jwt-multisig 1.0.3 → 1.0.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d095a89f20add1e866e57faf102eec33c1beb507dd32c50072e48ef604b7c78f
4
- data.tar.gz: 80f08cd47a66bef4c3b452a4f55a0268219b34c728bb4de831e0d965e915801f
3
+ metadata.gz: 5edf239b75b41453236a1d170ab81b6233ab334df41805c916ebc0c89a28a1e6
4
+ data.tar.gz: 3d634939c51b36d78feab51e9d71275feca0386e7f31a8927dac6085ff3c461c
5
5
  SHA512:
6
- metadata.gz: 5ed78b1f8e01ca55a9f469890e76016c2752ffd298058c831f7c23eab6fd67a98f64d17bdeb110c047420cc9ed895bb61360740ef34918aaa0d90f7233e6c3ca
7
- data.tar.gz: 37ded3cf1e4d2231a32a2e4dfb01531895856df5cd541bfc28a8bd409d750a5009739951f466f5145d27e04ebc0b9738561a087e0397f0605200cfdfa9696baf
6
+ metadata.gz: 91988aafe86882352b806addea59a6390140d2e258817507783bbf5c2addda3cdb028d821a771179568b9bbb461ac04432d1e384472f0894a45b97dc396477c2
7
+ data.tar.gz: 99c553c60a72d97233de4012e06a7a1a12ffb8e5f7eef1cd5fab16c801781f31d606954d84ee27440fbe1b4c61020b9f1e3d92472120c5403818dc6d36cca069
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- jwt-multisig (1.0.3)
4
+ jwt-multisig (1.0.4)
5
5
  activesupport (>= 4.0)
6
6
  jwt (~> 2.2)
7
7
 
@@ -123,6 +123,7 @@ module JWT
123
123
  def verify_jwt(jwt, public_keychain, options = {})
124
124
  proxy_exception JWT::DecodeError do
125
125
  keychain = public_keychain.with_indifferent_access
126
+ encoded_payload = jwt.fetch("payload")
126
127
  serialized_payload = base64_decode(jwt.fetch("payload"))
127
128
  payload = JSON.parse(serialized_payload)
128
129
  verified = []
@@ -131,7 +132,7 @@ module JWT
131
132
  jwt.fetch("signatures").each do |jws|
132
133
  key_id = jws.fetch("header").fetch("kid")
133
134
  if keychain.key?(key_id)
134
- verify_jws(jws, payload, public_keychain, options)
135
+ verify_jws(jws, encoded_payload, public_keychain, options)
135
136
  verified << key_id
136
137
  else
137
138
  unverified << key_id
@@ -193,12 +194,10 @@ module JWT
193
194
  # @return [Hash]
194
195
  # Returns payload if signature is valid.
195
196
  # @raise [JWT::DecodeError]
196
- def verify_jws(jws, payload, public_keychain, options = {})
197
+ def verify_jws(jws, encoded_payload, public_keychain, options = {})
197
198
  proxy_exception JWT::DecodeError do
198
199
  encoded_header = jws.fetch("protected")
199
200
  serialized_header = base64_decode(encoded_header)
200
- serialized_payload = payload.to_json
201
- encoded_payload = base64_encode(serialized_payload)
202
201
  signature = jws.fetch("signature")
203
202
  public_key = public_keychain.with_indifferent_access.fetch(jws.fetch("header").fetch("kid"))
204
203
  jwt = [encoded_header, encoded_payload, signature].join(".")
@@ -3,6 +3,6 @@
3
3
 
4
4
  module JWT
5
5
  module Multisig
6
- VERSION = "1.0.3"
6
+ VERSION = "1.0.4"
7
7
  end
8
8
  end
@@ -74,12 +74,13 @@ class JWSVerificatorTest < Test::Unit::TestCase
74
74
  private
75
75
 
76
76
  def example(jws, payload, options, expected)
77
+ encoded_payload = JWT::Base64.url_encode(JSON.dump(payload))
77
78
  # Pass instance of OpenSSL::PKey::PKey.
78
- returned = JWT::Multisig.verify_jws(JSON.parse(jws), payload, public_keychain, options)
79
+ returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
79
80
  assert_equal expected, JSON.dump(returned)
80
81
 
81
82
  # Pass key in PEM format.
82
- returned = JWT::Multisig.verify_jws(JSON.parse(jws), payload, public_keychain, options)
83
+ returned = JWT::Multisig.verify_jws(JSON.parse(jws), encoded_payload, public_keychain, options)
83
84
  assert_equal expected, JSON.dump(returned)
84
85
  end
85
86
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt-multisig
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.3
4
+ version: 1.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - RubyKube
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-10-08 00:00:00.000000000 Z
11
+ date: 2020-10-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jwt