cwt 0.2.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +1 -1
- data/.travis.yml +2 -0
- data/CHANGELOG.md +7 -0
- data/README.md +4 -1
- data/Rakefile +3 -1
- data/cwt.gemspec +6 -1
- data/lib/cwt.rb +28 -6
- data/lib/cwt/claims_set.rb +20 -0
- data/lib/cwt/version.rb +1 -1
- metadata +20 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2abf766f4e1e874e31dae69dd2d17d292fa7079e413abc89b47bc735d638430a
|
|
4
|
+
data.tar.gz: 6cb8da96670c64ab0998370bf9c52b9bdf0d2dd2a684c3dae9c8245a866f0f32
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cc6390874219437557c2d964c3fc98433ec4f4c24a8325f8720124cf28cc68dc3371facad1bad1b38162382ada1e0379b2a5c0ff4093308bf302eb6f14cfc239
|
|
7
|
+
data.tar.gz: d516eaf47fd919b0b7cfdc3921957f33afecba086cda8bf76e8bdf3017547560a812acfeed6bb97f746c126d9229bcef41c00261cf50a075f29a31e492bb6e2f
|
data/.rubocop.yml
CHANGED
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,9 +1,16 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [v0.3.0] - 2019-09-02
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- `CWT.decode` can decode a MACed CWT
|
|
8
|
+
|
|
3
9
|
## [v0.2.0] - 2019-08-31
|
|
4
10
|
|
|
5
11
|
### Added
|
|
6
12
|
|
|
7
13
|
- `CWT.decode` can decode a signed CWT
|
|
8
14
|
|
|
15
|
+
[v0.3.0]: https://github.com/cedarcode/cwt-ruby/compare/v0.2.0...v0.3.0/
|
|
9
16
|
[v0.2.0]: https://github.com/cedarcode/cwt-ruby/compare/9985bac0a1ffe5c5d4d3d7330a453b65f71a148f...v0.2.0/
|
data/README.md
CHANGED
|
@@ -1,6 +1,9 @@
|
|
|
1
1
|
# cwt-ruby
|
|
2
2
|
|
|
3
|
-
Ruby implementation of RFC 8392 CBOR Web Token (CWT)
|
|
3
|
+
Ruby implementation of RFC [8392](https://tools.ietf.org/html/rfc8392) CBOR Web Token (CWT)
|
|
4
|
+
|
|
5
|
+
[](https://rubygems.org/gems/cwt)
|
|
6
|
+
[](https://travis-ci.org/cedarcode/cwt-ruby)
|
|
4
7
|
|
|
5
8
|
## Installation
|
|
6
9
|
|
data/Rakefile
CHANGED
data/cwt.gemspec
CHANGED
|
@@ -11,12 +11,14 @@ Gem::Specification.new do |spec|
|
|
|
11
11
|
spec.email = ["gonzalo@cedarcode.com"]
|
|
12
12
|
|
|
13
13
|
spec.summary = "Ruby implementation of RFC 8392 CBOR Web Token (CWT)"
|
|
14
|
+
spec.description = spec.summary
|
|
14
15
|
spec.homepage = "https://github.com/cedarcode/cwt-ruby"
|
|
15
16
|
spec.license = "MIT"
|
|
16
17
|
|
|
17
18
|
spec.metadata["homepage_uri"] = spec.homepage
|
|
18
19
|
spec.metadata["source_code_uri"] = spec.homepage
|
|
19
|
-
spec.metadata["
|
|
20
|
+
spec.metadata["bug_tracker_uri"] = "#{spec.homepage}/issues"
|
|
21
|
+
spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/master/CHANGELOG.md"
|
|
20
22
|
|
|
21
23
|
# Specify which files should be added to the gem when it is released.
|
|
22
24
|
# The `git ls-files -z` loads the files in the RubyGem that have been added into git.
|
|
@@ -28,6 +30,9 @@ Gem::Specification.new do |spec|
|
|
|
28
30
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
29
31
|
spec.require_paths = ["lib"]
|
|
30
32
|
|
|
33
|
+
spec.required_ruby_version = ">= 2.3"
|
|
34
|
+
|
|
35
|
+
spec.add_dependency "cbor", "~> 0.5.9"
|
|
31
36
|
spec.add_dependency "cose", "~> 0.9.0"
|
|
32
37
|
|
|
33
38
|
spec.add_development_dependency "bundler", "~> 2.0"
|
data/lib/cwt.rb
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "cbor"
|
|
3
4
|
require "cose/key"
|
|
5
|
+
require "cose/mac0"
|
|
4
6
|
require "cose/sign1"
|
|
5
7
|
require "cwt/claims_set"
|
|
6
8
|
require "cwt/version"
|
|
@@ -8,14 +10,34 @@ require "cwt/version"
|
|
|
8
10
|
module CWT
|
|
9
11
|
class Error < StandardError; end
|
|
10
12
|
|
|
11
|
-
|
|
12
|
-
key = COSE::Key.deserialize(public_key)
|
|
13
|
-
sign1 = COSE::Sign1.deserialize(token)
|
|
13
|
+
CBOR_TAG = 61
|
|
14
14
|
|
|
15
|
-
|
|
16
|
-
|
|
15
|
+
def self.decode(token, cose_key)
|
|
16
|
+
decoded = CBOR.decode(token)
|
|
17
|
+
|
|
18
|
+
case decoded.tag
|
|
19
|
+
when CBOR_TAG
|
|
20
|
+
decode(CBOR.encode(decoded.value), cose_key)
|
|
21
|
+
when COSE::Sign1.tag
|
|
22
|
+
key = COSE::Key.deserialize(cose_key)
|
|
23
|
+
sign1 = COSE::Sign1.deserialize(token)
|
|
24
|
+
|
|
25
|
+
if sign1.verify(key)
|
|
26
|
+
CWT::ClaimsSet.from_cbor(sign1.payload)
|
|
27
|
+
else
|
|
28
|
+
raise(CWT::Error, "Verification failed")
|
|
29
|
+
end
|
|
30
|
+
when COSE::Mac0.tag
|
|
31
|
+
key = COSE::Key.deserialize(cose_key)
|
|
32
|
+
mac0 = COSE::Mac0.deserialize(token)
|
|
33
|
+
|
|
34
|
+
if mac0.verify(key)
|
|
35
|
+
CWT::ClaimsSet.from_cbor(mac0.payload)
|
|
36
|
+
else
|
|
37
|
+
raise(CWT::Error, "Verification failed")
|
|
38
|
+
end
|
|
17
39
|
else
|
|
18
|
-
raise(CWT::Error, "
|
|
40
|
+
raise(CWT::Error, "Unsupported tag #{decoded.tag}")
|
|
19
41
|
end
|
|
20
42
|
end
|
|
21
43
|
end
|
data/lib/cwt/claims_set.rb
CHANGED
|
@@ -39,5 +39,25 @@ module CWT
|
|
|
39
39
|
@iat = iat
|
|
40
40
|
@cti = cti
|
|
41
41
|
end
|
|
42
|
+
|
|
43
|
+
def expiration_time
|
|
44
|
+
time_at(exp)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def not_before
|
|
48
|
+
time_at(nbf)
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def issued_at
|
|
52
|
+
time_at(iat)
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
private
|
|
56
|
+
|
|
57
|
+
def time_at(value)
|
|
58
|
+
if value
|
|
59
|
+
Time.at(value)
|
|
60
|
+
end
|
|
61
|
+
end
|
|
42
62
|
end
|
|
43
63
|
end
|
data/lib/cwt/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,15 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Gonzalo Rodriguez
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-09-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
|
+
- !ruby/object:Gem::Dependency
|
|
14
|
+
name: cbor
|
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
|
16
|
+
requirements:
|
|
17
|
+
- - "~>"
|
|
18
|
+
- !ruby/object:Gem::Version
|
|
19
|
+
version: 0.5.9
|
|
20
|
+
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
23
|
+
requirements:
|
|
24
|
+
- - "~>"
|
|
25
|
+
- !ruby/object:Gem::Version
|
|
26
|
+
version: 0.5.9
|
|
13
27
|
- !ruby/object:Gem::Dependency
|
|
14
28
|
name: cose
|
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -108,7 +122,7 @@ dependencies:
|
|
|
108
122
|
- - "~>"
|
|
109
123
|
- !ruby/object:Gem::Version
|
|
110
124
|
version: '1.4'
|
|
111
|
-
description:
|
|
125
|
+
description: Ruby implementation of RFC 8392 CBOR Web Token (CWT)
|
|
112
126
|
email:
|
|
113
127
|
- gonzalo@cedarcode.com
|
|
114
128
|
executables: []
|
|
@@ -136,7 +150,8 @@ licenses:
|
|
|
136
150
|
metadata:
|
|
137
151
|
homepage_uri: https://github.com/cedarcode/cwt-ruby
|
|
138
152
|
source_code_uri: https://github.com/cedarcode/cwt-ruby
|
|
139
|
-
|
|
153
|
+
bug_tracker_uri: https://github.com/cedarcode/cwt-ruby/issues
|
|
154
|
+
changelog_uri: https://github.com/cedarcode/cwt-ruby/blob/master/CHANGELOG.md
|
|
140
155
|
post_install_message:
|
|
141
156
|
rdoc_options: []
|
|
142
157
|
require_paths:
|
|
@@ -145,7 +160,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
145
160
|
requirements:
|
|
146
161
|
- - ">="
|
|
147
162
|
- !ruby/object:Gem::Version
|
|
148
|
-
version: '
|
|
163
|
+
version: '2.3'
|
|
149
164
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
150
165
|
requirements:
|
|
151
166
|
- - ">="
|