RubyGems - json-jwt - Versions diffs - 1.15.2 → 1.16.0 - Mend

json-jwt 1.15.2 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (11) hide show

checksums.yaml +4 -4
data/.github/workflows/{test_ruby.yml → spec.yml} +8 -6
data/README.md +11 -2
data/VERSION +1 -1
data/json-jwt.gemspec +2 -1
data/lib/json/jwk/set/fetcher.rb +8 -12
data/lib/json/jwt.rb +3 -3
metadata +23 -13
data/.travis.yml +0 -11
data/bin/console +0 -14
data/lib/json/jwk/set/fetcher/debugger/request_filter.rb +0 -34

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 461b1855ba57fa3fefc481af74b1000d3d4bd23f7abaa5dbb1e9830b044e2ac5
-  data.tar.gz: cb1e27cb8195b468265ca461b87ecd28404ed2d0e6e91d7cb5873a3aa22e4272
+  metadata.gz: 2097e754332fbc0d82af414efcce07c63da2bbd7cc3f2976a8df1c770dffb9b8
+  data.tar.gz: a7a9950a0501b58b249bb39d2c369ea315cd40d4f9297b6e19f66d82763ec2ce
 SHA512:
-  metadata.gz: ad19ed8648a4106d1c87990e951235a223db45abbc1af6a2526f6fddcd880ec22b960d407d809c07ff47a698da96f8b9a3bceffcc308ebcaee053a3cb5ae4dbb
-  data.tar.gz: ad654c4196e72116d7bcafd39c30c9293e16fc287fc108b2529081e1c05b15b1c28bc92868c927e016f0a36fc893110d4ab625a1a11cfc861a9945cdf3d30a47
+  metadata.gz: a0092471b468de8a24909cafa45a86c934ee67c0eedf40ae962427f72007d038e1a2dde5a1d32c39465e9594b0c06e634bed8f8bade183a7919f5a12222ee916
+  data.tar.gz: 5b5ff6abbd60b781b7d9d291153a80f83a108fe37d9358dfac8463ff810b0016c5224f849baac3a4720d0bdc8b6d8bbdc0131780b8fba29c6e4d49c72fa2c034

data/.github/workflows/{test_ruby.yml → spec.yml} RENAMED Viewed

@@ -1,18 +1,20 @@
-name: Test Ruby
+name: Spec
 on:
   push:
+    branches:
+      - master
   pull_request:
 permissions:
   contents: read
 jobs:
-  test:
+  spec:
     strategy:
       matrix:
-        os: ['ubuntu-18.04', 'ubuntu-20.04']
-        ruby-version: ['2.5', '2.6', '2.7', '3.0', '3.1']
+        os: ['ubuntu-20.04']
+        ruby-version: ['2.6', '2.7', '3.0', '3.1']
         # ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
         include:
         - os: 'ubuntu-22.04'
@@ -26,5 +28,5 @@ jobs:
       with:
         ruby-version: ${{ matrix.ruby-version }}
         bundler-cache: true
-    - name: Run tests
-      run: bundle exec rake
+    - name: Run Specs
+      run: bundle exec rake spec

data/README.md CHANGED Viewed

@@ -2,8 +2,6 @@
 JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby
-[![Build Status](https://secure.travis-ci.org/nov/json-jwt.png)](http://travis-ci.org/nov/json-jwt)
 ## Installation
 ```
@@ -49,6 +47,17 @@ input = "jwt_header.jwt_claims.jwt_signature"
 JSON::JWT.decode(input, public_key)
 ```
+If you need to get a JWK from `jwks_uri` of OpenID Connect IdP, you can use `JSON::JWK::Set::Fetcher` to fetch (& optionally cache) it.
+```ruby
+# JWK Set Fetching & Caching
+# NOTE: Optionally by setting cache instance, JWKs are cached by kid.
+JSON::JWK::Set::Fetcher.cache = Rails.cache
+JSON::JWK::Set::Fetcher.fetch(jwks_uri, kid: kid)
+# => returns JSON::JWK instance or raise JSON::JWK::Set::KidNotFound
+```
 For more details, read [Documentation Wiki](https://github.com/nov/json-jwt/wiki).
 ## Note on Patches/Pull Requests

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.15.2
1	+ 1.16.0

data/json-jwt.gemspec CHANGED Viewed

@@ -16,7 +16,8 @@ Gem::Specification.new do |gem|
   gem.add_runtime_dependency 'activesupport', '>= 4.2'
   gem.add_runtime_dependency 'bindata'
   gem.add_runtime_dependency 'aes_key_wrap'
-  gem.add_runtime_dependency 'httpclient'
+  gem.add_runtime_dependency 'faraday', '~> 2.0'
+  gem.add_runtime_dependency 'faraday-follow_redirects'
   gem.add_development_dependency 'rake'
   gem.add_development_dependency 'simplecov'
   gem.add_development_dependency 'webmock'

data/lib/json/jwk/set/fetcher.rb CHANGED Viewed

@@ -36,17 +36,13 @@ module JSON
         self.debugging = false
         def self.http_client
-          _http_client_ = HTTPClient.new(
-            agent_name: "JSON::JWK::Set::Fetcher (#{JSON::JWT::VERSION})"
-          )
-          # NOTE: httpclient gem seems stopped maintaining root certtificate set, use OS default.
-          _http_client_.ssl_config.clear_cert_store
-          _http_client_.ssl_config.cert_store.set_default_paths
-          _http_client_.request_filter << Debugger::RequestFilter.new if debugging?
-          http_config.try(:call, _http_client_)
-          _http_client_
+          Faraday.new(headers: {user_agent: "JSON::JWK::Set::Fetcher #{VERSION}"}) do |faraday|
+            faraday.response :raise_error
+            faraday.response :follow_redirects
+            faraday.response :logger, JSON::JWK::Set::Fetcher.logger if debugging?
+            faraday.adapter Faraday.default_adapter
+            http_config.try(:call, faraday)
+          end
         end
         def self.http_config(&block)
           @@http_config ||= block
@@ -70,7 +66,7 @@ module JSON
           jwks = Set.new(
             JSON.parse(
               cache.fetch(cache_key, options) do
-                http_client.get_content(jwks_uri)
+                http_client.get(jwks_uri).body
               end
             )
           )

data/lib/json/jwt.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 require 'openssl'
 require 'base64'
-require 'httpclient'
+require 'faraday'
+require 'faraday/follow_redirects'
 require 'active_support'
 require 'active_support/core_ext'
 require 'json/jose'
@@ -137,5 +138,4 @@ require 'json/jwe'
 require 'json/jwk'
 require 'json/jwk/jwkizable'
 require 'json/jwk/set'
-require 'json/jwk/set/fetcher'
-require 'json/jwk/set/fetcher/debugger/request_filter'
+require 'json/jwk/set/fetcher'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.15.2
+  version: 1.16.0
 platform: ruby
 authors:
 - nov matake
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-14 00:00:00.000000000 Z
+date: 2022-10-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -53,7 +53,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: httpclient
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: faraday-follow_redirects
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -140,23 +154,20 @@ description: JSON Web Token and its family (JSON Web Signature, JSON Web Encrypt
   and JSON Web Key) in Ruby
 email:
 - nov@matake.jp
-executables:
-- console
+executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".github/FUNDING.yml"
-- ".github/workflows/test_ruby.yml"
+- ".github/workflows/spec.yml"
 - ".gitignore"
 - ".gitmodules"
 - ".rspec"
-- ".travis.yml"
 - Gemfile
 - LICENSE
 - README.md
 - Rakefile
 - VERSION
-- bin/console
 - json-jwt.gemspec
 - lib/json/jose.rb
 - lib/json/jwe.rb
@@ -164,14 +175,13 @@ files:
 - lib/json/jwk/jwkizable.rb
 - lib/json/jwk/set.rb
 - lib/json/jwk/set/fetcher.rb
-- lib/json/jwk/set/fetcher/debugger/request_filter.rb
 - lib/json/jws.rb
 - lib/json/jwt.rb
 homepage: https://github.com/nov/json-jwt
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -186,8 +196,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
-signing_key:
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
   JSON Web Key) in Ruby

data/.travis.yml DELETED Viewed

@@ -1,11 +0,0 @@
-before_install:
-  - gem install bundler
-  - git submodule update --init --recursive
-rvm:
-  - 2.7.6
-  - 3.0.4
-  - 3.1.2
-jdk:
-  - openjdk11

data/bin/console DELETED Viewed

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-require "bundler/setup"
-require "json/jwt"
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-require "irb"
-IRB.start(__FILE__)

data/lib/json/jwk/set/fetcher/debugger/request_filter.rb DELETED Viewed

@@ -1,34 +0,0 @@
-module JSON
-  class JWK
-    class Set
-      module Fetcher
-        module Debugger
-          class RequestFilter
-            # Callback called in HTTPClient (before sending a request)
-            # request:: HTTP::Message
-            def filter_request(request)
-              started = "======= [JSON::JWK::Set::Fetcher] HTTP REQUEST STARTED ======="
-              log started, request.dump
-            end
-            # Callback called in HTTPClient (after received a response)
-            # request::  HTTP::Message
-            # response:: HTTP::Message
-            def filter_response(request, response)
-              finished = "======= [JSON::JWK::Set::Fetcher] HTTP REQUEST FINISHED ======="
-              log '-' * 50, response.dump, finished
-            end
-            private
-            def log(*outputs)
-              outputs.each do |output|
-                JSON::JWK::Set::Fetcher.logger.info output
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end