json-jwt 0.0.6 → 0.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- data/Gemfile.lock +1 -1
- data/VERSION +1 -1
- data/lib/json/jwt.rb +2 -6
- data/spec/json/jwt_spec.rb +4 -3
- metadata +15 -15
data/Gemfile.lock
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.0.
|
|
1
|
+
0.0.7
|
data/lib/json/jwt.rb
CHANGED
|
@@ -10,6 +10,7 @@ module JSON
|
|
|
10
10
|
class Exception < StandardError; end
|
|
11
11
|
class InvalidFormat < Exception; end
|
|
12
12
|
class VerificationFailed < Exception; end
|
|
13
|
+
class UnexpectedAlgorighm < VerificationFailed; end
|
|
13
14
|
|
|
14
15
|
def initialize(claims)
|
|
15
16
|
@header = {
|
|
@@ -29,12 +30,7 @@ module JSON
|
|
|
29
30
|
|
|
30
31
|
def verify(signature_base_string, signature = '', public_key_or_secret = nil)
|
|
31
32
|
if header[:alg].to_s == 'none'
|
|
32
|
-
if public_key_or_secret
|
|
33
|
-
warn [
|
|
34
|
-
'A public key or secret is given for non-signed JWT.',
|
|
35
|
-
'The JWT can be valid regardless public key or secret, but something unexpected seems occuring.'
|
|
36
|
-
].join('\n')
|
|
37
|
-
end
|
|
33
|
+
raise UnexpectedAlgorighm if public_key_or_secret
|
|
38
34
|
signature == '' or raise VerificationFailed
|
|
39
35
|
else
|
|
40
36
|
JWS.new(self).verify(signature_base_string, signature, public_key_or_secret)
|
data/spec/json/jwt_spec.rb
CHANGED
|
@@ -46,9 +46,10 @@ describe JSON::JWT do
|
|
|
46
46
|
end
|
|
47
47
|
|
|
48
48
|
context 'when public_key_or_secret given' do
|
|
49
|
-
it
|
|
50
|
-
|
|
51
|
-
|
|
49
|
+
it do
|
|
50
|
+
expect do
|
|
51
|
+
jwt.verify(no_signed, '', 'secret')
|
|
52
|
+
end.should raise_error JSON::JWT::UnexpectedAlgorighm
|
|
52
53
|
end
|
|
53
54
|
end
|
|
54
55
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.7
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -13,7 +13,7 @@ date: 2012-02-09 00:00:00.000000000Z
|
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: json
|
|
16
|
-
requirement: &
|
|
16
|
+
requirement: &70267080065980 !ruby/object:Gem::Requirement
|
|
17
17
|
none: false
|
|
18
18
|
requirements:
|
|
19
19
|
- - ! '>='
|
|
@@ -21,10 +21,10 @@ dependencies:
|
|
|
21
21
|
version: 1.4.3
|
|
22
22
|
type: :runtime
|
|
23
23
|
prerelease: false
|
|
24
|
-
version_requirements: *
|
|
24
|
+
version_requirements: *70267080065980
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: url_safe_base64
|
|
27
|
-
requirement: &
|
|
27
|
+
requirement: &70267080064240 !ruby/object:Gem::Requirement
|
|
28
28
|
none: false
|
|
29
29
|
requirements:
|
|
30
30
|
- - ! '>='
|
|
@@ -32,10 +32,10 @@ dependencies:
|
|
|
32
32
|
version: '0'
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
|
-
version_requirements: *
|
|
35
|
+
version_requirements: *70267080064240
|
|
36
36
|
- !ruby/object:Gem::Dependency
|
|
37
37
|
name: activesupport
|
|
38
|
-
requirement: &
|
|
38
|
+
requirement: &70267080060520 !ruby/object:Gem::Requirement
|
|
39
39
|
none: false
|
|
40
40
|
requirements:
|
|
41
41
|
- - ! '>='
|
|
@@ -43,10 +43,10 @@ dependencies:
|
|
|
43
43
|
version: '2.3'
|
|
44
44
|
type: :runtime
|
|
45
45
|
prerelease: false
|
|
46
|
-
version_requirements: *
|
|
46
|
+
version_requirements: *70267080060520
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
name: i18n
|
|
49
|
-
requirement: &
|
|
49
|
+
requirement: &70267080060100 !ruby/object:Gem::Requirement
|
|
50
50
|
none: false
|
|
51
51
|
requirements:
|
|
52
52
|
- - ! '>='
|
|
@@ -54,10 +54,10 @@ dependencies:
|
|
|
54
54
|
version: '0'
|
|
55
55
|
type: :runtime
|
|
56
56
|
prerelease: false
|
|
57
|
-
version_requirements: *
|
|
57
|
+
version_requirements: *70267080060100
|
|
58
58
|
- !ruby/object:Gem::Dependency
|
|
59
59
|
name: rake
|
|
60
|
-
requirement: &
|
|
60
|
+
requirement: &70267080059540 !ruby/object:Gem::Requirement
|
|
61
61
|
none: false
|
|
62
62
|
requirements:
|
|
63
63
|
- - ! '>='
|
|
@@ -65,10 +65,10 @@ dependencies:
|
|
|
65
65
|
version: '0.8'
|
|
66
66
|
type: :development
|
|
67
67
|
prerelease: false
|
|
68
|
-
version_requirements: *
|
|
68
|
+
version_requirements: *70267080059540
|
|
69
69
|
- !ruby/object:Gem::Dependency
|
|
70
70
|
name: cover_me
|
|
71
|
-
requirement: &
|
|
71
|
+
requirement: &70267080058800 !ruby/object:Gem::Requirement
|
|
72
72
|
none: false
|
|
73
73
|
requirements:
|
|
74
74
|
- - ! '>='
|
|
@@ -76,10 +76,10 @@ dependencies:
|
|
|
76
76
|
version: 1.2.0
|
|
77
77
|
type: :development
|
|
78
78
|
prerelease: false
|
|
79
|
-
version_requirements: *
|
|
79
|
+
version_requirements: *70267080058800
|
|
80
80
|
- !ruby/object:Gem::Dependency
|
|
81
81
|
name: rspec
|
|
82
|
-
requirement: &
|
|
82
|
+
requirement: &70267080058300 !ruby/object:Gem::Requirement
|
|
83
83
|
none: false
|
|
84
84
|
requirements:
|
|
85
85
|
- - ! '>='
|
|
@@ -87,7 +87,7 @@ dependencies:
|
|
|
87
87
|
version: '2'
|
|
88
88
|
type: :development
|
|
89
89
|
prerelease: false
|
|
90
|
-
version_requirements: *
|
|
90
|
+
version_requirements: *70267080058300
|
|
91
91
|
description: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption
|
|
92
92
|
and JSON Web Key) in Ruby
|
|
93
93
|
email:
|