat: issued_at,
30      iss: Saml::Kit.configuration.entity_id,
31      nbf: issued_at,
32    }
33  end
34end