doorkeeper-jwt 0.4.1 → 0.4.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -1
- data/Gemfile +1 -1
- data/README.md +12 -8
- data/lib/doorkeeper/jwt/config.rb +11 -5
- data/lib/doorkeeper/jwt/version.rb +1 -1
- data/lib/doorkeeper/jwt.rb +12 -12
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '04826fc219f000cfbb34243981e137fdc91f54d4aaf9d2e4ee16c8db5bc80763'
|
|
4
|
+
data.tar.gz: 2cd2fe00356eae0b93a461c0aa58b52c489ae457a93f69cd1dcd73757b51746e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: efa77d9a020f5a5665365acd3dccd9605a30c0bf7fd4d9b60027b0ed0827aa2a11f93dc45a7857609fe690be98fd8f8b34cabf025648dfcfd1a1cc5dd91f72ac
|
|
7
|
+
data.tar.gz: bb8d14619a2a724047d46c25f6f3c0127bd52f94834128037059883f98842159fdac71edd88bdcc1d9f2fadf96cb7c9c896f24171d5a1eed9cd1e16474979568
|
data/CHANGELOG.md
CHANGED
|
@@ -6,7 +6,16 @@ project adheres to [Semantic Versioning](http://semver.org/).
|
|
|
6
6
|
|
|
7
7
|
## master
|
|
8
8
|
|
|
9
|
-
|
|
9
|
+
Add here
|
|
10
|
+
|
|
11
|
+
## [0.4.2] - 2024-08-12
|
|
12
|
+
|
|
13
|
+
- Rename encryption_method to signing_method [#53](https://github.com/doorkeeper-gem/doorkeeper-jwt/pull/53)
|
|
14
|
+
- Fix default token generation [#56](https://github.com/doorkeeper-gem/doorkeeper-jwt/pull/56)
|
|
15
|
+
|
|
16
|
+
### Fixed
|
|
17
|
+
|
|
18
|
+
- Fixed default token generation to return a random hex value [#56](https://github.com/doorkeeper-gem/doorkeeper-jwt/pull/56)
|
|
10
19
|
|
|
11
20
|
## [0.4.1] - 2022-02-23
|
|
12
21
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -49,9 +49,11 @@ Doorkeeper::JWT.configure do
|
|
|
49
49
|
{
|
|
50
50
|
iss: 'My App',
|
|
51
51
|
iat: Time.current.utc.to_i,
|
|
52
|
+
aud: opts[:application][:uid],
|
|
52
53
|
|
|
53
54
|
# @see JWT reserved claims - https://tools.ietf.org/html/draft-jones-json-web-token-07#page-7
|
|
54
55
|
jti: SecureRandom.uuid,
|
|
56
|
+
sub: user.id,
|
|
55
57
|
|
|
56
58
|
user: {
|
|
57
59
|
id: user.id,
|
|
@@ -62,27 +64,29 @@ Doorkeeper::JWT.configure do
|
|
|
62
64
|
|
|
63
65
|
# Optionally set additional headers for the JWT. See
|
|
64
66
|
# https://tools.ietf.org/html/rfc7515#section-4.1
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
67
|
+
# JWK can be used to automatically verify RS* tokens client-side if token's kid matches a public kid in /oauth/discovery/keys
|
|
68
|
+
# token_headers do |_opts|
|
|
69
|
+
# key = OpenSSL::PKey::RSA.new(File.read(File.join('path', 'to', 'file.pem')))
|
|
70
|
+
# { kid: JWT::JWK.new(key)[:kid] }
|
|
71
|
+
# end
|
|
68
72
|
|
|
69
73
|
# Use the application secret specified in the access grant token. Defaults to
|
|
70
74
|
# `false`. If you specify `use_application_secret true`, both `secret_key` and
|
|
71
75
|
# `secret_key_path` will be ignored.
|
|
72
76
|
use_application_secret false
|
|
73
77
|
|
|
74
|
-
# Set the
|
|
75
|
-
# that should be able to
|
|
78
|
+
# Set the signing secret. This would be shared with any other applications
|
|
79
|
+
# that should be able to verify the authenticity of the token. Defaults to "secret".
|
|
76
80
|
secret_key ENV['JWT_SECRET']
|
|
77
81
|
|
|
78
|
-
# If you want to use RS*
|
|
82
|
+
# If you want to use RS* algorithms specify the path to the RSA key to use for
|
|
79
83
|
# signing. If you specify a `secret_key_path` it will be used instead of
|
|
80
84
|
# `secret_key`.
|
|
81
85
|
secret_key_path File.join('path', 'to', 'file.pem')
|
|
82
86
|
|
|
83
|
-
# Specify
|
|
87
|
+
# Specify cryptographic signing algorithm type (https://github.com/progrium/ruby-jwt). Defaults to
|
|
84
88
|
# `nil`.
|
|
85
|
-
|
|
89
|
+
signing_method :hs512
|
|
86
90
|
end
|
|
87
91
|
```
|
|
88
92
|
|
|
@@ -39,8 +39,14 @@ module Doorkeeper
|
|
|
39
39
|
@config.instance_variable_set("@secret_key_path", value)
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
+
# For backward compatibility. This library does not support encryption.
|
|
42
43
|
def encryption_method(value)
|
|
43
|
-
@config.instance_variable_set("@
|
|
44
|
+
@config.instance_variable_set("@signing_method", value)
|
|
45
|
+
Kernel.warn("[DOORKEEPER-JWT]: Please use signing_method instead, this option is deprecated and will be removed soon")
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def signing_method(value)
|
|
49
|
+
@config.instance_variable_set("@signing_method", value)
|
|
44
50
|
end
|
|
45
51
|
end
|
|
46
52
|
|
|
@@ -111,14 +117,14 @@ module Doorkeeper
|
|
|
111
117
|
|
|
112
118
|
option(
|
|
113
119
|
:token_payload,
|
|
114
|
-
default: proc { { token: SecureRandom.
|
|
120
|
+
default: proc { { token: SecureRandom.hex } },
|
|
115
121
|
)
|
|
116
122
|
|
|
117
123
|
option :token_headers, default: proc { {} }
|
|
118
124
|
option :use_application_secret, default: false
|
|
119
125
|
option :secret_key, default: nil
|
|
120
126
|
option :secret_key_path, default: nil
|
|
121
|
-
option :
|
|
127
|
+
option :signing_method, default: nil
|
|
122
128
|
|
|
123
129
|
def use_application_secret
|
|
124
130
|
@use_application_secret ||= false
|
|
@@ -132,8 +138,8 @@ module Doorkeeper
|
|
|
132
138
|
@secret_key_path ||= nil
|
|
133
139
|
end
|
|
134
140
|
|
|
135
|
-
def
|
|
136
|
-
@
|
|
141
|
+
def signing_method
|
|
142
|
+
@signing_method ||= nil
|
|
137
143
|
end
|
|
138
144
|
end
|
|
139
145
|
end
|
data/lib/doorkeeper/jwt.rb
CHANGED
|
@@ -11,7 +11,7 @@ module Doorkeeper
|
|
|
11
11
|
::JWT.encode(
|
|
12
12
|
token_payload(opts),
|
|
13
13
|
secret_key(opts),
|
|
14
|
-
|
|
14
|
+
signing_method,
|
|
15
15
|
token_headers(opts)
|
|
16
16
|
)
|
|
17
17
|
end
|
|
@@ -31,22 +31,22 @@ module Doorkeeper
|
|
|
31
31
|
|
|
32
32
|
return application_secret(opts) if use_application_secret?
|
|
33
33
|
return secret_key_file unless secret_key_file.nil?
|
|
34
|
-
return rsa_key if
|
|
35
|
-
return ecdsa_key if
|
|
34
|
+
return rsa_key if rsa_signing?
|
|
35
|
+
return ecdsa_key if ecdsa_signing?
|
|
36
36
|
|
|
37
37
|
Doorkeeper::JWT.configuration.secret_key
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
def secret_key_file
|
|
41
41
|
return nil if Doorkeeper::JWT.configuration.secret_key_path.nil?
|
|
42
|
-
return rsa_key_file if
|
|
43
|
-
return ecdsa_key_file if
|
|
42
|
+
return rsa_key_file if rsa_signing?
|
|
43
|
+
return ecdsa_key_file if ecdsa_signing?
|
|
44
44
|
end
|
|
45
45
|
|
|
46
|
-
def
|
|
47
|
-
return "none" unless Doorkeeper::JWT.configuration.
|
|
46
|
+
def signing_method
|
|
47
|
+
return "none" unless Doorkeeper::JWT.configuration.signing_method
|
|
48
48
|
|
|
49
|
-
Doorkeeper::JWT.configuration.
|
|
49
|
+
Doorkeeper::JWT.configuration.signing_method.to_s.upcase
|
|
50
50
|
end
|
|
51
51
|
|
|
52
52
|
def use_application_secret?
|
|
@@ -83,12 +83,12 @@ module Doorkeeper
|
|
|
83
83
|
secret
|
|
84
84
|
end
|
|
85
85
|
|
|
86
|
-
def
|
|
87
|
-
/RS\d{3}/ =~
|
|
86
|
+
def rsa_signing?
|
|
87
|
+
/RS\d{3}/ =~ signing_method
|
|
88
88
|
end
|
|
89
89
|
|
|
90
|
-
def
|
|
91
|
-
/ES\d{3}/ =~
|
|
90
|
+
def ecdsa_signing?
|
|
91
|
+
/ES\d{3}/ =~ signing_method
|
|
92
92
|
end
|
|
93
93
|
|
|
94
94
|
def rsa_key
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: doorkeeper-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chris Warren
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: exe
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2024-08-12 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: jwt
|
|
@@ -130,7 +130,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
131
|
version: '0'
|
|
132
132
|
requirements: []
|
|
133
|
-
rubygems_version: 3.
|
|
133
|
+
rubygems_version: 3.1.6
|
|
134
134
|
signing_key:
|
|
135
135
|
specification_version: 4
|
|
136
136
|
summary: JWT token generator for Doorkeeper
|