jwt 2.0.0 → 2.2.2

data/lib/jwt/algos/ecdsa.rb

@@ -0,0 +1,35 @@
+module JWT
+  module Algos
+    module Ecdsa
+      module_function
+
+      SUPPORTED = %w[ES256 ES384 ES512].freeze
+      NAMED_CURVES = {
+        'prime256v1' => 'ES256',
+        'secp384r1' => 'ES384',
+        'secp521r1' => 'ES512'
+      }.freeze
+
+      def sign(to_sign)
+        algorithm, msg, key = to_sign.values
+        key_algorithm = NAMED_CURVES[key.group.curve_name]
+        if algorithm != key_algorithm
+          raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} signing key was provided"
+        end
+
+        digest = OpenSSL::Digest.new(algorithm.sub('ES', 'sha'))
+        SecurityUtils.asn1_to_raw(key.dsa_sign_asn1(digest.digest(msg)), key)
+      end
+
+      def verify(to_verify)
+        algorithm, public_key, signing_input, signature = to_verify.values
+        key_algorithm = NAMED_CURVES[public_key.group.curve_name]
+        if algorithm != key_algorithm
+          raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key_algorithm} verification key was provided"
+        end
+        digest = OpenSSL::Digest.new(algorithm.sub('ES', 'sha'))
+        public_key.dsa_verify_asn1(digest.digest(signing_input), SecurityUtils.raw_to_asn1(signature, public_key))
+      end
+    end
+  end
+end

data/lib/jwt/algos/eddsa.rb

@@ -0,0 +1,23 @@
+module JWT
+  module Algos
+    module Eddsa
+      module_function
+
+      SUPPORTED = %w[ED25519].freeze
+
+      def sign(to_sign)
+        algorithm, msg, key = to_sign.values
+        raise EncodeError, "Key given is a #{key.class} but has to be an RbNaCl::Signatures::Ed25519::SigningKey" if key.class != RbNaCl::Signatures::Ed25519::SigningKey
+        raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{key.primitive} signing key was provided"  if algorithm.downcase.to_sym != key.primitive
+        key.sign(msg)
+      end
+
+      def verify(to_verify)
+        algorithm, public_key, signing_input, signature = to_verify.values
+        raise IncorrectAlgorithm, "payload algorithm is #{algorithm} but #{public_key.primitive} verification key was provided" if algorithm.downcase.to_sym != public_key.primitive
+        raise DecodeError, "key given is a #{public_key.class} but has to be a RbNaCl::Signatures::Ed25519::VerifyKey" if public_key.class != RbNaCl::Signatures::Ed25519::VerifyKey
+        public_key.verify(signature, signing_input)
+      end
+    end
+  end
+end

data/lib/jwt/algos/hmac.rb

@@ -0,0 +1,34 @@
+module JWT
+  module Algos
+    module Hmac
+      module_function
+
+      SUPPORTED = %w[HS256 HS512256 HS384 HS512].freeze
+
+      def sign(to_sign)
+        algorithm, msg, key = to_sign.values
+        key ||= ''
+        authenticator, padded_key = SecurityUtils.rbnacl_fixup(algorithm, key)
+        if authenticator && padded_key
+          authenticator.auth(padded_key, msg.encode('binary'))
+        else
+          OpenSSL::HMAC.digest(OpenSSL::Digest.new(algorithm.sub('HS', 'sha')), key, msg)
+        end
+      end
+
+      def verify(to_verify)
+        algorithm, public_key, signing_input, signature = to_verify.values
+        authenticator, padded_key = SecurityUtils.rbnacl_fixup(algorithm, public_key)
+        if authenticator && padded_key
+          begin
+            authenticator.verify(padded_key, signature.encode('binary'), signing_input.encode('binary'))
+          rescue RbNaCl::BadAuthenticatorError
+            false
+          end
+        else
+          SecurityUtils.secure_compare(signature, sign(JWT::Signature::ToSign.new(algorithm, signing_input, public_key)))
+        end
+      end
+    end
+  end
+end

data/lib/jwt/algos/ps.rb

@@ -0,0 +1,43 @@
+module JWT
+  module Algos
+    module Ps
+      # RSASSA-PSS signing algorithms
+
+      module_function
+
+      SUPPORTED = %w[PS256 PS384 PS512].freeze
+
+      def sign(to_sign)
+        require_openssl!
+
+        algorithm, msg, key = to_sign.values
+
+        key_class = key.class
+
+        raise EncodeError, "The given key is a #{key_class}. It has to be an OpenSSL::PKey::RSA instance." if key_class == String
+
+        translated_algorithm = algorithm.sub('PS', 'sha')
+
+        key.sign_pss(translated_algorithm, msg, salt_length: :digest, mgf1_hash: translated_algorithm)
+      end
+
+      def verify(to_verify)
+        require_openssl!
+
+        SecurityUtils.verify_ps(to_verify.algorithm, to_verify.public_key, to_verify.signing_input, to_verify.signature)
+      end
+
+      def require_openssl!
+        if Object.const_defined?('OpenSSL')
+          major, minor = OpenSSL::VERSION.split('.').first(2)
+
+          unless major.to_i >= 2 && minor.to_i >= 1
+            raise JWT::RequiredDependencyError, "You currently have OpenSSL #{OpenSSL::VERSION}. PS support requires >= 2.1"
+          end
+        else
+          raise JWT::RequiredDependencyError, 'PS signing requires OpenSSL +2.1'
+        end
+      end
+    end
+  end
+end

data/lib/jwt/algos/rsa.rb

@@ -0,0 +1,19 @@
+module JWT
+  module Algos
+    module Rsa
+      module_function
+
+      SUPPORTED = %w[RS256 RS384 RS512].freeze
+
+      def sign(to_sign)
+        algorithm, msg, key = to_sign.values
+        raise EncodeError, "The given key is a #{key.class}. It has to be an OpenSSL::PKey::RSA instance." if key.class == String
+        key.sign(OpenSSL::Digest.new(algorithm.sub('RS', 'sha')), msg)
+      end
+
+      def verify(to_verify)
+        SecurityUtils.verify_rsa(to_verify.algorithm, to_verify.public_key, to_verify.signing_input, to_verify.signature)
+      end
+    end
+  end
+end

data/lib/jwt/algos/unsupported.rb

@@ -0,0 +1,16 @@
+module JWT
+  module Algos
+    module Unsupported
+      module_function
+
+      SUPPORTED = Object.new.tap { |object| object.define_singleton_method(:include?) { |*| true } }
+      def verify(*)
+        raise JWT::VerificationError, 'Algorithm not supported'
+      end
+
+      def sign(*)
+        raise NotImplementedError, 'Unsupported signing method'
+      end
+    end
+  end
+end

data/lib/jwt/base64.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+require 'base64'
+
+module JWT
+  # Base64 helpers
+  class Base64
+    class << self
+      def url_encode(str)
+        ::Base64.encode64(str).tr('+/', '-_').gsub(/[\n=]/, '')
+      end
+
+      def url_decode(str)
+        str += '=' * (4 - str.length.modulo(4))
+        ::Base64.decode64(str.tr('-_', '+/'))
+      end
+    end
+  end
+end

data/lib/jwt/claims_validator.rb

@@ -0,0 +1,33 @@
+require_relative './error'
+
+module JWT
+  class ClaimsValidator
+    INTEGER_CLAIMS = %i[
+      exp
+      iat
+      nbf
+    ].freeze
+
+    def initialize(payload)
+      @payload = payload.each_with_object({}) { |(k, v), h| h[k.to_sym] = v }
+    end
+
+    def validate!
+      validate_int_claims
+
+      true
+    end
+
+    private
+
+    def validate_int_claims
+      INTEGER_CLAIMS.each do |claim|
+        validate_is_int(claim) if @payload.key?(claim)
+      end
+    end
+
+    def validate_is_int(claim)
+      raise InvalidPayload, "#{claim} claim must be an Integer but it is a #{@payload[claim].class}" unless @payload[claim].is_a?(Integer)
+    end
+  end
+end

data/lib/jwt/decode.rb

@@ -2,47 +2,105 @@
 
 require 'json'
 
+require 'jwt/signature'
+require 'jwt/verify'
 # JWT::Decode module
 module JWT
   # Decoding logic for JWT
   class Decode
-    attr_reader :header, :payload, :signature
-
-    def self.base64url_decode(str)
-      str += '=' * (4 - str.length.modulo(4))
-      Base64.decode64(str.tr('-_', '+/'))
-    end
-
-    def initialize(jwt, verify)
+    def initialize(jwt, key, verify, options, &keyfinder)
+      raise(JWT::DecodeError, 'Nil JSON web token') unless jwt
       @jwt = jwt
+      @key = key
+      @options = options
+      @segments = jwt.split('.')
       @verify = verify
-      @header = ''
-      @payload = ''
       @signature = ''
+      @keyfinder = keyfinder
     end
 
     def decode_segments
-      header_segment, payload_segment, crypto_segment = raw_segments
-      @header, @payload = decode_header_and_payload(header_segment, payload_segment)
-      @signature = Decode.base64url_decode(crypto_segment.to_s) if @verify
-      signing_input = [header_segment, payload_segment].join('.')
-      [@header, @payload, @signature, signing_input]
+      validate_segment_count!
+      if @verify
+        decode_crypto
+        verify_signature
+        verify_claims
+      end
+      raise(JWT::DecodeError, 'Not enough or too many segments') unless header && payload
+      [payload, header]
     end
 
     private
 
-    def raw_segments
-      segments = @jwt.split('.')
-      required_num_segments = @verify ? [3] : [2, 3]
-      raise(JWT::DecodeError, 'Not enough or too many segments') unless required_num_segments.include? segments.length
-      segments
+    def verify_signature
+      raise(JWT::IncorrectAlgorithm, 'An algorithm must be specified') if allowed_algorithms.empty?
+      raise(JWT::IncorrectAlgorithm, 'Expected a different algorithm') unless options_includes_algo_in_header?
+
+      @key = find_key(&@keyfinder) if @keyfinder
+      @key = ::JWT::JWK::KeyFinder.new(jwks: @options[:jwks]).key_for(header['kid']) if @options[:jwks]
+
+      Signature.verify(header['alg'], @key, signing_input, @signature)
+    end
+
+    def options_includes_algo_in_header?
+      allowed_algorithms.include? header['alg']
+    end
+
+    def allowed_algorithms
+      # Order is very important - first check for string keys, next for symbols
+      if @options.key?('algorithm')
+        [@options['algorithm']]
+      elsif @options.key?(:algorithm)
+        [@options[:algorithm]]
+      elsif @options.key?('algorithms')
+        @options['algorithms'] || []
+      elsif @options.key?(:algorithms)
+        @options[:algorithms] || []
+      else
+        []
+      end
+    end
+
+    def find_key(&keyfinder)
+      key = (keyfinder.arity == 2 ? yield(header, payload) : yield(header))
+      raise JWT::DecodeError, 'No verification key available' unless key
+      key
+    end
+
+    def verify_claims
+      Verify.verify_claims(payload, @options)
+    end
+
+    def validate_segment_count!
+      return if segment_length == 3
+      return if !@verify && segment_length == 2 # If no verifying required, the signature is not needed
+
+      raise(JWT::DecodeError, 'Not enough or too many segments')
+    end
+
+    def segment_length
+      @segments.count
+    end
+
+    def decode_crypto
+      @signature = JWT::Base64.url_decode(@segments[2])
+    end
+
+    def header
+      @header ||= parse_and_decode @segments[0]
+    end
+
+    def payload
+      @payload ||= parse_and_decode @segments[1]
+    end
+
+    def signing_input
+      @segments.first(2).join('.')
     end
 
-    def decode_header_and_payload(header_segment, payload_segment)
-      header = JSON.parse(Decode.base64url_decode(header_segment))
-      payload = JSON.parse(Decode.base64url_decode(payload_segment))
-      [header, payload]
-    rescue JSON::ParserError
+    def parse_and_decode(segment)
+      JWT::JSON.parse(JWT::Base64.url_decode(segment))
+    rescue ::JSON::ParserError
       raise JWT::DecodeError, 'Invalid segment encoding'
     end
   end

data/lib/jwt/default_options.rb

@@ -8,7 +8,8 @@ module JWT
       verify_jti: false,
       verify_aud: false,
       verify_sub: false,
-      leeway: 0
+      leeway: 0,
+      algorithms: ['HS256']
     }.freeze
   end
 end

data/lib/jwt/encode.rb

@@ -1,51 +1,68 @@
 # frozen_string_literal: true
 
-require 'json'
+require_relative './claims_validator'
 
 # JWT::Encode module
 module JWT
   # Encoding logic for JWT
   class Encode
-    attr_reader :payload, :key, :algorithm, :header_fields, :segments
+    ALG_NONE = 'none'.freeze
+    ALG_KEY  = 'alg'.freeze
 
-    def self.base64url_encode(str)
-      Base64.encode64(str).tr('+/', '-_').gsub(/[\n=]/, '')
+    def initialize(options)
+      @payload   = options[:payload]
+      @key       = options[:key]
+      @algorithm = options[:algorithm]
+      @headers   = options[:headers].each_with_object({}) { |(key, value), headers| headers[key.to_s] = value }
     end
 
-    def initialize(payload, key, algorithm, header_fields)
-      @payload = payload
-      @key = key
-      @algorithm = algorithm
-      @header_fields = header_fields
-      @segments = encode_segments
+    def segments
+      @segments ||= combine(encoded_header_and_payload, encoded_signature)
     end
 
     private
 
     def encoded_header
-      header = { 'alg' => @algorithm }.merge(@header_fields)
-      Encode.base64url_encode(JSON.generate(header))
+      @encoded_header ||= encode_header
     end
 
     def encoded_payload
-      raise InvalidPayload, 'exp claim must be an integer' if @payload && !@payload.is_a?(Array) && @payload.key?('exp') && !@payload['exp'].is_a?(Integer)
-      Encode.base64url_encode(JSON.generate(@payload))
+      @encoded_payload ||= encode_payload
     end
 
-    def encoded_signature(signing_input)
-      if @algorithm == 'none'
-        ''
-      else
-        signature = JWT::Signature.sign(@algorithm, signing_input, @key)
-        Encode.base64url_encode(signature)
+    def encoded_signature
+      @encoded_signature ||= encode_signature
+    end
+
+    def encoded_header_and_payload
+      @encoded_header_and_payload ||= combine(encoded_header, encoded_payload)
+    end
+
+    def encode_header
+      @headers[ALG_KEY] = @algorithm
+      encode(@headers)
+    end
+
+    def encode_payload
+      if @payload && @payload.is_a?(Hash)
+        ClaimsValidator.new(@payload).validate!
       end
+
+      encode(@payload)
+    end
+
+    def encode_signature
+      return '' if @algorithm == ALG_NONE
+
+      JWT::Base64.url_encode(JWT::Signature.sign(@algorithm, encoded_header_and_payload, @key))
+    end
+
+    def encode(data)
+      JWT::Base64.url_encode(JWT::JSON.generate(data))
     end
 
-    def encode_segments
-      header = encoded_header
-      payload = encoded_payload
-      signature = encoded_signature([header, payload].join('.'))
-      [header, payload, signature].join('.')
+    def combine(*parts)
+      parts.join('.')
     end
   end
 end