json-jwt 0.5.5 → 0.5.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +0 -1
- data/Rakefile +1 -1
- data/VERSION +1 -1
- data/json-jwt.gemspec +1 -1
- data/lib/json/jose.rb +7 -0
- data/lib/json/jwe.rb +5 -1
- data/lib/json/jwk.rb +6 -0
- data/lib/json/jws.rb +1 -1
- data/lib/json/jwt.rb +17 -9
- data/spec/json/jwe_spec.rb +1 -1
- data/spec/json/jwk_spec.rb +3 -3
- data/spec/json/jws_spec.rb +1 -1
- data/spec/json/jwt_spec.rb +10 -0
- metadata +8 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f19422f66eb5b83b9e0bd358351adae0079ef23b
|
|
4
|
+
data.tar.gz: 9fcfb99e7aefa37537925233bf1669706ec30b9a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 43e31546b57bcf852d496a588d444669ca48060191cec2c5283eadca9c6da5c7e69d337df9f40a240798a88c9e14316d9ad0a20c2bcbe7f7d0ede3e4cad6daee
|
|
7
|
+
data.tar.gz: 867b59f52a7937a7c86fe6b159038506e2821899872b7e4bb9bbcc6ac6d18310ee6e7cd31216180eabaff1072b3cb487253fb20e26ccdb163efde2a57005fed6
|
data/Rakefile
CHANGED
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.5.
|
|
1
|
+
0.5.6
|
data/json-jwt.gemspec
CHANGED
|
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
|
|
|
12
12
|
s.require_paths = ["lib"]
|
|
13
13
|
s.add_runtime_dependency "multi_json", ">= 1.3"
|
|
14
14
|
s.add_runtime_dependency "url_safe_base64"
|
|
15
|
-
s.add_runtime_dependency "activesupport"
|
|
15
|
+
s.add_runtime_dependency "activesupport"
|
|
16
16
|
s.add_runtime_dependency "bindata"
|
|
17
17
|
s.add_development_dependency "rake", ">= 0.8"
|
|
18
18
|
s.add_development_dependency "cover_me", ">= 1.2.0"
|
data/lib/json/jose.rb
ADDED
data/lib/json/jwe.rb
CHANGED
|
@@ -2,7 +2,7 @@ require 'securerandom'
|
|
|
2
2
|
require 'bindata'
|
|
3
3
|
|
|
4
4
|
module JSON
|
|
5
|
-
class JWE <
|
|
5
|
+
class JWE < JOSE
|
|
6
6
|
class InvalidFormat < JWT::InvalidFormat; end
|
|
7
7
|
class DecryptionFailed < JWT::VerificationFailed; end
|
|
8
8
|
class UnexpectedAlgorithm < JWT::UnexpectedAlgorithm; end
|
|
@@ -20,6 +20,10 @@ module JSON
|
|
|
20
20
|
self.input = input.to_s
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
+
def content_type
|
|
24
|
+
'application/jose'
|
|
25
|
+
end
|
|
26
|
+
|
|
23
27
|
def encrypt!(public_key_or_secret)
|
|
24
28
|
self.mode = :encyption
|
|
25
29
|
self.plain_text = input
|
data/lib/json/jwk.rb
CHANGED
|
@@ -78,6 +78,12 @@ module JSON
|
|
|
78
78
|
raise UnknownAlgorithm.new('Unknown Algorithm')
|
|
79
79
|
end
|
|
80
80
|
end
|
|
81
|
+
|
|
82
|
+
# NOTE: Ugly hack to avoid this ActiveSupport 4.0 bug.
|
|
83
|
+
# https://github.com/rails/rails/issues/11087
|
|
84
|
+
def new_from_hash_copying_default(hash)
|
|
85
|
+
superclass.new_from_hash_copying_default hash
|
|
86
|
+
end
|
|
81
87
|
end
|
|
82
88
|
end
|
|
83
89
|
end
|
data/lib/json/jws.rb
CHANGED
data/lib/json/jwt.rb
CHANGED
|
@@ -12,10 +12,6 @@ module JSON
|
|
|
12
12
|
class VerificationFailed < Exception; end
|
|
13
13
|
class UnexpectedAlgorithm < VerificationFailed; end
|
|
14
14
|
|
|
15
|
-
def header
|
|
16
|
-
@header ||= {}
|
|
17
|
-
end
|
|
18
|
-
|
|
19
15
|
class << self
|
|
20
16
|
def register_header_keys(*keys)
|
|
21
17
|
keys.each do |header_key|
|
|
@@ -40,6 +36,14 @@ module JSON
|
|
|
40
36
|
replace claims
|
|
41
37
|
end
|
|
42
38
|
|
|
39
|
+
def content_type
|
|
40
|
+
'application/jwt'
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
def header
|
|
44
|
+
@header ||= {}
|
|
45
|
+
end
|
|
46
|
+
|
|
43
47
|
def sign(private_key_or_secret, algorithm = :HS256)
|
|
44
48
|
jws = JWS.new(self)
|
|
45
49
|
jws.alg = algorithm
|
|
@@ -62,10 +66,6 @@ module JSON
|
|
|
62
66
|
jwe.encrypt! public_key_or_secret
|
|
63
67
|
end
|
|
64
68
|
|
|
65
|
-
def content_type
|
|
66
|
-
"application/#{self.class.name.split('::').last.downcase}"
|
|
67
|
-
end
|
|
68
|
-
|
|
69
69
|
def to_s
|
|
70
70
|
[
|
|
71
71
|
header.to_json,
|
|
@@ -101,17 +101,25 @@ module JSON
|
|
|
101
101
|
jwe.header = MultiJson.load(
|
|
102
102
|
UrlSafeBase64.decode64 jwt_string.split('.').first
|
|
103
103
|
).with_indifferent_access
|
|
104
|
-
jwe.decrypt! key_or_secret
|
|
104
|
+
jwe.decrypt! key_or_secret unless key_or_secret == :skip_decryption
|
|
105
|
+
jwe
|
|
105
106
|
else
|
|
106
107
|
raise InvalidFormat.new('Invalid JWT Format. JWT should include 2 or 3 dots.')
|
|
107
108
|
end
|
|
108
109
|
rescue MultiJson::DecodeError
|
|
109
110
|
raise InvalidFormat.new("Invalid JSON Format")
|
|
110
111
|
end
|
|
112
|
+
|
|
113
|
+
# NOTE: Ugly hack to avoid this ActiveSupport 4.0 bug.
|
|
114
|
+
# https://github.com/rails/rails/issues/11087
|
|
115
|
+
def new_from_hash_copying_default(hash)
|
|
116
|
+
superclass.new_from_hash_copying_default hash
|
|
117
|
+
end
|
|
111
118
|
end
|
|
112
119
|
end
|
|
113
120
|
end
|
|
114
121
|
|
|
122
|
+
require 'json/jose'
|
|
115
123
|
require 'json/jws'
|
|
116
124
|
require 'json/jwe'
|
|
117
125
|
require 'json/jwk'
|
data/spec/json/jwe_spec.rb
CHANGED
data/spec/json/jwk_spec.rb
CHANGED
|
@@ -10,14 +10,14 @@ describe JSON::JWK do
|
|
|
10
10
|
|
|
11
11
|
context 'when RSA public key given' do
|
|
12
12
|
let(:jwk) { JSON::JWK.new public_key }
|
|
13
|
-
it { jwk.keys.should include :kty, :e, :n }
|
|
13
|
+
it { jwk.keys.collect(&:to_sym).should include :kty, :e, :n }
|
|
14
14
|
its(:kty) { jwk[:kty].should == :RSA }
|
|
15
15
|
its(:e) { jwk[:e].should == UrlSafeBase64.encode64(public_key.e.to_s(2)) }
|
|
16
16
|
its(:n) { jwk[:n].should == UrlSafeBase64.encode64(public_key.n.to_s(2)) }
|
|
17
17
|
|
|
18
18
|
context 'when kid/use options given' do
|
|
19
19
|
let(:jwk) { JSON::JWK.new public_key, kid: '12345', use: :sig }
|
|
20
|
-
it { jwk.keys.should include :kid, :use }
|
|
20
|
+
it { jwk.keys.collect(&:to_sym).should include :kid, :use }
|
|
21
21
|
its(:kid) { jwk[:kid].should == '12345' }
|
|
22
22
|
its(:use) { jwk[:use].should == :sig }
|
|
23
23
|
end
|
|
@@ -43,7 +43,7 @@ describe JSON::JWK do
|
|
|
43
43
|
[256, 384, 512].each do |digest_length|
|
|
44
44
|
describe "EC#{digest_length}" do
|
|
45
45
|
let(:jwk) { JSON::JWK.new public_key(:ecdsa, digest_length: digest_length) }
|
|
46
|
-
it { jwk.keys.should include :kty, :crv, :x, :y }
|
|
46
|
+
it { jwk.keys.collect(&:to_sym).should include :kty, :crv, :x, :y }
|
|
47
47
|
its(:kty) { jwk[:kty].should == :EC }
|
|
48
48
|
its(:x) { jwk[:x].should == expected_coodinates[digest_length][:x] }
|
|
49
49
|
its(:y) { jwk[:y].should == expected_coodinates[digest_length][:y] }
|
data/spec/json/jws_spec.rb
CHANGED
data/spec/json/jwt_spec.rb
CHANGED
|
@@ -149,6 +149,7 @@ describe JSON::JWT do
|
|
|
149
149
|
it 'should skip verification' do
|
|
150
150
|
expect do
|
|
151
151
|
jwt = JSON::JWT.decode jws.to_s, :skip_verification
|
|
152
|
+
jwt.header.should == {'alg' => 'HS256', 'typ' => 'JWT'}
|
|
152
153
|
end.not_to raise_error
|
|
153
154
|
end
|
|
154
155
|
end
|
|
@@ -161,6 +162,15 @@ describe JSON::JWT do
|
|
|
161
162
|
it 'should decryptable' do
|
|
162
163
|
JSON::JWT.decode(input, private_key).should be_a JSON::JWE
|
|
163
164
|
end
|
|
165
|
+
|
|
166
|
+
context 'when :skip_decryption given as secret/key' do
|
|
167
|
+
it 'should skip verification' do
|
|
168
|
+
expect do
|
|
169
|
+
jwe = JSON::JWT.decode input, :skip_decryption
|
|
170
|
+
jwe.header.should == {'alg' => 'RSA1_5', 'enc' => 'A128CBC+HS256'}
|
|
171
|
+
end.not_to raise_error
|
|
172
|
+
end
|
|
173
|
+
end
|
|
164
174
|
end
|
|
165
175
|
|
|
166
176
|
context 'when JSON parse failed' do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.5.
|
|
4
|
+
version: 0.5.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2013-
|
|
11
|
+
date: 2013-10-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: multi_json
|
|
@@ -42,16 +42,16 @@ dependencies:
|
|
|
42
42
|
name: activesupport
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
|
-
- -
|
|
45
|
+
- - '>='
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '
|
|
47
|
+
version: '0'
|
|
48
48
|
type: :runtime
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
|
-
- -
|
|
52
|
+
- - '>='
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '
|
|
54
|
+
version: '0'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: bindata
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -126,6 +126,7 @@ files:
|
|
|
126
126
|
- Rakefile
|
|
127
127
|
- VERSION
|
|
128
128
|
- json-jwt.gemspec
|
|
129
|
+
- lib/json/jose.rb
|
|
129
130
|
- lib/json/jwe.rb
|
|
130
131
|
- lib/json/jwk.rb
|
|
131
132
|
- lib/json/jwk/set.rb
|
|
@@ -167,7 +168,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
167
168
|
version: '0'
|
|
168
169
|
requirements: []
|
|
169
170
|
rubyforge_project:
|
|
170
|
-
rubygems_version: 2.0.
|
|
171
|
+
rubygems_version: 2.0.3
|
|
171
172
|
signing_key:
|
|
172
173
|
specification_version: 4
|
|
173
174
|
summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
|