json-jwt 1.14.0 → 1.15.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 91fcaee7ac6b72ca2ac913dedf96d5720c979428de6dce8c92dfd20dc692090b
-  data.tar.gz: 874d9dc15ae88e8378329786239ff8474bb6d79ff4ca83302734eed8e920d497
+  metadata.gz: 881eaf3476eb9b98f7e02ba780e2893398f79f707c55c7e151f1de8f1a344f5c
+  data.tar.gz: fe2329046f613383e73b4b8579d440f6e394457ad3b090fee27c373b47daa690
 SHA512:
-  metadata.gz: 5d6bf57a02244d0661ee1a57abdbac9d549db17f25d4f65685d3055b51ad8a20c5f48fb9c50bd069d152192d8c25dd76b44cac65c72d1d66d7f6009d1399ed5d
-  data.tar.gz: db006e919ed6ee3f5fa87bce489011ec49d87e39e734fe81e1e72dbb8863ab8fe1d30892f960868f1e45176d97950abb2bc847b20b29321bab3912fa8083ca86
+  metadata.gz: d337b0e27607d55697ae6e162b25674fbcc27b21fe23bfa34d42bc4812e0a35f39f95b8eff66b7a4f6de7e78e883450f6e580931164c632a0146253b7ee89d58
+  data.tar.gz: 0fea890071b4038cbc4ee8080d5c99388035f7642707dd1f4303bcafd7f5f9d8c2f517a5d938d988b551d680211ef6909987b6bbd7e3a5d4688136e37a469f54

data/.github/workflows/test_ruby.yml

@@ -0,0 +1,30 @@
+name: Test Ruby
+
+on:
+  push:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: ['ubuntu-18.04', 'ubuntu-20.04']
+        ruby-version: ['2.5', '2.6', '2.7', '3.0', '3.1']
+        # ubuntu 22.04 only supports ssl 3 and thus only ruby 3.1
+        include:
+        - os: 'ubuntu-22.04'
+          ruby-version: '3.1'
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true
+    - name: Run tests
+      run: bundle exec rake

data/.travis.yml

@@ -3,10 +3,9 @@ before_install:
   - git submodule update --init --recursive
 
 rvm:
-  - 2.5.8
-  - 2.6.6
-  - 2.7.2
-  - 3.0.2
+  - 2.7.6
+  - 3.0.4
+  - 3.1.2
 
 jdk:
   - openjdk11

data/VERSION

@@ -1 +1 @@
-1.14.0
+1.15.0

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "json/jwt"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/json-jwt.gemspec

@@ -16,8 +16,10 @@ Gem::Specification.new do |gem|
   gem.add_runtime_dependency 'activesupport', '>= 4.2'
   gem.add_runtime_dependency 'bindata'
   gem.add_runtime_dependency 'aes_key_wrap'
+  gem.add_runtime_dependency 'httpclient'
   gem.add_development_dependency 'rake'
   gem.add_development_dependency 'simplecov'
+  gem.add_development_dependency 'webmock'
   gem.add_development_dependency 'rspec'
   gem.add_development_dependency 'rspec-its'
 end

data/lib/json/jwk/set/fetcher/debugger/request_filter.rb

@@ -0,0 +1,34 @@
+module JSON
+  class JWK
+    class Set
+      module Fetcher
+        module Debugger
+          class RequestFilter
+            # Callback called in HTTPClient (before sending a request)
+            # request:: HTTP::Message
+            def filter_request(request)
+              started = "======= [JSON::JWK::Set::Fetcher] HTTP REQUEST STARTED ======="
+              log started, request.dump
+            end
+
+            # Callback called in HTTPClient (after received a response)
+            # request::  HTTP::Message
+            # response:: HTTP::Message
+            def filter_response(request, response)
+              finished = "======= [JSON::JWK::Set::Fetcher] HTTP REQUEST FINISHED ======="
+              log '-' * 50, response.dump, finished
+            end
+
+            private
+
+            def log(*outputs)
+              outputs.each do |output|
+                JSON::JWK::Set::Fetcher.logger.info output
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/json/jwk/set/fetcher.rb

@@ -0,0 +1,83 @@
+module JSON
+  class JWK
+    class Set
+      module Fetcher
+        class Cache
+          def fetch(cache_key)
+            yield
+          end
+        end
+
+        def self.logger
+          @@logger
+        end
+        def self.logger=(logger)
+          @@logger = logger
+        end
+        self.logger = Logger.new(STDOUT)
+        self.logger.progname = 'JSON::JWK::Set::Fetcher'
+
+        def self.debugging?
+          @@debugging
+        end
+        def self.debugging=(boolean)
+          @@debugging = boolean
+        end
+        def self.debug!
+          self.debugging = true
+        end
+        def self.debug(&block)
+          original = self.debugging?
+          debug!
+          yield
+        ensure
+          self.debugging = original
+        end
+        self.debugging = false
+
+        def self.http_client
+          _http_client_ = HTTPClient.new(
+            agent_name: "JSON::JWK::Set::Fetcher (#{JSON::JWT::VERSION})"
+          )
+
+          # NOTE: httpclient gem seems stopped maintaining root certtificate set, use OS default.
+          _http_client_.ssl_config.clear_cert_store
+          _http_client_.ssl_config.cert_store.set_default_paths
+
+          _http_client_.request_filter << Debugger::RequestFilter.new if debugging?
+          http_config.try(:call, _http_client_)
+          _http_client_
+        end
+        def self.http_config(&block)
+          @@http_config ||= block
+        end
+
+        def self.cache=(cache)
+          @@cache = cache
+        end
+        def self.cache
+          @@cache
+        end
+        self.cache = Cache.new
+
+        def self.fetch(jwks_uri, kid:)
+          cache_key = [
+            'json:jwk:set',
+            OpenSSL::Digest::MD5.hexdigest(jwks_uri),
+            kid
+          ].collect(&:to_s).join(':')
+          jwks = Set.new(
+            JSON.parse(
+              cache.fetch(cache_key) do
+                http_client.get_content(jwks_uri)
+              end
+            )
+          )
+          jwks.detect do |jwk|
+            jwk[:kid] && jwk[:kid] == kid
+          end or raise JWK::Set::KidNotFound
+        end
+      end
+    end
+  end
+end

data/lib/json/jwt.rb

@@ -1,11 +1,16 @@
 require 'openssl'
 require 'base64'
+require 'httpclient'
 require 'active_support'
 require 'active_support/core_ext'
 require 'json/jose'
 
 module JSON
   class JWT < ActiveSupport::HashWithIndifferentAccess
+    VERSION = ::File.read(
+      ::File.join(::File.dirname(__FILE__), '../../VERSION')
+    ).chomp
+
     attr_accessor :blank_payload
     attr_accessor :signature
 
@@ -132,3 +137,5 @@ require 'json/jwe'
 require 'json/jwk'
 require 'json/jwk/jwkizable'
 require 'json/jwk/set'
+require 'json/jwk/set/fetcher'
+require 'json/jwk/set/fetcher/debugger/request_filter'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.14.0
+  version: 1.15.0
 platform: ruby
 authors:
 - nov matake
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-09 00:00:00.000000000 Z
+date: 2022-08-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -52,6 +52,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: httpclient
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -80,6 +94,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -112,11 +140,13 @@ description: JSON Web Token and its family (JSON Web Signature, JSON Web Encrypt
   and JSON Web Key) in Ruby
 email:
 - nov@matake.jp
-executables: []
+executables:
+- console
 extensions: []
 extra_rdoc_files: []
 files:
 - ".github/FUNDING.yml"
+- ".github/workflows/test_ruby.yml"
 - ".gitignore"
 - ".gitmodules"
 - ".rspec"
@@ -126,19 +156,22 @@ files:
 - README.md
 - Rakefile
 - VERSION
+- bin/console
 - json-jwt.gemspec
 - lib/json/jose.rb
 - lib/json/jwe.rb
 - lib/json/jwk.rb
 - lib/json/jwk/jwkizable.rb
 - lib/json/jwk/set.rb
+- lib/json/jwk/set/fetcher.rb
+- lib/json/jwk/set/fetcher/debugger/request_filter.rb
 - lib/json/jws.rb
 - lib/json/jwt.rb
 homepage: https://github.com/nov/json-jwt
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -154,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key:
+signing_key: 
 specification_version: 4
 summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
   JSON Web Key) in Ruby