jwt 0.1.1

data/Manifest

@@ -0,0 +1,4 @@
+Rakefile
+lib/jwt.rb
+spec/jwt.rb
+Manifest

data/Rakefile

@@ -0,0 +1,17 @@
+require 'rubygems'
+require 'rake'
+require 'echoe'
+
+Echoe.new('jwt', '0.1.1') do |p|
+  p.description    = "JSON Web Token implementation in Ruby"
+  p.url            = "http://github.com/progrium/ruby-jwt"
+  p.author         = "Jeff Lindsay"
+  p.email          = "jeff.lindsay@twilio.com"
+  p.ignore_pattern = ["tmp/*"]
+  p.runtime_dependencies = ["json >=1.2.4"]
+  p.development_dependencies = []
+end
+
+task :test do
+  sh "spec spec/jwt.rb"
+end

data/jwt.gemspec

@@ -0,0 +1,34 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{jwt}
+  s.version = "0.1.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Jeff Lindsay"]
+  s.cert_chain = ["/Users/progrium/.gem/gem-public_cert.pem"]
+  s.date = %q{2011-02-23}
+  s.description = %q{JSON Web Token implementation in Ruby}
+  s.email = %q{jeff.lindsay@twilio.com}
+  s.extra_rdoc_files = ["lib/jwt.rb"]
+  s.files = ["Rakefile", "lib/jwt.rb", "spec/jwt.rb", "Manifest", "jwt.gemspec"]
+  s.homepage = %q{http://github.com/progrium/ruby-jwt}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Jwt"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{jwt}
+  s.rubygems_version = %q{1.4.1}
+  s.signing_key = %q{/Users/progrium/.gem/gem-private_key.pem}
+  s.summary = %q{JSON Web Token implementation in Ruby}
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<json>, [">= 1.2.4"])
+    else
+      s.add_dependency(%q<json>, [">= 1.2.4"])
+    end
+  else
+    s.add_dependency(%q<json>, [">= 1.2.4"])
+  end
+end

data/lib/jwt.rb

@@ -0,0 +1,63 @@
+# 
+# JSON Web Token implementation
+# 
+# Minimum implementation based on this spec:
+# http://self-issued.info/docs/draft-jones-json-web-token-01.html
+
+require "base64"
+require "openssl"
+require "json"
+
+module JWT
+  class DecodeError < Exception; end
+  
+  def self.sign(algorithm, msg, key)
+    raise NotImplementedError.new("Unsupported signing method") unless ["HS256", "HS384", "HS512"].include?(algorithm)
+    OpenSSL::HMAC.hexdigest(OpenSSL::Digest::Digest.new(algorithm.sub('HS', 'sha')), key, msg)
+  end
+  
+  def self.base64url_decode(str)
+    str += '=' * (4 - str.length.modulo(4))
+    Base64.decode64(str.gsub("-", "+").gsub("_", "/"))
+  end
+  
+  def self.base64url_encode(str)
+    Base64.encode64(str).gsub("+", "-").gsub("/", "_").gsub("\n", "").gsub('=', '')
+  end  
+  
+  def self.encode(payload, key, algorithm='HS256')
+    segments = []
+    header = {"typ" => "JWT", "alg" => algorithm}
+    segments << base64url_encode(header.to_json)
+    segments << base64url_encode(payload.to_json)
+    signing_input = segments.join('.')
+    signature = sign(algorithm, signing_input, key)
+    segments << base64url_encode(signature)
+    segments.join('.')
+  end
+  
+  def self.decode(jwt, key=nil, verify=true)
+    segments = jwt.split('.')
+    raise JWT::DecodeError.new("Not enough or too many segments") unless segments.length == 3
+    header_segment, payload_segment, crypto_segment = segments
+    signing_input = [header_segment, payload_segment].join('.')
+    begin
+      header = JSON.parse(base64url_decode(header_segment))
+      payload = JSON.parse(base64url_decode(payload_segment))
+      signature = base64url_decode(crypto_segment)
+    rescue JSON::ParserError
+      raise JWT::DecodeError.new("Invalid segment encoding")
+    end
+    if verify
+      begin
+        if not signature == sign(header['alg'], signing_input, key)
+          raise JWT::DecodeError.new("Signature verification failed")
+        end
+      rescue NotImplementedError
+        raise JWT::DecodeError.new("Algorithm not supported")
+      end
+    end
+    payload
+  end
+
+end

data/spec/jwt.rb

@@ -0,0 +1,40 @@
+require 'spec'
+require "#{File.dirname(__FILE__)}/../lib/jwt.rb"
+
+payload = {"foo" => "bar"}
+
+describe JWT do
+  it "encodes and decodes JWTs" do
+    secret = "secret"
+    jwt = JWT.encode(payload, secret)
+    decoded_payload = JWT.decode(jwt, secret)
+    decoded_payload.should == payload
+  end
+  
+  it "decodes valid JWTs" do
+    example_payload = {"hello" => "world"}
+    example_secret = 'secret'
+    example_jwt = 'eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJoZWxsbyI6ICJ3b3JsZCJ9.YjZmNmEwMmMzMmU4NmEyMjRhYzRlMmFhYTQxNWQyMTA2Y2JiNDk4NGEyN2Q5ODYzOWVkODI2ZjVjYjY5Y2EzZg'
+    decoded_payload = JWT.decode(example_jwt, example_secret)
+    decoded_payload.should == example_payload
+  end
+
+  it "raises exception with wrong key" do
+    right_secret = 'foo'
+    bad_secret = 'bar'
+    jwt_message = JWT.encode(payload, right_secret)
+    lambda { JWT.decode(jwt_message, bad_secret) }.should raise_error(JWT::DecodeError)
+  end
+  
+  it "allows decoding without key" do
+    right_secret = 'foo'
+    bad_secret = 'bar'
+    jwt = JWT.encode(payload, right_secret)
+    decoded_payload = JWT.decode(jwt, bad_secret, false)
+    decoded_payload.should == payload
+  end
+  
+  it "raises exception on unsupported crypto algorithm" do
+    lambda { JWT.encode(payload, "secret", 'HS1024') }.should raise_error(NotImplementedError)
+  end
+end

metadata

@@ -0,0 +1,111 @@
+--- !ruby/object:Gem::Specification 
+name: jwt
+version: !ruby/object:Gem::Version 
+  hash: 25
+  prerelease: 
+  segments: 
+  - 0
+  - 1
+  - 1
+  version: 0.1.1
+platform: ruby
+authors: 
+- Jeff Lindsay
+autorequire: 
+bindir: bin
+cert_chain: 
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDPDCCAiSgAwIBAgIBADANBgkqhkiG9w0BAQUFADBEMRUwEwYDVQQDDAxqZWZm
+  LmxpbmRzYXkxFjAUBgoJkiaJk/IsZAEZFgZ0d2lsaW8xEzARBgoJkiaJk/IsZAEZ
+  FgNjb20wHhcNMTAwNTA0MjE0NzE3WhcNMTEwNTA0MjE0NzE3WjBEMRUwEwYDVQQD
+  DAxqZWZmLmxpbmRzYXkxFjAUBgoJkiaJk/IsZAEZFgZ0d2lsaW8xEzARBgoJkiaJ
+  k/IsZAEZFgNjb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb1P6c
+  /CN4l2pYBO0d5y7YHW3XJbj5d+5c1E9m2PcvUJ4Vjr7ISQM1SYpwixnWMBXBpzc1
+  En9YB+PYBEOOaIRh2G23aKdu7PnYQhze91qOBcHnf6LOckq25NbWQO8eaiXD3w5W
+  HRXOcmzigyTYRIhXBa93eMSihWAXThcfGFKNbtKerVhytT/UVHZU3pr9gCvt9vD0
+  aBmwMwvDlpO72eXPr5ow3Z+VzCc51iBNC07uvR/wFQ6/lS8ULBpHI9wcdo67wdv5
+  SaSZSGZCmG1pXov0Ahji7yqFMQ9oot5RDPZavZN3Fh3n6e2hdcSMlLgGkEGYaBVx
+  gdQFudko7rc5cWTdAgMBAAGjOTA3MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgSwMB0G
+  A1UdDgQWBBRXFNQ8j0GGeMiiPWhAlHB356JPGDANBgkqhkiG9w0BAQUFAAOCAQEA
+  VzMJe10HfJtglbDah9h9lxv8uzK2uV7bXRcIbMCGEdx8cByM+cfKOnoWVDQBVPWA
+  VznqXdPsrVC70PAMMTk66ro2ciyudilVEuxEl7rhaz0tj9FzNyJUHBKCD4KpGwkC
+  K435qpJsHMi9k0KxY17grmsE2Hq60lFLK8ZrqgDblEAKTeaGAykMxp9KJOwAKnY2
+  4lUY/SVtRuTk0YXsIPNFLYUhYt7arkJtkwWV41GWhj7PbcM5uk5sGoh0aueMzY7f
+  TvklqXtUw3g3PcoJ8CZw68WaB2/MuJXUehRCZThhkBwi8bDKZzh4rtI/WEb1EgDs
+  WZqts+sMhUpDxxL+p6p6bQ==
+  -----END CERTIFICATE-----
+
+date: 2011-02-23 00:00:00 -08:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: json
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 23
+        segments: 
+        - 1
+        - 2
+        - 4
+        version: 1.2.4
+  type: :runtime
+  version_requirements: *id001
+description: JSON Web Token implementation in Ruby
+email: jeff.lindsay@twilio.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- lib/jwt.rb
+files: 
+- Rakefile
+- lib/jwt.rb
+- spec/jwt.rb
+- Manifest
+- jwt.gemspec
+has_rdoc: true
+homepage: http://github.com/progrium/ruby-jwt
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --line-numbers
+- --inline-source
+- --title
+- Jwt
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 11
+      segments: 
+      - 1
+      - 2
+      version: "1.2"
+requirements: []
+
+rubyforge_project: jwt
+rubygems_version: 1.4.1
+signing_key: 
+specification_version: 3
+summary: JSON Web Token implementation in Ruby
+test_files: []
+

metadata.gz.sig

@@ -0,0 +1,2 @@
+lr���^�K?#�>	���+xz�A2$����Ӿ0�&+���\���:e�څ�Q}�	{���Z>�x�޴�������?�DH��|�* �hx��}�!���T1�=m���5��ثpd�
+Ƣ�;<�