json-jwt 1.15.2 → 1.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 461b1855ba57fa3fefc481af74b1000d3d4bd23f7abaa5dbb1e9830b044e2ac5
-  data.tar.gz: cb1e27cb8195b468265ca461b87ecd28404ed2d0e6e91d7cb5873a3aa22e4272
+  metadata.gz: 2097e754332fbc0d82af414efcce07c63da2bbd7cc3f2976a8df1c770dffb9b8
+  data.tar.gz: a7a9950a0501b58b249bb39d2c369ea315cd40d4f9297b6e19f66d82763ec2ce
 SHA512:
-  metadata.gz: ad19ed8648a4106d1c87990e951235a223db45abbc1af6a2526f6fddcd880ec22b960d407d809c07ff47a698da96f8b9a3bceffcc308ebcaee053a3cb5ae4dbb
-  data.tar.gz: ad654c4196e72116d7bcafd39c30c9293e16fc287fc108b2529081e1c05b15b1c28bc92868c927e016f0a36fc893110d4ab625a1a11cfc861a9945cdf3d30a47
+  metadata.gz: a0092471b468de8a24909cafa45a86c934ee67c0eedf40ae962427f72007d038e1a2dde5a1d32c39465e9594b0c06e634bed8f8bade183a7919f5a12222ee916
+  data.tar.gz: 5b5ff6abbd60b781b7d9d291153a80f83a108fe37d9358dfac8463ff810b0016c5224f849baac3a4720d0bdc8b6d8bbdc0131780b8fba29c6e4d49c72fa2c034

data/.github/workflows/{test_ruby.yml → spec.yml}

@@ -1,18 +1,20 @@
-name: Test Ruby
+name: Spec
 
 on:
   push:
+    branches:
+      - master
   pull_request:
 
 permissions:
   contents: read
 
 jobs:
-  test:
+  spec:
     strategy:
       matrix:
-        os: ['ubuntu-18.04', 'ubuntu-20.04']
-        ruby-version: ['2.5', '2.6', '2.7', '3.0', '3.1']
+        os: ['ubuntu-20.04']
+        ruby-version: ['2.6', '2.7', '3.0', '3.1']
         # ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
         include:
         - os: 'ubuntu-22.04'
@@ -26,5 +28,5 @@ jobs:
       with:
         ruby-version: ${{ matrix.ruby-version }}
         bundler-cache: true
-    - name: Run tests
-      run: bundle exec rake
+    - name: Run Specs
+      run: bundle exec rake spec

data/README.md

@@ -2,8 +2,6 @@
 
 JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby
 
-[![Build Status](https://secure.travis-ci.org/nov/json-jwt.png)](http://travis-ci.org/nov/json-jwt)
-
 ## Installation
 
 ```
@@ -49,6 +47,17 @@ input = "jwt_header.jwt_claims.jwt_signature"
 JSON::JWT.decode(input, public_key)
 ```
 
+If you need to get a JWK from `jwks_uri` of OpenID Connect IdP, you can use `JSON::JWK::Set::Fetcher` to fetch (& optionally cache) it.
+
+```ruby
+# JWK Set Fetching & Caching
+# NOTE: Optionally by setting cache instance, JWKs are cached by kid.
+JSON::JWK::Set::Fetcher.cache = Rails.cache
+
+JSON::JWK::Set::Fetcher.fetch(jwks_uri, kid: kid)
+# => returns JSON::JWK instance or raise JSON::JWK::Set::KidNotFound
+```
+
 For more details, read [Documentation Wiki](https://github.com/nov/json-jwt/wiki).
 
 ## Note on Patches/Pull Requests

data/VERSION

@@ -1 +1 @@
-1.15.2
+1.16.0

data/json-jwt.gemspec

@@ -16,7 +16,8 @@ Gem::Specification.new do |gem|
   gem.add_runtime_dependency 'activesupport', '>= 4.2'
   gem.add_runtime_dependency 'bindata'
   gem.add_runtime_dependency 'aes_key_wrap'
-  gem.add_runtime_dependency 'httpclient'
+  gem.add_runtime_dependency 'faraday', '~> 2.0'
+  gem.add_runtime_dependency 'faraday-follow_redirects'
   gem.add_development_dependency 'rake'
   gem.add_development_dependency 'simplecov'
   gem.add_development_dependency 'webmock'

data/lib/json/jwk/set/fetcher.rb

@@ -36,17 +36,13 @@ module JSON
         self.debugging = false
 
         def self.http_client
-          _http_client_ = HTTPClient.new(
-            agent_name: "JSON::JWK::Set::Fetcher (#{JSON::JWT::VERSION})"
-          )
-
-          # NOTE: httpclient gem seems stopped maintaining root certtificate set, use OS default.
-          _http_client_.ssl_config.clear_cert_store
-          _http_client_.ssl_config.cert_store.set_default_paths
-
-          _http_client_.request_filter << Debugger::RequestFilter.new if debugging?
-          http_config.try(:call, _http_client_)
-          _http_client_
+          Faraday.new(headers: {user_agent: "JSON::JWK::Set::Fetcher #{VERSION}"}) do |faraday|
+            faraday.response :raise_error
+            faraday.response :follow_redirects
+            faraday.response :logger, JSON::JWK::Set::Fetcher.logger if debugging?
+            faraday.adapter Faraday.default_adapter
+            http_config.try(:call, faraday)
+          end
         end
         def self.http_config(&block)
           @@http_config ||= block
@@ -70,7 +66,7 @@ module JSON
           jwks = Set.new(
             JSON.parse(
               cache.fetch(cache_key, options) do
-                http_client.get_content(jwks_uri)
+                http_client.get(jwks_uri).body
               end
             )
           )

data/lib/json/jwt.rb

@@ -1,6 +1,7 @@
 require 'openssl'
 require 'base64'
-require 'httpclient'
+require 'faraday'
+require 'faraday/follow_redirects'
 require 'active_support'
 require 'active_support/core_ext'
 require 'json/jose'
@@ -137,5 +138,4 @@ require 'json/jwe'
 require 'json/jwk'
 require 'json/jwk/jwkizable'
 require 'json/jwk/set'
-require 'json/jwk/set/fetcher'
-require 'json/jwk/set/fetcher/debugger/request_filter'
+require 'json/jwk/set/fetcher'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.15.2
+  version: 1.16.0
 platform: ruby
 authors:
 - nov matake
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-14 00:00:00.000000000 Z
+date: 2022-10-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -53,7 +53,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: httpclient
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: faraday-follow_redirects
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -140,23 +154,20 @@ description: JSON Web Token and its family (JSON Web Signature, JSON Web Encrypt
   and JSON Web Key) in Ruby
 email:
 - nov@matake.jp
-executables:
-- console
+executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".github/FUNDING.yml"
-- ".github/workflows/test_ruby.yml"
+- ".github/workflows/spec.yml"
 - ".gitignore"
 - ".gitmodules"
 - ".rspec"
-- ".travis.yml"
 - Gemfile
 - LICENSE
 - README.md
 - Rakefile
 - VERSION
-- bin/console
 - json-jwt.gemspec
 - lib/json/jose.rb
 - lib/json/jwe.rb
@@ -164,14 +175,13 @@ files:
 - lib/json/jwk/jwkizable.rb
 - lib/json/jwk/set.rb
 - lib/json/jwk/set/fetcher.rb
-- lib/json/jwk/set/fetcher/debugger/request_filter.rb
 - lib/json/jws.rb
 - lib/json/jwt.rb
 homepage: https://github.com/nov/json-jwt
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -186,8 +196,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.1.6
+signing_key: 
 specification_version: 4
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
   JSON Web Key) in Ruby

data/.travis.yml

@@ -1,11 +0,0 @@
-before_install:
-  - gem install bundler
-  - git submodule update --init --recursive
-
-rvm:
-  - 2.7.6
-  - 3.0.4
-  - 3.1.2
-
-jdk:
-  - openjdk11

data/bin/console

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "json/jwt"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start(__FILE__)

data/lib/json/jwk/set/fetcher/debugger/request_filter.rb

@@ -1,34 +0,0 @@
-module JSON
-  class JWK
-    class Set
-      module Fetcher
-        module Debugger
-          class RequestFilter
-            # Callback called in HTTPClient (before sending a request)
-            # request:: HTTP::Message
-            def filter_request(request)
-              started = "======= [JSON::JWK::Set::Fetcher] HTTP REQUEST STARTED ======="
-              log started, request.dump
-            end
-
-            # Callback called in HTTPClient (after received a response)
-            # request::  HTTP::Message
-            # response:: HTTP::Message
-            def filter_response(request, response)
-              finished = "======= [JSON::JWK::Set::Fetcher] HTTP REQUEST FINISHED ======="
-              log '-' * 50, response.dump, finished
-            end
-
-            private
-
-            def log(*outputs)
-              outputs.each do |output|
-                JSON::JWK::Set::Fetcher.logger.info output
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end