RubyGems - json-jwt - Versions diffs - 0.0.5 → 0.0.6 - Mend

json-jwt 0.0.5 → 0.0.6

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (10) hide show

data/.gitignore CHANGED Viewed

@@ -14,7 +14,7 @@ tmtags
 *.swp
 ## PROJECT::GENERAL
-coverage
+coverage*
 rdoc
 pkg

data/.travis.yml CHANGED Viewed

@@ -1,5 +1,3 @@
 rvm:
-  - 1.8.7
   - 1.9.2
   - 1.9.3
-  - jruby

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    json-jwt (0.0.3)
+    json-jwt (0.0.5)
       activesupport (>= 2.3)
       i18n
       json (>= 1.4.3)
@@ -10,30 +10,37 @@ PATH
 GEM
   remote: http://rubygems.org/
   specs:
-    activesupport (3.1.0)
+    activesupport (3.2.1)
+      i18n (~> 0.6)
       multi_json (~> 1.0)
+    configatron (2.9.0)
+      yamler (>= 0.1.0)
+    cover_me (1.2.0)
+      configatron
+      hashie
     diff-lcs (1.1.3)
+    hashie (1.2.0)
     i18n (0.6.0)
-    json (1.6.1)
-    multi_json (1.0.3)
-    rake (0.9.2)
-    rcov (0.9.10)
-    rspec (2.6.0)
-      rspec-core (~> 2.6.0)
-      rspec-expectations (~> 2.6.0)
-      rspec-mocks (~> 2.6.0)
-    rspec-core (2.6.4)
-    rspec-expectations (2.6.0)
+    json (1.6.5)
+    multi_json (1.0.4)
+    rake (0.9.2.2)
+    rspec (2.8.0)
+      rspec-core (~> 2.8.0)
+      rspec-expectations (~> 2.8.0)
+      rspec-mocks (~> 2.8.0)
+    rspec-core (2.8.0)
+    rspec-expectations (2.8.0)
       diff-lcs (~> 1.1.2)
-    rspec-mocks (2.6.0)
+    rspec-mocks (2.8.0)
     url_safe_base64 (0.2.1)
+    yamler (0.1.0)
 PLATFORMS
   ruby
 DEPENDENCIES
+  cover_me (>= 1.2.0)
   jruby-openssl (>= 0.7)
   json-jwt!
   rake (>= 0.8)
-  rcov (>= 0.9)
   rspec (>= 2)

data/Rakefile CHANGED Viewed

@@ -1,11 +1,19 @@
-require 'bundler/gem_tasks'
+require 'bundler'
+Bundler::GemHelper.install_tasks
 require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new(:spec)
-RSpec::Core::RakeTask.new(:rcov) do |spec|
-  spec.rcov = true
-  spec.rcov_opts = ['-Ilib -Ispec --exclude spec,gems']
+if RUBY_VERSION >= '1.9'
+  require 'cover_me'
+  CoverMe.config do |c|
+    c.file_pattern = /(#{CoverMe.config.project.root}\/lib\/.+\.rb)/i
+  end
+else
+  RSpec::Core::RakeTask.new(:rcov) do |spec|
+    spec.rcov = true
+    spec.rcov_opts = ['-Ilib -Ispec --exclude spec,gems']
+  end
 end
 task :default => :spec

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.5
1	+ 0.0.6

data/json-jwt.gemspec CHANGED Viewed

@@ -15,6 +15,10 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "activesupport", ">= 2.3"
   s.add_runtime_dependency "i18n"
   s.add_development_dependency "rake", ">= 0.8"
-  s.add_development_dependency "rcov", ">= 0.9"
+  if RUBY_VERSION >= '1.9'
+    s.add_development_dependency "cover_me", ">= 1.2.0"
+  else
+    s.add_development_dependency "rcov", ">= 0.9"
+  end
   s.add_development_dependency "rspec", ">= 2"
 end

data/lib/json/jwt.rb CHANGED Viewed

@@ -29,6 +29,12 @@ module JSON
     def verify(signature_base_string, signature = '', public_key_or_secret = nil)
       if header[:alg].to_s == 'none'
+        if public_key_or_secret
+          warn [
+            'A public key or secret is given for non-signed JWT.',
+            'The JWT can be valid regardless public key or secret, but something unexpected seems occuring.'
+          ].join('\n')
+        end
         signature == '' or raise VerificationFailed
       else
         JWS.new(self).verify(signature_base_string, signature, public_key_or_secret)

data/spec/json/jwt_spec.rb CHANGED Viewed

@@ -39,13 +39,20 @@ describe JSON::JWT do
   describe '#verify' do
     context 'when not signed nor encrypted' do
-      context 'no signature given' do
+      context 'when no signature nor public_key_or_secret given' do
         it do
           jwt.verify(no_signed).should be_true
         end
       end
-      context 'otherwise' do
+      context 'when public_key_or_secret given' do
+        it 'should be true but warn' do
+          jwt.should_receive(:warn).once
+          jwt.verify(no_signed, '', 'public_key_or_secret').should be_true
+        end
+      end
+      context 'when signature given' do
         it do
           expect do
             jwt.verify(no_signed, 'signature')

data/spec/spec_helper.rb CHANGED Viewed

@@ -1,3 +1,10 @@
+if RUBY_VERSION >= '1.9'
+  require 'cover_me'
+  at_exit do
+    CoverMe.complete!
+  end
+end
 require 'rspec'
 require 'json/jwt'

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 0.0.5
+  version: 0.0.6
   prerelease:
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-01-17 00:00:00.000000000Z
+date: 2012-02-09 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json
-  requirement: &70271328934800 !ruby/object:Gem::Requirement
+  requirement: &70122623930020 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
         version: 1.4.3
   type: :runtime
   prerelease: false
-  version_requirements: *70271328934800
+  version_requirements: *70122623930020
 - !ruby/object:Gem::Dependency
   name: url_safe_base64
-  requirement: &70271328934340 !ruby/object:Gem::Requirement
+  requirement: &70122623929180 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70271328934340
+  version_requirements: *70122623929180
 - !ruby/object:Gem::Dependency
   name: activesupport
-  requirement: &70271328933640 !ruby/object:Gem::Requirement
+  requirement: &70122623924960 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
         version: '2.3'
   type: :runtime
   prerelease: false
-  version_requirements: *70271328933640
+  version_requirements: *70122623924960
 - !ruby/object:Gem::Dependency
   name: i18n
-  requirement: &70271328933120 !ruby/object:Gem::Requirement
+  requirement: &70122623924540 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *70271328933120
+  version_requirements: *70122623924540
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &70271328927100 !ruby/object:Gem::Requirement
+  requirement: &70122623923960 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,21 +65,21 @@ dependencies:
         version: '0.8'
   type: :development
   prerelease: false
-  version_requirements: *70271328927100
+  version_requirements: *70122623923960
 - !ruby/object:Gem::Dependency
-  name: rcov
-  requirement: &70271328926600 !ruby/object:Gem::Requirement
+  name: cover_me
+  requirement: &70122623923220 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
       - !ruby/object:Gem::Version
-        version: '0.9'
+        version: 1.2.0
   type: :development
   prerelease: false
-  version_requirements: *70271328926600
+  version_requirements: *70122623923220
 - !ruby/object:Gem::Dependency
   name: rspec
-  requirement: &70271328926140 !ruby/object:Gem::Requirement
+  requirement: &70122623922760 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -87,7 +87,7 @@ dependencies:
         version: '2'
   type: :development
   prerelease: false
-  version_requirements: *70271328926140
+  version_requirements: *70122623922760
 description: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption
   and JSON Web Key) in Ruby
 email: