gitlab-mail_room 0.0.16 → 0.0.17

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 379c92ce022edc809e94ff13a0789fa78166483d0228df03db4a6cbaf7213be4
4
- data.tar.gz: 1490b43ca949d4ea15240367ef6c6162799cf3648868bfd2982f92688d30f4b0
3
+ metadata.gz: 30098bb79ab0bfc80e56174d3f7d9d56f395fa09d50ae250b2abaee83a8bbb6e
4
+ data.tar.gz: 3afee3c595728c60709d55e1a7f2c1801896d570beca581283db170809f9dd40
5
5
  SHA512:
6
- metadata.gz: 4c03b12b703e68b58fbe0b91a6a3cfea7dff35b3aca33abc74589fb4d51aadcbfd5976d586b7313ce10100a48d615861f510eeb025b4e7931ae1d30fb05ec8bc
7
- data.tar.gz: 5318027b63f4f04b42270b4d54fcfeb3d69bdce7fcda93a2f431532ea72be96c4e9046be664199a4debeae2cca6b2a4d175cccb850d3c3776783219a3c7309b6
6
+ metadata.gz: 833188c07bd16eeaa7e3af353f7adb4047ace6db31a35c10702d990b7d9b68149c6c1c5f8ad80d5de042c29a2b6147d6141f62caf038f7051f281b8f29261be1
7
+ data.tar.gz: 178d43f29844e004e2730e592049ae54cdbd8d8351b5516d66db5733d63e80a2a4d875bedd9c2344dee1efd52b125f5f60d4aa16e7dda23544809ef4520a1486
data/lib/mail_room/jwt.rb CHANGED
@@ -26,7 +26,11 @@ module MailRoom
26
26
  return nil unless valid?
27
27
 
28
28
  secret = Base64.strict_decode64(File.read(@secret_path).chomp)
29
- payload = { nonce: SecureRandom.hex(12), iss: @issuer }
29
+ payload = {
30
+ nonce: SecureRandom.hex(12),
31
+ iat: Time.now.to_i, # https://github.com/jwt/ruby-jwt#issued-at-claim
32
+ iss: @issuer
33
+ }
30
34
  ::JWT.encode payload, secret, @algorithm
31
35
  end
32
36
  end
@@ -1,4 +1,4 @@
1
1
  module MailRoom
2
2
  # Current version of gitlab-mail_room gem
3
- VERSION = "0.0.16"
3
+ VERSION = "0.0.17"
4
4
  end
data/spec/lib/jwt_spec.rb CHANGED
@@ -24,14 +24,15 @@ describe MailRoom::JWT do
24
24
 
25
25
  payload = nil
26
26
  expect do
27
- payload = JWT.decode(token, secret, true, iss: 'mailroom', verify_iss: true, algorithm: 'HS256')
27
+ payload = JWT.decode(token, secret, true, iss: 'mailroom', verify_iat: true, verify_iss: true, algorithm: 'HS256')
28
28
  end.not_to raise_error
29
29
  expect(payload).to be_an(Array)
30
30
  expect(payload).to match(
31
31
  [
32
32
  a_hash_including(
33
33
  'iss' => 'mailroom',
34
- 'nonce' => be_a(String)
34
+ 'nonce' => be_a(String),
35
+ 'iat' => be_a(Integer)
35
36
  ),
36
37
  { 'alg' => 'HS256' }
37
38
  ]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: gitlab-mail_room
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.16
4
+ version: 0.0.17
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tony Pitale
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-29 00:00:00.000000000 Z
11
+ date: 2021-12-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: net-imap