json-jwt 1.7.2 → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/VERSION +1 -1
  3. data/json-jwt.gemspec +0 -1
  4. data/lib/json/jose.rb +1 -1
  5. data/lib/json/jwe.rb +4 -11
  6. data/lib/json/jws.rb +1 -1
  7. data/lib/json/jwt.rb +0 -1
  8. data/spec/spec_helper.rb +3 -1
  9. metadata +2 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 46d454bd2e6047b03449919478ce749c216d507f
4
- data.tar.gz: 8bb092a222022eb55a515b336c3f23efb7d6dbc8
3
+ metadata.gz: e6b7a5b50715a737924990c594c6c250ec31f59d
4
+ data.tar.gz: 64dd632640ef8abe3c445c016fe5771e722d7bdc
5
5
  SHA512:
6
- metadata.gz: '0588ce6501e5f3dc41e11d27c6c93113cb7758b2d6c4a44e840406a0cddb873357adb7f63b00ccb584811ac57d39a1bfe90bfc7510673ddef1a996383d8bab6f'
7
- data.tar.gz: 8b96d92f4291a7e3565a69ca46da45b8fdb913a5c04b8c980ddbb3f2b8b71ee52b7fcb9d240355e9313ae2786a7e2ee92efc8b564c429567c555a8363da87508
6
+ metadata.gz: 703cb245eba43a33a0c7127d3692edb293ce08d174da433e8e4f03c6d3419ebefc9f8367f231231129fd6f8bc07db0c4c3a884f2dfc92eb9e430d339c4b90411
7
+ data.tar.gz: 49e2fe3619e3d0e539fa42ac515643a710ec7f6011dc25051acc5b7c4d90f8ebefdc3d5ddfae731bb62a0c0f223cde260e447e1a486855f88d7c2dabaff757a4
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.7.2
1
+ 1.8.0
data/json-jwt.gemspec CHANGED
@@ -11,7 +11,6 @@ Gem::Specification.new do |gem|
11
11
  gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
12
12
  gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
13
13
  gem.require_paths = ["lib"]
14
- gem.add_runtime_dependency "multi_json", ">= 1.3"
15
14
  gem.add_runtime_dependency "url_safe_base64"
16
15
  gem.add_runtime_dependency "activesupport"
17
16
  gem.add_runtime_dependency "bindata"
data/lib/json/jose.rb CHANGED
@@ -51,7 +51,7 @@ module JSON
51
51
  else
52
52
  decode_compact_serialized input, key_or_secret
53
53
  end
54
- rescue MultiJson::DecodeError
54
+ rescue JSON::ParserError
55
55
  raise JWT::InvalidFormat.new("Invalid JSON Format")
56
56
  end
57
57
  end
data/lib/json/jwe.rb CHANGED
@@ -92,10 +92,6 @@ module JSON
92
92
 
93
93
  # common
94
94
 
95
- def gcm_supported?
96
- RUBY_VERSION >= '2.0.0' && OpenSSL::OPENSSL_VERSION >= 'OpenSSL 1.0.1'
97
- end
98
-
99
95
  def gcm?
100
96
  [:A128GCM, :A256GCM].include? encryption_method.try(:to_sym)
101
97
  end
@@ -109,11 +105,8 @@ module JSON
109
105
  end
110
106
 
111
107
  def cipher
112
- @cipher ||= if gcm? && !gcm_supported?
113
- raise UnexpectedAlgorithm.new('AEC GCM requires Ruby 2.0+ and OpenSSL 1.0.1c+')
114
- else
115
- OpenSSL::Cipher.new cipher_name
116
- end
108
+ raise "#{cipher_name} isn't supported" unless OpenSSL::Cipher.ciphers.include?(cipher_name)
109
+ @cipher ||= OpenSSL::Cipher.new cipher_name
117
110
  end
118
111
 
119
112
  def cipher_name
@@ -263,7 +256,7 @@ module JSON
263
256
  UrlSafeBase64.decode64 segment
264
257
  end
265
258
  jwe.auth_data = input.split('.').first
266
- jwe.header = MultiJson.load(_header_json_).with_indifferent_access
259
+ jwe.header = JSON.load(_header_json_).with_indifferent_access
267
260
  jwe.decrypt! private_key_or_secret unless private_key_or_secret == :skip_decryption
268
261
  jwe
269
262
  end
@@ -286,4 +279,4 @@ module JSON
286
279
  end
287
280
  end
288
281
  end
289
- end
282
+ end
data/lib/json/jws.rb CHANGED
@@ -140,7 +140,7 @@ module JSON
140
140
  UrlSafeBase64.decode64 segment.to_s
141
141
  end
142
142
  header, claims = [header, claims].collect do |json|
143
- MultiJson.load(json).with_indifferent_access
143
+ JSON.load(json).with_indifferent_access
144
144
  end
145
145
  jws = new claims
146
146
  jws.header = header
data/lib/json/jwt.rb CHANGED
@@ -1,6 +1,5 @@
1
1
  require 'openssl'
2
2
  require 'url_safe_base64'
3
- require 'multi_json'
4
3
  require 'active_support'
5
4
  require 'active_support/core_ext'
6
5
  require 'json/jose'
data/spec/spec_helper.rb CHANGED
@@ -15,7 +15,9 @@ RSpec.configure do |config|
15
15
  end
16
16
 
17
17
  def gcm_supported?
18
- RUBY_VERSION >= '2.0.0' && OpenSSL::OPENSSL_VERSION >= 'OpenSSL 1.0.1'
18
+ ['aes-128-gcm', 'aes-128-gcm'].all? do |alg|
19
+ OpenSSL::Cipher.ciphers.include? alg
20
+ end
19
21
  end
20
22
 
21
23
  require 'helpers/sign_key_fixture_helper'
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.2
4
+ version: 1.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-05-29 00:00:00.000000000 Z
11
+ date: 2017-11-06 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: multi_json
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - ">="
18
- - !ruby/object:Gem::Version
19
- version: '1.3'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - ">="
25
- - !ruby/object:Gem::Version
26
- version: '1.3'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: url_safe_base64
29
15
  requirement: !ruby/object:Gem::Requirement