jwt-multisignature 1.0.1 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +12 -12
- data/jwt-multisignature.gemspec +1 -1
- data/lib/jwt-multisignature.rb +5 -5
- data/lib/jwt-multisignature/version.rb +1 -1
- data/test/test-jws-verificator.rb +5 -6
- data/test/test-jwt-generator.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5fd4d833cfadd4bdc49ea63c906f4971aefbfc391f10c9f9cd2405ad5fef339f
|
|
4
|
+
data.tar.gz: a3b7dbf5c1192afb2cfb1a06581804cf331220e553cfde0782ae3197c8674827
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2e3731a51b18a390fbbeebcfa7a9398c1d303f7ce9620743be18433402dafe43320cf2bc648bcfcee0d7e88687263a311972fb3d2f8eaba9d35772beaf3cf582
|
|
7
|
+
data.tar.gz: 965622e0ff68c204e1f18f9bcae39b9e80fca1b6422dff8a27040457d8355589ea8c8a4553e628bc4e038fa18512070123d04512fe8b4d92c910ae2293e8c444
|
data/Gemfile.lock
CHANGED
|
@@ -1,30 +1,30 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
jwt-multisignature (1.0.
|
|
4
|
+
jwt-multisignature (1.0.2)
|
|
5
5
|
activesupport (>= 4.0, < 6.0)
|
|
6
|
-
jwt (~> 2.
|
|
6
|
+
jwt (~> 2.2)
|
|
7
7
|
|
|
8
8
|
GEM
|
|
9
9
|
remote: https://rubygems.org/
|
|
10
10
|
specs:
|
|
11
|
-
activesupport (5.2.
|
|
11
|
+
activesupport (5.2.4.1)
|
|
12
12
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
13
13
|
i18n (>= 0.7, < 2)
|
|
14
14
|
minitest (~> 5.1)
|
|
15
15
|
tzinfo (~> 1.1)
|
|
16
|
-
concurrent-ruby (1.1.
|
|
17
|
-
i18n (1.
|
|
16
|
+
concurrent-ruby (1.1.6)
|
|
17
|
+
i18n (1.8.2)
|
|
18
18
|
concurrent-ruby (~> 1.0)
|
|
19
19
|
jwt (2.2.1)
|
|
20
|
-
memoist (0.16.
|
|
21
|
-
minitest (5.
|
|
22
|
-
power_assert (1.1.
|
|
23
|
-
rake (12.3.
|
|
24
|
-
test-unit (3.3.
|
|
20
|
+
memoist (0.16.2)
|
|
21
|
+
minitest (5.14.0)
|
|
22
|
+
power_assert (1.1.6)
|
|
23
|
+
rake (12.3.3)
|
|
24
|
+
test-unit (3.3.5)
|
|
25
25
|
power_assert
|
|
26
26
|
thread_safe (0.3.6)
|
|
27
|
-
tzinfo (1.2.
|
|
27
|
+
tzinfo (1.2.6)
|
|
28
28
|
thread_safe (~> 0.1)
|
|
29
29
|
|
|
30
30
|
PLATFORMS
|
|
@@ -38,4 +38,4 @@ DEPENDENCIES
|
|
|
38
38
|
test-unit (~> 3.1)
|
|
39
39
|
|
|
40
40
|
BUNDLED WITH
|
|
41
|
-
1.17.
|
|
41
|
+
1.17.3
|
data/jwt-multisignature.gemspec
CHANGED
|
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
|
|
|
17
17
|
s.require_paths = ["lib"]
|
|
18
18
|
s.required_ruby_version = "~> 2.5"
|
|
19
19
|
|
|
20
|
-
s.add_dependency "jwt", "~> 2.
|
|
20
|
+
s.add_dependency "jwt", "~> 2.2"
|
|
21
21
|
s.add_dependency "activesupport", ">= 4.0", "< 6.0"
|
|
22
22
|
s.add_development_dependency "bundler", "~> 1.16"
|
|
23
23
|
end
|
data/lib/jwt-multisignature.rb
CHANGED
|
@@ -40,7 +40,7 @@ module JWT
|
|
|
40
40
|
# @raise [JWT::EncodeError]
|
|
41
41
|
def generate_jwt(payload, private_keychain, algorithms)
|
|
42
42
|
algorithms_mapping = algorithms.with_indifferent_access
|
|
43
|
-
{ payload: base64_encode(JSON.generate(payload)),
|
|
43
|
+
{ payload: base64_encode(::JWT::JSON.generate(payload)),
|
|
44
44
|
signatures: private_keychain.map do |id, value|
|
|
45
45
|
generate_jws(payload, id, value, algorithms_mapping.fetch(id))
|
|
46
46
|
end }
|
|
@@ -62,7 +62,7 @@ module JWT
|
|
|
62
62
|
# @raise [JWT::EncodeError]
|
|
63
63
|
def add_jws(jwt, key_id, key_value, algorithm)
|
|
64
64
|
remove_jws(jwt, key_id).tap do |new_jwt|
|
|
65
|
-
payload = JSON.parse(base64_decode(new_jwt.fetch(:payload)))
|
|
65
|
+
payload = ::JWT::JSON.parse(base64_decode(new_jwt.fetch(:payload)))
|
|
66
66
|
new_jwt.fetch(:signatures) << generate_jws(payload, key_id, key_value, algorithm)
|
|
67
67
|
end
|
|
68
68
|
end
|
|
@@ -119,7 +119,7 @@ module JWT
|
|
|
119
119
|
def verify_jwt(jwt, public_keychain, options = {})
|
|
120
120
|
keychain = public_keychain.with_indifferent_access
|
|
121
121
|
serialized_payload = base64_decode(jwt.fetch("payload"))
|
|
122
|
-
payload = JSON.parse(serialized_payload)
|
|
122
|
+
payload = ::JWT::JSON.parse(serialized_payload)
|
|
123
123
|
verified = []
|
|
124
124
|
unverified = []
|
|
125
125
|
|
|
@@ -188,12 +188,12 @@ module JWT
|
|
|
188
188
|
def verify_jws(jws, payload, public_keychain, options = {})
|
|
189
189
|
encoded_header = jws.fetch("protected")
|
|
190
190
|
serialized_header = base64_decode(encoded_header)
|
|
191
|
-
serialized_payload = JSON.generate(payload)
|
|
191
|
+
serialized_payload = ::JWT::JSON.generate(payload)
|
|
192
192
|
encoded_payload = base64_encode(serialized_payload)
|
|
193
193
|
signature = jws.fetch("signature")
|
|
194
194
|
public_key = public_keychain.with_indifferent_access.fetch(jws.fetch("header").fetch("kid"))
|
|
195
195
|
jwt = [encoded_header, encoded_payload, signature].join(".")
|
|
196
|
-
algorithm = JSON.parse(serialized_header).fetch("alg")
|
|
196
|
+
algorithm = ::JWT::JSON.parse(serialized_header).fetch("alg")
|
|
197
197
|
JWT.decode(jwt, to_pem_or_key(public_key, algorithm), true, options.merge(algorithms: [algorithm])).first
|
|
198
198
|
end
|
|
199
199
|
|
|
@@ -28,7 +28,7 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
|
28
28
|
jws = %({"header":{"kid":"ebert.biz"},"signature":"3nSc9aeRuDyrq_dYQRQX5tnM1wVw6reoUlmQ4JqWIV3LM7yeIDgcVLRYxyb7UUBM0gNqA4QJj3CpwS6vg-EHYQ"})
|
|
29
29
|
payload = { foo: "bar" }
|
|
30
30
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
|
31
|
-
assert_kind_of
|
|
31
|
+
assert_kind_of KeyError, e
|
|
32
32
|
assert_match(/key not found: "protected"/i, e.message)
|
|
33
33
|
end
|
|
34
34
|
|
|
@@ -36,7 +36,7 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
|
36
36
|
jws = %({"protected":"eyJhbGciOiJSUzI1NiJ9","header":{"kid":"powlowski.info"}})
|
|
37
37
|
payload = {}
|
|
38
38
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
|
39
|
-
assert_kind_of
|
|
39
|
+
assert_kind_of KeyError, e
|
|
40
40
|
assert_match(/key not found: "signature"/i, e.message)
|
|
41
41
|
end
|
|
42
42
|
|
|
@@ -44,15 +44,14 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
|
44
44
|
jws = %({"protected":"qwerty","header":{"kid":"rice.com"},"signature":"yVzIjLYCl5gaLHAhKYQmyEnvlYq8rhohYVcyqI-zvTJ0ccU4MojHw9_5GvAyeECF1_DXDvY7wbiyRu4nCN1rMw"})
|
|
45
45
|
payload = {}
|
|
46
46
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
|
47
|
-
assert_kind_of
|
|
48
|
-
assert_match(/JSON::ParserError/i, e.message.encode("UTF-8", invalid: :replace, undef: :replace))
|
|
47
|
+
assert_kind_of JSON::ParserError, e
|
|
49
48
|
end
|
|
50
49
|
|
|
51
50
|
def test_header_is_required
|
|
52
51
|
jws = %({"protected":"eyJhbGciOiJSUzUxMiJ9","signature":"oRN-lE_OqSRtUeI1ZkyftpV2PmJPArrX68_3Zm6BHTxjKemyLHdR2D3z58Fm8a-9XnbRpqpawKDoHx3AB2EKZayw8WChKTZv0qZeUx0SH2oo27nCC9b--99D3_E7D4eqb6qlmML7gAlJyeFbl3QD8qEuMC-EyjSm-kyXmxZcNW5myHC4XZayE0GBfS1yzKYbpSI16PKZOUHoFHjMAHm79bFg37V6FB4qKszMyjss_pl6dK0VdGSiDpX-LPaTdh67joPQHIcmDprfMF0pn50RNvorS-5qa8Ev79mozcDLMUb4hrLXZ_x8AWen6XHbwo34nSrd_Fn7-GOaDtsGc0XdfQ"})
|
|
53
52
|
payload = {}
|
|
54
53
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
|
55
|
-
assert_kind_of
|
|
54
|
+
assert_kind_of KeyError, e
|
|
56
55
|
assert_match(/key not found: "header"/i, e.message)
|
|
57
56
|
end
|
|
58
57
|
|
|
@@ -60,7 +59,7 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
|
60
59
|
jws = %({"protected":"e30","header":{"kid":"wisoky.co"},"signature":"eygCpYrkji7pmmA5sRUFUnwsW-ciZFHSwGVmCSya8Kk"})
|
|
61
60
|
payload = {}
|
|
62
61
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
|
63
|
-
assert_kind_of
|
|
62
|
+
assert_kind_of KeyError, e
|
|
64
63
|
assert_match(/key not found: "alg"/i, e.message)
|
|
65
64
|
end
|
|
66
65
|
|
data/test/test-jwt-generator.rb
CHANGED
|
@@ -48,7 +48,7 @@ class JWTGeneratorTest < Test::Unit::TestCase
|
|
|
48
48
|
|
|
49
49
|
def test_algorithm_is_required
|
|
50
50
|
signers = %w[olsonjacobi.name ebert.biz]
|
|
51
|
-
e = assert_raises
|
|
51
|
+
e = assert_raises KeyError do
|
|
52
52
|
JWT::Multisignature.generate_jwt({}, private_keychain.slice(*signers), algorithms.slice(signers.sample))
|
|
53
53
|
end
|
|
54
54
|
assert_match(/key not found/i, e.message)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jwt-multisignature
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yaroslav Konoplov
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-03-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: jwt
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '2.
|
|
19
|
+
version: '2.2'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '2.
|
|
26
|
+
version: '2.2'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: activesupport
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -102,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
103
|
version: '0'
|
|
104
104
|
requirements: []
|
|
105
|
-
rubygems_version: 3.0.
|
|
105
|
+
rubygems_version: 3.0.3
|
|
106
106
|
signing_key:
|
|
107
107
|
specification_version: 4
|
|
108
108
|
summary: Implements JWT with multiple signatures (RFC 7515).
|