json-jwt 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of json-jwt might be problematic. Click here for more details.

Files changed (15) hide show
  1. data/.travis.yml +1 -0
  2. data/Gemfile +1 -5
  3. data/Gemfile.lock +3 -3
  4. data/Rakefile +9 -16
  5. data/VERSION +1 -1
  6. data/json-jwt.gemspec +1 -5
  7. data/lib/json/jwk.rb +12 -12
  8. data/lib/json/jwk/set.rb +1 -1
  9. data/lib/json/jws.rb +3 -3
  10. data/lib/json/jwt.rb +11 -7
  11. data/spec/json/jwk_spec.rb +23 -10
  12. data/spec/json/jws_spec.rb +7 -7
  13. data/spec/json/jwt_spec.rb +53 -8
  14. data/spec/spec_helper.rb +1 -4
  15. metadata +2 -2
data/.travis.yml CHANGED
@@ -1,2 +1,3 @@
1
1
  rvm:
2
+ - 1.9.2
2
3
  - 1.9.3
data/Gemfile CHANGED
@@ -1,7 +1,3 @@
1
1
  source "http://rubygems.org"
2
2
 
3
- platform :jruby do
4
- gem 'jruby-openssl', '>= 0.7'
5
- end
6
-
7
- gemspec
3
+ gemspec
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- json-jwt (0.1.8)
4
+ json-jwt (0.3.0)
5
5
  activesupport (>= 2.3)
6
6
  i18n
7
7
  json (>= 1.4.3)
@@ -31,16 +31,16 @@ GEM
31
31
  rspec-core (2.11.1)
32
32
  rspec-expectations (2.11.3)
33
33
  diff-lcs (~> 1.1.3)
34
- rspec-mocks (2.11.2)
34
+ rspec-mocks (2.11.3)
35
35
  url_safe_base64 (0.2.1)
36
36
  yamler (0.1.0)
37
37
 
38
38
  PLATFORMS
39
+ java
39
40
  ruby
40
41
 
41
42
  DEPENDENCIES
42
43
  cover_me (>= 1.2.0)
43
- jruby-openssl (>= 0.7)
44
44
  json-jwt!
45
45
  rake (>= 0.8)
46
46
  rspec (>= 2)
data/Rakefile CHANGED
@@ -4,22 +4,15 @@ Bundler::GemHelper.install_tasks
4
4
  require 'rspec/core/rake_task'
5
5
  RSpec::Core::RakeTask.new(:spec)
6
6
 
7
- if RUBY_VERSION >= '1.9'
8
- namespace :cover_me do
9
- desc "Generates and opens code coverage report."
10
- task :report do
11
- require 'cover_me'
12
- CoverMe.complete!
13
- end
14
- end
15
- task :spec do
16
- Rake::Task['cover_me:report'].invoke
17
- end
18
- else
19
- RSpec::Core::RakeTask.new(:rcov) do |spec|
20
- spec.rcov = true
21
- spec.rcov_opts = ['-Ilib -Ispec --exclude spec,gems']
7
+ namespace :cover_me do
8
+ desc "Generates and opens code coverage report."
9
+ task :report do
10
+ require 'cover_me'
11
+ CoverMe.complete!
22
12
  end
23
13
  end
14
+ task :spec do
15
+ Rake::Task['cover_me:report'].invoke
16
+ end
24
17
 
25
- task :default => :spec
18
+ task default: :spec
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.2.0
1
+ 0.3.0
data/json-jwt.gemspec CHANGED
@@ -15,10 +15,6 @@ Gem::Specification.new do |s|
15
15
  s.add_runtime_dependency "activesupport", ">= 2.3"
16
16
  s.add_runtime_dependency "i18n"
17
17
  s.add_development_dependency "rake", ">= 0.8"
18
- if RUBY_VERSION >= '1.9'
19
- s.add_development_dependency "cover_me", ">= 1.2.0"
20
- else
21
- s.add_development_dependency "rcov", ">= 0.9"
22
- end
18
+ s.add_development_dependency "cover_me", ">= 1.2.0"
23
19
  s.add_development_dependency "rspec", ">= 2"
24
20
  end
data/lib/json/jwk.rb CHANGED
@@ -29,8 +29,8 @@ module JSON
29
29
  hex_x = hex[2, data_len/2]
30
30
  hex_y = hex[2+data_len/2, data_len/2]
31
31
  @ecdsa_coodinates = {
32
- :x => hex_x,
33
- :y => hex_y
32
+ x: hex_x,
33
+ y: hex_y
34
34
  }
35
35
  end
36
36
  @ecdsa_coodinates
@@ -40,16 +40,16 @@ module JSON
40
40
  hash = case public_key
41
41
  when OpenSSL::PKey::RSA
42
42
  {
43
- :alg => :RSA,
44
- :exp => UrlSafeBase64.encode64(public_key.e.to_s(2)),
45
- :mod => UrlSafeBase64.encode64(public_key.n.to_s(2))
43
+ alg: :RSA,
44
+ exp: UrlSafeBase64.encode64(public_key.e.to_s(2)),
45
+ mod: UrlSafeBase64.encode64(public_key.n.to_s(2))
46
46
  }
47
47
  when OpenSSL::PKey::EC
48
48
  {
49
- :alg => :EC,
50
- :crv => ecdsa_curve_name(public_key),
51
- :x => UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:x].to_s),
52
- :y => UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:y].to_s)
49
+ alg: :EC,
50
+ crv: ecdsa_curve_name(public_key),
51
+ x: UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:x].to_s),
52
+ y: UrlSafeBase64.encode64(ecdsa_coodinates(public_key)[:y].to_s)
53
53
  }
54
54
  else
55
55
  raise UnknownAlgorithm.new('Unknown Algorithm')
@@ -59,15 +59,15 @@ module JSON
59
59
 
60
60
  class << self
61
61
  def decode(jwk)
62
- case jwk[:alg]
63
- when :RSA
62
+ case jwk[:alg].to_s
63
+ when 'RSA'
64
64
  exp = OpenSSL::BN.new UrlSafeBase64.decode64(jwk[:exp]), 2
65
65
  mod = OpenSSL::BN.new UrlSafeBase64.decode64(jwk[:mod]), 2
66
66
  key = OpenSSL::PKey::RSA.new
67
67
  key.e = exp
68
68
  key.n = mod
69
69
  key
70
- when :EC
70
+ when 'EC'
71
71
  raise NotImplementedError.new('Not Implemented Yet')
72
72
  else
73
73
  raise UnknownAlgorithm.new('Unknown Algorithm')
data/lib/json/jwk/set.rb CHANGED
@@ -6,7 +6,7 @@ module JSON
6
6
 
7
7
  def as_json(options = {})
8
8
  # NOTE: Array.new wrapper is requied to avoid CircularReferenceError
9
- {:keys => Array.new(self)}
9
+ {keys: Array.new(self)}
10
10
  end
11
11
  end
12
12
  end
data/lib/json/jws.rb CHANGED
@@ -13,8 +13,8 @@ module JSON
13
13
  self
14
14
  end
15
15
 
16
- def verify(signature_base_string, signature, public_key_or_secret)
17
- valid?(signature_base_string, signature, public_key_or_secret) or
16
+ def verify(public_key_or_secret)
17
+ public_key_or_secret && valid?(public_key_or_secret) or
18
18
  raise VerificationFailed
19
19
  end
20
20
 
@@ -66,7 +66,7 @@ module JSON
66
66
  end
67
67
  end
68
68
 
69
- def valid?(signature_base_string, signature, public_key_or_secret)
69
+ def valid?(public_key_or_secret)
70
70
  case
71
71
  when hmac?
72
72
  secret = public_key_or_secret
data/lib/json/jwt.rb CHANGED
@@ -14,8 +14,8 @@ module JSON
14
14
 
15
15
  def initialize(claims)
16
16
  @header = {
17
- :typ => :JWT,
18
- :alg => :none
17
+ typ: :JWT,
18
+ alg: :none
19
19
  }
20
20
  [:exp, :nbf, :iat].each do |key|
21
21
  claims[key] = claims[key].to_i if claims[key]
@@ -28,12 +28,12 @@ module JSON
28
28
  JWS.new(self).sign!(private_key_or_secret)
29
29
  end
30
30
 
31
- def verify(signature_base_string, signature = '', public_key_or_secret = nil)
31
+ def verify(public_key_or_secret = nil)
32
32
  if header[:alg].to_s == 'none'
33
33
  raise UnexpectedAlgorithm if public_key_or_secret
34
34
  signature == '' or raise VerificationFailed
35
35
  else
36
- JWS.new(self).verify(signature_base_string, signature, public_key_or_secret)
36
+ JWS.new(self).verify(public_key_or_secret)
37
37
  end
38
38
  end
39
39
 
@@ -54,10 +54,14 @@ module JSON
54
54
  header, claims, signature = jwt_string.split('.', 3).collect do |segment|
55
55
  UrlSafeBase64.decode64 segment.to_s
56
56
  end
57
+ header, claims = [header, claims].collect do |json|
58
+ JSON.parse json, symbolize_names: true, symbolize_keys: true
59
+ end
57
60
  signature_base_string = jwt_string.split('.')[0, 2].join('.')
58
- jwt = new JSON.parse(claims, :symbolize_names => true, :symbolize_keys => true)
59
- jwt.header = JSON.parse(header, :symbolize_names => true, :symbolize_keys => true)
60
- jwt.verify signature_base_string, signature, key_or_secret
61
+ jwt = new claims
62
+ jwt.header = header
63
+ jwt.signature = signature
64
+ jwt.verify key_or_secret unless key_or_secret == :skip_verification
61
65
  jwt
62
66
  when 3 # JWE
63
67
  # TODO: Concept code first.
data/spec/json/jwk_spec.rb CHANGED
@@ -9,7 +9,7 @@ describe JSON::JWK do
9
9
  its(:mod) { jwk[:mod].should == UrlSafeBase64.encode64(public_key.n.to_s(2)) }
10
10
 
11
11
  context 'when kid/use options given' do
12
- let(:jwk) { JSON::JWK.new public_key, :kid => '12345', :use => :sig }
12
+ let(:jwk) { JSON::JWK.new public_key, kid: '12345', use: :sig }
13
13
  it { jwk.should include :kid, :use }
14
14
  its(:kid) { jwk[:kid].should == '12345' }
15
15
  its(:use) { jwk[:use].should == :sig }
@@ -20,22 +20,22 @@ describe JSON::JWK do
20
20
  let(:expected_coodinates) do
21
21
  {
22
22
  256 => {
23
- :x => 'OTUyMUU1NjJFOEQ3NDA0MTRDOEEyQjk5RDQ2NkZERDVFNUYwQzUzMUFGNENBNkMxMTY2Q0NFQzUzQjVGRDMwRg',
24
- :y => 'MDIwQTRENTQwN0ExQkJFNzQwNkJDNjIyMUI5NjUxQTY1NjY5Mjg4QUU1OEE1NjRDNjcwN0Q1RkQ5REM3MDlCNw'
23
+ x: 'OTUyMUU1NjJFOEQ3NDA0MTRDOEEyQjk5RDQ2NkZERDVFNUYwQzUzMUFGNENBNkMxMTY2Q0NFQzUzQjVGRDMwRg',
24
+ y: 'MDIwQTRENTQwN0ExQkJFNzQwNkJDNjIyMUI5NjUxQTY1NjY5Mjg4QUU1OEE1NjRDNjcwN0Q1RkQ5REM3MDlCNw'
25
25
  },
26
26
  384 => {
27
- :x => 'QTY1Q0MwQTcyMTY3MkJCQUIzODYwRTU3OUM4NjVCMTYzREExNjY4MUY2NTVEOTc4RjkxMTY2RUMzOUVDMzRDMUJEQjcyQUFCQTVGQUI2NDcyOERGMjgwMDVCNzA1NDZE',
28
- :y => 'OEIxMDczN0RGODY0RERGNzFCOTlFOEE5MThCOTJGNDAxMzQyQ0RFMzY2RTkwMkY3ODRFNTEzMUZBMjA1MDczMzhCRDE4RUM3QjA2NEU4QTRENEQzQjI5MkUzOTYyQkRC'
27
+ x: 'QTY1Q0MwQTcyMTY3MkJCQUIzODYwRTU3OUM4NjVCMTYzREExNjY4MUY2NTVEOTc4RjkxMTY2RUMzOUVDMzRDMUJEQjcyQUFCQTVGQUI2NDcyOERGMjgwMDVCNzA1NDZE',
28
+ y: 'OEIxMDczN0RGODY0RERGNzFCOTlFOEE5MThCOTJGNDAxMzQyQ0RFMzY2RTkwMkY3ODRFNTEzMUZBMjA1MDczMzhCRDE4RUM3QjA2NEU4QTRENEQzQjI5MkUzOTYyQkRC'
29
29
  },
30
30
  512 => {
31
- :x => 'MDFDMzAyMEZFNkI0NkJBQUU3MTNENEVGMEI0OThFQTg1RkMzMTk3NDYwRTU4REUyNERCRTFFMUNEQzEzOUI2OTAzRUEyQkEzQzdEMzNGN0ZDNzdGMTQ2MUVCRDBFODY5QUIzMTI3RTJCNjBGNjE5QTJFMUFDNkM4M0M0ODBCRDJBRkZG',
32
- :y => 'MDE0MkQ4MTFERjI1RjlCNTdGMDQ4REJDRjVBN0IzODUyMkQ5RDUxMEM1REE1QjYwMENGMTMyRjU4RUQ4QjZBNjFBRTFDMjVDQTYyQ0IzNTQzMzI5NUQ2QzAxQTdBNzIzODNBNEQ3MjBEOTI4NTZCNTU3NjYxMzc4RDM4OEExQkI4MjM2'
31
+ x: 'MDFDMzAyMEZFNkI0NkJBQUU3MTNENEVGMEI0OThFQTg1RkMzMTk3NDYwRTU4REUyNERCRTFFMUNEQzEzOUI2OTAzRUEyQkEzQzdEMzNGN0ZDNzdGMTQ2MUVCRDBFODY5QUIzMTI3RTJCNjBGNjE5QTJFMUFDNkM4M0M0ODBCRDJBRkZG',
32
+ y: 'MDE0MkQ4MTFERjI1RjlCNTdGMDQ4REJDRjVBN0IzODUyMkQ5RDUxMEM1REE1QjYwMENGMTMyRjU4RUQ4QjZBNjFBRTFDMjVDQTYyQ0IzNTQzMzI5NUQ2QzAxQTdBNzIzODNBNEQ3MjBEOTI4NTZCNTU3NjYxMzc4RDM4OEExQkI4MjM2'
33
33
  }
34
34
  }
35
35
  end
36
36
  [256, 384, 512].each do |digest_length|
37
37
  describe "EC#{digest_length}" do
38
- let(:jwk) { JSON::JWK.new public_key(:ecdsa, :digest_length => digest_length) }
38
+ let(:jwk) { JSON::JWK.new public_key(:ecdsa, digest_length: digest_length) }
39
39
  it { jwk.should include :alg, :crv, :x, :y }
40
40
  its(:alg) { jwk[:alg].should == :EC }
41
41
  its(:x) { jwk[:x].should == expected_coodinates[digest_length][:x] }
@@ -74,7 +74,8 @@ describe JSON::JWK do
74
74
  let(:exp) { 'AQAB' }
75
75
  let(:mod) { 'AK8ppaAGn6N3jDic2DhDN5mI5mWzvhfL1AFZOS9q2EBM8L5sjZbYiaHeNoKillZGmEF9a9g6Z20bDnoHTuHPsx93HYkZqPumFZ8K9lLCbqKAMWw2Qgk10RgrZ-kblJotTBCeer9-tZSWO-OWFzP4gp8MpSuQOQbwTJwDgEkFIQLUK2YgzWbn1PoW8xcfbVyWhZD880ELGRW6GhRgYAl0DN_EQS8kyUa0CusYCzOOg2W3-7qjYeojyP6jiOEr-eyjC7hcUvTVoTfz84BiZv72KS3i5JS8ZNNuRp5Ce51wjoDDUoNxDLWv6Da6qMaGpKz6NTSNbvhE_KFhpp4wf5yRQD8=' }
76
76
  let(:pem) do
77
- <<-PEM
77
+ if RUBY_VERSION >= '1.9.3'
78
+ <<-PEM
78
79
  -----BEGIN PUBLIC KEY-----
79
80
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArymloAafo3eMOJzYOEM3
80
81
  mYjmZbO+F8vUAVk5L2rYQEzwvmyNltiJod42gqKWVkaYQX1r2DpnbRsOegdO4c+z
@@ -84,7 +85,19 @@ nwylK5A5BvBMnAOASQUhAtQrZiDNZufU+hbzFx9tXJaFkPzzQQsZFboaFGBgCXQM
84
85
  LeLklLxk025GnkJ7nXCOgMNSg3EMta/oNrqoxoakrPo1NI1u+ET8oWGmnjB/nJFA
85
86
  PwIDAQAB
86
87
  -----END PUBLIC KEY-----
87
- PEM
88
+ PEM
89
+ else
90
+ <<-PEM
91
+ -----BEGIN RSA PUBLIC KEY-----
92
+ MIIBCgKCAQEArymloAafo3eMOJzYOEM3mYjmZbO+F8vUAVk5L2rYQEzwvmyNltiJ
93
+ od42gqKWVkaYQX1r2DpnbRsOegdO4c+zH3cdiRmo+6YVnwr2UsJuooAxbDZCCTXR
94
+ GCtn6RuUmi1MEJ56v361lJY745YXM/iCnwylK5A5BvBMnAOASQUhAtQrZiDNZufU
95
+ +hbzFx9tXJaFkPzzQQsZFboaFGBgCXQM38RBLyTJRrQK6xgLM46DZbf7uqNh6iPI
96
+ /qOI4Sv57KMLuFxS9NWhN/PzgGJm/vYpLeLklLxk025GnkJ7nXCOgMNSg3EMta/o
97
+ NrqoxoakrPo1NI1u+ET8oWGmnjB/nJFAPwIDAQAB
98
+ -----END RSA PUBLIC KEY-----
99
+ PEM
100
+ end
88
101
  end
89
102
 
90
103
  it { should be_instance_of OpenSSL::PKey::RSA }
data/spec/json/jws_spec.rb CHANGED
@@ -12,12 +12,12 @@ describe JSON::JWS do
12
12
  let(:decoded) { JSON::JWT.decode signed.to_s, public_key_or_secret }
13
13
  let(:claims) do
14
14
  {
15
- :iss => 'joe',
16
- :exp => 1300819380,
15
+ iss: 'joe',
16
+ exp: 1300819380,
17
17
  :'http://example.com/is_root' => true
18
18
  }
19
19
  end
20
- let(:expected_signature) {
20
+ let(:expected_signature) do
21
21
  {
22
22
  :HS256 => 'DyuTgO2Ggb5nrhkkhI-RjVYIBe3o8oL4ijkAn94YPxQ',
23
23
  :HS384 => 'a5-7rr61TG8Snv9xxJ7l064ky-SCq1Mswe9t8HEorvoc_nnfIeUy9WQCLMIli34R',
@@ -26,7 +26,7 @@ describe JSON::JWS do
26
26
  :RS384 => 'lT5JbytGKgG9QrwkJuxgw7UjmN9tjkEQW9pVGR2XnKEdC0_wLNIzAmT-jTwyMDGBLUkWO7opDOP6Xy6_DOTg58k9PwVkyQzrLnmxJMEng2Q-aMqcitRSIvUk3DPy8kemp8yUPls9NzWmByM2GoUVHbDsR0r-tZN-g_9QYev32mvMhjMr30JI5S2xiRjc9m2GAaXMOQmNTovJgV4bgCp4UjruCrA0BD1JJwDqKYoR_YYr_ALcVjD_LUgy80udJvbi8MAYJVUf0QYtQDrX2wnT_-eiiWjD5XafLuXEQVDRh-v2MKAwdvtXMq5cZ08Zjl2SyHxJ3OqhEeWPvYGltxZh_A',
27
27
  :RS512 => 'EHeGM2Mo3ghhUfSB99AlREehrbC6OPE-nYL_rwf88ysTnJ8L1QQ0UuCrXq4SpRutGLK_bYTK3ZALvFRPoOgK_g0QWmqv6qjQRU_QTxoq8y8APP-IgKKDuIiGH6daBV2rAPLDReqYNKsKjmTvZJo2c0a0e_WZkkj_ZwpgjTG3v0gW9lbDAzLJDz18eqtR4ZO7JTu_fyNrUrNk-w2_wpxSsn9sygIMp0lKE0_pt0b01fz3gjTDjlltU0cKSalUp4geaBDH7QRcexrolIctdQFbNKTXQxoigxD3NLNkKGH7f6A8KZdcOm8AnEjullcZs8_OWGnW43p1qrxoBRSivb9pqQ'
28
28
  }
29
- }
29
+ end
30
30
 
31
31
  shared_examples_for :jwt_with_alg do
32
32
  it { should == jwt }
@@ -120,8 +120,8 @@ describe JSON::JWS do
120
120
 
121
121
  [:ES256, :ES384, :ES512].each do |algorithm|
122
122
  describe algorithm do
123
- let(:private_key_or_secret) { private_key(:ecdsa, :digest_length => algorithm.to_s[2,3].to_i) }
124
- let(:public_key_or_secret) { public_key(:ecdsa, :digest_length => algorithm.to_s[2,3].to_i) }
123
+ let(:private_key_or_secret) { private_key :ecdsa, digest_length: algorithm.to_s[2,3].to_i }
124
+ let(:public_key_or_secret) { public_key :ecdsa, digest_length: algorithm.to_s[2,3].to_i }
125
125
  let(:alg) { algorithm }
126
126
  it_behaves_like :success_signature_verification
127
127
  end
@@ -131,7 +131,7 @@ describe JSON::JWS do
131
131
  let(:alg) { :unknown }
132
132
  it do
133
133
  expect do
134
- jws.verify 'signature_base_string', 'signature', 'key'
134
+ jws.verify 'key'
135
135
  end.to raise_error JSON::JWS::InvalidFormat
136
136
  end
137
137
  end
data/spec/json/jwt_spec.rb CHANGED
@@ -2,10 +2,16 @@ require 'spec_helper'
2
2
 
3
3
  describe JSON::JWT do
4
4
  let(:jwt) { JSON::JWT.new claims }
5
+ let(:jws) do
6
+ jwt.header[:alg] = :HS256
7
+ jws = JSON::JWS.new jwt
8
+ jws.signature = 'signature'
9
+ jws
10
+ end
5
11
  let(:claims) do
6
12
  {
7
- :iss => 'joe',
8
- :exp => 1300819380,
13
+ iss: 'joe',
14
+ exp: 1300819380,
9
15
  :'http://example.com/is_root' => true
10
16
  }
11
17
  end
@@ -39,36 +45,49 @@ describe JSON::JWT do
39
45
 
40
46
  describe '#verify' do
41
47
  context 'when not signed nor encrypted' do
48
+ let(:jwt) do
49
+ header, claims, signature = no_signed.split('.', 3).collect do |segment|
50
+ UrlSafeBase64.decode64 segment.to_s
51
+ end
52
+ header, claims = [header, claims].collect do |json|
53
+ JSON.parse json, symbolize_names: true, symbolize_keys: true
54
+ end
55
+ jwt = JSON::JWT.new claims
56
+ jwt.header = header
57
+ jwt.signature = signature
58
+ jwt
59
+ end
60
+
42
61
  context 'when no signature nor public_key_or_secret given' do
43
62
  it do
44
- jwt.verify(no_signed).should be_true
63
+ jwt.verify.should be_true
45
64
  end
46
65
  end
47
66
 
48
67
  context 'when public_key_or_secret given' do
49
68
  it do
50
69
  expect do
51
- jwt.verify(no_signed, '', 'secret')
70
+ jwt.verify 'secret'
52
71
  end.to raise_error JSON::JWT::UnexpectedAlgorithm
53
72
  end
54
73
  end
55
74
 
56
75
  context 'when signature given' do
76
+ before { jwt.signature = 'signature' }
77
+
57
78
  it do
58
79
  expect do
59
- jwt.verify(no_signed, 'signature')
80
+ jwt.verify
60
81
  end.to raise_error JSON::JWT::VerificationFailed
61
82
  end
62
83
  end
63
84
  end
64
85
 
65
86
  context 'when signed' do
66
- before { jwt.header[:alg] = :HS256 }
67
87
  it 'should delegate verification to JWS' do
68
- jws = JSON::JWS.new jwt
69
88
  jws.should_receive(:verify)
70
89
  JSON::JWS.should_receive(:new).and_return(jws)
71
- jwt.verify 'signature_base_string', 'signature', 'shared_secret'
90
+ jwt.verify 'shared_secret'
72
91
  end
73
92
  end
74
93
  end
@@ -82,6 +101,32 @@ describe JSON::JWT do
82
101
  end
83
102
  end
84
103
 
104
+ context 'when signed' do
105
+ context 'when no secret/key given' do
106
+ it 'should do verification' do
107
+ expect do
108
+ JSON::JWT.decode jws.to_s
109
+ end.to raise_error JSON::JWT::VerificationFailed
110
+ end
111
+ end
112
+
113
+ context 'when secret/key given' do
114
+ it 'should do verification' do
115
+ expect do
116
+ JSON::JWT.decode jws.to_s, 'secret'
117
+ end.to raise_error JSON::JWT::VerificationFailed
118
+ end
119
+ end
120
+
121
+ context 'when :skip_verification given as secret/key' do
122
+ it 'should skip verification' do
123
+ expect do
124
+ jwt = JSON::JWT.decode jws.to_s, :skip_verification
125
+ end.not_to raise_error
126
+ end
127
+ end
128
+ end
129
+
85
130
  context 'when JSON parse failed' do
86
131
  it do
87
132
  expect do
data/spec/spec_helper.rb CHANGED
@@ -1,7 +1,4 @@
1
- if RUBY_VERSION >= '1.9'
2
- require 'cover_me'
3
- end
4
-
1
+ require 'cover_me'
5
2
  require 'rspec'
6
3
  require 'json/jwt'
7
4
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-09-26 00:00:00.000000000 Z
12
+ date: 2012-10-03 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: json