json-jwt 1.7.0 → 1.7.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 61b4b282f2a259c3a3dcf3fcc9f371adde084cf9
4
- data.tar.gz: 4517f92ccc885139f9f99f18c6a6adeef3fa1e0a
3
+ metadata.gz: 01c56798357f94430201cb6c932e657a9230032b
4
+ data.tar.gz: d84243b770cbc03b79d3b8aab2e87f5ef2adc4ff
5
5
  SHA512:
6
- metadata.gz: a44298a97fc02194b067f54b221f9955290de4dcad2e61b5a8d563c5988cf271c58b4a24089ea81e374063eddd0ff03898f1b2d7f96cec057061a525abe3b42e
7
- data.tar.gz: 6b82141707ff644ed163b0de42d2efc784a5dddba3f789077e184b1a840d3f22a26d6d9b3cd33b75b2d600887471842f92cbadc3c2933927b78f617ee3b7539b
6
+ metadata.gz: e57c4b81ca483188c56d890bc6c1fba3270736fe57b9352d93cb567977c9373df27780803ea858c6f0d0f08da3d29d6cbb9ebb879a344db0511b696746beafb7
7
+ data.tar.gz: a183cbc111108d74563d8b3efef7640d47b3910b19008811d43189447f80314e33b383f91450d792071f50323f0a99649a83702df54e40f7516ea81a51ebf85e
@@ -4,8 +4,9 @@ before_install:
4
4
 
5
5
  rvm:
6
6
  - 2.2.2 # NOTE: 2.2.1 or lower aren't supported by activesupport 5.0, CI isn't needed for such legacy versions.
7
- - 2.2.5
8
- - 2.3.1
7
+ - 2.2.6
8
+ - 2.3.3
9
+ - 2.4.0
9
10
 
10
11
  jdk:
11
- - oraclejdk8
12
+ - oraclejdk8
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.7.0
1
+ 1.7.1
@@ -18,7 +18,7 @@ module JSON
18
18
  super params
19
19
  merge! ex_params
20
20
  end
21
- self[:kid] ||= thumbprint rescue nil #ignore
21
+ calculate_default_kid if self[:kid].blank?
22
22
  end
23
23
 
24
24
  def content_type
@@ -64,6 +64,12 @@ module JSON
64
64
  self[:kty].try(:to_sym) == :oct
65
65
  end
66
66
 
67
+ def calculate_default_kid
68
+ self[:kid] = thumbprint
69
+ rescue
70
+ # ignore
71
+ end
72
+
67
73
  def normalize
68
74
  case
69
75
  when rsa?
@@ -1,7 +1,6 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe JSON::JWE do
4
- let(:shared_key) { SecureRandom.hex 32 } # default shared key is too short
5
4
  let(:private_key_path) { der_file_path 'rsa/private_key' }
6
5
 
7
6
  describe '#content_type' do
@@ -248,10 +247,11 @@ describe JSON::JWE do
248
247
 
249
248
  context 'when alg=dir' do
250
249
  let(:alg) { :dir }
251
- let(:key) { shared_key }
250
+ let(:key) { SecureRandom.random_bytes key_size }
252
251
 
253
252
  context 'when enc=A128GCM' do
254
253
  let(:enc) { :A128GCM }
254
+ let(:key_size) { 16 }
255
255
  if gcm_supported?
256
256
  it_behaves_like :decryptable
257
257
  else
@@ -261,6 +261,7 @@ describe JSON::JWE do
261
261
 
262
262
  context 'when enc=A256GCM' do
263
263
  let(:enc) { :A256GCM }
264
+ let(:key_size) { 32 }
264
265
  if gcm_supported?
265
266
  it_behaves_like :decryptable
266
267
  else
@@ -270,12 +271,14 @@ describe JSON::JWE do
270
271
 
271
272
  context 'when enc=A128CBC-HS256' do
272
273
  let(:enc) { :'A128CBC-HS256' }
274
+ let(:key_size) { 32 }
273
275
  it_behaves_like :decryptable
274
276
  it_behaves_like :verify_cbc_authentication_tag
275
277
  end
276
278
 
277
279
  context 'when enc=A256CBC-HS512' do
278
280
  let(:enc) { :'A256CBC-HS512' }
281
+ let(:key_size) { 64 }
279
282
  it_behaves_like :decryptable
280
283
  it_behaves_like :verify_cbc_authentication_tag
281
284
  end
@@ -21,6 +21,12 @@ describe JSON::JWK do
21
21
  end
22
22
  end
23
23
 
24
+ context 'when no imput' do
25
+ it do
26
+ JSON::JWK.new.should be_blank
27
+ end
28
+ end
29
+
24
30
  context 'with OpenSSL::PKey::RSA' do
25
31
  let(:key) { public_key }
26
32
  it_behaves_like :jwk_with_kid
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.0
4
+ version: 1.7.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-12-05 00:00:00.000000000 Z
11
+ date: 2017-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: multi_json
@@ -202,7 +202,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
202
202
  version: '0'
203
203
  requirements: []
204
204
  rubyforge_project:
205
- rubygems_version: 2.5.2
205
+ rubygems_version: 2.6.8
206
206
  signing_key:
207
207
  specification_version: 4
208
208
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and