RubyGems - json-jwt - Versions diffs - 1.6.2 → 1.6.3 - Mend

json-jwt 1.6.2 → 1.6.3

This version of json-jwt might be problematic. Click here for more details.

Files changed (8) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 701cf86a3ceb49918c808ffdd2d207d6711c6803
-  data.tar.gz: 7a00b2dac244dfee8ded0665f35fc7dd02eb7fef
+  metadata.gz: 2d76ce03978dc2dcfb42f7061d0613fdf9d8dba2
+  data.tar.gz: ad36d966f39107a7e9e7ecd0521780674d7b31b5
 SHA512:
-  metadata.gz: 62d1b3916ddcfed3e7169d9fccb3b8c59b29ff0b2e7f9c9ee7b9c6dc28966c7706f59c013c44d9e5a0a3d8237d7325c37b822d1fcc66f45123e77a80760f6f52
-  data.tar.gz: 59c93232656b3da54db7b58ae15f8efffc1179a9d211daa3327f8634907409c768a1a7513cb68af2a567dbce0ff06fb29a6fdb0da743233349f9cff0f893c913
+  metadata.gz: f9fff9a8a5519bcec6cb67eb2153c2ca6f852191b18ddc98011e56fa228bcc94be9c1621fcef734402053d4755b83120e0b1a89b7396a0ea26396cdedda17f9d
+  data.tar.gz: 258a78cfd221accbf30f91ff35c0b5774cc1f463a61311b5412bacb0425fb0bbf1887f900a39197bd2d83bd7210b40c215824dd5a71a4b508f2b91b5e6cbadb1

data/.travis.yml CHANGED

@@ -3,7 +3,6 @@ before_install:
   - git submodule update --init --recursive
 rvm:
-  - 2.0
-  - 2.1
-  - 2.2
-  - 2.3.0
+  - 2.2.2 # NOTE: 2.2.1 or lower aren't supported by activesupport 5.0, CI isn't needed for such legacy versions.
+  - 2.2.5
+  - 2.3.1

data/VERSION CHANGED

data/lib/json/jws.rb CHANGED

@@ -30,7 +30,7 @@ module JSON
     def update(hash_or_jwt)
       super
       if hash_or_jwt.is_a? JSON::JWT
-        self.header = hash_or_jwt.header
+        self.header.update hash_or_jwt.header
         self.signature = hash_or_jwt.signature
       end
       self

data/lib/json/jwt.rb CHANGED

@@ -34,7 +34,7 @@ module JSON
         #  This code is needed to keep legacy behavior.
         algorithm = private_key_or_secret.is_a?(String) ? :HS256 : :RS256
       end
-      jws = JWS.new self.dup
+      jws = JWS.new self
       jws.kid ||= private_key_or_secret[:kid] if private_key_or_secret.is_a? JSON::JWK
       jws.alg = algorithm
       jws.sign! private_key_or_secret

data/spec/json/jws_spec.rb CHANGED

@@ -265,7 +265,7 @@ describe JSON::JWS do
     end
   end
-  describe 'to_json' do
+  describe '#to_json' do
     let(:alg) { :RS256 }
     let(:private_key_or_secret) { private_key }

data/spec/json/jwt_spec.rb CHANGED

@@ -78,6 +78,41 @@ describe JSON::JWT do
         jws.kid.should == key[:kid]
       end
     end
+    describe 'object copy behaviour' do
+      before do
+        @jwt = JSON::JWT.new(obj: {foo: :bar})
+        @jws = @jwt.sign('secret')
+      end
+      context 'when original JWT is modified' do
+        before do
+          @jwt.header[:x] = :x
+          @jwt[:obj][:x] = :x
+        end
+        describe 'copied JWS' do
+          it 'should be affected as shallow copy, but not as a simple reference' do
+            @jws.header.should_not include :x
+            @jws[:obj].should include :x
+          end
+        end
+      end
+      context 'when copied JWS is modified' do
+        before do
+          @jws.header[:x] = :x
+          @jws[:obj][:x] = :x
+        end
+        describe 'original JWT' do
+          it 'should be affected as shallow copy, but not as a simple reference' do
+            @jwt.header.should_not include :x
+            @jwt[:obj].should include :x
+          end
+        end
+      end
+    end
   end
   describe '#encrypt' do

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: json-jwt
 version: !ruby/object:Gem::Version
-  version: 1.6.2
+  version: 1.6.3
 platform: ruby
 authors:
 - nov matake
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-06-25 00:00:00.000000000 Z
+date: 2016-07-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: multi_json