jwt 2.10.2 → 3.0.0.beta1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,109 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- module JWT
4
- module JWK
5
- # JSON Web Key (JWK) representation for Ed25519 keys
6
- class OKPRbNaCl < KeyBase
7
- KTY = 'OKP'
8
- KTYS = [KTY, JWT::JWK::OKPRbNaCl, RbNaCl::Signatures::Ed25519::SigningKey, RbNaCl::Signatures::Ed25519::VerifyKey].freeze
9
- OKP_PUBLIC_KEY_ELEMENTS = %i[kty n x].freeze
10
- OKP_PRIVATE_KEY_ELEMENTS = %i[d].freeze
11
-
12
- def initialize(key, params = nil, options = {})
13
- params ||= {}
14
- Deprecations.warning('Using the OKP JWK for Ed25519 keys is deprecated and will be removed in a future version of ruby-jwt. Please use the ruby-eddsa gem instead.')
15
- # For backwards compatibility when kid was a String
16
- params = { kid: params } if params.is_a?(String)
17
-
18
- key_params = extract_key_params(key)
19
-
20
- params = params.transform_keys(&:to_sym)
21
- check_jwk_params!(key_params, params)
22
- super(options, key_params.merge(params))
23
- end
24
-
25
- def verify_key
26
- return @verify_key if defined?(@verify_key)
27
-
28
- @verify_key = verify_key_from_parameters
29
- end
30
-
31
- def signing_key
32
- return @signing_key if defined?(@signing_key)
33
-
34
- @signing_key = signing_key_from_parameters
35
- end
36
-
37
- def key_digest
38
- Thumbprint.new(self).to_s
39
- end
40
-
41
- def private?
42
- !signing_key.nil?
43
- end
44
-
45
- def members
46
- OKP_PUBLIC_KEY_ELEMENTS.each_with_object({}) { |i, h| h[i] = self[i] }
47
- end
48
-
49
- def export(options = {})
50
- exported = parameters.clone
51
- exported.reject! { |k, _| OKP_PRIVATE_KEY_ELEMENTS.include?(k) } unless private? && options[:include_private] == true
52
- exported
53
- end
54
-
55
- private
56
-
57
- def extract_key_params(key)
58
- case key
59
- when JWT::JWK::KeyBase
60
- key.export(include_private: true)
61
- when RbNaCl::Signatures::Ed25519::SigningKey
62
- @signing_key = key
63
- @verify_key = key.verify_key
64
- parse_okp_key_params(@verify_key, @signing_key)
65
- when RbNaCl::Signatures::Ed25519::VerifyKey
66
- @signing_key = nil
67
- @verify_key = key
68
- parse_okp_key_params(@verify_key)
69
- when Hash
70
- key.transform_keys(&:to_sym)
71
- else
72
- raise ArgumentError, 'key must be of type RbNaCl::Signatures::Ed25519::SigningKey, RbNaCl::Signatures::Ed25519::VerifyKey or Hash with key parameters'
73
- end
74
- end
75
-
76
- def check_jwk_params!(key_params, _given_params)
77
- raise JWT::JWKError, "Incorrect 'kty' value: #{key_params[:kty]}, expected #{KTY}" unless key_params[:kty] == KTY
78
- end
79
-
80
- def parse_okp_key_params(verify_key, signing_key = nil)
81
- params = {
82
- kty: KTY,
83
- crv: 'Ed25519',
84
- x: ::JWT::Base64.url_encode(verify_key.to_bytes)
85
- }
86
-
87
- params[:d] = ::JWT::Base64.url_encode(signing_key.to_bytes) if signing_key
88
-
89
- params
90
- end
91
-
92
- def verify_key_from_parameters
93
- RbNaCl::Signatures::Ed25519::VerifyKey.new(::JWT::Base64.url_decode(self[:x]))
94
- end
95
-
96
- def signing_key_from_parameters
97
- return nil unless self[:d]
98
-
99
- RbNaCl::Signatures::Ed25519::SigningKey.new(::JWT::Base64.url_decode(self[:d]))
100
- end
101
-
102
- class << self
103
- def import(jwk_data)
104
- new(jwk_data)
105
- end
106
- end
107
- end
108
- end
109
- end
data/lib/jwt/verify.rb DELETED
@@ -1,40 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require_relative 'error'
4
-
5
- module JWT
6
- # @deprecated This class is deprecated and will be removed in the next major version of ruby-jwt.
7
- class Verify
8
- DEFAULTS = { leeway: 0 }.freeze
9
- METHODS = %w[verify_aud verify_expiration verify_iat verify_iss verify_jti verify_not_before verify_sub verify_required_claims].freeze
10
-
11
- private_constant(:DEFAULTS, :METHODS)
12
- class << self
13
- METHODS.each do |method_name|
14
- define_method(method_name) do |payload, options|
15
- new(payload, options).send(method_name)
16
- end
17
- end
18
-
19
- # @deprecated This method is deprecated and will be removed in the next major version of ruby-jwt.
20
- def verify_claims(payload, options)
21
- Deprecations.warning('The ::JWT::Verify.verify_claims method is deprecated and will be removed in the next major version of ruby-jwt')
22
- ::JWT::Claims.verify!(payload, options)
23
- true
24
- end
25
- end
26
-
27
- # @deprecated This class is deprecated and will be removed in the next major version of ruby-jwt.
28
- def initialize(payload, options)
29
- Deprecations.warning('The ::JWT::Verify class is deprecated and will be removed in the next major version of ruby-jwt')
30
- @payload = payload
31
- @options = DEFAULTS.merge(options)
32
- end
33
-
34
- METHODS.each do |method_name|
35
- define_method(method_name) do
36
- ::JWT::Claims.verify!(@payload, @options.merge(method_name => true))
37
- end
38
- end
39
- end
40
- end