json-jwt 1.9.2 → 1.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 02a8f8276126a037916b981d30fc38e200f9e378
4
- data.tar.gz: de0acf0db5b5f400b2c8ba49d0e549d718b74568
2
+ SHA256:
3
+ metadata.gz: 9d4b2dfb27f37a7525522312228284729a9f940698bfa3d1b7b3562f94cf998b
4
+ data.tar.gz: 865265a1f3d884476535d0f3c8d3de258db91d9ca4948283b78f4a48cc1023c3
5
5
  SHA512:
6
- metadata.gz: 18b298765ff484588a80e5fefbe9c349e4df237f5d3548f0359884a2b252a67b60116e476df67427655c74d8c0ae160049007df360b6597337c91995af366b65
7
- data.tar.gz: 0e25eebdad2529441d1fb90a93482f354b79533715b191fb812f5d019d6e8d3b41abb59c103c8563df93441d5336f591a0ff724d69fb31a5ed6bfc16aecae5a2
6
+ metadata.gz: eae66e49d8e101e68575ec4a4bf7ac46cef62d151d3dbae4d1a1c17a7a17235f376991c7346c8e46c9605b8028bca41113da7b84d85a52b58a28050e59c586c1
7
+ data.tar.gz: '0295d9284c1fb49c1f29881c915ffacac5f5f9c985f19f2a39c2bc27aac5570102f1f2d07032f62254b88eb3e8133236d4e6d4551235c83ec03c64a324e8593e'
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.9.2
1
+ 1.9.3
@@ -11,7 +11,6 @@ Gem::Specification.new do |gem|
11
11
  gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
12
12
  gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
13
13
  gem.require_paths = ['lib']
14
- gem.add_runtime_dependency 'url_safe_base64'
15
14
  gem.add_runtime_dependency 'activesupport'
16
15
  gem.add_runtime_dependency 'bindata'
17
16
  gem.add_runtime_dependency 'securecompare'
@@ -51,9 +51,9 @@ module JSON
51
51
  else
52
52
  decode_compact_serialized input, key_or_secret, algorithms, encryption_methods
53
53
  end
54
- rescue JSON::ParserError
54
+ rescue JSON::ParserError, ArgumentError
55
55
  raise JWT::InvalidFormat.new("Invalid JSON Format")
56
56
  end
57
57
  end
58
58
  end
59
- end
59
+ end
@@ -32,7 +32,7 @@ module JSON
32
32
  self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
33
33
  cipher.key = encryption_key
34
34
  self.iv = cipher.random_iv # NOTE: 'iv' has to be set after 'key' for GCM
35
- self.auth_data = UrlSafeBase64.encode64 header.to_json
35
+ self.auth_data = Base64.urlsafe_encode64 header.to_json, padding: false
36
36
  cipher.auth_data = auth_data if gcm?
37
37
  self.cipher_text = cipher.update(plain_text) + cipher.final
38
38
  self
@@ -64,7 +64,7 @@ module JSON
64
64
  cipher_text,
65
65
  authentication_tag
66
66
  ].collect do |segment|
67
- UrlSafeBase64.encode64 segment.to_s
67
+ Base64.urlsafe_encode64 segment.to_s, padding: false
68
68
  end.join('.')
69
69
  end
70
70
 
@@ -72,21 +72,21 @@ module JSON
72
72
  case options[:syntax]
73
73
  when :general
74
74
  {
75
- protected: UrlSafeBase64.encode64(header.to_json),
75
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
76
76
  recipients: [{
77
- encrypted_key: UrlSafeBase64.encode64(jwe_encrypted_key)
77
+ encrypted_key: Base64.urlsafe_encode64(jwe_encrypted_key, padding: false)
78
78
  }],
79
- iv: UrlSafeBase64.encode64(iv),
80
- ciphertext: UrlSafeBase64.encode64(cipher_text),
81
- tag: UrlSafeBase64.encode64(authentication_tag)
79
+ iv: Base64.urlsafe_encode64(iv, padding: false),
80
+ ciphertext: Base64.urlsafe_encode64(cipher_text, padding: false),
81
+ tag: Base64.urlsafe_encode64(authentication_tag, padding: false)
82
82
  }
83
83
  else
84
84
  {
85
- protected: UrlSafeBase64.encode64(header.to_json),
86
- encrypted_key: UrlSafeBase64.encode64(jwe_encrypted_key),
87
- iv: UrlSafeBase64.encode64(iv),
88
- ciphertext: UrlSafeBase64.encode64(cipher_text),
89
- tag: UrlSafeBase64.encode64(authentication_tag)
85
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
86
+ encrypted_key: Base64.urlsafe_encode64(jwe_encrypted_key, padding: false),
87
+ iv: Base64.urlsafe_encode64(iv, padding: false),
88
+ ciphertext: Base64.urlsafe_encode64(cipher_text, padding: false),
89
+ tag: Base64.urlsafe_encode64(authentication_tag, padding: false)
90
90
  }
91
91
  end
92
92
  end
@@ -252,7 +252,11 @@ module JSON
252
252
  end
253
253
  jwe = new
254
254
  _header_json_, jwe.jwe_encrypted_key, jwe.iv, jwe.cipher_text, jwe.authentication_tag = input.split('.').collect do |segment|
255
- UrlSafeBase64.decode64 segment
255
+ begin
256
+ Base64.urlsafe_decode64 segment
257
+ rescue ArgumentError
258
+ raise DecryptionFailed
259
+ end
256
260
  end
257
261
  jwe.auth_data = input.split('.').first
258
262
  jwe.header = JSON.parse(_header_json_).with_indifferent_access
@@ -34,7 +34,7 @@ module JSON
34
34
  else
35
35
  raise UnknownAlgorithm.new('Unknown Digest Algorithm')
36
36
  end
37
- UrlSafeBase64.encode64 digest.digest(normalize.to_json)
37
+ Base64.urlsafe_encode64 digest.digest(normalize.to_json), padding: false
38
38
  end
39
39
 
40
40
  def to_key
@@ -98,7 +98,7 @@ module JSON
98
98
  def to_rsa_key
99
99
  e, n, d, p, q, dp, dq, qi = [:e, :n, :d, :p, :q, :dp, :dq, :qi].collect do |key|
100
100
  if self[key]
101
- OpenSSL::BN.new UrlSafeBase64.decode64(self[key]), 2
101
+ OpenSSL::BN.new Base64.urlsafe_decode64(self[key]), 2
102
102
  end
103
103
  end
104
104
  key = OpenSSL::PKey::RSA.new
@@ -132,7 +132,7 @@ module JSON
132
132
  end
133
133
  x, y, d = [:x, :y, :d].collect do |key|
134
134
  if self[key]
135
- UrlSafeBase64.decode64(self[key])
135
+ Base64.urlsafe_decode64(self[key])
136
136
  end
137
137
  end
138
138
  key = OpenSSL::PKey::EC.new curve_name
@@ -5,17 +5,17 @@ module JSON
5
5
  def to_jwk(ex_params = {})
6
6
  params = {
7
7
  kty: :RSA,
8
- e: UrlSafeBase64.encode64(e.to_s(2)),
9
- n: UrlSafeBase64.encode64(n.to_s(2))
8
+ e: Base64.urlsafe_encode64(e.to_s(2), padding: false),
9
+ n: Base64.urlsafe_encode64(n.to_s(2), padding: false)
10
10
  }.merge ex_params
11
11
  if private?
12
12
  params.merge!(
13
- d: UrlSafeBase64.encode64(d.to_s(2)),
14
- p: UrlSafeBase64.encode64(p.to_s(2)),
15
- q: UrlSafeBase64.encode64(q.to_s(2)),
16
- dp: UrlSafeBase64.encode64(dmp1.to_s(2)),
17
- dq: UrlSafeBase64.encode64(dmq1.to_s(2)),
18
- qi: UrlSafeBase64.encode64(iqmp.to_s(2)),
13
+ d: Base64.urlsafe_encode64(d.to_s(2), padding: false),
14
+ p: Base64.urlsafe_encode64(p.to_s(2), padding: false),
15
+ q: Base64.urlsafe_encode64(q.to_s(2), padding: false),
16
+ dp: Base64.urlsafe_encode64(dmp1.to_s(2), padding: false),
17
+ dq: Base64.urlsafe_encode64(dmq1.to_s(2), padding: false),
18
+ qi: Base64.urlsafe_encode64(iqmp.to_s(2), padding: false),
19
19
  )
20
20
  end
21
21
  JWK.new params
@@ -27,10 +27,10 @@ module JSON
27
27
  params = {
28
28
  kty: :EC,
29
29
  crv: curve_name,
30
- x: UrlSafeBase64.encode64([coordinates[:x]].pack('H*')),
31
- y: UrlSafeBase64.encode64([coordinates[:y]].pack('H*'))
30
+ x: Base64.urlsafe_encode64([coordinates[:x]].pack('H*'), padding: false),
31
+ y: Base64.urlsafe_encode64([coordinates[:y]].pack('H*'), padding: false)
32
32
  }.merge ex_params
33
- params[:d] = UrlSafeBase64.encode64([coordinates[:d]].pack('H*')) if private_key?
33
+ params[:d] = Base64.urlsafe_encode64([coordinates[:d]].pack('H*'), padding: false) if private_key?
34
34
  JWK.new params
35
35
  end
36
36
 
@@ -96,7 +96,7 @@ module JSON
96
96
  header.to_json,
97
97
  self.to_json
98
98
  ].collect do |segment|
99
- UrlSafeBase64.encode64 segment
99
+ Base64.urlsafe_encode64 segment, padding: false
100
100
  end.join('.')
101
101
  end
102
102
 
@@ -180,7 +180,7 @@ module JSON
180
180
  raise InvalidFormat.new("Invalid JWS Format. JWS should include #{NUM_OF_SEGMENTS} segments.")
181
181
  end
182
182
  header, claims, signature = input.split('.', JWS::NUM_OF_SEGMENTS).collect do |segment|
183
- UrlSafeBase64.decode64 segment.to_s
183
+ Base64.urlsafe_decode64 segment.to_s
184
184
  end
185
185
  header, claims = [header, claims].collect do |json|
186
186
  JSON.parse(json).with_indifferent_access
@@ -1,5 +1,5 @@
1
1
  require 'openssl'
2
- require 'url_safe_base64'
2
+ require 'base64'
3
3
  require 'active_support'
4
4
  require 'active_support/core_ext'
5
5
  require 'json/jose'
@@ -46,7 +46,7 @@ module JSON
46
46
  self.to_json,
47
47
  signature
48
48
  ].collect do |segment|
49
- UrlSafeBase64.encode64 segment.to_s
49
+ Base64.urlsafe_encode64 segment.to_s, padding: false
50
50
  end.join('.')
51
51
  end
52
52
 
@@ -54,17 +54,17 @@ module JSON
54
54
  case options[:syntax]
55
55
  when :general
56
56
  {
57
- payload: UrlSafeBase64.encode64(self.to_json),
57
+ payload: Base64.urlsafe_encode64(self.to_json, padding: false),
58
58
  signatures: [{
59
- protected: UrlSafeBase64.encode64(header.to_json),
60
- signature: UrlSafeBase64.encode64(signature.to_s)
59
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
60
+ signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
61
61
  }]
62
62
  }
63
63
  when :flattened
64
64
  {
65
- protected: UrlSafeBase64.encode64(header.to_json),
66
- payload: UrlSafeBase64.encode64(self.to_json),
67
- signature: UrlSafeBase64.encode64(signature.to_s)
65
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
66
+ payload: Base64.urlsafe_encode64(self.to_json, padding: false),
67
+ signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
68
68
  }
69
69
  else
70
70
  super
@@ -79,8 +79,8 @@ describe JSON::JWK do
79
79
  let(:jwk) { JSON::JWK.new public_key }
80
80
  it { jwk.keys.collect(&:to_sym).should include :kty, :e, :n }
81
81
  its(:kty) { jwk[:kty].should == :RSA }
82
- its(:e) { jwk[:e].should == UrlSafeBase64.encode64(public_key.e.to_s(2)) }
83
- its(:n) { jwk[:n].should == UrlSafeBase64.encode64(public_key.n.to_s(2)) }
82
+ its(:e) { jwk[:e].should == Base64.urlsafe_encode64(public_key.e.to_s(2), padding: false) }
83
+ its(:n) { jwk[:n].should == Base64.urlsafe_encode64(public_key.n.to_s(2), padding: false) }
84
84
 
85
85
  context 'when kid/use options given' do
86
86
  let(:jwk) { JSON::JWK.new public_key, kid: '12345', use: :sig }
@@ -48,7 +48,7 @@ describe JSON::JWS do
48
48
  describe '#sign!' do
49
49
  shared_examples_for :generate_expected_signature do
50
50
  it do
51
- UrlSafeBase64.encode64(signed.signature).should == expected_signature[alg]
51
+ Base64.urlsafe_encode64(signed.signature, padding: false).should == expected_signature[alg]
52
52
  end
53
53
  end
54
54
  subject { signed }
@@ -279,10 +279,10 @@ describe JSON::JWS do
279
279
  context 'when general' do
280
280
  it 'should return General JWS JSON Serialization' do
281
281
  signed.to_json(syntax: :general).should == {
282
- payload: UrlSafeBase64.encode64(claims.to_json),
282
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
283
283
  signatures: [{
284
- protected: UrlSafeBase64.encode64(signed.header.to_json),
285
- signature: UrlSafeBase64.encode64(signed.signature)
284
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
285
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
286
286
  }]
287
287
  }.to_json
288
288
  end
@@ -290,10 +290,10 @@ describe JSON::JWS do
290
290
  context 'when not signed yet' do
291
291
  it 'should not fail' do
292
292
  jws.to_json(syntax: :general).should == {
293
- payload: UrlSafeBase64.encode64(claims.to_json),
293
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
294
294
  signatures: [{
295
- protected: UrlSafeBase64.encode64(jws.header.to_json),
296
- signature: UrlSafeBase64.encode64('')
295
+ protected: Base64.urlsafe_encode64(jws.header.to_json, padding: false),
296
+ signature: Base64.urlsafe_encode64('', padding: false)
297
297
  }]
298
298
  }.to_json
299
299
  end
@@ -303,18 +303,18 @@ describe JSON::JWS do
303
303
  context 'when flattened' do
304
304
  it 'should return Flattened JWS JSON Serialization' do
305
305
  signed.to_json(syntax: :flattened).should == {
306
- protected: UrlSafeBase64.encode64(signed.header.to_json),
307
- payload: UrlSafeBase64.encode64(claims.to_json),
308
- signature: UrlSafeBase64.encode64(signed.signature)
306
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
307
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
308
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
309
309
  }.to_json
310
310
  end
311
311
 
312
312
  context 'when not signed yet' do
313
313
  it 'should not fail' do
314
314
  jws.to_json(syntax: :flattened).should == {
315
- protected: UrlSafeBase64.encode64(jws.header.to_json),
316
- payload: UrlSafeBase64.encode64(claims.to_json),
317
- signature: UrlSafeBase64.encode64('')
315
+ protected: Base64.urlsafe_encode64(jws.header.to_json, padding: false),
316
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
317
+ signature: Base64.urlsafe_encode64('', padding: false)
318
318
  }.to_json
319
319
  end
320
320
  end
@@ -202,7 +202,7 @@ describe JSON::JWT do
202
202
  header, payload, signature = jws.to_s.split('.')
203
203
  malformed_header = {alg: :none}.to_json
204
204
  [
205
- UrlSafeBase64.encode64(malformed_header),
205
+ Base64.urlsafe_encode64(malformed_header, padding: false),
206
206
  payload,
207
207
  ''
208
208
  ].join('.')
@@ -226,7 +226,7 @@ describe JSON::JWT do
226
226
  header, payload, signature = jws.to_s.split('.')
227
227
  malformed_header = {alg: :none}.to_json
228
228
  [
229
- UrlSafeBase64.encode64(malformed_header),
229
+ Base64.urlsafe_encode64(malformed_header, padding: false),
230
230
  payload,
231
231
  ''
232
232
  ].join('.')
@@ -246,12 +246,12 @@ describe JSON::JWT do
246
246
  malformed_signature = OpenSSL::HMAC.digest(
247
247
  OpenSSL::Digest.new('SHA256'),
248
248
  public_key.to_s,
249
- [UrlSafeBase64.encode64(malformed_header), payload].join('.')
249
+ [Base64.urlsafe_encode64(malformed_header, padding: false), payload].join('.')
250
250
  )
251
251
  [
252
- UrlSafeBase64.encode64(malformed_header),
252
+ Base64.urlsafe_encode64(malformed_header, padding: false),
253
253
  payload,
254
- UrlSafeBase64.encode64(malformed_signature)
254
+ Base64.urlsafe_encode64(malformed_signature, padding: false)
255
255
  ].join('.')
256
256
  end
257
257
 
@@ -276,14 +276,14 @@ describe JSON::JWT do
276
276
  digest = OpenSSL::Digest.new('SHA256')
277
277
  malformed_signature = private_key.sign_pss(
278
278
  digest,
279
- [UrlSafeBase64.encode64(malformed_header), payload].join('.'),
279
+ [Base64.urlsafe_encode64(malformed_header, padding: false), payload].join('.'),
280
280
  salt_length: :digest,
281
281
  mgf1_hash: digest
282
282
  )
283
283
  [
284
- UrlSafeBase64.encode64(malformed_header),
284
+ Base64.urlsafe_encode64(malformed_header, padding: false),
285
285
  payload,
286
- UrlSafeBase64.encode64(malformed_signature)
286
+ Base64.urlsafe_encode64(malformed_signature, padding: false)
287
287
  ].join('.')
288
288
  end
289
289
 
@@ -310,12 +310,12 @@ describe JSON::JWT do
310
310
  malformed_header = {alg: :RS512}.to_json
311
311
  malformed_signature = private_key.sign(
312
312
  OpenSSL::Digest.new('SHA512'),
313
- [UrlSafeBase64.encode64(malformed_header), payload].join('.')
313
+ [Base64.urlsafe_encode64(malformed_header, padding: false), payload].join('.')
314
314
  )
315
315
  [
316
- UrlSafeBase64.encode64(malformed_header),
316
+ Base64.urlsafe_encode64(malformed_header, padding: false),
317
317
  payload,
318
- UrlSafeBase64.encode64(malformed_signature)
318
+ Base64.urlsafe_encode64(malformed_signature, padding: false)
319
319
  ].join('.')
320
320
  end
321
321
 
@@ -377,10 +377,10 @@ describe JSON::JWT do
377
377
  context 'when general' do
378
378
  let(:serialized) do
379
379
  {
380
- payload: UrlSafeBase64.encode64(claims.to_json),
380
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
381
381
  signatures: [{
382
- protected: UrlSafeBase64.encode64(signed.header.to_json),
383
- signature: UrlSafeBase64.encode64(signed.signature)
382
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
383
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
384
384
  }]
385
385
  }
386
386
  end
@@ -390,9 +390,9 @@ describe JSON::JWT do
390
390
  context 'when flattened' do
391
391
  let(:serialized) do
392
392
  {
393
- protected: UrlSafeBase64.encode64(signed.header.to_json),
394
- payload: UrlSafeBase64.encode64(claims.to_json),
395
- signature: UrlSafeBase64.encode64(signed.signature)
393
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
394
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
395
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
396
396
  }
397
397
  end
398
398
  it_behaves_like :json_serialization_parser
@@ -465,7 +465,7 @@ describe JSON::JWT do
465
465
  context 'when too many dots' do
466
466
  it do
467
467
  expect do
468
- JSON::JWT.decode 'header.payload.signature.something.wrong'
468
+ JSON::JWT.decode 'header.payload.signature.too.many.dots'
469
469
  end.to raise_error JSON::JWT::InvalidFormat
470
470
  end
471
471
  end
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.2
4
+ version: 1.9.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-27 00:00:00.000000000 Z
11
+ date: 2018-04-27 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: url_safe_base64
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - ">="
18
- - !ruby/object:Gem::Version
19
- version: '0'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - ">="
25
- - !ruby/object:Gem::Version
26
- version: '0'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: activesupport
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -202,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
202
188
  version: '0'
203
189
  requirements: []
204
190
  rubyforge_project:
205
- rubygems_version: 2.6.13
191
+ rubygems_version: 2.7.3
206
192
  signing_key:
207
193
  specification_version: 4
208
194
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and