json-jwt 0.0.6 → 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- json-jwt (0.0.5)
4
+ json-jwt (0.0.6)
5
5
  activesupport (>= 2.3)
6
6
  i18n
7
7
  json (>= 1.4.3)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.6
1
+ 0.0.7
data/lib/json/jwt.rb CHANGED
@@ -10,6 +10,7 @@ module JSON
10
10
  class Exception < StandardError; end
11
11
  class InvalidFormat < Exception; end
12
12
  class VerificationFailed < Exception; end
13
+ class UnexpectedAlgorighm < VerificationFailed; end
13
14
 
14
15
  def initialize(claims)
15
16
  @header = {
@@ -29,12 +30,7 @@ module JSON
29
30
 
30
31
  def verify(signature_base_string, signature = '', public_key_or_secret = nil)
31
32
  if header[:alg].to_s == 'none'
32
- if public_key_or_secret
33
- warn [
34
- 'A public key or secret is given for non-signed JWT.',
35
- 'The JWT can be valid regardless public key or secret, but something unexpected seems occuring.'
36
- ].join('\n')
37
- end
33
+ raise UnexpectedAlgorighm if public_key_or_secret
38
34
  signature == '' or raise VerificationFailed
39
35
  else
40
36
  JWS.new(self).verify(signature_base_string, signature, public_key_or_secret)
@@ -46,9 +46,10 @@ describe JSON::JWT do
46
46
  end
47
47
 
48
48
  context 'when public_key_or_secret given' do
49
- it 'should be true but warn' do
50
- jwt.should_receive(:warn).once
51
- jwt.verify(no_signed, '', 'public_key_or_secret').should be_true
49
+ it do
50
+ expect do
51
+ jwt.verify(no_signed, '', 'secret')
52
+ end.should raise_error JSON::JWT::UnexpectedAlgorighm
52
53
  end
53
54
  end
54
55
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.6
4
+ version: 0.0.7
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -13,7 +13,7 @@ date: 2012-02-09 00:00:00.000000000Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: json
16
- requirement: &70122623930020 !ruby/object:Gem::Requirement
16
+ requirement: &70267080065980 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: 1.4.3
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *70122623930020
24
+ version_requirements: *70267080065980
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: url_safe_base64
27
- requirement: &70122623929180 !ruby/object:Gem::Requirement
27
+ requirement: &70267080064240 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: '0'
33
33
  type: :runtime
34
34
  prerelease: false
35
- version_requirements: *70122623929180
35
+ version_requirements: *70267080064240
36
36
  - !ruby/object:Gem::Dependency
37
37
  name: activesupport
38
- requirement: &70122623924960 !ruby/object:Gem::Requirement
38
+ requirement: &70267080060520 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ! '>='
@@ -43,10 +43,10 @@ dependencies:
43
43
  version: '2.3'
44
44
  type: :runtime
45
45
  prerelease: false
46
- version_requirements: *70122623924960
46
+ version_requirements: *70267080060520
47
47
  - !ruby/object:Gem::Dependency
48
48
  name: i18n
49
- requirement: &70122623924540 !ruby/object:Gem::Requirement
49
+ requirement: &70267080060100 !ruby/object:Gem::Requirement
50
50
  none: false
51
51
  requirements:
52
52
  - - ! '>='
@@ -54,10 +54,10 @@ dependencies:
54
54
  version: '0'
55
55
  type: :runtime
56
56
  prerelease: false
57
- version_requirements: *70122623924540
57
+ version_requirements: *70267080060100
58
58
  - !ruby/object:Gem::Dependency
59
59
  name: rake
60
- requirement: &70122623923960 !ruby/object:Gem::Requirement
60
+ requirement: &70267080059540 !ruby/object:Gem::Requirement
61
61
  none: false
62
62
  requirements:
63
63
  - - ! '>='
@@ -65,10 +65,10 @@ dependencies:
65
65
  version: '0.8'
66
66
  type: :development
67
67
  prerelease: false
68
- version_requirements: *70122623923960
68
+ version_requirements: *70267080059540
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: cover_me
71
- requirement: &70122623923220 !ruby/object:Gem::Requirement
71
+ requirement: &70267080058800 !ruby/object:Gem::Requirement
72
72
  none: false
73
73
  requirements:
74
74
  - - ! '>='
@@ -76,10 +76,10 @@ dependencies:
76
76
  version: 1.2.0
77
77
  type: :development
78
78
  prerelease: false
79
- version_requirements: *70122623923220
79
+ version_requirements: *70267080058800
80
80
  - !ruby/object:Gem::Dependency
81
81
  name: rspec
82
- requirement: &70122623922760 !ruby/object:Gem::Requirement
82
+ requirement: &70267080058300 !ruby/object:Gem::Requirement
83
83
  none: false
84
84
  requirements:
85
85
  - - ! '>='
@@ -87,7 +87,7 @@ dependencies:
87
87
  version: '2'
88
88
  type: :development
89
89
  prerelease: false
90
- version_requirements: *70122623922760
90
+ version_requirements: *70267080058300
91
91
  description: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption
92
92
  and JSON Web Key) in Ruby
93
93
  email: