json-jwt 1.5.0 → 1.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/json/jwk.rb +0 -9
- data/lib/json/jwt.rb +0 -7
- data/spec/json/jwk_spec.rb +0 -86
- data/spec/json/jws_spec.rb +2 -2
- data/spec/json/jwt_spec.rb +0 -50
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6c556b283e2c0c8c4d09eb134c300bad571d22fe
|
|
4
|
+
data.tar.gz: 54ebd68df1a534dc5499c9176b67767c54922e50
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: bf0549d83a08baaffad7e7df06f591e7ea3fc983b165747d87e23995a42a55e1c3b0d6366ef0a269787822449f0d478a5d69f226f11ef93cdc583489509d9f3d
|
|
7
|
+
data.tar.gz: 92af636c0e452cbfca9a3445d285b2b7c6399c281190a542fe8a5a0432120cb979ab259c14506a058f1d688ad856b5e5ef0f86d00d803fbfd74593e519fc3e73
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.5.
|
|
1
|
+
1.5.1
|
data/lib/json/jwk.rb
CHANGED
|
@@ -127,14 +127,5 @@ module JSON
|
|
|
127
127
|
)
|
|
128
128
|
key
|
|
129
129
|
end
|
|
130
|
-
|
|
131
|
-
class << self
|
|
132
|
-
def decode(jwk)
|
|
133
|
-
# NOTE:
|
|
134
|
-
# returning OpenSSL::PKey::RSA/EC instance for backward compatibility.
|
|
135
|
-
# use `new` if you want JSON::JWK instance.
|
|
136
|
-
new(jwk).to_key
|
|
137
|
-
end
|
|
138
|
-
end
|
|
139
130
|
end
|
|
140
131
|
end
|
data/lib/json/jwt.rb
CHANGED
|
@@ -32,13 +32,6 @@ module JSON
|
|
|
32
32
|
jws.sign! private_key_or_secret
|
|
33
33
|
end
|
|
34
34
|
|
|
35
|
-
# NOTE: keeping for backward compatibility
|
|
36
|
-
def verify(signature_base_string, public_key_or_secret = nil)
|
|
37
|
-
jws = JWS.new self
|
|
38
|
-
jws.signature_base_string = signature_base_string
|
|
39
|
-
jws.verify! public_key_or_secret
|
|
40
|
-
end
|
|
41
|
-
|
|
42
35
|
def encrypt(public_key_or_secret, algorithm = :RSA1_5, encryption_method = :'A128CBC-HS256')
|
|
43
36
|
jwe = JWE.new self
|
|
44
37
|
jwe.alg = algorithm
|
data/spec/json/jwk_spec.rb
CHANGED
|
@@ -163,90 +163,4 @@ describe JSON::JWK do
|
|
|
163
163
|
end.to raise_error JSON::JWK::UnknownAlgorithm, 'Unknown Key Type'
|
|
164
164
|
end
|
|
165
165
|
end
|
|
166
|
-
|
|
167
|
-
describe '.decode' do
|
|
168
|
-
context 'when RSA' do
|
|
169
|
-
subject do
|
|
170
|
-
JSON::JWK.decode(
|
|
171
|
-
kty: :RSA,
|
|
172
|
-
n: n,
|
|
173
|
-
e: e
|
|
174
|
-
)
|
|
175
|
-
end
|
|
176
|
-
let(:e) { 'AQAB' }
|
|
177
|
-
let(:n) { 'AK8ppaAGn6N3jDic2DhDN5mI5mWzvhfL1AFZOS9q2EBM8L5sjZbYiaHeNoKillZGmEF9a9g6Z20bDnoHTuHPsx93HYkZqPumFZ8K9lLCbqKAMWw2Qgk10RgrZ-kblJotTBCeer9-tZSWO-OWFzP4gp8MpSuQOQbwTJwDgEkFIQLUK2YgzWbn1PoW8xcfbVyWhZD880ELGRW6GhRgYAl0DN_EQS8kyUa0CusYCzOOg2W3-7qjYeojyP6jiOEr-eyjC7hcUvTVoTfz84BiZv72KS3i5JS8ZNNuRp5Ce51wjoDDUoNxDLWv6Da6qMaGpKz6NTSNbvhE_KFhpp4wf5yRQD8=' }
|
|
178
|
-
let(:pem) do
|
|
179
|
-
<<-PEM.strip_heredoc
|
|
180
|
-
-----BEGIN PUBLIC KEY-----
|
|
181
|
-
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArymloAafo3eMOJzYOEM3
|
|
182
|
-
mYjmZbO+F8vUAVk5L2rYQEzwvmyNltiJod42gqKWVkaYQX1r2DpnbRsOegdO4c+z
|
|
183
|
-
H3cdiRmo+6YVnwr2UsJuooAxbDZCCTXRGCtn6RuUmi1MEJ56v361lJY745YXM/iC
|
|
184
|
-
nwylK5A5BvBMnAOASQUhAtQrZiDNZufU+hbzFx9tXJaFkPzzQQsZFboaFGBgCXQM
|
|
185
|
-
38RBLyTJRrQK6xgLM46DZbf7uqNh6iPI/qOI4Sv57KMLuFxS9NWhN/PzgGJm/vYp
|
|
186
|
-
LeLklLxk025GnkJ7nXCOgMNSg3EMta/oNrqoxoakrPo1NI1u+ET8oWGmnjB/nJFA
|
|
187
|
-
PwIDAQAB
|
|
188
|
-
-----END PUBLIC KEY-----
|
|
189
|
-
PEM
|
|
190
|
-
end
|
|
191
|
-
|
|
192
|
-
it { should be_instance_of OpenSSL::PKey::RSA }
|
|
193
|
-
its(:to_pem) { should == pem }
|
|
194
|
-
|
|
195
|
-
it 'should support string keys' do
|
|
196
|
-
JSON::JWK.decode(
|
|
197
|
-
'kty' => 'RSA',
|
|
198
|
-
'n' => n,
|
|
199
|
-
'e' => e
|
|
200
|
-
).should be_instance_of OpenSSL::PKey::RSA
|
|
201
|
-
end
|
|
202
|
-
end
|
|
203
|
-
|
|
204
|
-
context 'when ECDSA' do
|
|
205
|
-
[{
|
|
206
|
-
alg: 'EC',
|
|
207
|
-
crv: 'P-256',
|
|
208
|
-
kty: 'EC',
|
|
209
|
-
x: 'saPyrO4Lh9kh2FxrF9y1QVmZznWnRRJwpr12UHqzrVY',
|
|
210
|
-
y: 'MMz4W9zzqlrJhqr-JyrpvlnaIIyZQE6DfrgPkxMAw1M'
|
|
211
|
-
}, {
|
|
212
|
-
alg: 'EC',
|
|
213
|
-
crv: 'P-384',
|
|
214
|
-
kty: 'EC',
|
|
215
|
-
x: 'plzApyFnK7qzhg5XnIZbFj2hZoH2Vdl4-RFm7DnsNMG9tyqrpfq2RyjfKABbcFRt',
|
|
216
|
-
y: 'ixBzffhk3fcbmeipGLkvQBNCzeNm6QL3hOUTH6IFBzOL0Y7HsGTopNTTspLjlivb'
|
|
217
|
-
}, {
|
|
218
|
-
alg: 'EC',
|
|
219
|
-
crv: 'P-521',
|
|
220
|
-
kty: 'EC',
|
|
221
|
-
x: 'AcMCD-a0a6rnE9TvC0mOqF_DGXRg5Y3iTb4eHNwTm2kD6iujx9M_f8d_FGHr0OhpqzEn4rYPYZouGsbIPEgL0q__',
|
|
222
|
-
y: 'AULYEd8l-bV_BI289aezhSLZ1RDF2ltgDPEy9Y7YtqYa4cJcpiyzVDMpXWwBp6cjg6TXINkoVrVXZhN404ihu4I2'
|
|
223
|
-
}].each do |jwk|
|
|
224
|
-
describe jwk['crv'] do
|
|
225
|
-
it do
|
|
226
|
-
JSON::JWK.decode(jwk).should be_instance_of OpenSSL::PKey::EC
|
|
227
|
-
end
|
|
228
|
-
end
|
|
229
|
-
end
|
|
230
|
-
end
|
|
231
|
-
|
|
232
|
-
context 'when invalid algorithm' do
|
|
233
|
-
it do
|
|
234
|
-
expect do
|
|
235
|
-
JSON::JWK.decode(
|
|
236
|
-
kty: :XXX
|
|
237
|
-
)
|
|
238
|
-
end.to raise_error JSON::JWK::UnknownAlgorithm
|
|
239
|
-
end
|
|
240
|
-
end
|
|
241
|
-
|
|
242
|
-
context 'when no algorithm' do
|
|
243
|
-
it do
|
|
244
|
-
expect do
|
|
245
|
-
JSON::JWK.decode(
|
|
246
|
-
x: :x
|
|
247
|
-
)
|
|
248
|
-
end.to raise_error JSON::JWK::UnknownAlgorithm
|
|
249
|
-
end
|
|
250
|
-
end
|
|
251
|
-
end
|
|
252
166
|
end
|
data/spec/json/jws_spec.rb
CHANGED
|
@@ -154,7 +154,7 @@ describe JSON::JWS do
|
|
|
154
154
|
end
|
|
155
155
|
end
|
|
156
156
|
|
|
157
|
-
describe '#verify' do
|
|
157
|
+
describe '#verify!' do
|
|
158
158
|
shared_examples_for :success_signature_verification do
|
|
159
159
|
it do
|
|
160
160
|
expect { decoded }.not_to raise_error
|
|
@@ -259,7 +259,7 @@ describe JSON::JWS do
|
|
|
259
259
|
let(:alg) { :unknown }
|
|
260
260
|
it do
|
|
261
261
|
expect do
|
|
262
|
-
jws.verify
|
|
262
|
+
jws.verify! 'key'
|
|
263
263
|
end.to raise_error JSON::JWS::UnexpectedAlgorithm
|
|
264
264
|
end
|
|
265
265
|
end
|
data/spec/json/jwt_spec.rb
CHANGED
|
@@ -49,56 +49,6 @@ describe JSON::JWT do
|
|
|
49
49
|
end
|
|
50
50
|
end
|
|
51
51
|
|
|
52
|
-
describe '#verify' do
|
|
53
|
-
context 'when not signed nor encrypted' do
|
|
54
|
-
let(:jwt) do
|
|
55
|
-
header_base64, claims_base64, signature = no_signed.split('.', 3).collect do |segment|
|
|
56
|
-
UrlSafeBase64.decode64 segment.to_s
|
|
57
|
-
end
|
|
58
|
-
header, claims = [header_base64, claims_base64].collect do |json|
|
|
59
|
-
MultiJson.load(json).with_indifferent_access
|
|
60
|
-
end
|
|
61
|
-
jwt = JSON::JWT.new claims
|
|
62
|
-
jwt.header = header
|
|
63
|
-
jwt.signature = signature
|
|
64
|
-
jwt
|
|
65
|
-
end
|
|
66
|
-
let(:signature_base_string) { no_signed.split('.', 3)[0,2].join('.') }
|
|
67
|
-
|
|
68
|
-
context 'when no signature nor public_key_or_secret given' do
|
|
69
|
-
it do
|
|
70
|
-
jwt.verify(signature_base_string).should == true
|
|
71
|
-
end
|
|
72
|
-
end
|
|
73
|
-
|
|
74
|
-
context 'when public_key_or_secret given' do
|
|
75
|
-
it do
|
|
76
|
-
expect do
|
|
77
|
-
jwt.verify signature_base_string, 'secret'
|
|
78
|
-
end.to raise_error JSON::JWT::UnexpectedAlgorithm
|
|
79
|
-
end
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
context 'when signature given' do
|
|
83
|
-
before { jwt.signature = 'signature' }
|
|
84
|
-
|
|
85
|
-
it do
|
|
86
|
-
expect do
|
|
87
|
-
jwt.verify signature_base_string
|
|
88
|
-
end.to raise_error JSON::JWT::VerificationFailed
|
|
89
|
-
end
|
|
90
|
-
end
|
|
91
|
-
end
|
|
92
|
-
|
|
93
|
-
context 'when signed' do
|
|
94
|
-
it 'should delegate verification to JWS' do
|
|
95
|
-
expect(jws).to receive(:verify!)
|
|
96
|
-
expect(JSON::JWS).to receive(:new).and_return(jws)
|
|
97
|
-
jwt.verify 'shared_secret'
|
|
98
|
-
end
|
|
99
|
-
end
|
|
100
|
-
end
|
|
101
|
-
|
|
102
52
|
describe '#encrypt' do
|
|
103
53
|
let(:shared_key) { SecureRandom.hex 16 } # default shared key is too short
|
|
104
54
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.5.
|
|
4
|
+
version: 1.5.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-09-
|
|
11
|
+
date: 2015-09-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: multi_json
|