jwt 1.5.6 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,4 +1,5 @@
1
1
  # frozen_string_literal: true
2
+
2
3
  require 'spec_helper'
3
4
  require 'jwt/verify'
4
5
 
@@ -8,8 +9,8 @@ module JWT
8
9
  let(:options) { { leeway: 0 } }
9
10
 
10
11
  context '.verify_aud(payload, options)' do
11
- let(:scalar_aud) { 'ruby-jwt-audience' }
12
- let(:array_aud) { %w(ruby-jwt-aud test-aud ruby-ruby-ruby) }
12
+ let(:scalar_aud) { 'ruby-jwt-aud' }
13
+ let(:array_aud) { %w[ruby-jwt-aud test-aud ruby-ruby-ruby] }
13
14
  let(:scalar_payload) { base_payload.merge('aud' => scalar_aud) }
14
15
  let(:array_payload) { base_payload.merge('aud' => array_aud) }
15
16
 
@@ -25,44 +26,24 @@ module JWT
25
26
  end.to raise_error JWT::InvalidAudError
26
27
  end
27
28
 
28
- it 'must raise JWT::InvalidAudError when the singular audience does not match and the options aud key is a string' do
29
- expect do
30
- Verify.verify_aud(scalar_payload, options.merge('aud' => 'no-match'))
31
- end.to raise_error JWT::InvalidAudError
32
- end
33
-
34
29
  it 'must allow a matching singular audience to pass' do
35
30
  Verify.verify_aud(scalar_payload, options.merge(aud: scalar_aud))
36
31
  end
37
32
 
38
- it 'must allow a matching audence to pass when the options key is a string' do
39
- Verify.verify_aud(scalar_payload, options.merge('aud' => scalar_aud))
40
- end
41
-
42
33
  it 'must allow an array with any value matching the one in the options' do
43
34
  Verify.verify_aud(array_payload, options.merge(aud: array_aud.first))
44
35
  end
45
36
 
46
- it 'must allow an array with any value matching the one in the options with a string options key' do
47
- Verify.verify_aud(array_payload, options.merge('aud' => array_aud.first))
37
+ it 'must allow an array with any value matching any value in the options array' do
38
+ Verify.verify_aud(array_payload, options.merge(aud: array_aud))
48
39
  end
49
40
 
50
- it 'should allow strings or symbolds in options array' do
51
- options['aud'] = [
52
- 'ruby-jwt-aud',
53
- 'test-aud',
54
- 'ruby-ruby-ruby',
55
- :test
56
- ]
57
-
58
- array_payload['aud'].push('test')
59
-
60
- Verify.verify_aud(array_payload, options)
41
+ it 'must allow a singular audience payload matching any value in the options array' do
42
+ Verify.verify_aud(scalar_payload, options.merge(aud: array_aud))
61
43
  end
62
44
  end
63
45
 
64
46
  context '.verify_expiration(payload, options)' do
65
- let(:leeway) { 10 }
66
47
  let(:payload) { base_payload.merge('exp' => (Time.now.to_i - 5)) }
67
48
 
68
49
  it 'must raise JWT::ExpiredSignature when the token has expired' do
@@ -71,10 +52,14 @@ module JWT
71
52
  end.to raise_error JWT::ExpiredSignature
72
53
  end
73
54
 
74
- it 'must allow some leeway in the expiration when configured' do
55
+ it 'must allow some leeway in the expiration when global leeway is configured' do
75
56
  Verify.verify_expiration(payload, options.merge(leeway: 10))
76
57
  end
77
58
 
59
+ it 'must allow some leeway in the expiration when exp_leeway is configured' do
60
+ Verify.verify_expiration(payload, options.merge(exp_leeway: 10))
61
+ end
62
+
78
63
  it 'must be expired if the exp claim equals the current time' do
79
64
  payload['exp'] = Time.now.to_i
80
65
 
@@ -82,6 +67,16 @@ module JWT
82
67
  Verify.verify_expiration(payload, options)
83
68
  end.to raise_error JWT::ExpiredSignature
84
69
  end
70
+
71
+ context 'when leeway is not specified' do
72
+ let(:options) { {} }
73
+
74
+ it 'used a default leeway of 0' do
75
+ expect do
76
+ Verify.verify_expiration(payload, options)
77
+ end.to raise_error JWT::ExpiredSignature
78
+ end
79
+ end
85
80
  end
86
81
 
87
82
  context '.verify_iat(payload, options)' do
@@ -96,6 +91,10 @@ module JWT
96
91
  Verify.verify_iat(payload.merge('iat' => (iat + 60)), options.merge(leeway: 70))
97
92
  end
98
93
 
94
+ it 'must allow configured iat_leeway' do
95
+ Verify.verify_iat(payload.merge('iat' => (iat + 60)), options.merge(iat_leeway: 70))
96
+ end
97
+
99
98
  it 'must properly handle integer times' do
100
99
  Verify.verify_iat(payload.merge('iat' => Time.now.to_i), options)
101
100
  end
@@ -119,20 +118,39 @@ module JWT
119
118
 
120
119
  let(:invalid_token) { JWT.encode base_payload, payload[:secret] }
121
120
 
122
- it 'must raise JWT::InvalidIssuerError when the configured issuer does not match the payload issuer' do
123
- expect do
124
- Verify.verify_iss(payload, options.merge(iss: 'mismatched-issuer'))
125
- end.to raise_error JWT::InvalidIssuerError
126
- end
127
-
128
- it 'must raise JWT::InvalidIssuerError when the payload does not include an issuer' do
129
- expect do
130
- Verify.verify_iss(base_payload, options.merge(iss: iss))
131
- end.to raise_error(JWT::InvalidIssuerError, /received <none>/)
132
- end
133
-
134
- it 'must allow a matching issuer to pass' do
135
- Verify.verify_iss(payload, options.merge(iss: iss))
121
+ context 'when iss is a String' do
122
+ it 'must raise JWT::InvalidIssuerError when the configured issuer does not match the payload issuer' do
123
+ expect do
124
+ Verify.verify_iss(payload, options.merge(iss: 'mismatched-issuer'))
125
+ end.to raise_error JWT::InvalidIssuerError
126
+ end
127
+
128
+ it 'must raise JWT::InvalidIssuerError when the payload does not include an issuer' do
129
+ expect do
130
+ Verify.verify_iss(base_payload, options.merge(iss: iss))
131
+ end.to raise_error(JWT::InvalidIssuerError, /received <none>/)
132
+ end
133
+
134
+ it 'must allow a matching issuer to pass' do
135
+ Verify.verify_iss(payload, options.merge(iss: iss))
136
+ end
137
+ end
138
+ context 'when iss is an Array' do
139
+ it 'must raise JWT::InvalidIssuerError when no matching issuers in array' do
140
+ expect do
141
+ Verify.verify_iss(payload, options.merge(iss: %w[first second]))
142
+ end.to raise_error JWT::InvalidIssuerError
143
+ end
144
+
145
+ it 'must raise JWT::InvalidIssuerError when the payload does not include an issuer' do
146
+ expect do
147
+ Verify.verify_iss(base_payload, options.merge(iss: %w[first second]))
148
+ end.to raise_error(JWT::InvalidIssuerError, /received <none>/)
149
+ end
150
+
151
+ it 'must allow an array with matching issuer to pass' do
152
+ Verify.verify_iss(payload, options.merge(iss: ['first', iss, 'third']))
153
+ end
136
154
  end
137
155
  end
138
156
 
@@ -175,9 +193,13 @@ module JWT
175
193
  end.to raise_error JWT::ImmatureSignature
176
194
  end
177
195
 
178
- it 'must allow some leeway in the token age when configured' do
196
+ it 'must allow some leeway in the token age when global leeway is configured' do
179
197
  Verify.verify_not_before(payload, options.merge(leeway: 10))
180
198
  end
199
+
200
+ it 'must allow some leeway in the token age when nbf_leeway is configured' do
201
+ Verify.verify_not_before(payload, options.merge(nbf_leeway: 10))
202
+ end
181
203
  end
182
204
 
183
205
  context '.verify_sub(payload, options)' do
data/spec/jwt_spec.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  require 'spec_helper'
2
2
  require 'jwt'
3
+ require 'jwt/encode'
3
4
  require 'jwt/decode'
4
5
 
5
6
  describe JWT do
@@ -18,13 +19,14 @@ describe JWT do
18
19
  'ES384_public' => OpenSSL::PKey.read(File.read(File.join(CERT_PATH, 'ec384-public.pem'))),
19
20
  'ES512_private' => OpenSSL::PKey.read(File.read(File.join(CERT_PATH, 'ec512-private.pem'))),
20
21
  'ES512_public' => OpenSSL::PKey.read(File.read(File.join(CERT_PATH, 'ec512-public.pem'))),
21
- 'NONE' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.',
22
- 'HS256' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.tCGvlClld0lbQ3NZaH8y53n5RSBr3zlS4Oy5bXqvzZQ',
23
- 'HS384' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.sj1gc01SawlJSrPZgmveifJ8CzZRYAWjejWm4FRaGaAISESJ9Ncf12fCz2vHrITm',
24
- 'HS512' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.isjhsWMZpRQOWw6LKtlY4L6tMDNkLr0qZ3bQe_xRFXWhzVvJlkclTbLVa1J6Dlj2WyZ_I1jEobTaFMDoXPzwWg',
25
- 'RS256' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.u82QrhjZTtwve5akvfWS_4LPywbkb1Yp0nUwZJWtTW0ID7dY9rRiQF5KGj2UDLZotqRlUjyNQgE_hB5BBzICDQdCjQHQoYWE5n_D2wV4PMu7Qg3FVKoBFbf8ee6irodu10fgYxpUIZtvbWw52_6k6A9IoSLSzx_lCcxoVGdW90dUuKhBcZkDtY5WNuQg7MiDthupSL1-V4Y1jmT_7o8tLNGFiocyZfGNw4yGpEOGNvD5WePNit0xsnbj6dEquovUvSFKsMaQXp2PVDEkLOiLMcyk0RrHqrHw2eNSCquWTH8PhX5Up-CVmjQM5zF9ibkaiq8NyPtsy-7rgtbyVMqXBQ',
26
- 'RS384' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.2_jPwOsUWJ-3r6lXMdJGPdhLNJQSSEmY2mrDXCwNJk-2YhMIqKAzJJCbyso_A1hS7BVkXmHt54RCcNJXroZBOgmGavCcYTPMaT6sCvVVvJJ_wn7jzKHNAJfL5nWeynTQIBWmL-m_v9QpZAgPALdeqjPRv4JHePZm23kvrUgQOxef2ldXv1l6IB3zfF72uEbk9T5pKBvgeeeQ46xm_HtkpXqMdqcTHawUXeXhuiWxuWfy9pAvhm8ivxwJhiQ15-sQNBlS9lG1_gQz1xaZ_Ou_n1nhNfGwpK5HeS0AgmqsqyCOvaGHeAuAOPZ_dSC3cFKu2AP7kc6_AKBgwJzh4agkXg',
27
- 'RS512' => 'eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.abwof7BqTvuLkN69OhEuFTP7vjGzfvAvooQdwIRne_a88MsjCq31n4UPvyIlY9_8u69rpU79RbMsrq_UZ6L85zP83EcyYI-HOfFZgYDAL3DJ7biBD99JTzyOsH_2i_E6yCkevjEX6uL_Am_C7jpWyePJQkYzTFni6mW4W1T9UobiVGA1tIZ-XOJDPHHxZkGu6W8lKW0UCsr9Ge2SCSlTs_LDSOa34gqMC5GP89unhLqSMqEMJ_Nm6Rj0rnmk87wBZM-b04LLteWuEU59QDNa4nMTjfXW74U4hX9n5EECDPQdQMecgxlUbFunAfZaoNzP4m7H4vux2FzYkjkXhdqnnw',
22
+ 'NONE' => 'eyJhbGciOiJub25lIn0.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.',
23
+ 'HS256' => 'eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.kWOVtIOpWcG7JnyJG0qOkTDbOy636XrrQhMm_8JrRQ8',
24
+ 'HS512256' => 'eyJhbGciOiJIUzUxMjI1NiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.Ds_4ibvf7z4QOBoKntEjDfthy3WJ-3rKMspTEcHE2bA',
25
+ 'HS384' => 'eyJhbGciOiJIUzM4NCJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.VuV4j4A1HKhWxCNzEcwc9qVF3frrEu-BRLzvYPkbWO0LENRGy5dOiBQ34remM3XH',
26
+ 'HS512' => 'eyJhbGciOiJIUzUxMiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.8zNtCBTJIZTHpZ-BkhR-6sZY1K85Nm5YCKqV3AxRdsBJDt_RR-REH2db4T3Y0uQwNknhrCnZGvhNHrvhDwV1kA',
27
+ 'RS256' => 'eyJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.eSXvWP4GViiwUALj_-qTxU68I1oM0XjgDsCZBBUri2Ghh9d75QkVDoZ_v872GaqunN5A5xcnBK0-cOq-CR6OwibgJWfOt69GNzw5RrOfQ2mz3QI3NYEq080nF69h8BeqkiaXhI24Q51joEgfa9aj5Y-oitLAmtDPYTm7vTcdGufd6AwD3_3jajKBwkh0LPSeMtbe_5EyS94nFoEF9OQuhJYjUmp7agsBVa8FFEjVw5jEgVqkvERSj5hSY4nEiCAomdVxIKBfykyi0d12cgjhI7mBFwWkPku8XIPGZ7N8vpiSLdM68BnUqIK5qR7NAhtvT7iyLFgOqhZNUQ6Ret5VpQ',
28
+ 'RS384' => 'eyJhbGciOiJSUzM4NCJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.Sfgk56moPghtsjaP4so6tOy3I553mgwX-5gByMC6dX8lpeWgsxSeAd_K8IyO7u4lwYOL0DSftnqO1HEOuN1AKyBbDvaTXz3u2xNA2x4NYLdW4AZA6ritbYcKLO5BHTXw5ueMbtA1jjGXP0zI_aK2iJTMBmB8SCF88RYBUH01Tyf4PlLj98pGL-v3prZd6kZkIeRJ3326h04hslcB5HQKmgeBk24QNLIoIC-CD329HPjJ7TtGx01lj-ehTBnwVbBGzYFAyoalV5KgvL_MDOfWPr1OYHnR5s_Fm6_3Vg4u6lBljvHOrmv4Nfx7d8HLgbo8CwH4qn1wm6VQCtuDd-uhRg',
29
+ 'RS512' => 'eyJhbGciOiJSUzUxMiJ9.eyJ1c2VyX2lkIjoic29tZUB1c2VyLnRsZCJ9.LIIAUEuCkGNdpYguOO5LoW4rZ7ED2POJrB0pmEAAchyTdIK4HKh1jcLxc6KyGwZv40njCgub3y72q6vcQTn7oD0zWFCVQRIDW1911Ii2hRNHuigiPUnrnZh1OQ6z65VZRU6GKs8omoBGU9vrClBU0ODqYE16KxYmE_0n4Xw2h3D_L1LF0IAOtDWKBRDa3QHwZRM9sHsHNsBuD5ye9KzDYN1YALXj64LBfA-DoCKfpVAm9NkRPOyzjR2X2C3TomOSJgqWIVHJucudKDDAZyEbO4RA5pI-UFYy1370p9bRajvtDyoBuLDCzoSkMyQ4L2DnLhx5CbWcnD7Cd3GUmnjjTA',
28
30
  'ES256' => '',
29
31
  'ES384' => '',
30
32
  'ES512' => ''
@@ -58,9 +60,17 @@ describe JWT do
58
60
  JWT.encode payload, nil, alg
59
61
  end.to raise_error JWT::InvalidPayload
60
62
  end
63
+
64
+ it 'should display a better error message if payload exp is not an Integer' do
65
+ payload['exp'] = Time.now.to_i.to_s
66
+
67
+ expect do
68
+ JWT.encode payload, nil, alg
69
+ end.to raise_error JWT::InvalidPayload
70
+ end
61
71
  end
62
72
 
63
- %w(HS256 HS384 HS512).each do |alg|
73
+ %w[HS256 HS512256 HS384 HS512].each do |alg|
64
74
  context "alg: #{alg}" do
65
75
  it 'should generate a valid token' do
66
76
  token = JWT.encode payload, data[:secret], alg
@@ -69,7 +79,7 @@ describe JWT do
69
79
  end
70
80
 
71
81
  it 'should decode a valid token' do
72
- jwt_payload, header = JWT.decode data[alg], data[:secret]
82
+ jwt_payload, header = JWT.decode data[alg], data[:secret], true, algorithm: alg
73
83
 
74
84
  expect(header['alg']).to eq alg
75
85
  expect(jwt_payload).to eq payload
@@ -77,8 +87,8 @@ describe JWT do
77
87
 
78
88
  it 'wrong secret should raise JWT::DecodeError' do
79
89
  expect do
80
- JWT.decode data[alg], 'wrong_secret'
81
- end.to raise_error JWT::DecodeError
90
+ JWT.decode data[alg], 'wrong_secret', true, algorithm: alg
91
+ end.to raise_error JWT::VerificationError
82
92
  end
83
93
 
84
94
  it 'wrong secret and verify = false should not raise JWT::DecodeError' do
@@ -89,7 +99,7 @@ describe JWT do
89
99
  end
90
100
  end
91
101
 
92
- %w(RS256 RS384 RS512).each do |alg|
102
+ %w[RS256 RS384 RS512].each do |alg|
93
103
  context "alg: #{alg}" do
94
104
  it 'should generate a valid token' do
95
105
  token = JWT.encode payload, data[:rsa_private], alg
@@ -98,7 +108,7 @@ describe JWT do
98
108
  end
99
109
 
100
110
  it 'should decode a valid token' do
101
- jwt_payload, header = JWT.decode data[alg], data[:rsa_public]
111
+ jwt_payload, header = JWT.decode data[alg], data[:rsa_public], true, algorithm: alg
102
112
 
103
113
  expect(header['alg']).to eq alg
104
114
  expect(jwt_payload).to eq payload
@@ -108,7 +118,7 @@ describe JWT do
108
118
  key = OpenSSL::PKey.read File.read(File.join(CERT_PATH, 'rsa-2048-wrong-public.pem'))
109
119
 
110
120
  expect do
111
- JWT.decode data[alg], key
121
+ JWT.decode data[alg], key, true, algorithm: alg
112
122
  end.to raise_error JWT::DecodeError
113
123
  end
114
124
 
@@ -122,7 +132,7 @@ describe JWT do
122
132
  end
123
133
  end
124
134
 
125
- %w(ES256 ES384 ES512).each do |alg|
135
+ %w[ES256 ES384 ES512].each do |alg|
126
136
  context "alg: #{alg}" do
127
137
  before(:each) do
128
138
  data[alg] = JWT.encode payload, data["#{alg}_private"], alg
@@ -131,14 +141,14 @@ describe JWT do
131
141
  let(:wrong_key) { OpenSSL::PKey.read(File.read(File.join(CERT_PATH, 'ec256-wrong-public.pem'))) }
132
142
 
133
143
  it 'should generate a valid token' do
134
- jwt_payload, header = JWT.decode data[alg], data["#{alg}_public"]
144
+ jwt_payload, header = JWT.decode data[alg], data["#{alg}_public"], true, algorithm: alg
135
145
 
136
146
  expect(header['alg']).to eq alg
137
147
  expect(jwt_payload).to eq payload
138
148
  end
139
149
 
140
150
  it 'should decode a valid token' do
141
- jwt_payload, header = JWT.decode data[alg], data["#{alg}_public"]
151
+ jwt_payload, header = JWT.decode data[alg], data["#{alg}_public"], true, algorithm: alg
142
152
 
143
153
  expect(header['alg']).to eq alg
144
154
  expect(jwt_payload).to eq payload
@@ -195,6 +205,14 @@ describe JWT do
195
205
  JWT.decode token, data[:secret], true, algorithm: 'HS512'
196
206
  end.not_to raise_error
197
207
  end
208
+
209
+ it 'should raise JWT::IncorrectAlgorithm if no algorithm is provided' do
210
+ token = JWT.encode payload, data[:rsa_public].to_s, 'HS256'
211
+
212
+ expect do
213
+ JWT.decode token, data[:rsa_public], true
214
+ end.to raise_error JWT::IncorrectAlgorithm
215
+ end
198
216
  end
199
217
 
200
218
  context 'issuer claim' do
@@ -208,7 +226,7 @@ describe JWT do
208
226
 
209
227
  it 'if verify_iss is set to false (default option) should not raise JWT::InvalidIssuerError' do
210
228
  expect do
211
- JWT.decode token, data[:secret], true, iss: iss
229
+ JWT.decode token, data[:secret], true, iss: iss, algorithm: 'HS256'
212
230
  end.not_to raise_error
213
231
  end
214
232
  end
@@ -217,24 +235,23 @@ describe JWT do
217
235
  context 'Base64' do
218
236
  it 'urlsafe replace + / with - _' do
219
237
  allow(Base64).to receive(:encode64) { 'string+with/non+url-safe/characters_' }
220
- expect(JWT.base64url_encode('foo')).to eq('string-with_non-url-safe_characters_')
238
+ expect(JWT::Encode.base64url_encode('foo')).to eq('string-with_non-url-safe_characters_')
221
239
  end
222
240
  end
223
241
 
224
- describe 'secure comparison' do
225
- it 'returns true if strings are equal' do
226
- expect(JWT.secure_compare('Foo', 'Foo')).to eq true
227
- end
242
+ it 'should not verify token even if the payload has claims' do
243
+ head = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9'
244
+ load = 'eyJ1c2VyX2lkIjo1NCwiZXhwIjoxNTA0MzkwODA0fQ'
245
+ sign = 'Skpi6FfYMbZ-DwW9ocyRIosNMdPMAIWRLYxRO68GTQk'
228
246
 
229
- it 'returns false if either input is nil or empty' do
230
- [nil, ''].each do |bad|
231
- expect(JWT.secure_compare(bad, 'Foo')).to eq false
232
- expect(JWT.secure_compare('Foo', bad)).to eq false
233
- end
234
- end
247
+ expect do
248
+ JWT.decode([head, load, sign].join('.'), '', false)
249
+ end.not_to raise_error
250
+ end
235
251
 
236
- it 'retuns false if the strings are different' do
237
- expect(JWT.secure_compare('Foo', 'Bar')).to eq false
238
- end
252
+ it 'should not raise InvalidPayload exception if payload is an array' do
253
+ expect do
254
+ JWT.encode(['my', 'payload'], 'secret')
255
+ end.not_to raise_error
239
256
  end
240
257
  end
data/spec/spec_helper.rb CHANGED
@@ -2,26 +2,23 @@ require 'rspec'
2
2
  require 'simplecov'
3
3
  require 'simplecov-json'
4
4
  require 'codeclimate-test-reporter'
5
+ require 'codacy-coverage'
6
+
7
+ Codacy::Reporter.start
5
8
 
6
9
  SimpleCov.configure do
7
10
  root File.join(File.dirname(__FILE__), '..')
8
11
  project_name 'Ruby JWT - Ruby JSON Web Token implementation'
9
- SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter.new([
10
- SimpleCov::Formatter::HTMLFormatter,
11
- SimpleCov::Formatter::JSONFormatter
12
- ])
13
-
14
12
  add_filter 'spec'
15
13
  end
16
14
 
17
15
  SimpleCov.start if ENV['COVERAGE']
18
- CodeClimate::TestReporter.start if ENV['CODECLIMATE_REPO_TOKEN']
19
16
 
20
17
  CERT_PATH = File.join(File.dirname(__FILE__), 'fixtures', 'certs')
21
18
 
22
19
  RSpec.configure do |config|
23
20
  config.expect_with :rspec do |c|
24
- c.syntax = [:should, :expect]
21
+ c.syntax = %i[should expect]
25
22
  end
26
23
 
27
24
  config.run_all_when_everything_filtered = true
metadata CHANGED
@@ -1,15 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.5.6
4
+ version: 2.0.0
5
5
  platform: ruby
6
6
  authors:
7
- - Jeff Lindsay
8
7
  - Tim Rudat
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2016-09-19 00:00:00.000000000 Z
11
+ date: 2017-09-03 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: bundler
@@ -40,21 +39,21 @@ dependencies:
40
39
  - !ruby/object:Gem::Version
41
40
  version: '0'
42
41
  - !ruby/object:Gem::Dependency
43
- name: json
42
+ name: rspec
44
43
  requirement: !ruby/object:Gem::Requirement
45
44
  requirements:
46
- - - "<"
45
+ - - ">="
47
46
  - !ruby/object:Gem::Version
48
- version: '2.0'
47
+ version: '0'
49
48
  type: :development
50
49
  prerelease: false
51
50
  version_requirements: !ruby/object:Gem::Requirement
52
51
  requirements:
53
- - - "<"
52
+ - - ">="
54
53
  - !ruby/object:Gem::Version
55
- version: '2.0'
54
+ version: '0'
56
55
  - !ruby/object:Gem::Dependency
57
- name: rspec
56
+ name: simplecov
58
57
  requirement: !ruby/object:Gem::Requirement
59
58
  requirements:
60
59
  - - ">="
@@ -68,7 +67,7 @@ dependencies:
68
67
  - !ruby/object:Gem::Version
69
68
  version: '0'
70
69
  - !ruby/object:Gem::Dependency
71
- name: simplecov
70
+ name: simplecov-json
72
71
  requirement: !ruby/object:Gem::Requirement
73
72
  requirements:
74
73
  - - ">="
@@ -82,7 +81,7 @@ dependencies:
82
81
  - !ruby/object:Gem::Version
83
82
  version: '0'
84
83
  - !ruby/object:Gem::Dependency
85
- name: simplecov-json
84
+ name: codeclimate-test-reporter
86
85
  requirement: !ruby/object:Gem::Requirement
87
86
  requirements:
88
87
  - - ">="
@@ -96,7 +95,21 @@ dependencies:
96
95
  - !ruby/object:Gem::Version
97
96
  version: '0'
98
97
  - !ruby/object:Gem::Dependency
99
- name: codeclimate-test-reporter
98
+ name: codacy-coverage
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: rbnacl
100
113
  requirement: !ruby/object:Gem::Requirement
101
114
  requirements:
102
115
  - - ">="
@@ -117,7 +130,9 @@ extensions: []
117
130
  extra_rdoc_files: []
118
131
  files:
119
132
  - ".codeclimate.yml"
133
+ - ".ebert.yml"
120
134
  - ".gitignore"
135
+ - ".reek.yml"
121
136
  - ".rspec"
122
137
  - ".rubocop.yml"
123
138
  - ".travis.yml"
@@ -129,8 +144,11 @@ files:
129
144
  - Rakefile
130
145
  - lib/jwt.rb
131
146
  - lib/jwt/decode.rb
147
+ - lib/jwt/default_options.rb
148
+ - lib/jwt/encode.rb
132
149
  - lib/jwt/error.rb
133
- - lib/jwt/json.rb
150
+ - lib/jwt/security_utils.rb
151
+ - lib/jwt/signature.rb
134
152
  - lib/jwt/verify.rb
135
153
  - lib/jwt/version.rb
136
154
  - ruby-jwt.gemspec
@@ -170,7 +188,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
170
188
  requirements:
171
189
  - - ">="
172
190
  - !ruby/object:Gem::Version
173
- version: '0'
191
+ version: '2.1'
174
192
  required_rubygems_version: !ruby/object:Gem::Requirement
175
193
  requirements:
176
194
  - - ">="
@@ -178,7 +196,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
178
196
  version: '0'
179
197
  requirements: []
180
198
  rubyforge_project:
181
- rubygems_version: 2.6.6
199
+ rubygems_version: 2.6.13
182
200
  signing_key:
183
201
  specification_version: 4
184
202
  summary: JSON Web Token implementation in Ruby
data/lib/jwt/json.rb DELETED
@@ -1,17 +0,0 @@
1
- # frozen_string_literal: true
2
- require 'json'
3
-
4
- module JWT
5
- # JSON fallback implementation or ruby 1.8.x
6
- module Json
7
- def decode_json(encoded)
8
- JSON.parse(encoded)
9
- rescue JSON::ParserError
10
- raise JWT::DecodeError, 'Invalid segment encoding'
11
- end
12
-
13
- def encode_json(raw)
14
- JSON.generate(raw)
15
- end
16
- end
17
- end