jwt 1.5.6 → 2.2.3

data/lib/jwt/jwk/hmac.rb

@@ -0,0 +1,58 @@
+# frozen_string_literal: true
+
+module JWT
+  module JWK
+    class HMAC < KeyBase
+      KTY = 'oct'.freeze
+      KTYS = [KTY, String].freeze
+
+      def initialize(keypair, kid = nil)
+        raise ArgumentError, 'keypair must be of type String' unless keypair.is_a?(String)
+
+        super
+        @kid = kid || generate_kid
+      end
+
+      def private?
+        true
+      end
+
+      def public_key
+        nil
+      end
+
+      # See https://tools.ietf.org/html/rfc7517#appendix-A.3
+      def export(options = {})
+        exported_hash = {
+          kty: KTY,
+          kid: kid
+        }
+
+        return exported_hash unless private? && options[:include_private] == true
+
+        exported_hash.merge(
+          k: keypair
+        )
+      end
+
+      private
+
+      def generate_kid
+        sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::UTF8String.new(keypair),
+                                            OpenSSL::ASN1::UTF8String.new(KTY)])
+        OpenSSL::Digest::SHA256.hexdigest(sequence.to_der)
+      end
+
+      class << self
+        def import(jwk_data)
+          jwk_k = jwk_data[:k] || jwk_data['k']
+          jwk_kid = jwk_data[:kid] || jwk_data['kid']
+
+          raise JWT::JWKError, 'Key format is invalid for HMAC' unless jwk_k
+
+          self.new(jwk_k, jwk_kid)
+        end
+      end
+    end
+  end
+end

data/lib/jwt/jwk/key_base.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module JWT
+  module JWK
+    class KeyBase
+      attr_reader :keypair, :kid
+
+      def initialize(keypair, kid = nil)
+        @keypair = keypair
+        @kid     = kid
+      end
+
+      def self.inherited(klass)
+        ::JWT::JWK.classes << klass
+      end
+    end
+  end
+end

data/lib/jwt/jwk/key_finder.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module JWT
+  module JWK
+    class KeyFinder
+      def initialize(options)
+        jwks_or_loader = options[:jwks]
+        @jwks          = jwks_or_loader if jwks_or_loader.is_a?(Hash)
+        @jwk_loader    = jwks_or_loader if jwks_or_loader.respond_to?(:call)
+      end
+
+      def key_for(kid)
+        raise ::JWT::DecodeError, 'No key id (kid) found from token headers' unless kid
+
+        jwk = resolve_key(kid)
+
+        raise ::JWT::DecodeError, 'No keys found in jwks' if jwks_keys.empty?
+        raise ::JWT::DecodeError, "Could not find public key for kid #{kid}" unless jwk
+
+        ::JWT::JWK.import(jwk).keypair
+      end
+
+      private
+
+      def resolve_key(kid)
+        jwk = find_key(kid)
+
+        return jwk if jwk
+
+        if reloadable?
+          load_keys(invalidate: true)
+          return find_key(kid)
+        end
+
+        nil
+      end
+
+      def jwks
+        return @jwks if @jwks
+
+        load_keys
+        @jwks
+      end
+
+      def load_keys(opts = {})
+        @jwks = @jwk_loader.call(opts)
+      end
+
+      def jwks_keys
+        Array(jwks[:keys] || jwks['keys'])
+      end
+
+      def find_key(kid)
+        jwks_keys.find { |key| (key[:kid] || key['kid']) == kid }
+      end
+
+      def reloadable?
+        @jwk_loader
+      end
+    end
+  end
+end

data/lib/jwt/jwk/rsa.rb

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+
+module JWT
+  module JWK
+    class RSA < KeyBase
+      BINARY = 2
+      KTY    = 'RSA'.freeze
+      KTYS   = [KTY, OpenSSL::PKey::RSA].freeze
+      RSA_KEY_ELEMENTS = %i[n e d p q dp dq qi].freeze
+
+      def initialize(keypair, kid = nil)
+        raise ArgumentError, 'keypair must be of type OpenSSL::PKey::RSA' unless keypair.is_a?(OpenSSL::PKey::RSA)
+        super(keypair, kid || generate_kid(keypair.public_key))
+      end
+
+      def private?
+        keypair.private?
+      end
+
+      def public_key
+        keypair.public_key
+      end
+
+      def export(options = {})
+        exported_hash = {
+          kty: KTY,
+          n: encode_open_ssl_bn(public_key.n),
+          e: encode_open_ssl_bn(public_key.e),
+          kid: kid
+        }
+
+        return exported_hash unless private? && options[:include_private] == true
+
+        append_private_parts(exported_hash)
+      end
+
+      private
+
+      def generate_kid(public_key)
+        sequence = OpenSSL::ASN1::Sequence([OpenSSL::ASN1::Integer.new(public_key.n),
+                                            OpenSSL::ASN1::Integer.new(public_key.e)])
+        OpenSSL::Digest::SHA256.hexdigest(sequence.to_der)
+      end
+
+      def append_private_parts(the_hash)
+        the_hash.merge(
+          d: encode_open_ssl_bn(keypair.d),
+          p: encode_open_ssl_bn(keypair.p),
+          q: encode_open_ssl_bn(keypair.q),
+          dp: encode_open_ssl_bn(keypair.dmp1),
+          dq: encode_open_ssl_bn(keypair.dmq1),
+          qi: encode_open_ssl_bn(keypair.iqmp)
+        )
+      end
+
+      def encode_open_ssl_bn(key_part)
+        ::JWT::Base64.url_encode(key_part.to_s(BINARY))
+      end
+
+      class << self
+        def import(jwk_data)
+          pkey_params = jwk_attributes(jwk_data, *RSA_KEY_ELEMENTS) do |value|
+            decode_open_ssl_bn(value)
+          end
+          kid = jwk_attributes(jwk_data, :kid)[:kid]
+          self.new(rsa_pkey(pkey_params), kid)
+        end
+
+        private
+
+        def jwk_attributes(jwk_data, *attributes)
+          attributes.each_with_object({}) do |attribute, hash|
+            value = jwk_data[attribute] || jwk_data[attribute.to_s]
+            value = yield(value) if block_given?
+            hash[attribute] = value
+          end
+        end
+
+        def rsa_pkey(rsa_parameters)
+          raise JWT::JWKError, 'Key format is invalid for RSA' unless rsa_parameters[:n] && rsa_parameters[:e]
+
+          populate_key(OpenSSL::PKey::RSA.new, rsa_parameters)
+        end
+
+        if OpenSSL::PKey::RSA.new.respond_to?(:set_key)
+          def populate_key(rsa_key, rsa_parameters)
+            rsa_key.set_key(rsa_parameters[:n], rsa_parameters[:e], rsa_parameters[:d])
+            rsa_key.set_factors(rsa_parameters[:p], rsa_parameters[:q]) if rsa_parameters[:p] && rsa_parameters[:q]
+            rsa_key.set_crt_params(rsa_parameters[:dp], rsa_parameters[:dq], rsa_parameters[:qi]) if rsa_parameters[:dp] && rsa_parameters[:dq] && rsa_parameters[:qi]
+            rsa_key
+          end
+        else
+          def populate_key(rsa_key, rsa_parameters)
+            rsa_key.n = rsa_parameters[:n]
+            rsa_key.e = rsa_parameters[:e]
+            rsa_key.d = rsa_parameters[:d] if rsa_parameters[:d]
+            rsa_key.p = rsa_parameters[:p] if rsa_parameters[:p]
+            rsa_key.q = rsa_parameters[:q] if rsa_parameters[:q]
+            rsa_key.dmp1 = rsa_parameters[:dp] if rsa_parameters[:dp]
+            rsa_key.dmq1 = rsa_parameters[:dq] if rsa_parameters[:dq]
+            rsa_key.iqmp = rsa_parameters[:qi] if rsa_parameters[:qi]
+
+            rsa_key
+          end
+        end
+
+        def decode_open_ssl_bn(jwk_data)
+          return nil unless jwk_data
+
+          OpenSSL::BN.new(::JWT::Base64.url_decode(jwk_data), BINARY)
+        end
+      end
+    end
+  end
+end

data/lib/jwt/security_utils.rb

@@ -0,0 +1,57 @@
+module JWT
+  # Collection of security methods
+  #
+  # @see: https://github.com/rails/rails/blob/master/activesupport/lib/active_support/security_utils.rb
+  module SecurityUtils
+    module_function
+
+    def secure_compare(left, right)
+      left_bytesize = left.bytesize
+
+      return false unless left_bytesize == right.bytesize
+
+      unpacked_left = left.unpack "C#{left_bytesize}"
+      result = 0
+      right.each_byte { |byte| result |= byte ^ unpacked_left.shift }
+      result.zero?
+    end
+
+    def verify_rsa(algorithm, public_key, signing_input, signature)
+      public_key.verify(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), signature, signing_input)
+    end
+
+    def verify_ps(algorithm, public_key, signing_input, signature)
+      formatted_algorithm = algorithm.sub('PS', 'sha')
+
+      public_key.verify_pss(formatted_algorithm, signature, signing_input, salt_length: :auto, mgf1_hash: formatted_algorithm)
+    end
+
+    def asn1_to_raw(signature, public_key)
+      byte_size = (public_key.group.degree + 7) / 8
+      OpenSSL::ASN1.decode(signature).value.map { |value| value.value.to_s(2).rjust(byte_size, "\x00") }.join
+    end
+
+    def raw_to_asn1(signature, private_key)
+      byte_size = (private_key.group.degree + 7) / 8
+      sig_bytes = signature[0..(byte_size - 1)]
+      sig_char = signature[byte_size..-1] || ''
+      OpenSSL::ASN1::Sequence.new([sig_bytes, sig_char].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
+    end
+
+    def rbnacl_fixup(algorithm, key)
+      algorithm = algorithm.sub('HS', 'SHA').to_sym
+
+      return [] unless defined?(RbNaCl) && RbNaCl::HMAC.constants(false).include?(algorithm)
+
+      authenticator = RbNaCl::HMAC.const_get(algorithm)
+
+      # Fall back to OpenSSL for keys larger than 32 bytes.
+      return [] if key.bytesize > authenticator.key_bytes
+
+      [
+        authenticator,
+        key.bytes.fill(0, key.bytesize...authenticator.key_bytes).pack('C*')
+      ]
+    end
+  end
+end

data/lib/jwt/signature.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require 'jwt/security_utils'
+require 'openssl'
+require 'jwt/algos'
+begin
+  require 'rbnacl'
+rescue LoadError
+  raise if defined?(RbNaCl)
+end
+
+# JWT::Signature module
+module JWT
+  # Signature logic for JWT
+  module Signature
+    extend self
+    ToSign = Struct.new(:algorithm, :msg, :key)
+    ToVerify = Struct.new(:algorithm, :public_key, :signing_input, :signature)
+
+    def sign(algorithm, msg, key)
+      algo, code = Algos.find(algorithm)
+      algo.sign ToSign.new(code, msg, key)
+    end
+
+    def verify(algorithm, key, signing_input, signature)
+      return true if algorithm.casecmp('none').zero?
+
+      raise JWT::DecodeError, 'No verification key available' unless key
+
+      algo, code = Algos.find(algorithm)
+      verified = algo.verify(ToVerify.new(code, key, signing_input, signature))
+      raise(JWT::VerificationError, 'Signature verification raised') unless verified
+    rescue OpenSSL::PKey::PKeyError
+      raise JWT::VerificationError, 'Signature verification raised'
+    ensure
+      OpenSSL.errors.clear
+    end
+  end
+end

data/lib/jwt/verify.rb

@@ -1,106 +1,98 @@
 # frozen_string_literal: true
+
 require 'jwt/error'
 
 module JWT
   # JWT verify methods
   class Verify
+    DEFAULTS = {
+      leeway: 0
+    }.freeze
+
     class << self
-      %w(verify_aud verify_expiration verify_iat verify_iss verify_jti verify_not_before verify_sub).each do |method_name|
+      %w[verify_aud verify_expiration verify_iat verify_iss verify_jti verify_not_before verify_sub].each do |method_name|
         define_method method_name do |payload, options|
           new(payload, options).send(method_name)
         end
       end
+
+      def verify_claims(payload, options)
+        options.each do |key, val|
+          next unless key.to_s =~ /verify/
+          Verify.send(key, payload, options) if val
+        end
+      end
     end
 
     def initialize(payload, options)
       @payload = payload
-      @options = options
+      @options = DEFAULTS.merge(options)
     end
 
     def verify_aud
-      return unless (options_aud = extract_option(:aud))
-
-      if @payload['aud'].is_a?(Array)
-        verify_aud_array(@payload['aud'], options_aud)
-      else
-        raise(
-          JWT::InvalidAudError,
-          "Invalid audience. Expected #{options_aud}, received #{@payload['aud'] || '<none>'}"
-        ) unless @payload['aud'].to_s == options_aud.to_s
-      end
-    end
+      return unless (options_aud = @options[:aud])
 
-    def verify_aud_array(audience, options_aud)
-      if options_aud.is_a?(Array)
-        options_aud.each do |aud|
-          raise(JWT::InvalidAudError, 'Invalid audience') unless audience.include?(aud.to_s)
-        end
-      else
-        raise(JWT::InvalidAudError, 'Invalid audience') unless audience.include?(options_aud.to_s)
-      end
+      aud = @payload['aud']
+      raise(JWT::InvalidAudError, "Invalid audience. Expected #{options_aud}, received #{aud || '<none>'}") if ([*aud] & [*options_aud]).empty?
     end
 
     def verify_expiration
       return unless @payload.include?('exp')
-
-      if @payload['exp'].to_i <= (Time.now.to_i - leeway)
-        raise(JWT::ExpiredSignature, 'Signature has expired')
-      end
+      raise(JWT::ExpiredSignature, 'Signature has expired') if @payload['exp'].to_i <= (Time.now.to_i - exp_leeway)
     end
 
     def verify_iat
       return unless @payload.include?('iat')
 
-      if !@payload['iat'].is_a?(Numeric) || @payload['iat'].to_f > (Time.now.to_f + leeway)
-        raise(JWT::InvalidIatError, 'Invalid iat')
-      end
+      iat = @payload['iat']
+      raise(JWT::InvalidIatError, 'Invalid iat') if !iat.is_a?(Numeric) || iat.to_f > Time.now.to_f
     end
 
     def verify_iss
-      return unless (options_iss = extract_option(:iss))
+      return unless (options_iss = @options[:iss])
 
-      if @payload['iss'].to_s != options_iss.to_s
-        raise(
-          JWT::InvalidIssuerError,
-          "Invalid issuer. Expected #{options_iss}, received #{@payload['iss'] || '<none>'}"
-        )
-      end
+      iss = @payload['iss']
+
+      return if Array(options_iss).map(&:to_s).include?(iss.to_s)
+
+      raise(JWT::InvalidIssuerError, "Invalid issuer. Expected #{options_iss}, received #{iss || '<none>'}")
     end
 
     def verify_jti
-      options_verify_jti = extract_option(:verify_jti)
+      options_verify_jti = @options[:verify_jti]
+      jti = @payload['jti']
+
       if options_verify_jti.respond_to?(:call)
-        raise(JWT::InvalidJtiError, 'Invalid jti') unless options_verify_jti.call(@payload['jti'])
-      else
-        raise(JWT::InvalidJtiError, 'Missing jti') if @payload['jti'].to_s.strip.empty?
+        verified = options_verify_jti.arity == 2 ? options_verify_jti.call(jti, @payload) : options_verify_jti.call(jti)
+        raise(JWT::InvalidJtiError, 'Invalid jti') unless verified
+      elsif jti.to_s.strip.empty?
+        raise(JWT::InvalidJtiError, 'Missing jti')
       end
     end
 
     def verify_not_before
       return unless @payload.include?('nbf')
-
-      if @payload['nbf'].to_i > (Time.now.to_i + leeway)
-        raise(JWT::ImmatureSignature, 'Signature nbf has not been reached')
-      end
+      raise(JWT::ImmatureSignature, 'Signature nbf has not been reached') if @payload['nbf'].to_i > (Time.now.to_i + nbf_leeway)
     end
 
     def verify_sub
-      return unless (options_sub = extract_option(:sub))
-
-      raise(
-        JWT::InvalidSubError,
-        "Invalid subject. Expected #{options_sub}, received #{@payload['sub'] || '<none>'}"
-      ) unless @payload['sub'].to_s == options_sub.to_s
+      return unless (options_sub = @options[:sub])
+      sub = @payload['sub']
+      raise(JWT::InvalidSubError, "Invalid subject. Expected #{options_sub}, received #{sub || '<none>'}") unless sub.to_s == options_sub.to_s
     end
 
     private
 
-    def extract_option(key)
-      @options.values_at(key.to_sym, key.to_s).compact.first
+    def global_leeway
+      @options[:leeway]
+    end
+
+    def exp_leeway
+      @options[:exp_leeway] || global_leeway
     end
 
-    def leeway
-      extract_option :leeway
+    def nbf_leeway
+      @options[:nbf_leeway] || global_leeway
     end
   end
 end