json-jwt 0.0.0 → 0.0.1

data/.travis.yml

@@ -2,5 +2,4 @@ rvm:
   - 1.8.7
   - 1.9.2
   - 1.9.3
-  - jruby
-  - ree
+  - jruby

data/Gemfile.lock

@@ -0,0 +1,33 @@
+PATH
+  remote: .
+  specs:
+    json-jwt (0.0.0)
+      json (>= 1.4.3)
+      url_safe_base64
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    diff-lcs (1.1.3)
+    json (1.6.0)
+    rake (0.9.2)
+    rcov (0.9.10)
+    rspec (2.6.0)
+      rspec-core (~> 2.6.0)
+      rspec-expectations (~> 2.6.0)
+      rspec-mocks (~> 2.6.0)
+    rspec-core (2.6.4)
+    rspec-expectations (2.6.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.6.0)
+    url_safe_base64 (0.2.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  jruby-openssl (>= 0.7)
+  json-jwt!
+  rake (>= 0.8)
+  rcov (>= 0.9)
+  rspec (>= 2)

data/VERSION

@@ -1 +1 @@
-0.0.0
+0.0.1

data/lib/json/jws.rb

@@ -2,7 +2,7 @@ module JSON
   class JWS < JWT
     def initialize(jwt)
       @header = jwt.header
-      @claim  = jwt.claim
+      replace jwt
     end
 
     def sign(private_key_or_secret, algorithm)
@@ -33,7 +33,7 @@ module JSON
     def signature_base_string
       [
         header.to_json,
-        claim.to_json
+        self.to_json
       ].collect do |segment|
         UrlSafeBase64.encode64 segment
       end.join('.')

data/lib/json/jwt.rb

@@ -3,8 +3,8 @@ require 'url_safe_base64'
 require 'json'
 
 module JSON
-  class JWT
-    attr_accessor :header, :claim, :signature
+  class JWT < Hash
+    attr_accessor :header, :signature
 
     def initialize(claim)
       @header = {
@@ -16,7 +16,7 @@ module JSON
           claim[key] = claim[key].to_i
         end
       end
-      @claim = claim
+      replace claim
     end
 
     def sign(private_key_or_secret, algorithm = :RS256)
@@ -26,7 +26,7 @@ module JSON
     def to_s
       [
         header.to_json,
-        claim.to_json,
+        self.to_json,
         signature
       ].collect do |segment|
         UrlSafeBase64.encode64 segment.to_s

data/spec/fixtures/rsa/private_key.pem

@@ -0,0 +1,30 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: AES-256-CBC,A6B5D10FFA23D7BC66CE4FB46B754E8C
+
+gvYFJmzetWSwpf1Ut6USm4IReFLA6bpp5nVUfU2Xa9dJmrCu0cTupTkdzNmGp14/
+mzeT/a5WplK1hWV41Y7bLm57hOpaoxbEx2h3IW9cxuqgAp422AbafRu6hEvjUONO
+qUEm63I4d7/FKo0he4IVVx0UHaX5eEq8pdY1AZR9+fqlxWvjpgZlB0anT3AMpfVL
+CY4sGc/Es14M9A4zUpOkp+09PbV3WNG8A4G4IJA3wx6tYBxrd2866Te2ccP6/BL8
+HA2uoqeD+70ziybvd//CtGAD1xoTDvOCwzXXT5A4fCuec3apFp8O6WyJ63ao99R4
+E0r6AvD4iOkLMC8K2YUSc1zFLJAkhlfhBb8qFbXOwOomazWf2Z8rDtkP1VCfB9gC
+W6oYRBOyVUkbaBSBOOPBJtxjuTL/cJBvFhn6r0zdC67g0CD4cabMPd1VY92lUVbl
+JvE9CouDB5O39jwfpgfxo3kGev2UzwRze9U2uw6EdYIUB/ixyC8/5BoN8lKZXdTn
+7vQBmcBsC3boMqQiq2c/dVGW7yrt/Y4q8wq9aGFwdBAY1pYhRlOZ0MwFmlAJKOzo
+Y3i2OILtPM0sdfqIeAvrwicQULGAzLGEhecDOQ1r0GwZRy5/Sl3ILxKMW8ngdaK4
+iNDM56u6F9dwqqArrZDZgkfwnKakXU2ZbltSOWTCleCfYrc1D75Yw3FHKcWozB/l
+uyMTIqzBXzO6OiNDUv7zAE1xzVaV+VeBH/5KGx18dAuRP3TnpYltGSUVDyGk9FX7
+m7nhvkqOcFJMHOGdTjt2Ff9Ibn3rgCEFI0CjCwcJPo2ym1Zox8GfP0/nXk3p/oWV
+ebBTvS+yc9HaSm2Al77GDXEwY7NDcTef+3kEtQHpesS+xmC8mFtMEKV8vifXEhpt
+iNp6gtsfDMtFmrFXCADTaUD1WBmhJQtYUsGsoQ75c5zzUHU93BOswBe2KODCA3Ie
+X3XKvHTjGw3wjWJvLcnL3EgcHDL1x7ehIA5UgvHFixmkx5D91uIdq4YDMt6xERle
+JgeLKF9g1qCl9wmxqT4T1J9h9LGMQQEUhth0uTFr6bEpzgg6hFTrPDaI8dOMlcgu
+ctOH2wFZgRMfrykGIs53rwF4pL+8iy+pakaRRAVTaZIX2CL2dThy0283jTVu9dNn
+f/Zfu5mNlvsRcXlZMgTy0UMBpXeLMjaWyd+JeAnAeZxO3/ID/Ppg6vcc0Wn8XyB5
+YUOIQe+Rc0jJnB1zqjww2cB6H5Ke3GjktQqrulHFfEYbn7lj8WLVgDLmellFNOxX
+k9H2sta5SN/t3fN3oBO0A6JyotQOiBE54yHVpgoc+PBlcrpoOxSZx67lprD+WnlV
+Ynnf6qIrR9NxgYN00Elzj9KP9OT1ufFrMQ0BnW4EWdFLCScGLsZVlmBKPrtHwK3N
+FSy3JFMJcpymgNas5+bqIyZGqAZREHH3AWhc2TVl1Kt11g6PZWm3dSafT6SlqgyP
+Z7OcBEnWr+ZhDeJfnAXrn5siah9eXuT0KtQWlqpSn76dExlfz16Da/3xBtO4ceyz
+Lk4gzZ1QjP1ZvjarWOIEtkT7eiWaCQHYNVbvFRu5wo98o/KwO3xaPTDN9LCZKGhR
+-----END RSA PRIVATE KEY-----

data/spec/fixtures/rsa/public_key.pem

@@ -0,0 +1,8 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAx9vNhcvSrxjsegZAAo4OEuoZOV/oxINEeWneJYczS80/bQ1J6lSS
+J81qecxXAzCLPlvsFoP4eeUNXSt/G7hP7SAM479N+kY/MzbihJ5LRY9sRzLbQTMe
+qsmDAmmQe4y3Ke3bvd70r8VOmo5pqM3IPLGwBkTRTQmyRsDQArilg6WtxDUgy5ol
+2STHFA8E1iCReh9bck8ZaLxzVhYRXZ0nuOKWGRMppocPlp55HVohOItUZh7uSCch
+LcVAZuhTTNaDLtLIJ6G0yNJvfEieJUhA8wGBoPhD3LMQwQMxTMerpjZhP/qjm6Gg
+eWpKf+iVil86/PSy/z0Vw06/rD0sfXPtlQIDAQAB
+-----END RSA PUBLIC KEY-----

data/spec/helpers/sign_key_fixture_helper.rb

@@ -0,0 +1,30 @@
+module SignKeyFixtureHelper
+  def shared_secret
+    'shared-secret'
+  end
+
+  def pem_file(file_name)
+    File.new(
+      File.join(
+        File.dirname(__FILE__),
+        '../fixtures/rsa',
+        "#{file_name}.pem"
+      )
+    )
+  end
+
+  def private_key
+    OpenSSL::PKey::RSA.new(
+      pem_file('private_key'),
+      'pass-phrase'
+    )
+  end
+
+  def public_key
+    OpenSSL::PKey::RSA.new(
+      pem_file('public_key')
+    )
+  end
+end
+
+include SignKeyFixtureHelper

data/spec/json/jws_spec.rb

@@ -0,0 +1,74 @@
+require 'spec_helper'
+
+describe JSON::JWS do
+  let(:jwt) { JSON::JWT.new claim }
+  let(:jws) { JSON::JWS.new jwt }
+  let(:claim) do
+    {
+      :iss => 'joe',
+      :exp => 1300819380,
+      'http://example.com/is_root' => true
+    }
+  end
+
+  shared_examples_for :jwt_with_alg do
+    it { should == jwt }
+    its(:header) { should == jwt.header }
+  end
+
+  context 'before sign' do
+    subject { jws }
+    it_behaves_like :jwt_with_alg
+    its(:signature) { should be_nil }
+  end
+
+  describe '#sign' do
+    shared_examples_for :jwt_with_expected_signature do
+      it 'should generate expected signature' do
+        UrlSafeBase64.encode64(signed.signature).should == expected_signature[alg]
+      end
+    end
+    let(:expected_signature) {
+      {
+        :HS256 => 'DyuTgO2Ggb5nrhkkhI-RjVYIBe3o8oL4ijkAn94YPxQ',
+        :HS384 => 'a5-7rr61TG8Snv9xxJ7l064ky-SCq1Mswe9t8HEorvoc_nnfIeUy9WQCLMIli34R',
+        :HS512 => 'ce-GlHDaNwaHfmAFRGp3QPPKvrpruTug2hC1bf6yNlbuvkMwJw2jFZgq_4wmIPetRdiBy7XFq7rrtmw1Im7tmQ',
+        :RS256 => 'E5VELqAdla2Bx1axc9KFxO0EiCr0Mw6HPYX070qGQ8zA_XmyxGPUZLyyWU_6Cn399W-oYBWO2ynLlr8pqqjP3jXevyCeYeGRVN0HzLYiBebEugNnc3hevr7WV2UzfksWRA-Ux2bDv2sz9p_LGbL33wWNxGDvIlpDyZUul_a48nCipS0riBjkTLTSE8dfBxQTXEF5GEUUu99ot6aBLzUhc25nHXSXogXF6MHK-hAcE7f4v-vJ0lbPbHLVGUopIoxoqe4XjoBpzE5UvhrVl5LYbdjbyJhu5ZIA8GLsgwtUFh3dfdIechORoR3k5NSFSv8157bAEa8t4iwgWD2MSNSQnw',
+        :RS384 => 'lT5JbytGKgG9QrwkJuxgw7UjmN9tjkEQW9pVGR2XnKEdC0_wLNIzAmT-jTwyMDGBLUkWO7opDOP6Xy6_DOTg58k9PwVkyQzrLnmxJMEng2Q-aMqcitRSIvUk3DPy8kemp8yUPls9NzWmByM2GoUVHbDsR0r-tZN-g_9QYev32mvMhjMr30JI5S2xiRjc9m2GAaXMOQmNTovJgV4bgCp4UjruCrA0BD1JJwDqKYoR_YYr_ALcVjD_LUgy80udJvbi8MAYJVUf0QYtQDrX2wnT_-eiiWjD5XafLuXEQVDRh-v2MKAwdvtXMq5cZ08Zjl2SyHxJ3OqhEeWPvYGltxZh_A',
+        :RS512 => 'EHeGM2Mo3ghhUfSB99AlREehrbC6OPE-nYL_rwf88ysTnJ8L1QQ0UuCrXq4SpRutGLK_bYTK3ZALvFRPoOgK_g0QWmqv6qjQRU_QTxoq8y8APP-IgKKDuIiGH6daBV2rAPLDReqYNKsKjmTvZJo2c0a0e_WZkkj_ZwpgjTG3v0gW9lbDAzLJDz18eqtR4ZO7JTu_fyNrUrNk-w2_wpxSsn9sygIMp0lKE0_pt0b01fz3gjTDjlltU0cKSalUp4geaBDH7QRcexrolIctdQFbNKTXQxoigxD3NLNkKGH7f6A8KZdcOm8AnEjullcZs8_OWGnW43p1qrxoBRSivb9pqQ',
+        :ES256 => :TODO,
+        :ES384 => :TODO,
+        :ES512 => :TODO
+      }
+    }
+    let(:signed) do
+      jws.sign key, alg
+    end
+    subject { signed }
+    
+    [:HS256, :HS384, :HS512].each do |algorithm|
+      describe algorithm do
+        let(:key) { shared_secret }
+        let(:alg) { algorithm }
+        it_behaves_like :jwt_with_alg
+        it_behaves_like :jwt_with_expected_signature
+      end
+    end
+
+    [:RS256, :RS384, :RS512].each do |algorithm|
+      describe algorithm do
+        let(:key) { private_key }
+        let(:alg) { algorithm }
+        it_behaves_like :jwt_with_alg
+        it_behaves_like :jwt_with_expected_signature
+      end
+    end
+
+    [:ES256, :ES384, :ES512].each do |algorithm|
+      describe algorithm do
+        let(:alg) { algorithm }
+        it :TODO
+      end
+    end
+  end
+end

data/spec/json/jwt_spec.rb

@@ -0,0 +1,40 @@
+require 'spec_helper'
+
+describe JSON::JWT do
+  let(:jwt) { JSON::JWT.new claim }
+  let(:claim) do
+    {
+      :iss => 'joe',
+      :exp => 1300819380,
+      'http://example.com/is_root' => true
+    }
+  end
+
+  context 'when no sign no encryption' do
+    let :result do
+      'eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpc3MiOiJqb2UiLCJleHAiOjEzMDA4MTkzODAsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.'
+    end
+
+    it do
+      jwt.to_s.should == result
+    end
+  end
+
+  describe '.sign' do
+    [:HS256, :HS384, :HS512].each do |algorithm|
+      context algorithm do
+        it do
+          jwt.sign(shared_secret, algorithm).should be_a JSON::JWS
+        end
+      end
+    end
+
+    [:RS256, :RS384, :RS512].each do |algorithm|
+      context algorithm do
+        it do
+          jwt.sign(private_key, algorithm).should be_a JSON::JWS
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -1,2 +1,4 @@
 require 'rspec'
-require 'json/jwt'
+require 'json/jwt'
+
+require 'helpers/sign_key_fixture_helper'

metadata

@@ -1,8 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: json-jwt
 version: !ruby/object:Gem::Version 
+  hash: 29
   prerelease: 
-  version: 0.0.0
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
 platform: ruby
 authors: 
 - nov matake
@@ -10,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-09-14 00:00:00 Z
+date: 2011-09-15 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: json
@@ -20,6 +25,11 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 1
+        segments: 
+        - 1
+        - 4
+        - 3
         version: 1.4.3
   type: :runtime
   version_requirements: *id001
@@ -31,6 +41,9 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
         version: "0"
   type: :runtime
   version_requirements: *id002
@@ -42,6 +55,10 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 27
+        segments: 
+        - 0
+        - 8
         version: "0.8"
   type: :development
   version_requirements: *id003
@@ -53,6 +70,10 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 25
+        segments: 
+        - 0
+        - 9
         version: "0.9"
   type: :development
   version_requirements: *id004
@@ -64,6 +85,9 @@ dependencies:
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 7
+        segments: 
+        - 2
         version: "2"
   type: :development
   version_requirements: *id005
@@ -81,6 +105,7 @@ files:
 - .rspec
 - .travis.yml
 - Gemfile
+- Gemfile.lock
 - LICENSE
 - README.rdoc
 - Rakefile
@@ -89,6 +114,11 @@ files:
 - lib/json/jwe.rb
 - lib/json/jws.rb
 - lib/json/jwt.rb
+- spec/fixtures/rsa/private_key.pem
+- spec/fixtures/rsa/public_key.pem
+- spec/helpers/sign_key_fixture_helper.rb
+- spec/json/jws_spec.rb
+- spec/json/jwt_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/nov/json-jwt
 licenses: []
@@ -103,19 +133,30 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
       version: "0"
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.8.10
+rubygems_version: 1.8.5
 signing_key: 
 specification_version: 3
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby
 test_files: 
+- spec/fixtures/rsa/private_key.pem
+- spec/fixtures/rsa/public_key.pem
+- spec/helpers/sign_key_fixture_helper.rb
+- spec/json/jws_spec.rb
+- spec/json/jwt_spec.rb
 - spec/spec_helper.rb