jwt-multisig 1.0.0 → 1.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 196758ff74f27b332271c1265497dd698b50d78316fa4b12d85d091c9867876f
4
- data.tar.gz: df16be95f6fcb777019ac810b851ccd4a2e904478e5a5e6a83f9a2bfd857c5e1
3
+ metadata.gz: b2d5cb56b491d2821e088bf0a109ff503f5eb348048ebb377ee265750f2970eb
4
+ data.tar.gz: 024a5788c0596c3076ccf4cb8e5d26299a73a9936d91ca0bc3d7ad6fed361c12
5
5
  SHA512:
6
- metadata.gz: 9e2d773f5b81e57fd3ea73b1f76654ff6ccbbb1c3bda2e09562e43d235567af3d257f1e75dbf6d21388064bf06cca68bc5473c3e75b19294e61cb5e77196a9ff
7
- data.tar.gz: c265d82ff2dc690a3f9652364af564fd5184d898a483c1e02a55c29d72e3c344d954d515b0f3aaa0c6462e40a06b0a08047785774edc734f10d4629f5e3847ed
6
+ metadata.gz: 6c3aae71b52284732567c5874afe816c7a329ccd194e1aff5ce6ea731778837402cd8f9c708eb928c3806a0097b650b604467395c5552cfb7c5f94f7e9d8bf99
7
+ data.tar.gz: 5b92d0fc646e416f951833d243d4f0c211d9de6422c2cb9680e8adaeed70247ecd669b0332ede5af23bb3a11508717d28b54864cc683760ca0f9c7c582eda17a
@@ -0,0 +1,29 @@
1
+ ---
2
+ kind: pipeline
3
+ name: default
4
+
5
+ steps:
6
+ - name: Run tests
7
+ image: ruby:2.6
8
+ commands:
9
+ - bundle install
10
+ - bundle exec rake test
11
+
12
+ - name: Release gems
13
+ image: ruby:2.6
14
+ environment:
15
+ GEM_CREDENTIALS:
16
+ from_secret: gem_credentials
17
+ commands:
18
+ - mkdir -p ~/.gem
19
+ - echo $GEM_CREDENTIALS | base64 -d > ~/.gem/credentials
20
+ - chmod 0600 ~/.gem/credentials
21
+ - gem build jwt-multisig.gemspec
22
+ - gem push jwt-multisig-*.gem
23
+ when:
24
+ branch:
25
+ - master
26
+
27
+ trigger:
28
+ event:
29
+ - push
@@ -1 +1 @@
1
- 2.5.0
1
+ 2.6.3
@@ -3,16 +3,14 @@ language: ruby
3
3
  cache: bundler
4
4
 
5
5
  rvm:
6
- - 2.2
7
- - 2.3
8
- - 2.4
9
6
  - 2.5
7
+ - 2.6
10
8
 
11
9
  env:
12
10
  - RAKE_ENV=test BUNDLE_PATH=vendor/bundle
13
11
 
14
12
  before_install:
15
- - gem install bundler
13
+ - gem install bundler -v 1.17.3
16
14
 
17
15
  install:
18
16
  - bundle install
@@ -1,41 +1,42 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- jwt-multisig (1.0.0)
5
- activesupport (>= 4.0, < 6.0)
6
- jwt (~> 2.1)
4
+ jwt-multisig (1.0.5)
5
+ activesupport (>= 4.0)
6
+ jwt (~> 2.2)
7
7
 
8
8
  GEM
9
9
  remote: https://rubygems.org/
10
10
  specs:
11
- activesupport (5.1.6)
11
+ activesupport (6.1.0)
12
12
  concurrent-ruby (~> 1.0, >= 1.0.2)
13
- i18n (>= 0.7, < 2)
14
- minitest (~> 5.1)
15
- tzinfo (~> 1.1)
16
- concurrent-ruby (1.0.5)
17
- i18n (1.0.0)
13
+ i18n (>= 1.6, < 2)
14
+ minitest (>= 5.1)
15
+ tzinfo (~> 2.0)
16
+ zeitwerk (~> 2.3)
17
+ concurrent-ruby (1.1.7)
18
+ i18n (1.8.5)
18
19
  concurrent-ruby (~> 1.0)
19
- jwt (2.1.0)
20
- memoist (0.16.0)
21
- minitest (5.11.3)
22
- power_assert (1.1.1)
23
- rake (12.3.1)
24
- test-unit (3.2.7)
20
+ jwt (2.2.2)
21
+ memoist (0.16.2)
22
+ minitest (5.14.2)
23
+ power_assert (1.2.0)
24
+ rake (12.3.3)
25
+ test-unit (3.3.6)
25
26
  power_assert
26
- thread_safe (0.3.6)
27
- tzinfo (1.2.5)
28
- thread_safe (~> 0.1)
27
+ tzinfo (2.0.3)
28
+ concurrent-ruby (~> 1.0)
29
+ zeitwerk (2.4.2)
29
30
 
30
31
  PLATFORMS
31
32
  ruby
32
33
 
33
34
  DEPENDENCIES
34
- bundler (~> 1.16)
35
+ bundler (~> 1.17)
35
36
  jwt-multisig!
36
37
  memoist (~> 0.16)
37
38
  rake (~> 12.3)
38
39
  test-unit (~> 3.1)
39
40
 
40
41
  BUNDLED WITH
41
- 1.16.1
42
+ 1.17.3
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
17
17
  s.test_files = `git ls-files -z -- {test,spec,features}/*`.split("\x0")
18
18
  s.require_paths = ["lib"]
19
19
 
20
- s.add_dependency "jwt", "~> 2.1"
21
- s.add_dependency "activesupport", ">= 4.0", "< 6.0"
22
- s.add_development_dependency "bundler", "~> 1.16"
20
+ s.add_dependency "jwt", "~> 2.2"
21
+ s.add_dependency "activesupport", ">= 4.0"
22
+ s.add_development_dependency "bundler", "~> 1.17"
23
23
  end
@@ -41,7 +41,7 @@ module JWT
41
41
  def generate_jwt(payload, private_keychain, algorithms)
42
42
  proxy_exception JWT::EncodeError do
43
43
  algorithms_mapping = algorithms.with_indifferent_access
44
- { payload: base64_encode(payload.to_json),
44
+ { payload: base64_encode(::JSON.dump(payload)),
45
45
  signatures: private_keychain.map do |id, value|
46
46
  generate_jws(payload, id, value, algorithms_mapping.fetch(id))
47
47
  end }
@@ -123,6 +123,7 @@ module JWT
123
123
  def verify_jwt(jwt, public_keychain, options = {})
124
124
  proxy_exception JWT::DecodeError do
125
125
  keychain = public_keychain.with_indifferent_access
126
+ encoded_payload = jwt.fetch("payload")
126
127
  serialized_payload = base64_decode(jwt.fetch("payload"))
127
128
  payload = JSON.parse(serialized_payload)
128
129
  verified = []
@@ -131,7 +132,7 @@ module JWT
131
132
  jwt.fetch("signatures").each do |jws|
132
133
  key_id = jws.fetch("header").fetch("kid")
133
134
  if keychain.key?(key_id)
134
- verify_jws(jws, payload, public_keychain, options)
135
+ verify_jws(jws, encoded_payload, public_keychain, options)
135
136
  verified << key_id
136
137
  else
137
138
  unverified << key_id
@@ -193,12 +194,10 @@ module JWT
193
194
  # @return [Hash]
194
195
  # Returns payload if signature is valid.
195
196
  # @raise [JWT::DecodeError]
196
- def verify_jws(jws, payload, public_keychain, options = {})
197
+ def verify_jws(jws, encoded_payload, public_keychain, options = {})
197
198
  proxy_exception JWT::DecodeError do
198
199
  encoded_header = jws.fetch("protected")
199
200
  serialized_header = base64_decode(encoded_header)
200
- serialized_payload = payload.to_json
201
- encoded_payload = base64_encode(serialized_payload)
202
201
  signature = jws.fetch("signature")
203
202
  public_key = public_keychain.with_indifferent_access.fetch(jws.fetch("header").fetch("kid"))
204
203
  jwt = [encoded_header, encoded_payload, signature].join(".")
@@ -240,7 +239,7 @@ module JWT
240
239
  # @param string [String]
241
240
  # @return [String]
242
241
  def base64_encode(string)
243
- JWT::Encode.base64url_encode(string)
242
+ JWT::Base64.url_encode(string)
244
243
  end
245
244
 
246
245
  #
@@ -249,7 +248,7 @@ module JWT
249
248
  # @param string [String]
250
249
  # @return [String]
251
250
  def base64_decode(string)
252
- JWT::Decode.base64url_decode(string)
251
+ JWT::Base64.url_decode(string)
253
252
  end
254
253
  end
255
254
  end
@@ -3,6 +3,6 @@
3
3
 
4
4
  module JWT
5
5
  module Multisig
6
- VERSION = "1.0.0"
6
+ VERSION = "1.0.5"
7
7
  end
8
8
  end
@@ -74,12 +74,13 @@ class JWSVerificatorTest < Test::Unit::TestCase
74
74
  private
75
75
 
76
76
  def example(jws, payload, options, expected)
77
+ encoded_payload = JWT::Base64.url_encode(JSON.dump(payload))
77
78
  # Pass instance of OpenSSL::PKey::PKey.
78
- returned = JWT::Multisig.verify_jws(JSON.parse(jws), payload, public_keychain, options)
79
+ returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
79
80
  assert_equal expected, JSON.dump(returned)
80
81
 
81
82
  # Pass key in PEM format.
82
- returned = JWT::Multisig.verify_jws(JSON.parse(jws), payload, public_keychain, options)
83
+ returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
83
84
  assert_equal expected, JSON.dump(returned)
84
85
  end
85
86
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt-multisig
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - RubyKube
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-04-03 00:00:00.000000000 Z
11
+ date: 2020-12-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '2.1'
19
+ version: '2.2'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '2.1'
26
+ version: '2.2'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: activesupport
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -31,9 +31,6 @@ dependencies:
31
31
  - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '4.0'
34
- - - "<"
35
- - !ruby/object:Gem::Version
36
- version: '6.0'
37
34
  type: :runtime
38
35
  prerelease: false
39
36
  version_requirements: !ruby/object:Gem::Requirement
@@ -41,23 +38,20 @@ dependencies:
41
38
  - - ">="
42
39
  - !ruby/object:Gem::Version
43
40
  version: '4.0'
44
- - - "<"
45
- - !ruby/object:Gem::Version
46
- version: '6.0'
47
41
  - !ruby/object:Gem::Dependency
48
42
  name: bundler
49
43
  requirement: !ruby/object:Gem::Requirement
50
44
  requirements:
51
45
  - - "~>"
52
46
  - !ruby/object:Gem::Version
53
- version: '1.16'
47
+ version: '1.17'
54
48
  type: :development
55
49
  prerelease: false
56
50
  version_requirements: !ruby/object:Gem::Requirement
57
51
  requirements:
58
52
  - - "~>"
59
53
  - !ruby/object:Gem::Version
60
- version: '1.16'
54
+ version: '1.17'
61
55
  description: The tool for working with JWT signed by multiple verificators as per
62
56
  RFC 7515. Based on the RubyGem «jwt» under the hood.
63
57
  email: support@rubykube.io
@@ -65,6 +59,7 @@ executables: []
65
59
  extensions: []
66
60
  extra_rdoc_files: []
67
61
  files:
62
+ - ".drone.yml"
68
63
  - ".gitignore"
69
64
  - ".rubocop.yml"
70
65
  - ".ruby-version"
@@ -102,15 +97,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
102
97
  - !ruby/object:Gem::Version
103
98
  version: '0'
104
99
  requirements: []
105
- rubyforge_project:
106
- rubygems_version: 2.7.3
100
+ rubygems_version: 3.0.3
107
101
  signing_key:
108
102
  specification_version: 4
109
103
  summary: The tool for working with multi-signature JWT.
110
- test_files:
111
- - test/test-helper.rb
112
- - test/test-jws-generator.rb
113
- - test/test-jws-verificator.rb
114
- - test/test-jwt-editor.rb
115
- - test/test-jwt-generator.rb
116
- - test/test-jwt-verificator.rb
104
+ test_files: []