json-jwt 1.8.2 → 1.8.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of json-jwt might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/json/jose.rb +3 -3
- data/lib/json/jwe.rb +9 -5
- data/lib/json/jws.rb +8 -6
- data/lib/json/jwt.rb +18 -7
- data/spec/interop/with_jsrsasign_spec.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3abc4f60457c79cdc55e59cb46553722b816acbe
|
|
4
|
+
data.tar.gz: 5c305020b1dfcc15f0aff4ee7ea0ab2dee3a9009
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 83f3cc919f8336b259a1e8fd203692024ae6d5cd7d6402ce83713a28994dd896e0e9b1800b53f9bd1ff8cc98fddf1f18ba3d1241c1349482c56d2a23ba1ffc6b
|
|
7
|
+
data.tar.gz: f17db83dbd4751c3da5f4e3d37b1e231ae5bda78916677dd13e7fb854ce0706dc58221657542287dd5e55dc81101afe498baf199ec1ba9caa633ede5b3095e90
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.8.
|
|
1
|
+
1.8.3
|
data/lib/json/jose.rb
CHANGED
|
@@ -45,11 +45,11 @@ module JSON
|
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
|
|
48
|
-
def decode(input, key_or_secret = nil)
|
|
48
|
+
def decode(input, key_or_secret = nil, algorithms = nil, encryption_methods = nil)
|
|
49
49
|
if input.is_a? Hash
|
|
50
|
-
decode_json_serialized input, key_or_secret
|
|
50
|
+
decode_json_serialized input, key_or_secret, algorithms, encryption_methods
|
|
51
51
|
else
|
|
52
|
-
decode_compact_serialized input, key_or_secret
|
|
52
|
+
decode_compact_serialized input, key_or_secret, algorithms, encryption_methods
|
|
53
53
|
end
|
|
54
54
|
rescue JSON::ParserError
|
|
55
55
|
raise JWT::InvalidFormat.new("Invalid JSON Format")
|
data/lib/json/jwe.rb
CHANGED
|
@@ -37,7 +37,9 @@ module JSON
|
|
|
37
37
|
self
|
|
38
38
|
end
|
|
39
39
|
|
|
40
|
-
def decrypt!(private_key_or_secret)
|
|
40
|
+
def decrypt!(private_key_or_secret, algorithms = nil, encryption_methods = nil)
|
|
41
|
+
raise UnexpectedAlgorithm.new('Unexpected alg header') unless algorithms.blank? || Array(algorithms).include?(alg)
|
|
42
|
+
raise UnexpectedAlgorithm.new('Unexpected enc header') unless encryption_methods.blank? || Array(encryption_methods).include?(enc)
|
|
41
43
|
self.private_key_or_secret = with_jwk_support private_key_or_secret
|
|
42
44
|
cipher.decrypt
|
|
43
45
|
self.content_encryption_key = decrypt_content_encryption_key
|
|
@@ -247,7 +249,7 @@ module JSON
|
|
|
247
249
|
end
|
|
248
250
|
|
|
249
251
|
class << self
|
|
250
|
-
def decode_compact_serialized(input, private_key_or_secret)
|
|
252
|
+
def decode_compact_serialized(input, private_key_or_secret, algorithms = nil, encryption_methods = nil)
|
|
251
253
|
unless input.count('.') + 1 == NUM_OF_SEGMENTS
|
|
252
254
|
raise InvalidFormat.new("Invalid JWE Format. JWE should include #{NUM_OF_SEGMENTS} segments.")
|
|
253
255
|
end
|
|
@@ -257,11 +259,13 @@ module JSON
|
|
|
257
259
|
end
|
|
258
260
|
jwe.auth_data = input.split('.').first
|
|
259
261
|
jwe.header = JSON.parse(_header_json_).with_indifferent_access
|
|
260
|
-
|
|
262
|
+
unless private_key_or_secret == :skip_decryption
|
|
263
|
+
jwe.decrypt! private_key_or_secret, algorithms, encryption_methods
|
|
264
|
+
end
|
|
261
265
|
jwe
|
|
262
266
|
end
|
|
263
267
|
|
|
264
|
-
def decode_json_serialized(input, private_key_or_secret)
|
|
268
|
+
def decode_json_serialized(input, private_key_or_secret, algorithms = nil, encryption_methods = nil)
|
|
265
269
|
input = input.with_indifferent_access
|
|
266
270
|
jwe_encrypted_key = if input[:recipients].present?
|
|
267
271
|
input[:recipients].first[:encrypted_key]
|
|
@@ -275,7 +279,7 @@ module JSON
|
|
|
275
279
|
input[:ciphertext],
|
|
276
280
|
input[:tag]
|
|
277
281
|
].join('.')
|
|
278
|
-
decode_compact_serialized compact_serialized, private_key_or_secret
|
|
282
|
+
decode_compact_serialized compact_serialized, private_key_or_secret, algorithms, encryption_methods
|
|
279
283
|
end
|
|
280
284
|
end
|
|
281
285
|
end
|
data/lib/json/jws.rb
CHANGED
|
@@ -17,13 +17,15 @@ module JSON
|
|
|
17
17
|
self
|
|
18
18
|
end
|
|
19
19
|
|
|
20
|
-
def verify!(public_key_or_secret)
|
|
20
|
+
def verify!(public_key_or_secret, algorithms = nil)
|
|
21
21
|
if alg.try(:to_sym) == :none
|
|
22
22
|
raise UnexpectedAlgorithm if public_key_or_secret
|
|
23
23
|
signature == '' or raise VerificationFailed
|
|
24
|
-
|
|
24
|
+
elsif algorithms.blank? || Array(algorithms).include?(alg.try(:to_sym))
|
|
25
25
|
public_key_or_secret && valid?(public_key_or_secret) or
|
|
26
26
|
raise VerificationFailed
|
|
27
|
+
else
|
|
28
|
+
raise UnexpectedAlgorithm.new('Unexpected alg header')
|
|
27
29
|
end
|
|
28
30
|
end
|
|
29
31
|
|
|
@@ -150,7 +152,7 @@ module JSON
|
|
|
150
152
|
end
|
|
151
153
|
|
|
152
154
|
class << self
|
|
153
|
-
def decode_compact_serialized(input, public_key_or_secret)
|
|
155
|
+
def decode_compact_serialized(input, public_key_or_secret, algorithms = nil)
|
|
154
156
|
unless input.count('.') + 1 == NUM_OF_SEGMENTS
|
|
155
157
|
raise InvalidFormat.new("Invalid JWS Format. JWS should include #{NUM_OF_SEGMENTS} segments.")
|
|
156
158
|
end
|
|
@@ -164,11 +166,11 @@ module JSON
|
|
|
164
166
|
jws.header = header
|
|
165
167
|
jws.signature = signature
|
|
166
168
|
jws.signature_base_string = input.split('.')[0, JWS::NUM_OF_SEGMENTS - 1].join('.')
|
|
167
|
-
jws.verify! public_key_or_secret unless public_key_or_secret == :skip_verification
|
|
169
|
+
jws.verify! public_key_or_secret, algorithms unless public_key_or_secret == :skip_verification
|
|
168
170
|
jws
|
|
169
171
|
end
|
|
170
172
|
|
|
171
|
-
def decode_json_serialized(input, public_key_or_secret)
|
|
173
|
+
def decode_json_serialized(input, public_key_or_secret, algorithms = nil)
|
|
172
174
|
input = input.with_indifferent_access
|
|
173
175
|
header, payload, signature = if input[:signatures].present?
|
|
174
176
|
[
|
|
@@ -184,7 +186,7 @@ module JSON
|
|
|
184
186
|
end
|
|
185
187
|
end
|
|
186
188
|
compact_serialized = [header, payload, signature].join('.')
|
|
187
|
-
decode_compact_serialized compact_serialized, public_key_or_secret
|
|
189
|
+
decode_compact_serialized compact_serialized, public_key_or_secret, algorithms
|
|
188
190
|
end
|
|
189
191
|
end
|
|
190
192
|
end
|
data/lib/json/jwt.rb
CHANGED
|
@@ -78,28 +78,39 @@ module JSON
|
|
|
78
78
|
end
|
|
79
79
|
end
|
|
80
80
|
|
|
81
|
+
def pretty_generate
|
|
82
|
+
[
|
|
83
|
+
JSON.pretty_generate(header),
|
|
84
|
+
JSON.pretty_generate(self)
|
|
85
|
+
]
|
|
86
|
+
end
|
|
87
|
+
|
|
81
88
|
class << self
|
|
82
|
-
def decode_compact_serialized(jwt_string, key_or_secret)
|
|
89
|
+
def decode_compact_serialized(jwt_string, key_or_secret, algorithms = nil, encryption_methods = nil)
|
|
83
90
|
case jwt_string.count('.') + 1
|
|
84
91
|
when JWS::NUM_OF_SEGMENTS
|
|
85
|
-
JWS.decode_compact_serialized jwt_string, key_or_secret
|
|
92
|
+
JWS.decode_compact_serialized jwt_string, key_or_secret, algorithms
|
|
86
93
|
when JWE::NUM_OF_SEGMENTS
|
|
87
|
-
JWE.decode_compact_serialized jwt_string, key_or_secret
|
|
94
|
+
JWE.decode_compact_serialized jwt_string, key_or_secret, algorithms, encryption_methods
|
|
88
95
|
else
|
|
89
96
|
raise InvalidFormat.new("Invalid JWT Format. JWT should include #{JWS::NUM_OF_SEGMENTS} or #{JWE::NUM_OF_SEGMENTS} segments.")
|
|
90
97
|
end
|
|
91
98
|
end
|
|
92
99
|
|
|
93
|
-
def decode_json_serialized(input, key_or_secret)
|
|
100
|
+
def decode_json_serialized(input, key_or_secret, algorithms = nil, encryption_methods = nil)
|
|
94
101
|
input = input.with_indifferent_access
|
|
95
102
|
if (input[:signatures] || input[:signature]).present?
|
|
96
|
-
JWS.decode_json_serialized input, key_or_secret
|
|
103
|
+
JWS.decode_json_serialized input, key_or_secret, algorithms
|
|
97
104
|
elsif input[:ciphertext].present?
|
|
98
|
-
JWE.decode_json_serialized input, key_or_secret
|
|
105
|
+
JWE.decode_json_serialized input, key_or_secret, algorithms, encryption_methods
|
|
99
106
|
else
|
|
100
107
|
raise InvalidFormat.new("Unexpected JOSE JSON Serialization Format.")
|
|
101
108
|
end
|
|
102
109
|
end
|
|
110
|
+
|
|
111
|
+
def pretty_generate(jwt_string)
|
|
112
|
+
decode(jwt_string, :skip_verification).pretty_generate
|
|
113
|
+
end
|
|
103
114
|
end
|
|
104
115
|
end
|
|
105
116
|
end
|
|
@@ -108,4 +119,4 @@ require 'json/jws'
|
|
|
108
119
|
require 'json/jwe'
|
|
109
120
|
require 'json/jwk'
|
|
110
121
|
require 'json/jwk/jwkizable'
|
|
111
|
-
require 'json/jwk/set'
|
|
122
|
+
require 'json/jwk/set'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: json-jwt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.8.
|
|
4
|
+
version: 1.8.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- nov matake
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-12-
|
|
11
|
+
date: 2017-12-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: url_safe_base64
|
|
@@ -188,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
188
188
|
version: '0'
|
|
189
189
|
requirements: []
|
|
190
190
|
rubyforge_project:
|
|
191
|
-
rubygems_version: 2.6.
|
|
191
|
+
rubygems_version: 2.6.13
|
|
192
192
|
signing_key:
|
|
193
193
|
specification_version: 4
|
|
194
194
|
summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and
|