json-jwt 1.9.2 → 1.9.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of json-jwt might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 02a8f8276126a037916b981d30fc38e200f9e378
4
- data.tar.gz: de0acf0db5b5f400b2c8ba49d0e549d718b74568
2
+ SHA256:
3
+ metadata.gz: 9d4b2dfb27f37a7525522312228284729a9f940698bfa3d1b7b3562f94cf998b
4
+ data.tar.gz: 865265a1f3d884476535d0f3c8d3de258db91d9ca4948283b78f4a48cc1023c3
5
5
  SHA512:
6
- metadata.gz: 18b298765ff484588a80e5fefbe9c349e4df237f5d3548f0359884a2b252a67b60116e476df67427655c74d8c0ae160049007df360b6597337c91995af366b65
7
- data.tar.gz: 0e25eebdad2529441d1fb90a93482f354b79533715b191fb812f5d019d6e8d3b41abb59c103c8563df93441d5336f591a0ff724d69fb31a5ed6bfc16aecae5a2
6
+ metadata.gz: eae66e49d8e101e68575ec4a4bf7ac46cef62d151d3dbae4d1a1c17a7a17235f376991c7346c8e46c9605b8028bca41113da7b84d85a52b58a28050e59c586c1
7
+ data.tar.gz: '0295d9284c1fb49c1f29881c915ffacac5f5f9c985f19f2a39c2bc27aac5570102f1f2d07032f62254b88eb3e8133236d4e6d4551235c83ec03c64a324e8593e'
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.9.2
1
+ 1.9.3
@@ -11,7 +11,6 @@ Gem::Specification.new do |gem|
11
11
  gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
12
12
  gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
13
13
  gem.require_paths = ['lib']
14
- gem.add_runtime_dependency 'url_safe_base64'
15
14
  gem.add_runtime_dependency 'activesupport'
16
15
  gem.add_runtime_dependency 'bindata'
17
16
  gem.add_runtime_dependency 'securecompare'
@@ -51,9 +51,9 @@ module JSON
51
51
  else
52
52
  decode_compact_serialized input, key_or_secret, algorithms, encryption_methods
53
53
  end
54
- rescue JSON::ParserError
54
+ rescue JSON::ParserError, ArgumentError
55
55
  raise JWT::InvalidFormat.new("Invalid JSON Format")
56
56
  end
57
57
  end
58
58
  end
59
- end
59
+ end
@@ -32,7 +32,7 @@ module JSON
32
32
  self.mac_key, self.encryption_key = derive_encryption_and_mac_keys
33
33
  cipher.key = encryption_key
34
34
  self.iv = cipher.random_iv # NOTE: 'iv' has to be set after 'key' for GCM
35
- self.auth_data = UrlSafeBase64.encode64 header.to_json
35
+ self.auth_data = Base64.urlsafe_encode64 header.to_json, padding: false
36
36
  cipher.auth_data = auth_data if gcm?
37
37
  self.cipher_text = cipher.update(plain_text) + cipher.final
38
38
  self
@@ -64,7 +64,7 @@ module JSON
64
64
  cipher_text,
65
65
  authentication_tag
66
66
  ].collect do |segment|
67
- UrlSafeBase64.encode64 segment.to_s
67
+ Base64.urlsafe_encode64 segment.to_s, padding: false
68
68
  end.join('.')
69
69
  end
70
70
 
@@ -72,21 +72,21 @@ module JSON
72
72
  case options[:syntax]
73
73
  when :general
74
74
  {
75
- protected: UrlSafeBase64.encode64(header.to_json),
75
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
76
76
  recipients: [{
77
- encrypted_key: UrlSafeBase64.encode64(jwe_encrypted_key)
77
+ encrypted_key: Base64.urlsafe_encode64(jwe_encrypted_key, padding: false)
78
78
  }],
79
- iv: UrlSafeBase64.encode64(iv),
80
- ciphertext: UrlSafeBase64.encode64(cipher_text),
81
- tag: UrlSafeBase64.encode64(authentication_tag)
79
+ iv: Base64.urlsafe_encode64(iv, padding: false),
80
+ ciphertext: Base64.urlsafe_encode64(cipher_text, padding: false),
81
+ tag: Base64.urlsafe_encode64(authentication_tag, padding: false)
82
82
  }
83
83
  else
84
84
  {
85
- protected: UrlSafeBase64.encode64(header.to_json),
86
- encrypted_key: UrlSafeBase64.encode64(jwe_encrypted_key),
87
- iv: UrlSafeBase64.encode64(iv),
88
- ciphertext: UrlSafeBase64.encode64(cipher_text),
89
- tag: UrlSafeBase64.encode64(authentication_tag)
85
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
86
+ encrypted_key: Base64.urlsafe_encode64(jwe_encrypted_key, padding: false),
87
+ iv: Base64.urlsafe_encode64(iv, padding: false),
88
+ ciphertext: Base64.urlsafe_encode64(cipher_text, padding: false),
89
+ tag: Base64.urlsafe_encode64(authentication_tag, padding: false)
90
90
  }
91
91
  end
92
92
  end
@@ -252,7 +252,11 @@ module JSON
252
252
  end
253
253
  jwe = new
254
254
  _header_json_, jwe.jwe_encrypted_key, jwe.iv, jwe.cipher_text, jwe.authentication_tag = input.split('.').collect do |segment|
255
- UrlSafeBase64.decode64 segment
255
+ begin
256
+ Base64.urlsafe_decode64 segment
257
+ rescue ArgumentError
258
+ raise DecryptionFailed
259
+ end
256
260
  end
257
261
  jwe.auth_data = input.split('.').first
258
262
  jwe.header = JSON.parse(_header_json_).with_indifferent_access
@@ -34,7 +34,7 @@ module JSON
34
34
  else
35
35
  raise UnknownAlgorithm.new('Unknown Digest Algorithm')
36
36
  end
37
- UrlSafeBase64.encode64 digest.digest(normalize.to_json)
37
+ Base64.urlsafe_encode64 digest.digest(normalize.to_json), padding: false
38
38
  end
39
39
 
40
40
  def to_key
@@ -98,7 +98,7 @@ module JSON
98
98
  def to_rsa_key
99
99
  e, n, d, p, q, dp, dq, qi = [:e, :n, :d, :p, :q, :dp, :dq, :qi].collect do |key|
100
100
  if self[key]
101
- OpenSSL::BN.new UrlSafeBase64.decode64(self[key]), 2
101
+ OpenSSL::BN.new Base64.urlsafe_decode64(self[key]), 2
102
102
  end
103
103
  end
104
104
  key = OpenSSL::PKey::RSA.new
@@ -132,7 +132,7 @@ module JSON
132
132
  end
133
133
  x, y, d = [:x, :y, :d].collect do |key|
134
134
  if self[key]
135
- UrlSafeBase64.decode64(self[key])
135
+ Base64.urlsafe_decode64(self[key])
136
136
  end
137
137
  end
138
138
  key = OpenSSL::PKey::EC.new curve_name
@@ -5,17 +5,17 @@ module JSON
5
5
  def to_jwk(ex_params = {})
6
6
  params = {
7
7
  kty: :RSA,
8
- e: UrlSafeBase64.encode64(e.to_s(2)),
9
- n: UrlSafeBase64.encode64(n.to_s(2))
8
+ e: Base64.urlsafe_encode64(e.to_s(2), padding: false),
9
+ n: Base64.urlsafe_encode64(n.to_s(2), padding: false)
10
10
  }.merge ex_params
11
11
  if private?
12
12
  params.merge!(
13
- d: UrlSafeBase64.encode64(d.to_s(2)),
14
- p: UrlSafeBase64.encode64(p.to_s(2)),
15
- q: UrlSafeBase64.encode64(q.to_s(2)),
16
- dp: UrlSafeBase64.encode64(dmp1.to_s(2)),
17
- dq: UrlSafeBase64.encode64(dmq1.to_s(2)),
18
- qi: UrlSafeBase64.encode64(iqmp.to_s(2)),
13
+ d: Base64.urlsafe_encode64(d.to_s(2), padding: false),
14
+ p: Base64.urlsafe_encode64(p.to_s(2), padding: false),
15
+ q: Base64.urlsafe_encode64(q.to_s(2), padding: false),
16
+ dp: Base64.urlsafe_encode64(dmp1.to_s(2), padding: false),
17
+ dq: Base64.urlsafe_encode64(dmq1.to_s(2), padding: false),
18
+ qi: Base64.urlsafe_encode64(iqmp.to_s(2), padding: false),
19
19
  )
20
20
  end
21
21
  JWK.new params
@@ -27,10 +27,10 @@ module JSON
27
27
  params = {
28
28
  kty: :EC,
29
29
  crv: curve_name,
30
- x: UrlSafeBase64.encode64([coordinates[:x]].pack('H*')),
31
- y: UrlSafeBase64.encode64([coordinates[:y]].pack('H*'))
30
+ x: Base64.urlsafe_encode64([coordinates[:x]].pack('H*'), padding: false),
31
+ y: Base64.urlsafe_encode64([coordinates[:y]].pack('H*'), padding: false)
32
32
  }.merge ex_params
33
- params[:d] = UrlSafeBase64.encode64([coordinates[:d]].pack('H*')) if private_key?
33
+ params[:d] = Base64.urlsafe_encode64([coordinates[:d]].pack('H*'), padding: false) if private_key?
34
34
  JWK.new params
35
35
  end
36
36
 
@@ -96,7 +96,7 @@ module JSON
96
96
  header.to_json,
97
97
  self.to_json
98
98
  ].collect do |segment|
99
- UrlSafeBase64.encode64 segment
99
+ Base64.urlsafe_encode64 segment, padding: false
100
100
  end.join('.')
101
101
  end
102
102
 
@@ -180,7 +180,7 @@ module JSON
180
180
  raise InvalidFormat.new("Invalid JWS Format. JWS should include #{NUM_OF_SEGMENTS} segments.")
181
181
  end
182
182
  header, claims, signature = input.split('.', JWS::NUM_OF_SEGMENTS).collect do |segment|
183
- UrlSafeBase64.decode64 segment.to_s
183
+ Base64.urlsafe_decode64 segment.to_s
184
184
  end
185
185
  header, claims = [header, claims].collect do |json|
186
186
  JSON.parse(json).with_indifferent_access
@@ -1,5 +1,5 @@
1
1
  require 'openssl'
2
- require 'url_safe_base64'
2
+ require 'base64'
3
3
  require 'active_support'
4
4
  require 'active_support/core_ext'
5
5
  require 'json/jose'
@@ -46,7 +46,7 @@ module JSON
46
46
  self.to_json,
47
47
  signature
48
48
  ].collect do |segment|
49
- UrlSafeBase64.encode64 segment.to_s
49
+ Base64.urlsafe_encode64 segment.to_s, padding: false
50
50
  end.join('.')
51
51
  end
52
52
 
@@ -54,17 +54,17 @@ module JSON
54
54
  case options[:syntax]
55
55
  when :general
56
56
  {
57
- payload: UrlSafeBase64.encode64(self.to_json),
57
+ payload: Base64.urlsafe_encode64(self.to_json, padding: false),
58
58
  signatures: [{
59
- protected: UrlSafeBase64.encode64(header.to_json),
60
- signature: UrlSafeBase64.encode64(signature.to_s)
59
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
60
+ signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
61
61
  }]
62
62
  }
63
63
  when :flattened
64
64
  {
65
- protected: UrlSafeBase64.encode64(header.to_json),
66
- payload: UrlSafeBase64.encode64(self.to_json),
67
- signature: UrlSafeBase64.encode64(signature.to_s)
65
+ protected: Base64.urlsafe_encode64(header.to_json, padding: false),
66
+ payload: Base64.urlsafe_encode64(self.to_json, padding: false),
67
+ signature: Base64.urlsafe_encode64(signature.to_s, padding: false)
68
68
  }
69
69
  else
70
70
  super
@@ -79,8 +79,8 @@ describe JSON::JWK do
79
79
  let(:jwk) { JSON::JWK.new public_key }
80
80
  it { jwk.keys.collect(&:to_sym).should include :kty, :e, :n }
81
81
  its(:kty) { jwk[:kty].should == :RSA }
82
- its(:e) { jwk[:e].should == UrlSafeBase64.encode64(public_key.e.to_s(2)) }
83
- its(:n) { jwk[:n].should == UrlSafeBase64.encode64(public_key.n.to_s(2)) }
82
+ its(:e) { jwk[:e].should == Base64.urlsafe_encode64(public_key.e.to_s(2), padding: false) }
83
+ its(:n) { jwk[:n].should == Base64.urlsafe_encode64(public_key.n.to_s(2), padding: false) }
84
84
 
85
85
  context 'when kid/use options given' do
86
86
  let(:jwk) { JSON::JWK.new public_key, kid: '12345', use: :sig }
@@ -48,7 +48,7 @@ describe JSON::JWS do
48
48
  describe '#sign!' do
49
49
  shared_examples_for :generate_expected_signature do
50
50
  it do
51
- UrlSafeBase64.encode64(signed.signature).should == expected_signature[alg]
51
+ Base64.urlsafe_encode64(signed.signature, padding: false).should == expected_signature[alg]
52
52
  end
53
53
  end
54
54
  subject { signed }
@@ -279,10 +279,10 @@ describe JSON::JWS do
279
279
  context 'when general' do
280
280
  it 'should return General JWS JSON Serialization' do
281
281
  signed.to_json(syntax: :general).should == {
282
- payload: UrlSafeBase64.encode64(claims.to_json),
282
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
283
283
  signatures: [{
284
- protected: UrlSafeBase64.encode64(signed.header.to_json),
285
- signature: UrlSafeBase64.encode64(signed.signature)
284
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
285
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
286
286
  }]
287
287
  }.to_json
288
288
  end
@@ -290,10 +290,10 @@ describe JSON::JWS do
290
290
  context 'when not signed yet' do
291
291
  it 'should not fail' do
292
292
  jws.to_json(syntax: :general).should == {
293
- payload: UrlSafeBase64.encode64(claims.to_json),
293
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
294
294
  signatures: [{
295
- protected: UrlSafeBase64.encode64(jws.header.to_json),
296
- signature: UrlSafeBase64.encode64('')
295
+ protected: Base64.urlsafe_encode64(jws.header.to_json, padding: false),
296
+ signature: Base64.urlsafe_encode64('', padding: false)
297
297
  }]
298
298
  }.to_json
299
299
  end
@@ -303,18 +303,18 @@ describe JSON::JWS do
303
303
  context 'when flattened' do
304
304
  it 'should return Flattened JWS JSON Serialization' do
305
305
  signed.to_json(syntax: :flattened).should == {
306
- protected: UrlSafeBase64.encode64(signed.header.to_json),
307
- payload: UrlSafeBase64.encode64(claims.to_json),
308
- signature: UrlSafeBase64.encode64(signed.signature)
306
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
307
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
308
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
309
309
  }.to_json
310
310
  end
311
311
 
312
312
  context 'when not signed yet' do
313
313
  it 'should not fail' do
314
314
  jws.to_json(syntax: :flattened).should == {
315
- protected: UrlSafeBase64.encode64(jws.header.to_json),
316
- payload: UrlSafeBase64.encode64(claims.to_json),
317
- signature: UrlSafeBase64.encode64('')
315
+ protected: Base64.urlsafe_encode64(jws.header.to_json, padding: false),
316
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
317
+ signature: Base64.urlsafe_encode64('', padding: false)
318
318
  }.to_json
319
319
  end
320
320
  end
@@ -202,7 +202,7 @@ describe JSON::JWT do
202
202
  header, payload, signature = jws.to_s.split('.')
203
203
  malformed_header = {alg: :none}.to_json
204
204
  [
205
- UrlSafeBase64.encode64(malformed_header),
205
+ Base64.urlsafe_encode64(malformed_header, padding: false),
206
206
  payload,
207
207
  ''
208
208
  ].join('.')
@@ -226,7 +226,7 @@ describe JSON::JWT do
226
226
  header, payload, signature = jws.to_s.split('.')
227
227
  malformed_header = {alg: :none}.to_json
228
228
  [
229
- UrlSafeBase64.encode64(malformed_header),
229
+ Base64.urlsafe_encode64(malformed_header, padding: false),
230
230
  payload,
231
231
  ''
232
232
  ].join('.')
@@ -246,12 +246,12 @@ describe JSON::JWT do
246
246
  malformed_signature = OpenSSL::HMAC.digest(
247
247
  OpenSSL::Digest.new('SHA256'),
248
248
  public_key.to_s,
249
- [UrlSafeBase64.encode64(malformed_header), payload].join('.')
249
+ [Base64.urlsafe_encode64(malformed_header, padding: false), payload].join('.')
250
250
  )
251
251
  [
252
- UrlSafeBase64.encode64(malformed_header),
252
+ Base64.urlsafe_encode64(malformed_header, padding: false),
253
253
  payload,
254
- UrlSafeBase64.encode64(malformed_signature)
254
+ Base64.urlsafe_encode64(malformed_signature, padding: false)
255
255
  ].join('.')
256
256
  end
257
257
 
@@ -276,14 +276,14 @@ describe JSON::JWT do
276
276
  digest = OpenSSL::Digest.new('SHA256')
277
277
  malformed_signature = private_key.sign_pss(
278
278
  digest,
279
- [UrlSafeBase64.encode64(malformed_header), payload].join('.'),
279
+ [Base64.urlsafe_encode64(malformed_header, padding: false), payload].join('.'),
280
280
  salt_length: :digest,
281
281
  mgf1_hash: digest
282
282
  )
283
283
  [
284
- UrlSafeBase64.encode64(malformed_header),
284
+ Base64.urlsafe_encode64(malformed_header, padding: false),
285
285
  payload,
286
- UrlSafeBase64.encode64(malformed_signature)
286
+ Base64.urlsafe_encode64(malformed_signature, padding: false)
287
287
  ].join('.')
288
288
  end
289
289
 
@@ -310,12 +310,12 @@ describe JSON::JWT do
310
310
  malformed_header = {alg: :RS512}.to_json
311
311
  malformed_signature = private_key.sign(
312
312
  OpenSSL::Digest.new('SHA512'),
313
- [UrlSafeBase64.encode64(malformed_header), payload].join('.')
313
+ [Base64.urlsafe_encode64(malformed_header, padding: false), payload].join('.')
314
314
  )
315
315
  [
316
- UrlSafeBase64.encode64(malformed_header),
316
+ Base64.urlsafe_encode64(malformed_header, padding: false),
317
317
  payload,
318
- UrlSafeBase64.encode64(malformed_signature)
318
+ Base64.urlsafe_encode64(malformed_signature, padding: false)
319
319
  ].join('.')
320
320
  end
321
321
 
@@ -377,10 +377,10 @@ describe JSON::JWT do
377
377
  context 'when general' do
378
378
  let(:serialized) do
379
379
  {
380
- payload: UrlSafeBase64.encode64(claims.to_json),
380
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
381
381
  signatures: [{
382
- protected: UrlSafeBase64.encode64(signed.header.to_json),
383
- signature: UrlSafeBase64.encode64(signed.signature)
382
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
383
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
384
384
  }]
385
385
  }
386
386
  end
@@ -390,9 +390,9 @@ describe JSON::JWT do
390
390
  context 'when flattened' do
391
391
  let(:serialized) do
392
392
  {
393
- protected: UrlSafeBase64.encode64(signed.header.to_json),
394
- payload: UrlSafeBase64.encode64(claims.to_json),
395
- signature: UrlSafeBase64.encode64(signed.signature)
393
+ protected: Base64.urlsafe_encode64(signed.header.to_json, padding: false),
394
+ payload: Base64.urlsafe_encode64(claims.to_json, padding: false),
395
+ signature: Base64.urlsafe_encode64(signed.signature, padding: false)
396
396
  }
397
397
  end
398
398
  it_behaves_like :json_serialization_parser
@@ -465,7 +465,7 @@ describe JSON::JWT do
465
465
  context 'when too many dots' do
466
466
  it do
467
467
  expect do
468
- JSON::JWT.decode 'header.payload.signature.something.wrong'
468
+ JSON::JWT.decode 'header.payload.signature.too.many.dots'
469
469
  end.to raise_error JSON::JWT::InvalidFormat
470
470
  end
471
471
  end
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: json-jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.9.2
4
+ version: 1.9.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - nov matake
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-27 00:00:00.000000000 Z
11
+ date: 2018-04-27 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: url_safe_base64
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - ">="
18
- - !ruby/object:Gem::Version
19
- version: '0'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - ">="
25
- - !ruby/object:Gem::Version
26
- version: '0'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: activesupport
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -202,7 +188,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
202
188
  version: '0'
203
189
  requirements: []
204
190
  rubyforge_project:
205
- rubygems_version: 2.6.13
191
+ rubygems_version: 2.7.3
206
192
  signing_key:
207
193
  specification_version: 4
208
194
  summary: JSON Web Token and its family (JSON Web Signature, JSON Web Encryption and