RubyGems - cwt - Versions diffs - 0.2.0 → 0.3.0 - Mend

cwt 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6870c9bcd5189270ba3e8a52322cb14db72a00e5a6997826b06cec285ffb5e91
-  data.tar.gz: 0c16ef24fb68ad2aa392c685817be3cefdd2d9e01573397d488b5aa0da05228b
+  metadata.gz: 2abf766f4e1e874e31dae69dd2d17d292fa7079e413abc89b47bc735d638430a
+  data.tar.gz: 6cb8da96670c64ab0998370bf9c52b9bdf0d2dd2a684c3dae9c8245a866f0f32
 SHA512:
-  metadata.gz: 8193d39b90ff7a7e5b3894726f8f3d1552591b66f017bc5d830db1f34b07431ae59b4d5fba9292ba979bc0b3a7f1ff2fd43ee28060e38f90788534c38509b690
-  data.tar.gz: 25e2cb0e949780342cf8310f502fa62a0981c2444521803183d7969329065323f03b145532305ca5ae42d3855697cbe68c41a2be9c927ff86e6f3dd384493669
+  metadata.gz: cc6390874219437557c2d964c3fc98433ec4f4c24a8325f8720124cf28cc68dc3371facad1bad1b38162382ada1e0379b2a5c0ff4093308bf302eb6f14cfc239
+  data.tar.gz: d516eaf47fd919b0b7cfdc3921957f33afecba086cda8bf76e8bdf3017547560a812acfeed6bb97f746c126d9229bcef41c00261cf50a075f29a31e492bb6e2f

data/.rubocop.yml CHANGED

@@ -2,7 +2,7 @@ require:
   - rubocop-performance
 AllCops:
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 2.3
   DisabledByDefault: true
 Bundler:

data/.travis.yml CHANGED

@@ -5,4 +5,6 @@ cache: bundler
 rvm:
   - 2.6.4
   - 2.5.6
+  - 2.4.7
+  - 2.3.8
 before_install: gem install bundler -v 2.0.2

data/CHANGELOG.md CHANGED

@@ -1,9 +1,16 @@
 # Changelog
+## [v0.3.0] - 2019-09-02
+### Added
+- `CWT.decode` can decode a MACed CWT
 ## [v0.2.0] - 2019-08-31
 ### Added
 - `CWT.decode` can decode a signed CWT
+[v0.3.0]: https://github.com/cedarcode/cwt-ruby/compare/v0.2.0...v0.3.0/
 [v0.2.0]: https://github.com/cedarcode/cwt-ruby/compare/9985bac0a1ffe5c5d4d3d7330a453b65f71a148f...v0.2.0/

data/README.md CHANGED

@@ -1,6 +1,9 @@
 # cwt-ruby
-Ruby implementation of RFC 8392 CBOR Web Token (CWT)
+Ruby implementation of RFC [8392](https://tools.ietf.org/html/rfc8392) CBOR Web Token (CWT)
+[![Gem](https://img.shields.io/gem/v/cwt.svg?style=flat-square&color=informational)](https://rubygems.org/gems/cwt)
+[![Travis](https://img.shields.io/travis/cedarcode/cwt-ruby.svg?style=flat-square)](https://travis-ci.org/cedarcode/cwt-ruby)
 ## Installation

data/Rakefile CHANGED

@@ -2,7 +2,9 @@
 require "bundler/gem_tasks"
 require "rspec/core/rake_task"
+require "rubocop/rake_task"
 RSpec::Core::RakeTask.new(:spec)
+RuboCop::RakeTask.new
-task default: :spec
+task default: [:rubocop, :spec]

data/cwt.gemspec CHANGED

@@ -11,12 +11,14 @@ Gem::Specification.new do |spec|
   spec.email         = ["gonzalo@cedarcode.com"]
   spec.summary       = "Ruby implementation of RFC 8392 CBOR Web Token (CWT)"
+  spec.description   = spec.summary
   spec.homepage      = "https://github.com/cedarcode/cwt-ruby"
   spec.license       = "MIT"
   spec.metadata["homepage_uri"] = spec.homepage
   spec.metadata["source_code_uri"] = spec.homepage
-  spec.metadata["changelog_uri"] = spec.homepage
+  spec.metadata["bug_tracker_uri"] = "#{spec.homepage}/issues"
+  spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/master/CHANGELOG.md"
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
@@ -28,6 +30,9 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
+  spec.required_ruby_version = ">= 2.3"
+  spec.add_dependency "cbor", "~> 0.5.9"
   spec.add_dependency "cose", "~> 0.9.0"
   spec.add_development_dependency "bundler", "~> 2.0"

data/lib/cwt.rb CHANGED

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
+require "cbor"
 require "cose/key"
+require "cose/mac0"
 require "cose/sign1"
 require "cwt/claims_set"
 require "cwt/version"
@@ -8,14 +10,34 @@ require "cwt/version"
 module CWT
   class Error < StandardError; end
-  def self.decode(token, public_key)
-    key = COSE::Key.deserialize(public_key)
-    sign1 = COSE::Sign1.deserialize(token)
+  CBOR_TAG = 61
-    if sign1.verify(key)
-      CWT::ClaimsSet.from_cbor(sign1.payload)
+  def self.decode(token, cose_key)
+    decoded = CBOR.decode(token)
+    case decoded.tag
+    when CBOR_TAG
+      decode(CBOR.encode(decoded.value), cose_key)
+    when COSE::Sign1.tag
+      key = COSE::Key.deserialize(cose_key)
+      sign1 = COSE::Sign1.deserialize(token)
+      if sign1.verify(key)
+        CWT::ClaimsSet.from_cbor(sign1.payload)
+      else
+        raise(CWT::Error, "Verification failed")
+      end
+    when COSE::Mac0.tag
+      key = COSE::Key.deserialize(cose_key)
+      mac0 = COSE::Mac0.deserialize(token)
+      if mac0.verify(key)
+        CWT::ClaimsSet.from_cbor(mac0.payload)
+      else
+        raise(CWT::Error, "Verification failed")
+      end
     else
-      raise(CWT::Error, "Verification failed")
+      raise(CWT::Error, "Unsupported tag #{decoded.tag}")
     end
   end
 end

data/lib/cwt/claims_set.rb CHANGED

@@ -39,5 +39,25 @@ module CWT
       @iat = iat
       @cti = cti
     end
+    def expiration_time
+      time_at(exp)
+    end
+    def not_before
+      time_at(nbf)
+    end
+    def issued_at
+      time_at(iat)
+    end
+    private
+    def time_at(value)
+      if value
+        Time.at(value)
+      end
+    end
   end
 end

data/lib/cwt/version.rb CHANGED

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module CWT
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

metadata CHANGED

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: cwt
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Gonzalo Rodriguez
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-08-31 00:00:00.000000000 Z
+date: 2019-09-02 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: cbor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.9
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.5.9
 - !ruby/object:Gem::Dependency
   name: cose
   requirement: !ruby/object:Gem::Requirement
@@ -108,7 +122,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.4'
-description:
+description: Ruby implementation of RFC 8392 CBOR Web Token (CWT)
 email:
 - gonzalo@cedarcode.com
 executables: []
@@ -136,7 +150,8 @@ licenses:
 metadata:
   homepage_uri: https://github.com/cedarcode/cwt-ruby
   source_code_uri: https://github.com/cedarcode/cwt-ruby
-  changelog_uri: https://github.com/cedarcode/cwt-ruby
+  bug_tracker_uri: https://github.com/cedarcode/cwt-ruby/issues
+  changelog_uri: https://github.com/cedarcode/cwt-ruby/blob/master/CHANGELOG.md
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -145,7 +160,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="