jwt-multisignature 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile.lock +12 -12
- data/jwt-multisignature.gemspec +1 -1
- data/lib/jwt-multisignature.rb +5 -5
- data/lib/jwt-multisignature/version.rb +1 -1
- data/test/test-jws-verificator.rb +5 -6
- data/test/test-jwt-generator.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5fd4d833cfadd4bdc49ea63c906f4971aefbfc391f10c9f9cd2405ad5fef339f
|
4
|
+
data.tar.gz: a3b7dbf5c1192afb2cfb1a06581804cf331220e553cfde0782ae3197c8674827
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2e3731a51b18a390fbbeebcfa7a9398c1d303f7ce9620743be18433402dafe43320cf2bc648bcfcee0d7e88687263a311972fb3d2f8eaba9d35772beaf3cf582
|
7
|
+
data.tar.gz: 965622e0ff68c204e1f18f9bcae39b9e80fca1b6422dff8a27040457d8355589ea8c8a4553e628bc4e038fa18512070123d04512fe8b4d92c910ae2293e8c444
|
data/Gemfile.lock
CHANGED
@@ -1,30 +1,30 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
jwt-multisignature (1.0.
|
4
|
+
jwt-multisignature (1.0.2)
|
5
5
|
activesupport (>= 4.0, < 6.0)
|
6
|
-
jwt (~> 2.
|
6
|
+
jwt (~> 2.2)
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: https://rubygems.org/
|
10
10
|
specs:
|
11
|
-
activesupport (5.2.
|
11
|
+
activesupport (5.2.4.1)
|
12
12
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
13
13
|
i18n (>= 0.7, < 2)
|
14
14
|
minitest (~> 5.1)
|
15
15
|
tzinfo (~> 1.1)
|
16
|
-
concurrent-ruby (1.1.
|
17
|
-
i18n (1.
|
16
|
+
concurrent-ruby (1.1.6)
|
17
|
+
i18n (1.8.2)
|
18
18
|
concurrent-ruby (~> 1.0)
|
19
19
|
jwt (2.2.1)
|
20
|
-
memoist (0.16.
|
21
|
-
minitest (5.
|
22
|
-
power_assert (1.1.
|
23
|
-
rake (12.3.
|
24
|
-
test-unit (3.3.
|
20
|
+
memoist (0.16.2)
|
21
|
+
minitest (5.14.0)
|
22
|
+
power_assert (1.1.6)
|
23
|
+
rake (12.3.3)
|
24
|
+
test-unit (3.3.5)
|
25
25
|
power_assert
|
26
26
|
thread_safe (0.3.6)
|
27
|
-
tzinfo (1.2.
|
27
|
+
tzinfo (1.2.6)
|
28
28
|
thread_safe (~> 0.1)
|
29
29
|
|
30
30
|
PLATFORMS
|
@@ -38,4 +38,4 @@ DEPENDENCIES
|
|
38
38
|
test-unit (~> 3.1)
|
39
39
|
|
40
40
|
BUNDLED WITH
|
41
|
-
1.17.
|
41
|
+
1.17.3
|
data/jwt-multisignature.gemspec
CHANGED
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
|
|
17
17
|
s.require_paths = ["lib"]
|
18
18
|
s.required_ruby_version = "~> 2.5"
|
19
19
|
|
20
|
-
s.add_dependency "jwt", "~> 2.
|
20
|
+
s.add_dependency "jwt", "~> 2.2"
|
21
21
|
s.add_dependency "activesupport", ">= 4.0", "< 6.0"
|
22
22
|
s.add_development_dependency "bundler", "~> 1.16"
|
23
23
|
end
|
data/lib/jwt-multisignature.rb
CHANGED
@@ -40,7 +40,7 @@ module JWT
|
|
40
40
|
# @raise [JWT::EncodeError]
|
41
41
|
def generate_jwt(payload, private_keychain, algorithms)
|
42
42
|
algorithms_mapping = algorithms.with_indifferent_access
|
43
|
-
{ payload: base64_encode(JSON.generate(payload)),
|
43
|
+
{ payload: base64_encode(::JWT::JSON.generate(payload)),
|
44
44
|
signatures: private_keychain.map do |id, value|
|
45
45
|
generate_jws(payload, id, value, algorithms_mapping.fetch(id))
|
46
46
|
end }
|
@@ -62,7 +62,7 @@ module JWT
|
|
62
62
|
# @raise [JWT::EncodeError]
|
63
63
|
def add_jws(jwt, key_id, key_value, algorithm)
|
64
64
|
remove_jws(jwt, key_id).tap do |new_jwt|
|
65
|
-
payload = JSON.parse(base64_decode(new_jwt.fetch(:payload)))
|
65
|
+
payload = ::JWT::JSON.parse(base64_decode(new_jwt.fetch(:payload)))
|
66
66
|
new_jwt.fetch(:signatures) << generate_jws(payload, key_id, key_value, algorithm)
|
67
67
|
end
|
68
68
|
end
|
@@ -119,7 +119,7 @@ module JWT
|
|
119
119
|
def verify_jwt(jwt, public_keychain, options = {})
|
120
120
|
keychain = public_keychain.with_indifferent_access
|
121
121
|
serialized_payload = base64_decode(jwt.fetch("payload"))
|
122
|
-
payload = JSON.parse(serialized_payload)
|
122
|
+
payload = ::JWT::JSON.parse(serialized_payload)
|
123
123
|
verified = []
|
124
124
|
unverified = []
|
125
125
|
|
@@ -188,12 +188,12 @@ module JWT
|
|
188
188
|
def verify_jws(jws, payload, public_keychain, options = {})
|
189
189
|
encoded_header = jws.fetch("protected")
|
190
190
|
serialized_header = base64_decode(encoded_header)
|
191
|
-
serialized_payload = JSON.generate(payload)
|
191
|
+
serialized_payload = ::JWT::JSON.generate(payload)
|
192
192
|
encoded_payload = base64_encode(serialized_payload)
|
193
193
|
signature = jws.fetch("signature")
|
194
194
|
public_key = public_keychain.with_indifferent_access.fetch(jws.fetch("header").fetch("kid"))
|
195
195
|
jwt = [encoded_header, encoded_payload, signature].join(".")
|
196
|
-
algorithm = JSON.parse(serialized_header).fetch("alg")
|
196
|
+
algorithm = ::JWT::JSON.parse(serialized_header).fetch("alg")
|
197
197
|
JWT.decode(jwt, to_pem_or_key(public_key, algorithm), true, options.merge(algorithms: [algorithm])).first
|
198
198
|
end
|
199
199
|
|
@@ -28,7 +28,7 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
28
28
|
jws = %({"header":{"kid":"ebert.biz"},"signature":"3nSc9aeRuDyrq_dYQRQX5tnM1wVw6reoUlmQ4JqWIV3LM7yeIDgcVLRYxyb7UUBM0gNqA4QJj3CpwS6vg-EHYQ"})
|
29
29
|
payload = { foo: "bar" }
|
30
30
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
31
|
-
assert_kind_of
|
31
|
+
assert_kind_of KeyError, e
|
32
32
|
assert_match(/key not found: "protected"/i, e.message)
|
33
33
|
end
|
34
34
|
|
@@ -36,7 +36,7 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
36
36
|
jws = %({"protected":"eyJhbGciOiJSUzI1NiJ9","header":{"kid":"powlowski.info"}})
|
37
37
|
payload = {}
|
38
38
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
39
|
-
assert_kind_of
|
39
|
+
assert_kind_of KeyError, e
|
40
40
|
assert_match(/key not found: "signature"/i, e.message)
|
41
41
|
end
|
42
42
|
|
@@ -44,15 +44,14 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
44
44
|
jws = %({"protected":"qwerty","header":{"kid":"rice.com"},"signature":"yVzIjLYCl5gaLHAhKYQmyEnvlYq8rhohYVcyqI-zvTJ0ccU4MojHw9_5GvAyeECF1_DXDvY7wbiyRu4nCN1rMw"})
|
45
45
|
payload = {}
|
46
46
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
47
|
-
assert_kind_of
|
48
|
-
assert_match(/JSON::ParserError/i, e.message.encode("UTF-8", invalid: :replace, undef: :replace))
|
47
|
+
assert_kind_of JSON::ParserError, e
|
49
48
|
end
|
50
49
|
|
51
50
|
def test_header_is_required
|
52
51
|
jws = %({"protected":"eyJhbGciOiJSUzUxMiJ9","signature":"oRN-lE_OqSRtUeI1ZkyftpV2PmJPArrX68_3Zm6BHTxjKemyLHdR2D3z58Fm8a-9XnbRpqpawKDoHx3AB2EKZayw8WChKTZv0qZeUx0SH2oo27nCC9b--99D3_E7D4eqb6qlmML7gAlJyeFbl3QD8qEuMC-EyjSm-kyXmxZcNW5myHC4XZayE0GBfS1yzKYbpSI16PKZOUHoFHjMAHm79bFg37V6FB4qKszMyjss_pl6dK0VdGSiDpX-LPaTdh67joPQHIcmDprfMF0pn50RNvorS-5qa8Ev79mozcDLMUb4hrLXZ_x8AWen6XHbwo34nSrd_Fn7-GOaDtsGc0XdfQ"})
|
53
52
|
payload = {}
|
54
53
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
55
|
-
assert_kind_of
|
54
|
+
assert_kind_of KeyError, e
|
56
55
|
assert_match(/key not found: "header"/i, e.message)
|
57
56
|
end
|
58
57
|
|
@@ -60,7 +59,7 @@ class JWSVerificatorTest < Test::Unit::TestCase
|
|
60
59
|
jws = %({"protected":"e30","header":{"kid":"wisoky.co"},"signature":"eygCpYrkji7pmmA5sRUFUnwsW-ciZFHSwGVmCSya8Kk"})
|
61
60
|
payload = {}
|
62
61
|
e = assert_raise { example jws, payload, {}, payload.to_json }
|
63
|
-
assert_kind_of
|
62
|
+
assert_kind_of KeyError, e
|
64
63
|
assert_match(/key not found: "alg"/i, e.message)
|
65
64
|
end
|
66
65
|
|
data/test/test-jwt-generator.rb
CHANGED
@@ -48,7 +48,7 @@ class JWTGeneratorTest < Test::Unit::TestCase
|
|
48
48
|
|
49
49
|
def test_algorithm_is_required
|
50
50
|
signers = %w[olsonjacobi.name ebert.biz]
|
51
|
-
e = assert_raises
|
51
|
+
e = assert_raises KeyError do
|
52
52
|
JWT::Multisignature.generate_jwt({}, private_keychain.slice(*signers), algorithms.slice(signers.sample))
|
53
53
|
end
|
54
54
|
assert_match(/key not found/i, e.message)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jwt-multisignature
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Yaroslav Konoplov
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-03-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jwt
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '2.
|
19
|
+
version: '2.2'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '2.
|
26
|
+
version: '2.2'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: activesupport
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -102,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
102
102
|
- !ruby/object:Gem::Version
|
103
103
|
version: '0'
|
104
104
|
requirements: []
|
105
|
-
rubygems_version: 3.0.
|
105
|
+
rubygems_version: 3.0.3
|
106
106
|
signing_key:
|
107
107
|
specification_version: 4
|
108
108
|
summary: Implements JWT with multiple signatures (RFC 7515).
|