json-jwt 0.0.0 → 0.0.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

data/.travis.yml CHANGED
@@ -2,5 +2,4 @@ rvm:
2
2
  - 1.8.7
3
3
  - 1.9.2
4
4
  - 1.9.3
5
- - jruby
6
- - ree
5
+ - jruby
data/Gemfile.lock ADDED
@@ -0,0 +1,33 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ json-jwt (0.0.0)
5
+ json (>= 1.4.3)
6
+ url_safe_base64
7
+
8
+ GEM
9
+ remote: http://rubygems.org/
10
+ specs:
11
+ diff-lcs (1.1.3)
12
+ json (1.6.0)
13
+ rake (0.9.2)
14
+ rcov (0.9.10)
15
+ rspec (2.6.0)
16
+ rspec-core (~> 2.6.0)
17
+ rspec-expectations (~> 2.6.0)
18
+ rspec-mocks (~> 2.6.0)
19
+ rspec-core (2.6.4)
20
+ rspec-expectations (2.6.0)
21
+ diff-lcs (~> 1.1.2)
22
+ rspec-mocks (2.6.0)
23
+ url_safe_base64 (0.2.1)
24
+
25
+ PLATFORMS
26
+ ruby
27
+
28
+ DEPENDENCIES
29
+ jruby-openssl (>= 0.7)
30
+ json-jwt!
31
+ rake (>= 0.8)
32
+ rcov (>= 0.9)
33
+ rspec (>= 2)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.0
1
+ 0.0.1
data/lib/json/jws.rb CHANGED
@@ -2,7 +2,7 @@ module JSON
2
2
  class JWS < JWT
3
3
  def initialize(jwt)
4
4
  @header = jwt.header
5
- @claim = jwt.claim
5
+ replace jwt
6
6
  end
7
7
 
8
8
  def sign(private_key_or_secret, algorithm)
@@ -33,7 +33,7 @@ module JSON
33
33
  def signature_base_string
34
34
  [
35
35
  header.to_json,
36
- claim.to_json
36
+ self.to_json
37
37
  ].collect do |segment|
38
38
  UrlSafeBase64.encode64 segment
39
39
  end.join('.')
data/lib/json/jwt.rb CHANGED
@@ -3,8 +3,8 @@ require 'url_safe_base64'
3
3
  require 'json'
4
4
 
5
5
  module JSON
6
- class JWT
7
- attr_accessor :header, :claim, :signature
6
+ class JWT < Hash
7
+ attr_accessor :header, :signature
8
8
 
9
9
  def initialize(claim)
10
10
  @header = {
@@ -16,7 +16,7 @@ module JSON
16
16
  claim[key] = claim[key].to_i
17
17
  end
18
18
  end
19
- @claim = claim
19
+ replace claim
20
20
  end
21
21
 
22
22
  def sign(private_key_or_secret, algorithm = :RS256)
@@ -26,7 +26,7 @@ module JSON
26
26
  def to_s
27
27
  [
28
28
  header.to_json,
29
- claim.to_json,
29
+ self.to_json,
30
30
  signature
31
31
  ].collect do |segment|
32
32
  UrlSafeBase64.encode64 segment.to_s
@@ -0,0 +1,30 @@
1
+ -----BEGIN RSA PRIVATE KEY-----
2
+ Proc-Type: 4,ENCRYPTED
3
+ DEK-Info: AES-256-CBC,A6B5D10FFA23D7BC66CE4FB46B754E8C
4
+
5
+ gvYFJmzetWSwpf1Ut6USm4IReFLA6bpp5nVUfU2Xa9dJmrCu0cTupTkdzNmGp14/
6
+ mzeT/a5WplK1hWV41Y7bLm57hOpaoxbEx2h3IW9cxuqgAp422AbafRu6hEvjUONO
7
+ qUEm63I4d7/FKo0he4IVVx0UHaX5eEq8pdY1AZR9+fqlxWvjpgZlB0anT3AMpfVL
8
+ CY4sGc/Es14M9A4zUpOkp+09PbV3WNG8A4G4IJA3wx6tYBxrd2866Te2ccP6/BL8
9
+ HA2uoqeD+70ziybvd//CtGAD1xoTDvOCwzXXT5A4fCuec3apFp8O6WyJ63ao99R4
10
+ E0r6AvD4iOkLMC8K2YUSc1zFLJAkhlfhBb8qFbXOwOomazWf2Z8rDtkP1VCfB9gC
11
+ W6oYRBOyVUkbaBSBOOPBJtxjuTL/cJBvFhn6r0zdC67g0CD4cabMPd1VY92lUVbl
12
+ JvE9CouDB5O39jwfpgfxo3kGev2UzwRze9U2uw6EdYIUB/ixyC8/5BoN8lKZXdTn
13
+ 7vQBmcBsC3boMqQiq2c/dVGW7yrt/Y4q8wq9aGFwdBAY1pYhRlOZ0MwFmlAJKOzo
14
+ Y3i2OILtPM0sdfqIeAvrwicQULGAzLGEhecDOQ1r0GwZRy5/Sl3ILxKMW8ngdaK4
15
+ iNDM56u6F9dwqqArrZDZgkfwnKakXU2ZbltSOWTCleCfYrc1D75Yw3FHKcWozB/l
16
+ uyMTIqzBXzO6OiNDUv7zAE1xzVaV+VeBH/5KGx18dAuRP3TnpYltGSUVDyGk9FX7
17
+ m7nhvkqOcFJMHOGdTjt2Ff9Ibn3rgCEFI0CjCwcJPo2ym1Zox8GfP0/nXk3p/oWV
18
+ ebBTvS+yc9HaSm2Al77GDXEwY7NDcTef+3kEtQHpesS+xmC8mFtMEKV8vifXEhpt
19
+ iNp6gtsfDMtFmrFXCADTaUD1WBmhJQtYUsGsoQ75c5zzUHU93BOswBe2KODCA3Ie
20
+ X3XKvHTjGw3wjWJvLcnL3EgcHDL1x7ehIA5UgvHFixmkx5D91uIdq4YDMt6xERle
21
+ JgeLKF9g1qCl9wmxqT4T1J9h9LGMQQEUhth0uTFr6bEpzgg6hFTrPDaI8dOMlcgu
22
+ ctOH2wFZgRMfrykGIs53rwF4pL+8iy+pakaRRAVTaZIX2CL2dThy0283jTVu9dNn
23
+ f/Zfu5mNlvsRcXlZMgTy0UMBpXeLMjaWyd+JeAnAeZxO3/ID/Ppg6vcc0Wn8XyB5
24
+ YUOIQe+Rc0jJnB1zqjww2cB6H5Ke3GjktQqrulHFfEYbn7lj8WLVgDLmellFNOxX
25
+ k9H2sta5SN/t3fN3oBO0A6JyotQOiBE54yHVpgoc+PBlcrpoOxSZx67lprD+WnlV
26
+ Ynnf6qIrR9NxgYN00Elzj9KP9OT1ufFrMQ0BnW4EWdFLCScGLsZVlmBKPrtHwK3N
27
+ FSy3JFMJcpymgNas5+bqIyZGqAZREHH3AWhc2TVl1Kt11g6PZWm3dSafT6SlqgyP
28
+ Z7OcBEnWr+ZhDeJfnAXrn5siah9eXuT0KtQWlqpSn76dExlfz16Da/3xBtO4ceyz
29
+ Lk4gzZ1QjP1ZvjarWOIEtkT7eiWaCQHYNVbvFRu5wo98o/KwO3xaPTDN9LCZKGhR
30
+ -----END RSA PRIVATE KEY-----
@@ -0,0 +1,8 @@
1
+ -----BEGIN RSA PUBLIC KEY-----
2
+ MIIBCgKCAQEAx9vNhcvSrxjsegZAAo4OEuoZOV/oxINEeWneJYczS80/bQ1J6lSS
3
+ J81qecxXAzCLPlvsFoP4eeUNXSt/G7hP7SAM479N+kY/MzbihJ5LRY9sRzLbQTMe
4
+ qsmDAmmQe4y3Ke3bvd70r8VOmo5pqM3IPLGwBkTRTQmyRsDQArilg6WtxDUgy5ol
5
+ 2STHFA8E1iCReh9bck8ZaLxzVhYRXZ0nuOKWGRMppocPlp55HVohOItUZh7uSCch
6
+ LcVAZuhTTNaDLtLIJ6G0yNJvfEieJUhA8wGBoPhD3LMQwQMxTMerpjZhP/qjm6Gg
7
+ eWpKf+iVil86/PSy/z0Vw06/rD0sfXPtlQIDAQAB
8
+ -----END RSA PUBLIC KEY-----
@@ -0,0 +1,30 @@
1
+ module SignKeyFixtureHelper
2
+ def shared_secret
3
+ 'shared-secret'
4
+ end
5
+
6
+ def pem_file(file_name)
7
+ File.new(
8
+ File.join(
9
+ File.dirname(__FILE__),
10
+ '../fixtures/rsa',
11
+ "#{file_name}.pem"
12
+ )
13
+ )
14
+ end
15
+
16
+ def private_key
17
+ OpenSSL::PKey::RSA.new(
18
+ pem_file('private_key'),
19
+ 'pass-phrase'
20
+ )
21
+ end
22
+
23
+ def public_key
24
+ OpenSSL::PKey::RSA.new(
25
+ pem_file('public_key')
26
+ )
27
+ end
28
+ end
29
+
30
+ include SignKeyFixtureHelper
@@ -0,0 +1,74 @@
1
+ require 'spec_helper'
2
+
3
+ describe JSON::JWS do
4
+ let(:jwt) { JSON::JWT.new claim }
5
+ let(:jws) { JSON::JWS.new jwt }
6
+ let(:claim) do
7
+ {
8
+ :iss => 'joe',
9
+ :exp => 1300819380,
10
+ 'http://example.com/is_root' => true
11
+ }
12
+ end
13
+
14
+ shared_examples_for :jwt_with_alg do
15
+ it { should == jwt }
16
+ its(:header) { should == jwt.header }
17
+ end
18
+
19
+ context 'before sign' do
20
+ subject { jws }
21
+ it_behaves_like :jwt_with_alg
22
+ its(:signature) { should be_nil }
23
+ end
24
+
25
+ describe '#sign' do
26
+ shared_examples_for :jwt_with_expected_signature do
27
+ it 'should generate expected signature' do
28
+ UrlSafeBase64.encode64(signed.signature).should == expected_signature[alg]
29
+ end
30
+ end
31
+ let(:expected_signature) {
32
+ {
33
+ :HS256 => 'DyuTgO2Ggb5nrhkkhI-RjVYIBe3o8oL4ijkAn94YPxQ',
34
+ :HS384 => 'a5-7rr61TG8Snv9xxJ7l064ky-SCq1Mswe9t8HEorvoc_nnfIeUy9WQCLMIli34R',
35
+ :HS512 => 'ce-GlHDaNwaHfmAFRGp3QPPKvrpruTug2hC1bf6yNlbuvkMwJw2jFZgq_4wmIPetRdiBy7XFq7rrtmw1Im7tmQ',
36
+ :RS256 => 'E5VELqAdla2Bx1axc9KFxO0EiCr0Mw6HPYX070qGQ8zA_XmyxGPUZLyyWU_6Cn399W-oYBWO2ynLlr8pqqjP3jXevyCeYeGRVN0HzLYiBebEugNnc3hevr7WV2UzfksWRA-Ux2bDv2sz9p_LGbL33wWNxGDvIlpDyZUul_a48nCipS0riBjkTLTSE8dfBxQTXEF5GEUUu99ot6aBLzUhc25nHXSXogXF6MHK-hAcE7f4v-vJ0lbPbHLVGUopIoxoqe4XjoBpzE5UvhrVl5LYbdjbyJhu5ZIA8GLsgwtUFh3dfdIechORoR3k5NSFSv8157bAEa8t4iwgWD2MSNSQnw',
37
+ :RS384 => 'lT5JbytGKgG9QrwkJuxgw7UjmN9tjkEQW9pVGR2XnKEdC0_wLNIzAmT-jTwyMDGBLUkWO7opDOP6Xy6_DOTg58k9PwVkyQzrLnmxJMEng2Q-aMqcitRSIvUk3DPy8kemp8yUPls9NzWmByM2GoUVHbDsR0r-tZN-g_9QYev32mvMhjMr30JI5S2xiRjc9m2GAaXMOQmNTovJgV4bgCp4UjruCrA0BD1JJwDqKYoR_YYr_ALcVjD_LUgy80udJvbi8MAYJVUf0QYtQDrX2wnT_-eiiWjD5XafLuXEQVDRh-v2MKAwdvtXMq5cZ08Zjl2SyHxJ3OqhEeWPvYGltxZh_A',
38
+ :RS512 => 'EHeGM2Mo3ghhUfSB99AlREehrbC6OPE-nYL_rwf88ysTnJ8L1QQ0UuCrXq4SpRutGLK_bYTK3ZALvFRPoOgK_g0QWmqv6qjQRU_QTxoq8y8APP-IgKKDuIiGH6daBV2rAPLDReqYNKsKjmTvZJo2c0a0e_WZkkj_ZwpgjTG3v0gW9lbDAzLJDz18eqtR4ZO7JTu_fyNrUrNk-w2_wpxSsn9sygIMp0lKE0_pt0b01fz3gjTDjlltU0cKSalUp4geaBDH7QRcexrolIctdQFbNKTXQxoigxD3NLNkKGH7f6A8KZdcOm8AnEjullcZs8_OWGnW43p1qrxoBRSivb9pqQ',
39
+ :ES256 => :TODO,
40
+ :ES384 => :TODO,
41
+ :ES512 => :TODO
42
+ }
43
+ }
44
+ let(:signed) do
45
+ jws.sign key, alg
46
+ end
47
+ subject { signed }
48
+
49
+ [:HS256, :HS384, :HS512].each do |algorithm|
50
+ describe algorithm do
51
+ let(:key) { shared_secret }
52
+ let(:alg) { algorithm }
53
+ it_behaves_like :jwt_with_alg
54
+ it_behaves_like :jwt_with_expected_signature
55
+ end
56
+ end
57
+
58
+ [:RS256, :RS384, :RS512].each do |algorithm|
59
+ describe algorithm do
60
+ let(:key) { private_key }
61
+ let(:alg) { algorithm }
62
+ it_behaves_like :jwt_with_alg
63
+ it_behaves_like :jwt_with_expected_signature
64
+ end
65
+ end
66
+
67
+ [:ES256, :ES384, :ES512].each do |algorithm|
68
+ describe algorithm do
69
+ let(:alg) { algorithm }
70
+ it :TODO
71
+ end
72
+ end
73
+ end
74
+ end
@@ -0,0 +1,40 @@
1
+ require 'spec_helper'
2
+
3
+ describe JSON::JWT do
4
+ let(:jwt) { JSON::JWT.new claim }
5
+ let(:claim) do
6
+ {
7
+ :iss => 'joe',
8
+ :exp => 1300819380,
9
+ 'http://example.com/is_root' => true
10
+ }
11
+ end
12
+
13
+ context 'when no sign no encryption' do
14
+ let :result do
15
+ 'eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpc3MiOiJqb2UiLCJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.'
16
+ end
17
+
18
+ it do
19
+ jwt.to_s.should == result
20
+ end
21
+ end
22
+
23
+ describe '.sign' do
24
+ [:HS256, :HS384, :HS512].each do |algorithm|
25
+ context algorithm do
26
+ it do
27
+ jwt.sign(shared_secret, algorithm).should be_a JSON::JWS
28
+ end
29
+ end
30
+ end
31
+
32
+ [:RS256, :RS384, :RS512].each do |algorithm|
33
+ context algorithm do
34
+ it do
35
+ jwt.sign(private_key, algorithm).should be_a JSON::JWS
36
+ end
37
+ end
38
+ end
39
+ end
40
+ end
data/spec/spec_helper.rb CHANGED
@@ -1,2 +1,4 @@
1
1
  require 'rspec'
2
- require 'json/jwt'
2
+ require 'json/jwt'
3
+
4
+ require 'helpers/sign_key_fixture_helper'
metadata CHANGED
@@ -1,8 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 29
4
5
  prerelease:
5
- version: 0.0.0
6
+ segments:
7
+ - 0
8
+ - 0
9
+ - 1
10
+ version: 0.0.1
6
11
  platform: ruby
7
12
  authors:
8
13
  - nov matake
@@ -10,7 +15,7 @@ autorequire:
10
15
  bindir: bin
11
16
  cert_chain: []
12
17
 
13
- date: 2011-09-14 00:00:00 Z
18
+ date: 2011-09-15 00:00:00 Z
14
19
  dependencies:
15
20
  - !ruby/object:Gem::Dependency
16
21
  name: json
@@ -20,6 +25,11 @@ dependencies:
20
25
  requirements:
21
26
  - - ">="
22
27
  - !ruby/object:Gem::Version
28
+ hash: 1
29
+ segments:
30
+ - 1
31
+ - 4
32
+ - 3
23
33
  version: 1.4.3
24
34
  type: :runtime
25
35
  version_requirements: *id001
@@ -31,6 +41,9 @@ dependencies:
31
41
  requirements:
32
42
  - - ">="
33
43
  - !ruby/object:Gem::Version
44
+ hash: 3
45
+ segments:
46
+ - 0
34
47
  version: "0"
35
48
  type: :runtime
36
49
  version_requirements: *id002
@@ -42,6 +55,10 @@ dependencies:
42
55
  requirements:
43
56
  - - ">="
44
57
  - !ruby/object:Gem::Version
58
+ hash: 27
59
+ segments:
60
+ - 0
61
+ - 8
45
62
  version: "0.8"
46
63
  type: :development
47
64
  version_requirements: *id003
@@ -53,6 +70,10 @@ dependencies:
53
70
  requirements:
54
71
  - - ">="
55
72
  - !ruby/object:Gem::Version
73
+ hash: 25
74
+ segments:
75
+ - 0
76
+ - 9
56
77
  version: "0.9"
57
78
  type: :development
58
79
  version_requirements: *id004
@@ -64,6 +85,9 @@ dependencies:
64
85
  requirements:
65
86
  - - ">="
66
87
  - !ruby/object:Gem::Version
88
+ hash: 7
89
+ segments:
90
+ - 2
67
91
  version: "2"
68
92
  type: :development
69
93
  version_requirements: *id005
@@ -81,6 +105,7 @@ files:
81
105
  - .rspec
82
106
  - .travis.yml
83
107
  - Gemfile
108
+ - Gemfile.lock
84
109
  - LICENSE
85
110
  - README.rdoc
86
111
  - Rakefile
@@ -89,6 +114,11 @@ files:
89
114
  - lib/json/jwe.rb
90
115
  - lib/json/jws.rb
91
116
  - lib/json/jwt.rb
117
+ - spec/fixtures/rsa/private_key.pem
118
+ - spec/fixtures/rsa/public_key.pem
119
+ - spec/helpers/sign_key_fixture_helper.rb
120
+ - spec/json/jws_spec.rb
121
+ - spec/json/jwt_spec.rb
92
122
  - spec/spec_helper.rb
93
123
  homepage: https://github.com/nov/json-jwt
94
124
  licenses: []
@@ -103,19 +133,30 @@ required_ruby_version: !ruby/object:Gem::Requirement
103
133
  requirements:
104
134
  - - ">="
105
135
  - !ruby/object:Gem::Version
136
+ hash: 3
137
+ segments:
138
+ - 0
106
139
  version: "0"
107
140
  required_rubygems_version: !ruby/object:Gem::Requirement
108
141
  none: false
109
142
  requirements:
110
143
  - - ">="
111
144
  - !ruby/object:Gem::Version
145
+ hash: 3
146
+ segments:
147
+ - 0
112
148
  version: "0"
113
149
  requirements: []
114
150
 
115
151
  rubyforge_project:
116
- rubygems_version: 1.8.10
152
+ rubygems_version: 1.8.5
117
153
  signing_key:
118
154
  specification_version: 3
119
155
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby
120
156
  test_files:
157
+ - spec/fixtures/rsa/private_key.pem
158
+ - spec/fixtures/rsa/public_key.pem
159
+ - spec/helpers/sign_key_fixture_helper.rb
160
+ - spec/json/jws_spec.rb
161
+ - spec/json/jwt_spec.rb
121
162
  - spec/spec_helper.rb