jwt 1.2.0 → 1.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: fee3225d7739e1ab161dc39347ac2a20798f8fde
-  data.tar.gz: 979eb55ee5a17bba062741a6024d11000b45d7fc
+  metadata.gz: b05ae75c68fd86cab9446c4ad8df062ed5b226f1
+  data.tar.gz: a803c3eaf081008f7c07f3a44d7e2e56d1ecb924
 SHA512:
-  metadata.gz: 423bb31cbe9140a3f8d627f87b8131d36d980e9d70dd844a5876a4d91665f145f9e8ac43d5f77f975e180d23387366473c3bc9ff70f31d466e7c3edfd97cdde4
-  data.tar.gz: ec9d3d47e5e877a8f8b03b2447611b2a1f23c863624827dfa7832bebae40ffcaaff8173da23f10df0a9660fda36ebf7980e306eb3b891091dc31423eea39e6a2
+  metadata.gz: 34b8647e6b53bcb0730b43ceba858b8897c9dec71410edc8700e6afbf5dfd142b4caefa6f85963aa691f057bd58a2f0c056a4b91087021e9e5b9cdb75b6a18d0
+  data.tar.gz: 182254bae4665e5593a4013750c123932cdd24bf7d2aed821bc626edaaa4dbdc067e2055ce394bab48ec477476ae948ace953b09593877271973120499bad30a

data/Rakefile

@@ -2,7 +2,7 @@ require 'rubygems'
 require 'rake'
 require 'echoe'
 
-Echoe.new('jwt', '1.2.0') do |p|
+Echoe.new('jwt', '1.2.1') do |p|
   p.description    = "JSON Web Token implementation in Ruby"
   p.url            = "http://github.com/progrium/ruby-jwt"
   p.author         = "Jeff Lindsay"

data/jwt.gemspec

@@ -1,14 +1,14 @@
 # -*- encoding: utf-8 -*-
-# stub: jwt 1.2.0 ruby lib
+# stub: jwt 1.2.1 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "jwt"
-  s.version = "1.2.0"
+  s.version = "1.2.1"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib"]
   s.authors = ["Jeff Lindsay"]
-  s.date = "2014-11-24"
+  s.date = "2015-01-23"
   s.description = "JSON Web Token implementation in Ruby"
   s.email = "progrium@gmail.com"
   s.extra_rdoc_files = ["lib/jwt.rb", "lib/jwt/json.rb"]

data/lib/jwt.rb

@@ -99,19 +99,19 @@ module JWT
 
     header, payload, signature, signing_input = decoded_segments(jwt, verify)
     raise JWT::DecodeError.new("Not enough or too many segments") unless header && payload
-    
+
     default_options = {
       :verify_expiration => true,
       :leeway => 0
     }
     options = default_options.merge(options)
-    
+
     if verify
       algo, key = signature_algorithm_and_key(header, key, &keyfinder)
       verify_signature(algo, key, signing_input, signature)
     end
     if options[:verify_expiration] && payload.include?('exp')
-      raise JWT::ExpiredSignature.new("Signature has expired") unless payload['exp'] > (Time.now.to_i - options[:leeway])
+      raise JWT::ExpiredSignature.new("Signature has expired") unless payload['exp'].to_i > (Time.now.to_i - options[:leeway])
     end
     return payload,header
   end

data/spec/jwt_spec.rb

@@ -129,7 +129,15 @@ describe JWT do
     jwt = JWT.encode(expired_payload, secret)
     expect { JWT.decode(jwt, secret) }.to raise_error(JWT::ExpiredSignature)
   end
-  
+
+  it "raise ExpiredSignature even when exp claims is a string" do
+    expired_payload = @payload.clone
+    expired_payload['exp'] = (Time.now.to_i).to_s
+    secret = "secret"
+    jwt = JWT.encode(expired_payload, secret)
+    expect { JWT.decode(jwt, secret) }.to raise_error(JWT::ExpiredSignature)
+  end
+
   it "performs normal decode with skipped expiration check" do
     expired_payload = @payload.clone
     expired_payload['exp'] = Time.now.to_i - 1
@@ -138,7 +146,7 @@ describe JWT do
     decoded_payload = JWT.decode(jwt, secret, true, {:verify_expiration => false})
     expect(decoded_payload).to include(expired_payload)
   end
-  
+
   it "performs normal decode using leeway" do
     expired_payload = @payload.clone
     expired_payload['exp'] = Time.now.to_i - 2

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jwt
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.2.1
 platform: ruby
 authors:
 - Jeff Lindsay
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-24 00:00:00.000000000 Z
+date: 2015-01-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: echoe