josebuilder 0.0.5 → 0.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4e8502f7a92c455fcf01dd5269f74db124200011
-  data.tar.gz: b0afffb20bc1c2e647d1cb51d9c9bf062d9d2303
+  metadata.gz: 829439b805873f4fc7316f4cb4cff959f0d3a575
+  data.tar.gz: e38b3821283ce3f1d46fb318b32b6fbee46f3de6
 SHA512:
-  metadata.gz: c4d842b799cdf5e7717272796986cc990c91b5222ad992933870ea01fc666ed74591c631c60a568530c6030186787efb76273b9905569616cf71e75bdbe0b4a1
-  data.tar.gz: 644cc1935b7dfb29bacd67007f67edb4c9db1826e6badf4667c1098c24505e2283b8ca908e087aae93ecc0903f320b3b6f65114a2f46ef8fb977dd1903ee669a
+  metadata.gz: 14c50307fab5e8a189c8ac785453d8eedcba47f07018c6aad24522f0132adfc3c096e322ef2d249b1fbf11f3326cec1901a6f167b8e26d0ad63294f8436c018c
+  data.tar.gz: 235e76fcfafc51970b4097409058e0ce1fe9db87f730d6a995569b12fb644b3c126d94170c2b6aea2960f4b60924b9ff1fe3d9ce3e2cce4915f20b3bd6e58fd4

data/josebuilder.gemspec

@@ -0,0 +1,19 @@
+Gem::Specification.new do |s|
+  s.name     = 'josebuilder'
+  s.version  = '0.0.6'
+  s.authors  = ['Nguyen Ngo Dinh']
+  s.email    = ['nguyenngodinh@outlook.com']
+  s.summary  = 'Create JSON Signature and encryption structures'
+  s.description = "json signature and encryption builder"
+  s.homepage = 'https://github.com/nguyenngodinh/josebuilder'
+  s.license  = 'MIT'
+
+  s.required_ruby_version = '>= 1.9.3'
+
+  s.add_dependency 'activesupport', '>= 3.0.0', '< 5'
+  s.add_dependency 'multi_json',    '~> 1.2'
+  s.add_runtime_dependency 'jwt', '~> 1.4', '>= 1.4.1'
+
+  s.files         = `git ls-files`.split("\n")
+end
+

data/lib/jose/generators/josebuilder/USAGE

@@ -0,0 +1,8 @@
+Description:
+    Explain the generator
+
+Example:
+    rails generate josebuilder Thing
+
+    This will create:
+        what/will/it/create

data/lib/jose/generators/josebuilder/josebuilder_generator.rb

@@ -0,0 +1,63 @@
+require 'rails/generators/resource_helpers'
+require 'rails/generators/named_base'
+
+class JosebuilderGenerator < Rails::Generators::Base
+  source_root File.expand_path('../templates', __FILE__)
+
+  argument :resource_name, :type => :string, :default => "defaultResourceName"
+  argument :secret, :type => :string, :default => "secret"
+  argument :algorithm, :type => :string, :default => "HS256"
+  
+  class_option :signature, :type => :boolean, :default => true, 
+               :description => "include signature"
+  class_option :encryption, :type => :boolean, :default => false, 
+               :description => "include encryption"
+  class_option :combination, :type => :boolean, :default => false,
+               :description => "combine digital signature and encryption"
+  
+  def generate_json_web_signature_file
+    ["index", "show"].each do |view|
+      file = filename_with_directory(view)
+      template filename_with_extensions(view), file
+    end if options.signature?
+  end
+
+
+  private
+
+  def get_secret
+    secret
+  end
+  def file_name
+    resource_name.underscore
+  end
+
+  def filename_with_extensions(name)
+    [name, :json, :jbuilder] * '.'
+  end
+
+  def pluralize(count, singular, plural = nil)
+    word = if (count == 1 || count =~ /^1(\.0+)?$/)
+      singular
+    else
+      plural || singular.pluralize
+    end
+
+    "#{count || 0} #{word}"
+  end
+
+  def filename_with_directory(file_name)
+    file_name = filename_with_extensions(file_name)
+    File.join('app/views', controller_file_path, file_name)
+  end
+
+  def controller_file_path
+    pluralize_without_count(2, resource_name)
+  end
+  def pluralize_without_count(count, noun, text=nil)
+    if count!=0
+      count == 1? "#{noun}#{text}": "#{noun.pluralize}#{text}"
+    end
+  end
+  
+end

data/lib/jose/generators/josebuilder/templates/index.json.jbuilder

@@ -0,0 +1,7 @@
+json.header = {alg: "<%= algorithm %>", typ: "JWS"}
+json.payload do 
+  json.array!(@<%= controller_file_path %>) do |<%= file_name %>|
+    json.<%= file_name %> = <%= file_name %>.as_json
+  end
+end
+json.signature = JWS.encode(@<%= controller_file_path %>.to_a.as_json, "<%= secret %>", "<%= algorithm %>")

data/lib/jose/generators/josebuilder/templates/show.json.jbuilder

@@ -0,0 +1,3 @@
+json.header = {alg: "<%= algorithm %>", typ: "JWT"}
+json.payload = @<%= file_name %>.as_json
+json.signature = JWT.encode(@<%= file_name %>.as_json, "<%= secret %>", "<%= algorithm %>")

data/lib/jose/json.rb

@@ -0,0 +1,15 @@
+module JWS
+  module Json
+    require 'json'
+
+    def decode_json(encoded_json)
+      JSON.parse(encoded_json)
+    rescue JSON::ParseError
+      raise JOSE::DecodeError.new("Invalid encoding")
+    end
+
+    def encode_json(raw)
+      JSON.generate(raw)
+    end
+  end
+end

data/lib/jws.rb

@@ -0,0 +1,127 @@
+require 'base64'
+require 'openssl'
+require 'jose/json'
+
+module JWS
+  class DecodeError < StandardError; end
+  class VerificationError < DecodeError; end
+  extend JWS::Json
+
+  module_function
+
+  def sign(algorithm, msg, key)
+    if ['HS256', 'HS384', 'HS512'].include?(algorithm)
+      sign_hmac(algorithm, msg, key)
+    else
+      raise NotImplementedError.new("Unsupported signing mehtod")
+    end
+  end
+
+  def sign_hmac(algorithm, msg, key)
+    OpenSSL::HMAC.digest(OpenSSL::Digest.new(algorithm.sub('HS', 'Sha')), key, msg)
+  end
+
+  def base64url_decode(str)
+    str += '=' *(4 - str.length.modulo(4))
+    Base64.decode64(str.tr('-_', '+/'))
+  end
+
+  def base64url_encode(str)
+    Base64.encode64(str).tr('+/', '-_').gsub(/[\n=]/, '')
+  end
+
+  def encoded_header(algorithm='HS256', header_fields={})
+    header = {'typ' => 'JWS', 'alg' => algorithm}.merge(header_fields)
+    base64url_encode(encode_json(header))
+  end
+
+  def encoded_payload(payload)
+    base64url_encode(encode_json(payload))
+  end
+
+  def encoded_signature(signing_input, key, algorithm)
+    if algorithm == 'none'
+      ''
+    else
+      signature = sign(algorithm, signing_input, key)
+      base64url_encode(signature)
+    end
+  end
+
+  def encode(payload, key, algorithm='HS256', header_fields={})
+    algorithm ||= 'none'
+    segments = []
+    segments << encoded_header(algorithm, header_fields)
+    segments << encoded_payload(payload)
+    segments << encoded_signature(segments.join('.'), key, algorithm)
+    segments.join('.')
+  end
+
+  def raw_segments(jws, verify=true)
+    segments = jws.split('.')
+    required_number_of_segments = verify ? [3] :[2,3]
+    raise JWS::DecodeError.new('Not enough or too many segments') unless required_number_of_segments.include? segments.length
+    segments
+  end
+
+  def decode_header_and_payload(header_segment, payload_segment)
+    header = decode_json(base64url_decode(header_segment))
+    payload = decode_json(base64url_decode(payload_segment))
+    [header, payload]
+  end
+
+  def decoded_segments(jws, verify=true)
+    header_segment, payload_segment, crypto_segment = raw_segments(jws, verify)
+    header, payload = decode_header_and_payload(header_segment, payload_segment)
+    signature = base64url_decode(crypto_segment.to_s) if verify
+    signing_input = [header_segment, payload_segment].join('.')
+    [header, payload, signature, signing_input]
+  end
+
+  def decode(jws, key=nil, verify=true, options={}, &keyfinder)
+    raise JWS::DecodeError.new('Nil JSON Web Signature') unless jws
+    header, payload, signature, signing_input = decoded_segments(jws, verify)
+    raise JWS::DecodeError.new('Not enough or too many segments') unless header && payload
+    
+    if verify
+      algo, key = signature_algorithm_and_key(header, key, &keyfinder)
+      if options[:algorithm] && algo != options[:algorithm]
+        raise JWS::IncorrectAlgorithm.new('Expected a different algorithm')
+      end
+      verify_signature(algo, key, signing_input, signature)
+    end
+
+    return payload, header
+  end
+
+  def signature_algorithm_and_key(header, key, &keyfinder)
+    if keyfinder
+      key = keyfinder.call(header)
+    end
+    [header['alg'], key]
+  end
+
+  def verify_signature(algo, key, signing_input, signature)
+    begin
+      if ['HS256', 'HS384', 'HS512'].include?(algo)
+        raise JWS::VerificationError.new('Signature verification failed') unless secure_compare(signature, sign_hmac(algo, signing_input, key))
+      else
+        raise JWS::VerificationError.new('Algorithm not supported')
+      end
+    rescue OpenSSL::Pkey::PkeyError
+      raise JWS::VerificationError.new('Signature verification failed')
+    ensure
+      OpenSSL.errors.clear
+    end
+  end
+
+  def secure_compare(a, b)
+    return false if a.nil? || b.nil? || a.empty? || b.empty? || a.bytesize != b.bytesize
+    l = a.unpack "C#{a.bytesize}"
+
+    res = 0
+    b.each_byte { |byte| res |= byte ^ l.shift }
+    res == 0
+  end
+
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: josebuilder
 version: !ruby/object:Gem::Version
-  version: 0.0.5
+  version: 0.0.6
 platform: ruby
 authors:
 - Nguyen Ngo Dinh
@@ -70,7 +70,20 @@ email:
 executables: []
 extensions: []
 extra_rdoc_files: []
-files: []
+files:
+- josebuilder-0.0.0.gem
+- josebuilder-0.0.1.gem
+- josebuilder-0.0.2.gem
+- josebuilder-0.0.3.gem
+- josebuilder-0.0.4.gem
+- josebuilder.gemspec
+- lib/jose/generators/josebuilder/USAGE
+- lib/jose/generators/josebuilder/josebuilder_generator.rb
+- lib/jose/generators/josebuilder/templates/index.json.jbuilder
+- lib/jose/generators/josebuilder/templates/show.json.jbuilder
+- lib/jose/json.rb
+- lib/josebuilder.rb
+- lib/jws.rb
 homepage: https://github.com/nguyenngodinh/josebuilder
 licenses:
 - MIT