json-jwt 1.2.0 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/lib/json/jws.rb +10 -0
  4. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 08f7086ee05223bc1e784eec95ee4f8e15b7b35f
4
- data.tar.gz: e98b321350efb0ab0215126f707b9574e3b46d56
3
+ metadata.gz: c3ab6ed0771c53b02dec00aeaeba90587345d6b6
4
+ data.tar.gz: 487f5389dd2e3591344735f5a2d51ba73b4dcea8
5
5
  SHA512:
6
- metadata.gz: 3a6eec2fa290220c9ca5310cfa32b52988223a88e6b10f6a7da6dbfe4f39a6a29b921fa10d9e1efd6116ee6a2872d93e267d810dd4b3dc8a1c6e45cae0882aa4
7
- data.tar.gz: 717d4f00866ad143eeb2fecbd81cafb96c002fb86d3707563529de2484f8aa7b621f0b8946f43cb6a47f2d8cd7d066e0510c651b35ce9b6bd64a21e472681285
6
+ metadata.gz: e8dcc581bc77d01c02f44f5f22e5620f41c4d06028e934dddee955b6fe3d8c29795238be515c96a06d9a32779cae3926f85274199ed5db104c30df3f95ad3beb
7
+ data.tar.gz: 0f2a3b0c5352c016514600668100ddf6bc86dc521848fe6d2ccf689f99cb13fcee9498e578f3fe882bd7de6549164887a5094358e3246945f1e81cbf8d9b89c3
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.2.0
1
+ 1.2.1
data/lib/json/jws.rb CHANGED
@@ -100,6 +100,16 @@ module JSON
100
100
  end
101
101
 
102
102
  def valid?(signature_base_string, public_key_or_secret)
103
+ public_key_or_secret = case public_key_or_secret
104
+ when JSON::JWK
105
+ public_key_or_secret.to_key
106
+ when JSON::JWK::Set
107
+ public_key_or_secret.detect do |jwk|
108
+ jwk[:kid] && jwk[:kid] == header[:kid]
109
+ end.try(:to_key)
110
+ else
111
+ public_key_or_secret
112
+ end
103
113
  case
104
114
  when hmac?
105
115
  secure_compare sign(signature_base_string, public_key_or_secret), signature
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake