jwt 2.2.2 → 2.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHORS +79 -44
- data/CHANGELOG.md +177 -5
- data/CODE_OF_CONDUCT.md +84 -0
- data/CONTRIBUTING.md +99 -0
- data/README.md +252 -49
- data/lib/jwt/algos/algo_wrapper.rb +26 -0
- data/lib/jwt/algos/ecdsa.rb +55 -14
- data/lib/jwt/algos/eddsa.rb +18 -8
- data/lib/jwt/algos/hmac.rb +56 -17
- data/lib/jwt/algos/hmac_rbnacl.rb +53 -0
- data/lib/jwt/algos/hmac_rbnacl_fixed.rb +52 -0
- data/lib/jwt/algos/none.rb +19 -0
- data/lib/jwt/algos/ps.rb +10 -12
- data/lib/jwt/algos/rsa.rb +9 -5
- data/lib/jwt/algos/unsupported.rb +7 -4
- data/lib/jwt/algos.rb +66 -0
- data/lib/jwt/claims_validator.rb +12 -8
- data/lib/jwt/configuration/container.rb +21 -0
- data/lib/jwt/configuration/decode_configuration.rb +46 -0
- data/lib/jwt/configuration/jwk_configuration.rb +27 -0
- data/lib/jwt/configuration.rb +15 -0
- data/lib/jwt/decode.rb +84 -23
- data/lib/jwt/encode.rb +30 -19
- data/lib/jwt/error.rb +2 -0
- data/lib/jwt/jwk/ec.rb +236 -0
- data/lib/jwt/jwk/hmac.rb +103 -0
- data/lib/jwt/jwk/key_base.rb +55 -0
- data/lib/jwt/jwk/key_finder.rb +19 -30
- data/lib/jwt/jwk/kid_as_key_digest.rb +15 -0
- data/lib/jwt/jwk/okp_rbnacl.rb +110 -0
- data/lib/jwt/jwk/rsa.rb +175 -26
- data/lib/jwt/jwk/set.rb +80 -0
- data/lib/jwt/jwk/thumbprint.rb +26 -0
- data/lib/jwt/jwk.rb +39 -15
- data/lib/jwt/verify.rb +18 -3
- data/lib/jwt/version.rb +23 -3
- data/lib/jwt/x5c_key_finder.rb +55 -0
- data/lib/jwt.rb +5 -4
- data/ruby-jwt.gemspec +16 -11
- metadata +27 -87
- data/.codeclimate.yml +0 -20
- data/.ebert.yml +0 -18
- data/.gitignore +0 -11
- data/.rspec +0 -1
- data/.rubocop.yml +0 -98
- data/.travis.yml +0 -29
- data/Appraisals +0 -18
- data/Gemfile +0 -3
- data/Rakefile +0 -11
- data/lib/jwt/default_options.rb +0 -15
- data/lib/jwt/security_utils.rb +0 -57
- data/lib/jwt/signature.rb +0 -54
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 11007e8ec36d148026cd5b6761681b0a71437b7b461efba4ae492622fc5ff27b
|
4
|
+
data.tar.gz: 8090bbba3dce57e42cc203ef168d3d00c624e79e076de0e949b4390b531b4d55
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a035f44be760ad325105329cbaec12e90515afdade9649e798ee5c7cefced3271d4f3084afeef693c03c961541d9e5e45b2876734d1947dccdd24cc194acbca2
|
7
|
+
data.tar.gz: 61e3d071ce44809767f3501f12b452cae574f9ea0de668ca937731838d58e2a9fa85831829ce564f6a015177a86b2a05b1b6ddf60ba34ac515ea12c69ac618fe
|
data/AUTHORS
CHANGED
@@ -1,84 +1,119 @@
|
|
1
1
|
Tim Rudat
|
2
|
+
Joakim Antman
|
2
3
|
Jeff Lindsay
|
3
4
|
A.B
|
4
|
-
|
5
|
+
shields
|
5
6
|
Bob Aman
|
7
|
+
Emilio Cristalli
|
8
|
+
Egon Zemmer
|
6
9
|
Zane Shannon
|
7
|
-
Oliver
|
8
|
-
Paul Battley
|
9
10
|
Nikita Shatov
|
11
|
+
Paul Battley
|
12
|
+
Oliver
|
10
13
|
blackanger
|
14
|
+
Ville Lautanala
|
11
15
|
Tyler Pickett
|
12
16
|
James Stonehill
|
13
17
|
Adam Michael
|
14
|
-
|
18
|
+
Martin Emde
|
19
|
+
Saverio Trioni
|
15
20
|
Peter M. Goldstein
|
16
|
-
Joakim Antman
|
17
21
|
Korstiaan de Ridder
|
22
|
+
Richard Larocque
|
23
|
+
Andrew Davis
|
24
|
+
Yason Khaburzaniya
|
18
25
|
Klaas Jan Wierenga
|
26
|
+
Nick Hammond
|
27
|
+
Bart de Water
|
19
28
|
Steve Sloan
|
29
|
+
Antonis Berkakis
|
20
30
|
Bill Mill
|
21
|
-
Erik Michaels-Ober
|
22
|
-
Brian Flethcer
|
23
|
-
Jurriaan Pruis
|
24
31
|
Kevin Olbrich
|
25
|
-
|
26
|
-
|
27
|
-
Steven Davidovitz
|
28
|
-
Tom Wey
|
32
|
+
Simon Fish
|
33
|
+
jb08
|
29
34
|
lukas
|
35
|
+
Rodrigo López Dato
|
30
36
|
ojab
|
37
|
+
Ritikesh
|
31
38
|
sawyerzhang
|
39
|
+
Larry Lv
|
40
|
+
smudge
|
32
41
|
wohlgejm
|
42
|
+
Tom Wey
|
33
43
|
yann ARMAND
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
aarongray
|
40
|
-
B
|
41
|
-
Adam Greene
|
42
|
-
Lowell Kirsh
|
43
|
-
Lucas Mazza
|
44
|
-
Makoto Chiba
|
45
|
-
Manuel Bustillo
|
46
|
-
Marco Adkins
|
47
|
-
Micah Gates
|
48
|
-
Mike Eirih
|
49
|
-
Mike Pastore
|
50
|
-
Mingan
|
51
|
-
Mitch Birti
|
44
|
+
Brian Flethcer
|
45
|
+
Jurriaan Pruis
|
46
|
+
Erik Michaels-Ober
|
47
|
+
Matthew Simpson
|
48
|
+
Steven Davidovitz
|
52
49
|
Nicolas Leger
|
53
|
-
|
54
|
-
|
55
|
-
Arnaud Mesureur
|
56
|
-
Ariel Salomon
|
50
|
+
Pierre Michard
|
51
|
+
RahulBajaj
|
57
52
|
Rob Wygand
|
58
|
-
danielgrippi
|
59
53
|
Ryan Brushett
|
60
54
|
Ryan McIlmoyl
|
61
|
-
|
55
|
+
Ryan Metzler
|
56
|
+
Severin Schoepke
|
57
|
+
Shaun Guth
|
62
58
|
Steve Teti
|
63
|
-
|
59
|
+
T.J. Schuck
|
64
60
|
Taiki Sugawara
|
65
|
-
|
66
|
-
Alexandr Kostrikov
|
61
|
+
Takehiro Adachi
|
67
62
|
Tobias Haar
|
68
63
|
Toby Pinder
|
69
|
-
rono23
|
70
64
|
Tomé Duarte
|
71
65
|
Travis Hunter
|
72
|
-
Alexander Boyd
|
73
66
|
Yuji Yaginuma
|
67
|
+
Zuzanna Stolińska
|
68
|
+
aarongray
|
69
|
+
danielgrippi
|
70
|
+
fusagiko/takayamaki
|
71
|
+
mai fujii
|
72
|
+
nycvotes-dev
|
73
|
+
revodoge
|
74
|
+
rono23
|
75
|
+
antonmorant
|
76
|
+
Adam Greene
|
77
|
+
Alexander Boyd
|
78
|
+
Alexandr Kostrikov
|
79
|
+
Aman Gupta
|
80
|
+
Ariel Salomon
|
81
|
+
Arnaud Mesureur
|
82
|
+
Artsiom Kuts
|
83
|
+
Austin Kabiru
|
84
|
+
B
|
85
|
+
Bouke van der Bijl
|
86
|
+
Brandon Keepers
|
87
|
+
Dan Leyden
|
88
|
+
Dave Grijalva
|
89
|
+
Dmitry Pashkevich
|
90
|
+
Dorian Marié
|
74
91
|
Ernie Miller
|
75
92
|
Evgeni Golov
|
76
93
|
Ewoud Kohl van Wijngaarden
|
94
|
+
HoneyryderChuck
|
95
|
+
Igor Victor
|
77
96
|
Ilyaaaaaaaaaaaaa Zhitomirskiy
|
78
|
-
Dorian Marié
|
79
|
-
Dave Grijalva
|
80
97
|
Jens Hausherr
|
81
98
|
Jeremiah Wuenschel
|
82
|
-
Brandon Keepers
|
83
99
|
John Downey
|
100
|
+
Jordan Brough
|
84
101
|
Josh Bodah
|
102
|
+
JotaSe
|
103
|
+
Juanito Fatas
|
104
|
+
Julio Lopez
|
105
|
+
Katelyn Kasperowicz
|
106
|
+
Leonardo Saraiva
|
107
|
+
Lowell Kirsh
|
108
|
+
Loïc Lengrand
|
109
|
+
Lucas Mazza
|
110
|
+
Makoto Chiba
|
111
|
+
Manuel Bustillo
|
112
|
+
Marco Adkins
|
113
|
+
Meredith Leu
|
114
|
+
Micah Gates
|
115
|
+
Michał Begejowicz
|
116
|
+
Mike Eirih
|
117
|
+
Mike Pastore
|
118
|
+
Mingan
|
119
|
+
Mitch Birti
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,176 @@
|
|
1
1
|
# Changelog
|
2
2
|
|
3
|
+
## [v2.7.1](https://github.com/jwt/ruby-jwt/tree/v2.8.0) (2023-06-09)
|
4
|
+
|
5
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.7.0...v2.8.0)
|
6
|
+
|
7
|
+
**Fixes and enhancements:**
|
8
|
+
|
9
|
+
- Handle invalid algorithm when decoding JWT [#559](https://github.com/jwt/ruby-jwt/pull/559) - [@nataliastanko](https://github.com/nataliastanko)
|
10
|
+
- Do not raise error when verifying bad HMAC signature [#563](https://github.com/jwt/ruby-jwt/pull/563) - [@hieuk09](https://github.com/hieuk09)
|
11
|
+
|
12
|
+
## [v2.7.0](https://github.com/jwt/ruby-jwt/tree/v2.7.0) (2023-02-01)
|
13
|
+
|
14
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.6.0...v2.7.0)
|
15
|
+
|
16
|
+
**Features:**
|
17
|
+
|
18
|
+
- Support OKP (Ed25519) keys for JWKs [#540](https://github.com/jwt/ruby-jwt/pull/540) ([@anakinj](https://github.com/anakinj))
|
19
|
+
- JWK Sets can now be used for tokens with nil kid [#543](https://github.com/jwt/ruby-jwt/pull/543) ([@bellebaum](https://github.com/bellebaum))
|
20
|
+
|
21
|
+
**Fixes and enhancements:**
|
22
|
+
|
23
|
+
- Fix issue with multiple keys returned by keyfinder and multiple allowed algorithms [#545](https://github.com/jwt/ruby-jwt/pull/545) ([@mpospelov](https://github.com/mpospelov))
|
24
|
+
- Non-string `kid` header values are now rejected [#543](https://github.com/jwt/ruby-jwt/pull/543) ([@bellebaum](https://github.com/bellebaum))
|
25
|
+
|
26
|
+
## [v2.6.0](https://github.com/jwt/ruby-jwt/tree/v2.6.0) (2022-12-22)
|
27
|
+
|
28
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.5.0...v2.6.0)
|
29
|
+
|
30
|
+
**Features:**
|
31
|
+
|
32
|
+
- Support custom algorithms by passing algorithm objects[#512](https://github.com/jwt/ruby-jwt/pull/512) ([@anakinj](https://github.com/anakinj)).
|
33
|
+
- Support descriptive (not key related) JWK parameters[#520](https://github.com/jwt/ruby-jwt/pull/520) ([@bellebaum](https://github.com/bellebaum)).
|
34
|
+
- Support for JSON Web Key Sets[#525](https://github.com/jwt/ruby-jwt/pull/525) ([@bellebaum](https://github.com/bellebaum)).
|
35
|
+
- Support HMAC keys over 32 chars when using RbNaCl[#521](https://github.com/jwt/ruby-jwt/pull/521) ([@anakinj](https://github.com/anakinj)).
|
36
|
+
|
37
|
+
**Fixes and enhancements:**
|
38
|
+
|
39
|
+
- Raise descriptive error on empty hmac_secret and OpenSSL 3.0/openssl gem <3.0.1 [#530](https://github.com/jwt/ruby-jwt/pull/530) ([@jonmchan](https://github.com/jonmchan)).
|
40
|
+
|
41
|
+
## [v2.5.0](https://github.com/jwt/ruby-jwt/tree/v2.5.0) (2022-08-25)
|
42
|
+
|
43
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.4.1...v2.5.0)
|
44
|
+
|
45
|
+
**Features:**
|
46
|
+
|
47
|
+
- Support JWK thumbprints as key ids [#481](https://github.com/jwt/ruby-jwt/pull/481) ([@anakinj](https://github.com/anakinj)).
|
48
|
+
- Support OpenSSL >= 3.0 [#496](https://github.com/jwt/ruby-jwt/pull/496) ([@anakinj](https://github.com/anakinj)).
|
49
|
+
|
50
|
+
**Fixes and enhancements:**
|
51
|
+
- Bring back the old Base64 (RFC2045) deocode mechanisms [#488](https://github.com/jwt/ruby-jwt/pull/488) ([@anakinj](https://github.com/anakinj)).
|
52
|
+
- Rescue RbNaCl exception for EdDSA wrong key [#491](https://github.com/jwt/ruby-jwt/pull/491) ([@n-studio](https://github.com/n-studio)).
|
53
|
+
- New parameter name for cases when kid is not found using JWK key loader proc [#501](https://github.com/jwt/ruby-jwt/pull/501) ([@anakinj](https://github.com/anakinj)).
|
54
|
+
- Fix NoMethodError when a 2 segment token is missing 'alg' header [#502](https://github.com/jwt/ruby-jwt/pull/502) ([@cmrd-senya](https://github.com/cmrd-senya)).
|
55
|
+
|
56
|
+
## [v2.4.1](https://github.com/jwt/ruby-jwt/tree/v2.4.1) (2022-06-07)
|
57
|
+
|
58
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.4.0...v2.4.1)
|
59
|
+
|
60
|
+
**Fixes and enhancements:**
|
61
|
+
- Raise JWT::DecodeError on invalid signature [\#484](https://github.com/jwt/ruby-jwt/pull/484) ([@freakyfelt!](https://github.com/freakyfelt!)).
|
62
|
+
|
63
|
+
## [v2.4.0](https://github.com/jwt/ruby-jwt/tree/v2.4.0) (2022-06-06)
|
64
|
+
|
65
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)
|
66
|
+
|
67
|
+
**Features:**
|
68
|
+
|
69
|
+
- Dropped support for Ruby 2.5 and older [#453](https://github.com/jwt/ruby-jwt/pull/453) - [@anakinj](https://github.com/anakinj).
|
70
|
+
- Use Ruby built-in url-safe base64 methods [#454](https://github.com/jwt/ruby-jwt/pull/454) - [@bdewater](https://github.com/bdewater).
|
71
|
+
- Updated rubocop to 1.23.0 [#457](https://github.com/jwt/ruby-jwt/pull/457) - [@anakinj](https://github.com/anakinj).
|
72
|
+
- Add x5c header key finder [#338](https://github.com/jwt/ruby-jwt/pull/338) - [@bdewater](https://github.com/bdewater).
|
73
|
+
- Author driven changelog process [#463](https://github.com/jwt/ruby-jwt/pull/463) - [@anakinj](https://github.com/anakinj).
|
74
|
+
- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten)).
|
75
|
+
- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh)).
|
76
|
+
|
77
|
+
**Fixes and enhancements:**
|
78
|
+
- Readme: Typo fix re MissingRequiredClaim [\#451](https://github.com/jwt/ruby-jwt/pull/451) ([antonmorant](https://github.com/antonmorant)).
|
79
|
+
- Fix RuboCop TODOs [\#476](https://github.com/jwt/ruby-jwt/pull/476) ([typhoon2099](https://github.com/typhoon2099)).
|
80
|
+
- Make specific algorithms in README linkable [\#472](https://github.com/jwt/ruby-jwt/pull/472) ([milieu](https://github.com/milieu)).
|
81
|
+
- Update note about supported JWK types [\#475](https://github.com/jwt/ruby-jwt/pull/475) ([dpashkevich](https://github.com/dpashkevich)).
|
82
|
+
- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5)).
|
83
|
+
|
84
|
+
## [v2.3.0](https://github.com/jwt/ruby-jwt/tree/v2.3.0) (2021-10-03)
|
85
|
+
|
86
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.3...v2.3.0)
|
87
|
+
|
88
|
+
**Closed issues:**
|
89
|
+
|
90
|
+
- \[SECURITY\] Algorithm Confusion Through kid Header [\#440](https://github.com/jwt/ruby-jwt/issues/440)
|
91
|
+
- JWT to memory [\#436](https://github.com/jwt/ruby-jwt/issues/436)
|
92
|
+
- ArgumentError: wrong number of arguments \(given 2, expected 1\) [\#429](https://github.com/jwt/ruby-jwt/issues/429)
|
93
|
+
- HMAC section of README outdated [\#421](https://github.com/jwt/ruby-jwt/issues/421)
|
94
|
+
- NoMethodError: undefined method `zero?' for nil:NilClass if JWT has no 'alg' field [\#410](https://github.com/jwt/ruby-jwt/issues/410)
|
95
|
+
- Release new version [\#409](https://github.com/jwt/ruby-jwt/issues/409)
|
96
|
+
- NameError: uninitialized constant JWT::JWK [\#403](https://github.com/jwt/ruby-jwt/issues/403)
|
97
|
+
|
98
|
+
**Merged pull requests:**
|
99
|
+
|
100
|
+
- Release 2.3.0 [\#448](https://github.com/jwt/ruby-jwt/pull/448) ([excpt](https://github.com/excpt))
|
101
|
+
- Fix Style/MultilineIfModifier issues [\#447](https://github.com/jwt/ruby-jwt/pull/447) ([anakinj](https://github.com/anakinj))
|
102
|
+
- feat\(EdDSA\): Accept EdDSA as algorithm header [\#446](https://github.com/jwt/ruby-jwt/pull/446) ([Pierre-Michard](https://github.com/Pierre-Michard))
|
103
|
+
- Pass kid param through JWT::JWK.create\_from [\#445](https://github.com/jwt/ruby-jwt/pull/445) ([shaun-guth-allscripts](https://github.com/shaun-guth-allscripts))
|
104
|
+
- fix document about passing JWKs as a simple Hash [\#443](https://github.com/jwt/ruby-jwt/pull/443) ([takayamaki](https://github.com/takayamaki))
|
105
|
+
- Tests for mixing JWK keys with mismatching algorithms [\#441](https://github.com/jwt/ruby-jwt/pull/441) ([anakinj](https://github.com/anakinj))
|
106
|
+
- verify\_claims test shouldnt be within the verify\_sub test [\#431](https://github.com/jwt/ruby-jwt/pull/431) ([andyjdavis](https://github.com/andyjdavis))
|
107
|
+
- Allow decode options to specify required claims [\#430](https://github.com/jwt/ruby-jwt/pull/430) ([andyjdavis](https://github.com/andyjdavis))
|
108
|
+
- Fix OpenSSL::PKey::EC public\_key handing in tests [\#427](https://github.com/jwt/ruby-jwt/pull/427) ([anakinj](https://github.com/anakinj))
|
109
|
+
- Add documentation for find\_key [\#426](https://github.com/jwt/ruby-jwt/pull/426) ([ritikesh](https://github.com/ritikesh))
|
110
|
+
- Give ruby 3.0 as a string to avoid number formatting issues [\#424](https://github.com/jwt/ruby-jwt/pull/424) ([anakinj](https://github.com/anakinj))
|
111
|
+
- Tests for iat verification behaviour [\#423](https://github.com/jwt/ruby-jwt/pull/423) ([anakinj](https://github.com/anakinj))
|
112
|
+
- Remove HMAC with nil secret from documentation [\#422](https://github.com/jwt/ruby-jwt/pull/422) ([boardfish](https://github.com/boardfish))
|
113
|
+
- Update broken link in README [\#420](https://github.com/jwt/ruby-jwt/pull/420) ([severin](https://github.com/severin))
|
114
|
+
- Add metadata for RubyGems [\#418](https://github.com/jwt/ruby-jwt/pull/418) ([nickhammond](https://github.com/nickhammond))
|
115
|
+
- Fixed a typo about class name [\#417](https://github.com/jwt/ruby-jwt/pull/417) ([mai-f](https://github.com/mai-f))
|
116
|
+
- Fix references for v2.2.3 on CHANGELOG [\#416](https://github.com/jwt/ruby-jwt/pull/416) ([vyper](https://github.com/vyper))
|
117
|
+
- Raise IncorrectAlgorithm if token has no alg header [\#411](https://github.com/jwt/ruby-jwt/pull/411) ([bouk](https://github.com/bouk))
|
118
|
+
|
119
|
+
## [v2.2.3](https://github.com/jwt/ruby-jwt/tree/v2.2.3) (2021-04-19)
|
120
|
+
|
121
|
+
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.2...v2.2.3)
|
122
|
+
|
123
|
+
**Implemented enhancements:**
|
124
|
+
|
125
|
+
- Verify algorithm before evaluating keyfinder [\#343](https://github.com/jwt/ruby-jwt/issues/343)
|
126
|
+
- Why jwt depends on json \< 2.0 ? [\#179](https://github.com/jwt/ruby-jwt/issues/179)
|
127
|
+
- Support for JWK in-lieu of rsa\_public [\#158](https://github.com/jwt/ruby-jwt/issues/158)
|
128
|
+
- Fix rspec `raise_error` warning [\#413](https://github.com/jwt/ruby-jwt/pull/413) ([excpt](https://github.com/excpt))
|
129
|
+
- Add support for JWKs with HMAC key type. [\#372](https://github.com/jwt/ruby-jwt/pull/372) ([phlegx](https://github.com/phlegx))
|
130
|
+
- Improve 'none' algorithm handling [\#365](https://github.com/jwt/ruby-jwt/pull/365) ([danleyden](https://github.com/danleyden))
|
131
|
+
- Handle parsed JSON JWKS input with string keys [\#348](https://github.com/jwt/ruby-jwt/pull/348) ([martinemde](https://github.com/martinemde))
|
132
|
+
- Allow Numeric values during encoding [\#327](https://github.com/jwt/ruby-jwt/pull/327) ([fanfilmu](https://github.com/fanfilmu))
|
133
|
+
|
134
|
+
**Closed issues:**
|
135
|
+
|
136
|
+
- "Signature verification raised", yet jwt.io says "Signature Verified" [\#401](https://github.com/jwt/ruby-jwt/issues/401)
|
137
|
+
- truffleruby-head build is failing [\#396](https://github.com/jwt/ruby-jwt/issues/396)
|
138
|
+
- JWT::JWK::EC needs `require 'forwardable'` [\#392](https://github.com/jwt/ruby-jwt/issues/392)
|
139
|
+
- How to use a 'signing key' as used by next-auth [\#389](https://github.com/jwt/ruby-jwt/issues/389)
|
140
|
+
- undefined method `verify' for nil:NilClass when validate a JWT with JWK [\#383](https://github.com/jwt/ruby-jwt/issues/383)
|
141
|
+
- Make specifying "algorithm" optional on decode [\#380](https://github.com/jwt/ruby-jwt/issues/380)
|
142
|
+
- ADFS created access tokens can't be validated due to missing 'kid' header [\#370](https://github.com/jwt/ruby-jwt/issues/370)
|
143
|
+
- new version? [\#355](https://github.com/jwt/ruby-jwt/issues/355)
|
144
|
+
- JWT gitlab OmniAuth provider setup support [\#354](https://github.com/jwt/ruby-jwt/issues/354)
|
145
|
+
- Release with support for RSA.import for ruby \< 2.4 hasn't been released [\#347](https://github.com/jwt/ruby-jwt/issues/347)
|
146
|
+
- cannot load such file -- jwt [\#339](https://github.com/jwt/ruby-jwt/issues/339)
|
147
|
+
|
148
|
+
**Merged pull requests:**
|
149
|
+
|
150
|
+
- Prepare 2.2.3 release [\#415](https://github.com/jwt/ruby-jwt/pull/415) ([excpt](https://github.com/excpt))
|
151
|
+
- Remove codeclimate code coverage dev dependency [\#414](https://github.com/jwt/ruby-jwt/pull/414) ([excpt](https://github.com/excpt))
|
152
|
+
- Add forwardable dependency [\#408](https://github.com/jwt/ruby-jwt/pull/408) ([anakinj](https://github.com/anakinj))
|
153
|
+
- Ignore casing of algorithm [\#405](https://github.com/jwt/ruby-jwt/pull/405) ([johnnyshields](https://github.com/johnnyshields))
|
154
|
+
- Document function and add tests for verify claims method [\#404](https://github.com/jwt/ruby-jwt/pull/404) ([yasonk](https://github.com/yasonk))
|
155
|
+
- documenting calling verify\_jti callback with 2 arguments in the readme [\#402](https://github.com/jwt/ruby-jwt/pull/402) ([HoneyryderChuck](https://github.com/HoneyryderChuck))
|
156
|
+
- Target the master branch on the build status badge [\#399](https://github.com/jwt/ruby-jwt/pull/399) ([anakinj](https://github.com/anakinj))
|
157
|
+
- Improving the local development experience [\#397](https://github.com/jwt/ruby-jwt/pull/397) ([anakinj](https://github.com/anakinj))
|
158
|
+
- Fix sourcelevel broken links [\#395](https://github.com/jwt/ruby-jwt/pull/395) ([anakinj](https://github.com/anakinj))
|
159
|
+
- Don't recommend installing gem with sudo [\#391](https://github.com/jwt/ruby-jwt/pull/391) ([tjschuck](https://github.com/tjschuck))
|
160
|
+
- Enable rubocop locally and on ci [\#390](https://github.com/jwt/ruby-jwt/pull/390) ([anakinj](https://github.com/anakinj))
|
161
|
+
- Ci and test cleanup [\#387](https://github.com/jwt/ruby-jwt/pull/387) ([anakinj](https://github.com/anakinj))
|
162
|
+
- Make JWT::JWK::EC compatible with Ruby 2.3 [\#386](https://github.com/jwt/ruby-jwt/pull/386) ([anakinj](https://github.com/anakinj))
|
163
|
+
- Support JWKs for pre 2.3 rubies [\#382](https://github.com/jwt/ruby-jwt/pull/382) ([anakinj](https://github.com/anakinj))
|
164
|
+
- Replace Travis CI with GitHub Actions \(also favor openssl/rbnacl combinations over rails compatibility tests\) [\#381](https://github.com/jwt/ruby-jwt/pull/381) ([anakinj](https://github.com/anakinj))
|
165
|
+
- Add auth0 sponsor message [\#379](https://github.com/jwt/ruby-jwt/pull/379) ([excpt](https://github.com/excpt))
|
166
|
+
- Adapt HMAC to JWK RSA code style. [\#378](https://github.com/jwt/ruby-jwt/pull/378) ([phlegx](https://github.com/phlegx))
|
167
|
+
- Disable Rails cops [\#376](https://github.com/jwt/ruby-jwt/pull/376) ([anakinj](https://github.com/anakinj))
|
168
|
+
- Support exporting RSA JWK private keys [\#375](https://github.com/jwt/ruby-jwt/pull/375) ([anakinj](https://github.com/anakinj))
|
169
|
+
- Ebert is SourceLevel nowadays [\#374](https://github.com/jwt/ruby-jwt/pull/374) ([anakinj](https://github.com/anakinj))
|
170
|
+
- Add support for JWKs with EC key type [\#371](https://github.com/jwt/ruby-jwt/pull/371) ([richardlarocque](https://github.com/richardlarocque))
|
171
|
+
- Add Truffleruby head to CI [\#368](https://github.com/jwt/ruby-jwt/pull/368) ([gogainda](https://github.com/gogainda))
|
172
|
+
- Add more docs about JWK support [\#341](https://github.com/jwt/ruby-jwt/pull/341) ([take](https://github.com/take))
|
173
|
+
|
3
174
|
## [v2.2.2](https://github.com/jwt/ruby-jwt/tree/v2.2.2) (2020-08-18)
|
4
175
|
|
5
176
|
[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.1...v2.2.2)
|
@@ -33,7 +204,7 @@
|
|
33
204
|
- Sinatra 4.90s TTFB [\#344](https://github.com/jwt/ruby-jwt/issues/344)
|
34
205
|
- How to Logout [\#342](https://github.com/jwt/ruby-jwt/issues/342)
|
35
206
|
- jwt token decoding even when wrong token is provided for some letters [\#337](https://github.com/jwt/ruby-jwt/issues/337)
|
36
|
-
- Need to use `
|
207
|
+
- Need to use `symbolize_keys` everywhere! [\#330](https://github.com/jwt/ruby-jwt/issues/330)
|
37
208
|
- eval\(\) used in Forwardable limits usage in iOS App Store [\#324](https://github.com/jwt/ruby-jwt/issues/324)
|
38
209
|
- HS512256 OpenSSL Exception: First num too large [\#322](https://github.com/jwt/ruby-jwt/issues/322)
|
39
210
|
- Can we change the separator character? [\#321](https://github.com/jwt/ruby-jwt/issues/321)
|
@@ -43,6 +214,7 @@
|
|
43
214
|
|
44
215
|
**Merged pull requests:**
|
45
216
|
|
217
|
+
- Release v2.2.2 [\#367](https://github.com/jwt/ruby-jwt/pull/367) ([excpt](https://github.com/excpt))
|
46
218
|
- Fix 'already initialized constant JWT Error' [\#357](https://github.com/jwt/ruby-jwt/pull/357) ([excpt](https://github.com/excpt))
|
47
219
|
- Support RSA.import for all Ruby versions. [\#333](https://github.com/jwt/ruby-jwt/pull/333) ([rabajaj0509](https://github.com/rabajaj0509))
|
48
220
|
- Removed forwardable dependency [\#325](https://github.com/jwt/ruby-jwt/pull/325) ([anakinj](https://github.com/anakinj))
|
@@ -140,7 +312,7 @@
|
|
140
312
|
- improving code quality of jwt module [\#266](https://github.com/jwt/ruby-jwt/pull/266) ([ab320012](https://github.com/ab320012))
|
141
313
|
- fixed ECDSA supported versions const [\#263](https://github.com/jwt/ruby-jwt/pull/263) ([starbeast](https://github.com/starbeast))
|
142
314
|
- Added my name to contributor list [\#262](https://github.com/jwt/ruby-jwt/pull/262) ([ab320012](https://github.com/ab320012))
|
143
|
-
- Use `Class
|
315
|
+
- Use `Class#new` Shorthand For Error Subclasses [\#255](https://github.com/jwt/ruby-jwt/pull/255) ([akabiru](https://github.com/akabiru))
|
144
316
|
- \[CI\] Test against Ruby 2.5 [\#253](https://github.com/jwt/ruby-jwt/pull/253) ([nicolasleger](https://github.com/nicolasleger))
|
145
317
|
- Fix README [\#250](https://github.com/jwt/ruby-jwt/pull/250) ([rono23](https://github.com/rono23))
|
146
318
|
- Fix link format [\#248](https://github.com/jwt/ruby-jwt/pull/248) ([y-yagi](https://github.com/y-yagi))
|
@@ -162,6 +334,7 @@
|
|
162
334
|
**Fixed bugs:**
|
163
335
|
|
164
336
|
- JWT.encode failing on encode for string [\#235](https://github.com/jwt/ruby-jwt/issues/235)
|
337
|
+
- The README says it uses an algorithm by default [\#226](https://github.com/jwt/ruby-jwt/issues/226)
|
165
338
|
- Fix string payload issue [\#236](https://github.com/jwt/ruby-jwt/pull/236) ([excpt](https://github.com/excpt))
|
166
339
|
|
167
340
|
**Security fixes:**
|
@@ -186,7 +359,6 @@
|
|
186
359
|
|
187
360
|
**Fixed bugs:**
|
188
361
|
|
189
|
-
- The README says it uses an algorithm by default [\#226](https://github.com/jwt/ruby-jwt/issues/226)
|
190
362
|
- Support versions outside 2.1 [\#209](https://github.com/jwt/ruby-jwt/issues/209)
|
191
363
|
- Verifying expiration without leeway throws exception [\#206](https://github.com/jwt/ruby-jwt/issues/206)
|
192
364
|
- Ruby interpreter warning [\#200](https://github.com/jwt/ruby-jwt/issues/200)
|
@@ -237,7 +409,6 @@
|
|
237
409
|
- The leeway parameter is applies to all time based verifications [\#129](https://github.com/jwt/ruby-jwt/issues/129)
|
238
410
|
- Make algorithm option required to verify signature [\#184](https://github.com/jwt/ruby-jwt/pull/184) ([EmilioCristalli](https://github.com/EmilioCristalli))
|
239
411
|
- Validate audience when payload is a scalar and options is an array [\#183](https://github.com/jwt/ruby-jwt/pull/183) ([steti](https://github.com/steti))
|
240
|
-
- Fix: exp claim check [\#161](https://github.com/jwt/ruby-jwt/pull/161) ([excpt](https://github.com/excpt))
|
241
412
|
|
242
413
|
**Closed issues:**
|
243
414
|
|
@@ -291,6 +462,7 @@
|
|
291
462
|
- Audience Claim broken? [\#151](https://github.com/jwt/ruby-jwt/issues/151)
|
292
463
|
- 1.5.3 breaks compatibility with 1.5.2 [\#133](https://github.com/jwt/ruby-jwt/issues/133)
|
293
464
|
- Version 1.5.3 breaks 1.9.3 compatibility, but not documented as such [\#132](https://github.com/jwt/ruby-jwt/issues/132)
|
465
|
+
- Fix: exp claim check [\#161](https://github.com/jwt/ruby-jwt/pull/161) ([excpt](https://github.com/excpt))
|
294
466
|
|
295
467
|
**Security fixes:**
|
296
468
|
|
@@ -461,7 +633,6 @@
|
|
461
633
|
|
462
634
|
- Fix \#66 \#68 [\#69](https://github.com/jwt/ruby-jwt/pull/69) ([excpt](https://github.com/excpt))
|
463
635
|
- When throwing errors, mention expected/received values [\#65](https://github.com/jwt/ruby-jwt/pull/65) ([rolodato](https://github.com/rolodato))
|
464
|
-
- Add 'iss' support for ruby-jwt [\#61](https://github.com/jwt/ruby-jwt/pull/61) ([ZhangHanDong](https://github.com/ZhangHanDong))
|
465
636
|
|
466
637
|
## [jwt-1.4.0](https://github.com/jwt/ruby-jwt/tree/jwt-1.4.0) (2015-03-10)
|
467
638
|
|
@@ -476,6 +647,7 @@
|
|
476
647
|
- Release 1.4.0 [\#64](https://github.com/jwt/ruby-jwt/pull/64) ([excpt](https://github.com/excpt))
|
477
648
|
- Update README.md and remove dead code [\#63](https://github.com/jwt/ruby-jwt/pull/63) ([excpt](https://github.com/excpt))
|
478
649
|
- Add 'iat/ aud/ sub/ jti' support for ruby-jwt [\#62](https://github.com/jwt/ruby-jwt/pull/62) ([ZhangHanDong](https://github.com/ZhangHanDong))
|
650
|
+
- Add 'iss' support for ruby-jwt [\#61](https://github.com/jwt/ruby-jwt/pull/61) ([ZhangHanDong](https://github.com/ZhangHanDong))
|
479
651
|
- Clarify .encode API in README [\#60](https://github.com/jwt/ruby-jwt/pull/60) ([jbodah](https://github.com/jbodah))
|
480
652
|
|
481
653
|
## [jwt-1.3.0](https://github.com/jwt/ruby-jwt/tree/jwt-1.3.0) (2015-02-24)
|
data/CODE_OF_CONDUCT.md
ADDED
@@ -0,0 +1,84 @@
|
|
1
|
+
# Contributor Covenant Code of Conduct
|
2
|
+
|
3
|
+
## Our Pledge
|
4
|
+
|
5
|
+
We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
|
6
|
+
|
7
|
+
We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
|
8
|
+
|
9
|
+
## Our Standards
|
10
|
+
|
11
|
+
Examples of behavior that contributes to a positive environment for our community include:
|
12
|
+
|
13
|
+
* Demonstrating empathy and kindness toward other people
|
14
|
+
* Being respectful of differing opinions, viewpoints, and experiences
|
15
|
+
* Giving and gracefully accepting constructive feedback
|
16
|
+
* Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
|
17
|
+
* Focusing on what is best not just for us as individuals, but for the overall community
|
18
|
+
|
19
|
+
Examples of unacceptable behavior include:
|
20
|
+
|
21
|
+
* The use of sexualized language or imagery, and sexual attention or
|
22
|
+
advances of any kind
|
23
|
+
* Trolling, insulting or derogatory comments, and personal or political attacks
|
24
|
+
* Public or private harassment
|
25
|
+
* Publishing others' private information, such as a physical or email
|
26
|
+
address, without their explicit permission
|
27
|
+
* Other conduct which could reasonably be considered inappropriate in a
|
28
|
+
professional setting
|
29
|
+
|
30
|
+
## Enforcement Responsibilities
|
31
|
+
|
32
|
+
Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
|
33
|
+
|
34
|
+
Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
|
35
|
+
|
36
|
+
## Scope
|
37
|
+
|
38
|
+
This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
|
39
|
+
|
40
|
+
## Enforcement
|
41
|
+
|
42
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at antmanj@gmail.com. All complaints will be reviewed and investigated promptly and fairly.
|
43
|
+
|
44
|
+
All community leaders are obligated to respect the privacy and security of the reporter of any incident.
|
45
|
+
|
46
|
+
## Enforcement Guidelines
|
47
|
+
|
48
|
+
Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
|
49
|
+
|
50
|
+
### 1. Correction
|
51
|
+
|
52
|
+
**Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
|
53
|
+
|
54
|
+
**Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
|
55
|
+
|
56
|
+
### 2. Warning
|
57
|
+
|
58
|
+
**Community Impact**: A violation through a single incident or series of actions.
|
59
|
+
|
60
|
+
**Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
|
61
|
+
|
62
|
+
### 3. Temporary Ban
|
63
|
+
|
64
|
+
**Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
|
65
|
+
|
66
|
+
**Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
|
67
|
+
|
68
|
+
### 4. Permanent Ban
|
69
|
+
|
70
|
+
**Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals.
|
71
|
+
|
72
|
+
**Consequence**: A permanent ban from any sort of public interaction within the community.
|
73
|
+
|
74
|
+
## Attribution
|
75
|
+
|
76
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.0,
|
77
|
+
available at https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
|
78
|
+
|
79
|
+
Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity).
|
80
|
+
|
81
|
+
[homepage]: https://www.contributor-covenant.org
|
82
|
+
|
83
|
+
For answers to common questions about this code of conduct, see the FAQ at
|
84
|
+
https://www.contributor-covenant.org/faq. Translations are available at https://www.contributor-covenant.org/translations.
|
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,99 @@
|
|
1
|
+
# Contributing to [ruby-jwt](https://github.com/jwt/ruby-jwt)
|
2
|
+
|
3
|
+
## Forking the project
|
4
|
+
|
5
|
+
Fork the project on GitHub and clone your own fork. Instuctions on forking can be found from the [GitHub Docs](https://docs.github.com/en/get-started/quickstart/fork-a-repo)
|
6
|
+
|
7
|
+
```
|
8
|
+
git clone git@github.com:you/ruby-jwt.git
|
9
|
+
cd ruby-jwt
|
10
|
+
git remote add upstream https://github.com/jwt/ruby-jwt
|
11
|
+
```
|
12
|
+
|
13
|
+
## Create a branch for your implementation
|
14
|
+
|
15
|
+
Make sure you have the latest upstream main branch of the project.
|
16
|
+
|
17
|
+
```
|
18
|
+
git fetch --all
|
19
|
+
git checkout main
|
20
|
+
git rebase upstream/main
|
21
|
+
git push origin main
|
22
|
+
git checkout -b fix-a-little-problem
|
23
|
+
```
|
24
|
+
|
25
|
+
## Running the tests and linter
|
26
|
+
|
27
|
+
Before you start with your implementation make sure you are able to get a successful test run with the current revision.
|
28
|
+
|
29
|
+
The tests are written with rspec and [Appraisal](https://github.com/thoughtbot/appraisal) is used to ensure compatibility with 3rd party dependencies providing cryptographic features.
|
30
|
+
|
31
|
+
[Rubocop](https://github.com/rubocop/rubocop) is used to enforce the Ruby style.
|
32
|
+
|
33
|
+
To run the complete set of tests and linter run the following
|
34
|
+
|
35
|
+
```bash
|
36
|
+
bundle install
|
37
|
+
bundle exec appraisal rake test
|
38
|
+
bundle exec rubocop
|
39
|
+
```
|
40
|
+
|
41
|
+
## Implement your feature
|
42
|
+
|
43
|
+
Implement tests and your change. Don't be shy adding a little something in the [README](README.md).
|
44
|
+
Add a short description of the change in either the `Features` or `Fixes` section in the [CHANGELOG](CHANGELOG.md) file.
|
45
|
+
|
46
|
+
The form of the row (You need to return to the row when you know the pull request id)
|
47
|
+
```
|
48
|
+
- Fix a little problem [#123](https://github.com/jwt/ruby-jwt/pull/123) - [@you](https://github.com/you).
|
49
|
+
```
|
50
|
+
|
51
|
+
## Push your branch and create a pull request
|
52
|
+
|
53
|
+
Before pushing make sure the tests pass and RuboCop is happy.
|
54
|
+
|
55
|
+
```
|
56
|
+
bundle exec appraisal rake test
|
57
|
+
bundle exec rubocop
|
58
|
+
git push origin fix-a-little-problem
|
59
|
+
```
|
60
|
+
|
61
|
+
Make a new pull request on the [ruby-jwt project](https://github.com/jwt/ruby-jwt/pulls) with a description what the change is about.
|
62
|
+
|
63
|
+
## Update the CHANGELOG, again
|
64
|
+
|
65
|
+
Update the [CHANGELOG](CHANGELOG.md) with the pull request id from the previous step.
|
66
|
+
|
67
|
+
You can ammend the previous commit with the updated changelog change and force push your branch. The PR will get automatically updated.
|
68
|
+
|
69
|
+
```
|
70
|
+
git add CHANGELOG.md
|
71
|
+
git commit --amend --no-edit
|
72
|
+
git push origin fix-a-little-problem -f
|
73
|
+
```
|
74
|
+
|
75
|
+
## Keep an eye on your pull request
|
76
|
+
|
77
|
+
A maintainer will review and probably merge you changes when time allows, be patient.
|
78
|
+
|
79
|
+
## Keeping your branch up-to-date
|
80
|
+
|
81
|
+
It's recommended that you keep your branch up-to-date by rebasing to the upstream main.
|
82
|
+
|
83
|
+
```
|
84
|
+
git fetch upstream
|
85
|
+
git checkout fix-a-little-problem
|
86
|
+
git rebase upstream/main
|
87
|
+
git push origin fix-a-little-problem -f
|
88
|
+
```
|
89
|
+
|
90
|
+
# Releasing a new version
|
91
|
+
|
92
|
+
The version is using the [Semantic Versioning](http://semver.org/) and the version is located in the [version.rb](lib/jwt/version.rb) file.
|
93
|
+
Also update the [CHANGELOG](CHANGELOG.md) to reflect the upcoming version release.
|
94
|
+
|
95
|
+
```bash
|
96
|
+
rake release
|
97
|
+
```
|
98
|
+
|
99
|
+
**If you want a release cut with your PR, please include a version bump according to **
|