class Stytch::M2M

def authenticate_token(access_token:, required_scopes: nil, max_token_age: nil)

The type of this field is +object+.
A map of custom claims present in the token.
custom_claims::
The type of this field is +String+.
The ID of the client that was issued the token
client_id::
The type of this field is list of +String+.
An array of scopes granted to the token holder.
scopes::
+nil+ if the token could not be validated, or an object with the following fields:
== Returns:
The type of this field is nilable +Integer+.
The maximum possible lifetime in seconds for the token to be valid.
max_token_age::
The type of this field is nilable list of +String+.
A list of scopes the token must have to be valid.
required_scopes::
The type of this field is +String+.
The access token granted to the client. Access tokens are JWTs signed with the project's JWKs.
access_token::
== Parameters:

+authenticate_token+ validates a M2M JWT locally.
MANUAL(M2M::authenticate_token)(SERVICE_METHOD)

def authenticate_token(access_token:, required_scopes: nil, max_token_age: nil)
  # Intentionally allow this to re-raise if authentication fails
  decoded_jwt = authenticate_token_local(access_token)
  iat_time = Time.at(decoded_jwt['iat']).to_datetime
  # Token too old
  raise JWTExpiredError if !max_token_age.nil? && (iat_time + max_token_age < Time.now)
  resp = marshal_jwt_into_response(decoded_jwt)
  unless required_scopes.nil?
    for scope in required_scopes
      raise TokenMissingScopeError, scope unless resp['scopes'].include?(scope)
    end
  end
  resp
end

Included Modules

Stytch::M2M::Stytch::RequestHelper

Modules

Classes

class Stytch::M2M

def authenticate_token(access_token:, required_scopes: nil, max_token_age: nil)

Included Modules

Instance Methods