jwt 1.5.1 → 1.5.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 20bef3dbabb4260b05cd6119dc1b552d630bd3e1
4
- data.tar.gz: bb02d4a2bb19011a8eb531020d4780f31d44af7b
3
+ metadata.gz: 6ff1115eaca264c9790778ded501361f414caa62
4
+ data.tar.gz: 9a42e93dc852e9456dbf793a34bd922f38f541c7
5
5
  SHA512:
6
- metadata.gz: b8a0290f1b20390efb50c613da54a37072ebceee5dc11a9cec82cf67fa9e4002f3974bb35bd503b4dd7fdaacaed47c46f6f611aa8a66200cf44fbe40eaae8a2c
7
- data.tar.gz: c9bb1d911b9d3cbabe362d69c6a556c8596f1dcd2485635875d02a74e93768b56fae8c5ee683ba03c5223b8696acda8080bbe408ea580ace5052ff48dfb7cb7b
6
+ metadata.gz: 590c037185cc14d2f1dff665960131b6960a601a82448f0330abfd5378f742d038a72dec7bc7bfe15d7e5f4ddee9733f4d3aff9e5c3141c1b950aa0ad61b52fa
7
+ data.tar.gz: dce378411b1e8f3687afa6fa1cbe75dc60990e7df93b04da9ad71c9529d4a856e4dab215ec568b819b9fea626d150002a067fe1d0ed38680d260f7701337ac0a
data/LICENSE ADDED
@@ -0,0 +1,7 @@
1
+ Copyright (c) 2011 Jeff Lindsay
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
4
+
5
+ The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
6
+
7
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Manifest CHANGED
@@ -1,6 +1,8 @@
1
1
  Rakefile
2
+ README.md
3
+ LICENSE
2
4
  lib/jwt.rb
3
5
  lib/jwt/json.rb
4
- spec/helper.rb
6
+ spec/spec_helper.rb
5
7
  spec/jwt_spec.rb
6
8
  Manifest
@@ -0,0 +1,368 @@
1
+ # JWT
2
+ A Ruby implementation of [JSON Web Token](https://tools.ietf.org/html/rfc7519).
3
+
4
+ If you have further questions releated to development or usage, join us: [ruby-jwt google group](https://groups.google.com/forum/#!forum/ruby-jwt).
5
+
6
+ ## Installing
7
+
8
+ ```bash
9
+ sudo gem install jwt
10
+ ```
11
+
12
+ ## Algorithms and Usage
13
+
14
+ The JWT spec supports NONE, HMAC, RSASSA, ECDSA and RSASSA-PSS algorithms for cryptographic signing. Currently the jwt gem supports NONE, HMAC, RSASSA and ECDSA. If you are using cryptographic signing, you need to specify the algorithm in the options hash whenever you call JWT.decode to ensure that an attacker [cannot bypass the algorithm verification step](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/).
15
+
16
+ See: [ JSON Web Algorithms (JWA) 3.1. "alg" (Algorithm) Header Parameter Values for JWS](https://tools.ietf.org/html/rfc7518#section-3.1)
17
+
18
+ **NONE**
19
+
20
+ * none - unsigned token
21
+
22
+ ```ruby
23
+ require 'jwt'
24
+
25
+ payload = {:data => 'test'}
26
+
27
+ # IMPORTANT: set nil as password parameter
28
+ token = JWT.encode payload, nil, 'none'
29
+
30
+ # eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJ0ZXN0IjoiZGF0YSJ9.
31
+ puts token
32
+
33
+ # Set password to nil and validation to false otherwise this won't work
34
+ decoded_token = JWT.decode token, nil, false
35
+
36
+ # Array
37
+ # [
38
+ # {"data"=>"test"}, # payload
39
+ # {"typ"=>"JWT", "alg"=>"none"} # header
40
+ # ]
41
+ puts decoded_token
42
+ ```
43
+
44
+ **HMAC** (default: HS256)
45
+
46
+ * HS256 - HMAC using SHA-256 hash algorithm (default)
47
+ * HS384 - HMAC using SHA-384 hash algorithm
48
+ * HS512 - HMAC using SHA-512 hash algorithm
49
+
50
+ ```ruby
51
+ hmac_secret = 'my$ecretK3y'
52
+
53
+ token = JWT.encode payload, hmac_secret, 'HS256'
54
+
55
+ # eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0ZXN0IjoiZGF0YSJ9._sLPAGP-IXgho8BkMGQ86N2mah7vDyn0L5hOR4UkfoI
56
+ puts token
57
+
58
+ decoded_token = JWT.decode token, hmac_secret, true, { :algorithm => 'HS256' }
59
+
60
+ # Array
61
+ # [
62
+ # {"data"=>"test"}, # payload
63
+ # {"typ"=>"JWT", "alg"=>"HS256"} # header
64
+ # ]
65
+ puts decoded_token
66
+ ```
67
+
68
+ **RSA**
69
+
70
+ * RS256 - RSA using SHA-256 hash algorithm
71
+ * RS384 - RSA using SHA-384 hash algorithm
72
+ * RS512 - RSA using SHA-512 hash algorithm
73
+
74
+ ```ruby
75
+ rsa_private = OpenSSL::PKey::RSA.generate 2048
76
+ rsa_public = rsa_private.public_key
77
+
78
+ token = JWT.encode payload, rsa_private, 'RS256'
79
+
80
+ # eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ0ZXN0IjoiZGF0YSJ9.c2FynXNyi6_PeKxrDGxfS3OLwQ8lTDbWBWdq7oMviCy2ZfFpzvW2E_odCWJrbLof-eplHCsKzW7MGAntHMALXgclm_Cs9i2Exi6BZHzpr9suYkrhIjwqV1tCgMBCQpdeMwIq6SyKVjgH3L51ivIt0-GDDPDH1Rcut3jRQzp3Q35bg3tcI2iVg7t3Msvl9QrxXAdYNFiS5KXH22aJZ8X_O2HgqVYBXfSB1ygTYUmKTIIyLbntPQ7R22rFko1knGWOgQCoYXwbtpuKRZVFrxX958L2gUWgb4jEQNf3fhOtkBm1mJpj-7BGst00o8g_3P2zHy-3aKgpPo1XlKQGjRrrxA
81
+ puts token
82
+
83
+ decoded_token = JWT.decode token, rsa_public, true, { :algorithm => 'RS256' }
84
+
85
+ # Array
86
+ # [
87
+ # {"data"=>"test"}, # payload
88
+ # {"typ"=>"JWT", "alg"=>"RS256"} # header
89
+ # ]
90
+ puts decoded_token
91
+ ```
92
+
93
+ **ECDSA**
94
+
95
+ * ES256 - ECDSA using P-256 and SHA-256
96
+ * ES384 - ECDSA using P-384 and SHA-384
97
+ * ES512 - ECDSA using P-521 and SHA-512
98
+
99
+ ```ruby
100
+ ecdsa_key = OpenSSL::PKey::EC.new 'prime256v1'
101
+ ecdsa_key.generate_key
102
+ ecdsa_public = OpenSSL::PKey::EC.new ecdsa_key
103
+ ecdsa_public.private_key = nil
104
+
105
+ token = JWT.encode payload, ecdsa_key, 'ES256'
106
+
107
+ # eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJ0ZXN0IjoiZGF0YSJ9.MEQCIAtShrxRwP1L9SapqaT4f7hajDJH4t_rfm-YlZcNDsBNAiB64M4-JRfyS8nRMlywtQ9lHbvvec9U54KznzOe1YxTyA
108
+ puts token
109
+
110
+ decoded_token = JWT.decode token, ecdsa_public, true, { :algorithm => 'ES256' }
111
+
112
+ # Array
113
+ # [
114
+ # {"test"=>"data"}, # payload
115
+ # {"typ"=>"JWT", "alg"=>"ES256"} # header
116
+ # ]
117
+ puts decoded_token
118
+ ```
119
+
120
+ **RSASSA-PSS**
121
+
122
+ Not implemented.
123
+
124
+ ## Support for reserved claim names
125
+ JSON Web Token defines some reserved claim names and defines how they should be
126
+ used. JWT supports these reserved claim names:
127
+
128
+ - 'exp' (Expiration Time) Claim
129
+ - 'nbf' (Not Before Time) Claim
130
+ - 'iss' (Issuer) Claim
131
+ - 'aud' (Audience) Claim
132
+ - 'jti' (JWT ID) Claim
133
+ - 'iat' (Issued At) Claim
134
+ - 'sub' (Subject) Claim
135
+
136
+ ### Expiration Time Claim
137
+
138
+ From [Oauth JSON Web Token 4.1.4. "exp" (Expiration Time) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.4):
139
+
140
+ > The `exp` (expiration time) claim identifies the expiration time on or after which the JWT MUST NOT be accepted for processing. The processing of the `exp` claim requires that the current date/time MUST be before the expiration date/time listed in the `exp` claim. Implementers MAY provide for some small `leeway`, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing a ***NumericDate*** value. Use of this claim is OPTIONAL.
141
+
142
+ **Handle Expiration Claim**
143
+
144
+ ```ruby
145
+ exp = Time.now.to_i + 4 * 3600
146
+ exp_payload = { :data => 'data', :exp => exp }
147
+
148
+ token = JWT.encode exp_payload, hmac_secret, 'HS256'
149
+
150
+ begin
151
+ decoded_token = JWT.decode token, hmac_secret, true, { :algorithm => 'HS256' }
152
+ rescue JWT::ExpiredSignature
153
+ # Handle expired token, e.g. logout user or deny access
154
+ end
155
+ ```
156
+
157
+ **Adding Leeway**
158
+
159
+ ```ruby
160
+ exp = Time.now.to_i - 10
161
+ leeway = 30 # seconds
162
+
163
+ exp_payload = { :data => 'data', :exp => exp }
164
+
165
+ # build expired token
166
+ token = JWT.encode exp_payload, hmac_secret, 'HS256'
167
+
168
+ begin
169
+ # add leeway to ensure the token is still accepted
170
+ decoded_token = JWT.decode token, hmac_secret, true, { :leeway => leeway, :algorithm => 'HS256' }
171
+ rescue JWT::ExpiredSignature
172
+ # Handle expired token, e.g. logout user or deny access
173
+ end
174
+ ```
175
+
176
+ ### Not Before Time Claim
177
+
178
+ From [Oauth JSON Web Token 4.1.5. "nbf" (Not Before) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.5):
179
+
180
+ > The `nbf` (not before) claim identifies the time before which the JWT MUST NOT be accepted for processing. The processing of the `nbf` claim requires that the current date/time MUST be after or equal to the not-before date/time listed in the `nbf` claim. Implementers MAY provide for some small `leeway`, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing a ***NumericDate*** value. Use of this claim is OPTIONAL.
181
+
182
+ **Handle Not Before Claim**
183
+
184
+ ```ruby
185
+ nbf = Time.now.to_i - 3600
186
+ nbf_payload = { :data => 'data', :nbf => nbf }
187
+
188
+ token = JWT.encode nbf_payload, hmac_secret, 'HS256'
189
+
190
+ begin
191
+ decoded_token = JWT.decode token, hmac_secret, true, { :algorithm => 'HS256' }
192
+ rescue JWT::ImmatureSignature
193
+ # Handle invalid token, e.g. logout user or deny access
194
+ end
195
+ ```
196
+
197
+ **Adding Leeway**
198
+
199
+ ```ruby
200
+ nbf = Time.now.to_i + 10
201
+ leeway = 30
202
+
203
+ nbf_payload = { :data => 'data', :nbf => nbf }
204
+
205
+ # build expired token
206
+ token = JWT.encode nbf_payload, hmac_secret, 'HS256'
207
+
208
+ begin
209
+ # add leeway to ensure the token is valid
210
+ decoded_token = JWT.decode token, hmac_secret, true, { :leeway => leeway, :algorithm => 'HS256' }
211
+ rescue JWT::ImmatureSignature
212
+ # Handle invalid token, e.g. logout user or deny access
213
+ end
214
+ ```
215
+
216
+ ### Issuer Claim
217
+
218
+ From [Oauth JSON Web Token 4.1.1. "iss" (Issuer) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.1):
219
+
220
+ > The `iss` (issuer) claim identifies the principal that issued the JWT. The processing of this claim is generally application specific. The `iss` value is a case-sensitive string containing a ***StringOrURI*** value. Use of this claim is OPTIONAL.
221
+
222
+ ```ruby
223
+ iss = 'My Awesome Company Inc. or https://my.awesome.website/'
224
+ iss_payload = { :data => 'data', :iss => iss }
225
+
226
+ token = JWT.encode iss_payload, hmac_secret, 'HS256'
227
+
228
+ begin
229
+ # Add iss to the validation to check if the token has been manipulated
230
+ decoded_token = JWT.decode token, hmac_secret, true, { 'iss' => iss, :verify_iss => true, :algorithm => 'HS256' }
231
+ rescue JWT::InvalidIssuerError
232
+ # Handle invalid token, e.g. logout user or deny access
233
+ end
234
+ ```
235
+
236
+ ### Audience Claim
237
+
238
+ From [Oauth JSON Web Token 4.1.3. "aud" (Audience) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.3):
239
+
240
+ > The `aud` (audience) claim identifies the recipients that the JWT is intended for. Each principal intended to process the JWT MUST identify itself with a value in the audience claim. If the principal processing the claim does not identify itself with a value in the `aud` claim when this claim is present, then the JWT MUST be rejected. In the general case, the `aud` value is an array of case-sensitive strings, each containing a ***StringOrURI*** value. In the special case when the JWT has one audience, the `aud` value MAY be a single case-sensitive string containing a ***StringOrURI*** value. The interpretation of audience values is generally application specific. Use of this claim is OPTIONAL.
241
+
242
+ ```ruby
243
+ aud = ['Young', 'Old']
244
+ aud_payload = { :data => 'data', :aud => aud }
245
+
246
+ token = JWT.encode aud_payload, hmac_secret, 'HS256'
247
+
248
+ begin
249
+ # Add aud to the validation to check if the token has been manipulated
250
+ decoded_token = JWT.decode token, hmac_secret, true, { 'aud' => aud, :verify_aud => true, :algorithm => 'HS256' }
251
+ rescue JWT::InvalidAudError
252
+ # Handle invalid token, e.g. logout user or deny access
253
+ puts 'Audience Error'
254
+ end
255
+ ```
256
+
257
+ ### JWT ID Claim
258
+
259
+ From [Oauth JSON Web Token 4.1.7. "jti" (JWT ID) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.7):
260
+
261
+ > The `jti` (JWT ID) claim provides a unique identifier for the JWT. The identifier value MUST be assigned in a manner that ensures that there is a negligible probability that the same value will be accidentally assigned to a different data object; if the application uses multiple issuers, collisions MUST be prevented among values produced by different issuers as well. The `jti` claim can be used to prevent the JWT from being replayed. The `jti` value is a case-sensitive string. Use of this claim is OPTIONAL.
262
+
263
+ ```ruby
264
+ # in order to use JTI you have to add iat
265
+ iat = Time.now.to_i
266
+ # Use the secret and iat to create a unique key per request to prevent replay attacks
267
+ jti_raw = [hmac_secret, iat].join(':').to_s
268
+ jti = Digest::MD5.hexdigest(jti_raw)
269
+ jti_payload = { :data => 'data', :iat => iat, :jti => jti }
270
+
271
+ token = JWT.encode jti_payload, hmac_secret, 'HS256'
272
+
273
+ begin
274
+ # Add jti and iat to the validation to check if the token has been manipulated
275
+ decoded_token = JWT.decode token, hmac_secret, true, { 'jti' => jti, :verify_jti => true, :algorithm => 'HS256' }
276
+ # Check if the JTI has already been used
277
+ rescue JWT::InvalidJtiError
278
+ # Handle invalid token, e.g. logout user or deny access
279
+ puts 'Error'
280
+ end
281
+
282
+ ```
283
+
284
+ ### Issued At Claim
285
+
286
+ From [Oauth JSON Web Token 4.1.6. "iat" (Issued At) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.6):
287
+
288
+ > The `iat` (issued at) claim identifies the time at which the JWT was issued. This claim can be used to determine the age of the JWT. Its value MUST be a number containing a ***NumericDate*** value. Use of this claim is OPTIONAL.
289
+
290
+ ```ruby
291
+ iat = Time.now.to_i
292
+ iat_payload = { :data => 'data', :iat => iat }
293
+
294
+ token = JWT.encode iat_payload, hmac_secret, 'HS256'
295
+
296
+ begin
297
+ # Add iat to the validation to check if the token has been manipulated
298
+ decoded_token = JWT.decode token, hmac_secret, true, { :verify_iat => true, :algorithm => 'HS256' }
299
+ rescue JWT::InvalidIatError
300
+ # Handle invalid token, e.g. logout user or deny access
301
+ end
302
+ ```
303
+
304
+ ### Subject Claim
305
+
306
+ From [Oauth JSON Web Token 4.1.2. "sub" (Subject) Claim](https://tools.ietf.org/html/rfc7519#section-4.1.2):
307
+
308
+ > The `sub` (subject) claim identifies the principal that is the subject of the JWT. The Claims in a JWT are normally statements about the subject. The subject value MUST either be scoped to be locally unique in the context of the issuer or be globally unique. The processing of this claim is generally application specific. The sub value is a case-sensitive string containing a ***StringOrURI*** value. Use of this claim is OPTIONAL.
309
+
310
+ ```ruby
311
+ sub = 'Subject'
312
+ sub_payload = { :data => 'data', :sub => sub }
313
+
314
+ token = JWT.encode sub_payload, hmac_secret, 'HS256'
315
+
316
+ begin
317
+ # Add sub to the validation to check if the token has been manipulated
318
+ decoded_token = JWT.decode token, hmac_secret, true, { 'sub' => sub, :verify_sub => true, :algorithm => 'HS256' }
319
+ rescue JWT::InvalidSubError
320
+ # Handle invalid token, e.g. logout user or deny access
321
+ end
322
+ ```
323
+
324
+ # Development and Tests
325
+
326
+ We depend on [Echoe](http://rubygems.org/gems/echoe) for defining gemspec and performing releases to rubygems.org, which can be done with
327
+
328
+ ```bash
329
+ rake release
330
+ ```
331
+
332
+ The tests are written with rspec. Given you have rake and rspec, you can run tests with
333
+
334
+ ```bash
335
+ rake test
336
+ ```
337
+
338
+ **If you want a release cut with your PR, please include a version bump according to [Semantic Versioning](http://semver.org/)**
339
+
340
+ ## Contributors
341
+
342
+ * Jordan Brough <github.jordanb@xoxy.net>
343
+ * Ilya Zhitomirskiy <ilya@joindiaspora.com>
344
+ * Daniel Grippi <daniel@joindiaspora.com>
345
+ * Jeff Lindsay <progrium@gmail.com>
346
+ * Bob Aman <bob@sporkmonger.com>
347
+ * Micah Gates <github@mgates.com>
348
+ * Rob Wygand <rob@wygand.com>
349
+ * Ariel Salomon (Oscil8)
350
+ * Paul Battley <pbattley@gmail.com>
351
+ * Zane Shannon [@zshannon](https://github.com/zshannon)
352
+ * Brian Fletcher [@punkle](https://github.com/punkle)
353
+ * Alex [@ZhangHanDong](https://github.com/ZhangHanDong)
354
+ * John Downey [@jtdowney](https://github.com/jtdowney)
355
+ * Adam Greene [@skippy](https://github.com/skippy)
356
+ * Tim Rudat [@excpt](https://github.com/excpt) <timrudat@gmail.com> - Maintainer
357
+
358
+ ## License
359
+
360
+ MIT
361
+
362
+ Copyright (c) 2011 Jeff Lindsay
363
+
364
+ Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
365
+
366
+ The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
367
+
368
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Rakefile CHANGED
@@ -3,14 +3,14 @@ require 'rubygems'
3
3
  require 'rake'
4
4
  require 'echoe'
5
5
 
6
- Echoe.new('jwt', '1.5.1') do |p|
7
- p.description = 'JSON Web Token implementation in Ruby'
8
- p.url = 'http://github.com/progrium/ruby-jwt'
9
- p.author = 'Jeff Lindsay'
10
- p.email = 'progrium@gmail.com'
6
+ Echoe.new('jwt', '1.5.2') do |p|
7
+ p.description = 'JSON Web Token implementation in Ruby'
8
+ p.url = 'http://github.com/progrium/ruby-jwt'
9
+ p.author = 'Jeff Lindsay'
10
+ p.email = 'progrium@gmail.com'
11
11
  p.ignore_pattern = ['tmp/*']
12
12
  p.development_dependencies = ['echoe >=4.6.3']
13
- p.licenses = 'MIT'
13
+ p.licenses = 'MIT'
14
14
  end
15
15
 
16
16
  task :test do
@@ -1,23 +1,23 @@
1
1
  # -*- encoding: utf-8 -*-
2
- # stub: jwt 1.5.1 ruby lib
2
+ # stub: jwt 1.5.2 ruby lib
3
3
 
4
4
  Gem::Specification.new do |s|
5
5
  s.name = "jwt"
6
- s.version = "1.5.1"
6
+ s.version = "1.5.2"
7
7
 
8
8
  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
9
9
  s.require_paths = ["lib"]
10
10
  s.authors = ["Jeff Lindsay"]
11
- s.date = "2015-06-22"
11
+ s.date = "2015-10-27"
12
12
  s.description = "JSON Web Token implementation in Ruby"
13
13
  s.email = "progrium@gmail.com"
14
- s.extra_rdoc_files = ["lib/jwt.rb", "lib/jwt/json.rb"]
15
- s.files = ["Manifest", "Rakefile", "jwt.gemspec", "lib/jwt.rb", "lib/jwt/json.rb", "spec/helper.rb", "spec/jwt_spec.rb"]
14
+ s.extra_rdoc_files = ["README.md", "LICENSE", "lib/jwt.rb", "lib/jwt/json.rb"]
15
+ s.files = ["LICENSE", "Manifest", "README.md", "Rakefile", "jwt.gemspec", "lib/jwt.rb", "lib/jwt/json.rb", "spec/jwt_spec.rb", "spec/spec_helper.rb"]
16
16
  s.homepage = "http://github.com/progrium/ruby-jwt"
17
17
  s.licenses = ["MIT"]
18
18
  s.rdoc_options = ["--line-numbers", "--title", "Jwt", "--main", "README.md"]
19
19
  s.rubyforge_project = "jwt"
20
- s.rubygems_version = "2.4.6"
20
+ s.rubygems_version = "2.4.8"
21
21
  s.summary = "JSON Web Token implementation in Ruby"
22
22
 
23
23
  if s.respond_to? :specification_version then