RubyGems - jwt - Versions diffs - 2.4.1 → 2.6.0 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +33 -2
data/CONTRIBUTING.md +7 -7
data/README.md +135 -31
data/lib/jwt/algos/algo_wrapper.rb +30 -0
data/lib/jwt/algos/ecdsa.rb +2 -4
data/lib/jwt/algos/eddsa.rb +4 -4
data/lib/jwt/algos/hmac.rb +54 -17
data/lib/jwt/algos/hmac_rbnacl.rb +53 -0
data/lib/jwt/algos/hmac_rbnacl_fixed.rb +52 -0
data/lib/jwt/algos/none.rb +3 -1
data/lib/jwt/algos/ps.rb +3 -5
data/lib/jwt/algos/rsa.rb +3 -4
data/lib/jwt/algos.rb +38 -15
data/lib/jwt/base64.rb +19 -0
data/lib/jwt/configuration/container.rb +21 -0
data/lib/jwt/configuration/decode_configuration.rb +46 -0
data/lib/jwt/configuration/jwk_configuration.rb +27 -0
data/lib/jwt/configuration.rb +15 -0
data/lib/jwt/decode.rb +48 -27
data/lib/jwt/encode.rb +30 -20
data/lib/jwt/jwk/ec.rb +131 -62
data/lib/jwt/jwk/hmac.rb +59 -24
data/lib/jwt/jwk/key_base.rb +43 -7
data/lib/jwt/jwk/key_finder.rb +14 -34
data/lib/jwt/jwk/kid_as_key_digest.rb +15 -0
data/lib/jwt/jwk/rsa.rb +128 -53
data/lib/jwt/jwk/set.rb +80 -0
data/lib/jwt/jwk/thumbprint.rb +26 -0
data/lib/jwt/jwk.rb +13 -11
data/lib/jwt/security_utils.rb +0 -27
data/lib/jwt/version.rb +23 -2
data/lib/jwt/x5c_key_finder.rb +1 -1
data/lib/jwt.rb +5 -4
data/ruby-jwt.gemspec +8 -4
metadata +15 -30
data/.codeclimate.yml +0 -8
data/.github/workflows/coverage.yml +0 -27
data/.github/workflows/test.yml +0 -66
data/.gitignore +0 -13
data/.reek.yml +0 -22
data/.rspec +0 -2
data/.rubocop.yml +0 -67
data/.sourcelevel.yml +0 -17
data/Appraisals +0 -13
data/Gemfile +0 -7
data/Rakefile +0 -16
data/lib/jwt/default_options.rb +0 -18
data/lib/jwt/signature.rb +0 -35

data/.github/workflows/test.yml DELETED Viewed

@@ -1,66 +0,0 @@
----
-name: test
-on:
-  push:
-    branches:
-      - "*"
-  pull_request:
-    branches:
-      - "*"
-jobs:
-  lint:
-    name: RuboCop
-    timeout-minutes: 30
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: "3.0"
-        bundler-cache: true
-    - name: Run RuboCop
-      run: bundle exec rubocop
-  test:
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby:
-          - 2.5
-          - 2.6
-          - 2.7
-          - "3.0"
-          - 3.1
-        gemfile:
-          - gemfiles/standalone.gemfile
-          - gemfiles/openssl.gemfile
-          - gemfiles/rbnacl.gemfile
-        experimental: [false]
-        include:
-          - ruby: 2.7
-            gemfile: 'gemfiles/rbnacl.gemfile'
-          - ruby: "ruby-head"
-            experimental: true
-          - ruby: "truffleruby-head"
-            experimental: true
-    runs-on: ubuntu-20.04
-    continue-on-error: ${{ matrix.experimental }}
-    env:
-      BUNDLE_GEMFILE: ${{ matrix.gemfile }}
-    steps:
-    - uses: actions/checkout@v2
-    - name: Install libsodium
-      run: |
-        sudo apt-get update -q
-        sudo apt-get install libsodium-dev -y
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: ${{ matrix.ruby }}
-        bundler-cache: true
-    - name: Run tests
-      run: bundle exec rspec

data/.gitignore DELETED Viewed

@@ -1,13 +0,0 @@
-.idea/
-jwt.gemspec
-pkg
-Gemfile.lock
-coverage/
-.DS_Store
-.rbenv-gemsets
-.ruby-version
-.vscode/
-.bundle
-*gemfile.lock
-.byebug_history
-*.gem

data/.reek.yml DELETED Viewed

@@ -1,22 +0,0 @@
----
-detectors:
-  TooManyStatements:
-    max_statements: 10
-  UtilityFunction:
-    enabled: false
-  LongParameterList:
-    enabled: false
-  DuplicateMethodCall:
-    max_calls: 2
-  IrresponsibleModule:
-    enabled: false
-  NestedIterators:
-    max_allowed_nesting: 2
-  UnusedParameters:
-    enabled: false
-  FeatureEnvy:
-    enabled: false
-  ControlParameter:
-    enabled: false
-  UnusedPrivateMethod:
-    enabled: false

data/.rspec DELETED Viewed

	@@ -1,2 +0,0 @@
1	- --require spec_helper
2	- --color

data/.rubocop.yml DELETED Viewed

@@ -1,67 +0,0 @@
-AllCops:
-  TargetRubyVersion: 2.5
-  NewCops: enable
-  SuggestExtensions: false
-  Exclude:
-    - 'gemfiles/*.gemfile'
-    - 'vendor/**/*'
-Style/Documentation:
-  Enabled: false
-Style/BlockDelimiters:
-  Exclude:
-    - spec/**/*_spec.rb
-Style/GuardClause:
-  Enabled: false
-Style/IfUnlessModifier:
-  Enabled: false
-Style/Lambda:
-  Enabled: false
-Style/RaiseArgs:
-  Enabled: false
-Metrics/AbcSize:
-  Max: 25
-Metrics/ClassLength:
-  Max: 105
-Metrics/ModuleLength:
-  Max: 100
-Metrics/MethodLength:
-  Max: 20
-Metrics/BlockLength:
-  Exclude:
-    - spec/**/*_spec.rb
-Layout/LineLength:
-  Enabled: false
-Layout/EndAlignment:
-  EnforcedStyleAlignWith: variable
-Layout/EmptyLineBetweenDefs:
-  Enabled: true
-  AllowAdjacentOneLineDefs: true
-Style/FormatString:
-  Enabled: false
-Layout/MultilineMethodCallIndentation:
-  EnforcedStyle: indented
-Layout/MultilineOperationIndentation:
-  EnforcedStyle: indented
-Style/WordArray:
-  Enabled: false
-Gemspec/RequireMFA:
-  Enabled: false

data/.sourcelevel.yml DELETED Viewed

@@ -1,17 +0,0 @@
-engines:
-  reek:
-    enabled: true
-  fixme:
-    enabled: true
-  rubocop:
-    enabled: true
-    channel: latest
-  duplication:
-    config:
-      languages:
-      - ruby
-    enabled: true
-  remark-lint:
-    enabled: false
-exclude_paths:
-  - spec

data/Appraisals DELETED Viewed

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-appraise 'standalone' do
-  # No additions
-end
-appraise 'openssl' do
-  gem 'openssl', '~> 2.1'
-end
-appraise 'rbnacl' do
-  gem 'rbnacl'
-end

data/Gemfile DELETED Viewed

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-source 'https://rubygems.org'
-gemspec
-gem 'rubocop', '~> 1.23.0' # Keep .codeclimate.yml channel in sync with this one

data/Rakefile DELETED Viewed

@@ -1,16 +0,0 @@
-# frozen_string_literal: true
-require 'bundler/setup'
-require 'bundler/gem_tasks'
-begin
-  require 'rspec/core/rake_task'
-  require 'rubocop/rake_task'
-  RSpec::Core::RakeTask.new(:test)
-  RuboCop::RakeTask.new(:rubocop)
-  task default: %i[rubocop test]
-rescue LoadError
-  puts 'RSpec rake tasks not available. Please run "bundle install" to install missing dependencies.'
-end

data/lib/jwt/default_options.rb DELETED Viewed

@@ -1,18 +0,0 @@
-# frozen_string_literal: true
-module JWT
-  module DefaultOptions
-    DEFAULT_OPTIONS = {
-      verify_expiration: true,
-      verify_not_before: true,
-      verify_iss: false,
-      verify_iat: false,
-      verify_jti: false,
-      verify_aud: false,
-      verify_sub: false,
-      leeway: 0,
-      algorithms: ['HS256'],
-      required_claims: []
-    }.freeze
-  end
-end

data/lib/jwt/signature.rb DELETED Viewed

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-require 'jwt/security_utils'
-require 'openssl'
-require 'jwt/algos'
-begin
-  require 'rbnacl'
-rescue LoadError
-  raise if defined?(RbNaCl)
-end
-# JWT::Signature module
-module JWT
-  # Signature logic for JWT
-  module Signature
-    module_function
-    ToSign = Struct.new(:algorithm, :msg, :key)
-    ToVerify = Struct.new(:algorithm, :public_key, :signing_input, :signature)
-    def sign(algorithm, msg, key)
-      algo, code = Algos.find(algorithm)
-      algo.sign ToSign.new(code, msg, key)
-    end
-    def verify(algorithm, key, signing_input, signature)
-      algo, code = Algos.find(algorithm)
-      algo.verify(ToVerify.new(code, key, signing_input, signature))
-    rescue OpenSSL::PKey::PKeyError
-      raise JWT::VerificationError, 'Signature verification raised'
-    ensure
-      OpenSSL.errors.clear
-    end
-  end
-end

jwt 2.4.1 → 2.6.0