jwt 2.2.2 → 2.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHORS +79 -44
- data/CHANGELOG.md +177 -5
- data/CODE_OF_CONDUCT.md +84 -0
- data/CONTRIBUTING.md +99 -0
- data/README.md +252 -49
- data/lib/jwt/algos/algo_wrapper.rb +26 -0
- data/lib/jwt/algos/ecdsa.rb +55 -14
- data/lib/jwt/algos/eddsa.rb +18 -8
- data/lib/jwt/algos/hmac.rb +56 -17
- data/lib/jwt/algos/hmac_rbnacl.rb +53 -0
- data/lib/jwt/algos/hmac_rbnacl_fixed.rb +52 -0
- data/lib/jwt/algos/none.rb +19 -0
- data/lib/jwt/algos/ps.rb +10 -12
- data/lib/jwt/algos/rsa.rb +9 -5
- data/lib/jwt/algos/unsupported.rb +7 -4
- data/lib/jwt/algos.rb +66 -0
- data/lib/jwt/claims_validator.rb +12 -8
- data/lib/jwt/configuration/container.rb +21 -0
- data/lib/jwt/configuration/decode_configuration.rb +46 -0
- data/lib/jwt/configuration/jwk_configuration.rb +27 -0
- data/lib/jwt/configuration.rb +15 -0
- data/lib/jwt/decode.rb +84 -23
- data/lib/jwt/encode.rb +30 -19
- data/lib/jwt/error.rb +2 -0
- data/lib/jwt/jwk/ec.rb +236 -0
- data/lib/jwt/jwk/hmac.rb +103 -0
- data/lib/jwt/jwk/key_base.rb +55 -0
- data/lib/jwt/jwk/key_finder.rb +19 -30
- data/lib/jwt/jwk/kid_as_key_digest.rb +15 -0
- data/lib/jwt/jwk/okp_rbnacl.rb +110 -0
- data/lib/jwt/jwk/rsa.rb +175 -26
- data/lib/jwt/jwk/set.rb +80 -0
- data/lib/jwt/jwk/thumbprint.rb +26 -0
- data/lib/jwt/jwk.rb +39 -15
- data/lib/jwt/verify.rb +18 -3
- data/lib/jwt/version.rb +23 -3
- data/lib/jwt/x5c_key_finder.rb +55 -0
- data/lib/jwt.rb +5 -4
- data/ruby-jwt.gemspec +16 -11
- metadata +27 -87
- data/.codeclimate.yml +0 -20
- data/.ebert.yml +0 -18
- data/.gitignore +0 -11
- data/.rspec +0 -1
- data/.rubocop.yml +0 -98
- data/.travis.yml +0 -29
- data/Appraisals +0 -18
- data/Gemfile +0 -3
- data/Rakefile +0 -11
- data/lib/jwt/default_options.rb +0 -15
- data/lib/jwt/security_utils.rb +0 -57
- data/lib/jwt/signature.rb +0 -54
data/lib/jwt/signature.rb
DELETED
@@ -1,54 +0,0 @@
|
|
1
|
-
# frozen_string_literal: true
|
2
|
-
|
3
|
-
require 'jwt/security_utils'
|
4
|
-
require 'openssl'
|
5
|
-
require 'jwt/algos/hmac'
|
6
|
-
require 'jwt/algos/eddsa'
|
7
|
-
require 'jwt/algos/ecdsa'
|
8
|
-
require 'jwt/algos/rsa'
|
9
|
-
require 'jwt/algos/ps'
|
10
|
-
require 'jwt/algos/unsupported'
|
11
|
-
begin
|
12
|
-
require 'rbnacl'
|
13
|
-
rescue LoadError
|
14
|
-
raise if defined?(RbNaCl)
|
15
|
-
end
|
16
|
-
|
17
|
-
# JWT::Signature module
|
18
|
-
module JWT
|
19
|
-
# Signature logic for JWT
|
20
|
-
module Signature
|
21
|
-
extend self
|
22
|
-
ALGOS = [
|
23
|
-
Algos::Hmac,
|
24
|
-
Algos::Ecdsa,
|
25
|
-
Algos::Rsa,
|
26
|
-
Algos::Eddsa,
|
27
|
-
Algos::Ps,
|
28
|
-
Algos::Unsupported
|
29
|
-
].freeze
|
30
|
-
ToSign = Struct.new(:algorithm, :msg, :key)
|
31
|
-
ToVerify = Struct.new(:algorithm, :public_key, :signing_input, :signature)
|
32
|
-
|
33
|
-
def sign(algorithm, msg, key)
|
34
|
-
algo = ALGOS.find do |alg|
|
35
|
-
alg.const_get(:SUPPORTED).include? algorithm
|
36
|
-
end
|
37
|
-
algo.sign ToSign.new(algorithm, msg, key)
|
38
|
-
end
|
39
|
-
|
40
|
-
def verify(algorithm, key, signing_input, signature)
|
41
|
-
raise JWT::DecodeError, 'No verification key available' unless key
|
42
|
-
|
43
|
-
algo = ALGOS.find do |alg|
|
44
|
-
alg.const_get(:SUPPORTED).include? algorithm
|
45
|
-
end
|
46
|
-
verified = algo.verify(ToVerify.new(algorithm, key, signing_input, signature))
|
47
|
-
raise(JWT::VerificationError, 'Signature verification raised') unless verified
|
48
|
-
rescue OpenSSL::PKey::PKeyError
|
49
|
-
raise JWT::VerificationError, 'Signature verification raised'
|
50
|
-
ensure
|
51
|
-
OpenSSL.errors.clear
|
52
|
-
end
|
53
|
-
end
|
54
|
-
end
|