json-jwt 1.8.1 → 1.8.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/json-jwt.gemspec +13 -13
- data/lib/json/jws.rb +18 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 602b3d3d4f277871ef5b199abde399770f07f2e8
|
|
4
|
+
data.tar.gz: 16647acb12b3b2cc50dfa6cca6fe9fd8e628cb31
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cdd326b72dd4bbf64214dda08a1b42486ebdd858b102e10d9952bbadaf7769a2808ee544cd49297aee3771f0f9e7f2ef6d55d9044af93b3d860328cb02f6380b
|
|
7
|
+
data.tar.gz: fa3d09f1b919a2caef2a17c57902723f01e5ccbabad731012b62ea0069f9ce09358065dc33e84c2f91814d2789eba0843b5b08af36213cc95fcf9469199daa1e
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.8.
|
|
1
|
+
1.8.2
|
data/json-jwt.gemspec
CHANGED
|
@@ -1,22 +1,22 @@
|
|
|
1
1
|
Gem::Specification.new do |gem|
|
|
2
|
-
gem.name =
|
|
3
|
-
gem.version = File.read(
|
|
4
|
-
gem.authors = [
|
|
5
|
-
gem.email = [
|
|
6
|
-
gem.homepage =
|
|
2
|
+
gem.name = 'json-jwt'
|
|
3
|
+
gem.version = File.read('VERSION')
|
|
4
|
+
gem.authors = ['nov matake']
|
|
5
|
+
gem.email = ['nov@matake.jp']
|
|
6
|
+
gem.homepage = 'https://github.com/nov/json-jwt'
|
|
7
7
|
gem.summary = %q{JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby}
|
|
8
8
|
gem.description = %q{JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and JSON Web Key) in Ruby}
|
|
9
9
|
gem.license = 'MIT'
|
|
10
10
|
gem.files = `git ls-files`.split("\n")
|
|
11
11
|
gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
|
12
12
|
gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
|
13
|
-
gem.require_paths = [
|
|
14
|
-
gem.add_runtime_dependency
|
|
15
|
-
gem.add_runtime_dependency
|
|
16
|
-
gem.add_runtime_dependency
|
|
17
|
-
gem.add_runtime_dependency
|
|
18
|
-
gem.add_development_dependency
|
|
19
|
-
gem.add_development_dependency
|
|
20
|
-
gem.add_development_dependency
|
|
13
|
+
gem.require_paths = ['lib']
|
|
14
|
+
gem.add_runtime_dependency 'url_safe_base64'
|
|
15
|
+
gem.add_runtime_dependency 'activesupport'
|
|
16
|
+
gem.add_runtime_dependency 'bindata'
|
|
17
|
+
gem.add_runtime_dependency 'securecompare'
|
|
18
|
+
gem.add_development_dependency 'rake'
|
|
19
|
+
gem.add_development_dependency 'simplecov'
|
|
20
|
+
gem.add_development_dependency 'rspec'
|
|
21
21
|
gem.add_development_dependency 'rspec-its'
|
|
22
22
|
end
|
data/lib/json/jws.rb
CHANGED
|
@@ -50,6 +50,18 @@ module JSON
|
|
|
50
50
|
[:RS256, :RS384, :RS512].include? algorithm.try(:to_sym)
|
|
51
51
|
end
|
|
52
52
|
|
|
53
|
+
def rsa_pss?
|
|
54
|
+
if [:PS256, :PS384, :PS512].include? algorithm.try(:to_sym)
|
|
55
|
+
if OpenSSL::VERSION < '2.1.0'
|
|
56
|
+
raise "#{alg} isn't supported. OpenSSL gem v2.1.0+ is required to use #{alg}."
|
|
57
|
+
else
|
|
58
|
+
true
|
|
59
|
+
end
|
|
60
|
+
else
|
|
61
|
+
false
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
|
|
53
65
|
def ecdsa?
|
|
54
66
|
[:ES256, :ES384, :ES512].include? algorithm.try(:to_sym)
|
|
55
67
|
end
|
|
@@ -72,6 +84,9 @@ module JSON
|
|
|
72
84
|
when rsa?
|
|
73
85
|
private_key = private_key_or_secret
|
|
74
86
|
private_key.sign digest, signature_base_string
|
|
87
|
+
when rsa_pss?
|
|
88
|
+
private_key = private_key_or_secret
|
|
89
|
+
private_key.sign_pss digest, signature_base_string, salt_length: :digest, mgf1_hash: digest
|
|
75
90
|
when ecdsa?
|
|
76
91
|
private_key = private_key_or_secret
|
|
77
92
|
verify_ecdsa_group! private_key
|
|
@@ -92,6 +107,9 @@ module JSON
|
|
|
92
107
|
when rsa?
|
|
93
108
|
public_key = public_key_or_secret
|
|
94
109
|
public_key.verify digest, signature, signature_base_string
|
|
110
|
+
when rsa_pss?
|
|
111
|
+
public_key = public_key_or_secret
|
|
112
|
+
public_key.verify_pss digest, signature, signature_base_string, salt_length: :digest, mgf1_hash: digest
|
|
95
113
|
when ecdsa?
|
|
96
114
|
public_key = public_key_or_secret
|
|
97
115
|
verify_ecdsa_group! public_key
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.8.
|
|
4
|
+
version: 1.8.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
@@ -72,14 +72,14 @@ dependencies:
|
|
|
72
72
|
requirements:
|
|
73
73
|
- - ">="
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: '0
|
|
75
|
+
version: '0'
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
80
|
- - ">="
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: '0
|
|
82
|
+
version: '0'
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: simplecov
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|