jwt-multisig 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/lib/jwt-multisig.rb +3 -4
  4. data/lib/jwt-multisig/version.rb +1 -1
  5. data/test/test-jws-verificator.rb +3 -2
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d095a89f20add1e866e57faf102eec33c1beb507dd32c50072e48ef604b7c78f
4
- data.tar.gz: 80f08cd47a66bef4c3b452a4f55a0268219b34c728bb4de831e0d965e915801f
3
+ metadata.gz: 5edf239b75b41453236a1d170ab81b6233ab334df41805c916ebc0c89a28a1e6
4
+ data.tar.gz: 3d634939c51b36d78feab51e9d71275feca0386e7f31a8927dac6085ff3c461c
5
5
  SHA512:
6
- metadata.gz: 5ed78b1f8e01ca55a9f469890e76016c2752ffd298058c831f7c23eab6fd67a98f64d17bdeb110c047420cc9ed895bb61360740ef34918aaa0d90f7233e6c3ca
7
- data.tar.gz: 37ded3cf1e4d2231a32a2e4dfb01531895856df5cd541bfc28a8bd409d750a5009739951f466f5145d27e04ebc0b9738561a087e0397f0605200cfdfa9696baf
6
+ metadata.gz: 91988aafe86882352b806addea59a6390140d2e258817507783bbf5c2addda3cdb028d821a771179568b9bbb461ac04432d1e384472f0894a45b97dc396477c2
7
+ data.tar.gz: 99c553c60a72d97233de4012e06a7a1a12ffb8e5f7eef1cd5fab16c801781f31d606954d84ee27440fbe1b4c61020b9f1e3d92472120c5403818dc6d36cca069
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- jwt-multisig (1.0.3)
4
+ jwt-multisig (1.0.4)
5
5
  activesupport (>= 4.0)
6
6
  jwt (~> 2.2)
7
7
 
data/lib/jwt-multisig.rb CHANGED
@@ -123,6 +123,7 @@ module JWT
123
123
  def verify_jwt(jwt, public_keychain, options = {})
124
124
  proxy_exception JWT::DecodeError do
125
125
  keychain = public_keychain.with_indifferent_access
126
+ encoded_payload = jwt.fetch("payload")
126
127
  serialized_payload = base64_decode(jwt.fetch("payload"))
127
128
  payload = JSON.parse(serialized_payload)
128
129
  verified = []
@@ -131,7 +132,7 @@ module JWT
131
132
  jwt.fetch("signatures").each do |jws|
132
133
  key_id = jws.fetch("header").fetch("kid")
133
134
  if keychain.key?(key_id)
134
- verify_jws(jws, payload, public_keychain, options)
135
+ verify_jws(jws, encoded_payload, public_keychain, options)
135
136
  verified << key_id
136
137
  else
137
138
  unverified << key_id
@@ -193,12 +194,10 @@ module JWT
193
194
  # @return [Hash]
194
195
  # Returns payload if signature is valid.
195
196
  # @raise [JWT::DecodeError]
196
- def verify_jws(jws, payload, public_keychain, options = {})
197
+ def verify_jws(jws, encoded_payload, public_keychain, options = {})
197
198
  proxy_exception JWT::DecodeError do
198
199
  encoded_header = jws.fetch("protected")
199
200
  serialized_header = base64_decode(encoded_header)
200
- serialized_payload = payload.to_json
201
- encoded_payload = base64_encode(serialized_payload)
202
201
  signature = jws.fetch("signature")
203
202
  public_key = public_keychain.with_indifferent_access.fetch(jws.fetch("header").fetch("kid"))
204
203
  jwt = [encoded_header, encoded_payload, signature].join(".")
data/lib/jwt-multisig/version.rb CHANGED
@@ -3,6 +3,6 @@
3
3
 
4
4
  module JWT
5
5
  module Multisig
6
- VERSION = "1.0.3"
6
+ VERSION = "1.0.4"
7
7
  end
8
8
  end
data/test/test-jws-verificator.rb CHANGED
@@ -74,12 +74,13 @@ class JWSVerificatorTest < Test::Unit::TestCase
74
74
  private
75
75
 
76
76
  def example(jws, payload, options, expected)
77
+ encoded_payload = JWT::Base64.url_encode(JSON.dump(payload))
77
78
  # Pass instance of OpenSSL::PKey::PKey.
78
- returned = JWT::Multisig.verify_jws(JSON.parse(jws), payload, public_keychain, options)
79
+ returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
79
80
  assert_equal expected, JSON.dump(returned)
80
81
 
81
82
  # Pass key in PEM format.
82
- returned = JWT::Multisig.verify_jws(JSON.parse(jws), payload, public_keychain, options)
83
+ returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
83
84
  assert_equal expected, JSON.dump(returned)
84
85
  end
85
86
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt-multisig
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
4
+ version: 1.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - RubyKube
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-08 00:00:00.000000000 Z
11
+ date: 2020-10-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt