RubyGems - json-jwt - Versions diffs - 1.15.0 → 1.15.3 - Mend

json-jwt 1.15.0 → 1.15.3

This version of json-jwt might be problematic. Click here for more details.

Files changed (10) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 881eaf3476eb9b98f7e02ba780e2893398f79f707c55c7e151f1de8f1a344f5c
-  data.tar.gz: fe2329046f613383e73b4b8579d440f6e394457ad3b090fee27c373b47daa690
+  metadata.gz: 0bc8f7f5b23b61360c4b6a72c253b52beb5f7226ebf441d6a6561729155ea55d
+  data.tar.gz: 7175e7ea9121d74d633bb32ce6f88e2d50ddbc3b0109426c562508e40a119727
 SHA512:
-  metadata.gz: d337b0e27607d55697ae6e162b25674fbcc27b21fe23bfa34d42bc4812e0a35f39f95b8eff66b7a4f6de7e78e883450f6e580931164c632a0146253b7ee89d58
-  data.tar.gz: 0fea890071b4038cbc4ee8080d5c99388035f7642707dd1f4303bcafd7f5f9d8c2f517a5d938d988b551d680211ef6909987b6bbd7e3a5d4688136e37a469f54
+  metadata.gz: f169ddb8eafd2b66e84c8fd32328793e040477a376ab7dfedef29990d330afa667f5f563bc540a0479b095cc2c16cb38b6bb7a7a6c9842656ea41425e63c87b7
+  data.tar.gz: 53e010725185c4acab07988025b1dd70d7def52f27c285ed502a21f1d8e8ad1eedca780db14378824ff7891fbd852265b06a2256281c5a07d40545487ad9241c

data/.github/workflows/test_ruby.yml CHANGED Viewed

@@ -11,8 +11,8 @@ jobs:
   test:
     strategy:
       matrix:
-        os: ['ubuntu-18.04', 'ubuntu-20.04']
-        ruby-version: ['2.5', '2.6', '2.7', '3.0', '3.1']
+        os: ['ubuntu-20.04']
+        ruby-version: ['2.6', '2.7', '3.0', '3.1']
         # ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
         include:
         - os: 'ubuntu-22.04'

data/.travis.yml CHANGED Viewed

@@ -3,6 +3,7 @@ before_install:
   - git submodule update --init --recursive
 rvm:
+  - 2.6.10
   - 2.7.6
   - 3.0.4
   - 3.1.2

data/README.md CHANGED Viewed

@@ -49,6 +49,17 @@ input = "jwt_header.jwt_claims.jwt_signature"
 JSON::JWT.decode(input, public_key)
 ```
+If you need to get a JWK from `jwks_uri` of OpenID Connect IdP, you can use `JSON::JWK::Set::Fetcher` to fetch (& optionally cache) it.
+```ruby
+# JWK Set Fetching & Caching
+# NOTE: Optionally by setting cache instance, JWKs are cached by kid.
+JSON::JWK::Set::Fetcher.cache = Rails.cache
+JSON::JWK::Set::Fetcher.fetch(jwks_uri, kid: kid)
+# => returns JSON::JWK instance or raise JSON::JWK::Set::KidNotFound
+```
 For more details, read [Documentation Wiki](https://github.com/nov/json-jwt/wiki).
 ## Note on Patches/Pull Requests

data/VERSION CHANGED Viewed

data/lib/json/jose.rb CHANGED Viewed

@@ -26,9 +26,7 @@ module JSON
       when JSON::JWK
         key.to_key
       when JSON::JWK::Set
-        key.detect do |jwk|
-          jwk[:kid] && jwk[:kid] == kid
-        end&.to_key or raise JWK::Set::KidNotFound
+        key[kid]&.to_key or raise JWK::Set::KidNotFound
       else
         key
       end

data/lib/json/jwk/set/fetcher.rb CHANGED Viewed

@@ -3,7 +3,7 @@ module JSON
     class Set
       module Fetcher
         class Cache
-          def fetch(cache_key)
+          def fetch(cache_key, options = {})
             yield
           end
         end
@@ -60,22 +60,26 @@ module JSON
         end
         self.cache = Cache.new
-        def self.fetch(jwks_uri, kid:)
+        def self.fetch(jwks_uri, kid:, auto_detect: true, **options)
           cache_key = [
             'json:jwk:set',
             OpenSSL::Digest::MD5.hexdigest(jwks_uri),
             kid
           ].collect(&:to_s).join(':')
           jwks = Set.new(
             JSON.parse(
-              cache.fetch(cache_key) do
+              cache.fetch(cache_key, options) do
                 http_client.get_content(jwks_uri)
               end
             )
           )
-          jwks.detect do |jwk|
-            jwk[:kid] && jwk[:kid] == kid
-          end or raise JWK::Set::KidNotFound
+          if auto_detect
+            jwks[kid] or raise KidNotFound
+          else
+            jwks
+          end
         end
       end
     end

data/lib/json/jwk/set.rb CHANGED Viewed

@@ -19,6 +19,12 @@ module JSON
         'application/jwk-set+json'
       end
+      def [](kid)
+        detect do |jwk|
+          jwk[:kid] && jwk[:kid] == kid
+        end
+      end
       def as_json(options = {})
         # NOTE: Array.new wrapper is requied to avoid CircularReferenceError
         {keys: Array.new(self)}

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.15.0
+  version: 1.15.3
 platform: ruby
 authors:
 - nov matake
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-11 00:00:00.000000000 Z
+date: 2022-08-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -140,8 +140,7 @@ description: JSON Web Token and its family (JSON Web Signature, JSON Web Encrypt
   and JSON Web Key) in Ruby
 email:
 - nov@matake.jp
-executables:
-- console
+executables: []
 extensions: []
 extra_rdoc_files: []
 files:
@@ -156,7 +155,6 @@ files:
 - README.md
 - Rakefile
 - VERSION
-- bin/console
 - json-jwt.gemspec
 - lib/json/jose.rb
 - lib/json/jwe.rb
@@ -171,7 +169,7 @@ homepage: https://github.com/nov/json-jwt
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -187,7 +185,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key:
+signing_key:
 specification_version: 4
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
   JSON Web Key) in Ruby

data/bin/console DELETED Viewed

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-require "bundler/setup"
-require "json/jwt"
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-require "irb"
-IRB.start(__FILE__)