jwt 2.2.2 → 2.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/lib/jwt/signature.rb CHANGED
@@ -2,12 +2,7 @@
2
2
 
3
3
  require 'jwt/security_utils'
4
4
  require 'openssl'
5
- require 'jwt/algos/hmac'
6
- require 'jwt/algos/eddsa'
7
- require 'jwt/algos/ecdsa'
8
- require 'jwt/algos/rsa'
9
- require 'jwt/algos/ps'
10
- require 'jwt/algos/unsupported'
5
+ require 'jwt/algos'
11
6
  begin
12
7
  require 'rbnacl'
13
8
  rescue LoadError
@@ -19,31 +14,21 @@ module JWT
19
14
  # Signature logic for JWT
20
15
  module Signature
21
16
  extend self
22
- ALGOS = [
23
- Algos::Hmac,
24
- Algos::Ecdsa,
25
- Algos::Rsa,
26
- Algos::Eddsa,
27
- Algos::Ps,
28
- Algos::Unsupported
29
- ].freeze
30
17
  ToSign = Struct.new(:algorithm, :msg, :key)
31
18
  ToVerify = Struct.new(:algorithm, :public_key, :signing_input, :signature)
32
19
 
33
20
  def sign(algorithm, msg, key)
34
- algo = ALGOS.find do |alg|
35
- alg.const_get(:SUPPORTED).include? algorithm
36
- end
37
- algo.sign ToSign.new(algorithm, msg, key)
21
+ algo, code = Algos.find(algorithm)
22
+ algo.sign ToSign.new(code, msg, key)
38
23
  end
39
24
 
40
25
  def verify(algorithm, key, signing_input, signature)
26
+ return true if algorithm.casecmp('none').zero?
27
+
41
28
  raise JWT::DecodeError, 'No verification key available' unless key
42
29
 
43
- algo = ALGOS.find do |alg|
44
- alg.const_get(:SUPPORTED).include? algorithm
45
- end
46
- verified = algo.verify(ToVerify.new(algorithm, key, signing_input, signature))
30
+ algo, code = Algos.find(algorithm)
31
+ verified = algo.verify(ToVerify.new(code, key, signing_input, signature))
47
32
  raise(JWT::VerificationError, 'Signature verification raised') unless verified
48
33
  rescue OpenSSL::PKey::PKeyError
49
34
  raise JWT::VerificationError, 'Signature verification raised'
data/lib/jwt/version.rb CHANGED
@@ -14,7 +14,7 @@ module JWT
14
14
  # minor version
15
15
  MINOR = 2
16
16
  # tiny version
17
- TINY = 2
17
+ TINY = 3
18
18
  # alpha, beta, etc. tag
19
19
  PRE = nil
20
20
 
data/ruby-jwt.gemspec CHANGED
@@ -24,11 +24,5 @@ Gem::Specification.new do |spec|
24
24
  spec.add_development_dependency 'bundler'
25
25
  spec.add_development_dependency 'rake'
26
26
  spec.add_development_dependency 'rspec'
27
- spec.add_development_dependency 'simplecov', '< 0.18'
28
- spec.add_development_dependency 'simplecov-json'
29
- spec.add_development_dependency 'codeclimate-test-reporter'
30
- spec.add_development_dependency 'codacy-coverage'
31
- spec.add_development_dependency 'rbnacl'
32
- # RSASSA-PSS support provided by OpenSSL +2.1
33
- spec.add_development_dependency 'openssl', '~> 2.1'
27
+ spec.add_development_dependency 'simplecov'
34
28
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jwt
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.2
4
+ version: 2.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Rudat
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-18 00:00:00.000000000 Z
11
+ date: 2021-04-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: appraisal
@@ -68,20 +68,6 @@ dependencies:
68
68
  version: '0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: simplecov
71
- requirement: !ruby/object:Gem::Requirement
72
- requirements:
73
- - - "<"
74
- - !ruby/object:Gem::Version
75
- version: '0.18'
76
- type: :development
77
- prerelease: false
78
- version_requirements: !ruby/object:Gem::Requirement
79
- requirements:
80
- - - "<"
81
- - !ruby/object:Gem::Version
82
- version: '0.18'
83
- - !ruby/object:Gem::Dependency
84
- name: simplecov-json
85
71
  requirement: !ruby/object:Gem::Requirement
86
72
  requirements:
87
73
  - - ">="
@@ -94,62 +80,6 @@ dependencies:
94
80
  - - ">="
95
81
  - !ruby/object:Gem::Version
96
82
  version: '0'
97
- - !ruby/object:Gem::Dependency
98
- name: codeclimate-test-reporter
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - ">="
102
- - !ruby/object:Gem::Version
103
- version: '0'
104
- type: :development
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - ">="
109
- - !ruby/object:Gem::Version
110
- version: '0'
111
- - !ruby/object:Gem::Dependency
112
- name: codacy-coverage
113
- requirement: !ruby/object:Gem::Requirement
114
- requirements:
115
- - - ">="
116
- - !ruby/object:Gem::Version
117
- version: '0'
118
- type: :development
119
- prerelease: false
120
- version_requirements: !ruby/object:Gem::Requirement
121
- requirements:
122
- - - ">="
123
- - !ruby/object:Gem::Version
124
- version: '0'
125
- - !ruby/object:Gem::Dependency
126
- name: rbnacl
127
- requirement: !ruby/object:Gem::Requirement
128
- requirements:
129
- - - ">="
130
- - !ruby/object:Gem::Version
131
- version: '0'
132
- type: :development
133
- prerelease: false
134
- version_requirements: !ruby/object:Gem::Requirement
135
- requirements:
136
- - - ">="
137
- - !ruby/object:Gem::Version
138
- version: '0'
139
- - !ruby/object:Gem::Dependency
140
- name: openssl
141
- requirement: !ruby/object:Gem::Requirement
142
- requirements:
143
- - - "~>"
144
- - !ruby/object:Gem::Version
145
- version: '2.1'
146
- type: :development
147
- prerelease: false
148
- version_requirements: !ruby/object:Gem::Requirement
149
- requirements:
150
- - - "~>"
151
- - !ruby/object:Gem::Version
152
- version: '2.1'
153
83
  description: A pure ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT)
154
84
  standard.
155
85
  email: timrudat@gmail.com
@@ -157,12 +87,12 @@ executables: []
157
87
  extensions: []
158
88
  extra_rdoc_files: []
159
89
  files:
160
- - ".codeclimate.yml"
161
- - ".ebert.yml"
90
+ - ".github/workflows/test.yml"
162
91
  - ".gitignore"
163
92
  - ".rspec"
164
93
  - ".rubocop.yml"
165
- - ".travis.yml"
94
+ - ".rubocop_todo.yml"
95
+ - ".sourcelevel.yml"
166
96
  - AUTHORS
167
97
  - Appraisals
168
98
  - CHANGELOG.md
@@ -171,9 +101,11 @@ files:
171
101
  - README.md
172
102
  - Rakefile
173
103
  - lib/jwt.rb
104
+ - lib/jwt/algos.rb
174
105
  - lib/jwt/algos/ecdsa.rb
175
106
  - lib/jwt/algos/eddsa.rb
176
107
  - lib/jwt/algos/hmac.rb
108
+ - lib/jwt/algos/none.rb
177
109
  - lib/jwt/algos/ps.rb
178
110
  - lib/jwt/algos/rsa.rb
179
111
  - lib/jwt/algos/unsupported.rb
@@ -185,6 +117,9 @@ files:
185
117
  - lib/jwt/error.rb
186
118
  - lib/jwt/json.rb
187
119
  - lib/jwt/jwk.rb
120
+ - lib/jwt/jwk/ec.rb
121
+ - lib/jwt/jwk/hmac.rb
122
+ - lib/jwt/jwk/key_base.rb
188
123
  - lib/jwt/jwk/key_finder.rb
189
124
  - lib/jwt/jwk/rsa.rb
190
125
  - lib/jwt/security_utils.rb
@@ -211,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
211
146
  - !ruby/object:Gem::Version
212
147
  version: '0'
213
148
  requirements: []
214
- rubygems_version: 3.1.2
149
+ rubygems_version: 3.2.16
215
150
  signing_key:
216
151
  specification_version: 4
217
152
  summary: JSON Web Token implementation in Ruby
data/.codeclimate.yml DELETED
@@ -1,20 +0,0 @@
1
- engines:
2
- rubocop:
3
- enabled: true
4
- golint:
5
- enabled: false
6
- gofmt:
7
- enabled: false
8
- eslint:
9
- enabled: false
10
- csslint:
11
- enabled: false
12
-
13
- ratings:
14
- paths:
15
- - lib/**
16
- - "**.rb"
17
-
18
- exclude_paths:
19
- - spec/**/*
20
- - vendor/**/*
data/.travis.yml DELETED
@@ -1,29 +0,0 @@
1
- sudo: required
2
- cache: bundler
3
- dist: trusty
4
- language: ruby
5
- rvm:
6
- - 2.3
7
- - 2.4
8
- - 2.5
9
- - 2.6
10
- gemfile:
11
- - gemfiles/standalone.gemfile
12
- - gemfiles/rails_5.0.gemfile
13
- - gemfiles/rails_5.1.gemfile
14
- - gemfiles/rails_5.2.gemfile
15
- - gemfiles/rails_6.0.gemfile
16
- script: "bundle exec rspec && bundle exec codeclimate-test-reporter"
17
- before_install:
18
- - sudo add-apt-repository ppa:chris-lea/libsodium -y
19
- - sudo apt-get update -q
20
- - sudo apt-get install libsodium-dev -y
21
- - gem install bundler
22
-
23
- matrix:
24
- fast_finish: true
25
- exclude:
26
- - gemfile: gemfiles/rails_6.0.gemfile
27
- rvm: 2.3
28
- - gemfile: gemfiles/rails_6.0.gemfile
29
- rvm: 2.4