jwt 2.1.0 → 2.2.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (66) hide show
  1. checksums.yaml +5 -5
  2. data/.github/workflows/test.yml +74 -0
  3. data/.gitignore +1 -1
  4. data/.rspec +1 -0
  5. data/.rubocop.yml +15 -16
  6. data/.rubocop_todo.yml +191 -0
  7. data/{.ebert.yml → .sourcelevel.yml} +1 -1
  8. data/AUTHORS +101 -0
  9. data/Appraisals +10 -0
  10. data/CHANGELOG.md +247 -19
  11. data/Gemfile +2 -0
  12. data/README.md +154 -89
  13. data/Rakefile +4 -1
  14. data/lib/jwt.rb +9 -42
  15. data/lib/jwt/algos.rb +44 -0
  16. data/lib/jwt/algos/ecdsa.rb +1 -1
  17. data/lib/jwt/algos/hmac.rb +1 -0
  18. data/lib/jwt/algos/none.rb +15 -0
  19. data/lib/jwt/algos/ps.rb +43 -0
  20. data/lib/jwt/algos/unsupported.rb +5 -4
  21. data/lib/jwt/base64.rb +19 -0
  22. data/lib/jwt/claims_validator.rb +35 -0
  23. data/lib/jwt/decode.rb +85 -25
  24. data/lib/jwt/encode.rb +43 -25
  25. data/lib/jwt/error.rb +4 -0
  26. data/lib/jwt/json.rb +18 -0
  27. data/lib/jwt/jwk.rb +51 -0
  28. data/lib/jwt/jwk/ec.rb +150 -0
  29. data/lib/jwt/jwk/hmac.rb +58 -0
  30. data/lib/jwt/jwk/key_base.rb +18 -0
  31. data/lib/jwt/jwk/key_finder.rb +62 -0
  32. data/lib/jwt/jwk/rsa.rb +115 -0
  33. data/lib/jwt/security_utils.rb +6 -0
  34. data/lib/jwt/signature.rb +9 -20
  35. data/lib/jwt/verify.rb +1 -5
  36. data/lib/jwt/version.rb +2 -2
  37. data/ruby-jwt.gemspec +4 -7
  38. metadata +30 -109
  39. data/.codeclimate.yml +0 -20
  40. data/.reek.yml +0 -40
  41. data/.travis.yml +0 -14
  42. data/Manifest +0 -8
  43. data/spec/fixtures/certs/ec256-private.pem +0 -8
  44. data/spec/fixtures/certs/ec256-public.pem +0 -4
  45. data/spec/fixtures/certs/ec256-wrong-private.pem +0 -8
  46. data/spec/fixtures/certs/ec256-wrong-public.pem +0 -4
  47. data/spec/fixtures/certs/ec384-private.pem +0 -9
  48. data/spec/fixtures/certs/ec384-public.pem +0 -5
  49. data/spec/fixtures/certs/ec384-wrong-private.pem +0 -9
  50. data/spec/fixtures/certs/ec384-wrong-public.pem +0 -5
  51. data/spec/fixtures/certs/ec512-private.pem +0 -10
  52. data/spec/fixtures/certs/ec512-public.pem +0 -6
  53. data/spec/fixtures/certs/ec512-wrong-private.pem +0 -10
  54. data/spec/fixtures/certs/ec512-wrong-public.pem +0 -6
  55. data/spec/fixtures/certs/rsa-1024-private.pem +0 -15
  56. data/spec/fixtures/certs/rsa-1024-public.pem +0 -6
  57. data/spec/fixtures/certs/rsa-2048-private.pem +0 -27
  58. data/spec/fixtures/certs/rsa-2048-public.pem +0 -9
  59. data/spec/fixtures/certs/rsa-2048-wrong-private.pem +0 -27
  60. data/spec/fixtures/certs/rsa-2048-wrong-public.pem +0 -9
  61. data/spec/fixtures/certs/rsa-4096-private.pem +0 -51
  62. data/spec/fixtures/certs/rsa-4096-public.pem +0 -14
  63. data/spec/integration/readme_examples_spec.rb +0 -202
  64. data/spec/jwt/verify_spec.rb +0 -232
  65. data/spec/jwt_spec.rb +0 -315
  66. data/spec/spec_helper.rb +0 -28
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 0fca109273d0c036454af123d30bb3eb75f0de39
4
- data.tar.gz: 8848296d35465d3411f71d882da73ef05663f6a6
2
+ SHA256:
3
+ metadata.gz: 52634c4d49dde601c2061590da9c75e1202c6f457d7e72f86081b9ff1ab4bd66
4
+ data.tar.gz: 9b6ce357479e71e5c04b390d2fcb03ae7bdde4f1fd028de2c59a988aca3aba9b
5
5
  SHA512:
6
- metadata.gz: 213d4ea31197a90be8b8cd08ea92dee4659f47b884bc3571440697db979cf98b04e3d1cf487bc94a7a8a8f3f29ee34ebf48d7cc5bd9cfa9f2ca65a092bb2c3d3
7
- data.tar.gz: 530335d90320cdc5501cc1f67984502f79a390641b904567971ad4858a285128cc4702dbf54d505324bcb1ea3ecdf5675057c942e9709ecf0f17b4099229c04d
6
+ metadata.gz: dd81e85c470265ae1f91bd263e52e1d4dc5448274fdfc3233f074fec75a9e4752699653244814bc6d4e7d1d0d15bd65daee70012d542165185486903fa52be76
7
+ data.tar.gz: 116dc782f864cfbfe742b85fc7a9a487df580540f50efe120841bc5576093f6f18f684e65dc3a0f107c45c11145ae8cb37ba77e3bd8fd2a1f70e44c331043382
@@ -0,0 +1,74 @@
1
+ ---
2
+ name: test
3
+ on:
4
+ push:
5
+ branches:
6
+ - "*"
7
+ pull_request:
8
+ branches:
9
+ - "*"
10
+ jobs:
11
+ lint:
12
+ name: RuboCop
13
+ timeout-minutes: 30
14
+ runs-on: ubuntu-latest
15
+ steps:
16
+ - uses: actions/checkout@v2
17
+ - name: Set up Ruby
18
+ uses: ruby/setup-ruby@v1
19
+ with:
20
+ ruby-version: "2.4"
21
+ bundler-cache: true
22
+ - name: Run RuboCop
23
+ run: bundle exec rubocop
24
+ test:
25
+ strategy:
26
+ fail-fast: false
27
+ matrix:
28
+ ruby:
29
+ - 2.3
30
+ - 2.4
31
+ - 2.5
32
+ - 2.6
33
+ - 2.7
34
+ - 3.0
35
+ gemfile:
36
+ - gemfiles/standalone.gemfile
37
+ - gemfiles/openssl.gemfile
38
+ - gemfiles/rbnacl.gemfile
39
+ experimental: [false]
40
+ include:
41
+ - ruby: 2.1
42
+ gemfile: 'gemfiles/rbnacl.gemfile'
43
+ experimental: false
44
+ - ruby: 2.2
45
+ gemfile: 'gemfiles/rbnacl.gemfile'
46
+ experimental: false
47
+ - ruby: 2.7
48
+ coverage: "true"
49
+ gemfile: 'gemfiles/rbnacl.gemfile'
50
+ - ruby: "ruby-head"
51
+ experimental: true
52
+ - ruby: "truffleruby-head"
53
+ experimental: true
54
+ runs-on: ubuntu-20.04
55
+ continue-on-error: ${{ matrix.experimental }}
56
+ env:
57
+ BUNDLE_GEMFILE: ${{ matrix.gemfile }}
58
+
59
+ steps:
60
+ - uses: actions/checkout@v2
61
+
62
+ - name: Install libsodium
63
+ run: |
64
+ sudo apt-get update -q
65
+ sudo apt-get install libsodium-dev -y
66
+
67
+ - name: Set up Ruby
68
+ uses: ruby/setup-ruby@v1
69
+ with:
70
+ ruby-version: ${{ matrix.ruby }}
71
+ bundler-cache: true
72
+
73
+ - name: Run tests
74
+ run: bundle exec rspec
data/.gitignore CHANGED
@@ -8,4 +8,4 @@ coverage/
8
8
  .ruby-version
9
9
  .vscode/
10
10
  .bundle
11
- bin/
11
+ *gemfile.lock
data/.rspec CHANGED
@@ -1 +1,2 @@
1
+ --require spec_helper
1
2
  --color
data/.rubocop.yml CHANGED
@@ -1,23 +1,18 @@
1
- AllCops:
2
- Exclude:
3
- - 'bin/**/*'
4
- - 'db/**/*'
5
- - 'config/**/*'
6
- - 'script/**/*'
1
+ inherit_from: .rubocop_todo.yml
7
2
 
8
- Rails:
9
- Enabled: true
3
+ AllCops:
4
+ TargetRubyVersion: 2.1
10
5
 
11
- Style/AlignParameters:
6
+ Layout/AlignParameters:
12
7
  EnforcedStyle: with_fixed_indentation
13
8
 
14
- Style/CaseIndentation:
9
+ Layout/CaseIndentation:
15
10
  EnforcedStyle: end
16
11
 
17
12
  Style/AsciiComments:
18
13
  Enabled: false
19
14
 
20
- Style/IndentHash:
15
+ Layout/IndentHash:
21
16
  Enabled: false
22
17
 
23
18
  Style/CollectionMethods:
@@ -42,7 +37,7 @@ Style/GuardClause:
42
37
  Style/IfUnlessModifier:
43
38
  Enabled: false
44
39
 
45
- Style/SpaceInsideHashLiteralBraces:
40
+ Layout/SpaceInsideHashLiteralBraces:
46
41
  Enabled: false
47
42
 
48
43
  Style/Lambda:
@@ -58,7 +53,7 @@ Metrics/AbcSize:
58
53
  Max: 20
59
54
 
60
55
  Metrics/ClassLength:
61
- Max: 100
56
+ Max: 101
62
57
 
63
58
  Metrics/ModuleLength:
64
59
  Max: 100
@@ -66,6 +61,10 @@ Metrics/ModuleLength:
66
61
  Metrics/LineLength:
67
62
  Enabled: false
68
63
 
64
+ Metrics/BlockLength:
65
+ Exclude:
66
+ - spec/**/*_spec.rb
67
+
69
68
  Metrics/MethodLength:
70
69
  Max: 15
71
70
 
@@ -78,10 +77,10 @@ Lint/EndAlignment:
78
77
  Style/FormatString:
79
78
  Enabled: false
80
79
 
81
- Style/MultilineMethodCallIndentation:
80
+ Layout/MultilineMethodCallIndentation:
82
81
  EnforcedStyle: indented
83
82
 
84
- Style/MultilineOperationIndentation:
83
+ Layout/MultilineOperationIndentation:
85
84
  EnforcedStyle: indented
86
85
 
87
86
  Style/WordArray:
@@ -90,7 +89,7 @@ Style/WordArray:
90
89
  Style/RedundantSelf:
91
90
  Enabled: false
92
91
 
93
- Style/AlignHash:
92
+ Layout/AlignHash:
94
93
  Enabled: true
95
94
  EnforcedLastArgumentHashStyle: always_ignore
96
95
 
data/.rubocop_todo.yml ADDED
@@ -0,0 +1,191 @@
1
+ # This configuration was generated by
2
+ # `rubocop --auto-gen-config`
3
+ # on 2020-12-21 23:11:43 +0200 using RuboCop version 0.52.1.
4
+ # The point is for the user to remove these configuration records
5
+ # one by one as the offenses are removed from the code base.
6
+ # Note that changes in the inspected code, or installation of new
7
+ # versions of RuboCop, may require this file to be generated again.
8
+
9
+ # Offense count: 2
10
+ # Cop supports --auto-correct.
11
+ # Configuration parameters: Include, TreatCommentsAsGroupSeparators.
12
+ # Include: **/*.gemspec
13
+ Gemspec/OrderedDependencies:
14
+ Exclude:
15
+ - 'ruby-jwt.gemspec'
16
+
17
+ # Offense count: 1
18
+ # Cop supports --auto-correct.
19
+ Layout/EmptyLines:
20
+ Exclude:
21
+ - 'spec/integration/readme_examples_spec.rb'
22
+
23
+ # Offense count: 1
24
+ # Cop supports --auto-correct.
25
+ # Configuration parameters: EnforcedStyle.
26
+ # SupportedStyles: empty_lines, no_empty_lines
27
+ Layout/EmptyLinesAroundBlockBody:
28
+ Exclude:
29
+ - 'spec/jwt_spec.rb'
30
+
31
+ # Offense count: 1
32
+ # Cop supports --auto-correct.
33
+ # Configuration parameters: AllowForAlignment, ForceEqualSignAlignment.
34
+ Layout/ExtraSpacing:
35
+ Exclude:
36
+ - 'spec/jwk_spec.rb'
37
+
38
+ # Offense count: 2
39
+ # Cop supports --auto-correct.
40
+ # Configuration parameters: EnforcedStyle.
41
+ # SupportedStyles: normal, rails
42
+ Layout/IndentationConsistency:
43
+ Exclude:
44
+ - 'spec/jwt_spec.rb'
45
+
46
+ # Offense count: 1
47
+ # Cop supports --auto-correct.
48
+ # Configuration parameters: Width, IgnoredPatterns.
49
+ Layout/IndentationWidth:
50
+ Exclude:
51
+ - 'spec/jwt_spec.rb'
52
+
53
+ # Offense count: 3
54
+ # Cop supports --auto-correct.
55
+ Layout/SpaceAfterComma:
56
+ Exclude:
57
+ - 'spec/jwt_spec.rb'
58
+
59
+ # Offense count: 2
60
+ # Cop supports --auto-correct.
61
+ # Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces.
62
+ # SupportedStyles: space, no_space
63
+ # SupportedStylesForEmptyBraces: space, no_space
64
+ Layout/SpaceBeforeBlockBraces:
65
+ Exclude:
66
+ - 'spec/jwk/ec_spec.rb'
67
+ - 'spec/jwt/verify_spec.rb'
68
+
69
+ # Offense count: 1
70
+ # Cop supports --auto-correct.
71
+ # Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters.
72
+ # SupportedStyles: space, no_space
73
+ # SupportedStylesForEmptyBraces: space, no_space
74
+ Layout/SpaceInsideBlockBraces:
75
+ Exclude:
76
+ - 'spec/jwt/verify_spec.rb'
77
+
78
+ # Offense count: 1
79
+ # Cop supports --auto-correct.
80
+ # Configuration parameters: EnforcedStyle.
81
+ # SupportedStyles: final_newline, final_blank_line
82
+ Layout/TrailingBlankLines:
83
+ Exclude:
84
+ - 'bin/console.rb'
85
+
86
+ # Offense count: 3
87
+ # Cop supports --auto-correct.
88
+ # Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
89
+ Lint/UnusedBlockArgument:
90
+ Exclude:
91
+ - 'spec/jwk/decode_with_jwk_spec.rb'
92
+ - 'spec/jwk/ec_spec.rb'
93
+ - 'spec/jwt/verify_spec.rb'
94
+
95
+ # Offense count: 2
96
+ Metrics/CyclomaticComplexity:
97
+ Max: 7
98
+
99
+ # Offense count: 1
100
+ Metrics/PerceivedComplexity:
101
+ Max: 8
102
+
103
+ # Offense count: 1
104
+ # Cop supports --auto-correct.
105
+ # Configuration parameters: MaxKeyValuePairs.
106
+ Performance/RedundantMerge:
107
+ Exclude:
108
+ - 'spec/jwt_spec.rb'
109
+
110
+ # Offense count: 1
111
+ # Cop supports --auto-correct.
112
+ Style/Encoding:
113
+ Exclude:
114
+ - 'lib/jwt/version.rb'
115
+
116
+ # Offense count: 1
117
+ # Cop supports --auto-correct.
118
+ # Configuration parameters: InverseMethods, InverseBlocks.
119
+ Style/InverseMethods:
120
+ Exclude:
121
+ - 'spec/jwk/ec_spec.rb'
122
+
123
+ # Offense count: 2
124
+ # Cop supports --auto-correct.
125
+ Style/MethodCallWithoutArgsParentheses:
126
+ Exclude:
127
+ - 'spec/jwt_spec.rb'
128
+
129
+ # Offense count: 2
130
+ # Configuration parameters: EnforcedStyle.
131
+ # SupportedStyles: module_function, extend_self
132
+ Style/ModuleFunction:
133
+ Exclude:
134
+ - 'lib/jwt/algos.rb'
135
+ - 'lib/jwt/signature.rb'
136
+
137
+ # Offense count: 1
138
+ # Cop supports --auto-correct.
139
+ Style/MultilineIfModifier:
140
+ Exclude:
141
+ - 'spec/integration/readme_examples_spec.rb'
142
+
143
+ # Offense count: 1
144
+ # Cop supports --auto-correct.
145
+ Style/MutableConstant:
146
+ Exclude:
147
+ - 'lib/jwt/version.rb'
148
+
149
+ # Offense count: 1
150
+ # Cop supports --auto-correct.
151
+ # Configuration parameters: Strict.
152
+ Style/NumericLiterals:
153
+ MinDigits: 6
154
+
155
+ # Offense count: 1
156
+ # Cop supports --auto-correct.
157
+ Style/ParallelAssignment:
158
+ Exclude:
159
+ - 'spec/integration/readme_examples_spec.rb'
160
+
161
+ # Offense count: 11
162
+ # Cop supports --auto-correct.
163
+ # Configuration parameters: EnforcedStyle, ConsistentQuotesInMultiline.
164
+ # SupportedStyles: single_quotes, double_quotes
165
+ Style/StringLiterals:
166
+ Exclude:
167
+ - 'bin/console.rb'
168
+ - 'spec/jwk/ec_spec.rb'
169
+ - 'spec/jwk/rsa_spec.rb'
170
+ - 'spec/jwk_spec.rb'
171
+ - 'spec/jwt_spec.rb'
172
+
173
+ # Offense count: 1
174
+ # Cop supports --auto-correct.
175
+ # Configuration parameters: EnforcedStyleForMultiline.
176
+ # SupportedStylesForMultiline: comma, consistent_comma, no_comma
177
+ Style/TrailingCommaInArguments:
178
+ Exclude:
179
+ - 'spec/jwt_spec.rb'
180
+
181
+ # Offense count: 1
182
+ # Cop supports --auto-correct.
183
+ Style/UnlessElse:
184
+ Exclude:
185
+ - 'spec/jwt_spec.rb'
186
+
187
+ # Offense count: 162
188
+ # Configuration parameters: AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
189
+ # URISchemes: http, https
190
+ Metrics/LineLength:
191
+ Max: 420
@@ -6,7 +6,7 @@ engines:
6
6
  enabled: true
7
7
  rubocop:
8
8
  enabled: true
9
- channel: rubocop-0-49
9
+ channel: rubocop-0-52
10
10
  duplication:
11
11
  config:
12
12
  languages:
data/AUTHORS ADDED
@@ -0,0 +1,101 @@
1
+ Tim Rudat
2
+ Jeff Lindsay
3
+ Joakim Antman
4
+ A.B
5
+ shields
6
+ Bob Aman
7
+ Emilio Cristalli
8
+ Egon Zemmer
9
+ Zane Shannon
10
+ Nikita Shatov
11
+ Oliver
12
+ Paul Battley
13
+ blackanger
14
+ Adam Michael
15
+ Ville Lautanala
16
+ Tyler Pickett
17
+ James Stonehill
18
+ Peter M. Goldstein
19
+ Martin Emde
20
+ Richard Larocque
21
+ Korstiaan de Ridder
22
+ Klaas Jan Wierenga
23
+ Antonis Berkakis
24
+ Steve Sloan
25
+ Yason Khaburzaniya
26
+ Bill Mill
27
+ jb08
28
+ lukas
29
+ Rodrigo López Dato
30
+ ojab
31
+ sawyerzhang
32
+ Kevin Olbrich
33
+ smudge
34
+ wohlgejm
35
+ Tom Wey
36
+ yann ARMAND
37
+ Brian Flethcer
38
+ Erik Michaels-Ober
39
+ Steven Davidovitz
40
+ Jurriaan Pruis
41
+ Larry Lv
42
+ Mingan
43
+ Mitch Birti
44
+ Nicolas Leger
45
+ Rob Wygand
46
+ Ryan Brushett
47
+ Ryan McIlmoyl
48
+ Ryan Metzler
49
+ Steve Teti
50
+ T.J. Schuck
51
+ Taiki Sugawara
52
+ Takehiro Adachi
53
+ Tobias Haar
54
+ Toby Pinder
55
+ Tomé Duarte
56
+ Travis Hunter
57
+ Yuji Yaginuma
58
+ Zuzanna Stolińska
59
+ aarongray
60
+ danielgrippi
61
+ nycvotes-dev
62
+ revodoge
63
+ rono23
64
+ RahulBajaj
65
+ Adam Greene
66
+ Alexander Boyd
67
+ Alexandr Kostrikov
68
+ Aman Gupta
69
+ Ariel Salomon
70
+ Arnaud Mesureur
71
+ Artsiom Kuts
72
+ Austin Kabiru
73
+ B
74
+ Brandon Keepers
75
+ Dan Leyden
76
+ Dave Grijalva
77
+ Dorian Marié
78
+ Ernie Miller
79
+ Evgeni Golov
80
+ Ewoud Kohl van Wijngaarden
81
+ HoneyryderChuck
82
+ Igor Victor
83
+ Ilyaaaaaaaaaaaaa Zhitomirskiy
84
+ Jens Hausherr
85
+ Jeremiah Wuenschel
86
+ John Downey
87
+ Jordan Brough
88
+ Josh Bodah
89
+ JotaSe
90
+ Juanito Fatas
91
+ Julio Lopez
92
+ Katelyn Kasperowicz
93
+ Lowell Kirsh
94
+ Lucas Mazza
95
+ Makoto Chiba
96
+ Manuel Bustillo
97
+ Marco Adkins
98
+ Micah Gates
99
+ Michał Begejowicz
100
+ Mike Eirih
101
+ Mike Pastore