jwt-multisig 1.0.3 → 1.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/lib/jwt-multisig.rb +3 -4
- data/lib/jwt-multisig/version.rb +1 -1
- data/test/test-jws-verificator.rb +3 -2
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5edf239b75b41453236a1d170ab81b6233ab334df41805c916ebc0c89a28a1e6
|
|
4
|
+
data.tar.gz: 3d634939c51b36d78feab51e9d71275feca0386e7f31a8927dac6085ff3c461c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 91988aafe86882352b806addea59a6390140d2e258817507783bbf5c2addda3cdb028d821a771179568b9bbb461ac04432d1e384472f0894a45b97dc396477c2
|
|
7
|
+
data.tar.gz: 99c553c60a72d97233de4012e06a7a1a12ffb8e5f7eef1cd5fab16c801781f31d606954d84ee27440fbe1b4c61020b9f1e3d92472120c5403818dc6d36cca069
|
data/Gemfile.lock
CHANGED
data/lib/jwt-multisig.rb
CHANGED
|
@@ -123,6 +123,7 @@ module JWT
|
|
|
123
123
|
def verify_jwt(jwt, public_keychain, options = {})
|
|
124
124
|
proxy_exception JWT::DecodeError do
|
|
125
125
|
keychain = public_keychain.with_indifferent_access
|
|
126
|
+
encoded_payload = jwt.fetch("payload")
|
|
126
127
|
serialized_payload = base64_decode(jwt.fetch("payload"))
|
|
127
128
|
payload = JSON.parse(serialized_payload)
|
|
128
129
|
verified = []
|
|
@@ -131,7 +132,7 @@ module JWT
|
|
|
131
132
|
jwt.fetch("signatures").each do |jws|
|
|
132
133
|
key_id = jws.fetch("header").fetch("kid")
|
|
133
134
|
if keychain.key?(key_id)
|
|
134
|
-
verify_jws(jws,
|
|
135
|
+
verify_jws(jws, encoded_payload, public_keychain, options)
|
|
135
136
|
verified << key_id
|
|
136
137
|
else
|
|
137
138
|
unverified << key_id
|
|
@@ -193,12 +194,10 @@ module JWT
|
|
|
193
194
|
# @return [Hash]
|
|
194
195
|
# Returns payload if signature is valid.
|
|
195
196
|
# @raise [JWT::DecodeError]
|
|
196
|
-
def verify_jws(jws,
|
|
197
|
+
def verify_jws(jws, encoded_payload, public_keychain, options = {})
|
|
197
198
|
proxy_exception JWT::DecodeError do
|
|
198
199
|
encoded_header = jws.fetch("protected")
|
|
199
200
|
serialized_header = base64_decode(encoded_header)
|
|
200
|
-
serialized_payload = payload.to_json
|
|
201
|
-
encoded_payload = base64_encode(serialized_payload)
|
|
202
201
|
signature = jws.fetch("signature")
|
|
203
202
|
public_key = public_keychain.with_indifferent_access.fetch(jws.fetch("header").fetch("kid"))
|
|
204
203
|
jwt = [encoded_header, encoded_payload, signature].join(".")
|
data/lib/jwt-multisig/version.rb
CHANGED
|
@@ -74,12 +74,13 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
|
74
74
|
private
|
|
75
75
|
|
|
76
76
|
def example(jws, payload, options, expected)
|
|
77
|
+
encoded_payload = JWT::Base64.url_encode(JSON.dump(payload))
|
|
77
78
|
# Pass instance of OpenSSL::PKey::PKey.
|
|
78
|
-
returned = JWT::Multisig.verify_jws(JSON.parse(jws),
|
|
79
|
+
returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
|
|
79
80
|
assert_equal expected, JSON.dump(returned)
|
|
80
81
|
|
|
81
82
|
# Pass key in PEM format.
|
|
82
|
-
returned = JWT::Multisig.verify_jws(JSON.parse(jws),
|
|
83
|
+
returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
|
|
83
84
|
assert_equal expected, JSON.dump(returned)
|
|
84
85
|
end
|
|
85
86
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt-multisig
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- RubyKube
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-10-
|
|
11
|
+
date: 2020-10-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|