doorkeeper-jwt 0.4.1 → 0.4.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e221c6342513368dcb299a24749a66fe45936fd1eef1ab3e93d1b34b7d0a89ca
-  data.tar.gz: 976256cc0a811b02e0ae9738842f99a8ccc57a054f8adea6fce9072db40cc390
+  metadata.gz: '04826fc219f000cfbb34243981e137fdc91f54d4aaf9d2e4ee16c8db5bc80763'
+  data.tar.gz: 2cd2fe00356eae0b93a461c0aa58b52c489ae457a93f69cd1dcd73757b51746e
 SHA512:
-  metadata.gz: ca803cc8cff761b4c2e7eddeeb2bf673ff3c4b32bdad377149904504c4d4dcc411dbe7bdfac7ac87f7deebe6e61a309ca983eb42c348e904265b3086311eccb3
-  data.tar.gz: e4c2690b4ddc8d0ace06d44659a7a91480f452394e8a6f7781c4dc4cd057101d38968559751ee15abcacf1ccdb49da05ad80a4ff0efd4c4c90527b013c35bffd
+  metadata.gz: efa77d9a020f5a5665365acd3dccd9605a30c0bf7fd4d9b60027b0ed0827aa2a11f93dc45a7857609fe690be98fd8f8b34cabf025648dfcfd1a1cc5dd91f72ac
+  data.tar.gz: bb8d14619a2a724047d46c25f6f3c0127bd52f94834128037059883f98842159fdac71edd88bdcc1d9f2fadf96cb7c9c896f24171d5a1eed9cd1e16474979568

data/CHANGELOG.md

@@ -6,7 +6,16 @@ project adheres to [Semantic Versioning](http://semver.org/).
 
 ## master
 
-### Changed
+Add here
+
+## [0.4.2] - 2024-08-12
+
+-  Rename encryption_method to signing_method [#53](https://github.com/doorkeeper-gem/doorkeeper-jwt/pull/53)
+-  Fix default token generation [#56](https://github.com/doorkeeper-gem/doorkeeper-jwt/pull/56)
+
+### Fixed
+
+- Fixed default token generation to return a random hex value [#56](https://github.com/doorkeeper-gem/doorkeeper-jwt/pull/56)
 
 ## [0.4.1] - 2022-02-23
 

data/Gemfile

@@ -7,4 +7,4 @@ gemspec
 
 gem "coveralls", require: false
 gem "rubocop", "~> 1.8", require: false
-gem "rubocop-rspec", "~> 2.1", require: false
+gem "rubocop-rspec", "~> 3.0", require: false

data/README.md

@@ -49,9 +49,11 @@ Doorkeeper::JWT.configure do
     {
       iss: 'My App',
       iat: Time.current.utc.to_i,
+      aud: opts[:application][:uid],
 
       # @see JWT reserved claims - https://tools.ietf.org/html/draft-jones-json-web-token-07#page-7
       jti: SecureRandom.uuid,
+      sub: user.id,
 
       user: {
         id: user.id,
@@ -62,27 +64,29 @@ Doorkeeper::JWT.configure do
 
   # Optionally set additional headers for the JWT. See
   # https://tools.ietf.org/html/rfc7515#section-4.1
-  token_headers do |opts|
-    { kid: opts[:application][:uid] }
-  end
+  # JWK can be used to automatically verify RS* tokens client-side if token's kid matches a public kid in /oauth/discovery/keys
+  # token_headers do |_opts|
+  #   key = OpenSSL::PKey::RSA.new(File.read(File.join('path', 'to', 'file.pem')))
+  #   { kid: JWT::JWK.new(key)[:kid] }
+  # end
 
   # Use the application secret specified in the access grant token. Defaults to
   # `false`. If you specify `use_application_secret true`, both `secret_key` and
   # `secret_key_path` will be ignored.
   use_application_secret false
 
-  # Set the encryption secret. This would be shared with any other applications
-  # that should be able to read the payload of the token. Defaults to "secret".
+  # Set the signing secret. This would be shared with any other applications
+  # that should be able to verify the authenticity of the token. Defaults to "secret".
   secret_key ENV['JWT_SECRET']
 
-  # If you want to use RS* encoding specify the path to the RSA key to use for
+  # If you want to use RS* algorithms specify the path to the RSA key to use for
   # signing. If you specify a `secret_key_path` it will be used instead of
   # `secret_key`.
   secret_key_path File.join('path', 'to', 'file.pem')
 
-  # Specify encryption type (https://github.com/progrium/ruby-jwt). Defaults to
+  # Specify cryptographic signing algorithm type (https://github.com/progrium/ruby-jwt). Defaults to
   # `nil`.
-  encryption_method :hs512
+  signing_method :hs512
 end
 ```
 

data/lib/doorkeeper/jwt/config.rb

@@ -39,8 +39,14 @@ module Doorkeeper
           @config.instance_variable_set("@secret_key_path", value)
         end
 
+        # For backward compatibility. This library does not support encryption.
         def encryption_method(value)
-          @config.instance_variable_set("@encryption_method", value)
+          @config.instance_variable_set("@signing_method", value)
+          Kernel.warn("[DOORKEEPER-JWT]: Please use signing_method instead, this option is deprecated and will be removed soon")
+        end
+
+        def signing_method(value)
+          @config.instance_variable_set("@signing_method", value)
         end
       end
 
@@ -111,14 +117,14 @@ module Doorkeeper
 
       option(
         :token_payload,
-        default: proc { { token: SecureRandom.method(:hex) } }
+        default: proc { { token: SecureRandom.hex } },
       )
 
       option :token_headers, default: proc { {} }
       option :use_application_secret, default: false
       option :secret_key, default: nil
       option :secret_key_path, default: nil
-      option :encryption_method, default: nil
+      option :signing_method, default: nil
 
       def use_application_secret
         @use_application_secret ||= false
@@ -132,8 +138,8 @@ module Doorkeeper
         @secret_key_path ||= nil
       end
 
-      def encryption_method
-        @encryption_method ||= nil
+      def signing_method
+        @signing_method ||= nil
       end
     end
   end

data/lib/doorkeeper/jwt/version.rb

@@ -10,7 +10,7 @@ module Doorkeeper
       # Semantic versioning
       MAJOR = 0
       MINOR = 4
-      TINY = 1
+      TINY = 2
       PRE = nil
 
       # Full version number

data/lib/doorkeeper/jwt.rb

@@ -11,7 +11,7 @@ module Doorkeeper
         ::JWT.encode(
           token_payload(opts),
           secret_key(opts),
-          encryption_method,
+          signing_method,
           token_headers(opts)
         )
       end
@@ -31,22 +31,22 @@ module Doorkeeper
 
         return application_secret(opts) if use_application_secret?
         return secret_key_file unless secret_key_file.nil?
-        return rsa_key if rsa_encryption?
-        return ecdsa_key if ecdsa_encryption?
+        return rsa_key if rsa_signing?
+        return ecdsa_key if ecdsa_signing?
 
         Doorkeeper::JWT.configuration.secret_key
       end
 
       def secret_key_file
         return nil if Doorkeeper::JWT.configuration.secret_key_path.nil?
-        return rsa_key_file if rsa_encryption?
-        return ecdsa_key_file if ecdsa_encryption?
+        return rsa_key_file if rsa_signing?
+        return ecdsa_key_file if ecdsa_signing?
       end
 
-      def encryption_method
-        return "none" unless Doorkeeper::JWT.configuration.encryption_method
+      def signing_method
+        return "none" unless Doorkeeper::JWT.configuration.signing_method
 
-        Doorkeeper::JWT.configuration.encryption_method.to_s.upcase
+        Doorkeeper::JWT.configuration.signing_method.to_s.upcase
       end
 
       def use_application_secret?
@@ -83,12 +83,12 @@ module Doorkeeper
         secret
       end
 
-      def rsa_encryption?
-        /RS\d{3}/ =~ encryption_method
+      def rsa_signing?
+        /RS\d{3}/ =~ signing_method
       end
 
-      def ecdsa_encryption?
-        /ES\d{3}/ =~ encryption_method
+      def ecdsa_signing?
+        /ES\d{3}/ =~ signing_method
       end
 
       def rsa_key

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: doorkeeper-jwt
 version: !ruby/object:Gem::Version
-  version: 0.4.1
+  version: 0.4.2
 platform: ruby
 authors:
 - Chris Warren
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-02-23 00:00:00.000000000 Z
+date: 2024-08-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -130,7 +130,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: JWT token generator for Doorkeeper